Hi @ewanmacgregor, 

It sounds like there might be an issue with IAM policies, ACLs, or organization-wide restrictions causing access problems. Here are some steps to troubleshoot and fix the issue:

• You can use the Policy Troubleshooter to determine why a user can or cannot access a resource by analyzing allow policies, deny policies, and any Principal Access Boundary (PAB) policies in effect.
• Ensure users are granted the appropriate IAM roles at the project or bucket level. You can follow this document to check IAM policy for your project. Pay close attention to any custom roles you've created and ensure they contain the necessary permissions.
• If you're using ACLs in addition to IAM, verify that the correct users or groups have the required access at both the bucket and object levels. IAM policies generally override ACLs. If you're primarily using IAM, ensure that ACLs aren't inadvertently restricting access. It's often best practice to rely solely on IAM for access control.
• If the issue persists, you may contact Google Cloud Support. They can investigate your specific project and account for any underlying issues. When contacting them, provide detailed information

Was this helpful? If so, please accept this answer as “Solution”. If you need additional assistance, reply here within 2 business days and I’ll be happy to help.