gsutil acl ch
gsutil acl ch
Contents
Ch Examples
gsutil acl ch -u AllUsers:R gs://example-bucket/example-object
Grant anyone on the internet WRITE access to the bucket example-bucket:
gsutil acl ch -u [email protected]:WRITE gs://example-bucket
Grant the group OWNER access to all jpg files in example-bucket:
gsutil acl ch -g [email protected]:O gs://example-bucket/**.jpg
Grant the owners of project example-project WRITE access to the bucket example-bucket:
gsutil acl ch -p owners-example-project:W gs://example-bucket
Remove access to the bucket example-bucket for the viewers of project number 12345:
gsutil acl ch -d viewers-12345 gs://example-bucket
Grant the user with the specified canonical ID READ access to all objects in example-bucket that begin with folder/:
gsutil acl ch -r \ -u 84fac329bceSAMPLE777d5d22b8SAMPLE785ac2SAMPLE2dfcf7c4adf34da46:R \ gs://example-bucket/folder/
Grant the service account [email protected] WRITE access to the bucket example-bucket:
gsutil acl ch -u [email protected]:W gs://example-bucket
Grant all users from the G Suite domain my-domain.org READ access to the bucket gcs.my-domain.org:
gsutil acl ch -g my-domain.org:R gs://gcs.my-domain.org
Remove any current access by [email protected] from the bucket example-bucket:
gsutil acl ch -d [email protected] gs://example-bucket
If you have a large number of objects to update, enabling multi-threading with the gsutil -m flag can significantly improve performance. The following command adds OWNER for [email protected] using multi-threading:
gsutil -m acl ch -r -u [email protected]:O gs://example-bucket
Grant READ access to everyone from my-domain.org and to all authenticated users, and grant OWNER to [email protected], for the buckets my-bucket and my-other-bucket, with multi-threading enabled:
gsutil -m acl ch -r -g my-domain.org:R -g AllAuth:R \ -u [email protected]:O gs://my-bucket/ gs://my-other-bucket
Ch Roles
You may specify the following roles with either their shorthand or their full name:
R: READ
W: WRITE
O: OWNER
Ch Entities
There are four different entity types: Users, Groups, All Authenticated Users, and All Users.
Users are added with -u and a plain ID or email address, as in "-u [email protected]:r". Note: Service Accounts are considered to be users.
See also
Advertising: