How to create and use a storage bucket
Laurie White
Developer Relations Engineer
So, you want to store objects on the cloud? But you're really new to Google Cloud or Cloud Storage and would like someone to walk you through the process step by step?
Today is your lucky day!
I will help you understand the big steps involved in setting up and using Cloud Storage. For a walkthrough of all the steps involved that even includes highlighting of things to select so you don't spend all your time playing "Where's Waldo" on the page looking for that one button, click try the tutorial!
Creating buckets, storing objects in them, and adjusting permissions may feel challenging at first, but after you've walked through these steps, you'll be able to create and use the Cloud Storage your project needs.
Resource Hierarchy
Projects contain all of the related parts of your application. Inside projects, you may have buckets, the top level containers in Cloud Storage. Files and folders are stored in buckets. You can grant access to a bucket, folder, or file using Identity and Access Management.
You can do all of that in this interactive tutorial. So let's get started. I suggest you follow along in the tutorial so you can see the specific keys and screens as I describe them.
Creating a project
Everything in your application will be in a project, even if the only service you are using is storage. Projects need to be associated with a billing account, so if you don't have one, consider signing up for the Free Trial. You'll start in the Cloud Console.
Creating a bucket
Once you have a project, you can use storage by navigating to the Cloud Storage page by using either the Navigation menu at the top left of the console or by searching for "Cloud Storage" using the search box at the top of the console.
At the Buckets page of Cloud Storage, you'll be able to create a bucket. The name of your bucket needs to be globally unique; that is no other bucket in Google Cloud Storage can have the same name. This is because if you or your organization allow your bucket to be accessible on the Internet, it will be at the URL https://storage.googleapis.com/<bucket name>. You can also consider implementing a security feature to prevent data exfiltration, organization restriction headers when you’re finished creating your bucket.. Pick a region close to you for your bucket. In some cases it may make sense to use multi-region or dual-region, but the details are more than I want to get into here. Don't worry; you can find lots more information on them! Additionally, I won’t go into the details about selecting the appropriate storage class based on access frequency and longevity, but more information can be found here as well our recently introduced Autoclass tiering feature..
Since buckets can be accessed from the Internet, you need to be careful to only make the things you want to be public, public. The default value is to keep your data off of the Internet, so when you create the bucket, there's an option to "Enforce public access prevention on this bucket" that is already selected. Since we'll be making items in this bucket public later on, clear the option before confirming the bucket information. Don't worry; you'll see how to set that option back later.
Take a look at the Bucket detail page. There are tabs to see the objects in the bucket, the permissions on the bucket, and much more. There are commands to create folders and to upload files and folders. We'll do some of this in the next section. You can even find out much more from the Learn option in the upper right.
Adding items to the bucket
Find a file you'd like to upload to this bucket, remembering it will be made public to the Internet later. If you don't have anything available, there's a picture of a cat (of course, it's a cat picture, this is the Internet!) in the interactive tutorial.
Go to the bucket details for your bucket. Using the "Upload files" button, you'll just upload the file to the bucket by selecting the file from your computer. We won't get into service classes here, but when you're ready, there are links in the references.
Of course, if you have a lot of files in a bucket, you probably will want some sort of organization. You can do this by creating folders in your bucket with the "Create Folder" option. Once you've done that, you can go to the overflow menu (three vertical dots at the end line with the object information) and select Move. Remember, if you need help finding this, the interactive tutorial will point it out.
Making a bucket public
No surprise, the Bucket details hold lots of information about your bucket. You'll change the bucket's permissions in the Permission tab. (I hope that's not a surprise.) You can then give access to individuals, groups, or all users. For this tutorial, follow the steps to grant access to allUsers. There are a variety of different levels of access you can grant to a user. In this case, just grant the ability to view the object using Storage Object Viewer.
Then go into the Objects tab to find the URL for the object you uploaded. Copy that URL and ensure you can indeed access the object from another tab or incognito window.
Now that you've done that, go back to the Permission tab for the bucket and select Prevent Public Access to secure the bucket again.
So, in a nutshell, to make all files in a bucket public, in the Permissions tab:
Uncheck the option "Remove Public Access Prevention"
Use Grant Access to give allUsers the Storage Object Viewer role in Cloud Storage.
To make all files in a bucket private, in the Permissions tab select Prevent Public Access.
Cleaning up
There is a charge to keep items in Cloud Storage, so you'll probably want to delete the object you uploaded by selecting it and pressing Delete. You can delete the bucket in a similar way. The tutorial has details, of course.
While there are lots more details about Cloud Storage, you've got the big picture now. Go do something creative and useful with it!
So what now?
If you haven't walked through the interactive tutorial, give it a try!