I have a quite specific question/issue regarding GCS interoperability "S3" access, and cannot find any detailed information on it unfortunately. Maybe somebody of you knows more and is willing to shed some light on this:
I need GCS interoperable ("S3") access for a particular tool (example: duplicity), and I know how to enable it to get 1) an access key and 2) a secret. And access using these credentials works fine.
However: the interoperable access key seems to be not only for a particular project on Google cloud platform, but for all projects, and therefore also all buckets in all projects (i.e. it seems like an access key for me as a cloud platform user, not a per project or per bucket access key). How do I restrict "S3" type interoperable access keys? How do I define fine-grained access in "S3" interoperable mode?
