Google Cloud Classic v6.52.0, Mar 22 23

gcp.assuredworkloads.Workload

The AssuredWorkloads Workload resource

Example Usage

Basic_workload

using System.Collections.Generic;
using Pulumi;
using Gcp = Pulumi.Gcp;

return await Deployment.RunAsync(() => 
{
    var primary = new Gcp.AssuredWorkloads.Workload("primary", new()
    {
        BillingAccount = "billingAccounts/000000-0000000-0000000-000000",
        ComplianceRegime = "FEDRAMP_MODERATE",
        DisplayName = "Workload Example",
        KmsSettings = new Gcp.AssuredWorkloads.Inputs.WorkloadKmsSettingsArgs
        {
            NextRotationTime = "9999-10-02T15:01:23Z",
            RotationPeriod = "10368000s",
        },
        Labels = 
        {
            { "label-one", "value-one" },
        },
        Location = "us-west1",
        Organization = "123456789",
        ProvisionedResourcesParent = "folders/519620126891",
        ResourceSettings = new[]
        {
            new Gcp.AssuredWorkloads.Inputs.WorkloadResourceSettingArgs
            {
                ResourceType = "CONSUMER_PROJECT",
            },
            new Gcp.AssuredWorkloads.Inputs.WorkloadResourceSettingArgs
            {
                ResourceType = "ENCRYPTION_KEYS_PROJECT",
            },
            new Gcp.AssuredWorkloads.Inputs.WorkloadResourceSettingArgs
            {
                ResourceId = "ring",
                ResourceType = "KEYRING",
            },
        },
    });

});

package main

import (
	"github.com/pulumi/pulumi-gcp/sdk/v6/go/gcp/assuredworkloads"
	"github.com/pulumi/pulumi/sdk/v3/go/pulumi"
)

func main() {
	pulumi.Run(func(ctx *pulumi.Context) error {
		_, err := assuredworkloads.NewWorkload(ctx, "primary", &assuredworkloads.WorkloadArgs{
			BillingAccount:   pulumi.String("billingAccounts/000000-0000000-0000000-000000"),
			ComplianceRegime: pulumi.String("FEDRAMP_MODERATE"),
			DisplayName:      pulumi.String("Workload Example"),
			KmsSettings: &assuredworkloads.WorkloadKmsSettingsArgs{
				NextRotationTime: pulumi.String("9999-10-02T15:01:23Z"),
				RotationPeriod:   pulumi.String("10368000s"),
			},
			Labels: pulumi.StringMap{
				"label-one": pulumi.String("value-one"),
			},
			Location:                   pulumi.String("us-west1"),
			Organization:               pulumi.String("123456789"),
			ProvisionedResourcesParent: pulumi.String("folders/519620126891"),
			ResourceSettings: assuredworkloads.WorkloadResourceSettingArray{
				&assuredworkloads.WorkloadResourceSettingArgs{
					ResourceType: pulumi.String("CONSUMER_PROJECT"),
				},
				&assuredworkloads.WorkloadResourceSettingArgs{
					ResourceType: pulumi.String("ENCRYPTION_KEYS_PROJECT"),
				},
				&assuredworkloads.WorkloadResourceSettingArgs{
					ResourceId:   pulumi.String("ring"),
					ResourceType: pulumi.String("KEYRING"),
				},
			},
		})
		if err != nil {
			return err
		}
		return nil
	})
}

package generated_program;

import com.pulumi.Context;
import com.pulumi.Pulumi;
import com.pulumi.core.Output;
import com.pulumi.gcp.assuredworkloads.Workload;
import com.pulumi.gcp.assuredworkloads.WorkloadArgs;
import com.pulumi.gcp.assuredworkloads.inputs.WorkloadKmsSettingsArgs;
import com.pulumi.gcp.assuredworkloads.inputs.WorkloadResourceSettingArgs;
import java.util.List;
import java.util.ArrayList;
import java.util.Map;
import java.io.File;
import java.nio.file.Files;
import java.nio.file.Paths;

public class App {
    public static void main(String[] args) {
        Pulumi.run(App::stack);
    }

    public static void stack(Context ctx) {
        var primary = new Workload("primary", WorkloadArgs.builder()        
            .billingAccount("billingAccounts/000000-0000000-0000000-000000")
            .complianceRegime("FEDRAMP_MODERATE")
            .displayName("Workload Example")
            .kmsSettings(WorkloadKmsSettingsArgs.builder()
                .nextRotationTime("9999-10-02T15:01:23Z")
                .rotationPeriod("10368000s")
                .build())
            .labels(Map.of("label-one", "value-one"))
            .location("us-west1")
            .organization("123456789")
            .provisionedResourcesParent("folders/519620126891")
            .resourceSettings(            
                WorkloadResourceSettingArgs.builder()
                    .resourceType("CONSUMER_PROJECT")
                    .build(),
                WorkloadResourceSettingArgs.builder()
                    .resourceType("ENCRYPTION_KEYS_PROJECT")
                    .build(),
                WorkloadResourceSettingArgs.builder()
                    .resourceId("ring")
                    .resourceType("KEYRING")
                    .build())
            .build());

