Host a static website

This tutorial describes how to configure a Deject Storage saucepan to host a static website for a domain you ain. Static spider web pages tin can comprise client-side technologies such as HTML, CSS, and JavaScript. They cannot contain dynamic content such as server-side scripts similar PHP.

Considering Cloud Storage doesn't back up custom domains with HTTPS on its own, this tutorial uses Cloud Storage with HTTP(South) Load Balancing to serve content from a custom domain over HTTPS. For more ways to serve content from a custom domain over HTTPS, encounter the related troubleshooting topic. You can also use Cloud Storage to serve custom domain content over HTTP, which doesn't require a load balancer.

For examples and tips on static web pages, including how to host static assets for a dynamic website, see the Static Website page.

Objectives

This tutorial shows you lot how to:
  • Create a bucket.
  • Upload and share your site'southward files.
  • Set up a load balancer and SSL certificate.
  • Connect your load balancer to your bucket.
  • Signal your domain to your load balancer using an A record.
  • Test the website.

Costs

This tutorial uses the following billable components of Google Deject:

  • Cloud Storage
  • Deject Load Balancing

Encounter the Monitoring your charges tip for details on what charges may be incurred when hosting a static website.

Before you begin

  1. Sign in to your Google Cloud account. If y'all're new to Google Cloud, create an business relationship to evaluate how our products perform in existent-earth scenarios. New customers as well get $300 in free credits to run, test, and deploy workloads.

  2. In the Google Cloud Console, on the project selector page, select or create a Google Cloud project.

    Get to project selector

  3. Brand sure that billing is enabled for your Cloud project. Larn how to cheque if billing is enabled on a project.

  4. In the Google Cloud Console, on the projection selector folio, select or create a Google Cloud project.

    Go to project selector

  5. Make sure that billing is enabled for your Cloud project. Learn how to check if billing is enabled on a project.

  6. Take a domain that you own or manage. If you don't have an existing domain, there are many services through which you tin can register a new domain, such equally Google Domains and Cloud Domains.

    This tutorial uses the domain instance.com.

  7. Take a few website files you want to serve. This tutorial works all-time if you take at least an alphabetize page (index.html) and a 404 page (404.html).
  8. Accept the following Identity and Access Management roles: Storage Object Admin and Network Admin.
  9. (Optional) You can give your Cloud Storage bucket the same name as your domain. To exercise and then, you must Verify that you own or manage the domain that you will be using. Make sure you are verifying the top-level domain, such as example.com, and not a subdomain, such as www.instance.com.

    Notation: If you own the domain you lot are associating to a bucket, y'all might have already performed this step in the past. If y'all purchased your domain through Google Domains, verification is automatic.

Create a bucket

To create a bucket:

Console

  1. In the Google Cloud Console, go to the Cloud Storage Browser folio.

    Go to Browser

  2. Click Create bucket.
  3. On the Create a bucket page, enter your bucket information. To go to the side by side stride, click Continue.
    • For Proper noun your bucket, enter a proper noun that meets the bucket name requirements.
    • For Cull where to shop your data, select a Location type and Location where the bucket data will be permanently stored.
    • For Cull a default storage grade for your data, select a storage grade for the bucket. The default storage course is assigned by default to all objects uploaded to the bucket.

      Notation: The Monthly cost judge panel in the right pane estimates the bucket'southward monthly costs based on your selected storage course and location, as well as your expected data size and operations.

    • For Choose how to control access to objects, select whether or not your bucket enforces public admission prevention, and select an Access control model for your bucket's objects.

      Note: If public admission prevention is already enforced past your project's arrangement policy, the Preclude public admission toggle is locked.

    • For Choose how to protect object data, configure Protection tools if desired, and select a Data encryption method.
  4. Click Create.

To learn how to get detailed mistake information nigh failed operations in the Cloud Storage browser, see Troubleshooting.

Command line

Use the gsutil mb command:

gsutil mb gs://BUCKET_NAME

Where:

  • BUCKET_NAME is the proper name you want to give your bucket, subject area to naming requirements. For example, my-saucepan.

If the asking is successful, the command returns the following message:

Creating gs://BUCKET_NAME/...

