Configure a GCS Origin

Media Delivery supports configuring a Google Cloud Storage (GCS) bucket as an origin. For comprehensive instructions on configuring origins, see Configure an Origin. Specific details for configuring a GCS bucket as an origin are provided in this article.

Configure the Origin

To configure a GCS origin:

1. When configuring a Single Origin, or an Origin with Failover, set the parameters described in the following steps.
2. In the Add Host Origin dialog, from the Origin Authentication dropdown, select Signature V4.

3. Define these fields:

   Attribute	Description
   Access Key	The access key ID associated with the GCP account or IAM user that has permissions to access the GCS bucket.
   Private Secret Key	Select the secret access key used to authenticate and authorize requests to the GCS bucket. If needed, first add the key to the dropdown menu.

4. In the Origin Hostname field, enter storage.googleapis.com. The bucket name itself is added to the origin request path.

   

5. Optionally, define the other attributes, as described in Configure an Origin.

6. Save the origin.

Add the Key

To make your key available for selection when configuring a GCS origin, upload it to the CDN. Note that all keys uploaded by users in your organization will be available to all projects created by users in your organization.

Here, we'll describe how to add a key using the Delivery Services Management UI. Alternatively, you can use the Keys Manager API.

To upload a key:

1. When configuring the origin, set Origin Authentication to Signature V4. Additional fields and the Manage all keys button are displayed.
   

2. Select Manage all Keys.

3. In the Key Management dialog, select Add Key.

4. In the Add Key dialog:

   • Key Name - Enter a descriptive Key Name.
   • Key - Copy the Base64 encoded cryptographic key (hashed with SHA-256).
   • Description - Enter a short text that describes the key.
     
     
     

5. Select Add Key.