Google Cloud Native v0.32.0, Nov 29 23

Google Cloud Native is in preview. Google Cloud Classic is fully supported.

Google Cloud Native v0.32.0 published on Wednesday, Nov 29, 2023 by Pulumi

pulumi/pulumi-google-native

google-native.workstations/v1beta.WorkstationConfig

Explore with Pulumi AI

Google Cloud Native is in preview. Google Cloud Classic is fully supported.

Google Cloud Native v0.32.0 published on Wednesday, Nov 29, 2023 by Pulumi

pulumi/pulumi-google-native

Create WorkstationConfig Resource

Resources are created with functions called constructors. To learn more about declaring and configuring resources, see Resources.

Constructor syntax

new WorkstationConfig(name: string, args: WorkstationConfigArgs, opts?: CustomResourceOptions);

@overload
def WorkstationConfig(resource_name: str,
                      args: WorkstationConfigArgs,
                      opts: Optional[ResourceOptions] = None)

@overload
def WorkstationConfig(resource_name: str,
                      opts: Optional[ResourceOptions] = None,
                      workstation_cluster_id: Optional[str] = None,
                      workstation_config_id: Optional[str] = None,
                      labels: Optional[Mapping[str, str]] = None,
                      location: Optional[str] = None,
                      enable_audit_agent: Optional[bool] = None,
                      encryption_key: Optional[CustomerEncryptionKeyArgs] = None,
                      ephemeral_directories: Optional[Sequence[EphemeralDirectoryArgs]] = None,
                      etag: Optional[str] = None,
                      host: Optional[HostArgs] = None,
                      idle_timeout: Optional[str] = None,
                      annotations: Optional[Mapping[str, str]] = None,
                      display_name: Optional[str] = None,
                      name: Optional[str] = None,
                      persistent_directories: Optional[Sequence[PersistentDirectoryArgs]] = None,
                      project: Optional[str] = None,
                      readiness_checks: Optional[Sequence[ReadinessCheckArgs]] = None,
                      replica_zones: Optional[Sequence[str]] = None,
                      running_timeout: Optional[str] = None,
                      disable_tcp_connections: Optional[bool] = None,
                      container: Optional[ContainerArgs] = None)

func NewWorkstationConfig(ctx *Context, name string, args WorkstationConfigArgs, opts ...ResourceOption) (*WorkstationConfig, error)

public WorkstationConfig(string name, WorkstationConfigArgs args, CustomResourceOptions? opts = null)

public WorkstationConfig(String name, WorkstationConfigArgs args)
public WorkstationConfig(String name, WorkstationConfigArgs args, CustomResourceOptions options)

type: google-native:workstations/v1beta:WorkstationConfig
properties: # The arguments to resource properties.
options: # Bag of options to control resource's behavior.

Parameters

name string: The unique name of the resource.
args WorkstationConfigArgs: The arguments to resource properties.
opts CustomResourceOptions: Bag of options to control resource's behavior.

resource_name str: The unique name of the resource.
args WorkstationConfigArgs: The arguments to resource properties.
opts ResourceOptions: Bag of options to control resource's behavior.

ctx Context: Context object for the current deployment.
name string: The unique name of the resource.
args WorkstationConfigArgs: The arguments to resource properties.
opts ResourceOption: Bag of options to control resource's behavior.

name string: The unique name of the resource.
args WorkstationConfigArgs: The arguments to resource properties.
opts CustomResourceOptions: Bag of options to control resource's behavior.

name String: The unique name of the resource.
args WorkstationConfigArgs: The arguments to resource properties.
options CustomResourceOptions: Bag of options to control resource's behavior.

Constructor example

The following reference example uses placeholder values for all input properties.

var google_nativeWorkstationConfigResource = new GoogleNative.Workstations.V1Beta.WorkstationConfig("google-nativeWorkstationConfigResource", new()
{
    WorkstationClusterId = "string",
    WorkstationConfigId = "string",
    Labels = 
    {
        { "string", "string" },
    },
    Location = "string",
    EnableAuditAgent = false,
    EncryptionKey = new GoogleNative.Workstations.V1Beta.Inputs.CustomerEncryptionKeyArgs
    {
        KmsKey = "string",
        KmsKeyServiceAccount = "string",
    },
    EphemeralDirectories = new[]
    {
        new GoogleNative.Workstations.V1Beta.Inputs.EphemeralDirectoryArgs
        {
            MountPath = "string",
            GcePd = new GoogleNative.Workstations.V1Beta.Inputs.GcePersistentDiskArgs
            {
                DiskType = "string",
                ReadOnly = false,
                SourceImage = "string",
                SourceSnapshot = "string",
            },
        },
    },
    Etag = "string",
    Host = new GoogleNative.Workstations.V1Beta.Inputs.HostArgs
    {
        GceInstance = new GoogleNative.Workstations.V1Beta.Inputs.GceInstanceArgs
        {
            Accelerators = new[]
            {
                new GoogleNative.Workstations.V1Beta.Inputs.AcceleratorArgs
                {
                    Count = 0,
                    Type = "string",
                },
            },
            BootDiskSizeGb = 0,
            ConfidentialInstanceConfig = new GoogleNative.Workstations.V1Beta.Inputs.GceConfidentialInstanceConfigArgs
            {
                EnableConfidentialCompute = false,
            },
            DisablePublicIpAddresses = false,
            EnableNestedVirtualization = false,
            MachineType = "string",
            PoolSize = 0,
            ServiceAccount = "string",
            ServiceAccountScopes = new[]
            {
                "string",
            },
            ShieldedInstanceConfig = new GoogleNative.Workstations.V1Beta.Inputs.GceShieldedInstanceConfigArgs
            {
                EnableIntegrityMonitoring = false,
                EnableSecureBoot = false,
                EnableVtpm = false,
            },
            Tags = new[]
            {
                "string",
            },
        },
    },
    IdleTimeout = "string",
    Annotations = 
    {
        { "string", "string" },
    },
    DisplayName = "string",
    Name = "string",
    PersistentDirectories = new[]
    {
        new GoogleNative.Workstations.V1Beta.Inputs.PersistentDirectoryArgs
        {
            GcePd = new GoogleNative.Workstations.V1Beta.Inputs.GceRegionalPersistentDiskArgs
            {
                DiskType = "string",
                FsType = "string",
                ReclaimPolicy = GoogleNative.Workstations.V1Beta.GceRegionalPersistentDiskReclaimPolicy.ReclaimPolicyUnspecified,
                SizeGb = 0,
                SourceSnapshot = "string",
            },
            MountPath = "string",
        },
    },
    Project = "string",
    ReadinessChecks = new[]
    {
        new GoogleNative.Workstations.V1Beta.Inputs.ReadinessCheckArgs
        {
            Path = "string",
            Port = 0,
        },
    },
    ReplicaZones = new[]
    {
        "string",
    },
    RunningTimeout = "string",
    DisableTcpConnections = false,
    Container = new GoogleNative.Workstations.V1Beta.Inputs.ContainerArgs
    {
        Args = new[]
        {
            "string",
        },
        Command = new[]
        {
            "string",
        },
        Env = 
        {
            { "string", "string" },
        },
        Image = "string",
        RunAsUser = 0,
        WorkingDir = "string",
    },
});

example, err := workstationsv1beta.NewWorkstationConfig(ctx, "google-nativeWorkstationConfigResource", &workstationsv1beta.WorkstationConfigArgs{
	WorkstationClusterId: pulumi.String("string"),
	WorkstationConfigId:  pulumi.String("string"),
	Labels: pulumi.StringMap{
		"string": pulumi.String("string"),
	},
	Location:         pulumi.String("string"),
	EnableAuditAgent: pulumi.Bool(false),
	EncryptionKey: &workstations.CustomerEncryptionKeyArgs{
		KmsKey:               pulumi.String("string"),
		KmsKeyServiceAccount: pulumi.String("string"),
	},
	EphemeralDirectories: workstations.EphemeralDirectoryArray{
		&workstations.EphemeralDirectoryArgs{
			MountPath: pulumi.String("string"),
			GcePd: &workstations.GcePersistentDiskArgs{
				DiskType:       pulumi.String("string"),
				ReadOnly:       pulumi.Bool(false),
				SourceImage:    pulumi.String("string"),
				SourceSnapshot: pulumi.String("string"),
			},
		},
	},
	Etag: pulumi.String("string"),
	Host: &workstations.HostArgs{
		GceInstance: &workstations.GceInstanceArgs{
			Accelerators: workstations.AcceleratorArray{
				&workstations.AcceleratorArgs{
					Count: pulumi.Int(0),
					Type:  pulumi.String("string"),
				},
			},
			BootDiskSizeGb: pulumi.Int(0),
			ConfidentialInstanceConfig: &workstations.GceConfidentialInstanceConfigArgs{
				EnableConfidentialCompute: pulumi.Bool(false),
			},
			DisablePublicIpAddresses:   pulumi.Bool(false),
			EnableNestedVirtualization: pulumi.Bool(false),
			MachineType:                pulumi.String("string"),
			PoolSize:                   pulumi.Int(0),
			ServiceAccount:             pulumi.String("string"),
			ServiceAccountScopes: pulumi.StringArray{
				pulumi.String("string"),
			},
			ShieldedInstanceConfig: &workstations.GceShieldedInstanceConfigArgs{
				EnableIntegrityMonitoring: pulumi.Bool(false),
				EnableSecureBoot:          pulumi.Bool(false),
				EnableVtpm:                pulumi.Bool(false),
			},
			Tags: pulumi.StringArray{
				pulumi.String("string"),
			},
		},
	},
	IdleTimeout: pulumi.String("string"),
	Annotations: pulumi.StringMap{
		"string": pulumi.String("string"),
	},
	DisplayName: pulumi.String("string"),
	Name:        pulumi.String("string"),
	PersistentDirectories: workstations.PersistentDirectoryArray{
		&workstations.PersistentDirectoryArgs{
			GcePd: &workstations.GceRegionalPersistentDiskArgs{
				DiskType:       pulumi.String("string"),
				FsType:         pulumi.String("string"),
				ReclaimPolicy:  workstationsv1beta.GceRegionalPersistentDiskReclaimPolicyReclaimPolicyUnspecified,
				SizeGb:         pulumi.Int(0),
				SourceSnapshot: pulumi.String("string"),
			},
			MountPath: pulumi.String("string"),
		},
	},
	Project: pulumi.String("string"),
	ReadinessChecks: workstations.ReadinessCheckArray{
		&workstations.ReadinessCheckArgs{
			Path: pulumi.String("string"),
			Port: pulumi.Int(0),
		},
	},
	ReplicaZones: pulumi.StringArray{
		pulumi.String("string"),
	},
	RunningTimeout:        pulumi.String("string"),
	DisableTcpConnections: pulumi.Bool(false),
	Container: &workstations.ContainerArgs{
		Args: pulumi.StringArray{
			pulumi.String("string"),
		},
		Command: pulumi.StringArray{
			pulumi.String("string"),
		},
		Env: pulumi.StringMap{
			"string": pulumi.String("string"),
		},
		Image:      pulumi.String("string"),
		RunAsUser:  pulumi.Int(0),
		WorkingDir: pulumi.String("string"),
	},
})

var google_nativeWorkstationConfigResource = new WorkstationConfig("google-nativeWorkstationConfigResource", WorkstationConfigArgs.builder()
    .workstationClusterId("string")
    .workstationConfigId("string")
    .labels(Map.of("string", "string"))
    .location("string")
    .enableAuditAgent(false)
    .encryptionKey(CustomerEncryptionKeyArgs.builder()
        .kmsKey("string")
        .kmsKeyServiceAccount("string")
        .build())
    .ephemeralDirectories(EphemeralDirectoryArgs.builder()
        .mountPath("string")
        .gcePd(GcePersistentDiskArgs.builder()
            .diskType("string")
            .readOnly(false)
            .sourceImage("string")
            .sourceSnapshot("string")
            .build())
        .build())
    .etag("string")
    .host(HostArgs.builder()
        .gceInstance(GceInstanceArgs.builder()
            .accelerators(AcceleratorArgs.builder()
                .count(0)
                .type("string")
                .build())
            .bootDiskSizeGb(0)
            .confidentialInstanceConfig(GceConfidentialInstanceConfigArgs.builder()
                .enableConfidentialCompute(false)
                .build())
            .disablePublicIpAddresses(false)
            .enableNestedVirtualization(false)
            .machineType("string")
            .poolSize(0)
            .serviceAccount("string")
            .serviceAccountScopes("string")
            .shieldedInstanceConfig(GceShieldedInstanceConfigArgs.builder()
                .enableIntegrityMonitoring(false)
                .enableSecureBoot(false)
                .enableVtpm(false)
                .build())
            .tags("string")
            .build())
        .build())
    .idleTimeout("string")
    .annotations(Map.of("string", "string"))
    .displayName("string")
    .name("string")
    .persistentDirectories(PersistentDirectoryArgs.builder()
        .gcePd(GceRegionalPersistentDiskArgs.builder()
            .diskType("string")
            .fsType("string")
            .reclaimPolicy("RECLAIM_POLICY_UNSPECIFIED")
            .sizeGb(0)
            .sourceSnapshot("string")
            .build())
        .mountPath("string")
        .build())
    .project("string")
    .readinessChecks(ReadinessCheckArgs.builder()
        .path("string")
        .port(0)
        .build())
    .replicaZones("string")
    .runningTimeout("string")
    .disableTcpConnections(false)
    .container(ContainerArgs.builder()
        .args("string")
        .command("string")
        .env(Map.of("string", "string"))
        .image("string")
        .runAsUser(0)
        .workingDir("string")
        .build())
    .build());

google_native_workstation_config_resource = google_native.workstations.v1beta.WorkstationConfig("google-nativeWorkstationConfigResource",
    workstation_cluster_id="string",
    workstation_config_id="string",
    labels={
        "string": "string",
    },
    location="string",
    enable_audit_agent=False,
    encryption_key={
        "kms_key": "string",
        "kms_key_service_account": "string",
    },
    ephemeral_directories=[{
        "mount_path": "string",
        "gce_pd": {
            "disk_type": "string",
            "read_only": False,
            "source_image": "string",
            "source_snapshot": "string",
        },
    }],
    etag="string",
    host={
        "gce_instance": {
            "accelerators": [{
                "count": 0,
                "type": "string",
            }],
            "boot_disk_size_gb": 0,
            "confidential_instance_config": {
                "enable_confidential_compute": False,
            },
            "disable_public_ip_addresses": False,
            "enable_nested_virtualization": False,
            "machine_type": "string",
            "pool_size": 0,
            "service_account": "string",
            "service_account_scopes": ["string"],
            "shielded_instance_config": {
                "enable_integrity_monitoring": False,
                "enable_secure_boot": False,
                "enable_vtpm": False,
            },
            "tags": ["string"],
        },
    },
    idle_timeout="string",
    annotations={
        "string": "string",
    },
    display_name="string",
    name="string",
    persistent_directories=[{
        "gce_pd": {
            "disk_type": "string",
            "fs_type": "string",
            "reclaim_policy": google_native.workstations.v1beta.GceRegionalPersistentDiskReclaimPolicy.RECLAIM_POLICY_UNSPECIFIED,
            "size_gb": 0,
            "source_snapshot": "string",
        },
        "mount_path": "string",
    }],
    project="string",
    readiness_checks=[{
        "path": "string",
        "port": 0,
    }],
    replica_zones=["string"],
    running_timeout="string",
    disable_tcp_connections=False,
    container={
        "args": ["string"],
        "command": ["string"],
        "env": {
            "string": "string",
        },
        "image": "string",
        "run_as_user": 0,
        "working_dir": "string",
    })

const google_nativeWorkstationConfigResource = new google_native.workstations.v1beta.WorkstationConfig("google-nativeWorkstationConfigResource", {
    workstationClusterId: "string",
    workstationConfigId: "string",
    labels: {
        string: "string",
    },
    location: "string",
    enableAuditAgent: false,
    encryptionKey: {
        kmsKey: "string",
        kmsKeyServiceAccount: "string",
    },
    ephemeralDirectories: [{
        mountPath: "string",
        gcePd: {
            diskType: "string",
            readOnly: false,
            sourceImage: "string",
            sourceSnapshot: "string",
        },
    }],
    etag: "string",
    host: {
        gceInstance: {
            accelerators: [{
                count: 0,
                type: "string",
            }],
            bootDiskSizeGb: 0,
            confidentialInstanceConfig: {
                enableConfidentialCompute: false,
            },
            disablePublicIpAddresses: false,
            enableNestedVirtualization: false,
            machineType: "string",
            poolSize: 0,
            serviceAccount: "string",
            serviceAccountScopes: ["string"],
            shieldedInstanceConfig: {
                enableIntegrityMonitoring: false,
                enableSecureBoot: false,
                enableVtpm: false,
            },
            tags: ["string"],
        },
    },
    idleTimeout: "string",
    annotations: {
        string: "string",
    },
    displayName: "string",
    name: "string",
    persistentDirectories: [{
        gcePd: {
            diskType: "string",
            fsType: "string",
            reclaimPolicy: google_native.workstations.v1beta.GceRegionalPersistentDiskReclaimPolicy.ReclaimPolicyUnspecified,
            sizeGb: 0,
            sourceSnapshot: "string",
        },
        mountPath: "string",
    }],
    project: "string",
    readinessChecks: [{
        path: "string",
        port: 0,
    }],
    replicaZones: ["string"],
    runningTimeout: "string",
    disableTcpConnections: false,
    container: {
        args: ["string"],
        command: ["string"],
        env: {
            string: "string",
        },
        image: "string",
        runAsUser: 0,
        workingDir: "string",
    },
});

type: google-native:workstations/v1beta:WorkstationConfig
properties:
    annotations:
        string: string
    container:
        args:
            - string
        command:
            - string
        env:
            string: string
        image: string
        runAsUser: 0
        workingDir: string
    disableTcpConnections: false
    displayName: string
    enableAuditAgent: false
    encryptionKey:
        kmsKey: string
        kmsKeyServiceAccount: string
    ephemeralDirectories:
        - gcePd:
            diskType: string
            readOnly: false
            sourceImage: string
            sourceSnapshot: string
          mountPath: string
    etag: string
    host:
        gceInstance:
            accelerators:
                - count: 0
                  type: string
            bootDiskSizeGb: 0
            confidentialInstanceConfig:
                enableConfidentialCompute: false
            disablePublicIpAddresses: false
            enableNestedVirtualization: false
            machineType: string
            poolSize: 0
            serviceAccount: string
            serviceAccountScopes:
                - string
            shieldedInstanceConfig:
                enableIntegrityMonitoring: false
                enableSecureBoot: false
                enableVtpm: false
            tags:
                - string
    idleTimeout: string
    labels:
        string: string
    location: string
    name: string
    persistentDirectories:
        - gcePd:
            diskType: string
            fsType: string
            reclaimPolicy: RECLAIM_POLICY_UNSPECIFIED
            sizeGb: 0
            sourceSnapshot: string
          mountPath: string
    project: string
    readinessChecks:
        - path: string
          port: 0
    replicaZones:
        - string
    runningTimeout: string
    workstationClusterId: string
    workstationConfigId: string

WorkstationConfig Resource Properties

To learn more about resource properties and how to use them, see Inputs and Outputs in the Architecture and Concepts docs.

Inputs

In Python, inputs that are objects can be passed either as argument classes or as dictionary literals.

The WorkstationConfig resource accepts the following input properties:

WorkstationClusterId string
WorkstationConfigId string: Required. ID to use for the workstation configuration.
Annotations Dictionary<string, string>: Optional. Client-specified annotations.
Container Pulumi.GoogleNative.Workstations.V1Beta.Inputs.Container: Optional. Container that runs upon startup for each workstation using this workstation configuration.
DisableTcpConnections bool: Optional. Disables support for plain TCP connections in the workstation. By default the service supports TCP connections via a websocket relay. Setting this option to true disables that relay, which prevents the usage of services that require plain tcp connections, such as ssh. When enabled, all communication must occur over https or wss.
DisplayName string: Optional. Human-readable name for this workstation configuration.
EnableAuditAgent bool: Optional. Whether to enable Linux auditd logging on the workstation. When enabled, a service account must also be specified that has logging.buckets.write permission on the project. Operating system audit logging is distinct from Cloud Audit Logs.
EncryptionKey Pulumi.GoogleNative.Workstations.V1Beta.Inputs.CustomerEncryptionKey: Immutable. Encrypts resources of this workstation configuration using a customer-managed encryption key (CMEK). If specified, the boot disk of the Compute Engine instance and the persistent disk are encrypted using this encryption key. If this field is not set, the disks are encrypted using a generated key. Customer-managed encryption keys do not protect disk metadata. If the customer-managed encryption key is rotated, when the workstation instance is stopped, the system attempts to recreate the persistent disk with the new version of the key. Be sure to keep older versions of the key until the persistent disk is recreated. Otherwise, data on the persistent disk might be lost. If the encryption key is revoked, the workstation session automatically stops within 7 hours. Immutable after the workstation configuration is created.
EphemeralDirectories List<Pulumi.GoogleNative.Workstations.V1Beta.Inputs.EphemeralDirectory>: Optional. Ephemeral directories which won't persist across workstation sessions.
Etag string: Optional. Checksum computed by the server. May be sent on update and delete requests to make sure that the client has an up-to-date value before proceeding.
Host Pulumi.GoogleNative.Workstations.V1Beta.Inputs.Host: Optional. Runtime host for the workstation.
IdleTimeout string: Optional. Number of seconds to wait before automatically stopping a workstation after it last received user traffic. A value of "0s" indicates that Cloud Workstations VMs created with this configuration should never time out due to idleness. Provide duration terminated by s for seconds—for example, "7200s" (2 hours). The default is "1200s" (20 minutes).
Labels Dictionary<string, string>: Optional. Labels that are applied to the workstation configuration and that are also propagated to the underlying Compute Engine resources.
Location string
Name string: Identifier. Full name of this workstation configuration.
PersistentDirectories List<Pulumi.GoogleNative.Workstations.V1Beta.Inputs.PersistentDirectory>: Optional. Directories to persist across workstation sessions.
Project string
ReadinessChecks List<Pulumi.GoogleNative.Workstations.V1Beta.Inputs.ReadinessCheck>: Optional. Readiness checks to perform when starting a workstation using this workstation configuration. Mark a workstation as running only after all specified readiness checks return 200 status codes.
ReplicaZones List<string>: Optional. Immutable. Specifies the zones used to replicate the VM and disk resources within the region. If set, exactly two zones within the workstation cluster's region must be specified—for example, ['us-central1-a', 'us-central1-f']. If this field is empty, two default zones within the region are used. Immutable after the workstation configuration is created.
RunningTimeout string: Optional. Number of seconds that a workstation can run until it is automatically shut down. We recommend that workstations be shut down daily to reduce costs and so that security updates can be applied upon restart. The idle_timeout and running_timeout fields are independent of each other. Note that the running_timeout field shuts down VMs after the specified time, regardless of whether or not the VMs are idle. Provide duration terminated by s for seconds—for example, "54000s" (15 hours). Defaults to "43200s" (12 hours). A value of "0s" indicates that workstations using this configuration should never time out. If encryption_key is set, it must be greater than "0s" and less than "86400s" (24 hours). Warning: A value of "0s" indicates that Cloud Workstations VMs created with this configuration have no maximum running time. This is strongly discouraged because you incur costs and will not pick up security updates.

WorkstationClusterId string
WorkstationConfigId string: Required. ID to use for the workstation configuration.
Annotations map[string]string: Optional. Client-specified annotations.
Container ContainerArgs: Optional. Container that runs upon startup for each workstation using this workstation configuration.
DisableTcpConnections bool: Optional. Disables support for plain TCP connections in the workstation. By default the service supports TCP connections via a websocket relay. Setting this option to true disables that relay, which prevents the usage of services that require plain tcp connections, such as ssh. When enabled, all communication must occur over https or wss.
DisplayName string: Optional. Human-readable name for this workstation configuration.
EnableAuditAgent bool: Optional. Whether to enable Linux auditd logging on the workstation. When enabled, a service account must also be specified that has logging.buckets.write permission on the project. Operating system audit logging is distinct from Cloud Audit Logs.
EncryptionKey CustomerEncryptionKeyArgs: Immutable. Encrypts resources of this workstation configuration using a customer-managed encryption key (CMEK). If specified, the boot disk of the Compute Engine instance and the persistent disk are encrypted using this encryption key. If this field is not set, the disks are encrypted using a generated key. Customer-managed encryption keys do not protect disk metadata. If the customer-managed encryption key is rotated, when the workstation instance is stopped, the system attempts to recreate the persistent disk with the new version of the key. Be sure to keep older versions of the key until the persistent disk is recreated. Otherwise, data on the persistent disk might be lost. If the encryption key is revoked, the workstation session automatically stops within 7 hours. Immutable after the workstation configuration is created.
EphemeralDirectories []EphemeralDirectoryArgs: Optional. Ephemeral directories which won't persist across workstation sessions.
Etag string: Optional. Checksum computed by the server. May be sent on update and delete requests to make sure that the client has an up-to-date value before proceeding.
Host HostArgs: Optional. Runtime host for the workstation.
IdleTimeout string: Optional. Number of seconds to wait before automatically stopping a workstation after it last received user traffic. A value of "0s" indicates that Cloud Workstations VMs created with this configuration should never time out due to idleness. Provide duration terminated by s for seconds—for example, "7200s" (2 hours). The default is "1200s" (20 minutes).
Labels map[string]string: Optional. Labels that are applied to the workstation configuration and that are also propagated to the underlying Compute Engine resources.
Location string
Name string: Identifier. Full name of this workstation configuration.
PersistentDirectories []PersistentDirectoryArgs: Optional. Directories to persist across workstation sessions.
Project string
ReadinessChecks []ReadinessCheckArgs: Optional. Readiness checks to perform when starting a workstation using this workstation configuration. Mark a workstation as running only after all specified readiness checks return 200 status codes.
ReplicaZones []string: Optional. Immutable. Specifies the zones used to replicate the VM and disk resources within the region. If set, exactly two zones within the workstation cluster's region must be specified—for example, ['us-central1-a', 'us-central1-f']. If this field is empty, two default zones within the region are used. Immutable after the workstation configuration is created.
RunningTimeout string: Optional. Number of seconds that a workstation can run until it is automatically shut down. We recommend that workstations be shut down daily to reduce costs and so that security updates can be applied upon restart. The idle_timeout and running_timeout fields are independent of each other. Note that the running_timeout field shuts down VMs after the specified time, regardless of whether or not the VMs are idle. Provide duration terminated by s for seconds—for example, "54000s" (15 hours). Defaults to "43200s" (12 hours). A value of "0s" indicates that workstations using this configuration should never time out. If encryption_key is set, it must be greater than "0s" and less than "86400s" (24 hours). Warning: A value of "0s" indicates that Cloud Workstations VMs created with this configuration have no maximum running time. This is strongly discouraged because you incur costs and will not pick up security updates.

workstationClusterId String
workstationConfigId String: Required. ID to use for the workstation configuration.
annotations Map<String,String>: Optional. Client-specified annotations.
container Container: Optional. Container that runs upon startup for each workstation using this workstation configuration.
disableTcpConnections Boolean: Optional. Disables support for plain TCP connections in the workstation. By default the service supports TCP connections via a websocket relay. Setting this option to true disables that relay, which prevents the usage of services that require plain tcp connections, such as ssh. When enabled, all communication must occur over https or wss.
displayName String: Optional. Human-readable name for this workstation configuration.
enableAuditAgent Boolean: Optional. Whether to enable Linux auditd logging on the workstation. When enabled, a service account must also be specified that has logging.buckets.write permission on the project. Operating system audit logging is distinct from Cloud Audit Logs.
encryptionKey CustomerEncryptionKey: Immutable. Encrypts resources of this workstation configuration using a customer-managed encryption key (CMEK). If specified, the boot disk of the Compute Engine instance and the persistent disk are encrypted using this encryption key. If this field is not set, the disks are encrypted using a generated key. Customer-managed encryption keys do not protect disk metadata. If the customer-managed encryption key is rotated, when the workstation instance is stopped, the system attempts to recreate the persistent disk with the new version of the key. Be sure to keep older versions of the key until the persistent disk is recreated. Otherwise, data on the persistent disk might be lost. If the encryption key is revoked, the workstation session automatically stops within 7 hours. Immutable after the workstation configuration is created.
ephemeralDirectories List<EphemeralDirectory>: Optional. Ephemeral directories which won't persist across workstation sessions.
etag String: Optional. Checksum computed by the server. May be sent on update and delete requests to make sure that the client has an up-to-date value before proceeding.
host Host: Optional. Runtime host for the workstation.
idleTimeout String: Optional. Number of seconds to wait before automatically stopping a workstation after it last received user traffic. A value of "0s" indicates that Cloud Workstations VMs created with this configuration should never time out due to idleness. Provide duration terminated by s for seconds—for example, "7200s" (2 hours). The default is "1200s" (20 minutes).
labels Map<String,String>: Optional. Labels that are applied to the workstation configuration and that are also propagated to the underlying Compute Engine resources.
location String
name String: Identifier. Full name of this workstation configuration.
persistentDirectories List<PersistentDirectory>: Optional. Directories to persist across workstation sessions.
project String
readinessChecks List<ReadinessCheck>: Optional. Readiness checks to perform when starting a workstation using this workstation configuration. Mark a workstation as running only after all specified readiness checks return 200 status codes.
replicaZones List<String>: Optional. Immutable. Specifies the zones used to replicate the VM and disk resources within the region. If set, exactly two zones within the workstation cluster's region must be specified—for example, ['us-central1-a', 'us-central1-f']. If this field is empty, two default zones within the region are used. Immutable after the workstation configuration is created.
runningTimeout String: Optional. Number of seconds that a workstation can run until it is automatically shut down. We recommend that workstations be shut down daily to reduce costs and so that security updates can be applied upon restart. The idle_timeout and running_timeout fields are independent of each other. Note that the running_timeout field shuts down VMs after the specified time, regardless of whether or not the VMs are idle. Provide duration terminated by s for seconds—for example, "54000s" (15 hours). Defaults to "43200s" (12 hours). A value of "0s" indicates that workstations using this configuration should never time out. If encryption_key is set, it must be greater than "0s" and less than "86400s" (24 hours). Warning: A value of "0s" indicates that Cloud Workstations VMs created with this configuration have no maximum running time. This is strongly discouraged because you incur costs and will not pick up security updates.

workstationClusterId string
workstationConfigId string: Required. ID to use for the workstation configuration.
annotations {[key: string]: string}: Optional. Client-specified annotations.
container Container: Optional. Container that runs upon startup for each workstation using this workstation configuration.
disableTcpConnections boolean: Optional. Disables support for plain TCP connections in the workstation. By default the service supports TCP connections via a websocket relay. Setting this option to true disables that relay, which prevents the usage of services that require plain tcp connections, such as ssh. When enabled, all communication must occur over https or wss.
displayName string: Optional. Human-readable name for this workstation configuration.
enableAuditAgent boolean: Optional. Whether to enable Linux auditd logging on the workstation. When enabled, a service account must also be specified that has logging.buckets.write permission on the project. Operating system audit logging is distinct from Cloud Audit Logs.
encryptionKey CustomerEncryptionKey: Immutable. Encrypts resources of this workstation configuration using a customer-managed encryption key (CMEK). If specified, the boot disk of the Compute Engine instance and the persistent disk are encrypted using this encryption key. If this field is not set, the disks are encrypted using a generated key. Customer-managed encryption keys do not protect disk metadata. If the customer-managed encryption key is rotated, when the workstation instance is stopped, the system attempts to recreate the persistent disk with the new version of the key. Be sure to keep older versions of the key until the persistent disk is recreated. Otherwise, data on the persistent disk might be lost. If the encryption key is revoked, the workstation session automatically stops within 7 hours. Immutable after the workstation configuration is created.
ephemeralDirectories EphemeralDirectory[]: Optional. Ephemeral directories which won't persist across workstation sessions.
etag string: Optional. Checksum computed by the server. May be sent on update and delete requests to make sure that the client has an up-to-date value before proceeding.
host Host: Optional. Runtime host for the workstation.
idleTimeout string: Optional. Number of seconds to wait before automatically stopping a workstation after it last received user traffic. A value of "0s" indicates that Cloud Workstations VMs created with this configuration should never time out due to idleness. Provide duration terminated by s for seconds—for example, "7200s" (2 hours). The default is "1200s" (20 minutes).
labels {[key: string]: string}: Optional. Labels that are applied to the workstation configuration and that are also propagated to the underlying Compute Engine resources.
location string
name string: Identifier. Full name of this workstation configuration.
persistentDirectories PersistentDirectory[]: Optional. Directories to persist across workstation sessions.
project string
readinessChecks ReadinessCheck[]: Optional. Readiness checks to perform when starting a workstation using this workstation configuration. Mark a workstation as running only after all specified readiness checks return 200 status codes.
replicaZones string[]: Optional. Immutable. Specifies the zones used to replicate the VM and disk resources within the region. If set, exactly two zones within the workstation cluster's region must be specified—for example, ['us-central1-a', 'us-central1-f']. If this field is empty, two default zones within the region are used. Immutable after the workstation configuration is created.
runningTimeout string: Optional. Number of seconds that a workstation can run until it is automatically shut down. We recommend that workstations be shut down daily to reduce costs and so that security updates can be applied upon restart. The idle_timeout and running_timeout fields are independent of each other. Note that the running_timeout field shuts down VMs after the specified time, regardless of whether or not the VMs are idle. Provide duration terminated by s for seconds—for example, "54000s" (15 hours). Defaults to "43200s" (12 hours). A value of "0s" indicates that workstations using this configuration should never time out. If encryption_key is set, it must be greater than "0s" and less than "86400s" (24 hours). Warning: A value of "0s" indicates that Cloud Workstations VMs created with this configuration have no maximum running time. This is strongly discouraged because you incur costs and will not pick up security updates.

