Answer-first summary for fast verification
Answer: Create a custom role by removing delete permissions, add users to a group, and then add the group to the custom role.
Option D is correct because it involves creating a custom role with no delete permissions and managing access through groups, which is a best practice for efficient and secure access management. This approach prevents accidental deletions and simplifies user management. Options A, B, and C are incorrect as they either allow deletion permissions or do not follow the best practice of group-based access management. For more details, refer to [Google Cloud's BigQuery access control documentation](https://cloud.google.com/bigquery/docs/access-control).
Author: LeetQuiz Editorial Team
Ultimate access to all questions.
No comments yet.
As a member of the Data Engineering team at an e-commerce company, you're overseeing a BigQuery dataset with user activity data. Another team requests access to this dataset, but you need to ensure they cannot accidentally delete any datasets. What are the recommended best practices to grant them access?
A
Create a custom role by removing delete permissions and add users to that role only.
B
Provide users with the roles/bigquery dataEditor role only, instead of roles/bigquery dataOwner.
C
Provide users with roles/bigquery user role only, instead of roles/bigquery dataOwner.
D
Create a custom role by removing delete permissions, add users to a group, and then add the group to the custom role.