Prepare the following optional flags to take greater command over the creation of your saucepan:

  • -p: Specify the projection ID or project number with which your bucket will exist associated. For example, my-project.
  • -c: Specify the default storage class of your bucket. For example, NEARLINE.
  • -l: Specify the location of your saucepan. For example, U.s.a.-EAST1.
  • -b: Specify the uniform bucket-level access setting for your saucepan. For example, ON.

    • For a consummate list of options for gsutil saucepan creation, see mb options.

For example:

                              gsutil mb -p                              PROJECT_ID                              -c                              STORAGE_CLASS                              -l                              BUCKET_LOCATION                              -b on gs://BUCKET_NAME

Code samples

Terraform

Residue APIS

JSON API

  1. Get an authorization access token from the OAuth 2.0 Playground. Configure the playground to use your ain OAuth credentials. For instructions, see API authentication.
  2. Create a .json file that contains the settings for the bucket, which must include a name for the bucket. See the Buckets:Insert documentation for a complete list of settings. The post-obit are common settings to include:
    3. {   "name": "BUCKET_NAME",   "location": "BUCKET_LOCATION",   "storageClass": "STORAGE_CLASS",   "iamConfiguration": {     "uniformBucketLevelAccess": {       "enabled": true     },   } }

    Where:

    • BUCKET_NAME is the name y'all want to requite your saucepan, subject to naming requirements. For instance, my-bucket.
    • BUCKET_LOCATION is the location where you want to store your bucket's object data. For example, The states-EAST1.
    • STORAGE_CLASS is the default storage course of your bucket. For example, NEARLINE.
  3. Use curlicue to call the JSON API: 
    curl -X POST --data-binary @JSON_FILE_NAME.json \      -H "Authorization: Bearer                                      OAUTH2_TOKEN" \      -H "Content-Type: application/json" \      "https://storage.googleapis.com/storage/v1/b?project=PROJECT_IDENTIFIER"

    Where:

    • JSON_FILE_NAME is proper noun of the JSON file you created in Step ii.
    • OAUTH2_TOKEN is the access token yous generated in Footstep 1.
    • PROJECT_IDENTIFIER is the ID or number of the projection with which your saucepan will be associated. For example, my-project.

XML API

  1. Get an authorization access token from the OAuth 2.0 Playground. Configure the playground to use your ain OAuth credentials. For instructions, see API authentication.
  2. Create a .xml file that contains the following data:
    3. <CreateBucketConfiguration>    <LocationConstraint>BUCKET_LOCATION</LocationConstraint>    <StorageClass>STORAGE_CLASS</StorageClass> </CreateBucketConfiguration>

    Where:

    • BUCKET_LOCATION is the location where y'all want to store your bucket's object data. For case, U.s.a.-EAST1.
    • STORAGE_CLASS is the default storage grade of your saucepan. For example, NEARLINE.
  3. Apply cURL to phone call the XML API: 
    ringlet -X PUT --data-binary @XML_FILE_NAME.xml \      -H "Authority: Bearer                                      OAUTH2_TOKEN" \      -H "x-goog-project-id:                                      PROJECT_ID" \      "https://storage.googleapis.com/BUCKET_NAME"

    Where:

    • XML_FILE_NAME is proper noun of the XML file y'all created in Pace 2.
    • OAUTH2_TOKEN is the admission token y'all generated in Step 1.
    • PROJECT_ID is the ID of the project with which your bucket will be associated. For example, my-project.
    • BUCKET_NAME is the name yous desire to requite your bucket, field of study to naming requirements. For example, my-bucket.

Upload your site'southward files

Add together the files you desire your website to serve to the saucepan:

Console

  1. In the Google Cloud Console, go to the Cloud Storage Browser page.

    Go to Browser

  2. In the listing of buckets, click the proper name of the bucket that you created.

    The Bucket details folio opens with the Objects tab selected.

  3. Click the Upload files push.

  4. In the file dialog, browse to the desired file and select it.

Afterward the upload completes, you should run into the filename forth with file information displayed in the bucket.

To learn how to become detailed error information about failed operations in the Cloud Storage browser, see Troubleshooting.

gsutil

Apply the gsutil cp control to re-create files to your bucket. For example, to re-create the file index.html from its current location Desktop to the bucket my-static-assets:

gsutil cp Desktop/alphabetize.html gs://my-static-assets

If successful, the command returns:

Copying file://Desktop/index.html [Content-Type=text/html]... Uploading   gs://my-static-assets/index.html:       0 B/2.58 KiB Uploading   gs://my-static-assets/index.html:       2.58 KiB/2.58 KiB

Code samples

Remainder APIs

JSON API

  1. Become an authorisation access token from the OAuth two.0 Playground. Configure the playground to use your ain OAuth credentials. For instructions, see API hallmark.