workstation_cluster_id str
workstation_config_id str: Required. ID to use for the workstation configuration.
annotations Mapping[str, str]: Optional. Client-specified annotations.
container ContainerArgs: Optional. Container that runs upon startup for each workstation using this workstation configuration.
disable_tcp_connections bool: Optional. Disables support for plain TCP connections in the workstation. By default the service supports TCP connections via a websocket relay. Setting this option to true disables that relay, which prevents the usage of services that require plain tcp connections, such as ssh. When enabled, all communication must occur over https or wss.
display_name str: Optional. Human-readable name for this workstation configuration.
enable_audit_agent bool: Optional. Whether to enable Linux auditd logging on the workstation. When enabled, a service account must also be specified that has logging.buckets.write permission on the project. Operating system audit logging is distinct from Cloud Audit Logs.
encryption_key CustomerEncryptionKeyArgs: Immutable. Encrypts resources of this workstation configuration using a customer-managed encryption key (CMEK). If specified, the boot disk of the Compute Engine instance and the persistent disk are encrypted using this encryption key. If this field is not set, the disks are encrypted using a generated key. Customer-managed encryption keys do not protect disk metadata. If the customer-managed encryption key is rotated, when the workstation instance is stopped, the system attempts to recreate the persistent disk with the new version of the key. Be sure to keep older versions of the key until the persistent disk is recreated. Otherwise, data on the persistent disk might be lost. If the encryption key is revoked, the workstation session automatically stops within 7 hours. Immutable after the workstation configuration is created.
ephemeral_directories Sequence[EphemeralDirectoryArgs]: Optional. Ephemeral directories which won't persist across workstation sessions.
etag str: Optional. Checksum computed by the server. May be sent on update and delete requests to make sure that the client has an up-to-date value before proceeding.
host HostArgs: Optional. Runtime host for the workstation.
idle_timeout str: Optional. Number of seconds to wait before automatically stopping a workstation after it last received user traffic. A value of "0s" indicates that Cloud Workstations VMs created with this configuration should never time out due to idleness. Provide duration terminated by s for seconds—for example, "7200s" (2 hours). The default is "1200s" (20 minutes).
labels Mapping[str, str]: Optional. Labels that are applied to the workstation configuration and that are also propagated to the underlying Compute Engine resources.
location str
name str: Identifier. Full name of this workstation configuration.
persistent_directories Sequence[PersistentDirectoryArgs]: Optional. Directories to persist across workstation sessions.
project str
readiness_checks Sequence[ReadinessCheckArgs]: Optional. Readiness checks to perform when starting a workstation using this workstation configuration. Mark a workstation as running only after all specified readiness checks return 200 status codes.
replica_zones Sequence[str]: Optional. Immutable. Specifies the zones used to replicate the VM and disk resources within the region. If set, exactly two zones within the workstation cluster's region must be specified—for example, ['us-central1-a', 'us-central1-f']. If this field is empty, two default zones within the region are used. Immutable after the workstation configuration is created.
running_timeout str: Optional. Number of seconds that a workstation can run until it is automatically shut down. We recommend that workstations be shut down daily to reduce costs and so that security updates can be applied upon restart. The idle_timeout and running_timeout fields are independent of each other. Note that the running_timeout field shuts down VMs after the specified time, regardless of whether or not the VMs are idle. Provide duration terminated by s for seconds—for example, "54000s" (15 hours). Defaults to "43200s" (12 hours). A value of "0s" indicates that workstations using this configuration should never time out. If encryption_key is set, it must be greater than "0s" and less than "86400s" (24 hours). Warning: A value of "0s" indicates that Cloud Workstations VMs created with this configuration have no maximum running time. This is strongly discouraged because you incur costs and will not pick up security updates.

workstationClusterId String
workstationConfigId String: Required. ID to use for the workstation configuration.
annotations Map<String>: Optional. Client-specified annotations.
container Property Map: Optional. Container that runs upon startup for each workstation using this workstation configuration.
disableTcpConnections Boolean: Optional. Disables support for plain TCP connections in the workstation. By default the service supports TCP connections via a websocket relay. Setting this option to true disables that relay, which prevents the usage of services that require plain tcp connections, such as ssh. When enabled, all communication must occur over https or wss.
displayName String: Optional. Human-readable name for this workstation configuration.
enableAuditAgent Boolean: Optional. Whether to enable Linux auditd logging on the workstation. When enabled, a service account must also be specified that has logging.buckets.write permission on the project. Operating system audit logging is distinct from Cloud Audit Logs.
encryptionKey Property Map: Immutable. Encrypts resources of this workstation configuration using a customer-managed encryption key (CMEK). If specified, the boot disk of the Compute Engine instance and the persistent disk are encrypted using this encryption key. If this field is not set, the disks are encrypted using a generated key. Customer-managed encryption keys do not protect disk metadata. If the customer-managed encryption key is rotated, when the workstation instance is stopped, the system attempts to recreate the persistent disk with the new version of the key. Be sure to keep older versions of the key until the persistent disk is recreated. Otherwise, data on the persistent disk might be lost. If the encryption key is revoked, the workstation session automatically stops within 7 hours. Immutable after the workstation configuration is created.
ephemeralDirectories List<Property Map>: Optional. Ephemeral directories which won't persist across workstation sessions.
etag String: Optional. Checksum computed by the server. May be sent on update and delete requests to make sure that the client has an up-to-date value before proceeding.
host Property Map: Optional. Runtime host for the workstation.
idleTimeout String: Optional. Number of seconds to wait before automatically stopping a workstation after it last received user traffic. A value of "0s" indicates that Cloud Workstations VMs created with this configuration should never time out due to idleness. Provide duration terminated by s for seconds—for example, "7200s" (2 hours). The default is "1200s" (20 minutes).
labels Map<String>: Optional. Labels that are applied to the workstation configuration and that are also propagated to the underlying Compute Engine resources.
location String
name String: Identifier. Full name of this workstation configuration.
persistentDirectories List<Property Map>: Optional. Directories to persist across workstation sessions.
project String
readinessChecks List<Property Map>: Optional. Readiness checks to perform when starting a workstation using this workstation configuration. Mark a workstation as running only after all specified readiness checks return 200 status codes.
replicaZones List<String>: Optional. Immutable. Specifies the zones used to replicate the VM and disk resources within the region. If set, exactly two zones within the workstation cluster's region must be specified—for example, ['us-central1-a', 'us-central1-f']. If this field is empty, two default zones within the region are used. Immutable after the workstation configuration is created.
runningTimeout String: Optional. Number of seconds that a workstation can run until it is automatically shut down. We recommend that workstations be shut down daily to reduce costs and so that security updates can be applied upon restart. The idle_timeout and running_timeout fields are independent of each other. Note that the running_timeout field shuts down VMs after the specified time, regardless of whether or not the VMs are idle. Provide duration terminated by s for seconds—for example, "54000s" (15 hours). Defaults to "43200s" (12 hours). A value of "0s" indicates that workstations using this configuration should never time out. If encryption_key is set, it must be greater than "0s" and less than "86400s" (24 hours). Warning: A value of "0s" indicates that Cloud Workstations VMs created with this configuration have no maximum running time. This is strongly discouraged because you incur costs and will not pick up security updates.

Outputs

All input properties are implicitly available as output properties. Additionally, the WorkstationConfig resource produces the following output properties:

Conditions List<Pulumi.GoogleNative.Workstations.V1Beta.Outputs.StatusResponse>: Status conditions describing the current resource state.
CreateTime string: Time when this workstation configuration was created.
Degraded bool: Whether this resource is degraded, in which case it may require user action to restore full functionality. See also the conditions field.
DeleteTime string: Time when this workstation configuration was soft-deleted.
Id string: The provider-assigned unique ID for this managed resource.
Reconciling bool: Indicates whether this workstation configuration is currently being updated to match its intended state.
Uid string: A system-assigned unique identifier for this workstation configuration.
UpdateTime string: Time when this workstation configuration was most recently updated.

Conditions []StatusResponse: Status conditions describing the current resource state.
CreateTime string: Time when this workstation configuration was created.
Degraded bool: Whether this resource is degraded, in which case it may require user action to restore full functionality. See also the conditions field.
DeleteTime string: Time when this workstation configuration was soft-deleted.
Id string: The provider-assigned unique ID for this managed resource.
Reconciling bool: Indicates whether this workstation configuration is currently being updated to match its intended state.
Uid string: A system-assigned unique identifier for this workstation configuration.
UpdateTime string: Time when this workstation configuration was most recently updated.

conditions List<StatusResponse>: Status conditions describing the current resource state.
createTime String: Time when this workstation configuration was created.
degraded Boolean: Whether this resource is degraded, in which case it may require user action to restore full functionality. See also the conditions field.
deleteTime String: Time when this workstation configuration was soft-deleted.
id String: The provider-assigned unique ID for this managed resource.
reconciling Boolean: Indicates whether this workstation configuration is currently being updated to match its intended state.
uid String: A system-assigned unique identifier for this workstation configuration.
updateTime String: Time when this workstation configuration was most recently updated.

conditions StatusResponse[]: Status conditions describing the current resource state.
createTime string: Time when this workstation configuration was created.
degraded boolean: Whether this resource is degraded, in which case it may require user action to restore full functionality. See also the conditions field.
deleteTime string: Time when this workstation configuration was soft-deleted.
id string: The provider-assigned unique ID for this managed resource.
reconciling boolean: Indicates whether this workstation configuration is currently being updated to match its intended state.
uid string: A system-assigned unique identifier for this workstation configuration.
updateTime string: Time when this workstation configuration was most recently updated.

conditions Sequence[StatusResponse]: Status conditions describing the current resource state.
create_time str: Time when this workstation configuration was created.
degraded bool: Whether this resource is degraded, in which case it may require user action to restore full functionality. See also the conditions field.
delete_time str: Time when this workstation configuration was soft-deleted.
id str: The provider-assigned unique ID for this managed resource.
reconciling bool: Indicates whether this workstation configuration is currently being updated to match its intended state.
uid str: A system-assigned unique identifier for this workstation configuration.
update_time str: Time when this workstation configuration was most recently updated.

conditions List<Property Map>: Status conditions describing the current resource state.
createTime String: Time when this workstation configuration was created.
degraded Boolean: Whether this resource is degraded, in which case it may require user action to restore full functionality. See also the conditions field.
deleteTime String: Time when this workstation configuration was soft-deleted.
id String: The provider-assigned unique ID for this managed resource.
reconciling Boolean: Indicates whether this workstation configuration is currently being updated to match its intended state.
uid String: A system-assigned unique identifier for this workstation configuration.
updateTime String: Time when this workstation configuration was most recently updated.

Supporting Types

Accelerator, AcceleratorArgs

Count int: Optional. Number of accelerator cards exposed to the instance.
Type string: Optional. Type of accelerator resource to attach to the instance, for example, "nvidia-tesla-p100".

Count int: Optional. Number of accelerator cards exposed to the instance.
Type string: Optional. Type of accelerator resource to attach to the instance, for example, "nvidia-tesla-p100".

count Integer: Optional. Number of accelerator cards exposed to the instance.
type String: Optional. Type of accelerator resource to attach to the instance, for example, "nvidia-tesla-p100".

count number: Optional. Number of accelerator cards exposed to the instance.
type string: Optional. Type of accelerator resource to attach to the instance, for example, "nvidia-tesla-p100".

count int: Optional. Number of accelerator cards exposed to the instance.
type str: Optional. Type of accelerator resource to attach to the instance, for example, "nvidia-tesla-p100".

count Number: Optional. Number of accelerator cards exposed to the instance.
type String: Optional. Type of accelerator resource to attach to the instance, for example, "nvidia-tesla-p100".

AcceleratorResponse, AcceleratorResponseArgs

Count int: Optional. Number of accelerator cards exposed to the instance.
Type string: Optional. Type of accelerator resource to attach to the instance, for example, "nvidia-tesla-p100".

Count int: Optional. Number of accelerator cards exposed to the instance.
Type string: Optional. Type of accelerator resource to attach to the instance, for example, "nvidia-tesla-p100".

count Integer: Optional. Number of accelerator cards exposed to the instance.
type String: Optional. Type of accelerator resource to attach to the instance, for example, "nvidia-tesla-p100".

count number: Optional. Number of accelerator cards exposed to the instance.
type string: Optional. Type of accelerator resource to attach to the instance, for example, "nvidia-tesla-p100".

count int: Optional. Number of accelerator cards exposed to the instance.
type str: Optional. Type of accelerator resource to attach to the instance, for example, "nvidia-tesla-p100".

count Number: Optional. Number of accelerator cards exposed to the instance.
type String: Optional. Type of accelerator resource to attach to the instance, for example, "nvidia-tesla-p100".

Container, ContainerArgs

Args List<string>: Optional. Arguments passed to the entrypoint.
Command List<string>: Optional. If set, overrides the default ENTRYPOINT specified by the image.
Env Dictionary<string, string>: Optional. Environment variables passed to the container's entrypoint.
Image string: Optional. A Docker container image that defines a custom environment. Cloud Workstations provides a number of preconfigured images, but you can create your own custom container images. If using a private image, the host.gceInstance.serviceAccount field must be specified in the workstation configuration. If using a custom container image, the service account must have Artifact Registry Reader permission to pull the specified image. Otherwise, the image must be publicly accessible.
RunAsUser int: Optional. If set, overrides the USER specified in the image with the given uid.
WorkingDir string: Optional. If set, overrides the default DIR specified by the image.

Args []string: Optional. Arguments passed to the entrypoint.
Command []string: Optional. If set, overrides the default ENTRYPOINT specified by the image.
Env map[string]string: Optional. Environment variables passed to the container's entrypoint.
Image string: Optional. A Docker container image that defines a custom environment. Cloud Workstations provides a number of preconfigured images, but you can create your own custom container images. If using a private image, the host.gceInstance.serviceAccount field must be specified in the workstation configuration. If using a custom container image, the service account must have Artifact Registry Reader permission to pull the specified image. Otherwise, the image must be publicly accessible.
RunAsUser int: Optional. If set, overrides the USER specified in the image with the given uid.
WorkingDir string: Optional. If set, overrides the default DIR specified by the image.

args List<String>: Optional. Arguments passed to the entrypoint.
command List<String>: Optional. If set, overrides the default ENTRYPOINT specified by the image.
env Map<String,String>: Optional. Environment variables passed to the container's entrypoint.
image String: Optional. A Docker container image that defines a custom environment. Cloud Workstations provides a number of preconfigured images, but you can create your own custom container images. If using a private image, the host.gceInstance.serviceAccount field must be specified in the workstation configuration. If using a custom container image, the service account must have Artifact Registry Reader permission to pull the specified image. Otherwise, the image must be publicly accessible.
runAsUser Integer: Optional. If set, overrides the USER specified in the image with the given uid.
workingDir String: Optional. If set, overrides the default DIR specified by the image.

args string[]: Optional. Arguments passed to the entrypoint.
command string[]: Optional. If set, overrides the default ENTRYPOINT specified by the image.
env {[key: string]: string}: Optional. Environment variables passed to the container's entrypoint.
image string: Optional. A Docker container image that defines a custom environment. Cloud Workstations provides a number of preconfigured images, but you can create your own custom container images. If using a private image, the host.gceInstance.serviceAccount field must be specified in the workstation configuration. If using a custom container image, the service account must have Artifact Registry Reader permission to pull the specified image. Otherwise, the image must be publicly accessible.
runAsUser number: Optional. If set, overrides the USER specified in the image with the given uid.
workingDir string: Optional. If set, overrides the default DIR specified by the image.

args Sequence[str]: Optional. Arguments passed to the entrypoint.
command Sequence[str]: Optional. If set, overrides the default ENTRYPOINT specified by the image.
env Mapping[str, str]: Optional. Environment variables passed to the container's entrypoint.
image str: Optional. A Docker container image that defines a custom environment. Cloud Workstations provides a number of preconfigured images, but you can create your own custom container images. If using a private image, the host.gceInstance.serviceAccount field must be specified in the workstation configuration. If using a custom container image, the service account must have Artifact Registry Reader permission to pull the specified image. Otherwise, the image must be publicly accessible.
run_as_user int: Optional. If set, overrides the USER specified in the image with the given uid.
working_dir str: Optional. If set, overrides the default DIR specified by the image.

args List<String>: Optional. Arguments passed to the entrypoint.
command List<String>: Optional. If set, overrides the default ENTRYPOINT specified by the image.
env Map<String>: Optional. Environment variables passed to the container's entrypoint.
image String: Optional. A Docker container image that defines a custom environment. Cloud Workstations provides a number of preconfigured images, but you can create your own custom container images. If using a private image, the host.gceInstance.serviceAccount field must be specified in the workstation configuration. If using a custom container image, the service account must have Artifact Registry Reader permission to pull the specified image. Otherwise, the image must be publicly accessible.
runAsUser Number: Optional. If set, overrides the USER specified in the image with the given uid.
workingDir String: Optional. If set, overrides the default DIR specified by the image.

