- About Google Cloud Storage
- Pricing and support
- Getting Started
- Storage and content policy
- Use with other Google services
- Managing Data Access
- Managing Bucket Locations
- Tools and Libraries
- Security and Data Protection Assessments
About Google Cloud Storage
- How do I sign up?
- Sign up for Google Cloud Storage by turning on the Google Cloud Storage service in the Google Developers Console.
- How soon is my account active after I turn on the Google Cloud Storage service?
- Your account can take a few minutes after you turn on the Google Cloud Storage service for it to become active.
- How do I request a feature?
- Please share your feature request with us by sending email to firstname.lastname@example.org. We will track feature requests as they arrive.
- How do I file a bug?
- Please send the bug via email to email@example.com. We will investigate issues as they arrive.
- How do I cancel my Google Cloud Storage account?
- To cancel your Google Cloud Storage account, take the following steps:
- Delete all your buckets and objects.
Warning: Deleting an object or bucket is a permanent action that can not be undone. Back up any data that you want to keep before you begin deleting your buckets and objects.
- Disable the Google Storage services for your project.
In the Google Developers Console, select your project, and in the left sidebar, click APIs & AUTH. In the list of APIs, turn off Google Cloud Storage and Google Cloud Storage JSON API.
- Disable billing (optional).
You will not incur any additional Google Cloud Storage charges after you remove your Google Cloud Storage data and disable the Google Cloud Storage service but you can choose to disable billing to stop receiving statements. You will receive one last bill for any remaining changes incurred between the beginning of the billing cycle and when you cancelled.
If you have other services that are being billed to the same project, disabling billing in the Billing pane also disables billing for these services.
Note: You can choose to disable the Google Cloud Storage service without removing your Google Cloud Storage data, but you will incur storage charges for any remaining buckets or objects.
- Delete all your buckets and objects.
Pricing and Support
- Where can I find pricing information?
- Please read the Pricing and Terms for detailed information on pricing.
- How do you calculate bandwidth usage and storage usage?
- We calculate bandwidth usage and storage usage in gigabytes (GB), where 1 GB = 230 bytes. We calculate charges for your usage on a monthly basis. Your monthly bandwidth usage is the cumulative network bandwidth you used in the month. Your monthly storage usage is the average storage you used in the month. For an example usage calculation, see Pricing and Terms.
- How do I cancel billing?
You can cancel billing by clicking Disable billing in the
Billing & Settings page for your project. You can get to the
Billing & Settings page for your project by going to
the Google Developers Console and then
selecting your project. If you disable billing,
you also disable the Google Cloud Storage service. Make sure you want to disable
the Google Cloud Storage service before you disable billing. After you disable billing,
you will receive one last bill that includes costs incurred
between the beginning of the billing cycle to when you cancelled.
Caution: When you disable billing, it is disabled for all services in that project. You can not disable billing for individual services or APIs. For more information, see Billing in the Google Developers Console Help. section in the Developers Console help.
- What are my support options?
We invite our users to post their questions on
Along with the active Stack Overflow community, our team will be actively monitoring your posts
and answering questions with the tag google-cloud-storage.
We offer various levels of support depending on your needs. For additional support options see our Cloud Platform Support Packages.
- Does Google Cloud Storage offer a service level agreement (SLA)?
- Yes. If you provided billing information through Google Checkout you are covered under the Google Cloud Storage Service Level Agreement.
- How do I notify Google of SLA Financial Credit eligibility?
- Use the billing request form.
- Do I need to sign up for billing before I can use Google Cloud Storage?
- Yes, we require that you turn on billing in order to use the service.
- Do I need to activate Google Cloud Storage and turn on billing if I was added to an existing Google Cloud Storage account?
- No, please see Activate Google Cloud Storage for more information.
- I am just trying to download or access some data that is available to the public. How can I do that?
