Module storage

@pulumi/gcp > storage

Index

storage/bucket.ts storage/bucketACL.ts storage/bucketIAMBinding.ts storage/bucketIAMMember.ts storage/bucketIAMPolicy.ts storage/bucketObject.ts storage/defaultObjectACL.ts storage/getObjectSignedUrl.ts storage/getProjectServiceAccount.ts storage/notification.ts storage/objectACL.ts

class Bucket

Creates a new bucket in Google cloud storage service (GCS). Once a bucket has been created, its location can’t be changed. ACLs can be applied using the google_storage_bucket_acl resource. For more information see the official documentation and API.

constructor

new Bucket(name: string, args?: BucketArgs, opts?: pulumi.CustomResourceOptions)

Create a Bucket resource with the given unique name, arguments, and options.

  • name The unique name of the resource.
  • args The arguments to use to populate this resource's properties.
  • opts A bag of options that control this resource's behavior.

method get

public static get(name: string, id: pulumi.Input<pulumi.ID>, state?: BucketState): Bucket

Get an existing Bucket resource’s state with the given name, ID, and optional extra properties used to qualify the lookup.

method getProvider

getProvider(moduleMember: string): ProviderResource | undefined

method isInstance

static isInstance(obj: any): boolean

Returns true if the given object is an instance of CustomResource. This is designed to work even when multiple copies of the Pulumi SDK have been loaded into the same process.

property cors

public cors: pulumi.Output<{ ... }[] | undefined>;

The bucket’s Cross-Origin Resource Sharing (CORS) configuration. Multiple blocks of this type are permitted. Structure is documented below.

property encryption

public encryption: pulumi.Output<{ ... } | undefined>;

The bucket’s encryption configuration.

property forceDestroy

public forceDestroy: pulumi.Output<boolean | undefined>;

When deleting a bucket, this boolean option will delete all contained objects. If you try to delete a bucket that contains objects, Terraform will fail that run.

property id

id: Output<ID>;

id is the provider-assigned unique ID for this managed resource. It is set during deployments and may be missing (undefined) during planning phases.

property labels

public labels: pulumi.Output<{ ... } | undefined>;

A set of key/value label pairs to assign to the bucket.

property lifecycleRules

public lifecycleRules: pulumi.Output<{ ... }[] | undefined>;

The bucket’s Lifecycle Rules configuration. Multiple blocks of this type are permitted. Structure is documented below.

property location

public location: pulumi.Output<string | undefined>;

The GCS location

property logging

public logging: pulumi.Output<{ ... } | undefined>;

The bucket’s Access & Storage Logs configuration.

property name

public name: pulumi.Output<string>;

The name of the bucket.

property project

public project: pulumi.Output<string>;

The ID of the project in which the resource belongs. If it is not provided, the provider project is used.

property selfLink

public selfLink: pulumi.Output<string>;

The URI of the created resource.

property storageClass

public storageClass: pulumi.Output<string | undefined>;

The Storage Class of the new bucket. Supported values include: MULTI_REGIONAL, REGIONAL, NEARLINE, COLDLINE.

property url

public url: pulumi.Output<string>;

The base URL of the bucket, in the format gs://<bucket-name>.

property urn

urn: Output<URN>;

urn is the stable logical URN used to distinctly address a resource, both before and after deployments.

property versioning

public versioning: pulumi.Output<{ ... } | undefined>;

The bucket’s Versioning configuration.

property websites

public websites: pulumi.Output<{ ... }[] | undefined>;

Configuration if the bucket acts as a website. Structure is documented below.

class BucketACL

Creates a new bucket ACL in Google cloud storage service (GCS). For more information see the official documentation and API.

constructor

new BucketACL(name: string, args: BucketACLArgs, opts?: pulumi.CustomResourceOptions)

Create a BucketACL resource with the given unique name, arguments, and options.

  • name The unique name of the resource.
  • args The arguments to use to populate this resource's properties.
  • opts A bag of options that control this resource's behavior.

method get

public static get(name: string, id: pulumi.Input<pulumi.ID>, state?: BucketACLState): BucketACL

Get an existing BucketACL resource’s state with the given name, ID, and optional extra properties used to qualify the lookup.

method getProvider

getProvider(moduleMember: string): ProviderResource | undefined

method isInstance

static isInstance(obj: any): boolean

Returns true if the given object is an instance of CustomResource. This is designed to work even when multiple copies of the Pulumi SDK have been loaded into the same process.

property bucket

public bucket: pulumi.Output<string>;

The name of the bucket it applies to.

property defaultAcl

public defaultAcl: pulumi.Output<string | undefined>;

Configure this ACL to be the default ACL.

property id

id: Output<ID>;

id is the provider-assigned unique ID for this managed resource. It is set during deployments and may be missing (undefined) during planning phases.

property predefinedAcl

public predefinedAcl: pulumi.Output<string | undefined>;

The canned GCS ACL to apply. Must be set if role_entity is not.

