Google Cloud Storage (GCS)

Home » Google Cloud » Google Cloud Storage (GCS)

Google Cloud Storage (GCS)

Last updated on June 26, 2023

Google Cloud Storage Cheat Sheet

  • An object storage service that stores data within buckets.
  • Below is a sample Cloud Storage integration:

Buckets

  • The data you upload on Cloud Storage are called objects.
  • An object is an immutable piece of data consisting of a file in any format.
  • You store objects inside containers called buckets.
  • All buckets belong to a project.
  • Each project can have multiple buckets.
  • You can also configure a Cloud Storage bucket to host a static website for a domain you own.
  • Tutorials dojo strip

Bucket Configurations

  • Life Cycle Management
    • You can define conditions that trigger data deletion, or transition to a cheaper storage class with object life cycle management.
  • Versioning
    • Continue to store old copies of objects you store when they are deleted or overwritten.
  • Retention Policies
    • Define minimum retention periods that objects must be stored.
  • Object holds
    • Place a hold on an object to prevent deletion.
  • Encryption keys
    • Customer-managed
    • Customer-supplied
  • Access Permissions
    • Access Control List
    • Uniform bucket level access
    • Object and Bucket Level Permissions

Storage Classes

  • Standard Storage
    • Good for hot data that is accessed frequently.
  • Nearline Storage
    • Good for use cases that need to store objects for at least 30 days.
    • Ideal for data that you plan to access once per month or less.
  • Coldline Storage
    • Is a low-cost storage option for storing infrequently accessed data within 90 days.
  • Archive Storage
    • Is the coldest storage among the storage classes.
    • Designed for storing archive data and disaster recovery data that is expected to be accessed once per 365 days or less.

gsutil tool

  • A Python application that enables you to manage your Cloud Storage from the command line.
  • You can use gsutil to perform bucket and object management tasks like:
    • creating and deleting buckets
    • uploading, downloading, and deleting objects
    • listing buckets and objects
    • moving, copying, and renaming objects
    • editing object and bucket ACL
  • gsutil performs all operations using HTTPS and TLS

Uploading objects to GCS

You can send upload requests to Google Cloud Storage via the following methods:

  • Simple Upload – utilize this if the file is small enough to upload again if the connection fails, and if there is no object metadata to send as part of the upload request.
  • Multipart Upload – utilize this if the file is small enough to upload again if the connection fails, and you need to include object metadata as part of the upload request.
  • Resumable Upload – utilize this for a more reliable transfer, which is especially important with large files. 
  • Parallel composite uploads – utilize if network and disk speed are not limiting factors. When doing parallel composite upload, a file is divided into up to 32 chunks and uploaded in parallel to temporary objects. The final object is recreated using the temporary objects, and the temporary objects are deleted.
  • Alternatively, for uploading large volumes of data (from hundreds of terabytes up to 1 petabyte), you can utilize the Transfer Appliance. It is a hardware appliance you can use to securely migrate to Google Cloud Platform without disrupting business operations.

Pricing

  • Pricing for Cloud Storage services is based on what you use, including:
    • the amount of data you store,
    • the duration for which you store it,
    • the number of operations you perform on your data,
    • the network resources used when moving or accessing your data.
  • For “cold” storage classes meant to store long-term, infrequently accessed data, there are also charges for retrieving data and early deletion of data.
  • You can require accessors of your data to include a project ID to bill for network charges, operation charges, and retrieval fees.

Validate Your Knowledge

Question 1

Your company uses Cloud Storage to store all of its application files where objects are written once and are stored for processing. The objects are frequently accessed for a month (30 days) and are rarely accessed for the entire year. These objects must be archived for three years. The Object Lifecycle Management on the Cloud Storage bucket must be configured to minimize the storage costs. 

What should you do?

  1. Create a policy that uses Nearline Storage for 30 days. Move the objects to Archive storage for three years.
  2. Create a policy that uses Standard storage for 30 days. Move the objects to Archive storage for three years.
  3. Create a policy that uses Nearline storage for 30 days. Move the objects to Coldline for one year, and then transition to Archive storage for two years.
  4. Create a policy that uses Standard storage for 30 days. Move the objects to Coldline for one year and afterward, transition the objects to Archive storage for two years.

