Answer-first summary for fast verification
Answer: Create authorized views for each team in the same dataset in which the data resides, and assign the users/groups data viewer access to the authorized views
The correct option is C. Authorized views in BigQuery are specifically designed to manage fine-grained access control based on team memberships. By creating authorized views for each team in the same dataset where the data resides, you can grant the users/groups data viewer access to these views. This ensures that users can only see the data relevant to their team without having direct access to the source tables. While option A allows table-level access, it lacks the granularity needed for fine-tuned permissions, and options B and D either complicate the setup or do not align with the best practices for data governance.
Author: LeetQuiz Editorial Team
Ultimate access to all questions.
No comments yet.
You are in the process of migrating your data warehouse to Google BigQuery, a scalable, fully-managed data warehouse service on the Google Cloud Platform. You have successfully transferred all your data into various tables within a specific dataset in BigQuery. Multiple teams across your organization will need to access and use this data. However, to comply with data governance policies, each team should only have access to certain tables that are relevant to their roles and responsibilities. How should you configure user permissions in BigQuery to ensure that team members see only the tables they are authorized to view based on their team membership?
A
Assign the users/groups data viewer access at the table level for each table
B
Create SQL views for each team in the same dataset in which the data resides, and assign the users/groups data viewer access to the SQL views
C
Create authorized views for each team in the same dataset in which the data resides, and assign the users/groups data viewer access to the authorized views
D
Create authorized views for each team in datasets created for each team. Assign the authorized views data viewer access to the dataset in which the data resides. Assign the users/groups data viewer access to the datasets in which the authorized views reside