ContainerResponse, ContainerResponseArgs

Args List<string>: Optional. Arguments passed to the entrypoint.
Command List<string>: Optional. If set, overrides the default ENTRYPOINT specified by the image.
Env Dictionary<string, string>: Optional. Environment variables passed to the container's entrypoint.
Image string: Optional. A Docker container image that defines a custom environment. Cloud Workstations provides a number of preconfigured images, but you can create your own custom container images. If using a private image, the host.gceInstance.serviceAccount field must be specified in the workstation configuration. If using a custom container image, the service account must have Artifact Registry Reader permission to pull the specified image. Otherwise, the image must be publicly accessible.
RunAsUser int: Optional. If set, overrides the USER specified in the image with the given uid.
WorkingDir string: Optional. If set, overrides the default DIR specified by the image.

Args []string: Optional. Arguments passed to the entrypoint.
Command []string: Optional. If set, overrides the default ENTRYPOINT specified by the image.
Env map[string]string: Optional. Environment variables passed to the container's entrypoint.
Image string: Optional. A Docker container image that defines a custom environment. Cloud Workstations provides a number of preconfigured images, but you can create your own custom container images. If using a private image, the host.gceInstance.serviceAccount field must be specified in the workstation configuration. If using a custom container image, the service account must have Artifact Registry Reader permission to pull the specified image. Otherwise, the image must be publicly accessible.
RunAsUser int: Optional. If set, overrides the USER specified in the image with the given uid.
WorkingDir string: Optional. If set, overrides the default DIR specified by the image.

args List<String>: Optional. Arguments passed to the entrypoint.
command List<String>: Optional. If set, overrides the default ENTRYPOINT specified by the image.
env Map<String,String>: Optional. Environment variables passed to the container's entrypoint.
image String: Optional. A Docker container image that defines a custom environment. Cloud Workstations provides a number of preconfigured images, but you can create your own custom container images. If using a private image, the host.gceInstance.serviceAccount field must be specified in the workstation configuration. If using a custom container image, the service account must have Artifact Registry Reader permission to pull the specified image. Otherwise, the image must be publicly accessible.
runAsUser Integer: Optional. If set, overrides the USER specified in the image with the given uid.
workingDir String: Optional. If set, overrides the default DIR specified by the image.

args string[]: Optional. Arguments passed to the entrypoint.
command string[]: Optional. If set, overrides the default ENTRYPOINT specified by the image.
env {[key: string]: string}: Optional. Environment variables passed to the container's entrypoint.
image string: Optional. A Docker container image that defines a custom environment. Cloud Workstations provides a number of preconfigured images, but you can create your own custom container images. If using a private image, the host.gceInstance.serviceAccount field must be specified in the workstation configuration. If using a custom container image, the service account must have Artifact Registry Reader permission to pull the specified image. Otherwise, the image must be publicly accessible.
runAsUser number: Optional. If set, overrides the USER specified in the image with the given uid.
workingDir string: Optional. If set, overrides the default DIR specified by the image.

args Sequence[str]: Optional. Arguments passed to the entrypoint.
command Sequence[str]: Optional. If set, overrides the default ENTRYPOINT specified by the image.
env Mapping[str, str]: Optional. Environment variables passed to the container's entrypoint.
image str: Optional. A Docker container image that defines a custom environment. Cloud Workstations provides a number of preconfigured images, but you can create your own custom container images. If using a private image, the host.gceInstance.serviceAccount field must be specified in the workstation configuration. If using a custom container image, the service account must have Artifact Registry Reader permission to pull the specified image. Otherwise, the image must be publicly accessible.
run_as_user int: Optional. If set, overrides the USER specified in the image with the given uid.
working_dir str: Optional. If set, overrides the default DIR specified by the image.

args List<String>: Optional. Arguments passed to the entrypoint.
command List<String>: Optional. If set, overrides the default ENTRYPOINT specified by the image.
env Map<String>: Optional. Environment variables passed to the container's entrypoint.
image String: Optional. A Docker container image that defines a custom environment. Cloud Workstations provides a number of preconfigured images, but you can create your own custom container images. If using a private image, the host.gceInstance.serviceAccount field must be specified in the workstation configuration. If using a custom container image, the service account must have Artifact Registry Reader permission to pull the specified image. Otherwise, the image must be publicly accessible.
runAsUser Number: Optional. If set, overrides the USER specified in the image with the given uid.
workingDir String: Optional. If set, overrides the default DIR specified by the image.

CustomerEncryptionKey, CustomerEncryptionKeyArgs

KmsKey string: Immutable. The name of the Google Cloud KMS encryption key. For example, "projects/PROJECT_ID/locations/REGION/keyRings/KEY_RING/cryptoKeys/KEY_NAME". The key must be in the same region as the workstation configuration.
KmsKeyServiceAccount string: Immutable. The service account to use with the specified KMS key. We recommend that you use a separate service account and follow KMS best practices. For more information, see Separation of duties and gcloud kms keys add-iam-policy-binding --member.

KmsKey string: Immutable. The name of the Google Cloud KMS encryption key. For example, "projects/PROJECT_ID/locations/REGION/keyRings/KEY_RING/cryptoKeys/KEY_NAME". The key must be in the same region as the workstation configuration.
KmsKeyServiceAccount string: Immutable. The service account to use with the specified KMS key. We recommend that you use a separate service account and follow KMS best practices. For more information, see Separation of duties and gcloud kms keys add-iam-policy-binding --member.

kmsKey String: Immutable. The name of the Google Cloud KMS encryption key. For example, "projects/PROJECT_ID/locations/REGION/keyRings/KEY_RING/cryptoKeys/KEY_NAME". The key must be in the same region as the workstation configuration.
kmsKeyServiceAccount String: Immutable. The service account to use with the specified KMS key. We recommend that you use a separate service account and follow KMS best practices. For more information, see Separation of duties and gcloud kms keys add-iam-policy-binding --member.

kmsKey string: Immutable. The name of the Google Cloud KMS encryption key. For example, "projects/PROJECT_ID/locations/REGION/keyRings/KEY_RING/cryptoKeys/KEY_NAME". The key must be in the same region as the workstation configuration.
kmsKeyServiceAccount string: Immutable. The service account to use with the specified KMS key. We recommend that you use a separate service account and follow KMS best practices. For more information, see Separation of duties and gcloud kms keys add-iam-policy-binding --member.

kms_key str: Immutable. The name of the Google Cloud KMS encryption key. For example, "projects/PROJECT_ID/locations/REGION/keyRings/KEY_RING/cryptoKeys/KEY_NAME". The key must be in the same region as the workstation configuration.
kms_key_service_account str: Immutable. The service account to use with the specified KMS key. We recommend that you use a separate service account and follow KMS best practices. For more information, see Separation of duties and gcloud kms keys add-iam-policy-binding --member.

kmsKey String: Immutable. The name of the Google Cloud KMS encryption key. For example, "projects/PROJECT_ID/locations/REGION/keyRings/KEY_RING/cryptoKeys/KEY_NAME". The key must be in the same region as the workstation configuration.
kmsKeyServiceAccount String: Immutable. The service account to use with the specified KMS key. We recommend that you use a separate service account and follow KMS best practices. For more information, see Separation of duties and gcloud kms keys add-iam-policy-binding --member.

CustomerEncryptionKeyResponse, CustomerEncryptionKeyResponseArgs

KmsKey string: Immutable. The name of the Google Cloud KMS encryption key. For example, "projects/PROJECT_ID/locations/REGION/keyRings/KEY_RING/cryptoKeys/KEY_NAME". The key must be in the same region as the workstation configuration.
KmsKeyServiceAccount string: Immutable. The service account to use with the specified KMS key. We recommend that you use a separate service account and follow KMS best practices. For more information, see Separation of duties and gcloud kms keys add-iam-policy-binding --member.

KmsKey string: Immutable. The name of the Google Cloud KMS encryption key. For example, "projects/PROJECT_ID/locations/REGION/keyRings/KEY_RING/cryptoKeys/KEY_NAME". The key must be in the same region as the workstation configuration.
KmsKeyServiceAccount string: Immutable. The service account to use with the specified KMS key. We recommend that you use a separate service account and follow KMS best practices. For more information, see Separation of duties and gcloud kms keys add-iam-policy-binding --member.

kmsKey String: Immutable. The name of the Google Cloud KMS encryption key. For example, "projects/PROJECT_ID/locations/REGION/keyRings/KEY_RING/cryptoKeys/KEY_NAME". The key must be in the same region as the workstation configuration.
kmsKeyServiceAccount String: Immutable. The service account to use with the specified KMS key. We recommend that you use a separate service account and follow KMS best practices. For more information, see Separation of duties and gcloud kms keys add-iam-policy-binding --member.

kmsKey string: Immutable. The name of the Google Cloud KMS encryption key. For example, "projects/PROJECT_ID/locations/REGION/keyRings/KEY_RING/cryptoKeys/KEY_NAME". The key must be in the same region as the workstation configuration.
kmsKeyServiceAccount string: Immutable. The service account to use with the specified KMS key. We recommend that you use a separate service account and follow KMS best practices. For more information, see Separation of duties and gcloud kms keys add-iam-policy-binding --member.

kms_key str: Immutable. The name of the Google Cloud KMS encryption key. For example, "projects/PROJECT_ID/locations/REGION/keyRings/KEY_RING/cryptoKeys/KEY_NAME". The key must be in the same region as the workstation configuration.
kms_key_service_account str: Immutable. The service account to use with the specified KMS key. We recommend that you use a separate service account and follow KMS best practices. For more information, see Separation of duties and gcloud kms keys add-iam-policy-binding --member.

kmsKey String: Immutable. The name of the Google Cloud KMS encryption key. For example, "projects/PROJECT_ID/locations/REGION/keyRings/KEY_RING/cryptoKeys/KEY_NAME". The key must be in the same region as the workstation configuration.
kmsKeyServiceAccount String: Immutable. The service account to use with the specified KMS key. We recommend that you use a separate service account and follow KMS best practices. For more information, see Separation of duties and gcloud kms keys add-iam-policy-binding --member.

EphemeralDirectory, EphemeralDirectoryArgs

MountPath string: Location of this directory in the running workstation.
GcePd Pulumi.GoogleNative.Workstations.V1Beta.Inputs.GcePersistentDisk: An EphemeralDirectory backed by a Compute Engine persistent disk.

MountPath string: Location of this directory in the running workstation.
GcePd GcePersistentDisk: An EphemeralDirectory backed by a Compute Engine persistent disk.

mountPath String: Location of this directory in the running workstation.
gcePd GcePersistentDisk: An EphemeralDirectory backed by a Compute Engine persistent disk.

mountPath string: Location of this directory in the running workstation.
gcePd GcePersistentDisk: An EphemeralDirectory backed by a Compute Engine persistent disk.

mount_path str: Location of this directory in the running workstation.
gce_pd GcePersistentDisk: An EphemeralDirectory backed by a Compute Engine persistent disk.

mountPath String: Location of this directory in the running workstation.
gcePd Property Map: An EphemeralDirectory backed by a Compute Engine persistent disk.

EphemeralDirectoryResponse, EphemeralDirectoryResponseArgs

GcePd Pulumi.GoogleNative.Workstations.V1Beta.Inputs.GcePersistentDiskResponse: An EphemeralDirectory backed by a Compute Engine persistent disk.
MountPath string: Location of this directory in the running workstation.

GcePd GcePersistentDiskResponse: An EphemeralDirectory backed by a Compute Engine persistent disk.
MountPath string: Location of this directory in the running workstation.

gcePd GcePersistentDiskResponse: An EphemeralDirectory backed by a Compute Engine persistent disk.
mountPath String: Location of this directory in the running workstation.

gcePd GcePersistentDiskResponse: An EphemeralDirectory backed by a Compute Engine persistent disk.
mountPath string: Location of this directory in the running workstation.

gce_pd GcePersistentDiskResponse: An EphemeralDirectory backed by a Compute Engine persistent disk.
mount_path str: Location of this directory in the running workstation.

gcePd Property Map: An EphemeralDirectory backed by a Compute Engine persistent disk.
mountPath String: Location of this directory in the running workstation.

GceConfidentialInstanceConfig, GceConfidentialInstanceConfigArgs

EnableConfidentialCompute bool: Optional. Whether the instance has confidential compute enabled.

EnableConfidentialCompute bool: Optional. Whether the instance has confidential compute enabled.

enableConfidentialCompute Boolean: Optional. Whether the instance has confidential compute enabled.

enableConfidentialCompute boolean: Optional. Whether the instance has confidential compute enabled.

enable_confidential_compute bool: Optional. Whether the instance has confidential compute enabled.

enableConfidentialCompute Boolean: Optional. Whether the instance has confidential compute enabled.

GceConfidentialInstanceConfigResponse, GceConfidentialInstanceConfigResponseArgs

EnableConfidentialCompute bool: Optional. Whether the instance has confidential compute enabled.

EnableConfidentialCompute bool: Optional. Whether the instance has confidential compute enabled.

enableConfidentialCompute Boolean: Optional. Whether the instance has confidential compute enabled.

enableConfidentialCompute boolean: Optional. Whether the instance has confidential compute enabled.

enable_confidential_compute bool: Optional. Whether the instance has confidential compute enabled.

enableConfidentialCompute Boolean: Optional. Whether the instance has confidential compute enabled.

GceInstance, GceInstanceArgs

Accelerators List<Pulumi.GoogleNative.Workstations.V1Beta.Inputs.Accelerator>: Optional. A list of the type and count of accelerator cards attached to the instance.
BootDiskSizeGb int: Optional. The size of the boot disk for the VM in gigabytes (GB). The minimum boot disk size is 30 GB. Defaults to 50 GB.
ConfidentialInstanceConfig Pulumi.GoogleNative.Workstations.V1Beta.Inputs.GceConfidentialInstanceConfig: Optional. A set of Compute Engine Confidential VM instance options.
DisablePublicIpAddresses bool: Optional. When set to true, disables public IP addresses for VMs. If you disable public IP addresses, you must set up Private Google Access or Cloud NAT on your network. If you use Private Google Access and you use private.googleapis.com or restricted.googleapis.com for Container Registry and Artifact Registry, make sure that you set up DNS records for domains *.gcr.io and *.pkg.dev. Defaults to false (VMs have public IP addresses).
EnableNestedVirtualization bool: Optional. Whether to enable nested virtualization on Cloud Workstations VMs created under this workstation configuration. Nested virtualization lets you run virtual machine (VM) instances inside your workstation. Before enabling nested virtualization, consider the following important considerations. Cloud Workstations instances are subject to the same restrictions as Compute Engine instances: * Organization policy: projects, folders, or organizations may be restricted from creating nested VMs if the Disable VM nested virtualization constraint is enforced in the organization policy. For more information, see the Compute Engine section, Checking whether nested virtualization is allowed. * Performance: nested VMs might experience a 10% or greater decrease in performance for workloads that are CPU-bound and possibly greater than a 10% decrease for workloads that are input/output bound. * Machine Type: nested virtualization can only be enabled on workstation configurations that specify a machine_type in the N1 or N2 machine series. * GPUs: nested virtualization may not be enabled on workstation configurations with accelerators. * Operating System: Because Container-Optimized OS does not support nested virtualization, when nested virtualization is enabled, the underlying Compute Engine VM instances boot from an Ubuntu LTS image.
MachineType string: Optional. The type of machine to use for VM instances—for example, "e2-standard-4". For more information about machine types that Cloud Workstations supports, see the list of available machine types.
PoolSize int: Optional. The number of VMs that the system should keep idle so that new workstations can be started quickly for new users. Defaults to 0 in the API.
ServiceAccount string: Optional. The email address of the service account for Cloud Workstations VMs created with this configuration. When specified, be sure that the service account has logginglogEntries.create permission on the project so it can write logs out to Cloud Logging. If using a custom container image, the service account must have Artifact Registry Reader permission to pull the specified image. If you as the administrator want to be able to ssh into the underlying VM, you need to set this value to a service account for which you have the iam.serviceAccounts.actAs permission. Conversely, if you don't want anyone to be able to ssh into the underlying VM, use a service account where no one has that permission. If not set, VMs run with a service account provided by the Cloud Workstations service, and the image must be publicly accessible.
ServiceAccountScopes List<string>: Optional. Scopes to grant to the service_account. Various scopes are automatically added based on feature usage. When specified, users of workstations under this configuration must have iam.serviceAccounts.actAs on the service account.
ShieldedInstanceConfig Pulumi.GoogleNative.Workstations.V1Beta.Inputs.GceShieldedInstanceConfig: Optional. A set of Compute Engine Shielded instance options.
Tags List<string>: Optional. Network tags to add to the Compute Engine VMs backing the workstations. This option applies network tags to VMs created with this configuration. These network tags enable the creation of firewall rules.

