Learn how to authorize RAW to read Google Cloud.
How to create
This set up should work for any Google Cloud API that uses OAuth2.0
Enable the API under the Project
To access a Google Cloud API we will need a Google Service Account, and genereate a Service Account Key. A service account is a special type of Google account intended to be used by an non-human user to authenticate and be authorized to access data in Google APIs.
For more information about this type of credential please check the guides from Google IAM documentation :
Creating a Service Account and Service Account Key
- Open the Service accounts page. If prompted, select a project. Then click "Create Service Account".
Enter a name and description for the service account. The steps "Grant this service account access to project" and "Grant users access to this service account" are optional. When done click "Done".
After creating your the service account, we need to generate a key. Click on the newly created service account.
- Select the "Keys" tab, click on "Add Key" at the bottom and select "Create new key".
- Select JSON and click Create. Remember where this file was downloaded, we will need it later in the registration process.
Configure the Google Service with Permissions for the Service Account
Each Google Service will have a different mechanism to add users and permission them. The Service Account just created will need to be added as a User of that Google Service. Please refer to the documentation of the API / Service. More information can be found in: Manage access to service accounts.
Registering the Credential in RAW
- In the RAW Administration Console, click on "Repositories" -> "Credentials" and click on the Google icon.
- Enter the Name for the Credential, and a Scope for this Credential - For a list of available Scopes for Google Cloud APIs see: OAuth 2.0 Scopes for Google APIs. Then Click on "Load from file" to import the values from the JSON file downloaded earlier. Lastly, save the Credential.