Guides

ASSUREDWORKLOADS

Suggest Edits
cloud.google.com
GCP documentation

assuredworkloads.organizations.locations.operations.get

valid {
    input.ReqMap.name == STRING
    input.ProviderMetadata.Region == STRING
}

assuredworkloads.organizations.locations.operations.list

valid {
    input.ReqMap.name == STRING
    input.Qs.filter == STRING
    input.Qs.pageSize == INTEGER
    input.Qs.pageToken == STRING
    input.ProviderMetadata.Region == STRING
}

assuredworkloads.organizations.locations.workloads.analyzeWorkloadMove

valid {
    input.ReqMap.target == STRING
    input.Qs.assetTypes == STRING
    input.Qs.pageSize == INTEGER
    input.Qs.pageToken == STRING
    input.Qs.project == STRING
    input.ProviderMetadata.Region == STRING
}

assuredworkloads.organizations.locations.workloads.create

enum_GoogleCloudAssuredworkloadsV1WorkloadComplianceRegime := [ "COMPLIANCE_REGIME_UNSPECIFIED", "IL4", "CJIS", "FEDRAMP_HIGH", "FEDRAMP_MODERATE", "US_REGIONAL_ACCESS", "HIPAA", "HITRUST", "EU_REGIONS_AND_SUPPORT", "CA_REGIONS_AND_SUPPORT", "ITAR", "AU_REGIONS_AND_US_SUPPORT", "ASSURED_WORKLOADS_FOR_PARTNERS", "ISR_REGIONS", "ISR_REGIONS_AND_SUPPORT", "CA_PROTECTED_B", "IL5", "IL2", "JP_REGIONS_AND_SUPPORT", "KSA_REGIONS_AND_SUPPORT_WITH_SOVEREIGNTY_CONTROLS", "REGIONAL_CONTROLS", "HEALTHCARE_AND_LIFE_SCIENCES_CONTROLS", "HEALTHCARE_AND_LIFE_SCIENCES_CONTROLS_US_SUPPORT", "IRS_1075" ]
enum_GoogleCloudAssuredworkloadsV1WorkloadPartner := [ "PARTNER_UNSPECIFIED", "LOCAL_CONTROLS_BY_S3NS", "SOVEREIGN_CONTROLS_BY_T_SYSTEMS", "SOVEREIGN_CONTROLS_BY_SIA_MINSAIT", "SOVEREIGN_CONTROLS_BY_PSN", "SOVEREIGN_CONTROLS_BY_CNTXT", "SOVEREIGN_CONTROLS_BY_CNTXT_NO_EKM" ]
enum_GoogleCloudAssuredworkloadsV1WorkloadResourceSettingsResourceType := [ "RESOURCE_TYPE_UNSPECIFIED", "CONSUMER_PROJECT", "CONSUMER_FOLDER", "ENCRYPTION_KEYS_PROJECT", "KEYRING" ]
enum_GoogleCloudAssuredworkloadsV1WorkloadWorkloadOptionsKajEnrollmentType := [ "KAJ_ENROLLMENT_TYPE_UNSPECIFIED", "KEY_ACCESS_TRANSPARENCY_OFF" ]

valid {
    input.Body.billingAccount == STRING
    input.Body.complianceRegime == enum_GoogleCloudAssuredworkloadsV1WorkloadComplianceRegime[_]
    input.Body.displayName == STRING
    input.Body.enableSovereignControls == BOOLEAN
    input.Body.etag == STRING
    input.Body.kmsSettings.nextRotationTime == STRING
    input.Body.kmsSettings.rotationPeriod == STRING
    input.Body.labels.STRING == STRING
    input.Body.name == STRING
    input.Body.partner == enum_GoogleCloudAssuredworkloadsV1WorkloadPartner[_]
    input.Body.partnerPermissions.accessTransparencyLogsSupportCaseViewer == BOOLEAN
    input.Body.partnerPermissions.assuredWorkloadsMonitoring == BOOLEAN
    input.Body.partnerPermissions.dataLogsViewer == BOOLEAN
    input.Body.partnerPermissions.serviceAccessApprover == BOOLEAN
    input.Body.partnerServicesBillingAccount == STRING
    input.Body.provisionedResourcesParent == STRING
    input.Body.resourceSettings[_].displayName == STRING
    input.Body.resourceSettings[_].resourceId == STRING
    input.Body.resourceSettings[_].resourceType == enum_GoogleCloudAssuredworkloadsV1WorkloadResourceSettingsResourceType[_]
    input.Body.violationNotificationsEnabled == BOOLEAN
    input.Body.workloadOptions.kajEnrollmentType == enum_GoogleCloudAssuredworkloadsV1WorkloadWorkloadOptionsKajEnrollmentType[_]
    input.ReqMap.parent == STRING
    input.Qs.externalId == STRING
    input.ProviderMetadata.Region == STRING
}

