Domain-named bucket verification

This page describes requirements for creating buckets with domain names and discusses verification methods for domain owners. To learn how to create a bucket, see the Create buckets guide. For general information on bucket naming, see the bucket naming guidelines.

Requirements for domain-named buckets

Cloud Storage considers bucket names that contain dots to be domain names. As such, a bucket containing a dot in its name must:

  • Be a syntactically valid DNS name (for example, bucket..example.com is not valid because it contains two dots in a row).
  • End with a currently-recognized top-level domain, such as .com.
  • Be created by a user who is authorized to work with the domain name.

Examples of valid domain-named buckets include example.com, buckets.example.com, and www.example.co.uk.

Who can create a domain-named bucket

To create a bucket that uses a domain name, you must establish that you are authorized to use the domain name. People authorized to use a domain name include:

  • Verified owners of the domain or parent domain
  • Delegated owners of the domain or parent domain
  • Verified site owners of the domain or parent domain

Site owners cannot create the bucket when a domain owner exists. This allows the domain owners to tightly control who can create domain-named buckets.

For example, say you have an IT staff member who owns the website that uses http://reports.example.com. Once they go through verification of that site, they can create buckets such as reports.example.com and annual.reports.example.com. However, if you later verify that you own the domain example.com, only you can then create these buckets. Since you verified the domain example.com, you can also create the bucket example.com. As the site owner, your IT staff member can no longer create buckets.

Domain ownership verification

If your project intends to have a domain-named bucket, the team member creating the bucket must demonstrate that they are authorized to create a bucket in the given domain. When you intend to host your domain's content in a Cloud Storage bucket, the recommended verification method is to verify domain ownership.

Cloud Storage uses the Search Console to verify domain ownership.

To verify domain ownership:

  1. Open Search Console. You must be signed in with the user account that you will use to manage ownership of your domain.

    Open Search Console

  2. In the Domain pane, enter the domain or sub-domain that you want to verify, and click Continue.

  3. Follow the instructions that appear in the pane Verify domain ownership via DNS record.

Delegated owners

Once you have verified domain ownership, you can add additional delegated owners, who can also create buckets under the verified domain name. These owners can include service accounts.

To add delegated owners to your domain:

  1. Go to Search Console's user management page. Make sure that the domain you want to manage is selected in the property selector.
  2. Click Add user.
  3. In the dialog box, enter the email of the new owner.
  4. For Permission select "Owner".
  5. Click Add.

Troubleshooting

See the Search Console help page for information on topics including:

  • Methods of verifying site ownership.
  • Verifying using a DNS TXT or CNAME record.
  • Troubleshooting common verification errors.

What's next