Workload Identity Pool

A Workload Identity Pool in Google Cloud lets you securely federate identities from external identity providers without creating long‑lived service account keys. It allows workloads running outside Google Cloud, such as on‑premises systems or other clouds, to authenticate to Google Cloud services using short‑lived credentials.

gcp.iam_workload_identity_pool

Fields

TitleIDTypeData TypeDescription
_keycorestring
ancestorscorearray<string>
datadog_display_namecorestring
descriptioncorestringOptional. A description of the pool. Cannot exceed 256 characters.
disabledcoreboolOptional. Whether the pool is disabled. You cannot use a disabled pool to exchange tokens, or use existing tokens to access resources. If the pool is re-enabled, existing tokens grant access again.
expire_timecoretimestampOutput only. Time after which the workload identity pool will be permanently purged and cannot be recovered.
gcp_display_namecorestringOptional. A display name for the pool. Cannot exceed 32 characters.
inline_certificate_issuance_configcorejsonOptional. Defines the Certificate Authority (CA) pool resources and configurations required for issuance and rotation of mTLS workload certificates.
inline_trust_configcorejsonOptional. Represents config to add additional trusted trust domains.
labelscorearray<string>
modecorestringImmutable. The mode the pool is operating in.
namecorestringIdentifier. The resource name of the pool.
organization_idcorestring
parentcorestring
project_idcorestring
project_numbercorestring
region_idcorestring
resource_namecorestring
statecorestringOutput only. The state of the pool.
tagscorehstore_csv
zone_idcorestring