Class: Google::Cloud::Workstations::V1::WorkstationConfig
- Inherits:
-
Object
- Object
- Google::Cloud::Workstations::V1::WorkstationConfig
- Extended by:
- Protobuf::MessageExts::ClassMethods
- Includes:
- Protobuf::MessageExts
- Defined in:
- proto_docs/google/cloud/workstations/v1/workstations.rb
Overview
A workstation configuration resource in the Cloud Workstations API.
Workstation configurations act as templates for workstations. The workstation configuration defines details such as the workstation virtual machine (VM) instance type, persistent storage, container image defining environment, which IDE or Code Editor to use, and more. Administrators and platform teams can also use Identity and Access Management (IAM) rules to grant access to teams or to individual developers.
Defined Under Namespace
Classes: AnnotationsEntry, Container, CustomerEncryptionKey, Host, LabelsEntry, PersistentDirectory, ReadinessCheck
Instance Attribute Summary collapse
-
#annotations ⇒ ::Google::Protobuf::Map{::String => ::String}
Optional.
-
#conditions ⇒ ::Array<::Google::Rpc::Status>
readonly
Output only.
-
#container ⇒ ::Google::Cloud::Workstations::V1::WorkstationConfig::Container
Optional.
-
#create_time ⇒ ::Google::Protobuf::Timestamp
readonly
Output only.
-
#degraded ⇒ ::Boolean
readonly
Output only.
-
#delete_time ⇒ ::Google::Protobuf::Timestamp
readonly
Output only.
-
#display_name ⇒ ::String
Optional.
-
#encryption_key ⇒ ::Google::Cloud::Workstations::V1::WorkstationConfig::CustomerEncryptionKey
Immutable.
-
#etag ⇒ ::String
Optional.
-
#host ⇒ ::Google::Cloud::Workstations::V1::WorkstationConfig::Host
Optional.
-
#idle_timeout ⇒ ::Google::Protobuf::Duration
Optional.
-
#labels ⇒ ::Google::Protobuf::Map{::String => ::String}
Optional.
-
#name ⇒ ::String
Full name of this workstation configuration.
-
#persistent_directories ⇒ ::Array<::Google::Cloud::Workstations::V1::WorkstationConfig::PersistentDirectory>
Optional.
-
#readiness_checks ⇒ ::Array<::Google::Cloud::Workstations::V1::WorkstationConfig::ReadinessCheck>
Optional.
-
#reconciling ⇒ ::Boolean
readonly
Output only.
-
#replica_zones ⇒ ::Array<::String>
Optional.
-
#running_timeout ⇒ ::Google::Protobuf::Duration
Optional.
-
#uid ⇒ ::String
readonly
Output only.
-
#update_time ⇒ ::Google::Protobuf::Timestamp
readonly
Output only.
Instance Attribute Details
#annotations ⇒ ::Google::Protobuf::Map{::String => ::String}
Returns Optional. Client-specified annotations.
279 280 281 282 283 284 285 286 287 288 289 290 291 292 293 294 295 296 297 298 299 300 301 302 303 304 305 306 307 308 309 310 311 312 313 314 315 316 317 318 319 320 321 322 323 324 325 326 327 328 329 330 331 332 333 334 335 336 337 338 339 340 341 342 343 344 345 346 347 348 349 350 351 352 353 354 355 356 357 358 359 360 361 362 363 364 365 366 367 368 369 370 371 372 373 374 375 376 377 378 379 380 381 382 383 384 385 386 387 388 389 390 391 392 393 394 395 396 397 398 399 400 401 402 403 404 405 406 407 408 409 410 411 412 413 414 415 416 417 418 419 420 421 422 423 424 425 426 427 428 429 430 431 432 433 434 435 436 437 438 439 440 441 442 443 444 445 446 447 448 449 450 451 452 453 454 455 456 457 458 459 460 461 462 463 464 465 466 467 468 469 470 471 472 473 474 475 476 477 478 479 480 481 482 483 484 485 486 487 488 489 490 491 492 493 494 495 496 497 498 499 500 501 502 503 504 505 506 507 508 509 510 511 512 513 514 515 516 517 518 519 520 521 522 523 524 525 526 527 528 529 530 531 532 533 534 535 536 537 538 539 540 541 542 543 544 545 546 547 548 549 550 551 552 553 554 555 556 557 558 559 560 561 562 563 564 565 566 567 568 569 570 571 572 573 574 575 576 577 578 579 580 581 582 583 584 585 586 587 588 589 590 591 592 593 594 595 596 597 598 599 600 601 602 603 604 605 606 |
# File 'proto_docs/google/cloud/workstations/v1/workstations.rb', line 279 class WorkstationConfig include ::Google::Protobuf::MessageExts extend ::Google::Protobuf::MessageExts::ClassMethods # Runtime host for a workstation. # @!attribute [rw] gce_instance # @return [::Google::Cloud::Workstations::V1::WorkstationConfig::Host::GceInstance] # Specifies a Compute Engine instance as the host. class Host include ::Google::Protobuf::MessageExts extend ::Google::Protobuf::MessageExts::ClassMethods # A runtime using a Compute Engine instance. # @!attribute [rw] machine_type # @return [::String] # Optional. The type of machine to use for VM instances—for example, # `"e2-standard-4"`. For more information about machine types that # Cloud Workstations supports, see