About Cloud Storage
- How do I sign up?
- Sign up for Cloud Storage by turning on the Cloud Storage service in the Google Cloud Platform Console.
- How soon is my account active after I turn on the Cloud Storage service?
- Your account can take a few minutes after you turn on the Cloud Storage service for it to become active.
- How do I give product feedback?
- From the Cloud Storage documentation click "Send feedback" near the top right of the page. This will open a feedback form. Your comments will be reviewed by the Cloud Storage team.
- How do I cancel my Cloud Storage account?
- To cancel your Cloud Storage account, take the following steps:
- Delete all your buckets and objects.
Warning: Deleting an object or bucket is a permanent action that can not be undone. Back up any data that you want to keep before you begin deleting your buckets and objects.
- Disable the Cloud Storage services for your project.
- Disable billing (optional).
You will not incur any additional Cloud Storage charges after you remove your Cloud Storage data and disable the Cloud Storage service but you can choose to disable billing to stop receiving statements. You will receive one last bill for any remaining changes incurred between the beginning of the billing cycle and when you cancelled.
If you have other services that are being billed to the same project, disabling billing in the Billing pane also disables billing for these services.
Note: You can choose to disable the Cloud Storage service without removing your Cloud Storage data, but you will still incur charges for any usage of the service, such as storage charges for any remaining objects.
- Delete all your buckets and objects.
Pricing and Support
- Where can I find pricing information?
- Please read the Pricing and Terms for detailed information on pricing.
- How do you calculate bandwidth usage and storage usage?
- We calculate bandwidth usage and storage usage in gibibytes (GiB), where 1 GiB = 230 bytes. Your bandwidth usage is the cumulative network bandwidth you used in the billing period. Your storage usage is the average storage you used in the billing period. For an example usage calculation, see Pricing and Terms.
- How do I cancel billing?
You can cancel billing by clicking Disable billing in the
billing settings page for your project.
If you disable billing, you also disable the Cloud Storage service. Make sure you want to
disable the Cloud Storage service before you disable billing. After you disable billing,
you will receive one last bill that includes costs incurred
between the beginning of the billing cycle to when you cancelled.
Caution: When you disable billing, it is disabled for all services in that project. You can not disable billing for individual services or APIs. For more information, see Billing in the Google Cloud Platform Console Help. section in the Cloud Platform Console help.
- What are my support options?
We invite our users to post their questions on
Along with the active Stack Overflow community, our team actively monitors Stack Overflow posts
and answers questions with the tag google-cloud-storage.
We offer various levels of support depending on your needs. For additional support options see our Cloud Platform Support Packages.
- Does Cloud Storage offer a service level agreement (SLA)?
- Yes. If you provided billing information through Google Checkout you are covered under the Cloud Storage Service Level Agreement.
- How do I notify Google of SLA Financial Credit eligibility?
- Use the SLA Financial Credit Eligibility form.
- When do I need to activate Cloud Storage and enable billing?
- If you want to create buckets, store data, or control who can access your data, you must activate Cloud Storage and enable billing.
- Do I need to activate Cloud Storage and turn on billing if I was added to an existing Cloud Storage account or granted access to someone else's bucket?
- No, in this case another individual has already set up a Cloud Storage project and added
you as a project team member or has granted you permission to buckets and objects. When you are
granted access in this way, you do not need to activate the Cloud Storage service to access
the data. You can use the gsutil tool to
set up your credentials for Cloud Storage
using your Google account and read or write that data.
For information about adding project team members, see Adding a member to a project.
- I am just trying to download or access some data that is available to the public. How can I do that?
- You can simply use the gsutil tool to download the data without a Cloud Storage or Google account. You do not need to activate Cloud Storage or turn on billing for this purpose. You also do not need to create credentials or authenticate to Cloud Storage to access a publicly-readable object. The gsutil tool is best installed as part of the Google Cloud SDK package, but may also be downloaded and installed as a stand-alone product.
Storage and content policy
- Is my data redundant?
