Skip to content

googleStorageTransferJob

Creates a new Transfer Job in Google Cloud Storage Transfer.

To get more information about Google Cloud Storage Transfer, see:

Example Usage

Example creating a nightly Transfer Job from an AWS S3 Bucket to a GCS bucket.

/*Provider bindings are generated by running cdktf get.
See https://cdk.tf/provider-generation for more details.*/
import * as google from "./.gen/providers/google";
/*The following providers are missing schema information and might need manual adjustments to synthesize correctly: google.
For a more precise conversion please use the --provider flag in convert.*/
const googlePubsubTopicTopic = new google.pubsubTopic.PubsubTopic(
  this,
  "topic",
  {
    name: "${var.pubsub_topic_name}",
  }
);
const googleStorageBucketS3BackupBucket =
  new google.storageBucket.StorageBucket(this, "s3-backup-bucket", {
    location: "US",
    name: "${var.aws_s3_bucket}-backup",
    project: "${var.project}",
    storage_class: "NEARLINE",
  });
const dataGoogleStorageTransferProjectServiceAccountDefault =
  new google.dataGoogleStorageTransferProjectServiceAccount.DataGoogleStorageTransferProjectServiceAccount(
    this,
    "default",
    {
      project: "${var.project}",
    }
  );
const googlePubsubTopicIamMemberNotificationConfig =
  new google.pubsubTopicIamMember.PubsubTopicIamMember(
    this,
    "notification_config",
    {
      member: `serviceAccount:\${${dataGoogleStorageTransferProjectServiceAccountDefault.email}}`,
      role: "roles/pubsub.publisher",
      topic: googlePubsubTopicTopic.id,
    }
  );
const googleStorageBucketIamMemberS3BackupBucket =
  new google.storageBucketIamMember.StorageBucketIamMember(
    this,
    "s3-backup-bucket_4",
    {
      bucket: googleStorageBucketS3BackupBucket.name,
      depends_on: [`\${${googleStorageBucketS3BackupBucket.fqn}}`],
      member: `serviceAccount:\${${dataGoogleStorageTransferProjectServiceAccountDefault.email}}`,
      role: "roles/storage.admin",
    }
  );
/*This allows the Terraform resource name to match the original name. You can remove the call if you don't need them to match.*/
googleStorageBucketIamMemberS3BackupBucket.overrideLogicalId(
  "s3-backup-bucket"
);
new google.storageTransferJob.StorageTransferJob(
  this,
  "s3-bucket-nightly-backup",
  {
    depends_on: [
      `\${${googleStorageBucketIamMemberS3BackupBucket.fqn}}`,
      `\${${googlePubsubTopicIamMemberNotificationConfig.fqn}}`,
    ],
    description: "Nightly backup of S3 bucket",
    notification_config: [
      {
        event_types: [
          "TRANSFER_OPERATION_SUCCESS",
          "TRANSFER_OPERATION_FAILED",
        ],
        payload_format: "JSON",
        pubsub_topic: googlePubsubTopicTopic.id,
      },
    ],
    project: "${var.project}",
    schedule: [
      {
        repeat_interval: "604800s",
        schedule_end_date: [
          {
            day: 15,
            month: 1,
            year: 2019,
          },
        ],
        schedule_start_date: [
          {
            day: 1,
            month: 10,
            year: 2018,
          },
        ],
        start_time_of_day: [
          {
            hours: 23,
            minutes: 30,
            nanos: 0,
            seconds: 0,
          },
        ],
      },
    ],
    transfer_spec: [
      {
        aws_s3_data_source: [
          {
            aws_access_key: [
              {
                access_key_id: "${var.aws_access_key}",
                secret_access_key: "${var.aws_secret_key}",
              },
            ],
            bucket_name: "${var.aws_s3_bucket}",
          },
        ],
        gcs_data_sink: [
          {
            bucket_name: googleStorageBucketS3BackupBucket.name,
            path: "foo/bar/",
          },
        ],
        object_conditions: [
          {
            exclude_prefixes: ["requests.gz"],
            max_time_elapsed_since_last_modification: "600s",
          },
        ],
        transfer_options: [
          {
            delete_objects_unique_in_sink: false,
          },
        ],
      },
    ],
  }
);

Argument Reference

The following arguments are supported:

  • description - (Required) Unique description to identify the Transfer Job.

