Hi @rada_leela,

Welcome to Google Cloud Community!

The storage.objects.get error message “Missing required permissions” indicates a possibility that the service account has not been granted sufficient privileges to retrieve objects from the Cloud Storage bucket.

Possible Causes and Fixes:

1. Double-check if the appropriate service account is being used:
   If there is a service account assigned for importing purposes and it is not the one that is supposed to be used, then check and modify IAM roles as necessary (see IAM roles specifically for Cloud Storage).
2. Review the Bucket-Level IAM Policies:
   Provide or Grant roles/storage.objectViewer to the service account that corresponds to the bucket.

   gsutil iam ch serviceAccount:[SERVICE_ACCOUNT_EMAIL]:roles/storage.objectViewer gs://[BUCKET_NAME]

3. Examine  Object Level ACLs:
   If access is still being denied, but IAM permissions look correct, then check and set the object ACLs with the following command:

   gsutil acl ch -u [SERVICE_ACCOUNT_EMAIL]:READER gs://[BUCKET_NAME]/[FILE_NAME]

4. Screen Logs for Further Investigation:
   Check to see the state of the requests via Cloud Storage logs in Cloud Logging to confirm that they are not being blocked. For further information, you can explore this documentation.

Was this helpful? If so, please accept this answer as “Solution”. If you need additional assistance, reply here within 2 business days and I’ll be happy to help.