BigQuery Create row access policy

Row-level security lets you filter data and enables access to specific rows in a table, based on qualifying user conditions.. It provides fine-grained access control to a subset of data in a BigQuery table, by means of row-level access policies

Create row access policy example

    CREATE OR REPLACE ROW ACCESS POLICY My_apac_filter
    ON project.dataset.My_table
    GRANT TO ("user:xyz@example.com")
    FILTER USING (region = "apac");

Creating a row access policy with multiple grantees

    CREATE ROW ACCESS POLICY My_us_filter
    ON project.dataset.My_table
    GRANT TO ("user:john@example.com", "group:sales-us@example.com", "group:sales-managers@example.com")
    FILTER USING (region = "us");

Creating a row access policy to a group

    CREATE OR REPLACE ROW ACCESS POLICY My_apac_filter
    ON project.dataset.My_table
    GRANT TO ("group:sales-apac@example.com")
    FILTER USING (region = "apac");

Creating a row access policy with allAuthenticatedUsers as the grantees

    CREATE ROW ACCESS POLICY My_us_filter
    ON project.dataset.My_table
    GRANT TO ("allAuthenticatedUsers")
    FILTER USING (region = "us");

Syntax reference

  {CREATE ROW ACCESS POLICY | CREATE ROW ACCESS POLICY IF NOT EXISTS |
  CREATE OR REPLACE ROW ACCESS POLICY}
  row_access_policy_name ON table_name
  [GRANT TO (grantee_list)]
  FILTER USING (filter_expression);