Authentication Service Account

Description

Service accounts are accounts that do not represent a human user. They provide a way to manage authentication and authorization when a human is not directly involved, such as when an application needs to access Google Cloud resources. Service accounts are managed by IAM. [API reference]

Instructions

Follow these steps on how to create Service Account to authenticate and access Google Drive API in SSIS package or ODBC data source:

Step-1: Create project

This step is optional, if you already have a project in Google Cloud and can use it. However, if you don't, proceed with these simple steps to create one:

1. First of all, go to Google API Console.

2. Then click Select a project button and then click NEW PROJECT button:

   

3. Name your project and click CREATE button:

   

4. Wait until the project is created:

   
5. Done! Let's proceed to the next step.

Step-2: Enable Google Drive API

In this step we will enable Google Drive API:

1. Select your project on the top bar:

   

2. Then click the "hamburger" icon on the top left and access APIs & Services:

   

3. Now let's enable several APIs by clicking ENABLE APIS AND SERVICES button:

   

4. In the search bar search for drive and then locate and select Google Drive API:

   

5. Enable Google Drive API:

   
6. Done! Let's proceed to the next step.

Step-3: Create Service Account

Use the steps below to create a Service Account in Google Cloud:

1. First of all, go to IAM & Admin in Google Cloud console:

   

2. Once you do that, click Service Accounts on the left side and click CREATE SERVICE ACCOUNT button:

   

3. Then name your service account and click CREATE AND CONTINUE button:

   

4. Continue by clicking Select a role dropdown and start granting service account Project Viewer roles:

   

5. Find Project group and select Viewer role:

   

6. Finish adding roles by clicking CONTINUE button:

   
   You can always add or modify permissions later in IAM & Admin.

7. Finally, in the last step, just click button DONE:

   

8. Done! We are ready to add a Key to this service account in the next step.

Step-4: Add Key to Service Account

We are ready to add a Key (P12 certificate) to the created Service Account:

1. In Service Accounts open newly created service account:

   

2. Next, copy email address of your service account for the later step:

   

3. Continue by selecting KEYS tab, then press ADD KEY dropdown, and click Create new key menu item:

   

4. Finally, select P12 option and hit CREATE button:

   
5. P12 certificate downloads into your machine. We have all the data needed for authentication, let's proceed to the last step!

Step-5: Share Google Drive files and folders with Service Account

Now it's time to grant Google Drive read/write permissions to the created service account:

1. Login to https://drive.google.com with Google account credentials whose files/folders you want to share with the service account.

2. Select the file or folder, right-click on it, click Share menu item, and then hit Share subitem:

   

3. Share it with your service account:

   

4. Grant it appropriate permissions, e.g. Viewer or Editor (for reading or writing):

   
5. That's it! Let's proceed to the configuration!

Step-6: Configure connection

1. Now go to SSIS package or ODBC data source and configure these fields in Service Account authentication configuration:

   • In the Service Account Email field paste the service account Email address value you copied in the previous step.
   • In the Service Account Private Key Path (i.e. *.p12) field use downloaded certificate's file path.
2. Done! Now you are ready to use Google Drive Connector!

Parameters