BigQueryAuditMetadata

object (BigQueryAuditMetadata.Job)

Job metadata.

enum (BigQueryAuditMetadata.JobInsertion.Reason)

Describes how the job was inserted.

string

Job URI.

Format: projects/<projectId>/jobs/<jobId>.

object (BigQueryAuditMetadata.JobConfig)

Job configuration.

object (BigQueryAuditMetadata.JobStatus)

Job status.

object (BigQueryAuditMetadata.JobStats)

Job statistics.

enum (BigQueryAuditMetadata.JobConfig.Type)

Job type.

map (key: string, value: string)

Labels provided for the job.

An object containing a list of "key": value pairs. Example: { "name": "wrench", "mass": "1.3kg", "count": "3" }.

string

User specified reservation for the job.

object (BigQueryAuditMetadata.JobConfig.Query)

Query job information.

object (BigQueryAuditMetadata.JobConfig.Load)

Load job information.

object (BigQueryAuditMetadata.JobConfig.Extract)

Extract job information.

object (BigQueryAuditMetadata.JobConfig.TableCopy)

TableCopy job information.

string

The SQL query to run. Truncated if exceeds 50K.

boolean

True if the query field was truncated.

string

The destination table for the query results.

enum (BigQueryAuditMetadata.CreateDisposition)

Destination table create disposition.

enum (BigQueryAuditMetadata.WriteDisposition)

Destination table write disposition.

string

Default dataset for the query.

object (BigQueryAuditMetadata.TableDefinition)

External data sources used in the query.

enum (BigQueryAuditMetadata.JobConfig.Query.Priority)

Priority given to the query.

object (BigQueryAuditMetadata.EncryptionInfo)

Result table encryption information. Set when non-default encryption is used.

enum (BigQueryAuditMetadata.QueryStatementType)

Type of the query.

string

Name of the table, used in queries.

string

URIs for the data.

string

Cloud kms key identifier.

Format: projects/<projectId>/locations/<location>/keyRings/<key_ring_name>/cryptoKeys/<key_name>

string

URIs for the data to be imported. Entire list is truncated if exceeds 40K.

boolean

True if the source_URIs field was truncated.

string

The table schema in JSON format. Entire field is truncated if exceeds 40K.

boolean

True if the schemaJson field was truncated.

string

The destination table for the import.

enum (BigQueryAuditMetadata.CreateDisposition)

Destination table create disposition.

enum (BigQueryAuditMetadata.WriteDisposition)

Destination table write disposition.

object (BigQueryAuditMetadata.EncryptionInfo)

Result table encryption information. Set when non-default encryption is used.

string

URIs where extracted data should be written. Entire list is truncated if exceeds 50K.

boolean

True if the destination_URIs field was truncated.

string

The source table.

string

The source model.

string

Source tables. Entire list is truncated if exceeds 50K.

boolean

True if the sourceTables field was truncated.

string

Destination table.

enum (BigQueryAuditMetadata.CreateDisposition)

Destination table create disposition.

enum (BigQueryAuditMetadata.WriteDisposition)

Destination table write disposition.

object (BigQueryAuditMetadata.EncryptionInfo)

Result table encryption information. Set when non-default encryption is used.

enum (BigQueryAuditMetadata.OperationType)

Supported operation types in the table copy job.

string (Timestamp format)

Expiration time set on the destination table. Expired tables will be deleted and their storage reclaimed.

A timestamp in RFC3339 UTC "Zulu" format, with nanosecond resolution and up to nine fractional digits. Examples: "2014-10-02T15:01:23Z" and "2014-10-02T15:01:23.045123456Z".

enum (BigQueryAuditMetadata.JobState)

State of the job.

object (Status)

Job error, if the job failed.

object (Status)

Errors encountered during the running of the job. Does not necessarily mean that the job has completed or was unsuccessful.

string (Timestamp format)

Job creation time.

