Setting up storage bucket resources for Google Cloud Platform (Classic)

VMware Aria Automation supports Google Cloud Platform (GCP) storage buckets allowing users to quickly and easily create and manage their storage resources. VMware Aria Automation storage bucket support includes the creation of multi-regional/dual-regional storage buckets, restricted public access, and encryption.

Note:

This topic describes how to create classic storage bucket resources. If you would like to create plug-in based storage bucket resources, see Configuring plug-in based storage bucket resources.

You create storage buckets using Automation Assembler cloud templates and you deploy these cloud templates in the typical manner using the Automation Assembler Design tab functionality. After you deploy a cloud template you can check the GCP portal to confirm that the storage bucket was provisioned successfully.

The following are required properties for storage bucket cloud templates.

Storage bucket name - There are some limitations on the storage bucket name construction. See the following page for detailed information: https://cloud.google.com/storage/docs/buckets
locationType - one of {SINGLE_REGION, DUAL_REGION, MULTI_REGION"} If the locationType is either DUAL_REGION or MULTI_REGION - regionID property is also MANDATORY There are different values of the regionId, depending on the locationType. See the following page for detailed information: https://cloud.google.com/storage/docs/locations
storageClass - one of {STANDARD, NEARLINE, COLDLINE, ARCHIVE, REGIONAL, MULTI_REGIONAL, DURABLE_REDUCED_AVAILABILITY}

If you want to create storage buckets with restricted public access and that are encrypted by CMEK, there are some prerequisites described in the following link: https://cloud.google.com/storage/docs/encryption/using-customer-managed-keys

Note: The customer-managed encryption key must be located in the same region as the storage bucket.

Storage bucket cloud template examples

The following cloud template examples demonstrate some typical approaches to creating storage buckets using Automation Assembler cloud templates.

The following cloud template example shows how you might create a simple single region storage bucket.

formatVersion: 1
inputs: {}
resources:
  Cloud_GCP_StorageBucket_1:
    type: Cloud.GCP.StorageBucket
    properties:
      name: simple-storage-bucket
      locationType: SINGLE_REGION
      storageClass: STANDARD

The following cloud template example demonstrates restricted public access using an encryption key.

formatVersion: 1
inputs: {}
resources:
  Cloud_GCP_StorageBucket_1:
    type: Cloud.GCP.StorageBucket
    properties:
      name: encrypted-storage-bucket
      storageClass: STANDARD
      locationType: SINGLE_REGION
      kmsKey:
        kmsProjectId: gcp
        keyRingRegion: asia-east1
        keyRing: asia-key
        keyName: asia-east-key

The following cloud template example demonstrates how you might create a multi-region storage bucket.

formatVersion: 1
inputs: {}
resources:
  Cloud_GCP_StorageBucket_1:
    type: Cloud.GCP.StorageBucket
    properties:
      name: multi-regional-sb
      locationType: MULTI_REGION
      storageClass: STANDARD
      regionId: EU

The following cloud template shows an example of dual-regional storage bucket implementation.

formatVersion: 1
inputs: {}
resources:
 Cloud_GCP_StorageBucket_1:
    type: Cloud.GCP.StorageBucket
 properties:
  name: dual-regional-sb
  storageClass: NEARLINE
  locationType: DUAL_REGION
  regionId: ASIA
  locations:
   - ASIA-EAST1
   - ASIA-SOUTHEAST1