Storage Transfer Service can listen to event notifications in Google Cloud to automatically transfer data that has been added or updated in a Cloud Storage bucket. Learn more about the benefits of event-driven transfers.
Event-driven transfers from Cloud Storage use Pub/Sub notifications to know when objects in the source bucket have been modified or added. Object deletions are not detected; deleting an object at the source does not delete the associated object in the destination bucket.
Configure permissions
-
Find the name of the Storage Transfer Service service agent for your project:
Go to the
googleServiceAccounts.get
reference page.An interactive panel opens, titled Try this method.
In the panel, under Request parameters, enter your project ID. The project you specify here must be the project you're using to manage Storage Transfer Service, which might be different from the source bucket's project.
Click Execute.
Your service agent's email is returned as the value of
accountEmail
. Copy this value.The service agent's email uses the format
project-PROJECT_NUMBER@storage-transfer-service.iam.gserviceaccount.com
. Grant the
Pub/Sub Subscriber
role to the Storage Transfer Service service agent.Cloud console
Follow the instructions in Controlling access through the Google Cloud console to grant the
Pub/Sub Subscriber
role to the Storage Transfer Service service. The role can be granted at the topic, subscription, or project level.gcloud
CLIFollow the instructions in Setting a policy to add the following binding:
{ "role": "roles/pubsub.subscriber", "members": [ "serviceAccount:project-PROJECT_NUMBER@storage-transfer-service.iam.gserviceaccount.com" }
Configure Pub/Sub
Make sure that you've satisfied the Prerequisites for using Pub/Sub with Cloud Storage.
Configure Pub/Sub notification for Cloud Storage:
gcloud storage buckets notifications create gs://BUCKET_NAME --topic=TOPIC_NAME
Create a pull subscription for the topic:
gcloud pubsub subscriptions create SUBSCRIPTION_ID --topic=TOPIC_NAME --ack-deadline=300
Create a transfer job
You can use the REST API or the Google Cloud console to create an event-based transfer job.
Don't include sensitive information such as personally identifiable information (PII) or security data in your transfer job name. Resource names may be propagated to the names of other Google Cloud resources and may be exposed to Google-internal systems outside of your project.
Cloud console
Go to the Create transfer job page in the Google Cloud console.
Select Cloud Storage as both the source and the destination.
As the Scheduling mode select Event-driven and click Next step.
Select the source bucket for this transfer.
In the Event stream section, enter the subscription name:
projects/PROJECT_NAME/subscriptions/SUBSCRIPTION_ID
Optionally, define any filters, then click Next step.
Select the destination bucket for this transfer.
Optionally, enter a start and end time for the transfer. If you don't specify a time, the transfer will start immediately and will run until manually stopped.
Specify any transfer options. More information is available from the Create transfers page.
Click Create.
Once created, the transfer job starts running and an event listener waits for notifications on the Pub/Sub subscription. The job details page shows one operation each hour, and includes details on data transferred for each job.
REST
To create an event-driven transfer using the REST API, send the following JSON object to the transferJobs.create endpoint:
transfer_job { "description": "YOUR DESCRIPTION", "status": "ENABLED", "projectId": "PROJECT_ID", "transferSpec" { "gcsDataSource" { "bucketName": "GCS_SOURCE_NAME" }, "gcsDataSink": { "bucketName": "GCS_SINK_NAME" } } "eventStream" { "name": "projects/PROJECT_NAME/subscriptions/SUBSCRIPTION_ID", "eventStreamStartTime": "2022-12-02T01:00:00+00:00", "eventStreamExpirationTime": "2023-01-31T01:00:00+00:00" } }
The eventStreamStartTime
and eventStreamExpirationTime
are optional.
If the start time is omitted, the transfer starts immediately; if the end
time is omitted, the transfer continues until manually stopped.
Client libraries
Go
To learn how to install and use the client library for Storage Transfer Service, see Storage Transfer Service client libraries. For more information, see the Storage Transfer Service Go API reference documentation.
To authenticate to Storage Transfer Service, set up Application Default Credentials. For more information, see Set up authentication for a local development environment.
Java
To learn how to install and use the client library for Storage Transfer Service, see Storage Transfer Service client libraries. For more information, see the Storage Transfer Service Java API reference documentation.
To authenticate to Storage Transfer Service, set up Application Default Credentials. For more information, see Set up authentication for a local development environment.
Node.js
To learn how to install and use the client library for Storage Transfer Service, see Storage Transfer Service client libraries. For more information, see the Storage Transfer Service Node.js API reference documentation.
To authenticate to Storage Transfer Service, set up Application Default Credentials. For more information, see Set up authentication for a local development environment.
Python
To learn how to install and use the client library for Storage Transfer Service, see Storage Transfer Service client libraries. For more information, see the Storage Transfer Service Python API reference documentation.
To authenticate to Storage Transfer Service, set up Application Default Credentials. For more information, see Set up authentication for a local development environment.