+1, "me too"

> We'd prefer to manage which cloud storage buckets show up in Data Explorer manually.

This. It is causing seriously huge problems for us that not only is Data Explorer sucking in access to all S3 buckets in the AWS account from the "Data Explorer" page in the Workspace, but it also gives the same global access to all these buckets from within the Run's page when you click in to a specific Tasks and click into the tab showing the files in the S3 workdir for that task ; you are able to freely navigate up from the Run's workdir location and then browse the entire S3 bucket and jump over to other S3 buckets in the AWS account.

Trying to wrangle this from IAM's on the AWS side has been difficult and confusing.

The entire situation could be avoided if we could have just configured Data Explorer on a per-workspace level with only the buckets it should show. Bonus: also configure Data Explorer for the allowed bucket subdirs as well. For example, Allow but block .

Thank you for your feedback. We are currently reviewing the mechanism for how Data Explorer displays cloud storage buckets at both the organization and workspace levels.