property roleEntities

public roleEntities: pulumi.Output<string[]>;

List of role/entity pairs in the form ROLE:entity. See GCS Bucket ACL documentation for more details. Must be set if predefined_acl is not.

property urn

urn: Output<URN>;

urn is the stable logical URN used to distinctly address a resource, both before and after deployments.

class BucketIAMBinding

Three different resources help you manage your IAM policy for storage bucket. Each of these resources serves a different use case:

  • google_storage_bucket_iam_binding: Authoritative for a given role. Updates the IAM policy to grant a role to a list of members. Other roles within the IAM policy for the storage bucket are preserved.
  • google_storage_bucket_iam_member: Non-authoritative. Updates the IAM policy to grant a role to a new member. Other members for the role for the storage bucket are preserved.
  • google_storage_bucket_iam_policy: Setting a policy removes all other permissions on the bucket, and if done incorrectly, there’s a real chance you will lock yourself out of the bucket. If possible for your use case, using multiple google_storage_bucket_iam_binding resources will be much safer. See the usage example on how to work with policy correctly.

~> Note: google_storage_bucket_iam_binding resources can be used in conjunction with google_storage_bucket_iam_member resources only if they do not grant privilege to the same role.

constructor

new BucketIAMBinding(name: string, args: BucketIAMBindingArgs, opts?: pulumi.CustomResourceOptions)

Create a BucketIAMBinding resource with the given unique name, arguments, and options.

  • name The unique name of the resource.
  • args The arguments to use to populate this resource's properties.
  • opts A bag of options that control this resource's behavior.

method get

public static get(name: string, id: pulumi.Input<pulumi.ID>, state?: BucketIAMBindingState): BucketIAMBinding

Get an existing BucketIAMBinding resource’s state with the given name, ID, and optional extra properties used to qualify the lookup.

method getProvider

getProvider(moduleMember: string): ProviderResource | undefined

method isInstance

static isInstance(obj: any): boolean

Returns true if the given object is an instance of CustomResource. This is designed to work even when multiple copies of the Pulumi SDK have been loaded into the same process.

property bucket

public bucket: pulumi.Output<string>;

The name of the bucket it applies to.

property etag

public etag: pulumi.Output<string>;

(Computed) The etag of the storage bucket’s IAM policy.

property id

id: Output<ID>;

id is the provider-assigned unique ID for this managed resource. It is set during deployments and may be missing (undefined) during planning phases.

property members

public members: pulumi.Output<string[]>;

property role

public role: pulumi.Output<string>;

The role that should be applied. Note that custom roles must be of the format [projects|organizations]/{parent-name}/roles/{role-name}.

property urn

urn: Output<URN>;

urn is the stable logical URN used to distinctly address a resource, both before and after deployments.

class BucketIAMMember

Three different resources help you manage your IAM policy for storage bucket. Each of these resources serves a different use case:

  • google_storage_bucket_iam_binding: Authoritative for a given role. Updates the IAM policy to grant a role to a list of members. Other roles within the IAM policy for the storage bucket are preserved.
  • google_storage_bucket_iam_member: Non-authoritative. Updates the IAM policy to grant a role to a new member. Other members for the role for the storage bucket are preserved.
  • google_storage_bucket_iam_policy: Setting a policy removes all other permissions on the bucket, and if done incorrectly, there’s a real chance you will lock yourself out of the bucket. If possible for your use case, using multiple google_storage_bucket_iam_binding resources will be much safer. See the usage example on how to work with policy correctly.

~> Note: google_storage_bucket_iam_binding resources can be used in conjunction with google_storage_bucket_iam_member resources only if they do not grant privilege to the same role.

constructor

new BucketIAMMember(name: string, args: BucketIAMMemberArgs, opts?: pulumi.CustomResourceOptions)

Create a BucketIAMMember resource with the given unique name, arguments, and options.

  • name The unique name of the resource.
  • args The arguments to use to populate this resource's properties.
  • opts A bag of options that control this resource's behavior.

method get

public static get(name: string, id: pulumi.Input<pulumi.ID>, state?: BucketIAMMemberState): BucketIAMMember

Get an existing BucketIAMMember resource’s state with the given name, ID, and optional extra properties used to qualify the lookup.

method getProvider

getProvider(moduleMember: string): ProviderResource | undefined

method isInstance

static isInstance(obj: any): boolean

Returns true if the given object is an instance of CustomResource. This is designed to work even when multiple copies of the Pulumi SDK have been loaded into the same process.

property bucket

public bucket: pulumi.Output<string>;

The name of the bucket it applies to.

property etag

public etag: pulumi.Output<string>;

(Computed) The etag of the storage bucket’s IAM policy.

property id

id: Output<ID>;

id is the provider-assigned unique ID for this managed resource. It is set during deployments and may be missing (undefined) during planning phases.

property member

public member: pulumi.Output<string>;

property role

public role: pulumi.Output<string>;

