# .goreleaser.yml
  # You can have multiple blob configs
    # Template for the cloud provider name
    # s3 for AWS S3 Storage
    # azblob for Azure Blob Storage
    # gs for Google Cloud Storage
    provider: azblob

    # Set a custom endpoint, useful if you're using a minio backend or
    # other s3-compatible backends.
    # Implies s3ForcePathStyle and requires provider to be `s3`

    # Sets the bucket region.
    # Requires provider to be `s3`
    # Defaults to empty.
    region: us-west-1

    # Disables SSL
    # Requires provider to be `s3`
    # Defaults to false
    disableSSL: true

    # Template for the bucket name
    bucket: goreleaser-bucket

    # IDs of the artifacts you want to upload.
    - foo
    - bar

    # Template for the path/name inside the bucket.
    # Default is `{{ .ProjectName }}/{{ .Tag }}`
    folder: "foo/bar/{{.Version}}"
    provider: gs
    bucket: goreleaser-bucket
    folder: "foo/bar/{{.Version}}"
    provider: s3
    bucket: goreleaser-bucket
    folder: "foo/bar/{{.Version}}"

Learn more about the name template engine.


Goreleaser’s blob pipe authentication varies depending upon the blob provider as mentioned below:

S3 Provider

S3 provider support AWS default credential provider chain in the following order:

  • Environment variables.

  • Shared credentials file.

  • If your application is running on an Amazon EC2 instance, IAM role for Amazon EC2.

Azure Blob Provider

Currently it supports authentication only with environment variables:


GCS Provider

GCS provider uses Application Default Credentials in the following order:

  • Default Service Account from the compute instance(Compute Engine, Kubernetes Engine, Cloud function etc).


There is no common way to set ACLs across all bucket providers, so, go-cloud does not support it yet.

You are expected to set the ACLs on the bucket/folder/etc, depending on your provider.

Last updated by Carlos Alexandro Becker on February 17, 2020. Improve this page.