In Google Cloud Platform 'IAM & Admin' => 'Roles' I have created a custom role, but I don't see a way to limit the role to a specific storage bucket.
I am selecting the Storage Object Admin permission, but it seems to be global applying to all buckets. How can I limit the custom role I am creating to a specific bucket?
How can I limit the custom role I am creating to a specific bucket?
The answer is you cannot. However, you can achieve your objective with a different method.
1) Do not give this user (IAM member) any permissions (roles) to access Cloud Storage.
2) Use the "gsutil iam" commands to add the user's identity (email address) to the bucket.
I wrote two articles which discuss this in more detail. link and link
The important item is that instead of assigning permissions to the user, you are assigning the user to the bucket. In my articles, I show how to create a service account with no permissions that can then access Cloud Storage, KMS, etc.