- Yes, your data is redundant, which provides high durability and high availability. When you upload your data to Cloud Storage or copy your data within it, Cloud Storage reports the action as successful only if object redundancy is achieved. If your data is stored in the Multi-Regional Storage class, then your data is redundant in at least two geographically separate regions. If your data is stored in any other storage class, your data is stored in one region. See the Storage Classes page for more information about available storage classes.
- Where is my data stored?
- Where Cloud Storage stores your data depends on both the
of your data and the geographic location of
the bucket in which your data resides.
If your data is stored in the Multi-Regional Storage class, you specify if you want your data stored in the United States, the European Union, or Asia; Cloud Storage stores your data within that geographic area.
For all other storage classes, Google Cloud Storage stores your data in a narrower area within the US, the European Union, or Asia, called a region.
If no location is specified, your data is stored at rest in the United States.
- I believe some content hosted on your service is inappropriate, how do I report it?
- Certain types of content are not allowed on this service; please refer to the Terms of Services and Platform Policies for details. If you believe a piece of content is in violation of our policies, report it here (select "See more products", then "Google Cloud Storage & Cloud Bigtable").
- How can I get a summary of daily space usage?
- You can use the
gsutil ducommand or Storage Logs to get the total space used by all objects for a specified bucket. For more information, see Determining a Bucket's Size.
- What assessments are performed on security and data protection?
- Google is committed to conducting independent 3rd party assessments of security and data protection practices. Building on the SSAE 16 audit and the ISO 27001 certification for Google Apps, a new SSAE 16 / ISAE 3402 SOC 2 Type II audit was successfully completed. For more information, see Google Apps, Vault and Cloud Platform components complete SSAE 16 audit.
- Does Cloud Storage support IPv6?
Use with other Google services
- Can I use Cloud Storage to upload files to Google Docs?
- No, Cloud Storage is not integrated with Google Docs.
- Can I use Cloud Storage with my Google Apps account?
- Yes, you can use your Google Apps account with Cloud Storage.
- Google Storage and Google Drive — which storage API should my application use?
Google provides two different storage services: Google Cloud Storage, and Google Drive. Both services allow programmatic access to their functionality, but the goals of the APIs are quite different. The Google Drive SDK works together with the Google Drive UI and the Chrome Web Store to create an ecosystem of apps that can be installed into Google Drive. These apps enhance the user experience by allowing users to interact with their data in novel ways. For instance, a user could install a Drive app to edit images or fax PDF files, and could create and open files with those apps directly in Google Drive.
Cloud Storage is intended to be accessed primarily through its API and provides all the functionality necessary for developers to use it as a backing store for their own applications. For example, a developer could store and host media and other static assets for a web game in Cloud Storage. Cloud Storage can also be used for online archives, large scale computations in Google Compute Engine, and so on.
This illustrates the primary difference between the two APIs: Cloud Storage enables developers to store their application data in the Google cloud (and they’re responsible for the storage their app consumes), whereas in Drive, users allow apps to interact with the user’s private storage and content.
For an overview of Google storage options, including a video explaining the differences between the options, see Storing Your Data.
Managing Data Access
- How do I change the owner of an object?
- You cannot change the owner of an object by modifying ACLs. However, you can change the owner of an object by having the new owner read the object's metadata (to preserve ACLs and other metadata) and overwrite the object with new object that has the same metadata. To do this, the new owner must have
FULL_CONTROLpermission on the object you want to modify and
FULL_CONTROLpermission on the bucket in which the object is stored.
- How do I change the owner or project of a bucket?
- This is not intrinsically provided by Cloud Storage; a bucket is always owned by the project owners group of the Google APIs Console project it was created in. If you want a particular bucket to be owned by a different project, you have to delete it and recreate it.
- I want to let someone download an object. How do I do that?
- You can share an object with a user or group by granting
READpermission on the object you want to share. You can specify a user or a group by email address (for example, firstname.lastname@example.org or email@example.com) or by the Google Storage ID that's associated with the user or group.
- What is a Google Cloud Storage ID?
