A company needs to grant a third-party auditor read-only access to specific BigQuery datasets without giving them access to other GCP resources. What is the BEST approach?
-
A
Grant the auditor the Project Viewer role at the project level
-
B
Create a custom IAM role with only BigQuery Data Viewer permissions and assign it at the dataset level
-
C
Share the dataset using BigQuery authorized views
-
D
Add the auditor to a Google Group with Editor permissions