To provide users with read-only access to a GCS bucket folder using Deployment Manager, you can follow these steps:
a. Log in to the Google Cloud Console b. Go to the IAM & Admin page c. Click on the Roles tab d. Click on Create Role e. Enter a name for the role, such as "GCS Bucket Read-Only Access" f. Click on the Add Permissions field and search for the GCS permission Storage Object Viewer g. Select the permission and click Add h. Click Create
a. Go to the IAM & Admin page b. Click on the IAM tab c. Click on the Edit button next to the name of the GCS bucket d. Click on the Add button under the Members field e. Enter the email addresses of the users you want to grant read-only access to f. Select the role you created in step 1 from the dropdown menu g. Click Add
a. Create a new deployment configuration file in YAML format b. Add the following code:
imports:
- path: iam-policy.jinja
resources:
- name: gcs-bucket-policy
type: iam.v1.policy
properties:
resource: "projects/<project-id>/buckets/<bucket-name>"
bindings:
- role: "roles/gcsViewer"
members:
- "user:<user-email>"
- "serviceAccount:<service-account-email>"
c. Replace <project-id>, <bucket-name>, <user-email>, and <service-account-email> with the appropriate values for your project and users.
d. Deploy the configuration file using Deployment Manager:
gcloud deployment-manager deployments create iam-policy --config config.yaml
This will create an IAM policy binding that grants read-only access to the specified users for the specified GCS bucket folder.
Please start posting anonymously - your entry will be published after you log in or create a new account. This space is reserved only for answers. If you would like to engage in a discussion, please instead post a comment under the question or an answer that you would like to discuss
Asked: 2023-05-19 19:30:20 +0000
Seen: 9 times
Last updated: May 19 '23
What is the method to locally access Files with JCIFS?
How to access HTML files stored on Google Drive?
How can several goroutines access a shared channel for reading data?
What is the appropriate response from the backend when a JWT token has expired?
What is the issue when navigating from a child fragment to a bottom navigation fragment?