Bucket
Bucket
Bucket defines the high-level intent for a managed object storage bucket. It creates a Cloud Storage bucket and configures its properties, such as visibility (public/private), storage class, and region.
From a technical perspective, this manifest orchestrates the creation of a google_storage_bucket
and its associated auxiliary resources, such as IAM policies for visibility and Pub/Sub notifications
for event streaming. It also supports advanced processors injecting serverless content-scanning pipelines.
| Property | Type | Description |
|---|---|---|
| apiVersion | string | The API version of the manifest, enforcing backward compatibility contracts. |
| kind | string | The resource type discriminator, explicitly defining this block as a Bucket object. |
| metadata | map | Custom metadata for labeling and classifying the resource within the control plane. |
| spec | Spec | The concrete structural inputs defining the managed storage node. |
Spec
Spec defines the user-defined inputs required to configure the object storage bucket. This definition governs core bucket topologies (location, storage tiers) as well as access and event-driven automation (processors).
| Property | Type | Description |
|---|---|---|
| public | bool | Explicit toggle enabling unauthenticated HTTP access to the objects stored within. If true, this evaluates into injecting an IAM policy binding that systematically grants object viewing permission to the primitive allUsers member, bypassing standard authentication checks. |
| description | string | A string providing descriptive context about this storage unit. This description is optional but drastically improves the understanding of the AI assistant regarding the semantic usage of the bucket payload. |
| notifications | list of BucketNotificationConfig | Configures the notification topics and events issued by this bucket. |
| scanForMalware | bool | Explicit toggle invoking integrated anti-malware services upon upload. |
| processors | Processors | Configurations directing the asynchronous processing topologies linked to bucket writes. |
| region | string | The geographical location boundary where the bucket and its replicated data should reside. This parameter restricts the data residency and defines the physical control plane boundary mapped onto the underlying storage provider. |
| storageClass | string | The default storage class for objects inside, dictating the cost model constraint. Represents the long-term or short-term availability SLA required. This maps to standardized classes enforcing cost-to-retrieval latency models defined by the cloud backend. |
Processors
Processors manages serverless workflows hooked onto the bucket's ObjectCreate events. Technically, it provisions respective Cloud Run services or Cloud Functions bounded to Eventarc triggers to automate data processing mutations immediately upon ingestion.
| Property | Type | Description |
|---|---|---|
| obscenityScanner | bool | If true, objects uploaded to this bucket will be scanned for adult or violent content using the Google Cloud Vision API. |
| converters | list of BucketImageConverterConfig | Configuration for automatic image transformations or format conversions. |
BucketImageConverterConfig
Configures automatic image conversion operations on objects.
Instructs the associated image processing pipeline (if enabled) on how to re-encode uploaded images.
| Property | Type | Description |
|---|---|---|
| format | string | |
| maxWidth | int64 | |
| maxHeight | int64 |
BucketNotificationConfig
Links storage buckets to Pub/Sub notification pipelines.
Generates the google_storage_notification resource to push event records upon object changes.
| Property | Type | Description |
|---|---|---|
| topic | string | The name of the PubSub manifest to which notifications should be sent. Creates a google_storage_notification resource linking this bucket to the specified Pub/Sub topic. |
| events | list of string | A list of event types that will trigger a notification. For example, OBJECT_FINALIZE triggers on new object creation. This list is passed to the event_types attribute of the google_storage_notification resource. |