Use Terraform to create storage buckets and upload objects

In this quickstart guide, you'll create a Terraform configuration file that provisions a storage bucket and uploads a sample_file.txt object to the bucket. To complete this quickstart, you'll use your local shell and terminal or the Cloud Shell Editor and Cloud Shell terminal. You'll also use the Terraform CLI, which is preinstalled in Cloud Shell.

Before you begin

To set up a project for this quickstart, complete the following steps:

  1. Sign in to your Google Cloud account. If you're new to Google Cloud, create an account to evaluate how our products perform in real-world scenarios. New customers also get 300ドル in free credits to run, test, and deploy workloads.

  2. In the Google Cloud console, on the project selector page, select or create a Google Cloud project.

    Roles required to select or create a project

    • Select a project: Selecting a project doesn't require a specific IAM role—you can select any project that you've been granted a role on.
    • Create a project: To create a project, you need the Project Creator role (roles/resourcemanager.projectCreator), which contains the resourcemanager.projects.create permission. Learn how to grant roles.

    Go to project selector

  3. Verify that billing is enabled for your Google Cloud project.

  4. Enable the Cloud Storage API.

    Roles required to enable APIs

    To enable APIs, you need the Service Usage Admin IAM role (roles/serviceusage.serviceUsageAdmin), which contains the serviceusage.services.enable permission. Learn how to grant roles.

    Enable the API

  5. In the Google Cloud console, on the project selector page, select or create a Google Cloud project.

    Roles required to select or create a project

    • Select a project: Selecting a project doesn't require a specific IAM role—you can select any project that you've been granted a role on.
    • Create a project: To create a project, you need the Project Creator role (roles/resourcemanager.projectCreator), which contains the resourcemanager.projects.create permission. Learn how to grant roles.

    Go to project selector

  6. Verify that billing is enabled for your Google Cloud project.

  7. Enable the Cloud Storage API.

    Roles required to enable APIs

    To enable APIs, you need the Service Usage Admin IAM role (roles/serviceusage.serviceUsageAdmin), which contains the serviceusage.services.enable permission. Learn how to grant roles.

    Enable the API

Create the folder structure and Terraform configuration file

To create the Terraform configuration file and the file you'll upload as an object to Cloud Storage, complete the following steps:

Cloud Shell

  1. In the Google Cloud console, activate Cloud Shell.

    Activate Cloud Shell

    At the bottom of the Google Cloud console, a Cloud Shell session starts and displays a command-line prompt. Cloud Shell is a shell environment with the Google Cloud CLI already installed and with values already set for your current project. It can take a few seconds for the session to initialize.

  1. Set the default Google Cloud project where you want to apply your Terraform configuration:
    export GOOGLE_CLOUD_PROJECT=PROJECT_ID
  2. In the Cloud Shell terminal, set the home directory as the active directory:
    cd
  3. Create a new folder named terraform:
    mkdir terraform
  4. Launch the Cloud Shell Editor by clicking Open Editor on the toolbar of the Cloud Shell window.
  5. In the Explorer pane, right-click the terraform folder and then click New File.
  6. Enter main.tf as the file name and then click OK.
  7. In the Explorer pane, right-click the terraform folder and then click New File.
  8. Enter sample_file.txt as the file name and then click OK.

Local shell

  1. If you haven't already, install and configure Terraform. Make sure you install and initialize the Google Cloud CLI.

    By default, Terraform reads the configuration created by Google Cloud CLI and deploys the resources you later specify into your active Google Cloud CLI project.

  2. In your terminal, set the home directory as the active directory:
    cd
  3. Create a new folder named terraform:
    mkdir terraform
  4. In your text editor of choice, create a new file named main.tf in your terraform folder.
  5. In your text editor of choice, create a new file named sample_file.txt in your terraform folder.

Define the infrastructure in the Terraform configuration file

To define the infrastructure you want to provision in your Terraform configuration file, complete the following steps:

  1. Open the main.tf file.

  2. Copy the following sample to the main.tf file.

    # Create new storage bucket in the US
# location with Standard Storage
resource"google_storage_bucket""static"{
name="BUCKET_NAME"
location="US"
storage_class="STANDARD"
uniform_bucket_level_access=true
}
# Upload a text file as an object
# to the storage bucket
resource"google_storage_bucket_object""default"{
name="OBJECT_NAME"
source="OBJECT_PATH"
content_type="text/plain"
bucket=google_storage_bucket.static.id
}

    Replace:

    • BUCKET_NAME with the name of the bucket you want to create. For example, my-bucket.

