stickfigure
Reputation: 13556
Google Cloud Storage: With "Bucket Policy Only", how do I make objects public but prevent listing?
I just tried the new "Bucket Policy Only" setting in a preexisting test bucket. I want to be able to anonymously download objects by URL, but prevent the public from listing objects in the bucket.
If I add the Storage Object Viewer role to allUsers, then the public can both list the bucket and download objects. If I don't add that role, the public can't download files.
What's the trick? I have this working fine with the old ACL system.
Upvotes: 1
Views: 304
Answers (1)
stickfigure
Reputation: 13556
It seems to work the way I want if I use the role Storage Legacy Object Reader.
It does seem odd to use something called "Legacy" for such a basic use case.
Upvotes: 2
Related Questions
- How to disable google cloud storage bucket list from acl control?
- Prevent gcloud public bucket from listing all objects
- Google Storage Bucket Permission to view object but not to list
- GCS Private Bucket but objects or folder private
- How to make a google storage bucket a public website or a load balancer back end when there is an org policy of "public access prevention"
- Prevent Storage Buckets from going public
- How do I limit access to a bucket in GCS?
- Accessing Cloud Storage Objects via App Engine without making bucket publicly readable
- Make files publicly readable, but not whole bucket
- Google Cloud Storage - make objects in a bucket publicly viewable