Certain CIS benchmarks are applicable to BigQuery.

Leaving a dataset as PUBLIC (IAM policy allowing ANYONE to access a dataset) is the

allUsers -> Represents anyone of the internet

allAuthenticatedUsers -> Anyone logged in to a Google Service (which can be gmail...)

You would want to REMOVE access for allUsers and allAuthenticatedUsers

 

CIS GCP Foundations Benchmark, 7.1, It is recommended that the IAM policy on BigQuery datasets does not allow anonymous and/or public access.



Need an experienced AWS/GCP/Azure Professional to help out with your Public Cloud Strategy? Set up a time with Anuj Varma.