オブジェクトのアップロードに使用する PUT 署名付き URL の生成方法の例を示します。
もっと見る
このコードサンプルを含む詳細なドキュメントについては、以下をご覧ください。
コードサンプル
C++
詳細については、Cloud Storage C++ API のリファレンス ドキュメントをご覧ください。
namespace gcs = ::google::cloud::storage;
using ::google::cloud::StatusOr;
[](gcs::Client client, std::string const& bucket_name,
std::string const& object_name, std::string const& signing_account) {
StatusOr<std::string> signed_url = client.CreateV4SignedUrl(
"PUT", std::move(bucket_name), std::move(object_name),
gcs::SignedUrlDuration(std::chrono::minutes(15)),
gcs::AddExtensionHeader("content-type", "application/octet-stream"),
gcs::SigningAccount(signing_account));
if (!signed_url) throw std::move(signed_url).status();
std::cout << "The signed url is: " << *signed_url << "\n\n"
<< "You can use this URL with any user agent, for example:\n"
<< "curl -X PUT -H 'Content-Type: application/octet-stream'"
<< " --upload-file my-file '" << *signed_url << "'\n";
}C#
詳細については、Cloud Storage C# API のリファレンス ドキュメントをご覧ください。
using Google.Cloud.Storage.V1;
using System;
using System.Collections.Generic;
using System.Net.Http;
public class GenerateV4UploadSignedUrlSample
{
public string GenerateV4UploadSignedUrl(
string bucketName = "your-unique-bucket-name",
string objectName = "your-object-name",
string credentialFilePath = "my-local-path/my-credential-file-name")
{
UrlSigner urlSigner = UrlSigner.FromServiceAccountPath(credentialFilePath);
var contentHeaders = new Dictionary<string, IEnumerable<string>>
{
{ "Content-Type", new[] { "text/plain" } }
};
// V4 is the default signing version.
UrlSigner.Options options = UrlSigner.Options.FromDuration(TimeSpan.FromHours(1));
UrlSigner.RequestTemplate template = UrlSigner.RequestTemplate
.FromBucket(bucketName)
.WithObjectName(objectName)
.WithHttpMethod(HttpMethod.Put)
.WithContentHeaders(contentHeaders);
string url = urlSigner.Sign(template, options);
Console.WriteLine("Generated PUT signed URL:");
Console.WriteLine(url);
Console.WriteLine("You can use this URL with any user agent, for example:");
Console.WriteLine($"curl -X PUT -H 'Content-Type: text/plain' --upload-file my-file '{url}'");
return url;
}
}Go
詳細については、Cloud Storage Go API のリファレンス ドキュメントをご覧ください。
import (
"context"
"fmt"
"io"
"time"
"cloud.google.com/go/storage"
)
// generateV4GetObjectSignedURL generates object signed URL with PUT method.
func generateV4PutObjectSignedURL(w io.Writer, bucket, object string) (string, error) {
// bucket := "bucket-name"
// object := "object-name"
ctx := context.Background()
client, err := storage.NewClient(ctx)
if err != nil {
return "", fmt.Errorf("storage.NewClient: %v", err)
}
defer client.Close()
// Signing a URL requires credentials authorized to sign a URL. You can pass
// these in through SignedURLOptions with one of the following options:
// a. a Google service account private key, obtainable from the Google Developers Console
// b. a Google Access ID with iam.serviceAccounts.signBlob permissions
// c. a SignBytes function implementing custom signing.
// In this example, none of these options are used, which means the SignedURL
// function attempts to use the same authentication that was used to instantiate
// the Storage client. This authentication must include a private key or have
// iam.serviceAccounts.signBlob permissions.
opts := &storage.SignedURLOptions{
Scheme: storage.SigningSchemeV4,
Method: "PUT",
Headers: []string{
"Content-Type:application/octet-stream",
},
Expires: time.Now().Add(15 * time.Minute),
}
u, err := client.Bucket(bucket).SignedURL(object, opts)
if err != nil {
return "", fmt.Errorf("Bucket(%q).SignedURL: %v", bucket, err)
}
fmt.Fprintln(w, "Generated PUT signed URL:")
fmt.Fprintf(w, "%q\n", u)
fmt.Fprintln(w, "You can use this URL with any user agent, for example:")
fmt.Fprintf(w, "curl -X PUT -H 'Content-Type: application/octet-stream' --upload-file my-file %q\n", u)
return u, nil
}
Java
詳細については、Cloud Storage Java API のリファレンス ドキュメントをご覧ください。
import com.google.cloud.storage.BlobId;
import com.google.cloud.storage.BlobInfo;
import com.google.cloud.storage.HttpMethod;
import com.google.cloud.storage.Storage;
import com.google.cloud.storage.StorageException;
import com.google.cloud.storage.StorageOptions;
import java.net.URL;
import java.util.HashMap;
import java.util.Map;
import java.util.concurrent.TimeUnit;
public class GenerateV4PutObjectSignedUrl {
/**
* Signing a URL requires Credentials which implement ServiceAccountSigner. These can be set
* explicitly using the Storage.SignUrlOption.signWith(ServiceAccountSigner) option. If you don't,
* you could also pass a service account signer to StorageOptions, i.e.
* StorageOptions().newBuilder().setCredentials(ServiceAccountSignerCredentials). In this example,
* neither of these options are used, which means the following code only works when the
* credentials are defined via the environment variable GOOGLE_APPLICATION_CREDENTIALS, and those
* credentials are authorized to sign a URL. See the documentation for Storage.signUrl for more
* details.
