# Create Cloud Storage Bucket

To let Aikido download snapshots of disks so they can be scanned for vulnerabilities, the snapshots need to be exported to a Cloud Storage bucket first.\
\
Follow the steps below to create a bucket for this purpose.

{% stepper %}
{% step %}
**Navigate to Cloud Storage**

Navigate to the [GCP Cloud Storage module](https://console.cloud.google.com/storage/browser) in the GCP Console and click on **Create** to create a new Bucket.
{% endstep %}

{% step %}
**Enter a name for the bucket**

First, you need to enter a name for the bucket. This can be anything you like, we recommend something descriptive like: **aikido-security-vm-scanning-snapshots**. Click "Continue" when ready.

<figure><img src="/files/T56PKHL0TWar0ACcDTDN" alt=""><figcaption></figcaption></figure>
{% endstep %}

{% step %}
**Configure bucket region**

For the bucket region, select a single region to host the bucket in. We recommend the following regions:

* **aikido.dev:** europe-west2
* **us.aikdo.dev:** us-east1
* **me.aikido.dev:** me-central1

<figure><img src="/files/XBjI50JUFnRXLjTewi4e" alt=""><figcaption></figcaption></figure>
{% endstep %}

{% step %}
**Choose storage class**

For the storage class, you can leave the default setting for **Standard** selected. Aikido will automatically delete objects, once they are downloaded.

<figure><img src="/files/uQ9uOtVBX0I1tm6FZwsr" alt=""><figcaption></figcaption></figure>
{% endstep %}

{% step %}
**Configure object access controls**

You can just keep the default access controls enabled for the objects. This will prevent any public access to the objects in the buckets.

<figure><img src="/files/RCTfRSxtCveWQ625XZNB" alt=""><figcaption></figcaption></figure>
{% endstep %}

{% step %}
**Configure object security**

Make sure to not enable any Data protection policies, these are not relevant for this bucket's purpose. You can leave the default encryption using the "Google-managed encryption key".

<figure><img src="/files/CDGHJLeVfQ8MBd3KUDeo" alt=""><figcaption></figcaption></figure>
{% endstep %}

{% step %}
**Create the bucket**

Click on the "Create" button once the configuration is completed. Enter the name of the bucket when setting up the VM scanning integration in Aikido.
{% endstep %}

{% step %}
**(Optional)**

Sometimes, GCP asks to confirm if you are sure you want to prevent public access to objects in the bucket, it's important to ensure that public is prevented and make sure the checkbox is checked. Click on "Confirm".

<figure><img src="/files/auq6ZFCpuH09fctI0J7s" alt=""><figcaption></figcaption></figure>
{% endstep %}
{% endstepper %}


---

# Agent Instructions: Querying This Documentation

If you need additional information that is not directly available in this page, you can query the documentation dynamically by asking a question.

Perform an HTTP GET request on the current page URL with the `ask` query parameter:

```
GET https://help.aikido.dev/virtual-machine-scanning/gcp-vm-scanning/create-cloud-storage-bucket.md?ask=<question>
```

The question should be specific, self-contained, and written in natural language.
The response will contain a direct answer to the question and relevant excerpts and sources from the documentation.

Use this mechanism when the answer is not explicitly present in the current page, you need clarification or additional context, or you want to retrieve related documentation sections.