LogoLogo
  • Getting Started
    • Welcome to Teleskope.ai
    • Your Journey with Teleskope
  • The Platform
    • Data Catalog
    • Data Subject Rights
      • Integrations
      • Enroll Third Party Integrations
        • Amplitude
        • Google Analytics
        • Salesforce
        • Bazaar Voice
      • Enroll Structured Databases
      • Deletion Methods
    • Policy Maker
    • Issues
    • API Service
      • Scanning API
        • v1/classify
        • v1/classifyCollection
        • v1/scan
      • Redaction API
        • v1/scrub
      • Data Subject Rights
        • GET v1/dsr/requests
        • POST v1/dsr/requests
      • Metadata
        • v1/aws/rds
        • v1/aws/s3
        • v1/snowflake
        • v1/snowflake/users
        • v1/gcp/bigquery
        • v1/gcp/cloudstorage
        • v1/gcp/cloudsql
  • Setup
    • Deployment
    • Role Based Access Control
    • SSO
      • Okta
      • Microsoft Entra
      • Google Auth
  • Specifications
    • Data Store Coverage
    • Compliance Frameworks
    • Redaction Methodologies
    • Data Elements
  • Connectors
    • AWS
      • Athena
      • RDS
      • DynamoDB
      • Redshift
      • S3
      • SNS
      • SQS
    • GCP
      • Cloud Storage
      • Grant Teleskope Access to BigQuery
      • CloudSQL
      • Grant Teleskope Access to CloudLogging
    • SaaS
      • Github
      • Google Drive
      • Jira
      • Segment
      • Zendesk
      • DropBox
      • Box
      • Bitbucket
      • Slack
      • Sharepoint Online
    • Snowflake
    • Azure
      • Azure SQL
      • Azure Database
      • Blob Storage
      • CosmosDB
      • Synapse
    • Databricks
  • DSR
  • Alerting Integrations
    • Slack
    • Tines
Powered by GitBook
On this page
  • Grant Teleskope Access to CloudStorage
  • Create a PubSub Topic:
  • Terraform

Was this helpful?

  1. Connectors
  2. GCP

Cloud Storage

Grant Teleskope Access to CloudStorage

Attach the following roles to the Teleskope service account you created:

  • roles/storage.objectViewer

  • roles/pubsub.subscriber

  • roles/pubsub.viewer

Create a PubSub Topic:

In order for Teleskope to capture new objects without causing a full scan each time, you will need to create a PubSub topic and subscriber.

Terraform

Variable
Description
Example

project_id

(Required) Your GCP Project ID

"my-project-id

resource "google_project_iam_member" "teleskope" {
  for_each = toset([
    "roles/storage.objectViewer",
    "roles/pubsub.subscriber",
    "roles/pubsub.viewer"
  ])
  project = "project_id"
  role    = each.key
  member = "serviceAccount:${google_service_account.teleskope.email}"
}

resource "google_pubsub_topic" "pubsub_teleskope" {
  project = "project_id"
  name = "teleskope"
}

resource "google_pubsub_subscription" "pubsub_teleskope" {
  name  = "teleskope"
  project = "project_id"
  topic = "${google_pubsub_topic.pubsub_teleskope.name}"
}

For each bucket, please set up cloud storage notifications to the topic created above.

data "google_storage_project_service_account" "gcs_account" {
}

resource "google_storage_notification" "notification" {
  bucket         = "bucket_name"
  payload_format = "JSON_API_V1"
  topic          = "${google_pubsub_topic.pubsub_teleskope.name}"
  event_types    =  ["OBJECT_FINALIZE", "OBJECT_METADATA_UPDATE"]

  depends_on = [google_pubsub_topic_iam_binding.binding]
}

resource "google_pubsub_topic_iam_member" "pubsub_member" {
  member = "serviceAccount:${data.google_storage_project_service_account.gcs_service_account.email_address}"
  role    = "roles/pubsub.publisher"
  topic   = google_pubsub_topic.pubsub_teleskope.id
}
PreviousGCPNextGrant Teleskope Access to BigQuery

Was this helpful?