Reputation: 33991
Is it possible set only the storage.buckets.get permission on a account within the Google Cloud Console?
How can I set this permission for a user? I only see a relevant Storage > Storage admin which provides storage.buckets.*, however I don't want this user account to have such broad permissions.
I have determined the above information from this page: https://cloud.google.com/storage/docs/access-control/iam-roles
I would like a user to have read only permissions to a bucket.
Upvotes: 4
Views: 8126
Answers (2)
Reputation: 9721
Google has IAM Custom Roles in beta. You can use this to create a new role with the exact permission set you want.
Upvotes: 1
Reputation: 752
You can use ACLs over objects and buckets. You can give ”READER” permission for a particular user on bucket level. By giving this, the user can only read and download the object’s data.
A second approach is to give the user a Legacy Bucket IAM roles. You can give “Storage Legacy Bucket Reader ” role, which also gives the user ‘read only’ option. More details regarding this role can be found in this help center article.
Upvotes: 4
Related Questions
- How to set access permissions of google cloud storage bucket folder
- Authorize Google Cloud Platform Service Account to Access Only One Google Cloud Storage Bucket
- How to give service account only access to one bucket (Google Cloud)?
- GCS limit bucket access to an existing service account
- GCloud Storage: How to grant permission to see buckets in console but only see files in single bucket?
- Google Cloud Bucket with permission for just my user
- How do I limit access to a bucket in GCS?
- Making a Cloud Storage bucket accessible only by a certain service account
- Google Cloud Storage - How to limit access to specific bucket
- Is it possible to give a server read/write, but not delete permission to a Google Cloud Storage bucket?