bucketPutAcl method

Uploads an access control list for a bucket.


ACLs can be uploaded as XML documents or using special x-amx-grant* headers. Do not use XML documents and x-amx-grant* headers in the same request.


PUT /{bucket}?acl HTTP/1.1

Path parameters

Parameter Description
bucket Name of the bucket.

Query parameters

Parameter Description
acl Required parameter that indicates the type of operation.


Use the necessary common request headers in requests.

You can also use the headers listed below.

Heading Description
x-amz-acl Sets a predefined ACL for an object.
x-amz-grant-read Grants the access grantee permission to view the contents of a bucket and read objects within it.
x-amz-grant-write Grants the access grantee object write permission. You must use this heading with x-amz-grant-read, otherwise Object Storage will return code 501 Not Implemented.
x-amz-grant-read-acp Grants the access grantee bucket ACL read permission.
x-amz-grant-write-acp Grants the access grantee bucket ACL write permission.
x-amz-grant-full-control Grants the access grantee the following permissions: READ, WRITE, READ_ACP, and WRITE_ACP for a bucket.

The value for a x-amz-grant-* header is a comma-separated list of access grantees. Each access grantee is identified in a structure like: <access grantee type>:<access grantee ID>. Object Storage supports the following types of access grantees:

  • id — access grantee — Yandex.Cloud user.
  • uri — access grantee — system group.


x-amz-grant-read: uri="http://acs.amazonaws.com/groups/s3/AuthenticatedUsers"

Data schema

ACLs are passed as XML documents. For the schema description, see ACL XML schema.



Responses can only contain common response headers.

Response codes

For the list of possible responses, see Responses.