Installation guide

ManualsBrandsAmazon ManualsComputer equipmentAWS SDK

111

112

113

114

115

116

117

118

119

120

->setKey('my-object-key')

->setConcurrency(3)

->build();

You can use the Aws\S3\S3Client::upload() method if you just want to upload files and not worry if they are

too large to send in a single PutObject operation or require a multipart upload.

$client->upload('bucket', 'key', 'object body', 'public-read');

Setting ACLs and Access Control Policies

You can specify a canned ACL on an object when uploading:

$client->putObject(array(

'Bucket' => 'mybucket',

'Key' => 'data.txt',

'SourceFile' => '/path/to/data.txt',

'ACL' => 'public-read'

));

You can use the Aws\S3\Enum\CannedAcl object to provide canned ACL constants:

use Aws\S3\Enum\CannedAcl;

$client->putObject(array(

'Bucket' => 'mybucket',

'Key' => 'data.txt',

'SourceFile' => '/path/to/data.txt',

'ACL' => CannedAcl::PUBLIC_READ

));

You can specify more complex ACLs using the ACP parameter when sending PutObject, CopyObject,

CreateBucket, CreateMultipartUpload, PutBucketAcl, PutObjectAcl, and other operations that accept a canned ACL.

Using the ACP parameter allows you specify more granular access control policies using a Aws\S3\Model\Acp

object. The easiest way to create an Acp object is through the Aws\S3\Model\AcpBuilder.

use Aws\S3\Enum\Permission;

use Aws\S3\Enum\Group;

use Aws\S3\Model\AcpBuilder;

$acp = AcpBuilder::newInstance()

->setOwner($myOwnerId)

->addGrantForEmail(Permission::READ, 'test@example.com')

->addGrantForUser(Permission::FULL_CONTROL, 'user-id')

->addGrantForGroup(Permission::READ, Group::AUTHENTICATED_USERS)

->build();

$client->putObject(array(

'Bucket' => 'mybucket',

'Key' => 'data.txt',

'SourceFile' => '/path/to/data.txt',

'ACP' => $acp

));

Creating a pre-signed URL

You can authenticate certain types of requests by passing the required information as query-string parameters

instead of using the Authorization HTTP header. This is useful for enabling direct third-party browser access to your

private Amazon S3 data, without proxying the request. The idea is to construct a "pre-signed" request and encode it

as a URL that an end-user's browser can retrieve. Additionally, you can limit a pre-signed request by specifying an

expiration time.

Amazon Simple Storage Service

107