# Compute Engine The following subsections list the Google identify and access management (IAM) permissions, granted via Compute Engine access shortcuts. Use this information when [requesting Google Cloud Access permissions](/integrations/resource-integrations/google-cloud.md). ## Read Read grants the following IAM permissions for the instance or zone: ```typescript compute.instances.get compute.instances.list compute.instances.getEffectiveFirewalls compute.instances.getGuestAttributes compute.instances.getScreenshot compute.instances.getSerialPortOutput compute.instances.getShieldedInstanceIdentity compute.instances.getShieldedVmIdentity compute.instances.listEffectiveTags compute.instances.listReferrers compute.instances.listTagBindings ``` ## Write Write grants the following IAM permissions for the instance or zone: ```typescript compute.instances.addAccessConfig compute.instances.addMaintenancePolicies compute.instances.addResourcePolicies compute.instances.attachDisk compute.instances.createTagBinding compute.instances.delete compute.instances.deleteAccessConfig compute.instances.deleteTagBinding compute.instances.detachDisk compute.instances.get compute.instances.getEffectiveFirewalls compute.instances.getGuestAttributes compute.instances.getScreenshot compute.instances.getSerialPortOutput compute.instances.getShieldedInstanceIdentity compute.instances.getShieldedVmIdentity compute.instances.list compute.instances.listEffectiveTags compute.instances.listReferrers compute.instances.listTagBindings compute.instances.osLogin compute.instances.removeMaintenancePolicies compute.instances.removeResourcePolicies compute.instances.reset compute.instances.resume compute.instances.sendDiagnosticInterrupt compute.instances.setDeletionProtection compute.instances.setDiskAutoDelete compute.instances.setLabels compute.instances.setMachineResources compute.instances.setMachineType compute.instances.setMetadata compute.instances.setMinCpuPlatform compute.instances.setName compute.instances.setScheduling compute.instances.setServiceAccount compute.instances.setShieldedInstanceIntegrityPolicy compute.instances.setTags compute.instances.simulateMaintenanceEvent compute.instances.start compute.instances.startWithEncryptionKey compute.instances.stop compute.instances.suspend compute.instances.update compute.instances.updateAccessConfig compute.instances.updateDisplayDevice compute.instances.updateNetworkInterface compute.instances.updateSecurity compute.instances.updateShieldedInstanceConfig compute.instances.updateShieldedVmConfig compute.instances.use compute.instances.useReadOnly ``` ## Admin Admin grants the `compute.instanceAdmin` predefined role for the instance or zone. ## Create Create grants the `compute.instanceAdmin` predefined role for both the instance / zone and the region. ## SSH SSH grants the following IAM permissions for the specified instance or zone: ```typescript compute.disks.listEffectiveTags compute.disks.listTagBindings compute.images.listEffectiveTags compute.images.listTagBindings compute.instances.get compute.instances.listEffectiveTags compute.instances.setMetadata compute.instances.listTagBindings compute.instances.osLogin compute.projects.get compute.snapshots.listEffectiveTags compute.snapshots.listTagBindings ``` Grants `iam.serviceAccountUser` on the service account specified --- # Agent Instructions: Querying This Documentation If you need additional information that is not directly available in this page, you can query the documentation dynamically by asking a question. Perform an HTTP GET request on the current page URL with the `ask` query parameter: ``` GET https://docs.p0.dev/integrations/resource-integrations/google-cloud/permissions-reference/compute-engine.md?ask= ``` The question should be specific, self-contained, and written in natural language. The response will contain a direct answer to the question and relevant excerpts and sources from the documentation. Use this mechanism when the answer is not explicitly present in the current page, you need clarification or additional context, or you want to retrieve related documentation sections.