A timestamp in RFC3339 UTC "Zulu" format, with nanosecond resolution and up to nine fractional digits. Examples: "2014-10-02T15:01:23Z" and "2014-10-02T15:01:23.045123456Z".

string (Timestamp format)

Job execution start time.

A timestamp in RFC3339 UTC "Zulu" format, with nanosecond resolution and up to nine fractional digits. Examples: "2014-10-02T15:01:23Z" and "2014-10-02T15:01:23.045123456Z".

string (Timestamp format)

Job completion time.

A timestamp in RFC3339 UTC "Zulu" format, with nanosecond resolution and up to nine fractional digits. Examples: "2014-10-02T15:01:23Z" and "2014-10-02T15:01:23.045123456Z".

string (int64 format)

The total number of slot-ms consumed by the query job.

object (BigQueryAuditMetadata.JobStats.ReservationResourceUsage)

Deprecated: Reservation usage attributed from each tier of a reservation hierarchy. This field is empty because the provided reservation usage statistics are not accurate. Use the INFORMATION_SCHEMA.JOBS view to find the average slot usage for a given period of time.

string

Reservation name or "unreserved" for on-demand resource usage.

string

Parent job name. Only present for child jobs.

object (BigQueryAuditMetadata.JobStats.Query)

Query job statistics.

object (BigQueryAuditMetadata.JobStats.Load)

Load job statistics.

object (BigQueryAuditMetadata.JobStats.Extract)

Extract job statistics.

string (int64 format)

Total bytes processed by the query job.

string (int64 format)

Total bytes billed by the query job.

integer

The tier assigned by the CPU-based billing.

string

Tables accessed by the query job.

string

Views accessed by the query job.

string

Routines accessed by the query job.

string (int64 format)

Number of output rows produced by the query job.

boolean

True if the query job results were read from the query cache.

string (int64 format)

Total bytes loaded by the import job.

string (int64 format)

Total bytes exported by the extract job.This is the byte count as computed by BigQuery for billing purposes and doesn't have any relationship with the number of actual result bytes extracted in the desired format.

string (int64 format)

Bytes extracted in output, that will always be populated for exports (even if the byte count for billing is 0)

string

Reservation name or "unreserved" for on-demand resources usage.

string (int64 format)

Total slot milliseconds used by the reservation for a particular job.

enum (BigQueryAuditMetadata.JobState)

Job state before the job state change.

enum (BigQueryAuditMetadata.JobState)

Job state after the job state change.

object (BigQueryAuditMetadata.Job)

Job metadata.

string

Job URI.

Format: projects/<projectId>/jobs/<jobId>.

enum (BigQueryAuditMetadata.JobDeletion.Reason)

Describes how the job was deleted.

object (BigQueryAuditMetadata.Dataset)

Dataset metadata.

enum (BigQueryAuditMetadata.DatasetCreation.Reason)

Describes how the dataset was created.

string

The URI of the job that created the dataset. Present if the reason is QUERY.

Format: projects/<projectId>/jobs/<jobId>.

string

Dataset URI.

Format: projects/<projectId>/datasets/<datasetId>.

object (BigQueryAuditMetadata.EntityInfo)

User-provided metadata for the dataset.

string (Timestamp format)

Dataset creation time.

A timestamp in RFC3339 UTC "Zulu" format, with nanosecond resolution and up to nine fractional digits. Examples: "2014-10-02T15:01:23Z" and "2014-10-02T15:01:23.045123456Z".

string (Timestamp format)

Dataset metadata last update time.

A timestamp in RFC3339 UTC "Zulu" format, with nanosecond resolution and up to nine fractional digits. Examples: "2014-10-02T15:01:23Z" and "2014-10-02T15:01:23.045123456Z".

object (BigQueryAuditMetadata.BigQueryAcl)

The access control list for the dataset.

string (Duration format)

Default expiration time for tables in the dataset.

