Console
    Contact Us Start free

    Confidential Computing roles and permissions

    This page lists the IAM roles and permissions for Confidential Computing. To search through all roles and permissions, see the role and permission index .

    Confidential Computing roles

    Role
    Permissions

    ( roles/ confidentialcomputing.workloadUser )

    Grants the ability to generate an attestation token and run a workload in a VM. Intended for service accounts that run on Confidential Space VMs.

    confidentialcomputing.*

    • confidentialcomputing. challenges. create
    • confidentialcomputing. challenges. verify
    • confidentialcomputing. locations. get
    • confidentialcomputing. locations. list

    logging.logEntries.create

    Confidential Computing permissions

    Permission Included in roles

    Owner ( roles/ owner )

    Editor ( roles/ editor )

    Confidential Space Workload User ( roles/ confidentialcomputing.workloadUser )

    Owner ( roles/ owner )

    Editor ( roles/ editor )

    Confidential Space Workload User ( roles/ confidentialcomputing.workloadUser )

    Owner ( roles/ owner )

    Editor ( roles/ editor )

    Viewer ( roles/ viewer )

    Confidential Space Workload User ( roles/ confidentialcomputing.workloadUser )

    Support User ( roles/ iam.supportUser )

    Owner ( roles/ owner )

    Editor ( roles/ editor )

    Viewer ( roles/ viewer )

    Confidential Space Workload User ( roles/ confidentialcomputing.workloadUser )

    Security Admin ( roles/ iam.securityAdmin )

    Security Auditor ( roles/ iam.securityAuditor )

    Security Reviewer ( roles/ iam.securityReviewer )

    Support User ( roles/ iam.supportUser )
    Design a Mobile Site
    View Site in Mobile | Classic
    Share by: