BigQuery

Steps

Create a dedicated service account with the right set of permissions
Generate a credentials JSON file

1. Service account creation and permissions

We recommend using a dedicated service account with the appropriate set of permissions.

To create a service account follow these steps :

Go to https://console.cloud.google.com/iam-admin/serviceaccounts
Select you project
Click on “Create service account”

Input the necessary informations : service account name, service account id (automatically generated), description. Click on “Create and continue”

You can either define access right now or do it from the IAM menu later.
- If you do it now give the following roles to the service account : bigquery.jobUser and bigquery.metadataViewer

Validate by clicking “Done”

If you want to Edit the service account roles go to https://console.cloud.google.com/iam-admin/iam, select the service account from the list and edit roles by clicking on the pencil on the right side.

(If the service account does not appear in the list, try clicking on "Grant access", copy paste the service account mail and assign roles from here)

Note you need to have at least the roles/iam.serviceAccountAdmin role to perform these actions

2. Generate a credentials JSON file

To export a credentials JSON file follow these steps :

Go to https://console.cloud.google.com/iam-admin/serviceaccounts
Select you project
Select your service account and on the “…” menu select “Manage keys”
Then click on “Add key”>”Create new key”

Select JSON then “Create”
The key is automatically downloaded

Note you need to have at least the roles/iam.serviceAccountKeyAdmin role to perform these actions

PreviousPreliminary setup NextCreate data warehouse

Last updated 2 months ago

Was this helpful?