Cloud Storage API - Class Google::Cloud::Storage::File (v1.44.0)

Reference documentation and code samples for the Cloud Storage API class Google::Cloud::Storage::File.

File

Represents a File (Object) that belongs to a Bucket. Files (Objects) are the individual pieces of data that you store in Google Cloud Storage. A file can be up to 5 TB in size. Files have two components: data and metadata. The data component is the data from an external file or other data source that you want to store in Google Cloud Storage. The metadata component is a collection of name-value pairs that describe various qualities of the data.

Inherits

  • Object

Examples

require "google/cloud/storage"

storage = Google::Cloud::Storage.new

bucket = storage.bucket "my-bucket"

file = bucket.file "path/to/my-file.ext"
file.download "path/to/downloaded/file.ext"

Download a public file with an unauthenticated client:

require "google/cloud/storage"

storage = Google::Cloud::Storage.anonymous

bucket = storage.bucket "public-bucket", skip_lookup: true
file = bucket.file "path/to/public-file.ext", skip_lookup: true

downloaded = file.download
downloaded.rewind
downloaded.read #=> "Hello world!"

Methods

#acl

def acl() -> File::Acl

The Acl instance used to control access to the file.

A file has owners, writers, and readers. Permissions can be granted to an individual user's email address, a group's email address, as well as many predefined lists.

Returns
Examples

Grant access to a user by prepending "user-" to an email:

require "google/cloud/storage"

storage = Google::Cloud::Storage.new

bucket = storage.bucket "my-todo-app"
file = bucket.file "avatars/heidi/400x400.png"

email = "heidi@example.net"
file.acl.add_reader "user-#{email}"

Grant access to a group by prepending "group-" to an email:

require "google/cloud/storage"

storage = Google::Cloud::Storage.new

bucket = storage.bucket "my-todo-app"
file = bucket.file "avatars/heidi/400x400.png"

email = "authors@example.net"
file.acl.add_reader "group-#{email}"

Or, grant access via a predefined permissions list:

require "google/cloud/storage"

storage = Google::Cloud::Storage.new

bucket = storage.bucket "my-todo-app"
file = bucket.file "avatars/heidi/400x400.png"

file.acl.public!

#api_url

def api_url() -> String

A URL that can be used to access the file using the REST API.

Returns
  • (String)

#bucket

def bucket() -> String

The name of the Bucket containing this file.

Returns
  • (String)

#cache_control

def cache_control() -> String

The Cache-Control directive for the file data. If omitted, and the file is accessible to all anonymous users, the default will be public, max-age=3600.

Returns
  • (String)

#cache_control=

def cache_control=(cache_control)

Updates the Cache-Control directive for the file data. If omitted, and the file is accessible to all anonymous users, the default will be public, max-age=3600.

To pass generation and/or metageneration preconditions, call this method within a block passed to #update.

Parameter
  • cache_control (String) — The Cache-Control directive.

#content_disposition

def content_disposition() -> String

The Content-Disposition of the file data.

Returns
  • (String)

#content_disposition=

def content_disposition=(content_disposition)

Updates the Content-Disposition of the file data.

To pass generation and/or metageneration preconditions, call this method within a block passed to #update.

Parameter
  • content_disposition (String) — The Content-Disposition of the file.

#content_encoding

def content_encoding() -> String

The Content-Encoding of the file data.

Returns
  • (String)

#content_encoding=

def content_encoding=(content_encoding)

Updates the Content-Encoding of the file data.

To pass generation and/or metageneration preconditions, call this method within a block passed to #update.

Parameter
  • content_encoding (String) — The Content-Encoding of the file.

#content_language

def content_language() -> String

The Content-Language of the file data.

Returns
  • (String)

#content_language=

def content_language=(content_language)

Updates the Content-Language of the file data.

To pass generation and/or metageneration preconditions, call this method within a block passed to #update.

Parameter
  • content_language (String) — The Content-Language of the file.

#content_type

def content_type() -> String

The Content-Type of the file data.

Returns
  • (String)

#content_type=

def content_type=(content_type)

Updates the Content-Type of the file data.

To pass generation and/or metageneration preconditions, call this method within a block passed to #update.

Parameter
  • content_type (String) — The Content-Type of the file.

#copy

def copy(dest_bucket_or_path, dest_path = nil, acl: nil, generation: nil, encryption_key: nil, force_copy_metadata: nil) -> Google::Cloud::Storage::File

Copies the file to a new location. Metadata excluding ACL from the source object will be copied to the destination object unless a block is provided.

If an optional block for updating is provided, only the updates made in this block will appear in the destination object, and other metadata fields in the destination object will not be copied. To copy the other source file metadata fields while updating destination fields in a block, use the force_copy_metadata: true flag, and the client library will copy metadata from source metadata into the copy request.

If a customer-supplied encryption key was used with Bucket#create_file, the encryption_key option must be provided.

Parameters
  • dest_bucket_or_path (String) — Either the bucket to copy the file to, or the path to copy the file to in the current bucket.
  • dest_path (String) — If a bucket was provided in the first parameter, this contains the path to copy the file to in the given bucket.
  • acl (String) (defaults to: nil)

    A predefined set of access controls to apply to new file.

    Acceptable values are:

    • auth, auth_read, authenticated, authenticated_read, authenticatedRead - File owner gets OWNER access, and allAuthenticatedUsers get READER access.
    • owner_full, bucketOwnerFullControl - File owner gets OWNER access, and project team owners get OWNER access.
    • owner_read, bucketOwnerRead - File owner gets OWNER access, and project team owners get READER access.
    • private - File owner gets OWNER access.
    • project_private, projectPrivate - File owner gets OWNER access, and project team members get access according to their roles.
    • public, public_read, publicRead - File owner gets OWNER access, and allUsers get READER access.
  • generation (Integer) (defaults to: nil) — Select a specific revision of the file to copy. The default is the latest version.
  • encryption_key (String) (defaults to: nil) — Optional. The customer-supplied, AES-256 encryption key used to encrypt the file, if one was provided to Bucket#create_file.
  • force_copy_metadata (Boolean) (defaults to: nil) — Optional. If true and if updates are made in a block, the following fields will be copied from the source file to the destination file (except when changed by updates):

    • cache_control
    • content_disposition
    • content_encoding
    • content_language
    • content_type
    • metadata

    If nil or false, only the updates made in the yielded block will be applied to the destination object. The default is nil.

Yields
  • (file) — a block yielding a delegate object for updating
Examples

The file can be copied to a new path in the current bucket:

require "google/cloud/storage"

storage = Google::Cloud::Storage.new

bucket = storage.bucket "my-bucket"

file = bucket.file "path/to/my-file.ext"
file.copy "path/to/destination/file.ext"

The file can also be copied to a different bucket:

require "google/cloud/storage"

storage = Google::Cloud::Storage.new

bucket = storage.bucket "my-bucket"

file = bucket.file "path/to/my-file.ext"
file.copy "new-destination-bucket",
          "path/to/destination/file.ext"

The file can also be copied by specifying a generation:

require "google/cloud/storage"

storage = Google::Cloud::Storage.new

bucket = storage.bucket "my-bucket"

file = bucket.file "path/to/my-file.ext"
file.copy "copy/of/previous/generation/file.ext",
          generation: 123456

The file can be modified during copying:

require "google/cloud/storage"

storage = Google::Cloud::Storage.new

bucket = storage.bucket "my-bucket"

file = bucket.file "path/to/my-file.ext"
file.copy "new-destination-bucket",
          "path/to/destination/file.ext" do |f|
  f.metadata["copied_from"] = "#{file.bucket}/#{file.name}"
end

#crc32c

def crc32c() -> String

The CRC32c checksum of the data, as described in RFC 4960, Appendix B. Encoded using base64 in big-endian byte order.

Returns
  • (String)

#created_at

def created_at() -> DateTime

Creation time of the file.

Returns
  • (DateTime)

#custom_time

def custom_time() -> DateTime, nil

A custom time specified by the user for the file, or nil.

Returns
  • (DateTime, nil)

#custom_time=

def custom_time=(custom_time)

Updates the custom time specified by the user for the file. Once set, custom_time can't be unset, and it can only be changed to a time in the future. If custom_time must be unset, you must either perform a rewrite operation, or upload the data again and create a new file.

To pass generation and/or metageneration preconditions, call this method within a block passed to #update.

Parameter
  • custom_time (DateTime) — A custom time specified by the user for the file.

#delete

def delete(generation: nil, if_generation_match: nil, if_generation_not_match: nil, if_metageneration_match: nil, if_metageneration_not_match: nil) -> Boolean

Permanently deletes the file.

Raises PermissionDeniedError if the object is subject to an active retention policy or hold. (See #retention_expires_at, Bucket#retention_period, #temporary_hold? and #event_based_hold?.)

Parameters
  • generation (Boolean, Integer) (defaults to: nil) — Specify a version of the file to delete. When true, it will delete the version returned by #generation. The default behavior is to delete the latest version of the file (regardless of the version to which the file is set, which is the version returned by #generation.)
  • if_generation_match (Integer) (defaults to: nil) — Makes the operation conditional on whether the file's current generation matches the given value. Setting to 0 makes the operation succeed only if there are no live versions of the file.
  • if_generation_not_match (Integer) (defaults to: nil) — Makes the operation conditional on whether the file's current generation does not match the given value. If no live file exists, the precondition fails. Setting to 0 makes the operation succeed only if there is a live version of the file.
  • if_metageneration_match (Integer) (defaults to: nil) — Makes the operation conditional on whether the file's current metageneration matches the given value.
  • if_metageneration_not_match (Integer) (defaults to: nil) — Makes the operation conditional on whether the file's current metageneration does not match the given value.
Returns
  • (Boolean) — Returns true if the file was deleted.
Examples
require "google/cloud/storage"

storage = Google::Cloud::Storage.new

bucket = storage.bucket "my-bucket"

file = bucket.file "path/to/my-file.ext"
file.delete

The file's generation can used by passing true:

require "google/cloud/storage"

storage = Google::Cloud::Storage.new

bucket = storage.bucket "my-bucket"

file = bucket.file "path/to/my-file.ext"
file.delete generation: true

A generation can also be specified:

require "google/cloud/storage"

storage = Google::Cloud::Storage.new

bucket = storage.bucket "my-bucket"

file = bucket.file "path/to/my-file.ext"
file.delete generation: 123456

#download

def download(path = nil, verify: :md5, encryption_key: nil, range: nil, skip_decompress: nil) -> ::File, StringIO

Downloads the file's contents to a local file or an File-like object.

By default, the download is verified by calculating the MD5 digest.

If a customer-supplied encryption key was used with Bucket#create_file, the encryption_key option must be provided.

Parameters
  • path (String, ::File) — The path on the local file system to write the data to. The path provided must be writable. Can also be an File object, or File-like object such as StringIO. If an file object, the object will be written to, not the filesystem. If omitted, a new StringIO instance will be written to and returned. Optional.
  • verify (Symbol) (defaults to: :md5)

    The verification algorithm used to ensure the downloaded file contents are correct. Default is :md5.

    Acceptable values are:

    • md5 - Verify file content match using the MD5 hash.
    • crc32c - Verify file content match using the CRC32c hash.
    • all - Perform all available file content verification.
    • none - Don't perform file content verification.
  • encryption_key (String) (defaults to: nil) — Optional. The customer-supplied, AES-256 encryption key used to encrypt the file, if one was provided to Bucket#create_file.
  • range (Range, String) (defaults to: nil) — Optional. The byte range of the file's contents to download or a string header value. Provide this to perform a partial download. When a range is provided, no verification is performed regardless of the verify parameter's value.
  • skip_decompress (Boolean) (defaults to: nil) — Optional. If true, the data for a Storage object returning a Content-Encoding: gzip response header will not be automatically decompressed by this client library. The default is nil. Note that all requests by this client library send the Accept-Encoding: gzip header, so decompressive transcoding is not performed in the Storage service. (See Transcoding of gzip-compressed files)
Returns
  • (::File, StringIO) — Returns a file object representing the file data. This will ordinarily be a ::File object referencing the local file system. However, if the argument to path is nil, a StringIO instance will be returned. If the argument to path is an File-like object, then that object will be returned.
Examples
require "google/cloud/storage"

storage = Google::Cloud::Storage.new

bucket = storage.bucket "my-bucket"

file = bucket.file "path/to/my-file.ext"
file.download "path/to/downloaded/file.ext"

Use the CRC32c digest by passing :crc32c.

require "google/cloud/storage"

storage = Google::Cloud::Storage.new

bucket = storage.bucket "my-bucket"

file = bucket.file "path/to/my-file.ext"
file.download "path/to/downloaded/file.ext", verify: :crc32c

Use the MD5 and CRC32c digests by passing :all.

require "google/cloud/storage"

storage = Google::Cloud::Storage.new

bucket = storage.bucket "my-bucket"

file = bucket.file "path/to/my-file.ext"
file.download "path/to/downloaded/file.ext", verify: :all

Disable the download verification by passing :none.

require "google/cloud/storage"

storage = Google::Cloud::Storage.new

bucket = storage.bucket "my-bucket"

file = bucket.file "path/to/my-file.ext"
file.download "path/to/downloaded/file.ext", verify: :none

Download to an in-memory StringIO object.

require "google/cloud/storage"

storage = Google::Cloud::Storage.new

bucket = storage.bucket "my-bucket"

file = bucket.file "path/to/my-file.ext"
downloaded = file.download
downloaded.rewind
downloaded.read #=> "Hello world!"

