Why can't I access a cloud storage object despite being a project owner?

Access to GCS resources is not recursive. Owning a project or a bucket within that project does not necessarily imply that you also have read access to some specific object. Owning the bucket does imply that you can list or delete the object, but that's it.

The owner of an object is always the user that uploaded it. By default, the ACLs on the object will align with the bucket's "default object ACL" setting, but the uploader can choose any other ACL during the upload.

You can set Cloud IAM policy to project or bucket.

For example, if you are a project owner and you want to full access of all buckets in the project, follow the steps below.

  1. Open IAM management
  2. Click Edit permissions icon associated with the user which you want to add Cloud IAM policy
  3. Add [Storage]-[Storage Admin] role. not [Storage Legacy].
  4. Click Save button

Then you are granted full access to the object even if you are not the owner of the object.