BigQueryConnectionConnection
| Property | Value |
|---|---|
| Google Cloud Service Name | BigQuery Connection |
| Google Cloud Service Documentation | /bigquery/docs/ |
| Google Cloud REST Resource Name | v1beta1.projects.locations.connections |
| Google Cloud REST Resource Documentation | bigqueryconnection/rest/v1/projects.locations.connections |
| Config Connector Resource Short Names | gcpbigqueryconnectionconnection gcpbigqueryconnectionconnections bigqueryconnectionconnection |
| Config Connector Service Name | bigqueryconnection.googleapis.com |
| Config Connector Resource Fully Qualified Name | bigqueryconnectionconnections.bigqueryconnection.cnrm.cloud.google.com |
| Can Be Referenced by IAMPolicy/IAMPolicyMember | No |
| Config Connector Default Average Reconcile Interval In Seconds | 600 |
Custom Resource Definition Properties
Spec
Schema
aws: accessRole: iamRoleID: string azure: customerTenantID: string federatedApplicationClientID: string cloudResource: {} cloudSQL: credential: secretRef: name: string namespace: string databaseRef: external: string name: string namespace: string instanceRef: external: string name: string namespace: string type: string cloudSpanner: databaseRef: external: string name: string namespace: string databaseRole: string maxParallelism: integer useDataBoost: boolean useParallelism: boolean useServerlessAnalytics: boolean description: string friendlyName: string location: string projectRef: external: string kind: string name: string namespace: string resourceID: string spark: metastoreService: metastoreServiceRef: external: string name: string namespace: string sparkHistoryServer: dataprocClusterRef: external: string name: string namespace: string | Fields | |
|---|---|
|
Optional |
Amazon Web Services (AWS) properties. |
|
Required* |
Authentication using Google owned service account to assume into customer's AWS IAM Role. |
|
Required* |
The user’s AWS IAM Role that trusts the Google-owned AWS IAM user Connection. |
|
Optional |
Azure properties. |
|
Required* |
The id of customer's directory that host the data. |
|
Optional |
The client ID of the user's Azure Active Directory Application used for a federated connection. |
|
Optional |
Use Cloud Resource properties. |
|
Optional |
Cloud SQL properties. |
|
Required* |
Cloud SQL credential. |
|
Optional |
The Kubernetes Secret object that stores the "username" and "password" information. The Secret type has to be `kubernetes.io/basic-auth`. |
|
Required* |
The `metadata.name` field of a Kubernetes `Secret` |
|
Optional |
The `metadata.namespace` field of a Kubernetes `Secret`. |
|
Required* |
Reference to the SQL Database. |
|
Optional |
The SQL Database name, when not managed by Config Connector. |
|
Optional |
The `name` field of a `SQLDatabase` resource. |
|
Optional |
The `namespace` field of a `SQLDatabase` resource. |
|
Required* |
Reference to the Cloud SQL instance ID. |
|
Optional |
The SQLInstance selfLink, when not managed by Config Connector. |
|
Optional |
The `name` field of a `SQLInstance` resource. |
|
Optional |
The `namespace` field of a `SQLInstance` resource. |
|
Required* |
Type of the Cloud SQL database. |
|
Optional |
Cloud Spanner properties. |
|
Required* |
Reference to a spanner database ID. |
|
Optional |
A reference to an externally managed SpannerDatabase resource. Should be in the format "projects/{{projectID}}/instances/{{instanceID}}/databases/{{databaseID}}". |
|
Optional |
The name of a SpannerDatabase resource. |
|
Optional |
The namespace of a SpannerDatabase resource. |
|
Optional |
Optional. Cloud Spanner database role for fine-grained access control. The Cloud Spanner admin should have provisioned the database role with appropriate permissions, such as `SELECT` and `INSERT`. Other users should only use roles provided by their Cloud Spanner admins. For more details, see [About fine-grained access control] (https://cloud.google.com/spanner/docs/fgac-about). REQUIRES: The database role name must start with a letter, and can only contain letters, numbers, and underscores. |
|
Optional |
Allows setting max parallelism per query when executing on Spanner independent compute resources. If unspecified, default values of parallelism are chosen that are dependent on the Cloud Spanner instance configuration. REQUIRES: `use_parallelism` must be set. REQUIRES: Either `use_data_boost` or `use_serverless_analytics` must be set. |
|
Optional |
