Module acl (1.43.0)
- 3.8.0 (latest)
- 3.7.0
- 3.6.0
- 3.5.0
- 3.4.1
- 3.3.1
- 3.2.0
- 3.1.1
- 3.0.0
- 2.19.0
- 2.17.0
- 2.16.0
- 2.15.0
- 2.14.0
- 2.13.0
- 2.12.0
- 2.11.0
- 2.10.0
- 2.9.0
- 2.8.0
- 2.7.0
- 2.6.0
- 2.5.0
- 2.4.0
- 2.3.0
- 2.2.1
- 2.1.0
- 2.0.0
- 1.44.0
- 1.43.0
- 1.42.3
- 1.41.1
- 1.40.0
- 1.39.0
- 1.38.0
- 1.37.1
- 1.36.2
- 1.35.1
- 1.34.0
- 1.33.0
- 1.32.0
- 1.31.2
- 1.30.0
- 1.29.0
- 1.28.1
- 1.27.0
- 1.26.0
- 1.25.0
- 1.24.1
- 1.23.0
- 1.22.0
- 1.21.0
- 1.20.0
- 1.19.0
- 1.18.0
- 1.17.0
Manipulate access control lists that Cloud Storage provides.
Bucket has a getting method that createsan ACL object under the hood, and you can interact with that usingacl:
.. literalinclude:: snippets.py :start-after: [START client_bucket_acl] :end-before: [END client_bucket_acl] :dedent: 4
Adding and removing permissions can be done with the following methods(in increasing order of granularity):
ACL.allcorresponds to access for all users.ACL.all_authenticatedcorrespondsto access for all users that are signed into a Google account.ACL.domaincorresponds to access on aper Google Apps domain (ie,example.com).ACL.groupcorresponds to access on aper group basis (either by ID or e-mail address).ACL.usercorresponds to access on aper user basis (either by ID or e-mail address).
And you are able togrant andrevoke the following roles:
- Reading:
_ACLEntity.grant_readand_ACLEntity.revoke_read - Writing:
_ACLEntity.grant_writeand_ACLEntity.revoke_write - Owning:
_ACLEntity.grant_ownerand_ACLEntity.revoke_owner
You can use any of these like any other factory method (these happen tobe_ACLEntity factories):
.. literalinclude:: snippets.py :start-after: [START acl_user_settings] :end-before: [END acl_user_settings] :dedent: 4
After that, you can save any changes you make with thesave method:
.. literalinclude:: snippets.py :start-after: [START acl_save] :end-before: [END acl_save] :dedent: 4
You can alternatively save any existingACLobject (whether it was created by a factory method or not) from aBucket:
.. literalinclude:: snippets.py :start-after: [START acl_save_bucket] :end-before: [END acl_save_bucket] :dedent: 4
To get the list ofentity androle for each unique pair, theACL class is iterable:
.. literalinclude:: snippets.py :start-after: [START acl_print] :end-before: [END acl_print] :dedent: 4
This list of tuples can be used as theentity androle fieldswhen sending metadata for ACLs to the API.
Classes
ACL
ACL()Container class representing a list of access controls.
BucketACL
BucketACL(bucket)An ACL specifically for a bucket.
| Parameter | |
|---|---|
| Name | Description |
bucket | BucketThe bucket to which this ACL relates. |
DefaultObjectACL
DefaultObjectACL(bucket)A class representing the default object ACL for a bucket.
ObjectACL
ObjectACL(blob)An ACL specifically for a Cloud Storage object / blob.
| Parameter | |
|---|---|
| Name | Description |
blob | BlobThe blob that this ACL corresponds to. |
Except as otherwise noted, the content of this page is licensed under theCreative Commons Attribution 4.0 License, and code samples are licensed under theApache 2.0 License. For details, see theGoogle Developers Site Policies. Java is a registered trademark of Oracle and/or its affiliates.
Last updated 2026-01-29 UTC.