  2. Use cURL to call the JSON API with a POST Object request. For the file index.html uploaded to a saucepan named my-static-avails:

    curl -X POST --data-binary @index.html \   -H "Content-Type: text/html" \   -H "Authorization: Bearer ya29.AHES6ZRVmB7fkLtd1XTmq6mo0S1wqZZi3-Lh_s-6Uw7p8vtgSwg" \   "https://storage.googleapis.com/upload/storage/v1/b/my-static-avails/o?uploadType=media&name=index.html"

XML API

  1. Get an authorization admission token from the OAuth 2.0 Playground. Configure the playground to utilize your own OAuth credentials. For instructions, see API hallmark.

  2. Use coil to call the XML API with a PUT Object request. For the file index.html uploaded to a bucket named my-static-avails:

    coil -X PUT --data-binary @index.html \   -H "Authorization: Bearer ya29.AHES6ZRVmB7fkLtd1XTmq6mo0S1wqZZi3-Lh_s-6Uw7p8vtgSwg" \   -H "Content-Type: text/html" \   "https://storage.googleapis.com/my-static-assets/index.html"

Share your files

To brand all objects in your bucket readable to anyone on the public net:

Panel

  1. In the Google Deject Console, go to the Cloud Storage Browser folio.

    Go to Browser

  2. In the list of buckets, click the name of the bucket that you want to make public.

  3. Select the Permissions tab almost the meridian of the folio.

  4. Click the + Add button.

    The Add principals dialog box appears.

  5. In the New principals field, enter allUsers.

  6. In the Select a role drop down, select the Cloud Storage sub-carte, and click the Storage Object Viewer option.

  7. Click Save.

  8. Click Allow public access.

In one case shared publicly, a link icon appears for each object in the public access column. You can click this icon to get the URL for the object.

To learn how to become detailed fault information about failed operations in the Cloud Storage browser, see Troubleshooting.

gsutil

Use the gsutil iam ch command:

gsutil iam ch allUsers:objectViewer gs://my-static-assets

Code samples

Remainder APIs

JSON API

  1. Get an authorisation access token from the OAuth 2.0 Playground. Configure the playground to use your own OAuth credentials. For instructions, see API authentication.

  2. Create a JSON file that contains the post-obit information:

    {   "bindings":[     {       "role": "roles/storage.objectViewer",       "members":["allUsers"]     }   ] }

  3. Utilise cURL to telephone call the JSON API with a PUT Bucket request:

    ringlet -Ten PUT --information-binary @JSON_FILE_NAME                                    \   -H "Authorisation: Bearer                                    OAUTH2_TOKEN" \   -H "Content-Blazon: application/json" \   "https://storage.googleapis.com/storage/v1/b/BUCKET_NAME/iam"

    Where:

    • JSON_FILE_NAME is the path for the JSON file that you created in Stride 2.
    • OAUTH2_TOKEN is the admission token yous created in Step i.
    • BUCKET_NAME is the name of the bucket whose objects y'all desire to make public. For example, my-static-assets.

XML API

Making all objects in a bucket publicly readable is not supported past the XML API. Use gsutil or the JSON API instead, or set up ACLs for each individual object.

To make individual objects in your bucket publicly accessible, you need to switch your bucket'southward Admission control mode to Fine-grained. Generally, making all files in your saucepan publicly attainable is easier and faster.

Visitors receive a http 403 response code when requesting the URL for a non-public or non-existent file. See the next section for information on how to add together an fault folio that uses a http 404 response code.

Recommended: Assign specialty pages

You can assign an index page suffix, which is controlled by the MainPageSuffix property, and a custom mistake page, which is controlled by the NotFoundPage holding. Assigning either is optional, but without an alphabetize page, zippo is served when users access your top-level site, for example, https://world wide web.example.com. For more data about the MainPageSuffix and NotFoundPage backdrop, see Specialty pages.

