This topic describes how to set up
and deploy your first resource. Overview
Assured Workloads requires the creation and registration of a folder
before deploying a Assured Workloads environment. Depending on the
selected compliance regime you choose, you are responsible for creating
encryption keys and resources in the environment.
Note: Assured Workloads environments can only be deployed into folders
that have been successfully registered.
Warning: You should only use Assured Workloads if your Google Cloud use
case is actively subject to regulatory compliance. If you choose to use
Assured Workloads, we recommend you select only the compliance regime
for your use case. This is because the compliance regime you select can
enforce restrictions, including, but not limited to, personnel restrictions,
reporting requirements, the Google Cloud services that are available to
you, and regions where those services are available.
To set up your environment and first workload, do the following:
If you haven't already, set up an organization, as follows:
Cloud Identity and
verify your domain.
Create an organization
prior to using Assured Workloads.
Select a compliance regime.
Create a folder for Assured Workloads environments.
Create a project in the Assured Workloads environment that supports
your compliance regime, as follows:
Create and obtain a customer-managed encryption key (CMEK).
Deploy a resource into your Assured Workloads environment.
Assured Workloads supports a variety of resources. Examples include: