1. Packages
  2. Google Cloud Native
  3. API Docs
  4. workstations
  5. workstations/v1
  6. WorkstationConfig

Google Cloud Native is in preview. Google Cloud Classic is fully supported.

Google Cloud Native v0.32.0 published on Wednesday, Nov 29, 2023 by Pulumi

google-native.workstations/v1.WorkstationConfig

Explore with Pulumi AI

google-native logo

Google Cloud Native is in preview. Google Cloud Classic is fully supported.

Google Cloud Native v0.32.0 published on Wednesday, Nov 29, 2023 by Pulumi

    Creates a new workstation configuration.

    Create WorkstationConfig Resource

    Resources are created with functions called constructors. To learn more about declaring and configuring resources, see Resources.

    Constructor syntax

    new WorkstationConfig(name: string, args: WorkstationConfigArgs, opts?: CustomResourceOptions);
    @overload
    def WorkstationConfig(resource_name: str,
                          args: WorkstationConfigArgs,
                          opts: Optional[ResourceOptions] = None)
    
    @overload
    def WorkstationConfig(resource_name: str,
                          opts: Optional[ResourceOptions] = None,
                          workstation_cluster_id: Optional[str] = None,
                          workstation_config_id: Optional[str] = None,
                          location: Optional[str] = None,
                          name: Optional[str] = None,
                          etag: Optional[str] = None,
                          host: Optional[HostArgs] = None,
                          idle_timeout: Optional[str] = None,
                          labels: Optional[Mapping[str, str]] = None,
                          annotations: Optional[Mapping[str, str]] = None,
                          encryption_key: Optional[CustomerEncryptionKeyArgs] = None,
                          persistent_directories: Optional[Sequence[PersistentDirectoryArgs]] = None,
                          project: Optional[str] = None,
                          readiness_checks: Optional[Sequence[ReadinessCheckArgs]] = None,
                          replica_zones: Optional[Sequence[str]] = None,
                          running_timeout: Optional[str] = None,
                          display_name: Optional[str] = None,
                          container: Optional[ContainerArgs] = None)
    func NewWorkstationConfig(ctx *Context, name string, args WorkstationConfigArgs, opts ...ResourceOption) (*WorkstationConfig, error)
    public WorkstationConfig(string name, WorkstationConfigArgs args, CustomResourceOptions? opts = null)
    public WorkstationConfig(String name, WorkstationConfigArgs args)
    public WorkstationConfig(String name, WorkstationConfigArgs args, CustomResourceOptions options)
    
    type: google-native:workstations/v1:WorkstationConfig
    properties: # The arguments to resource properties.
    options: # Bag of options to control resource's behavior.
    
    

    Parameters

    name string
    The unique name of the resource.
    args WorkstationConfigArgs
    The arguments to resource properties.
    opts CustomResourceOptions
    Bag of options to control resource's behavior.
    resource_name str
    The unique name of the resource.
    args WorkstationConfigArgs
    The arguments to resource properties.
    opts ResourceOptions
    Bag of options to control resource's behavior.
    ctx Context
    Context object for the current deployment.
    name string
    The unique name of the resource.
    args WorkstationConfigArgs
    The arguments to resource properties.
    opts ResourceOption
    Bag of options to control resource's behavior.
    name string
    The unique name of the resource.
    args WorkstationConfigArgs
    The arguments to resource properties.
    opts CustomResourceOptions
    Bag of options to control resource's behavior.
    name String
    The unique name of the resource.
    args WorkstationConfigArgs
    The arguments to resource properties.
    options CustomResourceOptions
    Bag of options to control resource's behavior.

    Constructor example

    The following reference example uses placeholder values for all input properties.

    var workstationConfigResource = new GoogleNative.Workstations.V1.WorkstationConfig("workstationConfigResource", new()
    {
        WorkstationClusterId = "string",
        WorkstationConfigId = "string",
        Location = "string",
        Name = "string",
        Etag = "string",
        Host = new GoogleNative.Workstations.V1.Inputs.HostArgs
        {
            GceInstance = new GoogleNative.Workstations.V1.Inputs.GceInstanceArgs
            {
                BootDiskSizeGb = 0,
                ConfidentialInstanceConfig = new GoogleNative.Workstations.V1.Inputs.GceConfidentialInstanceConfigArgs
                {
                    EnableConfidentialCompute = false,
                },
                DisablePublicIpAddresses = false,
                EnableNestedVirtualization = false,
                MachineType = "string",
                PoolSize = 0,
                ServiceAccount = "string",
                ServiceAccountScopes = new[]
                {
                    "string",
                },
                ShieldedInstanceConfig = new GoogleNative.Workstations.V1.Inputs.GceShieldedInstanceConfigArgs
                {
                    EnableIntegrityMonitoring = false,
                    EnableSecureBoot = false,
                    EnableVtpm = false,
                },
                Tags = new[]
                {
                    "string",
                },
            },
        },
        IdleTimeout = "string",
        Labels = 
        {
            { "string", "string" },
        },
        Annotations = 
        {
            { "string", "string" },
        },
        EncryptionKey = new GoogleNative.Workstations.V1.Inputs.CustomerEncryptionKeyArgs
        {
            KmsKey = "string",
            KmsKeyServiceAccount = "string",
        },
        PersistentDirectories = new[]
        {
            new GoogleNative.Workstations.V1.Inputs.PersistentDirectoryArgs
            {
                GcePd = new GoogleNative.Workstations.V1.Inputs.GceRegionalPersistentDiskArgs
                {
                    DiskType = "string",
                    FsType = "string",
                    ReclaimPolicy = GoogleNative.Workstations.V1.GceRegionalPersistentDiskReclaimPolicy.ReclaimPolicyUnspecified,
                    SizeGb = 0,
                    SourceSnapshot = "string",
                },
                MountPath = "string",
            },
        },
        Project = "string",
        ReadinessChecks = new[]
        {
            new GoogleNative.Workstations.V1.Inputs.ReadinessCheckArgs
            {
                Path = "string",
                Port = 0,
            },
        },
        ReplicaZones = new[]
        {
            "string",
        },
        RunningTimeout = "string",
        DisplayName = "string",
        Container = new GoogleNative.Workstations.V1.Inputs.ContainerArgs
        {
            Args = new[]
            {
                "string",
            },
            Command = new[]
            {
                "string",
            },
            Env = 
            {
                { "string", "string" },
            },
            Image = "string",
            RunAsUser = 0,
            WorkingDir = "string",
        },
    });
    
    example, err := workstations.NewWorkstationConfig(ctx, "workstationConfigResource", &workstations.WorkstationConfigArgs{
    	WorkstationClusterId: pulumi.String("string"),
    	WorkstationConfigId:  pulumi.String("string"),
    	Location:             pulumi.String("string"),
    	Name:                 pulumi.String("string"),
    	Etag:                 pulumi.String("string"),
    	Host: &workstations.HostArgs{
    		GceInstance: &workstations.GceInstanceArgs{
    			BootDiskSizeGb: pulumi.Int(0),
    			ConfidentialInstanceConfig: &workstations.GceConfidentialInstanceConfigArgs{
    				EnableConfidentialCompute: pulumi.Bool(false),
    			},
    			DisablePublicIpAddresses:   pulumi.Bool(false),
    			EnableNestedVirtualization: pulumi.Bool(false),
    			MachineType:                pulumi.String("string"),
    			PoolSize:                   pulumi.Int(0),
    			ServiceAccount:             pulumi.String("string"),
    			ServiceAccountScopes: pulumi.StringArray{
    				pulumi.String("string"),
    			},
    			ShieldedInstanceConfig: &workstations.GceShieldedInstanceConfigArgs{
    				EnableIntegrityMonitoring: pulumi.Bool(false),
    				EnableSecureBoot:          pulumi.Bool(false),
    				EnableVtpm:                pulumi.Bool(false),
    			},
    			Tags: pulumi.StringArray{
    				pulumi.String("string"),
    			},
    		},
    	},
    	IdleTimeout: pulumi.String("string"),
    	Labels: pulumi.StringMap{
    		"string": pulumi.String("string"),
    	},
    	Annotations: pulumi.StringMap{
    		"string": pulumi.String("string"),
    	},
    	EncryptionKey: &workstations.CustomerEncryptionKeyArgs{
    		KmsKey:               pulumi.String("string"),
    		KmsKeyServiceAccount: pulumi.String("string"),
    	},
    	PersistentDirectories: workstations.PersistentDirectoryArray{
    		&workstations.PersistentDirectoryArgs{
    			GcePd: &workstations.GceRegionalPersistentDiskArgs{
    				DiskType:       pulumi.String("string"),
    				FsType:         pulumi.String("string"),
    				ReclaimPolicy:  workstations.GceRegionalPersistentDiskReclaimPolicyReclaimPolicyUnspecified,
    				SizeGb:         pulumi.Int(0),
    				SourceSnapshot: pulumi.String("string"),
    			},
    			MountPath: pulumi.String("string"),
    		},
    	},
    	Project: pulumi.String("string"),
    	ReadinessChecks: workstations.ReadinessCheckArray{
    		&workstations.ReadinessCheckArgs{
    			Path: pulumi.String("string"),
    			Port: pulumi.Int(0),
    		},
    	},
    	ReplicaZones: pulumi.StringArray{
    		pulumi.String("string"),
    	},
    	RunningTimeout: pulumi.String("string"),
    	DisplayName:    pulumi.String("string"),
    	Container: &workstations.ContainerArgs{
    		Args: pulumi.StringArray{
    			pulumi.String("string"),
    		},
    		Command: pulumi.StringArray{
    			pulumi.String("string"),
    		},
    		Env: pulumi.StringMap{
    			"string": pulumi.String("string"),
    		},
    		Image:      pulumi.String("string"),
    		RunAsUser:  pulumi.Int(0),
    		WorkingDir: pulumi.String("string"),
    	},
    })
    
    var workstationConfigResource = new WorkstationConfig("workstationConfigResource", WorkstationConfigArgs.builder()
        .workstationClusterId("string")
        .workstationConfigId("string")
        .location("string")
        .name("string")
        .etag("string")
        .host(HostArgs.builder()
            .gceInstance(GceInstanceArgs.builder()
                .bootDiskSizeGb(0)
                .confidentialInstanceConfig(GceConfidentialInstanceConfigArgs.builder()
                    .enableConfidentialCompute(false)
                    .build())
                .disablePublicIpAddresses(false)
                .enableNestedVirtualization(false)
                .machineType("string")
                .poolSize(0)
                .serviceAccount("string")
                .serviceAccountScopes("string")
                .shieldedInstanceConfig(GceShieldedInstanceConfigArgs.builder()
                    .enableIntegrityMonitoring(false)
                    .enableSecureBoot(false)
                    .enableVtpm(false)
                    .build())
                .tags("string")
                .build())
            .build())
        .idleTimeout("string")
        .labels(Map.of("string", "string"))
        .annotations(Map.of("string", "string"))
        .encryptionKey(CustomerEncryptionKeyArgs.builder()
            .kmsKey("string")
            .kmsKeyServiceAccount("string")
            .build())
        .persistentDirectories(PersistentDirectoryArgs.builder()
            .gcePd(GceRegionalPersistentDiskArgs.builder()
                .diskType("string")
                .fsType("string")
                .reclaimPolicy("RECLAIM_POLICY_UNSPECIFIED")
                .sizeGb(0)
                .sourceSnapshot("string")
                .build())
            .mountPath("string")
            .build())
        .project("string")
        .readinessChecks(ReadinessCheckArgs.builder()
            .path("string")
            .port(0)
            .build())
        .replicaZones("string")
        .runningTimeout("string")
        .displayName("string")
        .container(ContainerArgs.builder()
            .args("string")
            .command("string")
            .env(Map.of("string", "string"))
            .image("string")
            .runAsUser(0)
            .workingDir("string")
            .build())
        .build());
    
    workstation_config_resource = google_native.workstations.v1.WorkstationConfig("workstationConfigResource",
        workstation_cluster_id="string",
        workstation_config_id="string",
        location="string",
        name="string",
        etag="string",
        host={
            "gce_instance": {
                "boot_disk_size_gb": 0,
                "confidential_instance_config": {
                    "enable_confidential_compute": False,
                },
                "disable_public_ip_addresses": False,
                "enable_nested_virtualization": False,
                "machine_type": "string",
                "pool_size": 0,
                "service_account": "string",
                "service_account_scopes": ["string"],
                "shielded_instance_config": {
                    "enable_integrity_monitoring": False,
                    "enable_secure_boot": False,
                    "enable_vtpm": False,
                },
                "tags": ["string"],
            },
        },
        idle_timeout="string",
        labels={
            "string": "string",
        },
        annotations={
            "string": "string",
        },
        encryption_key={
            "kms_key": "string",
            "kms_key_service_account": "string",
        },
        persistent_directories=[{
            "gce_pd": {
                "disk_type": "string",
                "fs_type": "string",
                "reclaim_policy": google_native.workstations.v1.GceRegionalPersistentDiskReclaimPolicy.RECLAIM_POLICY_UNSPECIFIED,
                "size_gb": 0,
                "source_snapshot": "string",
            },
            "mount_path": "string",
        }],
        project="string",
        readiness_checks=[{
            "path": "string",
            "port": 0,
        }],
        replica_zones=["string"],
        running_timeout="string",
        display_name="string",
        container={
            "args": ["string"],
            "command": ["string"],
            "env": {
                "string": "string",
            },
            "image": "string",
            "run_as_user": 0,
            "working_dir": "string",
        })
    
    const workstationConfigResource = new google_native.workstations.v1.WorkstationConfig("workstationConfigResource", {
        workstationClusterId: "string",
        workstationConfigId: "string",
        location: "string",
        name: "string",
        etag: "string",
        host: {
            gceInstance: {
                bootDiskSizeGb: 0,
                confidentialInstanceConfig: {
                    enableConfidentialCompute: false,
                },
                disablePublicIpAddresses: false,
                enableNestedVirtualization: false,
                machineType: "string",
                poolSize: 0,
                serviceAccount: "string",
                serviceAccountScopes: ["string"],
                shieldedInstanceConfig: {
                    enableIntegrityMonitoring: false,
                    enableSecureBoot: false,
                    enableVtpm: false,
                },
                tags: ["string"],
            },
        },
        idleTimeout: "string",
        labels: {
            string: "string",
        },
        annotations: {
            string: "string",
        },
        encryptionKey: {
            kmsKey: "string",
            kmsKeyServiceAccount: "string",
        },
        persistentDirectories: [{
            gcePd: {
                diskType: "string",
                fsType: "string",
                reclaimPolicy: google_native.workstations.v1.GceRegionalPersistentDiskReclaimPolicy.ReclaimPolicyUnspecified,
                sizeGb: 0,
                sourceSnapshot: "string",
            },
            mountPath: "string",
        }],
        project: "string",
        readinessChecks: [{
            path: "string",
            port: 0,
        }],
        replicaZones: ["string"],
        runningTimeout: "string",
        displayName: "string",
        container: {
            args: ["string"],
            command: ["string"],
            env: {
                string: "string",
            },
            image: "string",
            runAsUser: 0,
            workingDir: "string",
        },
    });
    
    type: google-native:workstations/v1:WorkstationConfig
    properties:
        annotations:
            string: string
        container:
            args:
                - string
            command:
                - string
            env:
                string: string
            image: string
            runAsUser: 0
            workingDir: string
        displayName: string
        encryptionKey:
            kmsKey: string
            kmsKeyServiceAccount: string
        etag: string
        host:
            gceInstance:
                bootDiskSizeGb: 0
                confidentialInstanceConfig:
                    enableConfidentialCompute: false
                disablePublicIpAddresses: false
                enableNestedVirtualization: false
                machineType: string
                poolSize: 0
                serviceAccount: string
                serviceAccountScopes:
                    - string
                shieldedInstanceConfig:
                    enableIntegrityMonitoring: false
                    enableSecureBoot: false
                    enableVtpm: false
                tags:
                    - string
        idleTimeout: string
        labels:
            string: string
        location: string
        name: string
        persistentDirectories:
            - gcePd:
                diskType: string
                fsType: string
                reclaimPolicy: RECLAIM_POLICY_UNSPECIFIED
                sizeGb: 0
                sourceSnapshot: string
              mountPath: string
        project: string
        readinessChecks:
            - path: string
              port: 0
        replicaZones:
            - string
        runningTimeout: string
        workstationClusterId: string
        workstationConfigId: string
    

    WorkstationConfig Resource Properties

    To learn more about resource properties and how to use them, see Inputs and Outputs in the Architecture and Concepts docs.

