REST Resource: locations.workforcePools

Resource: WorkforcePool

Represents a collection of external workforces. Provides namespaces for federated users that can be referenced in IAM policies.

JSON representation 
{
  "name": string,
  "parent": string,
  "displayName": string,
  "description": string,
  "state": enum (State),
  "disabled": boolean,
  "sessionDuration": string
}
Fields
name

string

Output only. The resource name of the pool.

Format: locations/{location}/workforcePools/{workforcePoolId}
parent

string

Immutable. The resource name of the parent.

Format: organizations/{org-id}.
displayName

string

A user-specified display name of the pool in Google Cloud Console.

Cannot exceed 32 characters.
description

string

A user-specified description of the pool.

Cannot exceed 256 characters.
state

enum (State)

Output only. The state of the pool.
disabled

boolean

Disables the workforce pool. You cannot use a disabled pool to exchange tokens, or use existing tokens to access resources. If the pool is re-enabled, existing tokens grant access again.
sessionDuration

string (Duration format)

Duration that the Google Cloud access tokens, console sign-in sessions, and gcloud sign-in sessions from this pool are valid.

Must be greater than 15 minutes (900s) and less than 12 hours (43200s). If sessionDuration is not configured, minted credentials have a default duration of one hour (3600s).

For SAML providers, the lifetime of the token is the minimum of the sessionDuration and the SessionNotOnOrAfter claim in the SAML assertion.

A duration in seconds with up to nine fractional digits, ending with 's'. Example: "3.5s".

State

The current state of the pool.

Enums
STATE_UNSPECIFIED State unspecified.
ACTIVE The pool is active and may be used in Google Cloud policies.
DELETED

The pool is soft-deleted. Soft-deleted pools are permanently deleted after approximately 30 days. You can restore a soft-deleted pool using workforcePools.undelete.

You cannot reuse the ID of a soft-deleted pool until it is permanently deleted.

While a pool is deleted, you cannot use it to exchange tokens, or use existing tokens to access resources. If the pool is undeleted, existing tokens grant access again.

Methods

create

 Creates a new WorkforcePool.

delete

 Deletes a WorkforcePool.

get

 Gets an individual WorkforcePool.

getIamPolicy

 Gets IAM policies on a WorkforcePool.

list

 Lists all non-deleted WorkforcePools under the specified parent.

patch

 Updates an existing WorkforcePool.

setIamPolicy

 Sets IAM policies on a WorkforcePool.

testIamPermissions

 Returns the caller's permissions on the WorkforcePool.

undelete

 Undeletes a WorkforcePool, as long as it was deleted fewer than 30 days ago.