Download a public file with an unauthenticated client.

require "google/cloud/storage"

storage = Google::Cloud::Storage.anonymous

bucket = storage.bucket "public-bucket", skip_lookup: true
file = bucket.file "path/to/public-file.ext", skip_lookup: true

downloaded = file.download
downloaded.rewind
downloaded.read #=> "Hello world!"

Upload and download gzip-encoded file data.

require "zlib"
require "google/cloud/storage"

storage = Google::Cloud::Storage.new

gz = StringIO.new ""
z = Zlib::GzipWriter.new gz
z.write "Hello world!"
z.close
data = StringIO.new gz.string

bucket = storage.bucket "my-bucket"

bucket.create_file data, "path/to/gzipped.txt",
                   content_encoding: "gzip"

file = bucket.file "path/to/gzipped.txt"

# The downloaded data is decompressed by default.
file.download "path/to/downloaded/hello.txt"

# The downloaded data remains compressed with skip_decompress.
file.download "path/to/downloaded/gzipped.txt",
              skip_decompress: true

Partially download.

require "google/cloud/storage"

storage = Google::Cloud::Storage.new
bucket = storage.bucket "my-bucket"
file = bucket.file "path/to/my-file.ext"

downloaded = file.download range: 6..10
downloaded.rewind
downloaded.read #=> "world"

#encryption_key_sha256

def encryption_key_sha256() -> String, nil

An RFC 4648 Base64-encoded string of the SHA256 hash of the customer-supplied encryption key. You can use this SHA256 hash to uniquely identify the AES-256 encryption key required to decrypt this file.

Returns
  • (String, nil) — The encoded SHA256 hash, or nil if there is no customer-supplied encryption key for this file.

#etag

def etag() -> String

HTTP 1.1 Entity tag for the file.

Returns
  • (String)

#event_based_hold?

def event_based_hold?() -> Boolean

Whether there is an event-based hold on the file. An event-based hold will be enforced on the file as long as this property is true, even if the bucket-level retention policy would normally allow deletion. Removing the event-based hold extends the retention duration of the file to the current date plus the bucket-level policy duration. Removing the event-based hold represents that a retention-related event has occurred, and thus the retention clock ticks from the moment of the event as opposed to the creation date of the object. The default value is configured at the bucket level (which defaults to false), and is assigned to newly-created objects.

See #set_event_based_hold!, #release_event_based_hold!, Bucket#default_event_based_hold? and Bucket#default_event_based_hold=.

If a bucket's retention policy duration is modified after the event-based hold flag is unset, the updated retention duration applies retroactively to objects that previously had event-based holds. For example:

  • If the bucket's [unlocked] retention policy is removed, objects with event-based holds may be deleted immediately after the hold is removed (the duration of a nonexistent policy for the purpose of event-based holds is considered to be zero).
  • If the bucket's [unlocked] policy is reduced, objects with previously released event-based holds will be have their retention expiration dates reduced accordingly.
  • If the bucket's policy is extended, objects with previously released event-based holds will have their retention expiration dates extended accordingly. However, note that objects with event-based holds released prior to the effective date of the new policy may have already been deleted by the user.
Returns
  • (Boolean) — Returns true if there is an event-based hold on the file, otherwise false.
Example
require "google/cloud/storage"

storage = Google::Cloud::Storage.new

bucket = storage.bucket "my-bucket"
bucket.retention_period = 2592000 # 30 days in seconds

file = bucket.file "path/to/my-file.ext"

file.event_based_hold? #=> false
file.set_event_based_hold!
file.delete # raises Google::Cloud::PermissionDeniedError
file.release_event_based_hold!

# The end of the retention period is calculated from the time that
# the event-based hold was released.
file.retention_expires_at

#exists?

def exists?() -> Boolean

Determines whether the file exists in the Storage service.

Returns
  • (Boolean)

#generation

def generation() -> Fixnum

The content generation of this file. Used for object versioning.

Returns
  • (Fixnum)

#generations

def generations() -> Array<Google::Cloud::Storage::File>

Retrieves a list of versioned files for the current object.

Useful for listing archived versions of the file, restoring the live version of the file to an older version, or deleting an archived version. You can turn versioning on or off for a bucket at any time with Bucket#versioning=. Turning versioning off leaves existing file versions in place and causes the bucket to stop accumulating new archived object versions. (See Bucket#versioning? and #generation)

Returns
Example
require "google/cloud/storage"

storage = Google::Cloud::Storage.new

bucket = storage.bucket "my-bucket"

file = bucket.file "path/to/my-file.ext"
file.generation #=> 1234567890
file.generations.each do |versioned_file|
  versioned_file.generation
end

#id

def id() -> String

The ID of the file.

Returns
  • (String)

#kind

def kind() -> String

The kind of item this is. For files, this is always storage#object.

Returns
  • (String)

#kms_key

def kms_key() -> String, nil

The Cloud KMS encryption key that was used to protect the file, or nil if none has been configured.

Returns
  • (String, nil) — A Cloud KMS encryption key, or nil if none has been configured.

#md5

def md5() -> String

MD5 hash of the data; encoded using base64.

Returns
  • (String)

#media_url

def media_url() -> String

A URL that can be used to download the file using the REST API.

Returns
  • (String)

#metadata

def metadata() -> Hash(String => String)

A hash of custom, user-provided web-safe keys and arbitrary string values that will returned with requests for the file as "x-goog-meta-" response headers.

