Set grants on dataset level in BigQuery

Hi, i am trying to set specific viewer-access in BigQuery on a dataset through dbt and dbt_project.yml file.

  +dataset: some_dataset
     roles/bigquery.dataViewer: ['']

But when i execute dbt run it will set it on table/view level. At my company we wan’t to set these type of view-access to different ad-groups on dataset level. We wan’t to control these through the file dbt_project.yml and not inside every model.

Is there a solution to this? Maybe a macro that will solve it? Or am i just doing it wrong in our dbt_project.yml.

Hello, If you are creating datasets via terraform, then tf would be best place for this use case . If you are looking via dbt please use post hooks (defined in dbt_project.yml) or define macro with list of grant SQL statements and call macro on-run-start or on-run-end based on your use case.

I have done the extensive analysis around grants for bq. You can go thru in below link

1 Like

No we are creating the datasets via dbt. Looking into creating a macro for setting the grant on dataset level instead.