问题
How do I set access permissions for entire folder in storage bucket? Example; I have 2 folders (containing many subfolders/objects) in single bucket (let's call them folder 'A' and 'B') and 4 members in project team. All 4 members can have read/edit access for folder A but only 2 of the members are allowed to have access to folder 'B'. Is there a simple way to set these permissions for each folder? There are hundreds/thousands of files within each folder and it would be very time consuming to set permissions for each individual file. Thanks for any help.
回答1:
It's very poorly documented, but search for "folder" in the gsutil acl ch manpage:
Grant the user with the specified canonical ID READ access to all objects in example-bucket that begin with folder/:
gsutil acl ch -r \ -u 84fac329bceSAMPLE777d5d22b8SAMPLE785ac2SAMPLE2dfcf7c4adf34da46:R \ gs://example-bucket/folder/
回答2:
You cannot do this in GCS. GCS provides permissions to buckets and permissions to objects. A "folder" is not a GCS concept and does not have any properties or permissions.
回答3:
Thanks everyone, looks like this is not the straightforward solution to achieve my requirement in GCP. It is quite easily achievable in AWS using the below mentioned script.
{
"Version":"2012-10-17",
"Statement":[
{
"Effect":"Allow",
"Action":[
"s3:PutObject",
"s3:GetObject",
"s3:GetObjectVersion",
"s3:DeleteObject",
"s3:DeleteObjectVersion"
],
"Resource":"arn:aws:s3:::examplebucket/${aws:username}/*"
}
]
}
Similar implementation I'm looking for in GCP.
来源:https://stackoverflow.com/questions/38575445/how-to-set-access-permissions-of-google-cloud-storage-bucket-folder