As a cloud administrator, you can leverage the Google Cloud Platform (GCP) plug-in to provision plug-in based storage buckets as you build out your infrastructure. You can also use allocation helpers to provide allocation logic for your storage buckets. Plug-in based storage bucket support includes the creation of multi-region or dual-region bucket resources, restricted public access, and encryption.
To learn more about plug-ins and allocation in VMware Aria Automation, see Plug-in based designs and deployments in Automation Assembler
Storage bucket properties
The following properties are required for plug-in based storage bucket resources. See the Google Cloud REST documentation for a full list of instance properties. Resource properties in the GCP documentation are written in camelCase, where as resource properties in Automation Assembler are written in snake case.
Property | Description |
---|---|
name |
The name for your storage bucket. The name associated with the bucket cannot be changed after creation, so the name must be unique and human-readable. See Bucket names in the Google Cloud documentation for bucket name requirements. |
account |
The GCP cloud account for account regions to which your team deploys cloud templates. See Create a Google Cloud Platform cloud account in VMware Aria Automation for more information. |
The following section contains some example cloud templates for provisioning plug-in based storage buckets in Automation Assembler.
Provisioning single-region storage buckets
You can provision a single-region storage bucket by hardcoding the region in the cloud template as the following example shows.
formatVersion: 1 inputs: {} resources: Idem_GCP_STORAGE_BUCKET_1: type: Idem.GCP.STORAGE.BUCKET metadata: layoutPosition: - 0 - 0 properties: name: bucket-test account: gcp-account location: us-central1
Optionally, you can use the enum
property to build a list of regions for users to choose from. In this example, you also enable versioning for the bucket, use bucket labels, and allow users to choose a storage class.
formatVersion: 1 inputs: region: type: string title: Region description: Google region # This enumeration is used to simplify the choosing of a region. You can just hardcode the region in the "region" section. enum: - europe-central2 - europe-north1 - europe-southwest1 - europe-west1 - europe-west2 - europe-west3 - europe-west4 - europe-west6 - europe-west8 - europe-west9 - europe-west12 loc: type: string title: Location label bucket: type: string title: Bucket name storage_class: type: string title: Storage class enum: - STANDARD - NEARLINE - COLDLINE - ARCHIVE versioning: type: string title: Enable versioning enum: - 'Yes' - 'No' resources: Idem_GCP_STORAGE_BUCKET_1: type: Idem.GCP.STORAGE.BUCKET metadata: layoutPosition: - 0 - 0 properties: name: ${input.bucket} account: gcp-account labels: location: ${input.loc} location: ${input.region} storage_class: ${input.storage_class} versioning: enabled: ${input.versioning=="Yes"?true:false}
Provisioning dual-region storage buckets
- Create a GCP cloud account with at least two cloud zones that correspond to the regions where the bucket will be deployed. In this example, the zones are europe-central2 and europe-north1.
- Create a new project and add the cloud zones.
- Tag the zones using capability tags. In this example, the tags are
location:eu1
for europe-central2 andlocation:eu2
for europe-north1. - Deploy the blueprint.
inputs: {} resources: Idem_GCP_STORAGE_BUCKET_1: type: Idem.GCP.STORAGE.BUCKET metadata: layoutPosition: - 0 - 1 properties: name: bucket-dual-region-idem account: ${resource.Allocations_Compute_1.selectedCloudAccount.name} labels: a: b c: d custom_placement_config: data_locations: ${[resource.Allocations_Compute_1.selectedRegion.name, resource.Allocations_Compute_2.selectedRegion.name]} location: EU Allocations_Compute_1: type: Allocations.Compute metadata: layoutPosition: - 1 - 0 properties: groupId: 1 constraints: - tag: location:eu1 Allocations_Compute_2: type: Allocations.Compute metadata: layoutPosition: - 1 - 2 properties: groupId: 2 constraints: - tag: location:eu2
null
and re-deploy the template. You can verify that the label was removed in the Google Cloud Console.
Provisioning multi-region storage buckets
formatVersion: 1 inputs: {} resources: Idem_GCP_STORAGE_BUCKET_1: type: Idem.GCP.STORAGE.BUCKET metadata: layoutPosition: - 0 - 0 properties: name: bucket-test-1 account: gcp-account
formatVersion: 1 inputs: {} resources: Idem_GCP_STORAGE_BUCKET_1: type: Idem.GCP.STORAGE.BUCKET metadata: layoutPosition: - 0 - 0 properties: name: bucket-test-0 account: gcp-account labels: a: b c: d encryption: default_kms_key_name: projects/gcp-account/locations/us/keyRings/gcp-test-1/cryptoKeys/key-2