gcp.assuredworkloads.Workload

The AssuredWorkloads Workload resource

Example Usage

Basic_workload

using System.Collections.Generic;
using Pulumi;
using Gcp = Pulumi.Gcp;

return await Deployment.RunAsync(() => 
{
    var primary = new Gcp.AssuredWorkloads.Workload("primary", new()
    {
        BillingAccount = "billingAccounts/000000-0000000-0000000-000000",
        ComplianceRegime = "FEDRAMP_MODERATE",
        DisplayName = "Workload Example",
        KmsSettings = new Gcp.AssuredWorkloads.Inputs.WorkloadKmsSettingsArgs
        {
            NextRotationTime = "9999-10-02T15:01:23Z",
            RotationPeriod = "10368000s",
        },
        Labels = 
        {
            { "label-one", "value-one" },
        },
        Location = "us-west1",
        Organization = "123456789",
        ProvisionedResourcesParent = "folders/519620126891",
        ResourceSettings = new[]
        {
            new Gcp.AssuredWorkloads.Inputs.WorkloadResourceSettingArgs
            {
                ResourceType = "CONSUMER_PROJECT",
            },
            new Gcp.AssuredWorkloads.Inputs.WorkloadResourceSettingArgs
            {
                ResourceType = "ENCRYPTION_KEYS_PROJECT",
            },
            new Gcp.AssuredWorkloads.Inputs.WorkloadResourceSettingArgs
            {
                ResourceId = "ring",
                ResourceType = "KEYRING",
            },
        },
    });

});
package main

import (
	"github.com/pulumi/pulumi-gcp/sdk/v6/go/gcp/assuredworkloads"
	"github.com/pulumi/pulumi/sdk/v3/go/pulumi"
)

func main() {
	pulumi.Run(func(ctx *pulumi.Context) error {
		_, err := assuredworkloads.NewWorkload(ctx, "primary", &assuredworkloads.WorkloadArgs{
			BillingAccount:   pulumi.String("billingAccounts/000000-0000000-0000000-000000"),
			ComplianceRegime: pulumi.String("FEDRAMP_MODERATE"),
			DisplayName:      pulumi.String("Workload Example"),
			KmsSettings: &assuredworkloads.WorkloadKmsSettingsArgs{
				NextRotationTime: pulumi.String("9999-10-02T15:01:23Z"),
				RotationPeriod:   pulumi.String("10368000s"),
			},
			Labels: pulumi.StringMap{
				"label-one": pulumi.String("value-one"),
			},
			Location:                   pulumi.String("us-west1"),
			Organization:               pulumi.String("123456789"),
			ProvisionedResourcesParent: pulumi.String("folders/519620126891"),
			ResourceSettings: assuredworkloads.WorkloadResourceSettingArray{
				&assuredworkloads.WorkloadResourceSettingArgs{
					ResourceType: pulumi.String("CONSUMER_PROJECT"),
				},
				&assuredworkloads.WorkloadResourceSettingArgs{
					ResourceType: pulumi.String("ENCRYPTION_KEYS_PROJECT"),
				},
				&assuredworkloads.WorkloadResourceSettingArgs{
					ResourceId:   pulumi.String("ring"),
					ResourceType: pulumi.String("KEYRING"),
				},
			},
		})
		if err != nil {
			return err
		}
		return nil
	})
}
package generated_program;

import com.pulumi.Context;
import com.pulumi.Pulumi;
import com.pulumi.core.Output;
import com.pulumi.gcp.assuredworkloads.Workload;
import com.pulumi.gcp.assuredworkloads.WorkloadArgs;
import com.pulumi.gcp.assuredworkloads.inputs.WorkloadKmsSettingsArgs;
import com.pulumi.gcp.assuredworkloads.inputs.WorkloadResourceSettingArgs;
import java.util.List;
import java.util.ArrayList;
import java.util.Map;
import java.io.File;
import java.nio.file.Files;
import java.nio.file.Paths;

public class App {
    public static void main(String[] args) {
        Pulumi.run(App::stack);
    }

    public static void stack(Context ctx) {
        var primary = new Workload("primary", WorkloadArgs.builder()        
            .billingAccount("billingAccounts/000000-0000000-0000000-000000")
            .complianceRegime("FEDRAMP_MODERATE")
            .displayName("Workload Example")
            .kmsSettings(WorkloadKmsSettingsArgs.builder()
                .nextRotationTime("9999-10-02T15:01:23Z")
                .rotationPeriod("10368000s")
                .build())
            .labels(Map.of("label-one", "value-one"))
            .location("us-west1")
            .organization("123456789")
            .provisionedResourcesParent("folders/519620126891")
            .resourceSettings(            
                WorkloadResourceSettingArgs.builder()
                    .resourceType("CONSUMER_PROJECT")
                    .build(),
                WorkloadResourceSettingArgs.builder()
                    .resourceType("ENCRYPTION_KEYS_PROJECT")
                    .build(),
                WorkloadResourceSettingArgs.builder()
                    .resourceId("ring")
                    .resourceType("KEYRING")
                    .build())
            .build());

