Looker

About

Looker is a web based business intelligence and data management tool that provides a semantic layer to facilitate querying. It can be deployed in the cloud, on GCP, or on premises.

Requirements

Looker User

This source only uses API authentication. You will need to create an API user to login to Looker.

API Enablement in GCP

Enable the following APIs in your Google Cloud Project:

gcloud services enable geminidataanalytics.googleapis.com --project=$PROJECT_ID
gcloud services enable cloudaicompanion.googleapis.com --project=$PROJECT_ID

IAM Permissions in GCP

In addition to setting the ADC for your server, you need to ensure the IAM identity has been given the following IAM roles (or corresponding permissions):

• roles/looker.instanceUser
• roles/cloudaicompanion.user
• roles/geminidataanalytics.dataAgentStatelessUser

To initialize the application default credential run gcloud auth login --update-adc in your environment before starting MCP Toolbox.

Example

sources:
    my-looker-source:
        kind: looker
        base_url: http://looker.example.com
        client_id: ${LOOKER_CLIENT_ID}
        client_secret: ${LOOKER_CLIENT_SECRET}
        project: ${LOOKER_PROJECT}
        location: ${LOOKER_LOCATION}
        verify_ssl: true
        timeout: 600s

The Looker base url will look like “https://looker.example.com”, don’t include a trailing “/”. In some cases, especially if your Looker is deployed on-premises, you may need to add the API port number like “https://looker.example.com:19999”.

Verify ssl should almost always be “true” (all lower case) unless you are using a self-signed ssl certificate for the Looker server. Anything other than “true” will be interpreted as false.

The client id and client secret are seemingly random character sequences assigned by the looker server. If you are using Looker OAuth you don’t need these settings

The project and location fields are utilized only when using the conversational analytics tool.

Reference