the list of # [available machine # types](https://cloud.google.com/workstations/docs/available-machine-types). # @!attribute [rw] service_account # @return [::String] # Optional. The email address of the service account for Cloud # Workstations VMs created with this configuration. When specified, be # sure that the service account has `logginglogEntries.create` permission # on the project so it can write logs out to Cloud Logging. If using a # custom container image, the service account must have permissions to # pull the specified image. # # If you as the administrator want to be able to `ssh` into the # underlying VM, you need to set this value to a service account # for which you have the `iam.serviceAccounts.actAs` permission. # Conversely, if you don't want anyone to be able to `ssh` into the # underlying VM, use a service account where no one has that # permission. # # If not set, VMs run with a service account provided by the # Cloud Workstations service, and the image must be publicly # accessible. # @!attribute [rw] service_account_scopes # @return [::Array<::String>] # Optional. Scopes to grant to the # {::Google::Cloud::Workstations::V1::WorkstationConfig::Host::GceInstance#service_account service_account}. # Various scopes are automatically added based on feature usage. When # specified, users of workstations under this configuration must have # `iam.serviceAccounts.actAs` on the service account. # @!attribute [rw] tags # @return [::Array<::String>] # Optional. Network tags to add to the Compute Engine VMs backing the # workstations. This option applies # [network # tags](https://cloud.google.com/vpc/docs/add-remove-network-tags) to VMs # created with this configuration. These network tags enable the creation # of [firewall # rules](https://cloud.google.com/workstations/docs/configure-firewall-rules). # @!attribute [rw] pool_size # @return [::Integer] # Optional. The number of VMs that the system should keep idle so that # new workstations can be started quickly for new users. Defaults to `0` # in the API. # @!attribute [r] pooled_instances # @return [::Integer] # Output only. Number of instances currently available in the pool for # faster workstation startup. # @!attribute [rw] disable_public_ip_addresses # @return [::Boolean] # Optional. When set to true, disables public IP addresses for VMs. If # you disable public IP addresses, you must set up Private Google Access # or Cloud NAT on your network. If you use Private Google Access and you # use `private.googleapis.com` or `restricted.googleapis.com` for # Container Registry and Artifact Registry, make sure that you set # up DNS records for domains `*.gcr.io` and `*.pkg.dev`. # Defaults to false (VMs have public IP addresses). # @!attribute [rw] enable_nested_virtualization # @return [::Boolean] # Optional. Whether to enable nested virtualization on Cloud Workstations # VMs created under this workstation configuration. # # Nested virtualization lets you run virtual machine (VM) instances # inside your workstation. Before enabling nested virtualization, # consider the following important considerations. Cloud Workstations # instances are subject to the [same restrictions as Compute Engine # instances](https://cloud.google.com/compute/docs/instances/nested-virtualization/overview#restrictions): # # * **Organization policy**: projects, folders, or # organizations may be restricted from creating nested VMs if the # **Disable VM nested virtualization** constraint is enforced in # the organization policy. For more information, see the # Compute Engine section, # [Checking whether nested virtualization is # allowed](https://cloud.google.com/compute/docs/instances/nested-virtualization/managing-constraint#checking_whether_nested_virtualization_is_allowed). # * **Performance**: nested VMs might experience a 10% or greater # decrease in performance for workloads that are CPU-bound and # possibly greater than a 10% decrease for workloads that are # input/output bound. # * **Machine Type**: nested virtualization can only be enabled on # workstation configurations that specify a # {::Google::Cloud::Workstations::V1::WorkstationConfig::Host::GceInstance#machine_type machine_type} # in the N1 or N2 machine series. # * **GPUs**: nested virtualization may not be enabled on workstation # configurations with accelerators. # * **Operating System**: Because # [Container-Optimized # OS](https://cloud.google.com/compute/docs/images/os-details#container-optimized_os_cos) # does not support nested