@pulumi/gcp
Version:
A Pulumi package for creating and managing Google Cloud Platform resources.
564 lines (563 loc) • 26.3 kB
TypeScript
import * as pulumi from "@pulumi/pulumi";
import * as inputs from "../types/input";
import * as outputs from "../types/output";
/**
* Creates a new bucket in Google cloud storage service (GCS).
* Once a bucket has been created, its location can't be changed.
*
* For more information see
* [the official documentation](https://cloud.google.com/storage/docs/overview)
* and
* [API](https://cloud.google.com/storage/docs/json_api/v1/buckets).
*
* **Note**: If the project id is not set on the resource or in the provider block it will be dynamically
* determined which will require enabling the compute api.
*
* ## Example Usage
*
* ### Creating A Private Bucket In Standard Storage, In The EU Region. Bucket Configured As Static Website And CORS Configurations
*
* ```typescript
* import * as pulumi from "@pulumi/pulumi";
* import * as gcp from "@pulumi/gcp";
*
* const static_site = new gcp.storage.Bucket("static-site", {
* name: "image-store.com",
* location: "EU",
* forceDestroy: true,
* uniformBucketLevelAccess: true,
* website: {
* mainPageSuffix: "index.html",
* notFoundPage: "404.html",
* },
* cors: [{
* origins: ["http://image-store.com"],
* methods: [
* "GET",
* "HEAD",
* "PUT",
* "POST",
* "DELETE",
* ],
* responseHeaders: ["*"],
* maxAgeSeconds: 3600,
* }],
* });
* ```
*
* ### Life Cycle Settings For Storage Bucket Objects
*
* ```typescript
* import * as pulumi from "@pulumi/pulumi";
* import * as gcp from "@pulumi/gcp";
*
* const auto_expire = new gcp.storage.Bucket("auto-expire", {
* name: "auto-expiring-bucket",
* location: "US",
* forceDestroy: true,
* lifecycleRules: [
* {
* condition: {
* age: 3,
* },
* action: {
* type: "Delete",
* },
* },
* {
* condition: {
* age: 1,
* },
* action: {
* type: "AbortIncompleteMultipartUpload",
* },
* },
* ],
* });
* ```
*
* ### Life Cycle Settings For Storage Bucket Objects With `Send_age_if_zero` Disabled
* When creating a life cycle condition that does not also include an `age` field, a default `age` of 0 will be set. Set the `sendAgeIfZero` flag to `false` to prevent this and avoid any potentially unintended interactions.
*
* ```typescript
* import * as pulumi from "@pulumi/pulumi";
* import * as gcp from "@pulumi/gcp";
*
* const no_age_enabled = new gcp.storage.Bucket("no-age-enabled", {
* name: "no-age-enabled-bucket",
* location: "US",
* forceDestroy: true,
* lifecycleRules: [{
* action: {
* type: "Delete",
* },
* condition: {
* daysSinceNoncurrentTime: 3,
* sendAgeIfZero: false,
* },
* }],
* });
* ```
*
* ### Enabling Public Access Prevention
*
* ```typescript
* import * as pulumi from "@pulumi/pulumi";
* import * as gcp from "@pulumi/gcp";
*
* const no_public_access = new gcp.storage.Bucket("no-public-access", {
* name: "no-public-access-bucket",
* location: "US",
* forceDestroy: true,
* publicAccessPrevention: "enforced",
* });
* ```
*
* ### Enabling Hierarchical Namespace
*
* ```typescript
* import * as pulumi from "@pulumi/pulumi";
* import * as gcp from "@pulumi/gcp";
*
* const hns_enabled = new gcp.storage.Bucket("hns-enabled", {
* name: "hns-enabled-bucket",
* location: "US",
* forceDestroy: true,
* hierarchicalNamespace: {
* enabled: true,
* },
* });
* ```
*
* ## Import
*
* Storage buckets can be imported using the `name` or `project/name`. If the project is not
*
* passed to the import command it will be inferred from the provider block or environment variables.
*
* If it cannot be inferred it will be queried from the Compute API (this will fail if the API is
*
* not enabled).
