Mastering BigQuery Access Management

It is becoming more and more important to have thoughtful security policies in place to protect access to your data. Google Cloud gives you a wide range of tools for controlling access to the data that you have stored in BigQuery, and so I’ve created a short video series to showcase the various options you have for sharing and restricting your data.

This video series will teach you everything you need to know about managing access to the data you have stored in BigQuery!

What You’ll Learn in this Series

Here is a quick summary of the topics that are covered in the series:

1) Roles and Permissions in Google Cloud

Google Cloud is big, and this series is specifically about BigQuery. However, BigQuery is one product of many that make up the Google Cloud Platform, and so I start by showing how BigQuery fits into the larger picture with a deep dive into roles and permissions.

2) How Do You Grant Access to only a Subset of your Data (specific tables, views, or datasets) in BigQuery?

There are two ways to share access to only a subset of your data: resource permissions and dataset tags. In this series I will walk through examples of each, and share some best practices to help you decide which option is best for your use case.

3) What are Authorized Views, and When Should I Use Them?

Authorized views allow you to grant access to the results of a query WITHOUT granting access to the underlying data. They are useful for aggregating data, ensuring your end users are running optimized queries, and restrict access to sensitive information all at the same time. However if all you are trying to do is restrict access to sensitive data in columns or rows, they may not be the best solution for you. In this series I will show you how to create authorized views, and discuss when to use them.

4) How Do You Restrict Access to a Column in a BigQuery Table?

You can use policy tags to verify that a user has the proper access to query a column that contains sensitive data. You can choose to return an “access denied” message to the user, or instruct the query to return data that has been hashed. In this series I will show you examples of each so that you can choose the right approach for you.

5) How Do You Restrict Access to Certain Rows in a BigQuery Table?

Row Access Policies allow you to apply automatic filters to the data in a table, depending on the principal that is attempting to run the query. They are useful for sharing data with multiple users, while restricting the rows that each user is able to view. In this series I will show an example of creating and testing a row access policy.

6) What Are Data Clean Rooms, and How Does BigQuery Support Them?

Data clean rooms are likely to become an important part of your data access policy in the future. They allow you to share data that contains private information in a way that prevents your end users from actually viewing that private information. In this series I will walk through an example of a problem that a data clean room can solve.


Watch the Series Now

I’ve hosted this series on Thinkific.

Create a free account to watch now!

DURATION: 1 hr 40 minutes


Next
Next

How Conversions are Modeled in Google Analytics 4