How can I make a Google Cloud Storage object publicly visible while uploading it?

Question

I have an application which is uploading objects to Google Cloud Storage using signed URLs and I'd like to know if it's possible to make the object public during the sign/upload step.

I know it's possible to make the object publicly visible by setting the policy on its bucket or by using the client library/making a REST request after it's been uploaded, but in order to minimize the impact on my workflow, I'd like to do it all in one go. Is this possible? If it can be done, I'm assuming it's by setting a header when signing the URL or when making the REST request using the signed URL but I haven't been able to find documentation which covers this.

UPDATE:

I've just found the Extension/Custom Headers section of the XML API docs which claims that this can be achieved using the x-goog-acl header (e.g. x-goog-acl: public-read). Unfortunately, this does not work. The object is not publicly visible after setting the header when signing the URL and when uploading the file.

Answer 1

Quoting the Cloud Storage documenation regarding Signed URLs:

When specifying the name:value pairs for headers, keep in mind the following:

• Remove any whitespace around the colon that appears after the header name.

For example, using the custom header x-goog-acl: private without removing the space after the colon returns a 403 Forbidden error, because the request signature you calculate does not match the signature Google calculates.

So the solution could be setting the header value as x-goog-acl:public-read instead of x-goog-acl: public-read.