- You can simply download and install the gsutil tool and use it to download the data. You do not need to activate Google Cloud Storage or turn on billing for this purpose. You also do not need to authenticate to Google Cloud Storage to access a publicly-available object.
Storage and content policy
- How many times is my data replicated?
- Your data is replicated in multiple data centers that are geographically distributed for greater availability.
- Where is my data stored?
- You can specify if you want your data stored in the United States, European Union, or Asia by specifying a bucket location when you create a bucket. The selection of a location in Asia does not guarantee that your data at rest is kept only in that specific location. If no location selection is made, your data will be stored at rest in the United States.
- I believe some content hosted on your service is inappropriate, how do I report it?
- Certain types of content are not allowed on this service; please refer to the Terms of Services and Program Policies for details. If you believe a piece of content is in violation of our policies, report it here (select "See more products", then "Google Cloud Storage").
- How can I get a summary of daily space usage?
- You can use the gsutil du command to display the total space used by
all objects for a specified bucket. For example, to get the total space used by
all objects in the bucket "bucketname", use the command:
gsutil du -sh gs://bucketnameSee the du command help for more options you can use, including how to return the size of all objects underneath a prefix.
You can also set up bucket logging where the total size of a bucket is automatically reported once a day. For more information, see Access Logs & Storage Data. If the number of objects in your bucket is large (e.g., hundreds of thousands or millions), this is a much more efficient way to track space usage. The gsutil du command calculates space usage by making bucket listing requests, which for large buckets can take a long time.
Use with other Google services
- Can I use Google Cloud Storage to upload files to Google Docs?
- No, Google Cloud Storage is not currently integrated with Google Docs.
- Can I use Google Cloud Storage with my Google Apps account?
- Yes, you can use your Google Apps account with Google Cloud Storage.
- Google Storage and Google Drive — which storage API should my application use?
Google provides two different storage services: Google Cloud Storage, and Google Drive. Both services allow programmatic access to their functionality, but the goals of the APIs are quite different. The Google Drive SDK works together with the Google Drive UI and the Chrome Web Store to create an ecosystem of apps that can be installed into Google Drive. These apps enhance the user experience by allowing users to interact with their data in novel ways. For instance, a user could install a Drive app to edit images or fax PDF files, and could create and open files with those apps directly in Google Drive.
Google Cloud Storage is intended to be accessed primarily through its API and provides all the functionality necessary for developers to use it as a backing store for their own applications. For example, a developer could store and host media and other static assets for a web game in Google Cloud Storage. Google Cloud Storage can also be used for online archives, backup replacement, and so on.
This illustrates the primary difference between the two APIs: Cloud Storage enables developers to store their application data in the Google cloud (and they’re responsible for the storage their app consumes), whereas in Drive, users allow apps to interact with the user’s private storage and content.
For an overview of Google storage options, including a video explaining the differences between the options, see Storing Your Data.
Managing Data Access
- How do I change the owner of an object?
- You cannot change the owner of an object by modifying ACLs. However, you can change the owner of an object by having the new owner overwrite the object with a new object. To do this, the new owner must have
FULL_CONTROLpermission on the object you want to modify and the new owner must have
FULL_CONTROLpermission on the bucket in which the object is stored.
- How do I change the owner of a bucket?
- You cannot do this. A bucket is always owned by the project owners group of the Google APIs Console project it was created in.
- I want to let someone download an object. How do I do that?
- You can share an object with a user or group by granting
READpermission on the object you want to share. You can specify a user or a group by email address (for example, firstname.lastname@example.org or email@example.com) or by the Google Storage ID that's associated with the user or group.
- What is a Google Cloud Storage ID?
- A Google Cloud Storage ID is a string of 64 hexadecimal characters that uniquely identifies a user or a Google group. The Google Cloud Storage system uses Google Cloud Storage IDs to determine the scope of a given permission.
- How can I determine the Google Cloud Storage ID of a user or group?
- If the user has a Google Cloud Storage account you can ask them for their
Google Cloud Storage ID. Any user who has a Google Cloud Storage account can
look up their Google Cloud Storage ID by doing the
- Go to the Google Developers Console.
- Select a project.
- In the left sidebar, click Cloud Storage > Storage access.
- Your ID will be listed under "You".
If you are not certain whether the user has a Google Cloud Storage account, or you want to find the Google Cloud Storage ID for a group, you can do this:
- Upload a new object or create a new bucket with default (project-private) permissions.
- Grant the user or group
READpermission to the object or bucket by using the user's or group's email address.
- Retrieve the ACLs for the object or bucket. The user's or group's Google Cloud Storage ID will
be listed as the scope for the
You can also retrieve the Google Cloud Storage IDs of a project Team, a project Editors group, or a project Owners group by following the same steps for retrieving your ID shown above. For more information, see Finding Google Cloud Storage IDs.
- What happens if a tool or library uses another storage provider's ACL syntax?
When using the XML API for interoperable access with other storage services, such as Amazon S3, the signature identifier determines the ACL syntax. For example, if the tool or library you are using makes a request to Google Cloud Storage to retrieve ACLs (for example, a GET Object or GET Bucket request), and the request uses another storage provider's signature identifier, then Google Cloud Storage returns an XML document that uses the corresponding storage provider's ACL syntax. If the tool or library you are using to make a request to Google Cloud Storage to apply ACLs (for example, a PUT Object or PUT Bucket request), and the request uses another storage provider's signature identifier, then Google Cloud Storage expects to receive an XML document that uses the corresponding storage provider's ACL syntax.
For more information about using the XML API for interoperable access with Amazon S3, see Migrating from Amazon S3 to Google Cloud Storage.Amazon S3 is a trademark of Amazon.com, Inc. or its affiliates in the United States and/or other countries.
- Why can't I apply
WRITEpermission to an object?
- Object permissions control who can download an object and who can read or write an object's ACLs. All other object operations, such as uploading and deleting, are controlled through bucket ACLs. This gives bucket owners control over who can upload objects to their buckets.
- Can I let someone read the ACLs on an object without letting them download the object?
- No. You must grant a user
FULL_CONTROLpermission to read an ACL on an object or bucket.
- Can I grant
WRITEpermission on a bucket without granting
- No. Google Cloud Storage ACLs are concentric, which means that
WRITEpermission also grants
Managing Bucket Locations
- Can I specify bucket locations in places other than Asia, the European Union, or the US?
- No. Currently, you can only specify buckets in these locations.
- Can I move buckets from one location to another?
- No. When you create a bucket in a specific location, it is not possible to move it to another location.
- What is the default bucket location if I do not specify a location constraint?
- The default bucket location is in the US. If you do not specify a location constraint, your buckets will be stored on servers in the US.
Tools and Libraries
- Are there any tools available for Google Cloud Storage?
- You can use the browser-based Google Developers Console to perform basic operations on buckets and objects. You can also use the command-line tool gsutil to perform basic and advanced data management tasks on Google Cloud Storage. You can find several other tools by searching the Internet.
- Are there any libraries for Google Cloud Storage?
- The Boto library works with Google Cloud Storage. You can find several other libraries for Java, Ruby, and PHP by searching the Internet.
- I'm developing a library or tool for Google Cloud Storage and I want to sell it on the Internet. Is this okay?
- I tried to create a bucket and got the error
GSResponseError: status=403, code=AccountProblem, reason=Forbidden. What should I do?
- This error generally indicates that you have not yet turned on billing in the
Google Developers Console
or do not have access to create a bucket. Try:
- Turning on billing
- Checking that you are either in the owners or writers group for the project.
If billing is turned on and you have permissions to create a bucket, but you continue to receive this error message, please send your project id and a description of your problem to firstname.lastname@example.org.
