Create storage buckets

This page shows you how to create Google Distributed Cloud Hosted (GDCH) storage buckets.

Before you begin

A project namespace manages bucket resources in the org admin cluster. You must have a project to work with buckets and objects.

You must also have the appropriate bucket permissions to perform the following operation. See Grant bucket access.

Storage bucket naming guidelines

Bucket names must adhere to the following naming conventions:

  • Be unique within the project. A project appends a unique prefix to the bucket name, ensuring there aren't clashes within the organization. In the unlikely event of a prefix and bucket name clash across organizations, the bucket creation fails with a "bucket name in use" error.
  • Refrain from including any personally identifiable information (PII).
  • Be DNS-compliant.
  • Have at least 1 and no more than 57 characters.
  • Start with a letter and use only letters, numbers, and hyphens.

Create a bucket


  1. In the navigation menu, click Object Storage.
  2. Click Create Bucket.
  3. In the bucket creation flow, assign a name unique across all buckets within the project.
  4. Enter a description.
  5. Optional: Click the toggle_off toggle to set a retention policy and enter your desired number of days. Contact your IO if you need to exceed retention policy limits.
  6. Click Create. A success message appears and you are directed back to the Buckets page.

To verify that you have successfully created a new bucket, refresh the Buckets page after a few minutes and check that the bucket state updates from Not ready to Ready.


To create a bucket, apply a bucket specification to your project namespace:

kubectl apply -f bucket.yaml

The following is an example of a bucket specification:

kind: Bucket
  namespace: NAMESPACE_NAME
  description: DESCRIPTION
  storageClass: Standard
  bucketPolicy :
    lockingPolicy :
      defaultObjectRetentionDays: RETENTION_DAY_COUNT

For more details, see the Bucket API reference.

After creating a bucket, you can manage it on behalf of Application Operators (AOs) by creating a policy file when granting bucket access and assign the policy to a bucket.