    }
}
import pulumi
import pulumi_gcp as gcp

primary = gcp.assuredworkloads.Workload("primary",
    billing_account="billingAccounts/000000-0000000-0000000-000000",
    compliance_regime="FEDRAMP_MODERATE",
    display_name="Workload Example",
    kms_settings=gcp.assuredworkloads.WorkloadKmsSettingsArgs(
        next_rotation_time="9999-10-02T15:01:23Z",
        rotation_period="10368000s",
    ),
    labels={
        "label-one": "value-one",
    },
    location="us-west1",
    organization="123456789",
    provisioned_resources_parent="folders/519620126891",
    resource_settings=[
        gcp.assuredworkloads.WorkloadResourceSettingArgs(
            resource_type="CONSUMER_PROJECT",
        ),
        gcp.assuredworkloads.WorkloadResourceSettingArgs(
            resource_type="ENCRYPTION_KEYS_PROJECT",
        ),
        gcp.assuredworkloads.WorkloadResourceSettingArgs(
            resource_id="ring",
            resource_type="KEYRING",
        ),
    ])
import * as pulumi from "@pulumi/pulumi";
import * as gcp from "@pulumi/gcp";

const primary = new gcp.assuredworkloads.Workload("primary", {
    billingAccount: "billingAccounts/000000-0000000-0000000-000000",
    complianceRegime: "FEDRAMP_MODERATE",
    displayName: "Workload Example",
    kmsSettings: {
        nextRotationTime: "9999-10-02T15:01:23Z",
        rotationPeriod: "10368000s",
    },
    labels: {
        "label-one": "value-one",
    },
    location: "us-west1",
    organization: "123456789",
    provisionedResourcesParent: "folders/519620126891",
    resourceSettings: [
        {
            resourceType: "CONSUMER_PROJECT",
        },
        {
            resourceType: "ENCRYPTION_KEYS_PROJECT",
        },
        {
            resourceId: "ring",
            resourceType: "KEYRING",
        },
    ],
});
resources:
  primary:
    type: gcp:assuredworkloads:Workload
    properties:
      billingAccount: billingAccounts/000000-0000000-0000000-000000
      complianceRegime: FEDRAMP_MODERATE
      displayName: Workload Example
      kmsSettings:
        nextRotationTime: 9999-10-02T15:01:23Z
        rotationPeriod: 10368000s
      labels:
        label-one: value-one
      location: us-west1
      organization: '123456789'
      provisionedResourcesParent: folders/519620126891
      resourceSettings:
        - resourceType: CONSUMER_PROJECT
        - resourceType: ENCRYPTION_KEYS_PROJECT
        - resourceId: ring
          resourceType: KEYRING

Create Workload Resource

new Workload(name: string, args: WorkloadArgs, opts?: CustomResourceOptions);
@overload
def Workload(resource_name: str,
             opts: Optional[ResourceOptions] = None,
             billing_account: Optional[str] = None,
             compliance_regime: Optional[str] = None,
             display_name: Optional[str] = None,
             kms_settings: Optional[WorkloadKmsSettingsArgs] = None,
             labels: Optional[Mapping[str, str]] = None,
             location: Optional[str] = None,
             organization: Optional[str] = None,
             provisioned_resources_parent: Optional[str] = None,
             resource_settings: Optional[Sequence[WorkloadResourceSettingArgs]] = None)
@overload
def Workload(resource_name: str,
             args: WorkloadArgs,
             opts: Optional[ResourceOptions] = None)
func NewWorkload(ctx *Context, name string, args WorkloadArgs, opts ...ResourceOption) (*Workload, error)
public Workload(string name, WorkloadArgs args, CustomResourceOptions? opts = null)
public Workload(String name, WorkloadArgs args)
public Workload(String name, WorkloadArgs args, CustomResourceOptions options)
type: gcp:assuredworkloads:Workload
properties: # The arguments to resource properties.
options: # Bag of options to control resource's behavior.

name string
The unique name of the resource.
args WorkloadArgs
The arguments to resource properties.
opts CustomResourceOptions
Bag of options to control resource's behavior.
resource_name str
The unique name of the resource.
args WorkloadArgs
The arguments to resource properties.
opts ResourceOptions
Bag of options to control resource's behavior.
ctx Context
Context object for the current deployment.
name string
The unique name of the resource.
args WorkloadArgs
The arguments to resource properties.
opts ResourceOption
Bag of options to control resource's behavior.
name string
The unique name of the resource.
args WorkloadArgs
The arguments to resource properties.
opts CustomResourceOptions
Bag of options to control resource's behavior.
name String
The unique name of the resource.
args WorkloadArgs
The arguments to resource properties.
options CustomResourceOptions
Bag of options to control resource's behavior.

Workload Resource Properties

To learn more about resource properties and how to use them, see Inputs and Outputs in the Architecture and Concepts docs.

Inputs

The Workload resource accepts the following input properties:

BillingAccount string

Required. Input only. The billing account used for the resources which are direct children of workload. This billing account is initially associated with the resources created as part of Workload creation. After the initial creation of these resources, the customer can change the assigned billing account. The resource name has the form billingAccounts/{billing_account_id}. For example, 'billingAccounts/012345-567890-ABCDEF`.

ComplianceRegime string

Required. Immutable. Compliance Regime associated with this workload. Possible values: COMPLIANCE_REGIME_UNSPECIFIED, IL4, CJIS, FEDRAMP_HIGH, FEDRAMP_MODERATE, US_REGIONAL_ACCESS

DisplayName string

Required. The user-assigned display name of the Workload. When present it must be between 4 to 30 characters. Allowed characters are: lowercase and uppercase letters, numbers, hyphen, and spaces. Example: My Workload

Location string

The location for the resource

Organization string

The organization for the resource

KmsSettings WorkloadKmsSettingsArgs

Input only. Settings used to create a CMEK crypto key. When set a project with a KMS CMEK key is provisioned. This field is mandatory for a subset of Compliance Regimes.

