编辑 Google Storage 对象元数据需要哪些权限? [英] Which permissions are needed to edit Google Storage object metadata?
本文介绍了编辑 Google Storage 对象元数据需要哪些权限?的处理方法,对大家解决问题具有一定的参考价值,需要的朋友们下面随着小编来一起学习吧!
问题描述
我有以下 Perl 代码:
I have the following Perl code:
$response = $process->request('PATCH',
"https://www.googleapis.com/storage/v1/b/$Bucket/o/$EscapedName",
'{"content-type": "image/jpeg"}',
# '{"metadata": {"Content-Type": "image/jpeg"}}',
{'Content-Type' => 'application/json'});
unless ($response->is_success) {
print "Content-Type: text/plain\n\n";
print $response->status_line . "\n" . $response->decoded_content . "\n" ;
exit;
}
它产生
403 Forbidden
{
"error": {
"errors": [
{
"domain": "global",
"reason": "insufficientPermissions",
"message": "Insufficient Permission"
}
],
"code": 403,
"message": "Insufficient Permission"
}
}
尽管我有:
- 存储管理员
- 存储对象管理员
- 存储对象创建器
- 存储对象查看器
为我的用户启用.
为什么它不起作用?
简单上传对象确实有效,但我无法设置此元数据.
Simple uploading of objects does work, but I cannot set this metadata.
推荐答案
要更新对象元数据,需要 storage.objects.update 权限.来自 Cloud Storage IAM 权限:
To update the object metadata ones needs the storage.objects.update permission. From Cloud Storage IAM Permissions:
对象权限
...
storage.objects.update Update object metadata, excluding ACLs.
但是 roles/storage.objectAdmin 和 roles/storage.admin 角色(假设这就是您列出的角色的意思)应该 已经包含该许可,因此可能还有其他因素在起作用.来自标准角色:
But both roles/storage.objectAdmin and roles/storage.admin roles (assuming that's what you mean by the roles you listed) should already include that permission, so something else may be at work. From Standard roles:
roles/storage.objectAdmin Full control over objects, including listing, storage.objects.*
creating, viewing, and deleting objects.
Does not grant permission to read or edit
bucket metadata.
roles/storage.admin Full control of buckets and objects. storage.buckets.*
When applied to an individual bucket, control storage.objects.*
only to the specified bucket and objects within
the bucket.
这篇关于编辑 Google Storage 对象元数据需要哪些权限?的文章就介绍到这了,希望我们推荐的答案对大家有所帮助,也希望大家多多支持IT屋!
查看全文