      See bucket naming requirements.
      • Bucket names can only contain lowercase letters, numeric characters, dashes (-), underscores (_), and dots (.). Spaces are not allowed. Names containing dots require verification.
      • Bucket names must start and end with a number or letter.
      • Bucket names must contain 3-63 characters. Names containing dots can contain up to 222 characters, but each dot-separated component can be no longer than 63 characters.
      • Bucket names cannot be represented as an IP address in dotted-decimal notation (for example, 192.168.5.4).
      • Bucket names cannot begin with the "goog" prefix.
      • Bucket names cannot contain "google" or close misspellings, such as "g00gle".

    • OBJECT_NAME with the name of the object you want to upload. For this quickstart, enter the name sample_file.txt.

    • OBJECT_PATH with the path to the object you want to upload. For this quickstart, enter the path ~/terraform/sample_file.txt.

  3. Save the main.tf file.

Initialize the working directory containing the Terraform configuration file

To initialize Terraform and the directory containing your Terraform configuration file, complete the following steps:

  1. In your terminal, set the terraform folder as the current working directory:

    cd~/terraform

  2. Initialize Terraform:

    terraforminit

  3. If you're using the Cloud Shell and you're prompted to authorize Cloud Shell, click Authorize.

    Terraform initializes the working directory. If it successfully initializes the working directory, Terraform returns output similar to the following:

    Terraformhasbeensuccessfullyinitialized!
YoumaynowbeginworkingwithTerraform.Tryrunning"terraform plan"tosee
anychangesthatarerequiredforyourinfrastructure.AllTerraformcommands
shouldnowwork.
IfyoueversetorchangemodulesorbackendconfigurationforTerraform,
rerunthiscommandtoreinitializeyourworkingdirectory.Ifyouforget,other
commandswilldetectitandremindyoutodosoifnecessary.

Preview the execution plan

The Terraform execution plan is based on the Terraform configuration and indicates the changes that Terraform plans to make to the Cloud Storage infrastructure and services.

View the Terraform execution plan:

terraformplan

Example output:

Terraformusedtheselectedproviderstogeneratethefollowingexecutionplan.Resourceactionsareindicatedwiththefollowingsymbols:
+create
Terraformwillperformthefollowingactions:
 # google_storage_bucket.static will be created
+resource"google_storage_bucket""static"{
+force_destroy=false
+id=(knownafterapply)
+location="US"
+name="my-bucket"
+project="my-project"
+public_access_prevention=(knownafterapply)
+self_link=(knownafterapply)
+storage_class="STANDARD"
+uniform_bucket_level_access=true
+url=(knownafterapply)
+versioning{
+enabled=(knownafterapply)
}
+website{
+main_page_suffix=(knownafterapply)
+not_found_page=(knownafterapply)
}
}
 # google_storage_bucket_object.default will be created
+resource"google_storage_bucket_object""default"{
+bucket=(knownafterapply)
+content_type="text/plain"
+crc32c=(knownafterapply)
+detect_md5hash="different hash"
+id=(knownafterapply)
+kms_key_name=(knownafterapply)
+md5hash=(knownafterapply)
+media_link=(knownafterapply)
+name="sample_file.txt"
+output_name=(knownafterapply)
+self_link=(knownafterapply)
+source="sample_file.txt"
+storage_class=(knownafterapply)
}
Plan:2toadd,0tochange,0todestroy.

Apply the changes proposed in the execution plan

To apply the changes in your Terraform configuration file, complete the following steps:

  1. Apply the changes from the execution plan to the Cloud Storage infrastructure with the following command. When you apply the changes, Terraform creates a storage bucket and uploads sample_file.txt to the bucket.

    terraformapply

    Example output:

