Setting Up Google Cloud Storage

Before you can use Google Cloud Storage with Media Cloud, you’ll first need to go through some basic steps to get going. It looks complicated, but if you stick with the steps outlined, you should be able to get through the process in about 10-15 minutes.

Step 1 – Create Role

The very first thing we need to do is create a role that defines what capabilities are going to be granted to the user of the bucket.

Log into your Google Cloud Platform console, navigate to the IAM section and select Roles from the side navigation. When the Roles page has loaded, click on Create Role.

image.png

Step 1.1 – Role Properties

On the Create Role page, give the role a name and, optionally, set it’s ID to something that is going to be more clear for you. Set the Role launch stage to General Availability.

When you’ve done all that, click on Add Permissions

image.png

Step 1.2 – Role Permissions

A dialog window will appear that will allow us to assign the relevant permissions to our new role. To make it easier, filter the list of permissions to any role that has Storage in the title.

Once you’ve filtered the permissions, add the following permissions to our new role by click on the checkbox next to it. You will want to add the following:

  • storage.buckets.get
  • storage.buckets.update
  • storage.objects.create
  • storage.objects.delete
  • storage.objects.get
  • storage.objects.getIamPolicy
  • storage.objects.list
  • storage.objects.setIamPolicy
  • storage.objects.update
image.png

Step 1.3 – Create the Role

Verify that the correct permissions have been assigned and click on Create.

image.png

Step 2 – Service Account

In this next step, we’ll need to create a service account that allows Media Cloud to interact with Google Cloud Storage.

In the left hand navigation of the Google Cloud console, select Service accounts.

image.png

When the Service Accounts page has loaded, click on Create Service Account.

image.png

Step 2.1 – Account Details

The Create service account page is a multi-step wizard. On the first step of the wizard, enter the following information for the account:

  • The name of the account
  • An ID for the account
  • A description for the account
image.png

Click on Create to move to the next step.

image.png

On the next step, you can simply click Continue.

Step 2.3 – Generate Key

On the third step of the Create service account wizard we’ll be creating the key we’ll use in Media Cloud.

image.png

Clicking on Create Key will display a pop-up modal, giving you two options for generating a key. Select the JSON option and then click on Create.

image.png

At that point a JSON file will be downloaded to your computer that contains all of the information you need to access Google Cloud Storage with Media Cloud. Store this file in a safe and secure place.

image.png

Step 3 – Create the Bucket

The final step is to create the bucket we’ll be using with Media Cloud.

In the Google Cloud console, navigate to the Storage Browser.

image.png

When the Storage Browser loads, click on Create Bucket.

Step 3.1 – Bucket Properties

In the Creat a bucket screen, give the bucket a name, determine the storage class and select the location of the bucket. Recommended to pick a location that is close to you (if using Direct Uploading) or close to your server.

image.png

When done, click Create.

Step 3.2 – Bucket Permissions

Once the bucket has been created, you’ll be viewing the bucket in the storage browser. We’ll need to assign the service account to the bucket to give it access.

Click on Permissions and then click on Add members.

image.png

Step 3.3 – Assign User

In the modal dialog that appears, simply enter the name of the user we created in Step 2 and then select the role we created in Step 1. Click on Add to finish.

image.png

We are now done setting things up in Google Cloud. The next step is setting up Media Cloud.

Step 3.4 – Allow public access (Optional)

If you are using a bucket with the ‘Bucket Policy Only’ option set, you need to grant permission to access the items publicly. 

Click on Permissions and then click on Add members.

In the modal dialog that appears, enter allUsers, and select the Storage Object Viewer option. Click Save.

Step 4 – CORS Configuration (Optional)

If you are planning on using the Direct Upload feature, you’ll need to set a CORS policy on your bucket in Google Cloud Storage.

To do this, you’ll need to install the gsutil command line tool. You can download and install that from here: Download and Install gsutil. Be sure to follow the steps to setup authentication.

Step 4.1 – Create the CORS JSON file

You’ll need to define your CORS policy in a JSON file. Use this sample policy as a starting point:

[
    {
      "origin": ["https://yourdomain.com"],
      "responseHeader": ["*"],
      "method": ["GET", "HEAD", "DELETE", "POST", "PUT", "OPTIONS"],
      "maxAgeSeconds": 3600
    }
]

Be sure to change https://yourdomain.com to your actual domain, and possibly add more domains for your dev or staging environments.

Step 4.2 – Set the CORS Policy

Crack open a terminal and type the following:

gsutil cors set yourjsonfile.json gs://your-bucket-name 

Obviously replace yourjsonfile.json with the name of the JSON file you created in the previous step and change gs://your-bucket-name to the name of your bucket.

Verify the CORS policy has been set correctly with:

gsutil cors get gs://your-bucket-name

That’s it, CORS has been set and you now are capable of performing Direct Uploads with Media Cloud.

Step 5 – Configure Media Cloud

Now that everything has been set up with Google Cloud Storage, it’s time to setup Media Cloud.

Navigate to Settings in the Media Cloud admin menu and select Cloud Storage.

Step 5.1 – Provider Settings

In the Provider panel, set the Storage Provider to Google Cloud Storage.

Open up the JSON file we downloaded in Step 2.3 and copy it’s contents. Paste this into the Credentials field.

Set the Bucket to the name of the bucket we created earlier.

At this point, these are the basic settings you need to get Google Cloud Storage working with Media Cloud. Save the settings and run the Troubleshooter to verify that everything is working correctly.