Object Lifecycle Management:
Manage the Lifecycle of Your Data with Object Lifecycle Management
Subheading: Automate Data Retention and Deletion
Object lifecycle management in Google Cloud Platform (GCP) allows you to easily manage the retention and deletion of your data. You can define conditions that trigger data deletion or transition to a cheaper storage class. This helps ensure that you are only storing what you need, when you need it, and not wasting your storage resources.
Object Versioning:
Heading: Store Old Copies of Objects with Object Versioning
Subheading: Preserve Historical Data with Versioning
Object versioning in GCP allows you to store old copies of objects when they are deleted or overwritten. This provides you with the ability to revert back to previous versions of an object, or to preserve historical data. With object versioning, you can keep track of the changes to your data over time.
Retention Policies:
Heading: Set Retention Periods with Retention Policies
Subheading: Ensure Data is Stored for a Minimum Amount of Time
Retention policies in GCP allow you to define minimum retention periods that objects must be stored for before they’re deleted. This ensures that data is stored for a minimum amount of time, helping to ensure compliance with data storage and retention regulations.
Object Holds:
Heading: Place a Hold on Objects with Object Holds
Subheading: Prevent Deletion of Important Data
Object holds in GCP allow you to place a hold on an object, preventing its deletion. This helps to ensure that important data is not accidentally deleted. It also allows you to keep track of which objects are in use, and which ones are no longer needed.
Customer-Managed Encryption Keys:
Heading: Secure Data with Customer-Managed Encryption Keys
Subheading: Encrypt Object Data with Keys Managed By You
Customer-managed encryption keys in GCP allow you to encrypt object data with encryption keys stored by the Cloud Key Management Service and managed by you. This helps to ensure that your data is secure, and can only be accessed by those with the appropriate encryption keys.
Customer-Supplied Encryption Keys:
Heading: Encrypt Data with Customer-Supplied Encryption Keys
Subheading: Create and Manage Your Own Encryption Keys
Customer-supplied encryption keys in GCP allow you to encrypt object data with encryption keys created and managed by you. This provides you with the ability to securely store your data, and control who has access to it.
Uniform Bucket-Level Access:
Heading: Control Access to Resources with Uniform Bucket-Level Access
Subheading: Disable Object ACLs for Uniform Access
Uniform bucket-level access in GCP allows you to uniformly control access to your Cloud Storage resources. With this feature, you can disable object ACLs, ensuring that all accesses to your data are managed uniformly.
Requester Pays:
Bill for Network Charges with Requester Pays
Subheading: Include a Project ID to Bill for Accesses
Requester pays in GCP allows you to require accesses of your data to include a project ID to bill for network charges, operation charges, and retrieval fees. This helps you to ensure that you are only paying for the services and resources you are using.
Bucket Lock:
Heading: Configure a Data Retention Policy with Bucket Lock
Subheading: Manage How Long Objects Are Retained
Bucket Lock in GCP allows you to configure a data retention policy for a Cloud Storage bucket. This policy governs how long objects in the bucket must be retained, allowing you to easily manage your data.
Pub/Sub Notifications for Cloud Storage:
Heading: Receive Notifications with Pub/Sub Notifications for Cloud Storage
Subheading: Get Notifications When Objects Are Created, Updated, or Deleted
Pub/Sub notifications for Cloud Storage in GCP allow you to receive notifications when objects are created, updated, or deleted. This helps you to stay up-to-date on changes to your data, and to take action when necessary.
Cloud Audit Logs with Cloud Storage:
Heading: Maintain Activity and Access Logs with Cloud Audit Logs
Subheading: Keep Track of Admin Activity and Data Access
Cloud Audit Logs with Cloud Storage in GCP allow you to maintain admin activity logs and data access logs for your Cloud Storage resources. This helps you to keep track of who is accessing your data and when, as well as any changes to the data.
Object- and Bucket-Level Permissions:
Control Access to Your Data with Object- and Bucket-Level Permissions
Subheading: Use Cloud Identity and Access Management (IAM) to Manage Access
Object- and bucket-level permissions in GCP allow you to control who has access to your buckets and objects. This can be easily managed through Cloud Identity and Access Management (IAM), giving you granular control over who can access your data.
# Introduction to Cloud Storage
Cloud storage is a fully managed and scalable storage solution, meaning there is no need to pre-allocate capacity. Each object stored in the cloud has its own URL, making it easy to access and share. All data is encrypted on the server-side before being written to the disk and the data is secure by default via HTTPS. It is also possible to move objects from Cloud Storage to other Google Cloud Platform (GCP) storage services.
# Setting up Buckets
When creating a new Cloud Storage bucket, you will be given a globally unique name and will need to specify a geographic location for the bucket and its contents, as well as a default storage class.
# Access Control
Access control is managed through roles assigned to projects, buckets and objects. Access control lists (ACLs) are used to define who has access to your buckets and objects, as well as the level of access they have.
# Object Versioning
Object versioning allows you to list archived versions of an object, restore an object to an earlier version, or delete a version permanently. Without object versioning, any new version of an object will always override the old version.
# Lifecycle Management
Object versioning can lead to the accumulation of “junk” so Cloud Storage offers lifecycle management policies to help you manage your data. For example, you can tell Cloud Storage to delete objects older than 365 days, before a specified date, or to keep only the 3 most recent versions.