Making Data Public

This page shows you how to make objects you own publicly readable. To learn how to access data that has been made public, see Accessing Public Data.

Making individual objects publicly readable

To make individual objects publicly readable:

Console

  1. Open the Cloud Storage browser in the Google Cloud Platform Console.
    Open the Cloud Storage browser

  2. In the list of buckets, click on the bucket that contains the object you want to make public, and navigate to the object if it's in a subdirectory.

  3. Check the checkbox in the Shared Publicly column of the object.

Once shared publicly, Public link appears next to the Shared Publicly checkbox. You can click on Public link to load the object in a new browser window and get the URI for the object.

gsutil

Use the gsutil acl ch command, replacing [VALUES_IN_BRACKETS] with the appropriate values:

gsutil acl ch -u AllUsers:R gs://[BUCKET_NAME]/[OBJECT_NAME]

If successful, the response looks like the following example:

Updated ACL on gs://[BUCKET_NAME]/[OBJECT_NAME]

Code samples

C#

For more on installing and creating a Cloud Storage client, refer to Cloud Storage Client Libraries. 

private void MakePublic(string bucketName, string objectName)
{
    var storage = StorageClient.Create();
    var storageObject = storage.GetObject(bucketName, objectName);
    storageObject.Acl = storageObject.Acl ?? new List<ObjectAccessControl>();
    storage.UpdateObject(storageObject, new UpdateObjectOptions
    {
        PredefinedAcl = PredefinedObjectAcl.PublicRead
    });
    Console.WriteLine(objectName + " is now public and can be fetched from " +
        storageObject.MediaLink);
}

Go

For more on installing and creating a Cloud Storage client, refer to Cloud Storage Client Libraries. 

acl := client.Bucket(bucket).Object(object).ACL()
if err := acl.Set(ctx, storage.AllUsers, storage.RoleReader); err != nil {
	return err
}

Java

For more on installing and creating a Cloud Storage client, refer to Cloud Storage Client Libraries. 

BlobId blobId = BlobId.of(bucketName, blobName, blobGeneration);
Acl acl = storage.createAcl(blobId, Acl.of(User.ofAllUsers(), Role.READER));

Node.js

For more on installing and creating a Cloud Storage client, refer to Cloud Storage Client Libraries. 

// Imports the Google Cloud client library
const Storage = require('@google-cloud/storage');

// Creates a client
const storage = new Storage();

/**
 * TODO(developer): Uncomment the following lines before running the sample.
 */
// const bucketName = 'Name of a bucket, e.g. my-bucket';
// const filename = 'File to make public, e.g. file.txt';

// Makes the file public
storage
  .bucket(bucketName)
  .file(filename)
  .makePublic()
  .then(() => {
    console.log(`gs://${bucketName}/${filename} is now public.`);
  })
  .catch(err => {
    console.error('ERROR:', err);
  });

PHP

For more on installing and creating a Cloud Storage client, refer to Cloud Storage Client Libraries. 

use Google\Cloud\Storage\StorageClient;

/**
 * Make an object publically accessible.
 *
 * @param string $bucketName the name of your Cloud Storage bucket.
 * @param string $objectName the name of your Cloud Storage object.
 *
 * @return void
 */
function make_public($bucketName, $objectName)
{
    $storage = new StorageClient();
    $bucket = $storage->bucket($bucketName);
    $object = $bucket->object($objectName);
    $object->update(['acl' => []], ['predefinedAcl' => 'PUBLICREAD']);
    printf('gs://%s/%s is now public' . PHP_EOL, $bucketName, $objectName);
}

Python

For more on installing and creating a Cloud Storage client, refer to Cloud Storage Client Libraries. 

def make_blob_public(bucket_name, blob_name):
    """Makes a blob publicly accessible."""
    storage_client = storage.Client()
    bucket = storage_client.get_bucket(bucket_name)
    blob = bucket.blob(blob_name)

    blob.make_public()

    print('Blob {} is publicly accessible at {}'.format(
        blob.name, blob.public_url))

Ruby

For more on installing and creating a Cloud Storage client, refer to Cloud Storage Client Libraries. 

