Your organization uses BigQuery to process highly sensitive, structured datasets. Following the “need to know” principle, you need to create the Identity and Access Management (IAM) design to meet the needs of these users:
• Business user: must access curated reports.
• Data engineer: must administrate the data lifecycle in the platform.
• Security operator: must review user activity on the data platform.
What should you do?
To meet the needs of the specified users while adhering to the 'need to know' principle, you should create curated tables in a separate dataset and assign the role roles/bigquery.dataViewer. This ensures that business users can access only the curated reports they need. The data engineers can handle the data lifecycle management without unrestricted access to all data. This approach provides clear and granular access control, aligning well with the principle of giving users access only to the data they need.
Correction. The most correct answer would be C. Create curated tables in a separate dataset and assign the role roles/bigquery.dataViewer. This option directly addresses the needs of the business user who must access curated reports. By creating curated tables in a separate dataset, you can control access to specific data. Assigning the roles/bigquery.dataViewer role allows the business user to view the data in BigQuery. While option A is also a good practice for a security operator, it doesn’t directly address the specific needs of the users mentioned in the question as effectively as option C does. Therefore, if you can only choose one answer, option C would be the most correct.
A. Configure data access log for BigQuery services, and grant Project Viewer role to security operator. This allows the security operator to review user activity on the data platform. C. Create curated tables in a separate dataset and assign the role roles/bigquery.dataViewer. This allows the business user to access curated reports. The data engineer can administrate the data lifecycle in the platform.
Both Option A and Option C can be effective for different reasons. Option A offers simplicity and aligns with "need to know" for most users, while Option C provides more granular control over data access but requires additional configuration.
Sorry I wanted to vote for A
Option A (data access logs and Project Viewer for security) offers a simpler path to achieve "need to know" for business users and data engineers while providing the security operator with visibility into user activity.
A is the correct!
Answer C: Data Access audit logs—except for BigQuery Data Access audit logs—are disabled by default because audit logs can be quite large.