Making data public

This page shows you how to make objects you own readable to everyone on the public internet. To learn how to access data that has been made public, see Accessing Public Data.

Making individual objects publicly readable

To make individual objects readable to everyone on the public internet:

Console

  1. Open the Cloud Storage browser in the Google Cloud Console.
    Open the Cloud Storage browser

  2. In the list of buckets, click on the name of the bucket that contains the object you want to make public, and navigate to the object if it's in a subdirectory.

  3. Click the more actions menu () associated with the object that you want to make public.

  4. Select Edit permissions from the drop-down menu.

  5. In the overlay that appears, click the + Add item button.

  6. Add a permission for allUsers.

    • Select User for the Entity.
    • Enter allUsers for the Name.
    • Select Reader for the Access.

  7. Click Save.

Once shared publicly, a link icon appears in the public access column. You can click on this icon to get the URL for the object.

gsutil

Use the gsutil acl ch command:

gsutil acl ch -u AllUsers:R gs://[BUCKET_NAME]/[OBJECT_NAME]

Where:

  • [BUCKET_NAME] is the name of the bucket containing the object you want to make public. For example, my-bucket.
  • [OBJECT_NAME] is the name of the object you want to make public. For example, pets/dog.png.

If successful, the response looks like the following example:

Updated ACL on gs://[BUCKET_NAME]/[OBJECT_NAME]

Code samples

C++

For more information, see the Cloud Storage C++ API reference documentation . 

namespace gcs = google::cloud::storage;
using ::google::cloud::StatusOr;
[](gcs::Client client, std::string bucket_name, std::string object_name) {
  StatusOr<gcs::ObjectMetadata> updated = client.PatchObject(
      bucket_name, object_name, gcs::ObjectMetadataPatchBuilder(),
      gcs::PredefinedAcl::PublicRead());

  if (!updated) {
    throw std::runtime_error(updated.status().message());
  }

  std::cout << "Object updated. The full metadata after the update is: "
            << *updated << "\n";
}

C#

For more information, see the Cloud Storage C# API reference documentation . 

private void MakePublic(string bucketName, string objectName)
{
    var storage = StorageClient.Create();
    var storageObject = storage.GetObject(bucketName, objectName);
    storageObject.Acl = storageObject.Acl ?? new List<ObjectAccessControl>();
    storage.UpdateObject(storageObject, new UpdateObjectOptions
    {
        PredefinedAcl = PredefinedObjectAcl.PublicRead
    });
    Console.WriteLine(objectName + " is now public and can be fetched from " +
        storageObject.MediaLink);
}

Go

For more information, see the Cloud Storage Go API reference documentation . 

acl := client.Bucket(bucket).Object(object).ACL()
if err := acl.Set(ctx, storage.AllUsers, storage.RoleReader); err != nil {
	return err
}

Java

For more information, see the Cloud Storage Java API reference documentation . 

import com.google.cloud.storage.Acl;
import com.google.cloud.storage.BlobId;
import com.google.cloud.storage.Storage;
import com.google.cloud.storage.StorageOptions;

public class MakeObjectPublic {
  public static void makeObjectPublic(String projectId, String bucketName, String objectName) {
    // String projectId = "your-project-id";
    // String bucketName = "your-bucket-name";
    // String objectName = "your-object-name";
    Storage storage = StorageOptions.newBuilder().setProjectId(projectId).build().getService();
    BlobId blobId = BlobId.of(bucketName, objectName);
    storage.createAcl(blobId, Acl.of(Acl.User.ofAllUsers(), Acl.Role.READER));

    System.out.println(
        "Object " + objectName + " in bucket " + bucketName + " was made publicly readable");
  }
}

Node.js

For more information, see the Cloud Storage Node.js API reference documentation . 

// Imports the Google Cloud client library
const {Storage} = require('@google-cloud/storage');

// Creates a client
const storage = new Storage();

/**
 * TODO(developer): Uncomment the following lines before running the sample.
 */
// const bucketName = 'Name of a bucket, e.g. my-bucket';
// const filename = 'File to make public, e.g. file.txt';

// Makes the file public
await storage
  .bucket(bucketName)
  .file(filename)
  .makePublic();

console.log(`gs://${bucketName}/${filename} is now public.`);

PHP

For more information, see the Cloud Storage PHP API reference documentation . 

use Google\Cloud\Storage\StorageClient;

/**
 * Make an object publically accessible.
 *
 * @param string $bucketName the name of your Cloud Storage bucket.
 * @param string $objectName the name of your Cloud Storage object.
 *
 * @return void
 */
function make_public($bucketName, $objectName)
{
    $storage = new StorageClient();
    $bucket = $storage->bucket($bucketName);
    $object = $bucket->object($objectName);
    $object->update(['acl' => []], ['predefinedAcl' => 'PUBLICREAD']);
    printf('gs://%s/%s is now public' . PHP_EOL, $bucketName, $objectName);
}

Python

For more information, see the Cloud Storage Python API reference documentation . 

from google.cloud import storage


def make_blob_public(bucket_name, blob_name):
    """Makes a blob publicly accessible."""
    # bucket_name = "your-bucket-name"
    # blob_name = "your-object-name"

    storage_client = storage.Client()
    bucket = storage_client.bucket(bucket_name)
    blob = bucket.blob(blob_name)

    blob.make_public()

    print(
        "Blob {} is publicly accessible at {}".format(
            blob.name, blob.public_url
        )
    )

Ruby

For more information, see the Cloud Storage Ruby API reference documentation . 