Labels Dictionary<string, string>

Optional. Labels applied to the workload.

ProvisionedResourcesParent string

Input only. The parent resource for the resources managed by this Assured Workload. May be either an organization or a folder. Must be the same or a child of the Workload parent. If not specified all resources are created under the Workload parent. Formats: folders/{folder_id}, organizations/{organization_id}

ResourceSettings List<WorkloadResourceSettingArgs>

Input only. Resource properties that are used to customize workload resources. These properties (such as custom project id) will be used to create workload resources if possible. This field is optional.

BillingAccount string

Required. Input only. The billing account used for the resources which are direct children of workload. This billing account is initially associated with the resources created as part of Workload creation. After the initial creation of these resources, the customer can change the assigned billing account. The resource name has the form billingAccounts/{billing_account_id}. For example, 'billingAccounts/012345-567890-ABCDEF`.

ComplianceRegime string

Required. Immutable. Compliance Regime associated with this workload. Possible values: COMPLIANCE_REGIME_UNSPECIFIED, IL4, CJIS, FEDRAMP_HIGH, FEDRAMP_MODERATE, US_REGIONAL_ACCESS

DisplayName string

Required. The user-assigned display name of the Workload. When present it must be between 4 to 30 characters. Allowed characters are: lowercase and uppercase letters, numbers, hyphen, and spaces. Example: My Workload

Location string

The location for the resource

Organization string

The organization for the resource

KmsSettings WorkloadKmsSettingsArgs

Input only. Settings used to create a CMEK crypto key. When set a project with a KMS CMEK key is provisioned. This field is mandatory for a subset of Compliance Regimes.

Labels map[string]string

Optional. Labels applied to the workload.

ProvisionedResourcesParent string

Input only. The parent resource for the resources managed by this Assured Workload. May be either an organization or a folder. Must be the same or a child of the Workload parent. If not specified all resources are created under the Workload parent. Formats: folders/{folder_id}, organizations/{organization_id}

ResourceSettings []WorkloadResourceSettingArgs

Input only. Resource properties that are used to customize workload resources. These properties (such as custom project id) will be used to create workload resources if possible. This field is optional.

billingAccount String

Required. Input only. The billing account used for the resources which are direct children of workload. This billing account is initially associated with the resources created as part of Workload creation. After the initial creation of these resources, the customer can change the assigned billing account. The resource name has the form billingAccounts/{billing_account_id}. For example, 'billingAccounts/012345-567890-ABCDEF`.

complianceRegime String

Required. Immutable. Compliance Regime associated with this workload. Possible values: COMPLIANCE_REGIME_UNSPECIFIED, IL4, CJIS, FEDRAMP_HIGH, FEDRAMP_MODERATE, US_REGIONAL_ACCESS

displayName String

Required. The user-assigned display name of the Workload. When present it must be between 4 to 30 characters. Allowed characters are: lowercase and uppercase letters, numbers, hyphen, and spaces. Example: My Workload

location String

The location for the resource

organization String

The organization for the resource

kmsSettings WorkloadKmsSettingsArgs

Input only. Settings used to create a CMEK crypto key. When set a project with a KMS CMEK key is provisioned. This field is mandatory for a subset of Compliance Regimes.

labels Map<String,String>

Optional. Labels applied to the workload.

provisionedResourcesParent String

Input only. The parent resource for the resources managed by this Assured Workload. May be either an organization or a folder. Must be the same or a child of the Workload parent. If not specified all resources are created under the Workload parent. Formats: folders/{folder_id}, organizations/{organization_id}

resourceSettings List<WorkloadResourceSettingArgs>

Input only. Resource properties that are used to customize workload resources. These properties (such as custom project id) will be used to create workload resources if possible. This field is optional.

billingAccount string

Required. Input only. The billing account used for the resources which are direct children of workload. This billing account is initially associated with the resources created as part of Workload creation. After the initial creation of these resources, the customer can change the assigned billing account. The resource name has the form billingAccounts/{billing_account_id}. For example, 'billingAccounts/012345-567890-ABCDEF`.

complianceRegime string

Required. Immutable. Compliance Regime associated with this workload. Possible values: COMPLIANCE_REGIME_UNSPECIFIED, IL4, CJIS, FEDRAMP_HIGH, FEDRAMP_MODERATE, US_REGIONAL_ACCESS

displayName string

Required. The user-assigned display name of the Workload. When present it must be between 4 to 30 characters. Allowed characters are: lowercase and uppercase letters, numbers, hyphen, and spaces. Example: My Workload

location string

The location for the resource

organization string

The organization for the resource

kmsSettings WorkloadKmsSettingsArgs

Input only. Settings used to create a CMEK crypto key. When set a project with a KMS CMEK key is provisioned. This field is mandatory for a subset of Compliance Regimes.

labels {[key: string]: string}

Optional. Labels applied to the workload.

provisionedResourcesParent string

Input only. The parent resource for the resources managed by this Assured Workload. May be either an organization or a folder. Must be the same or a child of the Workload parent. If not specified all resources are created under the Workload parent. Formats: folders/{folder_id}, organizations/{organization_id}

resourceSettings WorkloadResourceSettingArgs[]

