Prerequisites

What e6data Provides :

You will receive a Service Account email from e6data, typically in this format:

[email protected]

What You Need

• IAM access to your GCP project with one of the following roles:

  • Project Owner

  • Security Admin

  • Storage Admin

• List of GCS buckets that e6data should access

Step 1: Choose Access Scope

Step 2: Grant Access

Option A: Bucket-Level Access (Recommended)

Method 1: Using gcloud CLI

Run the following for each bucket:

BUCKET_NAME="your-bucket-name"
E6DATA_SERVICE_ACCOUNT="[email protected]"

google cloud storage buckets add-iam-policy-binding gs://${BUCKET_NAME} \
    --member="serviceAccount:${E6DATA_SERVICE_ACCOUNT}" \
    --role="roles/storage.objectViewer"

Method 2: Using Google Cloud Console

1. Go to Cloud Console and select your project

2. Navigate to Cloud Storage → Buckets

3. Click on a bucket → Permissions → + Grant Access

4. Add the e6data service account

5. Assign the Storage Object Viewer role

6. Save changes

7. Repeat for other required buckets

Option B: Project-Level Access

CLI:

YOUR_PROJECT_ID="your-project-id"
E6DATA_SERVICE_ACCOUNT="[email protected]"

google cloud projects add-iam-policy-binding ${YOUR_PROJECT_ID} \
    --member="serviceAccount:${E6DATA_SERVICE_ACCOUNT}" \
    --role="roles/storage.objectViewer"

Console:

1. Go to IAM & Admin → IAM

2. Click + Grant Access

3. Add the e6data service account

4. Assign Storage Object Viewer role

5. Click Save

Step 3: Verify Access

CLI

# For bucket-level
google cloud storage buckets get-iam-policy gs://${BUCKET_NAME} | grep ${E6DATA_SERVICE_ACCOUNT}

# For project-level
google cloud projects get-iam-policy ${YOUR_PROJECT_ID} | grep ${E6DATA_SERVICE_ACCOUNT}

Console

• Bucket-level: Cloud Storage → Bucket → Permissions

• Project-level: IAM → Search for e6data service account → Confirm role

Permissions Granted