[[["容易理解","easyToUnderstand","thumb-up"],["確實解決了我的問題","solvedMyProblem","thumb-up"],["其他","otherUp","thumb-up"]],[["難以理解","hardToUnderstand","thumb-down"],["資訊或程式碼範例有誤","incorrectInformationOrSampleCode","thumb-down"],["缺少我需要的資訊/範例","missingTheInformationSamplesINeed","thumb-down"],["翻譯問題","translationIssue","thumb-down"],["其他","otherDown","thumb-down"]],["上次更新時間:2025-09-05 (世界標準時間)。"],[],[],null,["| Premium and Enterprise [service tiers](/security-command-center/docs/service-tiers) (requires [organization-level activation](/security-command-center/docs/activate-scc-overview#overview_of_organization-level_activation))\n\nThis page describes the detective policies that are included in the v1.0\nversion of the predefined posture for BigQuery, essentials. This\nposture includes a policy set that defines the Security Health Analytics detectors that apply\nto BigQuery workloads.\n\nYou can use this predefined posture to configure a security posture that helps\nprotect BigQuery resources. You can deploy this predefined posture\nwithout making any changes.\n\nSecurity Health Analytics detectors\n\nThe following table describes the Security Health Analytics detectors that are included in\nthis posture.\n\n| Detector name | Description |\n|--------------------------------|---------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------|\n| `BIGQUERY_TABLE_CMEK_DISABLED` | This detector checks whether a BigQuery table isn't configured to use a customer-managed encryption key (CMEK). For more information, see [Dataset vulnerability findings](/security-command-center/docs/concepts-vulnerabilities-findings#dataset-findings). |\n| `PUBLIC_DATASET` | This detector checks whether a dataset is configured to be open to public access. For more information, see [Dataset vulnerability findings](/security-command-center/docs/concepts-vulnerabilities-findings#dataset-findings). |\n\nView the posture template\n\n\nTo view the posture template for BigQuery, essentials, do the following: \n\ngcloud\n\n\nBefore using any of the command data below,\nmake the following replacements:\n\n- \u003cvar translate=\"no\"\u003eORGANIZATION_ID\u003c/var\u003e: the numeric ID of the organization\n\n\nExecute the\n\n\n[`gcloud scc posture-templates\ndescribe`](/sdk/gcloud/reference/scc/posture-templates/describe)\n\n\ncommand:\n\nLinux, macOS, or Cloud Shell \n\n```bash\ngcloud scc posture-templates describe \\\n organizations/ORGANIZATION_ID/locations/global/postureTemplates/big_query_essential\n```\n\nWindows (PowerShell) \n\n```bash\ngcloud scc posture-templates describe `\n organizations/ORGANIZATION_ID/locations/global/postureTemplates/big_query_essential\n```\n\nWindows (cmd.exe) \n\n```bash\ngcloud scc posture-templates describe ^\n organizations/ORGANIZATION_ID/locations/global/postureTemplates/big_query_essential\n```\n\nThe response contains the posture template.\n\nREST\n\n\nBefore using any of the request data,\nmake the following replacements:\n\n- \u003cvar translate=\"no\"\u003eORGANIZATION_ID\u003c/var\u003e: the numeric ID of the organization\n\n\nHTTP method and URL:\n\n```\nGET https://securityposture.googleapis.com/v1/organizations/ORGANIZATION_ID/locations/global/postureTemplates/big_query_essential\n```\n\nTo send your request, expand one of these options:\n\ncurl (Linux, macOS, or Cloud Shell) **Note:** The following command assumes that you have logged in to the `gcloud` CLI with your user account by running [`gcloud init`](/sdk/gcloud/reference/init) or [`gcloud auth login`](/sdk/gcloud/reference/auth/login) , or by using [Cloud Shell](/shell/docs), which automatically logs you into the `gcloud` CLI . You can check the currently active account by running [`gcloud auth list`](/sdk/gcloud/reference/auth/list).\n\n\nExecute the following command:\n\n```\ncurl -X GET \\\n -H \"Authorization: Bearer $(gcloud auth print-access-token)\" \\\n \"https://securityposture.googleapis.com/v1/organizations/ORGANIZATION_ID/locations/global/postureTemplates/big_query_essential\"\n```\n\nPowerShell (Windows) **Note:** The following command assumes that you have logged in to the `gcloud` CLI with your user account by running [`gcloud init`](/sdk/gcloud/reference/init) or [`gcloud auth login`](/sdk/gcloud/reference/auth/login) . You can check the currently active account by running [`gcloud auth list`](/sdk/gcloud/reference/auth/list).\n\n\nExecute the following command:\n\n```\n$cred = gcloud auth print-access-token\n$headers = @{ \"Authorization\" = \"Bearer $cred\" }\n\nInvoke-WebRequest `\n -Method GET `\n -Headers $headers `\n -Uri \"https://securityposture.googleapis.com/v1/organizations/ORGANIZATION_ID/locations/global/postureTemplates/big_query_essential\" | Select-Object -Expand Content\n```\n\nThe response contains the posture template.\n\nWhat's next\n\n- [Create a security posture using this predefined posture](/security-command-center/docs/how-to-use-security-posture)."]]
