gcp.iam.WorkloadIdentityPool
Explore with Pulumi AI
Represents a collection of external workload identities. You can define IAM policies to grant these identities access to Google Cloud resources.
To get more information about WorkloadIdentityPool, see:
- API documentation
- How-to Guides
Example Usage
Iam Workload Identity Pool Basic
import * as pulumi from "@pulumi/pulumi";
import * as gcp from "@pulumi/gcp";
const example = new gcp.iam.WorkloadIdentityPool("example", {workloadIdentityPoolId: "example-pool"});
import pulumi
import pulumi_gcp as gcp
example = gcp.iam.WorkloadIdentityPool("example", workload_identity_pool_id="example-pool")
package main
import (
"github.com/pulumi/pulumi-gcp/sdk/v8/go/gcp/iam"
"github.com/pulumi/pulumi/sdk/v3/go/pulumi"
)
func main() {
pulumi.Run(func(ctx *pulumi.Context) error {
_, err := iam.NewWorkloadIdentityPool(ctx, "example", &iam.WorkloadIdentityPoolArgs{
WorkloadIdentityPoolId: pulumi.String("example-pool"),
})
if err != nil {
return err
}
return nil
})
}
using System.Collections.Generic;
using System.Linq;
using Pulumi;
using Gcp = Pulumi.Gcp;
return await Deployment.RunAsync(() =>
{
var example = new Gcp.Iam.WorkloadIdentityPool("example", new()
{
WorkloadIdentityPoolId = "example-pool",
});
});
package generated_program;
import com.pulumi.Context;
import com.pulumi.Pulumi;
import com.pulumi.core.Output;
import com.pulumi.gcp.iam.WorkloadIdentityPool;
import com.pulumi.gcp.iam.WorkloadIdentityPoolArgs;
import java.util.List;
import java.util.ArrayList;
import java.util.Map;
import java.io.File;
import java.nio.file.Files;
import java.nio.file.Paths;
public class App {
public static void main(String[] args) {
Pulumi.run(App::stack);
}
public static void stack(Context ctx) {
var example = new WorkloadIdentityPool("example", WorkloadIdentityPoolArgs.builder()
.workloadIdentityPoolId("example-pool")
.build());
}
}
resources:
example:
type: gcp:iam:WorkloadIdentityPool
properties:
workloadIdentityPoolId: example-pool
Iam Workload Identity Pool Full
import * as pulumi from "@pulumi/pulumi";
import * as gcp from "@pulumi/gcp";
const example = new gcp.iam.WorkloadIdentityPool("example", {
workloadIdentityPoolId: "example-pool",
displayName: "Name of pool",
description: "Identity pool for automated test",
disabled: true,
});
import pulumi
import pulumi_gcp as gcp
example = gcp.iam.WorkloadIdentityPool("example",
workload_identity_pool_id="example-pool",
display_name="Name of pool",
description="Identity pool for automated test",
disabled=True)
package main
import (
"github.com/pulumi/pulumi-gcp/sdk/v8/go/gcp/iam"
"github.com/pulumi/pulumi/sdk/v3/go/pulumi"
)
func main() {
pulumi.Run(func(ctx *pulumi.Context) error {
_, err := iam.NewWorkloadIdentityPool(ctx, "example", &iam.WorkloadIdentityPoolArgs{
WorkloadIdentityPoolId: pulumi.String("example-pool"),
DisplayName: pulumi.String("Name of pool"),
Description: pulumi.String("Identity pool for automated test"),
Disabled: pulumi.Bool(true),
})
if err != nil {
return err
}
return nil
})
}
using System.Collections.Generic;
using System.Linq;
using Pulumi;
using Gcp = Pulumi.Gcp;
return await Deployment.RunAsync(() =>
{
var example = new Gcp.Iam.WorkloadIdentityPool("example", new()
{
WorkloadIdentityPoolId = "example-pool",
DisplayName = "Name of pool",
Description = "Identity pool for automated test",
Disabled = true,
});
});
package generated_program;
import com.pulumi.Context;
import com.pulumi.Pulumi;
import com.pulumi.core.Output;
import com.pulumi.gcp.iam.WorkloadIdentityPool;
import com.pulumi.gcp.iam.WorkloadIdentityPoolArgs;
import java.util.List;
import java.util.ArrayList;
import java.util.Map;
import java.io.File;
import java.nio.file.Files;
import java.nio.file.Paths;
public class App {
public static void main(String[] args) {
Pulumi.run(App::stack);
}
public static void stack(Context ctx) {
var example = new WorkloadIdentityPool("example", WorkloadIdentityPoolArgs.builder()
.workloadIdentityPoolId("example-pool")
.displayName("Name of pool")
.description("Identity pool for automated test")
.disabled(true)
.build());
}
}
resources:
example:
type: gcp:iam:WorkloadIdentityPool
properties:
workloadIdentityPoolId: example-pool
displayName: Name of pool
description: Identity pool for automated test
disabled: true
Create WorkloadIdentityPool Resource
Resources are created with functions called constructors. To learn more about declaring and configuring resources, see Resources.
