BigQuery examples

Important 

In Collibra 2024.05, we launched a new user interface (UI) for Collibra Data Intelligence Platform! You can learn more about this latest UI in the UI overview.

Use the following options to see the documentation in the latest UI or in the previous, classic UI:

This documentation contains examples of how BigQuery behaves with respect to certain data protection standards and data access rules.

Example 

Suppose that a table named table1 exists in BigQuery. This table contains Personally Identifiable Information (PII). The PII data category contains all the columns from table1.

Table in BigQuery

A standard that applies to the following groups has been created: Everyone, Human Resources, Marketing, and Sales. This standard requires default masking for the PII data category.

Image of the standard

Image of the standard

Behavior

When the standard is synchronized and active, a standard policy tag is created in BigQuery's taxonomy. The standard policy tag is named COLLIBRA_STANDARD_DEFAULT_<data protection standard name><data protection standard ID>.

BigQuery standard policy tags

The following image shows how the policy tags are applied to the columns in table1.

BigQuery standard policy tags

All the columns are assigned the same standard policy tag and are protected by default masking because they belong to the PII data category (selected in the standard).

Example 

Suppose that a table named table1 exists in BigQuery. This table contains Personally Identifiable Information (PII) and Ultra Sensitive Information (USI). The PII data category contains all the columns from table1, except for id and source. The USI data category contains only the status column.

Table in BigQuery

A standard that applies to the following groups has been created: Everyone, Human Resources, Marketing, and Sales. This standard requires default masking for the PII data category.

Image of the standard

Image of the standard

However, a rule that applies to the Human Resources group has been created. This rule requires hashing for the USI columns in table1.

Image of the rule

Image of the rule

Behavior

When the standard and rule are synchronized and active, policy tags are created in BigQuery's taxonomy. The standard policy tag is named COLLIBRA_STANDARD_DEFAULT_<data protection standard name><data protection standard ID>. The rule policy tag is named COLLIBRA_AGGREGATED_POLICIES_<rulesaccesshash>.

BigQuery standard policy tags

BigQuery rule policy tags

The following image shows how the policy tags are applied to the columns in table1.

BigQuery standard and rule policy tags

  • The id and source columns do not belong to the PII data category (selected in the standard) or the USI data category (selected in the rule). Therefore, they are not protected by either the standard or the rule. However, they are still assigned a rule policy tag with the Fine-Grained Reader access to allow users to view the original data.
  • The name and score columns belong to the PII data category (selected in the standard). They are assigned the same standard policy tag and are protected by default masking.
  • The status column belongs to both the PII data category (selected in the standard) and the USI data category (selected in the rule). Because the rule takes priority over the standard, the status column is assigned only the rule policy tag and is protected by hashing.