Postura predefinida para o BigQuery, recursos essenciais
Mantenha tudo organizado com as coleções
Salve e categorize o conteúdo com base nas suas preferências.
Nesta página, descrevemos as políticas de detecção incluídas na versão 1.0 da postura predefinida para o BigQuery, essentials. Essa postura inclui um conjunto de políticas que define os detectores do Security Health Analytics aplicáveis às cargas de trabalho do BigQuery.
Use essa postura predefinida para configurar uma postura de segurança que ajude a proteger os recursos do BigQuery. É possível implantar essa postura predefinida sem fazer mudanças.
Detectores do Security Health Analytics
A tabela a seguir descreve os detectores do Security Health Analytics incluídos nessa postura.
Nome do detector
Descrição
BIGQUERY_TABLE_CMEK_DISABLED
Esse detector verifica se uma tabela do BigQuery não está configurada
para usar uma chave de criptografia gerenciada pelo cliente (CMEK). Para mais informações, consulte
Descobertas de vulnerabilidade do conjunto de dados.
[[["Fácil de entender","easyToUnderstand","thumb-up"],["Meu problema foi resolvido","solvedMyProblem","thumb-up"],["Outro","otherUp","thumb-up"]],[["Difícil de entender","hardToUnderstand","thumb-down"],["Informações incorretas ou exemplo de código","incorrectInformationOrSampleCode","thumb-down"],["Não contém as informações/amostras de que eu preciso","missingTheInformationSamplesINeed","thumb-down"],["Problema na tradução","translationIssue","thumb-down"],["Outro","otherDown","thumb-down"]],["Última atualização 2025-08-19 UTC."],[],[],null,["# Predefined posture for BigQuery, essentials\n\n| Premium and Enterprise [service tiers](/security-command-center/docs/service-tiers) (requires [organization-level activation](/security-command-center/docs/activate-scc-overview#overview_of_organization-level_activation))\n\nThis page describes the detective policies that are included in the v1.0\nversion of the predefined posture for BigQuery, essentials. This\nposture includes a policy set that defines the Security Health Analytics detectors that apply\nto BigQuery workloads.\n\nYou can use this predefined posture to configure a security posture that helps\nprotect BigQuery resources. You can deploy this predefined posture\nwithout making any changes.\n\nSecurity Health Analytics detectors\n-----------------------------------\n\nThe following table describes the Security Health Analytics detectors that are included in\nthis posture.\n\nView the posture template\n-------------------------\n\n\nTo view the posture template for BigQuery, essentials, do the following: \n\n### gcloud\n\n\nBefore using any of the command data below,\nmake the following replacements:\n\n- \u003cvar translate=\"no\"\u003eORGANIZATION_ID\u003c/var\u003e: the numeric ID of the organization\n\n\nExecute the\n\n\n[`gcloud scc posture-templates\ndescribe`](/sdk/gcloud/reference/scc/posture-templates/describe)\n\n\ncommand:\n\n#### Linux, macOS, or Cloud Shell\n\n```bash\ngcloud scc posture-templates describe \\\n organizations/ORGANIZATION_ID/locations/global/postureTemplates/big_query_essential\n```\n\n#### Windows (PowerShell)\n\n```bash\ngcloud scc posture-templates describe `\n organizations/ORGANIZATION_ID/locations/global/postureTemplates/big_query_essential\n```\n\n#### Windows (cmd.exe)\n\n```bash\ngcloud scc posture-templates describe ^\n organizations/ORGANIZATION_ID/locations/global/postureTemplates/big_query_essential\n```\n\nThe response contains the posture template.\n\n### REST\n\n\nBefore using any of the request data,\nmake the following replacements:\n\n- \u003cvar translate=\"no\"\u003eORGANIZATION_ID\u003c/var\u003e: the numeric ID of the organization\n\n\nHTTP method and URL:\n\n```\nGET https://securityposture.googleapis.com/v1/organizations/ORGANIZATION_ID/locations/global/postureTemplates/big_query_essential\n```\n\nTo send your request, expand one of these options:\n\n#### curl (Linux, macOS, or Cloud Shell)\n\n| **Note:** The following command assumes that you have logged in to the `gcloud` CLI with your user account by running [`gcloud init`](/sdk/gcloud/reference/init) or [`gcloud auth login`](/sdk/gcloud/reference/auth/login) , or by using [Cloud Shell](/shell/docs), which automatically logs you into the `gcloud` CLI . You can check the currently active account by running [`gcloud auth list`](/sdk/gcloud/reference/auth/list).\n\n\nExecute the following command:\n\n```\ncurl -X GET \\\n -H \"Authorization: Bearer $(gcloud auth print-access-token)\" \\\n \"https://securityposture.googleapis.com/v1/organizations/ORGANIZATION_ID/locations/global/postureTemplates/big_query_essential\"\n```\n\n#### PowerShell (Windows)\n\n| **Note:** The following command assumes that you have logged in to the `gcloud` CLI with your user account by running [`gcloud init`](/sdk/gcloud/reference/init) or [`gcloud auth login`](/sdk/gcloud/reference/auth/login) . You can check the currently active account by running [`gcloud auth list`](/sdk/gcloud/reference/auth/list).\n\n\nExecute the following command:\n\n```\n$cred = gcloud auth print-access-token\n$headers = @{ \"Authorization\" = \"Bearer $cred\" }\n\nInvoke-WebRequest `\n -Method GET `\n -Headers $headers `\n -Uri \"https://securityposture.googleapis.com/v1/organizations/ORGANIZATION_ID/locations/global/postureTemplates/big_query_essential\" | Select-Object -Expand Content\n```\n\nThe response contains the posture template.\n\nWhat's next\n-----------\n\n- [Create a security posture using this predefined posture](/security-command-center/docs/how-to-use-security-posture)."]]