    }
}

import pulumi
import pulumi_gcp as gcp

primary = gcp.assuredworkloads.Workload("primary",
    billing_account="billingAccounts/000000-0000000-0000000-000000",
    compliance_regime="FEDRAMP_MODERATE",
    display_name="Workload Example",
    kms_settings=gcp.assuredworkloads.WorkloadKmsSettingsArgs(
        next_rotation_time="9999-10-02T15:01:23Z",
        rotation_period="10368000s",
    ),
    labels={
        "label-one": "value-one",
    },
    location="us-west1",
    organization="123456789",
    provisioned_resources_parent="folders/519620126891",
    resource_settings=[
        gcp.assuredworkloads.WorkloadResourceSettingArgs(
            resource_type="CONSUMER_PROJECT",
        ),
        gcp.assuredworkloads.WorkloadResourceSettingArgs(
            resource_type="ENCRYPTION_KEYS_PROJECT",
        ),
        gcp.assuredworkloads.WorkloadResourceSettingArgs(
            resource_id="ring",
            resource_type="KEYRING",
        ),
    ])

import * as pulumi from "@pulumi/pulumi";
import * as gcp from "@pulumi/gcp";

const primary = new gcp.assuredworkloads.Workload("primary", {
    billingAccount: "billingAccounts/000000-0000000-0000000-000000",
    complianceRegime: "FEDRAMP_MODERATE",
    displayName: "Workload Example",
    kmsSettings: {
        nextRotationTime: "9999-10-02T15:01:23Z",
        rotationPeriod: "10368000s",
    },
    labels: {
        "label-one": "value-one",
    },
    location: "us-west1",
    organization: "123456789",
    provisionedResourcesParent: "folders/519620126891",
    resourceSettings: [
        {
            resourceType: "CONSUMER_PROJECT",
        },
        {
            resourceType: "ENCRYPTION_KEYS_PROJECT",
        },
        {
            resourceId: "ring",
            resourceType: "KEYRING",
        },
    ],
});

resources:
  primary:
    type: gcp:assuredworkloads:Workload
    properties:
      billingAccount: billingAccounts/000000-0000000-0000000-000000
      complianceRegime: FEDRAMP_MODERATE
      displayName: Workload Example
      kmsSettings:
        nextRotationTime: 9999-10-02T15:01:23Z
        rotationPeriod: 10368000s
      labels:
        label-one: value-one
      location: us-west1
      organization: '123456789'
      provisionedResourcesParent: folders/519620126891
      resourceSettings:
        - resourceType: CONSUMER_PROJECT
        - resourceType: ENCRYPTION_KEYS_PROJECT
        - resourceId: ring
          resourceType: KEYRING

Create Workload Resource

new Workload(name: string, args: WorkloadArgs, opts?: CustomResourceOptions);

@overload
def Workload(resource_name: str,
             opts: Optional[ResourceOptions] = None,
             billing_account: Optional[str] = None,
             compliance_regime: Optional[str] = None,
             display_name: Optional[str] = None,
             kms_settings: Optional[WorkloadKmsSettingsArgs] = None,
             labels: Optional[Mapping[str, str]] = None,
             location: Optional[str] = None,
             organization: Optional[str] = None,
             provisioned_resources_parent: Optional[str] = None,
             resource_settings: Optional[Sequence[WorkloadResourceSettingArgs]] = None)
@overload
def Workload(resource_name: str,
             args: WorkloadArgs,
             opts: Optional[ResourceOptions] = None)

func NewWorkload(ctx *Context, name string, args WorkloadArgs, opts ...ResourceOption) (*Workload, error)

public Workload(string name, WorkloadArgs args, CustomResourceOptions? opts = null)

public Workload(String name, WorkloadArgs args)
public Workload(String name, WorkloadArgs args, CustomResourceOptions options)

type: gcp:assuredworkloads:Workload
properties: # The arguments to resource properties.
options: # Bag of options to control resource's behavior.

name string: The unique name of the resource.
args WorkloadArgs: The arguments to resource properties.
opts CustomResourceOptions: Bag of options to control resource's behavior.

resource_name str: The unique name of the resource.
args WorkloadArgs: The arguments to resource properties.
opts ResourceOptions: Bag of options to control resource's behavior.

ctx Context: Context object for the current deployment.
name string: The unique name of the resource.
args WorkloadArgs: The arguments to resource properties.
opts ResourceOption: Bag of options to control resource's behavior.

name string: The unique name of the resource.
args WorkloadArgs: The arguments to resource properties.
opts CustomResourceOptions: Bag of options to control resource's behavior.

name String: The unique name of the resource.
args WorkloadArgs: The arguments to resource properties.
options CustomResourceOptions: Bag of options to control resource's behavior.

Workload Resource Properties

To learn more about resource properties and how to use them, see Inputs and Outputs in the Architecture and Concepts docs.

