Class: Google::Cloud::AssuredWorkloads::V1beta1::Workload

Inherits:

Object

Object
Google::Cloud::AssuredWorkloads::V1beta1::Workload

show all

Extended by:: Protobuf::MessageExts::ClassMethods

Includes:: Protobuf::MessageExts

Defined in:: proto_docs/google/cloud/assuredworkloads/v1beta1/assuredworkloads.rb

Overview

An Workload object for managing highly regulated workloads of cloud customers.

Defined Under Namespace

Modules: ComplianceRegime, KajEnrollmentState Classes: CJISSettings, FedrampHighSettings, FedrampModerateSettings, IL4Settings, KMSSettings, LabelsEntry, ResourceInfo, ResourceSettings, SaaEnrollmentResponse

Instance Attribute Summary collapse

#billing_account ⇒ ::String readonly
Output only.
#cjis_settings ⇒ ::Google::Cloud::AssuredWorkloads::V1beta1::Workload::CJISSettings deprecated Deprecated.
This field is deprecated and may be removed in the next major version update.
#compliance_regime ⇒ ::Google::Cloud::AssuredWorkloads::V1beta1::Workload::ComplianceRegime
Required.
#compliant_but_disallowed_services ⇒ ::Array<::String> readonly
Output only.
#create_time ⇒ ::Google::Protobuf::Timestamp readonly
Output only.
#display_name ⇒ ::String
Required.
#enable_sovereign_controls ⇒ ::Boolean
Optional.
#etag ⇒ ::String
Optional.
#fedramp_high_settings ⇒ ::Google::Cloud::AssuredWorkloads::V1beta1::Workload::FedrampHighSettings deprecated Deprecated.
This field is deprecated and may be removed in the next major version update.
#fedramp_moderate_settings ⇒ ::Google::Cloud::AssuredWorkloads::V1beta1::Workload::FedrampModerateSettings deprecated Deprecated.
This field is deprecated and may be removed in the next major version update.
#il4_settings ⇒ ::Google::Cloud::AssuredWorkloads::V1beta1::Workload::IL4Settings deprecated Deprecated.
This field is deprecated and may be removed in the next major version update.
#kaj_enrollment_state ⇒ ::Google::Cloud::AssuredWorkloads::V1beta1::Workload::KajEnrollmentState readonly
Output only.
#kms_settings ⇒ ::Google::Cloud::AssuredWorkloads::V1beta1::Workload::KMSSettings deprecated Deprecated.
This field is deprecated and may be removed in the next major version update.
#labels ⇒ ::Google::Protobuf::Map{::String => ::String}
Optional.
#name ⇒ ::String
Optional.
#provisioned_resources_parent ⇒ ::String
Input only.
#resource_settings ⇒ ::Array<::Google::Cloud::AssuredWorkloads::V1beta1::Workload::ResourceSettings>
Input only.
#resources ⇒ ::Array<::Google::Cloud::AssuredWorkloads::V1beta1::Workload::ResourceInfo> readonly
Output only.
#saa_enrollment_response ⇒ ::Google::Cloud::AssuredWorkloads::V1beta1::Workload::SaaEnrollmentResponse readonly
Output only.

Instance Attribute Details

#billing_account ⇒ `::String` (readonly)

Returns Output only. The billing account used for the resources which are direct children of workload. This billing account is initially associated with the resources created as part of Workload creation. After the initial creation of these resources, the customer can change the assigned billing account. The resource name has the form billingAccounts/{billing_account_id}. For example, billingAccounts/012345-567890-ABCDEF.

Returns:

(::String) —
Output only. The billing account used for the resources which are direct children of workload. This billing account is initially associated with the resources created as part of Workload creation. After the initial creation of these resources, the customer can change the assigned billing account. The resource name has the form billingAccounts/{billing_account_id}. For example, billingAccounts/012345-567890-ABCDEF.

# File 'proto_docs/google/cloud/assuredworkloads/v1beta1/assuredworkloads.rb', line 299

class Workload
  include ::Google::Protobuf::MessageExts
  extend ::Google::Protobuf::MessageExts::ClassMethods

  # Represent the resources that are children of this Workload.
  # @!attribute [rw] resource_id
  #   @return [::Integer]
  #     Resource identifier.
  #     For a project this represents project_number.
  # @!attribute [rw] resource_type
  #   @return [::Google::Cloud::AssuredWorkloads::V1beta1::Workload::ResourceInfo::ResourceType]
  #     Indicates the type of resource.
  class ResourceInfo
    include ::Google::Protobuf::MessageExts
    extend ::Google::Protobuf::MessageExts::ClassMethods

    # The type of resource.
    module ResourceType
      # Unknown resource type.
      RESOURCE_TYPE_UNSPECIFIED = 0

      # Deprecated. Existing workloads will continue to support this, but new
      # CreateWorkloadRequests should not specify this as an input value.
      CONSUMER_PROJECT = 1

      # Consumer Folder.
      CONSUMER_FOLDER = 4

      # Consumer project containing encryption keys.
      ENCRYPTION_KEYS_PROJECT = 2

      # Keyring resource that hosts encryption keys.
      KEYRING = 3
    end
  end

  # Settings specific to the Key Management Service.
  # @deprecated This message is deprecated and may be removed in the next major version update.
  # @!attribute [rw] next_rotation_time
  #   @return [::Google::Protobuf::Timestamp]
  #     Required. Input only. Immutable. The time at which the Key Management Service will automatically create a
  #     new version of the crypto key and mark it as the primary.
  # @!attribute [rw] rotation_period
  #   @return [::Google::Protobuf::Duration]
  #     Required. Input only. Immutable. [next_rotation_time] will be advanced by this period when the Key
  #     Management Service automatically rotates a key. Must be at least 24 hours
  #     and at most 876,000 hours.
  class KMSSettings
    include ::Google::Protobuf::MessageExts
    extend ::Google::Protobuf::MessageExts::ClassMethods
  end

  # Settings specific to resources needed for IL4.
  # @deprecated This message is deprecated and may be removed in the next major version update.
  # @!attribute [rw] kms_settings
  #   @return [::Google::Cloud::AssuredWorkloads::V1beta1::Workload::KMSSettings]
  #     Input only. Immutable. Settings used to create a CMEK crypto key.
  class IL4Settings
    include ::Google::Protobuf::MessageExts
    extend ::Google::Protobuf::MessageExts::ClassMethods
  end

  # Settings specific to resources needed for CJIS.
  # @deprecated This message is deprecated and may be removed in the next major version update.
  # @!attribute [rw] kms_settings
  #   @return [::Google::Cloud::AssuredWorkloads::V1beta1::Workload::KMSSettings]
  #     Input only. Immutable. Settings used to create a CMEK crypto key.
  class CJISSettings
    include ::Google::Protobuf::MessageExts
    extend ::Google::Protobuf::MessageExts::ClassMethods
  end

  # Settings specific to resources needed for FedRAMP High.
  # @deprecated This message is deprecated and may be removed in the next major version update.
  # @!attribute [rw] kms_settings
  #   @return [::Google::Cloud::AssuredWorkloads::V1beta1::Workload::KMSSettings]
  #     Input only. Immutable. Settings used to create a CMEK crypto key.
  class FedrampHighSettings
    include ::Google::Protobuf::MessageExts
    extend ::Google::Protobuf::MessageExts::ClassMethods
  end

  # Settings specific to resources needed for FedRAMP Moderate.
  # @deprecated This message is deprecated and may be removed in the next major version update.
  # @!attribute [rw] kms_settings
  #   @return [::Google::Cloud::AssuredWorkloads::V1beta1::Workload::KMSSettings]
  #     Input only. Immutable. Settings used to create a CMEK crypto key.
  class FedrampModerateSettings
    include ::Google::Protobuf::MessageExts
    extend ::Google::Protobuf::MessageExts::ClassMethods
  end

  # Represent the custom settings for the resources to be created.
  # @!attribute [rw] resource_id
  #   @return [::String]
  #     Resource identifier.
  #     For a project this represents project_id. If the project is already
  #     taken, the workload creation will fail.
  #     For KeyRing, this represents the keyring_id.
  #     For a folder, don't set this value as folder_id is assigned by Google.
  # @!attribute [rw] resource_type
  #   @return [::Google::Cloud::AssuredWorkloads::V1beta1::Workload::ResourceInfo::ResourceType]
  #     Indicates the type of resource. This field should be specified to
  #     correspond the id to the right project type (CONSUMER_PROJECT or
  #     ENCRYPTION_KEYS_PROJECT)
  # @!attribute [rw] display_name
  #   @return [::String]
  #     User-assigned resource display name.
  #     If not empty it will be used to create a resource with the specified
  #     name.
  class ResourceSettings
    include ::Google::Protobuf::MessageExts
    extend ::Google::Protobuf::MessageExts::ClassMethods
  end

  # Signed Access Approvals (SAA) enrollment response.
  # @!attribute [rw] setup_status
  #   @return [::Google::Cloud::AssuredWorkloads::V1beta1::Workload::SaaEnrollmentResponse::SetupState]
  #     Indicates SAA enrollment status of a given workload.
  # @!attribute [rw] setup_errors
  #   @return [::Array<::Google::Cloud::AssuredWorkloads::V1beta1::Workload::SaaEnrollmentResponse::SetupError>]
  #     Indicates SAA enrollment setup error if any.
  class SaaEnrollmentResponse
    include ::Google::Protobuf::MessageExts
    extend ::Google::Protobuf::MessageExts::ClassMethods

    # Setup state of SAA enrollment.
    module SetupState
      # Unspecified.
      SETUP_STATE_UNSPECIFIED = 0

      # SAA enrollment pending.
      STATUS_PENDING = 1

      # SAA enrollment comopleted.
      STATUS_COMPLETE = 2
    end

    # Setup error of SAA enrollment.
    module SetupError
      # Unspecified.
      SETUP_ERROR_UNSPECIFIED = 0

      # Invalid states for all customers, to be redirected to AA UI for
      # additional details.
      ERROR_INVALID_BASE_SETUP = 1

      # Returned when there is not an EKM key configured.
      ERROR_MISSING_EXTERNAL_SIGNING_KEY = 2

      # Returned when there are no enrolled services or the customer is
      # enrolled in CAA only for a subset of services.
      ERROR_NOT_ALL_SERVICES_ENROLLED = 3

      # Returned when exception was encountered during evaluation of other
      # criteria.
      ERROR_SETUP_CHECK_FAILED = 4
    end
  end

  # @!attribute [rw] key
  #   @return [::String]
  # @!attribute [rw] value
  #   @return [::String]
  class LabelsEntry
    include ::Google::Protobuf::MessageExts
    extend ::Google::Protobuf::MessageExts::ClassMethods
  end

  # Supported Compliance Regimes.
  module ComplianceRegime
    # Unknown compliance regime.
    COMPLIANCE_REGIME_UNSPECIFIED = 0

    # Information protection as per DoD IL4 requirements.
    IL4 = 1

    # Criminal Justice Information Services (CJIS) Security policies.
    CJIS = 2

    # FedRAMP High data protection controls
    FEDRAMP_HIGH = 3

    # FedRAMP Moderate data protection controls
    FEDRAMP_MODERATE = 4

    # Assured Workloads For US Regions data protection controls
    US_REGIONAL_ACCESS = 5

    # Health Insurance Portability and Accountability Act controls
    HIPAA = 6

    # Health Information Trust Alliance controls
    HITRUST = 7

    # Assured Workloads For EU Regions and Support controls
    EU_REGIONS_AND_SUPPORT = 8

    # Assured Workloads For Canada Regions and Support controls
    CA_REGIONS_AND_SUPPORT = 9

    # International Traffic in Arms Regulations
    ITAR = 10

    # Assured Workloads for Australia Regions and Support controls
    AU_REGIONS_AND_US_SUPPORT = 11
  end

  # Key Access Justifications(KAJ) Enrollment State.
  module KajEnrollmentState
    # Default State for KAJ Enrollment.
    KAJ_ENROLLMENT_STATE_UNSPECIFIED = 0

    # Pending State for KAJ Enrollment.
    KAJ_ENROLLMENT_STATE_PENDING = 1

    # Complete State for KAJ Enrollment.
    KAJ_ENROLLMENT_STATE_COMPLETE = 2
  end
end

#cjis_settings ⇒ `::Google::Cloud::AssuredWorkloads::V1beta1::Workload::CJISSettings`

Deprecated.

This field is deprecated and may be removed in the next major version update.

Returns Input only. Immutable. Settings specific to resources needed for CJIS.

Returns:

(::Google::Cloud::AssuredWorkloads::V1beta1::Workload::CJISSettings) —
Input only. Immutable. Settings specific to resources needed for CJIS.

# File 'proto_docs/google/cloud/assuredworkloads/v1beta1/assuredworkloads.rb', line 299

class Workload
  include ::Google::Protobuf::MessageExts
  extend ::Google::Protobuf::MessageExts::ClassMethods

  # Represent the resources that are children of this Workload.
  # @!attribute [rw] resource_id
  #   @return [::Integer]
  #     Resource identifier.
  #     For a project this represents project_number.
  # @!attribute [rw] resource_type
  #   @return [::Google::Cloud::AssuredWorkloads::V1beta1::Workload::ResourceInfo::ResourceType]
  #     Indicates the type of resource.
  class ResourceInfo
    include ::Google::Protobuf::MessageExts
    extend ::Google::Protobuf::MessageExts::ClassMethods

    # The type of resource.
    module ResourceType
      # Unknown resource type.
      RESOURCE_TYPE_UNSPECIFIED = 0

      # Deprecated. Existing workloads will continue to support this, but new
      # CreateWorkloadRequests should not specify this as an input value.
      CONSUMER_PROJECT = 1

      # Consumer Folder.
      CONSUMER_FOLDER = 4

      # Consumer project containing encryption keys.
      ENCRYPTION_KEYS_PROJECT = 2

      # Keyring resource that hosts encryption keys.
      KEYRING = 3
    end
  end

  # Settings specific to the Key Management Service.
  # @deprecated This message is deprecated and may be removed in the next major version update.
  # @!attribute [rw] next_rotation_time
  #   @return [::Google::Protobuf::Timestamp]
  #     Required. Input only. Immutable. The time at which the Key Management Service will automatically create a
  #     new version of the crypto key and mark it as the primary.
  # @!attribute [rw] rotation_period
  #   @return [::Google::Protobuf::Duration]
  #     Required. Input only. Immutable. [next_rotation_time] will be advanced by this period when the Key
  #     Management Service automatically rotates a key. Must be at least 24 hours
  #     and at most 876,000 hours.
  class KMSSettings
    include ::Google::Protobuf::MessageExts
    extend ::Google::Protobuf::MessageExts::ClassMethods
  end

  # Settings specific to resources needed for IL4.
  # @deprecated This message is deprecated and may be removed in the next major version update.
  # @!attribute [rw] kms_settings
  #   @return [::Google::Cloud::AssuredWorkloads::V1beta1::Workload::KMSSettings]
  #     Input only. Immutable. Settings used to create a CMEK crypto key.
  class IL4Settings
    include ::Google::Protobuf::MessageExts
    extend ::Google::Protobuf::MessageExts::ClassMethods
  end

  # Settings specific to resources needed for CJIS.
  # @deprecated This message is deprecated and may be removed in the next major version update.
  # @!attribute [rw] kms_settings
  #   @return [::Google::Cloud::AssuredWorkloads::V1beta1::Workload::KMSSettings]
  #     Input only. Immutable. Settings used to create a CMEK crypto key.
  class CJISSettings
    include ::Google::Protobuf::MessageExts
    extend ::Google::Protobuf::MessageExts::ClassMethods
  end

  # Settings specific to resources needed for FedRAMP High.
  # @deprecated This message is deprecated and may be removed in the next major version update.
  # @!attribute [rw] kms_settings
  #   @return [::Google::Cloud::AssuredWorkloads::V1beta1::Workload::KMSSettings]
  #     Input only. Immutable. Settings used to create a CMEK crypto key.
  class FedrampHighSettings
    include ::Google::Protobuf::MessageExts
    extend ::Google::Protobuf::MessageExts::ClassMethods
  end

  # Settings specific to resources needed for FedRAMP Moderate.
  # @deprecated This message is deprecated and may be removed in the next major version update.
  # @!attribute [rw] kms_settings
  #   @return [::Google::Cloud::AssuredWorkloads::V1beta1::Workload::KMSSettings]
  #     Input only. Immutable. Settings used to create a CMEK crypto key.
  class FedrampModerateSettings
    include ::Google::Protobuf::MessageExts
    extend ::Google::Protobuf::MessageExts::ClassMethods
  end

  # Represent the custom settings for the resources to be created.
  # @!attribute [rw] resource_id
  #   @return [::String]
  #     Resource identifier.
  #     For a project this represents project_id. If the project is already
  #     taken, the workload creation will fail.
  #     For KeyRing, this represents the keyring_id.
  #     For a folder, don't set this value as folder_id is assigned by Google.
  # @!attribute [rw] resource_type
  #   @return [::Google::Cloud::AssuredWorkloads::V1beta1::Workload::ResourceInfo::ResourceType]
  #     Indicates the type of resource. This field should be specified to
  #     correspond the id to the right project type (CONSUMER_PROJECT or
  #     ENCRYPTION_KEYS_PROJECT)
  # @!attribute [rw] display_name
  #   @return [::String]
  #     User-assigned resource display name.
  #     If not empty it will be used to create a resource with the specified
  #     name.
  class ResourceSettings
    include ::Google::Protobuf::MessageExts
    extend ::Google::Protobuf::MessageExts::ClassMethods
  end

  # Signed Access Approvals (SAA) enrollment response.
  # @!attribute [rw] setup_status
  #   @return [::Google::Cloud::AssuredWorkloads::V1beta1::Workload::SaaEnrollmentResponse::SetupState]
  #     Indicates SAA enrollment status of a given workload.
  # @!attribute [rw] setup_errors
  #   @return [::Array<::Google::Cloud::AssuredWorkloads::V1beta1::Workload::SaaEnrollmentResponse::SetupError>]
  #     Indicates SAA enrollment setup error if any.
  class SaaEnrollmentResponse
    include ::Google::Protobuf::MessageExts
    extend ::Google::Protobuf::MessageExts::ClassMethods

    # Setup state of SAA enrollment.
    module SetupState
      # Unspecified.
      SETUP_STATE_UNSPECIFIED = 0

      # SAA enrollment pending.
      STATUS_PENDING = 1

      # SAA enrollment comopleted.
      STATUS_COMPLETE = 2
    end

    # Setup error of SAA enrollment.
    module SetupError
      # Unspecified.
      SETUP_ERROR_UNSPECIFIED = 0

      # Invalid states for all customers, to be redirected to AA UI for
      # additional details.
      ERROR_INVALID_BASE_SETUP = 1

      # Returned when there is not an EKM key configured.
      ERROR_MISSING_EXTERNAL_SIGNING_KEY = 2

      # Returned when there are no enrolled services or the customer is
      # enrolled in CAA only for a subset of services.
      ERROR_NOT_ALL_SERVICES_ENROLLED = 3

      # Returned when exception was encountered during evaluation of other
      # criteria.
      ERROR_SETUP_CHECK_FAILED = 4
    end
  end

  # @!attribute [rw] key
  #   @return [::String]
  # @!attribute [rw] value
  #   @return [::String]
  class LabelsEntry
    include ::Google::Protobuf::MessageExts
    extend ::Google::Protobuf::MessageExts::ClassMethods
  end

  # Supported Compliance Regimes.
  module ComplianceRegime
    # Unknown compliance regime.
    COMPLIANCE_REGIME_UNSPECIFIED = 0

    # Information protection as per DoD IL4 requirements.
    IL4 = 1

    # Criminal Justice Information Services (CJIS) Security policies.
    CJIS = 2

    # FedRAMP High data protection controls
    FEDRAMP_HIGH = 3

    # FedRAMP Moderate data protection controls
    FEDRAMP_MODERATE = 4

    # Assured Workloads For US Regions data protection controls
    US_REGIONAL_ACCESS = 5

    # Health Insurance Portability and Accountability Act controls
    HIPAA = 6

    # Health Information Trust Alliance controls
    HITRUST = 7

    # Assured Workloads For EU Regions and Support controls
    EU_REGIONS_AND_SUPPORT = 8

    # Assured Workloads For Canada Regions and Support controls
    CA_REGIONS_AND_SUPPORT = 9

    # International Traffic in Arms Regulations
    ITAR = 10

    # Assured Workloads for Australia Regions and Support controls
    AU_REGIONS_AND_US_SUPPORT = 11
  end

  # Key Access Justifications(KAJ) Enrollment State.
  module KajEnrollmentState
    # Default State for KAJ Enrollment.
    KAJ_ENROLLMENT_STATE_UNSPECIFIED = 0

    # Pending State for KAJ Enrollment.
    KAJ_ENROLLMENT_STATE_PENDING = 1

    # Complete State for KAJ Enrollment.
    KAJ_ENROLLMENT_STATE_COMPLETE = 2
  end
end

#compliance_regime ⇒ `::Google::Cloud::AssuredWorkloads::V1beta1::Workload::ComplianceRegime`

Returns Required. Immutable. Compliance Regime associated with this workload.

Returns:

(::Google::Cloud::AssuredWorkloads::V1beta1::Workload::ComplianceRegime) —
Required. Immutable. Compliance Regime associated with this workload.

