Getting Started

Features

Integrations

Reference

DriftOps polls a Google Cloud Storage bucket on a schedule. New objects matching your file pattern are downloaded, compared against the linked contract, and drift events are created for any differences.

Prerequisites

  • A Google Cloud project with a GCS bucket containing the files to monitor
  • A service account with Storage Object Viewer and Storage Legacy Bucket Reader roles on the bucket
  • The service account JSON key file

Create the connection

  1. Go to Cloud Connections and click New Connection.
  2. Select Google Cloud Storage as the provider.
  3. Fill in the form:
    • Name: a label for this connection
    • Project ID: your GCP project ID (e.g. my-project-123)
    • Service Account JSON: paste the full contents of the service account key JSON file
    • Bucket Name: the GCS bucket name
    • Prefix (optional): object prefix to scope the watch, e.g. data/incoming/
    • File Pattern: glob pattern, e.g. *.json
    • Contract: the contract to compare against
    • Poll Interval: how often to check (minutes, default 60)
  4. Click Save.

The service account JSON is encrypted before storage. The raw key is never returned by the API.

Service account setup

In the Google Cloud Console:

  1. Go to IAM and Admin > Service Accounts.
  2. Click Create Service Account.
  3. Give it a name (e.g. driftops-reader).
  4. Grant the following roles on the specific bucket (not project-wide if you want least privilege):
    • Storage Object Viewer (roles/storage.objectViewer)
    • Storage Legacy Bucket Reader (roles/storage.legacyBucketReader)
  5. Click Done.
  6. Open the service account, go to Keys, and click Add Key > Create new key > JSON.
  7. Download the JSON file and paste its contents into the DriftOps connection form.

DriftOps only reads objects. It does not write to or delete from your bucket.

Configuration options

prefix

Only process objects under this path.

Default: all objects
file_pattern

Glob pattern matched against object names.

Default: *.json
poll_interval_minutes

How often to check for new objects.

Default: 60

Troubleshooting

Permission denied listing objects The service account needs Storage Legacy Bucket Reader to list objects. Storage Object Viewer alone is not sufficient for listing.

Service account JSON rejected Paste the entire JSON including the outer braces. The format starts with {"type": "service_account", ...}. Do not strip whitespace or newlines.

No files found

  • Check the prefix. GCS object paths are case-sensitive.
  • The file pattern is matched against the object name only, not the full path. If your objects are at data/orders/order_001.json, the pattern *.json will match order_001.json.
Something wrong? Email sales@driftops.io