    Inputs

    In Python, inputs that are objects can be passed either as argument classes or as dictionary literals.

    The WorkstationConfig resource accepts the following input properties:

    WorkstationClusterId string
    WorkstationConfigId string
    Required. ID to use for the workstation configuration.
    Annotations Dictionary<string, string>
    Optional. Client-specified annotations.
    Container Pulumi.GoogleNative.Workstations.V1.Inputs.Container
    Optional. Container that runs upon startup for each workstation using this workstation configuration.
    DisplayName string
    Optional. Human-readable name for this workstation configuration.
    EncryptionKey Pulumi.GoogleNative.Workstations.V1.Inputs.CustomerEncryptionKey
    Immutable. Encrypts resources of this workstation configuration using a customer-managed encryption key (CMEK). If specified, the boot disk of the Compute Engine instance and the persistent disk are encrypted using this encryption key. If this field is not set, the disks are encrypted using a generated key. Customer-managed encryption keys do not protect disk metadata. If the customer-managed encryption key is rotated, when the workstation instance is stopped, the system attempts to recreate the persistent disk with the new version of the key. Be sure to keep older versions of the key until the persistent disk is recreated. Otherwise, data on the persistent disk might be lost. If the encryption key is revoked, the workstation session automatically stops within 7 hours. Immutable after the workstation configuration is created.
    Etag string
    Optional. Checksum computed by the server. May be sent on update and delete requests to make sure that the client has an up-to-date value before proceeding.
    Host Pulumi.GoogleNative.Workstations.V1.Inputs.Host
    Optional. Runtime host for the workstation.
    IdleTimeout string
    Optional. Number of seconds to wait before automatically stopping a workstation after it last received user traffic. A value of "0s" indicates that Cloud Workstations VMs created with this configuration should never time out due to idleness. Provide duration terminated by s for seconds—for example, "7200s" (2 hours). The default is "1200s" (20 minutes).
    Labels Dictionary<string, string>
    Optional. Labels that are applied to the workstation configuration and that are also propagated to the underlying Compute Engine resources.
    Location string
    Name string
    Identifier. Full name of this workstation configuration.
    PersistentDirectories List<Pulumi.GoogleNative.Workstations.V1.Inputs.PersistentDirectory>
    Optional. Directories to persist across workstation sessions.
    Project string
    ReadinessChecks List<Pulumi.GoogleNative.Workstations.V1.Inputs.ReadinessCheck>
    Optional. Readiness checks to perform when starting a workstation using this workstation configuration. Mark a workstation as running only after all specified readiness checks return 200 status codes.
    ReplicaZones List<string>
    Optional. Immutable. Specifies the zones used to replicate the VM and disk resources within the region. If set, exactly two zones within the workstation cluster's region must be specified—for example, ['us-central1-a', 'us-central1-f']. If this field is empty, two default zones within the region are used. Immutable after the workstation configuration is created.
    RunningTimeout string
    Optional. Number of seconds that a workstation can run until it is automatically shut down. We recommend that workstations be shut down daily to reduce costs and so that security updates can be applied upon restart. The idle_timeout and running_timeout fields are independent of each other. Note that the running_timeout field shuts down VMs after the specified time, regardless of whether or not the VMs are idle. Provide duration terminated by s for seconds—for example, "54000s" (15 hours). Defaults to "43200s" (12 hours). A value of "0s" indicates that workstations using this configuration should never time out. If encryption_key is set, it must be greater than "0s" and less than "86400s" (24 hours). Warning: A value of "0s" indicates that Cloud Workstations VMs created with this configuration have no maximum running time. This is strongly discouraged because you incur costs and will not pick up security updates.
    WorkstationClusterId string
    WorkstationConfigId string
    Required. ID to use for the workstation configuration.
    Annotations map[string]string
    Optional. Client-specified annotations.
    Container ContainerArgs
    Optional. Container that runs upon startup for each workstation using this workstation configuration.
    DisplayName string
    Optional. Human-readable name for this workstation configuration.
    EncryptionKey CustomerEncryptionKeyArgs
    Immutable. Encrypts resources of this workstation configuration using a customer-managed encryption key (CMEK). If specified, the boot disk of the Compute Engine instance and the persistent disk are encrypted using this encryption key. If this field is not set, the disks are encrypted using a generated key. Customer-managed encryption keys do not protect disk metadata. If the customer-managed encryption key is rotated, when the workstation instance is stopped, the system attempts to recreate the persistent disk with the new version of the key. Be sure to keep older versions of the key until the persistent disk is recreated. Otherwise, data on the persistent disk might be lost. If the encryption key is revoked, the workstation session automatically stops within 7 hours. Immutable after the workstation configuration is created.
    Etag string
    Optional. Checksum computed by the server. May be sent on update and delete requests to make sure that the client has an up-to-date value before proceeding.
    Host HostArgs
    Optional. Runtime host for the workstation.
    IdleTimeout string
    Optional. Number of seconds to wait before automatically stopping a workstation after it last received user traffic. A value of "0s" indicates that Cloud Workstations VMs created with this configuration should never time out due to idleness. Provide duration terminated by s for seconds—for example, "7200s" (2 hours). The default is "1200s" (20 minutes).
    Labels map[string]string
    Optional. Labels that are applied to the workstation configuration and that are also propagated to the underlying Compute Engine resources.
    Location string
    Name string
    Identifier. Full name of this workstation configuration.
    PersistentDirectories []PersistentDirectoryArgs
    Optional. Directories to persist across workstation sessions.
    Project string
    ReadinessChecks []ReadinessCheckArgs
    Optional. Readiness checks to perform when starting a workstation using this workstation configuration. Mark a workstation as running only after all specified readiness checks return 200 status codes.
    ReplicaZones []string
    Optional. Immutable. Specifies the zones used to replicate the VM and disk resources within the region. If set, exactly two zones within the workstation cluster's region must be specified—for example, ['us-central1-a', 'us-central1-f']. If this field is empty, two default zones within the region are used. Immutable after the workstation configuration is created.
    RunningTimeout string
    Optional. Number of seconds that a workstation can run until it is automatically shut down. We recommend that workstations be shut down daily to reduce costs and so that security updates can be applied upon restart. The idle_timeout and running_timeout fields are independent of each other. Note that the running_timeout field shuts down VMs after the specified time, regardless of whether or not the VMs are idle. Provide duration terminated by s for seconds—for example, "54000s" (15 hours). Defaults to "43200s" (12 hours). A value of "0s" indicates that workstations using this configuration should never time out. If encryption_key is set, it must be greater than "0s" and less than "86400s" (24 hours). Warning: A value of "0s" indicates that Cloud Workstations VMs created with this configuration have no maximum running time. This is strongly discouraged because you incur costs and will not pick up security updates.
    workstationClusterId String
    workstationConfigId String
    Required. ID to use for the workstation configuration.
    annotations Map<String,String>
    Optional. Client-specified annotations.
    container Container
    Optional. Container that runs upon startup for each workstation using this workstation configuration.
    displayName String
    Optional. Human-readable name for this workstation configuration.
    encryptionKey CustomerEncryptionKey
    Immutable. Encrypts resources of this workstation configuration using a customer-managed encryption key (CMEK). If specified, the boot disk of the Compute Engine instance and the persistent disk are encrypted using this encryption key. If this field is not set, the disks are encrypted using a generated key. Customer-managed encryption keys do not protect disk metadata. If the customer-managed encryption key is rotated, when the workstation instance is stopped, the system attempts to recreate the persistent disk with the new version of the key. Be sure to keep older versions of the key until the persistent disk is recreated. Otherwise, data on the persistent disk might be lost. If the encryption key is revoked, the workstation session automatically stops within 7 hours. Immutable after the workstation configuration is created.
    etag String
    Optional. Checksum computed by the server. May be sent on update and delete requests to make sure that the client has an up-to-date value before proceeding.
    host Host
    Optional. Runtime host for the workstation.
    idleTimeout String
    Optional. Number of seconds to wait before automatically stopping a workstation after it last received user traffic. A value of "0s" indicates that Cloud Workstations VMs created with this configuration should never time out due to idleness. Provide duration terminated by s for seconds—for example, "7200s" (2 hours). The default is "1200s" (20 minutes).
    labels Map<String,String>
    Optional. Labels that are applied to the workstation configuration and that are also propagated to the underlying Compute Engine resources.
    location String
    name String
    Identifier. Full name of this workstation configuration.
    persistentDirectories List<PersistentDirectory>
    Optional. Directories to persist across workstation sessions.
    project String
    readinessChecks List<ReadinessCheck>
    Optional. Readiness checks to perform when starting a workstation using this workstation configuration. Mark a workstation as running only after all specified readiness checks return 200 status codes.
    replicaZones List<String>
    Optional. Immutable. Specifies the zones used to replicate the VM and disk resources within the region. If set, exactly two zones within the workstation cluster's region must be specified—for example, ['us-central1-a', 'us-central1-f']. If this field is empty, two default zones within the region are used. Immutable after the workstation configuration is created.
    runningTimeout String
    Optional. Number of seconds that a workstation can run until it is automatically shut down. We recommend that workstations be shut down daily to reduce costs and so that security updates can be applied upon restart. The idle_timeout and running_timeout fields are independent of each other. Note that the running_timeout field shuts down VMs after the specified time, regardless of whether or not the VMs are idle. Provide duration terminated by s for seconds—for example, "54000s" (15 hours). Defaults to "43200s" (12 hours). A value of "0s" indicates that workstations using this configuration should never time out. If encryption_key is set, it must be greater than "0s" and less than "86400s" (24 hours). Warning: A value of "0s" indicates that Cloud Workstations VMs created with this configuration have no maximum running time. This is strongly discouraged because you incur costs and will not pick up security updates.
    workstationClusterId string
    workstationConfigId string
    Required. ID to use for the workstation configuration.
    annotations {[key: string]: string}
    Optional. Client-specified annotations.
    container Container
    Optional. Container that runs upon startup for each workstation using this workstation configuration.
    displayName string
    Optional. Human-readable name for this workstation configuration.
    encryptionKey CustomerEncryptionKey
    Immutable. Encrypts resources of this workstation configuration using a customer-managed encryption key (CMEK). If specified, the boot disk of the Compute Engine instance and the persistent disk are encrypted using this encryption key. If this field is not set, the disks are encrypted using a generated key. Customer-managed encryption keys do not protect disk metadata. If the customer-managed encryption key is rotated, when the workstation instance is stopped, the system attempts to recreate the persistent disk with the new version of the key. Be sure to keep older versions of the key until the persistent disk is recreated. Otherwise, data on the persistent disk might be lost. If the encryption key is revoked, the workstation session automatically stops within 7 hours. Immutable after the workstation configuration is created.
    etag string
    Optional. Checksum computed by the server. May be sent on update and delete requests to make sure that the client has an up-to-date value before proceeding.
    host Host
    Optional. Runtime host for the workstation.
    idleTimeout string
    Optional. Number of seconds to wait before automatically stopping a workstation after it last received user traffic. A value of "0s" indicates that Cloud Workstations VMs created with this configuration should never time out due to idleness. Provide duration terminated by s for seconds—for example, "7200s" (2 hours). The default is "1200s" (20 minutes).
    labels {[key: string]: string}
    Optional. Labels that are applied to the workstation configuration and that are also propagated to the underlying Compute Engine resources.
    location string
    name string
    Identifier. Full name of this workstation configuration.
    persistentDirectories PersistentDirectory[]
    Optional. Directories to persist across workstation sessions.
    project string
    readinessChecks ReadinessCheck[]
    Optional. Readiness checks to perform when starting a workstation using this workstation configuration. Mark a workstation as running only after all specified readiness checks return 200 status codes.
    replicaZones string[]
    Optional. Immutable. Specifies the zones used to replicate the VM and disk resources within the region. If set, exactly two zones within the workstation cluster's region must be specified—for example, ['us-central1-a', 'us-central1-f']. If this field is empty, two default zones within the region are used. Immutable after the workstation configuration is created.
    runningTimeout string
    Optional. Number of seconds that a workstation can run until it is automatically shut down. We recommend that workstations be shut down daily to reduce costs and so that security updates can be applied upon restart. The idle_timeout and running_timeout fields are independent of each other. Note that the running_timeout field shuts down VMs after the specified time, regardless of whether or not the VMs are idle. Provide duration terminated by s for seconds—for example, "54000s" (15 hours). Defaults to "43200s" (12 hours). A value of "0s" indicates that workstations using this configuration should never time out. If encryption_key is set, it must be greater than "0s" and less than "86400s" (24 hours). Warning: A value of "0s" indicates that Cloud Workstations VMs created with this configuration have no maximum running time. This is strongly discouraged because you incur costs and will not pick up security updates.
    workstation_cluster_id str
    workstation_config_id str
    Required. ID to use for the workstation configuration.
    annotations Mapping[str, str]
    Optional. Client-specified annotations.
    container ContainerArgs
    Optional. Container that runs upon startup for each workstation using this workstation configuration.
    display_name str
    Optional. Human-readable name for this workstation configuration.
    encryption_key CustomerEncryptionKeyArgs
    Immutable. Encrypts resources of this workstation configuration using a customer-managed encryption key (CMEK). If specified, the boot disk of the Compute Engine instance and the persistent disk are encrypted using this encryption key. If this field is not set, the disks are encrypted using a generated key. Customer-managed encryption keys do not protect disk metadata. If the customer-managed encryption key is rotated, when the workstation instance is stopped, the system attempts to recreate the persistent disk with the new version of the key. Be sure to keep older versions of the key until the persistent disk is recreated. Otherwise, data on the persistent disk might be lost. If the encryption key is revoked, the workstation session automatically stops within 7 hours. Immutable after the workstation configuration is created.
    etag str
    Optional. Checksum computed by the server. May be sent on update and delete requests to make sure that the client has an up-to-date value before proceeding.
    host HostArgs
    Optional. Runtime host for the workstation.
    idle_timeout str
    Optional. Number of seconds to wait before automatically stopping a workstation after it last received user traffic. A value of "0s" indicates that Cloud Workstations VMs created with this configuration should never time out due to idleness. Provide duration terminated by s for seconds—for example, "7200s" (2 hours). The default is "1200s" (20 minutes).
    labels Mapping[str, str]
    Optional. Labels that are applied to the workstation configuration and that are also propagated to the underlying Compute Engine resources.
    location str
    name str
    Identifier. Full name of this workstation configuration.
    persistent_directories Sequence[PersistentDirectoryArgs]
    Optional. Directories to persist across workstation sessions.
    project str
    readiness_checks Sequence[ReadinessCheckArgs]
    Optional. Readiness checks to perform when starting a workstation using this workstation configuration. Mark a workstation as running only after all specified readiness checks return 200 status codes.
    replica_zones Sequence[str]
    Optional. Immutable. Specifies the zones used to replicate the VM and disk resources within the region. If set, exactly two zones within the workstation cluster's region must be specified—for example, ['us-central1-a', 'us-central1-f']. If this field is empty, two default zones within the region are used. Immutable after the workstation configuration is created.
    running_timeout str
    Optional. Number of seconds that a workstation can run until it is automatically shut down. We recommend that workstations be shut down daily to reduce costs and so that security updates can be applied upon restart. The idle_timeout and running_timeout fields are independent of each other. Note that the running_timeout field shuts down VMs after the specified time, regardless of whether or not the VMs are idle. Provide duration terminated by s for seconds—for example, "54000s" (15 hours). Defaults to "43200s" (12 hours). A value of "0s" indicates that workstations using this configuration should never time out. If encryption_key is set, it must be greater than "0s" and less than "86400s" (24 hours). Warning: A value of "0s" indicates that Cloud Workstations VMs created with this configuration have no maximum running time. This is strongly discouraged because you incur costs and will not pick up security updates.
    workstationClusterId String
    workstationConfigId String
    Required. ID to use for the workstation configuration.
    annotations Map<String>
    Optional. Client-specified annotations.
    container Property Map
    Optional. Container that runs upon startup for each workstation using this workstation configuration.
    displayName String
    Optional. Human-readable name for this workstation configuration.
    encryptionKey Property Map
    Immutable. Encrypts resources of this workstation configuration using a customer-managed encryption key (CMEK). If specified, the boot disk of the Compute Engine instance and the persistent disk are encrypted using this encryption key. If this field is not set, the disks are encrypted using a generated key. Customer-managed encryption keys do not protect disk metadata. If the customer-managed encryption key is rotated, when the workstation instance is stopped, the system attempts to recreate the persistent disk with the new version of the key. Be sure to keep older versions of the key until the persistent disk is recreated. Otherwise, data on the persistent disk might be lost. If the encryption key is revoked, the workstation session automatically stops within 7 hours. Immutable after the workstation configuration is created.
    etag String
    Optional. Checksum computed by the server. May be sent on update and delete requests to make sure that the client has an up-to-date value before proceeding.
    host Property Map
    Optional. Runtime host for the workstation.
    idleTimeout String
    Optional. Number of seconds to wait before automatically stopping a workstation after it last received user traffic. A value of "0s" indicates that Cloud Workstations VMs created with this configuration should never time out due to idleness. Provide duration terminated by s for seconds—for example, "7200s" (2 hours). The default is "1200s" (20 minutes).
    labels Map<String>
    Optional. Labels that are applied to the workstation configuration and that are also propagated to the underlying Compute Engine resources.
    location String
    name String
    Identifier. Full name of this workstation configuration.
    persistentDirectories List<Property Map>
    Optional. Directories to persist across workstation sessions.
    project String
    readinessChecks List<Property Map>
    Optional. Readiness checks to perform when starting a workstation using this workstation configuration. Mark a workstation as running only after all specified readiness checks return 200 status codes.
    replicaZones List<String>
    Optional. Immutable. Specifies the zones used to replicate the VM and disk resources within the region. If set, exactly two zones within the workstation cluster's region must be specified—for example, ['us-central1-a', 'us-central1-f']. If this field is empty, two default zones within the region are used. Immutable after the workstation configuration is created.
    runningTimeout String
    Optional. Number of seconds that a workstation can run until it is automatically shut down. We recommend that workstations be shut down daily to reduce costs and so that security updates can be applied upon restart. The idle_timeout and running_timeout fields are independent of each other. Note that the running_timeout field shuts down VMs after the specified time, regardless of whether or not the VMs are idle. Provide duration terminated by s for seconds—for example, "54000s" (15 hours). Defaults to "43200s" (12 hours). A value of "0s" indicates that workstations using this configuration should never time out. If encryption_key is set, it must be greater than "0s" and less than "86400s" (24 hours). Warning: A value of "0s" indicates that Cloud Workstations VMs created with this configuration have no maximum running time. This is strongly discouraged because you incur costs and will not pick up security updates.

