Buckets

The Buckets resource represents a bucket in Google Cloud Storage. There is a single global namespace shared by all buckets. For more information, see Bucket Name Requirements.

Buckets contain objects which can be accessed by their own methods. In addition to the acl property, buckets contain bucketAccessControls, for use in fine-grained manipulation of an existing bucket's access controls.

A bucket is always owned by the project team owners group.

For a list of methods for this resource, see the end of this page.

Resource representations

{
  "kind": "storage#bucket",
  "id": string,
  "selfLink": string,
  "projectNumber": unsigned long,
  "name": string,
  "timeCreated": datetime,
  "updated": datetime,
  "defaultEventBasedHold": boolean,
  "retentionPolicy": {
    "retentionPeriod": unsigned long,
    "effectiveTime": datetime,
    "isLocked": boolean
  },
  "metageneration": long,
  "acl": [
    bucketAccessControls Resource
  ],
  "defaultObjectAcl": [
    {
      "kind": "storage#objectAccessControl",
      "id": string,
      "selfLink": string,
      "bucket": string,
      "object": string,
      "generation": long,
      "entity": string,
      "role": string,
      "email": string,
      "entityId": string,
      "domain": string,
      "projectTeam": {
        "projectNumber": string,
        "team": string
      },
      "etag": string
    }
  ],
  "encryption": {
    "defaultKmsKeyName": string
  },
  "owner": {
    "entity": string,
    "entityId": string
  },
  "location": string,
  "website": {
    "mainPageSuffix": string,
    "notFoundPage": string
  },
  "logging": {
    "logBucket": string,
    "logObjectPrefix": string
  },
  "versioning": {
    "enabled": boolean
  },
  "cors": [
    {
      "origin": [
        string
      ],
      "method": [
        string
      ],
      "responseHeader": [
        string
      ],
      "maxAgeSeconds": integer
    }
  ],
  "lifecycle": {
    "rule": [
      {
        "action": {
          "type": string,
          "storageClass": string
        },
        "condition": {
          "age": integer,
          "createdBefore": date,
          "isLive": boolean,
          "matchesStorageClass": [
            string
          ],
          "numNewerVersions": integer
        }
      }
    ]
  },
  "labels": {
    (key): string
  },
  "storageClass": string,
  "billing": {
    "requesterPays": boolean
  },
  "etag": string
}
Property name Value Description Notes
acl[] list Access controls on the bucket, containing one or more bucketAccessControls Resources. writable
billing object The bucket's billing configuration. writable
billing.requesterPays boolean When set to true, Requester Pays is enabled for this bucket. writable
cors[] list The bucket's Cross-Origin Resource Sharing (CORS) configuration. writable
cors[].maxAgeSeconds integer The value, in seconds, to return in the Access-Control-Max-Age header used in preflight responses. writable
cors[].method[] list The list of HTTP methods on which to include CORS response headers, (GET, OPTIONS, POST, etc) Note: "*" is permitted in the list of methods, and means "any method". writable
cors[].origin[] list The list of Origins eligible to receive CORS response headers. Note: "*" is permitted in the list of origins, and means "any Origin". writable
cors[].responseHeader[] list The list of HTTP headers other than the simple response headers to give permission for the user-agent to share across domains. writable
defaultEventBasedHold boolean Whether or not to automatically apply an eventBasedHold to new objects added to the bucket. writable
defaultObjectAcl[] list Default access controls to apply to new objects when no ACL is provided. writable
defaultObjectAcl[].bucket string The name of the bucket.
defaultObjectAcl[].domain string The domain associated with the entity, if any.
defaultObjectAcl[].email string The email address associated with the entity, if any.
defaultObjectAcl[].entity string The entity holding the permission, in one of the following forms:
  • user-userId
  • user-email
  • group-groupId
  • group-email
  • domain-domain
  • project-team-projectId
  • allUsers
  • allAuthenticatedUsers
Examples:
  • The user liz@example.com would be user-liz@example.com.
  • The group example@googlegroups.com would be group-example@googlegroups.com.
  • To refer to all members of the G Suite for Business domain example.com, the entity would be domain-example.com.
 writable
defaultObjectAcl[].entityId string The ID for the entity, if any.
defaultObjectAcl[].etag string HTTP 1.1 Entity tag for the access-control entry.
defaultObjectAcl[].generation long The content generation of the object, if applied to an object.
defaultObjectAcl[].id string The ID of the access-control entry.
defaultObjectAcl[].kind string The kind of item this is. For object access control entries, this is always storage#objectAccessControl.
defaultObjectAcl[].object string The name of the object, if applied to an object.
defaultObjectAcl[].projectTeam object The project team associated with the entity, if any.
defaultObjectAcl[].projectTeam.projectNumber string The project number.
defaultObjectAcl[].projectTeam.team string The team.

Acceptable values are:
  • "editors"
  • "owners"
  • "viewers"
defaultObjectAcl[].role string The access permission for the entity.

Acceptable values are:
  • "OWNER"
  • "READER"
 writable
encryption object Encryption configuration for a bucket. writable
encryption.defaultKmsKeyName string A Cloud KMS key that will be used to encrypt objects inserted into this bucket, if no encryption method is specified.
etag string HTTP 1.1 Entity tag for the bucket.
id string The ID of the bucket. For buckets, the id and name properties are the same.
kind string The kind of item this is. For buckets, this is always storage#bucket.
labels object User-provided bucket labels, in key/value pairs. writable
labels.(key) string An individual label entry. writable
lifecycle object The bucket's lifecycle configuration. See lifecycle management for more information. writable
lifecycle.rule[] list A lifecycle management rule, which is made of an action to take and the condition(s) under which the action will be taken.
lifecycle.rule[].action object The action to take.
lifecycle.rule[].action.storageClass string Target storage class. Required iff the type of the action is SetStorageClass.
lifecycle.rule[].action.type string Type of the action. Currently, only Delete and SetStorageClass are supported.

Acceptable values are:
  • "Delete"
  • "SetStorageClass"
lifecycle.rule[].condition object The condition(s) under which the action will be taken.
lifecycle.rule[].condition.age integer Age of an object (in days). This condition is satisfied when an object reaches the specified age.
lifecycle.rule[].condition.createdBefore date A date in RFC 3339 format with only the date part (for instance, "2013-01-15"). This condition is satisfied when an object is created before midnight of the specified date in UTC.
lifecycle.rule[].condition.isLive boolean Relevant only for versioned objects. If the value is true, this condition matches live objects; if the value is false, it matches archived objects.
lifecycle.rule[].condition.matchesStorageClass[] list Objects having any of the storage classes specified by this condition will be matched. Values include MULTI_REGIONAL, REGIONAL, NEARLINE, COLDLINE, STANDARD, and DURABLE_REDUCED_AVAILABILITY.
lifecycle.rule[].condition.numNewerVersions integer Relevant only for versioned objects. If the value is N, this condition is satisfied when there are at least N versions (including the live version) newer than this version of the object.
location string The location of the bucket. Object data for objects in the bucket resides in physical storage within this region. Defaults to US. See the developer's guide for the authoritative list. writable
logging object The bucket's logging configuration, which defines the destination bucket and optional name prefix for the current bucket's logs. writable
logging.logBucket string The destination bucket where the current bucket's logs should be placed. writable
logging.logObjectPrefix string A prefix for log object names. writable
metageneration long The metadata generation of this bucket.
name string The name of the bucket.
owner object The owner of the bucket. This is always the project team's owner group.
owner.entity string The entity, in the form project-owner-projectId.
owner.entityId string The ID for the entity.
projectNumber unsigned long The project number of the project the bucket belongs to.
retentionPolicy object The bucket's retention policy, which defines the minimum age an object in the bucket must reach before it can be deleted or overwritten. writable
retentionPolicy.effectiveTime datetime The time from which the retentionPolicy was effective, in RFC 3339 format.
retentionPolicy.isLocked boolean Whether or not the retentionPolicy is locked. If true, the retentionPolicy cannot be removed and the retention period cannot be reduced.
retentionPolicy.retentionPeriod unsigned integer The period of time, in seconds, that objects in the bucket must be retained and cannot be deleted, overwritten, or archived. The value must be greater than 0 seconds and less than 3,155,760,000 seconds. writable
storageClass string The bucket's default storage class, used whenever no storageClass is specified for a newly-created object. This defines how objects in the bucket are stored and determines the SLA and the cost of storage. Values include MULTI_REGIONAL, REGIONAL, STANDARD, NEARLINE, COLDLINE, and DURABLE_REDUCED_AVAILABILITY. If this value is not specified when the bucket is created, it will default to STANDARD. For more information, see storage classes. writable
timeCreated datetime The creation time of the bucket in RFC 3339 format.
updated datetime The modification time of the bucket in RFC 3339 format.
versioning object The bucket's versioning configuration. writable
versioning.enabled boolean While set to true, versioning is fully enabled for this bucket. writable
website object The bucket's website configuration, controlling how the service behaves when accessing bucket contents as a web site. See the Static Website Examples for more information. writable
website.mainPageSuffix string If the requested object path is missing, the service will ensure the path has a trailing '/', append this suffix, and attempt to retrieve the resulting object. This allows the creation of index.html objects to represent directory pages. writable
website.notFoundPage string If the requested object path is missing, and any mainPageSuffix object is missing, if applicable, the service will return the named object from this bucket as the content for a 404 Not Found result. writable

Methods

Available methods for Buckets resources are as follows:

delete
Permanently deletes an empty bucket.
get
Returns metadata for the specified bucket.
getIamPolicy
Returns an IAM policy for the specified bucket.
insert
Creates a new bucket.
list
Retrieves a list of buckets for a given project.
lockRetentionPolicy
Irreversibly sets the retention policy on a bucket.
patch
Updates a bucket. Changes to the bucket will be readable immediately after writing, but configuration changes may take time to propagate. This method supports patch semantics.
setIamPolicy
Updates an IAM policy for the specified bucket.
testIamPermissions
Tests a set of permissions on the given bucket to see which, if any, are held by the caller.
update
Updates a bucket. Changes to the bucket will be readable immediately after writing, but configuration changes may take time to propagate. This method sets the complete metadata of a bucket. If you want to change some of a bucket's metadata while leaving other parts unaffected, use the PATCH method instead.
Was this page helpful? Let us know how we did:

Send feedback about...

This page
Documentation feedback
Cloud Storage
Product feedback
Need help? Visit our support page.