*/
public static void generateV4PutObjectSignedUrl(
String projectId, String bucketName, String objectName) throws StorageException {
// String projectId = "my-project-id";
// String bucketName = "my-bucket";
// String objectName = "my-object";
Storage storage = StorageOptions.newBuilder().setProjectId(projectId).build().getService();
// Define Resource
BlobInfo blobInfo = BlobInfo.newBuilder(BlobId.of(bucketName, objectName)).build();
// Generate Signed URL
Map<String, String> extensionHeaders = new HashMap<>();
extensionHeaders.put("Content-Type", "application/octet-stream");
URL url =
storage.signUrl(
blobInfo,
15,
TimeUnit.MINUTES,
Storage.SignUrlOption.httpMethod(HttpMethod.PUT),
Storage.SignUrlOption.withExtHeaders(extensionHeaders),
Storage.SignUrlOption.withV4Signature());
System.out.println("Generated PUT signed URL:");
System.out.println(url);
System.out.println("You can use this URL with any user agent, for example:");
System.out.println(
"curl -X PUT -H 'Content-Type: application/octet-stream' --upload-file my-file '"
+ url
+ "'");
}
}Node.js
詳細については、Cloud Storage Node.js API のリファレンス ドキュメントをご覧ください。
/**
* TODO(developer): Uncomment the following lines before running the sample.
*/
// The ID of your GCS bucket
// const bucketName = 'your-unique-bucket-name';
// The full path of your file inside the GCS bucket, e.g. 'yourFile.jpg' or 'folder1/folder2/yourFile.jpg'
// const fileName = 'your-file-name';
// Imports the Google Cloud client library
const {Storage} = require('@google-cloud/storage');
// Creates a client
const storage = new Storage();
async function generateV4UploadSignedUrl() {
// These options will allow temporary uploading of the file with outgoing
// Content-Type: application/octet-stream header.
const options = {
version: 'v4',
action: 'write',
expires: Date.now() + 15 * 60 * 1000, // 15 minutes
contentType: 'application/octet-stream',
};
// Get a v4 signed URL for uploading file
const [url] = await storage
.bucket(bucketName)
.file(fileName)
.getSignedUrl(options);
console.log('Generated PUT signed URL:');
console.log(url);
console.log('You can use this URL with any user agent, for example:');
console.log(
"curl -X PUT -H 'Content-Type: application/octet-stream' " +
`--upload-file my-file '${url}'`
);
}
generateV4UploadSignedUrl().catch(console.error);PHP
詳細については、Cloud Storage PHP API のリファレンス ドキュメントをご覧ください。
use Google\Cloud\Storage\StorageClient;
/**
* Generate a v4 signed URL for uploading an object.
*
* @param string $bucketName The name of your Cloud Storage bucket.
* (e.g. 'my-bucket')
* @param string $objectName The name of your Cloud Storage object.
* (e.g. 'my-object')
*/
function upload_object_v4_signed_url(string $bucketName, string $objectName): void
{
$storage = new StorageClient();
$bucket = $storage->bucket($bucketName);
$object = $bucket->object($objectName);
$url = $object->signedUrl(
# This URL is valid for 15 minutes
new \DateTime('15 min'),
[
'method' => 'PUT',
'contentType' => 'application/octet-stream',
'version' => 'v4',
]
);
print('Generated PUT signed URL:' . PHP_EOL);
print($url . PHP_EOL);
print('You can use this URL with any user agent, for example:' . PHP_EOL);
print("curl -X PUT -H 'Content-Type: application/octet-stream' " .
'--upload-file my-file ' . $url . PHP_EOL);
}Python
詳細については、Cloud Storage Python API のリファレンス ドキュメントをご覧ください。
import datetime
from google.cloud import storage
def generate_upload_signed_url_v4(bucket_name, blob_name):
"""Generates a v4 signed URL for uploading a blob using HTTP PUT.
Note that this method requires a service account key file. You can not use
this if you are using Application Default Credentials from Google Compute
Engine or from the Google Cloud SDK.
"""
# bucket_name = 'your-bucket-name'
# blob_name = 'your-object-name'
storage_client = storage.Client()
bucket = storage_client.bucket(bucket_name)
blob = bucket.blob(blob_name)
url = blob.generate_signed_url(
version="v4",
# This URL is valid for 15 minutes
expiration=datetime.timedelta(minutes=15),
# Allow PUT requests using this URL.
method="PUT",
content_type="application/octet-stream",
)
print("Generated PUT signed URL:")
print(url)
print("You can use this URL with any user agent, for example:")
print(
"curl -X PUT -H 'Content-Type: application/octet-stream' "
"--upload-file my-file '{}'".format(url)
)
return url
Ruby
詳細については、Cloud Storage Ruby API のリファレンス ドキュメントをご覧ください。
def generate_upload_signed_url_v4 bucket_name:, file_name:
# The ID of your GCS bucket
# bucket_name = "your-unique-bucket-name"
# The ID of your GCS object
# file_name = "your-file-name"
require "google/cloud/storage"
storage = Google::Cloud::Storage.new
storage_expiry_time = 5 * 60 # 5 minutes
url = storage.signed_url bucket_name, file_name, method: "PUT",
expires: storage_expiry_time, version: :v4,
headers: { "Content-Type" => "text/plain" }
puts "Generated PUT signed URL:"
puts url
puts "You can use this URL with any user agent, for example:"
puts "curl -X PUT -H 'Content-Type: text/plain' --upload-file my-file '#{url}'"
end次のステップ
他の Google Cloud プロダクトに関連するコードサンプルの検索およびフィルタ検索を行うには、Google Cloud のサンプルをご覧ください。