    Outputs

    All input properties are implicitly available as output properties. Additionally, the WorkstationConfig resource produces the following output properties:

    Conditions List<Pulumi.GoogleNative.Workstations.V1.Outputs.StatusResponse>
    Status conditions describing the current resource state.
    CreateTime string
    Time when this workstation configuration was created.
    Degraded bool
    Whether this resource is degraded, in which case it may require user action to restore full functionality. See also the conditions field.
    DeleteTime string
    Time when this workstation configuration was soft-deleted.
    Id string
    The provider-assigned unique ID for this managed resource.
    Reconciling bool
    Indicates whether this workstation configuration is currently being updated to match its intended state.
    Uid string
    A system-assigned unique identifier for this workstation configuration.
    UpdateTime string
    Time when this workstation configuration was most recently updated.
    Conditions []StatusResponse
    Status conditions describing the current resource state.
    CreateTime string
    Time when this workstation configuration was created.
    Degraded bool
    Whether this resource is degraded, in which case it may require user action to restore full functionality. See also the conditions field.
    DeleteTime string
    Time when this workstation configuration was soft-deleted.
    Id string
    The provider-assigned unique ID for this managed resource.
    Reconciling bool
    Indicates whether this workstation configuration is currently being updated to match its intended state.
    Uid string
    A system-assigned unique identifier for this workstation configuration.
    UpdateTime string
    Time when this workstation configuration was most recently updated.
    conditions List<StatusResponse>
    Status conditions describing the current resource state.
    createTime String
    Time when this workstation configuration was created.
    degraded Boolean
    Whether this resource is degraded, in which case it may require user action to restore full functionality. See also the conditions field.
    deleteTime String
    Time when this workstation configuration was soft-deleted.
    id String
    The provider-assigned unique ID for this managed resource.
    reconciling Boolean
    Indicates whether this workstation configuration is currently being updated to match its intended state.
    uid String
    A system-assigned unique identifier for this workstation configuration.
    updateTime String
    Time when this workstation configuration was most recently updated.
    conditions StatusResponse[]
    Status conditions describing the current resource state.
    createTime string
    Time when this workstation configuration was created.
    degraded boolean
    Whether this resource is degraded, in which case it may require user action to restore full functionality. See also the conditions field.
    deleteTime string
    Time when this workstation configuration was soft-deleted.
    id string
    The provider-assigned unique ID for this managed resource.
    reconciling boolean
    Indicates whether this workstation configuration is currently being updated to match its intended state.
    uid string
    A system-assigned unique identifier for this workstation configuration.
    updateTime string
    Time when this workstation configuration was most recently updated.
    conditions Sequence[StatusResponse]
    Status conditions describing the current resource state.
    create_time str
    Time when this workstation configuration was created.
    degraded bool
    Whether this resource is degraded, in which case it may require user action to restore full functionality. See also the conditions field.
    delete_time str
    Time when this workstation configuration was soft-deleted.
    id str
    The provider-assigned unique ID for this managed resource.
    reconciling bool
    Indicates whether this workstation configuration is currently being updated to match its intended state.
    uid str
    A system-assigned unique identifier for this workstation configuration.
    update_time str
    Time when this workstation configuration was most recently updated.
    conditions List<Property Map>
    Status conditions describing the current resource state.
    createTime String
    Time when this workstation configuration was created.
    degraded Boolean
    Whether this resource is degraded, in which case it may require user action to restore full functionality. See also the conditions field.
    deleteTime String
    Time when this workstation configuration was soft-deleted.
    id String
    The provider-assigned unique ID for this managed resource.
    reconciling Boolean
    Indicates whether this workstation configuration is currently being updated to match its intended state.
    uid String
    A system-assigned unique identifier for this workstation configuration.
    updateTime String
    Time when this workstation configuration was most recently updated.

    Supporting Types

    Container, ContainerArgs

    Args List<string>
    Optional. Arguments passed to the entrypoint.
    Command List<string>
    Optional. If set, overrides the default ENTRYPOINT specified by the image.
    Env Dictionary<string, string>
    Optional. Environment variables passed to the container's entrypoint.
    Image string
    Optional. A Docker container image that defines a custom environment. Cloud Workstations provides a number of preconfigured images, but you can create your own custom container images. If using a private image, the host.gceInstance.serviceAccount field must be specified in the workstation configuration. If using a custom container image, the service account must have Artifact Registry Reader permission to pull the specified image. Otherwise, the image must be publicly accessible.
    RunAsUser int
    Optional. If set, overrides the USER specified in the image with the given uid.
    WorkingDir string
    Optional. If set, overrides the default DIR specified by the image.
    Args []string
    Optional. Arguments passed to the entrypoint.
    Command []string
    Optional. If set, overrides the default ENTRYPOINT specified by the image.
    Env map[string]string
    Optional. Environment variables passed to the container's entrypoint.
    Image string
    Optional. A Docker container image that defines a custom environment. Cloud Workstations provides a number of preconfigured images, but you can create your own custom container images. If using a private image, the host.gceInstance.serviceAccount field must be specified in the workstation configuration. If using a custom container image, the service account must have Artifact Registry Reader permission to pull the specified image. Otherwise, the image must be publicly accessible.
    RunAsUser int
    Optional. If set, overrides the USER specified in the image with the given uid.
    WorkingDir string
    Optional. If set, overrides the default DIR specified by the image.
    args List<String>
    Optional. Arguments passed to the entrypoint.
    command List<String>
    Optional. If set, overrides the default ENTRYPOINT specified by the image.
    env Map<String,String>
    Optional. Environment variables passed to the container's entrypoint.
    image String
    Optional. A Docker container image that defines a custom environment. Cloud Workstations provides a number of preconfigured images, but you can create your own custom container images. If using a private image, the host.gceInstance.serviceAccount field must be specified in the workstation configuration. If using a custom container image, the service account must have Artifact Registry Reader permission to pull the specified image. Otherwise, the image must be publicly accessible.
    runAsUser Integer
    Optional. If set, overrides the USER specified in the image with the given uid.
    workingDir String
    Optional. If set, overrides the default DIR specified by the image.
    args string[]
    Optional. Arguments passed to the entrypoint.
    command string[]
    Optional. If set, overrides the default ENTRYPOINT specified by the image.
    env {[key: string]: string}
    Optional. Environment variables passed to the container's entrypoint.
    image string
    Optional. A Docker container image that defines a custom environment. Cloud Workstations provides a number of preconfigured images, but you can create your own custom container images. If using a private image, the host.gceInstance.serviceAccount field must be specified in the workstation configuration. If using a custom container image, the service account must have Artifact Registry Reader permission to pull the specified image. Otherwise, the image must be publicly accessible.
    runAsUser number
    Optional. If set, overrides the USER specified in the image with the given uid.
    workingDir string
    Optional. If set, overrides the default DIR specified by the image.
    args Sequence[str]
    Optional. Arguments passed to the entrypoint.
    command Sequence[str]
    Optional. If set, overrides the default ENTRYPOINT specified by the image.
    env Mapping[str, str]
    Optional. Environment variables passed to the container's entrypoint.
    image str
    Optional. A Docker container image that defines a custom environment. Cloud Workstations provides a number of preconfigured images, but you can create your own custom container images. If using a private image, the host.gceInstance.serviceAccount field must be specified in the workstation configuration. If using a custom container image, the service account must have Artifact Registry Reader permission to pull the specified image. Otherwise, the image must be publicly accessible.
    run_as_user int
    Optional. If set, overrides the USER specified in the image with the given uid.
    working_dir str
    Optional. If set, overrides the default DIR specified by the image.
    args List<String>
    Optional. Arguments passed to the entrypoint.
    command List<String>
    Optional. If set, overrides the default ENTRYPOINT specified by the image.
    env Map<String>
    Optional. Environment variables passed to the container's entrypoint.
    image String
    Optional. A Docker container image that defines a custom environment. Cloud Workstations provides a number of preconfigured images, but you can create your own custom container images. If using a private image, the host.gceInstance.serviceAccount field must be specified in the workstation configuration. If using a custom container image, the service account must have Artifact Registry Reader permission to pull the specified image. Otherwise, the image must be publicly accessible.
    runAsUser Number
    Optional. If set, overrides the USER specified in the image with the given uid.
    workingDir String
    Optional. If set, overrides the default DIR specified by the image.

