This website uses Cookies. Click Accept to agree to our website's cookie use as described in our Privacy Policy. Click Preferences to customize your cookie settings.
Accept
Reject
Preferences
Log in to ask a question
Log in to ask a question

Allocating Google Play Console Bucket Programmatically

Posted on 08-04-2023 05:58 AM
DMBI
Bronze 1
Bronze 1
Reply posted on --/--/---- --:-- AM

Greetings,

I am trying to download all app reports from the Google Play Console bucket. I can view and download all reports from here: https://console.cloud.google.com/storage/browser/pubsite_prod_rev_...

When trying to download the reports programmatically using a service account, I get an access denied error message: 403 - "Permission 'storage.buckets.get' denied". I have contacted Googleplay Developer Support, they confirmed that my service account has the appropriate permissions.

I ran the following code in an attempt to try to access the bucket, but I get an empty list of buckets.

/code
play_store_credentials = service_account.Credentials.from_service_account_file("file.json")
storage_client = storage.Client(credentials=play_store_credentials)
datasets = list(storage_client.list_buckets())
print(datasets)
/code

What is the correct way of allocating the buckets to where the Google Play Store reports reside and download it programmatically.

Regards,

0 2 401
Topic Labels
0 Likes
2 REPLIES 2

Posted on --/--/---- --:-- AM
Marramirez
Staff
Reply posted on --/--/---- --:-- AM

Hello @DMBI,

Welcome to the Google Cloud Community!

In IAM roles for Cloud Storage, make sure that you have the Storage Admin Role along with the Storage Object Admin in your service account as they are not the same. The Storage Admin role grants full control of buckets and objects while Storage Object Admin grants access to view objects while also getting the list of objects in a bucket.

Storage Admin Role also contains the storage.buckets.get permission that you need in your service account.

As per Play Console Help Download and export monthly reports,  You can download your reports programmatically using gsutil. You can try the steps below on how to download reports using the command line tool.

  1. Install the gsutil tool.
  2. Find your reporting bucket ID by clicking the Copy Cloud Storage URI button.
  3. Use the gsutil cp command to download reports.

If the above option doesn't work, you can contact Google Cloud Support to further look into your case. Let me know if it helped, thanks!

 

 

0 Likes

Posted on --/--/---- --:-- AM
sham332
Bronze 1
Bronze 1
In response to Marramirez
Reply posted on --/--/---- --:-- AM

I have the same problem.  I have added the permission to service account both 

Storage Admin
Storage Object Admin
 
It still complains that Service account doesn't have access  for 'storage.objects.list' and 'storage.objects.get'.

Also I find this bucket, where the reports are stored,  is not part of the google project. Also on the bucket I tried to see permissions, it doesn't display.  However as a gmail user, I have access to google project and when authenticated in terminal using gmail user, it works. 
 
It is quite confusing that that bucket doesn't exist in any project and adding a service account to project with which the play console is tied isn't working
0 Likes
Top Solution Authors
View all