A duration in seconds with up to nine fractional digits, ending with 's'. Example: "3.5s".

object (BigQueryAuditMetadata.EncryptionInfo)

Default encryption for tables in the dataset.

string

Default collation for the dataset.

map (key: string, value: string)

IAM Tags attached to this entity.

An object containing a list of "key": value pairs. Example: { "name": "wrench", "mass": "1.3kg", "count": "3" }.

string

A short name for the entity.

string

A long description for the entity.

map (key: string, value: string)

Labels provided for the entity.

An object containing a list of "key": value pairs. Example: { "name": "wrench", "mass": "1.3kg", "count": "3" }.

object (Policy)

IAM policy for the resource.

string

List of authorized views for a dataset.

Format: projects/<projectId>/datasets/<datasetId>/tables/<view_id>.

object (BigQueryAuditMetadata.Dataset)

Dataset metadata after the change.

enum (BigQueryAuditMetadata.DatasetChange.Reason)

Describes how the dataset was changed.

string

The URI of the job that updated the dataset. Present if the reason is QUERY.

Format: projects/<projectId>/jobs/<jobId>.

object (BindingDelta)

List of IAM policy deltas. This field contains the difference between the original policy and the new policy when the IAM policy is updated via SetIamPolicy API.

object (BigQueryAuditMetadata.AccessChange)

List of access changes. This field contains the difference between the original ACLs and the new ACLs when the ACLs are updated via datasets.update API.

enum (BindingDelta.Action)

The action that was performed on a Binding. Required

string

Role that is assigned to members. For example, roles/viewer, roles/editor, or roles/owner. Required

string

A single identity requesting access for a Google Cloud resource. Follows the same format of Binding.members. Required

object (Expr)

The condition that is associated with this binding.

enum (BigQueryAuditMetadata.AccessChange.Action)

The action that was performed on an access.

object

Access entry.

string

An IAM role ID that should be granted to the user, group, or domain specified in this access entry. The following legacy mappings will be applied:

• OWNER: roles/bigquery.dataOwner
• WRITER: roles/bigquery.dataEditor
• READER: roles/bigquery.dataViewer

This field will accept any of the above formats, but will return only the legacy format. For example, if you set this field to "roles/bigquery.dataOwner", it will be returned back as "OWNER".

string

[Pick one] An email address of a user to grant access to. For example: fred@example.com. Maps to IAM policy member "user:EMAIL" or "serviceAccount:EMAIL".

string

[Pick one] An email address of a Google Group to grant access to. Maps to IAM policy member "group:GROUP".

string

[Pick one] A domain to grant access to. Any users signed in with the domain specified will be granted the specified access. Example: "example.com". Maps to IAM policy member "domain:DOMAIN".

string

[Pick one] A special group to grant access to. Possible values include:

• projectOwners: Owners of the enclosing project.
• projectReaders: Readers of the enclosing project.
• projectWriters: Writers of the enclosing project.
• allAuthenticatedUsers: All authenticated BigQuery users.

Maps to similarly-named IAM members.

string

[Pick one] Some other type of member that appears in the IAM Policy but isn't a user, group, domain, or special group.

object (TableReference)

[Pick one] A view from a different dataset to grant access to. Queries executed against that view will have read access to views/tables/routines in this dataset. The role field is not required when this field is set. If that view is updated by any user, access to the view needs to be granted again via an update operation.

object (RoutineReference)

[Pick one] A routine from a different dataset to grant access to. Queries executed against that routine will have read access to views/tables/routines in this dataset. Only UDF is supported for now. The role field is not required when this field is set. If that routine is updated by any user, access to the routine needs to be granted again via an update operation.

object (DatasetAccessEntry)

[Pick one] A grant authorizing all resources of a particular type in a particular dataset access to this dataset. Only views are supported for now. The role field is not required when this field is set. If that dataset is deleted and re-created, its access needs to be granted again via an update operation.

object (Expr)

Optional. condition for the binding. If CEL expression in this field is true, this access binding will be considered

enum (BigQueryAuditMetadata.DatasetDeletion.Reason)

Describes how the dataset was deleted.

string

The URI of the job that deleted the dataset. Present if the reason is QUERY.

