1. From the main menu (three horizontal lines at the top left of the GCP console page) go to the "IAM & Admin" -> "Manage resources" page 
   
   
   
2. On the Select organization drop-down list at the top of the page, select the organization in which you want to create a project. Free trial users can skip this step, as this list does not appear.
   
   
3. Select "Create project"
   
   
   
4. In the New Project window that appears, enter a project name and select a billing account. 
   

   If you don't see a Billing account in the drop down, you can set one up following these instructions. Note that a project name can contain only letters, numbers, single quotes, hyphens, spaces, or exclamation points, and must be between 4 and 30 characters.

   
   
   
5. Enter the parent organization or folder in the Location box. That resource will be the hierarchical parent of the new project.
   
   
6. When you're finished entering new project details, click "Create"

Why use a Terra group for external access?

Each Terra user has a pre-built "Proxy" Group for accessing resources that exist outside of Terra. However, your proxy group is not very human-friendly. If you're looking at a list of users with access to an external GCS bucket, seeing that there's a grant to PROXY_11564882405514439@firecloud.org is not helpful unless you happen to have a way to figure out what user is associated with that Proxy Group. Instead, you can create a Terra group (with a sensible name) as a proxy for your proxy. if your registered Terra account is j_doe@someplace.org, create a Terra Group named j_doe_at_someplace_org. Don't add anyone else to this group. You can then make grants to j_doe_at_someplace_org@ fireclo ud.org . This is group contains one member, namely the proxy group for j_doe@someplace.org. This is much easier for a human to reason over.

1. Go to your Groups page ("Main menu" --> "Groups" from the top left of any page in Terra)
   
   
   
2. In the "Create a New Group" card, click on the blue "+" icon 
   
   
   
3. Enter your human-friendly user-ID (can be the same as your Terra login) and click the "Create Group" button
   
   Terra creates a mirrored Google group (your Terra ID plas your built-in proxy) you can use for interfacing with external resources (i.e. Google Cloud Platform). It is this mirrored group that Terra will use when interfacing with GCP directly.  
   

You'll see the full name in your list of Groups (below). In the next step, you'll grant permission for this group to access the cloud-native GCP you created in step 1:

This step allows you to work in the UI (i.e. a Terra notebook), while Terra acts on your behalf (as your "proxy") behind the scenes in the project you just set up in GCP. 

You will give your personal Terra group Editor permission (for more information about GCP permissions, see this article).

Note that if your Terra group includes additional people, you will want to be careful what permissions you grant the group. This is because 'Editors' can turn on a large number of services, including ones that can be expensive!

1. Go to "IAM" ->"Manage Resources" in your new GCP project and select “Add Member”
   
   
   
2. Add your human-friendly personal Terra group as a Member in your project permissions
   
   
   
3. Give the group Editor permissions
   

To learn more about the benefits of using external buckets for storing shared data resources, see this article. 

1. Go to GCP Storage Console
   
   
2. Select your GCP-native project from the dropdown. Click "Create bucket"
   
   
   

   	External GCP bucket configuration tips
   	In general, you can use the default values when setting up your external bucket. For customization details, see the Google documentation.

   
   When you are done, you will see your external bucket in the console!
   

When you're testing code, you may generate a lot of data that you don't want to keep (or pay for). To avoid having to clean up at the end of the day, you can set your storage bucket to delete the contents every day with the following steps.

1. Go to GCP Storage console at console.cloud.google.com/storage/browser
   
   
2. Select the bucket you want to set to automatically delete data by clicking the bucket name
   
   
   
3. Select the "Lifecycle" tab
   
   
   
4. Choose "ADD A RULE"
   
5. Follow the instructions to set up a custom rule

If you set up a rule to delete contents after 1 day, for example, you will see this

There are times when you may not want to keep shared data in a workspace bucket (particularly if you're sharing large numbers of large data files with a large group).

	Why use external buckets?
	To learn more about sharing large numbers of large data files with large groups, see this article.

	Example notebook
	For an end-to-end example of interacting with an external bucket, see this template notebook.

1. Go to BigQuery in the GCP console and select the native GCP project you created above
   
   
2. Select "Create Dataset"
   
   
   
3. In the dataset creation form, choose a unique dataset name and select the Default table expiration.
   In general, you would choose "Never". But if you are testing queries and saving those results as tables, you may generate a lot of tables that you don't want to keep (or pay for). To avoid having to clean up those tables at the end of the day, you can create a BigQuery dataset for test results that auto deletes its tables after a period of time has elapsed.
   
   
   
4. You will see your new Big Query dataset in the Resources section on the far left
   

Note that before you can load data to BigQuery, you must have at least WRITE access permission to an existing BQ dataset. If you have set up your own BigQuery dataset (above), you will automatically have those permissions. 

	Example notebook
	See an Example notebook in a public Terra workspace