Google Biquery is a public cloud data warehouse from Google.
Castled enables you to leverage the customer 360 data in your BigQuery to engage
your customers across different channels like Email, SMS, Push and In-app
notifications.
For the castled connection to work, the account provided to Castled must have
the below permissions
Permission to create a new dataset ‘castled’ and full admin access to all the
tables/views with in that dataset. This includes permission to
create/update/delete and write to these tables and create jobs within this
dataset.
READ ONLY access for any dataset you want Castled to sync the data with the
destination app. This will allow read only access on all the tables/views
with in that dataset.
BigQuery manages permissions using Identity & Access Management (IAM)
mechanism.When an identity calls a Google Cloud API, BigQuery requires that the
identity has the appropriate permissions to use the resource. You can grant
permissions by granting roles to a user, a group, or a service account.For the
above mentioned permissions Castled needs the below roles
bigquery.dataViewer - This role gives read only access to all the
datasets and the tables/views inside these datasets at the project or
organisation level.
bigquery.user - This role allows Castled to create new datasets and here
it will allow us to create the ‘castled’ dataset.This grants castled
bigquery.dataowner role on this ‘castled’ dataset created.
We recommend giving the above mentioned roles when you are creating a BigQuery
connection. If your policy don’t allow giving these roles, then we recommend
giving the below fine grained permissions for the Castled service account.
bigquery.dataViewer - This role gives read only access to all the
datasets and the tables/views inside these datasets at the project or
organisation level.
Manually create the ‘castled’ dataset and give Castled service account
bigquery.dataOwner role on this dataset.
Give Castled service account bigquery.jobs.create permission (via a
custom role) at the project level. This will enable us to run jobs with in
the project.
Refer this link for
more details on IAM related roles and permissions.
GCS Bucket Name:
Name of the
bucket to be used for the sync.
Dataset Location: Location of your bucket.When you create a bucket, you
permanently define its geographic location, which is the physical place where
object data in the bucket resides.
When using the Castled recommended permissions, once you enter the above
mentioned configuration details, you will be prompted the three commands to be
mandatorily run in your Google Cloud Shell in the Google Cloud Console before
clicking the Submit button of the Configuration screen.