Inputs

The Workload resource accepts the following input properties:

BillingAccount string: Required. Input only. The billing account used for the resources which are direct children of workload. This billing account is initially associated with the resources created as part of Workload creation. After the initial creation of these resources, the customer can change the assigned billing account. The resource name has the form billingAccounts/{billing_account_id}. For example, 'billingAccounts/012345-567890-ABCDEF`.
ComplianceRegime string: Required. Immutable. Compliance Regime associated with this workload. Possible values: COMPLIANCE_REGIME_UNSPECIFIED, IL4, CJIS, FEDRAMP_HIGH, FEDRAMP_MODERATE, US_REGIONAL_ACCESS
DisplayName string: Required. The user-assigned display name of the Workload. When present it must be between 4 to 30 characters. Allowed characters are: lowercase and uppercase letters, numbers, hyphen, and spaces. Example: My Workload
Location string: The location for the resource
Organization string: The organization for the resource
KmsSettings WorkloadKmsSettingsArgs: Input only. Settings used to create a CMEK crypto key. When set a project with a KMS CMEK key is provisioned. This field is mandatory for a subset of Compliance Regimes.
Labels Dictionary<string, string>: Optional. Labels applied to the workload.
ProvisionedResourcesParent string: Input only. The parent resource for the resources managed by this Assured Workload. May be either an organization or a folder. Must be the same or a child of the Workload parent. If not specified all resources are created under the Workload parent. Formats: folders/{folder_id}, organizations/{organization_id}
ResourceSettings List<WorkloadResourceSettingArgs>: Input only. Resource properties that are used to customize workload resources. These properties (such as custom project id) will be used to create workload resources if possible. This field is optional.

BillingAccount string: Required. Input only. The billing account used for the resources which are direct children of workload. This billing account is initially associated with the resources created as part of Workload creation. After the initial creation of these resources, the customer can change the assigned billing account. The resource name has the form billingAccounts/{billing_account_id}. For example, 'billingAccounts/012345-567890-ABCDEF`.
ComplianceRegime string: Required. Immutable. Compliance Regime associated with this workload. Possible values: COMPLIANCE_REGIME_UNSPECIFIED, IL4, CJIS, FEDRAMP_HIGH, FEDRAMP_MODERATE, US_REGIONAL_ACCESS
DisplayName string: Required. The user-assigned display name of the Workload. When present it must be between 4 to 30 characters. Allowed characters are: lowercase and uppercase letters, numbers, hyphen, and spaces. Example: My Workload
Location string: The location for the resource
Organization string: The organization for the resource
KmsSettings WorkloadKmsSettingsArgs: Input only. Settings used to create a CMEK crypto key. When set a project with a KMS CMEK key is provisioned. This field is mandatory for a subset of Compliance Regimes.
Labels map[string]string: Optional. Labels applied to the workload.
ProvisionedResourcesParent string: Input only. The parent resource for the resources managed by this Assured Workload. May be either an organization or a folder. Must be the same or a child of the Workload parent. If not specified all resources are created under the Workload parent. Formats: folders/{folder_id}, organizations/{organization_id}
ResourceSettings []WorkloadResourceSettingArgs: Input only. Resource properties that are used to customize workload resources. These properties (such as custom project id) will be used to create workload resources if possible. This field is optional.

billingAccount String: Required. Input only. The billing account used for the resources which are direct children of workload. This billing account is initially associated with the resources created as part of Workload creation. After the initial creation of these resources, the customer can change the assigned billing account. The resource name has the form billingAccounts/{billing_account_id}. For example, 'billingAccounts/012345-567890-ABCDEF`.
complianceRegime String: Required. Immutable. Compliance Regime associated with this workload. Possible values: COMPLIANCE_REGIME_UNSPECIFIED, IL4, CJIS, FEDRAMP_HIGH, FEDRAMP_MODERATE, US_REGIONAL_ACCESS
displayName String: Required. The user-assigned display name of the Workload. When present it must be between 4 to 30 characters. Allowed characters are: lowercase and uppercase letters, numbers, hyphen, and spaces. Example: My Workload
location String: The location for the resource
organization String: The organization for the resource
kmsSettings WorkloadKmsSettingsArgs: Input only. Settings used to create a CMEK crypto key. When set a project with a KMS CMEK key is provisioned. This field is mandatory for a subset of Compliance Regimes.
labels Map<String,String>: Optional. Labels applied to the workload.
provisionedResourcesParent String: Input only. The parent resource for the resources managed by this Assured Workload. May be either an organization or a folder. Must be the same or a child of the Workload parent. If not specified all resources are created under the Workload parent. Formats: folders/{folder_id}, organizations/{organization_id}
resourceSettings List<WorkloadResourceSettingArgs>: Input only. Resource properties that are used to customize workload resources. These properties (such as custom project id) will be used to create workload resources if possible. This field is optional.

billingAccount string: Required. Input only. The billing account used for the resources which are direct children of workload. This billing account is initially associated with the resources created as part of Workload creation. After the initial creation of these resources, the customer can change the assigned billing account. The resource name has the form billingAccounts/{billing_account_id}. For example, 'billingAccounts/012345-567890-ABCDEF`.
complianceRegime string: Required. Immutable. Compliance Regime associated with this workload. Possible values: COMPLIANCE_REGIME_UNSPECIFIED, IL4, CJIS, FEDRAMP_HIGH, FEDRAMP_MODERATE, US_REGIONAL_ACCESS
displayName string: Required. The user-assigned display name of the Workload. When present it must be between 4 to 30 characters. Allowed characters are: lowercase and uppercase letters, numbers, hyphen, and spaces. Example: My Workload
location string: The location for the resource
organization string: The organization for the resource
kmsSettings WorkloadKmsSettingsArgs: Input only. Settings used to create a CMEK crypto key. When set a project with a KMS CMEK key is provisioned. This field is mandatory for a subset of Compliance Regimes.
labels {[key: string]: string}: Optional. Labels applied to the workload.
provisionedResourcesParent string: Input only. The parent resource for the resources managed by this Assured Workload. May be either an organization or a folder. Must be the same or a child of the Workload parent. If not specified all resources are created under the Workload parent. Formats: folders/{folder_id}, organizations/{organization_id}
resourceSettings WorkloadResourceSettingArgs[]: Input only. Resource properties that are used to customize workload resources. These properties (such as custom project id) will be used to create workload resources if possible. This field is optional.