# project_id  = "Your Google Cloud project ID"
# bucket_name = "Your Google Cloud Storage bucket name"
# file_name   = "Name of file in Google Cloud Storage to make public"

require "google/cloud/storage"

storage = Google::Cloud::Storage.new project_id: project_id
bucket  = storage.bucket bucket_name
file    = bucket.file file_name

file.acl.public!

puts "#{file.name} is publicly accessible at #{file.public_url}"

REST APIs

JSON API

  1. Get an authorization access token from the OAuth 2.0 Playground. Configure the playground to use your own OAuth credentials.

  2. Create a .json file that contains the following information:

    {
  "entity": "allUsers",
  "role": "READER"
}

  3. Use cURL to call the JSON API with an Insert ACL request:

    curl -X POST --data-binary @[JSON_FILE_NAME].json \
  -H "Authorization: Bearer [OAUTH2_TOKEN]" \
  -H "Content-Type: application/json" \
  "https://storage.googleapis.com/storage/v1/b/[BUCKET_NAME]/o/[OBJECT_NAME]/acl"

    Where:

    • [JSON_FILE_NAME] is the name of the file you created in Step 2.
    • [OAUTH2_TOKEN] is the access token you created in Step 1.
    • [BUCKET_NAME] is the name of the bucket containing the object you want to make public. For example, my-bucket.
    • [OBJECT_NAME] is the name of the object you want to make public. For example, pets/dog.png.

XML API

  1. Get an authorization access token from the OAuth 2.0 Playground. Configure the playground to use your own OAuth credentials.

  2. Create a .xml file that contains the following information:

    <AccessControlList>
  <Entries>
    <Entry>
      <Scope type="AllUsers"/>
      <Permission>READ</Permission>
    </Entry>
  </Entries>
</AccessControlList>

  3. Use cURL to call the XML API with a Set Object ACL request:

    curl -X PUT --data-binary @[XML_FILE_NAME].xml \
  -H "Authorization: Bearer [OAUTH2_TOKEN]" \
  "https://storage.googleapis.com/[BUCKET_NAME]/[OBJECT_NAME]?acl"

    Where:

    • [XML_FILE_NAME] is the name of the file you created in Step 2.
    • [OAUTH2_TOKEN] is the access token you created in Step 1.
    • [BUCKET_NAME] is the name of the bucket containing the object you want to make public. For example, my-bucket.
    • [OBJECT_NAME] is the name of the object you want to make public. For example, pets/dog.png.

Making groups of objects publicly readable

To make all objects in a bucket readable to everyone on the public internet:

Console

  1. Open the Cloud Storage browser in the Google Cloud Console.
    Open the Cloud Storage browser

  2. In the list of buckets, click on the name of the bucket that you want to make public.

  3. Select the Permissions tab near the top of the page.

  4. Click the Add members button.

    The Add members dialog box appears.

  5. In the New members field, enter allUsers.

  6. In the Roles drop down, select the Storage sub-menu, and click the Storage Object Viewer option.

  7. Click Save.

Once shared publicly, a link icon appears for each object in the public access column. You can click on this icon to get the URL for the object.

gsutil

Use the gsutil iam ch command:

gsutil iam ch allUsers:objectViewer gs://[BUCKET_NAME]

Where [BUCKET_NAME] is the name of the bucket whose objects you want to make public. For example, my-bucket.

REST APIs

JSON API

  1. Get an authorization access token from the OAuth 2.0 Playground. Configure the playground to use your own OAuth credentials.

  2. Create a .json file that contains the following information:

    {
  "bindings":[
    {
      "role": "roles/storage.objectViewer",
      "members":["allUsers"]
    }
  ]
}

  3. Use cURL to call the JSON API with a PUT Bucket request:

    curl -X PUT --data-binary @[JSON_FILE_NAME].json \
  -H "Authorization: Bearer [OAUTH2_TOKEN]" \
  -H "Content-Type: application/json" \
  "https://storage.googleapis.com/storage/v1/b/[BUCKET_NAME]/iam"

    Where:

    • [JSON_FILE_NAME] is the name of the file you created in Step 2.
    • [OAUTH2_TOKEN] is the access token you created in Step 1.
    • [BUCKET_NAME] is the name of the bucket whose objects you want to make public. For example, my-bucket.

XML API

Making all objects in a bucket publicly readable is not supported by the XML API. Use gsutil or the JSON API instead.

What's next

Var denne side nyttig? Giv os en anmeldelse af den:

Send feedback om...

Denne side
Feedback om de tilhørende oplysninger
Cloud Storage
Feedback om produktet
Har du brug for hjælp? Besøg vores supportside.