Format: projects/<projectId>/jobs/<jobId>.

object (BigQueryAuditMetadata.Table)

Table metadata.

enum (BigQueryAuditMetadata.TableCreation.Reason)

Describes how the table was created.

string

The URI of the job that created a table. Present if the reason is JOB or QUERY.

Format: projects/<projectId>/jobs/<jobId>.

string

Table URI.

Format: projects/<projectId>/datasets/<datasetId>/tables/<tableId>.

object (BigQueryAuditMetadata.EntityInfo)

User-provided metadata for the table.

string

A JSON representation of the table's schema. Entire field is truncated if exceeds 40K.

boolean

True if the schemaJson field was truncated.

object (BigQueryAuditMetadata.TableViewDefinition)

View metadata. Only present for views.

string (Timestamp format)

Table expiration time.

A timestamp in RFC3339 UTC "Zulu" format, with nanosecond resolution and up to nine fractional digits. Examples: "2014-10-02T15:01:23Z" and "2014-10-02T15:01:23.045123456Z".

string (Timestamp format)

The table creation time.

A timestamp in RFC3339 UTC "Zulu" format, with nanosecond resolution and up to nine fractional digits. Examples: "2014-10-02T15:01:23Z" and "2014-10-02T15:01:23.045123456Z".

string (Timestamp format)

The last time metadata update time.

A timestamp in RFC3339 UTC "Zulu" format, with nanosecond resolution and up to nine fractional digits. Examples: "2014-10-02T15:01:23Z" and "2014-10-02T15:01:23.045123456Z".

string (Timestamp format)

The last table truncation time.

A timestamp in RFC3339 UTC "Zulu" format, with nanosecond resolution and up to nine fractional digits. Examples: "2014-10-02T15:01:23Z" and "2014-10-02T15:01:23.045123456Z".

object (BigQueryAuditMetadata.EncryptionInfo)

Table encryption information. Set when non-default encryption is used.

string

The default collation of the table.

object (BigQueryAuditMetadata.TableConstraints)

The table constraints.

map (key: string, value: string)

IAM Tags attached to this entity.

An object containing a list of "key": value pairs. Example: { "name": "wrench", "mass": "1.3kg", "count": "3" }.

object (TimePartitioning)

Time-based partitioning specifications for this table if specified.

object (RangePartitioning)

Range partitioning specification for this table if specified.

object (Clustering)

Clustering specification for the table.

boolean

If set to true, queries over this table require a partition filter that can be used for partition elimination to be specified.

object (PartitioningDefinition)

The partitioning information, which includes managed table, external table and metastore partitioned table partition information.

string

SQL query defining the view. Truncated if exceeds 40K.

boolean

True if the schemaJson field was truncated.

object (PrivacyPolicy)

Privacy Policy for view.

object (AggregationThresholdPolicy)

Optional. Policy used for aggregation thresholds.

object (DifferentialPrivacyPolicy)

Optional. Policy used for differential privacy.

object (JoinRestrictionPolicy)

Optional. Join restriction policy is outside of the one of policies, since this policy can be set along with other policies. This policy gives data providers the ability to enforce joins on the 'joinAllowedColumns' when data is queried from a privacy protected view.

string

Optional. The privacy unit column(s) associated with this policy. For now, only one column per data source object (table, view) is allowed as a privacy unit column. Representing as a repeated field in metadata for extensibility to multiple columns in future. Duplicates and Repeated struct fields are not allowed. For nested fields, use dot notation ("outer.inner")

string (int64 format)

Optional. The threshold for the "aggregation threshold" policy.

number

Optional. The maximum epsilon value that a query can consume. If the subscriber specifies epsilon as a parameter in a SELECT query, it must be less than or equal to this value. The epsilon parameter controls the amount of noise that is added to the groups — a higher epsilon means less noise.

