DreamObjects CDN Permissions

I am confused about permissions of buckets and objects on DreamObjects.

When I read this:

it tells me that I can change the permissions on a bucket from private to public, which I have done. Yet whenever I upload an object to that bucket, the object still has private permissions, which I have to reset to public before anyone can access it or I can use it via CDN.

  1. Is this correct behavior, or do I have an issue?

  2. If this is the correct behavior for objects, what effect does changing the permissions on a bucket have?

Also, when I read this:


it seems that bucket permissions are still set to private when using the bucket as a CDN. I can access the object as long as the object permissions are set to public; it does not seem to matter what the bucket permissions are.

  1. If I am using this bucket as a CDN, do bucket permissions matter?

My end goal is to upload a lot of image files to use in Moodle language courses.

The permissions of the individual files are independent from the setting of the bucket. Setting the bucket permissions to one or the other doesn’t do a whole lot. The client you use to upload your files will have a default ACL for what permissions the files should be.

For example if you are using cyberduck, if you go into the preferences, then “Transfers” tab, then the “Permissions” sub-tab, you can change the permissions to:

Owner: Read / Write
Group: Nothing
Others: Read

and it will be public. If you change it to:

Owner: Read / Write
Group: Nothing
Others: Nothing

It will be private. Other clients have other ways to configure it.

It is working as intended. The bucket can be private, and a file in it public, and it will load fine. For a CDN you generally just want everything public for visitors to your site to be able to load the images.

If you need to bulk changes the files in a bucket from private to public, there is a script for that:

Or it can be done in clients like cyberduck, but if there are a lot of files it can take a while.

Thank you, Justin. That clears things up perfectly.

Cool! Life has just gotten a lot easier.

Based on this:


I am keeping buckets used for CDN as private to prevent listing of XML files.

Also, I upgraded to the pro version of CrossFTP, which makes bulk upload and bulk permission setting of objects a piece of cake. At only $25, it’s a bargain.

I’ve just read through this for the fourth time or so. I use Transmit (Mac) and finally dug around a bit more and found the Permissions for S3: Preferences -> Rules: Permissions:S3 (Read: World).