This page shows you how to make objects you own publicly readable. To learn how to access data that has been made public, see Accessing Public Data.
Making individual objects publicly readable
To make individual objects publicly readable:
Console
- Open the Cloud Storage browser in the Google Cloud Platform Console.
Open the Cloud Storage browser In the list of buckets, click on the name of the bucket that contains the object you want to make public, and navigate to the object if it's in a subdirectory.
Click the drop-down menu associated with the object that you want to make public.
The drop-down menu appears as three vertical dots to the far right of the object's row.
Select Edit permissions from the drop-down menu.
In the overlay that appears, click the + Add item button.
Add a permission for allUsers.
- Select User for the Entity.
- Enter allUsers for the Name.
- Select Reader for the Access.
Click Save.
Once shared publicly, a link icon appears in the public access column. You can click on this icon to get the URL for the object.
gsutil
Use the gsutil acl ch
command, replacing [VALUES_IN_BRACKETS]
with the appropriate values:
gsutil acl ch -u AllUsers:R gs://[BUCKET_NAME]/[OBJECT_NAME]
If successful, the response looks like the following example:
Updated ACL on gs://[BUCKET_NAME]/[OBJECT_NAME]
Code samples
For more information, see the
Cloud Storage C++ API reference documentation
.
For more information, see the
Cloud Storage C# API reference documentation
.
For more information, see the
Cloud Storage Go API reference documentation
.
For more information, see the
Cloud Storage Java API reference documentation
.
For more information, see the
Cloud Storage Node.js API reference documentation
.
For more information, see the
Cloud Storage PHP API reference documentation
.
For more information, see the
Cloud Storage Python API reference documentation
.
For more information, see the
Cloud Storage Ruby API reference documentation
.
C++
C#
Go
Java
Node.js
PHP
Python
Ruby
REST APIs
JSON API
- Get an authorization access token from the OAuth 2.0 Playground. Configure the playground to use your own OAuth credentials.
- Create a .json file that contains the following information:
- Use
cURL
to call the JSON API with anInsert ACL
request, replacing[VALUES_IN_BRACKETS]
with the appropriate values:curl -X POST --data-binary @[JSON_FILE_NAME].json \ -H "Authorization: Bearer [OAUTH2_TOKEN]" \ -H "Content-Type: application/json" \ "https://www.googleapis.com/storage/v1/b/[BUCKET_NAME]/o/[OBJECT_NAME]/acl"
{ "entity": "allUsers", "role": "READER" }
XML API
- Get an authorization access token from the OAuth 2.0 Playground. Configure the playground to use your own OAuth credentials.
- Create a .xml file that contains the following information:
- Use
cURL
to call the XML API with anSet Object ACL
request, replacing[VALUES_IN_BRACKETS]
with the appropriate values:curl -X PUT --data-binary @[XML_FILE_NAME].xml \ -H "Authorization: Bearer [OAUTH2_TOKEN]" \ "https://storage.googleapis.com/[BUCKET_NAME]/[OBJECT_NAME]?acl"
<AccessControlList> <Entries> <Entry> <Scope type="AllUsers"/> <Permission>READ</Permission> </Entry> </Entries> </AccessControlList>
Making groups of objects publicly readable
To make all objects in a bucket publicly readable:
Console
- Open the Cloud Storage browser in the Google Cloud Platform Console.
Open the Cloud Storage browser In the list of buckets, click on the name of the bucket that you want to make public.
Select the Permissions tab near the top of the page.
Click the Add members button.
The Add members dialog box appears.
In the Members field, enter
allUsers
.In the Roles drop down, select the Storage sub-menu, and click the Storage Object Viewer option.
Click Add.
Once shared publicly, a link icon appears for each object in the public access column. You can click on this icon to get the URL for the object.
gsutil
Use the gsutil iam ch
command, replacing [VALUES_IN_BRACKETS]
with the appropriate values:
gsutil iam ch allUsers:objectViewer gs://[BUCKET_NAME]
REST APIs
JSON API
- Get an authorization access token from the OAuth 2.0 Playground. Configure the playground to use your own OAuth credentials.
- Create a .json file that contains the following information:
- Use
cURL
to call the JSON API with aPUT setIamPolicy
request, replacing[VALUES_IN_BRACKETS]
with the appropriate values:curl -X PUT --data-binary @[JSON_FILE_NAME].json \ -H "Authorization: Bearer [OAUTH2_TOKEN]" \ -H "Content-Type: application/json" \ "https://www.googleapis.com/storage/v1/b/[BUCKET_NAME]/iam"
{ "bindings":[ { "role": "roles/storage.objectViewer", "members":["allUsers"] } ] }
XML API
Making all objects in a bucket publicly readable is not supported by the XML API. Use gsutil or the JSON API instead.
What's next
- Access data that has been made public.
- Learn about more access control options for your buckets and objects.