Google Cloud Storage
The Globus Connect Server Google Cloud Storage Connector provides access to Google Cloud Storage via Globus Connect Server.
This document describes the data types and API routes provided by this connector.
Google Cloud Storage Virtual Filesystem
The Google Cloud Storage connector provides a distributed object store, where each data object is accessed based on a bucket name and an object name.
The Google Cloud Storage Connector attempts to make this look like a
regular filesystem, by treating the bucket name as the name of a
directory in the root of the storage gateway’s file system. For
example, if a user has access to buckets bucket1
and bucket2
, then
those buckets would show up as directories when listing /
.
The Google Cloud Storage Connector also treats the /
character as a
delimiter in the API so that it can present something that looks
like like subdirectories. For example, the object object1
in
bucket1
would appear as /bucket1/object1
to the Google Cloud
Storage connector, and the object object2/object3
in bucket2
would
appear as a file called object3
in the directory /bucket2/object2
.
Google Cloud Storage Connector Storage Gateway Policies
The Google Cloud Storage Connector has policies to manage application credentials and to control access to an enumerated set of buckets and Google Cloud Storage projects.
Application Credentials
The client_id and secret properties provide information for {gcs} to authenticate with Google Cloud Storage. These values must be configured in order for users to be able to access Google Cloud Storage data using their own credentials.
The values for {example_client_id} and {example_client_secret} are acquired when setting up the application project, as described in the Google Cloud Storage Connector configuration guide.
You may instead configure a single service account key via {google_service_account_key}. In this mode, all users that access a collection of this storage gateway will use those service credentials. client_id and secret are not used with {google_service_account_key}.
Service account keys can be created in the Google Developer Console and downloaded as a json file. See Google’s service account documentation for more info on creating a service account key.