    ContainerResponse, ContainerResponseArgs

    Args List<string>
    Optional. Arguments passed to the entrypoint.
    Command List<string>
    Optional. If set, overrides the default ENTRYPOINT specified by the image.
    Env Dictionary<string, string>
    Optional. Environment variables passed to the container's entrypoint.
    Image string
    Optional. A Docker container image that defines a custom environment. Cloud Workstations provides a number of preconfigured images, but you can create your own custom container images. If using a private image, the host.gceInstance.serviceAccount field must be specified in the workstation configuration. If using a custom container image, the service account must have Artifact Registry Reader permission to pull the specified image. Otherwise, the image must be publicly accessible.
    RunAsUser int
    Optional. If set, overrides the USER specified in the image with the given uid.
    WorkingDir string
    Optional. If set, overrides the default DIR specified by the image.
    Args []string
    Optional. Arguments passed to the entrypoint.
    Command []string
    Optional. If set, overrides the default ENTRYPOINT specified by the image.
    Env map[string]string
    Optional. Environment variables passed to the container's entrypoint.
    Image string
    Optional. A Docker container image that defines a custom environment. Cloud Workstations provides a number of preconfigured images, but you can create your own custom container images. If using a private image, the host.gceInstance.serviceAccount field must be specified in the workstation configuration. If using a custom container image, the service account must have Artifact Registry Reader permission to pull the specified image. Otherwise, the image must be publicly accessible.
    RunAsUser int
    Optional. If set, overrides the USER specified in the image with the given uid.
    WorkingDir string
    Optional. If set, overrides the default DIR specified by the image.
    args List<String>
    Optional. Arguments passed to the entrypoint.
    command List<String>
    Optional. If set, overrides the default ENTRYPOINT specified by the image.
    env Map<String,String>
    Optional. Environment variables passed to the container's entrypoint.
    image String
    Optional. A Docker container image that defines a custom environment. Cloud Workstations provides a number of preconfigured images, but you can create your own custom container images. If using a private image, the host.gceInstance.serviceAccount field must be specified in the workstation configuration. If using a custom container image, the service account must have Artifact Registry Reader permission to pull the specified image. Otherwise, the image must be publicly accessible.
    runAsUser Integer
    Optional. If set, overrides the USER specified in the image with the given uid.
    workingDir String
    Optional. If set, overrides the default DIR specified by the image.
    args string[]
    Optional. Arguments passed to the entrypoint.
    command string[]
    Optional. If set, overrides the default ENTRYPOINT specified by the image.
    env {[key: string]: string}
    Optional. Environment variables passed to the container's entrypoint.
    image string
    Optional. A Docker container image that defines a custom environment. Cloud Workstations provides a number of preconfigured images, but you can create your own custom container images. If using a private image, the host.gceInstance.serviceAccount field must be specified in the workstation configuration. If using a custom container image, the service account must have Artifact Registry Reader permission to pull the specified image. Otherwise, the image must be publicly accessible.
    runAsUser number
    Optional. If set, overrides the USER specified in the image with the given uid.
    workingDir string
    Optional. If set, overrides the default DIR specified by the image.
    args Sequence[str]
    Optional. Arguments passed to the entrypoint.
    command Sequence[str]
    Optional. If set, overrides the default ENTRYPOINT specified by the image.
    env Mapping[str, str]
    Optional. Environment variables passed to the container's entrypoint.
    image str
    Optional. A Docker container image that defines a custom environment. Cloud Workstations provides a number of preconfigured images, but you can create your own custom container images. If using a private image, the host.gceInstance.serviceAccount field must be specified in the workstation configuration. If using a custom container image, the service account must have Artifact Registry Reader permission to pull the specified image. Otherwise, the image must be publicly accessible.
    run_as_user int
    Optional. If set, overrides the USER specified in the image with the given uid.
    working_dir str
    Optional. If set, overrides the default DIR specified by the image.
    args List<String>
    Optional. Arguments passed to the entrypoint.
    command List<String>
    Optional. If set, overrides the default ENTRYPOINT specified by the image.
    env Map<String>
    Optional. Environment variables passed to the container's entrypoint.
    image String
    Optional. A Docker container image that defines a custom environment. Cloud Workstations provides a number of preconfigured images, but you can create your own custom container images. If using a private image, the host.gceInstance.serviceAccount field must be specified in the workstation configuration. If using a custom container image, the service account must have Artifact Registry Reader permission to pull the specified image. Otherwise, the image must be publicly accessible.
    runAsUser Number
    Optional. If set, overrides the USER specified in the image with the given uid.
    workingDir String
    Optional. If set, overrides the default DIR specified by the image.

    CustomerEncryptionKey, CustomerEncryptionKeyArgs

    KmsKey string
    Immutable. The name of the Google Cloud KMS encryption key. For example, "projects/PROJECT_ID/locations/REGION/keyRings/KEY_RING/cryptoKeys/KEY_NAME". The key must be in the same region as the workstation configuration.
    KmsKeyServiceAccount string
    Immutable. The service account to use with the specified KMS key. We recommend that you use a separate service account and follow KMS best practices. For more information, see Separation of duties and gcloud kms keys add-iam-policy-binding --member.
    KmsKey string
    Immutable. The name of the Google Cloud KMS encryption key. For example, "projects/PROJECT_ID/locations/REGION/keyRings/KEY_RING/cryptoKeys/KEY_NAME". The key must be in the same region as the workstation configuration.
    KmsKeyServiceAccount string
    Immutable. The service account to use with the specified KMS key. We recommend that you use a separate service account and follow KMS best practices. For more information, see Separation of duties and gcloud kms keys add-iam-policy-binding --member.
    kmsKey String
    Immutable. The name of the Google Cloud KMS encryption key. For example, "projects/PROJECT_ID/locations/REGION/keyRings/KEY_RING/cryptoKeys/KEY_NAME". The key must be in the same region as the workstation configuration.
    kmsKeyServiceAccount String
    Immutable. The service account to use with the specified KMS key. We recommend that you use a separate service account and follow KMS best practices. For more information, see Separation of duties and gcloud kms keys add-iam-policy-binding --member.
    kmsKey string
    Immutable. The name of the Google Cloud KMS encryption key. For example, "projects/PROJECT_ID/locations/REGION/keyRings/KEY_RING/cryptoKeys/KEY_NAME". The key must be in the same region as the workstation configuration.
    kmsKeyServiceAccount string
    Immutable. The service account to use with the specified KMS key. We recommend that you use a separate service account and follow KMS best practices. For more information, see Separation of duties and gcloud kms keys add-iam-policy-binding --member.
    kms_key str
    Immutable. The name of the Google Cloud KMS encryption key. For example, "projects/PROJECT_ID/locations/REGION/keyRings/KEY_RING/cryptoKeys/KEY_NAME". The key must be in the same region as the workstation configuration.
    kms_key_service_account str
    Immutable. The service account to use with the specified KMS key. We recommend that you use a separate service account and follow KMS best practices. For more information, see Separation of duties and gcloud kms keys add-iam-policy-binding --member.
    kmsKey String
    Immutable. The name of the Google Cloud KMS encryption key. For example, "projects/PROJECT_ID/locations/REGION/keyRings/KEY_RING/cryptoKeys/KEY_NAME". The key must be in the same region as the workstation configuration.
    kmsKeyServiceAccount String
    Immutable. The service account to use with the specified KMS key. We recommend that you use a separate service account and follow KMS best practices. For more information, see Separation of duties and gcloud kms keys add-iam-policy-binding --member.

    CustomerEncryptionKeyResponse, CustomerEncryptionKeyResponseArgs

    KmsKey string
    Immutable. The name of the Google Cloud KMS encryption key. For example, "projects/PROJECT_ID/locations/REGION/keyRings/KEY_RING/cryptoKeys/KEY_NAME". The key must be in the same region as the workstation configuration.
    KmsKeyServiceAccount string
    Immutable. The service account to use with the specified KMS key. We recommend that you use a separate service account and follow KMS best practices. For more information, see Separation of duties and gcloud kms keys add-iam-policy-binding --member.
    KmsKey string
    Immutable. The name of the Google Cloud KMS encryption key. For example, "projects/PROJECT_ID/locations/REGION/keyRings/KEY_RING/cryptoKeys/KEY_NAME". The key must be in the same region as the workstation configuration.
    KmsKeyServiceAccount string
    Immutable. The service account to use with the specified KMS key. We recommend that you use a separate service account and follow KMS best practices. For more information, see Separation of duties and gcloud kms keys add-iam-policy-binding --member.
    kmsKey String
    Immutable. The name of the Google Cloud KMS encryption key. For example, "projects/PROJECT_ID/locations/REGION/keyRings/KEY_RING/cryptoKeys/KEY_NAME". The key must be in the same region as the workstation configuration.
    kmsKeyServiceAccount String
    Immutable. The service account to use with the specified KMS key. We recommend that you use a separate service account and follow KMS best practices. For more information, see Separation of duties and gcloud kms keys add-iam-policy-binding --member.
    kmsKey string
    Immutable. The name of the Google Cloud KMS encryption key. For example, "projects/PROJECT_ID/locations/REGION/keyRings/KEY_RING/cryptoKeys/KEY_NAME". The key must be in the same region as the workstation configuration.
    kmsKeyServiceAccount string
    Immutable. The service account to use with the specified KMS key. We recommend that you use a separate service account and follow KMS best practices. For more information, see Separation of duties and gcloud kms keys add-iam-policy-binding --member.
    kms_key str
    Immutable. The name of the Google Cloud KMS encryption key. For example, "projects/PROJECT_ID/locations/REGION/keyRings/KEY_RING/cryptoKeys/KEY_NAME". The key must be in the same region as the workstation configuration.
    kms_key_service_account str
    Immutable. The service account to use with the specified KMS key. We recommend that you use a separate service account and follow KMS best practices. For more information, see Separation of duties and gcloud kms keys add-iam-policy-binding --member.
    kmsKey String
    Immutable. The name of the Google Cloud KMS encryption key. For example, "projects/PROJECT_ID/locations/REGION/keyRings/KEY_RING/cryptoKeys/KEY_NAME". The key must be in the same region as the workstation configuration.
    kmsKeyServiceAccount String
    Immutable. The service account to use with the specified KMS key. We recommend that you use a separate service account and follow KMS best practices. For more information, see Separation of duties and gcloud kms keys add-iam-policy-binding --member.

    GceConfidentialInstanceConfig, GceConfidentialInstanceConfigArgs

    EnableConfidentialCompute bool
    Optional. Whether the instance has confidential compute enabled.
    EnableConfidentialCompute bool
    Optional. Whether the instance has confidential compute enabled.
    enableConfidentialCompute Boolean
    Optional. Whether the instance has confidential compute enabled.
    enableConfidentialCompute boolean
    Optional. Whether the instance has confidential compute enabled.
    enable_confidential_compute bool
    Optional. Whether the instance has confidential compute enabled.
    enableConfidentialCompute Boolean
    Optional. Whether the instance has confidential compute enabled.

    GceConfidentialInstanceConfigResponse, GceConfidentialInstanceConfigResponseArgs

    EnableConfidentialCompute bool
    Optional. Whether the instance has confidential compute enabled.
    EnableConfidentialCompute bool
    Optional. Whether the instance has confidential compute enabled.
    enableConfidentialCompute Boolean
    Optional. Whether the instance has confidential compute enabled.
    enableConfidentialCompute boolean
    Optional. Whether the instance has confidential compute enabled.
    enable_confidential_compute bool
    Optional. Whether the instance has confidential compute enabled.
    enableConfidentialCompute Boolean
    Optional. Whether the instance has confidential compute enabled.