    Terraformusedtheselectedproviderstogeneratethefollowingexecutionplan.Resourceactionsareindicatedwiththefollowingsymbols:
+create
Terraformwillperformthefollowingactions:
 # google_storage_bucket.static will be created
+resource"google_storage_bucket""static"{
+force_destroy=false
+id=(knownafterapply)
+location="US"
+name="my-bucket"
+project="my-project"
+public_access_prevention=(knownafterapply)
+self_link=(knownafterapply)
+storage_class="STANDARD"
+uniform_bucket_level_access=true
+url=(knownafterapply)
+versioning{
+enabled=(knownafterapply)
}
+website{
+main_page_suffix=(knownafterapply)
+not_found_page=(knownafterapply)
}
}
 # google_storage_bucket_object.default will be created
+resource"google_storage_bucket_object""default"{
+bucket=(knownafterapply)
+content_type="text/plain"
+crc32c=(knownafterapply)
+detect_md5hash="different hash"
+id=(knownafterapply)
+kms_key_name=(knownafterapply)
+md5hash=(knownafterapply)
+media_link=(knownafterapply)
+name="sample_file.txt"
+output_name=(knownafterapply)
+self_link=(knownafterapply)
+source="sample_file.txt"
+storage_class=(knownafterapply)
}
Plan:2toadd,0tochange,0todestroy.
Doyouwanttoperformtheseactions?
Terraformwillperformtheactionsdescribedabove.
Only'yes'willbeacceptedtoapprove.
Enteravalue:

  2. Type yes and press Enter.

    If successful, Terraform returns output similar to the following:

    Applycomplete!Resources:2added,0changed,0destroyed.

View your storage bucket and uploaded object

In the Google Cloud console, go to the Cloud Storage Buckets page.

Go to Buckets

The new bucket appears, containing the sample_file.txt object. Note that the resources might take a few minutes to get provisioned after you run terraform apply.

Clean up your project

In order to avoid incurring unexpected charges from the Google Cloud resources you created during this quickstart, complete the following steps to clean up the resources:

  1. In your terminal, set the terraform folder as the current working directory:

    cd~/terraform

  2. Delete the Cloud Storage resources that you created based on your Terraform configuration file:

    terraformdestroy

  3. If successful, Terraform returns output similar to the following:

    Terraformusedtheselectedproviderstogeneratethefollowingexecutionplan.Resourceactionsareindicatedwiththefollowingsymbols:
-destroy
Terraformwillperformthefollowingactions:
 # google_storage_bucket.static will be destroyed
-resource"google_storage_bucket""static"{
-default_event_based_hold=false->null
-force_destroy=false->null
-id="my-bucket"->null
-labels={}->null
-location="US"->null
-name=""->null
-project="example-project"->null
-public_access_prevention="inherited"->null
-requester_pays=false->null
-self_link="https://www.googleapis.com/storage/v1/b/cbonnie-bucket-9"->null
-storage_class="STANDARD"->null
-uniform_bucket_level_access=true->null
-url="gs://BUCKET_NAME"->null
}
 # google_storage_bucket_object.default will be destroyed
-resource"google_storage_bucket_object""default"{
-bucket="my-bucket"->null
-content_type="text/plain"->null
-crc32c="yZRlqg=="->null
-detect_md5hash="XrY7u+Ae7tCTyyK7j1rNww=="->null
-event_based_hold=false->null
-id="my-bucket-sample_file.txt"->null
-md5hash="XrY7u+Ae7tCTyyK7j1rNww=="->null
-media_link="https://storage.googleapis.com/download/storage/v1/b/BUCKET_NAME/o/sample_file.txt?generation=1675800386233102&alt=media"->null
-metadata={}->null
-name="sample_file.txt"->null
-output_name="sample_file.txt"->null
-self_link="https://www.googleapis.com/storage/v1/b/BUCKET_NAME/o/sample_file.txt"->null
-source="sample_file.txt"->null
-storage_class="STANDARD"->null
-temporary_hold=false->null
}
Plan:0toadd,0tochange,2todestroy.
Doyoureallywanttodestroyallresources?
Terraformwilldestroyallyourmanagedinfrastructure,asshownabove.
Thereisnoundo.Only'yes'willbeacceptedtoconfirm.
Enteravalue:

  4. Type yes and press Enter. If successful, Terraform returns output similar to the following:

    Destroycomplete!Resources:2destroyed.

  5. In your terminal, delete the terraform folder.

    rm-rf~/terraform

  6. To verify that the bucket and object were deleted, go to the Buckets page in the Google Cloud console.

    Go to Buckets

What's next

Except as otherwise noted, the content of this page is licensed under the Creative Commons Attribution 4.0 License, and code samples are licensed under the Apache 2.0 License. For details, see the Google Developers Site Policies. Java is a registered trademark of Oracle and/or its affiliates.

Last updated 2025年11月24日 UTC.