virtualization, when nested virtualization is # enabled, the underlying Compute Engine VM instances boot from an # [Ubuntu # LTS](https://cloud.google.com/compute/docs/images/os-details#ubuntu_lts) # image. # @!attribute [rw] shielded_instance_config # @return [::Google::Cloud::Workstations::V1::WorkstationConfig::Host::GceInstance::GceShieldedInstanceConfig] # Optional. A set of Compute Engine Shielded instance options. # @!attribute [rw] confidential_instance_config # @return [::Google::Cloud::Workstations::V1::WorkstationConfig::Host::GceInstance::GceConfidentialInstanceConfig] # Optional. A set of Compute Engine Confidential VM instance options. # @!attribute [rw] boot_disk_size_gb # @return [::Integer] # Optional. The size of the boot disk for the VM in gigabytes (GB). # The minimum boot disk size is `30` GB. Defaults to `50` GB. class GceInstance include ::Google::Protobuf::MessageExts extend ::Google::Protobuf::MessageExts::ClassMethods # A set of Compute Engine Shielded instance options. # @!attribute [rw] enable_secure_boot # @return [::Boolean] # Optional. Whether the instance has Secure Boot enabled. # @!attribute [rw] enable_vtpm # @return [::Boolean] # Optional. Whether the instance has the vTPM enabled. # @!attribute [rw] enable_integrity_monitoring # @return [::Boolean] # Optional. Whether the instance has integrity monitoring enabled. class GceShieldedInstanceConfig include ::Google::Protobuf::MessageExts extend ::Google::Protobuf::MessageExts::ClassMethods end # A set of Compute Engine Confidential VM instance options. # @!attribute [rw] enable_confidential_compute # @return [::Boolean] # Optional. Whether the instance has confidential compute enabled. class GceConfidentialInstanceConfig include ::Google::Protobuf::MessageExts extend ::Google::Protobuf::MessageExts::ClassMethods end end end # A directory to persist across workstation sessions. # @!attribute [rw] gce_pd # @return [::Google::Cloud::Workstations::V1::WorkstationConfig::PersistentDirectory::GceRegionalPersistentDisk] # A PersistentDirectory backed by a Compute Engine persistent disk. # @!attribute [rw] mount_path # @return [::String] # Optional. Location of this directory in the running workstation. class PersistentDirectory include ::Google::Protobuf::MessageExts extend ::Google::Protobuf::MessageExts::ClassMethods # A PersistentDirectory backed by a Compute Engine regional persistent # disk. The # {::Google::Cloud::Workstations::V1::WorkstationConfig#persistent_directories persistent_directories} # field is repeated, but it may contain only one entry. It creates a # [persistent # disk](https://cloud.google.com/compute/docs/disks/persistent-disks) that # mounts to the workstation VM at `/home` when the session starts and # detaches when the session ends. If this field is empty, workstations # created with this configuration do not have a persistent home # directory. # @!attribute [rw] size_gb # @return [::Integer] # Optional. The GB capacity of a persistent home directory for each # workstation created with this configuration. Must be empty if # {::Google::Cloud::Workstations::V1::WorkstationConfig::PersistentDirectory::GceRegionalPersistentDisk#source_snapshot source_snapshot} # is set. # # Valid values are `10`, `50`, `100`, `200`, `500`, or `1000`. # Defaults to `200`. If less than `200` GB, the # {::Google::Cloud::Workstations::V1::WorkstationConfig::PersistentDirectory::GceRegionalPersistentDisk#disk_type disk_type} # must be # `"pd-balanced"` or `"pd-ssd"`. # @!attribute [rw] fs_type # @return [::String] # Optional. Type of file system that the disk should be formatted with. # The workstation image must support this file system type. Must be empty # if # {::Google::Cloud::Workstations::V1::WorkstationConfig::PersistentDirectory::GceRegionalPersistentDisk#source_snapshot source_snapshot} # is set. Defaults to `"ext4"`. # @!attribute [rw] disk_type # @return [::String] # Optional. The [type of the persistent # disk](https://cloud.google.com/compute/docs/disks#disk-types) for the # home directory. Defaults to `"pd-standard"`. # @!attribute [rw] source_snapshot # @return [::String] # Optional. Name of the snapshot to use as the source for the disk. If # set, # {::Google::Cloud::Workstations::V1::WorkstationConfig::PersistentDirectory::GceRegionalPersistentDisk#size_gb size_gb} # and # {::Google::Cloud::Workstations::V1::WorkstationConfig::PersistentDirectory::GceRegionalPersistentDisk#fs_type fs_type} # must be empty. # @!attribute [rw] reclaim_policy # @return [::Google::Cloud::Workstations::V1::WorkstationConfig::PersistentDirectory::GceRegionalPersistentDisk::ReclaimPolicy] # Optional. Whether the persistent disk should be deleted when the # workstation is deleted. Valid values are `DELETE` and `RETAIN`. # Defaults to `DELETE`. class GceRegionalPersistentDisk include ::Google::Protobuf::MessageExts extend ::Google::Protobuf::MessageExts::ClassMethods # Value representing what should happen to the disk after the workstation # is deleted. module ReclaimPolicy # Do not use. RECLAIM_POLICY_UNSPECIFIED = 0 # Delete the persistent disk when deleting the workstation. DELETE = 1 # Keep the persistent disk when deleting the workstation. # An administrator must manually delete the disk. RETAIN = 2 end end end # A Docker container. # @!attribute [rw] image # @return [::String] # Optional. A Docker container image that defines a custom environment. # # Cloud Workstations provides a number of # [preconfigured # images](https://cloud.google.com/workstations/docs/preconfigured-base-images), # but you can create your own # [custom container # images](https://cloud.google.com/workstations/docs/custom-container-images). # If using a private image, the `host.gceInstance.serviceAccount` field # must be specified in the workstation configuration and must have # permission to pull the specified image. Otherwise, the image must be # publicly accessible. # @!attribute [rw] command # @return [::Array<::String>] # Optional. If set, overrides the default ENTRYPOINT specified by the # image. # @!attribute [rw] args # @return [::Array<::String>] # Optional. Arguments passed to the entrypoint. # @!attribute [rw] env # @return [::Google::Protobuf::Map{::String => ::String}] # Optional. Environment variables passed to the container's entrypoint. # @!attribute [rw] working_dir # @return [::String] # Optional. If set, overrides the default DIR specified by the image. # @!attribute [rw] run_as_user # @return [::Integer] # Optional. If set, overrides the USER specified in the image with the # given uid. class Container include ::Google::Protobuf::MessageExts extend ::Google::Protobuf::MessageExts::ClassMethods # @!attribute [rw] key # @return [::String] # @!attribute [rw] value # @return [::String] class EnvEntry include ::Google::Protobuf::MessageExts extend ::Google::Protobuf::MessageExts::ClassMethods end end # A customer-managed encryption key (CMEK) for the Compute Engine # resources of the associated workstation configuration. Specify the name of # your Cloud KMS encryption key and the default service account. # We recommend that you use a separate service account and follow # [Cloud KMS best # practices](https://cloud.google.com/kms/docs/separation-of-duties). # @!attribute [rw] kms_key # @return [::String] # Immutable. The name of the Google Cloud KMS encryption key. For example, # `"projects/PROJECT_ID/locations/REGION/keyRings/KEY_RING/cryptoKeys/KEY_NAME"`. # The key must be in the same region as the workstation configuration. # @!attribute [rw] kms_key_service_account # @return [::String] # Immutable. The service account to use with the specified # KMS key. We recommend that you use a separate service account # and follow KMS best practices. For more information, see # [Separation of # duties](https://cloud.google.com/kms/docs/separation-of-duties) and # `gcloud kms keys add-iam-policy-binding` # [`--member`](https://cloud.google.com/sdk/gcloud/reference/kms/keys/add-iam-policy-binding#--member). class CustomerEncryptionKey include ::Google::Protobuf::MessageExts extend ::Google::Protobuf::MessageExts::ClassMethods end # A readiness check to be performed on a workstation. # @!attribute [rw] path # @return [::String] # Optional. Path to which the request should be sent. # @!attribute [rw] port # @return [::Integer] # Optional. Port to which the request should be sent. class ReadinessCheck include ::Google::Protobuf::MessageExts extend ::Google::Protobuf::MessageExts::ClassMethods end # @!attribute [rw] key # @return [::String] # @!attribute [rw] value # @return [::String] class AnnotationsEntry include ::Google::Protobuf::MessageExts extend ::Google::Protobuf::MessageExts::ClassMethods end # @!attribute [rw] key # @return [::String] # @!attribute [rw] value # @return [::String] class LabelsEntry include ::Google::Protobuf::MessageExts extend ::Google::Protobuf::MessageExts::ClassMethods end end |
#conditions ⇒ ::Array<::Google::Rpc::Status> (readonly)
Returns Output only. Status conditions describing the current resource state.
