Restrict Viewer Access to Cloud Storage Objects via ACL
If you are hosting static files on Cloud Storage, it is expected that your files must be accessible publicly. If the objects are private and you used the URI storage.googleapis.com
, you will get an access denied error. This has an ongoing feature request.
In order to authenticate your users when accessing a GCS object, you must use the URI storage.cloud.google.com
and they must use a Google Account. If not, then you can generate a signed URL so they can view the object.
Additional Reference:
https://jbrojbrojbro.medium.com/controlling-access-to-google-cloud-storage-edf639464fea