Predefined posture template for BigQuery, essentials
Stay organized with collections
Save and categorize content based on your preferences.
This page describes the detective policies that are included in the v1.0
version of the predefined posture template for BigQuery, essentials.
This posture template includes a policy set that defines the Security Health Analytics
detectors that apply to BigQuery workloads.
You can use this predefined posture template to configure a security posture
that helps protect BigQuery resources. You can deploy this predefined
posture template without making any changes.
Security Health Analytics detectors
The following table describes the Security Health Analytics detectors that are included in
this posture template.
Detector name
Description
BIGQUERY_TABLE_CMEK_DISABLED
This detector checks whether a BigQuery table isn't configured
to use a customer-managed encryption key (CMEK). For more information, see
Dataset
vulnerability findings.
PUBLIC_DATASET
This detector checks whether a dataset is configured to be open to
public access. For more information, see
Dataset
vulnerability findings.
View the posture template
To view the posture template for BigQuery, essentials, do the following:
gcloud
Before using any of the command data below,
make the following replacements:
ORGANIZATION_ID: the numeric ID of the organization.
[[["Easy to understand","easyToUnderstand","thumb-up"],["Solved my problem","solvedMyProblem","thumb-up"],["Other","otherUp","thumb-up"]],[["Hard to understand","hardToUnderstand","thumb-down"],["Incorrect information or sample code","incorrectInformationOrSampleCode","thumb-down"],["Missing the information/samples I need","missingTheInformationSamplesINeed","thumb-down"],["Other","otherDown","thumb-down"]],["Last updated 2026-07-15 UTC."],[],[]]