D'autres exemples de AWS SDK sont disponibles dans le référentiel [AWS Doc SDK Examples](https://github.com/awsdocs/aws-doc-sdk-examples) GitHub . Les traductions sont fournies par des outils de traduction automatique. En cas de conflit entre le contenu d'une traduction et celui de la version originale en anglais, la version anglaise prévaudra. # Utilisation `PutBucketAcl` avec un AWS SDK ou une CLI Les exemples de code suivants illustrent comment utiliser `PutBucketAcl`. Les exemples d’actions sont des extraits de code de programmes de plus grande envergure et doivent être exécutés en contexte. Vous pouvez voir cette action en contexte dans l’exemple de code suivant : + [Gérer les listes de contrôle d'accès (ACLs)](s3_example_s3_Scenario_ManageACLs_section.md) ------ #### [ .NET ] **SDK pour .NET** Il y en a plus à ce sujet GitHub. Trouvez l’exemple complet et découvrez comment le configurer et l’exécuter dans le [référentiel d’exemples de code AWS](https://github.com/awsdocs/aws-doc-sdk-examples/tree/main/dotnetv3/S3#code-examples). ``` ///

/// Creates an Amazon S3 bucket with an ACL to control access to the /// bucket and the objects stored in it. ///

/// The initialized client object used to create /// an Amazon S3 bucket, with an ACL applied to the bucket. /// /// The AWS Region where the bucket will be created. /// The name of the bucket to create. /// A boolean value indicating success or failure. public static async Task CreateBucketUseCannedACLAsync(IAmazonS3 client, S3Region region, string newBucketName) { try { // Create a new Amazon S3 bucket with Canned ACL. var putBucketRequest = new PutBucketRequest() { BucketName = newBucketName, BucketRegion = region, CannedACL = S3CannedACL.LogDeliveryWrite, }; PutBucketResponse putBucketResponse = await client.PutBucketAsync(putBucketRequest); return putBucketResponse.HttpStatusCode == System.Net.HttpStatusCode.OK; } catch (AmazonS3Exception ex) { Console.WriteLine($"Amazon S3 error: {ex.Message}"); } return false; } ``` + Pour plus de détails sur l'API, reportez-vous [PutBucketAcl](https://docs.aws.amazon.com/goto/DotNetSDKV3/s3-2006-03-01/PutBucketAcl)à la section *Référence des AWS SDK pour .NET API*. ------ #### [ C\$1\$1 ] **SDK pour C\$1\$1** Il y en a plus à ce sujet GitHub. Trouvez l’exemple complet et découvrez comment le configurer et l’exécuter dans le [référentiel d’exemples de code AWS](https://github.com/awsdocs/aws-doc-sdk-examples/tree/main/cpp/example_code/s3#code-examples). ``` bool AwsDoc::S3::putBucketAcl(const Aws::String &bucketName, const Aws::String &ownerID, const Aws::String &granteePermission, const Aws::String &granteeType, const Aws::String &granteeID, const Aws::String &granteeEmailAddress, const Aws::String &granteeURI, const Aws::S3::S3ClientConfiguration &clientConfig) { Aws::S3::S3Client s3Client(clientConfig); Aws::S3::Model::Owner owner; owner.SetID(ownerID); Aws::S3::Model::Grantee grantee; grantee.SetType(setGranteeType(granteeType)); if (!granteeEmailAddress.empty()) { grantee.SetEmailAddress(granteeEmailAddress); } if (!granteeID.empty()) { grantee.SetID(granteeID); } if (!granteeURI.empty()) { grantee.SetURI(granteeURI); } Aws::S3::Model::Grant grant; grant.SetGrantee(grantee); grant.SetPermission(setGranteePermission(granteePermission)); Aws::Vector grants; grants.push_back(grant); Aws::S3::Model::AccessControlPolicy acp; acp.SetOwner(owner); acp.SetGrants(grants); Aws::S3::Model::PutBucketAclRequest request; request.SetAccessControlPolicy(acp); request.SetBucket(bucketName); Aws::S3::Model::PutBucketAclOutcome outcome = s3Client.PutBucketAcl(request); if (!outcome.IsSuccess()) { const Aws::S3::S3Error &error = outcome.GetError(); std::cerr << "Error: putBucketAcl: " << error.GetExceptionName() << " - " << error.GetMessage() << std::endl; } else { std::cout << "Successfully added an ACL to the bucket '" << bucketName << "'." << std::endl; } return outcome.IsSuccess(); } //! Routine which converts a human-readable string to a built-in type enumeration. /*! \param access: Human readable string. \return Permission: A Permission enum. */ Aws::S3::Model::Permission setGranteePermission(const Aws::String &access) { if (access == "FULL_CONTROL") return Aws::S3::Model::Permission::FULL_CONTROL; if (access == "WRITE") return Aws::S3::Model::Permission::WRITE; if (access == "READ") return Aws::S3::Model::Permission::READ; if (access == "WRITE_ACP") return Aws::S3::Model::Permission::WRITE_ACP; if (access == "READ_ACP") return Aws::S3::Model::Permission::READ_ACP; return Aws::S3::Model::Permission::NOT_SET; } //! Routine which converts a human-readable string to a built-in type enumeration. /*! \param type: Human readable string. \return Type: Type enumeration */ Aws::S3::Model::Type setGranteeType(const Aws::String &type) { if (type == "Amazon customer by email") return Aws::S3::Model::Type::AmazonCustomerByEmail; if (type == "Canonical user") return Aws::S3::Model::Type::CanonicalUser; if (type == "Group") return Aws::S3::Model::Type::Group; return Aws::S3::Model::Type::NOT_SET; } ``` + Pour plus de détails sur l'API, reportez-vous [PutBucketAcl](https://docs.aws.amazon.com/goto/SdkForCpp/s3-2006-03-01/PutBucketAcl)à la section *Référence des AWS SDK pour C\$1\$1 API*. ------ #### [ CLI ] **AWS CLI** Cet exemple accorde `full control` l'autorisation à deux AWS utilisateurs (*user1@example.com* et *user2@example.com*) et `read` l'autorisation à tout le monde : ``` aws s3api put-bucket-acl --bucket amzn-s3-demo-bucket --grant-full-control emailaddress=user1@example.com,emailaddress=user2@example.com --grant-read uri=http://acs.amazonaws.com/groups/global/AllUsers ``` Voir http://docs.aws.amazon. com/AmazonS3/latest/API/RESTBucketPUTacl.html pour plus de détails sur la personnalisation ACLs (les commandes ACL s3api, par exemple`put-bucket-acl`, utilisent la même notation abrégée pour les arguments). + Pour plus de détails sur l'API, reportez-vous [PutBucketAcl](https://awscli.amazonaws.com/v2/documentation/api/latest/reference/s3api/put-bucket-acl.html)à la section *Référence des AWS CLI commandes*. ------ #### [ Java ] **SDK pour Java 2.x** Il y en a plus à ce sujet GitHub. Trouvez l’exemple complet et découvrez comment le configurer et l’exécuter dans le [référentiel d’exemples de code AWS](https://github.com/awsdocs/aws-doc-sdk-examples/tree/main/javav2/example_code/s3#code-examples). ``` import software.amazon.awssdk.regions.Region; import software.amazon.awssdk.services.s3.S3Client; import software.amazon.awssdk.services.s3.model.AccessControlPolicy; import software.amazon.awssdk.services.s3.model.Grant; import software.amazon.awssdk.services.s3.model.Permission; import software.amazon.awssdk.services.s3.model.PutBucketAclRequest; import software.amazon.awssdk.services.s3.model.S3Exception; import software.amazon.awssdk.services.s3.model.Type; import java.util.ArrayList; import java.util.List; /** * Before running this Java V2 code example, set up your development * environment, including your credentials. *

* For more information, see the following documentation topic: *