*
* * `{{project_id}}/{{bucket}}`
*
* * `{{bucket}}`
*
* When using the `pulumi import` command, Storage buckets can be imported using one of the formats above. For example:
*
* ```sh
* $ pulumi import gcp:storage/bucket:Bucket default {{bucket}}
* ```
*
* ```sh
* $ pulumi import gcp:storage/bucket:Bucket default {{project_id}}/{{bucket}}
* ```
*
* `false` in state. If you've set it to `true` in config, run `pulumi up` to
*
* update the value set in state. If you delete this resource before updating the
*
* value, objects in the bucket will not be destroyed.
*/
export declare class Bucket extends pulumi.CustomResource {
/**
* Get an existing Bucket resource's state with the given name, ID, and optional extra
* properties used to qualify the lookup.
*
* @param name The _unique_ name of the resulting resource.
* @param id The _unique_ provider ID of the resource to lookup.
* @param state Any extra arguments used during the lookup.
* @param opts Optional settings to control the behavior of the CustomResource.
*/
static get(name: string, id: pulumi.Input<pulumi.ID>, state?: BucketState, opts?: pulumi.CustomResourceOptions): Bucket;
/**
* Returns true if the given object is an instance of Bucket. This is designed to work even
* when multiple copies of the Pulumi SDK have been loaded into the same process.
*/
static isInstance(obj: any): obj is Bucket;
/**
* The bucket's [Autoclass](https://cloud.google.com/storage/docs/autoclass) configuration. Structure is documented below.
*/
readonly autoclass: pulumi.Output<outputs.storage.BucketAutoclass | undefined>;
/**
* The bucket's [Cross-Origin Resource Sharing (CORS)](https://www.w3.org/TR/cors/) configuration. Multiple blocks of this type are permitted. Structure is documented below.
*/
readonly cors: pulumi.Output<outputs.storage.BucketCor[] | undefined>;
/**
* The bucket's custom location configuration, which specifies the individual regions that comprise a dual-region bucket. If the bucket is designated a single or multi-region, the parameters are empty. Structure is documented below.
*/
readonly customPlacementConfig: pulumi.Output<outputs.storage.BucketCustomPlacementConfig | undefined>;
/**
* Whether or not to automatically apply an eventBasedHold to new objects added to the bucket.
*/
readonly defaultEventBasedHold: pulumi.Output<boolean | undefined>;
readonly effectiveLabels: pulumi.Output<{
[key: string]: string;
}>;
/**
* Enables [object retention](https://cloud.google.com/storage/docs/object-lock) on a storage bucket.
*/
readonly enableObjectRetention: pulumi.Output<boolean | undefined>;
/**
* The bucket's encryption configuration. Structure is documented below.
*/
readonly encryption: pulumi.Output<outputs.storage.BucketEncryption | undefined>;
/**
* When deleting a bucket, this
* boolean option will delete all contained objects. If you try to delete a
* bucket that contains objects, the provider will fail that run.
*/
readonly forceDestroy: pulumi.Output<boolean | undefined>;
/**
* The bucket's hierarchical namespace policy, which defines the bucket capability to handle folders in logical structure. Structure is documented below. To use this configuration, `uniformBucketLevelAccess` must be enabled on bucket.
*/
readonly hierarchicalNamespace: pulumi.Output<outputs.storage.BucketHierarchicalNamespace | undefined>;
/**
* The bucket IP filtering configuration. Specifies the network sources that can access the bucket, as well as its underlying objects. Structure is documented below.
*/
readonly ipFilter: pulumi.Output<outputs.storage.BucketIpFilter | undefined>;
/**
* A map of key/value label pairs to assign to the bucket.
*/
readonly labels: pulumi.Output<{
[key: string]: string;
} | undefined>;
/**
* The bucket's [Lifecycle Rules](https://cloud.google.com/storage/docs/lifecycle#configuration) configuration. Multiple blocks of this type are permitted. Structure is documented below.
*/
readonly lifecycleRules: pulumi.Output<outputs.storage.BucketLifecycleRule[] | undefined>;
/**
* The [GCS location](https://cloud.google.com/storage/docs/bucket-locations).
*
* - - -
*/
readonly location: pulumi.Output<string>;
/**
* The bucket's [Access & Storage Logs](https://cloud.google.com/storage/docs/access-logs) configuration. Structure is documented below.
