public/terraform-provider-google
0
0
Fork 0
mirror of https://github.com/letic/terraform-provider-google.git synced 2024-07-05 17:52:38 +00:00
Code Issues Projects Releases Wiki Activity
dc95bd3468
terraform-provider-google/website/docs/r/storage_object_acl.html.markdown
The Magician 0ef9ea8520 Use new output_name variable in Storage Object ACL docs (#3118) 
<!-- This change is generated by MagicModules. -->
/cc @rileykarson
2019-02-28 16:36:56 -08:00

2.5 KiB
Raw Blame History

layout page_title sidebar_current description
google Google: google_storage_object_acl docs-google-storage-object-acl Creates a new object ACL in Google Cloud Storage.

google_storage_object_acl

Authoritatively manages the access control list (ACL) for an object in a Google Cloud Storage (GCS) bucket. Removing a google_storage_object_acl sets the acl to the private predefined ACL.

For more information see the official documentation and API.

-> Want fine-grained control over object ACLs? Use google_storage_object_access_control to control individual role entity pairs.

Example Usage

Create an object ACL with one owner and one reader.

resource "google_storage_bucket" "image-store" {
  name     = "image-store-bucket"
  location = "EU"
}

resource "google_storage_bucket_object" "image" {
  name   = "image1"
  bucket = "${google_storage_bucket.image-store.name}"
  source = "image1.jpg"
}

resource "google_storage_object_acl" "image-store-acl" {
  bucket = "${google_storage_bucket.image-store.name}"
  object = "${google_storage_bucket_object.image.output_name}"

  role_entity = [
    "OWNER:user-my.email@gmail.com",
    "READER:group-mygroup",
  ]
}

Argument Reference

  • bucket - (Required) The name of the bucket the object is stored in.

  • object - (Required) The name of the object to apply the acl to.

  • predefined_acl - (Optional) The "canned" predefined ACL to apply. Must be set if role_entity is not.

  • role_entity - (Optional) List of role/entity pairs in the form ROLE:entity. See GCS Object ACL documentation for more details. Must be set if predefined_acl is not.

-> The object's creator will always have OWNER permissions for their object, and any attempt to modify that permission would return an error. Instead, Terraform automatically adds that role/entity pair to your terraform plan results when it is omitted in your config; terraform plan will show the correct final state at every point except for at Create time, where the object role/entity pair is omitted if not explicitly set.

Attributes Reference

Only the arguments listed above are exposed as attributes.