If set, the request will be executed via Spanner independent compute resources. REQUIRES: `use_parallelism` must be set. NOTE: `use_serverless_analytics` will be deprecated. Prefer `use_data_boost` over `use_serverless_analytics`. |
|
Optional |
If parallelism should be used when reading from Cloud Spanner |
|
Optional |
If the serverless analytics service should be used to read data from Cloud Spanner. Note: `use_parallelism` must be set when using serverless analytics. |
|
Optional |
User provided description. |
|
Optional |
User provided display name for the connection. |
|
Required* |
Immutable. |
|
Required* |
The Project that this resource belongs to. |
|
Optional |
The `projectID` field of a project, when not managed by Config Connector. |
|
Optional |
The kind of the Project resource; optional but must be `Project` if provided. |
|
Optional |
The `name` field of a `Project` resource. |
|
Optional |
The `namespace` field of a `Project` resource. |
|
Optional |
Immutable. Optional. The BigQuery Connection ID used for resource creation or acquisition. For creation: If specified, this value is used as the connection ID. If not provided, a UUID will be generated and assigned as the connection ID. For acquisition: This field must be provided to identify the connection resource to acquire. |
|
Optional |
Spark properties. |
|
Optional |
Optional. Dataproc Metastore Service configuration for the connection. |
|
Optional |
Optional. Resource name of an existing Dataproc Metastore service. Example: * `projects/[project_id]/locations/[region]/services/[service_id]` |
|
Optional |
A reference to an externally managed MetastoreService resource. Should be in the format "projects/{{projectID}}/locations/{{location}}/services/{{serviceID}}". |
|
Optional |
The name of a MetastoreService resource. |
|
Optional |
The namespace of a MetastoreService resource. |
|
Optional |
Optional. Spark History Server configuration for the connection. |
|
Optional |
Optional. Resource name of an existing Dataproc Cluster to act as a Spark History Server for the connection. Example: * `projects/[project_id]/regions/[region]/clusters/[cluster_name]` |
|
Optional |
A reference to an externally managed DataprocCluster resource. Should be in the format "projects/{{projectID}}/regions/{{region}}/clusters/{{clusterName}}". |
|
Optional |
The name of a DataprocCluster resource. |
|
Optional |
The namespace of a DataprocCluster resource. |
* Field is required when parent field is specified
Status
Schema
conditions: - lastTransitionTime: string message: string reason: string status: string type: string externalRef: string observedGeneration: integer observedState: aws: accessRole: identity: string azure: application: string clientID: string identity: string objectID: string redirectUri: string cloudResource: serviceAccountID: string cloudSQL: serviceAccountID: string description: string friendlyName: string hasCredential: boolean spark: serviceAccountID: string | Fields | |
|---|---|
conditions |
Conditions represent the latest available observations of the object's current state. |
conditions[] |
|
conditions[].lastTransitionTime |
Last time the condition transitioned from one status to another. |
conditions[].message |
Human-readable message indicating details about last transition. |
conditions[].reason |
Unique, one-word, CamelCase reason for the condition's last transition. |
conditions[].status |
Status is the status of the condition. Can be True, False, Unknown. |
conditions[].type |
Type is the type of the condition. |
externalRef |
A unique specifier for the BigQueryConnectionConnection resource in GCP. |
observedGeneration |
ObservedGeneration is the generation of the resource that was most recently observed by the Config Connector controller. If this is equal to metadata.generation, then that means that the current reported status reflects the most recent desired state of the resource. |
observedState |
ObservedState is the state of the resource as most recently observed in GCP. |
observedState.aws |
|
observedState.aws.accessRole |
|
observedState.aws.accessRole.identity |
A unique Google-owned and Google-generated identity for the Connection. This identity will be used to access the user's AWS IAM Role. |
observedState.azure |
|
observedState.azure.application |
The name of the Azure Active Directory Application. |
observedState.azure.clientID |
