data_policies_grantees
Creates, updates, deletes, gets or lists a data_policies_grantees resource.
Overview
| Name | data_policies_grantees |
| Type | Resource |
| Id | google.bigquerydatapolicy.data_policies_grantees |
Fields
The following fields are returned by SELECT queries:
SELECT not supported for this resource, use SHOW METHODS to view available operations for the resource.
Methods
The following methods are available for this resource:
| Name | Accessible by | Required Params | Optional Params | Description |
|---|---|---|---|---|
add_grantees | insert | projectsId, locationsId, dataPoliciesId | Adds new grantees to a data policy. The new grantees will be added to the existing grantees. If the request contains a duplicate grantee, the grantee will be ignored. If the request contains a grantee that already exists, the grantee will be ignored. | |
remove_grantees | delete | projectsId, locationsId, dataPoliciesId | Removes grantees from a data policy. The grantees will be removed from the existing grantees. If the request contains a grantee that does not exist, the grantee will be ignored. |
Parameters
Parameters can be passed in the WHERE clause of a query. Check the Methods section to see which parameters are required or optional for each operation.
| Name | Datatype | Description |
|---|---|---|
dataPoliciesId | string | |
locationsId | string | |
projectsId | string |
INSERT examples
- add_grantees
- Manifest
Adds new grantees to a data policy. The new grantees will be added to the existing grantees. If the request contains a duplicate grantee, the grantee will be ignored. If the request contains a grantee that already exists, the grantee will be ignored.
INSERT INTO google.bigquerydatapolicy.data_policies_grantees (
data__grantees,
projectsId,
locationsId,
dataPoliciesId
)
SELECT
'{{ grantees }}',
'{{ projectsId }}',
'{{ locationsId }}',
'{{ dataPoliciesId }}'
RETURNING
name,
dataMaskingPolicy,
dataPolicyId,
dataPolicyType,
etag,
grantees,
policyTag,
version
;
# Description fields are for documentation purposes
- name: data_policies_grantees
props:
- name: projectsId
value: string
description: Required parameter for the data_policies_grantees resource.
- name: locationsId
value: string
description: Required parameter for the data_policies_grantees resource.
- name: dataPoliciesId
value: string
description: Required parameter for the data_policies_grantees resource.
- name: grantees
value: array
description: >
Required. IAM principal that should be granted Fine Grained Access to the underlying data goverened by the data policy. The target data policy is determined by the `data_policy` field. Uses the [IAM V2 principal syntax](https://cloud.google.com/iam/docs/principal-identifiers#v2). Supported principal types: * User * Group * Service account
DELETE examples
- remove_grantees
Removes grantees from a data policy. The grantees will be removed from the existing grantees. If the request contains a grantee that does not exist, the grantee will be ignored.
DELETE FROM google.bigquerydatapolicy.data_policies_grantees
WHERE projectsId = '{{ projectsId }}' --required
AND locationsId = '{{ locationsId }}' --required
AND dataPoliciesId = '{{ dataPoliciesId }}' --required
;