Summary
Support BigQuery per user authentication rather than using the same saved service account. It enables per user data access logging and row level access control on the BigQuery .
Description
Using the same saved service account to access BigQuery does not work in many organisations. Usually each employee function have access to different set of tables and records within BigQuery.
Having only one account (service account) to access BigQuery does not help with the accountability of the data access and is the main blocker for deploying Redash. All users within Redash would have the same access permissions for BigQuery, and the data access log shows the same user.
Many BigQuery security features (PII protection, authorised views, row-level access control) rely on having the right user account passed to BigQuery API. And it would be awesome if Redash has this feature.
Redash has already supported IAM for Redshift
Related Links