Site hosted on App Engine, how to access images in cloud storage?

0
votes

I have a web application on App engine, data in Firestore and some images in cloud storage. I can communicate with Firestore fine to get data such as a filename with a file path:

Collection name 'Cats'

'name': 'Black Cat'
'filename': 'cat_black.jpg'

In cloud storage I have a bucket named after the collection in firestore where my cat document is stored. In the bucket there is a jpg file called 'cat_black.jpg'. How do I link to this file in a secure way that only my app engine can fetch and display the photo?

# App Engine Web UI

<img src="https://storage.cloud.google.com/Cats/cat_black.jpg">

Do I need to edit the permissions on the bucket?

edit: I understand my App Engine creates its own bucket so it should by default have access to the bucket, will I need to retrieve the image in Python first? I'm thinking a jinja2 template function for each img src to run an API request and fetch its respective image.

1
google-app-enginegoogle-cloud-storage

1 Answers

1
votes

By default, when you create a bucket for your project, your app has all the permissions required to read and write to it

  1. If you want to set permissions to allow other users to access the bucket and its contents, see Setting bucket permissions.

  2. If you want to make it public with no authentication, you need (permissions allUsers to Reader)[https://cloud.google.com/storage/docs/access-control/making-data-public]

You can also check this instruction for Setting Up Google Cloud Storage for some more details.

There are to ways to reference to the objects in the buckets: http://BUCKET_NAME.storage.googleapis.com/OBJECT_NAME or http://storage.googleapis.com/BUCKET_NAME/OBJECT_NAME

Do not forget use to BUCKET_NAME.

Defaul AppEngine bucket has the name: <project-id>.appspot.com. Please be aware that it uses projec-id NOT project name. So to reference Default Storage Bucket you need to use following naming convention:

http://<project-id>.appspot.com.storage.googleapis.com/OBJECT_NAME or http://storage.googleapis.com/<project-id>.appspot.com/OBJECT_NAME

You do not need to retrieve image first in Python.