This page describes how to use dual-region storage.
Required roles
In order to get the required permissions for creating a dual-region
bucket, ask your administrator to grant you the Storage Admin
(roles/storage.admin
) IAM role for the project.
This predefined role contains the permission required to create a dual-region bucket. To see the exact permissions that are required, expand the Required permissions section:
Required permissions
storage.buckets.create
storage.buckets.enableObjectRetention
(only required if enabling object retention configurations for the bucket)storage.buckets.list
(only required if creating a bucket using the Google Cloud console)resourcemanager.projects.get
(only required if creating a bucket using the Google Cloud console)
You might also be able to get these permissions with custom roles or other predefined roles. To see which roles are associated with which permissions, refer to IAM roles for Cloud Storage.
For instructions on granting roles for projects, see Manage access to projects.
Create a dual-region bucket
Complete the following steps to create a dual-region bucket:
Console
- In the Google Cloud console, go to the Cloud Storage Buckets page.
Click Create.
On the Create a bucket page, enter your bucket information. To go to the next step, click Continue.
For Name your bucket, enter a name that meets the bucket naming requirements.
For Choose where to store your data, next to Location type, choose Dual-region. Optional: You can combine the feature with turbo replication, by selecting the Add turbo replication checkbox.
For Location, select the Continent and the associated Regions that you want to use.
For Choose a default storage class for your data, select a storage class for the bucket. The default storage class is assigned by default to all objects uploaded to the bucket.
For Choose how to control access to objects, select the public access prevention and access control options you want to use.
For Choose how to protect object data, select the protection tools you want to use such as object versioning, a retention policy, and an encryption method.
Click Create.
To learn how to get detailed error information about failed Cloud Storage operations in the Google Cloud console, see Troubleshooting.
Command line
Use the buckets create
command with the --location
and
--placement
flags:
gcloud storage buckets create gs://BUCKET_NAME --location=MULTI-REGION --placement=REGION_1,REGION_2
Where:
BUCKET_NAME
is the name of the bucket you are creating. For example,my-bucket
.MULTI-REGION
specifies the multi-region code associated with the underlying regions. For example, when choosing the regionsASIA-SOUTH1
(Mumbai) andASIA-SOUTH2
(Delhi), useIN
.REGION_1
specifies the geographic location of a region for your bucket. For example,ASIA-EAST1
.REGION_2
specifies the geographic location of a second region for your bucket. For example,ASIA-SOUTHEAST1
.
If the request is successful, the command returns the following message:
Creating gs://BUCKET_NAME/...
For a complete list of options available when creating buckets with
gcloud storage
, see buckets create
options.
Client libraries
For more information, see the
Cloud Storage C++ API
reference documentation.
To authenticate to Cloud Storage, set up Application Default Credentials.
For more information, see
Set up authentication for a local development environment.
For more information, see the
Cloud Storage C# API
reference documentation.
To authenticate to Cloud Storage, set up Application Default Credentials.
For more information, see
Set up authentication for a local development environment.
For more information, see the
Cloud Storage Go API
reference documentation.
To authenticate to Cloud Storage, set up Application Default Credentials.
For more information, see
Set up authentication for a local development environment.
For more information, see the
Cloud Storage Java API
reference documentation.
To authenticate to Cloud Storage, set up Application Default Credentials.
For more information, see
Set up authentication for a local development environment.
For more information, see the
Cloud Storage Node.js API
reference documentation.
To authenticate to Cloud Storage, set up Application Default Credentials.
For more information, see
Set up authentication for a local development environment.
For more information, see the
Cloud Storage PHP API
reference documentation.
To authenticate to Cloud Storage, set up Application Default Credentials.
For more information, see
Set up authentication for a local development environment.
For more information, see the
Cloud Storage Python API
reference documentation.
To authenticate to Cloud Storage, set up Application Default Credentials.
For more information, see
Set up authentication for a local development environment.
For more information, see the
Cloud Storage Ruby API
reference documentation.
To authenticate to Cloud Storage, set up Application Default Credentials.
For more information, see
Set up authentication for a local development environment.
C++
C#
Go
Java
Node.js
PHP
Python
Ruby
REST APIs
JSON API
Have gcloud CLI installed and initialized, in order to generate an access token for the
Authorization
header.Alternatively, you can create an access token using the OAuth 2.0 Playground and include it in the
Authorization
header.Create a JSON file that contains the settings for the bucket, which must include a
name
andlocation
. See the Buckets:Insert documentation for a complete list of settings. The following are common settings to include:{ "name": "BUCKET_NAME", "location": "MULTI-REGION", "customPlacementConfig": { "dataLocations": ["REGION_1", "REGION_2"] }, "storageClass": "STORAGE_CLASS" }
Where:
BUCKET_NAME
is the name you want to give your bucket, subject to naming requirements. For example,my-bucket
.MULTI-REGION
specifies the multi-region code associated with the underlying regions. For example, when choosing the regionsASIA-SOUTH1
(Mumbai) andASIA-SOUTH2
(Delhi), useIN
.REGION_1
andREGION_2
are the regions where you want to store your bucket's object data. For example,ASIA-EAST1
andASIA-SOUTHEAST1
.STORAGE_CLASS
is the storage class of your bucket. For example,STANDARD
.
Use
cURL
to call the JSON API:curl -X POST --data-binary @JSON_FILE_NAME \ -H "Authorization: Bearer $(gcloud auth print-access-token)" \ -H "Content-Type: application/json" \ "https://storage.googleapis.com/storage/v1/b?project=PROJECT_ID"
Where:
JSON_FILE_NAME
is name of the JSON file you created in Step 2.PROJECT_ID
is the ID of the project with which your bucket will be associated. For example,my-project
.
XML API
Have gcloud CLI installed and initialized, in order to generate an access token for the
Authorization
header.Alternatively, you can create an access token using the OAuth 2.0 Playground and include it in the
Authorization
header.Create an XML file that contains the following information:
<CreateBucketConfiguration> <LocationConstraint>MULTI-REGION</LocationConstraint> <CustomPlacementConfig> <DataLocations> <DataLocation>REGION_1</DataLocation> <DataLocation>REGION_2</DataLocation> </DataLocations> </CustomPlacementConfig> <StorageClass>STORAGE_CLASS</StorageClass> </CreateBucketConfiguration>
Where:
MULTI-REGION
specifies the multi-region code associated with the underlying regions. For example, when choosing the regionsASIA-SOUTH1
(Mumbai) andASIA-SOUTH2
(Delhi), useIN
.REGION_1
andREGION_2
are the regions where you want to store your bucket's object data. For example,ASIA-EAST1
andASIA-SOUTHEAST1
.STORAGE_CLASS
is the default storage class of your bucket. For example,STANDARD
.
-
curl -X PUT --data-binary @XML_FILE_NAME \ -H "Authorization: Bearer $(gcloud auth print-access-token)" \ -H "x-goog-project-id: PROJECT_ID" \ "https://storage.googleapis.com/BUCKET_NAME"
Where:
XML_FILE_NAME
is the name of the XML file you created in Step 2.PROJECT_ID
is the ID of the project with which your bucket will be associated. For example,my-project
.BUCKET_NAME
is the name you want to give your bucket, subject to bucket naming requirements. For example,my-bucket
.
If the request includes unsupported regions, an error message is returned. If the request was successful, a response is not returned.
What's next
- Learn more about turbo replication.
- Retrieve bucket metadata, including the region pairing used by a dual-region bucket.
- Learn more about turbo replication pricing or see a pricing example.