The client id of the Azure Active Directory Application. |
observedState.azure.identity |
A unique Google-owned and Google-generated identity for the Connection. This identity will be used to access the user's Azure Active Directory Application. |
observedState.azure.objectID |
The object id of the Azure Active Directory Application. |
observedState.azure.redirectUri |
The URL user will be redirected to after granting consent during connection setup. |
observedState.cloudResource |
|
observedState.cloudResource.serviceAccountID |
The account ID of the service created for the purpose of this connection. The service account does not have any permissions associated with it when it is created. After creation, customers delegate permissions to the service account. When the connection is used in the context of an operation in BigQuery, the service account will be used to connect to the desired resources in GCP. The account ID is in the form of: |
observedState.cloudSQL |
|
observedState.cloudSQL.serviceAccountID |
The account ID of the service used for the purpose of this connection. When the connection is used in the context of an operation in BigQuery, this service account will serve as the identity being used for connecting to the CloudSQL instance specified in this connection. |
observedState.description |
The description for the connection. |
observedState.friendlyName |
The display name for the connection. |
observedState.hasCredential |
Output only. True, if credential is configured for this connection. |
observedState.spark |
|
observedState.spark.serviceAccountID |
The account ID of the service created for the purpose of this connection. The service account does not have any permissions associated with it when it is created. After creation, customers delegate permissions to the service account. When the connection is used in the context of a stored procedure for Apache Spark in BigQuery, the service account is used to connect to the desired resources in Google Cloud. The account ID is in the form of: bqcx- |
Sample YAML(s)
Aws Connection
# Copyright 2024 Google LLC # # Licensed under the Apache License, Version 2.0 (the "License"); # you may not use this file except in compliance with the License. # You may obtain a copy of the License at # # http://www.apache.org/licenses/LICENSE-2.0 # # Unless required by applicable law or agreed to in writing, software # distributed under the License is distributed on an "AS IS" BASIS, # WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. # See the License for the specific language governing permissions and # limitations under the License. apiVersion: bigqueryconnection.cnrm.cloud.google.com/v1beta1 kind: BigQueryConnectionConnection metadata: name: bigqueryconnectionconnection-sample spec: location: aws-us-east-1 projectRef: # Replace ${PROJECT_ID?} with your project ID external: ${PROJECT_ID?} aws: accessRole: iamRoleID: "arn:aws:iam::999999999999:role/omnirole" Azure Connection
# Copyright 2024 Google LLC # # Licensed under the Apache License, Version 2.0 (the "License"); # you may not use this file except in compliance with the License. # You may obtain a copy of the License at # # http://www.apache.org/licenses/LICENSE-2.0 # # Unless required by applicable law or agreed to in writing, software # distributed under the License is distributed on an "AS IS" BASIS, # WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. # See the License for the specific language governing permissions and # limitations under the License. apiVersion: bigqueryconnection.cnrm.cloud.google.com/v1beta1 kind: BigQueryConnectionConnection metadata: name: bigqueryconnectionconnection-sample spec: location: "azure-eastus2" projectRef: # Replace ${PROJECT_ID?} with your project ID external: ${PROJECT_ID?} azure: customerTenantID: "customer-tenant-id-1111111" federatedApplicationClientID: "b43eeeee-eeee-eeee-eeee-a480155501ce" Cloudresource Connection
# Copyright 2024 Google LLC # # Licensed under the Apache License, Version 2.0 (the "License"); # you may not use this file except in compliance with the License. # You may obtain a copy of the License at # # http://www.apache.org/licenses/LICENSE-2.0 # # Unless required by applicable law or agreed to in writing, software # distributed under the License is distributed on an "AS IS" BASIS, # WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. # See the License for the specific language governing permissions and # limitations under the License. apiVersion: bigqueryconnection.cnrm.cloud.google.com/v1alpha1 kind: BigQueryConnectionConnection metadata: name: bigqueryconnectionconnection-sample spec: location: us-central1 projectRef: # Replace ${PROJECT_ID?