    GceInstance, GceInstanceArgs

    BootDiskSizeGb int
    Optional. The size of the boot disk for the VM in gigabytes (GB). The minimum boot disk size is 30 GB. Defaults to 50 GB.
    ConfidentialInstanceConfig Pulumi.GoogleNative.Workstations.V1.Inputs.GceConfidentialInstanceConfig
    Optional. A set of Compute Engine Confidential VM instance options.
    DisablePublicIpAddresses bool
    Optional. When set to true, disables public IP addresses for VMs. If you disable public IP addresses, you must set up Private Google Access or Cloud NAT on your network. If you use Private Google Access and you use private.googleapis.com or restricted.googleapis.com for Container Registry and Artifact Registry, make sure that you set up DNS records for domains *.gcr.io and *.pkg.dev. Defaults to false (VMs have public IP addresses).
    EnableNestedVirtualization bool
    Optional. Whether to enable nested virtualization on Cloud Workstations VMs created under this workstation configuration. Nested virtualization lets you run virtual machine (VM) instances inside your workstation. Before enabling nested virtualization, consider the following important considerations. Cloud Workstations instances are subject to the same restrictions as Compute Engine instances: * Organization policy: projects, folders, or organizations may be restricted from creating nested VMs if the Disable VM nested virtualization constraint is enforced in the organization policy. For more information, see the Compute Engine section, Checking whether nested virtualization is allowed. * Performance: nested VMs might experience a 10% or greater decrease in performance for workloads that are CPU-bound and possibly greater than a 10% decrease for workloads that are input/output bound. * Machine Type: nested virtualization can only be enabled on workstation configurations that specify a machine_type in the N1 or N2 machine series. * GPUs: nested virtualization may not be enabled on workstation configurations with accelerators. * Operating System: Because Container-Optimized OS does not support nested virtualization, when nested virtualization is enabled, the underlying Compute Engine VM instances boot from an Ubuntu LTS image.
    MachineType string
    Optional. The type of machine to use for VM instances—for example, "e2-standard-4". For more information about machine types that Cloud Workstations supports, see the list of available machine types.
    PoolSize int
    Optional. The number of VMs that the system should keep idle so that new workstations can be started quickly for new users. Defaults to 0 in the API.
    ServiceAccount string
    Optional. The email address of the service account for Cloud Workstations VMs created with this configuration. When specified, be sure that the service account has logginglogEntries.create permission on the project so it can write logs out to Cloud Logging. If using a custom container image, the service account must have Artifact Registry Reader permission to pull the specified image. If you as the administrator want to be able to ssh into the underlying VM, you need to set this value to a service account for which you have the iam.serviceAccounts.actAs permission. Conversely, if you don't want anyone to be able to ssh into the underlying VM, use a service account where no one has that permission. If not set, VMs run with a service account provided by the Cloud Workstations service, and the image must be publicly accessible.
    ServiceAccountScopes List<string>
    Optional. Scopes to grant to the service_account. Various scopes are automatically added based on feature usage. When specified, users of workstations under this configuration must have iam.serviceAccounts.actAs on the service account.
    ShieldedInstanceConfig Pulumi.GoogleNative.Workstations.V1.Inputs.GceShieldedInstanceConfig
    Optional. A set of Compute Engine Shielded instance options.
    Tags List<string>
    Optional. Network tags to add to the Compute Engine VMs backing the workstations. This option applies network tags to VMs created with this configuration. These network tags enable the creation of firewall rules.
    BootDiskSizeGb int
    Optional. The size of the boot disk for the VM in gigabytes (GB). The minimum boot disk size is 30 GB. Defaults to 50 GB.
    ConfidentialInstanceConfig GceConfidentialInstanceConfig
    Optional. A set of Compute Engine Confidential VM instance options.
    DisablePublicIpAddresses bool
    Optional. When set to true, disables public IP addresses for VMs. If you disable public IP addresses, you must set up Private Google Access or Cloud NAT on your network. If you use Private Google Access and you use private.googleapis.com or restricted.googleapis.com for Container Registry and Artifact Registry, make sure that you set up DNS records for domains *.gcr.io and *.pkg.dev. Defaults to false (VMs have public IP addresses).
    EnableNestedVirtualization bool
    Optional. Whether to enable nested virtualization on Cloud Workstations VMs created under this workstation configuration. Nested virtualization lets you run virtual machine (VM) instances inside your workstation. Before enabling nested virtualization, consider the following important considerations. Cloud Workstations instances are subject to the same restrictions as Compute Engine instances: * Organization policy: projects, folders, or organizations may be restricted from creating nested VMs if the Disable VM nested virtualization constraint is enforced in the organization policy. For more information, see the Compute Engine section, Checking whether nested virtualization is allowed. * Performance: nested VMs might experience a 10% or greater decrease in performance for workloads that are CPU-bound and possibly greater than a 10% decrease for workloads that are input/output bound. * Machine Type: nested virtualization can only be enabled on workstation configurations that specify a machine_type in the N1 or N2 machine series. * GPUs: nested virtualization may not be enabled on workstation configurations with accelerators. * Operating System: Because Container-Optimized OS does not support nested virtualization, when nested virtualization is enabled, the underlying Compute Engine VM instances boot from an Ubuntu LTS image.
    MachineType string
    Optional. The type of machine to use for VM instances—for example, "e2-standard-4". For more information about machine types that Cloud Workstations supports, see the list of available machine types.
    PoolSize int
    Optional. The number of VMs that the system should keep idle so that new workstations can be started quickly for new users. Defaults to 0 in the API.
    ServiceAccount string
    Optional. The email address of the service account for Cloud Workstations VMs created with this configuration. When specified, be sure that the service account has logginglogEntries.create permission on the project so it can write logs out to Cloud Logging. If using a custom container image, the service account must have Artifact Registry Reader permission to pull the specified image. If you as the administrator want to be able to ssh into the underlying VM, you need to set this value to a service account for which you have the iam.serviceAccounts.actAs permission. Conversely, if you don't want anyone to be able to ssh into the underlying VM, use a service account where no one has that permission. If not set, VMs run with a service account provided by the Cloud Workstations service, and the image must be publicly accessible.
    ServiceAccountScopes []string
    Optional. Scopes to grant to the service_account. Various scopes are automatically added based on feature usage. When specified, users of workstations under this configuration must have iam.serviceAccounts.actAs on the service account.
    ShieldedInstanceConfig GceShieldedInstanceConfig
    Optional. A set of Compute Engine Shielded instance options.
    Tags []string
    Optional. Network tags to add to the Compute Engine VMs backing the workstations. This option applies network tags to VMs created with this configuration. These network tags enable the creation of firewall rules.
    bootDiskSizeGb Integer
    Optional. The size of the boot disk for the VM in gigabytes (GB). The minimum boot disk size is 30 GB. Defaults to 50 GB.
    confidentialInstanceConfig GceConfidentialInstanceConfig
    Optional. A set of Compute Engine Confidential VM instance options.
    disablePublicIpAddresses Boolean
    Optional. When set to true, disables public IP addresses for VMs. If you disable public IP addresses, you must set up Private Google Access or Cloud NAT on your network. If you use Private Google Access and you use private.googleapis.com or restricted.googleapis.com for Container Registry and Artifact Registry, make sure that you set up DNS records for domains *.gcr.io and *.pkg.dev. Defaults to false (VMs have public IP addresses).
    enableNestedVirtualization Boolean
    Optional. Whether to enable nested virtualization on Cloud Workstations VMs created under this workstation configuration. Nested virtualization lets you run virtual machine (VM) instances inside your workstation. Before enabling nested virtualization, consider the following important considerations. Cloud Workstations instances are subject to the same restrictions as Compute Engine instances: * Organization policy: projects, folders, or organizations may be restricted from creating nested VMs if the Disable VM nested virtualization constraint is enforced in the organization policy. For more information, see the Compute Engine section, Checking whether nested virtualization is allowed. * Performance: nested VMs might experience a 10% or greater decrease in performance for workloads that are CPU-bound and possibly greater than a 10% decrease for workloads that are input/output bound. * Machine Type: nested virtualization can only be enabled on workstation configurations that specify a machine_type in the N1 or N2 machine series. * GPUs: nested virtualization may not be enabled on workstation configurations with accelerators. * Operating System: Because Container-Optimized OS does not support nested virtualization, when nested virtualization is enabled, the underlying Compute Engine VM instances boot from an Ubuntu LTS image.
    machineType String
    Optional. The type of machine to use for VM instances—for example, "e2-standard-4". For more information about machine types that Cloud Workstations supports, see the list of available machine types.
    poolSize Integer
    Optional. The number of VMs that the system should keep idle so that new workstations can be started quickly for new users. Defaults to 0 in the API.
    serviceAccount String
    Optional. The email address of the service account for Cloud Workstations VMs created with this configuration. When specified, be sure that the service account has logginglogEntries.create permission on the project so it can write logs out to Cloud Logging. If using a custom container image, the service account must have Artifact Registry Reader permission to pull the specified image. If you as the administrator want to be able to ssh into the underlying VM, you need to set this value to a service account for which you have the iam.serviceAccounts.actAs permission. Conversely, if you don't want anyone to be able to ssh into the underlying VM, use a service account where no one has that permission. If not set, VMs run with a service account provided by the Cloud Workstations service, and the image must be publicly accessible.
    serviceAccountScopes List<String>
    Optional. Scopes to grant to the service_account. Various scopes are automatically added based on feature usage. When specified, users of workstations under this configuration must have iam.serviceAccounts.actAs on the service account.
    shieldedInstanceConfig GceShieldedInstanceConfig
    Optional. A set of Compute Engine Shielded instance options.
    tags List<String>
    Optional. Network tags to add to the Compute Engine VMs backing the workstations. This option applies network tags to VMs created with this configuration. These network tags enable the creation of firewall rules.
    bootDiskSizeGb number
    Optional. The size of the boot disk for the VM in gigabytes (GB). The minimum boot disk size is 30 GB. Defaults to 50 GB.
    confidentialInstanceConfig GceConfidentialInstanceConfig
    Optional. A set of Compute Engine Confidential VM instance options.
    disablePublicIpAddresses boolean
    Optional. When set to true, disables public IP addresses for VMs. If you disable public IP addresses, you must set up Private Google Access or Cloud NAT on your network. If you use Private Google Access and you use private.googleapis.com or restricted.googleapis.com for Container Registry and Artifact Registry, make sure that you set up DNS records for domains *.gcr.io and *.pkg.dev. Defaults to false (VMs have public IP addresses).
    enableNestedVirtualization boolean
    Optional. Whether to enable nested virtualization on Cloud Workstations VMs created under this workstation configuration. Nested virtualization lets you run virtual machine (VM) instances inside your workstation. Before enabling nested virtualization, consider the following important considerations. Cloud Workstations instances are subject to the same restrictions as Compute Engine instances: * Organization policy: projects, folders, or organizations may be restricted from creating nested VMs if the Disable VM nested virtualization constraint is enforced in the organization policy. For more information, see the Compute Engine section, Checking whether nested virtualization is allowed. * Performance: nested VMs might experience a 10% or greater decrease in performance for workloads that are CPU-bound and possibly greater than a 10% decrease for workloads that are input/output bound. * Machine Type: nested virtualization can only be enabled on workstation configurations that specify a machine_type in the N1 or N2 machine series. * GPUs: nested virtualization may not be enabled on workstation configurations with accelerators. * Operating System: Because Container-Optimized OS does not support nested virtualization, when nested virtualization is enabled, the underlying Compute Engine VM instances boot from an Ubuntu LTS image.
    machineType string
    Optional. The type of machine to use for VM instances—for example, "e2-standard-4". For more information about machine types that Cloud Workstations supports, see the list of available machine types.
    poolSize number
    Optional. The number of VMs that the system should keep idle so that new workstations can be started quickly for new users. Defaults to 0 in the API.
    serviceAccount string
    Optional. The email address of the service account for Cloud Workstations VMs created with this configuration. When specified, be sure that the service account has logginglogEntries.create permission on the project so it can write logs out to Cloud Logging. If using a custom container image, the service account must have Artifact Registry Reader permission to pull the specified image. If you as the administrator want to be able to ssh into the underlying VM, you need to set this value to a service account for which you have the iam.serviceAccounts.actAs permission. Conversely, if you don't want anyone to be able to ssh into the underlying VM, use a service account where no one has that permission. If not set, VMs run with a service account provided by the Cloud Workstations service, and the image must be publicly accessible.
    serviceAccountScopes string[]
    Optional. Scopes to grant to the service_account. Various scopes are automatically added based on feature usage. When specified, users of workstations under this configuration must have iam.serviceAccounts.actAs on the service account.
    shieldedInstanceConfig GceShieldedInstanceConfig
    Optional. A set of Compute Engine Shielded instance options.
    tags string[]
    Optional. Network tags to add to the Compute Engine VMs backing the workstations. This option applies network tags to VMs created with this configuration. These network tags enable the creation of firewall rules.
    boot_disk_size_gb int
    Optional. The size of the boot disk for the VM in gigabytes (GB). The minimum boot disk size is 30 GB. Defaults to 50 GB.
    confidential_instance_config GceConfidentialInstanceConfig
    Optional. A set of Compute Engine Confidential VM instance options.
    disable_public_ip_addresses bool
    Optional. When set to true, disables public IP addresses for VMs. If you disable public IP addresses, you must set up Private Google Access or Cloud NAT on your network. If you use Private Google Access and you use private.googleapis.com or restricted.googleapis.com for Container Registry and Artifact Registry, make sure that you set up DNS records for domains *.gcr.io and *.pkg.dev. Defaults to false (VMs have public IP addresses).
    enable_nested_virtualization bool
    Optional. Whether to enable nested virtualization on Cloud Workstations VMs created under this workstation configuration. Nested virtualization lets you run virtual machine (VM) instances inside your workstation. Before enabling nested virtualization, consider the following important considerations. Cloud Workstations instances are subject to the same restrictions as Compute Engine instances: * Organization policy: projects, folders, or organizations may be restricted from creating nested VMs if the Disable VM nested virtualization constraint is enforced in the organization policy. For more information, see the Compute Engine section, Checking whether nested virtualization is allowed. * Performance: nested VMs might experience a 10% or greater decrease in performance for workloads that are CPU-bound and possibly greater than a 10% decrease for workloads that are input/output bound. * Machine Type: nested virtualization can only be enabled on workstation configurations that specify a machine_type in the N1 or N2 machine series. * GPUs: nested virtualization may not be enabled on workstation configurations with accelerators. * Operating System: Because Container-Optimized OS does not support nested virtualization, when nested virtualization is enabled, the underlying Compute Engine VM instances boot from an Ubuntu LTS image.
    machine_type str
    Optional. The type of machine to use for VM instances—for example, "e2-standard-4". For more information about machine types that Cloud Workstations supports, see the list of available machine types.
    pool_size int
    Optional. The number of VMs that the system should keep idle so that new workstations can be started quickly for new users. Defaults to 0 in the API.
    service_account str
    Optional. The email address of the service account for Cloud Workstations VMs created with this configuration. When specified, be sure that the service account has logginglogEntries.create permission on the project so it can write logs out to Cloud Logging. If using a custom container image, the service account must have Artifact Registry Reader permission to pull the specified image. If you as the administrator want to be able to ssh into the underlying VM, you need to set this value to a service account for which you have the iam.serviceAccounts.actAs permission. Conversely, if you don't want anyone to be able to ssh into the underlying VM, use a service account where no one has that permission. If not set, VMs run with a service account provided by the Cloud Workstations service, and the image must be publicly accessible.
    service_account_scopes Sequence[str]
    Optional. Scopes to grant to the service_account. Various scopes are automatically added based on feature usage. When specified, users of workstations under this configuration must have iam.serviceAccounts.actAs on the service account.
    shielded_instance_config GceShieldedInstanceConfig
    Optional. A set of Compute Engine Shielded instance options.
    tags Sequence[str]
    Optional. Network tags to add to the Compute Engine VMs backing the workstations. This option applies network tags to VMs created with this configuration. These network tags enable the creation of firewall rules.
    bootDiskSizeGb Number
    Optional. The size of the boot disk for the VM in gigabytes (GB). The minimum boot disk size is 30 GB. Defaults to 50 GB.
    confidentialInstanceConfig Property Map
    Optional. A set of Compute Engine Confidential VM instance options.
    disablePublicIpAddresses Boolean
    Optional. When set to true, disables public IP addresses for VMs. If you disable public IP addresses, you must set up Private Google Access or Cloud NAT on your network. If you use Private Google Access and you use private.googleapis.com or restricted.googleapis.com for Container Registry and Artifact Registry, make sure that you set up DNS records for domains *.gcr.io and *.pkg.dev. Defaults to false (VMs have public IP addresses).
    enableNestedVirtualization Boolean
    Optional. Whether to enable nested virtualization on Cloud Workstations VMs created under this workstation configuration. Nested virtualization lets you run virtual machine (VM) instances inside your workstation. Before enabling nested virtualization, consider the following important considerations. Cloud Workstations instances are subject to the same restrictions as Compute Engine instances: * Organization policy: projects, folders, or organizations may be restricted from creating nested VMs if the Disable VM nested virtualization constraint is enforced in the organization policy. For more information, see the Compute Engine section, Checking whether nested virtualization is allowed. * Performance: nested VMs might experience a 10% or greater decrease in performance for workloads that are CPU-bound and possibly greater than a 10% decrease for workloads that are input/output bound. * Machine Type: nested virtualization can only be enabled on workstation configurations that specify a machine_type in the N1 or N2 machine series. * GPUs: nested virtualization may not be enabled on workstation configurations with accelerators. * Operating System: Because Container-Optimized OS does not support nested virtualization, when nested virtualization is enabled, the underlying Compute Engine VM instances boot from an Ubuntu LTS image.
    machineType String
    Optional. The type of machine to use for VM instances—for example, "e2-standard-4". For more information about machine types that Cloud Workstations supports, see the list of available machine types.
    poolSize Number
    Optional. The number of VMs that the system should keep idle so that new workstations can be started quickly for new users. Defaults to 0 in the API.
    serviceAccount String
    Optional. The email address of the service account for Cloud Workstations VMs created with this configuration. When specified, be sure that the service account has logginglogEntries.create permission on the project so it can write logs out to Cloud Logging. If using a custom container image, the service account must have Artifact Registry Reader permission to pull the specified image. If you as the administrator want to be able to ssh into the underlying VM, you need to set this value to a service account for which you have the iam.serviceAccounts.actAs permission. Conversely, if you don't want anyone to be able to ssh into the underlying VM, use a service account where no one has that permission. If not set, VMs run with a service account provided by the Cloud Workstations service, and the image must be publicly accessible.
    serviceAccountScopes List<String>
    Optional. Scopes to grant to the service_account. Various scopes are automatically added based on feature usage. When specified, users of workstations under this configuration must have iam.serviceAccounts.actAs on the service account.
    shieldedInstanceConfig Property Map
    Optional. A set of Compute Engine Shielded instance options.
    tags List<String>
    Optional. Network tags to add to the Compute Engine VMs backing the workstations. This option applies network tags to VMs created with this configuration. These network tags enable the creation of firewall rules.