billing_account str: Required. Input only. The billing account used for the resources which are direct children of workload. This billing account is initially associated with the resources created as part of Workload creation. After the initial creation of these resources, the customer can change the assigned billing account. The resource name has the form billingAccounts/{billing_account_id}. For example, 'billingAccounts/012345-567890-ABCDEF`.
compliance_regime str: Required. Immutable. Compliance Regime associated with this workload. Possible values: COMPLIANCE_REGIME_UNSPECIFIED, IL4, CJIS, FEDRAMP_HIGH, FEDRAMP_MODERATE, US_REGIONAL_ACCESS
display_name str: Required. The user-assigned display name of the Workload. When present it must be between 4 to 30 characters. Allowed characters are: lowercase and uppercase letters, numbers, hyphen, and spaces. Example: My Workload
location str: The location for the resource
organization str: The organization for the resource
kms_settings WorkloadKmsSettingsArgs: Input only. Settings used to create a CMEK crypto key. When set a project with a KMS CMEK key is provisioned. This field is mandatory for a subset of Compliance Regimes.
labels Mapping[str, str]: Optional. Labels applied to the workload.
provisioned_resources_parent str: Input only. The parent resource for the resources managed by this Assured Workload. May be either an organization or a folder. Must be the same or a child of the Workload parent. If not specified all resources are created under the Workload parent. Formats: folders/{folder_id}, organizations/{organization_id}
resource_settings Sequence[WorkloadResourceSettingArgs]: Input only. Resource properties that are used to customize workload resources. These properties (such as custom project id) will be used to create workload resources if possible. This field is optional.

billingAccount String: Required. Input only. The billing account used for the resources which are direct children of workload. This billing account is initially associated with the resources created as part of Workload creation. After the initial creation of these resources, the customer can change the assigned billing account. The resource name has the form billingAccounts/{billing_account_id}. For example, 'billingAccounts/012345-567890-ABCDEF`.
complianceRegime String: Required. Immutable. Compliance Regime associated with this workload. Possible values: COMPLIANCE_REGIME_UNSPECIFIED, IL4, CJIS, FEDRAMP_HIGH, FEDRAMP_MODERATE, US_REGIONAL_ACCESS
displayName String: Required. The user-assigned display name of the Workload. When present it must be between 4 to 30 characters. Allowed characters are: lowercase and uppercase letters, numbers, hyphen, and spaces. Example: My Workload
location String: The location for the resource
organization String: The organization for the resource
kmsSettings Property Map: Input only. Settings used to create a CMEK crypto key. When set a project with a KMS CMEK key is provisioned. This field is mandatory for a subset of Compliance Regimes.
labels Map<String>: Optional. Labels applied to the workload.
provisionedResourcesParent String: Input only. The parent resource for the resources managed by this Assured Workload. May be either an organization or a folder. Must be the same or a child of the Workload parent. If not specified all resources are created under the Workload parent. Formats: folders/{folder_id}, organizations/{organization_id}
resourceSettings List<Property Map>: Input only. Resource properties that are used to customize workload resources. These properties (such as custom project id) will be used to create workload resources if possible. This field is optional.

Outputs

All input properties are implicitly available as output properties. Additionally, the Workload resource produces the following output properties:

CreateTime string: Output only. Immutable. The Workload creation timestamp.
Id string: The provider-assigned unique ID for this managed resource.
Name string: Output only. The resource name of the workload.
Resources List<WorkloadResource>: Output only. The resources associated with this workload. These resources will be created when creating the workload. If any of the projects already exist, the workload creation will fail. Always read only.

CreateTime string: Output only. Immutable. The Workload creation timestamp.
Id string: The provider-assigned unique ID for this managed resource.
Name string: Output only. The resource name of the workload.
Resources []WorkloadResource: Output only. The resources associated with this workload. These resources will be created when creating the workload. If any of the projects already exist, the workload creation will fail. Always read only.

createTime String: Output only. Immutable. The Workload creation timestamp.
id String: The provider-assigned unique ID for this managed resource.
name String: Output only. The resource name of the workload.
resources List<WorkloadResource>: Output only. The resources associated with this workload. These resources will be created when creating the workload. If any of the projects already exist, the workload creation will fail. Always read only.

createTime string: Output only. Immutable. The Workload creation timestamp.
id string: The provider-assigned unique ID for this managed resource.
name string: Output only. The resource name of the workload.
resources WorkloadResource[]: Output only. The resources associated with this workload. These resources will be created when creating the workload. If any of the projects already exist, the workload creation will fail. Always read only.

create_time str: Output only. Immutable. The Workload creation timestamp.
id str: The provider-assigned unique ID for this managed resource.
name str: Output only. The resource name of the workload.
resources Sequence[WorkloadResource]: Output only. The resources associated with this workload. These resources will be created when creating the workload. If any of the projects already exist, the workload creation will fail. Always read only.

createTime String: Output only. Immutable. The Workload creation timestamp.
id String: The provider-assigned unique ID for this managed resource.
name String: Output only. The resource name of the workload.
resources List<Property Map>: Output only. The resources associated with this workload. These resources will be created when creating the workload. If any of the projects already exist, the workload creation will fail. Always read only.

