SetObjectAccessControlPolicy (SOAP API)
Note
SOAP APIs for Amazon S3 are not available for new customers, and are approaching End of Life (EOL) on October 31, 2025. We recommend that you use either the REST API or the Amazon SDKs.
The SetObjectAccessControlPolicy operation sets the access control policy for an existing object. If successful, the previous access control policy for the object is entirely replaced with the specified access control policy.
Example
This example gives the specified user (usually the owner) FULL_CONTROL access to the "Nelson" object from the "quotes" bucket.
Sample Request
<SetObjectAccessControlPolicy xmlns="http://doc.s3.amazonaws.com/2006-03-01"> <Bucket>quotes</Bucket> <Key>Nelson</Key> <AccessControlList> <Grant> <Grantee xsi:type="CanonicalUser"> <ID>a9a7b886d6fd24a52fe8ca5bef65f89a64e0193f23000e241bf9b1c61be666e9</ID> <DisplayName>chriscustomer</DisplayName> </Grantee> <Permission>FULL_CONTROL</Permission> </Grant> </AccessControlList> <AWSAccessKeyId>AKIAIOSFODNN7EXAMPLE</AWSAccessKeyId> <Timestamp>2006-03-01T12:00:00.183Z</Timestamp> <Signature>Iuyz3d3P0aTou39dzbqaEXAMPLE=</Signature> </SetObjectAccessControlPolicy>
Sample Response
<SetObjectAccessControlPolicyResponse xmlns="http://s3.amazonaws.com/doc/2006-03-01"> <SetObjectAccessControlPolicyResponse> <Code>200</Code> <Description>OK</Description> </SetObjectAccessControlPolicyResponse> </SetObjectAccessControlPolicyResponse>
Key
Important
Replacement must be made for object keys containing special characters (such as carriage returns) when using XML requests. For more information, see XML related object key constraints.
Access Control
You must have WRITE_ACP rights to the object in order to set the access control policy for a bucket.