Your SaaS platform stores all customer telemetry in a central BigQuery table. Requirements:
Support engineers must see only the rows for the customer account they are assigned (account_id).
Data scientists need unrestricted access to non-PII columns for all customers.
PII columns (email, phone) must be visible only to the compliance team.
You want to avoid data duplication and the operational overhead of hundreds of authorized views.
Which design best meets these constraints while following Google-recommended data governance practices?
Store each customer's data in a separate table inside its own dataset; give support engineers access to their customer's dataset, and let data scientists query a UNION ALL authorized view across all datasets while PII remains in the underlying tables.
Partition the telemetry table by account_id and grant each support engineer a dataset-level role scoped to the relevant partition; mask PII columns with scheduled queries that overwrite the table each night.
Keep a single telemetry table; create a row-level security policy filtering on account_id for the support-engineer group, and apply Data Catalog policy tags to PII columns so that only the compliance group can read those columns. Grant full table access to data scientists.
Maintain two telemetry tables: one complete table in a restricted dataset for compliance and a second table with PII columns removed for general users; synchronize the tables with a daily Dataflow job.
A single BigQuery table can satisfy multi-tenant row isolation and selective column masking without copies. You attach a row-level security policy that filters on account_id and grants it only to the support-engineer group, ensuring they see only their customer's rows. Column-level security is enforced by tagging the PII columns with a Data Catalog policy tag and granting tag access only to the compliance group; other users receive NULLs for those columns. Data scientists are granted table access but not the tag, so they see every customer's non-PII columns. This solution avoids per-customer views or duplicated tables. Choices that create separate tables, datasets, or materialized copies increase maintenance effort and violate the minimization requirement, while partitioning alone cannot hide PII columns.
Ask Bash
Bash is our AI bot, trained to help you pass your exam. AI Generated Content may display inaccurate information, always double-check anything important.
What are Data Catalog policy tags in BigQuery?
Open an interactive chat with Bash
How does row-level security in BigQuery work?
Open an interactive chat with Bash
Why is avoiding data duplication important in BigQuery design?
Open an interactive chat with Bash
GCP Professional Data Engineer
Designing data processing systems
Your Score:
Report Issue
Bash, the Crucial Exams Chat Bot
AI Bot
Loading...
Loading...
Loading...
Pass with Confidence.
IT & Cybersecurity Package
You have hit the limits of our free tier, become a Premium Member today for unlimited access.
Military, Healthcare worker, Gov. employee or Teacher? See if you qualify for a Community Discount.
Monthly
$19.99
$19.99/mo
Billed monthly, Cancel any time.
3 Month Pass
$44.99
$14.99/mo
One time purchase of $44.99, Does not auto-renew.
MOST POPULAR
Annual Pass
$119.99
$9.99/mo
One time purchase of $119.99, Does not auto-renew.
BEST DEAL
Lifetime Pass
$189.99
One time purchase, Good for life.
What You Get
All IT & Cybersecurity Package plans include the following perks and exams .