이 페이지에서는 Private Service Connect 리전 엔드포인트를 사용하여 BigQuery의 리소스에 액세스하는 방법을 설명합니다. 리전 엔드포인트를 사용하면 데이터 상주 및 데이터 주권 요구사항을 준수하는 방식으로 워크로드를 실행할 수 있으며, 여기서 요청 트래픽은 엔드포인트에 지정된 리전으로 직접 라우팅됩니다.
개요
리전 엔드포인트는 영향을 받는 리소스가 엔드포인트에서 지정된 위치에 있는 경우에만 요청 처리를 제한하는 데 도움이 되는 요청 엔드포인트입니다.
예를 들어 데이터 세트 삭제 요청에서 엔드포인트 https://bigquery.us-central1.rep.googleapis.com을 사용하는 경우 데이터 세트가 US-CENTRAL1에 있는 경우에만 요청이 진행됩니다.
리소스가 있는 곳과 다른 위치를 통해 요청을 라우팅할 수 있는 전역 엔드포인트와 달리 리전 엔드포인트는 리소스가 있는 엔드포인트에서 지정한 위치로 요청을 제한하는 데 도움이 됩니다. 리전 엔드포인트는 인터넷, 기타Google Cloud 리소스(예: Compute Engine 가상 머신), VPN 또는 Interconnect를 사용하는 온프레미스 서비스 및 Virtual Private Cloud(VPC)에서 수신된 요청에 대해 엔드포인트에서 지정된 위치에서 TLS 세션을 종료합니다.
리전 엔드포인트는 테이블의 저장 데이터와 전송 중 데이터를 엔드포인트에서 지정한 위치 내에 유지하여 데이터 상주 위치를 보장하는 데 도움이 됩니다. 여기에는 데이터 세트 이름 및 IAM 정책과 같은 리소스 메타데이터가 포함되지 않습니다. 자세한 내용은 서비스 데이터 참고사항을 참조하세요.
BigQuery에는 API 여러 개가 포함되어 있습니다. 리전 엔드포인트와 함께 사용할 수 있는 API는 다음과 같습니다.
리전 엔드포인트는 엔드포인트로 지정된 위치에 저장된 리소스에 액세스하거나 이를 변형하는 작업을 수행하는 데만 사용할 수 있습니다.
리전 엔드포인트는 엔드포인트로 지정된 위치 외부의 리소스에 액세스하거나 이를 변형하는 작업을 수행하는 데 사용할 수 없습니다.
예를 들어 리전 엔드포인트 https://bigquery.us-central1.rep.googleapis.com을 사용하는 경우 US-CENTRAL1에 있는 데이터 세트의 테이블을 읽고, 두 데이터 세트 모두 US-CENTRAL1에 있는 경우에만 소스 데이터 세트에서 대상 데이터 세트로 테이블을 복사할 수 있습니다. US-CENTRAL1 외부에서 테이블을 읽거나 복사하려고 하면 오류가 발생합니다.
[[["이해하기 쉬움","easyToUnderstand","thumb-up"],["문제가 해결됨","solvedMyProblem","thumb-up"],["기타","otherUp","thumb-up"]],[["이해하기 어려움","hardToUnderstand","thumb-down"],["잘못된 정보 또는 샘플 코드","incorrectInformationOrSampleCode","thumb-down"],["필요한 정보/샘플이 없음","missingTheInformationSamplesINeed","thumb-down"],["번역 문제","translationIssue","thumb-down"],["기타","otherDown","thumb-down"]],["최종 업데이트: 2025-09-04(UTC)"],[[["\u003cp\u003eBigQuery regional endpoints allow you to restrict requests to resources within a specific location, helping comply with data residency and sovereignty requirements.\u003c/p\u003e\n"],["\u003cp\u003eUnlike global endpoints, regional endpoints ensure that requests are routed only to the location specified in the endpoint, and they terminate TLS sessions in that location.\u003c/p\u003e\n"],["\u003cp\u003eRegional endpoints support multiple BigQuery APIs, including the BigQuery API, Storage API, Reservations API, Migration API, and Data Transfer Service API, each with its own regional URL format.\u003c/p\u003e\n"],["\u003cp\u003eRegional endpoints can only perform operations that access or mutate resources within the specified location and cannot be used for cross-region operations like copying or replicating resources.\u003c/p\u003e\n"],["\u003cp\u003eAccessing BigQuery resources through the Google Cloud console requires using jurisdictional URLs (\u003ccode\u003eeu\u003c/code\u003e, \u003ccode\u003esa\u003c/code\u003e, or \u003ccode\u003eus\u003c/code\u003e) based on the resource's location, and using the Google Cloud CLI requires setting the \u003ccode\u003eapi_endpoint_overrides/bigquery\u003c/code\u003e property or \u003ccode\u003eCLOUDSDK_API_ENDPOINT_OVERRIDES_BIGQUERY\u003c/code\u003e environment variable.\u003c/p\u003e\n"]]],[],null,["# BigQuery regional endpoints\n===========================\n\nThis page describes how you can use [Private Service Connect regional\nendpoints](/vpc/docs/about-accessing-regional-google-apis-endpoints)\nto access resources in BigQuery. Regional endpoints let\nyou run your workloads in a manner that complies with [data\nresidency](/assured-workloads/docs/data-residency) and data sovereignty\nrequirements, where your request traffic is routed directly to the region\nspecified in the endpoint.\n\nOverview\n--------\n\nRegional endpoints are request endpoints that help restrict requests to proceed\nonly if the affected resource exists in the location specified by the endpoint.\nFor example, if you use the endpoint\n`https://bigquery.us-central1.rep.googleapis.com` in a delete dataset\nrequest, then the request only proceeds if the dataset is located in\n`US-CENTRAL1`.\n\nUnlike global endpoints, where requests can be routed through a different\nlocation from where the resource resides, regional endpoints can help to\nrestrict your requests to the location specified by the endpoint where the\nresource resides. Regional endpoints terminate TLS sessions in the location\nspecified by the endpoint for requests received from the Internet, other\nGoogle Cloud resources (such as Compute Engine virtual machines), on-premise\nservices using VPN or Interconnect, and Virtual Private Clouds (VPCs).\n\nRegional endpoints help to ensure data residency by keeping your at-rest and\nin-transit table data within the location specified by the endpoint. This\nexcludes resource metadata, such as dataset names and\nIAM policies. For more information, see [Note on service\ndata](/assured-workloads/docs/data-residency#service-data).