Answer-first summary for fast verification
Answer: Create a dataset named Master dataset. Create a separate view for each department in the Master dataset. Give employees access to the specific view for their department.
Option C is the most efficient and secure method to enforce department-specific data access within the BigQuery 'Master' dataset. By creating separate views for each department within the same dataset, you leverage BigQuery's built-in security features without the need for data duplication or complex pipeline setups. Each view can be configured with a WHERE clause to filter data by department, and access permissions can be granted directly to these views. This approach minimizes administrative overhead, ensures data consistency by referencing the original dataset, and adheres to the principle of least privilege by restricting users to only the data relevant to their department.
Author: LeetQuiz Editorial Team
Ultimate access to all questions.
How can you implement a security framework in BigQuery to restrict employees' access to only their department's travel and expense data within the "Master" dataset, while minimizing the number of configuration steps?
A
Create a separate dataset for each department. Create a view with an appropriate WHERE clause to select records from a particular dataset for the specific department. Authorize this view to access records from your Master dataset. Give employees the permission to this department-specific dataset.
B
Create a separate dataset for each department. Create a data pipeline for each department to copy appropriate information from the Master dataset to the specific dataset for the department. Give employees the permission to this department-specific dataset.
C
Create a dataset named Master dataset. Create a separate view for each department in the Master dataset. Give employees access to the specific view for their department.
D
Create a dataset named Master dataset. Create a separate table for each department in the Master dataset. Give employees access to the specific table for their department.
No comments yet.