279 280 281 282 283 284 285 286 287 288 289 290 291 292 293 294 295 296 297 298 299 300 301 302 303 304 305 306 307 308 309 310 311 312 313 314 315 316 317 318 319 320 321 322 323 324 325 326 327 328 329 330 331 332 333 334 335 336 337 338 339 340 341 342 343 344 345 346 347 348 349 350 351 352 353 354 355 356 357 358 359 360 361 362 363 364 365 366 367 368 369 370 371 372 373 374 375 376 377 378 379 380 381 382 383 384 385 386 387 388 389 390 391 392 393 394 395 396 397 398 399 400 401 402 403 404 405 406 407 408 409 410 411 412 413 414 415 416 417 418 419 420 421 422 423 424 425 426 427 428 429 430 431 432 433 434 435 436 437 438 439 440 441 442 443 444 445 446 447 448 449 450 451 452 453 454 455 456 457 458 459 460 461 462 463 464 465 466 467 468 469 470 471 472 473 474 475 476 477 478 479 480 481 482 483 484 485 486 487 488 489 490 491 492 493 494 495 496 497 498 499 500 501 502 503 504 505 506 507 508 509 510 511 512 513 514 515 516 517 518 519 520 521 522 523 524 525 526 527 528 529 530 531 532 533 534 535 536 537 538 539 540 541 542 543 544 545 546 547 548 549 550 551 552 553 554 555 556 557 558 559 560 561 562 563 564 565 566 567 568 569 570 571 572 573 574 575 576 577 578 579 580 581 582 583 584 585 586 587 588 589 590 591 592 593 594 595 596 597 598 599 600 601 602 603 604 605 606 |
# File 'proto_docs/google/cloud/workstations/v1/workstations.rb', line 279 class WorkstationConfig include ::Google::Protobuf::MessageExts extend ::Google::Protobuf::MessageExts::ClassMethods # Runtime host for a workstation. # @!attribute [rw] gce_instance # @return [::Google::Cloud::Workstations::V1::WorkstationConfig::Host::GceInstance] # Specifies a Compute Engine instance as the host. class Host include ::Google::Protobuf::MessageExts extend ::Google::Protobuf::MessageExts::ClassMethods # A runtime using a Compute Engine instance. # @!attribute [rw] machine_type # @return [::String] # Optional. The type of machine to use for VM instances—for example, # `"e2-standard-4"`. For more information about machine types that # Cloud Workstations supports, see the list of # [available machine # types](https://cloud.google.com/workstations/docs/available-machine-types). # @!attribute [rw] service_account # @return [::String] # Optional. The email address of the service account for Cloud # Workstations VMs created with this configuration. When specified, be # sure that the service account has `logginglogEntries.create` permission # on the project so it can write logs out to Cloud Logging. If using a # custom container image, the service account must have permissions to # pull the specified image. # # If you as the administrator want to be able to `ssh` into the # underlying VM, you need to set this value to a service account # for which you have the `iam.serviceAccounts.actAs` permission. # Conversely, if you don't want anyone to be able to `ssh` into the # underlying VM, use a service account where no one has that # permission. # # If not set, VMs run with a service account provided by the # Cloud Workstations service, and the image must be publicly # accessible. # @!attribute [rw] service_account_scopes # @return [::Array<::String>] # Optional. Scopes to grant to the # {::Google::Cloud::Workstations::V1::WorkstationConfig::Host::GceInstance#service_account service_account}. # Various scopes are automatically added based on feature usage. When # specified, users of workstations under this configuration must have # `iam.serviceAccounts.actAs` on the service account. # @!attribute [rw] tags # @return [::Array<::String>] # Optional. Network tags to add to the Compute Engine VMs backing the # workstations. This option applies # [network # tags](https://cloud.google.com/vpc/docs/add-remove-network-tags) to VMs # created with this configuration. These network tags enable the creation # of [firewall # rules](https://cloud.google.com/workstations/docs/configure-firewall-rules). # @!attribute [rw] pool_size # @return [::Integer] # Optional. The number of VMs that the system should keep idle so that # new workstations can be started quickly for new users. Defaults to `0` # in the API. # @!attribute [r] pooled_instances # @return [::Integer] # Output only. Number of instances currently available in the pool for # faster workstation startup. # @!attribute [rw] disable_public_ip_addresses # @return [::Boolean] # Optional. When set