diff --git a/plugins/providers/bigquery/config.go b/plugins/providers/bigquery/config.go
index 26673b693..7a5ad7dd1 100644
--- a/plugins/providers/bigquery/config.go
+++ b/plugins/providers/bigquery/config.go
@@ -86,6 +86,9 @@ type Config struct {
 
 	crypto    domain.Crypto
 	validator *validator.Validate
+
+	cachedDatasetGrantableRoles []string
+	cachedTableGrantableRoles   []string
 }
 
 // NewConfig returns bigquery config struct
@@ -198,9 +201,10 @@ func (c *Config) validatePermission(value interface{}, resourceType string, clie
 		return nil, ErrInvalidPermissionConfig
 	}
 
+	ctx := context.TODO()
 	if resourceType == ResourceTypeDataset {
 		if !utils.ContainsString([]string{DatasetRoleReader, DatasetRoleWriter, DatasetRoleOwner}, permision) {
-			grantableRoles, err := client.getGrantableRolesForDataset(context.TODO())
+			grantableRoles, err := c.getGrantableRolesForDataset(ctx, client)
 			if err != nil {
 				if errors.Is(err, ErrEmptyResource) {
 					return nil, fmt.Errorf("cannot verify dataset permission: %v", permision)
@@ -213,7 +217,7 @@ func (c *Config) validatePermission(value interface{}, resourceType string, clie
 			}
 		}
 	} else if resourceType == ResourceTypeTable {
-		roles, err := client.getGrantableRolesForTables()
+		roles, err := c.getGrantableRolesForTables(ctx, client)
 		if err != nil {
 			if err == ErrEmptyResource {
 				return nil, ErrCannotVerifyTablePermission
@@ -231,3 +235,31 @@ func (c *Config) validatePermission(value interface{}, resourceType string, clie
 	configValue := Permission(permision)
 	return &configValue, nil
 }
+
+func (c *Config) getGrantableRolesForDataset(ctx context.Context, client *bigQueryClient) ([]string, error) {
+	if len(c.cachedDatasetGrantableRoles) > 0 {
+		return c.cachedDatasetGrantableRoles, nil
+	}
+
+	roles, err := client.getGrantableRolesForDataset(ctx)
+	if err != nil {
+		return nil, err
+	}
+
+	c.cachedDatasetGrantableRoles = roles
+	return roles, nil
+}
+
+func (c *Config) getGrantableRolesForTables(ctx context.Context, client *bigQueryClient) ([]string, error) {
+	if len(c.cachedTableGrantableRoles) > 0 {
+		return c.cachedTableGrantableRoles, nil
+	}
+
+	roles, err := client.getGrantableRolesForTables()
+	if err != nil {
+		return nil, err
+	}
+
+	c.cachedTableGrantableRoles = roles
+	return roles, nil
+}