This guide provides the steps for users to grant MyMagic API read and write access to their Google Cloud Storage (GCS) bucket. This setup ensures a secure and controlled access mechanism, following Google Cloud’s best practices.

MyMagic API requires access to your GCS bucket to store and retrieve files for batch inference. The application uses a service account that you will create and configure, granting it the necessary permissions to interact with your GCS bucket. The API will read all the files in the bucket folder and write the inference results to the same bucket folder under the name “ai_response.json” with a time stamp.


  • A Google Cloud account with access to Google Cloud Storage (GCS).
  • A GCS bucket to which MyMagic API requires access.

Step 1: Set Permissions on the GCS Bucket

  1. Click on the bucket name to which you want to grant access.
  2. Go to the “Permissions” tab.
  3. Click on “Add members”.
  4. Enter MyMagic AI’s GCP email address [email protected] as a new principal.
  5. Select a role that grants the necessary permissions, such as Storage Object Admin.
  6. Click Save.

Adherence to Security Best Practices

  • The service account has only the necessary permissions needed by MyMagic API.
  • Access to the GCS bucket is controlled through a combination of IAM roles and service account privileges, adhering to the principle of least privilege.
  • Using service accounts isolates and secures access to Google Cloud resources.

Need Help?

If you encounter any issues or have questions, please reach out to [email protected]