Set up a Google Drive data store

This page describes how to create a data store and connect Google Drive to Gemini Enterprise. This connection allows Gemini Enterprise to directly retrieve information from Google Drive. Since data isn't copied into the Vertex AI Search index, you don't need to manage data storage.

Before you begin

  • You must be signed into the Google Cloud console with the same account that you use for the Google Drive instance that you plan to connect. Gemini Enterprise uses your Google Workspace customer ID to connect to Google Drive.

  • To enforce data source access control and secure data in Gemini Enterprise, ensure that you have configured your identity provider.

  • Verify that all the documents are accessible, either by placing them in a shared drive that is owned by the domain or by assigning the ownership to a user in the domain.

  • Enable Google Workspace smart features in other Google products to connect Google Drive data to Gemini Enterprise. For information, see Turn Google Workspace smart features on or off.

Create the Google Drive data store

To create the Google Drive data store, perform the following steps:

  1. In the Google Google Cloud console, go to the Gemini Enterprise page. Gemini Enterprise

  2. Select or create a Google Cloud project.

  3. In the navigation menu, click Data stores.

  4. Click Create data store.

  5. In the Source section, search for Google Drive, and click Select.

  6. In the Data section:

    1. Specify the drive source for your data store:

      • All: To add your entire drive to the data store.
      • Specific shared drive(s): Add the shared drive's folder ID.
      • Specific shared folder(s): Add the shared folders' ID.

      To locate the shared drive's folder ID or a specific folder ID, navigate to the shared drive or folder and copy the ID from the URL. The URL follows this format: https://drive.google.com/corp/drive/folders/ID.

      For example, https://drive.google.com/corp/drive/folders/123456789012345678901.

  7. Click Continue.

  8. In the Configuration section:

    1. From the Multi-region list, select the location for your data connector.
    2. In the Data connector name field, enter a name for your connector.
    3. If you selected US or EU as the location, configure the Encryption settings:
      • Select Google-managed encryption key or Cloud KMS key.
      • If you selected Cloud KMS key:
        • In the Key management type list, select the appropriate type.
        • In the Cloud KMS key list, select the key.
      For more information, see Customer-managed encryption keys.

  9. Click Continue.

  10. In the Billing section, select General pricing or Configurable pricing. For more information, see Verify the billing status of your projects and Licenses.

  11. Click Create. Gemini Enterprise creates your data store and displays your data stores on the Data Stores page.

To verify the state of the data store, do the following:

  1. Navigate to the connector in the data store list and monitor its state until it changes to Active.
  2. When the data store state changes from Creating to Active, the Google Drive connector is ready to be used.

After creating the data store, create an app and connect it to the Google Drive data store before executing the query.

Query execution

After you authorize Google Drive, when you enter a search query:

  1. Gemini Enterprise sends your search query to the Google Drive API.

  2. Gemini Enterprise blends the results with those from other sources and displays them.

Error messages and troubleshooting

The following table describes error messages, including HTTP error codes and suggested troubleshooting steps, that you might encounter when working with this Google data source.

Error code Error message Description Troubleshooting
403 Permission Denied Searching using service account credentials isn't supported for Google Workspace data stores. The engine being searched has Google Workspace data stores, and the credentials passed are of a service account. Searching using service account credentials on Google Workspace data stores isn't supported. Call search using user credentials, or remove Google Workspace data stores from the engine.
403 Permission Denied Consumer accounts aren't supported for Google Workspace data stores. Search is called using a consumer account (@gmail.com) credential, which isn't supported for Google Workspace data stores. Remove Google Workspace data stores from the engine or use a managed Google Account.
403 Permission Denied Customer id mismatch for data store Search is only allowed for users who belong to same organization as Google Workspace data stores. Remove Google Workspace data stores from the engine or contact support if the user and Google Workspace data stores are meant to be in different organizations.
403 Permission Denied Workspace access for Agentspace disabled by organization administrator. A Google Workspace administrator has disabled access to Google Workspace data for Gemini Enterprise. Contact your Google Workspace administrator to [enable access](https://support.google.com/a/answer/16479199).

For common search issues that you encounter when querying your Google Drive data, see Common search issues.

What's next