Google Drive

Google Drive

Power end-to-end data operations for your Google Drive storage with Nexla. Our bi-directional Google Drive connector makes it simple to ingest data from and deliver data to any Google Drive location. Nexla automatically organizes ingested data into ready-to-use, reusable data products you can transform, validate, move, and manage at scale, all with no coding required. With comprehensive monitoring, lineage tracking, and access controls, Nexla keeps your Google Drive workflows fast, secure, and fully governed.

Authentication

This section provides step-by-step instructions for creating a new Google Drive credential that will allow Nexla to authenticate to your Google Drive account.

• To create a new Google Drive credential, after selecting the data source/destination type, click the Add Credential tile to open the Add New Credential overlay.

New Credential Overlay – Google Drive

Credential Name & Description

1. Enter a name for the credential in the Credential Name field and a short, meaningful description in the Credential Description field.

   Resource descriptions should provide information about the resource purpose, data freshness, etc. that can help the owner and other users efficiently understand and utilize the resource.

Account Access

2. Select the authentication method that will be used to connect to the Google Drive account from the Authentication Type pulldown menu, and follow the corresponding instructions in the box below to configure associated credential settings.

   Nexla recommends using the System User Authentication method to connect to your Google Drive account. This method is best-suited for accessing your own data and is tied to the service account instead of an individual user account.

Configure Authentication Settings

System User Authentication

Authenticate with a Google service account

Service accounts are Google accounts that are typically used by applications and services to access Google Cloud resources. This authentication method provides access to all resources that the service account has permissions to access. For more information about service accounts, see Google Cloud documentation.

1. Obtain the service account credentials in JSON format.

   • To download the credentials file from the Google Cloud console, navigate to IAM & Admin > Service Accounts, and select the service account. Select the Keys tab; then, click Add key, and select Create new key. The JSON credentials file will be downloaded to your local machine.

2. Click the Choose Credentials File button below the authentication method menu, and select & upload the service account credentials JSON file.

End-User Authentication

Authenticate with your Google user account

1. Click the Authorize button below the authentication method menu.

2. Select the Google account that will be used to access Google Drive locations with this account, and click Allow to grant Nexla access to the account.

Advanced Settings

Optional

For Google Drive credentials, advanced settings are available to configure Nexla to process encrypted files accessed via this credential. These settings are optional and can be configured as needed.

Advanced Credential Settings
Google Drive

File Encryption/Decryption

Nexla can be configured to process PGP-encrypted files accessed via this credential. When this option is enabled, Nexla will decrypt files before ingestion and encrypt generated files before uploading to the Google Drive location.

1. To configure Nexla to encrypt/decrypt files when accessing Google Drive via this credential, check the box next to Handle File Encryption/Decryption?.

2. Enter the following information in the corresponding fields:

   1. External User ID – ID of the user whose public key will be used for encryption/decryption

   2. External User's Public Key – public key that will be used for encryption/decryption

   3. Your User ID for Private Key – user ID that was used to generate the PGP private key

   4. Your Password for Private Key – password for the user ID

   5. Your Private Key – PGP private key that will be used to encrypt/decrypt files

Save the Credential

1. Once all of the relevant steps in the above sections have been completed, click the Save button at the bottom of the overlay to save the configured credential.

2. The newly added credential will now appear in a tile on the Authenticate screen during data source/destination creation and can be selected for use with a new data source or destination.

Data Source

To ingest data from a Google Drive location, follow the instructions in Section 2 of Common Setup for File-Based Storage Systems.

Data Destination

To send data to a Google Drive location, follow the instructions in Section 3 of Common Setup for File-Based Storage Systems.