0

I have a bucket with uniform permissions (no object level ACLs) and my account has the Owner role on the project which should give full access to all resources. I have even tried adding Storage Admin / Storage Object Admin / Legacy Object Owner roles and still can't access the objects in my bucket.

When I use the IAM Policy Troubleshooter it can successfully make the storage.objects.get call.

The exact error Google Cloud Console is giving me when I try to view the object

Additional permissions required to view this object's metadata: Ask an object owner to grant you 'storage.objects.get' permission (e.g., by giving your account the IAM Storage Admin role).

The objects are being created by a service account with the Storage Object Admin role and they contain custom metadata.

jtbry
  • 11
  • 1

1 Answers1

1

Apparently my billing account was delinquent but the Cloud Console was not telling me this. I wrote a script to access the objects through the service account to make sure the service account still had access and that's where I was given the appropriate error message regarding my account being disabled. After updating my payment method the objects were accessible via service account and user account.

jtbry
  • 11
  • 1
  • Your answer could be improved with additional supporting information. Please [edit] to add further details, such as citations or documentation, so that others can confirm that your answer is correct. You can find more information on how to write good answers [in the help center](/help/how-to-answer). – Community Dec 02 '21 at 12:05