Share a Bucket Using a Canned Access Control List

Canned access control lists are predefined, built-in access control lists that you can use to share buckets within your organization or publicly over the Internet.

Note: Setting a canned access control list to a bucket overwrites existing permissions configuration for the bucket.

Prerequisites

Verify that you have the required set of rights to share a bucket.

If you are an organization administrator, you can share buckets that users in your organization own.
To share a bucket as an organization user, you must be the owner of the bucket.
Alternatively, the owner must assign one of the following sets of permissions for the bucket to your user account.
- Read of Bucket, Write of Bucket, Read of ACL, and Write of ACL
- Read of Bucket, Read of ACL, and Write of ACL
- Full Control

Procedure

Log in to the VMware Cloud Director tenant portal.
From the More drop-down menu, select Object Storage.
In the Buckets pane, click the name of the bucket that you want to share.
On the Permissions tab, click Set Canned ACL.

Select a canned access control list name for the bucket and click Set ACL.

Option	Description
Private	Only the bucket owner and the organization administrator can access the bucket.
Public Read	Grants Read permissions on the bucket to all users.
Public Read/Write	Grants Read and Write permissions on the bucket to all users.
Authenticated Users Read	Grants Read permissions to all authenticated VMware Cloud Director users.
Tenant Read	Grants Read permissions on the bucket to all users within the VMware Cloud Director organization. If you use the ECS storage platform, this option is not available. If you use AWS S3, this option is not available.
Tenant Read/Write	Grants Read and Write permissions on the bucket to all users within the VMware Cloud Director organization. If you use ECS or AWS S3, this option is not available.
System Logger	To write bucket logs, VMware Cloud Director Object Storage Extension uses the System Logger account. Modifying the permissions of the System Logger account for a logging target bucket might result in failure to write bucket logs. For more information, see Working with Bucket Logs. If you use the ECS storage platform, this option is not available.