Here is the recommended procedure for configuring a path Source Authentication for a GCP bucket storage.


Google Cloud Platform configuration

1. Creating a service account

Select your working project or create one if needed.

Then, navigate to IAM a Admin > Service Accounts.

Create a dedicated Service Account or use an existing one. In this example, we're creating one named twicpics-access.

2. Creating a bucket

Navigate to Cloud Storage > Buckets.

Then, create a bucket. In this example, we're creating one named test-twicpics.

💡 Tip: Bucket names are unique, so we recommend naming them like company-name-project-name.

In this example, we created an images folder with a test.png file in it. We recommend separating videos and images in different folders.

3. Allowing the Service Account to read from you Bucket

On the same page, open the Permissions tab and give the reader role (Storage Legacy Object Reader) to your Service Account (service-account-name@project-name.iam.gserviceaccount.com).

💡 Tip: You can go back to the Service Accounts page to retrieve the name.

Your service account is now allowed to read files from your bucket.

4. Creating an access key

Navigate to the Settings page, and go to the Interoperability tab to create a new key for your Service Account.

Save your access key and secret in a secure place. If you lose them, you will need to create new key/secret pair by following the same procedure.

Congrats — you're done configuring GCP. 🎉

TwicPics configuration

First, open your TwicPics dashboard.

Navigate to the relevant Workspace (e.g. My Company), Domain (e.g. my-company.twic.pics), and create a new Path (or edit and existing one).

⚠️ Important — Endpoint URL

Because we use the AWS S3 Signature V4 protocal, you need to use the storage.googleapis.com endpoint instead of storage.cloud.google.com.

A valid example path configuration is:

  • Path URL: images

  • Source URL: https://storage.googleapis.com/bucketName/pathInTheBucket/

In the Source Authentication section, enable authentication and set the following:

  • Authorization: AWS Signature V4

  • Access Key ID: the access key created during GCP Configuration (Step 4)

  • Secret Access Key: the secret created during GCP Configuration (Step 4)

And that's it — you can now enjoy authenticated access to a Google Cloud Platform bucket. 🎉

Did this answer your question?