The table below lists the Google Cloud services that support Access Approval.
GA indicates that approval requests are generally available for a service. Preview indicates that approval requests are supported, but might be changed in backward-incompatible ways and are not subject to any SLA or deprecation policy.
The following Google services are supported by Access Approval.
|Cloud Data Loss Prevention||GA|
|Cloud External Key Manager||GA|
|Cloud Key Management Service (Cloud KMS)||GA|
|Google Kubernetes Engine||GA|
|Identity and Access Management||GA|
|Organization Policy Service||Preview|
* Cloud Storage and Cloud SQL are the only compatible storage backends for App Engine currently supported by Access Approval.
** Some Access Transparency logs for Cloud Spanner might not contain Access Approval request IDs. The Access Transparency logs associated with those requests might not show in the logs view.
† Some information about your queries, tables, and datasets might not generate an Access Approval request when accessed by Google Cloud Support. Viewing query text, table names, dataset names, and dataset access control lists might not generate Access Approval requests; this access pathway gives read-only access. Viewing query results and table or dataset data still generates Access Transparency logs.
‡ Some information about your topics and subscriptions might not generate an Access Approval request when accessed by Google Cloud Support. Viewing topic names, subscription names, message attributes, and timestamps might not generate Access Approval requests; this pathway gives read-only access. Viewing message payloads still generates Access Approval requests and Access Transparency logs.