assuredworkloads.organizations.locations.workloads.delete

valid {
    input.ReqMap.name == STRING
    input.Qs.etag == STRING
    input.ProviderMetadata.Region == STRING
}

assuredworkloads.organizations.locations.workloads.enableComplianceUpdates

valid {
    input.ReqMap.name == STRING
    input.ProviderMetadata.Region == STRING
}

assuredworkloads.organizations.locations.workloads.enableResourceMonitoring

valid {
    input.ReqMap.name == STRING
    input.ProviderMetadata.Region == STRING
}

assuredworkloads.organizations.locations.workloads.get

valid {
    input.ReqMap.name == STRING
    input.ProviderMetadata.Region == STRING
}

assuredworkloads.organizations.locations.workloads.list

valid {
    input.ReqMap.parent == STRING
    input.Qs.filter == STRING
    input.Qs.pageSize == INTEGER
    input.Qs.pageToken == STRING
    input.ProviderMetadata.Region == STRING
}

assuredworkloads.organizations.locations.workloads.mutatePartnerPermissions

valid {
    input.Body.etag == STRING
    input.Body.partnerPermissions.accessTransparencyLogsSupportCaseViewer == BOOLEAN
    input.Body.partnerPermissions.assuredWorkloadsMonitoring == BOOLEAN
    input.Body.partnerPermissions.dataLogsViewer == BOOLEAN
    input.Body.partnerPermissions.serviceAccessApprover == BOOLEAN
    input.Body.updateMask == STRING
    input.ReqMap.name == STRING
    input.ProviderMetadata.Region == STRING
}

assuredworkloads.organizations.locations.workloads.patch

enum_GoogleCloudAssuredworkloadsV1WorkloadComplianceRegime := [ "COMPLIANCE_REGIME_UNSPECIFIED", "IL4", "CJIS", "FEDRAMP_HIGH", "FEDRAMP_MODERATE", "US_REGIONAL_ACCESS", "HIPAA", "HITRUST", "EU_REGIONS_AND_SUPPORT", "CA_REGIONS_AND_SUPPORT", "ITAR", "AU_REGIONS_AND_US_SUPPORT", "ASSURED_WORKLOADS_FOR_PARTNERS", "ISR_REGIONS", "ISR_REGIONS_AND_SUPPORT", "CA_PROTECTED_B", "IL5", "IL2", "JP_REGIONS_AND_SUPPORT", "KSA_REGIONS_AND_SUPPORT_WITH_SOVEREIGNTY_CONTROLS", "REGIONAL_CONTROLS", "HEALTHCARE_AND_LIFE_SCIENCES_CONTROLS", "HEALTHCARE_AND_LIFE_SCIENCES_CONTROLS_US_SUPPORT", "IRS_1075" ]
enum_GoogleCloudAssuredworkloadsV1WorkloadPartner := [ "PARTNER_UNSPECIFIED", "LOCAL_CONTROLS_BY_S3NS", "SOVEREIGN_CONTROLS_BY_T_SYSTEMS", "SOVEREIGN_CONTROLS_BY_SIA_MINSAIT", "SOVEREIGN_CONTROLS_BY_PSN", "SOVEREIGN_CONTROLS_BY_CNTXT", "SOVEREIGN_CONTROLS_BY_CNTXT_NO_EKM" ]
enum_GoogleCloudAssuredworkloadsV1WorkloadResourceSettingsResourceType := [ "RESOURCE_TYPE_UNSPECIFIED", "CONSUMER_PROJECT", "CONSUMER_FOLDER", "ENCRYPTION_KEYS_PROJECT", "KEYRING" ]
enum_GoogleCloudAssuredworkloadsV1WorkloadWorkloadOptionsKajEnrollmentType := [ "KAJ_ENROLLMENT_TYPE_UNSPECIFIED", "KEY_ACCESS_TRANSPARENCY_OFF" ]