- A Google Cloud Storage ID is a string of 64 hexadecimal characters that uniquely identifies a user or a Google group. The Cloud Storage system uses Google Cloud Storage IDs to determine the scope of a given permission.
- How can I determine the Google Cloud Storage ID of a user or group?
- If the user has a Cloud Storage account you can ask them for their
Google Cloud Storage ID. Any user who has a Cloud Storage account can
look up their Google Cloud Storage ID by doing the
- Open the Cloud Storage Settings page in the Google Cloud Platform Console.
- Your ID will be listed under "You".
If you are not certain whether the user has a Cloud Storage account, or if you want to find the Google Cloud Storage ID for a group, you can do this:
- Upload a new object or create a new bucket with default (project-private) permissions.
- Grant the user or group
READpermission to the object or bucket by using the user's or group's email address.
- Retrieve the ACLs for the object or bucket. The user's or group's Google Cloud Storage ID will
be listed as the scope for the
You can also retrieve the Google Cloud Storage IDs of a project Team, a project Editors group, or a project Owners group by following the same steps for retrieving your ID shown above. For more information, see Finding Google Cloud Storage IDs.
- What happens if a tool or library uses another storage provider's ACL syntax?
When using the XML API for interoperable access with other storage services, such as Amazon S3, the signature identifier determines the ACL syntax. For example, if the tool or library you are using makes a request to Cloud Storage to retrieve ACLs (for example, a GET Object or GET Bucket request), and the request uses another storage provider's signature identifier, then Cloud Storage returns an XML document that uses the corresponding storage provider's ACL syntax. If the tool or library you are using makes a request to Cloud Storage to apply ACLs (for example, a PUT Object or PUT Bucket request), and the request uses another storage provider's signature identifier, then Cloud Storage expects to receive an XML document that uses the corresponding storage provider's ACL syntax.
For more information about using the XML API for interoperable access with Amazon S3, see Migrating from Amazon S3 to Google Cloud Storage.Amazon S3 is a trademark of Amazon.com, Inc. or its affiliates in the United States and/or other countries.
- Can I let someone read the ACLs on an object without letting them download the object?
- Not directly. You must grant a user
FULL_CONTROLpermission to read an ACL on an object. You can, however, provide them a Signed URL to delegate specific authority for a single type of request. You can also give them the
storage.objects.getIamPolicyIAM permissions for the bucket that contains the object. These permissions allow the user to retrieve object ACLs when listing objects in the bucket, but doesn't grant them the ability to download the objects.
- Can I grant permission to create objects in a bucket without granting permission to list objects in the bucket, or view the bucket's metadata?
- Yes: although ACLs do not allow this because
READERpermission, IAM permissions make this possible. To do so, simply give a user the
roles/storage.objectCreatorrole on the desired bucket.
Managing Bucket Locations
- Can I specify bucket locations in places other than Asia, the European Union, or the US?
- No. Currently, you can only specify buckets in these locations.
- Can I move buckets from one location to another?
- This is not intrinsically provided by Cloud Storage; a bucket remains in the specific location set on creation. If you want a particular bucket to be in a different location, you have to delete it and recreate it.
- What is the default bucket location if I do not specify a location constraint?
- The default bucket location is in the US. If you do not specify a location constraint, your buckets will be stored on servers in the US.
Tools and Libraries
- Are there any tools available for Cloud Storage?
- You can use the browser-based Google Cloud Platform Console to perform basic operations on buckets and objects. You can also use the command-line tool gsutil to perform basic and advanced data management tasks on Cloud Storage. You can find several other tools by searching the Internet.
- Are there any libraries for Cloud Storage?
- Yes! Google maintains Cloud Storage Client Libraries for a number of popular langauges, including Java, Ruby, and Go. The Boto library also works with Cloud Storage, and you can find several other libraries by searching the Internet.
- I'm developing a library or tool for Cloud Storage and I want to sell it on the Internet. Is this okay?
- I tried to create a bucket and got the error
GSResponseError: status=403, code=AccountProblem, reason=Forbidden. What should I do?
