This directory contains samples for Google Cloud Storage. Google Cloud Storage allows world-wide storage and retrieval of any amount of data at any time.
Authentication is typically done through Application Default Credentials, which means you do not have to change the code to authenticate as long as your environment has credentials. You have a few options for setting up authentication:
When running locally, use the Google Cloud SDK
gcloud auth application-default login
When running on App Engine or Compute Engine, credentials are already set-up. However, you may need to configure your Compute Engine instance with additional scopes.
You can create a Service Account key file. This file can be used to authenticate to Google Cloud Platform services from any environment. To use the file, set the
GOOGLE_APPLICATION_CREDENTIALSenvironment variable to the path to the key file, for example:export GOOGLE_APPLICATION_CREDENTIALS=/path/to/service_account.json
Install pip and virtualenv if you do not already have them.
Create a virtualenv. Samples are compatible with Python 2.7 and 3.4+.
$ virtualenv env $ source env/bin/activateInstall the dependencies needed to run the samples.
$ pip install -r requirements.txt
To run this sample:
$ python quickstart.pyTo run this sample:
$ python snippets.py
usage: snippets.py [-h]
bucket_name
{create-bucket,delete-bucket,list,list-with-prefix,upload,download,delete,metadata,make-public,signed-url,rename,copy}
...
This application demonstrates how to perform basic operations on blobs
(objects) in a Google Cloud Storage bucket.
For more information, see the README.md under /storage and the documentation
at https://cloud.google.com/storage/docs.
positional arguments:
bucket_name Your cloud storage bucket.
{create-bucket,delete-bucket,list,list-with-prefix,upload,download,delete,metadata,make-public,signed-url,rename,copy}
create-bucket Creates a new bucket.
delete-bucket Deletes a bucket. The bucket must be empty.
list Lists all the blobs in the bucket.
list-with-prefix Lists all the blobs in the bucket that begin with the
prefix. This can be used to list all blobs in a
"folder", e.g. "public/". The delimiter argument can
be used to restrict the results to only the "files" in
the given "folder". Without the delimiter, the entire
tree under the prefix is returned. For example, given
these blobs: /a/1.txt /a/b/2.txt If you just specify
prefix = '/a', you'll get back: /a/1.txt /a/b/2.txt
However, if you specify prefix='/a' and delimiter='/',
you'll get back: /a/1.txt
upload Uploads a file to the bucket.
download Downloads a blob from the bucket.
delete Deletes a blob from the bucket.
metadata Prints out a blob's metadata.
make-public Makes a blob publicly accessible.
signed-url Generates a signed URL for a blob. Note that this
method requires a service account key file. You can
not use this if you are using Application Default
Credentials from Google Compute Engine or from the
Google Cloud SDK.
rename Renames a blob.
copy Renames a blob.
optional arguments:
-h, --help show this help message and exitTo run this sample:
$ python acl.py
usage: acl.py [-h]
{print-bucket-acl,print-bucket-acl-for-user,add-bucket-owner,remove-bucket-owner,add-bucket-default-owner,remove-bucket-default-owner,print-blob-acl,print-blob-acl-for-user,add-blob-owner,remove-blob-owner}
...
This application demonstrates how to manage access control lists (acls) in
Google Cloud Storage.
For more information, see the README.md under /storage and the documentation
at https://cloud.google.com/storage/docs/encryption.
positional arguments:
{print-bucket-acl,print-bucket-acl-for-user,add-bucket-owner,remove-bucket-owner,add-bucket-default-owner,remove-bucket-default-owner,print-blob-acl,print-blob-acl-for-user,add-blob-owner,remove-blob-owner}
print-bucket-acl Prints out a bucket's access control list.
print-bucket-acl-for-user
Prints out a bucket's access control list.
add-bucket-owner Adds a user as an owner on the given bucket.
remove-bucket-owner
Removes a user from the access control list of the
given bucket.
add-bucket-default-owner
Adds a user as an owner in the given bucket's default
object access control list.
remove-bucket-default-owner
Removes a user from the access control list of the
given bucket's default object access control list.
print-blob-acl Prints out a blob's access control list.
print-blob-acl-for-user
Prints out a blob's access control list for a given
user.
add-blob-owner Adds a user as an owner on the given blob.
remove-blob-owner Removes a user from the access control list of the
given blob in the given bucket.
optional arguments:
-h, --help show this help message and exitTo run this sample:
$ python encryption.py
usage: encryption.py [-h] {generate-encryption-key,upload,download,rotate} ...
This application demonstrates how to upload and download encrypted blobs
(objects) in Google Cloud Storage.
Use `generate-encryption-key` to generate an example key:
python encryption.py generate-encryption-key
Then use the key to upload and download files encrypted with a custom key.
For more information, see the README.md under /storage and the documentation
at https://cloud.google.com/storage/docs/encryption.
positional arguments:
{generate-encryption-key,upload,download,rotate}
generate-encryption-key
Generates a 256 bit (32 byte) AES encryption key and
prints the base64 representation. This is included for
demonstration purposes. You should generate your own
key. Please remember that encryption keys should be
handled with a comprehensive security policy.
upload Uploads a file to a Google Cloud Storage bucket using
a custom encryption key. The file will be encrypted by
Google Cloud Storage and only retrievable using the
provided encryption key.
download Downloads a previously-encrypted blob from Google
Cloud Storage. The encryption key provided must be the
same key provided when uploading the blob.
rotate Performs a key rotation by re-writing an encrypted
blob with a new encryption key.
optional arguments:
-h, --help show this help message and exitTo run this sample:
$ python notification_polling.py
usage: notification_polling.py [-h] subscription
This application demonstrates how to poll for GCS notifications from a Cloud
Pub/Sub subscription, parse the incoming message, and acknowledge the
successful processing of the message. This application will work with any
subscription configured for pull rather than push notifications. If you do not
already have notifications configured, you may consult the docs at
https://cloud.google.com/storage/docs/reporting-changes or follow the steps
below: 1. Activate the Google Cloud Pub/Sub API, if you have not already done
so. https://console.cloud.google.com/flows/enableapi?apiid=pubsub 2. Create a
Google Cloud Storage bucket: $ gsutil mb gs://testbucket 3. Create a Cloud
Pub/Sub topic and publish bucket notifications there: $ gsutil notification
create -f json -t testtopic gs://testbucket 4. Create a subscription for your
new topic: $ gcloud beta pubsub subscriptions create testsubscription
--topic=testtopic 5. Run this program: $ python notification_polling
testsubscription 6. While the program is running, upload and delete some files
in the testbucket bucket (you could use the console or gsutil) and watch as
changes scroll by in the app.
positional arguments:
subscription The ID of the Pub/Sub subscription
optional arguments:
-h, --help show this help message and exitThis sample uses the Google Cloud Client Library for Python. You can read the documentation for more details on API usage and use GitHub to browse the source and report issues.