github.com/koding/terraform@v0.6.4-0.20170608090606-5d7e0339779d/website/source/docs/providers/google/d/signed_url.html.markdown (about)

     1  ---
     2  layout: "google"
     3  page_title: "Google: google_storage_object_signed_url"
     4  sidebar_current: "docs-google-datasource-signed_url"
     5  description: |-
     6      Provides signed URL to Google Cloud Storage object.
     7  ---
     8  
     9  # google\_storage\_object\_signed_url
    10  
    11  The Google Cloud storage signed URL data source generates a signed URL for a given storage object. Signed URLs provide a way to give time-limited read or write access to anyone in possession of the URL, regardless of whether they have a Google account.
    12  
    13  For more info about signed URL's is available [here](https://cloud.google.com/storage/docs/access-control/signed-urls).
    14  
    15  ## Example Usage
    16  
    17  ```hcl
    18  data "google_storage_object_signed_url" "artifact" {
    19    bucket = "install_binaries"
    20    path   = "path/to/install_file.bin"
    21  
    22  }
    23  
    24  resource "google_compute_instance" "vm" {
    25      name = "vm"
    26      ...
    27      
    28      provisioner "remote-exec" {
    29          inline = [
    30                  "wget '${data.google_storage_object_signed_url.artifact.signed_url}' -O install_file.bin",
    31                  "chmod +x install_file.bin",
    32                  "./install_file.bin"
    33                  ]
    34       }
    35  }
    36  ```
    37  
    38  ## Full Example
    39  
    40  ```hcl
    41  data "google_storage_object_signed_url" "get_url" {
    42    bucket       = "fried_chicken"
    43    path         = "path/to/file"
    44    content_md5  = "pRviqwS4c4OTJRTe03FD1w=="
    45    content_type = "text/plain"
    46    duration     = "2d"
    47    credentials  = "${file("path/to/credentials.json")}"
    48    
    49    extension_headers {
    50      x-goog-if-generation-match = 1
    51    }
    52  }
    53  ```
    54  
    55  ## Argument Reference
    56  
    57  The following arguments are supported:
    58  
    59  * `bucket` - (Required) The name of the bucket to read the object from
    60  * `path` - (Required) The full path to the object inside the bucket
    61  * `http_method` - (Optional) What HTTP Method will the signed URL allow (defaults to `GET`)
    62  * `duration` - (Optional) For how long shall the signed URL be valid (defaults to 1 hour - i.e. `1h`). 
    63       See [here](https://golang.org/pkg/time/#ParseDuration) for info on valid duration formats.
    64  * `credentials` - (Optional) What Google service account credentials json should be used to sign the URL. 
    65       This data source checks the following locations for credentials, in order of preference: data source `credentials` attribute, provider `credentials` attribute and finally the GOOGLE_APPLICATION_CREDENTIALS environment variable.
    66       
    67  > **NOTE** the default google credentials configured by `gcloud` sdk or the service account associated with a compute instance cannot be used, because these do not include the private key required to sign the URL. A valid `json` service account credentials key file must be used, as generated via Google cloud console. 
    68       
    69  * `content_type` - (Optional) If you specify this in the datasource, the client must provide the `Content-Type` HTTP header with the same value in its request.
    70  * `content_md5` - (Optional) The [MD5 digest](https://cloud.google.com/storage/docs/hashes-etags#_MD5) value in Base64.
    71       Typically retrieved from `google_storage_bucket_object.object.md5hash` attribute.
    72       If you provide this in the datasource, the client (e.g. browser, curl) must provide the `Content-MD5` HTTP header with this same value in its request.
    73  * `extension_headers` - (Optional) As needed. The server checks to make sure that the client provides matching values in requests using the signed URL. 
    74       Any header starting with `x-goog-` is accepted but see the [Google Docs](https://cloud.google.com/storage/docs/xml-api/reference-headers) for list of headers that are supported by Google.
    75      
    76  
    77  ## Attributes Reference
    78  
    79  The following attributes are exported:
    80  
    81  * `signed_url` - The signed URL that can be used to access the storage object without authentication.