google::bucket¶

Creates a Bucket within a specified region.

Example¶

google::bucket bucket-1
    name: 'example-one'
    location: 'us-central1'
    predefined-acl: 'publicRead'
    default-event-based-hold: true
    storage-class: 'NEARLINE'

    labels: {
        foo: 'bar_1901'
    }

    cors
        max-age-seconds: 3200
        method: ['GET', 'POST']
        origin: ['*']
        response-header: ['application-x-test']
    end

    billing
        requester-pays: false
    end

    iam-configuration
        uniform-bucket-level-access
            enabled: false
        end
    end

    iam-policy
        bindings
            role: 'roles/storage.legacyBucketOwner'
            members: ['projectEditor:<<PROJECT-ID-GOES-HERE>>']
        end

        bindings
            role: 'roles/storage.legacyBucketReader'
            members: ['projectViewer:<<PROJECT-ID-GOES-HERE>>']
        end

        bindings
            role: 'roles/storage.legacyBucketReader'
            members: ['allAuthenticatedUsers']
            condition
                title: 'example bucket iam policy condition'
                expression: 'request.time < timestamp(\"2021-01-01T00:00:00Z\")'
            end
        end
    end

    lifecycle
        rule
            action
                type: 'Delete'
            end
            condition
                age: 7
            end
        end

        rule
            action
                type: 'Delete'
            end

            condition
                num-newer-versions: 10
            end
        end

        rule
            action
                type: 'Delete'
            end

            condition
                is-live: true
                age: 15
            end
        end
    end

    logging
        log-bucket: $(google::bucket logs)
        log-object-prefix: 'gyro'
    end

    retention-policy
        retention-period: 3300
    end

    website
        main-page-suffix: 'index.html'
        not-found-page: '404.jpg'
    end
end

Attributes¶

Attribute	Description
predefined-acl	Sets predefined access controls to the bucket. Valid values are `authenticatedRead`, `private`, `projectPrivate`, `publicRead` or `publicReadWrite`. See Access Control Lists.
predefined-default-object-acl	Set predefined default object access controls to the bucket. Valid values are `authenticatedRead`, `bucketOwnerFullControl`, `bucketOwnerRead`, `private`, `projectPrivate` or `publicRead`. See Access Control Lists.
user-project	The project to be billed for this request.
name	A unique name for the Bucket conforming to the bucket naming guidelines. (Required)
labels map	Optional set of up to 64 key:value metadata pairs. Each key:value must conform to Label guidelines.
location	The geographic region objects within the bucket will reside. See Bucket locations.
cors list	Configure the cross origin request policies (CORS) for the bucket.
billing subresource	Configure the billing for the Bucket. requester-pays When `true` the requester pays setting for this bucket.
default-event-based-hold	When `true` automatically apply an GCP “eventBasedHold”, or object hold, to new objects added to the bucket.
iam-configuration subresource	The bucket’s IAM configuration. See also Cloud Identity and Access Management. uniform-bucket-level-access subresource The bucket’s uniform bucket-level access configuration. enabled When `true` access is controlled only by bucket-level or above IAM policies.
iam-policy subresource	The bucket’s IAM Policy. See also Cloud IAM Permissions. bindings list subresource The association between the policies’ role and members who may assume that role. role The role associated with this binding. (Required) members list A list of identifiers for members who may assume the provided role. (Required) condition subresource The condition object associated with this binding.
lifecycle subresource	The bucket’s lifecycle configuration. See also Object Lifecycle Management. rule list subresource A lifecycle management rule, which is made of an action to take and the condition(s) under which an action will be taken. (Required) action subresource The action to take for the Rule. (Required) storage-class Target storage class. Required when `action` is set to `SetStorageClass`. type Type of the action to take on condition. Valid values are `Delete` or `SetStorageClass`. condition subresource The condition under which the action will be taken. (Required) age Age of an object in days. created-before A date in RFC-3339 format with only the date part. Ex `2013-01-15`. is-live Only for versioned objects. When `true` this condition matches live objects; When `false` it matches archived objects. matches-storage-class list Matches objects having any of the storage classes specified. Valid values are `STANDARD`, `NEARLINE`, `COLDLINE`, `MULTI_REGIONAL`, `REGIONAL` and `DURABLE_REDUCED_AVAILABILITY`. num-newer-versions Only for versioned objects. If the value is `N`, the condition is met when there are at least `N` versions, including the live version, newer than this version of the object.
logging subresource	The bucket’s logging configuration. log-bucket The destination bucket where the current bucket’s logs should be placed. log-object-prefix A prefix for log object names.
retention-policy subresource	Minimum age an object in the bucket must reach before it can be deleted or overwritten. See also Retention policies. retention-period The duration in seconds that objects need to be retained. Must be greater than `0` and less than `3,155,760,000` (100 years). Valid values are between `1` to `3155759999`.
storage-class	Bucket’s default storage class used whenever no `storageClass` is specified for a newly-created object. Defaults to `STANDARD`. Valid values are `STANDARD`, `NEARLINE`, `COLDLINE`, `MULTI-REGIONAL`, `REGIONAL` or `DURABLE_REDUCED_AVAILABILITY`.
versioning subresource	The bucket’s versioning configuration.
website subresource	The bucket’s website configuration controlling how the service behaves when accessing bucket contents as a web site. main-page-suffix If the requested object path is missing the service will ensure the path has a trailing ‘/’, append the suffix, and attempt to retrieve the resulting object. not-found-page If the requested object path is missing, and any mainPageSuffix object is missing, if applicable, the service will return the named object from this bucket as the content

Outputs¶

Attribute	Description
id	The generated ID for the bucket.
self-link	The generated URI of this bucket.