*/
readonly logging: pulumi.Output<outputs.storage.BucketLogging | undefined>;
/**
* The name of the bucket. Bucket names must be in lowercase and no more than 63 characters long. You can find the complete list of bucket naming rules [here](https://cloud.google.com/storage/docs/buckets#naming).
*/
readonly name: pulumi.Output<string>;
/**
* The ID of the project in which the resource belongs. If it
* is not provided, the provider project is used.
*/
readonly project: pulumi.Output<string>;
/**
* The project number of the project in which the resource belongs.
*/
readonly projectNumber: pulumi.Output<number>;
/**
* Prevents public access to a bucket. Acceptable values are "inherited" or "enforced". If "inherited", the bucket uses [public access prevention](https://cloud.google.com/storage/docs/public-access-prevention) only if the bucket is subject to the public access prevention organization policy constraint. Defaults to "inherited".
*/
readonly publicAccessPrevention: pulumi.Output<string>;
/**
* The combination of labels configured directly on the resource and default labels configured on the provider.
*/
readonly pulumiLabels: pulumi.Output<{
[key: string]: string;
}>;
/**
* Enables [Requester Pays](https://cloud.google.com/storage/docs/requester-pays) on a storage bucket.
*/
readonly requesterPays: pulumi.Output<boolean | undefined>;
/**
* Configuration of the bucket's data retention policy for how long objects in the bucket should be retained. Structure is documented below.
*/
readonly retentionPolicy: pulumi.Output<outputs.storage.BucketRetentionPolicy | undefined>;
/**
* The recovery point objective for cross-region replication of the bucket. Applicable only for dual and multi-region buckets. `"DEFAULT"` sets default replication. `"ASYNC_TURBO"` value enables turbo replication, valid for dual-region buckets only. See [Turbo Replication](https://cloud.google.com/storage/docs/managing-turbo-replication) for more information. If rpo is not specified at bucket creation, it defaults to `"DEFAULT"` for dual and multi-region buckets. **NOTE** If used with single-region bucket, It will throw an error.
*/
readonly rpo: pulumi.Output<string>;
/**
* The URI of the created resource.
*/
readonly selfLink: pulumi.Output<string>;
/**
* The bucket's soft delete policy, which defines the period of time that soft-deleted objects will be retained, and cannot be permanently deleted. If it is not provided, by default Google Cloud Storage sets this to default soft delete policy
*/
readonly softDeletePolicy: pulumi.Output<outputs.storage.BucketSoftDeletePolicy>;
/**
* The [Storage Class](https://cloud.google.com/storage/docs/storage-classes) of the new bucket. Supported values include: `STANDARD`, `MULTI_REGIONAL`, `REGIONAL`, `NEARLINE`, `COLDLINE`, `ARCHIVE`.
*/
readonly storageClass: pulumi.Output<string | undefined>;
/**
* The creation time of the bucket in RFC 3339 format.
*/
readonly timeCreated: pulumi.Output<string>;
/**
* Enables [Uniform bucket-level access](https://cloud.google.com/storage/docs/uniform-bucket-level-access) access to a bucket.
*/
readonly uniformBucketLevelAccess: pulumi.Output<boolean>;
/**
* The time at which the bucket's metadata or IAM policy was last updated, in RFC 3339 format.
*/
readonly updated: pulumi.Output<string>;
/**
* The base URL of the bucket, in the format `gs://<bucket-name>`.
*/
readonly url: pulumi.Output<string>;
/**
* The bucket's [Versioning](https://cloud.google.com/storage/docs/object-versioning) configuration. Structure is documented below.
*/
readonly versioning: pulumi.Output<outputs.storage.BucketVersioning>;
/**
* Configuration if the bucket acts as a website. Structure is documented below.
*/
readonly website: pulumi.Output<outputs.storage.BucketWebsite>;
/**
* Create a Bucket resource with the given unique name, arguments, and options.
*
* @param name The _unique_ name of the resource.
* @param args The arguments to use to populate this resource's properties.
* @param opts A bag of options that control this resource's behavior.