Look up Existing Workload Resource

Get an existing Workload resource’s state with the given name, ID, and optional extra properties used to qualify the lookup.

public static get(name: string, id: Input<ID>, state?: WorkloadState, opts?: CustomResourceOptions): Workload

@staticmethod
def get(resource_name: str,
        id: str,
        opts: Optional[ResourceOptions] = None,
        billing_account: Optional[str] = None,
        compliance_regime: Optional[str] = None,
        create_time: Optional[str] = None,
        display_name: Optional[str] = None,
        kms_settings: Optional[WorkloadKmsSettingsArgs] = None,
        labels: Optional[Mapping[str, str]] = None,
        location: Optional[str] = None,
        name: Optional[str] = None,
        organization: Optional[str] = None,
        provisioned_resources_parent: Optional[str] = None,
        resource_settings: Optional[Sequence[WorkloadResourceSettingArgs]] = None,
        resources: Optional[Sequence[WorkloadResourceArgs]] = None) -> Workload

func GetWorkload(ctx *Context, name string, id IDInput, state *WorkloadState, opts ...ResourceOption) (*Workload, error)

public static Workload Get(string name, Input<string> id, WorkloadState? state, CustomResourceOptions? opts = null)

public static Workload get(String name, Output<String> id, WorkloadState state, CustomResourceOptions options)

Resource lookup is not supported in YAML

name: The unique name of the resulting resource.
id: The unique provider ID of the resource to lookup.
state: Any extra arguments used during the lookup.
opts: A bag of options that control this resource's behavior.

resource_name: The unique name of the resulting resource.
id: The unique provider ID of the resource to lookup.

name: The unique name of the resulting resource.
id: The unique provider ID of the resource to lookup.
state: Any extra arguments used during the lookup.
opts: A bag of options that control this resource's behavior.

name: The unique name of the resulting resource.
id: The unique provider ID of the resource to lookup.
state: Any extra arguments used during the lookup.
opts: A bag of options that control this resource's behavior.

name: The unique name of the resulting resource.
id: The unique provider ID of the resource to lookup.
state: Any extra arguments used during the lookup.
opts: A bag of options that control this resource's behavior.

The following state arguments are supported:

BillingAccount string: Required. Input only. The billing account used for the resources which are direct children of workload. This billing account is initially associated with the resources created as part of Workload creation. After the initial creation of these resources, the customer can change the assigned billing account. The resource name has the form billingAccounts/{billing_account_id}. For example, 'billingAccounts/012345-567890-ABCDEF`.
ComplianceRegime string: Required. Immutable. Compliance Regime associated with this workload. Possible values: COMPLIANCE_REGIME_UNSPECIFIED, IL4, CJIS, FEDRAMP_HIGH, FEDRAMP_MODERATE, US_REGIONAL_ACCESS
CreateTime string: Output only. Immutable. The Workload creation timestamp.
DisplayName string: Required. The user-assigned display name of the Workload. When present it must be between 4 to 30 characters. Allowed characters are: lowercase and uppercase letters, numbers, hyphen, and spaces. Example: My Workload
KmsSettings WorkloadKmsSettingsArgs: Input only. Settings used to create a CMEK crypto key. When set a project with a KMS CMEK key is provisioned. This field is mandatory for a subset of Compliance Regimes.
Labels Dictionary<string, string>: Optional. Labels applied to the workload.
Location string: The location for the resource
Name string: Output only. The resource name of the workload.
Organization string: The organization for the resource
ProvisionedResourcesParent string: Input only. The parent resource for the resources managed by this Assured Workload. May be either an organization or a folder. Must be the same or a child of the Workload parent. If not specified all resources are created under the Workload parent. Formats: folders/{folder_id}, organizations/{organization_id}
ResourceSettings List<WorkloadResourceSettingArgs>: Input only. Resource properties that are used to customize workload resources. These properties (such as custom project id) will be used to create workload resources if possible. This field is optional.
Resources List<WorkloadResourceArgs>: Output only. The resources associated with this workload. These resources will be created when creating the workload. If any of the projects already exist, the workload creation will fail. Always read only.

BillingAccount string: Required. Input only. The billing account used for the resources which are direct children of workload. This billing account is initially associated with the resources created as part of Workload creation. After the initial creation of these resources, the customer can change the assigned billing account. The resource name has the form billingAccounts/{billing_account_id}. For example, 'billingAccounts/012345-567890-ABCDEF`.
ComplianceRegime string: Required. Immutable. Compliance Regime associated with this workload. Possible values: COMPLIANCE_REGIME_UNSPECIFIED, IL4, CJIS, FEDRAMP_HIGH, FEDRAMP_MODERATE, US_REGIONAL_ACCESS
CreateTime string: Output only. Immutable. The Workload creation timestamp.
DisplayName string: Required. The user-assigned display name of the Workload. When present it must be between 4 to 30 characters. Allowed characters are: lowercase and uppercase letters, numbers, hyphen, and spaces. Example: My Workload
KmsSettings WorkloadKmsSettingsArgs: Input only. Settings used to create a CMEK crypto key. When set a project with a KMS CMEK key is provisioned. This field is mandatory for a subset of Compliance Regimes.
Labels map[string]string: Optional. Labels applied to the workload.
Location string: The location for the resource
Name string: Output only. The resource name of the workload.
Organization string: The organization for the resource
ProvisionedResourcesParent string: Input only. The parent resource for the resources managed by this Assured Workload. May be either an organization or a folder. Must be the same or a child of the Workload parent. If not specified all resources are created under the Workload parent. Formats: folders/{folder_id}, organizations/{organization_id}
ResourceSettings []WorkloadResourceSettingArgs: Input only. Resource properties that are used to customize workload resources. These properties (such as custom project id) will be used to create workload resources if possible. This field is optional.
Resources []WorkloadResourceArgs: Output only. The resources associated with this workload. These resources will be created when creating the workload. If any of the projects already exist, the workload creation will fail. Always read only.

