Book a Demo!
CoCalc Logo Icon
StoreFeaturesDocsShareSupportNewsAboutPoliciesSign UpSign In
awsdocs
GitHub Repository: awsdocs/amazon-s3-developer-guide
 Path: blob/master/code_examples/java_examples/S3Examples/CreateBucketWithACL.java
4084 views
1
// Copyright 2018 Amazon.com, Inc. or its affiliates. All Rights Reserved.

2
// SPDX-License-Identifier: MIT-0 (For details, see https://github.com/awsdocs/amazon-s3-developer-guide/blob/master/LICENSE-SAMPLECODE.)

3


4
import java.io.IOException;

5
import java.util.ArrayList;

6
import java.util.Collection;

7


8
import com.amazonaws.AmazonServiceException;

9
import com.amazonaws.SdkClientException;

10
import com.amazonaws.auth.profile.ProfileCredentialsProvider;

11
import com.amazonaws.services.s3.AmazonS3;

12
import com.amazonaws.services.s3.AmazonS3ClientBuilder;

13
import com.amazonaws.services.s3.model.AccessControlList;

14
import com.amazonaws.services.s3.model.CannedAccessControlList;

15
import com.amazonaws.services.s3.model.CanonicalGrantee;

16
import com.amazonaws.services.s3.model.CreateBucketRequest;

17
import com.amazonaws.services.s3.model.Grant;

18
import com.amazonaws.services.s3.model.GroupGrantee;

19
import com.amazonaws.services.s3.model.Permission;

20


21
public class CreateBucketWithACL {

22


23
    public static void main(String[] args) throws IOException {

24
        String clientRegion = "*** Client region ***";

25
        String bucketName = "*** Bucket name ***";

26


27
        try {

28
            AmazonS3 s3Client = AmazonS3ClientBuilder.standard()

29
                    .withCredentials(new ProfileCredentialsProvider())

30
                    .withRegion(clientRegion)

31
                    .build();

32


33
            // Create a bucket with a canned ACL. This ACL will be deleted by the

34
            // getGrantsAsList().clear() call below. It is here for demonstration

35
            // purposes.

36
            CreateBucketRequest createBucketRequest = new CreateBucketRequest(bucketName, clientRegion)

37
                    .withCannedAcl(CannedAccessControlList.LogDeliveryWrite);

38
            s3Client.createBucket(createBucketRequest);

39
    

40
            // Create a collection of grants to add to the bucket.

41
            Collection<Grant> grantCollection = new ArrayList<Grant>();

42
            

43
            // Grant the account owner full control.

44
            Grant grant1 = new Grant(new CanonicalGrantee(s3Client.getS3AccountOwner().getId()), Permission.FullControl);

45
            grantCollection.add(grant1);

46
    

47
            // Grant the LogDelivery group permission to write to the bucket.

48
            Grant grant2 = new Grant(GroupGrantee.LogDelivery, Permission.Write);

49
            grantCollection.add(grant2);

50
    

51
            // Save (replace) grants by deleting all current ACL grants and replacing

52
            // them with the two we just created.

53
            AccessControlList bucketAcl = s3Client.getBucketAcl(bucketName);

54
            bucketAcl.getGrantsAsList().clear();

55
            bucketAcl.getGrantsAsList().addAll(grantCollection);

56
            s3Client.setBucketAcl(bucketName, bucketAcl);

57
        }

58
        catch(AmazonServiceException e) {

59
            // The call was transmitted successfully, but Amazon S3 couldn't process 

60
            // it and returned an error response.

61
            e.printStackTrace();

62
        }

63
        catch(SdkClientException e) {

64
            // Amazon S3 couldn't be contacted for a response, or the client

65
            // couldn't parse the response from Amazon S3.

66
            e.printStackTrace();

67
        }

68
    }

69
}

70