Returns
  • (Hash(String => String))

#metadata=

def metadata=(metadata)

Updates the hash of custom, user-provided web-safe keys and arbitrary string values that will returned with requests for the file as "x-goog-meta-" response headers.

To pass generation and/or metageneration preconditions, call this method within a block passed to #update.

Parameter
  • metadata (Hash(String => String)) — The user-provided metadata, in key/value pairs.

#metageneration

def metageneration() -> Fixnum

The version of the metadata for this file at this generation. Used for preconditions and for detecting changes in metadata. A metageneration number is only meaningful in the context of a particular generation of a particular file.

Returns
  • (Fixnum)

#name

def name() -> String

The name of this file.

Returns
  • (String)

#public_url

def public_url(protocol: :https) -> String
Aliases

Public URL to access the file. If the file is not public, requests to the URL will return an error. (See Acl#public! and Bucket::DefaultAcl#public!) To share a file that is not public see #signed_url.

Parameter
  • protocol (String) (defaults to: :https) — The protocol to use for the URL. Default is HTTPS.
Returns
  • (String)
Examples
require "google/cloud/storage"

storage = Google::Cloud::Storage.new

bucket = storage.bucket "my-todo-app"
file = bucket.file "avatars/heidi/400x400.png"
public_url = file.public_url

Generate the URL with a protocol other than HTTPS:

require "google/cloud/storage"

storage = Google::Cloud::Storage.new

bucket = storage.bucket "my-todo-app"
file = bucket.file "avatars/heidi/400x400.png"
public_url = file.public_url protocol: "http"

#refresh!

def refresh!(generation: nil)
Alias Of: #reload!

Reloads the file with current data from the Storage service.

Parameter
  • generation (Boolean, Integer) (defaults to: nil) — Specify a version of the file to reload with. When true, it will reload the version returned by #generation. The default behavior is to reload with the latest version of the file (regardless of the version to which the file is set, which is the version returned by #generation.)
Examples
require "google/cloud/storage"

storage = Google::Cloud::Storage.new

bucket = storage.bucket "my-bucket"

file = bucket.file "path/to/my-file.ext"
file.reload!

The file's generation can used by passing true:

require "google/cloud/storage"

storage = Google::Cloud::Storage.new

bucket = storage.bucket "my-bucket"

file = bucket.file "path/to/my-file.ext", generation: 123456
file.reload! generation: true

A generation can also be specified:

require "google/cloud/storage"

storage = Google::Cloud::Storage.new

bucket = storage.bucket "my-bucket"

file = bucket.file "path/to/my-file.ext", generation: 123456
file.reload! generation: 123457

#release_event_based_hold!

def release_event_based_hold!()

Sets the event-based hold property of the file to false. Removing the event-based hold extends the retention duration of the file to the current date plus the bucket-level policy duration. Removing the event-based hold represents that a retention-related event has occurred, and thus the retention clock ticks from the moment of the event as opposed to the creation date of the object. The default value is configured at the bucket level (which defaults to false), and is assigned to newly-created objects.

See #event_based_hold?, #set_event_based_hold!, Bucket#default_event_based_hold? and Bucket#default_event_based_hold=.

To pass generation and/or metageneration preconditions, call this method within a block passed to #update.

Example
require "google/cloud/storage"

storage = Google::Cloud::Storage.new

bucket = storage.bucket "my-bucket"
bucket.retention_period = 2592000 # 30 days in seconds

file = bucket.file "path/to/my-file.ext"

file.event_based_hold? #=> false
file.set_event_based_hold!
file.delete # raises Google::Cloud::PermissionDeniedError
file.release_event_based_hold!

# The end of the retention period is calculated from the time that
# the event-based hold was released.
file.retention_expires_at

#release_temporary_hold!

def release_temporary_hold!()

Sets the temporary hold property of the file to false. This property is used to enforce a temporary hold on a file. While it is set to true, the file is protected against deletion and overwrites. Once removed, the file's retention_expires_at date is not changed. The default value is false.

See #retention_expires_at.

To pass generation and/or metageneration preconditions, call this method within a block passed to #update.

Example
require "google/cloud/storage"

storage = Google::Cloud::Storage.new

bucket = storage.bucket "my-bucket"
file = bucket.file "path/to/my-file.ext"

file.temporary_hold? #=> false
file.set_temporary_hold!
file.delete # raises Google::Cloud::PermissionDeniedError

file.release_temporary_hold!
file.delete

#reload!

def reload!(generation: nil)
Aliases

Reloads the file with current data from the Storage service.

Parameter
  • generation (Boolean, Integer) (defaults to: nil) — Specify a version of the file to reload with. When true, it will reload the version returned by #generation. The default behavior is to reload with the latest version of the file (regardless of the version to which the file is set, which is the version returned by #generation.)
Examples
require "google/cloud/storage"

storage = Google::Cloud::Storage.new

bucket = storage.bucket "my-bucket"

file = bucket.file "path/to/my-file.ext"
file.reload!

The file's generation can used by passing true:

require "google/cloud/storage"

storage = Google::Cloud::Storage.new

bucket = storage.bucket "my-bucket"

file = bucket.file "path/to/my-file.ext", generation: 123456
file.reload! generation: true

A generation can also be specified:

require "google/cloud/storage"

storage = Google::Cloud::Storage.new

bucket = storage.bucket "my-bucket"

file = bucket.file "path/to/my-file.ext", generation: 123456
file.reload! generation: 123457

#retention_expires_at

def retention_expires_at() -> DateTime, nil

The retention expiration time of the file. This field is indirectly mutable when the retention policy applicable to the object changes. The date represents the earliest time that the object could be deleted, assuming no temporary hold is set. (See #temporary_hold?.) It is provided when both of the following are true:

  • There is a retention policy on the bucket.
  • The eventBasedHold flag is unset on the object.

Note that it can be provided even when #temporary_hold? is true (so that the user can reason about policy without having to first unset the temporary hold).

Returns
  • (DateTime, nil) — A DateTime representing the earliest time at which the object can be deleted, or nil if there are no restrictions on deleting the object.

#rewrite

def rewrite(dest_bucket_or_path, dest_path = nil, acl: nil, generation: nil, if_generation_match: nil, if_generation_not_match: nil, if_metageneration_match: nil, if_metageneration_not_match: nil, if_source_generation_match: nil, if_source_generation_not_match: nil, if_source_metageneration_match: nil, if_source_metageneration_not_match: nil, encryption_key: nil, new_encryption_key: nil, new_kms_key: nil, force_copy_metadata: nil) -> Google::Cloud::Storage::File

Rewrites the file to a new location. Or the same location can be provided to rewrite the file in place. Metadata from the source object will be copied to the destination object unless a block is provided.

