Making Data Public

This page shows you how to make objects you own publicly readable. To learn how to access data that has been made public, see Accessing Public Data.

Making individual objects publicly readable

To make individual objects publicly readable:

Console

  1. Open the Cloud Storage browser in the Google Cloud Platform Console.
    Open the Cloud Storage browser

  2. In the list of buckets, click on the name of the bucket that contains the object you want to make public, and navigate to the object if it's in a subdirectory.

  3. Click the drop-down menu associated with the object that you want to make public.

    The drop-down menu appears as three vertical dots to the far right of the object's row.

  4. Select Edit permissions from the drop-down menu.

  5. In the overlay that appears, click the + Add item button.

  6. Add a permission for allUsers.

    • Select User for the Entity.
    • Enter allUsers for the Name.
    • Select Reader for the Access.

  7. Click Save.

Once shared publicly, a link icon appears in the public access column. You can click on this icon to get the URL for the object.

gsutil

Use the gsutil acl ch command, replacing [VALUES_IN_BRACKETS] with the appropriate values:

gsutil acl ch -u AllUsers:R gs://[BUCKET_NAME]/[OBJECT_NAME]

If successful, the response looks like the following example:

Updated ACL on gs://[BUCKET_NAME]/[OBJECT_NAME]

Code samples

C#

For more on installing and creating a Cloud Storage client, refer to Cloud Storage Client Libraries. 

private void MakePublic(string bucketName, string objectName)
{
    var storage = StorageClient.Create();
    var storageObject = storage.GetObject(bucketName, objectName);
    storageObject.Acl = storageObject.Acl ?? new List<ObjectAccessControl>();
    storage.UpdateObject(storageObject, new UpdateObjectOptions
    {
        PredefinedAcl = PredefinedObjectAcl.PublicRead
    });
    Console.WriteLine(objectName + " is now public and can be fetched from " +
        storageObject.MediaLink);
}

Go

For more on installing and creating a Cloud Storage client, refer to Cloud Storage Client Libraries. 

acl := client.Bucket(bucket).Object(object).ACL()
if err := acl.Set(ctx, storage.AllUsers, storage.RoleReader); err != nil {
	return err
}

Java

For more on installing and creating a Cloud Storage client, refer to Cloud Storage Client Libraries. 

BlobId blobId = BlobId.of(bucketName, blobName, blobGeneration);
Acl acl = storage.createAcl(blobId, Acl.of(User.ofAllUsers(), Role.READER));

Node.js

For more on installing and creating a Cloud Storage client, refer to Cloud Storage Client Libraries. 

// Imports the Google Cloud client library
const Storage = require('@google-cloud/storage');

// Creates a client
const storage = new Storage();

/**
 * TODO(developer): Uncomment the following lines before running the sample.
 */
// const bucketName = 'Name of a bucket, e.g. my-bucket';
// const filename = 'File to make public, e.g. file.txt';

// Makes the file public
storage
  .bucket(bucketName)
  .file(filename)
  .makePublic()
  .then(() => {
    console.log(`gs://${bucketName}/${filename} is now public.`);
  })
  .catch(err => {
    console.error('ERROR:', err);
  });

PHP

For more on installing and creating a Cloud Storage client, refer to Cloud Storage Client Libraries. 

use Google\Cloud\Storage\StorageClient;

/**
 * Make an object publically accessible.
 *
 * @param string $bucketName the name of your Cloud Storage bucket.
 * @param string $objectName the name of your Cloud Storage object.
 *
 * @return void
 */
function make_public($bucketName, $objectName)
{
    $storage = new StorageClient();
    $bucket = $storage->bucket($bucketName);
    $object = $bucket->object($objectName);
    $object->update(['acl' => []], ['predefinedAcl' => 'PUBLICREAD']);
    printf('gs://%s/%s is now public' . PHP_EOL, $bucketName, $objectName);
}

Python

For more on installing and creating a Cloud Storage client, refer to Cloud Storage Client Libraries. 

def make_blob_public(bucket_name, blob_name):
    """Makes a blob publicly accessible."""
    storage_client = storage.Client()
    bucket = storage_client.get_bucket(bucket_name)
    blob = bucket.blob(blob_name)

    blob.make_public()

    print('Blob {} is publicly accessible at {}'.format(
        blob.name, blob.public_url))

Ruby

For more on installing and creating a Cloud Storage client, refer to Cloud Storage Client Libraries. 

