Hi All,
I have a Cloud Storage bucket that contains two folders, each with its own set of files. I need to grant user access to only Folder A while restricting their access to Folder B. What is the best approach to achieving this folder-level access control in Google Cloud Storage? Please help.
Thank you.
Hi @Gargeya ,
Welcome to Google Cloud Community!
Currently, access control is available only at the bucket level or object level, but not at the folder level. But you can follow these steps as a workaround:
Go to the Google Cloud Console then navigate to the Cloud Storage section. Select the bucket containing Folder A and Folder B. Enable uniform bucket-level access for the bucket.
Create an IAM policy that grants Storage Object Viewer role IAM permission
(resource.name.startsWith('projects/_/buckets/Samplebucket/objects/def')
to the user for Folder A. Create another IAM policy that denies access to Folder B.
Apply the IAM policy for Folder A by specifying the folder path in the policy. Paste the bucket url in the browser with the user logged in. Ensure that the IAM policy for Folder B restricts access to that folder.
Was this helpful? If so, please accept this answer as “Solution”. If you need additional assistance, reply here within 2 business days and I’ll be happy to help.