*/
constructor(name: string, args: BucketArgs, opts?: pulumi.CustomResourceOptions);
}
/**
* Input properties used for looking up and filtering Bucket resources.
*/
export interface BucketState {
/**
* The bucket's [Autoclass](https://cloud.google.com/storage/docs/autoclass) configuration. Structure is documented below.
*/
autoclass?: pulumi.Input<inputs.storage.BucketAutoclass>;
/**
* The bucket's [Cross-Origin Resource Sharing (CORS)](https://www.w3.org/TR/cors/) configuration. Multiple blocks of this type are permitted. Structure is documented below.
*/
cors?: pulumi.Input<pulumi.Input<inputs.storage.BucketCor>[]>;
/**
* The bucket's custom location configuration, which specifies the individual regions that comprise a dual-region bucket. If the bucket is designated a single or multi-region, the parameters are empty. Structure is documented below.
*/
customPlacementConfig?: pulumi.Input<inputs.storage.BucketCustomPlacementConfig>;
/**
* Whether or not to automatically apply an eventBasedHold to new objects added to the bucket.
*/
defaultEventBasedHold?: pulumi.Input<boolean>;
effectiveLabels?: pulumi.Input<{
[key: string]: pulumi.Input<string>;
}>;
/**
* Enables [object retention](https://cloud.google.com/storage/docs/object-lock) on a storage bucket.
*/
enableObjectRetention?: pulumi.Input<boolean>;
/**
* The bucket's encryption configuration. Structure is documented below.
*/
encryption?: pulumi.Input<inputs.storage.BucketEncryption>;
/**
* When deleting a bucket, this
* boolean option will delete all contained objects. If you try to delete a
* bucket that contains objects, the provider will fail that run.
*/
forceDestroy?: pulumi.Input<boolean>;
/**
* The bucket's hierarchical namespace policy, which defines the bucket capability to handle folders in logical structure. Structure is documented below. To use this configuration, `uniformBucketLevelAccess` must be enabled on bucket.
*/
hierarchicalNamespace?: pulumi.Input<inputs.storage.BucketHierarchicalNamespace>;
/**
* The bucket IP filtering configuration. Specifies the network sources that can access the bucket, as well as its underlying objects. Structure is documented below.
*/
ipFilter?: pulumi.Input<inputs.storage.BucketIpFilter>;
/**
* A map of key/value label pairs to assign to the bucket.
*/
labels?: pulumi.Input<{
[key: string]: pulumi.Input<string>;
}>;
/**
* The bucket's [Lifecycle Rules](https://cloud.google.com/storage/docs/lifecycle#configuration) configuration. Multiple blocks of this type are permitted. Structure is documented below.
*/
lifecycleRules?: pulumi.Input<pulumi.Input<inputs.storage.BucketLifecycleRule>[]>;
/**
* The [GCS location](https://cloud.google.com/storage/docs/bucket-locations).
*
* - - -
*/
location?: pulumi.Input<string>;
/**
* The bucket's [Access & Storage Logs](https://cloud.google.com/storage/docs/access-logs) configuration. Structure is documented below.
*/
logging?: pulumi.Input<inputs.storage.BucketLogging>;
/**
* The name of the bucket. Bucket names must be in lowercase and no more than 63 characters long. You can find the complete list of bucket naming rules [here](https://cloud.google.com/storage/docs/buckets#naming).
*/
name?: pulumi.Input<string>;
/**
* The ID of the project in which the resource belongs. If it
* is not provided, the provider project is used.
*/
project?: pulumi.Input<string>;
/**
* The project number of the project in which the resource belongs.
*/
projectNumber?: pulumi.Input<number>;
/**
* Prevents public access to a bucket. Acceptable values are "inherited" or "enforced". If "inherited", the bucket uses [public access prevention](https://cloud.google.com/storage/docs/public-access-prevention) only if the bucket is subject to the public access prevention organization policy constraint. Defaults to "inherited".
*/
publicAccessPrevention?: pulumi.Input<string>;
/**
* The combination of labels configured directly on the resource and default labels configured on the provider.
*/
pulumiLabels?: pulumi.Input<{
[key: string]: pulumi.Input<string>;
}>;
/**
* Enables [Requester Pays](https://cloud.google.com/storage/docs/requester-pays) on a storage bucket.
