Allow multiple service accounts to access multiple storage buckets
As per my understanding of the case, you want to provide reader access for each device on Google Cloud storage buckets. However, you are also concerned about the increasing load and limit.So taking into account the various issues faced by you, I am sharing a few dimensions of the approach taken by you as follow -
1: As You already have created a script that allows a service account on each labeled bucket. So for further more details related to management of the service account you can refer to this Public Documentation: https://cloud.google.com/iam/docs/creating-managing-service-accounts
2.You can also change the IAM role to Storage Object Viewer for a particular service account on a specific bucket by following GSUtil command:
gsutil iam ch serviceAccount:[email protected]:storage.objectViewer gs://my-project/my-bucket
For more information related to how to create IAM roles for service account on a particular bucket you can refer to this Public documentation: https://cloud.google.com/storage/docs/access-control/using-iam-permissions
3.If you have exhausted 100 service accounts then you can request changes to quota from the Quotas page in the Cloud Console. There is no charge for requesting a quota increase. Your costs increase only if you use more resources. For more details you can refer to this documentation: https://cloud.google.com/compute/quotas#requesting_additional_quota For knowing the quota limits for all the resources available you can refer to this public documentation : https://cloud.google.com/iam/quotas
Hope this helps you!