Using Access Context Manager, you can create access levels that permit access to data based on the context of a request. While Access Context Manager already provides a method of creating basic access levels, you can also create custom access levels. Custom access levels enable your organization to use the device and context data of third-party security and endpoint management vendors to permit access to Google Cloud resources.
Custom access levels use boolean expressions written in a subset of Common Expression Language (CEL) to test the attributes of a client making a request.
In the Google Cloud console, custom access levels are configured using Advanced Mode when you create an access level.
To learn more about building CEL expressions for custom access levels, see the custom access level specification.
To start using custom access levels, see Creating custom access levels.
After custom access levels are created, they can be managed like other access levels.