*/
requesterPays?: pulumi.Input<boolean>;
/**
* Configuration of the bucket's data retention policy for how long objects in the bucket should be retained. Structure is documented below.
*/
retentionPolicy?: pulumi.Input<inputs.storage.BucketRetentionPolicy>;
/**
* The recovery point objective for cross-region replication of the bucket. Applicable only for dual and multi-region buckets. `"DEFAULT"` sets default replication. `"ASYNC_TURBO"` value enables turbo replication, valid for dual-region buckets only. See [Turbo Replication](https://cloud.google.com/storage/docs/managing-turbo-replication) for more information. If rpo is not specified at bucket creation, it defaults to `"DEFAULT"` for dual and multi-region buckets. **NOTE** If used with single-region bucket, It will throw an error.
*/
rpo?: pulumi.Input<string>;
/**
* The URI of the created resource.
*/
selfLink?: pulumi.Input<string>;
/**
* The bucket's soft delete policy, which defines the period of time that soft-deleted objects will be retained, and cannot be permanently deleted. If it is not provided, by default Google Cloud Storage sets this to default soft delete policy
*/
softDeletePolicy?: pulumi.Input<inputs.storage.BucketSoftDeletePolicy>;
/**
* The [Storage Class](https://cloud.google.com/storage/docs/storage-classes) of the new bucket. Supported values include: `STANDARD`, `MULTI_REGIONAL`, `REGIONAL`, `NEARLINE`, `COLDLINE`, `ARCHIVE`.
*/
storageClass?: pulumi.Input<string>;
/**
* The creation time of the bucket in RFC 3339 format.
*/
timeCreated?: pulumi.Input<string>;
/**
* Enables [Uniform bucket-level access](https://cloud.google.com/storage/docs/uniform-bucket-level-access) access to a bucket.
*/
uniformBucketLevelAccess?: pulumi.Input<boolean>;
/**
* The time at which the bucket's metadata or IAM policy was last updated, in RFC 3339 format.
*/
updated?: pulumi.Input<string>;
/**
* The base URL of the bucket, in the format `gs://<bucket-name>`.
*/
url?: pulumi.Input<string>;
/**
* The bucket's [Versioning](https://cloud.google.com/storage/docs/object-versioning) configuration. Structure is documented below.
*/
versioning?: pulumi.Input<inputs.storage.BucketVersioning>;
/**
* Configuration if the bucket acts as a website. Structure is documented below.
*/
website?: pulumi.Input<inputs.storage.BucketWebsite>;
}
/**
* The set of arguments for constructing a Bucket resource.
*/
export interface BucketArgs {
/**
* The bucket's [Autoclass](https://cloud.google.com/storage/docs/autoclass) configuration. Structure is documented below.
*/
autoclass?: pulumi.Input<inputs.storage.BucketAutoclass>;
/**
* The bucket's [Cross-Origin Resource Sharing (CORS)](https://www.w3.org/TR/cors/) configuration. Multiple blocks of this type are permitted. Structure is documented below.
*/
cors?: pulumi.Input<pulumi.Input<inputs.storage.BucketCor>[]>;
/**
* The bucket's custom location configuration, which specifies the individual regions that comprise a dual-region bucket. If the bucket is designated a single or multi-region, the parameters are empty. Structure is documented below.
*/
customPlacementConfig?: pulumi.Input<inputs.storage.BucketCustomPlacementConfig>;
/**
* Whether or not to automatically apply an eventBasedHold to new objects added to the bucket.
*/
defaultEventBasedHold?: pulumi.Input<boolean>;
/**
* Enables [object retention](https://cloud.google.com/storage/docs/object-lock) on a storage bucket.
*/
enableObjectRetention?: pulumi.Input<boolean>;
/**
* The bucket's encryption configuration. Structure is documented below.
*/
encryption?: pulumi.Input<inputs.storage.BucketEncryption>;
/**
* When deleting a bucket, this
* boolean option will delete all contained objects. If you try to delete a
* bucket that contains objects, the provider will fail that run.