number

Optional. The delta value that is used per query. Delta represents the probability that any row will fail to be epsilon differentially private. Indicates the risk associated with exposing aggregate rows in the result of a query.

string (int64 format)

Optional. The maximum groups contributed value that is used per query. Represents the maximum number of groups to which each protected entity can contribute. Changing this value does not improve or worsen privacy. The best value for accuracy and utility depends on the query and data.

string

Optional. The privacy unit column associated with this policy. Differential privacy policies can only have one privacy unit column per data source object (table, view).

number

Optional. The total epsilon budget for all queries against the privacy-protected view. Each subscriber query against this view charges the amount of epsilon they request in their query. If there is sufficient budget, then the subscriber query attempts to complete. It might still fail due to other reasons, in which case the charge is refunded. If there is insufficient budget the query is rejected. There might be multiple charge attempts if a single query references multiple views. In this case there must be sufficient budget for all charges or the query is rejected and charges are refunded in best effort. The budget does not have a refresh policy and can only be updated via ALTER VIEW or circumvented by creating a new view that can be queried with a fresh budget.

number

Optional. The total delta budget for all queries against the privacy-protected view. Each subscriber query against this view charges the amount of delta that is pre-defined by the contributor through the privacy policy deltaPerQuery field. If there is sufficient budget, then the subscriber query attempts to complete. It might still fail due to other reasons, in which case the charge is refunded. If there is insufficient budget the query is rejected. There might be multiple charge attempts if a single query references multiple views. In this case there must be sufficient budget for all charges or the query is rejected and charges are refunded in best effort. The budget does not have a refresh policy and can only be updated via ALTER VIEW or circumvented by creating a new view that can be queried with a fresh budget.

number

Output only. The epsilon budget remaining. If budget is exhausted, no more queries are allowed. Note that the budget for queries that are in progress is deducted before the query executes. If the query fails or is cancelled then the budget is refunded. In this case the amount of budget remaining can increase.

number

Output only. The delta budget remaining. If budget is exhausted, no more queries are allowed. Note that the budget for queries that are in progress is deducted before the query executes. If the query fails or is cancelled then the budget is refunded. In this case the amount of budget remaining can increase.

string

Optional. The only columns that joins are allowed on. This field is must be specified for join_conditions JOIN_ANY and JOIN_ALL and it cannot be set for JOIN_BLOCKED.

enum (JoinRestrictionPolicy.JoinCondition)

Optional. Specifies if a join is required or not on queries for the view. Default is JOIN_CONDITION_UNSPECIFIED.

object (BigQueryAuditMetadata.TableConstraints.PrimaryKey)

The primary key of the table.

object (BigQueryAuditMetadata.TableConstraints.ForeignKey)

Foreign keys of the table.

string

Table columns that are part of the primary key.

string

The name of the foreign key.

string

Table columns that are part of the foreign key.

string

Columns that are part of the referenced key.

string

The referenced table id.

string

The dataset of the referenced table.

string

The project of the referenced table.

string

Required. The supported types are DAY, HOUR, MONTH, and YEAR, which will generate one partition per day, hour, month, and year, respectively.

string (Int64Value format)

Optional. Number of milliseconds for which to keep the storage for a partition. A wrapper is used here because 0 is an invalid value.

string

Optional. If not set, the table is partitioned by pseudo column '_PARTITIONTIME'; if set, the table is partitioned by this field. The field must be a top-level TIMESTAMP or DATE field. Its mode must be NULLABLE or REQUIRED. A wrapper is used here because an empty string is an invalid value.

boolean

If set to true, queries over this table require a partition filter that can be used for partition elimination to be specified. This field is deprecated; please set the field with the same name on the table itself instead. This field needs a wrapper because we want to output the default value, false, if the user explicitly set it.

string

Required. The name of the column to partition the table on. It must be a top-level, INT64 column whose mode is NULLABLE or REQUIRED.

object

Defines the ranges for range partitioning.

string

Required. The start of range partitioning, inclusive. This field is an INT64 value represented as a string.

string

Required. The end of range partitioning, exclusive. This field is an INT64 value represented as a string.

string

Required. The width of each interval. This field is an INT64 value represented as a string.

string

One or more fields on which data should be clustered. Only top-level, non-repeated, simple-type fields are supported. The ordering of the clustering fields should be prioritized from most to least important for filtering purposes.

