Auf dieser Seite erfahren Sie, wie Sie ein Google Cloud-Projekt erstellen, AML-KI aktivieren, Anmeldedaten erstellen und Ihrem Konto eine oder mehrere IAM-Rollen zuweisen.
- Sign in to your Google Cloud account. If you're new to Google Cloud, create an account to evaluate how our products perform in real-world scenarios. New customers also get $300 in free credits to run, test, and deploy workloads.
- Install the Google Cloud CLI.
-
If you're using an external identity provider (IdP), you must first sign in to the gcloud CLI with your federated identity.
-
To initialize the gcloud CLI, run the following command:
gcloud init -
Create or select a Google Cloud project.
-
Create a Google Cloud project:
gcloud projects create PROJECT_ID
Replace
PROJECT_IDwith a name for the Google Cloud project you are creating. -
Select the Google Cloud project that you created:
gcloud config set project PROJECT_ID
Replace
PROJECT_IDwith your Google Cloud project name.
-
-
Make sure that billing is enabled for your Google Cloud project.
-
Enable the required APIs:
gcloud services enable financialservices.googleapis.com
bigquery.googleapis.com cloudkms.googleapis.com -
If you're using a local shell, then create local authentication credentials for your user account:
gcloud auth application-default login
You don't need to do this if you're using Cloud Shell.
If an authentication error is returned, confirm that you have configured the gcloud CLI to use Workforce Identity Federation.
-
Grant roles to your user account. Run the following command once for each of the following IAM roles:
roles/financialservices.admin, roles/cloudkms.admin, roles/bigquery.admingcloud projects add-iam-policy-binding PROJECT_ID --member="user:USER_IDENTIFIER" --role=ROLE
- Replace
PROJECT_IDwith your project ID. -
Replace
USER_IDENTIFIERwith the identifier for your user account. For example,user:myemail@example.com. - Replace
ROLEwith each individual role.
- Replace
- Install the Google Cloud CLI.
-
If you're using an external identity provider (IdP), you must first sign in to the gcloud CLI with your federated identity.
-
To initialize the gcloud CLI, run the following command:
gcloud init -
Create or select a Google Cloud project.
-
Create a Google Cloud project:
gcloud projects create PROJECT_ID
Replace
PROJECT_IDwith a name for the Google Cloud project you are creating. -
Select the Google Cloud project that you created:
gcloud config set project PROJECT_ID
Replace
PROJECT_IDwith your Google Cloud project name.
-
-
Make sure that billing is enabled for your Google Cloud project.
-
Enable the required APIs:
gcloud services enable financialservices.googleapis.com
bigquery.googleapis.com cloudkms.googleapis.com -
If you're using a local shell, then create local authentication credentials for your user account:
gcloud auth application-default login
You don't need to do this if you're using Cloud Shell.
If an authentication error is returned, confirm that you have configured the gcloud CLI to use Workforce Identity Federation.
-
Grant roles to your user account. Run the following command once for each of the following IAM roles:
roles/financialservices.admin, roles/cloudkms.admin, roles/bigquery.admingcloud projects add-iam-policy-binding PROJECT_ID --member="user:USER_IDENTIFIER" --role=ROLE
- Replace
PROJECT_IDwith your project ID. -
Replace
USER_IDENTIFIERwith the identifier for your user account. For example,user:myemail@example.com. - Replace
ROLEwith each individual role.
- Replace
Erforderliche Berechtigungen
Die folgenden Berechtigungen sind für die Einstiegsleitfaden und für viele wichtige Vorgänge in der KI für die Geldwäscheprävention erforderlich.
| Berechtigung | Beschreibung |
|---|---|
resourcemanager.projects.get | Google Cloud-Projekt erhalten |
resourcemanager.projects.list | Google Cloud-Projekte auflisten |
cloudkms.keyRings.create | Cloud KMS-Schlüsselbund erstellen |
cloudkms.cryptoKeys.create | Cloud KMS-Schlüssel erstellen |
financialservices.v1instances.create | AML AI-Instanz erstellen |
financialservices.operations.get | AML AI-Vorgang abrufen |
cloudkms.cryptoKeys.getIamPolicy | IAM-Richtlinie für einen Cloud KMS-Schlüssel abrufen |
cloudkms.cryptoKeys.setIamPolicy | IAM-Richtlinie für einen Cloud KMS-Schlüssel festlegen |
bigquery.datasets.create | BigQuery-Dataset erstellen |
bigquery.datasets.get | BigQuery-Dataset abrufen |
bigquery.transfers.get | BigQuery Data Transfer Service-Übertragung erhalten |
bigquery.transfers.update | BigQuery Data Transfer Service-Übertragung erstellen oder löschen |
bigquery.datasets.setIamPolicy | IAM-Richtlinie für ein BigQuery-Dataset festlegen |
bigquery.datasets.update | BigQuery-Dataset aktualisieren |
financialservices.v1datasets.create | AML AI-Dataset erstellen |
financialservices.v1engineconfigs.create | AML AI-Engine-Konfiguration erstellen |
financialservices.v1models.create | AML AI-Modell erstellen |
financialservices.v1backtests.create | AML AI-Backtestergebnis erstellen |
financialservices.v1backtests.exportMetadata | Metadaten aus einem AML-KI-Backtestergebnis exportieren |
financialservices.v1instances.importRegisteredParties | Registrierte Parteien in eine AML-KI-Instanz importieren |
financialservices.v1predictions.create | AML AI-Vorhersageergebnis erstellen |
bigquery.jobs.create | BigQuery-Job erstellen |
bigquery.tables.getData | Daten aus einer BigQuery-Tabelle abrufen |
financialservices.v1predictions.delete | AML-KI-Vorhersageergebnis löschen |
financialservices.v1backtests.delete | AML-KI-Backtestergebnis löschen |
financialservices.v1models.delete | AML AI-Modell löschen |
financialservices.v1engineconfigs.delete | AML AI-Engine-Konfiguration löschen |
financialservices.v1datasets.delete | AML AI-Dataset löschen |
financialservices.v1instances.delete | AML AI-Instanz löschen |
bigquery.datasets.delete | BigQuery-Dataset löschen |