问题
We are trying to create different bucket for different source system, and give them access only to dump data on particular bucket. They should not have read access, i.e. they shouldnt be able to see hats there inside the bucket. Is it doable , if yes how ?
回答1:
You are probably looking for roles/storage.objectCreator role (take a look at IAM roles for Storage) :
Allows users to create objects. Does not give permission to view, delete, or overwrite objects.
回答2:
You can create a custom role for your project, which has only write access. Find storage permissions here. Then you can assign the created custom role to a person or service account with IAM.
来源:https://stackoverflow.com/questions/57147765/gcp-write-only-access-to-bucket-gcs