0

I have an google cloud storage buckets and one rails app to access this buckets. My app works with files from 1M until 300M in uploads/downloads. On my rails app I use carriewave gem, so ...all the throughput comes to my app, after to the bucket....until now, everything normal.

Recently I implement GCP direct upload but, the base url is storage.googleapis.com. This is terrible for my customers that have such a high level security in their local networks.

I need that storage.googleapis.com becomes storage.mycustomdomain.com. In this approach my customers will just allow *.mycustomdomain.com in their networks.

Someone could help me? Tnks

Josué Henrique F. da Silva
  • 109
  • 1
  • 1
  • 6
  • 1) Neither of your problems/goals provides for good security. There is nothing wrong with using **storage.googleapis.com**. Using your own domain does not enhance security. **Allowing users to POST to cloud storage is a security risk**. You are focusing on the wrong security problem. 2) To use your own domain name you have several options. a) Use a static website https://cloud.google.com/storage/docs/hosting-static-website b) deploy a CDN with your domain name https://deliciousbrains.com/wp-offload-media/doc/how-to-set-up-a-custom-domain-cdn-for-google-cloud-storage/ – John Hanley Nov 26 '21 at 20:17

1 Answers1

1

Cloud Storage public objects are served directly from GCP through storage.googleapis.com, as explained in the documentation. From John Hanley’s comment, and according to this guide, Cloud Storage does not directly support custom domains:

Because Cloud Storage doesn't support custom domains with HTTPS on its own, this tutorial uses Cloud Storage with HTTP(S) Load Balancing to serve content from a custom domain over HTTPS.

The guide goes into creating a load balancer service which you can use to serve user content from your own domain, using the buckets as the service backend. Otherwise, it is also possible to create a CDN which is supported by Cloud Storage and uses a custom domain, as mentioned by the blog objectives:

  • I want to serve images on my website (comparison for contact lenses) from a cloud bucket.
  • I want to serve it from my domain, cdn.kontaktlinsen-preisvergleich.de
  • I need HTTPS for that domain, because my website uses HTTPS everywhere and I don’t want to mix that.

This related thread also mentions implementation of a CDN to use a custom domain to serve Cloud Storage objects.

ErnestoC
  • 2,660
  • 1
  • 6
  • 19