# File 'proto_docs/google/cloud/assuredworkloads/v1beta1/assuredworkloads.rb', line 299

class Workload
  include ::Google::Protobuf::MessageExts
  extend ::Google::Protobuf::MessageExts::ClassMethods

  # Represent the resources that are children of this Workload.
  # @!attribute [rw] resource_id
  #   @return [::Integer]
  #     Resource identifier.
  #     For a project this represents project_number.
  # @!attribute [rw] resource_type
  #   @return [::Google::Cloud::AssuredWorkloads::V1beta1::Workload::ResourceInfo::ResourceType]
  #     Indicates the type of resource.
  class ResourceInfo
    include ::Google::Protobuf::MessageExts
    extend ::Google::Protobuf::MessageExts::ClassMethods

    # The type of resource.
    module ResourceType
      # Unknown resource type.
      RESOURCE_TYPE_UNSPECIFIED = 0

      # Deprecated. Existing workloads will continue to support this, but new
      # CreateWorkloadRequests should not specify this as an input value.
      CONSUMER_PROJECT = 1

      # Consumer Folder.
      CONSUMER_FOLDER = 4

      # Consumer project containing encryption keys.
      ENCRYPTION_KEYS_PROJECT = 2

      # Keyring resource that hosts encryption keys.
      KEYRING = 3
    end
  end

  # Settings specific to the Key Management Service.
  # @deprecated This message is deprecated and may be removed in the next major version update.
  # @!attribute [rw] next_rotation_time
  #   @return [::Google::Protobuf::Timestamp]
  #     Required. Input only. Immutable. The time at which the Key Management Service will automatically create a
  #     new version of the crypto key and mark it as the primary.
  # @!attribute [rw] rotation_period
  #   @return [::Google::Protobuf::Duration]
  #     Required. Input only. Immutable. [next_rotation_time] will be advanced by this period when the Key
  #     Management Service automatically rotates a key. Must be at least 24 hours
  #     and at most 876,000 hours.
  class KMSSettings
    include ::Google::Protobuf::MessageExts
    extend ::Google::Protobuf::MessageExts::ClassMethods
  end

  # Settings specific to resources needed for IL4.
  # @deprecated This message is deprecated and may be removed in the next major version update.
  # @!attribute [rw] kms_settings
  #   @return [::Google::Cloud::AssuredWorkloads::V1beta1::Workload::KMSSettings]
  #     Input only. Immutable. Settings used to create a CMEK crypto key.
  class IL4Settings
    include ::Google::Protobuf::MessageExts
    extend ::Google::Protobuf::MessageExts::ClassMethods
  end

  # Settings specific to resources needed for CJIS.
  # @deprecated This message is deprecated and may be removed in the next major version update.
  # @!attribute [rw] kms_settings
  #   @return [::Google::Cloud::AssuredWorkloads::V1beta1::Workload::KMSSettings]
  #     Input only. Immutable. Settings used to create a CMEK crypto key.
  class CJISSettings
    include ::Google::Protobuf::MessageExts
    extend ::Google::Protobuf::MessageExts::ClassMethods
  end

  # Settings specific to resources needed for FedRAMP High.
  # @deprecated This message is deprecated and may be removed in the next major version update.
  # @!attribute [rw] kms_settings
  #   @return [::Google::Cloud::AssuredWorkloads::V1beta1::Workload::KMSSettings]
  #     Input only. Immutable. Settings used to create a CMEK crypto key.
  class FedrampHighSettings
    include ::Google::Protobuf::MessageExts
    extend ::Google::Protobuf::MessageExts::ClassMethods
  end

  # Settings specific to resources needed for FedRAMP Moderate.
  # @deprecated This message is deprecated and may be removed in the next major version update.
  # @!attribute [rw] kms_settings
  #   @return [::Google::Cloud::AssuredWorkloads::V1beta1::Workload::KMSSettings]
  #     Input only. Immutable. Settings used to create a CMEK crypto key.
  class FedrampModerateSettings
    include ::Google::Protobuf::MessageExts
    extend ::Google::Protobuf::MessageExts::ClassMethods
  end

  # Represent the custom settings for the resources to be created.
  # @!attribute [rw] resource_id
  #   @return [::String]
  #     Resource identifier.
  #     For a project this represents project_id. If the project is already
  #     taken, the workload creation will fail.
  #     For KeyRing, this represents the keyring_id.
  #     For a folder, don't set this value as folder_id is assigned by Google.
  # @!attribute [rw] resource_type
  #   @return [::Google::Cloud::AssuredWorkloads::V1beta1::Workload::ResourceInfo::ResourceType]
  #     Indicates the type of resource. This field should be specified to
  #     correspond the id to the right project type (CONSUMER_PROJECT or
  #     ENCRYPTION_KEYS_PROJECT)
  # @!attribute [rw] display_name
  #   @return [::String]
  #     User-assigned resource display name.
  #     If not empty it will be used to create a resource with the specified
  #     name.
  class ResourceSettings
    include ::Google::Protobuf::MessageExts
    extend ::Google::Protobuf::MessageExts::ClassMethods
  end

  # Signed Access Approvals (SAA) enrollment response.
  # @!attribute [rw] setup_status
  #   @return [::Google::Cloud::AssuredWorkloads::V1beta1::Workload::SaaEnrollmentResponse::SetupState]
  #     Indicates SAA enrollment status of a given workload.
  # @!attribute [rw] setup_errors
  #   @return [::Array<::Google::Cloud::AssuredWorkloads::V1beta1::Workload::SaaEnrollmentResponse::SetupError>]
  #     Indicates SAA enrollment setup error if any.
  class SaaEnrollmentResponse
    include ::Google::Protobuf::MessageExts
    extend ::Google::Protobuf::MessageExts::ClassMethods

    # Setup state of SAA enrollment.
    module SetupState
      # Unspecified.
      SETUP_STATE_UNSPECIFIED = 0

      # SAA enrollment pending.
      STATUS_PENDING = 1

      # SAA enrollment comopleted.
      STATUS_COMPLETE = 2
    end

    # Setup error of SAA enrollment.
    module SetupError
      # Unspecified.
      SETUP_ERROR_UNSPECIFIED = 0

      # Invalid states for all customers, to be redirected to AA UI for
      # additional details.
      ERROR_INVALID_BASE_SETUP = 1

      # Returned when there is not an EKM key configured.
      ERROR_MISSING_EXTERNAL_SIGNING_KEY = 2

      # Returned when there are no enrolled services or the customer is
      # enrolled in CAA only for a subset of services.
      ERROR_NOT_ALL_SERVICES_ENROLLED = 3

      # Returned when exception was encountered during evaluation of other
      # criteria.
      ERROR_SETUP_CHECK_FAILED = 4
    end
  end

  # @!attribute [rw] key
  #   @return [::String]
  # @!attribute [rw] value
  #   @return [::String]
  class LabelsEntry
    include ::Google::Protobuf::MessageExts
    extend ::Google::Protobuf::MessageExts::ClassMethods
  end

  # Supported Compliance Regimes.
  module ComplianceRegime
    # Unknown compliance regime.
    COMPLIANCE_REGIME_UNSPECIFIED = 0

    # Information protection as per DoD IL4 requirements.
    IL4 = 1

    # Criminal Justice Information Services (CJIS) Security policies.
    CJIS = 2

    # FedRAMP High data protection controls
    FEDRAMP_HIGH = 3

    # FedRAMP Moderate data protection controls
    FEDRAMP_MODERATE = 4

    # Assured Workloads For US Regions data protection controls
    US_REGIONAL_ACCESS = 5

    # Health Insurance Portability and Accountability Act controls
    HIPAA = 6

    # Health Information Trust Alliance controls
    HITRUST = 7

    # Assured Workloads For EU Regions and Support controls
    EU_REGIONS_AND_SUPPORT = 8

    # Assured Workloads For Canada Regions and Support controls
    CA_REGIONS_AND_SUPPORT = 9

    # International Traffic in Arms Regulations
    ITAR = 10

    # Assured Workloads for Australia Regions and Support controls
    AU_REGIONS_AND_US_SUPPORT = 11
  end

  # Key Access Justifications(KAJ) Enrollment State.
  module KajEnrollmentState
    # Default State for KAJ Enrollment.
    KAJ_ENROLLMENT_STATE_UNSPECIFIED = 0

    # Pending State for KAJ Enrollment.
    KAJ_ENROLLMENT_STATE_PENDING = 1

    # Complete State for KAJ Enrollment.
    KAJ_ENROLLMENT_STATE_COMPLETE = 2
  end
end

#compliant_but_disallowed_services ⇒ `::Array<::String>` (readonly)

Returns Output only. Urls for services which are compliant for this Assured Workload, but which are currently disallowed by the ResourceUsageRestriction org policy. Invoke RestrictAllowedResources endpoint to allow your project developers to use these services in their environment.".

Returns:

(::Array<::String>) —
Output only. Urls for services which are compliant for this Assured Workload, but which are currently disallowed by the ResourceUsageRestriction org policy. Invoke RestrictAllowedResources endpoint to allow your project developers to use these services in their environment."

# File 'proto_docs/google/cloud/assuredworkloads/v1beta1/assuredworkloads.rb', line 299

class Workload
  include ::Google::Protobuf::MessageExts
  extend ::Google::Protobuf::MessageExts::ClassMethods

  # Represent the resources that are children of this Workload.
  # @!attribute [rw] resource_id
  #   @return [::Integer]
  #     Resource identifier.
  #     For a project this represents project_number.
  # @!attribute [rw] resource_type
  #   @return [::Google::Cloud::AssuredWorkloads::V1beta1::Workload::ResourceInfo::ResourceType]
  #     Indicates the type of resource.
  class ResourceInfo
    include ::Google::Protobuf::MessageExts
    extend ::Google::Protobuf::MessageExts::ClassMethods

    # The type of resource.
    module ResourceType
      # Unknown resource type.
      RESOURCE_TYPE_UNSPECIFIED = 0

      # Deprecated. Existing workloads will continue to support this, but new
      # CreateWorkloadRequests should not specify this as an input value.
      CONSUMER_PROJECT = 1

      # Consumer Folder.
      CONSUMER_FOLDER = 4

      # Consumer project containing encryption keys.
      ENCRYPTION_KEYS_PROJECT = 2

      # Keyring resource that hosts encryption keys.
      KEYRING = 3
    end
  end

  # Settings specific to the Key Management Service.
  # @deprecated This message is deprecated and may be removed in the next major version update.
  # @!attribute [rw] next_rotation_time
  #   @return [::Google::Protobuf::Timestamp]
  #     Required. Input only. Immutable. The time at which the Key Management Service will automatically create a
  #     new version of the crypto key and mark it as the primary.
  # @!attribute [rw] rotation_period
  #   @return [::Google::Protobuf::Duration]
  #     Required. Input only. Immutable. [next_rotation_time] will be advanced by this period when the Key
  #     Management Service automatically rotates a key. Must be at least 24 hours
  #     and at most 876,000 hours.
  class KMSSettings
    include ::Google::Protobuf::MessageExts
    extend ::Google::Protobuf::MessageExts::ClassMethods
  end

  # Settings specific to resources needed for IL4.
  # @deprecated This message is deprecated and may be removed in the next major version update.
  # @!attribute [rw] kms_settings
  #   @return [::Google::Cloud::AssuredWorkloads::V1beta1::Workload::KMSSettings]
  #     Input only. Immutable. Settings used to create a CMEK crypto key.
  class IL4Settings
    include ::Google::Protobuf::MessageExts
    extend ::Google::Protobuf::MessageExts::ClassMethods
  end

  # Settings specific to resources needed for CJIS.
  # @deprecated This message is deprecated and may be removed in the next major version update.
  # @!attribute [rw] kms_settings
  #   @return [::Google::Cloud::AssuredWorkloads::V1beta1::Workload::KMSSettings]
  #     Input only. Immutable. Settings used to create a CMEK crypto key.
  class CJISSettings
    include ::Google::Protobuf::MessageExts
    extend ::Google::Protobuf::MessageExts::ClassMethods
  end

  # Settings specific to resources needed for FedRAMP High.
  # @deprecated This message is deprecated and may be removed in the next major version update.
  # @!attribute [rw] kms_settings
  #   @return [::Google::Cloud::AssuredWorkloads::V1beta1::Workload::KMSSettings]
  #     Input only. Immutable. Settings used to create a CMEK crypto key.
  class FedrampHighSettings
    include ::Google::Protobuf::MessageExts
    extend ::Google::Protobuf::MessageExts::ClassMethods
  end

  # Settings specific to resources needed for FedRAMP Moderate.
  # @deprecated This message is deprecated and may be removed in the next major version update.
  # @!attribute [rw] kms_settings
  #   @return [::Google::Cloud::AssuredWorkloads::V1beta1::Workload::KMSSettings]
  #     Input only. Immutable. Settings used to create a CMEK crypto key.
  class FedrampModerateSettings
    include ::Google::Protobuf::MessageExts
    extend ::Google::Protobuf::MessageExts::ClassMethods
  end

  # Represent the custom settings for the resources to be created.
  # @!attribute [rw] resource_id
  #   @return [::String]
  #     Resource identifier.
  #     For a project this represents project_id. If the project is already
  #     taken, the workload creation will fail.
  #     For KeyRing, this represents the keyring_id.
  #     For a folder, don't set this value as folder_id is assigned by Google.
  # @!attribute [rw] resource_type
  #   @return [::Google::Cloud::AssuredWorkloads::V1beta1::Workload::ResourceInfo::ResourceType]
  #     Indicates the type of resource. This field should be specified to
  #     correspond the id to the right project type (CONSUMER_PROJECT or
  #     ENCRYPTION_KEYS_PROJECT)
  # @!attribute [rw] display_name
  #   @return [::String]
  #     User-assigned resource display name.
  #     If not empty it will be used to create a resource with the specified
  #     name.
  class ResourceSettings
    include ::Google::Protobuf::MessageExts
    extend ::Google::Protobuf::MessageExts::ClassMethods
  end

  # Signed Access Approvals (SAA) enrollment response.
  # @!attribute [rw] setup_status
  #   @return [::Google::Cloud::AssuredWorkloads::V1beta1::Workload::SaaEnrollmentResponse::SetupState]
  #     Indicates SAA enrollment status of a given workload.
  # @!attribute [rw] setup_errors
  #   @return [::Array<::Google::Cloud::AssuredWorkloads::V1beta1::Workload::SaaEnrollmentResponse::SetupError>]
  #     Indicates SAA enrollment setup error if any.
  class SaaEnrollmentResponse
    include ::Google::Protobuf::MessageExts
    extend ::Google::Protobuf::MessageExts::ClassMethods

    # Setup state of SAA enrollment.
    module SetupState
      # Unspecified.
      SETUP_STATE_UNSPECIFIED = 0

      # SAA enrollment pending.
      STATUS_PENDING = 1

      # SAA enrollment comopleted.
      STATUS_COMPLETE = 2
    end

    # Setup error of SAA enrollment.
    module SetupError
      # Unspecified.
      SETUP_ERROR_UNSPECIFIED = 0

      # Invalid states for all customers, to be redirected to AA UI for
      # additional details.
      ERROR_INVALID_BASE_SETUP = 1

      # Returned when there is not an EKM key configured.
      ERROR_MISSING_EXTERNAL_SIGNING_KEY = 2

      # Returned when there are no enrolled services or the customer is
      # enrolled in CAA only for a subset of services.
      ERROR_NOT_ALL_SERVICES_ENROLLED = 3

      # Returned when exception was encountered during evaluation of other
      # criteria.
      ERROR_SETUP_CHECK_FAILED = 4
    end
  end

  # @!attribute [rw] key
  #   @return [::String]
  # @!attribute [rw] value
  #   @return [::String]
  class LabelsEntry
    include ::Google::Protobuf::MessageExts
    extend ::Google::Protobuf::MessageExts::ClassMethods
  end

  # Supported Compliance Regimes.
  module ComplianceRegime
    # Unknown compliance regime.
    COMPLIANCE_REGIME_UNSPECIFIED = 0

    # Information protection as per DoD IL4 requirements.
    IL4 = 1

    # Criminal Justice Information Services (CJIS) Security policies.
    CJIS = 2

    # FedRAMP High data protection controls
    FEDRAMP_HIGH = 3

    # FedRAMP Moderate data protection controls
    FEDRAMP_MODERATE = 4

    # Assured Workloads For US Regions data protection controls
    US_REGIONAL_ACCESS = 5

    # Health Insurance Portability and Accountability Act controls
    HIPAA = 6

    # Health Information Trust Alliance controls
    HITRUST = 7

    # Assured Workloads For EU Regions and Support controls
    EU_REGIONS_AND_SUPPORT = 8

    # Assured Workloads For Canada Regions and Support controls
    CA_REGIONS_AND_SUPPORT = 9

    # International Traffic in Arms Regulations
    ITAR = 10

    # Assured Workloads for Australia Regions and Support controls
    AU_REGIONS_AND_US_SUPPORT = 11
  end

  # Key Access Justifications(KAJ) Enrollment State.
  module KajEnrollmentState
    # Default State for KAJ Enrollment.
    KAJ_ENROLLMENT_STATE_UNSPECIFIED = 0

    # Pending State for KAJ Enrollment.
    KAJ_ENROLLMENT_STATE_PENDING = 1

    # Complete State for KAJ Enrollment.
    KAJ_ENROLLMENT_STATE_COMPLETE = 2
  end
end

#create_time ⇒ `::Google::Protobuf::Timestamp` (readonly)

Returns Output only. Immutable. The Workload creation timestamp.

Returns:

(::Google::Protobuf::Timestamp) —
Output only. Immutable. The Workload creation timestamp.

# File 'proto_docs/google/cloud/assuredworkloads/v1beta1/assuredworkloads.rb', line 299

class Workload
  include ::Google::Protobuf::MessageExts
  extend ::Google::Protobuf::MessageExts::ClassMethods

  # Represent the resources that are children of this Workload.
  # @!attribute [rw] resource_id
  #   @return [::Integer]
  #     Resource identifier.
  #     For a project this represents project_number.
  # @!attribute [rw] resource_type
  #   @return [::Google::Cloud::AssuredWorkloads::V1beta1::Workload::ResourceInfo::ResourceType]
  #     Indicates the type of resource.
  class ResourceInfo
    include ::Google::Protobuf::MessageExts
    extend ::Google::Protobuf::MessageExts::ClassMethods

    # The type of resource.
    module ResourceType
      # Unknown resource type.
      RESOURCE_TYPE_UNSPECIFIED = 0

      # Deprecated. Existing workloads will continue to support this, but new
      # CreateWorkloadRequests should not specify this as an input value.
      CONSUMER_PROJECT = 1

      # Consumer Folder.
      CONSUMER_FOLDER = 4

      # Consumer project containing encryption keys.
      ENCRYPTION_KEYS_PROJECT = 2

      # Keyring resource that hosts encryption keys.
      KEYRING = 3
    end
  end

  # Settings specific to the Key Management Service.
  # @deprecated This message is deprecated and may be removed in the next major version update.
  # @!attribute [rw] next_rotation_time
  #   @return [::Google::Protobuf::Timestamp]
  #     Required. Input only. Immutable. The time at which the Key Management Service will automatically create a
  #     new version of the crypto key and mark it as the primary.
  # @!attribute [rw] rotation_period
  #   @return [::Google::Protobuf::Duration]
  #     Required. Input only. Immutable. [next_rotation_time] will be advanced by this period when the Key
  #     Management Service automatically rotates a key. Must be at least 24 hours
  #     and at most 876,000 hours.
  class KMSSettings
    include ::Google::Protobuf::MessageExts
    extend ::Google::Protobuf::MessageExts::ClassMethods
  end

  # Settings specific to resources needed for IL4.
  # @deprecated This message is deprecated and may be removed in the next major version update.
  # @!attribute [rw] kms_settings
  #   @return [::Google::Cloud::AssuredWorkloads::V1beta1::Workload::KMSSettings]
  #     Input only. Immutable. Settings used to create a CMEK crypto key.
  class IL4Settings
    include ::Google::Protobuf::MessageExts
    extend ::Google::Protobuf::MessageExts::ClassMethods
  end

  # Settings specific to resources needed for CJIS.
  # @deprecated This message is deprecated and may be removed in the next major version update.
  # @!attribute [rw] kms_settings
  #   @return [::Google::Cloud::AssuredWorkloads::V1beta1::Workload::KMSSettings]
  #     Input only. Immutable. Settings used to create a CMEK crypto key.
  class CJISSettings
    include ::Google::Protobuf::MessageExts
    extend ::Google::Protobuf::MessageExts::ClassMethods
  end

  # Settings specific to resources needed for FedRAMP High.
  # @deprecated This message is deprecated and may be removed in the next major version update.
  # @!attribute [rw] kms_settings
  #   @return [::Google::Cloud::AssuredWorkloads::V1beta1::Workload::KMSSettings]
  #     Input only. Immutable. Settings used to create a CMEK crypto key.
  class FedrampHighSettings
    include ::Google::Protobuf::MessageExts
    extend ::Google::Protobuf::MessageExts::ClassMethods
  end

  # Settings specific to resources needed for FedRAMP Moderate.
  # @deprecated This message is deprecated and may be removed in the next major version update.
  # @!attribute [rw] kms_settings
  #   @return [::Google::Cloud::AssuredWorkloads::V1beta1::Workload::KMSSettings]
  #     Input only. Immutable. Settings used to create a CMEK crypto key.
  class FedrampModerateSettings
    include ::Google::Protobuf::MessageExts
    extend ::Google::Protobuf::MessageExts::ClassMethods
  end

  # Represent the custom settings for the resources to be created.
  # @!attribute [rw] resource_id
  #   @return [::String]
  #     Resource identifier.
  #     For a project this represents project_id. If the project is already
  #     taken, the workload creation will fail.
  #     For KeyRing, this represents the keyring_id.
  #     For a folder, don't set this value as folder_id is assigned by Google.
  # @!attribute [rw] resource_type
  #   @return [::Google::Cloud::AssuredWorkloads::V1beta1::Workload::ResourceInfo::ResourceType]
  #     Indicates the type of resource. This field should be specified to
  #     correspond the id to the right project type (CONSUMER_PROJECT or
  #     ENCRYPTION_KEYS_PROJECT)
  # @!attribute [rw] display_name
  #   @return [::String]
  #     User-assigned resource display name.
  #     If not empty it will be used to create a resource with the specified
  #     name.
  class ResourceSettings
    include ::Google::Protobuf::MessageExts
    extend ::Google::Protobuf::MessageExts::ClassMethods
  end