If an optional block for updating is provided, only the updates made in this block will appear in the destination object, and other metadata fields in the destination object will not be copied. To copy the other source file metadata fields while updating destination fields in a block, use the force_copy_metadata: true flag, and the client library will copy metadata from source metadata into the copy request.

If a customer-supplied encryption key was used with Bucket#create_file, the encryption_key option must be provided. Unlike #copy, separate encryption keys are used to read (encryption_key) and to write (new_encryption_key) file contents.

Parameters
  • dest_bucket_or_path (String) — Either the bucket to rewrite the file to, or the path to rewrite the file to in the current bucket.
  • dest_path (String) — If a bucket was provided in the first parameter, this contains the path to rewrite the file to in the given bucket.
  • acl (String) (defaults to: nil)

    A predefined set of access controls to apply to new file.

    Acceptable values are:

    • auth, auth_read, authenticated, authenticated_read, authenticatedRead - File owner gets OWNER access, and allAuthenticatedUsers get READER access.
    • owner_full, bucketOwnerFullControl - File owner gets OWNER access, and project team owners get OWNER access.
    • owner_read, bucketOwnerRead - File owner gets OWNER access, and project team owners get READER access.
    • private - File owner gets OWNER access.
    • project_private, projectPrivate - File owner gets OWNER access, and project team members get access according to their roles.
    • public, public_read, publicRead - File owner gets OWNER access, and allUsers get READER access.
  • generation (Integer) (defaults to: nil) — Select a specific revision of the file to rewrite. The default is the latest version.
  • if_generation_match (Integer) (defaults to: nil) — Makes the operation conditional on whether the destination file's current generation matches the given value. Setting to 0 makes the operation succeed only if there are no live versions of the file.
  • if_generation_not_match (Integer) (defaults to: nil) — Makes the operation conditional on whether the destination file's current generation does not match the given value. If no live file exists, the precondition fails. Setting to 0 makes the operation succeed only if there is a live version of the file.
  • if_metageneration_match (Integer) (defaults to: nil) — Makes the operation conditional on whether the destination file's current metageneration matches the given value.
  • if_metageneration_not_match (Integer) (defaults to: nil) — Makes the operation conditional on whether the destination file's current metageneration does not match the given value.
  • if_source_generation_match (Integer) (defaults to: nil) — Makes the operation conditional on whether the source object's current generation matches the given value.
  • if_source_generation_not_match (Integer) (defaults to: nil) — Makes the operation conditional on whether the source object's current generation does not match the given value.
  • if_source_metageneration_match (Integer) (defaults to: nil) — Makes the operation conditional on whether the source object's current metageneration matches the given value.
  • if_source_metageneration_not_match (Integer) (defaults to: nil) — Makes the operation conditional on whether the source object's current metageneration does not match the given value.
  • encryption_key (String) (defaults to: nil) — Optional. The customer-supplied, AES-256 encryption key used to decrypt the file, if the existing file is encrypted.
  • new_encryption_key (String, nil) (defaults to: nil) — Optional. The new customer-supplied, AES-256 encryption key with which to encrypt the file. If not provided, the rewritten file will be encrypted using the default server-side encryption, or the new_kms_key if one is provided. Do not provide if new_kms_key is used.
  • new_kms_key (String) (defaults to: nil) — Optional. Resource name of the Cloud KMS key, of the form projects/my-prj/locations/kr-loc/keyRings/my-kr/cryptoKeys/my-key, that will be used to encrypt the file. The KMS key ring must use the same location as the bucket.The Service Account associated with your project requires access to this encryption key. Do not provide if new_encryption_key is used.
  • force_copy_metadata (Boolean) (defaults to: nil) — Optional. If true and if updates are made in a block, the following fields will be copied from the source file to the destination file (except when changed by updates):

    • cache_control
    • content_disposition
    • content_encoding
    • content_language
    • content_type
    • metadata

    If nil or false, only the updates made in the yielded block will be applied to the destination object. The default is nil.

Yields
  • (file) — a block yielding a delegate object for updating
Examples

The file can be rewritten to a new path in the bucket:

require "google/cloud/storage"

storage = Google::Cloud::Storage.new

bucket = storage.bucket "my-bucket"

file = bucket.file "path/to/my-file.ext"
file.rewrite "path/to/destination/file.ext"

The file can also be rewritten to a different bucket:

require "google/cloud/storage"

storage = Google::Cloud::Storage.new

bucket = storage.bucket "my-bucket"

file = bucket.file "path/to/my-file.ext"
file.rewrite "new-destination-bucket",
             "path/to/destination/file.ext"

The file can also be rewritten by specifying a generation:

require "google/cloud/storage"

storage = Google::Cloud::Storage.new

bucket = storage.bucket "my-bucket"

file = bucket.file "path/to/my-file.ext"
file.rewrite "copy/of/previous/generation/file.ext",
             generation: 123456

The file can be modified during rewriting:

require "google/cloud/storage"

storage = Google::Cloud::Storage.new

bucket = storage.bucket "my-bucket"

file = bucket.file "path/to/my-file.ext"
file.rewrite "new-destination-bucket",
             "path/to/destination/file.ext" do |f|
  f.metadata["rewritten_from"] = "#{file.bucket}/#{file.name}"
end

Rewriting with a customer-supplied encryption key:

require "google/cloud/storage"

storage = Google::Cloud::Storage.new

bucket = storage.bucket "my-bucket"

# Old key was stored securely for later use.
old_key = "y\x03\"\x0E\xB6\xD3\x9B\x0E\xAB*\x19\xFAv\xDEY\xBEI..."

# Key generation shown for example purposes only. Write your own.
cipher = OpenSSL::Cipher.new "aes-256-cfb"
cipher.encrypt
new_key = cipher.random_key

file = bucket.file "path/to/my-file.ext", encryption_key: old_key
file.rewrite "new-destination-bucket",
             "path/to/destination/file.ext",
             encryption_key: old_key,
             new_encryption_key: new_key do |f|
  f.metadata["rewritten_from"] = "#{file.bucket}/#{file.name}"
end

Rewriting with a customer-managed Cloud KMS encryption key:

require "google/cloud/storage"

storage = Google::Cloud::Storage.new

bucket = storage.bucket "my-bucket"

# KMS key ring must use the same location as the bucket.
kms_key_name = "projects/a/locations/b/keyRings/c/cryptoKeys/d"

# Old customer-supplied key was stored securely for later use.
old_key = "y\x03\"\x0E\xB6\xD3\x9B\x0E\xAB*\x19\xFAv\xDEY\xBEI..."

file = bucket.file "path/to/my-file.ext", encryption_key: old_key
file.rewrite "new-destination-bucket",
             "path/to/destination/file.ext",
             encryption_key: old_key,
             new_kms_key: kms_key_name do |f|
  f.metadata["rewritten_from"] = "#{file.bucket}/#{file.name}"
end

#rotate

def rotate(encryption_key: nil, new_encryption_key: nil, new_kms_key: nil) -> Google::Cloud::Storage::File

Rewrites the file to the same #bucket and #name with a new customer-supplied encryption key.

