BucketAccessControls: insert

Creates a new ACL entry on the specified bucket.

Required permissions

The authenticated user must have the following IAM permissions on the bucket to use this method:

  • storage.buckets.get
  • storage.buckets.getIamPolicy
  • storage.buckets.setIamPolicy
  • storage.buckets.update
As an alternative to having IAM permissions, the authenticated user can use this method by having the OWNER ACL permission for the bucket.

Request

HTTP request

POST https://storage.googleapis.com/storage/v1/b/bucket/acl

In addition to standard query parameters, the following query parameters apply to this method.

To see an example of how to include query parameters in a request, see the JSON API Overview page.

Parameters

Parameter name Value Description
Path parameters
bucket string Name of a bucket.

Request body

In the request body, supply a BucketAccessControls resource with the following properties:

Property name Value Description Notes
Required Properties
entity string The entity holding the permission, in one of the following forms:
  • user-email
  • group-groupId
  • group-email
  • domain-domain
  • project-team-projectId
  • allUsers
  • allAuthenticatedUsers
Examples:
  • The user liz@example.com would be user-liz@example.com.
  • The group example@googlegroups.com would be group-example@googlegroups.com.
  • To refer to all members of the domain example.com, the entity would be domain-example.com.
writable
role string The access permission for the entity.

Acceptable values are:
  • "OWNER"
  • "READER"
  • "WRITER"
writable

Response

If successful, this method returns a BucketAccessControls resource in the response body.

Try it!

Use the APIs Explorer below to call this method on live data and see the response.