Top / Google Cloud Platform / Google Cloud Storage / Hmac Key

Google Cloud Storage Hmac Key

This page shows how to write Terraform for Cloud Storage Hmac Key and write them securely.

terraform-logo

Review your .tf file for Google best practices

Shisho Cloud, our free checker to make sure your Terraform configuration follows best practices, is available (beta).

google_storage_hmac_key (Terraform)

The Hmac Key in Cloud Storage can be configured in Terraform with the resource name google_storage_hmac_key. The following sections describe 2 examples of how to use the resource and its parameters.

Example Usage from GitHub

main.tf#L8
resource "google_storage_hmac_key" "key" {
  service_account_email = google_service_account.service_account.email
}
# [END storage_hmac_key]
main.tf#L7
resource "google_storage_hmac_key" "this" {
  project               = var.project
  service_account_email = var.service_account_email
  state                 = var.state

  dynamic "timeouts" {

Review your Terraform file for Google best practices

Shisho Cloud, our free checker to make sure your Terraform configuration follows best practices, is available (beta).

Parameters

The access ID of the HMAC Key.

  • id optional computed - string
  • project optional computed - string
  • secret optional computed - string

HMAC secret key material.

The email address of the key's associated service account.

The state of the key. Can be set to one of ACTIVE, INACTIVE. Default value: "ACTIVE" Possible values: ["ACTIVE", "INACTIVE"]

'The creation time of the HMAC key in RFC 3339 format. '

'The last modification time of the HMAC key metadata in RFC 3339 format.'

>> from Terraform Registry

Explanation in Terraform Registry

The hmacKeys resource represents an HMAC key within Cloud Storage. The resource consists of a secret and HMAC key metadata. HMAC keys can be used as credentials for service accounts. To get more information about HmacKey, see:

>> from Terraform Registry

Tips: Best Practices for The Other Google Cloud Storage Resources

In addition to the google_storage_bucket, Google Cloud Storage has the other resources that should be configured for security reasons. Please check some examples of those resources and precautions.

risk-label

google_storage_bucket

Ensure uniform bucket-level access of your GCS bucket is enabled

It is better to enable uniform bucket-level access of the GCS bucket. Uniform bucket-level access unifies and simplifies how you grant access to resources in the bucket.

Review your Google Cloud Storage settings

In addition to the above, there are other security points you should be aware of making sure that your .tf files are protected in Shisho Cloud.

The Other Related Google Cloud Storage Resources

Frequently asked questions

What is Google Cloud Storage Hmac Key?

Google Cloud Storage Hmac Key is a resource for Cloud Storage of Google Cloud Platform. Settings can be wrote in Terraform.

Where can I find the example code for the Google Cloud Storage Hmac Key?

For Terraform, the terraform-google-modules/terraform-docs-samples and niveklabs/google source code examples are useful. See the Terraform Example section for further details.

security-icon

Automate config file reviews on your commits

Fix issues in your infrastructure as code with auto-generated patches.

Table of Contents