Create a service account for data tiering and backups

Contributors netapp-bcammett Download PDF of this page

Cloud Volumes ONTAP requires a Google Cloud service account for two purposes. The first is when you enable data tiering to tier cold data to low-cost object storage in Google Cloud. The second is when you enable the Cloud Backup Service to back up volumes to low-cost object storage.

Cloud Volumes ONTAP uses the service account to access and manage one bucket for tiered data and another bucket for backups.

You can set up one service account and use it for both purposes. The service account must have the Storage Admin role.

Steps
  1. In the Google Cloud console, go to the Service accounts page.

  2. Select your project.

  3. Click Create service account and provide the required information.

    1. Service account details: Enter a name and description.

    2. Grant this service account access to project: Select the Storage Admin role.

      A screenshot of the GCP IAM console that shows the selection of the Storage Admin role for a service account.

    3. Grant users access to this service account: Add the Connector service account as a Service Account User to this new service account.

      This step is required for data tiering only. It’s not required for the Cloud Backup Service.

      A screenshot of the Google Cloud console where you grant users access to a service account during creation.

What’s next?

You’ll need to select the service account later when you create a Cloud Volumes ONTAP working environment.

A screenshot of the Details and Credentials page where you can enable a service account for Cloud Volumes ONTAP.