If a new key is provided to this method, the new key must be used to subsequently download or copy the file. You must securely manage your keys and ensure that they are not lost. Also, please note that file metadata is not encrypted, with the exception of the CRC32C checksum and MD5 hash. The names of files and buckets are also not encrypted, and you can read or update the metadata of an encrypted file without providing the encryption key.

Parameters
  • encryption_key (String, nil) (defaults to: nil) — Optional. The last customer-supplied, AES-256 encryption key used to encrypt the file, if one was used.
  • new_encryption_key (String, nil) (defaults to: nil) — Optional. The new customer-supplied, AES-256 encryption key with which to encrypt the file. If not provided, the rewritten file will be encrypted using the default server-side encryption, or the new_kms_key if one is provided. Do not provide if new_kms_key is used.
  • new_kms_key (String) (defaults to: nil) — Optional. Resource name of the Cloud KMS key, of the form projects/my-prj/locations/kr-loc/keyRings/my-kr/cryptoKeys/my-key, that will be used to encrypt the file. The KMS key ring must use the same location as the bucket.The Service Account associated with your project requires access to this encryption key. Do not provide if new_encryption_key is used.
Examples

Rotating to a new customer-supplied encryption key:

require "google/cloud/storage"

storage = Google::Cloud::Storage.new
bucket = storage.bucket "my-bucket"

# Old key was stored securely for later use.
old_key = "y\x03\"\x0E\xB6\xD3\x9B\x0E\xAB*\x19\xFAv\xDEY\xBEI..."

file = bucket.file "path/to/my-file.ext", encryption_key: old_key

# Key generation shown for example purposes only. Write your own.
cipher = OpenSSL::Cipher.new "aes-256-cfb"
cipher.encrypt
new_key = cipher.random_key

file.rotate encryption_key: old_key, new_encryption_key: new_key

Rotating to a customer-managed Cloud KMS encryption key:

require "google/cloud/storage"

storage = Google::Cloud::Storage.new
bucket = storage.bucket "my-bucket"

# KMS key ring must use the same location as the bucket.
kms_key_name = "projects/a/locations/b/keyRings/c/cryptoKeys/d"

# Old key was stored securely for later use.
old_key = "y\x03\"\x0E\xB6\xD3\x9B\x0E\xAB*\x19\xFAv\xDEY\xBEI..."

file = bucket.file "path/to/my-file.ext", encryption_key: old_key

file.rotate encryption_key: old_key, new_kms_key: kms_key_name

#set_event_based_hold!

def set_event_based_hold!()

Sets the event-based hold property of the file to true. This property enforces an event-based hold on the file as long as this property is true, even if the bucket-level retention policy would normally allow deletion. The default value is configured at the bucket level (which defaults to false), and is assigned to newly-created objects.

See #event_based_hold?, #release_event_based_hold!, Bucket#default_event_based_hold? and Bucket#default_event_based_hold=.

If a bucket's retention policy duration is modified after the event-based hold is removed, the updated retention duration applies retroactively to objects that previously had event-based holds. For example:

  • If the bucket's [unlocked] retention policy is removed, objects with event-based holds may be deleted immediately after the hold is removed (the duration of a nonexistent policy for the purpose of event-based holds is considered to be zero).
  • If the bucket's [unlocked] policy is reduced, objects with previously released event-based holds will be have their retention expiration dates reduced accordingly.
  • If the bucket's policy is extended, objects with previously released event-based holds will have their retention expiration dates extended accordingly. However, note that objects with event-based holds released prior to the effective date of the new policy may have already been deleted by the user.

To pass generation and/or metageneration preconditions, call this method within a block passed to #update.

Example
require "google/cloud/storage"

storage = Google::Cloud::Storage.new

bucket = storage.bucket "my-bucket"
bucket.retention_period = 2592000 # 30 days in seconds

file = bucket.file "path/to/my-file.ext"

file.event_based_hold? #=> false
file.set_event_based_hold!
file.delete # raises Google::Cloud::PermissionDeniedError
file.release_event_based_hold!

# The end of the retention period is calculated from the time that
# the event-based hold was released.
file.retention_expires_at

#set_temporary_hold!

def set_temporary_hold!()

Sets the temporary hold property of the file to true. This property is used to enforce a temporary hold on a file. While it is set to true, the file is protected against deletion and overwrites. Once removed, the file's retention_expires_at date is not changed. The default value is false.

To pass generation and/or metageneration preconditions, call this method within a block passed to #update.

See #retention_expires_at.

Example
require "google/cloud/storage"

storage = Google::Cloud::Storage.new

bucket = storage.bucket "my-bucket"
file = bucket.file "path/to/my-file.ext"

file.temporary_hold? #=> false
file.set_temporary_hold!
file.delete # raises Google::Cloud::PermissionDeniedError

#signed_url

def signed_url(method: "GET", expires: nil, content_type: nil, content_md5: nil, headers: nil, issuer: nil, client_email: nil, signing_key: nil, private_key: nil, signer: nil, query: nil, scheme: "HTTPS", virtual_hosted_style: nil, bucket_bound_hostname: nil, version: nil) -> String

Generates a signed URL for the file. See Signed URLs for more information.

Generating a signed URL requires service account credentials, either by connecting with a service account when calling Google::Cloud.storage, or by passing in the service account issuer and signing_key values. Although the private key can be passed as a string for convenience, creating and storing an instance of OpenSSL::PKey::RSA is more efficient when making multiple calls to signed_url.

