Defining Google BigQuery Table Row Access Policies
The following properties are applicable to a Google BigQuery Table Row Access Policy object.
|
Tab |
Property |
Description |
Additional Information |
|---|---|---|---|
| If Not Exists | Specifies that if the row access policy already exists, no exception is thrown, and no action happens | ||
| Use Replace Syntax | Specifies whether the REPLACE syntax is used | Selecting this option replaces the syntax with the new DDL that is generated during Forward Engineering | |
|
Row Access Policy |
user:{emailid} | Specifies an email address of a Google account | For example, user:erwin@example.com |
| serviceAccount: {emailid} | Specifies an email address of a service account |
For example, serviceAccount:erwin-app@appspot.gserviceaccount.com |
|
| group: {emailid} | Specifies an email address of a Google group | For example, group:erwin@example.com | |
| domain: {domain} | Specifies the Google Workspace domain of all users |
For example, domain:example.com |
|
| All Authenticated Users | Specifies whether all service accounts and all users on the internet who have authenticated with a Google Account are included in the row access policy | ||
| All Users | Specifies whether users on the internet, including authenticated and unauthenticated users are included in the row access policy | Google BigQuery requires authentication before a user can access the service, All Users includes only authenticated users. | |
| Filter Expression | Specifies a subset of rows in the form of filters that are available to the users granted access under the row access policy |
|
Copyright © 2024 Quest Software, Inc. |