* https://docs.aws.amazon.com/sdk-for-java/latest/developer-guide/get-started.html */ public class SetAcl { public static void main(String[] args) { final String usage = """ Usage: \s Where: bucketName - The Amazon S3 bucket to grant permissions on.\s id - The ID of the owner of this bucket (you can get this value from the AWS Management Console). """; if (args.length != 2) { System.out.println(usage); return; } String bucketName = args[0]; String id = args[1]; System.out.format("Setting access \n"); System.out.println(" in bucket: " + bucketName); Region region = Region.US_EAST_1; S3Client s3 = S3Client.builder() .region(region) .build(); setBucketAcl(s3, bucketName, id); System.out.println("Done!"); s3.close(); } /** * Sets the Access Control List (ACL) for an Amazon S3 bucket. * * @param s3 the S3Client instance to be used for the operation * @param bucketName the name of the S3 bucket to set the ACL for * @param id the ID of the AWS user or account that will be granted full control of the bucket * @throws S3Exception if an error occurs while setting the bucket ACL */ public static void setBucketAcl(S3Client s3, String bucketName, String id) { try { Grant ownerGrant = Grant.builder() .grantee(builder -> builder.id(id) .type(Type.CANONICAL_USER)) .permission(Permission.FULL_CONTROL) .build(); List grantList2 = new ArrayList<>(); grantList2.add(ownerGrant); AccessControlPolicy acl = AccessControlPolicy.builder() .owner(builder -> builder.id(id)) .grants(grantList2) .build(); PutBucketAclRequest putAclReq = PutBucketAclRequest.builder() .bucket(bucketName) .accessControlPolicy(acl) .build(); s3.putBucketAcl(putAclReq); } catch (S3Exception e) { e.printStackTrace(); System.exit(1); } } } ``` + Pour plus de détails sur l'API, reportez-vous [PutBucketAcl](https://docs.aws.amazon.com/goto/SdkForJavaV2/s3-2006-03-01/PutBucketAcl)à la section *Référence des AWS SDK for Java 2.x API*. ------ #### [ JavaScript ] **SDK pour JavaScript (v3)** Il y en a plus à ce sujet GitHub. Trouvez l’exemple complet et découvrez comment le configurer et l’exécuter dans le [référentiel d’exemples de code AWS](https://github.com/awsdocs/aws-doc-sdk-examples/tree/main/javascriptv3/example_code/s3#code-examples). Effectuez une commande PUT pour l’ACL du compartiment. ``` import { PutBucketAclCommand, S3Client, S3ServiceException, } from "@aws-sdk/client-s3"; /** * Grant read access to a user using their canonical AWS account ID. * * Most Amazon S3 use cases don't require the use of access control lists (ACLs). * We recommend that you disable ACLs, except in unusual circumstances where * you need to control access for each object individually. Consider a policy instead. * For more information see https://docs.aws.amazon.com/AmazonS3/latest/userguide/bucket-policies.html. * @param {{ bucketName: string, granteeCanonicalUserId: string, ownerCanonicalUserId }} */ export const main = async ({ bucketName, granteeCanonicalUserId, ownerCanonicalUserId, }) => { const client = new S3Client({}); const command = new PutBucketAclCommand({ Bucket: bucketName, AccessControlPolicy: { Grants: [ { Grantee: { // The canonical ID of the user. This ID is an obfuscated form of your AWS account number. // It's unique to Amazon S3 and can't be found elsewhere. // For more information, see https://docs.aws.amazon.com/AmazonS3/latest/userguide/finding-canonical-user-id.html. ID: granteeCanonicalUserId, Type: "CanonicalUser", }, // One of FULL_CONTROL | READ | WRITE | READ_ACP | WRITE_ACP // https://docs.aws.amazon.com/AmazonS3/latest/API/API_Grant.html#AmazonS3-Type-Grant-Permission Permission: "READ", }, ], Owner: { ID: ownerCanonicalUserId, }, }, }); try { await client.send(command); console.log(`Granted READ access to ${bucketName}`); } catch (caught) { if ( caught instanceof S3ServiceException && caught.name === "NoSuchBucket" ) { console.error( `Error from S3 while setting ACL for bucket ${bucketName}. The bucket doesn't exist.