July 2018
Intermediate to advanced
506 pages
16h 2m
English
Content preview from Google Cloud Platform for Developers
Become an O’Reilly member and get unlimited access to this title plus top books and audiobooks from O’Reilly and nearly 200 top publishers, thousands of courses curated by job role, 150+ live events each month,
Start your free trial
Cloud Storage IAM
As with every product and service in the GCP catalog, Cloud Storage has built-in support for Google Cloud IAM. Primitive roles such as Owner, Editor, and Viewer apply here and behave as expected. Owner and Editor both provide full access to all Cloud Storage resources. Additionally, Cloud Storage supports four product-specific roles:
- roles/storage.objectCreator: Create objects without the ability to view them. This is useful in cases where a user or service only needs to write data to Cloud Storage as it can protect sensitive data from being read, modified, or deleted.
- roles/storage.objectViewer: Read-only access to objects, including listing objects, viewing object data, and object metadata.
- roles/storage.objectAdmin