  # Signed Access Approvals (SAA) enrollment response.
  # @!attribute [rw] setup_status
  #   @return [::Google::Cloud::AssuredWorkloads::V1beta1::Workload::SaaEnrollmentResponse::SetupState]
  #     Indicates SAA enrollment status of a given workload.
  # @!attribute [rw] setup_errors
  #   @return [::Array<::Google::Cloud::AssuredWorkloads::V1beta1::Workload::SaaEnrollmentResponse::SetupError>]
  #     Indicates SAA enrollment setup error if any.
  class SaaEnrollmentResponse
    include ::Google::Protobuf::MessageExts
    extend ::Google::Protobuf::MessageExts::ClassMethods

    # Setup state of SAA enrollment.
    module SetupState
      # Unspecified.
      SETUP_STATE_UNSPECIFIED = 0

      # SAA enrollment pending.
      STATUS_PENDING = 1

      # SAA enrollment comopleted.
      STATUS_COMPLETE = 2
    end

    # Setup error of SAA enrollment.
    module SetupError
      # Unspecified.
      SETUP_ERROR_UNSPECIFIED = 0

      # Invalid states for all customers, to be redirected to AA UI for
      # additional details.
      ERROR_INVALID_BASE_SETUP = 1

      # Returned when there is not an EKM key configured.
      ERROR_MISSING_EXTERNAL_SIGNING_KEY = 2

      # Returned when there are no enrolled services or the customer is
      # enrolled in CAA only for a subset of services.
      ERROR_NOT_ALL_SERVICES_ENROLLED = 3

      # Returned when exception was encountered during evaluation of other
      # criteria.
      ERROR_SETUP_CHECK_FAILED = 4
    end
  end

  # @!attribute [rw] key
  #   @return [::String]
  # @!attribute [rw] value
  #   @return [::String]
  class LabelsEntry
    include ::Google::Protobuf::MessageExts
    extend ::Google::Protobuf::MessageExts::ClassMethods
  end

  # Supported Compliance Regimes.
  module ComplianceRegime
    # Unknown compliance regime.
    COMPLIANCE_REGIME_UNSPECIFIED = 0

    # Information protection as per DoD IL4 requirements.
    IL4 = 1

    # Criminal Justice Information Services (CJIS) Security policies.
    CJIS = 2

    # FedRAMP High data protection controls
    FEDRAMP_HIGH = 3

    # FedRAMP Moderate data protection controls
    FEDRAMP_MODERATE = 4

    # Assured Workloads For US Regions data protection controls
    US_REGIONAL_ACCESS = 5

    # Health Insurance Portability and Accountability Act controls
    HIPAA = 6

    # Health Information Trust Alliance controls
    HITRUST = 7

    # Assured Workloads For EU Regions and Support controls
    EU_REGIONS_AND_SUPPORT = 8

    # Assured Workloads For Canada Regions and Support controls
    CA_REGIONS_AND_SUPPORT = 9

    # International Traffic in Arms Regulations
    ITAR = 10

    # Assured Workloads for Australia Regions and Support controls
    AU_REGIONS_AND_US_SUPPORT = 11
  end

  # Key Access Justifications(KAJ) Enrollment State.
  module KajEnrollmentState
    # Default State for KAJ Enrollment.
    KAJ_ENROLLMENT_STATE_UNSPECIFIED = 0

    # Pending State for KAJ Enrollment.
    KAJ_ENROLLMENT_STATE_PENDING = 1

    # Complete State for KAJ Enrollment.
    KAJ_ENROLLMENT_STATE_COMPLETE = 2
  end
end

#display_name ⇒ `::String`

Returns Required. The user-assigned display name of the Workload. When present it must be between 4 to 30 characters. Allowed characters are: lowercase and uppercase letters, numbers, hyphen, and spaces.

Example: My Workload.

Returns:

(::String) —
Required. The user-assigned display name of the Workload. When present it must be between 4 to 30 characters. Allowed characters are: lowercase and uppercase letters, numbers, hyphen, and spaces.

Example: My Workload

# File 'proto_docs/google/cloud/assuredworkloads/v1beta1/assuredworkloads.rb', line 299

class Workload
  include ::Google::Protobuf::MessageExts
  extend ::Google::Protobuf::MessageExts::ClassMethods

  # Represent the resources that are children of this Workload.
  # @!attribute [rw] resource_id
  #   @return [::Integer]
  #     Resource identifier.
  #     For a project this represents project_number.
  # @!attribute [rw] resource_type
  #   @return [::Google::Cloud::AssuredWorkloads::V1beta1::Workload::ResourceInfo::ResourceType]
  #     Indicates the type of resource.
  class ResourceInfo
    include ::Google::Protobuf::MessageExts
    extend ::Google::Protobuf::MessageExts::ClassMethods

    # The type of resource.
    module ResourceType
      # Unknown resource type.
      RESOURCE_TYPE_UNSPECIFIED = 0

      # Deprecated. Existing workloads will continue to support this, but new
      # CreateWorkloadRequests should not specify this as an input value.
      CONSUMER_PROJECT = 1

      # Consumer Folder.
      CONSUMER_FOLDER = 4

      # Consumer project containing encryption keys.
      ENCRYPTION_KEYS_PROJECT = 2

      # Keyring resource that hosts encryption keys.
      KEYRING = 3
    end
  end

  # Settings specific to the Key Management Service.
  # @deprecated This message is deprecated and may be removed in the next major version update.
  # @!attribute [rw] next_rotation_time
  #   @return [::Google::Protobuf::Timestamp]
  #     Required. Input only. Immutable. The time at which the Key Management Service will automatically create a
  #     new version of the crypto key and mark it as the primary.
  # @!attribute [rw] rotation_period
  #   @return [::Google::Protobuf::Duration]
  #     Required. Input only. Immutable. [next_rotation_time] will be advanced by this period when the Key
  #     Management Service automatically rotates a key. Must be at least 24 hours
  #     and at most 876,000 hours.
  class KMSSettings
    include ::Google::Protobuf::MessageExts
    extend ::Google::Protobuf::MessageExts::ClassMethods
  end

  # Settings specific to resources needed for IL4.
  # @deprecated This message is deprecated and may be removed in the next major version update.
  # @!attribute [rw] kms_settings
  #   @return [::Google::Cloud::AssuredWorkloads::V1beta1::Workload::KMSSettings]
  #     Input only. Immutable. Settings used to create a CMEK crypto key.
  class IL4Settings
    include ::Google::Protobuf::MessageExts
    extend ::Google::Protobuf::MessageExts::ClassMethods
  end

  # Settings specific to resources needed for CJIS.
  # @deprecated This message is deprecated and may be removed in the next major version update.
  # @!attribute [rw] kms_settings
  #   @return [::Google::Cloud::AssuredWorkloads::V1beta1::Workload::KMSSettings]
  #     Input only. Immutable. Settings used to create a CMEK crypto key.
  class CJISSettings
    include ::Google::Protobuf::MessageExts
    extend ::Google::Protobuf::MessageExts::ClassMethods
  end

  # Settings specific to resources needed for FedRAMP High.
  # @deprecated This message is deprecated and may be removed in the next major version update.
  # @!attribute [rw] kms_settings
  #   @return [::Google::Cloud::AssuredWorkloads::V1beta1::Workload::KMSSettings]
  #     Input only. Immutable. Settings used to create a CMEK crypto key.
  class FedrampHighSettings
    include ::Google::Protobuf::MessageExts
    extend ::Google::Protobuf::MessageExts::ClassMethods
  end

  # Settings specific to resources needed for FedRAMP Moderate.
  # @deprecated This message is deprecated and may be removed in the next major version update.
  # @!attribute [rw] kms_settings
  #   @return [::Google::Cloud::AssuredWorkloads::V1beta1::Workload::KMSSettings]
  #     Input only. Immutable. Settings used to create a CMEK crypto key.
  class FedrampModerateSettings
    include ::Google::Protobuf::MessageExts
    extend ::Google::Protobuf::MessageExts::ClassMethods
  end

  # Represent the custom settings for the resources to be created.
  # @!attribute [rw] resource_id
  #   @return [::String]
  #     Resource identifier.
  #     For a project this represents project_id. If the project is already
  #     taken, the workload creation will fail.
  #     For KeyRing, this represents the keyring_id.
  #     For a folder, don't set this value as folder_id is assigned by Google.
  # @!attribute [rw] resource_type
  #   @return [::Google::Cloud::AssuredWorkloads::V1beta1::Workload::ResourceInfo::ResourceType]
  #     Indicates the type of resource. This field should be specified to
  #     correspond the id to the right project type (CONSUMER_PROJECT or
  #     ENCRYPTION_KEYS_PROJECT)
  # @!attribute [rw] display_name
  #   @return [::String]
  #     User-assigned resource display name.
  #     If not empty it will be used to create a resource with the specified
  #     name.
  class ResourceSettings
    include ::Google::Protobuf::MessageExts
    extend ::Google::Protobuf::MessageExts::ClassMethods
  end

  # Signed Access Approvals (SAA) enrollment response.
  # @!attribute [rw] setup_status
  #   @return [::Google::Cloud::AssuredWorkloads::V1beta1::Workload::SaaEnrollmentResponse::SetupState]
  #     Indicates SAA enrollment status of a given workload.
  # @!attribute [rw] setup_errors
  #   @return [::Array<::Google::Cloud::AssuredWorkloads::V1beta1::Workload::SaaEnrollmentResponse::SetupError>]
  #     Indicates SAA enrollment setup error if any.
  class SaaEnrollmentResponse
    include ::Google::Protobuf::MessageExts
    extend ::Google::Protobuf::MessageExts::ClassMethods

    # Setup state of SAA enrollment.
    module SetupState
      # Unspecified.
      SETUP_STATE_UNSPECIFIED = 0

      # SAA enrollment pending.
      STATUS_PENDING = 1

      # SAA enrollment comopleted.
      STATUS_COMPLETE = 2
    end

    # Setup error of SAA enrollment.
    module SetupError
      # Unspecified.
      SETUP_ERROR_UNSPECIFIED = 0

      # Invalid states for all customers, to be redirected to AA UI for
      # additional details.
      ERROR_INVALID_BASE_SETUP = 1

      # Returned when there is not an EKM key configured.
      ERROR_MISSING_EXTERNAL_SIGNING_KEY = 2

      # Returned when there are no enrolled services or the customer is
      # enrolled in CAA only for a subset of services.
      ERROR_NOT_ALL_SERVICES_ENROLLED = 3

      # Returned when exception was encountered during evaluation of other
      # criteria.
      ERROR_SETUP_CHECK_FAILED = 4
    end
  end

  # @!attribute [rw] key
  #   @return [::String]
  # @!attribute [rw] value
  #   @return [::String]
  class LabelsEntry
    include ::Google::Protobuf::MessageExts
    extend ::Google::Protobuf::MessageExts::ClassMethods
  end

  # Supported Compliance Regimes.
  module ComplianceRegime
    # Unknown compliance regime.
    COMPLIANCE_REGIME_UNSPECIFIED = 0

    # Information protection as per DoD IL4 requirements.
    IL4 = 1

    # Criminal Justice Information Services (CJIS) Security policies.
    CJIS = 2

    # FedRAMP High data protection controls
    FEDRAMP_HIGH = 3

    # FedRAMP Moderate data protection controls
    FEDRAMP_MODERATE = 4

    # Assured Workloads For US Regions data protection controls
    US_REGIONAL_ACCESS = 5

    # Health Insurance Portability and Accountability Act controls
    HIPAA = 6

    # Health Information Trust Alliance controls
    HITRUST = 7

    # Assured Workloads For EU Regions and Support controls
    EU_REGIONS_AND_SUPPORT = 8

    # Assured Workloads For Canada Regions and Support controls
    CA_REGIONS_AND_SUPPORT = 9

    # International Traffic in Arms Regulations
    ITAR = 10

    # Assured Workloads for Australia Regions and Support controls
    AU_REGIONS_AND_US_SUPPORT = 11
  end

  # Key Access Justifications(KAJ) Enrollment State.
  module KajEnrollmentState
    # Default State for KAJ Enrollment.
    KAJ_ENROLLMENT_STATE_UNSPECIFIED = 0

    # Pending State for KAJ Enrollment.
    KAJ_ENROLLMENT_STATE_PENDING = 1

    # Complete State for KAJ Enrollment.
    KAJ_ENROLLMENT_STATE_COMPLETE = 2
  end
end

#enable_sovereign_controls ⇒ `::Boolean`

Returns Optional. Indicates the sovereignty status of the given workload. Currently meant to be used by Europe/Canada customers.

Returns:

(::Boolean) —
Optional. Indicates the sovereignty status of the given workload. Currently meant to be used by Europe/Canada customers.

# File 'proto_docs/google/cloud/assuredworkloads/v1beta1/assuredworkloads.rb', line 299

class Workload
  include ::Google::Protobuf::MessageExts
  extend ::Google::Protobuf::MessageExts::ClassMethods

  # Represent the resources that are children of this Workload.
  # @!attribute [rw] resource_id
  #   @return [::Integer]
  #     Resource identifier.
  #     For a project this represents project_number.
  # @!attribute [rw] resource_type
  #   @return [::Google::Cloud::AssuredWorkloads::V1beta1::Workload::ResourceInfo::ResourceType]
  #     Indicates the type of resource.
  class ResourceInfo
    include ::Google::Protobuf::MessageExts
    extend ::Google::Protobuf::MessageExts::ClassMethods

    # The type of resource.
    module ResourceType
      # Unknown resource type.
      RESOURCE_TYPE_UNSPECIFIED = 0

      # Deprecated. Existing workloads will continue to support this, but new
      # CreateWorkloadRequests should not specify this as an input value.
      CONSUMER_PROJECT = 1

      # Consumer Folder.
      CONSUMER_FOLDER = 4

      # Consumer project containing encryption keys.
      ENCRYPTION_KEYS_PROJECT = 2

      # Keyring resource that hosts encryption keys.
      KEYRING = 3
    end
  end

  # Settings specific to the Key Management Service.
  # @deprecated This message is deprecated and may be removed in the next major version update.
  # @!attribute [rw] next_rotation_time
  #   @return [::Google::Protobuf::Timestamp]
  #     Required. Input only. Immutable. The time at which the Key Management Service will automatically create a
  #     new version of the crypto key and mark it as the primary.
  # @!attribute [rw] rotation_period
  #   @return [::Google::Protobuf::Duration]
  #     Required. Input only. Immutable. [next_rotation_time] will be advanced by this period when the Key
  #     Management Service automatically rotates a key. Must be at least 24 hours
  #     and at most 876,000 hours.
  class KMSSettings
    include ::Google::Protobuf::MessageExts
    extend ::Google::Protobuf::MessageExts::ClassMethods
  end

  # Settings specific to resources needed for IL4.
  # @deprecated This message is deprecated and may be removed in the next major version update.
  # @!attribute [rw] kms_settings
  #   @return [::Google::Cloud::AssuredWorkloads::V1beta1::Workload::KMSSettings]
  #     Input only. Immutable. Settings used to create a CMEK crypto key.
  class IL4Settings
    include ::Google::Protobuf::MessageExts
    extend ::Google::Protobuf::MessageExts::ClassMethods
  end

  # Settings specific to resources needed for CJIS.
  # @deprecated This message is deprecated and may be removed in the next major version update.
  # @!attribute [rw] kms_settings
  #   @return [::Google::Cloud::AssuredWorkloads::V1beta1::Workload::KMSSettings]
  #     Input only. Immutable. Settings used to create a CMEK crypto key.
  class CJISSettings
    include ::Google::Protobuf::MessageExts
    extend ::Google::Protobuf::MessageExts::ClassMethods
  end

  # Settings specific to resources needed for FedRAMP High.
  # @deprecated This message is deprecated and may be removed in the next major version update.
  # @!attribute [rw] kms_settings
  #   @return [::Google::Cloud::AssuredWorkloads::V1beta1::Workload::KMSSettings]
  #     Input only. Immutable. Settings used to create a CMEK crypto key.
  class FedrampHighSettings
    include ::Google::Protobuf::MessageExts
    extend ::Google::Protobuf::MessageExts::ClassMethods
  end

  # Settings specific to resources needed for FedRAMP Moderate.
  # @deprecated This message is deprecated and may be removed in the next major version update.
  # @!attribute [rw] kms_settings
  #   @return [::Google::Cloud::AssuredWorkloads::V1beta1::Workload::KMSSettings]
  #     Input only. Immutable. Settings used to create a CMEK crypto key.
  class FedrampModerateSettings
    include ::Google::Protobuf::MessageExts
    extend ::Google::Protobuf::MessageExts::ClassMethods
  end

  # Represent the custom settings for the resources to be created.
  # @!attribute [rw] resource_id
  #   @return [::String]
  #     Resource identifier.
  #     For a project this represents project_id. If the project is already
  #     taken, the workload creation will fail.
  #     For KeyRing, this represents the keyring_id.
  #     For a folder, don't set this value as folder_id is assigned by Google.
  # @!attribute [rw] resource_type
  #   @return [::Google::Cloud::AssuredWorkloads::V1beta1::Workload::ResourceInfo::ResourceType]
  #     Indicates the type of resource. This field should be specified to
  #     correspond the id to the right project type (CONSUMER_PROJECT or
  #     ENCRYPTION_KEYS_PROJECT)
  # @!attribute [rw] display_name
  #   @return [::String]
  #     User-assigned resource display name.
  #     If not empty it will be used to create a resource with the specified
  #     name.
  class ResourceSettings
    include ::Google::Protobuf::MessageExts
    extend ::Google::Protobuf::MessageExts::ClassMethods
  end

  # Signed Access Approvals (SAA) enrollment response.
  # @!attribute [rw] setup_status
  #   @return [::Google::Cloud::AssuredWorkloads::V1beta1::Workload::SaaEnrollmentResponse::SetupState]
  #     Indicates SAA enrollment status of a given workload.
  # @!attribute [rw] setup_errors
  #   @return [::Array<::Google::Cloud::AssuredWorkloads::V1beta1::Workload::SaaEnrollmentResponse::SetupError>]
  #     Indicates SAA enrollment setup error if any.
  class SaaEnrollmentResponse
    include ::Google::Protobuf::MessageExts
    extend ::Google::Protobuf::MessageExts::ClassMethods

    # Setup state of SAA enrollment.
    module SetupState
      # Unspecified.
      SETUP_STATE_UNSPECIFIED = 0

      # SAA enrollment pending.
      STATUS_PENDING = 1

      # SAA enrollment comopleted.
      STATUS_COMPLETE = 2
    end

    # Setup error of SAA enrollment.
    module SetupError
      # Unspecified.
      SETUP_ERROR_UNSPECIFIED = 0

      # Invalid states for all customers, to be redirected to AA UI for
      # additional details.
      ERROR_INVALID_BASE_SETUP = 1

      # Returned when there is not an EKM key configured.
      ERROR_MISSING_EXTERNAL_SIGNING_KEY = 2

      # Returned when there are no enrolled services or the customer is
      # enrolled in CAA only for a subset of services.
      ERROR_NOT_ALL_SERVICES_ENROLLED = 3

      # Returned when exception was encountered during evaluation of other
      # criteria.
      ERROR_SETUP_CHECK_FAILED = 4
    end
  end

  # @!attribute [rw] key
  #   @return [::String]
  # @!attribute [rw] value
  #   @return [::String]
  class LabelsEntry
    include ::Google::Protobuf::MessageExts
    extend ::Google::Protobuf::MessageExts::ClassMethods
  end

  # Supported Compliance Regimes.
  module ComplianceRegime
    # Unknown compliance regime.
    COMPLIANCE_REGIME_UNSPECIFIED = 0

    # Information protection as per DoD IL4 requirements.
    IL4 = 1

    # Criminal Justice Information Services (CJIS) Security policies.
    CJIS = 2

    # FedRAMP High data protection controls
    FEDRAMP_HIGH = 3

    # FedRAMP Moderate data protection controls
    FEDRAMP_MODERATE = 4

    # Assured Workloads For US Regions data protection controls
    US_REGIONAL_ACCESS = 5

    # Health Insurance Portability and Accountability Act controls
    HIPAA = 6

    # Health Information Trust Alliance controls
    HITRUST = 7

    # Assured Workloads For EU Regions and Support controls
    EU_REGIONS_AND_SUPPORT = 8

    # Assured Workloads For Canada Regions and Support controls
    CA_REGIONS_AND_SUPPORT = 9

    # International Traffic in Arms Regulations
    ITAR = 10

    # Assured Workloads for Australia Regions and Support controls
    AU_REGIONS_AND_US_SUPPORT = 11
  end

  # Key Access Justifications(KAJ) Enrollment State.
  module KajEnrollmentState
    # Default State for KAJ Enrollment.
    KAJ_ENROLLMENT_STATE_UNSPECIFIED = 0

    # Pending State for KAJ Enrollment.
    KAJ_ENROLLMENT_STATE_PENDING = 1

    # Complete State for KAJ Enrollment.
    KAJ_ENROLLMENT_STATE_COMPLETE = 2
  end
end

#etag ⇒ `::String`

Returns Optional. ETag of the workload, it is calculated on the basis of the Workload contents. It will be used in Update & Delete operations.

Returns:

(::String) —
Optional. ETag of the workload, it is calculated on the basis of the Workload contents. It will be used in Update & Delete operations.

