Welcome to ExamTopics
ExamTopics Logo
- Expert Verified, Online, Free.
Mail Us[email protected]
Menu
Google Discussions
exam questions

Exam Professional Data Engineer All Questions

View all questions & answers for the Professional Data Engineer exam
Go to Exam

Exam Professional Data Engineer topic 1 question 149 discussion

Actual exam question from Google's Professional Data Engineer
Question #: 149
Topic #: 1
[All Professional Data Engineer Questions]

You are migrating your data warehouse to BigQuery. You have migrated all of your data into tables in a dataset. Multiple users from your organization will be using the data. They should only see certain tables based on their team membership. How should you set user permissions?

  • A. Assign the users/groups data viewer access at the table level for each table
  • B. Create SQL views for each team in the same dataset in which the data resides, and assign the users/groups data viewer access to the SQL views
  • C. Create authorized views for each team in the same dataset in which the data resides, and assign the users/groups data viewer access to the authorized views
  • D. Create authorized views for each team in datasets created for each team. Assign the authorized views data viewer access to the dataset in which the data resides. Assign the users/groups data viewer access to the datasets in which the authorized views reside
Show Suggested Answer Hide Answer
Suggested Answer: A 🗳️
by madhu1171 at March 15, 2020, 5:19 p.m.

Comments

Chosen Answer:
This is a voting comment (?) , you can switch to a simple comment.
Switch to a voting comment New
Submit Cancel
someshsehgal
Highly Voted 3 years, 9 months ago
Correct A: A . Now it is feasible to provide table level access to user by allowing user to query single table and no other table will be visible to user in same dataset.
upvoted 40 times
BigDataBB
7 months, 2 weeks ago
the request says "team membership", so access depends on the team and not the user
upvoted 1 times
...
Shiv_am
3 years, 3 months ago
A is not at all possible
upvoted 2 times
squishy_fishy
3 years, 1 month ago
It is possible for about a year now. https://cloud.google.com/bigquery/docs/table-access-controls-intro#example_use_case
upvoted 8 times
...
...
alecuba16
2 years, 4 months ago
The problem is that option A has a lot of work for the DevOps, meanwhile option D is easier to manage. The view is like having a shortcut to the same data, but with different permissions
upvoted 2 times
cetanx
1 year, 5 months ago
According to Chat GPT, it is also D. And it explains why it shouldn't be "A" as; Granularity: While you can assign access permissions at the table level, it doesn't allow for fine-grained access control. For example, if you want to restrict access to certain columns or rows within a table based on user or group, table-level permissions would not be sufficient. Scalability: In organizations with many tables and users, managing permissions at the table level can quickly become unwieldy. You would need to individually set permissions for each user for each table, which can be time-consuming and error-prone. Security: Table-level permissions expose the entire table to a user or a group. If the data in the table changes over time, users might get access to data they shouldn't see. With authorized views, you have more control over what data is exposed. Maintenance: If the structure of your data changes (for instance, if tables are added or removed, or if the schema of a table changes), you would need to manually update the permissions for each affected table.
upvoted 3 times
...
...
jits1984
3 years ago
Should still be D. Question states - "They should only see certain tables based on their team membership" Option A states - Assign the users/groups data viewer access at the table level for each table With A, everyone will see every table. Hence D.
upvoted 11 times
...
...
madhu1171
Highly Voted 4 years, 8 months ago
D should be the answer
upvoted 27 times
squishy_fishy
3 years, 1 month ago
There is only one dataset mentioned in the question here. "You have migrated all of your data into tables in a dataset"
upvoted 3 times
...
ducc
2 years, 2 months ago
It is updated, now A is correct
upvoted 1 times
...
...
SamuelTsch
Most Recent 4 weeks ago
Selected Answer: A
Table level access could be done in bigquery.
upvoted 1 times
...
JamesKarianis
3 months, 1 week ago
Selected Answer: D
Recommended approach
upvoted 1 times
...
dsyouness
5 months, 3 weeks ago