Additional information on limitations can be found here: https://cloud.google.com/bigquery/docs/creating-clustered-tables#limitations

object (PartitionedColumn)

Optional. Details about each partitioning column. This field is output only for all partitioning types other than metastore partitioned tables. BigQuery native tables only support 1 partitioning column. Other table types may support 0, 1 or more partitioning columns. For metastore partitioned tables, the order must match the definition order in the Hive Metastore, where it must match the physical layout of the table. For example,

CREATE TABLE a_table(id BIGINT, name STRING) PARTITIONED BY (city STRING, state STRING).

In this case the values must be ['city', 'state'] in that order.

string

Required. The name of the partition column.

object (BigQueryAuditMetadata.Table)

Updated table metadata.

boolean

True if the table was truncated.

enum (BigQueryAuditMetadata.TableChange.Reason)

Describes how the table metadata was changed.

string

The URI of the job that changed a table. Present if the reason is JOB or QUERY.

Format: projects/<projectId>/jobs/<jobId>.

object (BindingDelta)

List of IAM policy deltas.

object (BigQueryAuditMetadata.TableChange.AlterTableStats)

Statistics for ALTER TABLE sql statement.

object (BigQueryAuditMetadata.Table)

The replica table which the updated table is replicated to.

integer

Number of columns added during sql execution.

integer

Number of columns dropped during sql execution.

integer

Number of columns modified during sql execution. There can be multiple type of modifications like SET OPTION, SET DATA TYPE etc.

integer

Number of columns renamed during sql execution.

enum (BigQueryAuditMetadata.TableDeletion.Reason)

Describes how table was deleted.

string

The URI of the job that deleted a table. Present if the reason is QUERY.

Format: projects/<projectId>/jobs/<jobId>.

string

List of the accessed fields. Entire list is truncated if the record size exceeds 100K.

boolean

True if the fields list was truncated.

string

List of the referenced policy tags. That is, policy tags attached to the accessed fields or their ancestors. Policy tag resource name is a string of the format: projects/<projectId>/locations/<locationId>/taxonomies/<taxonomyId>/policyTags/<policy_tag_id>

boolean

True if the policy tag list was truncated. At most 100 policy tags can be saved.

enum (BigQueryAuditMetadata.TableDataRead.Reason)

Describes how the table data was read.

string

The URI of the job that read a table. Present if the reason is JOB but can be reducted for privacy reasons.

Format: projects/<projectId>/jobs/<jobId>.

string

The URI of the read session that read a table. Present if the reason is CREATE_READ_SESSION.

Format: projects/<projectId>/locations/<location>/sessions/<session_id>.

string

The name of the read stream that is being read OR split. Present if the reason is READ_ROWS or SPLIT_READ_STREAM. This will be of the form projects/{projectId}/locations/{location}/sessions/{session_id}/streams/{stream_id}.

string (int64 format)

The offset requested in a READ_ROWS call.

string (int64 format)

Number of serialized rows in the rows block. Present if the reason is READ_ROWS.

number

A value in the range (0.0, 1.0) that specifies the fractional point at which the original stream should be split. Present iff the reason is SPLIT_READ_STREAM.

string

Primary stream name, which contains the beginning portion of |readStream|. An empty value indicates that the original stream can no longer be split. Present iff the reason is SPLIT_READ_STREAM.

string

Remainder stream name, which contains the tail of |readStream|. An empty value indicates that the original stream can no longer be split. Present iff the reason is SPLIT_READ_STREAM.

string

The name of the write stream that is being used for the table data read. This will be of the form projects/{projectId}/datasets/{datasetId}/tables/{tableName}/streams/_default if it's a default write stream or in the form of projects/{projectId}/datasets/{datasetId}/tables/{tableName}/streams/{streamId} if it's an exclusive write stream.

string (int64 format)

Number of deleted rows.

string (int64 format)

Number of inserted rows.

boolean

True if the table was truncated.

enum (BigQueryAuditMetadata.TableDataChange.Reason)

Describes how the table data was changed.

string

The URI of the job that changed a table.