Constructor syntax
new WorkloadIdentityPool(name: string, args: WorkloadIdentityPoolArgs, opts?: CustomResourceOptions);
@overload
def WorkloadIdentityPool(resource_name: str,
args: WorkloadIdentityPoolArgs,
opts: Optional[ResourceOptions] = None)
@overload
def WorkloadIdentityPool(resource_name: str,
opts: Optional[ResourceOptions] = None,
workload_identity_pool_id: Optional[str] = None,
description: Optional[str] = None,
disabled: Optional[bool] = None,
display_name: Optional[str] = None,
project: Optional[str] = None)
func NewWorkloadIdentityPool(ctx *Context, name string, args WorkloadIdentityPoolArgs, opts ...ResourceOption) (*WorkloadIdentityPool, error)
public WorkloadIdentityPool(string name, WorkloadIdentityPoolArgs args, CustomResourceOptions? opts = null)
public WorkloadIdentityPool(String name, WorkloadIdentityPoolArgs args)
public WorkloadIdentityPool(String name, WorkloadIdentityPoolArgs args, CustomResourceOptions options)
type: gcp:iam:WorkloadIdentityPool
properties: # The arguments to resource properties.
options: # Bag of options to control resource's behavior.
Parameters
- name string
- The unique name of the resource.
- args WorkloadIdentityPoolArgs
- The arguments to resource properties.
- opts CustomResourceOptions
- Bag of options to control resource's behavior.
- resource_name str
- The unique name of the resource.
- args WorkloadIdentityPoolArgs
- The arguments to resource properties.
- opts ResourceOptions
- Bag of options to control resource's behavior.
- ctx Context
- Context object for the current deployment.
- name string
- The unique name of the resource.
- args WorkloadIdentityPoolArgs
- The arguments to resource properties.
- opts ResourceOption
- Bag of options to control resource's behavior.
- name string
- The unique name of the resource.
- args WorkloadIdentityPoolArgs
- The arguments to resource properties.
- opts CustomResourceOptions
- Bag of options to control resource's behavior.
- name String
- The unique name of the resource.
- args WorkloadIdentityPoolArgs
- The arguments to resource properties.
- options CustomResourceOptions
- Bag of options to control resource's behavior.
Constructor example
The following reference example uses placeholder values for all input properties.
var workloadIdentityPoolResource = new Gcp.Iam.WorkloadIdentityPool("workloadIdentityPoolResource", new()
{
WorkloadIdentityPoolId = "string",
Description = "string",
Disabled = false,
DisplayName = "string",
Project = "string",
});
example, err := iam.NewWorkloadIdentityPool(ctx, "workloadIdentityPoolResource", &iam.WorkloadIdentityPoolArgs{
WorkloadIdentityPoolId: pulumi.String("string"),
Description: pulumi.String("string"),
Disabled: pulumi.Bool(false),
DisplayName: pulumi.String("string"),
Project: pulumi.String("string"),
})
var workloadIdentityPoolResource = new WorkloadIdentityPool("workloadIdentityPoolResource", WorkloadIdentityPoolArgs.builder()
.workloadIdentityPoolId("string")
.description("string")
.disabled(false)
.displayName("string")
.project("string")
.build());
workload_identity_pool_resource = gcp.iam.WorkloadIdentityPool("workloadIdentityPoolResource",
workload_identity_pool_id="string",
description="string",
disabled=False,
display_name="string",
project="string")
const workloadIdentityPoolResource = new gcp.iam.WorkloadIdentityPool("workloadIdentityPoolResource", {
workloadIdentityPoolId: "string",
description: "string",
disabled: false,
displayName: "string",
project: "string",
});
type: gcp:iam:WorkloadIdentityPool
properties:
description: string
disabled: false
displayName: string
project: string
workloadIdentityPoolId: string
WorkloadIdentityPool Resource Properties
To learn more about resource properties and how to use them, see Inputs and Outputs in the Architecture and Concepts docs.
