This page describes requirements for creating buckets with domain names and discusses verification methods for domain owners and managers. To learn how to create a bucket, see the Creating storage buckets guide. For general information on bucket naming, see the Bucket and Object Naming Guidelines.
Requirements for domain-named buckets
Cloud Storage considers bucket names that contain dots to be domain names, and as such these bucket names must:
- Be syntactically valid DNS names (for example, bucket..example.com is not valid because it contains two dots in a row)
- End with a currently-recognized top-level domain, such as .com
- Pass domain ownership verification
Who can create a domain-named bucket
If a domain has one or more verified owners, then only they can create buckets whose names use the domain. If a domain does not have any verified owners, then verified website owners may create buckets whose names use the domain. Until the domain or its website has at least one verified owner, no bucket whose name uses the domain can be created. Note that domain ownership is a higher level of control than website ownership and may be useful in situations where a site wants to tightly control who can create domain-named buckets.
For example, you might have two IT staff members who are responsible for managing your site, called "example.com". Once they complete the necessary verification (see below), only they would be able to create buckets called "example.com", "reports.example.com", "downloads.example.com", and other domain-named buckets.
Verified website and domain owners can use Search Console to add additional website or domain owners. From the Search Console dashboard, find the website you want to manage and select Manage property > Add or remove users. To add a domain owner, select Manage property owners link. If you are a domain owner, you can add additional domain owners.
If your project needs to have a domain-named bucket, the team member creating the bucket must demonstrate that he or she is an owner or manager of the domain before creating the bucket. Cloud Storage verifies that the user is an owner or manager of that domain before permitting creation of a domain-named bucket.
To demonstrate that you are an owner or manager of a domain, use the Search Console verification process. The verification process provides a number of ways to demonstrate ownership of a site or domain, including:
- Adding a special Meta tag to the site's homepage.
- Uploading a special HTML file to the site.
- Verifying ownership directly from Search Console.
- Adding a
CNAMErecord to the domain's DNS configuration.
For more information, see the help page on verifying your site ownership.
Meta tag verification and HTML file verification are easier to perform and are adequate for most situations. They demonstrate ownership of the website for the domain or its parent.
Verifying ownership directly from Search Console as well as from
DNS TXT or
CNAME record verification demonstrates ownership of the domain itself. Use
one of these verification methods when you want to create a domain-named
bucket to host content. For more information, see
Domain-based Verification below.
If you have administrative control over the HTML files that make up a site, you
can use one of the site-based verification methods to verify that you control or
own a site. When you do this, Cloud Storage lets you create buckets
representing the verified site and any subsites, provided nobody has used
DNS TXT record method to verify domain ownership of a parent of the site.
As an example, assume that nobody has used the
DNS TXT record method to verify
ownership of the following domains: abc.def.example.com, def.example.com, and
example.com. In this case, Cloud Storage lets you create a bucket named
abc.def.example.com if you verify that you own or control any of the following
If you have administrative control over a domain's DNS configuration, you can
DNS TXT record verification method to verify that you own or control a
domain. When you use the domain-based verification method to verify that you own
or control a domain, Cloud Storage lets you create buckets that represent any
subdomain under the verified domain. Furthermore, Cloud Storage prevents
anybody else from creating buckets under that domain unless you
add their name to the list of verified domain owners or they have verified
their domain ownership by using the
DNS TXT record verification method.
For more information, see the related help topic.
For example, if you use the
DNS TXT record verification method to verify your
ownership of the domain example.com, Cloud Storage will let you create bucket
names that represent any subdomain under the example.com domain, such as
abc.def.example.com, example.com, or abc.example.com.
DNS TXT record method to verify domain ownership supersedes
verification by site-based verification methods. For example, if you use the
Meta tag method or HTML file method to verify domain ownership of
http://example.com, but someone else uses the
DNS TXT record method to verify
ownership of the example.com domain, Cloud Storage will not allow you to
create a bucket named example.com. To create the bucket example.com, the domain
owner who used the
DNS TXT method to verify domain ownership must add you to the
list of verified domain owners for example.com.
DNS TXT record verification method is particularly useful if you manage a
domain for a large organization that has numerous subdomains because it lets you
control who can create buckets representing those domain names.
You must use
DNS TXT record verification before creating a domain-named bucket
to host content.
Authorizing service accounts
Once you have performed domain verification, you can authorize a service account
to create buckets under that domain. Go to the Search Console's verification
Click Add an owner at the end of the page to add the email address for
your service account.