Format: projects/<projectId>/jobs/<jobId>.

string

If written from WRITE_API, the name of the stream.

Format: projects/<projectId>/datasets/<datasetId>/tables/<tableId>/streams/<stream_id>

string

During batch commits, multiple stream names would be involved.

Format: projects/<projectId>/datasets/<datasetId>/tables/<tableId>/streams/<stream_id>

enum (BigQueryAuditMetadata.ModelDeletion.Reason)

Describes how the model was deleted.

string

The URI of the job that deleted a model. Present if the reason is QUERY.

Format: projects/<projectId>/jobs/<jobId>.

object (BigQueryAuditMetadata.Model)

Model metadata.

enum (BigQueryAuditMetadata.ModelCreation.Reason)

Describes how the model was created.

string

The URI of the job that created the model.

Format: projects/<projectId>/jobs/<jobId>.

string

Model URI.

Format: projects/<projectId>/datasets/<datasetId>/models/<model_id>.

object (BigQueryAuditMetadata.EntityInfo)

User-provided metadata for the model.

string (Timestamp format)

Model expiration time.

A timestamp in RFC3339 UTC "Zulu" format, with nanosecond resolution and up to nine fractional digits. Examples: "2014-10-02T15:01:23Z" and "2014-10-02T15:01:23.045123456Z".

string (Timestamp format)

Model creation time.

A timestamp in RFC3339 UTC "Zulu" format, with nanosecond resolution and up to nine fractional digits. Examples: "2014-10-02T15:01:23Z" and "2014-10-02T15:01:23.045123456Z".

string (Timestamp format)

Model last update time.

A timestamp in RFC3339 UTC "Zulu" format, with nanosecond resolution and up to nine fractional digits. Examples: "2014-10-02T15:01:23Z" and "2014-10-02T15:01:23.045123456Z".

object (BigQueryAuditMetadata.EncryptionInfo)

Model encryption information. Set when non-default encryption is used.

object (BigQueryAuditMetadata.Model)

Updated model.

enum (BigQueryAuditMetadata.ModelMetadataChange.Reason)

Describes how the model metadata was changed.

string

The URI of the job that changed the model metadata. Present if and only if the reason is QUERY.

Format: projects/<projectId>/jobs/<jobId>.

enum (BigQueryAuditMetadata.ModelDataChange.Reason)

Describes how the model data was changed.

string

The URI of the job that changed the model data.

Format: projects/<projectId>/jobs/<jobId>.

enum (BigQueryAuditMetadata.ModelDataRead.Reason)

Describes how the model data was read.

string

The URI of the job that read the model data.

Format: projects/<projectId>/jobs/<jobId>.

object (BigQueryAuditMetadata.Routine)

Created routine.

enum (BigQueryAuditMetadata.RoutineCreation.Reason)

Describes how the routine was created.

string

The URI of the job that created the routine.

Format: projects/<projectId>/jobs/<jobId>.

string

Routine URI.

Format: projects/<projectId>/datasets/<datasetId>/routines/<routineId>.

string (Timestamp format)

Routine creation time.

A timestamp in RFC3339 UTC "Zulu" format, with nanosecond resolution and up to nine fractional digits. Examples: "2014-10-02T15:01:23Z" and "2014-10-02T15:01:23.045123456Z".

string (Timestamp format)

Routine last update time.

