Authenticate requests to the VMware Engine API

This document describes authentication for Google Cloud VMware Engine.

For more information about Google Cloud authentication, see the Google Cloud authentication overview.

Authentication to the API

VMware Engine provides an API for programmatic access, and you must authenticate to the API to use features of VMware Engine programmatically.

For more information, see Set up Application Default Credentials.

Authorization with IAM

When you use a service account for authentication and authorization, you grant roles to the service account, which enables code using that service account to access resources. Always grant roles with only the permissions your code requires; granting broader roles, such as basic roles, violates the principle of least privilege.

For more information about IAM and authorization, see VMware Engine IAM roles and permissions.