search

GCP

hashtag
Create Teleskope Service Account

Create a Teleskope service account in your GCP project. For BigQuery, we have downloadable Terraform scripts here that create everything below.

hashtag
Terraform

Variable
Description
Example

project_id

(Required) Your GCP Project ID

"my-project-id"

resource "google_service_account" "teleskope" {
  account_id   = "teleskope"
  display_name = "Teleskope Read Only User"
  project      = "{project_id}"
}

hashtag
Grant Resource Manager Read Access to Teleskope Service Account

Grant the following resource manager permissions to the Teleskope service account you created above:

  • resourcemanager.projects.list

  • resourcemanager.projects.get

  • resourcemanager.folders.get

  • resourcemanager.folders.list

  • resourcemanager.organizations.get

  • compute.regions.list

hashtag
Terraform

Variable
Description
Example

org_id

(Required) Your GCP Org ID

"130342390179"

hashtag
Configure Workload Identity Federation (Saas Only)

Teleskope Saas is run in an isolated AWS account. In order to grant Teleskope the ability to connect to GCP, you will need to configure workload identity federation.

hashtag
Create Workload Identity Federation Pool

Go to https://console.cloud.google.com/arrow-up-right > Workload Identity Federation > Create Pool

  • Name: teleskope-pool

  • Pool id : teleskope-pool

  • Provider:

    • Select Provider: AWS

    • Provider Name: teleskope-provider

    • AWS Account: {origin_aws_account_id}

hashtag
Grant Access to Teleskope Service Account

Once pool is created, click Grant Access, and select the Teleskope service account you created above.

hashtag
Terraform

Variable
Description
Example

origin_aws_account_id

(Required) AWS Account ID where Teleskope is deployed.

"012345678912"

project_id

(Required) Your GCP Project ID

"my-project-id"

PreviousCosmosDBNextBigQuery

Last updated

Was this helpful?