I would like the ability to call s3sync with more permission/access control options, in addition to the existing --public-read option.
I know that AWS supports 5 different levels, READ, WRITE, READ_ACP, WRITE_ACP and FULL_CONTROL.
Here is my situation:
I have a private bucket owned by me (aka "foo"). I have granted another user (aka "bar") read/write permission to this bucket. All this can be done by a number of tools (specifically used S3 Firefox Organizer). This setup allows either "foo" or "bar" to write files to bucket, and delete files from the bucket when using the --delete option. The problem arises when "foo" tries to read "bar"'s uploaded data, or the opposite, permission is denied.
I would like a way for every file uploaded by "foo" to grant "bar" read access, and vise versa.
I have read a bit into the developer docs and it looks like this would use a non-canned ACL and therefore would require a second separate REST API call for each object that is uploaded. This would be similar to what is shown here
http://docs.amazonwebservices.com/AmazonS3/2006-03-01/RESTAccessPolicy.html, only using the first example from here
http://docs.amazonwebservices.com/AmazonS3/2006-03-01/UsingGrantees.html to specify the email address. Maybe the information used to construct the ACL could be contained in the YAML config file?