Inputs
In Python, inputs that are objects can be passed either as argument classes or as dictionary literals.
The WorkloadIdentityPool resource accepts the following input properties:
- Workload
Identity stringPool Id - The ID to use for the pool, which becomes the final component of the resource name. This
value should be 4-32 characters, and may contain the characters [a-z0-9-]. The prefix
gcp-
is reserved for use by Google, and may not be specified. - Description string
- A description of the pool. Cannot exceed 256 characters.
- Disabled bool
- Whether the pool is disabled. You cannot use a disabled pool to exchange tokens, or use existing tokens to access resources. If the pool is re-enabled, existing tokens grant access again.
- Display
Name string - A display name for the pool. Cannot exceed 32 characters.
- Project string
- The ID of the project in which the resource belongs. If it is not provided, the provider project is used.
- Workload
Identity stringPool Id - The ID to use for the pool, which becomes the final component of the resource name. This
value should be 4-32 characters, and may contain the characters [a-z0-9-]. The prefix
gcp-
is reserved for use by Google, and may not be specified. - Description string
- A description of the pool. Cannot exceed 256 characters.
- Disabled bool
- Whether the pool is disabled. You cannot use a disabled pool to exchange tokens, or use existing tokens to access resources. If the pool is re-enabled, existing tokens grant access again.
- Display
Name string - A display name for the pool. Cannot exceed 32 characters.
- Project string
- The ID of the project in which the resource belongs. If it is not provided, the provider project is used.
- workload
Identity StringPool Id - The ID to use for the pool, which becomes the final component of the resource name. This
value should be 4-32 characters, and may contain the characters [a-z0-9-]. The prefix
gcp-
is reserved for use by Google, and may not be specified. - description String
- A description of the pool. Cannot exceed 256 characters.
- disabled Boolean
- Whether the pool is disabled. You cannot use a disabled pool to exchange tokens, or use existing tokens to access resources. If the pool is re-enabled, existing tokens grant access again.
- display
Name String - A display name for the pool. Cannot exceed 32 characters.
- project String
- The ID of the project in which the resource belongs. If it is not provided, the provider project is used.
- workload
Identity stringPool Id - The ID to use for the pool, which becomes the final component of the resource name. This
value should be 4-32 characters, and may contain the characters [a-z0-9-]. The prefix
gcp-
is reserved for use by Google, and may not be specified. - description string
- A description of the pool. Cannot exceed 256 characters.
- disabled boolean
- Whether the pool is disabled. You cannot use a disabled pool to exchange tokens, or use existing tokens to access resources. If the pool is re-enabled, existing tokens grant access again.
- display
Name string - A display name for the pool. Cannot exceed 32 characters.
- project string
- The ID of the project in which the resource belongs. If it is not provided, the provider project is used.
- workload_
identity_ strpool_ id - The ID to use for the pool, which becomes the final component of the resource name. This
value should be 4-32 characters, and may contain the characters [a-z0-9-]. The prefix
gcp-
is reserved for use by Google, and may not be specified. - description str
- A description of the pool. Cannot exceed 256 characters.
- disabled bool
- Whether the pool is disabled. You cannot use a disabled pool to exchange tokens, or use existing tokens to access resources. If the pool is re-enabled, existing tokens grant access again.
- display_
name str - A display name for the pool. Cannot exceed 32 characters.
- project str
- The ID of the project in which the resource belongs. If it is not provided, the provider project is used.
