BigQuery - Granting Read Permission, but not Dataset Creation Privileges

0
votes

Is there a way to grant users the ability to view and query tables in a specific dataset (and only that dataset), without granting them the ability to also create new datasets within the overall project?

I'm trying to give access to a third party to integrate with a very specific subset of our data.

The documentation I've been reading is here: https://cloud.google.com/bigquery/docs/access-control#bigquery.user

2
google-bigquery

2 Answers

0
votes

You can share the specific dataset with your 3rd parties by. Using the web UI:

Dataset -> Share Dataset -> Email/user -> "Can View"

Add the user as viewer. They can now see and query (using their own Google account) the tables in your dataset, but not create anything in your project.

0
votes

They should have the role bigquery.jobUser.

This gives them the permission to query but not the ability to create datasets.

This role is applied at the org and dataset level.

https://cloud.google.com/bigquery/docs/access-control#bigquery.jobUser