Dear users,
We would like to let you know that Google Cloud Storage post operation is now temporarily disabled for external reasons. Because the scope of Google Cloud Storage is considered as sensitive by Google (https://www.googleapis.com/auth/devstorage.read_write), the verification process was not accepted by “The Google Cloud Trust & Safety Team”. Here is roughly the answer we received:
We cannot proceed with the approval with the following scopes as you need to set up a service account.
https://www.googleapis.com/auth/devstorage.read_write
Three-legged OAuth2 scope grants are intended for human users to grant access to all of their data hosted on a particular API. Access to your requested OAuth2 scopes would provide overly broad access for Google Cloud Platform customers. Google Cloud Platform only supports grants to specific resources for specific users/services, with access controlled using Cloud IAM Policies.
Based on Google’s answer, there are many questions that can be raised like why is OAuth provided as an authentication mechanism for Google Cloud Storage in the first place, if Google is going to systematically reject all verification requests ? Nevermind Google.
We are working hard to find a solution for integrating with Google Cloud Storage through service accounts. Thanks for your understanding!
