How to use IBM® App Connect with Google Cloud Storage

Google Cloud Storage is an object storage service for storing and accessing live or archived data. Data is stored in containers that are called buckets. It is a flexible cloud storage product with several options to manage and store your data.
Availability:
  • A connector in IBM App Connect Enterprise as a ServiceApp Connect Enterprise as a Service connector
  • A local connector in a Designer instance of IBM App Connect in containers (Continuous Delivery release)Local connector in containers (Continuous Delivery release) 11.0.0.11-r2 or later
  • A local connector in a Designer instance of IBM App Connect in containers (Long Term Support)Local connector in containers (Long Term Support release)

The following information describes how to use App Connect to connect to Google Cloud Storage.

Supported product and API versions

To find out which product and API versions this connector supports, see Detailed System Requirements on the IBM Support page.

What to consider first

If you have access to specific buckets, you can create an account by using the bucket name along with your Google Cloud Storage access key and secret. Access to App Connect actions and events using that buckets are then limited to the permissions associated with the role assigned to you in Google Cloud Storage. The same applies to any bucket you have access to outside of the Google Cloud Storage account you sign in to App Connect with. For more information, see Working with buckets not associated with your Google Cloud Storage account.

Connecting to Google Cloud Storage

To connect App Connect to a Google Cloud Storage account, you need to provide the following connection details:
Secret
Specify the secret for your Google Cloud Storage user account. For more information, see https://cloud.google.com/storage/docs/authentication/hmackeys and ensure you set a default project for interoperable access for your user account.
  • Required: True
Access ID
Specify the access ID for your Google Cloud Storage user account. For more information, see https://cloud.google.com/storage/docs/authentication/hmackeys and ensure you set a default project for interoperable access for your user account.
  • Required: True
Bucket name
Specify the bucket name from your Google Cloud Storage account if you only have access to specific buckets in your Google Cloud Storage account
  • Required: False
To find these credentials, complete the following steps:
  1. Open your Google Cloud Platform Storage browser in the Google Cloud Console.
  2. If you are not already logged in, you will be prompted to enter the credentials for your Google Cloud Console account.
  3. Select the project that you want to work with using the project selection menu in the navigation bar.
  4. Open the Settings page.
  5. Click the Interoperability tab.
  6. In the User account HMAC section, set the project that you selected in Step 3 as the default project.
    Setting a default project in Google Cloud Storage
  7. To create the access keys you need to connect in App Connect, click CREATE A KEY.
    Create a key button

    The Access key and Secret are displayed.

To connect to a Google Cloud Storage endpoint from the App Connect Designer Catalog page for the first time, expand Google Cloud Storage, then click Connect.

General considerations for using Google Cloud Storage in App Connect

  • Before you use the account that is created in App Connect in a flow, rename the account to something meaningful that helps you to identify it. To rename the account on the Catalog page, select the account, open its options menu (⋮), then click Rename Account.

  • If you have access to specific buckets only, you can create an account using that bucket name. To see other buckets that are not associated with your account, you need to use the advanced mode in App Connect to explicitly specify that bucket. For example, in the following scenario Nicholas has his own Google Cloud Storage account with project 1040721463034. He also has access to another bucket (MM_test_2), in a different project 841753217240 in another account.
    1. Using an event driven flow in App Connect, he selects a Retrieve bucket ACLs action.
    2. The only buckets presented to him are the buckets in his project that he signed in with.
      Google Cloud Storage bucket list in App Connect
    3. To see the bucket that he has been given access to from project 841753217240 he needs to select Switch to advanced mode and then in the *Bucket field, type the name of the bucket that he wants to perform the action on.
    4. He tests this action, which produces a 200 OK success result.
      Advanced mode showing bucket field and test result
    5. In the Google Cloud Storage UI, if his role is changed from Storage Legacy Bucket Owner to Storage Legacy Bucket Reader then he is unable to perform a Retrieve action in App Connect and App Connect throws an error.
      403 test result after changing roles
    6. As a reader he is unable to perform a Retrieve action because his role as a Storage Legacy Bucket Reader grants permission to read object metadata, excluding IAM policies, when listing objects.
  • (General consideration) You can see lists of the trigger events and actions that are available on the Catalog page of the App Connect Designer.

    For some applications, the events and actions in the catalog depend on the environment and whether the connector supports configurable events and dynamic discovery of actions. If the application supports configurable events, you see a Show more configurable events link under the events list. If the application supports dynamic discovery of actions, you see a Show more link under the actions list.

  • (General consideration) If you are using multiple accounts for an application, the set of fields that is displayed when you select an action for that application can vary for different accounts. In the flow editor, some applications always provide a curated set of static fields for an action. Other applications use dynamic discovery to retrieve the set of fields that are configured on the instance that you are connected to. For example, if you have two accounts for two instances of an application, the first account might use settings that are ready for immediate use. However, the second account might be configured with extra custom fields.

Events and actions

Google Cloud Storage events

These events are for changes in this application that trigger a flow to start completing the actions in the flow.

Note: Events are not available for changes in this application. You can trigger a flow in other ways, such as at a scheduled interval or at specific dates and times.

Google Cloud Storage actions

Your flow completes these actions on this application.

Bucket ACLs
Retrieve bucket ACLs
Update bucket ACL
Bucket CORS configuration
Retrieve bucket CORS configurations
Update bucket CORS configuration
Bucket lifecycle configuration
Retrieve bucket lifecycle configurations
Update bucket lifecycle configuration
Bucket location
Retrieve bucket location
Bucket logging configuration
Retrieve bucket logging configurations
Update bucket logging configuration
Bucket tags
Get bucket tags
Set bucket tags
Bucket versioning
Get bucket versioning
Set bucket versioning
Bucket website
Retrieve bucket website
Update bucket website
Buckets
Create bucket
Retrieve buckets
Delete bucket
Set bucket default storage class
Get bucket default storage class
Object ACLs
Retrieve object ACLs
Update object ACL
Object versioning
Retrieve object versioning
Objects
Retrieve objects
Update or create object
Delete object
Copy object
Download object content

Examples

Screenshot of the dashboard tile for a template that uses Google Cloud Storage

Use templates to quickly create flows for Google Cloud Storage

Learn how to use App Connect templates to quickly create flows that perform actions on Google Cloud Storage. For example, open the Templates gallery, and then search for Google Cloud Storage.

Learn more