PrivateServiceConnectUris
A comma-separated list of base URIs to substitute when accessing Private Service Connect URLs. The following are valid URIs:
SERVER_NAME
: The baseline Google APIs service URI, used to perform authentication retries for proxy issues in Windows only. The default value is:https://www.googleapis.com
.For example:
SERVER_NAME=https://<myprivateserver>.p.googleapis.com
ACCOUNTS
: The baseline accounts service URI, used only for interactive authentication (hiddenOAuthMechanism
value3
). The default value is:https://accounts.google.com
.For example:
ACCOUNTS=https://accounts-<myprivateserver>.p.googleapis.com
OAUTH2
: The baseline OAuth 2.0 service URI, used to retrieve access tokens for OAuth 2.0 authentication flows. The default value is:https://oauth2.googleapis.com
.For example:
OAUTH2=https://oauth2-<myprivateserver>.p.googleapis.com
STS
: The baseline security token service, used to retrieve access tokens for External Account Authentication flows. The default value is:https://sts.googleapis.com
.For example:
STS=https://sts-<myprivateserver>.p.googleapis.com
BIGQUERY
: The baseline BigQuery REST API service, used to interface with the BigQuery data source, via the REST API. The default value is:https://bigquery.googleapis.com
.For example:
BIGQUERY=https://bigquery-<myprivateserver>.p.googleapis.com
READ_API
: The host and port required to access the BigQuery Storage Read API service, used to read data from tables via the Storage Read API. The default value is:bigquerystorage.googleapis.com:443
.For example:
READ_API=bigquerystorage-<myprivateserver>.p.googleapis.com:443
Note:
The format must be
[Host]:[Port]
, with no protocol specifier or URL components.
Note:
- When the connector is configured to use Service Authentication (
OAuthMechanism=0
), the connector prioritizes theOAUTH2
URI from the key file specified in theKeyFile
orKeyFilePath
property. In order, the precedence is:KeyFile{_Enc}/KeyFilePath{_Enc}
PrivateServiceConnectUris=...,OAUTH2=<YOUR_OAUTH2_URL>,...
- Default
- When the connector is configured to use External Account Authentication (
OAuthMechanism=4
), the connector prioritizes theSTS
URI from either the configuration file specified in theKeyFile
orKeyFilePath
property, or, from theBYOID_TokenUri
property. In order, the precedence is:KeyFile/KeyFilePath{_Enc}
BYOID_TokenUri
PrivateServiceConnectUris=...,STS=<YOUR_STS_URL>,...
- Default
- For more information about Private Service Connect, see "Private Service Connect" in the Google Cloud documentation: https://cloud.google.com/vpc/docs/private-service-connect.
-
The
IMPERSONATION
value is now supported by thePrivateServiceConnectUris
connection property.
Key Name | Default Value | Required |
---|---|---|
|
None |
No |