GCP Storage Transfer Transfer Job
A Storage Transfer Service (STS) transfer job is a GCP resource that defines and schedules the movement of data between cloud or on-premises locations—most commonly between Cloud Storage buckets, Amazon S3 buckets, or on-premises file systems. A job contains the source and destination specifications, an execution schedule, optional filters, and notification settings. Once created, STS runs transfer operations according to the job’s schedule until the job is paused or deleted.
Official documentation: https://cloud.google.com/storage-transfer/docs/reference/rest/v1/transferJobs#TransferJob
Terrafrom Mappings:
google_storage_transfer_job.name
Supported Methods
GET: Get a gcp-storage-transfer-transfer-job by its "name"LIST: List all gcp-storage-transfer-transfer-jobSEARCH
Possible Links
gcp-iam-service-account
Storage Transfer Service executes each job using a dedicated service account (either the default project-number@storage-transfer-service.iam.gserviceaccount.com or a user-supplied account specified in the job). Overmind links the transfer job to the service account it utilises so that you can verify the account’s permissions and assess the blast radius of compromised credentials.
gcp-pub-sub-topic
A transfer job can be configured to send progress and completion notifications to a Pub/Sub topic. Overmind records this relationship to let you trace where operational or security events originating from STS will be published.
gcp-storage-bucket
Buckets may appear in a transfer job as sources, destinations, or intermediary temporary buckets. Linking the job to the buckets it touches enables dependency mapping and helps surface risks such as overly permissive bucket IAM policies or data residency concerns.