文件 AWS 開發套件範例 GitHub 儲存庫中有更多可用的 [AWS SDK 範例](https://github.com/awsdocs/aws-doc-sdk-examples)。
本文為英文版的機器翻譯版本,如內容有任何歧義或不一致之處,概以英文版為準。
# `PutObjectAcl` 搭配 AWS SDK 或 CLI 使用
下列程式碼範例示範如何使用 `PutObjectAcl`。
動作範例是大型程式的程式碼摘錄,必須在內容中執行。您可以在下列程式碼範例的內容中看到此動作:
+ [管理存取控制清單 (ACL)](s3_example_s3_Scenario_ManageACLs_section.md)
------
#### [ C\$1\$1 ]
**SDK for C\$1\$1**
GitHub 上提供更多範例。尋找完整範例,並了解如何在 [AWS 程式碼範例儲存庫](https://github.com/awsdocs/aws-doc-sdk-examples/tree/main/cpp/example_code/s3#code-examples)中設定和執行。
```
bool AwsDoc::S3::putObjectAcl(const Aws::String &bucketName, const Aws::String &objectKey, const Aws::String &ownerID,
const Aws::String &granteePermission, const Aws::String &granteeType,
const Aws::String &granteeID, const Aws::String &granteeEmailAddress,
const Aws::String &granteeURI, const Aws::S3::S3ClientConfiguration &clientConfig) {
Aws::S3::S3Client s3Client(clientConfig);
Aws::S3::Model::Owner owner;
owner.SetID(ownerID);
Aws::S3::Model::Grantee grantee;
grantee.SetType(setGranteeType(granteeType));
if (!granteeEmailAddress.empty()) {
grantee.SetEmailAddress(granteeEmailAddress);
}
if (!granteeID.empty()) {
grantee.SetID(granteeID);
}
if (!granteeURI.empty()) {
grantee.SetURI(granteeURI);
}
Aws::S3::Model::Grant grant;
grant.SetGrantee(grantee);
grant.SetPermission(setGranteePermission(granteePermission));
Aws::Vector grants;
grants.push_back(grant);
Aws::S3::Model::AccessControlPolicy acp;
acp.SetOwner(owner);
acp.SetGrants(grants);
Aws::S3::Model::PutObjectAclRequest request;
request.SetAccessControlPolicy(acp);
request.SetBucket(bucketName);
request.SetKey(objectKey);
Aws::S3::Model::PutObjectAclOutcome outcome =
s3Client.PutObjectAcl(request);
if (!outcome.IsSuccess()) {
auto error = outcome.GetError();
std::cerr << "Error: putObjectAcl: " << error.GetExceptionName()
<< " - " << error.GetMessage() << std::endl;
} else {
std::cout << "Successfully added an ACL to the object '" << objectKey
<< "' in the bucket '" << bucketName << "'." << std::endl;
}
return outcome.IsSuccess();
}
//! Routine which converts a human-readable string to a built-in type enumeration.
/*!
\param access: Human readable string.
\return Permission: Permission enumeration.
*/
Aws::S3::Model::Permission setGranteePermission(const Aws::String &access) {
if (access == "FULL_CONTROL")
return Aws::S3::Model::Permission::FULL_CONTROL;
if (access == "WRITE")
return Aws::S3::Model::Permission::WRITE;
if (access == "READ")
return Aws::S3::Model::Permission::READ;
if (access == "WRITE_ACP")
return Aws::S3::Model::Permission::WRITE_ACP;
if (access == "READ_ACP")
return Aws::S3::Model::Permission::READ_ACP;
return Aws::S3::Model::Permission::NOT_SET;
}
//! Routine which converts a human-readable string to a built-in type enumeration.
/*!
\param type: Human readable string.
\return Type: Type enumeration.