A SignedUrlUnavailable is raised if the service account credentials are missing. Service account credentials are acquired by following the steps in Service Account Authentication.

Parameters
  • method (String) (defaults to: "GET") — The HTTP verb to be used with the signed URL. Signed URLs can be used with GET, HEAD, PUT, and DELETE requests. Default is GET.
  • expires (Integer) (defaults to: nil) — The number of seconds until the URL expires. If the version is :v2, the default is 300 (5 minutes). If the version is :v4, the default is 604800 (7 days).
  • content_type (String) (defaults to: nil) — When provided, the client (browser) must send this value in the HTTP header. e.g. text/plain. This param is not used if the version is :v4.
  • content_md5 (String) (defaults to: nil) — The MD5 digest value in base64. If you provide this in the string, the client (usually a browser) must provide this HTTP header with this same value in its request. This param is not used if the version is :v4.
  • headers (Hash) (defaults to: nil) — Google extension headers (custom HTTP headers that begin with x-goog-) that must be included in requests that use the signed URL.
  • issuer (String) (defaults to: nil) — Service Account's Client Email.
  • client_email (String) (defaults to: nil) — Service Account's Client Email.
  • signing_key (OpenSSL::PKey::RSA, String, Proc) (defaults to: nil) — Service Account's Private Key or a Proc that accepts a single String parameter and returns a RSA SHA256 signature using a valid Google Service Account Private Key.
  • private_key (OpenSSL::PKey::RSA, String, Proc) (defaults to: nil) — Service Account's Private Key or a Proc that accepts a single String parameter and returns a RSA SHA256 signature using a valid Google Service Account Private Key.
  • signer (OpenSSL::PKey::RSA, String, Proc) (defaults to: nil) — Service Account's Private Key or a Proc that accepts a single String parameter and returns a RSA SHA256 signature using a valid Google Service Account Private Key.

    When using this method in environments such as GAE Flexible Environment, GKE, or Cloud Functions where the private key is unavailable, it may be necessary to provide a Proc (or lambda) via the signer parameter. This Proc should return a signature created using a RPC call to the Service Account Credentials signBlob method as shown in the example below.

  • query (Hash) (defaults to: nil) — Query string parameters to include in the signed URL. The given parameters are not verified by the signature.

    Parameters such as response-content-disposition and response-content-type can alter the behavior of the response when using the URL, but only when the file resource is missing the corresponding values. (These values can be permanently set using #content_disposition= and #content_type=.)

  • scheme (String) (defaults to: "HTTPS") — The URL scheme. The default value is HTTPS.
  • virtual_hosted_style (Boolean) (defaults to: nil) — Whether to use a virtual hosted-style hostname, which adds the bucket into the host portion of the URI rather than the path, e.g. https://mybucket.storage.googleapis.com/.... For V4 signing, this also sets the host header in the canonicalized extension headers to the virtual hosted-style host, unless that header is supplied via the headers param. The default value of false uses the form of https://storage.googleapis.com/mybucket.
  • bucket_bound_hostname (String) (defaults to: nil) — Use a bucket-bound hostname, which replaces the storage.googleapis.com host with the name of a CNAME bucket, e.g. a bucket named gcs-subdomain.my.domain.tld, or a Google Cloud Load Balancer which routes to a bucket you own, e.g. my-load-balancer-domain.tld.
  • version (Symbol, String) (defaults to: nil) — The version of the signed credential to create. Must be one of :v2 or :v4. The default value is :v2.
Returns
  • (String) — The signed URL.
Raises
Examples
require "google/cloud/storage"

storage = Google::Cloud::Storage.new

bucket = storage.bucket "my-todo-app"
file = bucket.file "avatars/heidi/400x400.png"
shared_url = file.signed_url

Using the expires and version options:

require "google/cloud/storage"

storage = Google::Cloud::Storage.new

bucket = storage.bucket "my-todo-app"
file = bucket.file "avatars/heidi/400x400.png"
shared_url = file.signed_url expires: 300, # 5 minutes from now
                             version: :v4

Using the issuer and signing_key options:

require "google/cloud/storage"

storage = Google::Cloud::Storage.new

bucket = storage.bucket "my-todo-app"
file = bucket.file "avatars/heidi/400x400.png"
key = OpenSSL::PKey::RSA.new "-----BEGIN PRIVATE KEY-----\n..."
shared_url = file.signed_url issuer: "service-account@gcloud.com",
                             signing_key: key

Using the headers option:

require "google/cloud/storage"

storage = Google::Cloud::Storage.new

bucket = storage.bucket "my-todo-app"
file = bucket.file "avatars/heidi/400x400.png"
shared_url = file.signed_url method: "GET",
                             headers: {
                               "x-goog-acl" => "public-read",
                               "x-goog-meta-foo" => "bar,baz"
                             }

Generating a signed URL for resumable upload:

require "google/cloud/storage"

storage = Google::Cloud::Storage.new

bucket = storage.bucket "my-todo-app"
file = bucket.file "avatars/heidi/400x400.png", skip_lookup: true
url = file.signed_url method: "POST",
                      content_type: "image/png",
                      headers: {
                        "x-goog-resumable" => "start"
                      }
# Send the `x-goog-resumable:start` header and the content type
# with the resumable upload POST request.

Using Cloud IAMCredentials signBlob to create the signature:

require "google/cloud/storage"
require "google/apis/iamcredentials_v1"
require "googleauth"

# Issuer is the service account email that the Signed URL will be signed with
# and any permission granted in the Signed URL must be granted to the
# Google Service Account.
issuer = "service-account@project-id.iam.gserviceaccount.com"

# Create a lambda that accepts the string_to_sign
signer = lambda do |string_to_sign|
  IAMCredentials = Google::Apis::IamcredentialsV1
  iam_client = IAMCredentials::IAMCredentialsService.new

  # Get the environment configured authorization
  scopes = ["https://www.googleapis.com/auth/iam"]
  iam_client.authorization = Google::Auth.get_application_default scopes

  request = Google::Apis::IamcredentialsV1::SignBlobRequest.new(
    payload: string_to_sign
  )
  resource = "projects/-/serviceAccounts/#{issuer}"
  response = iam_client.sign_service_account_blob resource, request
  response.signed_blob
end

storage = Google::Cloud::Storage.new

bucket = storage.bucket "my-todo-app"
file = bucket.file "avatars/heidi/400x400.png", skip_lookup: true
url = file.signed_url method: "GET", issuer: issuer,
                      signer: signer

#size

def size() -> Integer

Content-Length of the data in bytes.

