Skip to content

Managing UbiOps storage buckets

This page will show you how you can create a new bucket in your project, and manage its permissions.

If you need more functionality, like listing all buckets in your project or deleting buckets, have a look at our Python client library or API specification.

Deleting buckets

If you delete a bucket that is managed by UbiOps, the files in the bucket will be deleted together with the bucket. For other storage providers the files in the bucket are not removed but the connection from UbiOps to the bucket will be removed.

Creating buckets

New storage buckets are created on project level. In the WebApp you can create a new bucket on the storage page, that you can find in the side menu.

create-bucket

On the storage page, click Create new bucket to either create a new UbiOps hosted bucket, or to connect to an existing bucket from another provider.

To connect an existing storage bucket in your own cloud environment, check the respective how-to's:

You can also use our Python client library to create a bucket using either environment variables or authorization parameters:

import ubiops

core_api = ubiops.CoreApi()

project_name = 'project_name_example' # str
data = ubiops.BucketCreate('name': 'example-bucket', 'ttl' = 604800) # BucketCreate
# Create bucket
api_response = core_api.buckets_create(project_name, data)
print(api_response)

# Close the connection
core_api.api_client.close()
import ubiops

configuration = ubiops.Configuration()
# Configure API token authorization
configuration.api_key['Authorization'] = "Token <YOUR_API_TOKEN>"
# Defining host is optional and default to "https://api.ubiops.com/v2.1"
configuration.host = "https://api.ubiops.com/v2.1"

api_client = ubiops.ApiClient(configuration)
core_api = ubiops.CoreApi(api_client)

project_name = 'project_name_example' # str
data = ubiops.BucketCreate('name': 'example-bucket', 'ttl' = 604800) # BucketCreate
# Create bucket
api_response = core_api.buckets_create(project_name, data)
print(api_response)

# Close the connection
api_client.close()

The ttl (time to live) parameter determines how long your files will be kept inside your bucket before they are automatically deleted. It must be a multiple of 604800 seconds (one week). If you don't want your files to be autodeleted after a certain time, you need to pass null as the ttl.

Managing bucket permissions

bucket-permissions

You can manage access to any bucket, except the default bucket, for the following user types:

  • Project members
  • Service users (API tokens)
  • Deployments

The default bucket is accessible to every project member, deployment or pipeline in the project with read and write access. However, service users need to be granted permissions to use this bucket.

Permissions can be granted by assigning file-related roles. There are four default roles for working with files:

  • files-reader: this role has read only permissions for files
  • files-writer: this role can read and write files
  • files-reader-restricted: this role has read only permissions and cannot list files. If users interacting with your deployment should only be able to view the specific files related to a request they made, you should use this role. This role is particularly useful for publicly exposed deployments.
  • files-writer-restricted: same as above, but then also with write permissions.

Deployments need to be explicitly granted permissions to read from and write to buckets, except the default bucket. In case that your deployment has an input/output field of datatype file or array of files and you want to access another bucket, make sure to grant the deployment permissions to do so.

For more information on assigning roles, see the permissions page.