valid {
    input.Body.billingAccount == STRING
    input.Body.complianceRegime == enum_GoogleCloudAssuredworkloadsV1WorkloadComplianceRegime[_]
    input.Body.displayName == STRING
    input.Body.enableSovereignControls == BOOLEAN
    input.Body.etag == STRING
    input.Body.kmsSettings.nextRotationTime == STRING
    input.Body.kmsSettings.rotationPeriod == STRING
    input.Body.labels.STRING == STRING
    input.Body.name == STRING
    input.Body.partner == enum_GoogleCloudAssuredworkloadsV1WorkloadPartner[_]
    input.Body.partnerPermissions.accessTransparencyLogsSupportCaseViewer == BOOLEAN
    input.Body.partnerPermissions.assuredWorkloadsMonitoring == BOOLEAN
    input.Body.partnerPermissions.dataLogsViewer == BOOLEAN
    input.Body.partnerPermissions.serviceAccessApprover == BOOLEAN
    input.Body.partnerServicesBillingAccount == STRING
    input.Body.provisionedResourcesParent == STRING
    input.Body.resourceSettings[_].displayName == STRING
    input.Body.resourceSettings[_].resourceId == STRING
    input.Body.resourceSettings[_].resourceType == enum_GoogleCloudAssuredworkloadsV1WorkloadResourceSettingsResourceType[_]
    input.Body.violationNotificationsEnabled == BOOLEAN
    input.Body.workloadOptions.kajEnrollmentType == enum_GoogleCloudAssuredworkloadsV1WorkloadWorkloadOptionsKajEnrollmentType[_]
    input.ReqMap.name == STRING
    input.Qs.updateMask == STRING
    input.ProviderMetadata.Region == STRING
}

assuredworkloads.organizations.locations.workloads.restrictAllowedResources

enum_GoogleCloudAssuredworkloadsV1RestrictAllowedResourcesRequestRestrictionType := [ "RESTRICTION_TYPE_UNSPECIFIED", "ALLOW_ALL_GCP_RESOURCES", "ALLOW_COMPLIANT_RESOURCES", "APPEND_COMPLIANT_RESOURCES" ]

valid {
    input.Body.restrictionType == enum_GoogleCloudAssuredworkloadsV1RestrictAllowedResourcesRequestRestrictionType[_]
    input.ReqMap.name == STRING
    input.ProviderMetadata.Region == STRING
}

assuredworkloads.organizations.locations.workloads.updates.apply

enum_GoogleCloudAssuredworkloadsV1beta1ApplyWorkloadUpdateRequestAction := [ "WORKLOAD_UPDATE_ACTION_UNSPECIFIED", "APPLY" ]

valid {
    input.Body.action == enum_GoogleCloudAssuredworkloadsV1beta1ApplyWorkloadUpdateRequestAction[_]
    input.ReqMap.name == STRING
    input.ProviderMetadata.Region == STRING
}

assuredworkloads.organizations.locations.workloads.updates.list

valid {
    input.ReqMap.parent == STRING
    input.Qs.pageSize == INTEGER
    input.Qs.pageToken == STRING
    input.ProviderMetadata.Region == STRING
}

assuredworkloads.organizations.locations.workloads.violations.acknowledge

enum_GoogleCloudAssuredworkloadsV1AcknowledgeViolationRequestAcknowledgeType := [ "ACKNOWLEDGE_TYPE_UNSPECIFIED", "SINGLE_VIOLATION", "EXISTING_CHILD_RESOURCE_VIOLATIONS" ]

valid {
    input.Body.acknowledgeType == enum_GoogleCloudAssuredworkloadsV1AcknowledgeViolationRequestAcknowledgeType[_]
    input.Body.comment == STRING
    input.Body.nonCompliantOrgPolicy == STRING
    input.ReqMap.name == STRING
    input.ProviderMetadata.Region == STRING
}

assuredworkloads.organizations.locations.workloads.violations.get

valid {
    input.ReqMap.name == STRING
    input.ProviderMetadata.Region == STRING
}

assuredworkloads.organizations.locations.workloads.violations.list

valid {
    input.ReqMap.parent == STRING
    input.Qs.filter == STRING
    input.Qs.interval.endTime == STRING
    input.Qs.interval.startTime == STRING
    input.Qs.pageSize == INTEGER
    input.Qs.pageToken == STRING
    input.ProviderMetadata.Region == STRING
}

Updated 20 days ago