How can I access files from a Google Cloud Storage bucket from a browser?

12
votes

I am using Google Cloud Storage to store images for my Google App Engine application and I'm trying to access the images like so:

<img src="https://storage.googleapis.com/BUCKET_NAME/IMAGE_NAME">

However, this displays "Access Denied" or presents me with a Google login prompt. Then I tried using Signed URLs to grant the client access.

I generated the URL to be signed like so:

String HTTP_Verb = "GET";
String Expiration = "1361993085";
String Canonicalized_Resource = "/bucket_name/sub_directory";
String stringToSign = HTTP_Verb + "\n" + Expiration + "\n" + Canonicalized_Resource;

And then generated Base64 with the p12 file and compiled using Java, but I got this error:

The request signature we calculated does not match the signature you provided. Check your Google secret key and signing method.

What am I doing wrong here? Is there way I can access images from GCS without authentication?

4
google-cloud-storage

4 Answers

20
votes

And finally after 2 days, got it working.here is the answer: My approach for this is wrong, no need for signed URL. i need to just add my bucket as public-read so that i can read it from browser request. thats all. open gsutil, type this:

gsutil -m acl -r set public-read gs://BUCKET_NAME

and set this as default for all future uploads

gsutil -m defacl set public-read gs://BUCKET_NAME

hope it helps someone !

Thanks to @kctang !

8
votes

gsutil has been updated and you now need to do:

gsutil -m acl -r set public-read gs://bucket-name
gsutil -m defacl set public-read gs://bucket-name

P.S. For people unfamiliar with gsutil, here is how to install it.

6
votes

For a more general answer, the way to access an gs:// url is to use this format:

https://console.cloud.google.com/storage/browser/[BUCKET_NAME]/

For example, if the bucket you're trying to access is the Landsat public dataset,gs://gcp-public-data-landsat/ then you'd access the bucket with this url: https://console.cloud.google.com/storage/gcp-public-data-landsat/

Here's the documentation related to accessing a bucket:

  1. https://cloud.google.com/storage/docs/access-public-data
  2. https://cloud.google.com/storage/docs/cloud-console

Hope this helps!

1
votes

You're missing the content-md5 and content-type fields in the string to be signed. They can be blank, but you still need \n separators. See this question for a working example of constructing the string to sign.