Input only. Resource properties that are used to customize workload resources. These properties (such as custom project id) will be used to create workload resources if possible. This field is optional.

billing_account str

Required. Input only. The billing account used for the resources which are direct children of workload. This billing account is initially associated with the resources created as part of Workload creation. After the initial creation of these resources, the customer can change the assigned billing account. The resource name has the form billingAccounts/{billing_account_id}. For example, 'billingAccounts/012345-567890-ABCDEF`.

compliance_regime str

Required. Immutable. Compliance Regime associated with this workload. Possible values: COMPLIANCE_REGIME_UNSPECIFIED, IL4, CJIS, FEDRAMP_HIGH, FEDRAMP_MODERATE, US_REGIONAL_ACCESS

display_name str

Required. The user-assigned display name of the Workload. When present it must be between 4 to 30 characters. Allowed characters are: lowercase and uppercase letters, numbers, hyphen, and spaces. Example: My Workload

location str

The location for the resource

organization str

The organization for the resource

kms_settings WorkloadKmsSettingsArgs

Input only. Settings used to create a CMEK crypto key. When set a project with a KMS CMEK key is provisioned. This field is mandatory for a subset of Compliance Regimes.

labels Mapping[str, str]

Optional. Labels applied to the workload.

provisioned_resources_parent str

Input only. The parent resource for the resources managed by this Assured Workload. May be either an organization or a folder. Must be the same or a child of the Workload parent. If not specified all resources are created under the Workload parent. Formats: folders/{folder_id}, organizations/{organization_id}

resource_settings Sequence[WorkloadResourceSettingArgs]

Input only. Resource properties that are used to customize workload resources. These properties (such as custom project id) will be used to create workload resources if possible. This field is optional.

billingAccount String

Required. Input only. The billing account used for the resources which are direct children of workload. This billing account is initially associated with the resources created as part of Workload creation. After the initial creation of these resources, the customer can change the assigned billing account. The resource name has the form billingAccounts/{billing_account_id}. For example, 'billingAccounts/012345-567890-ABCDEF`.

complianceRegime String

Required. Immutable. Compliance Regime associated with this workload. Possible values: COMPLIANCE_REGIME_UNSPECIFIED, IL4, CJIS, FEDRAMP_HIGH, FEDRAMP_MODERATE, US_REGIONAL_ACCESS

displayName String

Required. The user-assigned display name of the Workload. When present it must be between 4 to 30 characters. Allowed characters are: lowercase and uppercase letters, numbers, hyphen, and spaces. Example: My Workload

location String

The location for the resource

organization String

The organization for the resource

kmsSettings Property Map

Input only. Settings used to create a CMEK crypto key. When set a project with a KMS CMEK key is provisioned. This field is mandatory for a subset of Compliance Regimes.

labels Map<String>

Optional. Labels applied to the workload.

provisionedResourcesParent String

Input only. The parent resource for the resources managed by this Assured Workload. May be either an organization or a folder. Must be the same or a child of the Workload parent. If not specified all resources are created under the Workload parent. Formats: folders/{folder_id}, organizations/{organization_id}

resourceSettings List<Property Map>

Input only. Resource properties that are used to customize workload resources. These properties (such as custom project id) will be used to create workload resources if possible. This field is optional.

Outputs

All input properties are implicitly available as output properties. Additionally, the Workload resource produces the following output properties:

CreateTime string

Output only. Immutable. The Workload creation timestamp.

Id string

The provider-assigned unique ID for this managed resource.

Name string

Output only. The resource name of the workload.

Resources List<WorkloadResource>

Output only. The resources associated with this workload. These resources will be created when creating the workload. If any of the projects already exist, the workload creation will fail. Always read only.

CreateTime string

Output only. Immutable. The Workload creation timestamp.

Id string

The provider-assigned unique ID for this managed resource.

Name string

Output only. The resource name of the workload.

Resources []WorkloadResource

Output only. The resources associated with this workload. These resources will be created when creating the workload. If any of the projects already exist, the workload creation will fail. Always read only.

createTime String

Output only. Immutable. The Workload creation timestamp.

id String

The provider-assigned unique ID for this managed resource.

name String

Output only. The resource name of the workload.

resources List<WorkloadResource>

Output only. The resources associated with this workload. These resources will be created when creating the workload. If any of the projects already exist, the workload creation will fail. Always read only.

createTime string

Output only. Immutable. The Workload creation timestamp.

id string

The provider-assigned unique ID for this managed resource.

name string

Output only. The resource name of the workload.

resources WorkloadResource[]

Output only. The resources associated with this workload. These resources will be created when creating the workload. If any of the projects already exist, the workload creation will fail. Always read only.

create_time str

Output only. Immutable. The Workload creation timestamp.

id str

The provider-assigned unique ID for this managed resource.

name str

Output only. The resource name of the workload.

resources Sequence[WorkloadResource]

Output only. The resources associated with this workload. These resources will be created when creating the workload. If any of the projects already exist, the workload creation will fail. Always read only.

createTime String

Output only. Immutable. The Workload creation timestamp.

id String

The provider-assigned unique ID for this managed resource.

name String

Output only. The resource name of the workload.

resources List<Property Map>

Output only. The resources associated with this workload. These resources will be created when creating the workload. If any of the projects already exist, the workload creation will fail. Always read only.

