How to setup Google Cloud Storage bucket with Terra

TiredDeer9 months ago

Good morning. We would like to use Google Cloud Provider's storage bucket solution (GCS on Terra Dashboard) to store all incoming Terra payloads. When we go to add the destination on dashboard, a file upload icon appears asking for a permissions certificate. Where do we get this certificate?

terra

Elliottadmin9 months ago

Hello there,

The JSON permission certificate is how Google Cloud Provider allows third parties like Terra authenticate and upload files to GCP GCS - it is best practice to create a service account with only the necessary principals and create a certificate . To generate the certificate, open your GCP project and in the sidebar, navigate to [IAM and Admin > Service accounts > Select an Account > Keys] and hit the button that says + Add Key then choose JSON. Then upload this certificate on the Terra dashboard; if the certificate is valid, the modal will close without outputting an error message.


TiredDeer9 months ago

What are the minimal permissions needed to write the bucket? Only a certificate with admin access seems to work for us.


terra

Elliottadmin9 months ago

The service account for which the certificate/key is made for, must have the role "Storage Object User" over the project or that resource (bucket)


Cookie Preferences

Essential CookiesAlways On
Advertisement Cookies
Analytics Cookies

Crunch Time: Embrace the Cookie Monster Within!

We use cookies to enhance your browsing experience and analyse our traffic. By clicking “Accept All”, you consent to our use of cookies according to our Cookie Policy. You can change your mind any time by visiting out cookie policy.