billingAccount String: Required. Input only. The billing account used for the resources which are direct children of workload. This billing account is initially associated with the resources created as part of Workload creation. After the initial creation of these resources, the customer can change the assigned billing account. The resource name has the form billingAccounts/{billing_account_id}. For example, 'billingAccounts/012345-567890-ABCDEF`.
complianceRegime String: Required. Immutable. Compliance Regime associated with this workload. Possible values: COMPLIANCE_REGIME_UNSPECIFIED, IL4, CJIS, FEDRAMP_HIGH, FEDRAMP_MODERATE, US_REGIONAL_ACCESS
createTime String: Output only. Immutable. The Workload creation timestamp.
displayName String: Required. The user-assigned display name of the Workload. When present it must be between 4 to 30 characters. Allowed characters are: lowercase and uppercase letters, numbers, hyphen, and spaces. Example: My Workload
kmsSettings WorkloadKmsSettingsArgs: Input only. Settings used to create a CMEK crypto key. When set a project with a KMS CMEK key is provisioned. This field is mandatory for a subset of Compliance Regimes.
labels Map<String,String>: Optional. Labels applied to the workload.
location String: The location for the resource
name String: Output only. The resource name of the workload.
organization String: The organization for the resource
provisionedResourcesParent String: Input only. The parent resource for the resources managed by this Assured Workload. May be either an organization or a folder. Must be the same or a child of the Workload parent. If not specified all resources are created under the Workload parent. Formats: folders/{folder_id}, organizations/{organization_id}
resourceSettings List<WorkloadResourceSettingArgs>: Input only. Resource properties that are used to customize workload resources. These properties (such as custom project id) will be used to create workload resources if possible. This field is optional.
resources List<WorkloadResourceArgs>: Output only. The resources associated with this workload. These resources will be created when creating the workload. If any of the projects already exist, the workload creation will fail. Always read only.

billingAccount string: Required. Input only. The billing account used for the resources which are direct children of workload. This billing account is initially associated with the resources created as part of Workload creation. After the initial creation of these resources, the customer can change the assigned billing account. The resource name has the form billingAccounts/{billing_account_id}. For example, 'billingAccounts/012345-567890-ABCDEF`.
complianceRegime string: Required. Immutable. Compliance Regime associated with this workload. Possible values: COMPLIANCE_REGIME_UNSPECIFIED, IL4, CJIS, FEDRAMP_HIGH, FEDRAMP_MODERATE, US_REGIONAL_ACCESS
createTime string: Output only. Immutable. The Workload creation timestamp.
displayName string: Required. The user-assigned display name of the Workload. When present it must be between 4 to 30 characters. Allowed characters are: lowercase and uppercase letters, numbers, hyphen, and spaces. Example: My Workload
kmsSettings WorkloadKmsSettingsArgs: Input only. Settings used to create a CMEK crypto key. When set a project with a KMS CMEK key is provisioned. This field is mandatory for a subset of Compliance Regimes.
labels {[key: string]: string}: Optional. Labels applied to the workload.
location string: The location for the resource
name string: Output only. The resource name of the workload.
organization string: The organization for the resource
provisionedResourcesParent string: Input only. The parent resource for the resources managed by this Assured Workload. May be either an organization or a folder. Must be the same or a child of the Workload parent. If not specified all resources are created under the Workload parent. Formats: folders/{folder_id}, organizations/{organization_id}
resourceSettings WorkloadResourceSettingArgs[]: Input only. Resource properties that are used to customize workload resources. These properties (such as custom project id) will be used to create workload resources if possible. This field is optional.
resources WorkloadResourceArgs[]: Output only. The resources associated with this workload. These resources will be created when creating the workload. If any of the projects already exist, the workload creation will fail. Always read only.

billing_account str: Required. Input only. The billing account used for the resources which are direct children of workload. This billing account is initially associated with the resources created as part of Workload creation. After the initial creation of these resources, the customer can change the assigned billing account. The resource name has the form billingAccounts/{billing_account_id}. For example, 'billingAccounts/012345-567890-ABCDEF`.
compliance_regime str: Required. Immutable. Compliance Regime associated with this workload. Possible values: COMPLIANCE_REGIME_UNSPECIFIED, IL4, CJIS, FEDRAMP_HIGH, FEDRAMP_MODERATE, US_REGIONAL_ACCESS
create_time str: Output only. Immutable. The Workload creation timestamp.
display_name str: Required. The user-assigned display name of the Workload. When present it must be between 4 to 30 characters. Allowed characters are: lowercase and uppercase letters, numbers, hyphen, and spaces. Example: My Workload
kms_settings WorkloadKmsSettingsArgs: Input only. Settings used to create a CMEK crypto key. When set a project with a KMS CMEK key is provisioned. This field is mandatory for a subset of Compliance Regimes.
labels Mapping[str, str]: Optional. Labels applied to the workload.
location str: The location for the resource
name str: Output only. The resource name of the workload.
organization str: The organization for the resource
provisioned_resources_parent str: Input only. The parent resource for the resources managed by this Assured Workload. May be either an organization or a folder. Must be the same or a child of the Workload parent. If not specified all resources are created under the Workload parent. Formats: folders/{folder_id}, organizations/{organization_id}
resource_settings Sequence[WorkloadResourceSettingArgs]: Input only. Resource properties that are used to customize workload resources. These properties (such as custom project id) will be used to create workload resources if possible. This field is optional.
resources Sequence[WorkloadResourceArgs]: Output only. The resources associated with this workload. These resources will be created when creating the workload. If any of the projects already exist, the workload creation will fail. Always read only.

