I have been trying to implement Google Cloud Storage (media file uploads) for my Django app on Google App Engine using the django-storages package. I have followed all the specification given by the package. I also set the relevant policies and roles for the service account to access the storage bucket but I keep getting the error "anonymous caller does not have storage.objects.get access to the google cloud storage object." when trying to view the images in my html template.
I can only view the images in the template when I include the permission for allUsers in storage bucket settings. Does anybody know how to fix this issue without making your bucket publicly accessible.
I rechecked my settings and bucket policy configs and they are all correct.I realized that by setting the bucket policy to not public accessible and to be accessed via the custom service account, I was not able to display the file on to the html (via iframe tags) using the source url "https://storage.cloud.google.com/{}/'.format(GS_BUCKET_NAME)". However, I was getting the file object in return. I read the contents of the file and base64 encoded it then rendered the files/images onto the html page and this works.Perhaps if the bucket policy is not set to public, the source url is not meant to be accessed directly or in this case only through the authorized service account.