The role that should be applied. Note that custom roles must be of the format [projects|organizations]/{parent-name}/roles/{role-name}.

property urn

urn: Output<URN>;

urn is the stable logical URN used to distinctly address a resource, both before and after deployments.

class BucketIAMPolicy

Three different resources help you manage your IAM policy for storage bucket. Each of these resources serves a different use case:

  • google_storage_bucket_iam_binding: Authoritative for a given role. Updates the IAM policy to grant a role to a list of members. Other roles within the IAM policy for the storage bucket are preserved.
  • google_storage_bucket_iam_member: Non-authoritative. Updates the IAM policy to grant a role to a new member. Other members for the role for the storage bucket are preserved.
  • google_storage_bucket_iam_policy: Setting a policy removes all other permissions on the bucket, and if done incorrectly, there’s a real chance you will lock yourself out of the bucket. If possible for your use case, using multiple google_storage_bucket_iam_binding resources will be much safer. See the usage example on how to work with policy correctly.

~> Note: google_storage_bucket_iam_binding resources can be used in conjunction with google_storage_bucket_iam_member resources only if they do not grant privilege to the same role.

constructor

new BucketIAMPolicy(name: string, args: BucketIAMPolicyArgs, opts?: pulumi.CustomResourceOptions)

Create a BucketIAMPolicy resource with the given unique name, arguments, and options.

  • name The unique name of the resource.
  • args The arguments to use to populate this resource's properties.
  • opts A bag of options that control this resource's behavior.

method get

public static get(name: string, id: pulumi.Input<pulumi.ID>, state?: BucketIAMPolicyState): BucketIAMPolicy

Get an existing BucketIAMPolicy resource’s state with the given name, ID, and optional extra properties used to qualify the lookup.

method getProvider

getProvider(moduleMember: string): ProviderResource | undefined

method isInstance

static isInstance(obj: any): boolean

Returns true if the given object is an instance of CustomResource. This is designed to work even when multiple copies of the Pulumi SDK have been loaded into the same process.

property bucket

public bucket: pulumi.Output<string>;

The name of the bucket it applies to.

property etag

public etag: pulumi.Output<string>;

(Computed) The etag of the storage bucket’s IAM policy.

property id

id: Output<ID>;

id is the provider-assigned unique ID for this managed resource. It is set during deployments and may be missing (undefined) during planning phases.

property policyData

public policyData: pulumi.Output<string>;

property urn

urn: Output<URN>;

urn is the stable logical URN used to distinctly address a resource, both before and after deployments.

class BucketObject

Creates a new object inside an existing bucket in Google cloud storage service (GCS). ACLs can be applied using the google_storage_object_acl resource. For more information see the official documentation and API.

constructor

new BucketObject(name: string, args: BucketObjectArgs, opts?: pulumi.CustomResourceOptions)

Create a BucketObject resource with the given unique name, arguments, and options.

  • name The unique name of the resource.
  • args The arguments to use to populate this resource's properties.
  • opts A bag of options that control this resource's behavior.

method get

public static get(name: string, id: pulumi.Input<pulumi.ID>, state?: BucketObjectState): BucketObject

Get an existing BucketObject resource’s state with the given name, ID, and optional extra properties used to qualify the lookup.

method getProvider

getProvider(moduleMember: string): ProviderResource | undefined

method isInstance

static isInstance(obj: any): boolean

Returns true if the given object is an instance of CustomResource. This is designed to work even when multiple copies of the Pulumi SDK have been loaded into the same process.

property bucket

public bucket: pulumi.Output<string>;

The name of the containing bucket.

property cacheControl

public cacheControl: pulumi.Output<string | undefined>;

Cache-Control directive to specify caching behavior of object data. If omitted and object is accessible to all anonymous users, the default will be public, max-age=3600

property content

public content: pulumi.Output<string | undefined>;

Data as string to be uploaded. Must be defined if source is not.

property contentDisposition

public contentDisposition: pulumi.Output<string | undefined>;

Content-Disposition of the object data.

property contentEncoding

public contentEncoding: pulumi.Output<string | undefined>;

Content-Encoding of the object data.

property contentLanguage

public contentLanguage: pulumi.Output<string | undefined>;

Content-Language of the object data.

property contentType

public contentType: pulumi.Output<string>;

Content-Type of the object data. Defaults to “application/octet-stream” or “text/plain; charset=utf-8”.

property crc32c

public crc32c: pulumi.Output<string>;

(Computed) Base 64 CRC32 hash of the uploaded data.

property detectMd5hash

public detectMd5hash: pulumi.Output<string | undefined>;

property id

id: Output<ID>;

id is the provider-assigned unique ID for this managed resource. It is set during deployments and may be missing (undefined) during planning phases.

property md5hash

public md5hash: pulumi.Output<string>;

(Computed) Base 64 MD5 hash of the uploaded data.

property name

public name: pulumi.Output<string>;

The name of the object.

