Decube
Search
⌃K
Links

Google Big Query

Adding Google Big Query to your decube connections helps your team to find relevant datasets, understand their quality via incident monitoring and apply governance policies via our data catalog.
Connecting to Big Query requires following the steps below to completed.
Connect Big Query

Prerequisite

To ensure a smooth experience configuring the connection.
  1. 1.
    Having access to the Project that contains the intended BigQuery.
  2. 2.
    An account that is able to view and create Service Accounts​

Creating decube Data Observability Role

A custom role for the decube service account is required to ensure we have correct access to the resources we need.
  1. 1.
    From the dashboard, click the hamburger (three lines indicating a menu), the top left of the browser next to the Google Cloud logo, and Search for IAM and Admin.
  2. 2.
    Find Roles and at the top, below the search bar, click + Create Role.
  3. 3.
    Fill in Roles as below
  • Title: decube data observability
  • ID: decube
  • Role launch Stage: General Availability
  1. 1.
    Click on Add permission, a popup will be displayed. Then on Enter property name or value type each of the permissions below, press enter and click on the checkbox to assign that permission to the decube data observability role.
bigquery.datasets.get
bigquery.datasets.getIamPolicy
bigquery.jobs.create
bigquery.jobs.get
bigquery.jobs.list
bigquery.jobs.listAll
bigquery.readsessions.create
bigquery.readsessions.getData
bigquery.readsessions.update
bigquery.routines.get
bigquery.routines.list
bigquery.tables.get
bigquery.tables.getData
bigquery.tables.list
resourcemanager.projects.get
storage.buckets.get
storage.buckets.list
storage.objects.get
storage.objects.list
  1. 1.
    When you are done assigning permissions, click Add to exit the popup, on Assigned Permission table, review the permissions granted to match above requirements.
  2. 2.
    Click Create.

Getting a Service Account JSON Key File

For decube to connect with BigQuery, a JSON key file is required from a Service Account with the proper Roles assigned to it.
  1. 1.
    From the dashboard, click the hamburger (three lines indicating a menu), the top left of the browser next to the Google Cloud logo, and Search for API's and Services.
  2. 2.
    On that page, click on Credentials, at the top, click + Create Credentials and then select Service account.
  3. 3.
    Fill in the Service account details form, we recommend
  • Service account name: decube,
  1. 1.
    Click Create and Continue.
  2. 2.
    On Grant this service account access to project, click on Select a role, the on the _Filter _ search, type decube data observability created previously and click to assign this role to the service account. Click Continue.
  3. 3.
    Skip Grant users access to this service account form and click Done.
  4. 4.
    On the Service Account page you will see a Service Account named decube, click on it.
  5. 5.
    On the options below the Service Account name, click on Keys
  6. 6.
    Click Add Key and then select Create new key from the drop-down.
  7. 7.
    For the Key Type, choose JSON and click Create.
  8. 8.
    You will automatically download the JSON file and can refer to the location of the file on your browser, save it somewhere easily accessible like your Desktop.