Skip to content

BigQuery ML and Vertex usage

BigQuery ML contributes query-job and Vertex request-log context for AI usage that runs through Google data-platform workloads.

Release state

This guide documents the read-only bigquery_ml connector implemented in the platform connector surface.

Required access

Grant read-only access to:

Permission Purpose
bigquery.jobs.list Read BigQuery job metadata and remote-model usage.
logging.logEntries.list Read Vertex request logs used for correlation.

Do not grant dataset mutation, job cancellation, or model-administration permissions.

Setup

  1. Create a service account for the projects that host BigQuery AI workloads.
  2. Grant only job-list and log-entry read access for the relevant projects.
  3. Configure the credential reference in Venturi.
  4. Set ARGMIN_BIGQUERY_ML_LOOKBACK_HOURS when the default 24-hour poll window does not match your review cadence.
  5. In Venturi, open Administration -> Connectors -> BigQuery ML and run Test connection.

Verification

  • BigQuery remote-model jobs and Vertex request logs appear in the latest sync.
  • Non-AI BigQuery jobs are excluded from connector output.
  • Remote-model usage is visible in attribution evidence where matching workload context exists.
  • The connector remains read-only in the connector inventory.

Rotation and offboarding

Rotate the service-account key or workload-identity binding on your standard schedule. Removing the connector stops new data-platform AI usage correlation but leaves historical evidence auditable.