堆栈内存溢出
  简体   繁体   English

如何创建可访问单个数据集的Google BigQuery服务帐户?

[英]How to create a Google BigQuery service account with access to a single dataset?

 原文  2013-10-15 04:49:10       python/ google-app-engine/ google-oauth/ google-bigquery

问题描述

Is there any way of granting readonly access to a specific BigQuery Dataset to a given Client ID ? 有没有办法授予对给定客户端ID的特定BigQuery数据集的只读访问权限?

I've tried using a service account, but this gives full access to all datasets. 我尝试过使用服务帐户,但这样可以完全访问所有数据集。

Also tried creating a service account from a different application, and added the email address generated together with the certificate to the BigQuery > Some Dataset > Share Dataset > Can view, but this always results in a 403 "Access not Configured" error. 还尝试从其他应用程序创建服务帐户,并将与证书一起生成的电子邮件地址添加到BigQuery> Some Dataset> Share Dataset> Can view,但这总是会导致403“Access not Configured”错误。

I'm using the server to server flow described in the documentation : 我正在使用文档中描述的服务器到服务器流程: 

import httplib2

from apiclient.discovery import build
from oauth2client.client import SignedJwtAssertionCredentials

# REPLACE WITH YOUR Project ID
PROJECT_NUMBER = 'XXXXXXXXXXX'
# REPLACE WITH THE SERVICE ACCOUNT EMAIL FROM GOOGLE DEV CONSOLE
SERVICE_ACCOUNT_EMAIL = 'XXXXX@developer.gserviceaccount.com'

f = file('key.p12', 'rb')
key = f.read()
f.close()

credentials = SignedJwtAssertionCredentials(
    SERVICE_ACCOUNT_EMAIL,
    key,
    scope='https://www.googleapis.com/auth/bigquery.readonly')

http = httplib2.Http()
http = credentials.authorize(http)

service = build('bigquery', 'v2')
tables = service.tables()
response = tables.list(projectId=PROJECT_NUMBER, datasetId='SomeDataset').execute(http)

print(response)

I'm basically trying to provide readonly access to an external server based application to a single dataset. 我基本上试图提供对基于外部服务器的应用程序的只读访问权限到单个数据集。

1 个解决方案

解决方案1
 1  2013-10-15 22:57:23

正如Fh所指出的,需要在创建服务帐户的Google帐户中激活BigQuery API,而不管它是否将查询绑定到不同应用程序ID的BigQuery端点。

暂无
暂无

声明:本站的技术帖子网页,遵循CC BY-SA 4.0协议,如果您需要转载,请注明本站网址或者原文地址。任何问题请咨询:yoyou2525@163.com.

相关问题 如何使用服务帐户确定Google BigQuery作业的状态? - How to determine the status of a Google BigQuery job using a Service Account? 如何使用 Python + 服务帐户创建 BigQuery 数据传输? - How to create BigQuery Data Transfer w/ Python + Service Account? 如何从 Google 服务帐户密钥文件中获取访问令牌? - How to get Access Token from Google Service Account key file? 如何创建带有特定服务帐户设置的Google Compute Engine实例? - How to create Google Compute Engine instance with particular service account setup on it? 是否可以将 Google 服务帐户限制为项目中的特定 BigQuery 数据集? - Is it possible to limit a Google service account to specific BigQuery datasets within a project? 如何在 Python 中使用服务帐户凭据创建 Google 表格? - How to create Google Sheets using Service Account Credential in Python? 如何创建具有多个角色的服务帐户? 谷歌云部署管理器 - How to create a service account with multiple roles? Google Cloud Deployment Manager 通过服务帐户访问 Google Cloud Storage - Google Cloud Storage access via service account 如何使用 API 云网关 Function 传递的服务帐户的 884645589888 在云中初始化 Google BigQuery 客户端 Function - How to initialize a Google BigQuery Client within a Cloud Function using the JWT of a service account passed by API Gateway to the Cloud Function 如何查看 python bigquery 客户端使用的服务帐户? - How can I see the service account that the python bigquery client uses?
相关标签
 
粤ICP备18138465号  © 2020-2024 STACKOOM.COM