99

I have 1000 files in Google Cloud Storage to make public, or in general a directory hierarchy.

In the Web UI, I can only seem to make one at a time public.

Is there some way to do this.

Super Kai - Kazuya Ito
  • 22,221
  • 10
  • 124
  • 129
engineerchuan
  • 2,580
  • 3
  • 23
  • 22
  • 1
    I found it. You can run: gsutil ls to get a listing of files. Then you can pipe the listing into xargs with gsutil setacl public-read *. You can also do gsutil setdefacl public-read so that future uploaded files will be public – engineerchuan Jan 17 '13 at 19:24

8 Answers8

129

Run gsutil -m acl set -R -a public-read gs://bucket

  • The -m issues multiple requests at the same time.
  • The -R issues requests for every object in your bucket.
  • The -a issues requests for every version of every object.

See gsutil help acl for more info.

At the API layer gsutil issues the following HTTP request:

PUT /bucket/obj?acl HTTP/1.1
Host: storage.googleapis.com
x-goog-acl: public-read

You can see this by using the -D flag with gsutil:

gsutil -D setacl public-read gs://bucket/obj
Misha Brukman
  • 12,938
  • 4
  • 61
  • 78
fejta
  • 3,061
  • 2
  • 17
  • 22
  • Thanks for this ! Currently doc display 'gsutil acl set public-read gs://bucket/object'. This is update syntax from 'setacl' to 'acl set' ? (https://developers.google.com/storage/docs/gsutil/commands/acl#set) – Pierre Broucz Nov 02 '13 at 14:09
  • List of predefined ACLs (private, public-read etc.): https://cloud.google.com/storage/docs/access-control – ruhong Feb 29 '16 at 03:01
  • I tried the acl tactic and updated files just reverted to not shared :( – Darian Hickman Aug 27 '17 at 04:28
75

You can make all objects in a bucket public. Here's the link.

  1. Open the Cloud Storage browser in the Google Cloud Platform Console.
  2. In the list of buckets, click on the name of the bucket that you want to make public.
  3. Select the Permissions tab near the top of the page.
  4. Click the Add members button.
    The Add members dialog box appears.
  5. In the Members field, enter allUsers.
  6. In the Roles drop down, select the Storage sub-menu, and click the Storage Object Viewer option.
  7. Click Add.

Once shared publicly, a link icon appears for each object in the public access >column. You can click on this icon to get the URL for the object.

mkey
  • 535
  • 2
  • 12
Erik
  • 761
  • 5
  • 4
  • 1
    Guys this looks like the answer. I just tested my bucket permissions. I changed my image and reuploaded and Google Storage didn't screw up the permissions like it had before I ran this command: gsutil iam ch allUsers:objectViewer gs://[BUCKET_NAME]. Just in case you're wondering Amazon is still in lead on making things like this easy. Wow way too much learning curve to do the same on GS. – Darian Hickman Aug 27 '17 at 04:26
  • 2
    This should be the correct answers cause there can be unintended effects using gsutil if you don't know what you're doing. – Perniferous Oct 05 '18 at 19:30
62

When you run: gsutil -m acl set -R -a public-read gs://bucket you define public read for all the objects currently in your bucket, but when you upload new files they wont be public by default.

What I found is that is worth to define a bucket default acl as public-read gsutil defacl set public-read gs://bucket

unaiherran
  • 1,014
  • 9
  • 21
  • 3
    Good idea. Unfortunately this works only on a top level bucket and can't be used on a folder within a bucket. The other answer works even on a folder. – Plasty Grove Apr 21 '16 at 09:27
  • 8
    `gsutil defacl set public-read gs://bucket` works with all future files including those within subdirectories. Ignore Plastly Grove's comment. – Albin Nov 22 '16 at 12:07
21

The easiest way to accomplish this would be by using a console.

Click on "Edit bucket permissions"

enter image description here

Enter allUsers in Add Members. Then Select Role > Storage > Storage Object Viewer

Attention! This will give read permission to all the people on the internet to all the objects in that selected bucket.

enter image description here

Anand Kapdi
  • 491
  • 5
  • 4
15

Current (Oct/2017) documentation about Hosting a Static Website found here points to:

gsutil acl ch -r -u AllUsers:R gs://bucket-name

Where the -r does the recursive trick and -u AllUsers:R gives the public read access.

MarcoSantana
  • 739
  • 10
  • 10
  • 5
    This also works for sub directories, e.g. `gsutil acl ch -r -u AllUsers:R gs://bucket-name/dir-name` – Ville Jan 12 '19 at 10:33
  • 2
    If that directory has a lot of files, then adding a `-m` will make it after -- `gsutil -m acl ch -r -u AllUsers:R gs://bucket-name/dir-name` – MikeHoss Oct 14 '20 at 14:50
7

Apr, 2022 Update:

You can allow all users to read files in your bucket.

For example, in Bucket details, click "PERMISSIONS" then "ADD":

enter image description here

Then, type "allUsers":

enter image description here

Then, choose the role "Storage Legacy Object Reader" so that all users can read files:

enter image description here

Then, click "SAVE":

enter image description here

Then, you will be asked as shown below so click "ALLOW PUBLIC ACCESS":

enter image description here

Finally, you can allow all users to read files in your bucket:

enter image description here

Henry Ecker
  • 34,399
  • 18
  • 41
  • 57
Super Kai - Kazuya Ito
  • 22,221
  • 10
  • 124
  • 129
1

To copy and paste on Erik's behalf, this worked consistently for me:

Making groups of objects publicly readable

To make all objects in a bucket publicly readable:

CONSOLEGSUTILREST APIS Use the gsutil iam ch command, replacing [VALUES_IN_BRACKETS] with the appropriate values:

 gsutil iam ch allUsers:objectViewer gs://[BUCKET_NAME]
Darian Hickman
  • 853
  • 10
  • 26
1

You can make all objects in a public range, this link has more information: https://cloud.google.com/storage/docs/access-control/making-data-public

If you can't, in your console, log into your bucket and click "Edit bucket permissions" - Enter allUsers in Add Members. Then Select Role > Storage > Storage Object Viewer

Aline Menezes
  • 11
  • 1