- I tried to create the buckets
gs://dogsbut received the following error:
Failure: GSCreateError: 409 Conflict
The requested bucket name is not available. The bucket namespace is shared by all users of the system. Please select a different name and try again.
- The bucket name you tried to use (e.g.
gs://dogs) is already taken. Google Cloud Storage has a flat namespace so you may not name a bucket with the same name as an existing bucket. Choose a name that is not being used.
- I tried to list my bucket with gsutil but got the error:
GSResponseError: status=403, code=AccessDenied, reason=Forbidden. What should I do?
- Check that you are using the correct project ID. If you are not specifying the project ID on the command line
gsutil ls -p <PROJECT_ID>), check the default project ID for your account.
- Check that the credentials you configured in your .boto file are correct.
- Assuming you are using the correct project ID and credentials, are your requests being routed through a proxy, using HTTP (instead of HTTPS)?
If so, check whether your proxy is configured to remove the
Authorizationheader from such requests. If so, make sure you are using HTTPS instead of HTTP for your requests. Your boto configuration file should not specify:
is_secure = Falsein the [Boto] section.
- Check that you are using the correct project ID. If you are not specifying the project ID on the command line (like
- I'm connecting through a proxy server, what do I need to do?
Requests to Google Cloud Storage need to access accounts.google.com for OAuth2 token exchanges, and *.googleapis.com for storage requests. If you are accessing Google Cloud Storage through a proxy server, you must allow access to these domains. If your proxy server or security policy doesn't support whitelisting by domain and instead requires whitelisting by IP network block, we strongly recommend that you configure your proxy server for all Google IP address ranges. You can find the address ranges, for example, by querying WHOIS data at ARIN. As a best practice, you should periodically review your proxy settings to ensure they match Google's IP addresses.
We do not recommend configuring your proxy with individual IP addresses you obtain from a one-time lookup of accounts.google.com and storage.googleapis.com. Because Google services are exposed via DNS names that map to a large number of IP addresses that can change over time, configuring your proxy based on a one-time lookup may lead to failures to connect to Google Cloud Storage.
If you requests are being routed through a proxy server, you may need to check with your network administrator to ensure that the
Authorizationheader containing your credentials is not stripped out by the proxy. Without the
Authorizationheader, you will receive a
MissingSecurityHeadererror and your request will be rejected.
- I tried to use the gsutil stat command to display object status for a subdirectory and got an error. Why?
Google Cloud Storage uses a flat namespace to store objects in buckets. While you can use slashes ("/") in object names to make it appear as if objects are in a hierarchical structure, the gsutil stat command treats a trailing slash as part of the object name. For example, if you run the command
gsutil -q stat gs://some-bucket/some-object/, then gsutil will look up information about the object "some-object/" (with a trailing slash) inside bucket "some-bucket", as opposed to operating on objects nested under gs://some-bucket/some-object. Unless you actually have an object with that name, the operation will fail.
- I created a bucket, but don't remember which project I created it in. How can I find it?
For most common Google Cloud Storage operations like listing objects, creating and composing objects, and common object and bucket configuration, you do not need to specify a project. In general, only need to specify a project identifier when creating a bucket or listing buckets in a project. For more information, see When to Specify a Project ID.
To find what project contains a specific bucket:
- If you are searching over a moderate number of projects and buckets, use the Google Developers Console, select each project, and view the buckets it contains.
- Otherwise, you can script
gsutil ls -p <PROJECT_ID>by passing in a list of project IDs and parsing the output. You can get a list of project IDs from Google Developers Console.
Security and Data Protection Assessments
- What assessments are performed on security and data protection?
- Google is committed to conducting independent 3rd party assessments of security and data protection practices. Building on the SSAE 16 audit and the ISO 27001 certification for Google Apps, a new SSAE 16 / ISAE 3402 SOC 2 Type II audit was successfully completed. For more information, see Google Apps, Vault and Cloud Platform components complete SSAE 16 audit