  • transferSpec - (Required) Transfer specification. Structure documented below.

  • schedule - (Required) Schedule specification defining when the Transfer Job should be scheduled to start, end and what time to run. Structure documented below.

  • project - (Optional) The project in which the resource belongs. If it is not provided, the provider project is used.

  • status - (Optional) Status of the job. Default: enabled. NOTE: The effect of the new job status takes place during a subsequent job run. For example, if you change the job status from ENABLED to DISABLED, and an operation spawned by the transfer is running, the status change would not affect the current operation.

  • notificationConfig - (Optional) Notification configuration. This is not supported for transfers involving PosixFilesystem. Structure documented below.

The transferSpec block supports:

  • sourceAgentPoolName - (Optional) Specifies the agent pool name associated with the posix data source. When unspecified, the default name is used.

  • sinkAgentPoolName - (Optional) Specifies the agent pool name associated with the posix data sink. When unspecified, the default name is used.

  • gcsDataSink - (Optional) A Google Cloud Storage data sink. Structure documented below.

  • posixDataSink - (Optional) A POSIX data sink. Structure documented below.

  • objectConditions - (Optional) Only objects that satisfy these object conditions are included in the set of data source and data sink objects. Object conditions based on objects' lastModificationTime do not exclude objects in a data sink. Structure documented below.

  • transferOptions - (Optional) Characteristics of how to treat files from datasource and sink during job. If the option deleteObjectsUniqueInSink is true, object conditions based on objects' lastModificationTime are ignored and do not exclude objects in a data source or a data sink. Structure documented below.

  • gcsDataSource - (Optional) A Google Cloud Storage data source. Structure documented below.

  • posixDataSource - (Optional) A POSIX filesystem data source. Structure documented below.

  • awsS3DataSource - (Optional) An AWS S3 data source. Structure documented below.

  • httpDataSource - (Optional) A HTTP URL data source. Structure documented below.

  • azureBlobStorageDataSource - (Optional) An Azure Blob Storage data source. Structure documented below.

The schedule block supports:

  • scheduleStartDate - (Required) The first day the recurring transfer is scheduled to run. If scheduleStartDate is in the past, the transfer will run for the first time on the following day. Structure documented below.

  • scheduleEndDate - (Optional) The last day the recurring transfer will be run. If scheduleEndDate is the same as scheduleStartDate, the transfer will be executed only once. Structure documented below.

  • startTimeOfDay - (Optional) The time in UTC at which the transfer will be scheduled to start in a day. Transfers may start later than this time. If not specified, recurring and one-time transfers that are scheduled to run today will run immediately; recurring transfers that are scheduled to run on a future date will start at approximately midnight UTC on that date. Note that when configuring a transfer with the Cloud Platform Console, the transfer's start time in a day is specified in your local timezone. Structure documented below.

  • repeatInterval - (Optional) Interval between the start of each scheduled transfer. If unspecified, the default value is 24 hours. This value may not be less than 1 hour. A duration in seconds with up to nine fractional digits, terminated by 's'. Example: "3.5s".

The objectConditions block supports:

  • maxTimeElapsedSinceLastModification - (Optional) A duration in seconds with up to nine fractional digits, terminated by 's'. Example: "3.5s".

  • minTimeElapsedSinceLastModification - (Optional) A duration in seconds with up to nine fractional digits, terminated by 's'. Example: "3.5s".

  • includePrefixes - (Optional) If includePrefixes is specified, objects that satisfy the object conditions must have names that start with one of the includePrefixes and that do not start with any of the excludePrefixes. If includePrefixes is not specified, all objects except those that have names starting with one of the excludePrefixes must satisfy the object conditions. See Requirements.

  • excludePrefixes - (Optional) excludePrefixes must follow the requirements described for includePrefixes. See Requirements.

The transferOptions block supports:

  • overwriteObjectsAlreadyExistingInSink - (Optional) Whether overwriting objects that already exist in the sink is allowed.

  • deleteObjectsUniqueInSink - (Optional) Whether objects that exist only in the sink should be deleted. Note that this option and deleteObjectsFromSourceAfterTransfer are mutually exclusive.

