looker-open-source
feat: Add GCS Authorized buckets list
Add Support for Authorized GCS Buckets in Google Cloud Storage Action
This PR introduces a new parameter authorized_buckets. When configured, this parameter limits the list of selectable GCS buckets in the form UI to only those explicitly authorized. This is useful in environments where GCP credentials have access to many buckets, but data access must be restricted to specific ones per project or user group.
Motivation
In enterprise setups, the GCP service account used for Looker exports has visibility over a large number of buckets. However, not all of them are meant to be exposed in the Looker UI due to access control policies or data governance constraints. This feature solves that by: • Preventing unauthorized or accidental exports to non-approved buckets • Improving UX by decluttering the bucket selection dropdown • Making Looker actions safer and more compliant with internal security policies
Screenshot
@phillipperalez @bgraves-lo if possible can someone visit this PR and take a look? Thanks!