Cyberduck Mountain Duck CLI

Cyberduck Help / Howto / Google Cloud Storage

Google Cloud Storage is a S3 compatible service with pricing based on usage. Google Cloud Storage is interoperable with S3.

Connecting to Google Cloud Storage

Interoperable Access

You must obtain the login credentials (Access Key and Secret) from the Google Developers Console under Legacy Access from the Google Cloud Storage tab.

In the login prompt of Cyberduck you enter the Access Key for the username and Secret for the password. This allows you to connect to one project configured in your account.

OAuth 2.0 Access

You must obtain the project ID (x-goog-project-id) of your project from the Google Developers Console under Storage Access from the Google Cloud Storage tab.

In the login prompt of Cyberduck you enter the x-goog-project-id for the username and enter the Authorization Code retrieved from the website where you grant Cyberduck acccess to your account.

You access the page with the authorization code from the link displayed in the login prompt. Click it to open it in a web browser window. You only need to get the authorization code from the website on the first login attempt. Subsequent OAuth authentications will use a refresh token retrieved from service.

Creating a bucket

When connecting the first time, you must first create a new bucket with File → New Folder... (⌘-N). You can choose the bucket location in Preferences (⌘-,) → S3 The following locations are supported:

  • US
  • EU - Europe

Bucket Access Logging

When this option is enabled in the Google Cloud Storage panel of the Info (File → Info (⌘-I)) window for a bucket or any file within, available log records for this bucket are periodically aggregated into log files and delivered to root in the target logging bucket specified. It is considered best practice to choose a logging target that is different from the origin bucket.

Analytics

After logging is configured, you can access statistics from your access logs using a service such as Qloudstat.

Folders

Creating a folder inside a bucket will create a placeholder object named after the directory, has no data content and the mimetype application/x-directory. Directory placeholder objects created in Google Storage Manager are not supported.

Files

Metadata

You can edit standard HTTP headers add custom HTTP headers to files to store metadata. Choose File → Info → Google Storage to edit headers.

ACLs

Default ACLs

  • Buckets. New buckets created have a default pre-defined canned ACL set to public-read. You get FULL_CONTROL. All other users have READ access.

Granting access to selected users

You can give access to a specific user to a document by granting READ access to the email address registered with Google. The Authenticated URL from the ACL tab in the Info window with the format https://sandbox.google.com/storage/<container>/<file> will verify access to the resource using the Google Account login credentials.

The link will redirect to the file only after the user has successfully logged in to their Google Account and is listed in the ACL you have just edited.

Granting access to Google Apps domain

Google Apps customers can associate their email accounts with an Internet domain name. When you do this, each email account takes the form username@…. You can specify a scope by using any Internet domain name that is associated with a Google Apps account.

Granting access to members of Google Group

Every Google group has a unique email address that is associated with the group. For example, the Google Storage for Developers group has the following email address: gs-discussion@…. You can find the email address that is associated with a Google group by clicking About this group, which appears on the homepage of every Google group.

Permissions

The following permissions can be given to grantees:

BucketFiles
READ Allows grantee to list the files in the bucket Allows grantee to download the file and its metadata
WRITE Allows grantee to create, overwrite, and delete any file in the bucket Not applicable
FULL_CONTROL Allows grantee all permissions on the bucket Allows grantee all permissions on the object

Website Configuration

To host a static website on Google Cloud Storage, It is possible to define a bucket as a Website Endpoint. The configuration in File → Info (⌘-I) → Distribution allows you to enable website configuration. Choose Website Configuration (HTTP) from Delivery Method and define an index document name that is searched for and returned when requests are made to the root or the subfolder in your bucket.

Website Configuration parameters will only affect requests directed to CNAME aliases of a bucket.

Index File

Simulates directory index behavior at both bucket and "directory" level. The file specified is served for requests to the website endpoint as the main page for the bucket and for requests to "directories" contained by the bucket.

Limitations

  • No content distribution (CDN) configuration.
  • Torrent URLs are not supported.
  • Signed URLs are not supported.

References

Last modified 12 months ago Last modified on Jun 27, 2017 7:21:08 AM

Attachments (4)

Download all attachments as: .zip

swiss made software