Google Cloud Storage ACL confusion

12
votes

I'm the owner of a Google Cloud project, with a Google Cloud Storage bucket inside. All our backups are moved to this bucket. When I try to retrieve some of the backups, I get a permission denied. I'm not able to do anything but to list the bucket.

When I try to reset the bucket ACL with 

gsutil acl ch -u [email protected]:FC gs://abc/**

i get the following error.

CommandException: Failed to set acl for gs://abc/1234.sql. Please ensure you have OWNER-role access to this resource.

Which makes no sense, since I'm the project and bucket owner.

2
google-cloud-storagegoogle-cloud-platformgsutil

2 Answers

11
votes

I gave myself "Storage Admin" and "Storage Object Admin/Creator/Viewer" in IAM rights and I'm now able to access all files.

0
votes

I gave "Storage Legacy Bucket Owner" permission to the owner account at bucket level works for me. Following command will add Owners of project and Viewers of project as a "Storage Legacy Bucket Owner" to the bucket.

$gsutil acl ch -p viewers-yourprojectnumber:O gs://test_buk04