Cloud Storage
Cloud Storage
Section titled “Cloud Storage”Cloud Storage is GCP’s object storage service — store files, images, backups, static assets, and data lakes. It’s equivalent to AWS S3 or Azure Blob Storage.
Storage Classes
Section titled “Storage Classes”| Class | Use Case | Min Duration | Cost |
|---|---|---|---|
| Standard | Frequently accessed data | None | Highest |
| Nearline | Once a month or less | 30 days | Lower |
| Coldline | Once a quarter or less | 90 days | Lower |
| Archive | Long-term backups | 365 days | Lowest |
Creating Buckets
Section titled “Creating Buckets”# Create a bucket (globally unique name required)gcloud storage buckets create gs://my-bucket-name \ --location=europe-west2 \ --default-storage-class=standardBucket names are globally unique across all GCP customers.
Uploading and Downloading
Section titled “Uploading and Downloading”# Upload a filegcloud storage cp ./local-file.txt gs://my-bucket-name/
# Upload a directory recursivelygcloud storage cp -r ./dist/ gs://my-bucket-name/
# Download a filegcloud storage cp gs://my-bucket-name/remote-file.txt ./
# List objectsgcloud storage ls gs://my-bucket-name/gcloud storage ls -l gs://my-bucket-name/ # with sizes
# Delete an objectgcloud storage rm gs://my-bucket-name/old-file.txtAccess Control
Section titled “Access Control”Uniform bucket-level access (recommended):
# Make a bucket publicly readablegcloud storage buckets add-iam-policy-binding gs://my-bucket-name \ --member=allUsers \ --role=roles/storage.objectViewer
# Grant a user write accessgcloud storage buckets add-iam-policy-binding gs://my-bucket-name \ --member=user:user@example.com \ --role=roles/storage.objectAdminObject-level ACL (legacy):
gcloud storage objects update gs://my-bucket-name/file.txt \ --predefined-acl=publicReadStatic Website Hosting
Section titled “Static Website Hosting”# Set the main page and 404 pagegcloud storage buckets update gs://my-bucket-name \ --web-main-page-suffix=index.html \ --web-error-page=404.html
# Make bucket publicgcloud storage buckets add-iam-policy-binding gs://my-bucket-name \ --member=allUsers \ --role=roles/storage.objectViewerThe bucket’s public URL is:
https://storage.googleapis.com/my-bucket-name/index.htmlUse Cloud CDN or a load balancer in front for custom domains + HTTPS.
Lifecycle Rules
Section titled “Lifecycle Rules”Automatically transition or delete objects:
{ "rule": [ { "action": { "type": "SetStorageClass", "storageClass": "NEARLINE" }, "condition": { "age": 30 } }, { "action": { "type": "Delete" }, "condition": { "age": 365 } } ]}gcloud storage buckets update gs://my-bucket-name \ --lifecycle-file=lifecycle.jsonSigned URLs
Section titled “Signed URLs”Generate time-limited URLs to grant temporary access without authentication:
gcloud storage sign-url gs://my-bucket-name/private-file.pdf \ --duration=1h \ --private-key-file=service-account-key.jsongsutil vs gcloud storage
Section titled “gsutil vs gcloud storage”gcloud storage is the newer, recommended CLI. gsutil (older) is still widely used:
# gsutil equivalentsgsutil cp ./file.txt gs://my-bucket/gsutil ls gs://my-bucket/gsutil rm gs://my-bucket/file.txtCommon Patterns
Section titled “Common Patterns”Backup to Cloud Storage:
# Database backuppg_dump mydb | gzip | gcloud storage cp - gs://my-backups/db-$(date +%Y%m%d).sql.gzSync a local directory:
gcloud storage rsync -r ./build/ gs://my-bucket/