- This error generally indicates that you have not yet turned on billing in the
Google Cloud Platform Console
or do not have access to create a bucket. Try:
- Turning on billing
- Checking that you are either in the owners or writers group for the project.
If billing is turned on and you have permissions to create a bucket, but you continue to receive this error message, you can reach out to support with your project ID and a description of your problem.
- I tried to create the buckets
gs://dogsbut received the following error:
Failure: GSCreateError: 409 Conflict
The requested bucket name is not available. The bucket namespace is shared by all users of the system. Please select a different name and try again.
- The bucket name you tried to use (e.g.
gs://dogs) is already taken. Cloud Storage has a global namespace so you may not name a bucket with the same name as an existing bucket. Choose a name that is not being used.
- I tried to list my bucket with gsutil but got the error:
GSResponseError: status=403, code=AccessDenied, reason=Forbidden. What should I do?
- Check that the credentials (for example, in your .boto file if you're using gsutil) are correct.
- Assuming you are using the correct credentials, are your requests being routed through a proxy, using HTTP (instead of HTTPS)?
If so, check whether your proxy is configured to remove the
Authorizationheader from such requests. If so, make sure you are using HTTPS instead of HTTP for your requests.
- I want to serve my static website content through HTTPS
While you can serve your content through HTTPS using direct URI's such as
https://storage.googleapis.com/example-bucket/example-object, Cloud Storage only supports HTTP, not HTTPS, serving through custom domains that use a
CNAMEredirect, such as
www.my-website.com. To serve your content through a custom domain over SSL, set up a load balancer, use a third-party Content Delivery Network with Cloud Storage, or serve your static website content from Firebase Hosting instead of Google Cloud Storage.
- I'm connecting through a proxy server, what do I need to do?
Requests to Google Cloud Storage need to access accounts.google.com for OAuth2 token exchanges, and *.googleapis.com for storage requests. If you are accessing Cloud Storage through a proxy server, you must allow access to these domains. If your proxy server or security policy doesn't support whitelisting by domain and instead requires whitelisting by IP network block, we strongly recommend that you configure your proxy server for all Google IP address ranges. You can find the address ranges, for example, by querying WHOIS data at ARIN. As a best practice, you should periodically review your proxy settings to ensure they match Google's IP addresses.
We do not recommend configuring your proxy with individual IP addresses you obtain from one-time lookups of accounts.google.com and storage.googleapis.com. Because Google services are exposed via DNS names that map to a large number of IP addresses that can change over time, configuring your proxy based on a one-time lookup may lead to failures to connect to Google Cloud Storage.
If you requests are being routed through a proxy server, you may need to check with your network administrator to ensure that the
Authorizationheader containing your credentials is not stripped out by the proxy. Without the
Authorizationheader, you will receive a
MissingSecurityHeadererror and your request will be rejected.
- I tried to use the gsutil stat command to display object status for a subdirectory and got an error. Why?
Google Cloud Storage uses a flat namespace to store objects in buckets. While you can use slashes ("/") in object names to make it appear as if objects are in a hierarchical structure, the gsutil stat command treats a trailing slash as part of the object name. For example, if you run the command
gsutil -q stat gs://some-bucket/some-object/, then gsutil will look up information about the object "some-object/" (with a trailing slash) inside bucket "some-bucket", as opposed to operating on objects nested under gs://some-bucket/some-object. Unless you actually have an object with that name, the operation will fail.
- I created a bucket, but don't remember which project I created it in. How can I find it?
For most common Cloud Storage operations like listing objects, creating and composing objects, and common object and bucket configuration, you do not need to specify a project. In general, you only need to specify a project identifier when creating a bucket or listing buckets in a project. For more information, see When to specify a Project ID.
To find what project contains a specific bucket:
- If you are searching over a moderate number of projects and buckets, use the Google Cloud Platform Console, select each project, and view the buckets it contains.
- Otherwise, you can write a script that iterates over a list of project IDs (which you can get
from Google Cloud Platform Console) and runs
gsutil ls -p <PROJECT_ID>on each one.