  • deleteObjectsFromSourceAfterTransfer - (Optional) Whether objects should be deleted from the source after they are transferred to the sink. Note that this option and deleteObjectsUniqueInSink are mutually exclusive.

  • overwriteWhen - (Optional) When to overwrite objects that already exist in the sink. If not set, overwrite behavior is determined by overwriteObjectsAlreadyExistingInSink. Possible values: ALWAYS, DIFFERENT, NEVER.

The gcsDataSink block supports:

  • bucketName - (Required) Google Cloud Storage bucket name.

  • path - (Optional) Root path to transfer objects. Must be an empty string or full path name that ends with a '/'. This field is treated as an object prefix. As such, it should generally not begin with a '/'.

The gcsDataSource block supports:

  • bucketName - (Required) Google Cloud Storage bucket name.

  • path - (Optional) Root path to transfer objects. Must be an empty string or full path name that ends with a '/'. This field is treated as an object prefix. As such, it should generally not begin with a '/'.

The posixDataSink block supports:

  • rootDirectory - (Required) Root directory path to the filesystem.

The posixDataSource block supports:

  • rootDirectory - (Required) Root directory path to the filesystem.

The awsS3DataSource block supports:

  • bucketName - (Required) S3 Bucket name.

  • awsAccessKey - (Optional) AWS credentials block.

  • roleArn - (Optional) The Amazon Resource Name (ARN) of the role to support temporary credentials via 'AssumeRoleWithWebIdentity'. For more information about ARNs, see IAM ARNs. When a role ARN is provided, Transfer Service fetches temporary credentials for the session using a 'AssumeRoleWithWebIdentity' call for the provided role using the [GoogleServiceAccount][] for this project.

The awsAccessKey block supports:

  • accessKeyId - (Required) AWS Key ID.

  • secretAccessKey - (Required) AWS Secret Access Key.

The httpDataSource block supports:

  • listUrl - (Required) The URL that points to the file that stores the object list entries. This file must allow public access. Currently, only URLs with HTTP and HTTPS schemes are supported.

The azureBlobStorageDataSource block supports:

  • storageAccount - (Required) The name of the Azure Storage account.

  • container - (Required) The container to transfer from the Azure Storage account.`

  • path - (Required) Root path to transfer objects. Must be an empty string or full path name that ends with a '/'. This field is treated as an object prefix. As such, it should generally not begin with a '/'.

  • azureCredentials - (Required) Credentials used to authenticate API requests to Azure block.

The azureCredentials block supports:

The scheduleStartDate and scheduleEndDate blocks support:

  • year - (Required) Year of date. Must be from 1 to 9999.

  • month - (Required) Month of year. Must be from 1 to 12.

  • day - (Required) Day of month. Must be from 1 to 31 and valid for the year and month.

The startTimeOfDay blocks support:

  • hours - (Required) Hours of day in 24 hour format. Should be from 0 to 23

  • minutes - (Required) Minutes of hour of day. Must be from 0 to 59.

  • seconds - (Required) Seconds of minutes of the time. Must normally be from 0 to 59.

  • nanos - (Required) Fractions of seconds in nanoseconds. Must be from 0 to 999,999,999.

The notificationConfig block supports:

  • pubsubTopic - (Required) The Topic.name of the Pub/Sub topic to which to publish notifications. Must be of the format: projects/{project}/topics/{topic}. Not matching this format results in an INVALID_ARGUMENT error.

  • eventTypes - (Optional) Event types for which a notification is desired. If empty, send notifications for all event types. The valid types are "TRANSFER_OPERATION_SUCCESS", "TRANSFER_OPERATION_FAILED", "TRANSFER_OPERATION_ABORTED".

  • payloadFormat - (Required) The desired format of the notification message payloads. One of "NONE" or "JSON".

Attributes Reference

In addition to the arguments listed above, the following computed attributes are exported:

  • name - The name of the Transfer Job.

  • creationTime - When the Transfer Job was created.

  • lastModificationTime - When the Transfer Job was last modified.

  • deletionTime - When the Transfer Job was deleted.

Import

Storage buckets can be imported using the Transfer Job's project and name without the transferJob/ prefix, e.g.

$ terraform import google_storage_transfer_job.nightly-backup-transfer-job my-project-1asd32/8422144862922355674