Associate Data Practitioner

Unlock the power of your data in the cloud! Get hands-on with Google Cloud's core data services like BigQuery and Looker to validate your practical skills in data ingestion, analysis, and management, and earn your Associate Data Practitioner certification!

Practice Test

Fundamental
Exam

Determine when to share data using Analytics Hub

4.1 Configure access control and governance

Analyze Criteria for Data Sharing

Analytics Hub in BigQuery lets teams share data safely across your organization or with external partners. It provides a marketplace-like interface for hosting and subscribing to data exchanges. Following clear governance rules ensures you meet security and compliance standards. By deciding when and how to share data, organizations can balance data utility with risk. This section explains the key factors to consider before sharing data with Analytics Hub.

When deciding to share data, consider data sensitivity levels. Data can be classified as public, internal, or confidential based on its risk and visibility. You must check compliance requirements like GDPR or HIPAA before granting access. Never share data that violates legal or organizational policies.

Evaluate audience requirements to ensure users get exactly what they need. Determine if the data is intended for an internal team, a partner organization, or the broader public. Analytics Hub’s sharing controls let you grant subscriptions at the project or folder level. Limit the sharing scope to people who genuinely need access. This targeted approach helps reduce unnecessary exposure and keeps data secure.

Align data sharing with organizational policies by configuring access control settings. Key controls include:

  • IAM permissions: Assign roles like bigquery.dataViewer to set view-only access.
  • Encryption: Use customer-managed encryption keys (CMEK) to protect sensitive records.
  • Audit logs: Enable tracking to record sharing events and data access. Adopting these measures helps organizations maintain strong security and meet governance requirements.

In summary, share data in Analytics Hub only when it meets criteria for sensitivity, compliance, audience, and policy alignment. Use built-in features like private data exchanges and fine-grained IAM roles to keep control over your datasets. Regularly review sharing settings to adapt to changing needs and maintain a secure data-sharing environment.

Conclusion

In this section, you covered how to determine when to share data using Analytics Hub in GCP. You focused on evaluating data sensitivity, meeting compliance requirements, matching audience needs, and enforcing organizational policies. Key features like IAM roles, encryption, and audit logs help you implement a controlled sharing strategy. By applying these guidelines, you can safely share valuable data while minimizing risks.

Compare methods of access control for Cloud Storage (e.g., public or private access, uniform access)Determine the appropriate Cloud Storage classes based on the frequency of data access and retention requirements