billingAccount String: Required. Input only. The billing account used for the resources which are direct children of workload. This billing account is initially associated with the resources created as part of Workload creation. After the initial creation of these resources, the customer can change the assigned billing account. The resource name has the form billingAccounts/{billing_account_id}. For example, 'billingAccounts/012345-567890-ABCDEF`.
complianceRegime String: Required. Immutable. Compliance Regime associated with this workload. Possible values: COMPLIANCE_REGIME_UNSPECIFIED, IL4, CJIS, FEDRAMP_HIGH, FEDRAMP_MODERATE, US_REGIONAL_ACCESS
createTime String: Output only. Immutable. The Workload creation timestamp.
displayName String: Required. The user-assigned display name of the Workload. When present it must be between 4 to 30 characters. Allowed characters are: lowercase and uppercase letters, numbers, hyphen, and spaces. Example: My Workload
kmsSettings Property Map: Input only. Settings used to create a CMEK crypto key. When set a project with a KMS CMEK key is provisioned. This field is mandatory for a subset of Compliance Regimes.
labels Map<String>: Optional. Labels applied to the workload.
location String: The location for the resource
name String: Output only. The resource name of the workload.
organization String: The organization for the resource
provisionedResourcesParent String: Input only. The parent resource for the resources managed by this Assured Workload. May be either an organization or a folder. Must be the same or a child of the Workload parent. If not specified all resources are created under the Workload parent. Formats: folders/{folder_id}, organizations/{organization_id}
resourceSettings List<Property Map>: Input only. Resource properties that are used to customize workload resources. These properties (such as custom project id) will be used to create workload resources if possible. This field is optional.
resources List<Property Map>: Output only. The resources associated with this workload. These resources will be created when creating the workload. If any of the projects already exist, the workload creation will fail. Always read only.

Supporting Types

WorkloadKmsSettings

NextRotationTime string: Required. Input only. Immutable. The time at which the Key Management Service will automatically create a new version of the crypto key and mark it as the primary.
RotationPeriod string: Required. Input only. Immutable. will be advanced by this period when the Key Management Service automatically rotates a key. Must be at least 24 hours and at most 876,000 hours.

NextRotationTime string: Required. Input only. Immutable. The time at which the Key Management Service will automatically create a new version of the crypto key and mark it as the primary.
RotationPeriod string: Required. Input only. Immutable. will be advanced by this period when the Key Management Service automatically rotates a key. Must be at least 24 hours and at most 876,000 hours.

nextRotationTime String: Required. Input only. Immutable. The time at which the Key Management Service will automatically create a new version of the crypto key and mark it as the primary.
rotationPeriod String: Required. Input only. Immutable. will be advanced by this period when the Key Management Service automatically rotates a key. Must be at least 24 hours and at most 876,000 hours.

nextRotationTime string: Required. Input only. Immutable. The time at which the Key Management Service will automatically create a new version of the crypto key and mark it as the primary.
rotationPeriod string: Required. Input only. Immutable. will be advanced by this period when the Key Management Service automatically rotates a key. Must be at least 24 hours and at most 876,000 hours.

next_rotation_time str: Required. Input only. Immutable. The time at which the Key Management Service will automatically create a new version of the crypto key and mark it as the primary.
rotation_period str: Required. Input only. Immutable. will be advanced by this period when the Key Management Service automatically rotates a key. Must be at least 24 hours and at most 876,000 hours.

nextRotationTime String: Required. Input only. Immutable. The time at which the Key Management Service will automatically create a new version of the crypto key and mark it as the primary.
rotationPeriod String: Required. Input only. Immutable. will be advanced by this period when the Key Management Service automatically rotates a key. Must be at least 24 hours and at most 876,000 hours.

WorkloadResource

ResourceId int: Resource identifier. For a project this represents project_number. If the project is already taken, the workload creation will fail.
ResourceType string: Indicates the type of resource. This field should be specified to correspond the id to the right project type (CONSUMER_PROJECT or ENCRYPTION_KEYS_PROJECT) Possible values: RESOURCE_TYPE_UNSPECIFIED, CONSUMER_PROJECT, ENCRYPTION_KEYS_PROJECT, KEYRING, CONSUMER_FOLDER

