S3 Canned ACL
Clone this wiki locally
Although the S3 API supports fine grained ACLs, the implemented S3 helpers support just the Canned ACLs.
The S3 Canned ACL argument is one of the Canned ACL as specified by the S3 documentation. If it is a value that evaluates to boolean false, then the acl argument is ignored. In this case, the S3 API sets the Canned ACL to 'private'.
Technically it is possible to use the fine grained ACLs, but you have to use the low level s3.put() method, while you need to generate all the XML boilerplate required by the S3 REST API docs. For most use cases, this doesn't make any sense, while sending a simple HTTP header is an order of magnitude easier.