Look up Existing Workload Resource

Get an existing Workload resource’s state with the given name, ID, and optional extra properties used to qualify the lookup.

public static get(name: string, id: Input<ID>, state?: WorkloadState, opts?: CustomResourceOptions): Workload
@staticmethod
def get(resource_name: str,
        id: str,
        opts: Optional[ResourceOptions] = None,
        billing_account: Optional[str] = None,
        compliance_regime: Optional[str] = None,
        create_time: Optional[str] = None,
        display_name: Optional[str] = None,
        kms_settings: Optional[WorkloadKmsSettingsArgs] = None,
        labels: Optional[Mapping[str, str]] = None,
        location: Optional[str] = None,
        name: Optional[str] = None,
        organization: Optional[str] = None,
        provisioned_resources_parent: Optional[str] = None,
        resource_settings: Optional[Sequence[WorkloadResourceSettingArgs]] = None,
        resources: Optional[Sequence[WorkloadResourceArgs]] = None) -> Workload
func GetWorkload(ctx *Context, name string, id IDInput, state *WorkloadState, opts ...ResourceOption) (*Workload, error)
public static Workload Get(string name, Input<string> id, WorkloadState? state, CustomResourceOptions? opts = null)
public static Workload get(String name, Output<String> id, WorkloadState state, CustomResourceOptions options)
Resource lookup is not supported in YAML
name
The unique name of the resulting resource.
id
The unique provider ID of the resource to lookup.
state
Any extra arguments used during the lookup.
opts
A bag of options that control this resource's behavior.
resource_name
The unique name of the resulting resource.
id
The unique provider ID of the resource to lookup.
name
The unique name of the resulting resource.
id
The unique provider ID of the resource to lookup.
state
Any extra arguments used during the lookup.
opts
A bag of options that control this resource's behavior.
name
The unique name of the resulting resource.
id
The unique provider ID of the resource to lookup.
state
Any extra arguments used during the lookup.
opts
A bag of options that control this resource's behavior.
name
The unique name of the resulting resource.
id
The unique provider ID of the resource to lookup.
state
Any extra arguments used during the lookup.
opts
A bag of options that control this resource's behavior.
The following state arguments are supported:
BillingAccount string

Required. Input only. The billing account used for the resources which are direct children of workload. This billing account is initially associated with the resources created as part of Workload creation. After the initial creation of these resources, the customer can change the assigned billing account. The resource name has the form billingAccounts/{billing_account_id}. For example, 'billingAccounts/012345-567890-ABCDEF`.

ComplianceRegime string

Required. Immutable. Compliance Regime associated with this workload. Possible values: COMPLIANCE_REGIME_UNSPECIFIED, IL4, CJIS, FEDRAMP_HIGH, FEDRAMP_MODERATE, US_REGIONAL_ACCESS

CreateTime string

Output only. Immutable. The Workload creation timestamp.

DisplayName string

Required. The user-assigned display name of the Workload. When present it must be between 4 to 30 characters. Allowed characters are: lowercase and uppercase letters, numbers, hyphen, and spaces. Example: My Workload

KmsSettings WorkloadKmsSettingsArgs

Input only. Settings used to create a CMEK crypto key. When set a project with a KMS CMEK key is provisioned. This field is mandatory for a subset of Compliance Regimes.

Labels Dictionary<string, string>

Optional. Labels applied to the workload.

Location string

The location for the resource

Name string

Output only. The resource name of the workload.

Organization string

The organization for the resource

ProvisionedResourcesParent string

Input only. The parent resource for the resources managed by this Assured Workload. May be either an organization or a folder. Must be the same or a child of the Workload parent. If not specified all resources are created under the Workload parent. Formats: folders/{folder_id}, organizations/{organization_id}

ResourceSettings List<WorkloadResourceSettingArgs>

Input only. Resource properties that are used to customize workload resources. These properties (such as custom project id) will be used to create workload resources if possible. This field is optional.

Resources List<WorkloadResourceArgs>

Output only. The resources associated with this workload. These resources will be created when creating the workload. If any of the projects already exist, the workload creation will fail. Always read only.

BillingAccount string

Required. Input only. The billing account used for the resources which are direct children of workload. This billing account is initially associated with the resources created as part of Workload creation. After the initial creation of these resources, the customer can change the assigned billing account. The resource name has the form billingAccounts/{billing_account_id}. For example, 'billingAccounts/012345-567890-ABCDEF`.

ComplianceRegime string

Required. Immutable. Compliance Regime associated with this workload. Possible values: COMPLIANCE_REGIME_UNSPECIFIED, IL4, CJIS, FEDRAMP_HIGH, FEDRAMP_MODERATE, US_REGIONAL_ACCESS

CreateTime string

Output only. Immutable. The Workload creation timestamp.

DisplayName string

Required. The user-assigned display name of the Workload. When present it must be between 4 to 30 characters. Allowed characters are: lowercase and uppercase letters, numbers, hyphen, and spaces. Example: My Workload

KmsSettings WorkloadKmsSettingsArgs

Input only. Settings used to create a CMEK crypto key. When set a project with a KMS CMEK key is provisioned. This field is mandatory for a subset of Compliance Regimes.

Labels map[string]string

Optional. Labels applied to the workload.

Location string

The location for the resource

Name string

Output only. The resource name of the workload.

