Identity and Access Management (IAM) for Google Cloud VMware Engine follows the same principle of least privilege as any private or public cloud environment. Any user, process, or program should only be given permissions and privileges that are essential to performing its intended function.