# File 'proto_docs/google/cloud/assuredworkloads/v1beta1/assuredworkloads.rb', line 299

class Workload
  include ::Google::Protobuf::MessageExts
  extend ::Google::Protobuf::MessageExts::ClassMethods

  # Represent the resources that are children of this Workload.
  # @!attribute [rw] resource_id
  #   @return [::Integer]
  #     Resource identifier.
  #     For a project this represents project_number.
  # @!attribute [rw] resource_type
  #   @return [::Google::Cloud::AssuredWorkloads::V1beta1::Workload::ResourceInfo::ResourceType]
  #     Indicates the type of resource.
  class ResourceInfo
    include ::Google::Protobuf::MessageExts
    extend ::Google::Protobuf::MessageExts::ClassMethods

    # The type of resource.
    module ResourceType
      # Unknown resource type.
      RESOURCE_TYPE_UNSPECIFIED = 0

      # Deprecated. Existing workloads will continue to support this, but new
      # CreateWorkloadRequests should not specify this as an input value.
      CONSUMER_PROJECT = 1

      # Consumer Folder.
      CONSUMER_FOLDER = 4

      # Consumer project containing encryption keys.
      ENCRYPTION_KEYS_PROJECT = 2

      # Keyring resource that hosts encryption keys.
      KEYRING = 3
    end
  end

  # Settings specific to the Key Management Service.
  # @deprecated This message is deprecated and may be removed in the next major version update.
  # @!attribute [rw] next_rotation_time
  #   @return [::Google::Protobuf::Timestamp]
  #     Required. Input only. Immutable. The time at which the Key Management Service will automatically create a
  #     new version of the crypto key and mark it as the primary.
  # @!attribute [rw] rotation_period
  #   @return [::Google::Protobuf::Duration]
  #     Required. Input only. Immutable. [next_rotation_time] will be advanced by this period when the Key
  #     Management Service automatically rotates a key. Must be at least 24 hours
  #     and at most 876,000 hours.
  class KMSSettings
    include ::Google::Protobuf::MessageExts
    extend ::Google::Protobuf::MessageExts::ClassMethods
  end

  # Settings specific to resources needed for IL4.
  # @deprecated This message is deprecated and may be removed in the next major version update.
  # @!attribute [rw] kms_settings
  #   @return [::Google::Cloud::AssuredWorkloads::V1beta1::Workload::KMSSettings]
  #     Input only. Immutable. Settings used to create a CMEK crypto key.
  class IL4Settings
    include ::Google::Protobuf::MessageExts
    extend ::Google::Protobuf::MessageExts::ClassMethods
  end

  # Settings specific to resources needed for CJIS.
  # @deprecated This message is deprecated and may be removed in the next major version update.
  # @!attribute [rw] kms_settings
  #   @return [::Google::Cloud::AssuredWorkloads::V1beta1::Workload::KMSSettings]
  #     Input only. Immutable. Settings used to create a CMEK crypto key.
  class CJISSettings
    include ::Google::Protobuf::MessageExts
    extend ::Google::Protobuf::MessageExts::ClassMethods
  end

  # Settings specific to resources needed for FedRAMP High.
  # @deprecated This message is deprecated and may be removed in the next major version update.
  # @!attribute [rw] kms_settings
  #   @return [::Google::Cloud::AssuredWorkloads::V1beta1::Workload::KMSSettings]
  #     Input only. Immutable. Settings used to create a CMEK crypto key.
  class FedrampHighSettings
    include ::Google::Protobuf::MessageExts
    extend ::Google::Protobuf::MessageExts::ClassMethods
  end

  # Settings specific to resources needed for FedRAMP Moderate.
  # @deprecated This message is deprecated and may be removed in the next major version update.
  # @!attribute [rw] kms_settings
  #   @return [::Google::Cloud::AssuredWorkloads::V1beta1::Workload::KMSSettings]
  #     Input only. Immutable. Settings used to create a CMEK crypto key.
  class FedrampModerateSettings
    include ::Google::Protobuf::MessageExts
    extend ::Google::Protobuf::MessageExts::ClassMethods
  end

  # Represent the custom settings for the resources to be created.
  # @!attribute [rw] resource_id
  #   @return [::String]
  #     Resource identifier.
  #     For a project this represents project_id. If the project is already
  #     taken, the workload creation will fail.
  #     For KeyRing, this represents the keyring_id.
  #     For a folder, don't set this value as folder_id is assigned by Google.
  # @!attribute [rw] resource_type
  #   @return [::Google::Cloud::AssuredWorkloads::V1beta1::Workload::ResourceInfo::ResourceType]
  #     Indicates the type of resource. This field should be specified to
  #     correspond the id to the right project type (CONSUMER_PROJECT or
  #     ENCRYPTION_KEYS_PROJECT)
  # @!attribute [rw] display_name
  #   @return [::String]
  #     User-assigned resource display name.
  #     If not empty it will be used to create a resource with the specified
  #     name.
  class ResourceSettings
    include ::Google::Protobuf::MessageExts
    extend ::Google::Protobuf::MessageExts::ClassMethods
  end

  # Signed Access Approvals (SAA) enrollment response.
  # @!attribute [rw] setup_status
  #   @return [::Google::Cloud::AssuredWorkloads::V1beta1::Workload::SaaEnrollmentResponse::SetupState]
  #     Indicates SAA enrollment status of a given workload.
  # @!attribute [rw] setup_errors
  #   @return [::Array<::Google::Cloud::AssuredWorkloads::V1beta1::Workload::SaaEnrollmentResponse::SetupError>]
  #     Indicates SAA enrollment setup error if any.
  class SaaEnrollmentResponse
    include ::Google::Protobuf::MessageExts
    extend ::Google::Protobuf::MessageExts::ClassMethods

    # Setup state of SAA enrollment.
    module SetupState
      # Unspecified.
      SETUP_STATE_UNSPECIFIED = 0

      # SAA enrollment pending.
      STATUS_PENDING = 1

      # SAA enrollment comopleted.
      STATUS_COMPLETE = 2
    end

    # Setup error of SAA enrollment.
    module SetupError
      # Unspecified.
      SETUP_ERROR_UNSPECIFIED = 0

      # Invalid states for all customers, to be redirected to AA UI for
      # additional details.
      ERROR_INVALID_BASE_SETUP = 1

      # Returned when there is not an EKM key configured.
      ERROR_MISSING_EXTERNAL_SIGNING_KEY = 2

      # Returned when there are no enrolled services or the customer is
      # enrolled in CAA only for a subset of services.
      ERROR_NOT_ALL_SERVICES_ENROLLED = 3

      # Returned when exception was encountered during evaluation of other
      # criteria.
      ERROR_SETUP_CHECK_FAILED = 4
    end
  end

  # @!attribute [rw] key
  #   @return [::String]
  # @!attribute [rw] value
  #   @return [::String]
  class LabelsEntry
    include ::Google::Protobuf::MessageExts
    extend ::Google::Protobuf::MessageExts::ClassMethods
  end

  # Supported Compliance Regimes.
  module ComplianceRegime
    # Unknown compliance regime.
    COMPLIANCE_REGIME_UNSPECIFIED = 0

    # Information protection as per DoD IL4 requirements.
    IL4 = 1

    # Criminal Justice Information Services (CJIS) Security policies.
    CJIS = 2

    # FedRAMP High data protection controls
    FEDRAMP_HIGH = 3

    # FedRAMP Moderate data protection controls
    FEDRAMP_MODERATE = 4

    # Assured Workloads For US Regions data protection controls
    US_REGIONAL_ACCESS = 5

    # Health Insurance Portability and Accountability Act controls
    HIPAA = 6

    # Health Information Trust Alliance controls
    HITRUST = 7

    # Assured Workloads For EU Regions and Support controls
    EU_REGIONS_AND_SUPPORT = 8

    # Assured Workloads For Canada Regions and Support controls
    CA_REGIONS_AND_SUPPORT = 9

    # International Traffic in Arms Regulations
    ITAR = 10

    # Assured Workloads for Australia Regions and Support controls
    AU_REGIONS_AND_US_SUPPORT = 11
  end

  # Key Access Justifications(KAJ) Enrollment State.
  module KajEnrollmentState
    # Default State for KAJ Enrollment.
    KAJ_ENROLLMENT_STATE_UNSPECIFIED = 0

    # Pending State for KAJ Enrollment.
    KAJ_ENROLLMENT_STATE_PENDING = 1

    # Complete State for KAJ Enrollment.
    KAJ_ENROLLMENT_STATE_COMPLETE = 2
  end
end

#fedramp_high_settings ⇒ `::Google::Cloud::AssuredWorkloads::V1beta1::Workload::FedrampHighSettings`

Deprecated.

This field is deprecated and may be removed in the next major version update.

Returns Input only. Immutable. Settings specific to resources needed for FedRAMP High.

Returns:

(::Google::Cloud::AssuredWorkloads::V1beta1::Workload::FedrampHighSettings) —
Input only. Immutable. Settings specific to resources needed for FedRAMP High.

# File 'proto_docs/google/cloud/assuredworkloads/v1beta1/assuredworkloads.rb', line 299

class Workload
  include ::Google::Protobuf::MessageExts
  extend ::Google::Protobuf::MessageExts::ClassMethods

  # Represent the resources that are children of this Workload.
  # @!attribute [rw] resource_id
  #   @return [::Integer]
  #     Resource identifier.
  #     For a project this represents project_number.
  # @!attribute [rw] resource_type
  #   @return [::Google::Cloud::AssuredWorkloads::V1beta1::Workload::ResourceInfo::ResourceType]
  #     Indicates the type of resource.
  class ResourceInfo
    include ::Google::Protobuf::MessageExts
    extend ::Google::Protobuf::MessageExts::ClassMethods

    # The type of resource.
    module ResourceType
      # Unknown resource type.
      RESOURCE_TYPE_UNSPECIFIED = 0

      # Deprecated. Existing workloads will continue to support this, but new
      # CreateWorkloadRequests should not specify this as an input value.
      CONSUMER_PROJECT = 1

      # Consumer Folder.
      CONSUMER_FOLDER = 4

      # Consumer project containing encryption keys.
      ENCRYPTION_KEYS_PROJECT = 2

      # Keyring resource that hosts encryption keys.
      KEYRING = 3
    end
  end

  # Settings specific to the Key Management Service.
  # @deprecated This message is deprecated and may be removed in the next major version update.
  # @!attribute [rw] next_rotation_time
  #   @return [::Google::Protobuf::Timestamp]
  #     Required. Input only. Immutable. The time at which the Key Management Service will automatically create a
  #     new version of the crypto key and mark it as the primary.
  # @!attribute [rw] rotation_period
  #   @return [::Google::Protobuf::Duration]
  #     Required. Input only. Immutable. [next_rotation_time] will be advanced by this period when the Key
  #     Management Service automatically rotates a key. Must be at least 24 hours
  #     and at most 876,000 hours.
  class KMSSettings
    include ::Google::Protobuf::MessageExts
    extend ::Google::Protobuf::MessageExts::ClassMethods
  end

  # Settings specific to resources needed for IL4.
  # @deprecated This message is deprecated and may be removed in the next major version update.
  # @!attribute [rw] kms_settings
  #   @return [::Google::Cloud::AssuredWorkloads::V1beta1::Workload::KMSSettings]
  #     Input only. Immutable. Settings used to create a CMEK crypto key.
  class IL4Settings
    include ::Google::Protobuf::MessageExts
    extend ::Google::Protobuf::MessageExts::ClassMethods
  end

  # Settings specific to resources needed for CJIS.
  # @deprecated This message is deprecated and may be removed in the next major version update.
  # @!attribute [rw] kms_settings
  #   @return [::Google::Cloud::AssuredWorkloads::V1beta1::Workload::KMSSettings]
  #     Input only. Immutable. Settings used to create a CMEK crypto key.
  class CJISSettings
    include ::Google::Protobuf::MessageExts
    extend ::Google::Protobuf::MessageExts::ClassMethods
  end

  # Settings specific to resources needed for FedRAMP High.
  # @deprecated This message is deprecated and may be removed in the next major version update.
  # @!attribute [rw] kms_settings
  #   @return [::Google::Cloud::AssuredWorkloads::V1beta1::Workload::KMSSettings]
  #     Input only. Immutable. Settings used to create a CMEK crypto key.
  class FedrampHighSettings
    include ::Google::Protobuf::MessageExts
    extend ::Google::Protobuf::MessageExts::ClassMethods
  end

  # Settings specific to resources needed for FedRAMP Moderate.
  # @deprecated This message is deprecated and may be removed in the next major version update.
  # @!attribute [rw] kms_settings
  #   @return [::Google::Cloud::AssuredWorkloads::V1beta1::Workload::KMSSettings]
  #     Input only. Immutable. Settings used to create a CMEK crypto key.
  class FedrampModerateSettings
    include ::Google::Protobuf::MessageExts
    extend ::Google::Protobuf::MessageExts::ClassMethods
  end

  # Represent the custom settings for the resources to be created.
  # @!attribute [rw] resource_id
  #   @return [::String]
  #     Resource identifier.
  #     For a project this represents project_id. If the project is already
  #     taken, the workload creation will fail.
  #     For KeyRing, this represents the keyring_id.
  #     For a folder, don't set this value as folder_id is assigned by Google.
  # @!attribute [rw] resource_type
  #   @return [::Google::Cloud::AssuredWorkloads::V1beta1::Workload::ResourceInfo::ResourceType]
  #     Indicates the type of resource. This field should be specified to
  #     correspond the id to the right project type (CONSUMER_PROJECT or
  #     ENCRYPTION_KEYS_PROJECT)
  # @!attribute [rw] display_name
  #   @return [::String]
  #     User-assigned resource display name.
  #     If not empty it will be used to create a resource with the specified
  #     name.
  class ResourceSettings
    include ::Google::Protobuf::MessageExts
    extend ::Google::Protobuf::MessageExts::ClassMethods
  end

  # Signed Access Approvals (SAA) enrollment response.
  # @!attribute [rw] setup_status
  #   @return [::Google::Cloud::AssuredWorkloads::V1beta1::Workload::SaaEnrollmentResponse::SetupState]
  #     Indicates SAA enrollment status of a given workload.
  # @!attribute [rw] setup_errors
  #   @return [::Array<::Google::Cloud::AssuredWorkloads::V1beta1::Workload::SaaEnrollmentResponse::SetupError>]
  #     Indicates SAA enrollment setup error if any.
  class SaaEnrollmentResponse
    include ::Google::Protobuf::MessageExts
    extend ::Google::Protobuf::MessageExts::ClassMethods

    # Setup state of SAA enrollment.
    module SetupState
      # Unspecified.
      SETUP_STATE_UNSPECIFIED = 0

      # SAA enrollment pending.
      STATUS_PENDING = 1

      # SAA enrollment comopleted.
      STATUS_COMPLETE = 2
    end

    # Setup error of SAA enrollment.
    module SetupError
      # Unspecified.
      SETUP_ERROR_UNSPECIFIED = 0

      # Invalid states for all customers, to be redirected to AA UI for
      # additional details.
      ERROR_INVALID_BASE_SETUP = 1

      # Returned when there is not an EKM key configured.
      ERROR_MISSING_EXTERNAL_SIGNING_KEY = 2

      # Returned when there are no enrolled services or the customer is
      # enrolled in CAA only for a subset of services.
      ERROR_NOT_ALL_SERVICES_ENROLLED = 3

      # Returned when exception was encountered during evaluation of other
      # criteria.
      ERROR_SETUP_CHECK_FAILED = 4
    end
  end

  # @!attribute [rw] key
  #   @return [::String]
  # @!attribute [rw] value
  #   @return [::String]
  class LabelsEntry
    include ::Google::Protobuf::MessageExts
    extend ::Google::Protobuf::MessageExts::ClassMethods
  end

  # Supported Compliance Regimes.
  module ComplianceRegime
    # Unknown compliance regime.
    COMPLIANCE_REGIME_UNSPECIFIED = 0

    # Information protection as per DoD IL4 requirements.
    IL4 = 1

    # Criminal Justice Information Services (CJIS) Security policies.
    CJIS = 2

    # FedRAMP High data protection controls
    FEDRAMP_HIGH = 3

    # FedRAMP Moderate data protection controls
    FEDRAMP_MODERATE = 4

    # Assured Workloads For US Regions data protection controls
    US_REGIONAL_ACCESS = 5

    # Health Insurance Portability and Accountability Act controls
    HIPAA = 6

    # Health Information Trust Alliance controls
    HITRUST = 7

    # Assured Workloads For EU Regions and Support controls
    EU_REGIONS_AND_SUPPORT = 8

    # Assured Workloads For Canada Regions and Support controls
    CA_REGIONS_AND_SUPPORT = 9

    # International Traffic in Arms Regulations
    ITAR = 10

    # Assured Workloads for Australia Regions and Support controls
    AU_REGIONS_AND_US_SUPPORT = 11
  end

  # Key Access Justifications(KAJ) Enrollment State.
  module KajEnrollmentState
    # Default State for KAJ Enrollment.
    KAJ_ENROLLMENT_STATE_UNSPECIFIED = 0

    # Pending State for KAJ Enrollment.
    KAJ_ENROLLMENT_STATE_PENDING = 1

    # Complete State for KAJ Enrollment.
    KAJ_ENROLLMENT_STATE_COMPLETE = 2
  end
end

#fedramp_moderate_settings ⇒ `::Google::Cloud::AssuredWorkloads::V1beta1::Workload::FedrampModerateSettings`

Deprecated.

This field is deprecated and may be removed in the next major version update.

Returns Input only. Immutable. Settings specific to resources needed for FedRAMP Moderate.

Returns:

(::Google::Cloud::AssuredWorkloads::V1beta1::Workload::FedrampModerateSettings) —
Input only. Immutable. Settings specific to resources needed for FedRAMP Moderate.

# File 'proto_docs/google/cloud/assuredworkloads/v1beta1/assuredworkloads.rb', line 299

class Workload
  include ::Google::Protobuf::MessageExts
  extend ::Google::Protobuf::MessageExts::ClassMethods

  # Represent the resources that are children of this Workload.
  # @!attribute [rw] resource_id
  #   @return [::Integer]
  #     Resource identifier.
  #     For a project this represents project_number.
  # @!attribute [rw] resource_type
  #   @return [::Google::Cloud::AssuredWorkloads::V1beta1::Workload::ResourceInfo::ResourceType]
  #     Indicates the type of resource.
  class ResourceInfo
    include ::Google::Protobuf::MessageExts
    extend ::Google::Protobuf::MessageExts::ClassMethods

    # The type of resource.
    module ResourceType
      # Unknown resource type.
      RESOURCE_TYPE_UNSPECIFIED = 0

      # Deprecated. Existing workloads will continue to support this, but new
      # CreateWorkloadRequests should not specify this as an input value.
      CONSUMER_PROJECT = 1

      # Consumer Folder.
      CONSUMER_FOLDER = 4

      # Consumer project containing encryption keys.
      ENCRYPTION_KEYS_PROJECT = 2

      # Keyring resource that hosts encryption keys.
      KEYRING = 3
    end
  end

  # Settings specific to the Key Management Service.
  # @deprecated This message is deprecated and may be removed in the next major version update.
  # @!attribute [rw] next_rotation_time
  #   @return [::Google::Protobuf::Timestamp]
  #     Required. Input only. Immutable. The time at which the Key Management Service will automatically create a
  #     new version of the crypto key and mark it as the primary.
  # @!attribute [rw] rotation_period
  #   @return [::Google::Protobuf::Duration]
  #     Required. Input only. Immutable. [next_rotation_time] will be advanced by this period when the Key
  #     Management Service automatically rotates a key. Must be at least 24 hours
  #     and at most 876,000 hours.
  class KMSSettings
    include ::Google::Protobuf::MessageExts
    extend ::Google::Protobuf::MessageExts::ClassMethods
  end

  # Settings specific to resources needed for IL4.
  # @deprecated This message is deprecated and may be removed in the next major version update.
  # @!attribute [rw] kms_settings
  #   @return [::Google::Cloud::AssuredWorkloads::V1beta1::Workload::KMSSettings]
  #     Input only. Immutable. Settings used to create a CMEK crypto key.
  class IL4Settings
    include ::Google::Protobuf::MessageExts
    extend ::Google::Protobuf::MessageExts::ClassMethods
  end

  # Settings specific to resources needed for CJIS.
  # @deprecated This message is deprecated and may be removed in the next major version update.
  # @!attribute [rw] kms_settings
  #   @return [::Google::Cloud::AssuredWorkloads::V1beta1::Workload::KMSSettings]
  #     Input only. Immutable. Settings used to create a CMEK crypto key.
  class CJISSettings
    include ::Google::Protobuf::MessageExts
    extend ::Google::Protobuf::MessageExts::ClassMethods
  end

  # Settings specific to resources needed for FedRAMP High.
  # @deprecated This message is deprecated and may be removed in the next major version update.
  # @!attribute [rw] kms_settings
  #   @return [::Google::Cloud::AssuredWorkloads::V1beta1::Workload::KMSSettings]
  #     Input only. Immutable. Settings used to create a CMEK crypto key.
  class FedrampHighSettings
    include ::Google::Protobuf::MessageExts
    extend ::Google::Protobuf::MessageExts::ClassMethods
  end

  # Settings specific to resources needed for FedRAMP Moderate.
  # @deprecated This message is deprecated and may be removed in the next major version update.
  # @!attribute [rw] kms_settings
  #   @return [::Google::Cloud::AssuredWorkloads::V1beta1::Workload::KMSSettings]
  #     Input only. Immutable. Settings used to create a CMEK crypto key.
  class FedrampModerateSettings
    include ::Google::Protobuf::MessageExts
    extend ::Google::Protobuf::MessageExts::ClassMethods
  end

  # Represent the custom settings for the resources to be created.
  # @!attribute [rw] resource_id
  #   @return [::String]
  #     Resource identifier.
  #     For a project this represents project_id. If the project is already
  #     taken, the workload creation will fail.
  #     For KeyRing, this represents the keyring_id.
  #     For a folder, don't set this value as folder_id is assigned by Google.
  # @!attribute [rw] resource_type
  #   @return [::Google::Cloud::AssuredWorkloads::V1beta1::Workload::ResourceInfo::ResourceType]
  #     Indicates the type of resource. This field should be specified to
  #     correspond the id to the right project type (CONSUMER_PROJECT or
  #     ENCRYPTION_KEYS_PROJECT)
  # @!attribute [rw] display_name
  #   @return [::String]
  #     User-assigned resource display name.
  #     If not empty it will be used to create a resource with the specified
  #     name.
  class ResourceSettings
    include ::Google::Protobuf::MessageExts
    extend ::Google::Protobuf::MessageExts::ClassMethods
  end

