Can´t access google cloud storage with service account. Service account does not have storage.objects.list access
I want to access Goolge play reports on the command line with gsutil and a service account. There is a Cloud Storage URI for that with the form gs://bucket_name, and I can list and download reports with my user account but not with the service account I created. The error is always the same:
AccessDeniedException: 403 "service-account-name" does not have storage.objects.list access to the Google Cloud Storage bucket.
I have asign all the required permissions to the service account, so I do not understand why with the user account works and fails with the service account.
So if you know how to help me, i will thank you a lot.
Cloud Storage buckets will only appear in the developer console under the project that they were created with. This bucket was not created under the project you have permissions, so it won't appear in any list in the developers console for you.
In order to grant access to the service account that you created, you can just add it as an additional user to the console with read-only permissions, which will give that service account access to the bucket. For more information about this matter, please follow this Help Center article.
Something to keep in mind is that depends on the task you want to accomplish, it could be necessary to add more roles to the Service Account. For example, if you want to view financial data, may be you need a "Financial" role for the SA.