Password protect site hosted on Google Cloud Storage

Question

We have a static website hosted on Google Cloud Storage. We would like it to be password protected. Is there a way to do it with Http basic auth?

Answer 1

No. There appears to be no provision for using HTTP basic auth.

From what I can see, there is no provision for using a password protected website on GCS. The .htaccess file is not recognized and there are no commands in gsutil that can be used to control such access.

There are other methods of making the data private and granting methods of access available for GCS but they aren't the same as the basic HTTP auth.

This page of the documentation goes over the types of credentials allowed.

Answer 2

You should be able to do this through the IAM in the storage security. - Clicking on the security menu to the right of the storage, you can select who has access to a role to view. This would not be username and password, but through GCP IAM.

Answer 3

This is possible, but it requires combining a number of Google Cloud services. A load balancer delegates to a Cloud Run function that handles authentication and authorization and sets a cookie that is checked by Cloud CDN to grant access to the static assets hosted on Cloud Storage. Wiring this all together is described in the tutorial Protecting static website assets hosted on Cloud Storage.