2017-03-08 02:47:23 +00:00
|
|
|
|
---
|
|
|
|
|
|
layout: "docs"
|
|
|
|
|
|
page_title: "Google Cloud - Storage Backends - Configuration"
|
|
|
|
|
|
sidebar_current: "docs-configuration-storage-google-cloud"
|
|
|
|
|
|
description: |-
|
|
|
|
|
|
The Google Cloud storage backend is used to persist Vault's data in Google
|
|
|
|
|
|
Cloud Storage.
|
|
|
|
|
|
---
|
|
|
|
|
|
|
|
|
|
|
|
# Google Cloud Storage Backend
|
|
|
|
|
|
|
|
|
|
|
|
The Google Cloud storage backend is used to persist Vault's data in
|
|
|
|
|
|
[Google Cloud Storage][gcs].
|
|
|
|
|
|
|
|
|
|
|
|
- **No High Availability** – the Google Cloud storage backend does not support
|
|
|
|
|
|
high availability.
|
|
|
|
|
|
|
|
|
|
|
|
- **Community Supported** – the Google Cloud storage backend is supported by the
|
|
|
|
|
|
community. While it has undergone review by HashiCorp employees, they may not
|
|
|
|
|
|
be as knowledgeable about the technology. If you encounter problems with them,
|
|
|
|
|
|
you may be referred to the original author.
|
|
|
|
|
|
|
|
|
|
|
|
```hcl
|
2017-03-08 14:17:00 +00:00
|
|
|
|
storage "gcs" {
|
2017-03-08 02:47:23 +00:00
|
|
|
|
bucket = "my-storage-bucket"
|
|
|
|
|
|
credentials_file = "/tmp/credentials.json"
|
|
|
|
|
|
}
|
|
|
|
|
|
```
|
|
|
|
|
|
|
|
|
|
|
|
## `gcs` Parameters
|
|
|
|
|
|
|
|
|
|
|
|
- `bucket` `(string: <required>)` – Specifies the name of the Google Cloud
|
|
|
|
|
|
Storage bucket to use. This bucket must already exist and the provided service
|
|
|
|
|
|
account must have permission to read, write, and delete from the bucket. This
|
|
|
|
|
|
can also be provided via the environment variable `GOOGLE_STORAGE_BUCKET`.
|
|
|
|
|
|
|
2017-08-30 19:42:02 +00:00
|
|
|
|
- `credentials_file` `(string: "<varies>")` – Specifies the path on disk to a
|
2017-03-08 02:47:23 +00:00
|
|
|
|
Google Cloud Platform [service account][gcs-service-account] private key file
|
2017-08-30 19:42:02 +00:00
|
|
|
|
in [JSON format][gcs-private-key]. The GCS client library will attempt to use
|
|
|
|
|
|
the [application default credentials][adc] if this is not specified.
|
2017-03-08 02:47:23 +00:00
|
|
|
|
|
2017-03-26 18:32:26 +00:00
|
|
|
|
- `max_parallel` `(string: "128")` – Specifies the maximum number of concurrent
|
2017-03-08 02:47:23 +00:00
|
|
|
|
requests.
|
|
|
|
|
|
|
|
|
|
|
|
## `gcs` Examples
|
|
|
|
|
|
|
|
|
|
|
|
### Default Example
|
|
|
|
|
|
|
|
|
|
|
|
This example shows a default configuration for the Google Cloud Storage backend.
|
|
|
|
|
|
|
|
|
|
|
|
```hcl
|
2017-03-08 14:17:00 +00:00
|
|
|
|
storage "gcs" {
|
2017-03-08 02:47:23 +00:00
|
|
|
|
bucket = "my-storage-bucket"
|
|
|
|
|
|
credentials_file = "/tmp/credentials.json"
|
|
|
|
|
|
}
|
|
|
|
|
|
```
|
|
|
|
|
|
|
2017-08-30 19:42:02 +00:00
|
|
|
|
[adc]: https://developers.google.com/identity/protocols/application-default-credentials
|
2017-03-08 02:47:23 +00:00
|
|
|
|
[gcs]: https://cloud.google.com/storage/
|
2017-03-17 16:12:28 +00:00
|
|
|
|
[gcs-service-account]: https://cloud.google.com/compute/docs/access/service-accounts
|
2017-03-08 02:47:23 +00:00
|
|
|
|
[gcs-private-key]: https://cloud.google.com/storage/docs/authentication#generating-a-private-key
|