to true, disables public IP addresses for VMs. If # you disable public IP addresses, you must set up Private Google Access # or Cloud NAT on your network. If you use Private Google Access and you # use `private.googleapis.com` or `restricted.googleapis.com` for # Container Registry and Artifact Registry, make sure that you set # up DNS records for domains `*.gcr.io` and `*.pkg.dev`. # Defaults to false (VMs have public IP addresses). # @!attribute [rw] enable_nested_virtualization # @return [::Boolean] # Optional. Whether to enable nested virtualization on Cloud Workstations # VMs created under this workstation configuration. # # Nested virtualization lets you run virtual machine (VM) instances # inside your workstation. Before enabling nested virtualization, # consider the following important considerations. Cloud Workstations # instances are subject to the [same restrictions as Compute Engine # instances](https://cloud.google.com/compute/docs/instances/nested-virtualization/overview#restrictions): # # * **Organization policy**: projects, folders, or # organizations may be restricted from creating nested VMs if the # **Disable VM nested virtualization** constraint is enforced in # the organization policy. For more information, see the # Compute Engine section, # [Checking whether nested virtualization is # allowed](https://cloud.google.com/compute/docs/instances/nested-virtualization/managing-constraint#checking_whether_nested_virtualization_is_allowed). # * **Performance**: nested VMs might experience a 10% or greater # decrease in performance for workloads that are CPU-bound and # possibly greater than a 10% decrease for workloads that are # input/output bound. # * **Machine Type**: nested virtualization can only be enabled on # workstation configurations that specify a # {::Google::Cloud::Workstations::V1::WorkstationConfig::Host::GceInstance#machine_type machine_type} # in the N1 or N2 machine series. # * **GPUs**: nested virtualization may not be enabled on workstation # configurations with accelerators. # * **Operating System**: Because # [Container-Optimized # OS](https://cloud.google.com/compute/docs/images/os-details#container-optimized_os_cos) # does not support nested virtualization, when nested virtualization is # enabled, the underlying Compute Engine VM instances boot from an # [Ubuntu # LTS](https://cloud.google.com/compute/docs/images/os-details#ubuntu_lts) # image. # @!attribute [rw] shielded_instance_config # @return [::Google::Cloud::Workstations::V1::WorkstationConfig::Host::GceInstance::GceShieldedInstanceConfig] # Optional. A set of Compute Engine Shielded instance options. # @!attribute [rw] confidential_instance_config # @return [::Google::Cloud::Workstations::V1::WorkstationConfig::Host::GceInstance::GceConfidentialInstanceConfig] # Optional. A set of Compute Engine Confidential VM instance options. # @!attribute [rw] boot_disk_size_gb # @return [::Integer] # Optional. The size of the boot disk for the VM in gigabytes (GB). # The minimum boot disk size is `30` GB. Defaults to `50` GB. class GceInstance include ::Google::Protobuf::MessageExts extend ::Google::Protobuf::MessageExts::ClassMethods # A set of Compute Engine Shielded instance options. # @!attribute [rw] enable_secure_boot # @return [::Boolean] # Optional. Whether the instance has Secure Boot enabled. # @!attribute [rw] enable_vtpm # @return [::Boolean] # Optional. Whether the instance has the vTPM enabled. # @!attribute [rw] enable_integrity_monitoring # @return [::Boolean] # Optional. Whether the instance has integrity monitoring enabled. class GceShieldedInstanceConfig include ::Google::Protobuf::MessageExts extend ::Google::Protobuf::MessageExts::ClassMethods end # A set of Compute Engine Confidential VM instance options. # @!attribute [rw] enable_confidential_compute # @return [::Boolean] # Optional. Whether the instance has confidential compute enabled. class GceConfidentialInstanceConfig include ::Google::Protobuf::MessageExts extend ::Google::Protobuf::MessageExts::ClassMethods end end end # A directory to persist across workstation sessions. # @!attribute [rw] gce_pd # @return [::Google::Cloud::Workstations::V1::WorkstationConfig::PersistentDirectory::GceRegionalPersistentDisk] # A PersistentDirectory backed by a Compute Engine persistent disk. # @!attribute [rw] mount_path # @return [::String] # Optional. Location