    GceInstanceResponse, GceInstanceResponseArgs

    BootDiskSizeGb int
    Optional. The size of the boot disk for the VM in gigabytes (GB). The minimum boot disk size is 30 GB. Defaults to 50 GB.
    ConfidentialInstanceConfig Pulumi.GoogleNative.Workstations.V1.Inputs.GceConfidentialInstanceConfigResponse
    Optional. A set of Compute Engine Confidential VM instance options.
    DisablePublicIpAddresses bool
    Optional. When set to true, disables public IP addresses for VMs. If you disable public IP addresses, you must set up Private Google Access or Cloud NAT on your network. If you use Private Google Access and you use private.googleapis.com or restricted.googleapis.com for Container Registry and Artifact Registry, make sure that you set up DNS records for domains *.gcr.io and *.pkg.dev. Defaults to false (VMs have public IP addresses).
    EnableNestedVirtualization bool
    Optional. Whether to enable nested virtualization on Cloud Workstations VMs created under this workstation configuration. Nested virtualization lets you run virtual machine (VM) instances inside your workstation. Before enabling nested virtualization, consider the following important considerations. Cloud Workstations instances are subject to the same restrictions as Compute Engine instances: * Organization policy: projects, folders, or organizations may be restricted from creating nested VMs if the Disable VM nested virtualization constraint is enforced in the organization policy. For more information, see the Compute Engine section, Checking whether nested virtualization is allowed. * Performance: nested VMs might experience a 10% or greater decrease in performance for workloads that are CPU-bound and possibly greater than a 10% decrease for workloads that are input/output bound. * Machine Type: nested virtualization can only be enabled on workstation configurations that specify a machine_type in the N1 or N2 machine series. * GPUs: nested virtualization may not be enabled on workstation configurations with accelerators. * Operating System: Because Container-Optimized OS does not support nested virtualization, when nested virtualization is enabled, the underlying Compute Engine VM instances boot from an Ubuntu LTS image.
    MachineType string
    Optional. The type of machine to use for VM instances—for example, "e2-standard-4". For more information about machine types that Cloud Workstations supports, see the list of available machine types.
    PoolSize int
    Optional. The number of VMs that the system should keep idle so that new workstations can be started quickly for new users. Defaults to 0 in the API.
    PooledInstances int
    Number of instances currently available in the pool for faster workstation startup.
    ServiceAccount string
    Optional. The email address of the service account for Cloud Workstations VMs created with this configuration. When specified, be sure that the service account has logginglogEntries.create permission on the project so it can write logs out to Cloud Logging. If using a custom container image, the service account must have Artifact Registry Reader permission to pull the specified image. If you as the administrator want to be able to ssh into the underlying VM, you need to set this value to a service account for which you have the iam.serviceAccounts.actAs permission. Conversely, if you don't want anyone to be able to ssh into the underlying VM, use a service account where no one has that permission. If not set, VMs run with a service account provided by the Cloud Workstations service, and the image must be publicly accessible.
    ServiceAccountScopes List<string>
    Optional. Scopes to grant to the service_account. Various scopes are automatically added based on feature usage. When specified, users of workstations under this configuration must have iam.serviceAccounts.actAs on the service account.
    ShieldedInstanceConfig Pulumi.GoogleNative.Workstations.V1.Inputs.GceShieldedInstanceConfigResponse
    Optional. A set of Compute Engine Shielded instance options.
    Tags List<string>
    Optional. Network tags to add to the Compute Engine VMs backing the workstations. This option applies network tags to VMs created with this configuration. These network tags enable the creation of firewall rules.
    BootDiskSizeGb int
    Optional. The size of the boot disk for the VM in gigabytes (GB). The minimum boot disk size is 30 GB. Defaults to 50 GB.
    ConfidentialInstanceConfig GceConfidentialInstanceConfigResponse
    Optional. A set of Compute Engine Confidential VM instance options.
    DisablePublicIpAddresses bool
    Optional. When set to true, disables public IP addresses for VMs. If you disable public IP addresses, you must set up Private Google Access or Cloud NAT on your network. If you use Private Google Access and you use private.googleapis.com or restricted.googleapis.com for Container Registry and Artifact Registry, make sure that you set up DNS records for domains *.gcr.io and *.pkg.dev. Defaults to false (VMs have public IP addresses).
    EnableNestedVirtualization bool
    Optional. Whether to enable nested virtualization on Cloud Workstations VMs created under this workstation configuration. Nested virtualization lets you run virtual machine (VM) instances inside your workstation. Before enabling nested virtualization, consider the following important considerations. Cloud Workstations instances are subject to the same restrictions as Compute Engine instances: * Organization policy: projects, folders, or organizations may be restricted from creating nested VMs if the Disable VM nested virtualization constraint is enforced in the organization policy. For more information, see the Compute Engine section, Checking whether nested virtualization is allowed. * Performance: nested VMs might experience a 10% or greater decrease in performance for workloads that are CPU-bound and possibly greater than a 10% decrease for workloads that are input/output bound. * Machine Type: nested virtualization can only be enabled on workstation configurations that specify a machine_type in the N1 or N2 machine series. * GPUs: nested virtualization may not be enabled on workstation configurations with accelerators. * Operating System: Because Container-Optimized OS does not support nested virtualization, when nested virtualization is enabled, the underlying Compute Engine VM instances boot from an Ubuntu LTS image.
    MachineType string
    Optional. The type of machine to use for VM instances—for example, "e2-standard-4". For more information about machine types that Cloud Workstations supports, see the list of available machine types.
    PoolSize int
    Optional. The number of VMs that the system should keep idle so that new workstations can be started quickly for new users. Defaults to 0 in the API.
    PooledInstances int
    Number of instances currently available in the pool for faster workstation startup.
    ServiceAccount string
    Optional. The email address of the service account for Cloud Workstations VMs created with this configuration. When specified, be sure that the service account has logginglogEntries.create permission on the project so it can write logs out to Cloud Logging. If using a custom container image, the service account must have Artifact Registry Reader permission to pull the specified image. If you as the administrator want to be able to ssh into the underlying VM, you need to set this value to a service account for which you have the iam.serviceAccounts.actAs permission. Conversely, if you don't want anyone to be able to ssh into the underlying VM, use a service account where no one has that permission. If not set, VMs run with a service account provided by the Cloud Workstations service, and the image must be publicly accessible.
    ServiceAccountScopes []string
    Optional. Scopes to grant to the service_account. Various scopes are automatically added based on feature usage. When specified, users of workstations under this configuration must have iam.serviceAccounts.actAs on the service account.
    ShieldedInstanceConfig GceShieldedInstanceConfigResponse
    Optional. A set of Compute Engine Shielded instance options.
    Tags []string
    Optional. Network tags to add to the Compute Engine VMs backing the workstations. This option applies network tags to VMs created with this configuration. These network tags enable the creation of firewall rules.
    bootDiskSizeGb Integer
    Optional. The size of the boot disk for the VM in gigabytes (GB). The minimum boot disk size is 30 GB. Defaults to 50 GB.
    confidentialInstanceConfig GceConfidentialInstanceConfigResponse
    Optional. A set of Compute Engine Confidential VM instance options.
    disablePublicIpAddresses Boolean
    Optional. When set to true, disables public IP addresses for VMs. If you disable public IP addresses, you must set up Private Google Access or Cloud NAT on your network. If you use Private Google Access and you use private.googleapis.com or restricted.googleapis.com for Container Registry and Artifact Registry, make sure that you set up DNS records for domains *.gcr.io and *.pkg.dev. Defaults to false (VMs have public IP addresses).
    enableNestedVirtualization Boolean
    Optional. Whether to enable nested virtualization on Cloud Workstations VMs created under this workstation configuration. Nested virtualization lets you run virtual machine (VM) instances inside your workstation. Before enabling nested virtualization, consider the following important considerations. Cloud Workstations instances are subject to the same restrictions as Compute Engine instances: * Organization policy: projects, folders, or organizations may be restricted from creating nested VMs if the Disable VM nested virtualization constraint is enforced in the organization policy. For more information, see the Compute Engine section, Checking whether nested virtualization is allowed. * Performance: nested VMs might experience a 10% or greater decrease in performance for workloads that are CPU-bound and possibly greater than a 10% decrease for workloads that are input/output bound. * Machine Type: nested virtualization can only be enabled on workstation configurations that specify a machine_type in the N1 or N2 machine series. * GPUs: nested virtualization may not be enabled on workstation configurations with accelerators. * Operating System: Because Container-Optimized OS does not support nested virtualization, when nested virtualization is enabled, the underlying Compute Engine VM instances boot from an Ubuntu LTS image.
    machineType String
    Optional. The type of machine to use for VM instances—for example, "e2-standard-4". For more information about machine types that Cloud Workstations supports, see the list of available machine types.
    poolSize Integer
    Optional. The number of VMs that the system should keep idle so that new workstations can be started quickly for new users. Defaults to 0 in the API.
    pooledInstances Integer
    Number of instances currently available in the pool for faster workstation startup.
    serviceAccount String
    Optional. The email address of the service account for Cloud Workstations VMs created with this configuration. When specified, be sure that the service account has logginglogEntries.create permission on the project so it can write logs out to Cloud Logging. If using a custom container image, the service account must have Artifact Registry Reader permission to pull the specified image. If you as the administrator want to be able to ssh into the underlying VM, you need to set this value to a service account for which you have the iam.serviceAccounts.actAs permission. Conversely, if you don't want anyone to be able to ssh into the underlying VM, use a service account where no one has that permission. If not set, VMs run with a service account provided by the Cloud Workstations service, and the image must be publicly accessible.
    serviceAccountScopes List<String>
    Optional. Scopes to grant to the service_account. Various scopes are automatically added based on feature usage. When specified, users of workstations under this configuration must have iam.serviceAccounts.actAs on the service account.
    shieldedInstanceConfig GceShieldedInstanceConfigResponse
    Optional. A set of Compute Engine Shielded instance options.
    tags List<String>
    Optional. Network tags to add to the Compute Engine VMs backing the workstations. This option applies network tags to VMs created with this configuration. These network tags enable the creation of firewall rules.
    bootDiskSizeGb number
    Optional. The size of the boot disk for the VM in gigabytes (GB). The minimum boot disk size is 30 GB. Defaults to 50 GB.
    confidentialInstanceConfig GceConfidentialInstanceConfigResponse
    Optional. A set of Compute Engine Confidential VM instance options.
    disablePublicIpAddresses boolean
    Optional. When set to true, disables public IP addresses for VMs. If you disable public IP addresses, you must set up Private Google Access or Cloud NAT on your network. If you use Private Google Access and you use private.googleapis.com or restricted.googleapis.com for Container Registry and Artifact Registry, make sure that you set up DNS records for domains *.gcr.io and *.pkg.dev. Defaults to false (VMs have public IP addresses).
    enableNestedVirtualization boolean
    Optional. Whether to enable nested virtualization on Cloud Workstations VMs created under this workstation configuration. Nested virtualization lets you run virtual machine (VM) instances inside your workstation. Before enabling nested virtualization, consider the following important considerations. Cloud Workstations instances are subject to the same restrictions as Compute Engine instances: * Organization policy: projects, folders, or organizations may be restricted from creating nested VMs if the Disable VM nested virtualization constraint is enforced in the organization policy. For more information, see the Compute Engine section, Checking whether nested virtualization is allowed. * Performance: nested VMs might experience a 10% or greater decrease in performance for workloads that are CPU-bound and possibly greater than a 10% decrease for workloads that are input/output bound. * Machine Type: nested virtualization can only be enabled on workstation configurations that specify a machine_type in the N1 or N2 machine series. * GPUs: nested virtualization may not be enabled on workstation configurations with accelerators. * Operating System: Because Container-Optimized OS does not support nested virtualization, when nested virtualization is enabled, the underlying Compute Engine VM instances boot from an Ubuntu LTS image.
    machineType string
    Optional. The type of machine to use for VM instances—for example, "e2-standard-4". For more information about machine types that Cloud Workstations supports, see the list of available machine types.
    poolSize number
    Optional. The number of VMs that the system should keep idle so that new workstations can be started quickly for new users. Defaults to 0 in the API.
    pooledInstances number
    Number of instances currently available in the pool for faster workstation startup.
    serviceAccount string
    Optional. The email address of the service account for Cloud Workstations VMs created with this configuration. When specified, be sure that the service account has logginglogEntries.create permission on the project so it can write logs out to Cloud Logging. If using a custom container image, the service account must have Artifact Registry Reader permission to pull the specified image. If you as the administrator want to be able to ssh into the underlying VM, you need to set this value to a service account for which you have the iam.serviceAccounts.actAs permission. Conversely, if you don't want anyone to be able to ssh into the underlying VM, use a service account where no one has that permission. If not set, VMs run with a service account provided by the Cloud Workstations service, and the image must be publicly accessible.
    serviceAccountScopes string[]
    Optional. Scopes to grant to the service_account. Various scopes are automatically added based on feature usage. When specified, users of workstations under this configuration must have iam.serviceAccounts.actAs on the service account.
    shieldedInstanceConfig GceShieldedInstanceConfigResponse
    Optional. A set of Compute Engine Shielded instance options.
    tags string[]
    Optional. Network tags to add to the Compute Engine VMs backing the workstations. This option applies network tags to VMs created with this configuration. These network tags enable the creation of firewall rules.
    boot_disk_size_gb int
    Optional. The size of the boot disk for the VM in gigabytes (GB). The minimum boot disk size is 30 GB. Defaults to 50 GB.
    confidential_instance_config GceConfidentialInstanceConfigResponse
    Optional. A set of Compute Engine Confidential VM instance options.
    disable_public_ip_addresses bool
    Optional. When set to true, disables public IP addresses for VMs. If you disable public IP addresses, you must set up Private Google Access or Cloud NAT on your network. If you use Private Google Access and you use private.googleapis.com or restricted.googleapis.com for Container Registry and Artifact Registry, make sure that you set up DNS records for domains *.gcr.io and *.pkg.dev. Defaults to false (VMs have public IP addresses).
    enable_nested_virtualization bool
    Optional. Whether to enable nested virtualization on Cloud Workstations VMs created under this workstation configuration. Nested virtualization lets you run virtual machine (VM) instances inside your workstation. Before enabling nested virtualization, consider the following important considerations. Cloud Workstations instances are subject to the same restrictions as Compute Engine instances: * Organization policy: projects, folders, or organizations may be restricted from creating nested VMs if the Disable VM nested virtualization constraint is enforced in the organization policy. For more information, see the Compute Engine section, Checking whether nested virtualization is allowed. * Performance: nested VMs might experience a 10% or greater decrease in performance for workloads that are CPU-bound and possibly greater than a 10% decrease for workloads that are input/output bound. * Machine Type: nested virtualization can only be enabled on workstation configurations that specify a machine_type in the N1 or N2 machine series. * GPUs: nested virtualization may not be enabled on workstation configurations with accelerators. * Operating System: Because Container-Optimized OS does not support nested virtualization, when nested virtualization is enabled, the underlying Compute Engine VM instances boot from an Ubuntu LTS image.
    machine_type str
    Optional. The type of machine to use for VM instances—for example, "e2-standard-4". For more information about machine types that Cloud Workstations supports, see the list of available machine types.
    pool_size int
    Optional. The number of VMs that the system should keep idle so that new workstations can be started quickly for new users. Defaults to 0 in the API.
    pooled_instances int
    Number of instances currently available in the pool for faster workstation startup.
    service_account str
    Optional. The email address of the service account for Cloud Workstations VMs created with this configuration. When specified, be sure that the service account has logginglogEntries.create permission on the project so it can write logs out to Cloud Logging. If using a custom container image, the service account must have Artifact Registry Reader permission to pull the specified image. If you as the administrator want to be able to ssh into the underlying VM, you need to set this value to a service account for which you have the iam.serviceAccounts.actAs permission. Conversely, if you don't want anyone to be able to ssh into the underlying VM, use a service account where no one has that permission. If not set, VMs run with a service account provided by the Cloud Workstations service, and the image must be publicly accessible.
    service_account_scopes Sequence[str]
    Optional. Scopes to grant to the service_account. Various scopes are automatically added based on feature usage. When specified, users of workstations under this configuration must have iam.serviceAccounts.actAs on the service account.
    shielded_instance_config GceShieldedInstanceConfigResponse
    Optional. A set of Compute Engine Shielded instance options.
    tags Sequence[str]
    Optional. Network tags to add to the Compute Engine VMs backing the workstations. This option applies network tags to VMs created with this configuration. These network tags enable the creation of firewall rules.
    bootDiskSizeGb Number
    Optional. The size of the boot disk for the VM in gigabytes (GB). The minimum boot disk size is 30 GB. Defaults to 50 GB.
    confidentialInstanceConfig Property Map
    Optional. A set of Compute Engine Confidential VM instance options.
    disablePublicIpAddresses Boolean
    Optional. When set to true, disables public IP addresses for VMs. If you disable public IP addresses, you must set up Private Google Access or Cloud NAT on your network. If you use Private Google Access and you use private.googleapis.com or restricted.googleapis.com for Container Registry and Artifact Registry, make sure that you set up DNS records for domains *.gcr.io and *.pkg.dev. Defaults to false (VMs have public IP addresses).
    enableNestedVirtualization Boolean
    Optional. Whether to enable nested virtualization on Cloud Workstations VMs created under this workstation configuration. Nested virtualization lets you run virtual machine (VM) instances inside your workstation. Before enabling nested virtualization, consider the following important considerations. Cloud Workstations instances are subject to the same restrictions as Compute Engine instances: * Organization policy: projects, folders, or organizations may be restricted from creating nested VMs if the Disable VM nested virtualization constraint is enforced in the organization policy. For more information, see the Compute Engine section, Checking whether nested virtualization is allowed. * Performance: nested VMs might experience a 10% or greater decrease in performance for workloads that are CPU-bound and possibly greater than a 10% decrease for workloads that are input/output bound. * Machine Type: nested virtualization can only be enabled on workstation configurations that specify a machine_type in the N1 or N2 machine series. * GPUs: nested virtualization may not be enabled on workstation configurations with accelerators. * Operating System: Because Container-Optimized OS does not support nested virtualization, when nested virtualization is enabled, the underlying Compute Engine VM instances boot from an Ubuntu LTS image.
    machineType String
    Optional. The type of machine to use for VM instances—for example, "e2-standard-4". For more information about machine types that Cloud Workstations supports, see the list of available machine types.
    poolSize Number
    Optional. The number of VMs that the system should keep idle so that new workstations can be started quickly for new users. Defaults to 0 in the API.
    pooledInstances Number
    Number of instances currently available in the pool for faster workstation startup.
    serviceAccount String
    Optional. The email address of the service account for Cloud Workstations VMs created with this configuration. When specified, be sure that the service account has logginglogEntries.create permission on the project so it can write logs out to Cloud Logging. If using a custom container image, the service account must have Artifact Registry Reader permission to pull the specified image. If you as the administrator want to be able to ssh into the underlying VM, you need to set this value to a service account for which you have the iam.serviceAccounts.actAs permission. Conversely, if you don't want anyone to be able to ssh into the underlying VM, use a service account where no one has that permission. If not set, VMs run with a service account provided by the Cloud Workstations service, and the image must be publicly accessible.
    serviceAccountScopes List<String>
    Optional. Scopes to grant to the service_account. Various scopes are automatically added based on feature usage. When specified, users of workstations under this configuration must have iam.serviceAccounts.actAs on the service account.
    shieldedInstanceConfig Property Map
    Optional. A set of Compute Engine Shielded instance options.
    tags List<String>
    Optional. Network tags to add to the Compute Engine VMs backing the workstations. This option applies network tags to VMs created with this configuration. These network tags enable the creation of firewall rules.