`, ); } else if (caught instanceof S3ServiceException) { console.error( `Error from S3 while setting ACL for bucket ${bucketName}. ${caught.name}: ${caught.message}`, ); } else { throw caught; } } }; ``` + Pour plus d’informations, consultez le [Guide du développeur AWS SDK pour JavaScript](https://docs.aws.amazon.com/sdk-for-javascript/v3/developer-guide/s3-example-access-permissions.html#s3-example-access-permissions-put-acl). + Pour plus de détails sur l'API, reportez-vous [PutBucketAcl](https://docs.aws.amazon.com/AWSJavaScriptSDK/v3/latest/client/s3/command/PutBucketAclCommand)à la section *Référence des AWS SDK pour JavaScript API*. ------ #### [ Kotlin ] **SDK pour Kotlin** Il y en a plus à ce sujet GitHub. Trouvez l’exemple complet et découvrez comment le configurer et l’exécuter dans le [référentiel d’exemples de code AWS](https://github.com/awsdocs/aws-doc-sdk-examples/tree/main/kotlin/services/s3#code-examples). ``` suspend fun setBucketAcl( bucketName: String, idVal: String, ) { val myGrant = Grantee { id = idVal type = Type.CanonicalUser } val ownerGrant = Grant { grantee = myGrant permission = Permission.FullControl } val grantList = mutableListOf() grantList.add(ownerGrant) val ownerOb = Owner { id = idVal } val acl = AccessControlPolicy { owner = ownerOb grants = grantList } val request = PutBucketAclRequest { bucket = bucketName accessControlPolicy = acl } S3Client.fromEnvironment { region = "us-east-1" }.use { s3 -> s3.putBucketAcl(request) println("An ACL was successfully set on $bucketName") } } ``` + Pour plus de détails sur l'API, reportez-vous [PutBucketAcl](https://sdk.amazonaws.com/kotlin/api/latest/index.html)à la section *AWS SDK pour la référence de l'API Kotlin*. ------ #### [ Python ] **Kit SDK for Python (Boto3)** Il y en a plus à ce sujet GitHub. Trouvez l’exemple complet et découvrez comment le configurer et l’exécuter dans le [référentiel d’exemples de code AWS](https://github.com/awsdocs/aws-doc-sdk-examples/tree/main/python/example_code/s3/s3_basics#code-examples). ``` class BucketWrapper: """Encapsulates S3 bucket actions.""" def __init__(self, bucket): """ :param bucket: A Boto3 Bucket resource. This is a high-level resource in Boto3 that wraps bucket actions in a class-like structure. """ self.bucket = bucket self.name = bucket.name def grant_log_delivery_access(self): """ Grant the AWS Log Delivery group write access to the bucket so that Amazon S3 can deliver access logs to the bucket. This is the only recommended use of an S3 bucket ACL. """ try: acl = self.bucket.Acl() # Putting an ACL overwrites the existing ACL. If you want to preserve # existing grants, append new grants to the list of existing grants. grants = acl.grants if acl.grants else [] grants.append( { "Grantee": { "Type": "Group", "URI": "http://acs.amazonaws.com/groups/s3/LogDelivery", }, "Permission": "WRITE", } ) acl.put(AccessControlPolicy={"Grants": grants, "Owner": acl.owner}) logger.info("Granted log delivery access to bucket '%s'", self.bucket.name) except ClientError: logger.exception("Couldn't add ACL to bucket '%s'.", self.bucket.name) raise ``` + Pour plus de détails sur l'API, consultez [PutBucketAcl](https://docs.aws.amazon.com/goto/boto3/s3-2006-03-01/PutBucketAcl)le *AWS manuel de référence de l'API SDK for Python (Boto3*). ------ #### [ SAP ABAP ] **Kit SDK pour SAP ABAP** Il y en a plus à ce sujet GitHub. Trouvez l’exemple complet et découvrez comment le configurer et l’exécuter dans le [référentiel d’exemples de code AWS](https://github.com/awsdocs/aws-doc-sdk-examples/tree/main/sap-abap/services/s3#code-examples). ``` TRY. " Example: Grant log delivery access to a bucket " iv_grantwrite = 'uri=http://acs.amazonaws.com/groups/s3/LogDelivery' lo_s3->putbucketacl( iv_bucket = iv_bucket_name iv_grantwrite = iv_grantwrite ). MESSAGE 'Bucket ACL updated.' TYPE 'I'. CATCH /aws1/cx_s3_nosuchbucket. MESSAGE 'Bucket does not exist.' TYPE 'E'. ENDTRY. ``` + Pour plus de détails sur l'API, reportez-vous [PutBucketAcl](https://docs.aws.amazon.com/sdk-for-sap-abap/v1/api/latest/index.html)à la section de référence du *AWS SDK pour l'API SAP ABAP*. ------