Skip to main content

gcs

Google Cloud Storage

Config#

Servicer#

NameRequiredComments
credentialYsupport base64 and file protocol: base64 is the base64 of token content, file is the absolute path to token file.

Storager#

NameRequiredComments
nameYbucket name
work_dirNwork dir
projectYgoogle cloud project id

Example#

Init servicer

credential: file:<absolute_path_to_token_file>

Init storager

credential: file:<absolute_path_to_token_file>
name: <bucket_name>
work_dir: /<work_dir>
project: <google_cloud_project_id>

Implementation#

This service implements following interfaces:

Pairs#

Server-Side Encryption (SSE)#

Google Cloud Storage supports three options for Server-Side Encryption:

  • Google-managed encryption keys: This is the default behaviour, no setup or configuration required.
  • Customer-managed encryption keys: You can add a default KMS key to a bucket, then the objects in the bucket are encrypted/decrepted automatically. You can also encrypt an individual object with a Cloud KMS key.
  • Customer-supplied encryption keys

Refer to https://cloud.google.com/storage/docs/encryption for more details.

Customer-managed encryption keys#

NameComments
kms_key_namethe Cloud KMS key resource. For example, projects/my-pet-project/locations/us-east1/keyRings/my-key-ring/cryptoKeys/my-key.
Supported Operations#

Customer-supplied encryption keys#

NameComments
encryption_keya 32-byte customer-provided AES256 key
Supported Operations#
Last updated on by Xuanwo