Set Bucket ACL

Before setting ACL permissions, we recommend you read Managing S3 Access Control Lists (ACLs).

s3cmd [-c CONFIGFILE] setacl s3://BUCKET[/OBJECT] [--acl-grant=PERMISSION:{USER|GROUP}] [--acl-revoke=PERMISSION:{USER_VAST_ID|GROUP}]

CONFIGFILE	Configuration file. Defaults to $HOME/s3cf
BUCKET	Name of bucket
--acl-grant	Grant stated permission for stated user or group.
--acl-revoke	Revoke stated permission for stated user or group
PERMISSION	Type of permission to grant: read write read_acp write_acp full_control all
USER	A user to which you want to grant the permission. Can be specified as: . A principal name in the format user@domain, where user is the user name and domain is configured for an external auth provider on the cluster (LDAP, NIS). Note Users on the local provider cannot be specified this way. A VID, which is a VAST ID used in the cluster's internal user database. A user VID is retrievable by running the `user query` VAST CLI command and specify udb as the context of the query. The output includes the user's VID.
GROUP	Two pre-defined groups are supported: 'http://acs.amazonaws.com/groups/global/AllUsers' 'http://acs.amazonaws.com/groups/global/AuthenticatedUsers'

Examples

Grant full control to the predefined group AuthenticatedUsers to access the bucket mybucket.

$ s3cmd setacl s3://mybucket --acl-grant='full_control:http://acs.amazonaws.com/groups/global/AuthenticatedUsers'

Grant read permission to the predefined AllUsers group to access the bucket mybucket.

$ s3cmd setacl s3://mybucket --acl-grant='read:http://acs.amazonaws.com/groups/global/AllUsers'

Grant user with VAST ID 14 write permission to the bucket mybucket:

$ s3cmd setacl s3://mybucket --acl-grant='write:14