of this directory in the running workstation. class PersistentDirectory include ::Google::Protobuf::MessageExts extend ::Google::Protobuf::MessageExts::ClassMethods # A PersistentDirectory backed by a Compute Engine regional persistent # disk. The # {::Google::Cloud::Workstations::V1::WorkstationConfig#persistent_directories persistent_directories} # field is repeated, but it may contain only one entry. It creates a # [persistent # disk](https://cloud.google.com/compute/docs/disks/persistent-disks) that # mounts to the workstation VM at `/home` when the session starts and # detaches when the session ends. If this field is empty, workstations # created with this configuration do not have a persistent home # directory. # @!attribute [rw] size_gb # @return [::Integer] # Optional. The GB capacity of a persistent home directory for each # workstation created with this configuration. Must be empty if # {::Google::Cloud::Workstations::V1::WorkstationConfig::PersistentDirectory::GceRegionalPersistentDisk#source_snapshot source_snapshot} # is set. # # Valid values are `10`, `50`, `100`, `200`, `500`, or `1000`. # Defaults to `200`. If less than `200` GB, the # {::Google::Cloud::Workstations::V1::WorkstationConfig::PersistentDirectory::GceRegionalPersistentDisk#disk_type disk_type} # must be # `"pd-balanced"` or `"pd-ssd"`. # @!attribute [rw] fs_type # @return [::String] # Optional. Type of file system that the disk should be formatted with. # The workstation image must support this file system type. Must be empty # if # {::Google::Cloud::Workstations::V1::WorkstationConfig::PersistentDirectory::GceRegionalPersistentDisk#source_snapshot source_snapshot} # is set. Defaults to `"ext4"`. # @!attribute [rw] disk_type # @return [::String] # Optional. The [type of the persistent # disk](https://cloud.google.com/compute/docs/disks#disk-types) for the # home directory. Defaults to `"pd-standard"`. # @!attribute [rw] source_snapshot # @return [::String] # Optional. Name of the snapshot to use as the source for the disk. If # set, # {::Google::Cloud::Workstations::V1::WorkstationConfig::PersistentDirectory::GceRegionalPersistentDisk#size_gb size_gb} # and # {::Google::Cloud::Workstations::V1::WorkstationConfig::PersistentDirectory::GceRegionalPersistentDisk#fs_type fs_type} # must be empty. # @!attribute [rw] reclaim_policy # @return [::Google::Cloud::Workstations::V1::WorkstationConfig::PersistentDirectory::GceRegionalPersistentDisk::ReclaimPolicy] # Optional. Whether the persistent disk should be deleted when the # workstation is deleted. Valid values are `DELETE` and `RETAIN`. # Defaults to `DELETE`. class GceRegionalPersistentDisk include ::Google::Protobuf::MessageExts extend ::Google::Protobuf::MessageExts::ClassMethods # Value representing what should happen to the disk after the workstation # is deleted. module ReclaimPolicy # Do not use. RECLAIM_POLICY_UNSPECIFIED = 0 # Delete the persistent disk when deleting the workstation. DELETE = 1 # Keep the persistent disk when deleting the workstation. # An administrator must manually delete the disk. RETAIN = 2 end end end # A Docker container. # @!attribute [rw] image # @return [::String] # Optional. A Docker container image that defines a custom environment. # # Cloud Workstations provides a number of # [preconfigured # images](https://cloud.google.com/workstations/docs/preconfigured-base-images), # but you can create your own # [custom container # images](https://cloud.google.com/workstations/docs/custom-container-images). # If using a private image, the `host.gceInstance.serviceAccount` field # must be specified in the workstation configuration and must have # permission to pull the specified image. Otherwise, the image must be # publicly accessible. # @!attribute [rw] command # @return [::Array<::String>] # Optional. If set, overrides the default ENTRYPOINT specified by the # image. # @!attribute [rw] args # @return [::Array<::String>] # Optional. Arguments passed to the entrypoint. # @!attribute [rw] env # @return [::Google::Protobuf::Map{::String => ::String}] # Optional. Environment variables passed to the container's entrypoint. # @!attribute [rw] working_dir # @return [::String] # Optional. If set, overrides the default DIR specified by the image. # @!attribute [rw] run_as_user # @return [::Integer] # Optional. If set, overrides the USER specified in