\n\nBigQuery includes multiple APIs. The following APIs are available\nfor use with regional endpoint:\n\nSupported locations\n-------------------\n\nYou can use regional endpoints to keep your data within the following locations:\n\n- Asia-Pacific\n\n - Delhi `asia-south2`\n - Mumbai `asia-south1`\n- Europe\n\n - Belgium `europe-west1`\n - Frankfurt `europe-west3`\n - London `europe-west2`\n - Milan `europe-west8`\n - Paris `europe-west9`\n - Zürich `europe-west6`\n- Middle East\n\n - Dammam `me-central2`\n- United States\n\n - Iowa `us-central1`\n - South Carolina `us-east1`\n - Northern Virginia `us-east4`\n - Columbus, Ohio `us-east5`\n - Dallas `us-south1`\n - Oregon `us-west1`\n - Los Angeles `us-west2`\n - Salt Lake City `us-west3`\n - Las Vegas `us-west4`\n\nSupported operations\n--------------------\n\nRegional endpoints can only be used to perform operations that access or mutate\nresources stored in the location specified by the endpoint.\nRegional endpoints cannot be used to perform operations that access or mutate\nresources outside of the location specified by the endpoint.\n\nFor example, when you use the regional endpoint\n`https://bigquery.us-central1.rep.googleapis.com`, you can read tables in\ndatasets located in `US-CENTRAL1`, and copy a table from a source dataset to a\ndestination dataset only when both datasets are located in `US-CENTRAL1`. If you\nattempt to read or copy a table from outside `US-CENTRAL1`, you get an\nerror.\n\nLimitations and restrictions\n----------------------------\n\nRegional endpoints cannot be used to perform the following operations:\n\n- Operations that access or mutate resources outside of the location specified by the endpoint\n- Copying, replicating, or rewriting resources from one location to another.\n\nKeep in mind the following restrictions when using regional endpoints:\n\n- Regional endpoints don't support [mutual Transport Layer Security (mTLS)](/chrome-enterprise-premium/docs/understand-mtls).\n- Using a regional endpoint won't restrict the creation of resources outside of the endpoint region. To restrict resource creation, use [Organization Policy Service\n resource locations constraint](/resource-manager/docs/organization-policy/defining-locations).\n- [Cross-region dataset replication](/bigquery/docs/data-replication) and [cross-region table copying](/bigquery/docs/managing-tables#copy_tables_across_regions) aren't restricted by endpoint protection.\n\nTools for using regional endpoints\n----------------------------------\n\n### Console\n\nTo access BigQuery resources in a manner that's compliant with\ndata residency or sovereignty requirements, use the jurisdictional\nGoogle Cloud console URLs:\n\nReplace \u003cvar translate=\"no\"\u003eJURISDICTION\u003c/var\u003e with one of the following\nvalues:\n\n- `eu` if the resource is located in the European Union\n- `sa` if the resource is located in the Kingdom of Saudi Arabia\n- `us` if the resource is located in the United States\n\n| **Note:** You cannot use the jurisdictional Google Cloud console to upload files in `eu`, `sa`, or `us`.\n\n### Command line\n\nTo configure the Google Cloud CLI for use with regional endpoints,\ncomplete the following steps:\n\n1. Make sure you're using the Google Cloud CLI 402.0.0 or newer.\n\n2. Set the `api_endpoint_overrides/bigquery` property to the regional\n endpoint you want to use:\n\n ```\n gcloud config set api_endpoint_overrides/bigquery https://bigquery.LOCATION.rep.googleapis.com/bigquery/v2/\n ```\n\n Alternatively, you can set the\n `CLOUDSDK_API_ENDPOINT_OVERRIDES_BIGQUERY` environment variable to the\n endpoint: \n\n ```\n CLOUDSDK_API_ENDPOINT_OVERRIDES_BIGQUERY=https://bigquery.LOCATION.rep.googleapis.com/bigquery/v2/ gcloud alpha bq datasets list\n ```\n\n### REST APIs\n\nFor REST API, instead of sending a REST request to a\n[service endpoint](/bigquery/docs/reference/rest#service-endpoint), send the\nrequest to the regional endpoint in the following format:\n`https://bigquery.`\u003cvar translate=\"no\"\u003eLOCATION\u003c/var\u003e`.rep.googleapis.com`.\n\nRestrict global API endpoint usage\n----------------------------------\n\nTo help enforce the use of regional endpoints, use the\n`constraints/gcp.restrictEndpointUsage` organization policy constraint to block\nrequests to the global API endpoint. For more information, see\n[Restricting endpoint usage](/assured-workloads/docs/restrict-endpoint-usage)."]]