property source

public source: pulumi.Output<pulumi.asset.Archive | undefined>;

A path to the data you want to upload. Must be defined if content is not.

property storageClass

public storageClass: pulumi.Output<string>;

The StorageClass of the new bucket object. Supported values include: MULTI_REGIONAL, REGIONAL, NEARLINE, COLDLINE. If not provided, this defaults to the bucket’s default storage class or to a standard class.

property urn

urn: Output<URN>;

urn is the stable logical URN used to distinctly address a resource, both before and after deployments.

class DefaultObjectACL

Creates a new default object ACL in Google Cloud Storage service (GCS). For more information see the official documentation and API.

constructor

new DefaultObjectACL(name: string, args: DefaultObjectACLArgs, opts?: pulumi.CustomResourceOptions)

Create a DefaultObjectACL resource with the given unique name, arguments, and options.

  • name The unique name of the resource.
  • args The arguments to use to populate this resource's properties.
  • opts A bag of options that control this resource's behavior.

method get

public static get(name: string, id: pulumi.Input<pulumi.ID>, state?: DefaultObjectACLState): DefaultObjectACL

Get an existing DefaultObjectACL resource’s state with the given name, ID, and optional extra properties used to qualify the lookup.

method getProvider

getProvider(moduleMember: string): ProviderResource | undefined

method isInstance

static isInstance(obj: any): boolean

Returns true if the given object is an instance of CustomResource. This is designed to work even when multiple copies of the Pulumi SDK have been loaded into the same process.

property bucket

public bucket: pulumi.Output<string>;

The name of the bucket it applies to.

property id

id: Output<ID>;

id is the provider-assigned unique ID for this managed resource. It is set during deployments and may be missing (undefined) during planning phases.

property roleEntities

public roleEntities: pulumi.Output<string[]>;

List of role/entity pairs in the form ROLE:entity. See GCS Object ACL documentation for more details.

property urn

urn: Output<URN>;

urn is the stable logical URN used to distinctly address a resource, both before and after deployments.

class Notification

Creates a new notification configuration on a specified bucket, establishing a flow of event notifications from GCS to a Cloud Pub/Sub topic. For more information see the official documentation and API.

In order to enable notifications, a special Google Cloud Storage service account unique to the project must have the IAM permission “projects.topics.publish” for a Cloud Pub/Sub topic in the project. To get the service account’s email address, use the google_storage_project_service_account datasource’s email_address value, and see below for an example of enabling notifications by granting the correct IAM permission. See the notifications documentation for more details.

constructor

new Notification(name: string, args: NotificationArgs, opts?: pulumi.CustomResourceOptions)

Create a Notification resource with the given unique name, arguments, and options.

  • name The unique name of the resource.
  • args The arguments to use to populate this resource's properties.
  • opts A bag of options that control this resource's behavior.

method get

public static get(name: string, id: pulumi.Input<pulumi.ID>, state?: NotificationState): Notification

Get an existing Notification resource’s state with the given name, ID, and optional extra properties used to qualify the lookup.

method getProvider

getProvider(moduleMember: string): ProviderResource | undefined

method isInstance

static isInstance(obj: any): boolean

Returns true if the given object is an instance of CustomResource. This is designed to work even when multiple copies of the Pulumi SDK have been loaded into the same process.

property bucket

public bucket: pulumi.Output<string>;

The name of the bucket.

property customAttributes

public customAttributes: pulumi.Output<{ ... } | undefined>;

A set of key/value attribute pairs to attach to each Cloud PubSub message published for this notification subscription

property eventTypes

public eventTypes: pulumi.Output<string[] | undefined>;

List of event type filters for this notification config. If not specified, Cloud Storage will send notifications for all event types. The valid types are: "OBJECT_FINALIZE", "OBJECT_METADATA_UPDATE", "OBJECT_DELETE", "OBJECT_ARCHIVE"

property id

id: Output<ID>;

id is the provider-assigned unique ID for this managed resource. It is set during deployments and may be missing (undefined) during planning phases.

property objectNamePrefix

public objectNamePrefix: pulumi.Output<string | undefined>;

Specifies a prefix path filter for this notification config. Cloud Storage will only send notifications for objects in this bucket whose names begin with the specified prefix.

property payloadFormat

public payloadFormat: pulumi.Output<string>;

The desired content of the Payload. One of "JSON_API_V1" or "NONE".

property selfLink

public selfLink: pulumi.Output<string>;

The URI of the created resource.

property topic

public topic: pulumi.Output<string>;

The Cloud PubSub topic to which this subscription publishes. Expects either the topic name, assumed to belong to the default GCP provider project, or the project-level name, i.e. projects/my-gcp-project/topics/my-topic or my-topic.

property urn

urn: Output<URN>;

urn is the stable logical URN used to distinctly address a resource, both before and after deployments.

class ObjectACL

Creates a new object ACL in Google cloud storage service (GCS). For more information see the official documentation and API.

constructor

new ObjectACL(name: string, args: ObjectACLArgs, opts?: pulumi.CustomResourceOptions)

Create a ObjectACL resource with the given unique name, arguments, and options.

