In order to grant Alegion access to assets stored in the Google Cloud Platform, it is necessary to work directly with a member of the Alegion DevOps team to start the initial configuration. While this process is manual, once correctly configured, Alegion will have the ability to automatically integrate your assets into our platform. Additionally, using this method, the assets can be annotated without the need to grant workers direct access to your GCP bucket.
An Alegion representative will create a dedicated GCP service account using the process Google has documented here. It is important to note that you are not responsible for creating the service account as the account will be managed internally by Alegion. Once created, the Alegion representative will share the account name with you. This is where your responsibility starts. From the Google Cloud Storage Browser, you will need to locate the bucket which contains the assets to be annotated. Using the process found here, you will need to grant the Alegion-created service account access to the bucket. Use the account name shared with you by the Alegion representative, and grant them the appropriate role. This role may vary depending on your specific use case and you should consult with your Alegion representative to determine the correct one to use. A list of the roles and their extended permissions can be found here. Once this process is complete, the Alegion DevOps team will be able to perform all additional configurations to ensure your content is both accessible and protected.