If you have provisioned the source system credentials using Cloud Console you may skip this step.
export HOST_PROJECT_ID=my-projectexport SA_NAME=sa-alvin-bq-reader# init gcloudgcloudconfigsetproject $HOST_PROJECT_ID# create a Service Accountgcloudiamservice-accountscreate $SA_NAME \--display-name "Service Account for Alvin access to BigQuery" \--project $HOST_PROJECT_ID# Following steps must be executed for each project you want to connect to Alvin# --- Begin steps for each project ----# Change the value below and run for each projectexport BQ_PROJECT_ID=my-bq-project# ADD Bigquery Metadata Viewer Rolegcloudprojectsadd-iam-policy-binding $BQ_PROJECT_ID \--member "serviceAccount:$SA_NAME@$HOST_PROJECT_ID.iam.gserviceaccount.com" \--quiet \--project $BQ_PROJECT_ID \--role "roles/bigquery.metadataViewer"# ADD Bigquery Resource Viewer Rolegcloudprojectsadd-iam-policy-binding $BQ_PROJECT_ID \--member "serviceAccount:$SA_NAME@$HOST_PROJECT_ID.iam.gserviceaccount.com" \--quiet \--project $BQ_PROJECT_ID \--role "roles/bigquery.resourceViewer"# --- End steps for each project ----
