0

Is there any way on Google Cloud IAM roles setup to give access/visibility to some VM Instances of the project and not to the whole of them?

Ideally just to the ones that the user creates and not to the rest. As far as I tried roles apply to all of Instances.

Improve this question

1 Answer 1

Reset to default
1

Google Compute Engine supports specifying the service account to use for the instance.

You can create a new service account, assigning the Project Owner or Editor role ( as you want) and then assign that service account to the instance you want.

You can also assign instance-specific roles and permissions form the Cloud Engine - VM Instances Page as stated in the Compute Engine Official Documentation:

  • Go to the Computer Engine VM Instances page
  • Click the checkbox beside the instance(s) to which you want to assign instance-specific roles.
  • Click on "Show Info Panel".
  • On the "Info Panel" on the right side of the screen under "Permissions" click "Add Members".
  • Select the members / roles you want to assign and click "Save".

Please have a look into the following article explaining Compute Engine Service Accounts.

Improve this answer

You must log in to answer this question.

Not the answer you're looking for? Browse other questions tagged .