Create a folder for Assured Workloads environments

This topic guides you through setting up a new folder for Assured Workloads environments. You must create a folder before creating any resources using Assured Workloads. For more information about Assured Workloads, see Assured Workloads overview.

Before you begin

Before you can perform the procedure described in this guide, ensure you have done the following:

  1. Create or select an organization.

    In Google Cloud Console, create or select a Google Cloud organization.

    Go to Google Cloud Console

    To learn how to create a Google Cloud organization, see Creating and managing organizations.

  2. Assign Identity and Access Management permissions.

    Assign the Folder Administrator Identity and Access Management (IAM) role, which contains the minimum IAM permission levels to create and access Assured Workloads environments.

    To assign the IAM role, run the following gcloud command:

    gcloud organizations add-iam-policy-binding ORGANIZATION_ID \
      --member=USER \
      --role="roles/resourcemanager.folderAdmin"
    

    Replace the following:

    • ORGANIZATION_ID: your organization identifier
    • USER: the email address of the user for which you would like to set the role—for example, user:example@customer.org

    The roles/resourcemanager.folderAdmin role enables the creation of workload environments.

    To learn more about how to grant, change, or revoke access to resources using IAM roles, see Granting, changing, and revoking access to resources.

Create a new folder

To create a new folder for Assured Workloads environments, do the following:

  1. Go to Resource Manager.

    Go to Resource Manager

    Learn more about creating and managing folders.

  2. Locate the folder you just created.

  3. Copy the ID in the ID field.

  4. Complete the Assured Workloads folder onboarding form.

  5. Configure access to the folder.

What's next