Connector Improvement: Google BigQuery Connector needs write access to the source which is not ideal
Answered
The Google BigQuery Connector needs write access to the source including delete which is not ideal in an enterprise setting because security and infrastructure teams are wary about providing such access for accomplishing read tasks. Please look into ways for not requiring write access for accomplishing simple read tasks. Either isolate write tasks to a different dataset/database or look for approaches to identify the incremental deltas using select statements only and not having to write it anywhere as temp tables. This will ensure that there are no security bottlenecks to have to grant write access to Datasets/databases for performing read activities.
Thanks,
Sharat
-
Official comment
Hi Sharat,
Thank you for your feedback! We are researching different alternatives to address the permission limitations. Couple of follow-up questions:
1. Could you list all roles/permissions you have in the BigQuery (connector)?
2. Do you have access to a bucket on GCP or S3 bucket AWS?Best,
-
I want to second this. We have a bigquery dataset access with read only permission and the service account is not going to get a write access. It seems like we cant use BigQuery connector unless the service account also gets a create and update access. The respective team that is provisioning the service accoune does not want to allow create or update access to the service account. Hence we are unable to use Bigquery connector with Fivetran.
Please sign in to leave a comment.
Comments
2 comments