# project_id  = "Your Google Cloud project ID"
# bucket_name = "Your Google Cloud Storage bucket name"
# file_name   = "Name of file in Google Cloud Storage to make public"

require "google/cloud/storage"

storage = Google::Cloud::Storage.new project: project_id
bucket  = storage.bucket bucket_name
file    = bucket.file file_name

file.acl.public!

puts "#{file.name} is publicly accessible at #{file.public_url}"

REST APIs

JSON API

  1. Get an authorization access token from the OAuth 2.0 Playground. Configure the playground to use your own OAuth credentials.
  2. Create a .json file that contains the following information:
    3. {
"entity": "allUsers",
"role": "READER"
}
  3. Use cURL to call the JSON API with an Insert ACL request, replacing [VALUES_IN_BRACKETS] with the appropriate values: 
    curl -X POST --data-binary @[JSON_FILE_NAME].json \
    -H "Authorization: Bearer [OAUTH2_TOKEN]" \
    -H "Content-Type: application/json" \
    "https://www.googleapis.com/storage/v1/b/[BUCKET_NAME]/o/[OBJECT_NAME]/acl"

XML API

  1. Get an authorization access token from the OAuth 2.0 Playground. Configure the playground to use your own OAuth credentials.
  2. Create a .xml file that contains the following information:
    3. <AccessControlList>
<Entries>
    <Entry>
      <Scope type="AllUsers"/>
      <Permission>READ</Permission>
    </Entry>
</Entries>
</AccessControlList>
  3. Use cURL to call the XML API with an Set Object ACL request, replacing [VALUES_IN_BRACKETS] with the appropriate values: 
    curl -X PUT --data-binary @[XML_FILE_NAME].xml \
    -H "Authorization: Bearer [OAUTH2_TOKEN]" \
    "https://storage.googleapis.com/[BUCKET_NAME]/[OBJECT_NAME]?acl"

Making groups of objects publicly readable

To make all objects in a bucket publicly readable:

Console

  1. Open the Cloud Storage browser in the Google Cloud Platform Console.
    Open the Cloud Storage browser

  2. Click the drop-down menu associated with the bucket that you want to make public.

    The drop-down menu appears as three vertical dots to the far right of the bucket's row.

  3. Choose Edit bucket permissions.

  4. In the Add members field, enter allUsers.

  5. In the Select a role drop down, select the Storage sub-menu, and click the Storage Object Viewer option.

  6. Click Add.

gsutil

Use the gsutil iam ch command, replacing [VALUES_IN_BRACKETS] with the appropriate values:

gsutil iam ch allUsers:objectViewer gs://[BUCKET_NAME]

REST APIs

JSON API

  1. Get an authorization access token from the OAuth 2.0 Playground. Configure the playground to use your own OAuth credentials.
  2. Create a .json file that contains the following information:
    3. {
  "bindings":[
    {
      "role": "roles/storage.objectViewer",
      "members":["allUsers"]
    }
  ]
}
  3. Use cURL to call the JSON API with a PUT setIamPolicy request, replacing [VALUES_IN_BRACKETS] with the appropriate values: 
    curl -X PUT --data-binary @[JSON_FILE_NAME].json \
    -H "Authorization: Bearer [OAUTH2_TOKEN]" \
    -H "Content-Type: application/json" \
    "https://www.googleapis.com/storage/v1/b/[BUCKET_NAME]/iam"

XML API

Making all objects in a bucket publicly readable is not supported by the XML API. Use gsutil or the JSON API instead.

What's next

Was this page helpful? Let us know how we did:

Send feedback about...

This page
Documentation feedback
Cloud Storage Documentation
Product feedback