We’ve talked a lot about the different things Google Cloud Platform can do in recent blogs, but we haven’t fully touched upon how you store your data in GCP. With that in mind, get ready to take a deeper look at Google Cloud Storage.
In this next chapter in our GCP 101 blog series and your journey to the discovery of all things Google Cloud, we’re breaking down this “globally unified, scalable and highly durable object storage” solution that’s designed for both developers and enterprises.
What is Google Cloud Storage?
If you’re looking for a unified cloud storage solution that’s secure and intelligent, no matter whether you’re looking to optimize costs or ensure your data pipeline remains safe and accessible, Google Cloud Storage has you covered.
This GCP service stores your objects, otherwise known as data files, on Google Cloud’s infrastructure. All of these files are stored in buckets, which are similar to a virtual filing folder and can be attached to a specific project within your organization. Your data can be categorized in the following kinds of storage classes: Standard (currently actively being used), Nearline (accessed occasionally), Coldline (accessed rarely or archived) and Archive (accessed less than once a year).
Your costs in Google Cloud Storage are based on your capacity usage and data egress. Your storage service can be scaled up or down, depending on your needs.
What Are Other Key Features?
Here’s a look at some of the other key features of Google Cloud Storage in addition to pricing to help you better understand this service from a wider perspective.
Object Lifecycle Management
This feature allows you to define and assign conditions to a bucket that could trigger a data deletion or move you to a less costly storage class. These conditions apply to current and future objects stored in the bucket. If an object meets the criteria of any or all of the conditions you define, Cloud Storage will automatically perform the specified action.
Do you want to keep a history of objects you’ve stored and have access to them if they are deleted and overwritten? Object versioning allows you to do this. You can enable this Cloud Storage feature in a bucket to protect your files. It does increase storage costs, but you can use Object Lifecycle Management to remove older versions of your objects.
Retention Policies, Object Holds and Bucket Lock
If you have objects that cannot be deleted for whatever reason, this is where these three features come in handy.
Retention Policies allow you to set parameters for how long current and future objects will remain in a bucket. When you have an Object Hold set through your policy, the file cannot be overwritten or deleted until its age reaches the period of time specified in the retention policy.
Bucket Locks are an even stronger solution. Once you set a locked retention policy, you can’t remove or reduce the period you specify. It’s irreversible. This means you can’t delete a bucket unless every object in it has reached the end of the retention period. You can increase the duration of your retention period, but you can’t decrease it.
Object- and Bucket-Level Permissions
Using Google Cloud Identity and Access Management (IAM), a future topic we’ll cover in GCP 101, you can control who has access to your buckets and objects. You can add users at the bucket level, giving them access to all objects in that bucket. You also can get more granular by giving specific users object-level permissions without having the ability to access other data in a budget.
Uniform Bucket-Level Access
Want to further control who can access different buckets? Using Google Cloud Storage’s Uniform Bucket-Level Access allows you to control access to your storage resources. All accounts have Access Control Lists (ACLs).
Google provides standard, server-side encryption keys for your storage solution, but you can take it one step further by also supplying your own for an additional layer of security. These customer-supplied encryption keys are applied to objects to encrypt data, the object’s CRC32C checksum and the MD5 hash. Your own encryption keys aren’t permanently stored on the Cloud Storage Server. They are purged from Google’s servers after the operation is complete. The last option would be to use an external Key Management Service (KMS) thereby eliminating the need to store even temporarily the keys on GCP.
Why Should I Use Google Cloud Storage?
Google Cloud Storage delivers “fine-grained” control of your data in the cloud. You decide how you want to secure and share it, using a number of features, including, but not limited to, the ones I’ve called out in the section above this one.