2

In Google Cloud I have a BigQuery account and I have a Service Account defined there. I want to set up a Linked Service in Azure Data Factory so that I can extract data from BigQuery. I have generated a JSON file that contains the various keys:

{
  "type": "service_account",
  "project_id": "******",
  "private_key_id": "***********",
  "private_key": "-----BEGIN PRIVATE KEY  ************ -----END PRIVATE KEY-----\n",
  "client_email": "***********",
  "client_id": "************",
  "auth_uri": "https://accounts.google.com/o/oauth2/auth",
  "token_uri": "https://accounts.google.com/o/oauth2/token",
  "auth_provider_x509_cert_url": "https://www.googleapis.com/oauth2/v1/certs",
  "client_x509_cert_url": "https://*******************"
}

On the Linked Service there is an entry for Key File Path and Trusted Cert Path. I am trying to determine what goes in these two fields.

If I am storing these two items, where are they getting stored at:

  1. On-Prem or
  2. Somewhere in my Azure storage?
anx
  • 6,875
  • 4
  • 22
  • 45
loliver
  • 21
  • 2

1 Answers1

1

Using the service authentication method, which seems to be the one you refer to, is only supported when you are running the connector using the self-hosted integration run time. This is where you deploy an agent on a machine you run (can be on-prem, in Azure or in another cloud provider). Therefore the paths it is referring to are on that machine.

You can see the details of this and what each of these items are here

  • keyFilePath The full path to the .p12 key file that is used to authenticate the service account email address.

  • trustedCertPath - the full path of the .pem file that contains trusted CA certificates used to verify the server when you connect over SSL. This property can be set only when you use SSL on Self-hosted Integration Runtime. The default value is the cacerts.pem file installed with the integration runtime.

Sam Cogan
  • 38,158
  • 6
  • 77
  • 113