DefaultObjectAccessControls | Cloud Storage | Google Cloud (original) (raw)
The DefaultObjectAccessControls resources represent the Access Control Lists (ACLs) applied to a new object within Cloud Storage when no ACL was provided for that object. ACLs let you specify who has access to your data and to what extent.
There are two roles that can be assigned to an entity:
READERs can get an object, though theaclproperty will not be revealed.OWNERs areREADERs, and they can get theaclproperty, update an object, and call all objectAccessControls methods on the object. For more information, see Access Control, with the caveat that this API usesREADERandOWNERinstead ofREADandFULL_CONTROL.
To try out the methods for this resource, see Methods.
Resource representations
{ "kind": "storage#objectAccessControl", "entity": string, "role": string, "email": string, "entityId": string, "domain": string, "projectTeam": { "projectNumber": string, "team": string }, "etag": string }
| Property name | Value | Description | Notes |
|---|---|---|---|
| domain | string | The domain associated with the entity, if any. | |
| string | The email address associated with the entity, if any. | ||
| entity | string | The entity holding the permission, in one of the following forms: user-email group-groupId group-email domain-domain project-team-projectId allUsers allAuthenticatedUsers Examples: The user liz@example.com would be user-liz@example.com. The group example@googlegroups.com would be group-example@googlegroups.com. To refer to all members of the domain example.com, the entity would be domain-example.com. | writable |
| entityId | string | The ID for the entity, if any. | |
| etag | string | HTTP 1.1 Entity tag for the access-control entry. | |
| kind | string | The kind of item this is. For object access control entries, this is always storage#objectAccessControl. | |
| projectTeam | object | The project team associated with the entity, if any. | |
| projectTeam.projectNumber | string | The project number. | |
| projectTeam.team | string | The team.Acceptable values are: "editors" "owners" "viewers" | |
| role | string | The access permission for the entity.Acceptable values are: "OWNER" "READER" | writable |
Methods
Buckets in Cloud Storage have an optional default object Access Control List. The methods for working with a bucket's default object access controls are as follows:
Permanently deletes the default object ACL entry for the specified entity on the specified bucket.
Returns the default object ACL entry for the specified entity on the specified bucket.
Creates a new default object ACL entry on the specified bucket.
Retrieves default object ACL entries on the specified bucket.
Updates a default object ACL entry on the specified bucket. This method supports patch semantics.
Updates a default object ACL entry on the specified bucket.