Google Cloud Storage Bucket Object

This page shows how to write Terraform for Cloud Storage Bucket Object and write them securely.

google_storage_bucket_object (Terraform)

The Bucket Object in Cloud Storage can be configured in Terraform with the resource name google_storage_bucket_object. The following sections describe 5 examples of how to use the resource and its parameters.

Example Usage from GitHub
resource "google_storage_bucket_object" "baseldapdomain" {
  name   = "resources/baseldapdomain.ldif"
  source = "resources/baseldapdomain.ldif"
  bucket =
resource "google_storage_bucket_object" "baseldapdomain" {
  name   = "resources/baseldapdomain.ldif"
  source = "resources/baseldapdomain.ldif"
  bucket =
resource "google_storage_bucket_object" "archive_folder" {
  name = var.archive_folder_name
  content = var.archive_folder_content
  bucket = var.bucketname
resource "google_storage_bucket_object" "org_node_stuff_vars" {
  bucket  =
  name    = "01-org-node-stuff/"
  content = " "
resource "google_storage_bucket_object" "index" {
  name   = "index.html"
  source = "www/index.html"
  bucket =
  depends_on = [google_storage_default_object_access_control.public_rule]

Review your Terraform file for Google best practices

Shisho Cloud, our free checker to make sure your Terraform configuration follows best practices, is available (beta).


The name of the containing bucket.

Cache-Control directive to specify caching behavior of object data. If omitted and object is accessible to all anonymous users, the default will be public, max-age=3600

Data as string to be uploaded. Must be defined if source is not. Note: The content field is marked as sensitive. To view the raw contents of the object, please define an output.

Content-Disposition of the object data.

Content-Encoding of the object data.

Content-Language of the object data.

Content-Type of the object data. Defaults to "application/octet-stream" or "text/plain; charset=utf-8".

  • crc32c optional computed - string

Base 64 CRC32 hash of the uploaded data.

Resource name of the Cloud KMS key that will be used to encrypt the object. Overrides the object metadata's kmsKeyName value, if any.

Base 64 MD5 hash of the uploaded data.

A url reference to download this object.

  • metadata optional - map from string to string

User-provided metadata, in key/value pairs.

The name of the object. If you're interpolating the name of this object, see output_name instead.

The name of the object. Use this field in interpolations with google_storage_object_acl to recreate google_storage_object_acl resources when your google_storage_bucket_object is recreated.

A url reference to this object.

A path to the data you want to upload. Must be defined if content is not.

The StorageClass of the new bucket object. Supported values include: MULTI_REGIONAL, REGIONAL, NEARLINE, COLDLINE, ARCHIVE. If not provided, this defaults to the bucket's default storage class or to a standard class.

Explanation in Terraform Registry

Creates a new object inside an existing bucket in Google cloud storage service (GCS). ACLs can be applied using the google_storage_object_acl resource. For more information see the official documentation and API.

Tips: Best Practices for The Other Google Cloud Storage Resources

In addition to the google_storage_bucket, Google Cloud Storage has the other resources that should be configured for security reasons. Please check some examples of those resources and precautions.



Ensure uniform bucket-level access of your GCS bucket is enabled

It is better to enable uniform bucket-level access of the GCS bucket. Uniform bucket-level access unifies and simplifies how you grant access to resources in the bucket.

Review your Google Cloud Storage settings

In addition to the above, there are other security points you should be aware of making sure that your .tf files are protected in Shisho Cloud.

Frequently asked questions

What is Google Cloud Storage Bucket Object?

Google Cloud Storage Bucket Object is a resource for Cloud Storage of Google Cloud Platform. Settings can be wrote in Terraform.

Where can I find the example code for the Google Cloud Storage Bucket Object?

For Terraform, the Mevan96/ldap, Boeefkas/ldap and Shriyut/buildterraform source code examples are useful. See the Terraform Example section for further details.


Automate config file reviews on your commits

Fix issues in your infrastructure as code with auto-generated patches.