Creating and Managing GCP Storage Bucket Roles and ACLs

Libraries: If you want this lab, consider one of these libraries.
Cloud

Creating and Managing GCP Storage Bucket Roles and ACLs

Google Cloud Storage makes it possible to control who has access to the files stored in it's buckets in a number of ways. Generally, you can choose to allow uniform permissions to be applied at the bucket level, the default option. Or, you can opt to use the fine-grained permission control option, which allows you to specify permissions and accessibility for each object in the bucket individually. In this Hands-On Lab, I'll show you how to set up buckets, populate them with files from a repository, and then set the permissions as desired.

Get started Contact sales

Lab Info

Level

Beginner

Last updated

Apr 06, 2025

Duration

45m

Challenge

Create Cloud Storage buckets.
1. Activate the Cloud Shell.
2. Create the first bucket for uniform access, with a unique name: gsutil mb gs://[BUCKET_NAME]/
3. Create a second bucket for fine-grained access, with a unique name: gsutil mb gs://[BUCKET_NAME]/
Challenge

Retrieve the working files.
1. Clone an existing repo: git clone https://github.com/linuxacademy/content-gc-iam-deepdive
2. Change directories with the following command: cd content-gc-iam-deepdive/
3. Copy the appropriate files from your Cloud Shell to your buckets with the following commands: gsutil -m cp -r fine-grained-access/* gs://[BUCKET_NAME]/ gsutil -m cp -r uniform-access/* gs://[BUCKET_NAME]/
4. Confirm the copy by returning to the Cloud Storage Browser and refreshing the buckets.
Challenge

Set the fine-grained permissions.
1. From the Cloud Storage Browser page, open the fine-grained-access bucket.
2. To the right of one of the images, select the Action (3-dot) menu, and choose Edit Permissions.
3. When the Edit Permissions dialog appears, click + Add Item.
4. In the Entity column, select Public.
5. In the Name column, enter allUsers.
6. In the Access column, choose Reader.
7. Click Save.
Challenge

Set the uniform permissions.
1. Return to the Cloud Storage Browser page.
2. To the right of the uniformed-access, select the Action (3-dot) menu and choose Edit Bucket Permissions.
3. In the Permissions tab, select Edit.
4. When the Edit Access Control dialog opens, choose the Uniform option.
5. Check the Add project ACLs to the bucket IAM policy checkbox.
6. Click Save.
7. Click Add Member.
8. In the New Members field, enter allUsers.
9. In the Role field, choose Storage then Storage Object Viewer.
10. Click Save.
11. Open the bucket.
12. From any image, select the link in the Public Access column.

About the author

Pluralsight Skills

Pluralsight Skills gives leaders confidence they have the skills needed to execute technology strategy. Technology teams can benchmark expertise across roles, speed up release cycles and build reliable, secure products. By leveraging our expert content, skill assessments and one-of-a-kind analytics, keep up with the pace of change, put the right people on the right projects and boost productivity. It's the most effective path to developing tech skills at scale.

Real skill practice before real-world application

Hands-on Labs are real environments created by industry experts to help you learn. These environments help you gain knowledge and experience, practice without compromising your system, test without risk, destroy without fear, and let you learn from your mistakes. Hands-on Labs: practice your skills before delivering in the real world.

Learn by doing

Engage hands-on with the tools and technologies you’re learning. You pick the skill, we provide the credentials and environment.

Follow your guide

All labs have detailed instructions and objectives, guiding you through the learning process and ensuring you understand every step.

Turn time into mastery

On average, you retain 75% more of your learning if you take time to practice. Hands-on labs set you up for success to make those skills stick.