This website uses Cookies. Click Accept to agree to our website's cookie use as described in our Privacy Policy. Click Preferences to customize your cookie settings.
Accept
Reject
Preferences
Log in to ask a question
Get hands-on experience with 20+ free Google Cloud products and $300 in free credit for new customers.
Log in to ask a question

PII + Dataform in BigQuery – Anyone make this work securely?

Posted 2 weeks ago
Dovile
Bronze 2
Bronze 2
Reply posted on --/--/---- --:-- AM

Trying to leverage BigQuery Data Protection features (policy tags, dynamic masking) with Dataform, but hitting two major issues:

1. Policy Tags: Dataform can’t apply policy tags. So if a table is dropped/recreated, tags need to be re-applied separately (e.g., via Cloud Function). Feels brittle and risky.


2. Service Account Access: Dataform execution SA can be selected by anyone in the project. If that SA has access to protected data, users can bypass masking by choosing it. 

Has anyone successfully implemented a secure setup? Would appreciate any insights.

0 1 56
Topic Labels
0 Likes
1 REPLY 1
Top Solution Authors
View all