Predefined permissions, also known as https://docs.aws.amazon.com/AmazonS3/latest/userguide/acl-overview.html#canned-acl[canned ACLs], are an easy way to grant large privileges to predefined groups or users. 

The following canned ACLs are security-sensitive: 

* ``++PublicRead++``, ``++PublicReadWrite++`` grant respectively "read" and "read and write" privileges to everyone in the world (``++AllUsers++`` group).
* ``++AuthenticatedRead++`` grants "read" privilege to all authenticated users (``++AuthenticatedUsers++`` group).