I have a bucket with uniform permissions (no object level ACLs) and my account has the Owner role on the project which should give full access to all resources. I have even tried adding Storage Admin / Storage Object Admin / Legacy Object Owner roles and still can't access the objects in my bucket.
When I use the IAM Policy Troubleshooter it can successfully make the storage.objects.get
call.
The exact error Google Cloud Console is giving me when I try to view the object
Additional permissions required to view this object's metadata: Ask an object owner to grant you 'storage.objects.get' permission (e.g., by giving your account the IAM Storage Admin role).
The objects are being created by a service account with the Storage Object Admin role and they contain custom metadata.