Selected Answer: D
Should be D.
upvoted 2 times
...
MaxNRG
11 months, 1 week ago
Selected Answer: D
https://cloud.google.com/solutions/migration/dw2bq/dw-bq-data-governance When you create the view, it must be created in a dataset separate from the source data queried by the view. Because you can assign access controls only at the dataset level, if the view is created in the same dataset as the source data, your users would have access to both the view and the data. https://cloud.google.com/bigquery/docs/authorized-views This approach aligns with the Google Cloud best practices for data governance, ensuring that users can only access the data intended for them without having direct access to the source tables. Authorized views serve as a secure interface to the underlying data, and by placing these views in separate datasets per team, you can manage permissions effectively at the dataset level.
upvoted 4 times
...
lokiinaction
1 year ago
but the question said that all data are copied into one dataset. so it should be C
upvoted 1 times
...
spicebits
1 year ago
A is the best answer for security as stated in the documentation - https://cloud.google.com/bigquery/docs/row-level-security-intro#comparison_of_authorized_views_row-level_security_and_separate_tables
upvoted 2 times
...
EsaP
1 year, 2 months ago
A is a better fit than D for this case
upvoted 1 times
...
barnac1es
1 year, 2 months ago
Selected Answer: C
Authorized Views: Authorized views in BigQuery allow you to control access to specific rows and columns within a table. This means you can create views for each team that restrict access to only the data relevant to that team. Single Dataset: Keeping all the authorized views and the underlying data in the same dataset simplifies management and access control. It avoids the need to create multiple datasets, making the permission management process more straightforward. Option A (assigning data viewer access at the table level) would not provide the granularity you need, as it would allow users to see all tables in the dataset. This does not align with the requirement to restrict access based on team membership.
upvoted 1 times
...
arien_chen
1 year, 3 months ago
Selected Answer: D
https://cloud.google.com/bigquery/docs/share-access-views#:~:text=the%20source%20data.-,Authorized%20views,-should%20be%20created For best practice, Option D is bettern than others.
upvoted 1 times
...
midgoo
1 year, 8 months ago
Selected Answer: A
[A] is correct if it is for individual table However, in practice we normally do [C] as most of the time, the view is a JOIN of a few tables or a subset of the table (some columns removed)
upvoted 1 times
...
musumusu
1 year, 9 months ago
Answer A, Trick here is, if question is not asking for data level Access such as some rows or columns, don't go for authorized view in that case i would go for C. If it's Table level request only in question, then A is simple answer
upvoted 1 times
...
zellck
1 year, 11 months ago
Selected Answer: A
A is the answer. https://cloud.google.com/bigquery/docs/control-access-to-resources-iam#grant_access_to_a_table_or_view
upvoted 1 times
...
gudiking
2 years ago
Selected Answer: A
A - table level access control now exists: https://cloud.google.com/bigquery/docs/table-access-controls-intro#example_use_case
upvoted 1 times
...
Transscend
2 years ago
A. Please see: https://cloud.google.com/bigquery/docs/table-access-controls-intro#example_use_case
upvoted 1 times
...
John_Pongthorn
2 years, 2 months ago
Selected Answer: A
https://cloud.google.com/bigquery/docs/table-access-controls-intro Don't think too much ,there is nothing to do with view, the question refer to table obviousely. Assume that User see certain table so he can see everything in such a table
upvoted 1 times
...
Load full discussion...

Get IT Certification

Unlock free, top-quality video courses on ExamTopics with a simple registration. Elevate your learning journey with our expertly curated content. Register now to access a diverse range of educational resources designed for your success. Start learning today with ExamTopics!

Start Learning for free
Community vote distribution
A (35%)
C (25%)
B (20%)
Other
Most Voted
A voting comment increases the vote count for the chosen answer by one.

Upvoting a comment with a selected answer will also increase the vote count towards that answer by one. So if you see a comment that you already agree with, you can upvote it instead of posting a new comment.

SaveCancel