A timestamp in RFC3339 UTC "Zulu" format, with nanosecond resolution and up to nine fractional digits. Examples: "2014-10-02T15:01:23Z" and "2014-10-02T15:01:23.045123456Z".

object (BigQueryAuditMetadata.Routine)

Updated routine.

enum (BigQueryAuditMetadata.RoutineChange.Reason)

Describes how the routine was updated.

string

The URI of the job that updated the routine.

Format: projects/<projectId>/jobs/<jobId>.

object (BigQueryAuditMetadata.Routine)

Deleted routine.

enum (BigQueryAuditMetadata.RoutineDeletion.Reason)

Describes how the routine was deleted.

string

The URI of the job that deleted the routine. Present if the reason is QUERY.

Format: projects/<projectId>/jobs/<jobId>.

object (BigQueryAuditMetadata.RowAccessPolicy)

The row access policy created by this event.

string

The URI of the job that created this row access policy.

Format: projects/<projectId>/jobs/<jobId>.

string

Row access policy URI.

Format: projects/<projectId>/datasets/<datasetId>/tables/<tableId>/rowAccessPolicies/<row_access_policy_id>

object (BigQueryAuditMetadata.RowAccessPolicy)

The row access policy that was changed by this event.

string

The URI of the job that created this row access policy.

Format: projects/<projectId>/jobs/<jobId>.

object (BigQueryAuditMetadata.RowAccessPolicy)

The row access policies that were deleted. At present, only populated when a single policy is dropped.

string

The job that deleted these row access policies.

Format: projects/<projectId>/jobs/<jobId>.

boolean

This field is set to true when a DROP ALL command has been executed, thus removing all row access policies on the table.

string

The linked dataset URI which is unlinked from its source.

Format: projects/<projectId>/datasets/<datasetId>.

string

The source dataset URI from which the linked dataset is unlinked.

Format: projects/<projectId>/datasets/<datasetId>.

enum (BigQueryAuditMetadata.UnlinkDataset.Reason)

Reason for unlinking linked dataset

object (BigQueryAuditMetadata.SearchIndex)

Search index metadata.

enum (BigQueryAuditMetadata.SearchIndexCreation.Reason)

Describes how the search index was created.

string

The URI of the job that created the search index.

Format: projects/<projectId>/jobs/<jobId>.

string

Search index URI.

Format: projects/<projectId>/datasets/<datasetId>/tables/<tableId>/searchIndexes/<index_name>.

object (BigQueryAuditMetadata.SearchIndex)

Search index metadata.

enum (BigQueryAuditMetadata.SearchIndexDeletion.Reason)

Describes how the search index was deleted.

string

The URI of the job that deleted the search index.

Format: projects/<projectId>/jobs/<jobId>.

object (BigQueryAuditMetadata.VectorIndex)

Vector index metadata.

enum (BigQueryAuditMetadata.VectorIndexCreation.Reason)

Describes how the vector index was created.

string

The URI of the job that created the vector index.

Format: projects/<projectId>/jobs/<jobId>.

string

Vector index URI.

Format: projects/<projectId>/datasets/<datasetId>/tables/<tableId>/vectorIndexes/<index_name>.

object (BigQueryAuditMetadata.VectorIndex)

Vector index metadata.

enum (BigQueryAuditMetadata.VectorIndexChange.Reason)

Describes how the vector index was created.

string

The URI of the job that created the vector index.

Format: projects/<projectId>/jobs/<jobId>.

object (BigQueryAuditMetadata.VectorIndex)

Vector index metadata.

enum (BigQueryAuditMetadata.VectorIndexDeletion.Reason)

Describes how the vector index was deleted.

string

The URI of the job that deleted the vector index.

Format: projects/<projectId>/jobs/<jobId>.

enum (BigQueryAuditMetadata.ConnectionChange.Reason)

Describes how the connection metadata was changed.

object (BindingDelta)

List of deltas between two policies.

object (BigQueryAuditMetadata.SheetsMetadata)

Google Sheets metadata.

string

The ID of the spreadsheet from which the request is sent.