  • name The unique name of the resource.
  • args The arguments to use to populate this resource's properties.
  • opts A bag of options that control this resource's behavior.

method get

public static get(name: string, id: pulumi.Input<pulumi.ID>, state?: ObjectACLState): ObjectACL

Get an existing ObjectACL resource’s state with the given name, ID, and optional extra properties used to qualify the lookup.

method getProvider

getProvider(moduleMember: string): ProviderResource | undefined

method isInstance

static isInstance(obj: any): boolean

Returns true if the given object is an instance of CustomResource. This is designed to work even when multiple copies of the Pulumi SDK have been loaded into the same process.

property bucket

public bucket: pulumi.Output<string>;

The name of the bucket it applies to.

property id

id: Output<ID>;

id is the provider-assigned unique ID for this managed resource. It is set during deployments and may be missing (undefined) during planning phases.

property object

public object: pulumi.Output<string>;

The name of the object it applies to.

property predefinedAcl

public predefinedAcl: pulumi.Output<string | undefined>;

The canned GCS ACL to apply. Must be set if role_entity is not.

property roleEntities

public roleEntities: pulumi.Output<string[]>;

List of role/entity pairs in the form ROLE:entity. See GCS Object ACL documentation for more details. Must be set if predefined_acl is not.

property urn

urn: Output<URN>;

urn is the stable logical URN used to distinctly address a resource, both before and after deployments.

function getObjectSignedUrl

getObjectSignedUrl(args: GetObjectSignedUrlArgs, opts?: pulumi.InvokeOptions): Promise<GetObjectSignedUrlResult>

The Google Cloud storage signed URL data source generates a signed URL for a given storage object. Signed URLs provide a way to give time-limited read or write access to anyone in possession of the URL, regardless of whether they have a Google account.

For more info about signed URL’s is available here.

function getProjectServiceAccount

getProjectServiceAccount(args?: GetProjectServiceAccountArgs, opts?: pulumi.InvokeOptions): Promise<GetProjectServiceAccountResult>

Get the email address of a project’s unique Google Cloud Storage service account.

Each Google Cloud project has a unique service account for use with Google Cloud Storage. Only this special service account can be used to set up google_storage_notification resources.

For more information see the API reference.

interface BucketACLArgs

The set of arguments for constructing a BucketACL resource.

property bucket

bucket: pulumi.Input<string>;

The name of the bucket it applies to.

property defaultAcl

defaultAcl?: pulumi.Input<string>;

Configure this ACL to be the default ACL.

property predefinedAcl

predefinedAcl?: pulumi.Input<string>;

The canned GCS ACL to apply. Must be set if role_entity is not.

property roleEntities

roleEntities?: pulumi.Input<pulumi.Input<string>[]>;

List of role/entity pairs in the form ROLE:entity. See GCS Bucket ACL documentation for more details. Must be set if predefined_acl is not.

interface BucketACLState

Input properties used for looking up and filtering BucketACL resources.

property bucket

bucket?: pulumi.Input<string>;

The name of the bucket it applies to.

property defaultAcl

defaultAcl?: pulumi.Input<string>;

Configure this ACL to be the default ACL.

property predefinedAcl

predefinedAcl?: pulumi.Input<string>;

The canned GCS ACL to apply. Must be set if role_entity is not.

property roleEntities

roleEntities?: pulumi.Input<pulumi.Input<string>[]>;

List of role/entity pairs in the form ROLE:entity. See GCS Bucket ACL documentation for more details. Must be set if predefined_acl is not.

interface BucketArgs

The set of arguments for constructing a Bucket resource.

property cors

cors?: pulumi.Input<pulumi.Input<{ ... }>[]>;

The bucket’s Cross-Origin Resource Sharing (CORS) configuration. Multiple blocks of this type are permitted. Structure is documented below.

property encryption

encryption?: pulumi.Input<{ ... }>;

The bucket’s encryption configuration.

property forceDestroy

forceDestroy?: pulumi.Input<boolean>;

When deleting a bucket, this boolean option will delete all contained objects. If you try to delete a bucket that contains objects, Terraform will fail that run.

property labels

labels?: pulumi.Input<{ ... }>;

A set of key/value label pairs to assign to the bucket.

property lifecycleRules

lifecycleRules?: pulumi.Input<pulumi.Input<{ ... }>[]>;

The bucket’s Lifecycle Rules configuration. Multiple blocks of this type are permitted. Structure is documented below.

property location

location?: pulumi.Input<string>;

The GCS location

property logging

logging?: pulumi.Input<{ ... }>;

The bucket’s Access & Storage Logs configuration.

property name

name?: pulumi.Input<string>;

The name of the bucket.

property project

project?: pulumi.Input<string>;

