GCP Storage URL Signing

Configure Google Cloud Storage with Lasso to automatically generate signed URLs for secure access to your GCS content.

Google Cloud Storage URL Signing integration allows you to sign URLs for content stored in GCS buckets. Follow these steps:

Step 1: Create a Service Account

  1. Follow this guide to create a service account in Google Cloud or use an existing account.

  2. Assign the roles/storage.objectViewer role to the service account. This role allows read access to objects in your bucket.

  3. Generate a key for the service account and download the JSON key file. You’ll need this file for the next steps.

Step 2: Add Signing Information in Lasso

  1. Navigate to Settings → Integrations in Lasso.

  2. Select Google Cloud Storage and provide the following details:

    • Domain: The domain where your content resides (e.g., https://storage.googleapis.com/your-bucket).

    • Bucket: The name of your bucket.

    • Service Account Key: Upload the JSON key file for the service account.

    • TTL: The time-to-live for the signed URL (minimum 15 minutes).

    • Example URL: Provide an example URL to validate your credentials.

Step 3: Automatic Signing for Google Cloud Storage Content

After completing the setup:

  • All content originating from the specified Domain (e.g., https://storage.googleapis.com/your-bucket) will be signed automatically by Lasso when accessed.

  • Lasso uses the provided Service Account Key to generate a secure, time-limited signed URL dynamically.

  • This signed URL ensures secure access during analysis and dashboard display, without exposing your private content.

  • Expired URLs are seamlessly regenerated as needed, requiring no manual intervention.

PreviousAWS S3 URL SigningNextAzure Storage Blob URL Signing

Last updated