Console

1. In the Google Cloud console, go to theBigQuery page.

   Go to BigQuery

2. In the left pane, clickexploreExplorer:

   

   If you don't see the left pane, clicklast_pageExpand left pane to open the pane.

3. In theExplorer pane, click your project name.

4. Clickmore_vertView actions > Create dataset.

5. On theCreate dataset page, do the following:

   1. ForDataset ID, type a name for the dataset.

   2. ForLocation type, selectRegion orMulti-region.

      • If you selectedRegion, then select a location from theRegion list.
      • If you selectedMulti-region, then selectUS orEuropefrom theMulti-region list.

   3. ClickCreate dataset.

bq

1. To create a new dataset, use thebq mk commandwith the--location flag:

   bq --location=LOCATION mk -dDATASET_ID

   Replace the following:

   • LOCATION: the dataset'slocation.
   • DATASET_ID is the ID of the dataset that you'recreating.

2. Confirm that the dataset was created:

   bqls

Console

1. Go to theBigQuery page.

   Go to BigQuery

2. In the left pane, clickexploreExplorer:

   

   If you don't see the left pane, clicklast_pageExpand left pane to open the pane.

3. In theExplorer pane, expand your project name, and then clickConnections.

4. On theConnections page, clickCreate connection.

5. ForConnection type, chooseVertex AI remote models, remotefunctions, BigLake and Spanner (Cloud Resource).

6. In theConnection ID field, enter a name for your connection.

7. ForLocation type, select a location for your connection. Theconnection should be colocated with your other resources such asdatasets.

8. ClickCreate connection.

9. ClickGo to connection.

10. In theConnection info pane, copy the service account ID for use ina later step.

bq

1. In a command-line environment, create a connection:

   bqmk--connection--location=REGION--project_id=PROJECT_ID\--connection_type=CLOUD_RESOURCECONNECTION_ID

   The--project_id parameter overrides the default project.

   Replace the following:

   • REGION: yourconnection region
   • PROJECT_ID: your Google Cloud project ID
   • CONNECTION_ID: an ID for yourconnection

   When you create a connection resource, BigQuery creates aunique system service account and associates it with the connection.

   Troubleshooting: If you get the following connection error,update the Google Cloud SDK:

   Flags parsing error: flag --connection_type=CLOUD_RESOURCE: value should be one of...

2. Retrieve and copy the service account ID for use in a laterstep:

   bqshow--connectionPROJECT_ID.REGION.CONNECTION_ID

   The output is similar to the following:

   name                          properties1234.REGION.CONNECTION_ID     {"serviceAccountId": "connection-1234-9u56h9@gcp-sa-bigquery-condel.iam.gserviceaccount.com"}

Python

importgoogle.api_core.exceptionsfromgoogle.cloudimportbigquery_connection_v1client=bigquery_connection_v1.ConnectionServiceClient()defcreate_connection(project_id:str,location:str,connection_id:str,):"""Creates a BigQuery connection to a Cloud Resource.    Cloud Resource connection creates a service account which can then be    granted access to other Google Cloud resources for federated queries.    Args:        project_id: The Google Cloud project ID.        location: The location of the connection (for example, "us-central1").        connection_id: The ID of the connection to create.    """parent=client.common_location_path(project_id,location)connection=bigquery_connection_v1.Connection(friendly_name="Example Connection",description="A sample connection for a Cloud Resource.",cloud_resource=bigquery_connection_v1.CloudResourceProperties(),)try:created_connection=client.create_connection(parent=parent,connection_id=connection_id,connection=connection)print(f"Successfully created connection:{created_connection.name}")print(f"Friendly name:{created_connection.friendly_name}")print(f"Service Account:{created_connection.cloud_resource.service_account_id}")exceptgoogle.api_core.exceptions.AlreadyExists:print(f"Connection with ID '{connection_id}' already exists.")print("Please use a different connection ID.")exceptExceptionase:print(f"An unexpected error occurred while creating the connection:{e}")

Node.js

const{ConnectionServiceClient}=require('@google-cloud/bigquery-connection').v1;const{status}=require('@grpc/grpc-js');constclient=newConnectionServiceClient();/** * Creates a new BigQuery connection to a Cloud Resource. * * A Cloud Resource connection creates a service account that can be granted access * to other Google Cloud resources. * * @param {string} projectId The Google Cloud project ID. for example, 'example-project-id' * @param {string} location The location of the project to create the connection in. for example, 'us-central1' * @param {string} connectionId The ID of the connection to create. for example, 'example-connection-id' */asyncfunctioncreateConnection(projectId,location,connectionId){constparent=client.locationPath(projectId,location);constconnection={friendlyName:'Example Connection',description:'A sample connection for a Cloud Resource',// The service account for this cloudResource will be created by the API.// Its ID will be available in the response.cloudResource:{},};constrequest={parent,connectionId,connection,};try{const[response]=awaitclient.createConnection(request);console.log(`Successfully created connection:${response.name}`);console.log(`Friendly name:${response.friendlyName}`);console.log(`Service Account:${response.cloudResource.serviceAccountId}`);}catch(err){if(err.code===status.ALREADY_EXISTS){console.log(`Connection '${connectionId}' already exists.`);}else{console.error(`Error creating connection:${err.message}`);}}}

Terraform

Use thegoogle_bigquery_connectionresource.