} with your project ID external: ${PROJECT_ID?} cloudResource: {} Cloudspanner Connection
# Copyright 2024 Google LLC # # Licensed under the Apache License, Version 2.0 (the "License"); # you may not use this file except in compliance with the License. # You may obtain a copy of the License at # # http://www.apache.org/licenses/LICENSE-2.0 # # Unless required by applicable law or agreed to in writing, software # distributed under the License is distributed on an "AS IS" BASIS, # WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. # See the License for the specific language governing permissions and # limitations under the License. apiVersion: bigqueryconnection.cnrm.cloud.google.com/v1beta1 kind: BigQueryConnectionConnection metadata: name: bigqueryconnectionconnection-sample spec: location: us-central1 projectRef: # Replace ${PROJECT_ID?} with your project ID external: ${PROJECT_ID?} cloudSpanner: databaseRef: name: bigqueryconnection-dep maxParallelism: 100 useDataBoost: True useParallelism: True databaseRole: "admin" --- apiVersion: spanner.cnrm.cloud.google.com/v1beta1 kind: SpannerDatabase metadata: name: bigqueryconnection-dep spec: instanceRef: name: bigqueryconnection-dep ddl: - "CREATE TABLE t1 (t1 INT64 NOT NULL,) PRIMARY KEY(t1)" --- apiVersion: spanner.cnrm.cloud.google.com/v1beta1 kind: SpannerInstance metadata: name: bigqueryconnection-dep annotations: alpha.cnrm.cloud.google.com/reconciler: "direct" spec: config: regional-us-west1 displayName: BigQueryConnection Dependency Cloudsql Connection
# Copyright 2024 Google LLC # # Licensed under the Apache License, Version 2.0 (the "License"); # you may not use this file except in compliance with the License. # You may obtain a copy of the License at # # http://www.apache.org/licenses/LICENSE-2.0 # # Unless required by applicable law or agreed to in writing, software # distributed under the License is distributed on an "AS IS" BASIS, # WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. # See the License for the specific language governing permissions and # limitations under the License. apiVersion: bigqueryconnection.cnrm.cloud.google.com/v1beta1 kind: BigQueryConnectionConnection metadata: name: bigqueryconnectionconnection-sample spec: location: us-central1 projectRef: # Replace ${PROJECT_ID?} with your project ID external: ${PROJECT_ID?} cloudSQL: instanceRef: name: bigqueryconnection-dep databaseRef: name: bigqueryconnection-dep type: "MYSQL" credential: secretRef: name: bigqueryconnection-dep --- apiVersion: v1 kind: Secret metadata: name: bigqueryconnection-dep type: kubernetes.io/basic-auth stringData: username: sqluser-${uniqueId} password: cGFzc3dvcmQ= --- apiVersion: sql.cnrm.cloud.google.com/v1beta1 kind: SQLDatabase metadata: name: bigqueryconnection-dep spec: charset: utf8 instanceRef: name: bigqueryconnection-dep --- apiVersion: sql.cnrm.cloud.google.com/v1beta1 kind: SQLInstance metadata: name: bigqueryconnection-dep spec: region: us-central1 databaseVersion: MYSQL_5_7 settings: locationPreference: zone: us-central1-a tier: db-custom-1-3840 --- apiVersion: sql.cnrm.cloud.google.com/v1beta1 kind: SQLUser metadata: labels: label-one: "value-one" name: bigqueryconnection-dep spec: instanceRef: name: bigqueryconnection-dep host: foo password: valueFrom: secretKeyRef: name: bigqueryconnection-dep key: password Spark Connection
# Copyright 2024 Google LLC # # Licensed under the Apache License, Version 2.0 (the "License"); # you may not use this file except in compliance with the License. # You may obtain a copy of the License at # # http://www.apache.org/licenses/LICENSE-2.0 # # Unless required by applicable law or agreed to in writing, software # distributed under the License is distributed on an "AS IS" BASIS, # WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. # See the License for the specific language governing permissions and # limitations under the License. apiVersion: bigqueryconnection.cnrm.cloud.google.com/v1beta1 kind: BigQueryConnectionConnection metadata: name: bigqueryconnectionconnection-sample spec: location: us-central1 projectRef: # Replace ${PROJECT_ID?} with your project ID external: ${PROJECT_ID?} spark: {}