# Google Cloud VM Instances - Lab setup ## Introduction An instance is a virtual machine (VM) hosted on Google's infrastructure. You can create an instance or create a group of managed instances by using the Google Cloud console, the Google Cloud CLI, or the Compute Engine API. GCP Compute Engine instances can run the public images for Linux and Windows Server that Google provides as well as private custom images that you can create or import from your existing systems. You can also deploy Docker containers, which are automatically launched on instances running the Container-Optimized OS public image. This service is the equivalent of AWS's EC2. ## What are we going to cover We will look at some attacks that can occur due to misconfigurations in Google Cloud Platform, specifically around service accounts and badly managed permissions. This module will primarily cover * An introduction to google cloud instances, creating and setting up * Extracting service account tokens using app weaknesses * Escalating privileges in Google Cloud --- # Agent Instructions: Querying This Documentation If you need additional information that is not directly available in this page, you can query the documentation dynamically by asking a question. Perform an HTTP GET request on the current page URL with the `ask` query parameter: ``` GET https://0xcriminal.gitbook.io/about-me/cloudsec/compute-with-google-cloud/vm-instances.md?ask= ``` The question should be specific, self-contained, and written in natural language. The response will contain a direct answer to the question and relevant excerpts and sources from the documentation. Use this mechanism when the answer is not explicitly present in the current page, you need clarification or additional context, or you want to retrieve related documentation sections.