Tetap teratur dengan koleksi
Simpan dan kategorikan konten berdasarkan preferensi Anda.
Dokumen ini memberikan panduan dan praktik terbaik untuk menggunakan
Katalog Universal Dataplex.
Pilih project untuk lake Anda
Saat Anda memilih project untuk menghosting lake, pertimbangkan faktor-faktor berikut:
Project harus berada dalam
perimeter Kontrol Layanan VPC
yang sama dengan data yang ditujukan untuk berada dalam lake.
Akun layanan lake memerlukan izin administrator pada bucket Cloud Storage atau set data BigQuery.
Dataplex Universal Catalog membuat tabel eksternal di BigQuery untuk tabel yang ditemukan di Cloud Storage. Dataplex Universal Catalog juga menyediakan metadata tabel BigQuery, dan tabel yang ditemukan di bucket Cloud Storage, dalam layanan Dataproc Metastore. Dataproc Metastore berada dalam project data lake.
Setelan dan batasan Cloud Storage
Region: Dataplex Universal Catalog mendukung bucket multi-region dan region tunggal di beberapa Google Cloud region.
Kelas penyimpanan: Bucket Cloud Storage dari semua kelas penyimpanan didukung (Standard, Nearline, Coldline, Archive).
Biaya pengambilan data tambahan mungkin dikenakan untuk mengakses atau memindai data Nearline, Coldline, atau Archive.
ACL bucket: Katalog Universal Dataplex hanya mendukung bucket Cloud Storage dengan
kontrol akses seragam.
Kontrol akses terperinci tidak didukung.
Pemohon Membayar: Bucket Cloud Storage dengan fitur
Pemohon Membayar yang diaktifkan tidak
didukung.
Panduan keamanan dan izin
Dataplex Universal Catalog mengharuskan penambahan akun layanan Dataplex Universal Catalog sebagai akun layanan administratif di bucket dan set data terkelola.
Dataplex Universal Catalog memungkinkan analis mengakses bucket Cloud Storage dan set data BigQuery di berbagai project. Untuk mengaktifkan akses ini, akun layanan Dataplex Universal Catalog dengan kontrol administratif harus ditambahkan ke project ini.
Untuk Penemuan, Dataplex Universal Catalog menambahkan akun layanan Dataproc Metastore ke bucket Cloud Storage. Jika memiliki cluster Dataproc Metastore sendiri, Anda
dapat membuat data lake Dataplex Universal Catalog menggunakan
layanan Dataproc Metastore Anda, yang merupakan opsi saat Anda membuat
data lake.
Jika Anda memilih untuk menambahkan bucket Cloud Storage dengan akses terperinci ke data lake, Dataplex Universal Catalog akan memberikan akses penuh ke bucket tersebut melalui data lake karena izin Dataplex Universal Catalog diteruskan ke semua objek dalam bucket. Jika Anda memerlukan akses terperinci, sebaiknya pisahkan data di bucket Anda ke dalam beberapa bucket.
