Status Update
No update yet.
Comments
ch...@google.com
Hello,
Thank you for reaching out to us with your request.
We have duly noted your feedback and will thoroughly validate it. While we cannot provide an estimated time of implementation or guarantee the fulfillment of the issue, please be assured that your input is highly valued. Your feedback enables us to enhance our products and services.
We appreciate your continued trust and support in improving our Google Cloud Platform products. In case you want to report a new issue, Please do not hesitate to create a new issue on the
Once again, we sincerely appreciate your valuable feedback. Thank you for your understanding and collaboration.
Thanks & Regards,
Ashalatha
Google Cloud Support
ms...@google.com
The workaround is now publicly documented
If you grant access using an ingress rule with user accounts as the identity type, you can't view BigQuery resource utilization or administrative jobs explorer on the Monitoring page. To use these features, configure an ingress rule that uses ANY_IDENTITY as the identity type.
Description
Problem you have encountered:
When viewing the Monitoring section in BigQuery (Cloud console > BigQuery > Administration > Monitoring) for a project inside a VPC Service Control perimeter, despite having the correct ingress rule, service perimeter violation errors are recorded. The ingress rules consist of a combination of
IdentitiesandAccess Levels, as shown in below example.The problem is due to an internal issue with VPC Service Controls and BigQuery integration. While the fix is being worked on, uses are able to use the below workaround.
Workaround
Temporarily use
ANY_SERVICE_ACCOUNTinstead ofANY_USER_ACCOUNTfor theIdentitiesfield in the ingress rule with access levels.