Resource Onboarding in BigQuery Connector
This document explains how to use the resource onboarding feature in the BigQuery Connector.
The BigQuery Connector now streamlines the onboarding process for resources like projects, datasets, and tables in Privacera by replacing manual backend edits with a user-friendly Admin UI.
Use Cases¶
Update Managed Resource¶
-
Update Managed Resource List by Adding New Resource
- Current managed dataset list.
- Create Access Policy on the Managed Resource and add one resource that is not managed.
- The policy will be applied only for managed resources.
- Update the managed resource list with the resource added in the created policy.
- The policy is now applied for the newly added resource.
- Result:
test_user1is able to query tables from both datasets (test_dataset1,test_dataset2).
Remove Managed Resource¶
-
Remove any resource from manage resource list
- Remove one of the dataset from manage list
- Resource loader is updated.
Limitations¶
- This onboarding feature supports only managed resource properties (i.e.
manage.project,manage.dataset,manage.table). For other properties, you can:- Update the property in the portal.
- Then download and copy the updated ZIP file to the jump server environment.
- Run the Privacera Manager setup and perform a Helm upgrade.
- The onboarding feature does not support the ignore resource list i.e.
ignore.project,ignore.dataset,ignore.table. - If the tag-resource mapping is not cleared from the portal before removing a resource from the managed list, it will persist in the BigQuery UI.
- To add or update properties that are not available in the portal, use one of the following methods:
- Method 1: Add a PM(Privacera Manager) variable for property in connector YAML file directly.
-
Method 2: Custom directory
- Create directory with name as custom inside your connector instance directory.
- Add a file in that director named as connector-custom-properties.
- Prev Connector Guide