Supported services

The page lists the Google Cloud services that support Access Approval.

GA indicates that approval requests are generally available for a service. Preview indicates that approval requests are supported, but might be changed in backward-incompatible ways and are not subject to any SLA or deprecation policy.

Supported Google Cloud services

Access Approval supports the following Google Cloud services:

Supported service Launch stage Notes
Access Context Manager GA None
AlloyDB for PostgreSQL GA None
Apigee GA The following Apigee features are not supported by Access Approval:
  • Apigee portal
  • Features in the Preview launch stage
Additionally, Apigee Hybrid customers must upgrade to the latest version to get full Access Approval support.
App Engine GA Cloud Storage and Cloud SQL are the only compatible storage backends for App Engine supported by Access Approval.
Application Integration GA None
Artifact Registry GA None
BigQuery GA Some information about your queries, tables, and datasets might not generate an Access Approval request when accessed by Cloud Customer Care. Viewing query text, table names, dataset names, and dataset access control lists might not generate Access Approval requests; this access pathway gives read-only access. Viewing query results and table or dataset data still generates Access Transparency logs.
Bigtable GA None
Certificate Authority Service GA None
Cloud Build GA None
Cloud Composer GA None
Cloud DNS GA None
Cloud External Key Manager (Cloud EKM) GA None
Cloud Run functions GA None
Cloud Healthcare API GA None
Cloud Interconnect GA None
Cloud Key Management Service (Cloud KMS) GA None
Cloud Logging GA None
Cloud NAT GA None
Cloud Run GA None
Cloud SQL GA None
Cloud Service Mesh GA None
Cloud Storage GA None
Cloud Tasks GA None
Cloud VPN GA None
Compute Engine GA None
Connect Agent GA None
Database Center GA None
Dataflow GA None
Dataform GA None
Dataplex Preview None
Dataproc GA None
Google Distributed Cloud GA None
Eventarc GA None
Filestore GA None
Firebase Security Rules GA None
Firestore GA None
GKE Connect GA None
GKE Hub GA None
GKE Hub API GA None
GKE Identity Service GA None
Google Cloud Armor GA Access Approval is available for regional Google Cloud Armor security policies. Global Google Cloud Armor security policies won't generate Access Approval requests.
Google Security Operations SIEM GA Access Approval is available by request. To request this feature, contact Cloud Customer Care with the name of the product to enable and request that Access Approval be enabled for that product. To confirm if enabled, open Access Approval settings, and check the list of products shown.
Google Security Operations SOAR GA Access Approval is available by request. To request this feature, contact Cloud Customer Care with the name of the product to enable and request that Access Approval be enabled for that product. To confirm if enabled, open Access Approval settings, and check the list of products shown.
Cloud HSM GA None
Identity and Access Management (IAM) GA None
Identity-Aware Proxy GA None
Integration Connectors GA None
Google Kubernetes Engine GA None
Looker (Google Cloud core) GA None
Memorystore for Redis GA None
Cloud Monitoring GA None
Organization Policy Service Preview None
Persistent Disk GA None
Pub/Sub GA Some information about your topics and subscriptions might not generate an Access Approval request when accessed by Cloud Customer Care. Viewing topic names, subscription names, message attributes, and timestamps might not generate Access Approval requests; this pathway gives read-only access. Viewing message payloads still generates Access Approval requests and Access Transparency logs.
Resource Manager GA None
Secret Manager GA None
Secure Source Manager GA None
Sensitive Data Protection GA None
Serverless VPC Access GA None
Spanner GA None
Speaker ID GA None
Speech-to-Text GA None
Storage Transfer Service GA None
Cloud Service Mesh GA None
Vertex AI GA Access Approval is available by request. To request this feature, contact Cloud Customer Care with the name of the product to enable and request that Access Approval be enabled for that product. To confirm if enabled, open Access Approval settings, and check the list of products shown.
Vertex AI Search GA None
IAM workforce identity federation GA None

What's next