Buckets

Buckets

The Buckets resource represents a bucket in Google Cloud Storage. There is a single global namespace shared by all buckets. For more information, see Bucket Name Requirements.

Buckets contain objects which can be accessed by their own methods. In addition to the acl property, buckets contain bucketAccessControls, for use in fine-grained manipulation of an existing bucket's access controls.

A bucket is always owned by the project team owners group.

For a list of methods for this resource, see the end of this page.

Resource representations

{
  "kind": "storage#bucket",
  "id": string,
  "selfLink": string,
  "projectNumber": unsigned long,
  "name": string,
  "timeCreated": datetime,
  "updated": datetime,
  "defaultEventBasedHold": boolean,
  "retentionPolicy": {
    "retentionPeriod": unsigned long,
    "effectiveTime": datetime,
    "isLocked": boolean
  },
  "metageneration": long,
  "acl": [
    bucketAccessControls Resource
  ],
  "defaultObjectAcl": [
    {
      "kind": "storage#objectAccessControl",
      "id": string,
      "selfLink": string,
      "bucket": string,
      "object": string,
      "generation": long,
      "entity": string,
      "role": string,
      "email": string,
      "entityId": string,
      "domain": string,
      "projectTeam": {
        "projectNumber": string,
        "team": string
      },
      "etag": string
    }
  ],
  "iamConfiguration": {
    "bucketPolicyOnly": {
      "enabled": boolean,
      "lockedTime":datetime,
    },
  },
  "encryption": {
    "defaultKmsKeyName": string
  },
  "owner": {
    "entity": string,
    "entityId": string
  },
  "location": string,
  "website": {
    "mainPageSuffix": string,
    "notFoundPage": string
  },
  "logging": {
    "logBucket": string,
    "logObjectPrefix": string
  },
  "versioning": {
    "enabled": boolean
  },
  "cors": [
    {
      "origin": [
        string
      ],
      "method": [
        string
      ],
      "responseHeader": [
        string
      ],
      "maxAgeSeconds": integer
    }
  ],
  "lifecycle": {
    "rule": [
      {
        "action": {
          "type": string,
          "storageClass": string
        },
        "condition": {
          "age": integer,
          "createdBefore": date,
          "isLive": boolean,
          "matchesStorageClass": [
            string
          ],
          "numNewerVersions": integer
        }
      }
    ]
  },
  "labels": {
    (key): string
  },
  "storageClass": string,
  "billing": {
    "requesterPays": boolean
  },
  "etag": string
}

Property name	Value	Description	Notes
`acl[]`	`list`	Access controls on the bucket, containing one or more bucketAccessControls Resources.	writable
`billing`	`object`	The bucket's billing configuration.	writable
`billing.requesterPays`	`boolean`	When set to true, Requester Pays is enabled for this bucket.	writable
`cors[]`	`list`	The bucket's Cross-Origin Resource Sharing (CORS) configuration.	writable
`cors[].maxAgeSeconds`	`integer`	The value, in seconds, to return in the Access-Control-Max-Age header used in preflight responses.	writable
`cors[].method[]`	`list`	The list of HTTP methods on which to include CORS response headers, (`GET`, `OPTIONS`, `POST`, etc) Note: "*" is permitted in the list of methods, and means "any method".	writable
`cors[].origin[]`	`list`	The list of Origins eligible to receive CORS response headers. Note: "*" is permitted in the list of origins, and means "any Origin".	writable
`cors[].responseHeader[]`	`list`	The list of HTTP headers other than the simple response headers to give permission for the user-agent to share across domains.	writable
`defaultEventBasedHold`	`boolean`	Whether or not to automatically apply an `eventBasedHold` to new objects added to the bucket.	writable
`defaultObjectAcl[]`	`list`	Default access controls to apply to new objects when no ACL is provided.	writable
`defaultObjectAcl[].bucket`	`string`	The name of the bucket.
`defaultObjectAcl[].domain`	`string`	The domain associated with the entity, if any.
`defaultObjectAcl[].email`	`string`	The email address associated with the entity, if any.
`defaultObjectAcl[].entity`	`string`	The entity holding the permission, in one of the following forms: `user-userId` `user-email` `group-groupId` `group-email` `domain-domain` `project-team-projectId` `allUsers` `allAuthenticatedUsers` Examples: The user `liz@example.com` would be `user-liz@example.com`. The group `example@googlegroups.com` would be `group-example@googlegroups.com`. To refer to all members of the G Suite for Business domain `example.com`, the entity would be `domain-example.com`.	writable
`defaultObjectAcl[].entityId`	`string`	The ID for the entity, if any.
`defaultObjectAcl[].etag`	`string`	HTTP 1.1 Entity tag for the access-control entry.
`defaultObjectAcl[].generation`	`long`	The content generation of the object, if applied to an object.
`defaultObjectAcl[].id`	`string`	The ID of the access-control entry.
`defaultObjectAcl[].kind`	`string`	The kind of item this is. For object access control entries, this is always `storage#objectAccessControl`.
`defaultObjectAcl[].object`	`string`	The name of the object, if applied to an object.
`defaultObjectAcl[].projectTeam`	`object`	The project team associated with the entity, if any.
`defaultObjectAcl[].projectTeam.projectNumber`	`string`	The project number.
`defaultObjectAcl[].projectTeam.team`	`string`	The team. Acceptable values are: "`editors`" "`owners`" "`viewers`"
`defaultObjectAcl[].role`	`string`	The access permission for the entity. Acceptable values are: "`OWNER`" "`READER`"	writable
`defaultObjectAcl[].selfLink`	`string`	The link to this access-control entry.
`encryption`	`object`	Encryption configuration for a bucket.	writable
`encryption.defaultKmsKeyName`	`string`	A Cloud KMS key that will be used to encrypt objects inserted into this bucket, if no encryption method is specified.
`etag`	`string`	HTTP 1.1 Entity tag for the bucket.
`iamConfiguration`	`object`	The bucket's IAM configuration.	writable
`iamConfiguration.bucketPolicyOnly`	`object`	The bucket's Bucket Policy Only^BETA configuration.	writable
`iamConfiguration.bucketPolicyOnly.enabled`	`boolean`	Whether or not the bucket uses Bucket Policy Only. If set, access checks only use bucket-level IAM policies or above.	writable
`iamConfiguration.bucketPolicyOnly.lockedTime`	`datetime`	The deadline time for changing `iamConfiguration.bucketPolicyOnly.enabled` from `true` to `false`, in RFC 3339 format. `iamConfiguration.bucketPolicyOnly.enabled` may be changed from `true` to `false` until the locked time, after which the field is immutable.
`id`	`string`	The ID of the bucket. For buckets, the `id` and `name` properties are the same.
`kind`	`string`	The kind of item this is. For buckets, this is always `storage#bucket`.
`labels`	`object`	User-provided bucket labels, in key/value pairs.	writable
`labels.(key)`	`string`	An individual label entry.	writable
`lifecycle`	`object`	The bucket's lifecycle configuration. See lifecycle management for more information.	writable
`lifecycle.rule[]`	`list`	A lifecycle management rule, which is made of an action to take and the condition(s) under which the action will be taken.
`lifecycle.rule[].action`	`object`	The action to take.
`lifecycle.rule[].action.storageClass`	`string`	Target storage class. Required iff the type of the action is SetStorageClass.
`lifecycle.rule[].action.type`	`string`	Type of the action. Currently, only `Delete` and `SetStorageClass` are supported. Acceptable values are: "`Delete`" "`SetStorageClass`"
`lifecycle.rule[].condition`	`object`	The condition(s) under which the action will be taken.
`lifecycle.rule[].condition.age`	`integer`	Age of an object (in days). This condition is satisfied when an object reaches the specified age.
`lifecycle.rule[].condition.createdBefore`	`date`	A date in RFC 3339 format with only the date part (for instance, "2013-01-15"). This condition is satisfied when an object is created before midnight of the specified date in UTC.