  # Signed Access Approvals (SAA) enrollment response.
  # @!attribute [rw] setup_status
  #   @return [::Google::Cloud::AssuredWorkloads::V1beta1::Workload::SaaEnrollmentResponse::SetupState]
  #     Indicates SAA enrollment status of a given workload.
  # @!attribute [rw] setup_errors
  #   @return [::Array<::Google::Cloud::AssuredWorkloads::V1beta1::Workload::SaaEnrollmentResponse::SetupError>]
  #     Indicates SAA enrollment setup error if any.
  class SaaEnrollmentResponse
    include ::Google::Protobuf::MessageExts
    extend ::Google::Protobuf::MessageExts::ClassMethods

    # Setup state of SAA enrollment.
    module SetupState
      # Unspecified.
      SETUP_STATE_UNSPECIFIED = 0

      # SAA enrollment pending.
      STATUS_PENDING = 1

      # SAA enrollment comopleted.
      STATUS_COMPLETE = 2
    end

    # Setup error of SAA enrollment.
    module SetupError
      # Unspecified.
      SETUP_ERROR_UNSPECIFIED = 0

      # Invalid states for all customers, to be redirected to AA UI for
      # additional details.
      ERROR_INVALID_BASE_SETUP = 1

      # Returned when there is not an EKM key configured.
      ERROR_MISSING_EXTERNAL_SIGNING_KEY = 2

      # Returned when there are no enrolled services or the customer is
      # enrolled in CAA only for a subset of services.
      ERROR_NOT_ALL_SERVICES_ENROLLED = 3

      # Returned when exception was encountered during evaluation of other
      # criteria.
      ERROR_SETUP_CHECK_FAILED = 4
    end
  end

  # @!attribute [rw] key
  #   @return [::String]
  # @!attribute [rw] value
  #   @return [::String]
  class LabelsEntry
    include ::Google::Protobuf::MessageExts
    extend ::Google::Protobuf::MessageExts::ClassMethods
  end

  # Supported Compliance Regimes.
  module ComplianceRegime
    # Unknown compliance regime.
    COMPLIANCE_REGIME_UNSPECIFIED = 0

    # Information protection as per DoD IL4 requirements.
    IL4 = 1

    # Criminal Justice Information Services (CJIS) Security policies.
    CJIS = 2

    # FedRAMP High data protection controls
    FEDRAMP_HIGH = 3

    # FedRAMP Moderate data protection controls
    FEDRAMP_MODERATE = 4

    # Assured Workloads For US Regions data protection controls
    US_REGIONAL_ACCESS = 5

    # Health Insurance Portability and Accountability Act controls
    HIPAA = 6

    # Health Information Trust Alliance controls
    HITRUST = 7

    # Assured Workloads For EU Regions and Support controls
    EU_REGIONS_AND_SUPPORT = 8

    # Assured Workloads For Canada Regions and Support controls
    CA_REGIONS_AND_SUPPORT = 9

    # International Traffic in Arms Regulations
    ITAR = 10

    # Assured Workloads for Australia Regions and Support controls
    AU_REGIONS_AND_US_SUPPORT = 11
  end

  # Key Access Justifications(KAJ) Enrollment State.
  module KajEnrollmentState
    # Default State for KAJ Enrollment.
    KAJ_ENROLLMENT_STATE_UNSPECIFIED = 0

    # Pending State for KAJ Enrollment.
    KAJ_ENROLLMENT_STATE_PENDING = 1

    # Complete State for KAJ Enrollment.
    KAJ_ENROLLMENT_STATE_COMPLETE = 2
  end
end

#il4_settings ⇒ `::Google::Cloud::AssuredWorkloads::V1beta1::Workload::IL4Settings`

Deprecated.

This field is deprecated and may be removed in the next major version update.

Returns Input only. Immutable. Settings specific to resources needed for IL4.

Returns:

(::Google::Cloud::AssuredWorkloads::V1beta1::Workload::IL4Settings) —
Input only. Immutable. Settings specific to resources needed for IL4.

# File 'proto_docs/google/cloud/assuredworkloads/v1beta1/assuredworkloads.rb', line 299

class Workload
  include ::Google::Protobuf::MessageExts
  extend ::Google::Protobuf::MessageExts::ClassMethods

  # Represent the resources that are children of this Workload.
  # @!attribute [rw] resource_id
  #   @return [::Integer]
  #     Resource identifier.
  #     For a project this represents project_number.
  # @!attribute [rw] resource_type
  #   @return [::Google::Cloud::AssuredWorkloads::V1beta1::Workload::ResourceInfo::ResourceType]
  #     Indicates the type of resource.
  class ResourceInfo
    include ::Google::Protobuf::MessageExts
    extend ::Google::Protobuf::MessageExts::ClassMethods

    # The type of resource.
    module ResourceType
      # Unknown resource type.
      RESOURCE_TYPE_UNSPECIFIED = 0

      # Deprecated. Existing workloads will continue to support this, but new
      # CreateWorkloadRequests should not specify this as an input value.
      CONSUMER_PROJECT = 1

      # Consumer Folder.
      CONSUMER_FOLDER = 4

      # Consumer project containing encryption keys.
      ENCRYPTION_KEYS_PROJECT = 2

      # Keyring resource that hosts encryption keys.
      KEYRING = 3
    end
  end

  # Settings specific to the Key Management Service.
  # @deprecated This message is deprecated and may be removed in the next major version update.
  # @!attribute [rw] next_rotation_time
  #   @return [::Google::Protobuf::Timestamp]
  #     Required. Input only. Immutable. The time at which the Key Management Service will automatically create a
  #     new version of the crypto key and mark it as the primary.
  # @!attribute [rw] rotation_period
  #   @return [::Google::Protobuf::Duration]
  #     Required. Input only. Immutable. [next_rotation_time] will be advanced by this period when the Key
  #     Management Service automatically rotates a key. Must be at least 24 hours
  #     and at most 876,000 hours.
  class KMSSettings
    include ::Google::Protobuf::MessageExts
    extend ::Google::Protobuf::MessageExts::ClassMethods
  end

  # Settings specific to resources needed for IL4.
  # @deprecated This message is deprecated and may be removed in the next major version update.
  # @!attribute [rw] kms_settings
  #   @return [::Google::Cloud::AssuredWorkloads::V1beta1::Workload::KMSSettings]
  #     Input only. Immutable. Settings used to create a CMEK crypto key.
  class IL4Settings
    include ::Google::Protobuf::MessageExts
    extend ::Google::Protobuf::MessageExts::ClassMethods
  end

  # Settings specific to resources needed for CJIS.
  # @deprecated This message is deprecated and may be removed in the next major version update.
  # @!attribute [rw] kms_settings
  #   @return [::Google::Cloud::AssuredWorkloads::V1beta1::Workload::KMSSettings]
  #     Input only. Immutable. Settings used to create a CMEK crypto key.
  class CJISSettings
    include ::Google::Protobuf::MessageExts
    extend ::Google::Protobuf::MessageExts::ClassMethods
  end

  # Settings specific to resources needed for FedRAMP High.
  # @deprecated This message is deprecated and may be removed in the next major version update.
  # @!attribute [rw] kms_settings
  #   @return [::Google::Cloud::AssuredWorkloads::V1beta1::Workload::KMSSettings]
  #     Input only. Immutable. Settings used to create a CMEK crypto key.
  class FedrampHighSettings
    include ::Google::Protobuf::MessageExts
    extend ::Google::Protobuf::MessageExts::ClassMethods
  end

  # Settings specific to resources needed for FedRAMP Moderate.
  # @deprecated This message is deprecated and may be removed in the next major version update.
  # @!attribute [rw] kms_settings
  #   @return [::Google::Cloud::AssuredWorkloads::V1beta1::Workload::KMSSettings]
  #     Input only. Immutable. Settings used to create a CMEK crypto key.
  class FedrampModerateSettings
    include ::Google::Protobuf::MessageExts
    extend ::Google::Protobuf::MessageExts::ClassMethods
  end

  # Represent the custom settings for the resources to be created.
  # @!attribute [rw] resource_id
  #   @return [::String]
  #     Resource identifier.
  #     For a project this represents project_id. If the project is already
  #     taken, the workload creation will fail.
  #     For KeyRing, this represents the keyring_id.
  #     For a folder, don't set this value as folder_id is assigned by Google.
  # @!attribute [rw] resource_type
  #   @return [::Google::Cloud::AssuredWorkloads::V1beta1::Workload::ResourceInfo::ResourceType]
  #     Indicates the type of resource. This field should be specified to
  #     correspond the id to the right project type (CONSUMER_PROJECT or
  #     ENCRYPTION_KEYS_PROJECT)
  # @!attribute [rw] display_name
  #   @return [::String]
  #     User-assigned resource display name.
  #     If not empty it will be used to create a resource with the specified
  #     name.
  class ResourceSettings
    include ::Google::Protobuf::MessageExts
    extend ::Google::Protobuf::MessageExts::ClassMethods
  end

  # Signed Access Approvals (SAA) enrollment response.
  # @!attribute [rw] setup_status
  #   @return [::Google::Cloud::AssuredWorkloads::V1beta1::Workload::SaaEnrollmentResponse::SetupState]
  #     Indicates SAA enrollment status of a given workload.
  # @!attribute [rw] setup_errors
  #   @return [::Array<::Google::Cloud::AssuredWorkloads::V1beta1::Workload::SaaEnrollmentResponse::SetupError>]
  #     Indicates SAA enrollment setup error if any.
  class SaaEnrollmentResponse
    include ::Google::Protobuf::MessageExts
    extend ::Google::Protobuf::MessageExts::ClassMethods

    # Setup state of SAA enrollment.
    module SetupState
      # Unspecified.
      SETUP_STATE_UNSPECIFIED = 0

      # SAA enrollment pending.
      STATUS_PENDING = 1

      # SAA enrollment comopleted.
      STATUS_COMPLETE = 2
    end

    # Setup error of SAA enrollment.
    module SetupError
      # Unspecified.
      SETUP_ERROR_UNSPECIFIED = 0

      # Invalid states for all customers, to be redirected to AA UI for
      # additional details.
      ERROR_INVALID_BASE_SETUP = 1

      # Returned when there is not an EKM key configured.
      ERROR_MISSING_EXTERNAL_SIGNING_KEY = 2

      # Returned when there are no enrolled services or the customer is
      # enrolled in CAA only for a subset of services.
      ERROR_NOT_ALL_SERVICES_ENROLLED = 3

      # Returned when exception was encountered during evaluation of other
      # criteria.
      ERROR_SETUP_CHECK_FAILED = 4
    end
  end

  # @!attribute [rw] key
  #   @return [::String]
  # @!attribute [rw] value
  #   @return [::String]
  class LabelsEntry
    include ::Google::Protobuf::MessageExts
    extend ::Google::Protobuf::MessageExts::ClassMethods
  end

  # Supported Compliance Regimes.
  module ComplianceRegime
    # Unknown compliance regime.
    COMPLIANCE_REGIME_UNSPECIFIED = 0

    # Information protection as per DoD IL4 requirements.
    IL4 = 1

    # Criminal Justice Information Services (CJIS) Security policies.
    CJIS = 2

    # FedRAMP High data protection controls
    FEDRAMP_HIGH = 3

    # FedRAMP Moderate data protection controls
    FEDRAMP_MODERATE = 4

    # Assured Workloads For US Regions data protection controls
    US_REGIONAL_ACCESS = 5

    # Health Insurance Portability and Accountability Act controls
    HIPAA = 6

    # Health Information Trust Alliance controls
    HITRUST = 7

    # Assured Workloads For EU Regions and Support controls
    EU_REGIONS_AND_SUPPORT = 8

    # Assured Workloads For Canada Regions and Support controls
    CA_REGIONS_AND_SUPPORT = 9

    # International Traffic in Arms Regulations
    ITAR = 10

    # Assured Workloads for Australia Regions and Support controls
    AU_REGIONS_AND_US_SUPPORT = 11
  end

  # Key Access Justifications(KAJ) Enrollment State.
  module KajEnrollmentState
    # Default State for KAJ Enrollment.
    KAJ_ENROLLMENT_STATE_UNSPECIFIED = 0

    # Pending State for KAJ Enrollment.
    KAJ_ENROLLMENT_STATE_PENDING = 1

    # Complete State for KAJ Enrollment.
    KAJ_ENROLLMENT_STATE_COMPLETE = 2
  end
end

#kaj_enrollment_state ⇒ `::Google::Cloud::AssuredWorkloads::V1beta1::Workload::KajEnrollmentState` (readonly)

Returns Output only. Represents the KAJ enrollment state of the given workload.

Returns:

(::Google::Cloud::AssuredWorkloads::V1beta1::Workload::KajEnrollmentState) —
Output only. Represents the KAJ enrollment state of the given workload.

# File 'proto_docs/google/cloud/assuredworkloads/v1beta1/assuredworkloads.rb', line 299

class Workload
  include ::Google::Protobuf::MessageExts
  extend ::Google::Protobuf::MessageExts::ClassMethods

  # Represent the resources that are children of this Workload.
  # @!attribute [rw] resource_id
  #   @return [::Integer]
  #     Resource identifier.
  #     For a project this represents project_number.
  # @!attribute [rw] resource_type
  #   @return [::Google::Cloud::AssuredWorkloads::V1beta1::Workload::ResourceInfo::ResourceType]
  #     Indicates the type of resource.
  class ResourceInfo
    include ::Google::Protobuf::MessageExts
    extend ::Google::Protobuf::MessageExts::ClassMethods

    # The type of resource.
    module ResourceType
      # Unknown resource type.
      RESOURCE_TYPE_UNSPECIFIED = 0

      # Deprecated. Existing workloads will continue to support this, but new
      # CreateWorkloadRequests should not specify this as an input value.
      CONSUMER_PROJECT = 1

      # Consumer Folder.
      CONSUMER_FOLDER = 4

      # Consumer project containing encryption keys.
      ENCRYPTION_KEYS_PROJECT = 2

      # Keyring resource that hosts encryption keys.
      KEYRING = 3
    end
  end

  # Settings specific to the Key Management Service.
  # @deprecated This message is deprecated and may be removed in the next major version update.
  # @!attribute [rw] next_rotation_time
  #   @return [::Google::Protobuf::Timestamp]
  #     Required. Input only. Immutable. The time at which the Key Management Service will automatically create a
  #     new version of the crypto key and mark it as the primary.
  # @!attribute [rw] rotation_period
  #   @return [::Google::Protobuf::Duration]
  #     Required. Input only. Immutable. [next_rotation_time] will be advanced by this period when the Key
  #     Management Service automatically rotates a key. Must be at least 24 hours
  #     and at most 876,000 hours.
  class KMSSettings
    include ::Google::Protobuf::MessageExts
    extend ::Google::Protobuf::MessageExts::ClassMethods
  end

  # Settings specific to resources needed for IL4.
  # @deprecated This message is deprecated and may be removed in the next major version update.
  # @!attribute [rw] kms_settings
  #   @return [::Google::Cloud::AssuredWorkloads::V1beta1::Workload::KMSSettings]
  #     Input only. Immutable. Settings used to create a CMEK crypto key.
  class IL4Settings
    include ::Google::Protobuf::MessageExts
    extend ::Google::Protobuf::MessageExts::ClassMethods
  end

  # Settings specific to resources needed for CJIS.
  # @deprecated This message is deprecated and may be removed in the next major version update.
  # @!attribute [rw] kms_settings
  #   @return [::Google::Cloud::AssuredWorkloads::V1beta1::Workload::KMSSettings]
  #     Input only. Immutable. Settings used to create a CMEK crypto key.
  class CJISSettings
    include ::Google::Protobuf::MessageExts
    extend ::Google::Protobuf::MessageExts::ClassMethods
  end

  # Settings specific to resources needed for FedRAMP High.
  # @deprecated This message is deprecated and may be removed in the next major version update.
  # @!attribute [rw] kms_settings
  #   @return [::Google::Cloud::AssuredWorkloads::V1beta1::Workload::KMSSettings]
  #     Input only. Immutable. Settings used to create a CMEK crypto key.
  class FedrampHighSettings
    include ::Google::Protobuf::MessageExts
    extend ::Google::Protobuf::MessageExts::ClassMethods
  end

  # Settings specific to resources needed for FedRAMP Moderate.
  # @deprecated This message is deprecated and may be removed in the next major version update.
  # @!attribute [rw] kms_settings
  #   @return [::Google::Cloud::AssuredWorkloads::V1beta1::Workload::KMSSettings]
  #     Input only. Immutable. Settings used to create a CMEK crypto key.
  class FedrampModerateSettings
    include ::Google::Protobuf::MessageExts
    extend ::Google::Protobuf::MessageExts::ClassMethods
  end

  # Represent the custom settings for the resources to be created.
  # @!attribute [rw] resource_id
  #   @return [::String]
  #     Resource identifier.
  #     For a project this represents project_id. If the project is already
  #     taken, the workload creation will fail.
  #     For KeyRing, this represents the keyring_id.
  #     For a folder, don't set this value as folder_id is assigned by Google.
  # @!attribute [rw] resource_type
  #   @return [::Google::Cloud::AssuredWorkloads::V1beta1::Workload::ResourceInfo::ResourceType]
  #     Indicates the type of resource. This field should be specified to
  #     correspond the id to the right project type (CONSUMER_PROJECT or
  #     ENCRYPTION_KEYS_PROJECT)
  # @!attribute [rw] display_name
  #   @return [::String]
  #     User-assigned resource display name.
  #     If not empty it will be used to create a resource with the specified
  #     name.
  class ResourceSettings
    include ::Google::Protobuf::MessageExts
    extend ::Google::Protobuf::MessageExts::ClassMethods
  end

  # Signed Access Approvals (SAA) enrollment response.
  # @!attribute [rw] setup_status
  #   @return [::Google::Cloud::AssuredWorkloads::V1beta1::Workload::SaaEnrollmentResponse::SetupState]
  #     Indicates SAA enrollment status of a given workload.
  # @!attribute [rw] setup_errors
  #   @return [::Array<::Google::Cloud::AssuredWorkloads::V1beta1::Workload::SaaEnrollmentResponse::SetupError>]
  #     Indicates SAA enrollment setup error if any.
  class SaaEnrollmentResponse
    include ::Google::Protobuf::MessageExts
    extend ::Google::Protobuf::MessageExts::ClassMethods

    # Setup state of SAA enrollment.
    module SetupState
      # Unspecified.
      SETUP_STATE_UNSPECIFIED = 0

      # SAA enrollment pending.
      STATUS_PENDING = 1

      # SAA enrollment comopleted.
      STATUS_COMPLETE = 2
    end

    # Setup error of SAA enrollment.
    module SetupError
      # Unspecified.
      SETUP_ERROR_UNSPECIFIED = 0

      # Invalid states for all customers, to be redirected to AA UI for
      # additional details.
      ERROR_INVALID_BASE_SETUP = 1

      # Returned when there is not an EKM key configured.
      ERROR_MISSING_EXTERNAL_SIGNING_KEY = 2

      # Returned when there are no enrolled services or the customer is
      # enrolled in CAA only for a subset of services.
      ERROR_NOT_ALL_SERVICES_ENROLLED = 3

      # Returned when exception was encountered during evaluation of other
      # criteria.
      ERROR_SETUP_CHECK_FAILED = 4
    end
  end

  # @!attribute [rw] key
  #   @return [::String]
  # @!attribute [rw] value
  #   @return [::String]
  class LabelsEntry
    include ::Google::Protobuf::MessageExts
    extend ::Google::Protobuf::MessageExts::ClassMethods
  end

  # Supported Compliance Regimes.
  module ComplianceRegime
    # Unknown compliance regime.
    COMPLIANCE_REGIME_UNSPECIFIED = 0

    # Information protection as per DoD IL4 requirements.
    IL4 = 1

    # Criminal Justice Information Services (CJIS) Security policies.
    CJIS = 2

    # FedRAMP High data protection controls
    FEDRAMP_HIGH = 3

    # FedRAMP Moderate data protection controls
    FEDRAMP_MODERATE = 4

    # Assured Workloads For US Regions data protection controls
    US_REGIONAL_ACCESS = 5

    # Health Insurance Portability and Accountability Act controls
    HIPAA = 6

    # Health Information Trust Alliance controls
    HITRUST = 7

    # Assured Workloads For EU Regions and Support controls
    EU_REGIONS_AND_SUPPORT = 8

    # Assured Workloads For Canada Regions and Support controls
    CA_REGIONS_AND_SUPPORT = 9

    # International Traffic in Arms Regulations
    ITAR = 10

    # Assured Workloads for Australia Regions and Support controls
    AU_REGIONS_AND_US_SUPPORT = 11
  end

  # Key Access Justifications(KAJ) Enrollment State.
  module KajEnrollmentState
    # Default State for KAJ Enrollment.
    KAJ_ENROLLMENT_STATE_UNSPECIFIED = 0

    # Pending State for KAJ Enrollment.
    KAJ_ENROLLMENT_STATE_PENDING = 1

    # Complete State for KAJ Enrollment.
    KAJ_ENROLLMENT_STATE_COMPLETE = 2
  end
end

#kms_settings ⇒ `::Google::Cloud::AssuredWorkloads::V1beta1::Workload::KMSSettings`

Deprecated.

This field is deprecated and may be removed in the next major version update.

Returns Input only. Settings used to create a CMEK crypto key. When set, a project with a KMS CMEK key is provisioned. This field is deprecated as of Feb 28, 2022. In order to create a Keyring, callers should specify, ENCRYPTION_KEYS_PROJECT or KEYRING in ResourceSettings.resource_type field.