Correct Answer: 4

 

You can assign a lifecycle management configuration to a bucket. The configuration contains a set of rules which apply to current and future objects in the bucket. When an object meets the criteria of one of the rules, Cloud Storage automatically performs a specified action on the object. Here are some example use cases:

– Downgrade the storage class of objects older than 365 days to Coldline Storage.

– Delete objects created before January 1, 2021.

– Keep only the 3 most recent versions of each object in a bucket with versioning enabled.

The following are the different types of Cloud Storage Classes:

Standard Storage is best for data that is frequently accessed (“hot” data) and/or stored for only brief periods of time.

Nearline Storage is a low-cost, highly durable storage service for storing infrequently accessed data. Nearline Storage is a better choice than Standard Storage in scenarios where slightly lower availability, a 30-day minimum storage duration, and costs for data access are acceptable trade-offs for lowered at-rest storage costs.

Nearline Storage is ideal for data that you plan to read or modify on average once per month or less. For example, if you want to continuously add files to Cloud Storage and plan to access those files once a month for analysis, Nearline Storage is a great choice.

Coldline Storage is a very-low-cost, highly durable storage service for storing infrequently accessed data. Coldline Storage is a better choice than Standard Storage or Nearline Storage in scenarios where slightly lower availability, a 90-day minimum storage duration, and higher costs for data access are acceptable trade-offs for lowered at-rest storage costs.

Coldline Storage is ideal for data that you plan to read or modify at most once a quarter. Note, however, that for data being kept entirely for backup or archiving purposes, Archive Storage is more cost-effective, as it offers the lowest storage costs.

Archive Storage is the lowest-cost, highly durable storage service for data archiving, online backup, and disaster recovery. Unlike the “coldest” storage services offered by other Cloud providers, your data is available within milliseconds, not hours or days.

It is stated in the scenario that the objects are frequently accessed only for 30 days from the time it is created. Standard Storage satisfies this requirement. After 30 days, objects are seldom accessed. For this, Coldline Storage is a better choice since this has a lower storage cost with a 90-day minimum storage duration compared to Nearline Storage. Archival Storage is best for long-term storage of objects, this will satisfy the requirement of keeping the objects in the next few years.

Hence, the answer is: Create a policy that uses Standard storage for 30 days. Move the objects to Coldline for one year and afterward, transition the objects to Archive storage for two years.

The option that says: Create a policy that uses Nearline Storage for 30 days. Move the objects to Archive storage for three years is incorrect because it is more suitable to use Standard Storage for frequently accessed objects than Nearline Storage.

AWS Exam Readiness Courses

The option that says: Create a policy that uses Nearline storage for 30 days. Move the objects to Coldline for one year, and then transition to Archive storage for two years is incorrect because it is not ideal to use Nearline Storage for frequently accessed objects. Using the Standard Storage class should suffice.

The option that says: Create a policy that uses Standard storage for 30 days. Move the objects to Archive storage for three years is incorrect. Although objects are rarely accessed after 30 days, it is still being accessed within a year. Objects stored in Archive Storage have a higher cost of data access. Because of this, Coldline Storage is a better choice for storing the objects for a year before moving them to Archive Storage for two years.

References: 
https://cloud.google.com/storage/docs/storage-classes
https://cloud.google.com/storage/docs/lifecycle

Note: This question was extracted from our Google Certified Associate Cloud Engineer Practice Exams.

Question 2

Your team is building an application hosted on a VM instance in Compute Engine. The application is designed to enhance and resize images. You want your application to be able to upload images on a Cloud Storage bucket. You want to do this with the least number of steps possible without compromising security.

What should you do?

