Allow Public Read access on a GCS bucket?

Using IAM roles, to make the files readable, and block listing:

gsutil iam ch allUsers:legacyObjectReader gs://bucket-name

To make the files readable, and allow listing:

gsutil iam ch allUsers:objectViewer gs://bucket-name

You can use gsutil to make new objects created in the bucket publicly readable without removing your ownership. To make new objects created in the bucket publicly readable:

gsutil defacl ch -u AllUsers:R gs://yourbucket

If you have existing objects in the bucket that you want to make publicly readable, you can run:

gsutil acl ch -u AllUsers:R gs://yourbucket/**


You can also do it from the console.
https://console.cloud.google.com/storage/
Choose edit the bucket permissions:
Input "allUsers" in Add Members option and "Storage Object Viewer" as the role. Then go to "Select a role" and set "Storage" and "Storage Object Legacy" to "Storage Object View"

GCS bucket access


  1. Open the Cloud Storage browser in the Google Cloud Platform Console.
  2. In the list of buckets, click on the name of the bucket that contains the object you want to make public, and navigate to the object if it's in a subdirectory.
  3. Click the drop-down menu associated with the object that you want to make public.
  4. The drop-down menu appears as three vertical dots to the far right of the object's row.
  5. Select Edit permissions from the drop-down menu.
  6. In the overlay that appears, click the + Add item button.
  7. Add a permission for allUsers.

    • Select User for the Entity.
    • Enter allUsers for the Name.
    • Select Reader for the Access.
    • Click Save.
  8. Once shared publicly, a link icon appears in the public access column. You can click on this icon to get the URL for the object.

Instruction on Making Data Public from Google Cloud Docs