I have a specific question regarding the authorized views in Bigquery and terraform.
Situation: I have already created the simple terraform script to create some Bigquery datasets, tables, views and an IAM entries also. Especially, I create two datasets (source_dataset and target_dataset), some tables in the source_dataset and views in the target_dataset, which are based on the source_database. The clue is to use Bigquery authorized views to separate permissions - the views should be accessible by the group od viewers, which don't have an access to the original source_dataset, but are still able to query the views.
Question: Is it possible to authorized the views from the terraform code? When i try to use the terraform code, the chicken/egg issue emerge. I know, that it's possible to separate to build configuration - write some code in the terraform and authorize the views after that by the python code, but ideally would be to use 100% terraform only.
Thanks.
Seems the chicken and egg issue has been resolved on the upcoming release:
bigquery dataset view access creates circular dependency #2686
The problem as defined:
The view can't be created because it depends on another dataset, That other dataset can't be created because it depends on the view
A circular dependency exists.
The resolution:
Once it gets released (it should appear in version 3.17.0) it'll be usable as a google_bigquery_dataset_access resource. Here's a preview of what the docs page will look like: https://github.com/terraform-providers/terraform-provider-google/blob/master/website/docs/r/bigquery_dataset_access.html.markdown