How to modify the multiple object's ACL in S3 bucket?

Question

I have successfully modified the single object of the s3 using the following command

aws s3api put-object-acl --bucket private_doc --key private_125.jpg --acl private

How can I modify all the object's ACL to private whose name starts with the word private ?

I have the bucket name as document454. It consist of the objects as private_123.pdf,private_234.pdf,member_123.doc,member_234.doc.

How can I convert the ACL of the file name starting with the word private to the private mode?

Answer 1

This command will convert all the objects ACL to private whose name starts with doc

aws s3 cp --recursive s3://bucket-name/ s3://bucket-name/ --acl private --metadata meta=nothing --exclude * --include "doc*"

Answer 2

All objects in Amazon S3 are private by default.

This can be changed through several methods:

• By directly changing the ACL on the object (as you are doing)
• By creating a Bucket Policy that can grant permissions for a whole bucket, or a path within a bucket
• By granting permissions against specific IAM Users or IAM Groups
• By generating Pre-Signed URLs that provide time-limited access to private objects

The method of assigning permissions directly against object-level ACLs can only be done against one object at a time. Bucket Policies are normally used to grant access to multiple objects.

If you do wish to update the ACL on multiple objects, you can copy the objects to themselves, with an --acl parameter:

aws s3 cp --recursive s3://my-bucket/ s3://my-bucket/ --acl private --metadata meta=nothing