Private Key Integration
- 18 Sep 2023
- DarkLight
- PDF
Private Key Integration
- Updated On 18 Sep 2023
- DarkLight
- PDF
Article Summary
Share feedback
Thanks for sharing your feedback!
To connect your data from GCS bucket as a Dataloop dataset, follow the setup instructions.
Create an IAM Role
- Log in to the Google Cloud Console.
- From the left portal menu, select the IAM & admin > Roles.
- Click +Create Role.
- Enter a role Title.
- (Optional) Enter a Description.
- (Optional) Enter a role ID. By default, the role id is generated.
- Click +Add Permissions, then search for and add the following permissions:
storage.objects.createstorage.objects.deletestorage.objects.getstorage.objects.liststorage.buckets.get
Note: The
storage.objects.delete permission allows the Dataloop platform to delete dataset items. For more information, see the Downstream section.- Click Create.
Tip
- See Create and manage custom roles for more information on creating an IAM role in GCP.
- To display Roles information, you must select a project in the Google Cloud Console. If not available, create a project.
Create a Service Account
- Log in to the Google Cloud Console.
- From the left portal menu, select the IAM & admin > Service accounts.
- Click +Create service account.
- (Optional) Enter a Name and Description for the account.
- Click Create and continue.
- Click Done to create the service account.
Tip: See Create service accounts for more information on creating a service account in GCP.
Create a Private Key for the Service Account
- Log in to the Google Cloud Console.
- From the left portal menu, select the IAM & admin > Service accounts.
- Find the desired service account for which you want to add a private key, and click on its name to open its details.Note: The Service Account you recently created.
- Select the Keys tab.
- Click Add key.
- Click Create new key from the list. A popup window is displayed.
- Ensure the Key type is in JSON format.
- Click Create. The "Private key saved to your computer" message is displayed.
Note
- Use the key to authenticate as the service account on the Dataloop platform.
- Save the JSON file in a convenient location, it is required at the integration phase.
Create a Cloud Storage Bucket
- Log in to Google Cloud Console.
- From the left portal menu, go to the Cloud Storage > Buckets.
- Click Create bucket.
- Enter a Name for the storage bucket.
- Click Continue.
- In the Choose where to store your data, select a location for the bucket.
- Click Continue.
- Click Create bucket.
Note: For all other optional settings, use the default values.
Grant Permissions to the Cloud Storage Bucket
- Log in to Google Cloud Console.
- From the left portal menu, go to the Cloud Storage > Buckets.
- Select the Storage bucket for which you want to add permissions, and then click on it.
- Select the Permissions tab.
- Click Grant access. The Add principals dialog box appears.
- Under the Add principals, add your Service account principal.
- Under the Assign roles, choose custom and choose the role you recently created.
- Click Save. A confirmation message is displayed.
Tip: See Use IAM with buckets for more information on adding permissions to a storage bucket in GCP.
Create a GCS Integration on the Dataloop platform
- Log in to the Dataloop platform.
- From the left portal menu, select Integrations.
- Click Create New Integration.
- Enter a Name for the integration.
- Select Google Cloud Storage from the Integration Type list.
- Click Import JSON file, and import the GCS Private Key JSON file that you downloaded.
- Click Create. A confirmation message is displayed.
Create a GCS Storage Driver on the Dataloop Platform
For more information, see the Create a GCS Storage Driver on the Dataloop Platform topic.