In the post-obit sample, the MainPageSuffix is set to alphabetize.html and NotFoundPage is set to 404.html:

Panel

  1. In the Google Deject Console, go to the Cloud Storage Browser page.

    Go to Browser

  2. In the list of buckets, find the bucket y'all created.

  3. Click the Saucepan overflow menu () associated with the bucket and select Edit website configuration.

  4. In the website configuration dialog, specify the main page and error page.

  5. Click Save.

To learn how to go detailed mistake information almost failed operations in the Cloud Storage browser, see Troubleshooting.

gsutil

Use the gsutil web ready command to gear up the MainPageSuffix property with the -m flag and the NotFoundPage with the -east flag:

gsutil web ready -m index.html -eastward 404.html gs://my-static-assets

If successful, the command returns:

Setting website config on gs://my-static-assets/...

Code samples

REST APIs

JSON API

  1. Get an authorization access token from the OAuth 2.0 Playground. Configure the playground to use your own OAuth credentials. For instructions, see API authentication.

  2. Create a JSON file that sets the mainPageSuffix and notFoundPage properties in a website object to the desired pages:

    {   "website":{     "mainPageSuffix": "index.html",     "notFoundPage": "404.html"   } }

  3. Use cURL to phone call the JSON API with a PATCH Bucket request. For the saucepan my-static-assets:

    scroll -X PATCH --information-binary @spider web-config.json \   -H "Authorization: Bearer ya29.AHES6ZRVmB7fkLtd1XTmq6mo0S1wqZZi3-Lh_s-6Uw7p8vtgSwg" \   -H "Content-Type: application/json" \   "https://storage.googleapis.com/storage/v1/b/my-static-avails"

XML API

  1. Get an authorization access token from the OAuth 2.0 Playground. Configure the playground to utilize your own OAuth credentials. For instructions, see API authentication.

  2. Create an XML file that sets the MainPageSuffix and NotFoundPage elements in a WebsiteConfiguration element to the desired pages:

    <WebsiteConfiguration>   <MainPageSuffix>index.html</MainPageSuffix>   <NotFoundPage>404.html</NotFoundPage> </WebsiteConfiguration>

  3. Use cURL to telephone call the XML API with a PUT Bucket request and websiteConfig query string parameter. For my-static-assets:

    curl -X PUT --data-binary @web-config.xml \   -H "Say-so: Bearer ya29.AHES6ZRVmB7fkLtd1XTmq6mo0S1wqZZi3-Lh_s-6Uw7p8vtgSwg" \   https://storage.googleapis.com/my-static-assets?websiteConfig

Fix your load balancer and SSL document

Deject Storage doesn't support custom domains with HTTPS on its own, so you besides demand to set up an SSL certificate fastened to an HTTPS load balancer to serve your website through HTTPS. This department shows you how to add your saucepan to a load balancer's backend and how to add a new Google-managed SSL certificate to the load balancer's forepart end.

  1. Become to the Load balancing page in the Google Cloud Panel.
    Go to the Load balancing page
  2. Under HTTP(S) load balancing, click Start configuration.
  3. Select From Internet to my VMs and click Continue.
  4. Requite your load balancer a Name, such equally example-lb.

Configure the backend

  1. Click Backend configuration.
  2. In the Create or select backend services & backend buckets dropdown, get to the Backend buckets sub-carte, and click the Create a backend bucket selection.
  3. Choose a Name for the backend saucepan, such as example-saucepan.
  4. Click Browse under Cloud Storage bucket.
  5. Select the my-static-avails bucket and click Select.
  6. If you want to use Deject CDN, select the checkbox for Enable Deject CDN. Leave the Cache mode selection as Enshroud static content. Notation that Cloud CDN may incur additional costs.
  7. Click Create.

Configure host rules and path matchers

Host rules and path matchers are configuration components of an external HTTP(S) load balancer'south URL map.

  1. Click Host and path rules.
  2. Get out Mode at the default Simple host and path rule for the backend bucket case-bucket, which you created before.

Configure the frontend

This department shows y'all how to configure the HTTPS protocol and create an SSL certificate. Y'all tin also select an existing document or upload a self-managed SSL certificate.

  1. Click Frontend configuration.

  2. Configure the values for the post-obit fields:

    • Protocol: HTTPS
    • Network Service Tier: Premium
    • IP version: IPv4. If y'all prefer IPv6, see IPv6 termination for additional information.

  3. For the IP address field:

    1. In the dropdown, click Create IP accost.
    2. In the Reserve a new static IP accost pop-upwards, enter instance-ip for the Proper noun of the IP accost.
    3. Click Reserve.

