I'm new to GCP.
I was wondering if I have multiple Virtual Machines residing in a resource group and my resources need permission to access BigQuery.
What do I need to add to the policy to grant access?
Another question is if, for example, I had 100 VMs in a resource group, to grant them access, do I have to configure each VM one by one? I'm sure there is a way to give them all access but I don't know the method such as permissions, IAM, policies, templates.
Thanks in advance!
There's no equivalent to resource group in GCP..
The approach is to create a Service Account and grant it the permissions the resources (e g. the VMs) need. Then you create the VMs to use the Service Account as their identity.
Resources have a single identity, usually a Service Account. You should create Service Accounts for each functionally|security equivalent resource.
Identities are bound to one our more roles. Roles correspond to one our more service|API methods. Try to use predefined roles but you can create custom roles.
Service Accounts: https://cloud.google.com/iam/docs/service-accounts
Compute Engine identities: https://cloud.google.com/compute/docs/access/create-enable-service-accounts-for-instances
BigQuery IAM roles: https://cloud.google.com/bigquery/docs/access-control
Managed Instance Groups: https://cloud.google.com/compute/docs/instance-groups