S3 - Set ACL

 

Declaration

<AMAWSS3 ACTIVITY="set_acl" BUCKETNAME="text" KEYNAME="text" VERSION="number" ACL="text (options)" SESSION="text" />

See Also

S3 - Copy Object | S3 - Create Bucket | S3 - Create Session | S3 - Delete Bucket | S3 - End Session | S3 - Get ACL | S3 - Get Bucket Location | S3 - Get Bucket Versioning | S3 - Get Bucket(s) | S3 - Get Object | S3 - Get Objects Dataset | S3 - Get Presigned URL | S3 - Put Object | S3 - Set ACL | S3 - Set Bucket Versioning

Description

Sets the Access Control List (ACL) permissions for an existing bucket or object. Each bucket and object in S3 includes an ACL that defines which users are granted access to objects, as well as what operations are allowed on given objects.

NOTE: Bucket ACLs are completely independent of Object ACLs. This means that ACLs set on a bucket can be different of ACLs set on any object contained in bucket. An ACL is a list of grants. A grant consists of one grantee and one permission.

 

IMPORTANT: The S3 activities in AutoMate use the Amazon S3 engine to perform their work. Because of this, you must have a valid Amazon S3 service account to use these activities.

Practical Usage

Used to set the ACL permissions for an existing bucket or object.

Parameters

ACL Properties

Property
Type
Required
Default
Markup
Description

Bucket Name

Text

Yes

(Empty)

BUCKETNAME="MyBucket"

Indicates the name of the Bucket to set.

Key Name (Optional)

Text

No

(Empty)

KEYNAME="myFile"

The key name of the object to set. A key is the unique identifier for an object within a bucket. Every object in a bucket has exactly one key.

Canned ACL

Text

Yes

Private

ACL="PublicRead"

Specifies the ACL policy to set. The available Canned ACL options are:

  • NoACL - No access policies.

  • Private (Default) - Owner gets full control. No one else has access rights.

  • PublicRead - Owner gets full control and the anonymous principal is granted read access.

  • PublicReadWrite - Owner gets full control, the anonymous principal is granted read/write access. Useful policy to apply to a bucket, but is generally not recommended.

  • AuthenticatedRead - Owner gets full control, and any principal authenticated as a registered Amazon S3 user is granted read access.

  • BucketOwnerRead - Object owner gets full control. Bucket owner gets read access. This ACL applies only to objects and is equivalent to Private when used with Create Bucket activity. Use this ACL to let someone other than the bucket owner write content (get full control) in the bucket but still grant the bucket owner read access to the objects.

  • BucketOwnerFullControl - Object owner gets full control. Bucket owner gets full control. Applies only to objects and is equivalent to Private when used with Create Bucket activity. Use this ACL to let someone other than the bucket owner write content (get full control) in the bucket but still grant the bucket owner full rights over the objects.

Version ID (Optional)

Text

No

(Empty)

VERSION="333333"

Specifies the version of the object in which to set. This property is useful if an object has the same key name but different version IDs.

Advanced Properties

Each Amazon S3 object has a set of key-value pairs with which it is associated called Headers or Metadata. Metadata provides important details about an object, such as file name, type, date of creation/modification etc. There are two kinds of metadata in S3; system metadata, and user metadata. System metadata is used and processed by Amazon S3. User metadata (also known as custom header) is specified by you, the user. Amazon S3 simply stores it and passes it back to you upon request.

AutoMate lets you to store your personal information as custom headers or user metadata like name, company name, and phone numbers etc, so that you can distinguish specific files. Using this option, you can add new custom header/user metadata to existing S3 objects, edit default S3 metadata on a bucket or store/upload new objects with custom header or metadata.

Property

Type

Req'd

Default

Markup

Description

Name

Text

No

(Empty)

HEADER NAME="myHeader"

Specifies the "key" in a key-value pair. This is the handle that you assign to an object.

Value

Text

No

(Empty)

VALUE="theValue"

Specifies the "value" in a key-value pair. This is the content that you are storing for an object.

Credentials Properties

These properties allow you to enter a custom set of credentials specific to this activity or link this activity to an existing session.