Returns
  • (Integer)

#storage_class

def storage_class() -> String

The file's storage class. This defines how the file is stored and determines the SLA and the cost of storage. For more information, see Storage Classes and Per-Object Storage Class.

Returns
  • (String)

#storage_class=

def storage_class=(storage_class)

Rewrites the file with a new storage class, which determines the SLA and the cost of storage. Accepted values include:

  • :standard
  • :nearline
  • :coldline
  • :archive

as well as the equivalent strings returned by #storage_class or Bucket#storage_class. For more information, see Storage Classes and Per-Object Storage Class. The default value is the default storage class for the bucket. See Bucket#storage_class.

To pass generation and/or metageneration preconditions, call this method within a block passed to #update.

Parameter
  • storage_class (Symbol, String) — Storage class of the file.

#temporary_hold?

def temporary_hold?() -> Boolean

Whether there is a temporary hold on the file. A temporary hold will be enforced on the file as long as this property is true, even if the bucket-level retention policy would normally allow deletion. When the temporary hold is removed, the normal bucket-level policy rules once again apply. The default value is false.

Returns
  • (Boolean) — Returns true if there is a temporary hold on the file, otherwise false.
Example
require "google/cloud/storage"

storage = Google::Cloud::Storage.new

bucket = storage.bucket "my-bucket"
file = bucket.file "path/to/my-file.ext"

file.temporary_hold? #=> false
file.set_temporary_hold!
file.delete # raises Google::Cloud::PermissionDeniedError

#update

def update(generation: nil, if_generation_match: nil, if_generation_not_match: nil, if_metageneration_match: nil, if_metageneration_not_match: nil)

Updates the file with changes made in the given block in a single PATCH request. The following attributes may be set: #cache_control=, #content_disposition=, #content_encoding=, #content_language=, #content_type=, #custom_time= and #metadata=. The #metadata hash accessible in the block is completely mutable and will be included in the request.

Parameters
  • generation (Integer) (defaults to: nil) — Select a specific revision of the file to update. The default is the latest version.
  • if_generation_match (Integer) (defaults to: nil) — Makes the operation conditional on whether the file's current generation matches the given value. Setting to 0 makes the operation succeed only if there are no live versions of the file.
  • if_generation_not_match (Integer) (defaults to: nil) — Makes the operation conditional on whether the file's current generation does not match the given value. If no live file exists, the precondition fails. Setting to 0 makes the operation succeed only if there is a live version of the file.
  • if_metageneration_match (Integer) (defaults to: nil) — Makes the operation conditional on whether the file's current metageneration matches the given value.
  • if_metageneration_not_match (Integer) (defaults to: nil) — Makes the operation conditional on whether the file's current metageneration does not match the given value.
Yields
  • (file) — a block yielding a delegate object for updating the file
Examples
require "google/cloud/storage"

storage = Google::Cloud::Storage.new

bucket = storage.bucket "my-bucket"

file = bucket.file "path/to/my-file.ext"

file.update do |f|
  f.cache_control = "private, max-age=0, no-cache"
  f.content_disposition = "inline; filename=filename.ext"
  f.content_encoding = "deflate"
  f.content_language = "de"
  f.content_type = "application/json"
  f.custom_time = DateTime.new 2025, 12, 31
  f.metadata["player"] = "Bob"
  f.metadata["score"] = "10"
end

With a if_generation_match precondition:

require "google/cloud/storage"

storage = Google::Cloud::Storage.new

bucket = storage.bucket "my-bucket"

file = bucket.file "path/to/my-file.ext"

file.update if_generation_match: 1602263125261858 do |f|
  f.cache_control = "private, max-age=0, no-cache"
end

#updated_at

def updated_at() -> DateTime

The creation or modification time of the file. For buckets with versioning enabled, changing an object's metadata does not change this property.

Returns
  • (DateTime)

#url

def url(protocol: :https) -> String
Alias Of: #public_url

Public URL to access the file. If the file is not public, requests to the URL will return an error. (See Acl#public! and Bucket::DefaultAcl#public!) To share a file that is not public see #signed_url.

Parameter
  • protocol (String) (defaults to: :https) — The protocol to use for the URL. Default is HTTPS.
Returns
  • (String)
Examples
require "google/cloud/storage"

storage = Google::Cloud::Storage.new

bucket = storage.bucket "my-todo-app"
file = bucket.file "avatars/heidi/400x400.png"
public_url = file.public_url

Generate the URL with a protocol other than HTTPS:

require "google/cloud/storage"

storage = Google::Cloud::Storage.new

bucket = storage.bucket "my-todo-app"
file = bucket.file "avatars/heidi/400x400.png"
public_url = file.public_url protocol: "http"

#user_project

def user_project()

If this attribute is set to true, transit costs for operations on the file will be billed to the current project for this client. (See Project#project for the ID of the current project.) If this attribute is set to a project ID, and that project is authorized for the currently authenticated service account, transit costs will be billed to that project. This attribute is required with requester pays-enabled buckets. The default is nil.

In general, this attribute should be set when first retrieving the owning bucket by providing the user_project option to Project#bucket or Project#buckets.

See also Bucket#requester_pays= and Bucket#requester_pays.

Example

Setting a non-default project:

require "google/cloud/storage"

storage = Google::Cloud::Storage.new

bucket = storage.bucket "other-project-bucket", user_project: true
file = bucket.file "path/to/file.ext" # Billed to current project
file.user_project = "my-other-project"
file.download "file.ext" # Billed to "my-other-project"

#user_project=

def user_project=(value)

If this attribute is set to true, transit costs for operations on the file will be billed to the current project for this client. (See Project#project for the ID of the current project.) If this attribute is set to a project ID, and that project is authorized for the currently authenticated service account, transit costs will be billed to that project. This attribute is required with requester pays-enabled buckets. The default is nil.

In general, this attribute should be set when first retrieving the owning bucket by providing the user_project option to Project#bucket or Project#buckets.

See also Bucket#requester_pays= and Bucket#requester_pays.

Example

Setting a non-default project:

require "google/cloud/storage"

storage = Google::Cloud::Storage.new

bucket = storage.bucket "other-project-bucket", user_project: true
file = bucket.file "path/to/file.ext" # Billed to current project
file.user_project = "my-other-project"
file.download "file.ext" # Billed to "my-other-project"