I realized that after creating a bucket with the default settings anyone who knows the bucket name is able to check for the existence of a file.
Example:
Someone tries the url https://storage.googleapis.com/bucket_name/file_name
If the file doesn't exist the message shown is "The specified key does not exist"
If the file does exist the message is "Anonymous callers do not have storage.objects.get access to object bucket_name/file_name"
This makes easy to discover filenames stored in a bucket, therefore, the privacy of the bucket content is not complete.
I also use S3 storage where the message is "Access denied" for both cases, so there is no way to know if the file is really there.
Is there any way to disable this behavior?
Thanks