- workload
Identity StringPool Id - The ID to use for the pool, which becomes the final component of the resource name. This
value should be 4-32 characters, and may contain the characters [a-z0-9-]. The prefix
gcp-
is reserved for use by Google, and may not be specified. - description String
- A description of the pool. Cannot exceed 256 characters.
- disabled Boolean
- Whether the pool is disabled. You cannot use a disabled pool to exchange tokens, or use existing tokens to access resources. If the pool is re-enabled, existing tokens grant access again.
- display
Name String - A display name for the pool. Cannot exceed 32 characters.
- project String
- The ID of the project in which the resource belongs. If it is not provided, the provider project is used.
Outputs
All input properties are implicitly available as output properties. Additionally, the WorkloadIdentityPool resource produces the following output properties:
- Id string
- The provider-assigned unique ID for this managed resource.
- Name string
- The resource name of the pool as
projects/{project_number}/locations/global/workloadIdentityPools/{workload_identity_pool_id}
. - State string
- The state of the pool.
- STATE_UNSPECIFIED: State unspecified.
- ACTIVE: The pool is active, and may be used in Google Cloud policies.
- DELETED: The pool is soft-deleted. Soft-deleted pools are permanently deleted after approximately 30 days. You can restore a soft-deleted pool using UndeleteWorkloadIdentityPool. You cannot reuse the ID of a soft-deleted pool until it is permanently deleted. While a pool is deleted, you cannot use it to exchange tokens, or use existing tokens to access resources. If the pool is undeleted, existing tokens grant access again.
- Id string
- The provider-assigned unique ID for this managed resource.
- Name string
- The resource name of the pool as
projects/{project_number}/locations/global/workloadIdentityPools/{workload_identity_pool_id}
. - State string
- The state of the pool.
- STATE_UNSPECIFIED: State unspecified.
- ACTIVE: The pool is active, and may be used in Google Cloud policies.
- DELETED: The pool is soft-deleted. Soft-deleted pools are permanently deleted after approximately 30 days. You can restore a soft-deleted pool using UndeleteWorkloadIdentityPool. You cannot reuse the ID of a soft-deleted pool until it is permanently deleted. While a pool is deleted, you cannot use it to exchange tokens, or use existing tokens to access resources. If the pool is undeleted, existing tokens grant access again.
- id String
- The provider-assigned unique ID for this managed resource.
- name String
- The resource name of the pool as
projects/{project_number}/locations/global/workloadIdentityPools/{workload_identity_pool_id}
. - state String
- The state of the pool.
- STATE_UNSPECIFIED: State unspecified.
- ACTIVE: The pool is active, and may be used in Google Cloud policies.
- DELETED: The pool is soft-deleted. Soft-deleted pools are permanently deleted after approximately 30 days. You can restore a soft-deleted pool using UndeleteWorkloadIdentityPool. You cannot reuse the ID of a soft-deleted pool until it is permanently deleted. While a pool is deleted, you cannot use it to exchange tokens, or use existing tokens to access resources. If the pool is undeleted, existing tokens grant access again.
- id string
- The provider-assigned unique ID for this managed resource.
- name string
- The resource name of the pool as
projects/{project_number}/locations/global/workloadIdentityPools/{workload_identity_pool_id}
. - state string
- The state of the pool.
- STATE_UNSPECIFIED: State unspecified.
- ACTIVE: The pool is active, and may be used in Google Cloud policies.
- DELETED: The pool is soft-deleted. Soft-deleted pools are permanently deleted after approximately 30 days. You can restore a soft-deleted pool using UndeleteWorkloadIdentityPool. You cannot reuse the ID of a soft-deleted pool until it is permanently deleted. While a pool is deleted, you cannot use it to exchange tokens, or use existing tokens to access resources. If the pool is undeleted, existing tokens grant access again.
- id str
- The provider-assigned unique ID for this managed resource.
- name str
- The resource name of the pool as
projects/{project_number}/locations/global/workloadIdentityPools/{workload_identity_pool_id}
. - state str
- The state of the pool.
- STATE_UNSPECIFIED: State unspecified.
- ACTIVE: The pool is active, and may be used in Google Cloud policies.