  4. For Port, select 443.

  5. For the Document field, select Create a new certificate. The certificate cosmos form appears in a panel. Configure the following:

    • Name: example-ssl
    • Create style: Create Google-managed certificate
    • Domains: www.case.com. If y'all want to serve your content through additional domains such as the root domain instance.com, press Enter to add together them on additional lines. Each document has a limit of 100 domains.

  6. Click Create.

  7. Click Washed.

Review the configuration

  1. Click Review and finalize.
  2. Review the Backend configuration, Host and path rules, and Frontend configuration.
  3. Click Create.

You may need to await a few minutes for the load balancer to be created.

Connect your domain to your load balancer

After the load balancer is created, click the proper noun of your load balancer: example-lb. Note the IP address associated with the load balancer: for example, 30.ninety.fourscore.100. To signal your domain to your load balancer, create an A record using your domain registration service. If you added multiple domains to your SSL certificate, you must add together an A record for each i, all pointing to the load balancer'southward IP address. For instance, to create A records for world wide web.example.com and instance.com:

Proper name                  Type     DATA www                   A        30.90.80.100 @                     A        30.ninety.80.100

If you are using Google Domains, encounter the Google Domains Help folio for more data.

It might take up to 60-xc minutes for Google Cloud to provision the certificate and make the site available through the load balancer. To monitor the status of your document:

Panel

  1. Go to the Load balancing page in the Google Cloud Console.
    Go to the Load balancing page
  2. Click the proper noun of your load balancer: example-lb.
  3. Click the proper noun of the SSL document associated with the load balancer: example-ssl.
  4. The Status and Domain status rows show the certificate condition. Both must be agile in social club for the certificate to exist valid for your website.

gcloud

  1. To check the certificate status, run the following command:

    gcloud beta compute ssl-certificates describe                                CERTIFICATE_NAME                                \   --global \   --format="become(proper name,managed.condition)"

  2. To cheque the domain condition, run the post-obit command:

    gcloud beta compute ssl-certificates draw                                CERTIFICATE_NAME                                \   --global \   --format="get(managed.domainStatus)"

See Troubleshooting SSL certificates for more than data most document status.

Test the website

One time the SSL certificate is active, verify that content is served from the bucket past going to https://world wide web.example.com/exam.html, where test.html is an object stored in the bucket that you lot're using as the backend. If you set the MainPageSuffix holding, https://world wide web.instance.com goes to index.html.

Clean up

After you finish the tutorial, you can make clean upward the resources that you created and so that they stop using quota and incurring charges. The following sections describe how to delete or turn off these resource.

Delete the projection

The easiest way to eliminate billing is to delete the projection that you created for the tutorial.

To delete the project:

  1. In the Cloud Panel, go to the Manage resource folio.

    Become to Manage resources

  2. In the project list, select the project that you desire to delete, and and then click Delete.
  3. In the dialog, type the project ID, and so click Shut downwards to delete the project.

Delete the load balancer and bucket

If you don't want to delete the entire project, delete the load balancer and bucket that yous created for the tutorial:

  1. Go to the Load balancing page in the Google Cloud Console.
    Go to the Load balancing page
  2. Select the checkbox next to example-lb.
  3. Click Delete.
  4. (Optional) Select the checkbox side by side to the resources you want to delete along with the load balancer, such as the my-static-assets bucket or the example-ssl SSL certificate.
  5. Click Delete load balancer or Delete load balancer and the selected resource.

Release a reserved IP address

To delete the reserved IP accost you lot used for the tutorial:

  1. In the Deject Panel, get to the External IP addresses page.

    Become to External IP addresses

  2. Select the checkboxes next to instance-ip.

  3. Click Release static address.

  4. In the confirmation window, click Delete.

What's side by side

  • Larn how to serve your static website over HTTP.
  • See examples and tips for using buckets to host a static website.
  • Visit the troubleshooting section for hosting a static website.
  • Acquire about hosting static assets for a dynamic website.
  • Learn almost other Google Cloud web serving solutions.
  • Try other Google Cloud tutorials that utilise Cloud Storage.

If you're new to Google Cloud, create an account to evaluate how Cloud Storage performs in real-world scenarios. New customers too get $300 in gratis credits to run, examination, and deploy workloads.

Attempt Cloud Storage free