Returns:

(::Google::Cloud::AssuredWorkloads::V1beta1::Workload::KMSSettings) —
Input only. Settings used to create a CMEK crypto key. When set, a project with a KMS CMEK key is provisioned. This field is deprecated as of Feb 28, 2022. In order to create a Keyring, callers should specify, ENCRYPTION_KEYS_PROJECT or KEYRING in ResourceSettings.resource_type field.

# File 'proto_docs/google/cloud/assuredworkloads/v1beta1/assuredworkloads.rb', line 299

class Workload
  include ::Google::Protobuf::MessageExts
  extend ::Google::Protobuf::MessageExts::ClassMethods

  # Represent the resources that are children of this Workload.
  # @!attribute [rw] resource_id
  #   @return [::Integer]
  #     Resource identifier.
  #     For a project this represents project_number.
  # @!attribute [rw] resource_type
  #   @return [::Google::Cloud::AssuredWorkloads::V1beta1::Workload::ResourceInfo::ResourceType]
  #     Indicates the type of resource.
  class ResourceInfo
    include ::Google::Protobuf::MessageExts
    extend ::Google::Protobuf::MessageExts::ClassMethods

    # The type of resource.
    module ResourceType
      # Unknown resource type.
      RESOURCE_TYPE_UNSPECIFIED = 0

      # Deprecated. Existing workloads will continue to support this, but new
      # CreateWorkloadRequests should not specify this as an input value.
      CONSUMER_PROJECT = 1

      # Consumer Folder.
      CONSUMER_FOLDER = 4

      # Consumer project containing encryption keys.
      ENCRYPTION_KEYS_PROJECT = 2

      # Keyring resource that hosts encryption keys.
      KEYRING = 3
    end
  end

  # Settings specific to the Key Management Service.
  # @deprecated This message is deprecated and may be removed in the next major version update.
  # @!attribute [rw] next_rotation_time
  #   @return [::Google::Protobuf::Timestamp]
  #     Required. Input only. Immutable. The time at which the Key Management Service will automatically create a
  #     new version of the crypto key and mark it as the primary.
  # @!attribute [rw] rotation_period
  #   @return [::Google::Protobuf::Duration]
  #     Required. Input only. Immutable. [next_rotation_time] will be advanced by this period when the Key
  #     Management Service automatically rotates a key. Must be at least 24 hours
  #     and at most 876,000 hours.
  class KMSSettings
    include ::Google::Protobuf::MessageExts
    extend ::Google::Protobuf::MessageExts::ClassMethods
  end

  # Settings specific to resources needed for IL4.
  # @deprecated This message is deprecated and may be removed in the next major version update.
  # @!attribute [rw] kms_settings
  #   @return [::Google::Cloud::AssuredWorkloads::V1beta1::Workload::KMSSettings]
  #     Input only. Immutable. Settings used to create a CMEK crypto key.
  class IL4Settings
    include ::Google::Protobuf::MessageExts
    extend ::Google::Protobuf::MessageExts::ClassMethods
  end

  # Settings specific to resources needed for CJIS.
  # @deprecated This message is deprecated and may be removed in the next major version update.
  # @!attribute [rw] kms_settings
  #   @return [::Google::Cloud::AssuredWorkloads::V1beta1::Workload::KMSSettings]
  #     Input only. Immutable. Settings used to create a CMEK crypto key.
  class CJISSettings
    include ::Google::Protobuf::MessageExts
    extend ::Google::Protobuf::MessageExts::ClassMethods
  end

  # Settings specific to resources needed for FedRAMP High.
  # @deprecated This message is deprecated and may be removed in the next major version update.
  # @!attribute [rw] kms_settings
  #   @return [::Google::Cloud::AssuredWorkloads::V1beta1::Workload::KMSSettings]
  #     Input only. Immutable. Settings used to create a CMEK crypto key.
  class FedrampHighSettings
    include ::Google::Protobuf::MessageExts
    extend ::Google::Protobuf::MessageExts::ClassMethods
  end

  # Settings specific to resources needed for FedRAMP Moderate.
  # @deprecated This message is deprecated and may be removed in the next major version update.
  # @!attribute [rw] kms_settings
  #   @return [::Google::Cloud::AssuredWorkloads::V1beta1::Workload::KMSSettings]
  #     Input only. Immutable. Settings used to create a CMEK crypto key.
  class FedrampModerateSettings
    include ::Google::Protobuf::MessageExts
    extend ::Google::Protobuf::MessageExts::ClassMethods
  end

  # Represent the custom settings for the resources to be created.
  # @!attribute [rw] resource_id
  #   @return [::String]
  #     Resource identifier.
  #     For a project this represents project_id. If the project is already
  #     taken, the workload creation will fail.
  #     For KeyRing, this represents the keyring_id.
  #     For a folder, don't set this value as folder_id is assigned by Google.
  # @!attribute [rw] resource_type
  #   @return [::Google::Cloud::AssuredWorkloads::V1beta1::Workload::ResourceInfo::ResourceType]
  #     Indicates the type of resource. This field should be specified to
  #     correspond the id to the right project type (CONSUMER_PROJECT or
  #     ENCRYPTION_KEYS_PROJECT)
  # @!attribute [rw] display_name
  #   @return [::String]
  #     User-assigned resource display name.
  #     If not empty it will be used to create a resource with the specified
  #     name.
  class ResourceSettings
    include ::Google::Protobuf::MessageExts
    extend ::Google::Protobuf::MessageExts::ClassMethods
  end

  # Signed Access Approvals (SAA) enrollment response.
  # @!attribute [rw] setup_status
  #   @return [::Google::Cloud::AssuredWorkloads::V1beta1::Workload::SaaEnrollmentResponse::SetupState]
  #     Indicates SAA enrollment status of a given workload.
  # @!attribute [rw] setup_errors
  #   @return [::Array<::Google::Cloud::AssuredWorkloads::V1beta1::Workload::SaaEnrollmentResponse::SetupError>]
  #     Indicates SAA enrollment setup error if any.
  class SaaEnrollmentResponse
    include ::Google::Protobuf::MessageExts
    extend ::Google::Protobuf::MessageExts::ClassMethods

    # Setup state of SAA enrollment.
    module SetupState
      # Unspecified.
      SETUP_STATE_UNSPECIFIED = 0

      # SAA enrollment pending.
      STATUS_PENDING = 1

      # SAA enrollment comopleted.
      STATUS_COMPLETE = 2
    end

    # Setup error of SAA enrollment.
    module SetupError
      # Unspecified.
      SETUP_ERROR_UNSPECIFIED = 0

      # Invalid states for all customers, to be redirected to AA UI for
      # additional details.
      ERROR_INVALID_BASE_SETUP = 1

      # Returned when there is not an EKM key configured.
      ERROR_MISSING_EXTERNAL_SIGNING_KEY = 2

      # Returned when there are no enrolled services or the customer is
      # enrolled in CAA only for a subset of services.
      ERROR_NOT_ALL_SERVICES_ENROLLED = 3

      # Returned when exception was encountered during evaluation of other
      # criteria.
      ERROR_SETUP_CHECK_FAILED = 4
    end
  end

  # @!attribute [rw] key
  #   @return [::String]
  # @!attribute [rw] value
  #   @return [::String]
  class LabelsEntry
    include ::Google::Protobuf::MessageExts
    extend ::Google::Protobuf::MessageExts::ClassMethods
  end

  # Supported Compliance Regimes.
  module ComplianceRegime
    # Unknown compliance regime.
    COMPLIANCE_REGIME_UNSPECIFIED = 0

    # Information protection as per DoD IL4 requirements.
    IL4 = 1

    # Criminal Justice Information Services (CJIS) Security policies.
    CJIS = 2

    # FedRAMP High data protection controls
    FEDRAMP_HIGH = 3

    # FedRAMP Moderate data protection controls
    FEDRAMP_MODERATE = 4

    # Assured Workloads For US Regions data protection controls
    US_REGIONAL_ACCESS = 5

    # Health Insurance Portability and Accountability Act controls
    HIPAA = 6

    # Health Information Trust Alliance controls
    HITRUST = 7

    # Assured Workloads For EU Regions and Support controls
    EU_REGIONS_AND_SUPPORT = 8

    # Assured Workloads For Canada Regions and Support controls
    CA_REGIONS_AND_SUPPORT = 9

    # International Traffic in Arms Regulations
    ITAR = 10

    # Assured Workloads for Australia Regions and Support controls
    AU_REGIONS_AND_US_SUPPORT = 11
  end

  # Key Access Justifications(KAJ) Enrollment State.
  module KajEnrollmentState
    # Default State for KAJ Enrollment.
    KAJ_ENROLLMENT_STATE_UNSPECIFIED = 0

    # Pending State for KAJ Enrollment.
    KAJ_ENROLLMENT_STATE_PENDING = 1

    # Complete State for KAJ Enrollment.
    KAJ_ENROLLMENT_STATE_COMPLETE = 2
  end
end

#labels ⇒ `::Google::Protobuf::Map{::String => ::String}`

Returns Optional. Labels applied to the workload.

Returns:

(::Google::Protobuf::Map{::String => ::String}) —
Optional. Labels applied to the workload.

# File 'proto_docs/google/cloud/assuredworkloads/v1beta1/assuredworkloads.rb', line 299

class Workload
  include ::Google::Protobuf::MessageExts
  extend ::Google::Protobuf::MessageExts::ClassMethods

  # Represent the resources that are children of this Workload.
  # @!attribute [rw] resource_id
  #   @return [::Integer]
  #     Resource identifier.
  #     For a project this represents project_number.
  # @!attribute [rw] resource_type
  #   @return [::Google::Cloud::AssuredWorkloads::V1beta1::Workload::ResourceInfo::ResourceType]
  #     Indicates the type of resource.
  class ResourceInfo
    include ::Google::Protobuf::MessageExts
    extend ::Google::Protobuf::MessageExts::ClassMethods

    # The type of resource.
    module ResourceType
      # Unknown resource type.
      RESOURCE_TYPE_UNSPECIFIED = 0

      # Deprecated. Existing workloads will continue to support this, but new
      # CreateWorkloadRequests should not specify this as an input value.
      CONSUMER_PROJECT = 1

      # Consumer Folder.
      CONSUMER_FOLDER = 4

      # Consumer project containing encryption keys.
      ENCRYPTION_KEYS_PROJECT = 2

      # Keyring resource that hosts encryption keys.
      KEYRING = 3
    end
  end

  # Settings specific to the Key Management Service.
  # @deprecated This message is deprecated and may be removed in the next major version update.
  # @!attribute [rw] next_rotation_time
  #   @return [::Google::Protobuf::Timestamp]
  #     Required. Input only. Immutable. The time at which the Key Management Service will automatically create a
  #     new version of the crypto key and mark it as the primary.
  # @!attribute [rw] rotation_period
  #   @return [::Google::Protobuf::Duration]
  #     Required. Input only. Immutable. [next_rotation_time] will be advanced by this period when the Key
  #     Management Service automatically rotates a key. Must be at least 24 hours
  #     and at most 876,000 hours.
  class KMSSettings
    include ::Google::Protobuf::MessageExts
    extend ::Google::Protobuf::MessageExts::ClassMethods
  end

  # Settings specific to resources needed for IL4.
  # @deprecated This message is deprecated and may be removed in the next major version update.
  # @!attribute [rw] kms_settings
  #   @return [::Google::Cloud::AssuredWorkloads::V1beta1::Workload::KMSSettings]
  #     Input only. Immutable. Settings used to create a CMEK crypto key.
  class IL4Settings
    include ::Google::Protobuf::MessageExts
    extend ::Google::Protobuf::MessageExts::ClassMethods
  end

  # Settings specific to resources needed for CJIS.
  # @deprecated This message is deprecated and may be removed in the next major version update.
  # @!attribute [rw] kms_settings
  #   @return [::Google::Cloud::AssuredWorkloads::V1beta1::Workload::KMSSettings]
  #     Input only. Immutable. Settings used to create a CMEK crypto key.
  class CJISSettings
    include ::Google::Protobuf::MessageExts
    extend ::Google::Protobuf::MessageExts::ClassMethods
  end

  # Settings specific to resources needed for FedRAMP High.
  # @deprecated This message is deprecated and may be removed in the next major version update.
  # @!attribute [rw] kms_settings
  #   @return [::Google::Cloud::AssuredWorkloads::V1beta1::Workload::KMSSettings]
  #     Input only. Immutable. Settings used to create a CMEK crypto key.
  class FedrampHighSettings
    include ::Google::Protobuf::MessageExts
    extend ::Google::Protobuf::MessageExts::ClassMethods
  end

  # Settings specific to resources needed for FedRAMP Moderate.
  # @deprecated This message is deprecated and may be removed in the next major version update.
  # @!attribute [rw] kms_settings
  #   @return [::Google::Cloud::AssuredWorkloads::V1beta1::Workload::KMSSettings]
  #     Input only. Immutable. Settings used to create a CMEK crypto key.
  class FedrampModerateSettings
    include ::Google::Protobuf::MessageExts
    extend ::Google::Protobuf::MessageExts::ClassMethods
  end

  # Represent the custom settings for the resources to be created.
  # @!attribute [rw] resource_id
  #   @return [::String]
  #     Resource identifier.
  #     For a project this represents project_id. If the project is already
  #     taken, the workload creation will fail.
  #     For KeyRing, this represents the keyring_id.
  #     For a folder, don't set this value as folder_id is assigned by Google.
  # @!attribute [rw] resource_type
  #   @return [::Google::Cloud::AssuredWorkloads::V1beta1::Workload::ResourceInfo::ResourceType]
  #     Indicates the type of resource. This field should be specified to
  #     correspond the id to the right project type (CONSUMER_PROJECT or
  #     ENCRYPTION_KEYS_PROJECT)
  # @!attribute [rw] display_name
  #   @return [::String]
  #     User-assigned resource display name.
  #     If not empty it will be used to create a resource with the specified
  #     name.
  class ResourceSettings
    include ::Google::Protobuf::MessageExts
    extend ::Google::Protobuf::MessageExts::ClassMethods
  end

  # Signed Access Approvals (SAA) enrollment response.
  # @!attribute [rw] setup_status
  #   @return [::Google::Cloud::AssuredWorkloads::V1beta1::Workload::SaaEnrollmentResponse::SetupState]
  #     Indicates SAA enrollment status of a given workload.
  # @!attribute [rw] setup_errors
  #   @return [::Array<::Google::Cloud::AssuredWorkloads::V1beta1::Workload::SaaEnrollmentResponse::SetupError>]
  #     Indicates SAA enrollment setup error if any.
  class SaaEnrollmentResponse
    include ::Google::Protobuf::MessageExts
    extend ::Google::Protobuf::MessageExts::ClassMethods

    # Setup state of SAA enrollment.
    module SetupState
      # Unspecified.
      SETUP_STATE_UNSPECIFIED = 0

      # SAA enrollment pending.
      STATUS_PENDING = 1

      # SAA enrollment comopleted.
      STATUS_COMPLETE = 2
    end

    # Setup error of SAA enrollment.
    module SetupError
      # Unspecified.
      SETUP_ERROR_UNSPECIFIED = 0

      # Invalid states for all customers, to be redirected to AA UI for
      # additional details.
      ERROR_INVALID_BASE_SETUP = 1

      # Returned when there is not an EKM key configured.
      ERROR_MISSING_EXTERNAL_SIGNING_KEY = 2

      # Returned when there are no enrolled services or the customer is
      # enrolled in CAA only for a subset of services.
      ERROR_NOT_ALL_SERVICES_ENROLLED = 3

      # Returned when exception was encountered during evaluation of other
      # criteria.
      ERROR_SETUP_CHECK_FAILED = 4
    end
  end

  # @!attribute [rw] key
  #   @return [::String]
  # @!attribute [rw] value
  #   @return [::String]
  class LabelsEntry
    include ::Google::Protobuf::MessageExts
    extend ::Google::Protobuf::MessageExts::ClassMethods
  end

  # Supported Compliance Regimes.
  module ComplianceRegime
    # Unknown compliance regime.
    COMPLIANCE_REGIME_UNSPECIFIED = 0

    # Information protection as per DoD IL4 requirements.
    IL4 = 1

    # Criminal Justice Information Services (CJIS) Security policies.
    CJIS = 2

    # FedRAMP High data protection controls
    FEDRAMP_HIGH = 3

    # FedRAMP Moderate data protection controls
    FEDRAMP_MODERATE = 4

    # Assured Workloads For US Regions data protection controls
    US_REGIONAL_ACCESS = 5

    # Health Insurance Portability and Accountability Act controls
    HIPAA = 6

    # Health Information Trust Alliance controls
    HITRUST = 7

    # Assured Workloads For EU Regions and Support controls
    EU_REGIONS_AND_SUPPORT = 8

    # Assured Workloads For Canada Regions and Support controls
    CA_REGIONS_AND_SUPPORT = 9

    # International Traffic in Arms Regulations
    ITAR = 10

    # Assured Workloads for Australia Regions and Support controls
    AU_REGIONS_AND_US_SUPPORT = 11
  end

  # Key Access Justifications(KAJ) Enrollment State.
  module KajEnrollmentState
    # Default State for KAJ Enrollment.
    KAJ_ENROLLMENT_STATE_UNSPECIFIED = 0

    # Pending State for KAJ Enrollment.
    KAJ_ENROLLMENT_STATE_PENDING = 1

    # Complete State for KAJ Enrollment.
    KAJ_ENROLLMENT_STATE_COMPLETE = 2
  end
end

#name ⇒ `::String`

Returns Optional. The resource name of the workload. Format: organizations/{organization}/locations/{location}/workloads/{workload}

Read-only.

Returns:

(::String) —
Optional. The resource name of the workload. Format: organizations/{organization}/locations/{location}/workloads/{workload}

Read-only.

# File 'proto_docs/google/cloud/assuredworkloads/v1beta1/assuredworkloads.rb', line 299

class Workload
  include ::Google::Protobuf::MessageExts
  extend ::Google::Protobuf::MessageExts::ClassMethods

  # Represent the resources that are children of this Workload.
  # @!attribute [rw] resource_id
  #   @return [::Integer]
  #     Resource identifier.
  #     For a project this represents project_number.
  # @!attribute [rw] resource_type
  #   @return [::Google::Cloud::AssuredWorkloads::V1beta1::Workload::ResourceInfo::ResourceType]
  #     Indicates the type of resource.
  class ResourceInfo
    include ::Google::Protobuf::MessageExts
    extend ::Google::Protobuf::MessageExts::ClassMethods

    # The type of resource.
    module ResourceType
      # Unknown resource type.
      RESOURCE_TYPE_UNSPECIFIED = 0

      # Deprecated. Existing workloads will continue to support this, but new
      # CreateWorkloadRequests should not specify this as an input value.
      CONSUMER_PROJECT = 1

      # Consumer Folder.
      CONSUMER_FOLDER = 4

      # Consumer project containing encryption keys.
      ENCRYPTION_KEYS_PROJECT = 2

      # Keyring resource that hosts encryption keys.
      KEYRING = 3
    end
  end

  # Settings specific to the Key Management Service.
  # @deprecated This message is deprecated and may be removed in the next major version update.
  # @!attribute [rw] next_rotation_time
  #   @return [::Google::Protobuf::Timestamp]
  #     Required. Input only. Immutable. The time at which the Key Management Service will automatically create a
  #     new version of the crypto key and mark it as the primary.
  # @!attribute [rw] rotation_period
  #   @return [::Google::Protobuf::Duration]
  #     Required. Input only. Immutable. [next_rotation_time] will be advanced by this period when the Key
  #     Management Service automatically rotates a key. Must be at least 24 hours
  #     and at most 876,000 hours.
  class KMSSettings
    include ::Google::Protobuf::MessageExts
    extend ::Google::Protobuf::MessageExts::ClassMethods
  end

  # Settings specific to resources needed for IL4.
  # @deprecated This message is deprecated and may be removed in the next major version update.
  # @!attribute [rw] kms_settings
  #   @return [::Google::Cloud::AssuredWorkloads::V1beta1::Workload::KMSSettings]
  #     Input only. Immutable. Settings used to create a CMEK crypto key.
  class IL4Settings
    include ::Google::Protobuf::MessageExts
    extend ::Google::Protobuf::MessageExts::ClassMethods
  end

  # Settings specific to resources needed for CJIS.
  # @deprecated This message is deprecated and may be removed in the next major version update.
  # @!attribute [rw] kms_settings
  #   @return [::Google::Cloud::AssuredWorkloads::V1beta1::Workload::KMSSettings]
  #     Input only. Immutable. Settings used to create a CMEK crypto key.
  class CJISSettings
    include ::Google::Protobuf::MessageExts
    extend ::Google::Protobuf::MessageExts::ClassMethods
  end

  # Settings specific to resources needed for FedRAMP High.
  # @deprecated This message is deprecated and may be removed in the next major version update.
  # @!attribute [rw] kms_settings
  #   @return [::Google::Cloud::AssuredWorkloads::V1beta1::Workload::KMSSettings]
  #     Input only. Immutable. Settings used to create a CMEK crypto key.
  class FedrampHighSettings
    include ::Google::Protobuf::MessageExts
    extend ::Google::Protobuf::MessageExts::ClassMethods
  end

  # Settings specific to resources needed for FedRAMP Moderate.
  # @deprecated This message is deprecated and may be removed in the next major version update.
  # @!attribute [rw] kms_settings
  #   @return [::Google::Cloud::AssuredWorkloads::V1beta1::Workload::KMSSettings]
  #     Input only. Immutable. Settings used to create a CMEK crypto key.
  class FedrampModerateSettings
    include ::Google::Protobuf::MessageExts
    extend ::Google::Protobuf::MessageExts::ClassMethods
  end

