Amazon S3 GetBucketAcl API

Download Amazon Cloud Connect Setup File
Download Amazon Cloud Connect Zip File

This implementation of the GET operation uses the acl subresource to return the access control list (ACL) of a bucket. To use GET to return the ACL of the bucket, you must have READ_ACP access to the bucket. If READ_ACP permission is granted to the anonymous user, you can return the ACL of the bucket without using an authorization header.

Related Resources

Request Syntax

GET /?acl HTTP/1.1 Host:

URI Request Parameters

The request uses the following URI parameters.


Specifies the S3 bucket whose ACL is being requested.

Required: Yes

Request Body

The request does not have a request body.

Response Syntax

HTTP/1.1 200 <?xml version="1.0" encoding="UTF-8"?> <AccessControlPolicy> <Owner> <DisplayName>string</DisplayName> <ID>string</ID> </Owner> <AccessControlList> <Grant> <Grantee> <DisplayName>string</DisplayName> <EmailAddress>string</EmailAddress> <ID>string</ID> <xsi:type>string</xsi:type> <URI>string</URI> </Grantee> <Permission>string</Permission> </Grant> </AccessControlList> </AccessControlPolicy>

Response Elements

If the action is successful, the service sends back an HTTP 200 response.

The following data is returned in XML format by the service.


Root level tag for the AccessControlPolicy parameters.

Required: Yes


A list of grants.

Type: Array of Grant data types


Container for the bucket owner's display name and ID.

Type: Owner data type


Sample Request

The following request returns the ACL of the specified bucket.

GET ?acl HTTP/1.1 Host: bucket.s3.<Region> Date: Wed, 28 Oct 2009 22:32:00 GMT Authorization: authorization string

Sample Response

HTTP/1.1 200 OK x-amz-id-2: eftixk72aD6Ap51TnqcoF8eFidJG9Z/2mkiDFu8yU9AS1ed4OpIszj7UDNEHGran x-amz-request-id: 318BC8BC148832E5 Date: Wed, 28 Oct 2009 22:32:00 GMT Last-Modified: Sun, 1 Jan 2006 12:00:00 GMT Content-Length: 124 Content-Type: text/plain Connection: close Server: AmazonS3 <AccessControlPolicy> <Owner> <ID>75aa57f09aa0c8caeab4f8c24e99d10f8e7faeebf76c078efc7c6caea54ba06a</ID> <DisplayName></DisplayName> </Owner> <AccessControlList> <Grant> <Grantee xmlns:xsi="" xsi:type="CanonicalUser"> <ID>75aa57f09aa0c8caeab4f8c24e99d10f8e7faeebf76c078efc7c6caea54ba06a</ID> <DisplayName></DisplayName> </Grantee> <Permission>FULL_CONTROL</Permission> </Grant> </AccessControlList> </AccessControlPolicy>