To Configure a Network Client with Instance Metadata

1. Under Policies, select the Allowed Policies that clients can use. This applies to local clients, instance metadata clients, and custom JWT clients. It does not apply to registered JWT clients.
2. Under Instance Metadata Authentication, select one or more cloud providers and enter the required information.

   Cloud Provider	Field	Description
   Amazon Web Services	Account IDs	One or more AWS account IDs.
   Amazon Web Services	Regions	Optional. If omitted, all regions are allowed.
   Microsoft Azure	Subscription IDs	One or more Azure subscription IDs.
   Google Cloud	Project Identifiers	One or more project identifiers. Accepts both project numbers and project IDs.
   Google Cloud	Regions	Optional. If omitted, all regions are allowed.

   If instance metadata is enabled for any cloud provider, the Distributed Issuer config.yaml must include the identityDocument section with the server port and DNS name or IP address.
3. Click Create to save the configuration. See What's Next? for next steps.