- DELETED: The pool is soft-deleted. Soft-deleted pools are permanently deleted after approximately 30 days. You can restore a soft-deleted pool using UndeleteWorkloadIdentityPool. You cannot reuse the ID of a soft-deleted pool until it is permanently deleted. While a pool is deleted, you cannot use it to exchange tokens, or use existing tokens to access resources. If the pool is undeleted, existing tokens grant access again.
- id String
- The provider-assigned unique ID for this managed resource.
- name String
- The resource name of the pool as
projects/{project_number}/locations/global/workloadIdentityPools/{workload_identity_pool_id}
. - state String
- The state of the pool.
- STATE_UNSPECIFIED: State unspecified.
- ACTIVE: The pool is active, and may be used in Google Cloud policies.
- DELETED: The pool is soft-deleted. Soft-deleted pools are permanently deleted after approximately 30 days. You can restore a soft-deleted pool using UndeleteWorkloadIdentityPool. You cannot reuse the ID of a soft-deleted pool until it is permanently deleted. While a pool is deleted, you cannot use it to exchange tokens, or use existing tokens to access resources. If the pool is undeleted, existing tokens grant access again.
Look up Existing WorkloadIdentityPool Resource
Get an existing WorkloadIdentityPool resource’s state with the given name, ID, and optional extra properties used to qualify the lookup.
public static get(name: string, id: Input<ID>, state?: WorkloadIdentityPoolState, opts?: CustomResourceOptions): WorkloadIdentityPool
@staticmethod
def get(resource_name: str,
id: str,
opts: Optional[ResourceOptions] = None,
description: Optional[str] = None,
disabled: Optional[bool] = None,
display_name: Optional[str] = None,
name: Optional[str] = None,
project: Optional[str] = None,
state: Optional[str] = None,
workload_identity_pool_id: Optional[str] = None) -> WorkloadIdentityPool
func GetWorkloadIdentityPool(ctx *Context, name string, id IDInput, state *WorkloadIdentityPoolState, opts ...ResourceOption) (*WorkloadIdentityPool, error)
public static WorkloadIdentityPool Get(string name, Input<string> id, WorkloadIdentityPoolState? state, CustomResourceOptions? opts = null)
public static WorkloadIdentityPool get(String name, Output<String> id, WorkloadIdentityPoolState state, CustomResourceOptions options)
Resource lookup is not supported in YAML
- name
- The unique name of the resulting resource.
- id
- The unique provider ID of the resource to lookup.
- state
- Any extra arguments used during the lookup.
- opts
- A bag of options that control this resource's behavior.
- resource_name
- The unique name of the resulting resource.
- id
- The unique provider ID of the resource to lookup.
- name
- The unique name of the resulting resource.
- id
- The unique provider ID of the resource to lookup.
- state
- Any extra arguments used during the lookup.
- opts
- A bag of options that control this resource's behavior.
- name
- The unique name of the resulting resource.
- id
- The unique provider ID of the resource to lookup.
- state
- Any extra arguments used during the lookup.
- opts
- A bag of options that control this resource's behavior.
- name
- The unique name of the resulting resource.
- id
- The unique provider ID of the resource to lookup.
- state
- Any extra arguments used during the lookup.
- opts
- A bag of options that control this resource's behavior.
- Description string
- A description of the pool. Cannot exceed 256 characters.
- Disabled bool
- Whether the pool is disabled. You cannot use a disabled pool to exchange tokens, or use existing tokens to access resources. If the pool is re-enabled, existing tokens grant access again.
- Display
Name string - A display name for the pool. Cannot exceed 32 characters.
- Name string
- The resource name of the pool as
projects/{project_number}/locations/global/workloadIdentityPools/{workload_identity_pool_id}
. - Project string
- The ID of the project in which the resource belongs. If it is not provided, the provider project is used.
- State string
- The state of the pool.
- STATE_UNSPECIFIED: State unspecified.
- ACTIVE: The pool is active, and may be used in Google Cloud policies.
