Google Spanner¶
The Google Spanner connector is a Palantir-provided driver for Google Spanner.
To create a new Google Spanner source, follow the standard setup flow for Palantir-provided drivers, then use the sections below for Google Spanner-specific configuration and networking. For the complete property reference, see the official Google Spanner driver documentation ↗.
Configuration¶
The properties below are mandatory or recommended.
| Property | Required? | Description | Default |
|---|---|---|---|
DatabaseDialect ↗ |
Mandatory | The dialect type of the connected database. | GoogleStandardSQL |
AuthScheme ↗ |
Recommended | The type of authentication to use when connecting to Google Spanner. | OAuthJWT |
Database ↗ |
Recommended | The name of the Google Spanner database to connect to. | — |
InitiateOAuth ↗ |
Recommended | Specifies the process for obtaining or refreshing the OAuth access token, which maintains user access while an authenticated, authorized user is working. | GETANDREFRESH |
InstanceId ↗ |
Recommended | The id of the Google Spanner instance to which you are connecting. | — |
OAuthClientId ↗ |
Recommended | Specifies the client Id that was assigned when the custom OAuth application was created. (Also known as the consumer key.) This ID registers the custom application with the OAuth authorization server. | — |
OAuthClientSecret ↗ |
Recommended | Specifies the client secret that was assigned when the custom OAuth application was created. (Also known as the consumer secret). This secret registers the custom application with the OAuth authorization server. | — |
OAuthJWTCert ↗ |
Recommended | The JWT Certificate store. | — |
OAuthJWTCertType ↗ |
Recommended | The type of key store containing the JWT Certificate. | GOOGLEJSONBLOB |
OAuthJWTSubject ↗ |
Recommended | The user subject for which the application is requesting delegated access. | — |
ProjectId ↗ |
Recommended | The id of the project where your Google Spanner instance resides. | — |
Networking¶
The table below lists the domains that the source needs to be able to access in order to successfully run.
For each domain, add a corresponding egress policy. If the source is hosted on-premises and not directly reachable from Foundry, use an agent proxy egress policy instead; the agent host itself must also be able to reach the listed domains. See using an agent as a proxy for details.
| Domain | Required |
|---|---|
| accounts.google.com | Always. Required for OAuth |
| spanner.googleapis.com | Always. There is a hidden property Server that can override this with a different URL. |
| googleapis.com | Always |
中文翻译¶
Google Spanner¶
Google Spanner 连接器是一个由 Palantir 提供的驱动程序(Palantir-provided driver),用于连接 Google Spanner。
要创建新的 Google Spanner 数据源,请遵循 Palantir 提供驱动程序的标准设置流程(standard setup flow for Palantir-provided drivers),然后使用以下各节进行 Google Spanner 特定的配置和网络设置。有关完整的属性参考,请参阅官方 Google Spanner 驱动程序文档(official Google Spanner driver documentation)。
配置(Configuration)¶
以下属性为必填或推荐项。
| 属性 | 是否必填 | 描述 | 默认值 |
|---|---|---|---|
DatabaseDialect ↗ |
必填 | 所连接数据库的方言类型。 | GoogleStandardSQL |
AuthScheme ↗ |
推荐 | 连接到 Google Spanner 时使用的身份验证类型。 | OAuthJWT |
Database ↗ |
推荐 | 要连接的 Google Spanner 数据库名称。 | — |
InitiateOAuth ↗ |
推荐 | 指定获取或刷新 OAuth 访问令牌的过程,该令牌用于在已认证的授权用户工作时维持其访问权限。 | GETANDREFRESH |
InstanceId ↗ |
推荐 | 您所连接的 Google Spanner 实例的 ID。 | — |
OAuthClientId ↗ |
推荐 | 指定创建自定义 OAuth 应用程序时分配的客户端 ID(也称为消费者密钥)。此 ID 用于在 OAuth 授权服务器上注册自定义应用程序。 | — |
OAuthClientSecret ↗ |
推荐 | 指定创建自定义 OAuth 应用程序时分配的客户端密钥(也称为消费者密钥)。此密钥用于在 OAuth 授权服务器上注册自定义应用程序。 | — |
OAuthJWTCert ↗ |
推荐 | JWT 证书存储。 | — |
OAuthJWTCertType ↗ |
推荐 | 包含 JWT 证书的密钥存储类型。 | GOOGLEJSONBLOB |
OAuthJWTSubject ↗ |
推荐 | 应用程序请求委托访问的用户主体。 | — |
ProjectId ↗ |
推荐 | Google Spanner 实例所在项目的 ID。 | — |
网络设置(Networking)¶
下表列出了数据源为成功运行而需要能够访问的域名。
对于每个域名,请添加相应的出站策略(egress policy)。如果数据源托管在本地且无法从 Foundry 直接访问,请改用代理出站策略(agent proxy egress policy);代理主机本身也必须能够访问列出的域名。有关详细信息,请参阅使用代理作为代理(using an agent as a proxy)。
| 域名 | 是否必需 |
|---|---|
| accounts.google.com | 始终需要。OAuth 认证必需 |
| spanner.googleapis.com | 始终需要。存在一个隐藏属性 Server,可用于覆盖此 URL |
| googleapis.com | 始终需要 |