  1. Create a Service Account with roles/storage.objectCreator (Storage Object Creator) role. Configure the VM instance to use the Service Account.
  2. Create a Service Account with roles/storage.objectAdmin (Storage Object Admin) role. Configure the VM instance to use the Service Account.
  3. Verify if the VM instance and the bucket have the same region.
  4. Set the Cloud Storage bucket to public and configure the objects to have a randomized suffix in its object name.

Correct Answer: 1

A service account is a special type of Google account that represents a resource instead of a user to gain access to other services or resources. You can configure a VM instance to use a Service Account to gain access to other services like Google Compute Engine.

To be able to create/upload files in Google Compute Engine, a user or service account should have at least Storage Object Creator (roles/storage.objectCreator) role or with resourcemanager.projects.get, resourcemanager.projects.list, storage.objects.create permissions.

Hence, the correct answer is: Create a Service Account with roles/storage.objectCreator (Storage Object Creator) role. Configure the VM instance to use the Service Account.

The option that says: Create a Service Account with roles/storage.objectAdmin (Storage Object Admin role). Configure the VM instance to use the Service Account is incorrect because granting the Storage Object Admin role will enable a user or the service account to have full control over objects, including listing, creating, viewing, and deleting objects. Google recommends only granting the least privilege needed to perform a task.

The option that says: Verify if the VM instance and the bucket have the same region is incorrect because a VM instance can still write objects to a bucket no matter what the region is as long as it has the right permissions. Nonetheless, having a VM instance and a Cloud Storage bucket in the same region is still a good practice because this will reduce the latency between them.

The option that says: Set the bucket to public and configure the objects to have a randomized suffix in its object name is incorrect because setting the Cloud Storage bucket to the public is a critical security vulnerability. A better solution is to use the Storage Object Creator role and configure the VM instance to use the Service Account.

References:

https://cloud.google.com/iam/docs/service-accounts
https://cloud.google.com/storage/docs/access-control/iam-roles

Note: This question was extracted from our Google Certified Associate Cloud Engineer Practice Exams.

For more Google Cloud practice exam questions with detailed explanations, check out the Tutorials Dojo Portal:

Google Certified Associate Cloud Engineer Practice Exams

Google Cloud Storage Cheat Sheet References:

https://cloud.google.com/storage/
https://cloud.google.com/storage/docs/introduction
https://cloud.google.com/storage/docs/uploads-downloads
https://cloud.google.com/transfer-appliance/docs/4.0

Tutorials Dojo portal

Be Inspired and Mentored with Cloud Career Journeys!

Tutorials Dojo portal

Enroll Now – Our Azure Certification Exam Reviewers

azure reviewers tutorials dojo

Enroll Now – Our Google Cloud Certification Exam Reviewers

Tutorials Dojo Exam Study Guide eBooks

tutorials dojo study guide eBook

FREE AWS Exam Readiness Digital Courses

Subscribe to our YouTube Channel

Tutorials Dojo YouTube Channel

FREE Intro to Cloud Computing for Beginners

FREE AWS, Azure, GCP Practice Test Samplers

Recent Posts

Written by: Jon Bonso

Jon Bonso is the co-founder of Tutorials Dojo, an EdTech startup and an AWS Digital Training Partner that provides high-quality educational materials in the cloud computing space. He graduated from Mapúa Institute of Technology in 2007 with a bachelor's degree in Information Technology. Jon holds 10 AWS Certifications and is also an active AWS Community Builder since 2020.

AWS, Azure, and GCP Certifications are consistently among the top-paying IT certifications in the world, considering that most companies have now shifted to the cloud. Earn over $150,000 per year with an AWS, Azure, or GCP certification!

Follow us on LinkedIn, YouTube, Facebook, or join our Slack study group. More importantly, answer as many practice exams as you can to help increase your chances of passing your certification exams on your first try!

View Our AWS, Azure, and GCP Exam Reviewers Check out our FREE courses

Our Community

~98%
passing rate
Around 95-98% of our students pass the AWS Certification exams after training with our courses.
200k+
students
Over 200k enrollees choose Tutorials Dojo in preparing for their AWS Certification exams.
~4.8
ratings
Our courses are highly rated by our enrollees from all over the world.

What our students say about us?