The Missing Guide To Setting Up Google Cloud Service Accounts For Google BigQuery

Google Services accounts provide access to resources within Google Cloud.

We have launched a code-free, zero-admin, fully automated data pipelines for Google BigQuery! Get started with Google BigQuery for free!

Google describes them as follows:

A service account is a special account that can be used by services and applications running on your Google Compute Engine instance to interact with other Google Cloud Platform APIs. Applications can use service account credentials to authorize themselves to a set of APIs.

Unfortunately, Google does not provide a simple guide to setting up a Service account, especially for BigQuery. This guide will walk you through the steps of creating a Service Account that allows access to BigQuery via API. If you are not a BigQuery user, Google does offer a free tier which is perfect to kick start your data efforts.

Getting Started

There are a few steps that you will need to care for before setting up BigQuery Service Account with Openbridge. Specifically:

1. Select the project you want to use within your Google Cloud Console. This is typically a drop-down menu in the Google Cloud console navigation
2. Enable your BigQuery API for the selected project
3. Create a Service Account and IAM policy that allows Openbridge to access BigQuery within your project

The process should take no more than 5 minutes. Let's get started!

Step 1: Enable The BigQuery API

Log in to Google Cloud. Next, verify that you have the BigQuery API enabled. If not, then enable it. Make sure you have selected the correct project in the nav.

https://console.developers.google.com/apis/library/bigquery-json.googleapis.com/

​Step 2: Create a Service Account

The next step is to configure a service account via IAM. You need to login to your Google Cloud console: https://console.cloud.google.com/

After you log in, select “IAM & admin” in the navigation panel.

​Next, select “Service accounts” and then “Create service account”

​This will pop open the Create Service Account window.

• A: Give your account a unique name
• B: Copy the “Service Account ID” as you will need this later. It will look something like this “openbridge-bigquery-data-1234567@appspot.gserviceaccount.com”
• C: Select “JSON” as the Key type

p.s. Don’t select a Role, we will do that later.

When you are ready select “CREATE”

Your service account JSON will be downloaded to your computer. The content of the file will look something like this:

{
  "type": "service_account",
  "project_id": "foo-baseme-139217",
  "private_key_id": "",
  "private_key": "",
  "client_email": "foo-baseme-139217@appspot.gserviceaccount.com",
  "client_id": "122211111111",
  "auth_uri": "https://accounts.google.com/o/oauth2/auth",
  "token_uri": "https://accounts.google.com/o/oauth2/token",
  "auth_provider_x509_cert_url": "https://www.googleapis.com/oauth2/v1/certs",
  "client_x509_cert_url": "https://www.googleapis.com/robot/v1/metadata/x509/foo-casing-139217%40appspot.gserviceaccount.com"
}

Keep this file in a safe place. Treat like you would a password. You will need this later for setting up BigQuery within Openbridge.

You should see your newly created Service Account listed:​

​Step 3: Adding Permissions To Your Service Account

Next, we need to add BigQuery permissions to your new service account.

In your Google Cloud console select “IAM & admin”->”IAM”

You will see the “ADD” option. This will allow you to set permissions for your new Service Account. Click “ADD”​.

​You will be presented a new window:

• A: Remember the Service Account ID we asked you to save? Enter it here. Paste the Service Account ID where it says “New members”
• B: Select the BigQuery Admin role​

Lastly, we need to also add the role of Project Viewer. This allows a service to list your available BigQuery Projects:

When you are done, select “SAVE”. Your new member and permissions for your BigQuery Project should be listed:

​Congrats! You just configured a Service Account that will allow Openbridge to deliver data to a BigQuery warehouse destination.

One Last Thing…Google Cloud Billing!

Some Google Cloud projects do not have billing enabled. You need to make sure your target project has it enabled. Without billing being active Google prevents us from being able to connect to BigQuery!

First, go to “Billing” in the Google Cloud Console:

Next, you will want to make sure Billing is active and configured. If it is not, turn Billing on.

​Here are reference docs from Google about setting up billing:

• How To Enable Billing
• Create, Modify, or Close Your Billing Account
• Modify Project Billing Settings

We have launched a code-free, zero-admin, fully automated data pipelines for Google BigQuery! Get started with Google BigQuery for free!

DWant to discuss how to leverage Google BigQuery for your organization? Need a platform and team of experts to kickstart your data and analytic efforts? We can help! Getting traction adopting new technologies, especially if it means your team is working in different and unfamiliar ways, can be a roadblock for success. This is especially true in a self-service only world. If you want to discuss a proof-of-concept, pilot, project or any other effort, the Openbridge platform and team of data experts are ready to help.

Reach out to us at hello@openbridge.com. Prefer to talk to someone? Set up a call with our team of data experts.

Visit us at www.openbridge.com to learn how we are helping other companies with their data efforts.