# project_id  = "Your Google Cloud project ID"
# bucket_name = "Your Google Cloud Storage bucket name"
# file_name   = "Name of file in Google Cloud Storage to make public"

require "google/cloud/storage"

storage = Google::Cloud::Storage.new project: project_id
bucket  = storage.bucket bucket_name
file    = bucket.file file_name

file.acl.public!

puts "#{file.name} is publicly accessible at #{file.public_url}"

REST APIs

JSON API

  1. Get an authorization access token from the OAuth 2.0 Playground. Configure the playground to use your own OAuth credentials.
  2. Create a .json file that contains the following information:
    3. {
"entity": "allUsers",
"role": "READER"
}
  3. Use cURL to call the JSON API with an Insert ACL request, replacing [VALUES_IN_BRACKETS] with the appropriate values: 
    curl -X POST --data-binary @[JSON_FILE_NAME].json \
    -H "Authorization: Bearer [OAUTH2_TOKEN]" \
    -H "Content-Type: application/json" \
    "https://www.googleapis.com/storage/v1/b/[BUCKET_NAME]/o/[OBJECT_NAME]/acl"

XML API

  1. Get an authorization access token from the OAuth 2.0 Playground. Configure the playground to use your own OAuth credentials.
  2. Create a .xml file that contains the following information:
    3. <AccessControlList>
<Entries>
    <Entry>
      <Scope type="AllUsers"/>
      <Permission>READ</Permission>
    </Entry>
</Entries>
</AccessControlList>
  3. Use cURL to call the XML API with an Set Object ACL request, replacing [VALUES_IN_BRACKETS] with the appropriate values: 
    curl -X PUT --data-binary @[XML_FILE_NAME].xml \
    -H "Authorization: Bearer [OAUTH2_TOKEN]" \
    "https://storage.googleapis.com/[BUCKET_NAME]/[OBJECT_NAME]?acl"

Making groups of objects publicly readable

To make all objects in a bucket publicly readable:

Console

  1. Open the Cloud Storage browser in the Google Cloud Platform Console.
    Open the Cloud Storage browser

  2. In the list of buckets, click on the name of the bucket that you want to make public.

  3. Select the Permissions tab near the top of the page.

  4. Click the Add members button.

    The Add members dialog box appears.

  5. In the Members field, enter allUsers.

  6. In the Roles drop down, select the Storage sub-menu, and click the Storage Object Viewer option.

  7. Click Add.

Once shared publicly, a link icon appears for each object in the public access column. You can click on this icon to get the URL for the object.

gsutil

Use the gsutil iam ch command, replacing [VALUES_IN_BRACKETS] with the appropriate values:

gsutil iam ch allUsers:objectViewer gs://[BUCKET_NAME]

REST APIs

JSON API

  1. Get an authorization access token from the OAuth 2.0 Playground. Configure the playground to use your own OAuth credentials.
  2. Create a .json file that contains the following information:
    3. {
  "bindings":[
    {
      "role": "roles/storage.objectViewer",
      "members":["allUsers"]
    }
  ]
}
  3. Use cURL to call the JSON API with a PUT setIamPolicy request, replacing [VALUES_IN_BRACKETS] with the appropriate values: 
    curl -X PUT --data-binary @[JSON_FILE_NAME].json \
    -H "Authorization: Bearer [OAUTH2_TOKEN]" \
    -H "Content-Type: application/json" \
    "https://www.googleapis.com/storage/v1/b/[BUCKET_NAME]/iam"

XML API

Making all objects in a bucket publicly readable is not supported by the XML API. Use gsutil or the JSON API instead.

What's next

Was this page helpful? Let us know how we did:

Send feedback about...

This page
Documentation feedback
Cloud Storage Documentation
Product feedback