Organization string

The organization for the resource

ProvisionedResourcesParent string

Input only. The parent resource for the resources managed by this Assured Workload. May be either an organization or a folder. Must be the same or a child of the Workload parent. If not specified all resources are created under the Workload parent. Formats: folders/{folder_id}, organizations/{organization_id}

ResourceSettings []WorkloadResourceSettingArgs

Input only. Resource properties that are used to customize workload resources. These properties (such as custom project id) will be used to create workload resources if possible. This field is optional.

Resources []WorkloadResourceArgs

Output only. The resources associated with this workload. These resources will be created when creating the workload. If any of the projects already exist, the workload creation will fail. Always read only.

billingAccount String

Required. Input only. The billing account used for the resources which are direct children of workload. This billing account is initially associated with the resources created as part of Workload creation. After the initial creation of these resources, the customer can change the assigned billing account. The resource name has the form billingAccounts/{billing_account_id}. For example, 'billingAccounts/012345-567890-ABCDEF`.

complianceRegime String

Required. Immutable. Compliance Regime associated with this workload. Possible values: COMPLIANCE_REGIME_UNSPECIFIED, IL4, CJIS, FEDRAMP_HIGH, FEDRAMP_MODERATE, US_REGIONAL_ACCESS

createTime String

Output only. Immutable. The Workload creation timestamp.

displayName String

Required. The user-assigned display name of the Workload. When present it must be between 4 to 30 characters. Allowed characters are: lowercase and uppercase letters, numbers, hyphen, and spaces. Example: My Workload

kmsSettings WorkloadKmsSettingsArgs

Input only. Settings used to create a CMEK crypto key. When set a project with a KMS CMEK key is provisioned. This field is mandatory for a subset of Compliance Regimes.

labels Map<String,String>

Optional. Labels applied to the workload.

location String

The location for the resource

name String

Output only. The resource name of the workload.

organization String

The organization for the resource

provisionedResourcesParent String

Input only. The parent resource for the resources managed by this Assured Workload. May be either an organization or a folder. Must be the same or a child of the Workload parent. If not specified all resources are created under the Workload parent. Formats: folders/{folder_id}, organizations/{organization_id}

resourceSettings List<WorkloadResourceSettingArgs>

Input only. Resource properties that are used to customize workload resources. These properties (such as custom project id) will be used to create workload resources if possible. This field is optional.

resources List<WorkloadResourceArgs>

Output only. The resources associated with this workload. These resources will be created when creating the workload. If any of the projects already exist, the workload creation will fail. Always read only.

billingAccount string

Required. Input only. The billing account used for the resources which are direct children of workload. This billing account is initially associated with the resources created as part of Workload creation. After the initial creation of these resources, the customer can change the assigned billing account. The resource name has the form billingAccounts/{billing_account_id}. For example, 'billingAccounts/012345-567890-ABCDEF`.

complianceRegime string

Required. Immutable. Compliance Regime associated with this workload. Possible values: COMPLIANCE_REGIME_UNSPECIFIED, IL4, CJIS, FEDRAMP_HIGH, FEDRAMP_MODERATE, US_REGIONAL_ACCESS

createTime string

Output only. Immutable. The Workload creation timestamp.

displayName string

Required. The user-assigned display name of the Workload. When present it must be between 4 to 30 characters. Allowed characters are: lowercase and uppercase letters, numbers, hyphen, and spaces. Example: My Workload

kmsSettings WorkloadKmsSettingsArgs

Input only. Settings used to create a CMEK crypto key. When set a project with a KMS CMEK key is provisioned. This field is mandatory for a subset of Compliance Regimes.

labels {[key: string]: string}

Optional. Labels applied to the workload.

location string

The location for the resource

name string

Output only. The resource name of the workload.

organization string

The organization for the resource

provisionedResourcesParent string

Input only. The parent resource for the resources managed by this Assured Workload. May be either an organization or a folder. Must be the same or a child of the Workload parent. If not specified all resources are created under the Workload parent. Formats: folders/{folder_id}, organizations/{organization_id}

resourceSettings WorkloadResourceSettingArgs[]

Input only. Resource properties that are used to customize workload resources. These properties (such as custom project id) will be used to create workload resources if possible. This field is optional.

resources WorkloadResourceArgs[]

Output only. The resources associated with this workload. These resources will be created when creating the workload. If any of the projects already exist, the workload creation will fail. Always read only.

billing_account str

Required. Input only. The billing account used for the resources which are direct children of workload. This billing account is initially associated with the resources created as part of Workload creation. After the initial creation of these resources, the customer can change the assigned billing account. The resource name has the form billingAccounts/{billing_account_id}. For example, 'billingAccounts/012345-567890-ABCDEF`.

compliance_regime str

Required. Immutable. Compliance Regime associated with this workload. Possible values: COMPLIANCE_REGIME_UNSPECIFIED, IL4, CJIS, FEDRAMP_HIGH, FEDRAMP_MODERATE, US_REGIONAL_ACCESS

create_time str

Output only. Immutable. The Workload creation timestamp.

display_name str

Required. The user-assigned display name of the Workload. When present it must be between 4 to 30 characters. Allowed characters are: lowercase and uppercase letters, numbers, hyphen, and spaces. Example: My Workload

kms_settings WorkloadKmsSettingsArgs

Input only. Settings used to create a CMEK crypto key. When set a project with a KMS CMEK key is provisioned. This field is mandatory for a subset of Compliance Regimes.

