1

When I do gsutil ls -p myproject-id I get a list of buckets (in my case 2 buckets), which I expect to be the list of all my buckets in the project:

gs://bucket-one/

gs://bucket-two/

But, if I do gsutil ls -p myproject-id gs://asixtythreecharacterlongnamebucket I actually get the elements of that long-named bucket:

gs://asixtythreecharacterlongnamebucket/somefolder/

So my question is: why when I do a ls to the project I don't get in the results the long-named bucket?

The only explanation it made sense to me was this: https://stackoverflow.com/a/34738829/3457432 But I'm not sure. Is this the reason? Or could it be other ones?

Sebastián Vásquez
  • 125
  • 8

2 Answers2

1

Are you sure that asixtythreecharacterlongnamebucket belongs to myproject-id? It really sounds like asixtythreecharacterlongnamebucket was created in a different project.

You can verify this by checking the bucket ACLs for asixtythreecharacterlongnamebucket and bucket-one and seeing if the project numbers in the listed entities match:

$ gsutil ls -Lb gs://asixtythreecharacterlongnamebucket | grep projectNumber
$ gsutil ls -Lb gs://bucket-one | grep projectNumber

Also note that the -p argument to ls has no effect in your second command when you're listing objects in some bucket. The -p argument only affects which project should be used when you're listing buckets in some project, as in your first command. Think of ls as listing the children resources belonging to some parent -- the parent of a bucket is a project, while the parent of an object is a bucket.

mhouglum
  • 2,468
  • 13
  • 21
  • For the `gsutil ls -Lb gs://asixtythreecharacterlongnamebucket | grep projectNumber ` I wasn't able to do it because of `AccessDeniedException: 403`. For `gsutil ls -Lb gs://bucket-one | grep projectNumber`, I was able to get a number. So can I conclude that they belongs to different projects? – Sebastián Vásquez Feb 24 '21 at 20:48
  • 2
    Yes - that pretty much confirms it. If you don't have an adequate role (e.g. project owner, storage admin, etc.) on the project that owns that bucket, you'd get an AccessDenied error when trying to retrieve the bucket's metadata. – mhouglum Feb 24 '21 at 23:55
0

You don't perform the same request!

gsutil ls -p myproject-id

Here you ask all the bucket resources that belong to a project

gsutil ls -p myproject-id gs://asixtythreecharacterlongnamebucket

Here you ask all the objects that belong to the bucket asixtythreecharacterlongnamebucket and you use the quota project myproject-id

In both case, you need to have permissions to access the resources

guillaume blaquiere
  • 66,369
  • 2
  • 47
  • 76
  • I'm aware that they are different requests. My doubt is why the bucket ```asixtythreecharacterlongnamebucket``` doesn't appear in the list when I do ```gsutil ls -p myproject-id```, even when I know that it belongs to that project. – Sebastián Vásquez Feb 24 '21 at 19:39
  • 1
    Ah.. Do you have uniform and fine-grained permission defined on these bucket? – guillaume blaquiere Feb 24 '21 at 22:18
  • To be honest, I don't know. I'm using an inherit account and this is my first time on Google Cloud. But for what you say and I've been reading, it's a fine-grained permission issue. Thanks a lot! – Sebastián Vásquez Feb 25 '21 at 14:13