Menu
I am trying to read a file in a Storage bucket from within a GCE VM using a gsutil cp command. The GCE VM uses a custom storage account which has required IAM permissions and access policies to the file within the storage bucket. My observation is as follows:
gsutil cp command works fine and the file is copied successfully.gsutil cp command does not work.In case 2, the gsutil cp command produces the following output:
gsutil cp gs://<mybucket-name>/<myfile> .
INFO 0304 13:02:18.377339 retry_util.py] Retrying request, attempt #1...
INFO 0304 13:03:20.684459 retry_util.py] Retrying request, attempt #2...
INFO 0304 13:04:25.247341 retry_util.py] Retrying request, attempt #3...
INFO 0304 13:05:34.869920 retry_util.py] Retrying request, attempt #4...
INFO 0304 13:06:52.144510 retry_util.py] Retrying request, attempt #5...
Can anyone suggest what to make out of this and whether this is expected behaviour? What is the correct way to read content within a storage bucket from within a GCE VM that has no external IP assigned?
624
asked Sep 04 '25 01:09
What is missing for your VM instance without an external IP address, so that it can access Cloud Storage is to enable Google Private Access for the subnet of your VM instance.
As stated in the documentation for Private Access Options for Services:
VM instances that only have internal IP addresses (no external IP addresses) can use Private Google Access. They can reach the external IP addresses of Google APIs and services.
You enable Private Google Access on a subnet by subnet basis; it's a setting for subnets in a VPC network. To enable a subnet for Private Google Access and to view the requirements, see Configuring Private Google Access
You simply have to:
Also make sure that your VM has access to the Cloud Storage API.
61
If you love us? You can donate to us via Paypal or buy me a coffee so we can maintain and grow! Thank you!
Donate Us With
