CODEWITHSUNDEEP
google-cloud-platformgoogle-bigquerygcloud
Bongsky
Bongsky

Reputation: 503

GCP - gcloud List all accounts and the dataset it has access to

I am currently implementing an audit process in our organization wherein we want to know all the dataset a particular service account has access to in Google BigQuery.

I did manage to look for a gcloud command:

gcloud iam service-accounts list

But its just listing all the service account names and emails. If you could redirect me to a reference that would be really helpful

Thanks!

Upvotes: 0

Views: 2512

Answers (1)

FridayPush
FridayPush

Reputation: 916

Your best bet would be to use the BigQuery CLI tool 'bq'. From BQ you can list all datasets in a project, and filter based on applied labels to those datasets using commands similar to:

bq ls
bq ls --filter labels.environment:prod

You can see the details of a dataset using

bq show datasetname

or

bq show --project_id 'my-project-1234' datasetname

Which will provide an output similar to:

  Last modified              ACLs              Labels 
----------------- --------------------------- --------   16 Oct 13:45:32   
Owners:
                      projectOwners,
                      [email protected]
                    Writers:
                      projectWriters
                    Readers:
                      [email protected],
                      projectReaders

Details about the BQ CLI tool are here. Here's my main suggestion, append the --format=json flag onto the end. Which will return all responses as json and allows easier bash scripting or use of tools like jq to process the response.

Upvotes: 2

Related Questions