Your retail company stores all partner sales in the BigQuery table retail.sales. A Google Group named [email protected] must build their own Looker Studio dashboards and occasionally query the data through JDBC-based BI tools, but they must only ever see rows where partner_id = 'VND123'. You need a scalable approach that automatically applies to every future query-no matter which client is used-without creating separate tables or managing report-level filters. What should you do?
Create an authorized view that selects rows where partner_id = 'VND123', grant the group access to the view, and instruct analysts to query the view instead of the base table.
Add a column-level security policy that tags partner_id as sensitive and denies access to that column for [email protected], ensuring they only see rows with their ID.
Configure a mandatory filter in all Looker Studio reports limiting partner_id to 'VND123' and rely on BI-tool-level filters for other clients.
Create a row-level access policy on retail.sales that filters on partner_id = 'VND123' and grant the [email protected] group access through the policy.
A BigQuery row-level access policy (row-level security) attaches a Boolean filter to a table and ties that filter to one or more principals. Whenever any query-whether from Looker Studio, the BigQuery UI, or an external JDBC/ODBC client-references the table, BigQuery rewrites the query to include the policy's filter, ensuring that only the permitted rows are returned. Creating such a policy with the predicate partner_id = 'VND123' and granting the [email protected] group to the policy satisfies the requirement without additional maintenance.
Column-level security hides columns, not rows, so it cannot enforce per-row restrictions. An authorized view would work but would require the analysts to remember to use the view and would not cover ad-hoc queries made directly against the base table. Relying on Looker Studio or other BI-tool filters leaves gaps because users could bypass the report and query the table directly.
Ask Bash
Bash is our AI bot, trained to help you pass your exam. AI Generated Content may display inaccurate information, always double-check anything important.
What is a row-level access policy in BigQuery?
Open an interactive chat with Bash
How is row-level security different from column-level security?
Open an interactive chat with Bash
Why is an authorized view not the best solution for this scenario?
Open an interactive chat with Bash
What is Row-Level Security in BigQuery?
Open an interactive chat with Bash
How does Row-Level Security differ from Column-Level Security?
Open an interactive chat with Bash
How is access granted for a Row-Level Security policy in BigQuery?
Open an interactive chat with Bash
GCP Professional Data Engineer
Preparing and using data for analysis
Your Score:
Report Issue
Bash, the Crucial Exams Chat Bot
AI Bot
Loading...
Loading...
Loading...
Pass with Confidence.
IT & Cybersecurity Package
You have hit the limits of our free tier, become a Premium Member today for unlimited access.
Military, Healthcare worker, Gov. employee or Teacher? See if you qualify for a Community Discount.
Monthly
$19.99
$19.99/mo
Billed monthly, Cancel any time.
3 Month Pass
$44.99
$14.99/mo
One time purchase of $44.99, Does not auto-renew.
MOST POPULAR
Annual Pass
$119.99
$9.99/mo
One time purchase of $119.99, Does not auto-renew.
BEST DEAL
Lifetime Pass
$189.99
One time purchase, Good for life.
What You Get
All IT & Cybersecurity Package plans include the following perks and exams .