public/terraform-provider-google
0
0
Fork 0
mirror of https://github.com/letic/terraform-provider-google.git synced 2024-07-21 17:25:56 +00:00
Code Issues Projects Releases Wiki Activity

Add google_storage_object_signed_url documentation.

Browse Source
This commit is contained in:
Matt Morrison 2016-08-15 11:15:25 +12:00 committed by Matt Morrison
parent 34edaf56d6
commit 1ecaf1e58b
1 changed files with 54 additions and 0 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

54
d/signed_url.html.markdown Normal file
View File

@ -0,0 +1,54 @@
---
layout: "google"
page_title: "Google: google_storage_object_signed_url"
sidebar_current: "docs-google-datasource-signed_url"
description: |-
Provides signed URL to Google Cloud Storage object.
---
# google\_storage\_object\_signed_url
The Google Cloud storage signed URL data source generates a signed URL for a given storage object. Signed URLs provide a way to give time-limited read or write access to anyone in possession of the URL, regardless of whether they have a Google account.
For more info about signed URL's is available [here](https://cloud.google.com/storage/docs/access-control/signed-urls).
## Example Usage
```
data "google_storage_object_signed_url" "artifact" {
bucket = "install_binaries"
path = "path/to/install_file.bin"
}
resource "google_compute_instance" "vm" {
name = "vm"
...
provisioner "remote-exec" {
inline = [
"wget ${data.google_storage_object_signed_url.artifact.signed_url}",
"chmod +x install_file.bin",
"./install_file.bin"
]
}
}
```
## Argument Reference
The following arguments are supported:
* `bucket` - (Required) The name of the bucket to read the object from
* `path` - (Required) The full path to the object inside the bucket
* `http_method` - (Optional) What HTTP Method will the signed URL allow (defaults to `GET`)
* `duration` - (Optional) For how long shall the signed URL be valid (defaults to 1 hour `1h`). See [here](https://golang.org/pkg/time/#ParseDuration) for info on valid duration formats.
* `credentials` - (Optional) What Google service account credentials json should be used to sign the URL. This data source checks the following locations for credentials, in order of preference: data source `credentials` attribute, provider `credentials` attribute and finally the GOOGLE_APPLICATION_CREDENTIALS environment variable.
> **NOTE** the default google credentials configured by `gcloud` sdk or the service account associated with a compute instance cannot be used, because these do not include the private key required to sign the URL. A valid `json` service account credentials key file must be used, as generated via Google cloud console.
## Attributes Reference
The following attributes are exported:
* `signed_url` - The signed URL that can be used to access the storage object without authentication.