The conditions for allowing only access to compute engines with the name start with dev- with project permissions as editor.
Go to the IAM & Admin page.
Click the ADD button to Add principals.
Type user email address or group to the New principals and for Select a role choose Basic > Editor.
Click Add condition to open Condition Editor page, type the Title for example “Allow access only to dev-”, click CONDITION EDITOR tab and paste the following Expression
1resource.type != 'compute.googleapis.com/Instance' ||2resource.name.extract('/instances/{name}').startsWith('dev-')Click the Save button to save the condition.
Click the Save button again to save the IAM Roles.