Difference between revisions of "Gsutil acl set"
(→Set) |
(→Set) |
||
Line 12: | Line 12: | ||
If you want to define more fine-grained control over your data, you can retrieve an ACL using the "acl get" command, save the output to a file, edit the file, and then use the "acl set" command to set that ACL on the buckets and/or objects. For example: | If you want to define more fine-grained control over your data, you can retrieve an ACL using the "acl get" command, save the output to a file, edit the file, and then use the "acl set" command to set that ACL on the buckets and/or objects. For example: | ||
− | |||
* <code>gsutil acl get gs://bucket/file.txt > acl.txt</code> | * <code>gsutil acl get gs://bucket/file.txt > acl.txt</code> |
Revision as of 10:14, 1 August 2022
gsutil acl set
Set
The "acl set" command allows you to set an Access Control List on one or more buckets and objects. The file-or-canned_acl_name parameter names either a canned ACL or the path to a file that contains ACL text. The simplest way to use the "acl set" command is to specify one of the canned ACLs, e.g.,:
gsutil acl set private gs://bucket
If you want to make an object or bucket publicly readable or writable, it is recommended to use "acl ch", to avoid accidentally removing OWNER permissions. See the "acl ch" section for details.
See Predefined ACLs for a list of canned ACLs.
If you want to define more fine-grained control over your data, you can retrieve an ACL using the "acl get" command, save the output to a file, edit the file, and then use the "acl set" command to set that ACL on the buckets and/or objects. For example:
gsutil acl get gs://bucket/file.txt > acl.txt
Make changes to acl.txt such as adding an additional grant, then:
gsutil acl set acl.txt gs://cats/file.txt
Note that you can set an ACL on multiple buckets or objects at once. For example, to set ACLs on all .jpg files found in a bucket:
gsutil acl set acl.txt gs://bucket/**.jpg
If you have a large number of ACLs to update you might want to use the gsutil -m option, to perform a parallel (multi-threaded/multi-processing) update:
gsutil -m acl set acl.txt gs://bucket/**.jpg
Note that multi-threading/multi-processing is only done when the named URLs refer to objects, which happens either if you name specific objects or if you enumerate objects by using an object wildcard or specifying the acl -r flag.
Set Options
The "set" sub-command has the following options
-R, -r
Performs "acl set" request recursively, to all objects under the specified URL.
-a
Performs "acl set" request on all object versions.
-f
Normally gsutil stops at the first error. The -f option causes it to continue when it encounters errors. If some of the ACLs couldn't be set, gsutil's exit status will be non-zero even if this flag is set. This option is implicitly set when running "gsutil -m acl...".
gsutil acl set private
See also
Advertising: