Cross-Project file access setup

When you set up your Document AI processor in one project, you might want this project to access input files stored in a different project in the same org that hosts Document AI processors.

To allow cross-project access, you must grant the Storage Object Viewer role to the default Document AI service account, as shown in the following figure.

Cross-project file access


  • Suppose Project A hosts Document AI processors, and optionally hosts a bucket to which processor output is written.
  • Project B owns the bucket that contains input files for Document AI processors.
  • To make files in Project B accessible to Project A, you must grant Storage Object Viewer permissions for the input bucket in Project B to the Document AI service account of Project A.

A Document AI Service account follows this naming convention:

service-{project number}


Bucket access

For more information about IAM and Storage Object Viewer, see IAM roles for Cloud Storage.