CODEWITHSUNDEEP
google-bigquerygoogle-cloud-iam
Sekhar
Sekhar

Reputation: 699

How to restrict the table/view access in Bigquery?

Suppose I have 2 users available for the same project. The requirement is to restrict the table access in the same project to one user. How can it be managed it in Bigquery? what kind of access controls to be applied and how?

Thanks in advance.

Upvotes: 1

Views: 1726

Answers (2)

Sander van den Oord
Sander van den Oord

Reputation: 12808

Depending on requirements, and the strictness of them, this is what I do:

Grant the user access to a specific table within a dataset by granting the BigQuery Data Viewer role at the table level.
You can do this as follows:
-> Open the table in the console and click Share, then click Add Principal

Share table by adding principal


And to make it easier for the user to navigate the metadata of the table, such as schema, details and preview, I grant them the BigQuery Metadata Viewer role at the dataset level.
You should only do this of course if it is ok for the user to see which other tables within the dataset are there. (they can't see the data in the other tables, just the schema etc) The advantage is that it will be easier for the user to see the schema and a preview of the data.

More info can be found here:
https://cloud.google.com/bigquery/docs/table-access-controls

Upvotes: 0

Fremzy
Fremzy

Reputation: 370

You can use table level ACLS and set Bigquery roles/bigquery.dataViewer for users on the tables you wish to grant access. More details here https://cloud.google.com/bigquery/docs/table-access-controls-intro

This approach doesn't require creating a separate dataset(as a workaround for table level access) for access control which use to be the case earlier.

Upvotes: 1

Related Questions