Notes from BenDesk: User Permissions

Ben is our resident ZenDesk captain and manager of all help@ inquiries. We’re bringing you interesting inquiries from his inbox each month to help share learnings across our community.

Question of the Month: As a PAD admin, is there a simple way for me to review or double-check users and their permissions on a dataset or table?

Bendesk Answer: Google Policy Analyzer is a powerful tool that can help you review PAD user groups permissioned on your data, allowing you to easily identify which users have access to specific resources and what permissions they have. This will help you ensure that your PAD project is secure and that users can only access the resources they need!

The process for using Policy Analyzer is simple, and it takes only a few clicks to find this information. For example, let’s say you want to check which user groups can access the “viewers” dataset in your PAD project. To do this, navigate to the Policy Analyzer homepage, find the pre-built “Who can access a BigQuery dataset?” template, type “viewers dataset” in the Resource search window, select the resource URL, and click the Analyze button to run the query. You can then view or export the information to see which PAD user groups can access the dataset!

Keep in mind that this is just scratching the surface of Policy Analyzer’s capabilities — it can also help monitor service account access, list user-level permissions, and much more. Once you are comfortable with the tool, you can build your own custom queries to fetch the insights you need about your project!

For more information on Policy Analyzer and its capabilities, take a look at our help article here.