Accelerators []Accelerator: Optional. A list of the type and count of accelerator cards attached to the instance.
BootDiskSizeGb int: Optional. The size of the boot disk for the VM in gigabytes (GB). The minimum boot disk size is 30 GB. Defaults to 50 GB.
ConfidentialInstanceConfig GceConfidentialInstanceConfig: Optional. A set of Compute Engine Confidential VM instance options.
DisablePublicIpAddresses bool: Optional. When set to true, disables public IP addresses for VMs. If you disable public IP addresses, you must set up Private Google Access or Cloud NAT on your network. If you use Private Google Access and you use private.googleapis.com or restricted.googleapis.com for Container Registry and Artifact Registry, make sure that you set up DNS records for domains *.gcr.io and *.pkg.dev. Defaults to false (VMs have public IP addresses).
EnableNestedVirtualization bool: Optional. Whether to enable nested virtualization on Cloud Workstations VMs created under this workstation configuration. Nested virtualization lets you run virtual machine (VM) instances inside your workstation. Before enabling nested virtualization, consider the following important considerations. Cloud Workstations instances are subject to the same restrictions as Compute Engine instances: * Organization policy: projects, folders, or organizations may be restricted from creating nested VMs if the Disable VM nested virtualization constraint is enforced in the organization policy. For more information, see the Compute Engine section, Checking whether nested virtualization is allowed. * Performance: nested VMs might experience a 10% or greater decrease in performance for workloads that are CPU-bound and possibly greater than a 10% decrease for workloads that are input/output bound. * Machine Type: nested virtualization can only be enabled on workstation configurations that specify a machine_type in the N1 or N2 machine series. * GPUs: nested virtualization may not be enabled on workstation configurations with accelerators. * Operating System: Because Container-Optimized OS does not support nested virtualization, when nested virtualization is enabled, the underlying Compute Engine VM instances boot from an Ubuntu LTS image.
MachineType string: Optional. The type of machine to use for VM instances—for example, "e2-standard-4". For more information about machine types that Cloud Workstations supports, see the list of available machine types.
PoolSize int: Optional. The number of VMs that the system should keep idle so that new workstations can be started quickly for new users. Defaults to 0 in the API.
ServiceAccount string: Optional. The email address of the service account for Cloud Workstations VMs created with this configuration. When specified, be sure that the service account has logginglogEntries.create permission on the project so it can write logs out to Cloud Logging. If using a custom container image, the service account must have Artifact Registry Reader permission to pull the specified image. If you as the administrator want to be able to ssh into the underlying VM, you need to set this value to a service account for which you have the iam.serviceAccounts.actAs permission. Conversely, if you don't want anyone to be able to ssh into the underlying VM, use a service account where no one has that permission. If not set, VMs run with a service account provided by the Cloud Workstations service, and the image must be publicly accessible.
ServiceAccountScopes []string: Optional. Scopes to grant to the service_account. Various scopes are automatically added based on feature usage. When specified, users of workstations under this configuration must have iam.serviceAccounts.actAs on the service account.
ShieldedInstanceConfig GceShieldedInstanceConfig: Optional. A set of Compute Engine Shielded instance options.
Tags []string: Optional. Network tags to add to the Compute Engine VMs backing the workstations. This option applies network tags to VMs created with this configuration. These network tags enable the creation of firewall rules.

accelerators List<Accelerator>: Optional. A list of the type and count of accelerator cards attached to the instance.
bootDiskSizeGb Integer: Optional. The size of the boot disk for the VM in gigabytes (GB). The minimum boot disk size is 30 GB. Defaults to 50 GB.
confidentialInstanceConfig GceConfidentialInstanceConfig: Optional. A set of Compute Engine Confidential VM instance options.
disablePublicIpAddresses Boolean: Optional. When set to true, disables public IP addresses for VMs. If you disable public IP addresses, you must set up Private Google Access or Cloud NAT on your network. If you use Private Google Access and you use private.googleapis.com or restricted.googleapis.com for Container Registry and Artifact Registry, make sure that you set up DNS records for domains *.gcr.io and *.pkg.dev. Defaults to false (VMs have public IP addresses).
enableNestedVirtualization Boolean: Optional. Whether to enable nested virtualization on Cloud Workstations VMs created under this workstation configuration. Nested virtualization lets you run virtual machine (VM) instances inside your workstation. Before enabling nested virtualization, consider the following important considerations. Cloud Workstations instances are subject to the same restrictions as Compute Engine instances: * Organization policy: projects, folders, or organizations may be restricted from creating nested VMs if the Disable VM nested virtualization constraint is enforced in the organization policy. For more information, see the Compute Engine section, Checking whether nested virtualization is allowed. * Performance: nested VMs might experience a 10% or greater decrease in performance for workloads that are CPU-bound and possibly greater than a 10% decrease for workloads that are input/output bound. * Machine Type: nested virtualization can only be enabled on workstation configurations that specify a machine_type in the N1 or N2 machine series. * GPUs: nested virtualization may not be enabled on workstation configurations with accelerators. * Operating System: Because Container-Optimized OS does not support nested virtualization, when nested virtualization is enabled, the underlying Compute Engine VM instances boot from an Ubuntu LTS image.
machineType String: Optional. The type of machine to use for VM instances—for example, "e2-standard-4". For more information about machine types that Cloud Workstations supports, see the list of available machine types.
poolSize Integer: Optional. The number of VMs that the system should keep idle so that new workstations can be started quickly for new users. Defaults to 0 in the API.
serviceAccount String: Optional. The email address of the service account for Cloud Workstations VMs created with this configuration. When specified, be sure that the service account has logginglogEntries.create permission on the project so it can write logs out to Cloud Logging. If using a custom container image, the service account must have Artifact Registry Reader permission to pull the specified image. If you as the administrator want to be able to ssh into the underlying VM, you need to set this value to a service account for which you have the iam.serviceAccounts.actAs permission. Conversely, if you don't want anyone to be able to ssh into the underlying VM, use a service account where no one has that permission. If not set, VMs run with a service account provided by the Cloud Workstations service, and the image must be publicly accessible.
serviceAccountScopes List<String>: Optional. Scopes to grant to the service_account. Various scopes are automatically added based on feature usage. When specified, users of workstations under this configuration must have iam.serviceAccounts.actAs on the service account.
shieldedInstanceConfig GceShieldedInstanceConfig: Optional. A set of Compute Engine Shielded instance options.
tags List<String>: Optional. Network tags to add to the Compute Engine VMs backing the workstations. This option applies network tags to VMs created with this configuration. These network tags enable the creation of firewall rules.

accelerators Accelerator[]: Optional. A list of the type and count of accelerator cards attached to the instance.
bootDiskSizeGb number: Optional. The size of the boot disk for the VM in gigabytes (GB). The minimum boot disk size is 30 GB. Defaults to 50 GB.
confidentialInstanceConfig GceConfidentialInstanceConfig: Optional. A set of Compute Engine Confidential VM instance options.
disablePublicIpAddresses boolean: Optional. When set to true, disables public IP addresses for VMs. If you disable public IP addresses, you must set up Private Google Access or Cloud NAT on your network. If you use Private Google Access and you use private.googleapis.com or restricted.googleapis.com for Container Registry and Artifact Registry, make sure that you set up DNS records for domains *.gcr.io and *.pkg.dev. Defaults to false (VMs have public IP addresses).
enableNestedVirtualization boolean: Optional. Whether to enable nested virtualization on Cloud Workstations VMs created under this workstation configuration. Nested virtualization lets you run virtual machine (VM) instances inside your workstation. Before enabling nested virtualization, consider the following important considerations. Cloud Workstations instances are subject to the same restrictions as Compute Engine instances: * Organization policy: projects, folders, or organizations may be restricted from creating nested VMs if the Disable VM nested virtualization constraint is enforced in the organization policy. For more information, see the Compute Engine section, Checking whether nested virtualization is allowed. * Performance: nested VMs might experience a 10% or greater decrease in performance for workloads that are CPU-bound and possibly greater than a 10% decrease for workloads that are input/output bound. * Machine Type: nested virtualization can only be enabled on workstation configurations that specify a machine_type in the N1 or N2 machine series. * GPUs: nested virtualization may not be enabled on workstation configurations with accelerators. * Operating System: Because Container-Optimized OS does not support nested virtualization, when nested virtualization is enabled, the underlying Compute Engine VM instances boot from an Ubuntu LTS image.
machineType string: Optional. The type of machine to use for VM instances—for example, "e2-standard-4". For more information about machine types that Cloud Workstations supports, see the list of available machine types.
poolSize number: Optional. The number of VMs that the system should keep idle so that new workstations can be started quickly for new users. Defaults to 0 in the API.
serviceAccount string: Optional. The email address of the service account for Cloud Workstations VMs created with this configuration. When specified, be sure that the service account has logginglogEntries.create permission on the project so it can write logs out to Cloud Logging. If using a custom container image, the service account must have Artifact Registry Reader permission to pull the specified image. If you as the administrator want to be able to ssh into the underlying VM, you need to set this value to a service account for which you have the iam.serviceAccounts.actAs permission. Conversely, if you don't want anyone to be able to ssh into the underlying VM, use a service account where no one has that permission. If not set, VMs run with a service account provided by the Cloud Workstations service, and the image must be publicly accessible.
serviceAccountScopes string[]: Optional. Scopes to grant to the service_account. Various scopes are automatically added based on feature usage. When specified, users of workstations under this configuration must have iam.serviceAccounts.actAs on the service account.
shieldedInstanceConfig GceShieldedInstanceConfig: Optional. A set of Compute Engine Shielded instance options.
tags string[]: Optional. Network tags to add to the Compute Engine VMs backing the workstations. This option applies network tags to VMs created with this configuration. These network tags enable the creation of firewall rules.

accelerators Sequence[Accelerator]: Optional. A list of the type and count of accelerator cards attached to the instance.
boot_disk_size_gb int: Optional. The size of the boot disk for the VM in gigabytes (GB). The minimum boot disk size is 30 GB. Defaults to 50 GB.
confidential_instance_config GceConfidentialInstanceConfig: Optional. A set of Compute Engine Confidential VM instance options.
disable_public_ip_addresses bool: Optional. When set to true, disables public IP addresses for VMs. If you disable public IP addresses, you must set up Private Google Access or Cloud NAT on your network. If you use Private Google Access and you use private.googleapis.com or restricted.googleapis.com for Container Registry and Artifact Registry, make sure that you set up DNS records for domains *.gcr.io and *.pkg.dev. Defaults to false (VMs have public IP addresses).
enable_nested_virtualization bool: Optional. Whether to enable nested virtualization on Cloud Workstations VMs created under this workstation configuration. Nested virtualization lets you run virtual machine (VM) instances inside your workstation. Before enabling nested virtualization, consider the following important considerations. Cloud Workstations instances are subject to the same restrictions as Compute Engine instances: * Organization policy: projects, folders, or organizations may be restricted from creating nested VMs if the Disable VM nested virtualization constraint is enforced in the organization policy. For more information, see the Compute Engine section, Checking whether nested virtualization is allowed. * Performance: nested VMs might experience a 10% or greater decrease in performance for workloads that are CPU-bound and possibly greater than a 10% decrease for workloads that are input/output bound. * Machine Type: nested virtualization can only be enabled on workstation configurations that specify a machine_type in the N1 or N2 machine series. * GPUs: nested virtualization may not be enabled on workstation configurations with accelerators. * Operating System: Because Container-Optimized OS does not support nested virtualization, when nested virtualization is enabled, the underlying Compute Engine VM instances boot from an Ubuntu LTS image.
machine_type str: Optional. The type of machine to use for VM instances—for example, "e2-standard-4". For more information about machine types that Cloud Workstations supports, see the list of available machine types.
pool_size int: Optional. The number of VMs that the system should keep idle so that new workstations can be started quickly for new users. Defaults to 0 in the API.
service_account str: Optional. The email address of the service account for Cloud Workstations VMs created with this configuration. When specified, be sure that the service account has logginglogEntries.create permission on the project so it can write logs out to Cloud Logging. If using a custom container image, the service account must have Artifact Registry Reader permission to pull the specified image. If you as the administrator want to be able to ssh into the underlying VM, you need to set this value to a service account for which you have the iam.serviceAccounts.actAs permission. Conversely, if you don't want anyone to be able to ssh into the underlying VM, use a service account where no one has that permission. If not set, VMs run with a service account provided by the Cloud Workstations service, and the image must be publicly accessible.
service_account_scopes Sequence[str]: Optional. Scopes to grant to the service_account. Various scopes are automatically added based on feature usage. When specified, users of workstations under this configuration must have iam.serviceAccounts.actAs on the service account.
shielded_instance_config GceShieldedInstanceConfig: Optional. A set of Compute Engine Shielded instance options.
tags Sequence[str]: Optional. Network tags to add to the Compute Engine VMs backing the workstations. This option applies network tags to VMs created with this configuration. These network tags enable the creation of firewall rules.

accelerators List<Property Map>: Optional. A list of the type and count of accelerator cards attached to the instance.
bootDiskSizeGb Number: Optional. The size of the boot disk for the VM in gigabytes (GB). The minimum boot disk size is 30 GB. Defaults to 50 GB.
confidentialInstanceConfig Property Map: Optional. A set of Compute Engine Confidential VM instance options.
disablePublicIpAddresses Boolean: Optional. When set to true, disables public IP addresses for VMs. If you disable public IP addresses, you must set up Private Google Access or Cloud NAT on your network. If you use Private Google Access and you use private.googleapis.com or restricted.googleapis.com for Container Registry and Artifact Registry, make sure that you set up DNS records for domains *.gcr.io and *.pkg.dev. Defaults to false (VMs have public IP addresses).
enableNestedVirtualization Boolean: Optional. Whether to enable nested virtualization on Cloud Workstations VMs created under this workstation configuration. Nested virtualization lets you run virtual machine (VM) instances inside your workstation. Before enabling nested virtualization, consider the following important considerations. Cloud Workstations instances are subject to the same restrictions as Compute Engine instances: * Organization policy: projects, folders, or organizations may be restricted from creating nested VMs if the Disable VM nested virtualization constraint is enforced in the organization policy. For more information, see the Compute Engine section, Checking whether nested virtualization is allowed. * Performance: nested VMs might experience a 10% or greater decrease in performance for workloads that are CPU-bound and possibly greater than a 10% decrease for workloads that are input/output bound. * Machine Type: nested virtualization can only be enabled on workstation configurations that specify a machine_type in the N1 or N2 machine series. * GPUs: nested virtualization may not be enabled on workstation configurations with accelerators. * Operating System: Because Container-Optimized OS does not support nested virtualization, when nested virtualization is enabled, the underlying Compute Engine VM instances boot from an Ubuntu LTS image.
machineType String: Optional. The type of machine to use for VM instances—for example, "e2-standard-4". For more information about machine types that Cloud Workstations supports, see the list of available machine types.
poolSize Number: Optional. The number of VMs that the system should keep idle so that new workstations can be started quickly for new users. Defaults to 0 in the API.
serviceAccount String: Optional. The email address of the service account for Cloud Workstations VMs created with this configuration. When specified, be sure that the service account has logginglogEntries.create permission on the project so it can write logs out to Cloud Logging. If using a custom container image, the service account must have Artifact Registry Reader permission to pull the specified image. If you as the administrator want to be able to ssh into the underlying VM, you need to set this value to a service account for which you have the iam.serviceAccounts.actAs permission. Conversely, if you don't want anyone to be able to ssh into the underlying VM, use a service account where no one has that permission. If not set, VMs run with a service account provided by the Cloud Workstations service, and the image must be publicly accessible.
serviceAccountScopes List<String>: Optional. Scopes to grant to the service_account. Various scopes are automatically added based on feature usage. When specified, users of workstations under this configuration must have iam.serviceAccounts.actAs on the service account.
shieldedInstanceConfig Property Map: Optional. A set of Compute Engine Shielded instance options.
tags List<String>: Optional. Network tags to add to the Compute Engine VMs backing the workstations. This option applies network tags to VMs created with this configuration. These network tags enable the creation of firewall rules.

