Import to Google Cloud Storage

Prerequisites

Before you can configure and submit your import plan, make sure to complete the following steps so that Lyve Import Service can securely access your specified Google Cloud Storage bucket to import your data:

Seagate authorizations

Seagate requires permissions to read, write, and list to your bucket to perform the import. Hash-based message authentication code (HMAC) keys using an access ID and secret are required to authenticate requests to your cloud resources. To generate the HMAC keys, follow the steps below after creating your bucket:

1. Using the Google Cloud console, go to the Cloud Storage Buckets page and click Settings.
2. Click the Interoperability tab. Click Create A Key For A Service Account.





3. Select the service account you want the HMAC key to be associated with, or click Create New Account to create a new service account.
4. If creating a new service account, select Storage Admin for the role.





5. Add an IAM condition with the following selections:
   • Condition type = Type
   • Operator = is
   • Resource Type = storage.googleapis.com/Bucket.





Click Save.

6. Record the service account HMAC key.
7. Navigate to the Cloud Storage Buckets page and locate the bucket to which you want to assign access for your import. Click the Bucket overflow menu () and select Edit Access.
8. Click Add Principal.
9. Enter the email address of the service account the HMAC keys are associated with. Note—You can find the service account email in the IAM console.
10. Select the Storage Admin role and click Save.

Recommendations

Seagate strongly recommends the following best practices:

• Create a bucket dedicated to your Lyve Import project.
• When creating your bucket, select “Region” for location type.
• Block all public access for your bucket.
• Disable or delete the HMAC key after the cloud import project has ended.

Configure your import plan

Enter credentials

1. In Lyve Management Portal, click Import Plans in the navigation bar, and then click Configure Plan.
2. Enter your Access ID and Secret. (If you need to update the import destination first, click on the Import Destinations step and edit.)

3. Enter your bucket name. The name is case-sensitive and must match exactly.
4. (Optional) Enter a name for your folder.


Each storage device in your project will have a designated folder in your bucket. The device’s serial number will be automatically appended to the folder name at the time of import.


• Provide a name for Seagate to use to create the folder(s) in your bucket on your behalf. (Recommended)
• If you leave this field blank, Seagate will create a folder(s) for your files and will use the device’s serial number as its name.
• Alternatively, if you have an existing folder within your bucket that you would like to import your files to, provide the name of this folder.
• Important—Make sure that your bucket policy does not block folder creation. If you are providing a name for a new folder to be created, ensure that the name follows the Naming Guidelines.
5. Validate Credentials.


 If the validation fails, check that the access ID, secret, and bucket name entered are accurate, and then revalidate.
6. Check the box to confirm that you have read and understand the details in IP Address Access.
7. Click Next.

Review and submit your import plan

1. Review your import destination and credential details.
2. Check the box to confirm that you’ve read and understand the information in this reference guide.
3. Click Submit Plan.

Inviting another user to configure an import plan

If a different member of your organization needs to configure the import plan for a project, you can invite them to do so in Lyve Management Portal. See Invite Another User to Configure an Import Plan.

Naming guidelines

Bucket naming guidelines:

• Bucket names can only contain lowercase letters, numeric characters, dashes - , underscores _ , and dots . . Spaces are not allowed. Names containing dots require verification.
• Bucket names must start and end with a number or letter.
• Bucket names must contain 3-63 characters. Names containing dots can contain up to 222 characters, but each dot-separated component can be no longer than 63 characters.
• Bucket names cannot be represented as an IP address in dotted-decimal notation (for example, 192.168.5.4).
• Bucket names cannot begin with the goog prefix.
• Bucket names cannot contain google or close misspellings, such as g00gle .

Object naming guidelines:

• Object names can contain any sequence of valid Unicode characters, of length 1-1024 bytes when UTF-8 encoded.
• Object names cannot contain Carriage Return or Line Feed characters.
• Object names cannot start with .well-known/acme-challenge/.
• Objects cannot be named . or .. .

Avoid the Following in Object Names:

• Control characters that are illegal in XML 1.0 (#x7F–#x84 and #x86–#x9F): these characters cause XML listing issues when you try to list your objects.
• The # character: Google Cloud CLI commands interpret object names ending with #<numeric string> as version identifiers, so including # in object names can make it difficult or impossible to perform operations on such versioned objects using the gcloud CLI.
• The [ , ] , * , or ? characters: gcloud storage and gsutil interpret these characters as wildcards, so including them in object names can make it difficult or impossible to perform wildcard operations with those tools.
• Sensitive or personally identifiable information (PII): object names are more broadly visible than object data. For example, object names appear in URLs for the object and when listing objects in a bucket.

To learn more, see Object Naming Requirements.

Best practices

See the following knowledge base article:

• Best Practices for Cloud Storage

Troubleshooting

See the following knowledge base articles:

• Support
• Resources