How do I set image access constraints so that my image is only accessible by authorized users in GCP

0 votes
Oct 16, 2019 in GCP by anonymous
 • 19,610 points 1,421 views

1 answer to this question.

0 votes

You can enact an image access policy by setting a compute.trustedImageProjects constraint on your project, your organization, or your folder. 

You must have permission to modify organization policies to set these constraints. 

For example, the resourcemanager.organizationAdmin role has permission to set these constraints.

To set it:

  1. Go to the Organization policies page.

  2. In the policies list, click Define trusted image projects.

  3. Click Edit to edit your existing trusted image constraints.

  4. Set constraints to allow or deny one or more projects from which your project can obtain images. The allowed and denied list of publisher projects is a list of strings in the following format:

    projects/[PROJECT_ID]

    where [PROJECT_ID] is the project ID of the project that you want to mark as a trusted source for images.

    If your organization or folder has existing constraints, those constraints might conflict with project-level constraints that you set.

  5. Click Save to apply the constraint settings.

answered Oct 16, 2019 by Sirajul
 • 59,230 points

Related Questions In GCP

0 votes
1 answer

How do I ensure that all the VM instances created in my organisation are shielded VM's?

You can set the constraints/compute.requireShieldedVm organization policy constraint to True to require ...READ MORE

answered Oct 23, 2019 in GCP by Sirajul
 • 59,230 points 843 views
0 votes
1 answer

How do I access cloud filestore in datastore mode from my application running on apache server?

To access your Datastore mode database from ...READ MORE

answered Nov 4, 2019 in GCP by Sirajul
 • 59,230 points 1,358 views
0 votes
1 answer

Is there a way by which I can ensure that my VM instances do not share physical hardware with VM instances from other projects?

Sole-tenant nodes are physical servers dedicated to ...READ MORE

answered Nov 7, 2019 in GCP by Sirajul
 • 59,230 points 609 views
0 votes
1 answer

How do I know how much space is used in my cloud storage bucket?

You can use Stackdriver for daily monitoring ...READ MORE

answered Nov 19, 2019 in GCP by Sirajul
 • 59,230 points 2,823 views
0 votes
1 answer

Creating a SQL Server instance using Google Compute engine.

Google Compute Engine provides public images preconfigured with ...READ MORE

answered Sep 23, 2019 in GCP by Sirajul
 • 59,230 points 2,641 views
0 votes
1 answer

How do I know for how long an instance has been running on GCP?

If you SSH into the instance you ...READ MORE

answered Sep 23, 2019 in GCP by Sirajul
 • 59,230 points 3,032 views
0 votes
1 answer

How do i install gcloud compute?

The gcloud compute command-line tool enables you to easily ...READ MORE

answered Sep 23, 2019 in GCP by Sirajul
 • 59,230 points
edited Jun 16, 2023 by Khan Sarfaraz 1,040 views
0 votes
1 answer

Creating password for a windows instance on GCP

Windows Server instances use password authentication instead ...READ MORE

answered Sep 24, 2019 in GCP by Sirajul
 • 59,230 points 3,840 views
0 votes
1 answer

Does my GCP free-trial allow to access all services? Or Is there anything that I can do only if I upgrade to a paid account?

Your free trial credit applies to all ...READ MORE

answered Nov 19, 2019 in GCP by Sirajul
 • 59,230 points 4,173 views
0 votes
1 answer

Should i should down my VM instance on GCP so that I am not billed ? or just closing the remote desktop on GCP is enough?

Continuously make a point to shut down any ...READ MORE

answered Sep 23, 2019 in GCP by Sirajul
 • 59,230 points 2,558 views
webinar REGISTER FOR FREE WEBINAR X
REGISTER NOW
webinar_success Thank you for registering Join Edureka Meetup community for 100+ Free Webinars each month JOIN MEETUP GROUP
"PMP®","PMI®", "PMI-ACP®" and "PMBOK®" are registered marks of the Project Management Institute, Inc. MongoDB®, Mongo and the leaf logo are the registered trademarks of MongoDB, Inc.