Supported services
The table below lists the Google services that support Access Approval.
GA indicates that approval requests are generally available for a service. Preview indicates that approval requests are supported, but might be changed in backward-incompatible ways and are not subject to any SLA or deprecation policy.
The following Google services are supported by Access Approval.
| Service | Availability |
|---|---|
| Access Context Manager | GA |
| AlloyDB for PostgreSQL | GA |
| GKE Identity Service | GA |
| Anthos Service Mesh | GA |
| App Engine | GA* |
| Application Integration | Preview |
| Artifact Registry | GA |
| BigQuery | GA† |
| Certificate Authority Service | GA |
| Cloud Bigtable | GA |
| Cloud Composer | GA |
| Cloud External Key Manager | GA |
| Cloud Functions | GA |
| Cloud HSM | GA |
| Cloud Key Management Service (Cloud KMS) | GA |
| Cloud Logging | GA |
| Cloud Monitoring | GA |
| Cloud NAT | GA |
| Cloud Run | GA |
| Cloud Spanner | GA |
| Cloud SQL | GA |
| Cloud Storage | GA |
| Cloud Tasks | GA |
| Compute Engine | GA |
| Connect Agent | GA |
| Dataflow | GA |
| Dataproc | GA |
| Eventarc | GA |
| Firebase Security Rules | Preview |
| Firestore | GA |
| GKE Hub API | GA |
| Google Kubernetes Engine | GA |
| Identity and Access Management | GA |
| Memorystore for Redis | GA |
| Organization Policy Service | Preview |
| Persistent Disk | GA |
| Pub/Sub | GA‡ |
| Resource Manager | Preview |
| Secret Manager | GA |
| Sensitive Data Protection | GA |
| Speaker ID | GA |
| Vertex AI Search | Preview |
* Cloud Storage and Cloud SQL are the only compatible storage backends for App Engine currently supported by Access Approval.
† Some information about your queries, tables, and datasets might not generate an Access Approval request when accessed by Google Cloud Support. Viewing query text, table names, dataset names, and dataset access control lists might not generate Access Approval requests; this access pathway gives read-only access. Viewing query results and table or dataset data still generates Access Transparency logs.
‡ Some information about your topics and subscriptions might not generate an Access Approval request when accessed by Google Cloud Support. Viewing topic names, subscription names, message attributes, and timestamps might not generate Access Approval requests; this pathway gives read-only access. Viewing message payloads still generates Access Approval requests and Access Transparency logs.