The ID of the project in which the resource belongs. If it is not provided, the provider project is used.

property storageClass

storageClass?: pulumi.Input<string>;

The Storage Class of the new bucket. Supported values include: MULTI_REGIONAL, REGIONAL, NEARLINE, COLDLINE.

property versioning

versioning?: pulumi.Input<{ ... }>;

The bucket’s Versioning configuration.

property websites

websites?: pulumi.Input<pulumi.Input<{ ... }>[]>;

Configuration if the bucket acts as a website. Structure is documented below.

interface BucketIAMBindingArgs

The set of arguments for constructing a BucketIAMBinding resource.

property bucket

bucket: pulumi.Input<string>;

The name of the bucket it applies to.

property members

members: pulumi.Input<pulumi.Input<string>[]>;

property role

role: pulumi.Input<string>;

The role that should be applied. Note that custom roles must be of the format [projects|organizations]/{parent-name}/roles/{role-name}.

interface BucketIAMBindingState

Input properties used for looking up and filtering BucketIAMBinding resources.

property bucket

bucket?: pulumi.Input<string>;

The name of the bucket it applies to.

property etag

etag?: pulumi.Input<string>;

(Computed) The etag of the storage bucket’s IAM policy.

property members

members?: pulumi.Input<pulumi.Input<string>[]>;

property role

role?: pulumi.Input<string>;

The role that should be applied. Note that custom roles must be of the format [projects|organizations]/{parent-name}/roles/{role-name}.

interface BucketIAMMemberArgs

The set of arguments for constructing a BucketIAMMember resource.

property bucket

bucket: pulumi.Input<string>;

The name of the bucket it applies to.

property member

member: pulumi.Input<string>;

property role

role: pulumi.Input<string>;

The role that should be applied. Note that custom roles must be of the format [projects|organizations]/{parent-name}/roles/{role-name}.

interface BucketIAMMemberState

Input properties used for looking up and filtering BucketIAMMember resources.

property bucket

bucket?: pulumi.Input<string>;

The name of the bucket it applies to.

property etag

etag?: pulumi.Input<string>;

(Computed) The etag of the storage bucket’s IAM policy.

property member

member?: pulumi.Input<string>;

property role

role?: pulumi.Input<string>;

The role that should be applied. Note that custom roles must be of the format [projects|organizations]/{parent-name}/roles/{role-name}.

interface BucketIAMPolicyArgs

The set of arguments for constructing a BucketIAMPolicy resource.

property bucket

bucket: pulumi.Input<string>;

The name of the bucket it applies to.

property policyData

policyData: pulumi.Input<string>;

interface BucketIAMPolicyState

Input properties used for looking up and filtering BucketIAMPolicy resources.

property bucket

bucket?: pulumi.Input<string>;

The name of the bucket it applies to.

property etag

etag?: pulumi.Input<string>;

(Computed) The etag of the storage bucket’s IAM policy.

property policyData

policyData?: pulumi.Input<string>;

interface BucketObjectArgs

The set of arguments for constructing a BucketObject resource.

property bucket

bucket: pulumi.Input<string>;

The name of the containing bucket.

property cacheControl

cacheControl?: pulumi.Input<string>;

Cache-Control directive to specify caching behavior of object data. If omitted and object is accessible to all anonymous users, the default will be public, max-age=3600

property content

content?: pulumi.Input<string>;

Data as string to be uploaded. Must be defined if source is not.

property contentDisposition

contentDisposition?: pulumi.Input<string>;

Content-Disposition of the object data.

property contentEncoding

contentEncoding?: pulumi.Input<string>;

Content-Encoding of the object data.

property contentLanguage

contentLanguage?: pulumi.Input<string>;

Content-Language of the object data.

property contentType

contentType?: pulumi.Input<string>;

Content-Type of the object data. Defaults to “application/octet-stream” or “text/plain; charset=utf-8”.

property detectMd5hash

detectMd5hash?: pulumi.Input<string>;

property name

name?: pulumi.Input<string>;

The name of the object.

property source

source?: pulumi.Input<pulumi.asset.Archive>;

A path to the data you want to upload. Must be defined if content is not.

property storageClass

storageClass?: pulumi.Input<string>;

The StorageClass of the new bucket object. Supported values include: MULTI_REGIONAL, REGIONAL, NEARLINE, COLDLINE. If not provided, this defaults to the bucket’s default storage class or to a standard class.

interface BucketObjectState

Input properties used for looking up and filtering BucketObject resources.

property bucket

bucket?: pulumi.Input<string>;

The name of the containing bucket.

property cacheControl

cacheControl?: pulumi.Input<string>;

Cache-Control directive to specify caching behavior of object data. If omitted and object is accessible to all anonymous users, the default will be public, max-age=3600

property content

content?: pulumi.Input<string>;

Data as string to be uploaded. Must be defined if source is not.

property contentDisposition

contentDisposition?: pulumi.Input<string>;

Content-Disposition of the object data.

property contentEncoding

contentEncoding?: pulumi.Input<string>;

Content-Encoding of the object data.

property contentLanguage

contentLanguage?: pulumi.Input<string>;

Content-Language of the object data.

property contentType

contentType?: pulumi.Input<string>;

Content-Type of the object data. Defaults to “application/octet-stream” or “text/plain; charset=utf-8”.

property crc32c

crc32c?: pulumi.Input<string>;

(Computed) Base 64 CRC32 hash of the uploaded data.

property detectMd5hash

detectMd5hash?: pulumi.Input<string>;

property md5hash

md5hash?: pulumi.Input<string>;

(Computed) Base 64 MD5 hash of the uploaded data.

property name

name?: pulumi.Input<string>;

The name of the object.

property source

source?: pulumi.Input<pulumi.asset.Archive>;

A path to the data you want to upload. Must be defined if content is not.

property storageClass

storageClass?: pulumi.Input<string>;

The StorageClass of the new bucket object. Supported values include: MULTI_REGIONAL, REGIONAL, NEARLINE, COLDLINE. If not provided, this defaults to the bucket’s default storage class or to a standard class.

interface BucketState

Input properties used for looking up and filtering Bucket resources.

property cors

cors?: pulumi.Input<pulumi.Input<{ ... }>[]>;

The bucket’s Cross-Origin Resource Sharing (CORS) configuration. Multiple blocks of this type are permitted. Structure is documented below.

property encryption

encryption?: pulumi.Input<{ ... }>;

The bucket’s encryption configuration.

property forceDestroy

forceDestroy?: pulumi.Input<boolean>;

When deleting a bucket, this boolean option will delete all contained objects. If you try to delete a bucket that contains objects, Terraform will fail that run.

property labels

labels?: pulumi.Input<{ ... }>;

A set of key/value label pairs to assign to the bucket.

property lifecycleRules

lifecycleRules?: pulumi.Input<pulumi.Input<{ ... }>[]>;

The bucket’s Lifecycle Rules configuration. Multiple blocks of this type are permitted. Structure is documented below.

property location

location?: pulumi.Input<string>;

The GCS location

property logging

logging?: pulumi.Input<{ ... }>;

The bucket’s Access & Storage Logs configuration.

property name

name?: pulumi.Input<string>;

The name of the bucket.

property project

project?: pulumi.Input<string>;

The ID of the project in which the resource belongs. If it is not provided, the provider project is used.

property selfLink

selfLink?: pulumi.Input<string>;

The URI of the created resource.

property storageClass

storageClass?: pulumi.Input<string>;

The Storage Class of the new bucket. Supported values include: MULTI_REGIONAL, REGIONAL, NEARLINE, COLDLINE.

property url

url?: pulumi.Input<string>;

The base URL of the bucket, in the format gs://<bucket-name>.

property versioning

versioning?: pulumi.Input<{ ... }>;

The bucket’s Versioning configuration.

property websites

websites?: pulumi.Input<pulumi.Input<{ ... }>[]>;

Configuration if the bucket acts as a website. Structure is documented below.

interface DefaultObjectACLArgs

The set of arguments for constructing a DefaultObjectACL resource.

property bucket

bucket: pulumi.Input<string>;

The name of the bucket it applies to.

property roleEntities

roleEntities?: pulumi.Input<pulumi.Input<string>[]>;

List of role/entity pairs in the form ROLE:entity. See GCS Object ACL documentation for more details.

interface DefaultObjectACLState

Input properties used for looking up and filtering DefaultObjectACL resources.

property bucket

bucket?: pulumi.Input<string>;

The name of the bucket it applies to.

property roleEntities

roleEntities?: pulumi.Input<pulumi.Input<string>[]>;

List of role/entity pairs in the form ROLE:entity. See GCS Object ACL documentation for more details.

interface GetObjectSignedUrlArgs

A collection of arguments for invoking getObjectSignedUrl.

property bucket

bucket: string;

The name of the bucket to read the object from

property contentMd5

contentMd5?: string;

The MD5 digest value in Base64. Typically retrieved from google_storage_bucket_object.object.md5hash attribute. If you provide this in the datasource, the client (e.g. browser, curl) must provide the Content-MD5 HTTP header with this same value in its request.

property contentType

contentType?: string;

If you specify this in the datasource, the client must provide the Content-Type HTTP header with the same value in its request.

property credentials

credentials?: string;

What Google service account credentials json should be used to sign the URL. This data source checks the following locations for credentials, in order of preference: data source credentials attribute, provider credentials attribute and finally the GOOGLE_APPLICATION_CREDENTIALS environment variable.

property duration

duration?: string;

For how long shall the signed URL be valid (defaults to 1 hour - i.e. 1h). See here for info on valid duration formats.

property extensionHeaders

extensionHeaders?: { ... };

As needed. The server checks to make sure that the client provides matching values in requests using the signed URL. Any header starting with x-goog- is accepted but see the Google Docs for list of headers that are supported by Google.

property httpMethod

httpMethod?: string;

What HTTP Method will the signed URL allow (defaults to GET)

property path

path: string;

The full path to the object inside the bucket

interface GetObjectSignedUrlResult

A collection of values returned by getObjectSignedUrl.

property id

id: string;

id is the provider-assigned unique ID for this managed resource.

property signedUrl

signedUrl: string;

The signed URL that can be used to access the storage object without authentication.

interface GetProjectServiceAccountArgs

A collection of arguments for invoking getProjectServiceAccount.

property project

project?: string;

The project the unique service account was created for. If it is not provided, the provider project is used.

property userProject

userProject?: string;

The project the lookup originates from. This field is used if you are making the request from a different account than the one you are finding the service account for.

interface GetProjectServiceAccountResult

A collection of values returned by getProjectServiceAccount.

property emailAddress

emailAddress: string;

The email address of the service account. This value is often used to refer to the service account in order to grant IAM permissions.

property id

id: string;

id is the provider-assigned unique ID for this managed resource.

property project

project: string;

interface NotificationArgs

The set of arguments for constructing a Notification resource.

property bucket

bucket: pulumi.Input<string>;

The name of the bucket.

property customAttributes

customAttributes?: pulumi.Input<{ ... }>;

A set of key/value attribute pairs to attach to each Cloud PubSub message published for this notification subscription

property eventTypes

eventTypes?: pulumi.Input<pulumi.Input<string>[]>;

List of event type filters for this notification config. If not specified, Cloud Storage will send notifications for all event types. The valid types are: "OBJECT_FINALIZE", "OBJECT_METADATA_UPDATE", "OBJECT_DELETE", "OBJECT_ARCHIVE"

property objectNamePrefix

objectNamePrefix?: pulumi.Input<string>;

Specifies a prefix path filter for this notification config. Cloud Storage will only send notifications for objects in this bucket whose names begin with the specified prefix.

property payloadFormat

payloadFormat: pulumi.Input<string>;

The desired content of the Payload. One of "JSON_API_V1" or "NONE".

property topic

topic: pulumi.Input<string>;

The Cloud PubSub topic to which this subscription publishes. Expects either the topic name, assumed to belong to the default GCP provider project, or the project-level name, i.e. projects/my-gcp-project/topics/my-topic or my-topic.

interface NotificationState

Input properties used for looking up and filtering Notification resources.

property bucket

bucket?: pulumi.Input<string>;

The name of the bucket.

property customAttributes

customAttributes?: pulumi.Input<{ ... }>;

A set of key/value attribute pairs to attach to each Cloud PubSub message published for this notification subscription

property eventTypes

eventTypes?: pulumi.Input<pulumi.Input<string>[]>;

List of event type filters for this notification config. If not specified, Cloud Storage will send notifications for all event types. The valid types are: "OBJECT_FINALIZE", "OBJECT_METADATA_UPDATE", "OBJECT_DELETE", "OBJECT_ARCHIVE"

property objectNamePrefix

objectNamePrefix?: pulumi.Input<string>;

Specifies a prefix path filter for this notification config. Cloud Storage will only send notifications for objects in this bucket whose names begin with the specified prefix.

property payloadFormat

payloadFormat?: pulumi.Input<string>;

The desired content of the Payload. One of "JSON_API_V1" or "NONE".

property selfLink

selfLink?: pulumi.Input<string>;

The URI of the created resource.

property topic

topic?: pulumi.Input<string>;

The Cloud PubSub topic to which this subscription publishes. Expects either the topic name, assumed to belong to the default GCP provider project, or the project-level name, i.e. projects/my-gcp-project/topics/my-topic or my-topic.

interface ObjectACLArgs

The set of arguments for constructing a ObjectACL resource.

property bucket

bucket: pulumi.Input<string>;

The name of the bucket it applies to.

property object

object: pulumi.Input<string>;

The name of the object it applies to.

property predefinedAcl

predefinedAcl?: pulumi.Input<string>;

The canned GCS ACL to apply. Must be set if role_entity is not.

property roleEntities

roleEntities?: pulumi.Input<pulumi.Input<string>[]>;

List of role/entity pairs in the form ROLE:entity. See GCS Object ACL documentation for more details. Must be set if predefined_acl is not.

interface ObjectACLState

Input properties used for looking up and filtering ObjectACL resources.

property bucket

bucket?: pulumi.Input<string>;

The name of the bucket it applies to.

property object

object?: pulumi.Input<string>;

The name of the object it applies to.

property predefinedAcl

predefinedAcl?: pulumi.Input<string>;

The canned GCS ACL to apply. Must be set if role_entity is not.

property roleEntities

roleEntities?: pulumi.Input<pulumi.Input<string>[]>;

List of role/entity pairs in the form ROLE:entity. See GCS Object ACL documentation for more details. Must be set if predefined_acl is not.