- DELETED: The pool is soft-deleted. Soft-deleted pools are permanently deleted after approximately 30 days. You can restore a soft-deleted pool using UndeleteWorkloadIdentityPool. You cannot reuse the ID of a soft-deleted pool until it is permanently deleted. While a pool is deleted, you cannot use it to exchange tokens, or use existing tokens to access resources. If the pool is undeleted, existing tokens grant access again.
- Workload
Identity stringPool Id - The ID to use for the pool, which becomes the final component of the resource name. This
value should be 4-32 characters, and may contain the characters [a-z0-9-]. The prefix
gcp-
is reserved for use by Google, and may not be specified.
- Description string
- A description of the pool. Cannot exceed 256 characters.
- Disabled bool
- Whether the pool is disabled. You cannot use a disabled pool to exchange tokens, or use existing tokens to access resources. If the pool is re-enabled, existing tokens grant access again.
- Display
Name string - A display name for the pool. Cannot exceed 32 characters.
- Name string
- The resource name of the pool as
projects/{project_number}/locations/global/workloadIdentityPools/{workload_identity_pool_id}
. - Project string
- The ID of the project in which the resource belongs. If it is not provided, the provider project is used.
- State string
- The state of the pool.
- STATE_UNSPECIFIED: State unspecified.
- ACTIVE: The pool is active, and may be used in Google Cloud policies.
- DELETED: The pool is soft-deleted. Soft-deleted pools are permanently deleted after approximately 30 days. You can restore a soft-deleted pool using UndeleteWorkloadIdentityPool. You cannot reuse the ID of a soft-deleted pool until it is permanently deleted. While a pool is deleted, you cannot use it to exchange tokens, or use existing tokens to access resources. If the pool is undeleted, existing tokens grant access again.
- Workload
Identity stringPool Id - The ID to use for the pool, which becomes the final component of the resource name. This
value should be 4-32 characters, and may contain the characters [a-z0-9-]. The prefix
gcp-
is reserved for use by Google, and may not be specified.
- description String
- A description of the pool. Cannot exceed 256 characters.
- disabled Boolean
- Whether the pool is disabled. You cannot use a disabled pool to exchange tokens, or use existing tokens to access resources. If the pool is re-enabled, existing tokens grant access again.
- display
Name String - A display name for the pool. Cannot exceed 32 characters.
- name String
- The resource name of the pool as
projects/{project_number}/locations/global/workloadIdentityPools/{workload_identity_pool_id}
. - project String
- The ID of the project in which the resource belongs. If it is not provided, the provider project is used.
- state String
- The state of the pool.
- STATE_UNSPECIFIED: State unspecified.
- ACTIVE: The pool is active, and may be used in Google Cloud policies.
- DELETED: The pool is soft-deleted. Soft-deleted pools are permanently deleted after approximately 30 days. You can restore a soft-deleted pool using UndeleteWorkloadIdentityPool. You cannot reuse the ID of a soft-deleted pool until it is permanently deleted. While a pool is deleted, you cannot use it to exchange tokens, or use existing tokens to access resources. If the pool is undeleted, existing tokens grant access again.
- workload
Identity StringPool Id - The ID to use for the pool, which becomes the final component of the resource name. This
value should be 4-32 characters, and may contain the characters [a-z0-9-]. The prefix
gcp-
is reserved for use by Google, and may not be specified.
- description string
- A description of the pool. Cannot exceed 256 characters.
- disabled boolean
- Whether the pool is disabled. You cannot use a disabled pool to exchange tokens, or use existing tokens to access resources. If the pool is re-enabled, existing tokens grant access again.
- display
Name string - A display name for the pool. Cannot exceed 32 characters.
- name string
- The resource name of the pool as
projects/{project_number}/locations/global/workloadIdentityPools/{workload_identity_pool_id}
. - project string
- The ID of the project in which the resource belongs. If it is not provided, the provider project is used.
- state string
- The state of the pool.
- STATE_UNSPECIFIED: State unspecified.
- ACTIVE: The pool is active, and may be used in Google Cloud policies.
- DELETED: The pool is soft-deleted. Soft-deleted pools are permanently deleted after approximately 30 days. You can restore a soft-deleted pool using UndeleteWorkloadIdentityPool. You cannot reuse the ID of a soft-deleted pool until it is permanently deleted. While a pool is deleted, you cannot use it to exchange tokens, or use existing tokens to access resources. If the pool is undeleted, existing tokens grant access again.