  # Represent the custom settings for the resources to be created.
  # @!attribute [rw] resource_id
  #   @return [::String]
  #     Resource identifier.
  #     For a project this represents project_id. If the project is already
  #     taken, the workload creation will fail.
  #     For KeyRing, this represents the keyring_id.
  #     For a folder, don't set this value as folder_id is assigned by Google.
  # @!attribute [rw] resource_type
  #   @return [::Google::Cloud::AssuredWorkloads::V1beta1::Workload::ResourceInfo::ResourceType]
  #     Indicates the type of resource. This field should be specified to
  #     correspond the id to the right project type (CONSUMER_PROJECT or
  #     ENCRYPTION_KEYS_PROJECT)
  # @!attribute [rw] display_name
  #   @return [::String]
  #     User-assigned resource display name.
  #     If not empty it will be used to create a resource with the specified
  #     name.
  class ResourceSettings
    include ::Google::Protobuf::MessageExts
    extend ::Google::Protobuf::MessageExts::ClassMethods
  end

  # Signed Access Approvals (SAA) enrollment response.
  # @!attribute [rw] setup_status
  #   @return [::Google::Cloud::AssuredWorkloads::V1beta1::Workload::SaaEnrollmentResponse::SetupState]
  #     Indicates SAA enrollment status of a given workload.
  # @!attribute [rw] setup_errors
  #   @return [::Array<::Google::Cloud::AssuredWorkloads::V1beta1::Workload::SaaEnrollmentResponse::SetupError>]
  #     Indicates SAA enrollment setup error if any.
  class SaaEnrollmentResponse
    include ::Google::Protobuf::MessageExts
    extend ::Google::Protobuf::MessageExts::ClassMethods

    # Setup state of SAA enrollment.
    module SetupState
      # Unspecified.
      SETUP_STATE_UNSPECIFIED = 0

      # SAA enrollment pending.
      STATUS_PENDING = 1

      # SAA enrollment comopleted.
      STATUS_COMPLETE = 2
    end

    # Setup error of SAA enrollment.
    module SetupError
      # Unspecified.
      SETUP_ERROR_UNSPECIFIED = 0

      # Invalid states for all customers, to be redirected to AA UI for
      # additional details.
      ERROR_INVALID_BASE_SETUP = 1

      # Returned when there is not an EKM key configured.
      ERROR_MISSING_EXTERNAL_SIGNING_KEY = 2

      # Returned when there are no enrolled services or the customer is
      # enrolled in CAA only for a subset of services.
      ERROR_NOT_ALL_SERVICES_ENROLLED = 3

      # Returned when exception was encountered during evaluation of other
      # criteria.
      ERROR_SETUP_CHECK_FAILED = 4
    end
  end

  # @!attribute [rw] key
  #   @return [::String]
  # @!attribute [rw] value
  #   @return [::String]
  class LabelsEntry
    include ::Google::Protobuf::MessageExts
    extend ::Google::Protobuf::MessageExts::ClassMethods
  end

  # Supported Compliance Regimes.
  module ComplianceRegime
    # Unknown compliance regime.
    COMPLIANCE_REGIME_UNSPECIFIED = 0

    # Information protection as per DoD IL4 requirements.
    IL4 = 1

    # Criminal Justice Information Services (CJIS) Security policies.
    CJIS = 2

    # FedRAMP High data protection controls
    FEDRAMP_HIGH = 3

    # FedRAMP Moderate data protection controls
    FEDRAMP_MODERATE = 4

    # Assured Workloads For US Regions data protection controls
    US_REGIONAL_ACCESS = 5

    # Health Insurance Portability and Accountability Act controls
    HIPAA = 6

    # Health Information Trust Alliance controls
    HITRUST = 7

    # Assured Workloads For EU Regions and Support controls
    EU_REGIONS_AND_SUPPORT = 8

    # Assured Workloads For Canada Regions and Support controls
    CA_REGIONS_AND_SUPPORT = 9

    # International Traffic in Arms Regulations
    ITAR = 10

    # Assured Workloads for Australia Regions and Support controls
    AU_REGIONS_AND_US_SUPPORT = 11
  end

  # Key Access Justifications(KAJ) Enrollment State.
  module KajEnrollmentState
    # Default State for KAJ Enrollment.
    KAJ_ENROLLMENT_STATE_UNSPECIFIED = 0

    # Pending State for KAJ Enrollment.
    KAJ_ENROLLMENT_STATE_PENDING = 1

    # Complete State for KAJ Enrollment.
    KAJ_ENROLLMENT_STATE_COMPLETE = 2
  end
end

#provisioned_resources_parent ⇒ `::String`

Returns Input only. The parent resource for the resources managed by this Assured Workload. May be either empty or a folder resource which is a child of the Workload parent. If not specified all resources are created under the parent organization. Format: folders/{folder_id}.

Returns:

(::String) —
Input only. The parent resource for the resources managed by this Assured Workload. May be either empty or a folder resource which is a child of the Workload parent. If not specified all resources are created under the parent organization. Format: folders/{folder_id}

# File 'proto_docs/google/cloud/assuredworkloads/v1beta1/assuredworkloads.rb', line 299

class Workload
  include ::Google::Protobuf::MessageExts
  extend ::Google::Protobuf::MessageExts::ClassMethods

  # Represent the resources that are children of this Workload.
  # @!attribute [rw] resource_id
  #   @return [::Integer]
  #     Resource identifier.
  #     For a project this represents project_number.
  # @!attribute [rw] resource_type
  #   @return [::Google::Cloud::AssuredWorkloads::V1beta1::Workload::ResourceInfo::ResourceType]
  #     Indicates the type of resource.
  class ResourceInfo
    include ::Google::Protobuf::MessageExts
    extend ::Google::Protobuf::MessageExts::ClassMethods

    # The type of resource.
    module ResourceType
      # Unknown resource type.
      RESOURCE_TYPE_UNSPECIFIED = 0

      # Deprecated. Existing workloads will continue to support this, but new
      # CreateWorkloadRequests should not specify this as an input value.
      CONSUMER_PROJECT = 1

      # Consumer Folder.
      CONSUMER_FOLDER = 4

      # Consumer project containing encryption keys.
      ENCRYPTION_KEYS_PROJECT = 2

      # Keyring resource that hosts encryption keys.
      KEYRING = 3
    end
  end

  # Settings specific to the Key Management Service.
  # @deprecated This message is deprecated and may be removed in the next major version update.
  # @!attribute [rw] next_rotation_time
  #   @return [::Google::Protobuf::Timestamp]
  #     Required. Input only. Immutable. The time at which the Key Management Service will automatically create a
  #     new version of the crypto key and mark it as the primary.
  # @!attribute [rw] rotation_period
  #   @return [::Google::Protobuf::Duration]
  #     Required. Input only. Immutable. [next_rotation_time] will be advanced by this period when the Key
  #     Management Service automatically rotates a key. Must be at least 24 hours
  #     and at most 876,000 hours.
  class KMSSettings
    include ::Google::Protobuf::MessageExts
    extend ::Google::Protobuf::MessageExts::ClassMethods
  end

  # Settings specific to resources needed for IL4.
  # @deprecated This message is deprecated and may be removed in the next major version update.
  # @!attribute [rw] kms_settings
  #   @return [::Google::Cloud::AssuredWorkloads::V1beta1::Workload::KMSSettings]
  #     Input only. Immutable. Settings used to create a CMEK crypto key.
  class IL4Settings
    include ::Google::Protobuf::MessageExts
    extend ::Google::Protobuf::MessageExts::ClassMethods
  end

  # Settings specific to resources needed for CJIS.
  # @deprecated This message is deprecated and may be removed in the next major version update.
  # @!attribute [rw] kms_settings
  #   @return [::Google::Cloud::AssuredWorkloads::V1beta1::Workload::KMSSettings]
  #     Input only. Immutable. Settings used to create a CMEK crypto key.
  class CJISSettings
    include ::Google::Protobuf::MessageExts
    extend ::Google::Protobuf::MessageExts::ClassMethods
  end

  # Settings specific to resources needed for FedRAMP High.
  # @deprecated This message is deprecated and may be removed in the next major version update.
  # @!attribute [rw] kms_settings
  #   @return [::Google::Cloud::AssuredWorkloads::V1beta1::Workload::KMSSettings]
  #     Input only. Immutable. Settings used to create a CMEK crypto key.
  class FedrampHighSettings
    include ::Google::Protobuf::MessageExts
    extend ::Google::Protobuf::MessageExts::ClassMethods
  end

  # Settings specific to resources needed for FedRAMP Moderate.
  # @deprecated This message is deprecated and may be removed in the next major version update.
  # @!attribute [rw] kms_settings
  #   @return [::Google::Cloud::AssuredWorkloads::V1beta1::Workload::KMSSettings]
  #     Input only. Immutable. Settings used to create a CMEK crypto key.
  class FedrampModerateSettings
    include ::Google::Protobuf::MessageExts
    extend ::Google::Protobuf::MessageExts::ClassMethods
  end

  # Represent the custom settings for the resources to be created.
  # @!attribute [rw] resource_id
  #   @return [::String]
  #     Resource identifier.
  #     For a project this represents project_id. If the project is already
  #     taken, the workload creation will fail.
  #     For KeyRing, this represents the keyring_id.
  #     For a folder, don't set this value as folder_id is assigned by Google.
  # @!attribute [rw] resource_type
  #   @return [::Google::Cloud::AssuredWorkloads::V1beta1::Workload::ResourceInfo::ResourceType]
  #     Indicates the type of resource. This field should be specified to
  #     correspond the id to the right project type (CONSUMER_PROJECT or
  #     ENCRYPTION_KEYS_PROJECT)
  # @!attribute [rw] display_name
  #   @return [::String]
  #     User-assigned resource display name.
  #     If not empty it will be used to create a resource with the specified
  #     name.
  class ResourceSettings
    include ::Google::Protobuf::MessageExts
    extend ::Google::Protobuf::MessageExts::ClassMethods
  end

  # Signed Access Approvals (SAA) enrollment response.
  # @!attribute [rw] setup_status
  #   @return [::Google::Cloud::AssuredWorkloads::V1beta1::Workload::SaaEnrollmentResponse::SetupState]
  #     Indicates SAA enrollment status of a given workload.
  # @!attribute [rw] setup_errors
  #   @return [::Array<::Google::Cloud::AssuredWorkloads::V1beta1::Workload::SaaEnrollmentResponse::SetupError>]
  #     Indicates SAA enrollment setup error if any.
  class SaaEnrollmentResponse
    include ::Google::Protobuf::MessageExts
    extend ::Google::Protobuf::MessageExts::ClassMethods

    # Setup state of SAA enrollment.
    module SetupState
      # Unspecified.
      SETUP_STATE_UNSPECIFIED = 0

      # SAA enrollment pending.
      STATUS_PENDING = 1

      # SAA enrollment comopleted.
      STATUS_COMPLETE = 2
    end

    # Setup error of SAA enrollment.
    module SetupError
      # Unspecified.
      SETUP_ERROR_UNSPECIFIED = 0

      # Invalid states for all customers, to be redirected to AA UI for
      # additional details.
      ERROR_INVALID_BASE_SETUP = 1

      # Returned when there is not an EKM key configured.
      ERROR_MISSING_EXTERNAL_SIGNING_KEY = 2

      # Returned when there are no enrolled services or the customer is
      # enrolled in CAA only for a subset of services.
      ERROR_NOT_ALL_SERVICES_ENROLLED = 3

      # Returned when exception was encountered during evaluation of other
      # criteria.
      ERROR_SETUP_CHECK_FAILED = 4
    end
  end

  # @!attribute [rw] key
  #   @return [::String]
  # @!attribute [rw] value
  #   @return [::String]
  class LabelsEntry
    include ::Google::Protobuf::MessageExts
    extend ::Google::Protobuf::MessageExts::ClassMethods
  end

  # Supported Compliance Regimes.
  module ComplianceRegime
    # Unknown compliance regime.
    COMPLIANCE_REGIME_UNSPECIFIED = 0

    # Information protection as per DoD IL4 requirements.
    IL4 = 1

    # Criminal Justice Information Services (CJIS) Security policies.
    CJIS = 2

    # FedRAMP High data protection controls
    FEDRAMP_HIGH = 3

    # FedRAMP Moderate data protection controls
    FEDRAMP_MODERATE = 4

    # Assured Workloads For US Regions data protection controls
    US_REGIONAL_ACCESS = 5

    # Health Insurance Portability and Accountability Act controls
    HIPAA = 6

    # Health Information Trust Alliance controls
    HITRUST = 7

    # Assured Workloads For EU Regions and Support controls
    EU_REGIONS_AND_SUPPORT = 8

    # Assured Workloads For Canada Regions and Support controls
    CA_REGIONS_AND_SUPPORT = 9

    # International Traffic in Arms Regulations
    ITAR = 10

    # Assured Workloads for Australia Regions and Support controls
    AU_REGIONS_AND_US_SUPPORT = 11
  end

  # Key Access Justifications(KAJ) Enrollment State.
  module KajEnrollmentState
    # Default State for KAJ Enrollment.
    KAJ_ENROLLMENT_STATE_UNSPECIFIED = 0

    # Pending State for KAJ Enrollment.
    KAJ_ENROLLMENT_STATE_PENDING = 1

    # Complete State for KAJ Enrollment.
    KAJ_ENROLLMENT_STATE_COMPLETE = 2
  end
end

#resource_settings ⇒ `::Array<::Google::Cloud::AssuredWorkloads::V1beta1::Workload::ResourceSettings>`

Returns Input only. Resource properties that are used to customize workload resources. These properties (such as custom project id) will be used to create workload resources if possible. This field is optional.

Returns:

(::Array<::Google::Cloud::AssuredWorkloads::V1beta1::Workload::ResourceSettings>) —
Input only. Resource properties that are used to customize workload resources. These properties (such as custom project id) will be used to create workload resources if possible. This field is optional.

# File 'proto_docs/google/cloud/assuredworkloads/v1beta1/assuredworkloads.rb', line 299

class Workload
  include ::Google::Protobuf::MessageExts
  extend ::Google::Protobuf::MessageExts::ClassMethods

  # Represent the resources that are children of this Workload.
  # @!attribute [rw] resource_id
  #   @return [::Integer]
  #     Resource identifier.
  #     For a project this represents project_number.
  # @!attribute [rw] resource_type
  #   @return [::Google::Cloud::AssuredWorkloads::V1beta1::Workload::ResourceInfo::ResourceType]
  #     Indicates the type of resource.
  class ResourceInfo
    include ::Google::Protobuf::MessageExts
    extend ::Google::Protobuf::MessageExts::ClassMethods

    # The type of resource.
    module ResourceType
      # Unknown resource type.
      RESOURCE_TYPE_UNSPECIFIED = 0

      # Deprecated. Existing workloads will continue to support this, but new
      # CreateWorkloadRequests should not specify this as an input value.
      CONSUMER_PROJECT = 1

      # Consumer Folder.
      CONSUMER_FOLDER = 4

      # Consumer project containing encryption keys.
      ENCRYPTION_KEYS_PROJECT = 2

      # Keyring resource that hosts encryption keys.
      KEYRING = 3
    end
  end

  # Settings specific to the Key Management Service.
  # @deprecated This message is deprecated and may be removed in the next major version update.
  # @!attribute [rw] next_rotation_time
  #   @return [::Google::Protobuf::Timestamp]
  #     Required. Input only. Immutable. The time at which the Key Management Service will automatically create a
  #     new version of the crypto key and mark it as the primary.
  # @!attribute [rw] rotation_period
  #   @return [::Google::Protobuf::Duration]
  #     Required. Input only. Immutable. [next_rotation_time] will be advanced by this period when the Key
  #     Management Service automatically rotates a key. Must be at least 24 hours
  #     and at most 876,000 hours.
  class KMSSettings
    include ::Google::Protobuf::MessageExts
    extend ::Google::Protobuf::MessageExts::ClassMethods
  end

  # Settings specific to resources needed for IL4.
  # @deprecated This message is deprecated and may be removed in the next major version update.
  # @!attribute [rw] kms_settings
  #   @return [::Google::Cloud::AssuredWorkloads::V1beta1::Workload::KMSSettings]
  #     Input only. Immutable. Settings used to create a CMEK crypto key.
  class IL4Settings
    include ::Google::Protobuf::MessageExts
    extend ::Google::Protobuf::MessageExts::ClassMethods
  end

  # Settings specific to resources needed for CJIS.
  # @deprecated This message is deprecated and may be removed in the next major version update.
  # @!attribute [rw] kms_settings
  #   @return [::Google::Cloud::AssuredWorkloads::V1beta1::Workload::KMSSettings]
  #     Input only. Immutable. Settings used to create a CMEK crypto key.
  class CJISSettings
    include ::Google::Protobuf::MessageExts
    extend ::Google::Protobuf::MessageExts::ClassMethods
  end

  # Settings specific to resources needed for FedRAMP High.
  # @deprecated This message is deprecated and may be removed in the next major version update.
  # @!attribute [rw] kms_settings
  #   @return [::Google::Cloud::AssuredWorkloads::V1beta1::Workload::KMSSettings]
  #     Input only. Immutable. Settings used to create a CMEK crypto key.
  class FedrampHighSettings
    include ::Google::Protobuf::MessageExts
    extend ::Google::Protobuf::MessageExts::ClassMethods
  end

  # Settings specific to resources needed for FedRAMP Moderate.
  # @deprecated This message is deprecated and may be removed in the next major version update.
  # @!attribute [rw] kms_settings
  #   @return [::Google::Cloud::AssuredWorkloads::V1beta1::Workload::KMSSettings]
  #     Input only. Immutable. Settings used to create a CMEK crypto key.
  class FedrampModerateSettings
    include ::Google::Protobuf::MessageExts
    extend ::Google::Protobuf::MessageExts::ClassMethods
  end

  # Represent the custom settings for the resources to be created.
  # @!attribute [rw] resource_id
  #   @return [::String]
  #     Resource identifier.
  #     For a project this represents project_id. If the project is already
  #     taken, the workload creation will fail.
  #     For KeyRing, this represents the keyring_id.
  #     For a folder, don't set this value as folder_id is assigned by Google.
  # @!attribute [rw] resource_type
  #   @return [::Google::Cloud::AssuredWorkloads::V1beta1::Workload::ResourceInfo::ResourceType]
  #     Indicates the type of resource. This field should be specified to
  #     correspond the id to the right project type (CONSUMER_PROJECT or
  #     ENCRYPTION_KEYS_PROJECT)
  # @!attribute [rw] display_name
  #   @return [::String]
  #     User-assigned resource display name.
  #     If not empty it will be used to create a resource with the specified
  #     name.
  class ResourceSettings
    include ::Google::Protobuf::MessageExts
    extend ::Google::Protobuf::MessageExts::ClassMethods
  end

  # Signed Access Approvals (SAA) enrollment response.
  # @!attribute [rw] setup_status
  #   @return [::Google::Cloud::AssuredWorkloads::V1beta1::Workload::SaaEnrollmentResponse::SetupState]
  #     Indicates SAA enrollment status of a given workload.
  # @!attribute [rw] setup_errors
  #   @return [::Array<::Google::Cloud::AssuredWorkloads::V1beta1::Workload::SaaEnrollmentResponse::SetupError>]
  #     Indicates SAA enrollment setup error if any.
  class SaaEnrollmentResponse
    include ::Google::Protobuf::MessageExts
    extend ::Google::Protobuf::MessageExts::ClassMethods

    # Setup state of SAA enrollment.
    module SetupState
      # Unspecified.
      SETUP_STATE_UNSPECIFIED = 0

      # SAA enrollment pending.
      STATUS_PENDING = 1

      # SAA enrollment comopleted.
      STATUS_COMPLETE = 2
    end

    # Setup error of SAA enrollment.
    module SetupError
      # Unspecified.
      SETUP_ERROR_UNSPECIFIED = 0

      # Invalid states for all customers, to be redirected to AA UI for
      # additional details.
      ERROR_INVALID_BASE_SETUP = 1

      # Returned when there is not an EKM key configured.
      ERROR_MISSING_EXTERNAL_SIGNING_KEY = 2

      # Returned when there are no enrolled services or the customer is
      # enrolled in CAA only for a subset of services.
      ERROR_NOT_ALL_SERVICES_ENROLLED = 3

      # Returned when exception was encountered during evaluation of other
      # criteria.
      ERROR_SETUP_CHECK_FAILED = 4
    end
  end

  # @!attribute [rw] key
  #   @return [::String]
  # @!attribute [rw] value
  #   @return [::String]
  class LabelsEntry
    include ::Google::Protobuf::MessageExts
    extend ::Google::Protobuf::MessageExts::ClassMethods
  end

  # Supported Compliance Regimes.
  module ComplianceRegime
    # Unknown compliance regime.
    COMPLIANCE_REGIME_UNSPECIFIED = 0

    # Information protection as per DoD IL4 requirements.
    IL4 = 1

    # Criminal Justice Information Services (CJIS) Security policies.
    CJIS = 2

    # FedRAMP High data protection controls
    FEDRAMP_HIGH = 3

    # FedRAMP Moderate data protection controls
    FEDRAMP_MODERATE = 4

    # Assured Workloads For US Regions data protection controls
    US_REGIONAL_ACCESS = 5

    # Health Insurance Portability and Accountability Act controls
    HIPAA = 6

    # Health Information Trust Alliance controls
    HITRUST = 7

    # Assured Workloads For EU Regions and Support controls
    EU_REGIONS_AND_SUPPORT = 8

    # Assured Workloads For Canada Regions and Support controls
    CA_REGIONS_AND_SUPPORT = 9

    # International Traffic in Arms Regulations
    ITAR = 10

    # Assured Workloads for Australia Regions and Support controls
    AU_REGIONS_AND_US_SUPPORT = 11
  end

  # Key Access Justifications(KAJ) Enrollment State.
  module KajEnrollmentState
    # Default State for KAJ Enrollment.
    KAJ_ENROLLMENT_STATE_UNSPECIFIED = 0

    # Pending State for KAJ Enrollment.
    KAJ_ENROLLMENT_STATE_PENDING = 1

    # Complete State for KAJ Enrollment.
    KAJ_ENROLLMENT_STATE_COMPLETE = 2
  end
end

#resources ⇒ `::Array<::Google::Cloud::AssuredWorkloads::V1beta1::Workload::ResourceInfo>` (readonly)

Returns Output only. The resources associated with this workload. These resources will be created when creating the workload. If any of the projects already exist, the workload creation will fail. Always read only.