GceInstanceResponse, GceInstanceResponseArgs

Accelerators List<Pulumi.GoogleNative.Workstations.V1Beta.Inputs.AcceleratorResponse>: Optional. A list of the type and count of accelerator cards attached to the instance.
BootDiskSizeGb int: Optional. The size of the boot disk for the VM in gigabytes (GB). The minimum boot disk size is 30 GB. Defaults to 50 GB.
ConfidentialInstanceConfig Pulumi.GoogleNative.Workstations.V1Beta.Inputs.GceConfidentialInstanceConfigResponse: Optional. A set of Compute Engine Confidential VM instance options.
DisablePublicIpAddresses bool: Optional. When set to true, disables public IP addresses for VMs. If you disable public IP addresses, you must set up Private Google Access or Cloud NAT on your network. If you use Private Google Access and you use private.googleapis.com or restricted.googleapis.com for Container Registry and Artifact Registry, make sure that you set up DNS records for domains *.gcr.io and *.pkg.dev. Defaults to false (VMs have public IP addresses).
EnableNestedVirtualization bool: Optional. Whether to enable nested virtualization on Cloud Workstations VMs created under this workstation configuration. Nested virtualization lets you run virtual machine (VM) instances inside your workstation. Before enabling nested virtualization, consider the following important considerations. Cloud Workstations instances are subject to the same restrictions as Compute Engine instances: * Organization policy: projects, folders, or organizations may be restricted from creating nested VMs if the Disable VM nested virtualization constraint is enforced in the organization policy. For more information, see the Compute Engine section, Checking whether nested virtualization is allowed. * Performance: nested VMs might experience a 10% or greater decrease in performance for workloads that are CPU-bound and possibly greater than a 10% decrease for workloads that are input/output bound. * Machine Type: nested virtualization can only be enabled on workstation configurations that specify a machine_type in the N1 or N2 machine series. * GPUs: nested virtualization may not be enabled on workstation configurations with accelerators. * Operating System: Because Container-Optimized OS does not support nested virtualization, when nested virtualization is enabled, the underlying Compute Engine VM instances boot from an Ubuntu LTS image.
MachineType string: Optional. The type of machine to use for VM instances—for example, "e2-standard-4". For more information about machine types that Cloud Workstations supports, see the list of available machine types.
PoolSize int: Optional. The number of VMs that the system should keep idle so that new workstations can be started quickly for new users. Defaults to 0 in the API.
PooledInstances int: Number of instances currently available in the pool for faster workstation startup.
ServiceAccount string: Optional. The email address of the service account for Cloud Workstations VMs created with this configuration. When specified, be sure that the service account has logginglogEntries.create permission on the project so it can write logs out to Cloud Logging. If using a custom container image, the service account must have Artifact Registry Reader permission to pull the specified image. If you as the administrator want to be able to ssh into the underlying VM, you need to set this value to a service account for which you have the iam.serviceAccounts.actAs permission. Conversely, if you don't want anyone to be able to ssh into the underlying VM, use a service account where no one has that permission. If not set, VMs run with a service account provided by the Cloud Workstations service, and the image must be publicly accessible.
ServiceAccountScopes List<string>: Optional. Scopes to grant to the service_account. Various scopes are automatically added based on feature usage. When specified, users of workstations under this configuration must have iam.serviceAccounts.actAs on the service account.
ShieldedInstanceConfig Pulumi.GoogleNative.Workstations.V1Beta.Inputs.GceShieldedInstanceConfigResponse: Optional. A set of Compute Engine Shielded instance options.
Tags List<string>: Optional. Network tags to add to the Compute Engine VMs backing the workstations. This option applies network tags to VMs created with this configuration. These network tags enable the creation of firewall rules.

Accelerators []AcceleratorResponse: Optional. A list of the type and count of accelerator cards attached to the instance.
BootDiskSizeGb int: Optional. The size of the boot disk for the VM in gigabytes (GB). The minimum boot disk size is 30 GB. Defaults to 50 GB.
ConfidentialInstanceConfig GceConfidentialInstanceConfigResponse: Optional. A set of Compute Engine Confidential VM instance options.
DisablePublicIpAddresses bool: Optional. When set to true, disables public IP addresses for VMs. If you disable public IP addresses, you must set up Private Google Access or Cloud NAT on your network. If you use Private Google Access and you use private.googleapis.com or restricted.googleapis.com for Container Registry and Artifact Registry, make sure that you set up DNS records for domains *.gcr.io and *.pkg.dev. Defaults to false (VMs have public IP addresses).
EnableNestedVirtualization bool: Optional. Whether to enable nested virtualization on Cloud Workstations VMs created under this workstation configuration. Nested virtualization lets you run virtual machine (VM) instances inside your workstation. Before enabling nested virtualization, consider the following important considerations. Cloud Workstations instances are subject to the same restrictions as Compute Engine instances: * Organization policy: projects, folders, or organizations may be restricted from creating nested VMs if the Disable VM nested virtualization constraint is enforced in the organization policy. For more information, see the Compute Engine section, Checking whether nested virtualization is allowed. * Performance: nested VMs might experience a 10% or greater decrease in performance for workloads that are CPU-bound and possibly greater than a 10% decrease for workloads that are input/output bound. * Machine Type: nested virtualization can only be enabled on workstation configurations that specify a machine_type in the N1 or N2 machine series. * GPUs: nested virtualization may not be enabled on workstation configurations with accelerators. * Operating System: Because Container-Optimized OS does not support nested virtualization, when nested virtualization is enabled, the underlying Compute Engine VM instances boot from an Ubuntu LTS image.
MachineType string: Optional. The type of machine to use for VM instances—for example, "e2-standard-4". For more information about machine types that Cloud Workstations supports, see the list of available machine types.
PoolSize int: Optional. The number of VMs that the system should keep idle so that new workstations can be started quickly for new users. Defaults to 0 in the API.
PooledInstances int: Number of instances currently available in the pool for faster workstation startup.
ServiceAccount string: Optional. The email address of the service account for Cloud Workstations VMs created with this configuration. When specified, be sure that the service account has logginglogEntries.create permission on the project so it can write logs out to Cloud Logging. If using a custom container image, the service account must have Artifact Registry Reader permission to pull the specified image. If you as the administrator want to be able to ssh into the underlying VM, you need to set this value to a service account for which you have the iam.serviceAccounts.actAs permission. Conversely, if you don't want anyone to be able to ssh into the underlying VM, use a service account where no one has that permission. If not set, VMs run with a service account provided by the Cloud Workstations service, and the image must be publicly accessible.
ServiceAccountScopes []string: Optional. Scopes to grant to the service_account. Various scopes are automatically added based on feature usage. When specified, users of workstations under this configuration must have iam.serviceAccounts.actAs on the service account.
ShieldedInstanceConfig GceShieldedInstanceConfigResponse: Optional. A set of Compute Engine Shielded instance options.
Tags []string: Optional. Network tags to add to the Compute Engine VMs backing the workstations. This option applies network tags to VMs created with this configuration. These network tags enable the creation of firewall rules.

accelerators List<AcceleratorResponse>: Optional. A list of the type and count of accelerator cards attached to the instance.
bootDiskSizeGb Integer: Optional. The size of the boot disk for the VM in gigabytes (GB). The minimum boot disk size is 30 GB. Defaults to 50 GB.
confidentialInstanceConfig GceConfidentialInstanceConfigResponse: Optional. A set of Compute Engine Confidential VM instance options.
disablePublicIpAddresses Boolean: Optional. When set to true, disables public IP addresses for VMs. If you disable public IP addresses, you must set up Private Google Access or Cloud NAT on your network. If you use Private Google Access and you use private.googleapis.com or restricted.googleapis.com for Container Registry and Artifact Registry, make sure that you set up DNS records for domains *.gcr.io and *.pkg.dev. Defaults to false (VMs have public IP addresses).
enableNestedVirtualization Boolean: Optional. Whether to enable nested virtualization on Cloud Workstations VMs created under this workstation configuration. Nested virtualization lets you run virtual machine (VM) instances inside your workstation. Before enabling nested virtualization, consider the following important considerations. Cloud Workstations instances are subject to the same restrictions as Compute Engine instances: * Organization policy: projects, folders, or organizations may be restricted from creating nested VMs if the Disable VM nested virtualization constraint is enforced in the organization policy. For more information, see the Compute Engine section, Checking whether nested virtualization is allowed. * Performance: nested VMs might experience a 10% or greater decrease in performance for workloads that are CPU-bound and possibly greater than a 10% decrease for workloads that are input/output bound. * Machine Type: nested virtualization can only be enabled on workstation configurations that specify a machine_type in the N1 or N2 machine series. * GPUs: nested virtualization may not be enabled on workstation configurations with accelerators. * Operating System: Because Container-Optimized OS does not support nested virtualization, when nested virtualization is enabled, the underlying Compute Engine VM instances boot from an Ubuntu LTS image.
machineType String: Optional. The type of machine to use for VM instances—for example, "e2-standard-4". For more information about machine types that Cloud Workstations supports, see the list of available machine types.
poolSize Integer: Optional. The number of VMs that the system should keep idle so that new workstations can be started quickly for new users. Defaults to 0 in the API.
pooledInstances Integer: Number of instances currently available in the pool for faster workstation startup.
serviceAccount String: Optional. The email address of the service account for Cloud Workstations VMs created with this configuration. When specified, be sure that the service account has logginglogEntries.create permission on the project so it can write logs out to Cloud Logging. If using a custom container image, the service account must have Artifact Registry Reader permission to pull the specified image. If you as the administrator want to be able to ssh into the underlying VM, you need to set this value to a service account for which you have the iam.serviceAccounts.actAs permission. Conversely, if you don't want anyone to be able to ssh into the underlying VM, use a service account where no one has that permission. If not set, VMs run with a service account provided by the Cloud Workstations service, and the image must be publicly accessible.
serviceAccountScopes List<String>: Optional. Scopes to grant to the service_account. Various scopes are automatically added based on feature usage. When specified, users of workstations under this configuration must have iam.serviceAccounts.actAs on the service account.
shieldedInstanceConfig GceShieldedInstanceConfigResponse: Optional. A set of Compute Engine Shielded instance options.
tags List<String>: Optional. Network tags to add to the Compute Engine VMs backing the workstations. This option applies network tags to VMs created with this configuration. These network tags enable the creation of firewall rules.

accelerators AcceleratorResponse[]: Optional. A list of the type and count of accelerator cards attached to the instance.
bootDiskSizeGb number: Optional. The size of the boot disk for the VM in gigabytes (GB). The minimum boot disk size is 30 GB. Defaults to 50 GB.
confidentialInstanceConfig GceConfidentialInstanceConfigResponse: Optional. A set of Compute Engine Confidential VM instance options.
disablePublicIpAddresses boolean: Optional. When set to true, disables public IP addresses for VMs. If you disable public IP addresses, you must set up Private Google Access or Cloud NAT on your network. If you use Private Google Access and you use private.googleapis.com or restricted.googleapis.com for Container Registry and Artifact Registry, make sure that you set up DNS records for domains *.gcr.io and *.pkg.dev. Defaults to false (VMs have public IP addresses).
enableNestedVirtualization boolean: Optional. Whether to enable nested virtualization on Cloud Workstations VMs created under this workstation configuration. Nested virtualization lets you run virtual machine (VM) instances inside your workstation. Before enabling nested virtualization, consider the following important considerations. Cloud Workstations instances are subject to the same restrictions as Compute Engine instances: * Organization policy: projects, folders, or organizations may be restricted from creating nested VMs if the Disable VM nested virtualization constraint is enforced in the organization policy. For more information, see the Compute Engine section, Checking whether nested virtualization is allowed. * Performance: nested VMs might experience a 10% or greater decrease in performance for workloads that are CPU-bound and possibly greater than a 10% decrease for workloads that are input/output bound. * Machine Type: nested virtualization can only be enabled on workstation configurations that specify a machine_type in the N1 or N2 machine series. * GPUs: nested virtualization may not be enabled on workstation configurations with accelerators. * Operating System: Because Container-Optimized OS does not support nested virtualization, when nested virtualization is enabled, the underlying Compute Engine VM instances boot from an Ubuntu LTS image.
machineType string: Optional. The type of machine to use for VM instances—for example, "e2-standard-4". For more information about machine types that Cloud Workstations supports, see the list of available machine types.
poolSize number: Optional. The number of VMs that the system should keep idle so that new workstations can be started quickly for new users. Defaults to 0 in the API.
pooledInstances number: Number of instances currently available in the pool for faster workstation startup.
serviceAccount string: Optional. The email address of the service account for Cloud Workstations VMs created with this configuration. When specified, be sure that the service account has logginglogEntries.create permission on the project so it can write logs out to Cloud Logging. If using a custom container image, the service account must have Artifact Registry Reader permission to pull the specified image. If you as the administrator want to be able to ssh into the underlying VM, you need to set this value to a service account for which you have the iam.serviceAccounts.actAs permission. Conversely, if you don't want anyone to be able to ssh into the underlying VM, use a service account where no one has that permission. If not set, VMs run with a service account provided by the Cloud Workstations service, and the image must be publicly accessible.
serviceAccountScopes string[]: Optional. Scopes to grant to the service_account. Various scopes are automatically added based on feature usage. When specified, users of workstations under this configuration must have iam.serviceAccounts.actAs on the service account.
shieldedInstanceConfig GceShieldedInstanceConfigResponse: Optional. A set of Compute Engine Shielded instance options.
tags string[]: Optional. Network tags to add to the Compute Engine VMs backing the workstations. This option applies network tags to VMs created with this configuration. These network tags enable the creation of firewall rules.

accelerators Sequence[AcceleratorResponse]: Optional. A list of the type and count of accelerator cards attached to the instance.
boot_disk_size_gb int: Optional. The size of the boot disk for the VM in gigabytes (GB). The minimum boot disk size is 30 GB. Defaults to 50 GB.
confidential_instance_config GceConfidentialInstanceConfigResponse: Optional. A set of Compute Engine Confidential VM instance options.
disable_public_ip_addresses bool: Optional. When set to true, disables public IP addresses for VMs. If you disable public IP addresses, you must set up Private Google Access or Cloud NAT on your network. If you use Private Google Access and you use private.googleapis.com or restricted.googleapis.com for Container Registry and Artifact Registry, make sure that you set up DNS records for domains *.gcr.io and *.pkg.dev. Defaults to false (VMs have public IP addresses).
enable_nested_virtualization bool: Optional. Whether to enable nested virtualization on Cloud Workstations VMs created under this workstation configuration. Nested virtualization lets you run virtual machine (VM) instances inside your workstation. Before enabling nested virtualization, consider the following important considerations. Cloud Workstations instances are subject to the same restrictions as Compute Engine instances: * Organization policy: projects, folders, or organizations may be restricted from creating nested VMs if the Disable VM nested virtualization constraint is enforced in the organization policy. For more information, see the Compute Engine section, Checking whether nested virtualization is allowed. * Performance: nested VMs might experience a 10% or greater decrease in performance for workloads that are CPU-bound and possibly greater than a 10% decrease for workloads that are input/output bound. * Machine Type: nested virtualization can only be enabled on workstation configurations that specify a machine_type in the N1 or N2 machine series. * GPUs: nested virtualization may not be enabled on workstation configurations with accelerators. * Operating System: Because Container-Optimized OS does not support nested virtualization, when nested virtualization is enabled, the underlying Compute Engine VM instances boot from an Ubuntu LTS image.
machine_type str: Optional. The type of machine to use for VM instances—for example, "e2-standard-4". For more information about machine types that Cloud Workstations supports, see the list of available machine types.
pool_size int: Optional. The number of VMs that the system should keep idle so that new workstations can be started quickly for new users. Defaults to 0 in the API.
pooled_instances int: Number of instances currently available in the pool for faster workstation startup.
service_account str: Optional. The email address of the service account for Cloud Workstations VMs created with this configuration. When specified, be sure that the service account has logginglogEntries.create permission on the project so it can write logs out to Cloud Logging. If using a custom container image, the service account must have Artifact Registry Reader permission to pull the specified image. If you as the administrator want to be able to ssh into the underlying VM, you need to set this value to a service account for which you have the iam.serviceAccounts.actAs permission. Conversely, if you don't want anyone to be able to ssh into the underlying VM, use a service account where no one has that permission. If not set, VMs run with a service account provided by the Cloud Workstations service, and the image must be publicly accessible.
service_account_scopes Sequence[str]: Optional. Scopes to grant to the service_account. Various scopes are automatically added based on feature usage. When specified, users of workstations under this configuration must have iam.serviceAccounts.actAs on the service account.
shielded_instance_config GceShieldedInstanceConfigResponse: Optional. A set of Compute Engine Shielded instance options.
tags Sequence[str]: Optional. Network tags to add to the Compute Engine VMs backing the workstations. This option applies network tags to VMs created with this configuration. These network tags enable the creation of firewall rules.

accelerators List<Property Map>: Optional. A list of the type and count of accelerator cards attached to the instance.
bootDiskSizeGb Number: Optional. The size of the boot disk for the VM in gigabytes (GB). The minimum boot disk size is 30 GB. Defaults to 50 GB.
confidentialInstanceConfig Property Map: Optional. A set of Compute Engine Confidential VM instance options.
disablePublicIpAddresses Boolean: Optional. When set to true, disables public IP addresses for VMs. If you disable public IP addresses, you must set up Private Google Access or Cloud NAT on your network. If you use Private Google Access and you use private.googleapis.com or restricted.googleapis.com for Container Registry and Artifact Registry, make sure that you set up DNS records for domains *.gcr.io and *.pkg.dev. Defaults to false (VMs have public IP addresses).
enableNestedVirtualization Boolean: Optional. Whether to enable nested virtualization on Cloud Workstations VMs created under this workstation configuration. Nested virtualization lets you run virtual machine (VM) instances inside your workstation. Before enabling nested virtualization, consider the following important considerations. Cloud Workstations instances are subject to the same restrictions as Compute Engine instances: * Organization policy: projects, folders, or organizations may be restricted from creating nested VMs if the Disable VM nested virtualization constraint is enforced in the organization policy. For more information, see the Compute Engine section, Checking whether nested virtualization is allowed. * Performance: nested VMs might experience a 10% or greater decrease in performance for workloads that are CPU-bound and possibly greater than a 10% decrease for workloads that are input/output bound. * Machine Type: nested virtualization can only be enabled on workstation configurations that specify a machine_type in the N1 or N2 machine series. * GPUs: nested virtualization may not be enabled on workstation configurations with accelerators. * Operating System: Because Container-Optimized OS does not support nested virtualization, when nested virtualization is enabled, the underlying Compute Engine VM instances boot from an Ubuntu LTS image.
machineType String: Optional. The type of machine to use for VM instances—for example, "e2-standard-4". For more information about machine types that Cloud Workstations supports, see the list of available machine types.
poolSize Number: Optional. The number of VMs that the system should keep idle so that new workstations can be started quickly for new users. Defaults to 0 in the API.
pooledInstances Number: Number of instances currently available in the pool for faster workstation startup.
serviceAccount String: Optional. The email address of the service account for Cloud Workstations VMs created with this configuration. When specified, be sure that the service account has logginglogEntries.create permission on the project so it can write logs out to Cloud Logging. If using a custom container image, the service account must have Artifact Registry Reader permission to pull the specified image. If you as the administrator want to be able to ssh into the underlying VM, you need to set this value to a service account for which you have the iam.serviceAccounts.actAs permission. Conversely, if you don't want anyone to be able to ssh into the underlying VM, use a service account where no one has that permission. If not set, VMs run with a service account provided by the Cloud Workstations service, and the image must be publicly accessible.
serviceAccountScopes List<String>: Optional. Scopes to grant to the service_account. Various scopes are automatically added based on feature usage. When specified, users of workstations under this configuration must have iam.serviceAccounts.actAs on the service account.
shieldedInstanceConfig Property Map: Optional. A set of Compute Engine Shielded instance options.
tags List<String>: Optional. Network tags to add to the Compute Engine VMs backing the workstations. This option applies network tags to VMs created with this configuration. These network tags enable the creation of firewall rules.

