Your company's retail analytics platform uses a Cloud Storage bucket for raw files, a Dataflow streaming pipeline, and several BigQuery datasets. Developers currently deploy experimental code and run ad-hoc queries in the same production project, which has resulted in accidental table deletions and exposure of customer PII. You must redesign the environment so that:
Production data cannot be modified from development workflows.
Developers can still run realistic tests without accessing PII.
Ongoing administration effort is minimized. Which approach best meets these requirements?
Keep everything in the production project and use separate VPC networks for dev and prod pipelines; enable Cloud Storage object versioning to recover from accidental deletions while leaving current BigQuery permissions unchanged.
Retain a single project but create separate BigQuery datasets for dev and prod; apply row-level security to hide PII and grant developers the BigQuery DataOwner role on both datasets for flexibility.
Create separate Google Cloud projects for development and production, run each Dataflow job with its own service account, grant developers BigQuery DataViewer on an authorized view that exposes only de-identified production data, and give them broader permissions only in the development project.
Export full production tables nightly to Cloud Storage, load them into a development dataset in the same project, and encrypt them with CMEK instead of changing IAM boundaries.
Creating distinct Google Cloud projects for development and production gives each environment its own IAM policy, quotas, and billing, guaranteeing that an error in development cannot affect production data. Running each Dataflow pipeline with a dedicated service account that has only the permissions it needs enforces least privilege. In production, exposing the data to developers through an authorized BigQuery view that omits or masks sensitive columns lets them work with representative data while preventing direct access to PII. Granting developers only the BigQuery Data Viewer role on that view, and higher-level roles (for example, BigQuery Data Editor) only in the development project, limits the attack surface and administrative overhead. The other choices leave both environments in a single project or continue to grant excessive permissions, so they fail to isolate production or to adequately protect sensitive data, or they introduce unnecessary data-copy operations that increase operational complexity.
Ask Bash
Bash is our AI bot, trained to help you pass your exam. AI Generated Content may display inaccurate information, always double-check anything important.
What is an authorized BigQuery view?
Open an interactive chat with Bash
How do service accounts enhance security in Google Cloud?
Open an interactive chat with Bash
Why is project separation important in Google Cloud?
Open an interactive chat with Bash
GCP Professional Data Engineer
Designing data processing systems
Your Score:
Report Issue
Bash, the Crucial Exams Chat Bot
AI Bot
Loading...
Loading...
Loading...
Pass with Confidence.
IT & Cybersecurity Package
You have hit the limits of our free tier, become a Premium Member today for unlimited access.
Military, Healthcare worker, Gov. employee or Teacher? See if you qualify for a Community Discount.
Monthly
$19.99
$19.99/mo
Billed monthly, Cancel any time.
3 Month Pass
$44.99
$14.99/mo
One time purchase of $44.99, Does not auto-renew.
MOST POPULAR
Annual Pass
$119.99
$9.99/mo
One time purchase of $119.99, Does not auto-renew.
BEST DEAL
Lifetime Pass
$189.99
One time purchase, Good for life.
What You Get
All IT & Cybersecurity Package plans include the following perks and exams .