Skip to content

GCP projects and service accounts🔗

Google service accounts are used to permit Data Loader access to specific resources required for CDC, such as Cloud Storage buckets and secret manager resources. It's recommended you make a Google service account specifically for Data Loader and give access to only the resources you make as part of the CDC setup process.

Creating a project🔗

You will need a project and attached service accounts.

To create a new project:

  1. Log in to the Google Cloud Platform console.
  2. Click the navigation menu ☰ in the upper-left.
  3. Choose IAM and admin → Create a project.
  4. Provide a descriptive name for your project. Must be unique. Cannot be changed later as a Project ID is generated.
  5. Choose an organization. Cannot be changed later.
  6. Choose a parent organization or folder as the location.
  7. Click CREATE.

Creating a service account🔗

Once you have a project, you can create a service account:

  1. Click the navigation menu ☰ in the upper-left.
  2. Choose IAM and admin → Service accounts
  3. Click + CREATE SERVICE ACCOUNT.
  4. Provide a unique, descriptive display name for your service account.
  5. Provide a unique ID for your service account. You can use the service account name as the service account ID if it is unique.
  6. Provide a description for the service account.
  7. Click CREATE AND CONTINUE.
  8. In the Select a role drop-down, add the roles
    • roles/container.admin
    • roles/iam.serviceAccountAdmin
  9. Click + ADD ANOTHER ROLE if applicable.
  10. Click DONE.

Got feedback or spotted something we can improve?

We'd love to hear from you. Join the conversation in the Documentation forum!

© Copyright 2025 Matillion Ltd | Legal | Privacy Policy | Disclaimer | Modern Slavery Statement