[[["Mudah dipahami","easyToUnderstand","thumb-up"],["Memecahkan masalah saya","solvedMyProblem","thumb-up"],["Lainnya","otherUp","thumb-up"]],[["Sulit dipahami","hardToUnderstand","thumb-down"],["Informasi atau kode contoh salah","incorrectInformationOrSampleCode","thumb-down"],["Informasi/contoh yang saya butuhkan tidak ada","missingTheInformationSamplesINeed","thumb-down"],["Masalah terjemahan","translationIssue","thumb-down"],["Lainnya","otherDown","thumb-down"]],["Terakhir diperbarui pada 2025-09-04 UTC."],[[["\u003cp\u003eDataplex lakes must reside within a project that shares the same VPC Service Controls perimeter as the data, and the lake service account needs admin permissions on the associated Cloud Storage buckets or BigQuery datasets.\u003c/p\u003e\n"],["\u003cp\u003eDataplex supports single region and multi-region Cloud Storage buckets of all storage classes, but only with uniform access controls and without the Requester Pays feature enabled.\u003c/p\u003e\n"],["\u003cp\u003eTo allow access to Cloud Storage buckets and BigQuery datasets across multiple projects, Dataplex service accounts require administrative controls on those projects.\u003c/p\u003e\n"],["\u003cp\u003eDataplex provides full access to any Cloud Storage bucket with fine-grained access added to a lake, recommending data be split into multiple buckets for fine-grained access needs.\u003c/p\u003e\n"],["\u003cp\u003eAvoid restricting VPC peering with organization policy constraints as it can cause errors with Dataproc Metastore.\u003c/p\u003e\n"]]],[],null,["# Best practices for Dataplex Universal Catalog\n\nThis document provides guidance and best practices for using\nDataplex Universal Catalog.\n\nChoose a project for your lake\n------------------------------\n\nWhen you select the project in which to host your lake, consider the following\nfactors:\n\n- The project must belong to the same\n [VPC Service Controls perimeter](/vpc-service-controls/docs/service-perimeters)\n as the data destined to be within the lake.\n\n- The lake service account requires administrator permissions on the\n Cloud Storage buckets or BigQuery datasets.\n Dataplex Universal Catalog creates external tables in BigQuery for\n tables discovered in Cloud Storage. Dataplex Universal Catalog also makes\n available BigQuery table metadata, and tables discovered in the\n Cloud Storage bucket, in a Dataproc Metastore service. The\n Dataproc Metastore is located within the data lake project.\n\nCloud Storage settings and limitations\n--------------------------------------\n\n- Region: Dataplex Universal Catalog supports single region and\n multi-region buckets in some [Google Cloud regions](/dataplex/docs/locations).\n\n- Storage class: Cloud Storage buckets of all\n [storage classes](/storage/docs/storage-classes) are supported\n (Standard, Nearline, Coldline, Archive).\n Additional data retrieval costs might incur for accessing or scanning\n Nearline, Coldline, or Archive data.\n\n- Bucket ACL: Dataplex Universal Catalog supports Cloud Storage buckets with\n [uniform access controls](/storage/docs/uniform-bucket-level-access) only.\n Fine-grained access controls aren't supported.\n\n- Requester Pays: Cloud Storage buckets with the\n [Requester Pays](/storage/docs/requester-pays) feature enabled aren't\n supported.\n\nSecurity and permissions guidance\n---------------------------------\n\nDataplex Universal Catalog requires adding the Dataplex Universal Catalog\n[service accounts](/dataplex/docs/iam-and-access-control#service-accounts)\nas an administrative service account on managed buckets and datasets.\n\nDataplex Universal Catalog enables analysts to access Cloud Storage buckets\nand BigQuery datasets across many projects. To enable this access,\nDataplex Universal Catalog requires adding the Dataplex Universal Catalog service\naccounts with administrative controls to these projects.\n\nFor Discovery, Dataplex Universal Catalog adds the\nDataproc Metastore service account to the Cloud Storage\nbuckets. If you have your own Dataproc Metastore cluster, you\nmight want to make the Dataplex Universal Catalog lake use your\nDataproc Metastore service, which is an option when you create\nyour lake.\n| **Note:** Don't set the [organization policy constraints](/resource-manager/docs/organization-policy/org-policy-constraints) to restrict VPC peering. If you specify `constraints/compute.restrictVpcPeering`, your Dataproc Metastore creation request fails with an `INVALID_ARGUMENT` error.\n\nIf you choose to add a Cloud Storage bucket with\n[fine-grained](/storage/docs/access-control) access to a lake,\nDataplex Universal Catalog will provide full access to that bucket through the lake\nbecause Dataplex Universal Catalog permissions are propagated to all objects in the\nbucket. If you require fine-grained access, it's recommended that you split\nthe data in your bucket into multiple buckets.\n\nWhat's next\n-----------\n\n- [Build a data mesh](/dataplex/docs/build-a-data-mesh)\n- [Create a lake](/dataplex/docs/create-lake)\n- [Secure your lake](/dataplex/docs/lake-security)"]]
