How can I give permission to a user to access a table in a dataset in BigQuery and have the dataset appear in the project?

google-bigquery dataset google-iam

I would like to give access to a list of tables in a dataset (not all tables) to a user.

Here is my bigquery architecture :

|Project
  |-Dataset
    |-table1
    |-table2

Let's say I want my user to see only table1.

  1. If I add a data viewer IAM permission to my user at the dataset level, the hierarchical policy causes tables 1 and 2 to inherit the IAM permission, which is not good because he can see table2
  2. If I add a data viewer IAM permission to my user at the table level, the user can access the table1 via a link or query but cannot see the dataset in the BiqQuery UI

Is there a way to make table 1 and the dataset appear without table 2?


Solution 1:

A good solution:

  • Add an IAM metadataviewer at the dataset level.
  • Add an IAM dataviewer at the table level.

The client can see both tables (1 and 2) but can only access data from table1.

Related

How to add a displacement map to a point material in ThreeJS?
Clean up Active Directory [closed]
How to backup a full Centos Server?
vim re-edit as root
Unusually high dentry cache usage
Good book for a software developer doing part-time (Linux) system administration work [closed]
Configuring SuperMicro IPMI to use one of the LAN interfaces instead of the IPMI port?
Optimize apache/php/mysql running on VPS for heavy load
Securing PHP webservers
What are the benefits of running chef-server instead of chef-solo?
How To Tune Apache on Ubuntu 14.04 Server
How to authenticate Linux accounts against an Active Directory and mount a Windows share on login?