*/
Aws::S3::Model::Type setGranteeType(const Aws::String &type) {
if (type == "Amazon customer by email")
return Aws::S3::Model::Type::AmazonCustomerByEmail;
if (type == "Canonical user")
return Aws::S3::Model::Type::CanonicalUser;
if (type == "Group")
return Aws::S3::Model::Type::Group;
return Aws::S3::Model::Type::NOT_SET;
}
```
+ 如需 API 詳細資訊,請參閱《適用於 C\$1\$1 的 AWS SDK API 參考》**中的 [PutObjectAcl](https://docs.aws.amazon.com/goto/SdkForCpp/s3-2006-03-01/PutObjectAcl)。
------
#### [ CLI ]
**AWS CLI**
下列命令`full control`會授予兩個 AWS 使用者 (*user1@example.com* 和 *user2@example.com*) 和`read`許可給每個人:
```
aws s3api put-object-acl --bucket amzn-s3-demo-bucket --key file.txt --grant-full-control emailaddress=user1@example.com,emailaddress=user2@example.com --grant-read uri=http://acs.amazonaws.com/groups/global/AllUsers
```
如需自訂 ACL (s3api ACL 命令如 `put-object-acl`,使用相同的速記引數表示法),請參閱 http://docs.aws.amazon.com/AmazonS3/latest/API/RESTBucketPUTacl.html。
+ 如需 API 詳細資訊,請參閱《AWS CLI 命令參考》**中的 [PutObjectAcl](https://awscli.amazonaws.com/v2/documentation/api/latest/reference/s3api/put-object-acl.html)。
------
#### [ Python ]
**適用於 Python 的 SDK (Boto3)**
GitHub 上提供更多範例。尋找完整範例,並了解如何在 [AWS 程式碼範例儲存庫](https://github.com/awsdocs/aws-doc-sdk-examples/tree/main/python/example_code/s3/s3_basics#code-examples)中設定和執行。
```
class ObjectWrapper:
"""Encapsulates S3 object actions."""
def __init__(self, s3_object):
"""
:param s3_object: A Boto3 Object resource. This is a high-level resource in Boto3
that wraps object actions in a class-like structure.
"""
self.object = s3_object
self.key = self.object.key
def put_acl(self, email):
"""
Applies an ACL to the object that grants read access to an AWS user identified
by email address.
:param email: The email address of the user to grant access.
"""
try:
acl = self.object.Acl()
# Putting an ACL overwrites the existing ACL, so append new grants
# if you want to preserve existing grants.
grants = acl.grants if acl.grants else []
grants.append(
{
"Grantee": {"Type": "AmazonCustomerByEmail", "EmailAddress": email},
"Permission": "READ",
}
)
acl.put(AccessControlPolicy={"Grants": grants, "Owner": acl.owner})
logger.info("Granted read access to %s.", email)
except ClientError:
logger.exception("Couldn't add ACL to object '%s'.", self.object.key)
raise
```
+ 如需 API 詳細資訊,請參閱*《適用於 Python (Boto3) 的AWS SDK API 參考》*中的 [PutObjectAcl](https://docs.aws.amazon.com/goto/boto3/s3-2006-03-01/PutObjectAcl)。
------
#### [ SAP ABAP ]
**適用於 SAP ABAP 的開發套件**
GitHub 上提供更多範例。尋找完整範例,並了解如何在 [AWS 程式碼範例儲存庫](https://github.com/awsdocs/aws-doc-sdk-examples/tree/main/sap-abap/services/s3#code-examples)中設定和執行。
```
TRY.
" Example: Grant read access to an AWS user
" iv_grantread = 'emailAddress=user@example.com'
lo_s3->putobjectacl(
iv_bucket = iv_bucket_name
iv_key = iv_object_key
iv_grantread = iv_grantread ).
MESSAGE 'Object ACL updated.' TYPE 'I'.
CATCH /aws1/cx_s3_nosuchbucket.
MESSAGE 'Bucket does not exist.' TYPE 'E'.
CATCH /aws1/cx_s3_nosuchkey.
MESSAGE 'Object key does not exist.' TYPE 'E'.
ENDTRY.
```
+ 如需 API 詳細資訊,請參閱《適用於 *AWS SAP ABAP 的 SDK API 參考*》中的 [PutObjectAcl](https://docs.aws.amazon.com/sdk-for-sap-abap/v1/api/latest/index.html)。
------