Skip to content

Latest commit

 

History

History
162 lines (104 loc) · 2.43 KB

supported-operations-ab7c240.md

File metadata and controls

162 lines (104 loc) · 2.43 KB

Supported Operations

The Object Store service provides a role named storage object admin to each binding or a service key user.

The role grants full control over objects including listing, creating, viewing, and deleting objects. The list of operations supported would include the following:

storage.objects.create

Add new objects to a bucket.

storage.objects.delete

Delete objects.

storage.objects.get

Read object data and metadata, excluding ACLs.

storage.objects.getIamPolicy

Read object ACLs, returned as IAM policies.

storage.objects.list

List objects in a bucket. Also, read object metadata, excluding ACLs, when listing.

storage.objects.setIamPolicy

Update object ACLs.

storage.objects.update

Update object metadata, excluding ACLs.

storage.multipartUploads.create

Upload objects in multiple parts.

storage.multipartUploads.abort

Abort multipart upload sessions.

storage.multipartUploads.listParts

List the uploaded object parts in a multipart upload session.

storage.multipartUploads.list

List the multipart upload sessions in a bucket.

Note:

  • The Object Store service keeps access to all objects restricted to the service account user that it creates as part of service bindings and service keys. None of the objects residing in a GCS bucket are publicly accessible by default.

  • Access level of objects can change only if you set object ACLs.

  • We strongly recommend you to be careful when setting object ACLs for your buckets.

Related Information

Object permissions

Buckets

Objects