GcePersistentDisk, GcePersistentDiskArgs

DiskType string: Optional. Type of the disk to use. Defaults to "pd-standard".
ReadOnly bool: Optional. Whether the disk is read only. If true, the disk may be shared by multiple VMs and source_snapshot must be set.
SourceImage string: Optional. Name of the disk image to use as the source for the disk. Must be empty if source_snapshot is set. Updating source_image will update content in the ephemeral directory after the workstation is restarted. This field is mutable.
SourceSnapshot string: Optional. Name of the snapshot to use as the source for the disk. Must be empty if source_image is set. Must be empty if read_only is false. Updating source_snapshot will update content in the ephemeral directory after the workstation is restarted. This field is mutable.

DiskType string: Optional. Type of the disk to use. Defaults to "pd-standard".
ReadOnly bool: Optional. Whether the disk is read only. If true, the disk may be shared by multiple VMs and source_snapshot must be set.
SourceImage string: Optional. Name of the disk image to use as the source for the disk. Must be empty if source_snapshot is set. Updating source_image will update content in the ephemeral directory after the workstation is restarted. This field is mutable.
SourceSnapshot string: Optional. Name of the snapshot to use as the source for the disk. Must be empty if source_image is set. Must be empty if read_only is false. Updating source_snapshot will update content in the ephemeral directory after the workstation is restarted. This field is mutable.

diskType String: Optional. Type of the disk to use. Defaults to "pd-standard".
readOnly Boolean: Optional. Whether the disk is read only. If true, the disk may be shared by multiple VMs and source_snapshot must be set.
sourceImage String: Optional. Name of the disk image to use as the source for the disk. Must be empty if source_snapshot is set. Updating source_image will update content in the ephemeral directory after the workstation is restarted. This field is mutable.
sourceSnapshot String: Optional. Name of the snapshot to use as the source for the disk. Must be empty if source_image is set. Must be empty if read_only is false. Updating source_snapshot will update content in the ephemeral directory after the workstation is restarted. This field is mutable.

diskType string: Optional. Type of the disk to use. Defaults to "pd-standard".
readOnly boolean: Optional. Whether the disk is read only. If true, the disk may be shared by multiple VMs and source_snapshot must be set.
sourceImage string: Optional. Name of the disk image to use as the source for the disk. Must be empty if source_snapshot is set. Updating source_image will update content in the ephemeral directory after the workstation is restarted. This field is mutable.
sourceSnapshot string: Optional. Name of the snapshot to use as the source for the disk. Must be empty if source_image is set. Must be empty if read_only is false. Updating source_snapshot will update content in the ephemeral directory after the workstation is restarted. This field is mutable.

disk_type str: Optional. Type of the disk to use. Defaults to "pd-standard".
read_only bool: Optional. Whether the disk is read only. If true, the disk may be shared by multiple VMs and source_snapshot must be set.
source_image str: Optional. Name of the disk image to use as the source for the disk. Must be empty if source_snapshot is set. Updating source_image will update content in the ephemeral directory after the workstation is restarted. This field is mutable.
source_snapshot str: Optional. Name of the snapshot to use as the source for the disk. Must be empty if source_image is set. Must be empty if read_only is false. Updating source_snapshot will update content in the ephemeral directory after the workstation is restarted. This field is mutable.

diskType String: Optional. Type of the disk to use. Defaults to "pd-standard".
readOnly Boolean: Optional. Whether the disk is read only. If true, the disk may be shared by multiple VMs and source_snapshot must be set.
sourceImage String: Optional. Name of the disk image to use as the source for the disk. Must be empty if source_snapshot is set. Updating source_image will update content in the ephemeral directory after the workstation is restarted. This field is mutable.
sourceSnapshot String: Optional. Name of the snapshot to use as the source for the disk. Must be empty if source_image is set. Must be empty if read_only is false. Updating source_snapshot will update content in the ephemeral directory after the workstation is restarted. This field is mutable.

GcePersistentDiskResponse, GcePersistentDiskResponseArgs

DiskType string: Optional. Type of the disk to use. Defaults to "pd-standard".
ReadOnly bool: Optional. Whether the disk is read only. If true, the disk may be shared by multiple VMs and source_snapshot must be set.
SourceImage string: Optional. Name of the disk image to use as the source for the disk. Must be empty if source_snapshot is set. Updating source_image will update content in the ephemeral directory after the workstation is restarted. This field is mutable.
SourceSnapshot string: Optional. Name of the snapshot to use as the source for the disk. Must be empty if source_image is set. Must be empty if read_only is false. Updating source_snapshot will update content in the ephemeral directory after the workstation is restarted. This field is mutable.

DiskType string: Optional. Type of the disk to use. Defaults to "pd-standard".
ReadOnly bool: Optional. Whether the disk is read only. If true, the disk may be shared by multiple VMs and source_snapshot must be set.
SourceImage string: Optional. Name of the disk image to use as the source for the disk. Must be empty if source_snapshot is set. Updating source_image will update content in the ephemeral directory after the workstation is restarted. This field is mutable.
SourceSnapshot string: Optional. Name of the snapshot to use as the source for the disk. Must be empty if source_image is set. Must be empty if read_only is false. Updating source_snapshot will update content in the ephemeral directory after the workstation is restarted. This field is mutable.

diskType String: Optional. Type of the disk to use. Defaults to "pd-standard".
readOnly Boolean: Optional. Whether the disk is read only. If true, the disk may be shared by multiple VMs and source_snapshot must be set.
sourceImage String: Optional. Name of the disk image to use as the source for the disk. Must be empty if source_snapshot is set. Updating source_image will update content in the ephemeral directory after the workstation is restarted. This field is mutable.
sourceSnapshot String: Optional. Name of the snapshot to use as the source for the disk. Must be empty if source_image is set. Must be empty if read_only is false. Updating source_snapshot will update content in the ephemeral directory after the workstation is restarted. This field is mutable.

diskType string: Optional. Type of the disk to use. Defaults to "pd-standard".
readOnly boolean: Optional. Whether the disk is read only. If true, the disk may be shared by multiple VMs and source_snapshot must be set.
sourceImage string: Optional. Name of the disk image to use as the source for the disk. Must be empty if source_snapshot is set. Updating source_image will update content in the ephemeral directory after the workstation is restarted. This field is mutable.
sourceSnapshot string: Optional. Name of the snapshot to use as the source for the disk. Must be empty if source_image is set. Must be empty if read_only is false. Updating source_snapshot will update content in the ephemeral directory after the workstation is restarted. This field is mutable.

disk_type str: Optional. Type of the disk to use. Defaults to "pd-standard".
read_only bool: Optional. Whether the disk is read only. If true, the disk may be shared by multiple VMs and source_snapshot must be set.
source_image str: Optional. Name of the disk image to use as the source for the disk. Must be empty if source_snapshot is set. Updating source_image will update content in the ephemeral directory after the workstation is restarted. This field is mutable.
source_snapshot str: Optional. Name of the snapshot to use as the source for the disk. Must be empty if source_image is set. Must be empty if read_only is false. Updating source_snapshot will update content in the ephemeral directory after the workstation is restarted. This field is mutable.

diskType String: Optional. Type of the disk to use. Defaults to "pd-standard".
readOnly Boolean: Optional. Whether the disk is read only. If true, the disk may be shared by multiple VMs and source_snapshot must be set.
sourceImage String: Optional. Name of the disk image to use as the source for the disk. Must be empty if source_snapshot is set. Updating source_image will update content in the ephemeral directory after the workstation is restarted. This field is mutable.
sourceSnapshot String: Optional. Name of the snapshot to use as the source for the disk. Must be empty if source_image is set. Must be empty if read_only is false. Updating source_snapshot will update content in the ephemeral directory after the workstation is restarted. This field is mutable.

GceRegionalPersistentDisk, GceRegionalPersistentDiskArgs

DiskType string: Optional. The type of the persistent disk for the home directory. Defaults to "pd-standard".
FsType string: Optional. Type of file system that the disk should be formatted with. The workstation image must support this file system type. Must be empty if source_snapshot is set. Defaults to "ext4".
ReclaimPolicy Pulumi.GoogleNative.Workstations.V1Beta.GceRegionalPersistentDiskReclaimPolicy: Optional. Whether the persistent disk should be deleted when the workstation is deleted. Valid values are DELETE and RETAIN. Defaults to DELETE.
SizeGb int: Optional. The GB capacity of a persistent home directory for each workstation created with this configuration. Must be empty if source_snapshot is set. Valid values are 10, 50, 100, 200, 500, or 1000. Defaults to 200. If less than 200 GB, the disk_type must be "pd-balanced" or "pd-ssd".
SourceSnapshot string: Optional. Name of the snapshot to use as the source for the disk. If set, size_gb and fs_type must be empty.

DiskType string: Optional. The type of the persistent disk for the home directory. Defaults to "pd-standard".
FsType string: Optional. Type of file system that the disk should be formatted with. The workstation image must support this file system type. Must be empty if source_snapshot is set. Defaults to "ext4".
ReclaimPolicy GceRegionalPersistentDiskReclaimPolicy: Optional. Whether the persistent disk should be deleted when the workstation is deleted. Valid values are DELETE and RETAIN. Defaults to DELETE.
SizeGb int: Optional. The GB capacity of a persistent home directory for each workstation created with this configuration. Must be empty if source_snapshot is set. Valid values are 10, 50, 100, 200, 500, or 1000. Defaults to 200. If less than 200 GB, the disk_type must be "pd-balanced" or "pd-ssd".
SourceSnapshot string: Optional. Name of the snapshot to use as the source for the disk. If set, size_gb and fs_type must be empty.

diskType String: Optional. The type of the persistent disk for the home directory. Defaults to "pd-standard".
fsType String: Optional. Type of file system that the disk should be formatted with. The workstation image must support this file system type. Must be empty if source_snapshot is set. Defaults to "ext4".
reclaimPolicy GceRegionalPersistentDiskReclaimPolicy: Optional. Whether the persistent disk should be deleted when the workstation is deleted. Valid values are DELETE and RETAIN. Defaults to DELETE.
sizeGb Integer: Optional. The GB capacity of a persistent home directory for each workstation created with this configuration. Must be empty if source_snapshot is set. Valid values are 10, 50, 100, 200, 500, or 1000. Defaults to 200. If less than 200 GB, the disk_type must be "pd-balanced" or "pd-ssd".
sourceSnapshot String: Optional. Name of the snapshot to use as the source for the disk. If set, size_gb and fs_type must be empty.

diskType string: Optional. The type of the persistent disk for the home directory. Defaults to "pd-standard".
fsType string: Optional. Type of file system that the disk should be formatted with. The workstation image must support this file system type. Must be empty if source_snapshot is set. Defaults to "ext4".
reclaimPolicy GceRegionalPersistentDiskReclaimPolicy: Optional. Whether the persistent disk should be deleted when the workstation is deleted. Valid values are DELETE and RETAIN. Defaults to DELETE.
sizeGb number: Optional. The GB capacity of a persistent home directory for each workstation created with this configuration. Must be empty if source_snapshot is set. Valid values are 10, 50, 100, 200, 500, or 1000. Defaults to 200. If less than 200 GB, the disk_type must be "pd-balanced" or "pd-ssd".
sourceSnapshot string: Optional. Name of the snapshot to use as the source for the disk. If set, size_gb and fs_type must be empty.

disk_type str: Optional. The type of the persistent disk for the home directory. Defaults to "pd-standard".
fs_type str: Optional. Type of file system that the disk should be formatted with. The workstation image must support this file system type. Must be empty if source_snapshot is set. Defaults to "ext4".
reclaim_policy GceRegionalPersistentDiskReclaimPolicy: Optional. Whether the persistent disk should be deleted when the workstation is deleted. Valid values are DELETE and RETAIN. Defaults to DELETE.
size_gb int: Optional. The GB capacity of a persistent home directory for each workstation created with this configuration. Must be empty if source_snapshot is set. Valid values are 10, 50, 100, 200, 500, or 1000. Defaults to 200. If less than 200 GB, the disk_type must be "pd-balanced" or "pd-ssd".
source_snapshot str: Optional. Name of the snapshot to use as the source for the disk. If set, size_gb and fs_type must be empty.

diskType String: Optional. The type of the persistent disk for the home directory. Defaults to "pd-standard".
fsType String: Optional. Type of file system that the disk should be formatted with. The workstation image must support this file system type. Must be empty if source_snapshot is set. Defaults to "ext4".
reclaimPolicy "RECLAIM_POLICY_UNSPECIFIED" | "DELETE" | "RETAIN": Optional. Whether the persistent disk should be deleted when the workstation is deleted. Valid values are DELETE and RETAIN. Defaults to DELETE.
sizeGb Number: Optional. The GB capacity of a persistent home directory for each workstation created with this configuration. Must be empty if source_snapshot is set. Valid values are 10, 50, 100, 200, 500, or 1000. Defaults to 200. If less than 200 GB, the disk_type must be "pd-balanced" or "pd-ssd".
sourceSnapshot String: Optional. Name of the snapshot to use as the source for the disk. If set, size_gb and fs_type must be empty.

GceRegionalPersistentDiskReclaimPolicy, GceRegionalPersistentDiskReclaimPolicyArgs

ReclaimPolicyUnspecified: RECLAIM_POLICY_UNSPECIFIEDDo not use.
Delete: DELETEDelete the persistent disk when deleting the workstation.
Retain: RETAINKeep the persistent disk when deleting the workstation. An administrator must manually delete the disk.

GceRegionalPersistentDiskReclaimPolicyReclaimPolicyUnspecified: RECLAIM_POLICY_UNSPECIFIEDDo not use.
GceRegionalPersistentDiskReclaimPolicyDelete: DELETEDelete the persistent disk when deleting the workstation.
GceRegionalPersistentDiskReclaimPolicyRetain: RETAINKeep the persistent disk when deleting the workstation. An administrator must manually delete the disk.

ReclaimPolicyUnspecified: RECLAIM_POLICY_UNSPECIFIEDDo not use.
Delete: DELETEDelete the persistent disk when deleting the workstation.
Retain: RETAINKeep the persistent disk when deleting the workstation. An administrator must manually delete the disk.

ReclaimPolicyUnspecified: RECLAIM_POLICY_UNSPECIFIEDDo not use.
Delete: DELETEDelete the persistent disk when deleting the workstation.
Retain: RETAINKeep the persistent disk when deleting the workstation. An administrator must manually delete the disk.

RECLAIM_POLICY_UNSPECIFIED: RECLAIM_POLICY_UNSPECIFIEDDo not use.
DELETE: DELETEDelete the persistent disk when deleting the workstation.
RETAIN: RETAINKeep the persistent disk when deleting the workstation. An administrator must manually delete the disk.

"RECLAIM_POLICY_UNSPECIFIED": RECLAIM_POLICY_UNSPECIFIEDDo not use.
"DELETE": DELETEDelete the persistent disk when deleting the workstation.
"RETAIN": RETAINKeep the persistent disk when deleting the workstation. An administrator must manually delete the disk.

