MEDIUM
Source
CloudSploit
ID
bigquery-admin

BigQuery Admin

Ensure that there are no IAM Users with BigQuery Admin, BigQuery Data Owner or BigQuery Data Editor role at the project level.

The pre-defined roles like “BigQuery Admin” or “BigQuery Data Owner” or “BigQuery Data Editor” grant full permissions over Big Query resources and its data. As a best practice, avoid granting access to these roles at the project level; instead, grant specific Big Query related permissions to IAM members.

Ensure that no IAM member has the pre-defined BigQuery Admin, BigQuery Data Owner or BigQuery Data Editor roles.