REST Resource: locations.workforcePools

Stay organized with collections Save and categorize content based on your preferences.

Resource: WorkforcePool

Represents a collection of external workforces. Provides namespaces for federated users that can be referenced in IAM policies.

JSON representation
{
  "name": string,
  "parent": string,
  "displayName": string,
  "description": string,
  "state": enum (State),
  "disabled": boolean,
  "sessionDuration": string
}
Fields
name

string

Output only. The resource name of the pool.

Format: locations/{location}/workforcePools/{workforcePoolId}

parent

string

Immutable. The resource name of the parent.

Format: organizations/{org-id}.

displayName

string

A user-specified display name of the pool in Google Cloud Console.

Cannot exceed 32 characters.

description

string

A user-specified description of the pool.

Cannot exceed 256 characters.

state

enum (State)

Output only. The state of the pool.

disabled

boolean

Whether the pool is disabled. You cannot use a disabled pool to exchange tokens, or use existing tokens to access resources. If the pool is re-enabled, existing tokens grant access again.

sessionDuration

string (Duration format)

Duration that the Google Cloud access tokens, console sign-in sessions, and gcloud sign-in sessions from this pool are valid.

Must be greater than 15 minutes (900s) and less than 12 hours (43200s). If sessionDuration is not configured, minted credentials have a default duration of one hour (3600s).

A duration in seconds with up to nine fractional digits, ending with 's'. Example: "3.5s".

State

The current state of the pool.

Enums
STATE_UNSPECIFIED State unspecified.
ACTIVE The pool is active and may be used in Google Cloud policies.
DELETED

The pool is soft-deleted. Soft-deleted pools are permanently deleted after approximately 30 days. You can restore a soft-deleted pool using workforcePools.undelete.

You cannot reuse the ID of a soft-deleted pool until it is permanently deleted.

While a pool is deleted, you cannot use it to exchange tokens, or use existing tokens to access resources. If the pool is undeleted, existing tokens grant access again.

Methods

create

Creates a new WorkforcePool.

delete

Deletes a WorkforcePool.

get

Gets an individual WorkforcePool.

getIamPolicy

Gets IAM policies on a WorkforcePool.

list

Lists all non-deleted WorkforcePools under the specified parent.

patch

Updates an existing WorkforcePool.

setIamPolicy

Sets IAM policies on a WorkforcePool.

testIamPermissions

Returns the caller's permissions on the WorkforcePool.

undelete

Undeletes a WorkforcePool, as long as it was deleted fewer than 30 days ago.