Banty
Reputation: 971
Service account role for a Google Cloud Function that uploads data to BigQuery
I have a cloud function that reads files from Cloud Storage and uploads the data to BigQuery. I want to create a service account for this function to run under. What specific and appropriate roles should be given to the service account for the function to complete these operations?
Upvotes: 0
Views: 206
Answers (1)
Fony Lew
Reputation: 534
Here are the roles you need for the service Account,
Read files from Cloud Storage:
- Storage Object Viewer (assuming uniform permission bucket)
Write to BigQuery table:
- BigQuery Data Editor
Also, make sure that it has the right permission at the dataset level. If you want the Cloud Function to be able to query, you might need to add BigQuery User permission.
Reference: Access Control with IAM | BigQuery
Upvotes: 4
Related Questions
- Bigquery service account restricted to a dataset
- How can I add roles to service account in GCP?
- Google Function service account
- service account roles to deploy google cloud function
- How to use Service Accounts with gsutil, for uploading to CS + BigQuery
- Upload data from GCS to Bigquery using service account in Cloud Functions
- Scope of Service Account in GCP
- Required IAM roles to set service account to an existing scheduled query
- Adding service account to Cloud Function on GCP
- How to use GCP service account in Google Cloud Function?