    GceRegionalPersistentDisk, GceRegionalPersistentDiskArgs

    DiskType string
    Optional. The type of the persistent disk for the home directory. Defaults to "pd-standard".
    FsType string
    Optional. Type of file system that the disk should be formatted with. The workstation image must support this file system type. Must be empty if source_snapshot is set. Defaults to "ext4".
    ReclaimPolicy Pulumi.GoogleNative.Workstations.V1.GceRegionalPersistentDiskReclaimPolicy
    Optional. Whether the persistent disk should be deleted when the workstation is deleted. Valid values are DELETE and RETAIN. Defaults to DELETE.
    SizeGb int
    Optional. The GB capacity of a persistent home directory for each workstation created with this configuration. Must be empty if source_snapshot is set. Valid values are 10, 50, 100, 200, 500, or 1000. Defaults to 200. If less than 200 GB, the disk_type must be "pd-balanced" or "pd-ssd".
    SourceSnapshot string
    Optional. Name of the snapshot to use as the source for the disk. If set, size_gb and fs_type must be empty.
    DiskType string
    Optional. The type of the persistent disk for the home directory. Defaults to "pd-standard".
    FsType string
    Optional. Type of file system that the disk should be formatted with. The workstation image must support this file system type. Must be empty if source_snapshot is set. Defaults to "ext4".
    ReclaimPolicy GceRegionalPersistentDiskReclaimPolicy
    Optional. Whether the persistent disk should be deleted when the workstation is deleted. Valid values are DELETE and RETAIN. Defaults to DELETE.
    SizeGb int
    Optional. The GB capacity of a persistent home directory for each workstation created with this configuration. Must be empty if source_snapshot is set. Valid values are 10, 50, 100, 200, 500, or 1000. Defaults to 200. If less than 200 GB, the disk_type must be "pd-balanced" or "pd-ssd".
    SourceSnapshot string
    Optional. Name of the snapshot to use as the source for the disk. If set, size_gb and fs_type must be empty.
    diskType String
    Optional. The type of the persistent disk for the home directory. Defaults to "pd-standard".
    fsType String
    Optional. Type of file system that the disk should be formatted with. The workstation image must support this file system type. Must be empty if source_snapshot is set. Defaults to "ext4".
    reclaimPolicy GceRegionalPersistentDiskReclaimPolicy
    Optional. Whether the persistent disk should be deleted when the workstation is deleted. Valid values are DELETE and RETAIN. Defaults to DELETE.
    sizeGb Integer
    Optional. The GB capacity of a persistent home directory for each workstation created with this configuration. Must be empty if source_snapshot is set. Valid values are 10, 50, 100, 200, 500, or 1000. Defaults to 200. If less than 200 GB, the disk_type must be "pd-balanced" or "pd-ssd".
    sourceSnapshot String
    Optional. Name of the snapshot to use as the source for the disk. If set, size_gb and fs_type must be empty.
    diskType string
    Optional. The type of the persistent disk for the home directory. Defaults to "pd-standard".
    fsType string
    Optional. Type of file system that the disk should be formatted with. The workstation image must support this file system type. Must be empty if source_snapshot is set. Defaults to "ext4".
    reclaimPolicy GceRegionalPersistentDiskReclaimPolicy
    Optional. Whether the persistent disk should be deleted when the workstation is deleted. Valid values are DELETE and RETAIN. Defaults to DELETE.
    sizeGb number
    Optional. The GB capacity of a persistent home directory for each workstation created with this configuration. Must be empty if source_snapshot is set. Valid values are 10, 50, 100, 200, 500, or 1000. Defaults to 200. If less than 200 GB, the disk_type must be "pd-balanced" or "pd-ssd".
    sourceSnapshot string
    Optional. Name of the snapshot to use as the source for the disk. If set, size_gb and fs_type must be empty.
    disk_type str
    Optional. The type of the persistent disk for the home directory. Defaults to "pd-standard".
    fs_type str
    Optional. Type of file system that the disk should be formatted with. The workstation image must support this file system type. Must be empty if source_snapshot is set. Defaults to "ext4".
    reclaim_policy GceRegionalPersistentDiskReclaimPolicy
    Optional. Whether the persistent disk should be deleted when the workstation is deleted. Valid values are DELETE and RETAIN. Defaults to DELETE.
    size_gb int
    Optional. The GB capacity of a persistent home directory for each workstation created with this configuration. Must be empty if source_snapshot is set. Valid values are 10, 50, 100, 200, 500, or 1000. Defaults to 200. If less than 200 GB, the disk_type must be "pd-balanced" or "pd-ssd".
    source_snapshot str
    Optional. Name of the snapshot to use as the source for the disk. If set, size_gb and fs_type must be empty.
    diskType String
    Optional. The type of the persistent disk for the home directory. Defaults to "pd-standard".
    fsType String
    Optional. Type of file system that the disk should be formatted with. The workstation image must support this file system type. Must be empty if source_snapshot is set. Defaults to "ext4".
    reclaimPolicy "RECLAIM_POLICY_UNSPECIFIED" | "DELETE" | "RETAIN"
    Optional. Whether the persistent disk should be deleted when the workstation is deleted. Valid values are DELETE and RETAIN. Defaults to DELETE.
    sizeGb Number
    Optional. The GB capacity of a persistent home directory for each workstation created with this configuration. Must be empty if source_snapshot is set. Valid values are 10, 50, 100, 200, 500, or 1000. Defaults to 200. If less than 200 GB, the disk_type must be "pd-balanced" or "pd-ssd".
    sourceSnapshot String
    Optional. Name of the snapshot to use as the source for the disk. If set, size_gb and fs_type must be empty.

    GceRegionalPersistentDiskReclaimPolicy, GceRegionalPersistentDiskReclaimPolicyArgs

    ReclaimPolicyUnspecified
    RECLAIM_POLICY_UNSPECIFIEDDo not use.
    Delete
    DELETEDelete the persistent disk when deleting the workstation.
    Retain
    RETAINKeep the persistent disk when deleting the workstation. An administrator must manually delete the disk.
    GceRegionalPersistentDiskReclaimPolicyReclaimPolicyUnspecified
    RECLAIM_POLICY_UNSPECIFIEDDo not use.
    GceRegionalPersistentDiskReclaimPolicyDelete
    DELETEDelete the persistent disk when deleting the workstation.
    GceRegionalPersistentDiskReclaimPolicyRetain
    RETAINKeep the persistent disk when deleting the workstation. An administrator must manually delete the disk.
    ReclaimPolicyUnspecified
    RECLAIM_POLICY_UNSPECIFIEDDo not use.
    Delete
    DELETEDelete the persistent disk when deleting the workstation.
    Retain
    RETAINKeep the persistent disk when deleting the workstation. An administrator must manually delete the disk.
    ReclaimPolicyUnspecified
    RECLAIM_POLICY_UNSPECIFIEDDo not use.
    Delete
    DELETEDelete the persistent disk when deleting the workstation.
    Retain
    RETAINKeep the persistent disk when deleting the workstation. An administrator must manually delete the disk.
    RECLAIM_POLICY_UNSPECIFIED
    RECLAIM_POLICY_UNSPECIFIEDDo not use.
    DELETE
    DELETEDelete the persistent disk when deleting the workstation.
    RETAIN
    RETAINKeep the persistent disk when deleting the workstation. An administrator must manually delete the disk.
    "RECLAIM_POLICY_UNSPECIFIED"
    RECLAIM_POLICY_UNSPECIFIEDDo not use.
    "DELETE"
    DELETEDelete the persistent disk when deleting the workstation.
    "RETAIN"
    RETAINKeep the persistent disk when deleting the workstation. An administrator must manually delete the disk.