Returns:

(::Array<::Google::Cloud::AssuredWorkloads::V1beta1::Workload::ResourceInfo>) —
Output only. The resources associated with this workload. These resources will be created when creating the workload. If any of the projects already exist, the workload creation will fail. Always read only.

# File 'proto_docs/google/cloud/assuredworkloads/v1beta1/assuredworkloads.rb', line 299

class Workload
  include ::Google::Protobuf::MessageExts
  extend ::Google::Protobuf::MessageExts::ClassMethods

  # Represent the resources that are children of this Workload.
  # @!attribute [rw] resource_id
  #   @return [::Integer]
  #     Resource identifier.
  #     For a project this represents project_number.
  # @!attribute [rw] resource_type
  #   @return [::Google::Cloud::AssuredWorkloads::V1beta1::Workload::ResourceInfo::ResourceType]
  #     Indicates the type of resource.
  class ResourceInfo
    include ::Google::Protobuf::MessageExts
    extend ::Google::Protobuf::MessageExts::ClassMethods

    # The type of resource.
    module ResourceType
      # Unknown resource type.
      RESOURCE_TYPE_UNSPECIFIED = 0

      # Deprecated. Existing workloads will continue to support this, but new
      # CreateWorkloadRequests should not specify this as an input value.
      CONSUMER_PROJECT = 1

      # Consumer Folder.
      CONSUMER_FOLDER = 4

      # Consumer project containing encryption keys.
      ENCRYPTION_KEYS_PROJECT = 2

      # Keyring resource that hosts encryption keys.
      KEYRING = 3
    end
  end

  # Settings specific to the Key Management Service.
  # @deprecated This message is deprecated and may be removed in the next major version update.
  # @!attribute [rw] next_rotation_time
  #   @return [::Google::Protobuf::Timestamp]
  #     Required. Input only. Immutable. The time at which the Key Management Service will automatically create a
  #     new version of the crypto key and mark it as the primary.
  # @!attribute [rw] rotation_period
  #   @return [::Google::Protobuf::Duration]
  #     Required. Input only. Immutable. [next_rotation_time] will be advanced by this period when the Key
  #     Management Service automatically rotates a key. Must be at least 24 hours
  #     and at most 876,000 hours.
  class KMSSettings
    include ::Google::Protobuf::MessageExts
    extend ::Google::Protobuf::MessageExts::ClassMethods
  end

  # Settings specific to resources needed for IL4.
  # @deprecated This message is deprecated and may be removed in the next major version update.
  # @!attribute [rw] kms_settings
  #   @return [::Google::Cloud::AssuredWorkloads::V1beta1::Workload::KMSSettings]
  #     Input only. Immutable. Settings used to create a CMEK crypto key.
  class IL4Settings
    include ::Google::Protobuf::MessageExts
    extend ::Google::Protobuf::MessageExts::ClassMethods
  end

  # Settings specific to resources needed for CJIS.
  # @deprecated This message is deprecated and may be removed in the next major version update.
  # @!attribute [rw] kms_settings
  #   @return [::Google::Cloud::AssuredWorkloads::V1beta1::Workload::KMSSettings]
  #     Input only. Immutable. Settings used to create a CMEK crypto key.
  class CJISSettings
    include ::Google::Protobuf::MessageExts
    extend ::Google::Protobuf::MessageExts::ClassMethods
  end

  # Settings specific to resources needed for FedRAMP High.
  # @deprecated This message is deprecated and may be removed in the next major version update.
  # @!attribute [rw] kms_settings
  #   @return [::Google::Cloud::AssuredWorkloads::V1beta1::Workload::KMSSettings]
  #     Input only. Immutable. Settings used to create a CMEK crypto key.
  class FedrampHighSettings
    include ::Google::Protobuf::MessageExts
    extend ::Google::Protobuf::MessageExts::ClassMethods
  end

  # Settings specific to resources needed for FedRAMP Moderate.
  # @deprecated This message is deprecated and may be removed in the next major version update.
  # @!attribute [rw] kms_settings
  #   @return [::Google::Cloud::AssuredWorkloads::V1beta1::Workload::KMSSettings]
  #     Input only. Immutable. Settings used to create a CMEK crypto key.
  class FedrampModerateSettings
    include ::Google::Protobuf::MessageExts
    extend ::Google::Protobuf::MessageExts::ClassMethods
  end

  # Represent the custom settings for the resources to be created.
  # @!attribute [rw] resource_id
  #   @return [::String]
  #     Resource identifier.
  #     For a project this represents project_id. If the project is already
  #     taken, the workload creation will fail.
  #     For KeyRing, this represents the keyring_id.
  #     For a folder, don't set this value as folder_id is assigned by Google.
  # @!attribute [rw] resource_type
  #   @return [::Google::Cloud::AssuredWorkloads::V1beta1::Workload::ResourceInfo::ResourceType]
  #     Indicates the type of resource. This field should be specified to
  #     correspond the id to the right project type (CONSUMER_PROJECT or
  #     ENCRYPTION_KEYS_PROJECT)
  # @!attribute [rw] display_name
  #   @return [::String]
  #     User-assigned resource display name.
  #     If not empty it will be used to create a resource with the specified
  #     name.
  class ResourceSettings
    include ::Google::Protobuf::MessageExts
    extend ::Google::Protobuf::MessageExts::ClassMethods
  end

  # Signed Access Approvals (SAA) enrollment response.
  # @!attribute [rw] setup_status
  #   @return [::Google::Cloud::AssuredWorkloads::V1beta1::Workload::SaaEnrollmentResponse::SetupState]
  #     Indicates SAA enrollment status of a given workload.
  # @!attribute [rw] setup_errors
  #   @return [::Array<::Google::Cloud::AssuredWorkloads::V1beta1::Workload::SaaEnrollmentResponse::SetupError>]
  #     Indicates SAA enrollment setup error if any.
  class SaaEnrollmentResponse
    include ::Google::Protobuf::MessageExts
    extend ::Google::Protobuf::MessageExts::ClassMethods

    # Setup state of SAA enrollment.
    module SetupState
      # Unspecified.
      SETUP_STATE_UNSPECIFIED = 0

      # SAA enrollment pending.
      STATUS_PENDING = 1

      # SAA enrollment comopleted.
      STATUS_COMPLETE = 2
    end

    # Setup error of SAA enrollment.
    module SetupError
      # Unspecified.
      SETUP_ERROR_UNSPECIFIED = 0

      # Invalid states for all customers, to be redirected to AA UI for
      # additional details.
      ERROR_INVALID_BASE_SETUP = 1

      # Returned when there is not an EKM key configured.
      ERROR_MISSING_EXTERNAL_SIGNING_KEY = 2

      # Returned when there are no enrolled services or the customer is
      # enrolled in CAA only for a subset of services.
      ERROR_NOT_ALL_SERVICES_ENROLLED = 3

      # Returned when exception was encountered during evaluation of other
      # criteria.
      ERROR_SETUP_CHECK_FAILED = 4
    end
  end

  # @!attribute [rw] key
  #   @return [::String]
  # @!attribute [rw] value
  #   @return [::String]
  class LabelsEntry
    include ::Google::Protobuf::MessageExts
    extend ::Google::Protobuf::MessageExts::ClassMethods
  end

  # Supported Compliance Regimes.
  module ComplianceRegime
    # Unknown compliance regime.
    COMPLIANCE_REGIME_UNSPECIFIED = 0

    # Information protection as per DoD IL4 requirements.
    IL4 = 1

    # Criminal Justice Information Services (CJIS) Security policies.
    CJIS = 2

    # FedRAMP High data protection controls
    FEDRAMP_HIGH = 3

    # FedRAMP Moderate data protection controls
    FEDRAMP_MODERATE = 4

    # Assured Workloads For US Regions data protection controls
    US_REGIONAL_ACCESS = 5

    # Health Insurance Portability and Accountability Act controls
    HIPAA = 6

    # Health Information Trust Alliance controls
    HITRUST = 7

    # Assured Workloads For EU Regions and Support controls
    EU_REGIONS_AND_SUPPORT = 8

    # Assured Workloads For Canada Regions and Support controls
    CA_REGIONS_AND_SUPPORT = 9

    # International Traffic in Arms Regulations
    ITAR = 10

    # Assured Workloads for Australia Regions and Support controls
    AU_REGIONS_AND_US_SUPPORT = 11
  end

  # Key Access Justifications(KAJ) Enrollment State.
  module KajEnrollmentState
    # Default State for KAJ Enrollment.
    KAJ_ENROLLMENT_STATE_UNSPECIFIED = 0

    # Pending State for KAJ Enrollment.
    KAJ_ENROLLMENT_STATE_PENDING = 1

    # Complete State for KAJ Enrollment.
    KAJ_ENROLLMENT_STATE_COMPLETE = 2
  end
end

#saa_enrollment_response ⇒ `::Google::Cloud::AssuredWorkloads::V1beta1::Workload::SaaEnrollmentResponse` (readonly)

Returns Output only. Represents the SAA enrollment response of the given workload. SAA enrollment response is queried during GetWorkload call. In failure cases, user friendly error message is shown in SAA details page.

Returns:

(::Google::Cloud::AssuredWorkloads::V1beta1::Workload::SaaEnrollmentResponse) —
Output only. Represents the SAA enrollment response of the given workload. SAA enrollment response is queried during GetWorkload call. In failure cases, user friendly error message is shown in SAA details page.

# File 'proto_docs/google/cloud/assuredworkloads/v1beta1/assuredworkloads.rb', line 299

class Workload
  include ::Google::Protobuf::MessageExts
  extend ::Google::Protobuf::MessageExts::ClassMethods

  # Represent the resources that are children of this Workload.
  # @!attribute [rw] resource_id
  #   @return [::Integer]
  #     Resource identifier.
  #     For a project this represents project_number.
  # @!attribute [rw] resource_type
  #   @return [::Google::Cloud::AssuredWorkloads::V1beta1::Workload::ResourceInfo::ResourceType]
  #     Indicates the type of resource.
  class ResourceInfo
    include ::Google::Protobuf::MessageExts
    extend ::Google::Protobuf::MessageExts::ClassMethods

    # The type of resource.
    module ResourceType
      # Unknown resource type.
      RESOURCE_TYPE_UNSPECIFIED = 0

      # Deprecated. Existing workloads will continue to support this, but new
      # CreateWorkloadRequests should not specify this as an input value.
      CONSUMER_PROJECT = 1

      # Consumer Folder.
      CONSUMER_FOLDER = 4

      # Consumer project containing encryption keys.
      ENCRYPTION_KEYS_PROJECT = 2

      # Keyring resource that hosts encryption keys.
      KEYRING = 3
    end
  end

  # Settings specific to the Key Management Service.
  # @deprecated This message is deprecated and may be removed in the next major version update.
  # @!attribute [rw] next_rotation_time
  #   @return [::Google::Protobuf::Timestamp]
  #     Required. Input only. Immutable. The time at which the Key Management Service will automatically create a
  #     new version of the crypto key and mark it as the primary.
  # @!attribute [rw] rotation_period
  #   @return [::Google::Protobuf::Duration]
  #     Required. Input only. Immutable. [next_rotation_time] will be advanced by this period when the Key
  #     Management Service automatically rotates a key. Must be at least 24 hours
  #     and at most 876,000 hours.
  class KMSSettings
    include ::Google::Protobuf::MessageExts
    extend ::Google::Protobuf::MessageExts::ClassMethods
  end

  # Settings specific to resources needed for IL4.
  # @deprecated This message is deprecated and may be removed in the next major version update.
  # @!attribute [rw] kms_settings
  #   @return [::Google::Cloud::AssuredWorkloads::V1beta1::Workload::KMSSettings]
  #     Input only. Immutable. Settings used to create a CMEK crypto key.
  class IL4Settings
    include ::Google::Protobuf::MessageExts
    extend ::Google::Protobuf::MessageExts::ClassMethods
  end

  # Settings specific to resources needed for CJIS.
  # @deprecated This message is deprecated and may be removed in the next major version update.
  # @!attribute [rw] kms_settings
  #   @return [::Google::Cloud::AssuredWorkloads::V1beta1::Workload::KMSSettings]
  #     Input only. Immutable. Settings used to create a CMEK crypto key.
  class CJISSettings
    include ::Google::Protobuf::MessageExts
    extend ::Google::Protobuf::MessageExts::ClassMethods
  end

  # Settings specific to resources needed for FedRAMP High.
  # @deprecated This message is deprecated and may be removed in the next major version update.
  # @!attribute [rw] kms_settings
  #   @return [::Google::Cloud::AssuredWorkloads::V1beta1::Workload::KMSSettings]
  #     Input only. Immutable. Settings used to create a CMEK crypto key.
  class FedrampHighSettings
    include ::Google::Protobuf::MessageExts
    extend ::Google::Protobuf::MessageExts::ClassMethods
  end

  # Settings specific to resources needed for FedRAMP Moderate.
  # @deprecated This message is deprecated and may be removed in the next major version update.
  # @!attribute [rw] kms_settings
  #   @return [::Google::Cloud::AssuredWorkloads::V1beta1::Workload::KMSSettings]
  #     Input only. Immutable. Settings used to create a CMEK crypto key.
  class FedrampModerateSettings
    include ::Google::Protobuf::MessageExts
    extend ::Google::Protobuf::MessageExts::ClassMethods
  end

  # Represent the custom settings for the resources to be created.
  # @!attribute [rw] resource_id
  #   @return [::String]
  #     Resource identifier.
  #     For a project this represents project_id. If the project is already
  #     taken, the workload creation will fail.
  #     For KeyRing, this represents the keyring_id.
  #     For a folder, don't set this value as folder_id is assigned by Google.
  # @!attribute [rw] resource_type
  #   @return [::Google::Cloud::AssuredWorkloads::V1beta1::Workload::ResourceInfo::ResourceType]
  #     Indicates the type of resource. This field should be specified to
  #     correspond the id to the right project type (CONSUMER_PROJECT or
  #     ENCRYPTION_KEYS_PROJECT)
  # @!attribute [rw] display_name
  #   @return [::String]
  #     User-assigned resource display name.
  #     If not empty it will be used to create a resource with the specified
  #     name.
  class ResourceSettings
    include ::Google::Protobuf::MessageExts
    extend ::Google::Protobuf::MessageExts::ClassMethods
  end

  # Signed Access Approvals (SAA) enrollment response.
  # @!attribute [rw] setup_status
  #   @return [::Google::Cloud::AssuredWorkloads::V1beta1::Workload::SaaEnrollmentResponse::SetupState]
  #     Indicates SAA enrollment status of a given workload.
  # @!attribute [rw] setup_errors
  #   @return [::Array<::Google::Cloud::AssuredWorkloads::V1beta1::Workload::SaaEnrollmentResponse::SetupError>]
  #     Indicates SAA enrollment setup error if any.
  class SaaEnrollmentResponse
    include ::Google::Protobuf::MessageExts
    extend ::Google::Protobuf::MessageExts::ClassMethods

    # Setup state of SAA enrollment.
    module SetupState
      # Unspecified.
      SETUP_STATE_UNSPECIFIED = 0

      # SAA enrollment pending.
      STATUS_PENDING = 1

      # SAA enrollment comopleted.
      STATUS_COMPLETE = 2
    end

    # Setup error of SAA enrollment.
    module SetupError
      # Unspecified.
      SETUP_ERROR_UNSPECIFIED = 0

      # Invalid states for all customers, to be redirected to AA UI for
      # additional details.
      ERROR_INVALID_BASE_SETUP = 1

      # Returned when there is not an EKM key configured.
      ERROR_MISSING_EXTERNAL_SIGNING_KEY = 2

      # Returned when there are no enrolled services or the customer is
      # enrolled in CAA only for a subset of services.
      ERROR_NOT_ALL_SERVICES_ENROLLED = 3

      # Returned when exception was encountered during evaluation of other
      # criteria.
      ERROR_SETUP_CHECK_FAILED = 4
    end
  end

  # @!attribute [rw] key
  #   @return [::String]
  # @!attribute [rw] value
  #   @return [::String]
  class LabelsEntry
    include ::Google::Protobuf::MessageExts
    extend ::Google::Protobuf::MessageExts::ClassMethods
  end

  # Supported Compliance Regimes.
  module ComplianceRegime
    # Unknown compliance regime.
    COMPLIANCE_REGIME_UNSPECIFIED = 0

    # Information protection as per DoD IL4 requirements.
    IL4 = 1

    # Criminal Justice Information Services (CJIS) Security policies.
    CJIS = 2

    # FedRAMP High data protection controls
    FEDRAMP_HIGH = 3

    # FedRAMP Moderate data protection controls
    FEDRAMP_MODERATE = 4

    # Assured Workloads For US Regions data protection controls
    US_REGIONAL_ACCESS = 5

    # Health Insurance Portability and Accountability Act controls
    HIPAA = 6

    # Health Information Trust Alliance controls
    HITRUST = 7

    # Assured Workloads For EU Regions and Support controls
    EU_REGIONS_AND_SUPPORT = 8

    # Assured Workloads For Canada Regions and Support controls
    CA_REGIONS_AND_SUPPORT = 9

    # International Traffic in Arms Regulations
    ITAR = 10

    # Assured Workloads for Australia Regions and Support controls
    AU_REGIONS_AND_US_SUPPORT = 11
  end

  # Key Access Justifications(KAJ) Enrollment State.
  module KajEnrollmentState
    # Default State for KAJ Enrollment.
    KAJ_ENROLLMENT_STATE_UNSPECIFIED = 0

    # Pending State for KAJ Enrollment.
    KAJ_ENROLLMENT_STATE_PENDING = 1

    # Complete State for KAJ Enrollment.
    KAJ_ENROLLMENT_STATE_COMPLETE = 2
  end
end

Class: Google::Cloud::AssuredWorkloads::V1beta1::Workload

Overview

Defined Under Namespace

Instance Attribute Summary collapse

Instance Attribute Details

#billing_account ⇒ ::String (readonly)

#cjis_settings ⇒ ::Google::Cloud::AssuredWorkloads::V1beta1::Workload::CJISSettings

#compliance_regime ⇒ ::Google::Cloud::AssuredWorkloads::V1beta1::Workload::ComplianceRegime

#compliant_but_disallowed_services ⇒ ::Array<::String> (readonly)

#create_time ⇒ ::Google::Protobuf::Timestamp (readonly)

#display_name ⇒ ::String

#enable_sovereign_controls ⇒ ::Boolean

#etag ⇒ ::String

#fedramp_high_settings ⇒ ::Google::Cloud::AssuredWorkloads::V1beta1::Workload::FedrampHighSettings

#fedramp_moderate_settings ⇒ ::Google::Cloud::AssuredWorkloads::V1beta1::Workload::FedrampModerateSettings

#il4_settings ⇒ ::Google::Cloud::AssuredWorkloads::V1beta1::Workload::IL4Settings

#kaj_enrollment_state ⇒ ::Google::Cloud::AssuredWorkloads::V1beta1::Workload::KajEnrollmentState (readonly)

#kms_settings ⇒ ::Google::Cloud::AssuredWorkloads::V1beta1::Workload::KMSSettings

#labels ⇒ ::Google::Protobuf::Map{::String => ::String}

#name ⇒ ::String

#provisioned_resources_parent ⇒ ::String

#resource_settings ⇒ ::Array<::Google::Cloud::AssuredWorkloads::V1beta1::Workload::ResourceSettings>

#resources ⇒ ::Array<::Google::Cloud::AssuredWorkloads::V1beta1::Workload::ResourceInfo> (readonly)

#saa_enrollment_response ⇒ ::Google::Cloud::AssuredWorkloads::V1beta1::Workload::SaaEnrollmentResponse (readonly)

#billing_account ⇒ `::String` (readonly)

#cjis_settings ⇒ `::Google::Cloud::AssuredWorkloads::V1beta1::Workload::CJISSettings`

#compliance_regime ⇒ `::Google::Cloud::AssuredWorkloads::V1beta1::Workload::ComplianceRegime`

#compliant_but_disallowed_services ⇒ `::Array<::String>` (readonly)

#create_time ⇒ `::Google::Protobuf::Timestamp` (readonly)

#display_name ⇒ `::String`

#enable_sovereign_controls ⇒ `::Boolean`

#etag ⇒ `::String`

#fedramp_high_settings ⇒ `::Google::Cloud::AssuredWorkloads::V1beta1::Workload::FedrampHighSettings`

#fedramp_moderate_settings ⇒ `::Google::Cloud::AssuredWorkloads::V1beta1::Workload::FedrampModerateSettings`

#il4_settings ⇒ `::Google::Cloud::AssuredWorkloads::V1beta1::Workload::IL4Settings`

#kaj_enrollment_state ⇒ `::Google::Cloud::AssuredWorkloads::V1beta1::Workload::KajEnrollmentState` (readonly)

#kms_settings ⇒ `::Google::Cloud::AssuredWorkloads::V1beta1::Workload::KMSSettings`

#labels ⇒ `::Google::Protobuf::Map{::String => ::String}`

#name ⇒ `::String`

#provisioned_resources_parent ⇒ `::String`

#resource_settings ⇒ `::Array<::Google::Cloud::AssuredWorkloads::V1beta1::Workload::ResourceSettings>`

#resources ⇒ `::Array<::Google::Cloud::AssuredWorkloads::V1beta1::Workload::ResourceInfo>` (readonly)

#saa_enrollment_response ⇒ `::Google::Cloud::AssuredWorkloads::V1beta1::Workload::SaaEnrollmentResponse` (readonly)