labels Mapping[str, str]

Optional. Labels applied to the workload.

location str

The location for the resource

name str

Output only. The resource name of the workload.

organization str

The organization for the resource

provisioned_resources_parent str

Input only. The parent resource for the resources managed by this Assured Workload. May be either an organization or a folder. Must be the same or a child of the Workload parent. If not specified all resources are created under the Workload parent. Formats: folders/{folder_id}, organizations/{organization_id}

resource_settings Sequence[WorkloadResourceSettingArgs]

Input only. Resource properties that are used to customize workload resources. These properties (such as custom project id) will be used to create workload resources if possible. This field is optional.

resources Sequence[WorkloadResourceArgs]

Output only. The resources associated with this workload. These resources will be created when creating the workload. If any of the projects already exist, the workload creation will fail. Always read only.

billingAccount String

Required. Input only. The billing account used for the resources which are direct children of workload. This billing account is initially associated with the resources created as part of Workload creation. After the initial creation of these resources, the customer can change the assigned billing account. The resource name has the form billingAccounts/{billing_account_id}. For example, 'billingAccounts/012345-567890-ABCDEF`.

complianceRegime String

Required. Immutable. Compliance Regime associated with this workload. Possible values: COMPLIANCE_REGIME_UNSPECIFIED, IL4, CJIS, FEDRAMP_HIGH, FEDRAMP_MODERATE, US_REGIONAL_ACCESS

createTime String

Output only. Immutable. The Workload creation timestamp.

displayName String

Required. The user-assigned display name of the Workload. When present it must be between 4 to 30 characters. Allowed characters are: lowercase and uppercase letters, numbers, hyphen, and spaces. Example: My Workload

kmsSettings Property Map

Input only. Settings used to create a CMEK crypto key. When set a project with a KMS CMEK key is provisioned. This field is mandatory for a subset of Compliance Regimes.

labels Map<String>

Optional. Labels applied to the workload.

location String

The location for the resource

name String

Output only. The resource name of the workload.

organization String

The organization for the resource

provisionedResourcesParent String

Input only. The parent resource for the resources managed by this Assured Workload. May be either an organization or a folder. Must be the same or a child of the Workload parent. If not specified all resources are created under the Workload parent. Formats: folders/{folder_id}, organizations/{organization_id}

resourceSettings List<Property Map>

Input only. Resource properties that are used to customize workload resources. These properties (such as custom project id) will be used to create workload resources if possible. This field is optional.

resources List<Property Map>

Output only. The resources associated with this workload. These resources will be created when creating the workload. If any of the projects already exist, the workload creation will fail. Always read only.

Supporting Types

WorkloadKmsSettings

NextRotationTime string

Required. Input only. Immutable. The time at which the Key Management Service will automatically create a new version of the crypto key and mark it as the primary.

RotationPeriod string

Required. Input only. Immutable. will be advanced by this period when the Key Management Service automatically rotates a key. Must be at least 24 hours and at most 876,000 hours.

NextRotationTime string

Required. Input only. Immutable. The time at which the Key Management Service will automatically create a new version of the crypto key and mark it as the primary.

RotationPeriod string

Required. Input only. Immutable. will be advanced by this period when the Key Management Service automatically rotates a key. Must be at least 24 hours and at most 876,000 hours.

nextRotationTime String

Required. Input only. Immutable. The time at which the Key Management Service will automatically create a new version of the crypto key and mark it as the primary.

rotationPeriod String

Required. Input only. Immutable. will be advanced by this period when the Key Management Service automatically rotates a key. Must be at least 24 hours and at most 876,000 hours.

nextRotationTime string

Required. Input only. Immutable. The time at which the Key Management Service will automatically create a new version of the crypto key and mark it as the primary.

rotationPeriod string

Required. Input only. Immutable. will be advanced by this period when the Key Management Service automatically rotates a key. Must be at least 24 hours and at most 876,000 hours.

next_rotation_time str

Required. Input only. Immutable. The time at which the Key Management Service will automatically create a new version of the crypto key and mark it as the primary.

rotation_period str

Required. Input only. Immutable. will be advanced by this period when the Key Management Service automatically rotates a key. Must be at least 24 hours and at most 876,000 hours.

nextRotationTime String

Required. Input only. Immutable. The time at which the Key Management Service will automatically create a new version of the crypto key and mark it as the primary.

rotationPeriod String

Required. Input only. Immutable. will be advanced by this period when the Key Management Service automatically rotates a key. Must be at least 24 hours and at most 876,000 hours.

WorkloadResource

ResourceId int

Resource identifier. For a project this represents project_number. If the project is already taken, the workload creation will fail.

ResourceType string

Indicates the type of resource. This field should be specified to correspond the id to the right project type (CONSUMER_PROJECT or ENCRYPTION_KEYS_PROJECT) Possible values: RESOURCE_TYPE_UNSPECIFIED, CONSUMER_PROJECT, ENCRYPTION_KEYS_PROJECT, KEYRING, CONSUMER_FOLDER

ResourceId int

Resource identifier. For a project this represents project_number. If the project is already taken, the workload creation will fail.

