Allow Public Read access on a GCS bucket?

I am trying to allow anonymous (or just from my applications domain) read access for files in my bucket.

When trying to read the files I get

```

<Error>
    <Code>AccessDenied</Code>
    <Message>Access denied.</Message>
    <Details>
        Anonymous users does not have storage.objects.get access to object.
    </Details>
</Error>

```

I also tried to add a domain with the object default permissions dialog in the google cloud console. that gives me the error "One of your permissions is invalid. Make sure that you enter an authorized id or email for the groups and users and a domain for the domains"

I have also looked into making the ACL for the bucket public-read. My only problem with this is that it removes my ownership over the bucket. I need to have that ownership since I want to allow uploading from a specific Google Access Id.

You can also do it from the console.
https://console.cloud.google.com/storage/
Choose edit the bucket permissions:
Input "allUsers" in Add Members option and "Storage Object Viewer" as the role. Then go to "Select a role" and set "Storage" and "Storage Object Legacy" to "Storage Object View"

You can use gsutil to make new objects created in the bucket publicly readable without removing your ownership. To make new objects created in the bucket publicly readable:

gsutil defacl ch -u AllUsers:R gs://yourbucket

If you have existing objects in the bucket that you want to make publicly readable, you can run:

gsutil acl ch -u AllUsers:R gs://yourbucket/**

Using IAM roles, to make the files readable, and block listing:

gsutil iam ch allUsers:legacyObjectReader gs://bucket-name

To make the files readable, and allow listing:

gsutil iam ch allUsers:objectViewer gs://bucket-name