Property

Type

Req'd

Default

Markup

Description

Provide Credentials

 

 

 

 

Indicates where this activity's credentials should originate from. Different properties apply depending on the option selected. This is a design-time parameter used interactively during  construction mode, thus, contains no markups. The available options are:

  • Custom (Default) - Specifies that a custom set of credentials will be entered for this S3 activity. Select this option if performing a single S3 activity.

  • Session Based - Specifies that credentials should derive from a session created in a previous step with the use of the Create Session activity. This allows several S3 activities to be linked to a specific session.

Access Key

Text

Yes

(Empty)

ACCESSKEY="MyAccessKey"

Specifies the 20-character, alphanumeric string that uniquely identifies a user who owns an s3 account. This along with a Secret Access Key forms a secure information set that S3 uses to confirm a valid user's identity.

This property is active only if Custom is selected under the Provide Credentials property.

Secret Access Key

Text

Yes

(Empty)

SECRETKEY="SecretKey"

A 40-character string that serves the role as Password to access S3. This along with an associated Access Key forms a secure information set that S3 uses to confirm a valid user's identity.

This property is active only if Custom is selected under the Provide Credentials property.

Protocol

Text

No

HTTP

PROTOCOL = "HTTPS"

The protocol that should be used to make requests to the S3 service. The available options are:

  • HTTP (Default)

  • HTTPS

This property is active only if Custom is selected under the Provide Credentials property.

User Agent

Text

No

AutoMate

USERAGENT="AutoMate"

The value of the HTTP User-Agent header. The User-Agent request-header field contains information about the user agent originating the request. The default User Agent is AutoMate.

This property is active only if Custom is selected under the Provide Credentials property.

Service URL

Text

No

(Empty)

SERVICEURL=

"https://eu-west-1.ec2.amazonaws.com"

The Service URL used to make requests to the S3 service. The Service URL provides the service endpoint.

This property is active only if Custom is selected under the Provide Credentials property.

Maximum retry on error

Number

No

(Empty)

MAXERRORRETRY="4"

Signifies how many times the Amazon S3 engine should retry the request before returning an error.

This property is active only if Custom is selected under the Provide Credentials property.

Proxy Host

Text

No

(Empty)

PROXYHOST="proxy.host.com"

The hostname (server.domain.com) or IP address (xxx.xxx.xxx.xxx) of the proxy server.

This property is active only if Custom is selected under the Provide Credentials property.

Proxy Port

Number

No

(Empty)

PROXYPORT="1028"

The port that should be used to connect to the proxy server.

This property is active only if Custom is selected under the Provide Credentials property.

Session Name

Text

Yes

(Empty)

SESSION="SessionName"

The session name that this activity should originate from. This allows several S3 activities to be linked to a specific session. Numerous sessions can be used within a single task.

This property is active only if Session Based is selected under the Provide Credentials property.

NOTE: Use the Create Session activity to create and name an S3 session.

Description Properties

The Description tab allows you to customize the text description of any step as it appears in the Task Builder's Steps Pane.

More on setting custom step description

Error Causes Properties

The Error Causes tab properties allows you to instruct a task step to react only to specific errors or ignore certain errors that should cause it to fail.

More on Error Causes properties

On Error Properties

The On Error tab properties lets you determine what the task should do if a particular step encounters an error as defined in the Error Causes properties.

More about On Error properties

Notes

Expressions, Variables and Functions

All text fields allow the use of expressions such as variables, functions or AutoMate extended functions, which can be entered by surrounding the expression in percentage signs (example: %FileDateTime(myVar)% or %myVar%, %Left('Text',2)%). To help construct these expressions, you can open Expression Builder from these fields by clicking the Insert Expression (%) button or by pressing F2.

More on expressions

More on variables

More on function

More on extended functions
More on expression builder

Example

NOTE: The code below can be copied and pasted directly into the Steps pane of the Task Builder.

 

Description: Set access control list (ACL)  to "PublicRead". Bucket name is "myBucket". Key name is "file.txt". Version ID is "2". Use "mySession" S3 session.

 

<AMAWSS3 ACTIVITY="set_acl" BUCKETNAME="myBucket" KEYNAME="file.txt" VERSION="2" ACL="PublicRead" SESSION="mySession" />

 

↑ [Top of Page]