Skip to content

GCS Account Authorization

This article describes how to authorize GCS using a service account key (JSON).

Step 1: Create a Service Account

  1. Log in to Google Cloud Console;
  2. Go to IAM & Admin > Service Accounts;
  3. Click Create Service Account;
  4. Fill in the name (e.g., guance-forward), click Create and Continue;
  5. The role step can be skipped (no authorization at the project level), click Done directly.

Step 2: Authorize the Bucket

  1. Go to Cloud Storage > Buckets > Select the target Bucket;
  2. Switch to the Permissions tab;
  3. Click Grant Access;
  4. Enter the email of the service account you just created;
  5. Select the role Storage Object Admin (or a custom role, including storage.objects.create/get/list and storage.buckets.get);
  6. Save.

Step 3: Create a JSON Key

  1. Go to IAM & Admin > Service Accounts;
  2. Click on the target service account;
  3. Select the Keys tab > Add Key > Create New Key;
  4. Select JSON format, click Create;
  5. The key file will be downloaded automatically, please save it securely (it cannot be downloaded again).

Step 4: Configure in Guance

  1. Select Google Cloud GCS > Account Authorization;
  2. Open the downloaded JSON file, copy the entire content and paste it into the text field;
  3. Fill in the region, bucket, and storage path;
  4. Test the connection.

Feedback

Is this page helpful? ×