Product UpdatesStatus PageAutomation Institute
English
Get a trial
Connectivity
App Connectors

# Google Cloud Storage

Google Cloud Storage (opens new window) is a RESTful online storage service for securely storing and accessing data on the Google Cloud Platform infrastructure.

# API version

This connector uses the Cloud Storage JSON API v1 (opens new window).

ENABLE THE GOOGLE CLOUD STORAGE API

Ensure the Google Cloud Storage API is enabled in the Google Cloud Console. If the API isn’t already enabled, refer to the Google Cloud documentation (opens new window) for instructions on how to enable it in your project.

Enable Google Cloud Storage API in the Google Cloud Platform Enable Google Cloud Storage API in the Google Cloud Platform

# How to connect to Google Cloud Storage

The Google Cloud Storage connector supports service account authentication.

# What is a Google service account?

A Google service account is a specialized Google account associated with your Google Cloud Project, designed to handle API requests on your behalf. Service accounts are useful for ensuring that automations continue running even if individual users' permissions change.

# Create a service account

Complete the following steps to create a service account:

1

Sign in to the Google Cloud Platform (GCP) console and create a new service account in your GCP project (opens new window).

PERMISSIONS

You must select one of the following IAM roles for your service account when configuring the Grant the service account access to the project step:

  • Storage Admin (recommended for full access to actions and triggers)
  • Storage Object Admin
  • Storage Object Viewer

Skipping this step can prevent you from establishing a connection successfully.

Refer to the Permissions section for more information.

2

Add a new private key (opens new window).

3

Download the key in JSON format. Store this file securely, as it cannot be retrieved later.

# Connect to Workato

1

Sign in to Workato and select the project where you plan to create your connection.

2

Click Create > Connection.

3

Search for and select Google Cloud Storage on the New connection page.

4

Enter a name for your connection in the Connection name field.

Connect to Google Cloud StorageConnect to Google Cloud Storage

5

Use the Location drop-down menu to select the project where you plan to store this connection.

6

Enter a valid Google Cloud Platform project ID in the Project identifier field. You can find the project ID in the Google Cloud Console (opens new window) by clicking Select a project in the navigation menu.

7

Enter the email address of the service account in the GCS Project service account email field.

8

Provide the private key from the downloaded JSON file in the Private key field.

PRIVATE KEY

You must copy the private key from -----BEGIN PRIVATE KEY----- to -----END PRIVATE KEY-----.

9

Optional. Enter a comma-separated list of buckets the connection can access in the Restrict to bucket field. For example, bucket-1,bucket2.

10

Optional. Expand Advanced settings and use the Requested permissions (OAuth scopes) drop-down menu to select the permissions to request for this connection.

11

Click Sign in with Google.

# Permissions

The recommended service account role for using all actions and triggers is Storage Admin.

To limit the available actions for your Google Cloud Storage connection, you can select a role with a narrower scope:

  • Storage Object Admin: Limits actions to Google Cloud Storage objects.
  • Storage Object Viewer: Restricts actions to viewing and downloading Google Cloud Storage objects only.
  • Custom role: Use custom roles (opens new window) to define specific permissions for your Google Cloud Storage connection.

The following permissions are required to enable all actions and triggers:

  • firebase.projects.get
  • resourcemanager.projects.get
  • resourcemanager.projects.list
  • storage.buckets.create
  • storage.buckets.createTagBinding
  • storage.buckets.delete
  • storage.buckets.deleteTagBinding
  • storage.buckets.get
  • storage.buckets.getIamPolicy
  • storage.buckets.list
  • storage.buckets.listTagBindings
  • storage.buckets.setIamPolicy
  • storage.buckets.update
  • storage.multipartUploads.abort
  • storage.multipartUploads.create
  • storage.multipartUploads.list
  • storage.multipartUploads.listParts
  • storage.objects.create
  • storage.objects.delete
  • storage.objects.get
  • storage.objects.getIamPolicy
  • storage.objects.list
  • storage.objects.setIamPolicy
  • storage.objects.update

However, during connection setup, Workato retrieves all buckets associated with the project. Therefore, the minimum required permission to establish a connection is storage.buckets.list.

Refer to IAM permissions for Cloud Storage (opens new window) for more information.

INSUFFICIENT PRIVILEGES

Actions for this connector return an access error if the connection attempts to retrieve or update a resource beyond the access that is provided.

# More resources

Update task action
Create bucket


Last updated: 11/6/2024, 2:30:27 AM

On this page