*/
forceDestroy?: pulumi.Input<boolean>;
/**
* The bucket's hierarchical namespace policy, which defines the bucket capability to handle folders in logical structure. Structure is documented below. To use this configuration, `uniformBucketLevelAccess` must be enabled on bucket.
*/
hierarchicalNamespace?: pulumi.Input<inputs.storage.BucketHierarchicalNamespace>;
/**
* The bucket IP filtering configuration. Specifies the network sources that can access the bucket, as well as its underlying objects. Structure is documented below.
*/
ipFilter?: pulumi.Input<inputs.storage.BucketIpFilter>;
/**
* A map of key/value label pairs to assign to the bucket.
*/
labels?: pulumi.Input<{
[key: string]: pulumi.Input<string>;
}>;
/**
* The bucket's [Lifecycle Rules](https://cloud.google.com/storage/docs/lifecycle#configuration) configuration. Multiple blocks of this type are permitted. Structure is documented below.
*/
lifecycleRules?: pulumi.Input<pulumi.Input<inputs.storage.BucketLifecycleRule>[]>;
/**
* The [GCS location](https://cloud.google.com/storage/docs/bucket-locations).
*
* - - -
*/
location: pulumi.Input<string>;
/**
* The bucket's [Access & Storage Logs](https://cloud.google.com/storage/docs/access-logs) configuration. Structure is documented below.
*/
logging?: pulumi.Input<inputs.storage.BucketLogging>;
/**
* The name of the bucket. Bucket names must be in lowercase and no more than 63 characters long. You can find the complete list of bucket naming rules [here](https://cloud.google.com/storage/docs/buckets#naming).
*/
name?: pulumi.Input<string>;
/**
* The ID of the project in which the resource belongs. If it
* is not provided, the provider project is used.
*/
project?: pulumi.Input<string>;
/**
* Prevents public access to a bucket. Acceptable values are "inherited" or "enforced". If "inherited", the bucket uses [public access prevention](https://cloud.google.com/storage/docs/public-access-prevention) only if the bucket is subject to the public access prevention organization policy constraint. Defaults to "inherited".
*/
publicAccessPrevention?: pulumi.Input<string>;
/**
* Enables [Requester Pays](https://cloud.google.com/storage/docs/requester-pays) on a storage bucket.
*/
requesterPays?: pulumi.Input<boolean>;
/**
* Configuration of the bucket's data retention policy for how long objects in the bucket should be retained. Structure is documented below.
*/
retentionPolicy?: pulumi.Input<inputs.storage.BucketRetentionPolicy>;
/**
* The recovery point objective for cross-region replication of the bucket. Applicable only for dual and multi-region buckets. `"DEFAULT"` sets default replication. `"ASYNC_TURBO"` value enables turbo replication, valid for dual-region buckets only. See [Turbo Replication](https://cloud.google.com/storage/docs/managing-turbo-replication) for more information. If rpo is not specified at bucket creation, it defaults to `"DEFAULT"` for dual and multi-region buckets. **NOTE** If used with single-region bucket, It will throw an error.
*/
rpo?: pulumi.Input<string>;
/**
* The bucket's soft delete policy, which defines the period of time that soft-deleted objects will be retained, and cannot be permanently deleted. If it is not provided, by default Google Cloud Storage sets this to default soft delete policy
*/
softDeletePolicy?: pulumi.Input<inputs.storage.BucketSoftDeletePolicy>;
/**
* The [Storage Class](https://cloud.google.com/storage/docs/storage-classes) of the new bucket. Supported values include: `STANDARD`, `MULTI_REGIONAL`, `REGIONAL`, `NEARLINE`, `COLDLINE`, `ARCHIVE`.
*/
storageClass?: pulumi.Input<string>;
/**
* Enables [Uniform bucket-level access](https://cloud.google.com/storage/docs/uniform-bucket-level-access) access to a bucket.
*/
uniformBucketLevelAccess?: pulumi.Input<boolean>;
/**
* The bucket's [Versioning](https://cloud.google.com/storage/docs/object-versioning) configuration. Structure is documented below.
*/
versioning?: pulumi.Input<inputs.storage.BucketVersioning>;
/**
* Configuration if the bucket acts as a website. Structure is documented below.
*/
website?: pulumi.Input<inputs.storage.BucketWebsite>;
}