- workload
Identity stringPool Id - The ID to use for the pool, which becomes the final component of the resource name. This
value should be 4-32 characters, and may contain the characters [a-z0-9-]. The prefix
gcp-
is reserved for use by Google, and may not be specified.
- description str
- A description of the pool. Cannot exceed 256 characters.
- disabled bool
- Whether the pool is disabled. You cannot use a disabled pool to exchange tokens, or use existing tokens to access resources. If the pool is re-enabled, existing tokens grant access again.
- display_
name str - A display name for the pool. Cannot exceed 32 characters.
- name str
- The resource name of the pool as
projects/{project_number}/locations/global/workloadIdentityPools/{workload_identity_pool_id}
. - project str
- The ID of the project in which the resource belongs. If it is not provided, the provider project is used.
- state str
- The state of the pool.
- STATE_UNSPECIFIED: State unspecified.
- ACTIVE: The pool is active, and may be used in Google Cloud policies.
- DELETED: The pool is soft-deleted. Soft-deleted pools are permanently deleted after approximately 30 days. You can restore a soft-deleted pool using UndeleteWorkloadIdentityPool. You cannot reuse the ID of a soft-deleted pool until it is permanently deleted. While a pool is deleted, you cannot use it to exchange tokens, or use existing tokens to access resources. If the pool is undeleted, existing tokens grant access again.
- workload_
identity_ strpool_ id - The ID to use for the pool, which becomes the final component of the resource name. This
value should be 4-32 characters, and may contain the characters [a-z0-9-]. The prefix
gcp-
is reserved for use by Google, and may not be specified.
- description String
- A description of the pool. Cannot exceed 256 characters.
- disabled Boolean
- Whether the pool is disabled. You cannot use a disabled pool to exchange tokens, or use existing tokens to access resources. If the pool is re-enabled, existing tokens grant access again.
- display
Name String - A display name for the pool. Cannot exceed 32 characters.
- name String
- The resource name of the pool as
projects/{project_number}/locations/global/workloadIdentityPools/{workload_identity_pool_id}
. - project String
- The ID of the project in which the resource belongs. If it is not provided, the provider project is used.
- state String
- The state of the pool.
- STATE_UNSPECIFIED: State unspecified.
- ACTIVE: The pool is active, and may be used in Google Cloud policies.
- DELETED: The pool is soft-deleted. Soft-deleted pools are permanently deleted after approximately 30 days. You can restore a soft-deleted pool using UndeleteWorkloadIdentityPool. You cannot reuse the ID of a soft-deleted pool until it is permanently deleted. While a pool is deleted, you cannot use it to exchange tokens, or use existing tokens to access resources. If the pool is undeleted, existing tokens grant access again.
- workload
Identity StringPool Id - The ID to use for the pool, which becomes the final component of the resource name. This
value should be 4-32 characters, and may contain the characters [a-z0-9-]. The prefix
gcp-
is reserved for use by Google, and may not be specified.
Import
WorkloadIdentityPool can be imported using any of these accepted formats:
projects/{{project}}/locations/global/workloadIdentityPools/{{workload_identity_pool_id}}
{{project}}/{{workload_identity_pool_id}}
{{workload_identity_pool_id}}
When using the pulumi import
command, WorkloadIdentityPool can be imported using one of the formats above. For example:
$ pulumi import gcp:iam/workloadIdentityPool:WorkloadIdentityPool default projects/{{project}}/locations/global/workloadIdentityPools/{{workload_identity_pool_id}}
$ pulumi import gcp:iam/workloadIdentityPool:WorkloadIdentityPool default {{project}}/{{workload_identity_pool_id}}
$ pulumi import gcp:iam/workloadIdentityPool:WorkloadIdentityPool default {{workload_identity_pool_id}}
To learn more about importing existing cloud resources, see Importing resources.
Package Details
- Repository
- Google Cloud (GCP) Classic pulumi/pulumi-gcp
- License
- Apache-2.0
- Notes
- This Pulumi package is based on the
google-beta
Terraform Provider.