Assigned
Status Update
No update yet.
Comments
ma...@google.com
ma...@google.com
Hello,
Thanks for reaching out to us!
The Product Engineering Team has been made aware of your feature request, and will address it in due course. Though we can't provide an ETA on feature requests nor guarantee their implementation, rest assured that your feedback is always taken very seriously, as it allows us to improve our products. Thank you for your trust and continued support to improve Google Cloud Platform products.
In case you want to report a new issue, please do not hesitate to create a new [Issue Tracker]
Thanks and Regards,
Onkar Mhetre
Google Cloud Support
Description
Currently there is no way to exempt Windows VMs from the Confidential Computing Organization policy constraint. Windows VMs are not supported by the policy at present. The constraint cannot be completely removed from the project as users will create other types of VMs.
What you would like to accomplish:
Would like to have an option to exempt Windows VMs from the Confidential Computing Organization policy constraint.
How this might work:
Using tags in the constraint or adding alternative options to explicitly allow Windows or defined images.
If applicable, reasons why alternative solutions are not sufficient:
Tried disabling the constraint, then creating the Windows VM and re-enabling the constraint. But during this time windows another user can create a VM with another OS which will be a confidential-less VM. Also this is not feasible to disable the constraint every time a user wants to create a Windows VM.
Other information (workarounds):
Only available workaround is to disable the constraint, then create the Windows VM and re-enabling the constraint. Once re-enable the constraint Windows VMs should work fine because the existing resources will continue to work as usual after the constraint is enforced.