Skip to main content

Google Cloud

Prepare the storage

First, create a new service account, for example in the Cloud Console. Then grant write permissions on the bucket to this service account. This can be done under the PERMISSIONS tab on the bucket's details page. Choose for example Storage Legacy Bucket Writer as role and the newly created service account as principal.

On the details page of the service account, under the KEYS tab, select ADD KEY, Create new key and choose key type JSON. After creation, the JSON credentials file is downloaded. These are the credentials required when creating the data connector in the next section.

Make sure you have a file named gcs.json in your current directory, containing the service account credentials of the service account to use for writing to the bucket.

The contents should look something like:

"type": "service_account",
"project_id": "***",
"private_key_id": "***",
"private_key": "-----BEGIN PRIVATE KEY-----\n***\n-----END PRIVATE KEY-----\n",
"client_email": "***@***",
"client_id": "***",
"auth_uri": "",
"token_uri": "",
"auth_provider_x509_cert_url": "",
"client_x509_cert_url": "***"

Create the data connector

A Google Cloud Storage Data Connector can be created with the following command, pointing to the credentials file:

strm create data-connector gcs my-gcs strmprivacy-export-demo --credentials-file=gcs.json
"ref": {
"name": "my-gcs",
"projectId": "30fcd008-9696-...."
"googleCloudStorageBucket": {
"bucketName": "strmprivacy-export-demo"

This will create a data connector named my-gcs for the bucket strmprivacy-export-demo, using the provided credentials.