Permission denied while getting drive credentials from BigQuery table in Cloud Functions via SQL

If you have a BigQuery external table which uses for example a Google Sheets file as source, AND you try to read / join this table in BigQuery SQL you may get the error in BigQuery job failure log:

google.api_core.exceptions.Forbidden: 403 Access Denied: BigQuery BigQuery: Permission denied while getting Drive credentials.

Seems like no drive scope is the default, so BQ clients that need these scopes should be passing it in via the client_options.

So in this original solution post: https://github.com/googleapis/google-auth-library-python/issues/1204

This is the solution which worked for me too:

EricSeastrand commented on May 27, 2024• 
For anyone else facing this, here's the exact code that worked for me:

from google.cloud import bigquery
client = bigquery.Client(client_options={
    "scopes": ['https://www.googleapis.com/auth/drive', 'https://www.googleapis.com/auth/cloud-platform']
})
results = client.query_and_wait(sql)

During the bigquery.Client connection I had to pass the above scopes and there is no problem with authorizations in Sheets/Drive access anymore.

Some day I may post more on the topic …..