Managing Cloud Storage with Terraform
Learn how to provision and manage Google Cloud Storage buckets using Terraform
In this guide, we’ll explore how to manage Google Cloud Storage using Terraform.
Video Tutorial
Learn more about managing Google Cloud Storage with Terraform in this comprehensive video tutorial:
Prerequisites
- Google Cloud SDK installed and configured
- Terraform installed (version 1.0.0 or later)
- A GCP project with billing enabled
- Basic understanding of object storage concepts
Provider Configuration
terraform {
required_providers {
google = {
source = "hashicorp/google"
version = "~> 4.0"
}
}
}
provider "google" {
project = var.project_id
region = var.region
}Variables
variable "project_id" {
description = "The ID of the GCP project"
type = string
}
variable "region" {
description = "The region to deploy resources to"
type = string
default = "us-central1"
}
variable "bucket_name" {
description = "Name of the storage bucket"
type = string
}
variable "storage_class" {
description = "The storage class of the bucket"
type = string
default = "STANDARD"
}Storage Bucket Configuration
resource "google_storage_bucket" "bucket" {
name = var.bucket_name
location = var.region
storage_class = var.storage_class
force_destroy = false
uniform_bucket_level_access = true
versioning {
enabled = true
}
lifecycle_rule {
condition {
age = 30
}
action {
type = "SetStorageClass"
storage_class = "COLDLINE"
}
}
cors {
origin = ["http://example.com"]
method = ["GET", "HEAD", "PUT", "POST", "DELETE"]
response_header = ["*"]
max_age_seconds = 3600
}
}IAM Configuration
resource "google_storage_bucket_iam_binding" "viewer" {
bucket = google_storage_bucket.bucket.name
role = "roles/storage.objectViewer"
members = [
"user:jane@example.com",
]
}
resource "google_storage_bucket_iam_binding" "admin" {
bucket = google_storage_bucket.bucket.name
role = "roles/storage.admin"
members = [
"user:john@example.com",
]
}Object Management
resource "google_storage_bucket_object" "example" {
name = "example-object"
bucket = google_storage_bucket.bucket.name
source = "path/to/local/file" # Or use content field for direct content
storage_class = "STANDARD"
content_type = "text/plain"
}Outputs
output "bucket_url" {
value = google_storage_bucket.bucket.url
description = "The URL of the created bucket"
}
output "bucket_name" {
value = google_storage_bucket.bucket.name
description = "The name of the bucket"
}
output "bucket_self_link" {
value = google_storage_bucket.bucket.self_link
description = "The URI of the created bucket"
}Best Practices
-
Security:
- Enable uniform bucket-level access
- Use appropriate IAM roles
- Enable object versioning
- Implement encryption
-
Cost Optimization:
- Use appropriate storage classes
- Implement lifecycle rules
- Monitor usage patterns
- Clean up unused objects
-
Performance:
- Choose appropriate location
- Use CDN for public content
- Implement caching strategies
-
Data Management:
- Enable versioning
- Configure retention policies
- Set up logging
Common Operations
Creating Resources
terraform init
terraform plan
terraform applyManaging Objects
# Upload objects
gsutil cp local-file gs://${bucket_name}/
# List objects
gsutil ls gs://${bucket_name}/Destroying Resources
terraform destroyBest Practices and Tips
-
Bucket Management:
- Use meaningful names
- Implement proper organization
- Regular cleanup
-
Security:
- Regular security audits
- Monitor access logs
- Review IAM permissions
-
Performance:
- Use appropriate storage class
- Monitor metrics
- Optimize access patterns
Conclusion
You’ve learned how to set up and manage Google Cloud Storage using Terraform. This setup provides:
- Automated bucket deployment
- Secure and scalable storage
- Cost-effective data management
- Best practices implementation