    GceRegionalPersistentDiskResponse, GceRegionalPersistentDiskResponseArgs

    DiskType string
    Optional. The type of the persistent disk for the home directory. Defaults to "pd-standard".
    FsType string
    Optional. Type of file system that the disk should be formatted with. The workstation image must support this file system type. Must be empty if source_snapshot is set. Defaults to "ext4".
    ReclaimPolicy string
    Optional. Whether the persistent disk should be deleted when the workstation is deleted. Valid values are DELETE and RETAIN. Defaults to DELETE.
    SizeGb int
    Optional. The GB capacity of a persistent home directory for each workstation created with this configuration. Must be empty if source_snapshot is set. Valid values are 10, 50, 100, 200, 500, or 1000. Defaults to 200. If less than 200 GB, the disk_type must be "pd-balanced" or "pd-ssd".
    SourceSnapshot string
    Optional. Name of the snapshot to use as the source for the disk. If set, size_gb and fs_type must be empty.
    DiskType string
    Optional. The type of the persistent disk for the home directory. Defaults to "pd-standard".
    FsType string
    Optional. Type of file system that the disk should be formatted with. The workstation image must support this file system type. Must be empty if source_snapshot is set. Defaults to "ext4".
    ReclaimPolicy string
    Optional. Whether the persistent disk should be deleted when the workstation is deleted. Valid values are DELETE and RETAIN. Defaults to DELETE.
    SizeGb int
    Optional. The GB capacity of a persistent home directory for each workstation created with this configuration. Must be empty if source_snapshot is set. Valid values are 10, 50, 100, 200, 500, or 1000. Defaults to 200. If less than 200 GB, the disk_type must be "pd-balanced" or "pd-ssd".
    SourceSnapshot string
    Optional. Name of the snapshot to use as the source for the disk. If set, size_gb and fs_type must be empty.
    diskType String
    Optional. The type of the persistent disk for the home directory. Defaults to "pd-standard".
    fsType String
    Optional. Type of file system that the disk should be formatted with. The workstation image must support this file system type. Must be empty if source_snapshot is set. Defaults to "ext4".
    reclaimPolicy String
    Optional. Whether the persistent disk should be deleted when the workstation is deleted. Valid values are DELETE and RETAIN. Defaults to DELETE.
    sizeGb Integer
    Optional. The GB capacity of a persistent home directory for each workstation created with this configuration. Must be empty if source_snapshot is set. Valid values are 10, 50, 100, 200, 500, or 1000. Defaults to 200. If less than 200 GB, the disk_type must be "pd-balanced" or "pd-ssd".
    sourceSnapshot String
    Optional. Name of the snapshot to use as the source for the disk. If set, size_gb and fs_type must be empty.
    diskType string
    Optional. The type of the persistent disk for the home directory. Defaults to "pd-standard".
    fsType string
    Optional. Type of file system that the disk should be formatted with. The workstation image must support this file system type. Must be empty if source_snapshot is set. Defaults to "ext4".
    reclaimPolicy string
    Optional. Whether the persistent disk should be deleted when the workstation is deleted. Valid values are DELETE and RETAIN. Defaults to DELETE.
    sizeGb number
    Optional. The GB capacity of a persistent home directory for each workstation created with this configuration. Must be empty if source_snapshot is set. Valid values are 10, 50, 100, 200, 500, or 1000. Defaults to 200. If less than 200 GB, the disk_type must be "pd-balanced" or "pd-ssd".
    sourceSnapshot string
    Optional. Name of the snapshot to use as the source for the disk. If set, size_gb and fs_type must be empty.
    disk_type str
    Optional. The type of the persistent disk for the home directory. Defaults to "pd-standard".
    fs_type str
    Optional. Type of file system that the disk should be formatted with. The workstation image must support this file system type. Must be empty if source_snapshot is set. Defaults to "ext4".
    reclaim_policy str
    Optional. Whether the persistent disk should be deleted when the workstation is deleted. Valid values are DELETE and RETAIN. Defaults to DELETE.
    size_gb int
    Optional. The GB capacity of a persistent home directory for each workstation created with this configuration. Must be empty if source_snapshot is set. Valid values are 10, 50, 100, 200, 500, or 1000. Defaults to 200. If less than 200 GB, the disk_type must be "pd-balanced" or "pd-ssd".
    source_snapshot str
    Optional. Name of the snapshot to use as the source for the disk. If set, size_gb and fs_type must be empty.
    diskType String
    Optional. The type of the persistent disk for the home directory. Defaults to "pd-standard".
    fsType String
    Optional. Type of file system that the disk should be formatted with. The workstation image must support this file system type. Must be empty if source_snapshot is set. Defaults to "ext4".
    reclaimPolicy String
    Optional. Whether the persistent disk should be deleted when the workstation is deleted. Valid values are DELETE and RETAIN. Defaults to DELETE.
    sizeGb Number
    Optional. The GB capacity of a persistent home directory for each workstation created with this configuration. Must be empty if source_snapshot is set. Valid values are 10, 50, 100, 200, 500, or 1000. Defaults to 200. If less than 200 GB, the disk_type must be "pd-balanced" or "pd-ssd".
    sourceSnapshot String
    Optional. Name of the snapshot to use as the source for the disk. If set, size_gb and fs_type must be empty.

    GceShieldedInstanceConfig, GceShieldedInstanceConfigArgs

    EnableIntegrityMonitoring bool
    Optional. Whether the instance has integrity monitoring enabled.
    EnableSecureBoot bool
    Optional. Whether the instance has Secure Boot enabled.
    EnableVtpm bool
    Optional. Whether the instance has the vTPM enabled.
    EnableIntegrityMonitoring bool
    Optional. Whether the instance has integrity monitoring enabled.
    EnableSecureBoot bool
    Optional. Whether the instance has Secure Boot enabled.
    EnableVtpm bool
    Optional. Whether the instance has the vTPM enabled.
    enableIntegrityMonitoring Boolean
    Optional. Whether the instance has integrity monitoring enabled.
    enableSecureBoot Boolean
    Optional. Whether the instance has Secure Boot enabled.
    enableVtpm Boolean
    Optional. Whether the instance has the vTPM enabled.
    enableIntegrityMonitoring boolean
    Optional. Whether the instance has integrity monitoring enabled.
    enableSecureBoot boolean
    Optional. Whether the instance has Secure Boot enabled.
    enableVtpm boolean
    Optional. Whether the instance has the vTPM enabled.
    enable_integrity_monitoring bool
    Optional. Whether the instance has integrity monitoring enabled.
    enable_secure_boot bool
    Optional. Whether the instance has Secure Boot enabled.
    enable_vtpm bool
    Optional. Whether the instance has the vTPM enabled.
    enableIntegrityMonitoring Boolean
    Optional. Whether the instance has integrity monitoring enabled.
    enableSecureBoot Boolean
    Optional. Whether the instance has Secure Boot enabled.
    enableVtpm Boolean
    Optional. Whether the instance has the vTPM enabled.

    GceShieldedInstanceConfigResponse, GceShieldedInstanceConfigResponseArgs

    EnableIntegrityMonitoring bool
    Optional. Whether the instance has integrity monitoring enabled.
    EnableSecureBoot bool
    Optional. Whether the instance has Secure Boot enabled.
    EnableVtpm bool
    Optional. Whether the instance has the vTPM enabled.
    EnableIntegrityMonitoring bool
    Optional. Whether the instance has integrity monitoring enabled.
    EnableSecureBoot bool
    Optional. Whether the instance has Secure Boot enabled.
    EnableVtpm bool
    Optional. Whether the instance has the vTPM enabled.
    enableIntegrityMonitoring Boolean
    Optional. Whether the instance has integrity monitoring enabled.
    enableSecureBoot Boolean
    Optional. Whether the instance has Secure Boot enabled.
    enableVtpm Boolean
    Optional. Whether the instance has the vTPM enabled.
    enableIntegrityMonitoring boolean
    Optional. Whether the instance has integrity monitoring enabled.
    enableSecureBoot boolean
    Optional. Whether the instance has Secure Boot enabled.
    enableVtpm boolean
    Optional. Whether the instance has the vTPM enabled.
    enable_integrity_monitoring bool
    Optional. Whether the instance has integrity monitoring enabled.
    enable_secure_boot bool
    Optional. Whether the instance has Secure Boot enabled.
    enable_vtpm bool
    Optional. Whether the instance has the vTPM enabled.
    enableIntegrityMonitoring Boolean
    Optional. Whether the instance has integrity monitoring enabled.
    enableSecureBoot Boolean
    Optional. Whether the instance has Secure Boot enabled.
    enableVtpm Boolean
    Optional. Whether the instance has the vTPM enabled.

    Host, HostArgs

    GceInstance Pulumi.GoogleNative.Workstations.V1.Inputs.GceInstance
    Specifies a Compute Engine instance as the host.
    GceInstance GceInstance
    Specifies a Compute Engine instance as the host.
    gceInstance GceInstance
    Specifies a Compute Engine instance as the host.
    gceInstance GceInstance
    Specifies a Compute Engine instance as the host.
    gce_instance GceInstance
    Specifies a Compute Engine instance as the host.
    gceInstance Property Map
    Specifies a Compute Engine instance as the host.

    HostResponse, HostResponseArgs

    GceInstance Pulumi.GoogleNative.Workstations.V1.Inputs.GceInstanceResponse
    Specifies a Compute Engine instance as the host.
    GceInstance GceInstanceResponse
    Specifies a Compute Engine instance as the host.
    gceInstance GceInstanceResponse
    Specifies a Compute Engine instance as the host.
    gceInstance GceInstanceResponse
    Specifies a Compute Engine instance as the host.
    gce_instance GceInstanceResponse
    Specifies a Compute Engine instance as the host.
    gceInstance Property Map
    Specifies a Compute Engine instance as the host.

    PersistentDirectory, PersistentDirectoryArgs

    GcePd Pulumi.GoogleNative.Workstations.V1.Inputs.GceRegionalPersistentDisk
    A PersistentDirectory backed by a Compute Engine persistent disk.
    MountPath string
    Optional. Location of this directory in the running workstation.
    GcePd GceRegionalPersistentDisk
    A PersistentDirectory backed by a Compute Engine persistent disk.
    MountPath string
    Optional. Location of this directory in the running workstation.
    gcePd GceRegionalPersistentDisk
    A PersistentDirectory backed by a Compute Engine persistent disk.
    mountPath String
    Optional. Location of this directory in the running workstation.
    gcePd GceRegionalPersistentDisk
    A PersistentDirectory backed by a Compute Engine persistent disk.
    mountPath string
    Optional. Location of this directory in the running workstation.
    gce_pd GceRegionalPersistentDisk
    A PersistentDirectory backed by a Compute Engine persistent disk.
    mount_path str
    Optional. Location of this directory in the running workstation.
    gcePd Property Map
    A PersistentDirectory backed by a Compute Engine persistent disk.
    mountPath String
    Optional. Location of this directory in the running workstation.

    PersistentDirectoryResponse, PersistentDirectoryResponseArgs

    GcePd Pulumi.GoogleNative.Workstations.V1.Inputs.GceRegionalPersistentDiskResponse
    A PersistentDirectory backed by a Compute Engine persistent disk.
    MountPath string
    Optional. Location of this directory in the running workstation.
    GcePd GceRegionalPersistentDiskResponse
    A PersistentDirectory backed by a Compute Engine persistent disk.
    MountPath string
    Optional. Location of this directory in the running workstation.
    gcePd GceRegionalPersistentDiskResponse
    A PersistentDirectory backed by a Compute Engine persistent disk.
    mountPath String
    Optional. Location of this directory in the running workstation.
    gcePd GceRegionalPersistentDiskResponse
    A PersistentDirectory backed by a Compute Engine persistent disk.
    mountPath string
    Optional. Location of this directory in the running workstation.
    gce_pd GceRegionalPersistentDiskResponse
    A PersistentDirectory backed by a Compute Engine persistent disk.
    mount_path str
    Optional. Location of this directory in the running workstation.
    gcePd Property Map
    A PersistentDirectory backed by a Compute Engine persistent disk.
    mountPath String
    Optional. Location of this directory in the running workstation.

    ReadinessCheck, ReadinessCheckArgs

    Path string
    Optional. Path to which the request should be sent.
    Port int
    Optional. Port to which the request should be sent.
    Path string
    Optional. Path to which the request should be sent.
    Port int
    Optional. Port to which the request should be sent.
    path String
    Optional. Path to which the request should be sent.
    port Integer
    Optional. Port to which the request should be sent.
    path string
    Optional. Path to which the request should be sent.
    port number
    Optional. Port to which the request should be sent.
    path str
    Optional. Path to which the request should be sent.
    port int
    Optional. Port to which the request should be sent.
    path String
    Optional. Path to which the request should be sent.
    port Number
    Optional. Port to which the request should be sent.

    ReadinessCheckResponse, ReadinessCheckResponseArgs

    Path string
    Optional. Path to which the request should be sent.
    Port int
    Optional. Port to which the request should be sent.
    Path string
    Optional. Path to which the request should be sent.
    Port int
    Optional. Port to which the request should be sent.
    path String
    Optional. Path to which the request should be sent.
    port Integer
    Optional. Port to which the request should be sent.
    path string
    Optional. Path to which the request should be sent.
    port number
    Optional. Port to which the request should be sent.
    path str
    Optional. Path to which the request should be sent.
    port int
    Optional. Port to which the request should be sent.
    path String
    Optional. Path to which the request should be sent.
    port Number
    Optional. Port to which the request should be sent.

    StatusResponse, StatusResponseArgs

    Code int
    The status code, which should be an enum value of google.rpc.Code.
    Details List<ImmutableDictionary<string, string>>
    A list of messages that carry the error details. There is a common set of message types for APIs to use.
    Message string
    A developer-facing error message, which should be in English. Any user-facing error message should be localized and sent in the google.rpc.Status.details field, or localized by the client.
    Code int
    The status code, which should be an enum value of google.rpc.Code.
    Details []map[string]string
    A list of messages that carry the error details. There is a common set of message types for APIs to use.
    Message string
    A developer-facing error message, which should be in English. Any user-facing error message should be localized and sent in the google.rpc.Status.details field, or localized by the client.
    code Integer
    The status code, which should be an enum value of google.rpc.Code.
    details List<Map<String,String>>
    A list of messages that carry the error details. There is a common set of message types for APIs to use.
    message String
    A developer-facing error message, which should be in English. Any user-facing error message should be localized and sent in the google.rpc.Status.details field, or localized by the client.
    code number
    The status code, which should be an enum value of google.rpc.Code.
    details {[key: string]: string}[]
    A list of messages that carry the error details. There is a common set of message types for APIs to use.
    message string
    A developer-facing error message, which should be in English. Any user-facing error message should be localized and sent in the google.rpc.Status.details field, or localized by the client.
    code int
    The status code, which should be an enum value of google.rpc.Code.
    details Sequence[Mapping[str, str]]
    A list of messages that carry the error details. There is a common set of message types for APIs to use.
    message str
    A developer-facing error message, which should be in English. Any user-facing error message should be localized and sent in the google.rpc.Status.details field, or localized by the client.
    code Number
    The status code, which should be an enum value of google.rpc.Code.
    details List<Map<String>>
    A list of messages that carry the error details. There is a common set of message types for APIs to use.
    message String
    A developer-facing error message, which should be in English. Any user-facing error message should be localized and sent in the google.rpc.Status.details field, or localized by the client.

    Package Details

    Repository
    Google Cloud Native pulumi/pulumi-google-native
    License
    Apache-2.0
    google-native logo

    Google Cloud Native is in preview. Google Cloud Classic is fully supported.

    Google Cloud Native v0.32.0 published on Wednesday, Nov 29, 2023 by Pulumi