The conditions for allowing only access to compute engines with the name start with dev- with project permissions as editor.

  1. Go to the IAM & Admin page.

  2. Click the ADD button to Add principals.

  3. Type user email address or group to the New principals and for Select a role choose Basic > Editor.

  4. Click Add condition to open Condition Editor page, type the Title for example “Allow access only to dev-”, click CONDITION EDITOR tab and paste the following Expression 

    
resource.type != 'compute.googleapis.com/Instance' ||
resource.name.extract('/instances/{name}').startsWith('dev-')

  5. Click the Save button to save the condition.

  6. Click the Save button again to save the IAM Roles.