`lifecycle.rule[].condition.isLive`	`boolean`	Relevant only for versioned objects. If the value is `true`, this condition matches live objects; if the value is `false`, it matches archived objects.
`lifecycle.rule[].condition.matchesStorageClass[]`	`list`	Objects having any of the storage classes specified by this condition will be matched. Values include `MULTI_REGIONAL`, `REGIONAL`, `NEARLINE`, `COLDLINE`, `STANDARD`, and `DURABLE_REDUCED_AVAILABILITY`.
`lifecycle.rule[].condition.numNewerVersions`	`integer`	Relevant only for versioned objects. If the value is `N`, this condition is satisfied when there are at least `N` versions (including the live version) newer than this version of the object.
`location`	`string`	The location of the bucket. Object data for objects in the bucket resides in physical storage within this region. Defaults to `US`. See the developer's guide for the authoritative list.	writable
`logging`	`object`	The bucket's logging configuration, which defines the destination bucket and optional name prefix for the current bucket's logs.	writable
`logging.logBucket`	`string`	The destination bucket where the current bucket's logs should be placed.	writable
`logging.logObjectPrefix`	`string`	A prefix for log object names.	writable
`metageneration`	`long`	The metadata generation of this bucket.
`name`	`string`	The name of the bucket.
`owner`	`object`	The owner of the bucket. This is always the project team's owner group.
`owner.entity`	`string`	The entity, in the form `project-owner-projectId`.
`owner.entityId`	`string`	The ID for the entity.
`projectNumber`	`unsigned long`	The project number of the project the bucket belongs to.
`selfLink`	`string`	The URI of this bucket.
`retentionPolicy`	`object`	The bucket's retention policy, which defines the minimum age an object in the bucket must reach before it can be deleted or overwritten.	writable
`retentionPolicy.effectiveTime`	`datetime`	The time from which the retentionPolicy was effective, in RFC 3339 format.
`retentionPolicy.isLocked`	`boolean`	Whether or not the retentionPolicy is locked. If true, the retentionPolicy cannot be removed and the retention period cannot be reduced.
`retentionPolicy.retentionPeriod`	`unsigned integer`	The period of time, in seconds, that objects in the bucket must be retained and cannot be deleted, overwritten, or archived. The value must be greater than 0 seconds and less than 3,155,760,000 seconds.	writable
`storageClass`	`string`	The bucket's default storage class, used whenever no storageClass is specified for a newly-created object. This defines how objects in the bucket are stored and determines the SLA and the cost of storage. Values include `MULTI_REGIONAL`, `REGIONAL`, `STANDARD`, `NEARLINE`, `COLDLINE`, and `DURABLE_REDUCED_AVAILABILITY`. If this value is not specified when the bucket is created, it will default to `STANDARD`. For more information, see storage classes.	writable
`timeCreated`	`datetime`	The creation time of the bucket in RFC 3339 format.
`updated`	`datetime`	The modification time of the bucket in RFC 3339 format.
`versioning`	`object`	The bucket's versioning configuration.	writable
`versioning.enabled`	`boolean`	While set to true, versioning is fully enabled for this bucket.	writable
`website`	`object`	The bucket's website configuration, controlling how the service behaves when accessing bucket contents as a web site. See the Static Website Examples for more information.	writable
`website.mainPageSuffix`	`string`	If the requested object path is missing, the service will ensure the path has a trailing '/', append this suffix, and attempt to retrieve the resulting object. This allows the creation of `index.html` objects to represent directory pages.	writable
`website.notFoundPage`	`string`	If the requested object path is missing, and any `mainPageSuffix` object is missing, if applicable, the service will return the named object from this bucket as the content for a `404 Not Found` result.	writable

Methods

Available methods for Buckets resources are as follows:

delete: Permanently deletes an empty bucket.
get: Returns metadata for the specified bucket.
getIamPolicy: Returns an IAM policy for the specified bucket.
insert: Creates a new bucket.
list: Retrieves a list of buckets for a given project.
lockRetentionPolicy: Irreversibly sets the retention policy on a bucket.
patch: Updates a bucket. Changes to the bucket will be readable immediately after writing, but configuration changes may take time to propagate. This method supports patch semantics.
setIamPolicy: Updates an IAM policy for the specified bucket.
testIamPermissions: Tests a set of permissions on the given bucket to see which, if any, are held by the caller.
update: Updates a bucket. Changes to the bucket will be readable immediately after writing, but configuration changes may take time to propagate. This method sets the complete metadata of a bucket. If you want to change some of a bucket's metadata while leaving other parts unaffected, use the PATCH method instead.

Was this page helpful? Let us know how we did:

Except as otherwise noted, the content of this page is licensed under the Creative Commons Attribution 3.0 License, and code samples are licensed under the Apache 2.0 License. For details, see our Site Policies. Java is a registered trademark of Oracle and/or its affiliates.

Last updated February 15, 2019.

Resource representations

Methods

Send feedback about...