Stay organized with collections
Save and categorize content based on your preferences.
This page summarizes general requirements for deploying artifacts to
Google Cloud runtime environments.
There are two forms of access control to consider:
IAM permissions
Identity and Access Management permissions determine the users, service accounts and other
identities that can access
resources. You grant
Artifact Registry permissions
to identities that can access repositories.
Access scopes
Access scopes determine the
default OAuth scopes for requests made through the gcloud CLI and client
libraries on a VM instance. As a result, access scopes can further limit
access to API methods when authenticating with
application default credentials.
Google Cloud runtime environments are preconfigured with access to
repositories in the same project. You must configure or modify permissions
yourself if:
You are using a service account in one project to access
Artifact Registry in a different project
You are using a service account with read-only access to storage, but
you want the service account to both upload and download artifacts
You are using a custom service account to interact with
Artifact Registry.
For service-specific requirements, refer to the following information:
[[["Easy to understand","easyToUnderstand","thumb-up"],["Solved my problem","solvedMyProblem","thumb-up"],["Other","otherUp","thumb-up"]],[["Hard to understand","hardToUnderstand","thumb-down"],["Incorrect information or sample code","incorrectInformationOrSampleCode","thumb-down"],["Missing the information/samples I need","missingTheInformationSamplesINeed","thumb-down"],["Other","otherDown","thumb-down"]],["Last updated 2025-03-21 UTC."],[[["This page outlines the general requirements for deploying artifacts to Google Cloud runtime environments."],["Access to resources is controlled through IAM permissions, determining which identities can access repositories."],["Access scopes further limit API method access when authenticating with application default credentials."],["Google Cloud environments have default access to repositories in the same project, requiring manual configuration for cross-project access or service accounts with modified permissions."],["Service-specific deployment requirements can be found for App Engine, Cloud Run, Compute Engine, and Google Kubernetes Engine."]]],[]]
