Google Certified Associate Cloud Engineer 2020

Sign Up Free or Log In to participate!

@ 17:55 – Access Token for gsutil

In the Challenge video demo, i noticed at 17:55 the gsutil is requesting for an "Access Token" to create a bucket in GCS. As it is pretty straightforward, what interests me more is i was able to create the storage bucket without having to use the label in Metadata Service. Below is the script modification done for the bucket creation.

# Metadata should be set in the "lab-logs-bucket" attribute using the "gs://mybucketname/" format.  



#worker_log_bucket=$(curl -H "Metadata-Flavor: Google" "${log_bucket_metadata_url}")  

# We write a file named after this machine. 


echo "Phew!  Work completed at $(date)" >"${worker_log_file}" 

# And we copy that file to the bucket specified in the metadata.  

echo "Copying the log file to the bucket..."  

#gsutil cp "${worker_log_file}" "${worker_log_bucket}"  

gsutil cp "${worker_log_file}" gs://gcpchal-logs-bucket/

1 Answers

Yes, you could indeed hard-code the information in the script, but that would make the script harder to manage for use on more than one instance.  As ben22 noted on your other post about this, the script and lab are set up this way so as to demonstrate this useful feature that you can use to manage your GCE instances.  For example, what if you wanted to have two instances in a dev environment that write to a dev logs bucket, but ten instances in your prod environment that write to a prod logs bucket?  You wouldn’t want to have a different script for dev than you have for prod–that would be bad (and decidedly non-12-factor; see "Config").



senthil kumar

Thanks @Mattias

Mattias Andersson

No problem! 🙂

Sign In
Welcome Back!

Psst…this one if you’ve been moved to ACG!

Get Started
Who’s going to be learning?