Storage buckets and service accounts for logs, backups, and data storage
CDP requires that you pre-create and provide buckets for logs and data storage and create service accounts controlling access to them.
You should create two Google storage buckets:
- One for data storage
- One for logs
- Optionally, you can also create a third bucket for storing FreeIPA and Data Lake backups
The buckets should fulfill the following requirements:
- For best performance, create the buckets in the same region as the VPC.
- If you would like to use encryption, use a Google-managed key.
In addition to the two Google storage buckets, you should create multiple service accounts and assign roles as described in the following documentation: