Google Drive connector for home map points
The procedure for setting up your Google Drive connector for home map points is described in this topic.
In this section:
- Prerequisites
- Open your Google cloud platform project
- Enable Google Drive API
- Create a service account
- Delegate domain-wide authority
- Configure File Director cloud connector
File Director allows you to configure Google Drive as the storage location for user's home map point. Once configured, users can update files on map points using File Director and they will sync with the users Google Drive storage.
Note that native Google file types are not displayed in file listings within File Director. Excluded native files include Google document, drawing, form, spreadsheet, map, and presentation files, for example.
Video: File Director - Overview of cloud storage using Google Drive.
Prerequisites
•Your perimeter firewall must allow communication to www.googleapis.com on port 443.
•Users from on-premise AD are already synchronized with Google Directory using the Google Cloud Directory Sync (GCDS) tools. Refer to Google G Suite Admin Help for further information.
•Users have Google Drive storage assigned to their account and are appropriately licensed.
•Each user's primary email address in the G Suite directory must match their UPN (User Principal Name) in AD.
•You are an administrator on your G Suite domain with required permissions to create a service account for File Director to use.
Note, the service account will enable domain-wide delegation of authority on behalf of your users. Refer to this article: G Suite Domain-wide Delegation.
•File Director 2019.1 or later is already deployed.
Open your Google cloud platform project
In order to create a G Suite service account you will require a project in the Google Cloud Platform.
1.Log in to the Google Cloud Platform console.
2.Click APIs and Services > Dashboard.
3.If you are a new Google Cloud Platform user, click Create and proceed to step 6.
4.If you are an existing user, click Select a project.
5.The Select Project dialog opens:
•If you have created projects for different organizations, click the organization required from the Select from list at the top of the dialog.
•Existing projects for your organization are listed.
6.Select the project required and then click Open, or click New Project.
7.In the New Project dialog, enter a name for your project and confirm or edit the details for your organization and location.
8.A confirmation notification is displayed when your project is created.
Enable the Google Drive API for your project
1.From the Google Cloud Platform console, click APIs and Services > Library.
2.In the API Library search box enter Google Drive
.
Matched results are displayed.
4. Click Enable.
The Google Drive API Overview screen is displayed. The API is enabled for your project.
Create a service account
In the process of creating the service account you will generate a JSON file. The file is required later when you configure File Director for Google Drive storage.
It is important you retain the JSON file as it supplies the required private key, and the service account ID to which it relates.
The file cannot be downloaded more than once so if it is lost you will have to generate a new one.
1.From the Google Cloud Platform console, click IAM & admin > Service accounts > Create service account.
2.In the Service Account Details dialog, enter a name and description for your account. The account name entered is displayed as the Service account ID:
3.Click Create.
When the account is created a notification is displayed.
4.The Create service account dialog contains presents two further sections that are not required for File Director usage:
•In the Service account permissions (optional) dialog, click Continue.
•In the Grant users access to this service account (optional) dialog, click Done.
5.The service account is listed for your project:
6.In the Actions column click the ellipses, then click Edit.
7.In the Service account details screen, click the drop-down arrow to Show domain-wide delegation:
•Select the Enable G Suite Domain-wide Delegation check box.
•In the Product name for the consent screen field, enter a product name familiar to your users.
•Click Create.
8.The Create Private Key dialog box is displayed:
Ensure the JSON key type is selected, then click Create.
9.This action creates the JSON file and downloads it to your computer. It is important to keep the file. It contains the private key required by File Director and if lost, it cannot be recovered.
10.Click Save to complete the account creation.
11.In the Service accounts overview page accounts for your project are listed:
12.For the account required, click View Client ID.
The Client ID for the service account is displayed:
Click Save.
Note, the Client ID value is required in the next step.
Delegate domain-wide authority to your service account
As the administrator of your G Suite domain you need to enable the service account to access users' Google Drive data. To complete this step, you require the service account Client ID.
1.Log in to the Google Admin console.
2.Click the Security icon. In the options listed, click Advanced settings:
3.Click Manage API client access to open the Manage API client access screen:
•Enter the Client Name, this is the Client ID value generated in the Google Cloud Platform console.
•In the One or More API Scopes field, enter the following :
https://www.googleapis.com/auth/drive,
https://www.googleapis.com/auth/drive.appfolder
•Click Authorize.
Your service account is now set up and you have granted access to users' Google Drive data.
Configure File Director cloud connector
1.In the File Director Admin console, select Configuration > Cloud Connectors.
2.Click the drop-down arrow next to Google Drive to open the Google Drive cloud connector dialog:
3.The connector requires the JSON file created previously for your Google Service Account earlier (see Create a service account above).
•Click the Choose File button.
•In the explorer window that opens, select the JSON file required then click Open.
•The selected file name is displayed in the dialog. Click Upload.
This action uploads the file containing the private key to File Director.
4.The Service Account field is populated automatically when the JSON file is uploaded.
Your cloud connector for Google Drive is now complete. You can now create a Google Drive home map point and then assign an access policy for users as required. See Map Point Configuration.
Note, Google Drive is unable to create folders via File Director if the folder name starts and ends with an apostrophe.
Related topics