Topic 1 Question 130

Associate Cloud Engineer

Topic 1 Question 130
You manage an App Engine Service that aggregates and visualizes data from BigQuery. The application is deployed with the default App Engine Service account. The data that needs to be visualized resides in a different project managed by another team. You do not have access to this project, but you want your application to be able to read data from the BigQuery dataset. What should you do?
- Ask the other team to grant your default App Engine Service account the role of BigQuery Job User.
- Ask the other team to grant your default App Engine Service account the role of BigQuery Data Viewer.
- In Cloud IAM of your project, ensure that the default App Engine service account has the role of BigQuery Data Viewer.
- In Cloud IAM of your project, grant a newly created service account from the other team the role of BigQuery Job User in your project.
解説
The Owner, Editor, and Viewer primitive roles include the BigQuery Admin (roles/bigquery.dataOwner), BigQuery Data Editor (roles/bigquery.dataEditor), and BigQuery Data Viewer (roles/bigquery.dataViewer) roles, respectively. This means the Owner, Editor, and Viewer primitive roles have BigQuery access as defined for the respective BigQuery roles. Reference: https://cloud.google.com/bigquery/docs/access-control

ユーザの投票
コメント(17)
- I think B is the answer
  
  👍 30
  Hjameel2020/08/15
- Correct Answer is (B): Sorry, I copied/pasted the the wrong statement. This is the proper explanation regarding to Big Query Data Viewer Role. The resource that you need to get access is in the other project.
  
  roles/bigquery.dataViewer BigQuery Data Viewer When applied to a table or view, this role provides permissions to:
  
  Read data and metadata from the table or view. This role cannot be applied to individual models or routines.
  
  When applied to a dataset, this role provides permissions to:
  
  Read the dataset's metadata and list tables in the dataset. Read data and metadata from the dataset's tables. When applied at the project or organization level, this role can also enumerate all datasets in the project. Additional roles, however, are necessary to allow the running of jobs.
  
  👍 21
  ESP_SAP2020/08/21
- Read and Query are both different terminologies, Google it, Read means only fetch and Query means Insert, update, delete and remove so if read is mentioned the data viewer role is the BEST.
  
  👍 3
  pspandher2022/07/04
シャッフルモード

解説

ユーザの投票

コメント(17)