GceRegionalPersistentDiskResponse, GceRegionalPersistentDiskResponseArgs

DiskType string: Optional. The type of the persistent disk for the home directory. Defaults to "pd-standard".
FsType string: Optional. Type of file system that the disk should be formatted with. The workstation image must support this file system type. Must be empty if source_snapshot is set. Defaults to "ext4".
ReclaimPolicy string: Optional. Whether the persistent disk should be deleted when the workstation is deleted. Valid values are DELETE and RETAIN. Defaults to DELETE.
SizeGb int: Optional. The GB capacity of a persistent home directory for each workstation created with this configuration. Must be empty if source_snapshot is set. Valid values are 10, 50, 100, 200, 500, or 1000. Defaults to 200. If less than 200 GB, the disk_type must be "pd-balanced" or "pd-ssd".
SourceSnapshot string: Optional. Name of the snapshot to use as the source for the disk. If set, size_gb and fs_type must be empty.

DiskType string: Optional. The type of the persistent disk for the home directory. Defaults to "pd-standard".
FsType string: Optional. Type of file system that the disk should be formatted with. The workstation image must support this file system type. Must be empty if source_snapshot is set. Defaults to "ext4".
ReclaimPolicy string: Optional. Whether the persistent disk should be deleted when the workstation is deleted. Valid values are DELETE and RETAIN. Defaults to DELETE.
SizeGb int: Optional. The GB capacity of a persistent home directory for each workstation created with this configuration. Must be empty if source_snapshot is set. Valid values are 10, 50, 100, 200, 500, or 1000. Defaults to 200. If less than 200 GB, the disk_type must be "pd-balanced" or "pd-ssd".
SourceSnapshot string: Optional. Name of the snapshot to use as the source for the disk. If set, size_gb and fs_type must be empty.

diskType String: Optional. The type of the persistent disk for the home directory. Defaults to "pd-standard".
fsType String: Optional. Type of file system that the disk should be formatted with. The workstation image must support this file system type. Must be empty if source_snapshot is set. Defaults to "ext4".
reclaimPolicy String: Optional. Whether the persistent disk should be deleted when the workstation is deleted. Valid values are DELETE and RETAIN. Defaults to DELETE.
sizeGb Integer: Optional. The GB capacity of a persistent home directory for each workstation created with this configuration. Must be empty if source_snapshot is set. Valid values are 10, 50, 100, 200, 500, or 1000. Defaults to 200. If less than 200 GB, the disk_type must be "pd-balanced" or "pd-ssd".
sourceSnapshot String: Optional. Name of the snapshot to use as the source for the disk. If set, size_gb and fs_type must be empty.

diskType string: Optional. The type of the persistent disk for the home directory. Defaults to "pd-standard".
fsType string: Optional. Type of file system that the disk should be formatted with. The workstation image must support this file system type. Must be empty if source_snapshot is set. Defaults to "ext4".
reclaimPolicy string: Optional. Whether the persistent disk should be deleted when the workstation is deleted. Valid values are DELETE and RETAIN. Defaults to DELETE.
sizeGb number: Optional. The GB capacity of a persistent home directory for each workstation created with this configuration. Must be empty if source_snapshot is set. Valid values are 10, 50, 100, 200, 500, or 1000. Defaults to 200. If less than 200 GB, the disk_type must be "pd-balanced" or "pd-ssd".
sourceSnapshot string: Optional. Name of the snapshot to use as the source for the disk. If set, size_gb and fs_type must be empty.

disk_type str: Optional. The type of the persistent disk for the home directory. Defaults to "pd-standard".
fs_type str: Optional. Type of file system that the disk should be formatted with. The workstation image must support this file system type. Must be empty if source_snapshot is set. Defaults to "ext4".
reclaim_policy str: Optional. Whether the persistent disk should be deleted when the workstation is deleted. Valid values are DELETE and RETAIN. Defaults to DELETE.
size_gb int: Optional. The GB capacity of a persistent home directory for each workstation created with this configuration. Must be empty if source_snapshot is set. Valid values are 10, 50, 100, 200, 500, or 1000. Defaults to 200. If less than 200 GB, the disk_type must be "pd-balanced" or "pd-ssd".
source_snapshot str: Optional. Name of the snapshot to use as the source for the disk. If set, size_gb and fs_type must be empty.

diskType String: Optional. The type of the persistent disk for the home directory. Defaults to "pd-standard".
fsType String: Optional. Type of file system that the disk should be formatted with. The workstation image must support this file system type. Must be empty if source_snapshot is set. Defaults to "ext4".
reclaimPolicy String: Optional. Whether the persistent disk should be deleted when the workstation is deleted. Valid values are DELETE and RETAIN. Defaults to DELETE.
sizeGb Number: Optional. The GB capacity of a persistent home directory for each workstation created with this configuration. Must be empty if source_snapshot is set. Valid values are 10, 50, 100, 200, 500, or 1000. Defaults to 200. If less than 200 GB, the disk_type must be "pd-balanced" or "pd-ssd".
sourceSnapshot String: Optional. Name of the snapshot to use as the source for the disk. If set, size_gb and fs_type must be empty.

GceShieldedInstanceConfig, GceShieldedInstanceConfigArgs

EnableIntegrityMonitoring bool: Optional. Whether the instance has integrity monitoring enabled.
EnableSecureBoot bool: Optional. Whether the instance has Secure Boot enabled.
EnableVtpm bool: Optional. Whether the instance has the vTPM enabled.

EnableIntegrityMonitoring bool: Optional. Whether the instance has integrity monitoring enabled.
EnableSecureBoot bool: Optional. Whether the instance has Secure Boot enabled.
EnableVtpm bool: Optional. Whether the instance has the vTPM enabled.

enableIntegrityMonitoring Boolean: Optional. Whether the instance has integrity monitoring enabled.
enableSecureBoot Boolean: Optional. Whether the instance has Secure Boot enabled.
enableVtpm Boolean: Optional. Whether the instance has the vTPM enabled.

enableIntegrityMonitoring boolean: Optional. Whether the instance has integrity monitoring enabled.
enableSecureBoot boolean: Optional. Whether the instance has Secure Boot enabled.
enableVtpm boolean: Optional. Whether the instance has the vTPM enabled.

enable_integrity_monitoring bool: Optional. Whether the instance has integrity monitoring enabled.
enable_secure_boot bool: Optional. Whether the instance has Secure Boot enabled.
enable_vtpm bool: Optional. Whether the instance has the vTPM enabled.

enableIntegrityMonitoring Boolean: Optional. Whether the instance has integrity monitoring enabled.
enableSecureBoot Boolean: Optional. Whether the instance has Secure Boot enabled.
enableVtpm Boolean: Optional. Whether the instance has the vTPM enabled.

GceShieldedInstanceConfigResponse, GceShieldedInstanceConfigResponseArgs

EnableIntegrityMonitoring bool: Optional. Whether the instance has integrity monitoring enabled.
EnableSecureBoot bool: Optional. Whether the instance has Secure Boot enabled.
EnableVtpm bool: Optional. Whether the instance has the vTPM enabled.

EnableIntegrityMonitoring bool: Optional. Whether the instance has integrity monitoring enabled.
EnableSecureBoot bool: Optional. Whether the instance has Secure Boot enabled.
EnableVtpm bool: Optional. Whether the instance has the vTPM enabled.

enableIntegrityMonitoring Boolean: Optional. Whether the instance has integrity monitoring enabled.
enableSecureBoot Boolean: Optional. Whether the instance has Secure Boot enabled.
enableVtpm Boolean: Optional. Whether the instance has the vTPM enabled.

enableIntegrityMonitoring boolean: Optional. Whether the instance has integrity monitoring enabled.
enableSecureBoot boolean: Optional. Whether the instance has Secure Boot enabled.
enableVtpm boolean: Optional. Whether the instance has the vTPM enabled.

enable_integrity_monitoring bool: Optional. Whether the instance has integrity monitoring enabled.
enable_secure_boot bool: Optional. Whether the instance has Secure Boot enabled.
enable_vtpm bool: Optional. Whether the instance has the vTPM enabled.

enableIntegrityMonitoring Boolean: Optional. Whether the instance has integrity monitoring enabled.
enableSecureBoot Boolean: Optional. Whether the instance has Secure Boot enabled.
enableVtpm Boolean: Optional. Whether the instance has the vTPM enabled.

Host, HostArgs

GceInstance Pulumi.GoogleNative.Workstations.V1Beta.Inputs.GceInstance: Specifies a Compute Engine instance as the host.

GceInstance GceInstance: Specifies a Compute Engine instance as the host.

gceInstance GceInstance: Specifies a Compute Engine instance as the host.

gceInstance GceInstance: Specifies a Compute Engine instance as the host.

gce_instance GceInstance: Specifies a Compute Engine instance as the host.

gceInstance Property Map: Specifies a Compute Engine instance as the host.

HostResponse, HostResponseArgs

GceInstance Pulumi.GoogleNative.Workstations.V1Beta.Inputs.GceInstanceResponse: Specifies a Compute Engine instance as the host.

GceInstance GceInstanceResponse: Specifies a Compute Engine instance as the host.

gceInstance GceInstanceResponse: Specifies a Compute Engine instance as the host.

gceInstance GceInstanceResponse: Specifies a Compute Engine instance as the host.

gce_instance GceInstanceResponse: Specifies a Compute Engine instance as the host.

gceInstance Property Map: Specifies a Compute Engine instance as the host.

PersistentDirectory, PersistentDirectoryArgs

GcePd Pulumi.GoogleNative.Workstations.V1Beta.Inputs.GceRegionalPersistentDisk: A PersistentDirectory backed by a Compute Engine persistent disk.
MountPath string: Optional. Location of this directory in the running workstation.

GcePd GceRegionalPersistentDisk: A PersistentDirectory backed by a Compute Engine persistent disk.
MountPath string: Optional. Location of this directory in the running workstation.

gcePd GceRegionalPersistentDisk: A PersistentDirectory backed by a Compute Engine persistent disk.
mountPath String: Optional. Location of this directory in the running workstation.

gcePd GceRegionalPersistentDisk: A PersistentDirectory backed by a Compute Engine persistent disk.
mountPath string: Optional. Location of this directory in the running workstation.

gce_pd GceRegionalPersistentDisk: A PersistentDirectory backed by a Compute Engine persistent disk.
mount_path str: Optional. Location of this directory in the running workstation.

gcePd Property Map: A PersistentDirectory backed by a Compute Engine persistent disk.
mountPath String: Optional. Location of this directory in the running workstation.

PersistentDirectoryResponse, PersistentDirectoryResponseArgs

GcePd Pulumi.GoogleNative.Workstations.V1Beta.Inputs.GceRegionalPersistentDiskResponse: A PersistentDirectory backed by a Compute Engine persistent disk.
MountPath string: Optional. Location of this directory in the running workstation.

GcePd GceRegionalPersistentDiskResponse: A PersistentDirectory backed by a Compute Engine persistent disk.
MountPath string: Optional. Location of this directory in the running workstation.

gcePd GceRegionalPersistentDiskResponse: A PersistentDirectory backed by a Compute Engine persistent disk.
mountPath String: Optional. Location of this directory in the running workstation.

gcePd GceRegionalPersistentDiskResponse: A PersistentDirectory backed by a Compute Engine persistent disk.
mountPath string: Optional. Location of this directory in the running workstation.

gce_pd GceRegionalPersistentDiskResponse: A PersistentDirectory backed by a Compute Engine persistent disk.
mount_path str: Optional. Location of this directory in the running workstation.

gcePd Property Map: A PersistentDirectory backed by a Compute Engine persistent disk.
mountPath String: Optional. Location of this directory in the running workstation.

ReadinessCheck, ReadinessCheckArgs

Path string: Optional. Path to which the request should be sent.
Port int: Optional. Port to which the request should be sent.

Path string: Optional. Path to which the request should be sent.
Port int: Optional. Port to which the request should be sent.

path String: Optional. Path to which the request should be sent.
port Integer: Optional. Port to which the request should be sent.

path string: Optional. Path to which the request should be sent.
port number: Optional. Port to which the request should be sent.

path str: Optional. Path to which the request should be sent.
port int: Optional. Port to which the request should be sent.

path String: Optional. Path to which the request should be sent.
port Number: Optional. Port to which the request should be sent.

ReadinessCheckResponse, ReadinessCheckResponseArgs

Path string: Optional. Path to which the request should be sent.
Port int: Optional. Port to which the request should be sent.

Path string: Optional. Path to which the request should be sent.
Port int: Optional. Port to which the request should be sent.

path String: Optional. Path to which the request should be sent.
port Integer: Optional. Port to which the request should be sent.

path string: Optional. Path to which the request should be sent.
port number: Optional. Port to which the request should be sent.

path str: Optional. Path to which the request should be sent.
port int: Optional. Port to which the request should be sent.

path String: Optional. Path to which the request should be sent.
port Number: Optional. Port to which the request should be sent.

StatusResponse, StatusResponseArgs

Code int: The status code, which should be an enum value of google.rpc.Code.
Details List<ImmutableDictionary<string, string>>: A list of messages that carry the error details. There is a common set of message types for APIs to use.
Message string: A developer-facing error message, which should be in English. Any user-facing error message should be localized and sent in the google.rpc.Status.details field, or localized by the client.

Code int: The status code, which should be an enum value of google.rpc.Code.
Details []map[string]string: A list of messages that carry the error details. There is a common set of message types for APIs to use.
Message string: A developer-facing error message, which should be in English. Any user-facing error message should be localized and sent in the google.rpc.Status.details field, or localized by the client.

code Integer: The status code, which should be an enum value of google.rpc.Code.
details List<Map<String,String>>: A list of messages that carry the error details. There is a common set of message types for APIs to use.
message String: A developer-facing error message, which should be in English. Any user-facing error message should be localized and sent in the google.rpc.Status.details field, or localized by the client.

code number: The status code, which should be an enum value of google.rpc.Code.
details {[key: string]: string}[]: A list of messages that carry the error details. There is a common set of message types for APIs to use.
message string: A developer-facing error message, which should be in English. Any user-facing error message should be localized and sent in the google.rpc.Status.details field, or localized by the client.

code int: The status code, which should be an enum value of google.rpc.Code.
details Sequence[Mapping[str, str]]: A list of messages that carry the error details. There is a common set of message types for APIs to use.
message str: A developer-facing error message, which should be in English. Any user-facing error message should be localized and sent in the google.rpc.Status.details field, or localized by the client.

code Number: The status code, which should be an enum value of google.rpc.Code.
details List<Map<String>>: A list of messages that carry the error details. There is a common set of message types for APIs to use.
message String: A developer-facing error message, which should be in English. Any user-facing error message should be localized and sent in the google.rpc.Status.details field, or localized by the client.

Package Details

Repository: Google Cloud Native pulumi/pulumi-google-native
License: Apache-2.0

Google Cloud Native is in preview. Google Cloud Classic is fully supported.

Google Cloud Native v0.32.0 published on Wednesday, Nov 29, 2023 by Pulumi

pulumi/pulumi-google-native

google-native.workstations/v1beta.WorkstationConfig

On this page

On this page

Create WorkstationConfig Resource

Constructor syntax

Parameters

Constructor example

WorkstationConfig Resource Properties

Inputs

Outputs

Supporting Types

Accelerator, AcceleratorArgs

AcceleratorResponse, AcceleratorResponseArgs

Container, ContainerArgs

ContainerResponse, ContainerResponseArgs

CustomerEncryptionKey, CustomerEncryptionKeyArgs

CustomerEncryptionKeyResponse, CustomerEncryptionKeyResponseArgs

EphemeralDirectory, EphemeralDirectoryArgs

EphemeralDirectoryResponse, EphemeralDirectoryResponseArgs

GceConfidentialInstanceConfig, GceConfidentialInstanceConfigArgs

GceConfidentialInstanceConfigResponse, GceConfidentialInstanceConfigResponseArgs

GceInstance, GceInstanceArgs

GceInstanceResponse, GceInstanceResponseArgs

GcePersistentDisk, GcePersistentDiskArgs

GcePersistentDiskResponse, GcePersistentDiskResponseArgs

GceRegionalPersistentDisk, GceRegionalPersistentDiskArgs

GceRegionalPersistentDiskReclaimPolicy, GceRegionalPersistentDiskReclaimPolicyArgs

GceRegionalPersistentDiskResponse, GceRegionalPersistentDiskResponseArgs

GceShieldedInstanceConfig, GceShieldedInstanceConfigArgs

GceShieldedInstanceConfigResponse, GceShieldedInstanceConfigResponseArgs

Host, HostArgs

HostResponse, HostResponseArgs

PersistentDirectory, PersistentDirectoryArgs

PersistentDirectoryResponse, PersistentDirectoryResponseArgs

ReadinessCheck, ReadinessCheckArgs

ReadinessCheckResponse, ReadinessCheckResponseArgs

StatusResponse, StatusResponseArgs

Package Details

On this page

On this page