google-cloud-storage google-cloud-console

How to grant multiple appengine projects access to the same Cloud Storage bucket?

Google Cloud console allows creating buckets from inside a project and edit the Access Control List. I created a bucket, bucket-foo from one of my apps app1

Now I would like to use the same bucket inside another app2. I am unable to figure out how to allow app2 access to the same bucket that I created under app1.

Solution

You can add app2's service account to the bucket's ACL list to allow the app access to the bucket.

First you need to find the app's service account name, which is listed in the Application Settings page in the Admin Console, but it's also just <app-id>@appspot.gservicaccount.com

Then add that that account to the ACL for bucket-foo using gsutil acl ch, by adding app2's service account to the ACL list.

In the end it'll probably be something like this:

gsutil acl ch -u -R [email protected]:WRITE gs://bucket-foo

How to generate a Blob signed url in Google Cloud Run?
Google Cloud: Access to image has been blocked by CORS policy: No 'Access-Control-Allow-Origin' header is present on the requested resource
Why does getMetadata().size show 20 bytes for an empty file in Google Cloud Storage?
GCP Cloud Storage - Golang aws sdk2 - Upload file with s3 INTEROPERABILITY Creds
Data loading and transformation from gcs to bigquery
Error: error:1E08010C:DECODER routines::unsupported with Google auth library
Deleting a large folder from Google Cloud Storage
Error uploading file to google cloud storage
Move files under multiple sub folders into one folder
What is the quickest way to delete many blobs from GCS?
Is it possible to wget / curl protected files from GCS?
Can appengine files in asia.artifacts.../containers/images be safely deleted?
Google Cloud Storage request blocked by CORS: not allowed by Access-Control-Allow-Origin
How to upload a file to Google Cloud Storage on Python 3?
Facing issues with the WriteObjectRequest for Google Cloud Storage using gRPC in Rust
How to get list_blobs to behave like gsutil
Firebase-Storage Access to fetch at '..' has been blocked by CORS policy: No 'Access-Control-Allow-Origin' header is present on the requested resource
Getting 403 from GCP metadata server
Permissions For Google Cloud SQL Import Using Service Accounts
GCP Cloud Run: “missing required GoogleAccessID” when generating V4 Signed URL for Cloud Storage
Read JSON file directly from google storage (using Cloud Functions)
Uploading images to Firebase storage returns "Access denied" after some time
Google Cloud Console "loading" forever
Google Cloud Storage vs Google Cloud CDN
Restrict a Load-Balanced Google backend bucket to a specific IP range
Google Cloud Storage files access policy based on IP Address
IP Restriction Google Cloud Storage
Google Storage access based on IP Address
Is there a way to set up a delete lifecycle rule of less than one day in google cloud storage?
GCSFUSE mount error of bucket as folder in a compute engine VM