Exam Professional Cloud Developer topic 1 question 30 discussion

For me option c is correct. create view is easy on one dataset with appropriate where clause. And give permission to department. Create different dataset(option A) for department is create more steps where question denying it.

I think that answer A) is better than B) Authorized views being in the department-specific dataset will be able to read data from the master dataset(https://cloud.google.com/bigquery/docs/share-access-views). And Cloud IAM can set access on dataset level (https://cloud.google.com/bigquery/docs/dataset-access-controls)

A is correct. with common view users should have acces to source tables but with authorized view they do not.

I think that "A" is the best solution, "C" could be too but the dataset Master already exists.

C. Create a dataset named Master dataset. Create a separate view for each department in the Master dataset. Give employees access to the specific view for their department. This option is the most straightforward and requires the fewest steps to implement row-level security in BigQuery. By creating a view for each department with an appropriate WHERE clause that filters records based on the department, you can ensure that employees only see data that's relevant to them. The views act as a secure interface to the underlying data. You then grant each employee access to the view of their respective department. This method minimizes the number of datasets and tables you have to manage and leverages BigQuery's built-in access control mechanisms.

Handling one, big dataset is surely easier than maintaining many smaller ones.

rly, I don't understand why C says "Create a dataset name Master" wtf, I have the dataset already

correct answer is C. In the link you proposed about access view is clearly stated that you can prevent access to the underlying dataset and give access only to data that is in the view after applying the query.

correct answer is C. In the link you proposed about access view is clearly stated that you can prevent access to the underlying dataset and give access only to data that is in the view after applying the query. (https://cloud.google.com/bigquery/docs/share-access-views)

This approach allows you to maintain a single “master” dataset, while using views to control access to data based on department. This minimizes the number of steps required, as you don’t need to create separate datasets or data pipelines for each department.

Authorized views. So A since is the only one using authorized views. It may be a extra unnecessary step to create a dataset for each department. But it is a way to grant permission to users in this department, and keeps all in order...

correct answer c. the view answer the need of acess A is elminited because create dataset by department is more steps.

The correct answer is C. By creating a separate view for each department in the Master dataset, you can enforce the requirement that employees should only be able to view information for their department. This is the minimum number of steps required to implement this security framework. Option A is incorrect because it involves creating separate datasets for each department, which is unnecessary. Option B is incorrect because it involves creating data pipelines for each department, which is unnecessary. Option D is incorrect because it involves creating separate tables for each department, which is unnecessary.

C is correct

It should be C. Why create a separate dataset when you can get it done simply by creating a view in the same dataset.

I vote C. Least steps compared to A.

Why not C? Less steps. A unique dataset and n view for each department. I thinks is smarter and faster as approach.