This could be also a principal allow list guard within the canister method implementation right?
See allowed viewers in: NNS Proposal: Add Public and Restricted canister_status Visibility. To my understanding, this isn’t available yet but planned (correct me if I’m wrong).
Overall, I would avoid assigning principals as controllers if they shouldn’t have full access to the canister (e.g. perform upgrades). For example, controllers can also stop and wipe canisters, which I assume isn’t something you’d want to give to controllers that only need information like cycles.