Back to feed
GCP·Compute Engine·

Breaking: Changed: The following operations on the boot disk of a Compute Engine instance that has a service account attached...

Changed: The following operations on the boot disk of a Compute Engine instance that has a service account attached require the iam.serviceAccounts.actAs permission on the service account. In the following list, the boot disk of such an instance is referred to as the source disk.

• Creating a standard or archive snapshot of the source disk, including application consistent snapshots • Cloning the source disk • Creating a machine image of the instance • Creating a custom image of the source disk • Starting asynchronous replication of the source disk to another region • Creating a new disk when you create an instance, if the new disk is created from an instant snapshot of the source disk

If you have already have the Compute Instance Admin (v1) (roles/compute.instanceAdmin.v1) role and the Service Account User (v1) (roles/iam.serviceAccountUser) role on the project, no action is required.

Otherwise, ask your administrator to grant you the iam.serviceAccounts.actAs permission on the service account. For instructions, see Manage access to other resources.

Read original announcement

More from Compute Engine

Preview: To control the use of the deprecated container startup agent, an option for deploying containers on Compute...Apr 2, 2026Generally available: The maximum throughput for a Hyperdisk ML disk is increased to 2,097,152 MiB/s from 1,200,000 MiB/s.Mar 31, 2026Security: A vulnerability (CVE-2026-23268) about CrackArmor was discovered and has been addressed.Mar 27, 2026Generally available: The maximum throughput for a Hyperdisk Balanced High Availability disk is increased to 2,400 MiB/s from 1,200 MiB/s.Mar 24, 2026