如何授予他人读取BigQuery中的INFORMATION_SCHEMA.SCHEMATA的权限? [英] How can I give others permission to read my INFORMATION_SCHEMA.SCHEMATA in BigQuery?
问题描述
我可以授予什么特权来让世界上的每个人查询我的信息模式?即我希望每个人都可以运行:
What privileges can I grant to let everyone in the world query my information schema? i.e. I want everyone to be able to run:
select * from `projectid`.INFORMATION_SCHEMA.SCHEMATA
目前,我回来了:
Access Denied: Table projectid:INFORMATION_SCHEMA.SCHEMATA: User does not have permission to query table projectid:INFORMATION_SCHEMA.SCHEMATA
推荐答案
通常,在BigQuery中,您需要在数据集级别设置权限.例如,此查询将对任何人都运行,因为该数据集对每个人都是公开的:
Usually in BigQuery you set permissions at the dataset level. For example, this query will run for anyone, as the dataset is public for everyone:
SELECT *
FROM `fh-bigquery.flights.INFORMATION_SCHEMA.TABLES`
但是您不能这样做:
SELECT *
FROM `fh-bigquery.INFORMATION_SCHEMA.SCHEMATA`
这是因为您需要项目级别的权限才能查看我的所有数据集,甚至是我尚未公开的数据集.
This because you need project level permissions to see all my datasets, even the ones I haven't made public.
如果您真的想与世界共享所有数据集的架构,则可以为此用户创建一个自定义角色,并具有 bigquery.datasets.get
权限:
If you really want to share the schemas of all your datasets with the world, then you could create a custom role just for this, with the bigquery.datasets.get
permission:
然后,您需要将此角色分配给所有用户-但这不是一个选择.
Then you need to assign this role to all users - but that's not an option.
在项目级别,您可以将此角色分配给以下角色之一:
At the project level, you can assign this role to one of these:
Google Account email: user@gmail.com
Google Group: admins@googlegroups.com
Service account: server@example.gserviceaccount.com
G Suite domain: example.com
在这种情况下,一个选项:
One option in this case:
- 创建一个Google网上论坛.
- 将此新角色赋予这个新的Google网上论坛.
- 让该Google网上论坛免费加入.
- 告诉人们嘿,如果您想查看我的项目SCHEMATA,请加入该小组".
然后一切都会起作用.
这篇关于如何授予他人读取BigQuery中的INFORMATION_SCHEMA.SCHEMATA的权限?的文章就介绍到这了,希望我们推荐的答案对大家有所帮助,也希望大家多多支持IT屋!