Queries the access control list (ACL) of an object in a bucket.
Versioning
By default, GetObjectACL returns the ACL of the current object version. Specify the versionId parameter to query a specific version. If the specified version is a delete marker, OSS returns 404 Not Found.
If no ACL is set for an object, GetObjectACL returns the default ACL, which inherits from the bucket ACL. For example, if the bucket ACL is private, the object ACL is also private.
Syntax
GET /ObjectName?acl HTTP/1.1
Host: BucketName.oss-cn-hangzhou.aliyuncs.com
Date: GMT Date
Authorization: SignatureValue
当您在OSS ON云盒中调用该接口时,您需要将Host替换为云盒Endpoint。更多信息,请参见云盒Endpoint。
Request headers
All headers in a GetObjectACL request are common request headers. For more information, see Common request headers.
Response headers
The response to a GetObjectACL request contains only common response headers. For more information, see Common response headers.
Response elements
|
Element |
Type |
Sample Value |
Description |
|
AccessControlList |
Container |
N/A |
Container for ACL information. Parent nodes: AccessControlPolicy |
|
AccessControlPolicy |
Container |
N/A |
Container for GetObjectACL results. Parent nodes: none |
|
DisplayName |
String |
0022012**** |
Name of the bucket owner. Same as the user ID. Parent nodes: AccessControlPolicy.Owner |
|
Grant |
Enumerated string |
private |
ACL of the object. Default value: default. Valid values:
Parent nodes: AccessControlPolicy.AccessControlList |
|
ID |
String |
0022012**** |
User ID of the bucket owner. Parent nodes: AccessControlPolicy.Owner |
|
Owner |
Container |
N/A |
Container for bucket owner information. Parent nodes: AccessControlPolicy |
Examples
-
Query the ACL of an object in an unversioned bucket
Sample requests
GET /test-object?acl HTTP/1.1 Host: oss-example.oss-cn-hangzhou.aliyuncs.com Date: Wed, 29 Apr 2015 05:21:12 GMT Authorization: OSS4-HMAC-SHA256 Credential=LTAI********************/20250417/cn-hangzhou/oss/aliyun_v4_request,Signature=a7c3554c729d71929e0b84489addee6b2e8d5cb48595adfc51868c299c0c218eSample responses
HTTP/1.1 200 OK x-oss-request-id: 559CC9BDC755F95A64485981 Date: Wed, 29 Apr 2015 05:21:12 GMT Content-Length: 253 Content-Type: application/xml Connection: keep-alive Server: AliyunOSS <?xml version="1.0" ?> <AccessControlPolicy> <Owner> <ID>0022012****</ID> <DisplayName>0022012****</DisplayName> </Owner> <AccessControlList> <Grant>public-read </Grant> </AccessControlList> </AccessControlPolicy> -
Query the ACL of an object in a versioned bucket
Sample requests
GET /example?acl&versionId=CAEQMhiBgMC1qpSD0BYiIGQ0ZmI5ZDEyYWVkNTQwMjBiNTliY2NjNmY3ZTVk**** HTTP/1.1 Host: oss-example.oss-cn-hangzhou.aliyuncs.com Date: Tue, 09 Apr 2019 06:30:10 GMT Authorization: OSS4-HMAC-SHA256 Credential=LTAI********************/20250417/cn-hangzhou/oss/aliyun_v4_request,Signature=a7c3554c729d71929e0b84489addee6b2e8d5cb48595adfc51868c299c0c218eSample responses
HTTP/1.1 200 OK x-oss-version-id: CAEQMhiBgMC1qpSD0BYiIGQ0ZmI5ZDEyYWVkNTQwMjBiNTliY2NjNmY3ZTVk**** x-oss-request-id: 5CAC3BF2B7AEADE017000621 Date: Tue, 09 Apr 2019 06:30:10 GMT Content-Length: 261 Content-Type: application/xml Connection: keep-alive Server: AliyunOSS <?xml version="1.0" encoding="UTF-8"?> <AccessControlPolicy> <Owner> <ID>1234513715092****</ID> <DisplayName>1234513715092****</DisplayName> </Owner> <AccessControlList> <Grant>public-read</Grant> </AccessControlList> </AccessControlPolicy>
OSS SDKs
Call GetObjectACL with OSS SDKs for the following languages:
ossutil
For information about the ossutil command that corresponds to the GetObjectACL operation, see get-object-acl.
Error codes
|
Error code |
HTTP status code |
Error message |
Description |
|
AccessDenied |
403 |
You do not have read acl permission on this object. |
You are not authorized to perform this operation. Only the bucket owner can query object ACLs. |