Authoritatively manages the default object ACLs for a Google Cloud Storage bucket without managing the bucket itself.
For more information see the official documentation and API.
Example creating a default object ACL on a bucket with one owner, and one reader.
resource "google_storage_bucket" "image-store" {
name = "image-store-bucket"
location = "EU"
}
resource "google_storage_default_object_acl" "image-store-default-acl" {
bucket = google_storage_bucket.image-store.name
role_entity = [
"OWNER:user-my.email@gmail.com",
"READER:group-mygroup",
]
}
bucket
- (Required) The name of the bucket it applies to.role_entity
- (Optional) List of role/entity pairs in the form ROLE:entity
.
See GCS Object ACL documentation for more details.
Omitting the field is the same as providing an empty list.Only the arguments listed above are exposed as attributes.
This resource does not support import.