BigQuery

Steps

1. Make sure the BigQuery project has the correct API enabled

2. Create a dedicated service account with the right set of permissions

3. Generate a credentials JSON file

1. Enable Cloud Resource Manager API

• In the Google Cloud Console, navigate to the APIs & Services > Library page.

• In the search bar, type "Cloud Resource Manager API".

• Click on the search result for the Cloud Resource Manager API and click the Enable button

2. Service account creation and permissions

We recommend using a dedicated service account with the appropriate set of permissions.

To create a service account follow these steps :

• Go to https://console.cloud.google.com/iam-admin/serviceaccounts

• Select you project

• Click on “Create service account”

• Input the necessary informations : service account name, service account id (automatically generated), description. Click on “Create and continue”

Grant access

• You can either define access right now or do it from the IAM menu later. If you do it now give the recommended roles are :

  • bigquery.jobUser and bigquery.dataEditor

  • This will allow the service account to query data in the tables of the project the service account has access to as well as create temporary tables for computation in your project.

• In both cases, validate by clicking “Done”

If you want to Edit the service account roles go to https://console.cloud.google.com/iam-admin/iam, select the service account from the list and edit roles by clicking on the pencil on the right side.

(If the service account does not appear in the list, try clicking on "Grant access", copy paste the service account mail and assign roles from here)

3. Generate a credentials JSON file

To export a credentials JSON file follow these steps :

• Go to https://console.cloud.google.com/iam-admin/serviceaccounts

• Select you project

• Select your service account and on the “…” menu select “Manage keys”

• Then click on “Add key”>”Create new key”

• Select JSON then “Create”

• The key is automatically downloaded