> ## Documentation Index
> Fetch the complete documentation index at: https://docs.streamnative.io/llms.txt
> Use this file to discover all available pages before exploring further.
# Open Catalog for Iceberg on GCP
This guide describes how to prepare a Snowflake Open Catalog (Polaris) for use with StreamNative Ursa as an Iceberg catalog on Google Cloud Platform (GCP).
> **Important:** Polaris does not support reading buckets from a different region. The StreamNative Ursa cluster, the GCS bucket, and the Polaris catalog must all reside in the **same region**.
## Prerequisites
* A Snowflake standard account
* A GCP project with permissions to create GCS buckets and IAM roles
* Access to the Snowflake Open Catalog feature
## 1. Create a Snowflake Open Catalog Account
The Snowflake Open Catalog console requires a dedicated **Open Catalog** account. From the standard Snowflake console, navigate to **Admin -> Accounts** and use the toggle to **Create Snowflake Open Catalog Account**.
Configure the account with:
* **Cloud:** GCP
* **Region:** the region in which your GCS bucket resides
* **Edition:** any
Provide an admin username and password.
After creation, click the **Account URL** to sign in to the Open Catalog console.
## 2. Create the Polaris Catalog
In the Snowflake Open Catalog console, create a new catalog.
Configure the catalog with:
* **External:** disabled
* **Storage provider:** GCS
* **Default base location:** the GCS path used by the Ursa cluster (`gs:///`)
Open the catalog details and record the **GCP\_SERVICE\_ACCOUNT** value. Polaris uses this service account to access GCS, so it must be granted permission on the bucket.
## 3. Grant Bucket Permissions to the Polaris Service Account
### 3.1 Create a Custom IAM Role
In the GCP console, navigate to **IAM & Admin -> Roles -> Create role** and add the following permissions:
* `storage.buckets.get`
* `storage.objects.create`
* `storage.objects.delete`
* `storage.objects.get`
* `storage.objects.list`
### 3.2 Assign the Role to the Polaris Service Account
Open the bucket, navigate to **PERMISSIONS -> View BY PRINCIPALS -> GRANT ACCESS**.
Add the **GCP\_SERVICE\_ACCOUNT** from step 3, choose the role created in step 4.1, and click **SAVE**.
## 4. Create a Connection (Service Principal)
In the Open Catalog console, create a new connection that StreamNative Ursa will use to authenticate.
Configure with:
* **Name:** any name
* **Create new principal role:** enabled
* **Principal Role Name:** any name
After creation, record the **Client ID** and **Client Secret** -- the secret cannot be retrieved later.
## 5. Create a Catalog Role and Grant Privileges
Navigate to **Catalogs -> \[your catalog] -> Roles -> + Catalog Role** and create a role with the following privileges:
* `NAMESPACE_CREATE`
* `NAMESPACE_LIST`
* `NAMESPACE_READ_PROPERTIES`
* `NAMESPACE_WRITE_PROPERTIES`
* `TABLE_LIST`
* `TABLE_CREATE`
* `TABLE_WRITE_DATA`
* `TABLE_READ_DATA`
* `TABLE_READ_PROPERTIES`
* `TABLE_WRITE_PROPERTIES`
Click **Grant to Principals Role** and grant the catalog role to the principal role created in step 5.
For background on the relationship between catalogs, catalog roles, principal roles, and principals, see the [Polaris Quick Start](https://polaris.io/#section/Quick-Start/Defining-a-Catalog).
## Catalog Information Summary
When the steps above are complete, collect the following values for the StreamNative Ursa compaction service:
| Value | Description |
| -------------------- | -------------------------------------------------------------------------------------------------------------------------------------------------------------- |
| `iceberg.uri` | Polaris REST endpoint (e.g., `https://..gcp.snowflakecomputing.com/polaris/api/catalog`). The format follows the URL of your Polaris console. |
| `iceberg.warehouse` | The Polaris catalog name created in step 3 |
| `iceberg.credential` | `:` from step 5 |
| `iceberg.scope` | `PRINCIPAL_ROLE:ALL` |
For the next steps, see [Configure Lakehouse Catalogs](../../../configure-lakehouse-catalogs).