Setting up a Google Big Query Connector
Last updated
Was this helpful?
Last updated
Was this helpful?
The Google Big Query connector allows you to connect your Google Big query cloud account to Toucan.
You will need to have access to a account with a you would like to use in Toucan. Consult Google Cloud Platform documentation for how to . This project should have a BigQuery dataset for Toucan to connect to.
To enable Toucan to access your BigQuery dataset, you will first require a JSON file. Service accounts are designed for non-human users, such as applications like Toucan, to and their API requests.
Here's a step-by-step process for creating the service account JSON file, as outlined in Google's documentation for for your BigQuery dataset:
Create a Service Account:
Access your Google Cloud Platform project console.
In the main sidebar menu on the left, navigate to the IAM & Admin section.
Select "Service account" Existing service accounts, if any, will be listed.
At the top of the screen, click on "+ CREATE SERVICE ACCOUNT."
Fill Out Service Account Details:
Provide a name for the service account.
Add a description (the service account ID will be generated once you provide a name).
Click the "Create" button to create the service account.
Grant Access to the Service Account:
To allow Toucan to view and run queries on your dataset, you need to assign roles to the service account.
Ensure that you assign the following roles to the service account:
BigQuery Data Viewer
BigQuery Metadata Viewer
BigQuery Job User (distinct from BigQuery User)
For more detailed information on roles in BigQuery, consult .
Create a Key:
Once you've assigned the necessary roles to the service account, click on the "Create Key" button.
Choose JSON as the key type.
The JSON file containing the credentials will be downloaded to your computer.
The key can be downloaded only once. If you delete it, you will need to create a new service account with identical roles to obtain another key.
Click on Add connector
Fill out the form with the following info:
NAME
: a name to retrieve your data connector such as "my-google_big_query_connector"
In GOOGLECREDENTIALS
part, use the information, you will find in your service_account json file you have generated earlier:
SERVICE ACCOUNT
: service_account
PROJECT ID
: paste the project id value you will find in your service account json file
PRIVATE KEY ID
: paste the private key id value you will find in your service account json file
PRIVATE KEY
: paste the private key value you will find in your service account json file
CLIENT EMAIL
: paste the client email value you will find in your service acount json file
CLIENT ID
: paste the client id value you will find in your service account json file
AUTHENTICATION URI
: paste the authentication URI value you will find in your service account json file
TOKEN URI
: paste the token URI value you will find in your service account json file
AUTHENTICATION PROVIDER X509 CERTIFICATE URL
: paste the authentication provider X509 certificate URL value you will find in your service account json file
CLIENT X509 CERTIFICATION URL
: paste the client X509 certification URL value you will find in your service account json file
Once you have filled all the fields, you can click on SAVE
We offer an alternative way to connect to Google Big Query where you can craft a JWT token and transmit this JWT token to Toucan, where it will be used to access your Google Big Query dataset.
Once you have generated the token.
Click on Add connector
Click on JWTCredentials
In JWTCredentials
, you have two fields to fill:
PROJECT ID
: corresponding to the id of your Google Big Query project
JSON WEB TOKEN (JWT) SIGNED
: corresponding to your JWT token you obtain by signing it with your service account json
Once you have filled the fields, you can click on SAVE
Select a DB_schema
Select a Table
Only keep the columns you need
Dialect
: Tick this case if you want to select a specific dialect used by your server between legacy
and standard
as query standard more information on this . By default we use standard standard
OAuth scopes
: OAuth 2.0 scopes define the level of access you need to request the Google APIs for more information see this
After selecting data from your connector you will be able to create a dataset thanks to using the selection as "source step".