There isn't an authentication mechanism in the provided Loki configuration. The Loki GCS authentication is handled via the GCS SDK which is typically done with environment variables(For example:GOOGLE_APPLICATION_CREDENTIALS).
Refer to https://stackoverflow.com/questions/65232062/can-i-setup-a-single-store-on-gcs-and-have-multiple-local-instances-of-loki-read.

The loki-operator should provide a method to handle GCS authentication. we can refer to docker registry which supports various Objective Storage too. It uses REGISTRY_STORAGE_GCS_KEYFILE to get authenticated from GCP. Refer to https://docs.openshift.com/container-platform/4.10/registry/configuring_registry_storage/configuring-registry-storage-gcp-user-infrastructure.html