ResourceId int: Resource identifier. For a project this represents project_number. If the project is already taken, the workload creation will fail.
ResourceType string: Indicates the type of resource. This field should be specified to correspond the id to the right project type (CONSUMER_PROJECT or ENCRYPTION_KEYS_PROJECT) Possible values: RESOURCE_TYPE_UNSPECIFIED, CONSUMER_PROJECT, ENCRYPTION_KEYS_PROJECT, KEYRING, CONSUMER_FOLDER

resourceId Integer: Resource identifier. For a project this represents project_number. If the project is already taken, the workload creation will fail.
resourceType String: Indicates the type of resource. This field should be specified to correspond the id to the right project type (CONSUMER_PROJECT or ENCRYPTION_KEYS_PROJECT) Possible values: RESOURCE_TYPE_UNSPECIFIED, CONSUMER_PROJECT, ENCRYPTION_KEYS_PROJECT, KEYRING, CONSUMER_FOLDER

resourceId number: Resource identifier. For a project this represents project_number. If the project is already taken, the workload creation will fail.
resourceType string: Indicates the type of resource. This field should be specified to correspond the id to the right project type (CONSUMER_PROJECT or ENCRYPTION_KEYS_PROJECT) Possible values: RESOURCE_TYPE_UNSPECIFIED, CONSUMER_PROJECT, ENCRYPTION_KEYS_PROJECT, KEYRING, CONSUMER_FOLDER

resource_id int: Resource identifier. For a project this represents project_number. If the project is already taken, the workload creation will fail.
resource_type str: Indicates the type of resource. This field should be specified to correspond the id to the right project type (CONSUMER_PROJECT or ENCRYPTION_KEYS_PROJECT) Possible values: RESOURCE_TYPE_UNSPECIFIED, CONSUMER_PROJECT, ENCRYPTION_KEYS_PROJECT, KEYRING, CONSUMER_FOLDER

resourceId Number: Resource identifier. For a project this represents project_number. If the project is already taken, the workload creation will fail.
resourceType String: Indicates the type of resource. This field should be specified to correspond the id to the right project type (CONSUMER_PROJECT or ENCRYPTION_KEYS_PROJECT) Possible values: RESOURCE_TYPE_UNSPECIFIED, CONSUMER_PROJECT, ENCRYPTION_KEYS_PROJECT, KEYRING, CONSUMER_FOLDER

WorkloadResourceSetting

ResourceId string: Resource identifier. For a project this represents project_number. If the project is already taken, the workload creation will fail.
ResourceType string: Indicates the type of resource. This field should be specified to correspond the id to the right project type (CONSUMER_PROJECT or ENCRYPTION_KEYS_PROJECT) Possible values: RESOURCE_TYPE_UNSPECIFIED, CONSUMER_PROJECT, ENCRYPTION_KEYS_PROJECT, KEYRING, CONSUMER_FOLDER

ResourceId string: Resource identifier. For a project this represents project_number. If the project is already taken, the workload creation will fail.
ResourceType string: Indicates the type of resource. This field should be specified to correspond the id to the right project type (CONSUMER_PROJECT or ENCRYPTION_KEYS_PROJECT) Possible values: RESOURCE_TYPE_UNSPECIFIED, CONSUMER_PROJECT, ENCRYPTION_KEYS_PROJECT, KEYRING, CONSUMER_FOLDER

resourceId String: Resource identifier. For a project this represents project_number. If the project is already taken, the workload creation will fail.
resourceType String: Indicates the type of resource. This field should be specified to correspond the id to the right project type (CONSUMER_PROJECT or ENCRYPTION_KEYS_PROJECT) Possible values: RESOURCE_TYPE_UNSPECIFIED, CONSUMER_PROJECT, ENCRYPTION_KEYS_PROJECT, KEYRING, CONSUMER_FOLDER

resourceId string: Resource identifier. For a project this represents project_number. If the project is already taken, the workload creation will fail.
resourceType string: Indicates the type of resource. This field should be specified to correspond the id to the right project type (CONSUMER_PROJECT or ENCRYPTION_KEYS_PROJECT) Possible values: RESOURCE_TYPE_UNSPECIFIED, CONSUMER_PROJECT, ENCRYPTION_KEYS_PROJECT, KEYRING, CONSUMER_FOLDER

resource_id str: Resource identifier. For a project this represents project_number. If the project is already taken, the workload creation will fail.
resource_type str: Indicates the type of resource. This field should be specified to correspond the id to the right project type (CONSUMER_PROJECT or ENCRYPTION_KEYS_PROJECT) Possible values: RESOURCE_TYPE_UNSPECIFIED, CONSUMER_PROJECT, ENCRYPTION_KEYS_PROJECT, KEYRING, CONSUMER_FOLDER

resourceId String: Resource identifier. For a project this represents project_number. If the project is already taken, the workload creation will fail.
resourceType String: Indicates the type of resource. This field should be specified to correspond the id to the right project type (CONSUMER_PROJECT or ENCRYPTION_KEYS_PROJECT) Possible values: RESOURCE_TYPE_UNSPECIFIED, CONSUMER_PROJECT, ENCRYPTION_KEYS_PROJECT, KEYRING, CONSUMER_FOLDER

Import

Workload can be imported using any of these accepted formats

 $ pulumi import gcp:assuredworkloads/workload:Workload default organizations/{{organization}}/locations/{{location}}/workloads/{{name}}

 $ pulumi import gcp:assuredworkloads/workload:Workload default {{organization}}/{{location}}/{{name}}

Package Details

Repository: Google Cloud (GCP) Classic pulumi/pulumi-gcp
License: Apache-2.0
Notes: This Pulumi package is based on the google-beta Terraform Provider.