I have created a storage bucket in my GCP project and is trying to make it public. For that I already removed the org constraint policy "Enforce Public Access Prevention" from my project. While running the below command in SDK I get the error "PreconditionException: 412 One or more users named in the policy do not belong to a permitted customer"
command --> gsutil iam ch allUsers:legacyObjectReader gs://[bucket_name]
Can anyone tell me what others organization contraints do i need to remove from the project policy to make my bucket public
I think you should remove this orga policy from your project
Domain restricted sharing
constraints/iam.allowedPolicyMemberDomains
According to this documentation https://cloud.google.com/resource-manager/docs/organization-policy/restricting-domains#example_error_message
When the iam.allowedPolicyMemberDomains predefined constraint is violated by trying to add a principal that is not included in the allowed_values list, the operation will fail and then an error message will be displayed.
ERROR: (gcloud.projects.set-iam-policy) FAILED_PRECONDITION:
One or more users named in the policy do not belong to a permitted customer.