Google Cloud Storage
In GCS Console, to create a bucket and a User Account HMAC key for Google Cloud Storage programmatic (S3-compatible) access.
Create (or select) a project
- Sign in to Google Cloud Console → top bar project selector → choose or create the target project.
Create a GCS bucket
- Left menu → Cloud Storage → Buckets → Create
- Bucket name: globally unique, lowercase, no spaces
- Location: among region/dual/multi, choose "region"
- Storage class: Standard
- Access control: Uniform
- Other options (encryption/retention): leave defaults
- Click Create
Generate a User Account HMAC key
- Left menu → Cloud Storage → Settings → Interoperability.
- If Interoperability is not enabled, enable it when prompted.
- Section: "Access keys for your user account".
- Click "Create a key".
- A key pair is generated:
- Access key (Access ID)
- Secret key
- Copy/save both immediately; the secret is shown once.
Permissions considerations
- User account must have permissions on the bucket/project. Commonly, grant Storage Object Admin (broad) or a narrower role on the bucket if you want least privilege.
- If the account lacks required permissions, add them in IAM: IAM & Admin → IAM → Add principal (the user) → choose a suitable Storage role.
Region
Choose the correct region through Bucket Region.
For example, one bucket created in Seoul, Korea is assigned with region name: "asia-northeast3".
Rotation
create a new key and delete the old key in Interoperability → key list.