ResourceType string

Indicates the type of resource. This field should be specified to correspond the id to the right project type (CONSUMER_PROJECT or ENCRYPTION_KEYS_PROJECT) Possible values: RESOURCE_TYPE_UNSPECIFIED, CONSUMER_PROJECT, ENCRYPTION_KEYS_PROJECT, KEYRING, CONSUMER_FOLDER

resourceId Integer

Resource identifier. For a project this represents project_number. If the project is already taken, the workload creation will fail.

resourceType String

Indicates the type of resource. This field should be specified to correspond the id to the right project type (CONSUMER_PROJECT or ENCRYPTION_KEYS_PROJECT) Possible values: RESOURCE_TYPE_UNSPECIFIED, CONSUMER_PROJECT, ENCRYPTION_KEYS_PROJECT, KEYRING, CONSUMER_FOLDER

resourceId number

Resource identifier. For a project this represents project_number. If the project is already taken, the workload creation will fail.

resourceType string

Indicates the type of resource. This field should be specified to correspond the id to the right project type (CONSUMER_PROJECT or ENCRYPTION_KEYS_PROJECT) Possible values: RESOURCE_TYPE_UNSPECIFIED, CONSUMER_PROJECT, ENCRYPTION_KEYS_PROJECT, KEYRING, CONSUMER_FOLDER

resource_id int

Resource identifier. For a project this represents project_number. If the project is already taken, the workload creation will fail.

resource_type str

Indicates the type of resource. This field should be specified to correspond the id to the right project type (CONSUMER_PROJECT or ENCRYPTION_KEYS_PROJECT) Possible values: RESOURCE_TYPE_UNSPECIFIED, CONSUMER_PROJECT, ENCRYPTION_KEYS_PROJECT, KEYRING, CONSUMER_FOLDER

resourceId Number

Resource identifier. For a project this represents project_number. If the project is already taken, the workload creation will fail.

resourceType String

Indicates the type of resource. This field should be specified to correspond the id to the right project type (CONSUMER_PROJECT or ENCRYPTION_KEYS_PROJECT) Possible values: RESOURCE_TYPE_UNSPECIFIED, CONSUMER_PROJECT, ENCRYPTION_KEYS_PROJECT, KEYRING, CONSUMER_FOLDER

WorkloadResourceSetting

ResourceId string

Resource identifier. For a project this represents project_number. If the project is already taken, the workload creation will fail.

ResourceType string

Indicates the type of resource. This field should be specified to correspond the id to the right project type (CONSUMER_PROJECT or ENCRYPTION_KEYS_PROJECT) Possible values: RESOURCE_TYPE_UNSPECIFIED, CONSUMER_PROJECT, ENCRYPTION_KEYS_PROJECT, KEYRING, CONSUMER_FOLDER

ResourceId string

Resource identifier. For a project this represents project_number. If the project is already taken, the workload creation will fail.

ResourceType string

Indicates the type of resource. This field should be specified to correspond the id to the right project type (CONSUMER_PROJECT or ENCRYPTION_KEYS_PROJECT) Possible values: RESOURCE_TYPE_UNSPECIFIED, CONSUMER_PROJECT, ENCRYPTION_KEYS_PROJECT, KEYRING, CONSUMER_FOLDER

resourceId String

Resource identifier. For a project this represents project_number. If the project is already taken, the workload creation will fail.

resourceType String

Indicates the type of resource. This field should be specified to correspond the id to the right project type (CONSUMER_PROJECT or ENCRYPTION_KEYS_PROJECT) Possible values: RESOURCE_TYPE_UNSPECIFIED, CONSUMER_PROJECT, ENCRYPTION_KEYS_PROJECT, KEYRING, CONSUMER_FOLDER

resourceId string

Resource identifier. For a project this represents project_number. If the project is already taken, the workload creation will fail.

resourceType string

Indicates the type of resource. This field should be specified to correspond the id to the right project type (CONSUMER_PROJECT or ENCRYPTION_KEYS_PROJECT) Possible values: RESOURCE_TYPE_UNSPECIFIED, CONSUMER_PROJECT, ENCRYPTION_KEYS_PROJECT, KEYRING, CONSUMER_FOLDER

resource_id str

Resource identifier. For a project this represents project_number. If the project is already taken, the workload creation will fail.

resource_type str

Indicates the type of resource. This field should be specified to correspond the id to the right project type (CONSUMER_PROJECT or ENCRYPTION_KEYS_PROJECT) Possible values: RESOURCE_TYPE_UNSPECIFIED, CONSUMER_PROJECT, ENCRYPTION_KEYS_PROJECT, KEYRING, CONSUMER_FOLDER

resourceId String

Resource identifier. For a project this represents project_number. If the project is already taken, the workload creation will fail.

resourceType String

Indicates the type of resource. This field should be specified to correspond the id to the right project type (CONSUMER_PROJECT or ENCRYPTION_KEYS_PROJECT) Possible values: RESOURCE_TYPE_UNSPECIFIED, CONSUMER_PROJECT, ENCRYPTION_KEYS_PROJECT, KEYRING, CONSUMER_FOLDER

Import

Workload can be imported using any of these accepted formats

 $ pulumi import gcp:assuredworkloads/workload:Workload default organizations/{{organization}}/locations/{{location}}/workloads/{{name}}
 $ pulumi import gcp:assuredworkloads/workload:Workload default {{organization}}/{{location}}/{{name}}

Package Details

Repository
Google Cloud (GCP) Classic pulumi/pulumi-gcp
License
Apache-2.0
Notes

This Pulumi package is based on the google-beta Terraform Provider.