Stay organized with collections Save and categorize content based on your preferences.
The ObjectAccessControls resources represent the Access Control Lists (ACLs) for objects within Cloud Storage. ACLs let you specify who has access to your data and to what extent.
Important: The methods for this resource fail with a400 Bad Request response for buckets with uniform bucket-level access enabled. Use storage.buckets.getIamPolicy and storage.buckets.setIamPolicy to control access instead. There are two roles that can be assigned to an entity:
READERs can get an object, though the acl property will not be revealed.OWNERs are READERs, and they can get the acl property, update an object, and call all objectAccessControls methods on the object. The owner of an object is always an OWNER.READER and OWNER instead of READ and FULL_CONTROL.
To try out the methods for this resource, see Methods.
Resource representations{
"kind": "storage#objectAccessControl",
"object": string,
"generation": "long",
"id": string,
"selfLink": string,
"bucket": string,
"entity": string,
"role": string,
"email": string,
"domain": string,
"entityId": string,
"etag": string,
"projectTeam": {
"projectNumber": string,
"team": string
}
} Property name Value Description Notes bucket string The name of the bucket. domain string The domain associated with the entity, if any. email string The email address associated with the entity, if any. entity string The entity holding the permission, in one of the following forms:
user-emailgroup-groupIdgroup-emaildomain-domainproject-team-projectIdallUsersallAuthenticatedUsersliz@example.com would be user-liz@example.com.example@googlegroups.com would be group-example@googlegroups.com.example.com, the entity would be domain-example.com.entityId string The ID for the entity, if any. etag string HTTP 1.1 Entity tag for the access-control entry. generation long1 The content generation of the object, if applied to an object. id string The ID of the access-control entry. kind string The kind of item this is. For object access control entries, this is always storage#objectAccessControl. object string The name of the object, if applied to an object. projectTeam object The project team associated with the entity, if any. projectTeam.projectNumber string The project number. projectTeam.team string The team.
Acceptable values are:
editors"owners"viewers"role string The access permission for the entity.
Acceptable values are:
OWNER"READER"selfLink string The link to this access-control entry. 1 This property is a string formatted as the specified value type. Methods
The methods for working with an object's access controls are as follows:
Except as otherwise noted, the content of this page is licensed under the Creative Commons Attribution 4.0 License, and code samples are licensed under the Apache 2.0 License. For details, see the Google Developers Site Policies. Java is a registered trademark of Oracle and/or its affiliates.
Last updated 2025-08-07 UTC.
[[["Easy to understand","easyToUnderstand","thumb-up"],["Solved my problem","solvedMyProblem","thumb-up"],["Other","otherUp","thumb-up"]],[["Hard to understand","hardToUnderstand","thumb-down"],["Incorrect information or sample code","incorrectInformationOrSampleCode","thumb-down"],["Missing the information/samples I need","missingTheInformationSamplesINeed","thumb-down"],["Other","otherDown","thumb-down"]],["Last updated 2025-08-07 UTC."],[],[]]
RetroSearch is an open source project built by @garambo | Open a GitHub Issue
Search and Browse the WWW like it's 1997 | Search results from DuckDuckGo
HTML:
3.2
| Encoding:
UTF-8
| Version:
0.7.4