To authenticate to BigQuery, set up Application DefaultCredentials. For more information, seeSet up authentication for client libraries.

The following example creates a Cloud resource connection namedmy_cloud_resource_connection in theUS region:

# This queries the provider for project information.data "google_project" "default" {}# This creates a cloud resource connection in the US region named my_cloud_resource_connection.# Note: The cloud resource nested object has only one output field - serviceAccountId.resource "google_bigquery_connection" "default" {  connection_id = "my_cloud_resource_connection"  project       = data.google_project.default.project_id  location      = "US"  cloud_resource {}}

To apply your Terraform configuration in a Google Cloud project, complete the steps in the following sections.

Prepare Cloud Shell

1. LaunchCloud Shell.

2. Set the default Google Cloud project where you want to apply your Terraform configurations.

   You only need to run this command once per project, and you can run it in any directory.

   export GOOGLE_CLOUD_PROJECT=PROJECT_ID

   Environment variables are overridden if you set explicit values in the Terraform configuration file.

Prepare the directory

Each Terraform configuration file must have its own directory (alsocalled aroot module).

1. InCloud Shell, create a directory and a new file within that directory. The filename must have the.tf extension—for examplemain.tf. In this tutorial, the file is referred to asmain.tf.

   mkdirDIRECTORY && cdDIRECTORY && touch main.tf

2. If you are following a tutorial, you can copy the sample code in each section or step.

   Copy the sample code into the newly createdmain.tf.

   Optionally, copy the code from GitHub. This is recommended when the Terraform snippet is part of an end-to-end solution.

3. Review and modify the sample parameters to apply to your environment.
4. Save your changes.
5. Initialize Terraform. You only need to do this once per directory.

   terraform init

   Optionally, to use the latest Google provider version, include the-upgrade option:

   terraform init -upgrade

Apply the changes

1. Review the configuration and verify that the resources that Terraform is going to create or update match your expectations:

   terraform plan

   Make corrections to the configuration as necessary.

2. Apply the Terraform configuration by running the following command and enteringyes at the prompt:

   terraform apply

   Wait until Terraform displays the "Apply complete!" message.

3. Open your Google Cloud project to view the results. In the Google Cloud console, navigate to your resources in the UI to make sure that Terraform has created or updated them.

Console

1. Go to theIAM & Admin page.

   Go to IAM & Admin

2. Clickperson_addAdd.

   TheAdd principals dialog opens.

3. In theNew principals field, enter the service account ID that youcopied earlier.

4. In theSelect a role field, selectVertex AI, and then selectVertex AI User.

5. ClickAdd another role.

6. In theSelect a role field, chooseCloud Storage, and thenselectStorage Object Viewer.

7. ClickSave.

gcloud

Use thegcloud projects add-iam-policy-binding command.

gcloud projects add-iam-policy-binding 'PROJECT_NUMBER' --member='serviceAccount:MEMBER' --role='roles/aiplatform.user' --condition=Nonegcloud projects add-iam-policy-binding 'PROJECT_NUMBER' --member='serviceAccount:MEMBER' --role='roles/storage.objectViewer' --condition=None

Replace the following:

• PROJECT_NUMBER: the project number of the project in which to grant the role.
• MEMBER: the service account ID that you copied earlier.

SQL

Use theCREATE EXTERNAL TABLE statement.

1. In the Google Cloud console, go to theBigQuery page.

   Go to BigQuery

2. In the query editor, enter the following statement:

   CREATEEXTERNALTABLE`PROJECT_ID.DATASET_ID.TABLE_NAME`WITHCONNECTION{`PROJECT_ID.REGION.CONNECTION_ID`|DEFAULT}OPTIONS(object_metadata='SIMPLE',uris=['BUCKET_PATH'[,...]],max_staleness=STALENESS_INTERVAL,metadata_cache_mode='CACHE_MODE');

   Replace the following:

   • PROJECT_ID: your project ID.
   • DATASET_ID: the ID of thedataset that you created.
   • TABLE_NAME: the name of the object table.
   • REGION: theregion or multi-region that contains the connection.
   • CONNECTION_ID: the ID of theconnection that you created.

