diff --git a/misc/gce/notes.txt b/misc/gce/notes.txt
index ec9221434..f62b16e06 100644
--- a/misc/gce/notes.txt
+++ b/misc/gce/notes.txt
@@ -1,3 +1,18 @@
+non-core dev:
+gcutil --service_version="v1" --project="camanaged" addinstance "camlistore" --zone="us-central1-b" --machine_type="n1-standard-1" --network="default" --external_ip_address="107.178.214.163" --metadata="cam-key-1:cam-value-1" --metadata="cam-key-2:cam-value-2" --metadata="sshKeys:bradfitz:ssh-rsa AAAAB3NzaC1yc2EAAAADAQABAAABAQCw6Dk3iskKylP2zginCOAzIunMA38vGL9b/i18UG/Iuq+jKczZXB/1dlcZGSOs3+LtGh/C341TXTioydxTw+ux1AbmUk4c6L404skl85XFOys/GLxA4sHxBSb5we0Q57yohSgeZNlQd+Scmu5v7WC0N7I3hOK0lJgtxRNyC2nncGC0UOm+IGPTWcqPJERTauH/OhoAddWQehf1ugxTJYFU9atl3Op/mDXfyGBSLweWAQ84fhVKRZnl4i9Yhk1b357Q8cVKH6UQUADVamo7CQOsenzx99UL0thFRTSbuKALyf9e+SPwJrtIxZaX+skVSR+CzooRbypIamLbNXhfbxNz bradfitz@Bradleys-MacBook-Air.local" --service_account_scopes="https://www.googleapis.com/auth/userinfo.email,https://www.googleapis.com/auth/compute.readonly,https://www.googleapis.com/auth/devstorage.full_control,https://www.googleapis.com/auth/sqlservice,https://www.googleapis.com/auth/sqlservice.admin,https://www.googleapis.com/auth/cloud-platform,https://www.googleapis.com/auth/datastore,https://www.googleapis.com/auth/userinfo.email,https://www.googleapis.com/auth/compute,https://www.googleapis.com/auth/devstorage.full_control,https://www.googleapis.com/auth/taskqueue,https://www.googleapis.com/auth/bigquery,https://www.googleapis.com/auth/sqlservice,https://www.googleapis.com/auth/datastore" --tags="tag,tag2,http-server,https-server" --persistent_boot_disk="true" --auto_delete_boot_disk="false" --image=projects/debian-cloud/global/images/backports-debian-7-wheezy-v20140718
+
+$ curl -H "Metadata-Flavor:Google" http://metadata/computeMetadata/v1/instance/service-accounts/default/scopes
+https://www.googleapis.com/auth/bigquery
+https://www.googleapis.com/auth/cloud-platform
+https://www.googleapis.com/auth/compute
+https://www.googleapis.com/auth/compute.readonly
+https://www.googleapis.com/auth/datastore
+https://www.googleapis.com/auth/devstorage.full_control
+https://www.googleapis.com/auth/sqlservice
+https://www.googleapis.com/auth/sqlservice.admin
+https://www.googleapis.com/auth/taskqueue
+https://www.googleapis.com/auth/userinfo.email
+
 gcutil --project=camanaged addinstance \
        --image=projects/coreos-cloud/global/images/coreos-alpha-394-0-0-v20140801 \
        --persistent_boot_disk \
@@ -6,3 +21,11 @@ gcutil --project=camanaged addinstance \
        --auto_delete_boot_disk \
        --tags=http-server,https-server \
        --metadata_from_file=user-data:cloud-config.yaml core1
+
+TODO:
+- allow config from /gcs/bucket/key; add pkg for os.Stat/os.Open wrappers checking
+  prefix
+- use that package for:
+   "httpsCert": "/home/bradfitz/keys/camlihouse/ssl.crt",
+   "httpsKey": "/home/bradfitz/keys/camlihouse/ssl.key",
+   "identitySecretRing": "/home/bradfitz/.config/camlistore/identity-secring.gpg",
diff --git a/pkg/blobserver/google/cloudstorage/storage.go b/pkg/blobserver/google/cloudstorage/storage.go
index 4b5bf71e1..43b3bc5f0 100644
--- a/pkg/blobserver/google/cloudstorage/storage.go
+++ b/pkg/blobserver/google/cloudstorage/storage.go
@@ -22,6 +22,7 @@ package cloudstorage
 import (
 	"bytes"
 	"errors"
+	"fmt"
 	"io"
 	"io/ioutil"
 	"log"
@@ -77,6 +78,13 @@ func newFromConfig(_ blobserver.Loader, config jsonconfig.Obj) (blobserver.Stora
 		gs.client = googlestorage.NewClient(googlestorage.MakeOauthTransport(
 			clientID, clientSecret, refreshToken))
 	}
+
+	bi, err := gs.client.BucketInfo(bucket)
+	if err != nil {
+		return nil, fmt.Errorf("error statting bucket %q: %v", bucket, err)
+	}
+	log.Printf("Bucket info: %#v", bi)
+
 	return gs, nil
 }
 
diff --git a/pkg/googlestorage/googlestorage.go b/pkg/googlestorage/googlestorage.go
index 48a5fe535..0cebaa216 100644
--- a/pkg/googlestorage/googlestorage.go
+++ b/pkg/googlestorage/googlestorage.go
@@ -30,6 +30,7 @@ import (
 
 	"camlistore.org/pkg/httputil"
 	"camlistore.org/third_party/code.google.com/p/goauth2/oauth"
+	api "camlistore.org/third_party/code.google.com/p/google-api-go-client/storage/v1"
 	"camlistore.org/third_party/github.com/bradfitz/gce"
 )
 
@@ -40,6 +41,7 @@ const (
 type Client struct {
 	client    *http.Client
 	transport *oauth.Transport // nil for service clients
+	service   *api.Service
 }
 
 type Object struct {
@@ -64,11 +66,18 @@ func NewServiceClient() (*Client, error) {
 		!scopes.Contains("https://www.googleapis.com/auth/devstorage.read_write") {
 		return nil, errors.New("when this Google Compute Engine VM instance was created, it wasn't granted access to Cloud Storage")
 	}
-	return &Client{client: gce.Client}, nil
+	service, _ := api.New(gce.Client)
+	return &Client{client: gce.Client, service: service}, nil
 }
 
 func NewClient(transport *oauth.Transport) *Client {
-	return &Client{transport.Client(), transport}
+	client := transport.Client()
+	service, _ := api.New(client)
+	return &Client{
+		client:    transport.Client(),
+		transport: transport,
+		service:   service,
+	}
 }
 
 func (gso Object) String() string {
@@ -251,3 +260,7 @@ func (gsa *Client) EnumerateObjects(bucket, after string, limit int) ([]SizedObj
 
 	return result.Contents, nil
 }
+
+func (c *Client) BucketInfo(bucket string) (*api.Bucket, error) {
+	return c.service.Buckets.Get(bucket).Do()
+}