     When youview the connection details in the Google Cloud console, this is the value in the last section of the fully qualified connection ID that is shown inConnection ID, for exampleprojects/myproject/locations/connection_location/connections/myconnection.

     To use a default connection, specifyDEFAULT instead of the connection string containingPROJECT_ID.REGION.CONNECTION_ID.

   • BUCKET_PATH: the path to the Cloud Storage bucket that contains the images, in the format['gs://bucket_name/[folder_name/]*'].

     The Cloud Storage bucket that you use should be in the same project where you plan to create the model and call theAI.GENERATE_EMBEDDING function. If you want to call theAI.GENERATE_EMBEDDING function in a different project than the one that contains the Cloud Storage bucket used by the object table, you mustgrant the Storage Admin role at the bucket level to theservice-A@gcp-sa-aiplatform.iam.gserviceaccount.com service account.

   • STALENESS_INTERVAL: specifies whether cached metadata is used by operations against the object table, and how fresh the cached metadata must be in order for the operation to use it. For more information on metadata caching considerations, seeMetadata caching for performance.

     To disable metadata caching, specify 0. This is the default.

     To enable metadata caching, specify aninterval literal value between 30 minutes and 7 days. For example, specifyINTERVAL 4 HOUR for a 4 hour staleness interval. With this value, operations against the table use cached metadata if it has been refreshed within the past 4 hours. If the cached metadata is older than that, the operation retrieves metadata from Cloud Storage instead.

   • CACHE_MODE: specifies whether the metadata cache is refreshed automatically or manually. For more information on metadata caching considerations, seeMetadata caching for performance.

     Set toAUTOMATIC for the metadata cache to be refreshed at a system-defined interval, usually somewhere between 30 and 60 minutes.

     Set toMANUAL if you want to refresh the metadata cache on a schedule you determine. In this case, you can call theBQ.REFRESH_EXTERNAL_METADATA_CACHE system procedure to refresh the cache.

     You must setCACHE_MODE ifSTALENESS_INTERVAL is set to a value greater than 0.

3. Clickplay_circleRun.

For more information about how to run queries, seeRun an interactive query.

bq

Use thebq mk command.

bqmk--table\--external_table_definition=BUCKET_PATH@REGION.CONNECTION_ID\--object_metadata=SIMPLE\--max_staleness=STALENESS_INTERVAL\--metadata_cache_mode=CACHE_MODE\PROJECT_ID:DATASET_ID.TABLE_NAME

Replace the following:

• BUCKET_PATH: the path to the Cloud Storage bucket that contains the images, in the format['gs://bucket_name/[folder_name/]*'].

  The Cloud Storage bucket that you use should be in the same project where you plan to create the model and call theAI.GENERATE_EMBEDDING function. If you want to call theAI.GENERATE_EMBEDDING function in a different project than the one that contains the Cloud Storage bucket used by the object table, you mustgrant the Storage Admin role at the bucket level to theservice-A@gcp-sa-aiplatform.iam.gserviceaccount.com service account.

• REGION: theregion or multi-region that contains the connection.
• CONNECTION_ID: the ID of theconnection that you created.

  When youview the connection details in the Google Cloud console, this is the value in the last section of the fully qualified connection ID that is shown inConnection ID, for exampleprojects/myproject/locations/connection_location/connections/myconnection.

• STALENESS_INTERVAL: specifies whether cached metadata is used by operations against the object table, and how fresh the cached metadata must be in order for the operation to use it. For more information on metadata caching considerations, seeMetadata caching for performance.

  To disable metadata caching, specify 0. This is the default.

  To enable metadata caching, specify aninterval literal value between 30 minutes and 7 days. For example, specifyINTERVAL 4 HOUR for a 4 hour staleness interval. With this value, operations against the table use cached metadata if it has been refreshed within the past 4 hours. If the cached metadata is older than that, the operation retrieves metadata from Cloud Storage instead.

• CACHE_MODE: specifies whether the metadata cache is refreshed automatically or manually. For more information on metadata caching considerations, seeMetadata caching for performance.

  Set toAUTOMATIC for the metadata cache to be refreshed at a system-defined interval, usually somewhere between 30 and 60 minutes.

  Set toMANUAL if you want to refresh the metadata cache on a schedule you determine. In this case, you can call theBQ.REFRESH_EXTERNAL_METADATA_CACHE system procedure to refresh the cache.

  You must setCACHE_MODE ifSTALENESS_INTERVAL is set to a value greater than 0.

• PROJECT_ID: your project ID.
• DATASET_ID: the ID of thedataset that you created.
• TABLE_NAME: the name of the object table.