the image with the # given uid. class Container include ::Google::Protobuf::MessageExts extend ::Google::Protobuf::MessageExts::ClassMethods # @!attribute [rw] key # @return [::String] # @!attribute [rw] value # @return [::String] class EnvEntry include ::Google::Protobuf::MessageExts extend ::Google::Protobuf::MessageExts::ClassMethods end end # A customer-managed encryption key (CMEK) for the Compute Engine # resources of the associated workstation configuration. Specify the name of # your Cloud KMS encryption key and the default service account. # We recommend that you use a separate service account and follow # [Cloud KMS best # practices](https://cloud.google.com/kms/docs/separation-of-duties). # @!attribute [rw] kms_key # @return [::String] # Immutable. The name of the Google Cloud KMS encryption key. For example, # `"projects/PROJECT_ID/locations/REGION/keyRings/KEY_RING/cryptoKeys/KEY_NAME"`. # The key must be in the same region as the workstation configuration. # @!attribute [rw] kms_key_service_account # @return [::String] # Immutable. The service account to use with the specified # KMS key. We recommend that you use a separate service account # and follow KMS best practices. For more information, see # [Separation of # duties](https://cloud.google.com/kms/docs/separation-of-duties) and # `gcloud kms keys add-iam-policy-binding` # [`--member`](https://cloud.google.com/sdk/gcloud/reference/kms/keys/add-iam-policy-binding#--member). class CustomerEncryptionKey include ::Google::Protobuf::MessageExts extend ::Google::Protobuf::MessageExts::ClassMethods end # A readiness check to be performed on a workstation. # @!attribute [rw] path # @return [::String] # Optional. Path to which the request should be sent. # @!attribute [rw] port # @return [::Integer] # Optional. Port to which the request should be sent. class ReadinessCheck include ::Google::Protobuf::MessageExts extend ::Google::Protobuf::MessageExts::ClassMethods end # @!attribute [rw] key # @return [::String] # @!attribute [rw] value # @return [::String] class AnnotationsEntry include ::Google::Protobuf::MessageExts extend ::Google::Protobuf::MessageExts::ClassMethods end # @!attribute [rw] key # @return [::String] # @!attribute [rw] value # @return [::String] class LabelsEntry include ::Google::Protobuf::MessageExts extend ::Google::Protobuf::MessageExts::ClassMethods end end |
#container ⇒ ::Google::Cloud::Workstations::V1::WorkstationConfig::Container
Returns Optional. Container that runs upon startup for each workstation using this workstation configuration.
279 280 281 282 283 284 285 286 287 288 289 290 291 292 293 294 295 296 297 298 299 300 301 302 303 304 305 306 307 308 309 310 311 312 313 314 315 316 317 318 319 320 321 322 323 324 325 326 327 328 329 330 331 332 333 334 335 336 337 338 339 340 341 342 343 344 345 346 347 348 349 350 351 352 353 354 355 356 357 358 359 360 361 362 363 364 365 366 367 368 369 370 371 372 373 374 375 376 377 378 379 380 381 382 383 384 385 386 387 388 389 390 391 392 393 394 395 396 397 398 399 400 401 402 403 404 405 406 407 408 409 410 411 412 413 414 415 416 417 418 419 420 421 422 423 424 425 426 427 428 429 430 431 432 433 434 435 436 437 438 439 440 441 442 443 444 445 446 447 448 449 450 451 452 453 454 455 456 457 458 459 460 461 462 463 464 465 466 467 468 469 470 471 472 473 474 475 476 477 478 479 480 481 482 483 484 485 486 487 488 489 490 491 492 493 494 495 496 497 498 499 500 501 502 503 504 505 506 507 508 509 510 511 512 513 514 515 516 517 518 519 520 521 522 523 524 525 526 527 528 529 530 531 532 533 534 535 536 537 538 539 540 541 542 543 544 545 546 547 548 549 550 551 552 553 554 555 556 557 558 559 560 561 562 563 564 565 566 567 568 569 570 571 572 573 574 575 576 577 578 579 580 581 582 583 584 585 586 587 588 589 590 591 592 593 594 595 596 597 598 599 600 601 602 603 604 605 606 |
# File 'proto_docs/google/cloud/workstations/v1/workstations.rb', line 279 class WorkstationConfig include ::Google::Protobuf::MessageExts extend ::Google::Protobuf::MessageExts::ClassMethods # Runtime host for a workstation. # @!attribute [rw] gce_instance # @return [::Google::Cloud::Workstations::V1::WorkstationConfig::Host::GceInstance] # Specifies a Compute Engine instance as the host. class Host include ::Google::Protobuf::MessageExts extend ::Google::Protobuf::MessageExts::ClassMethods # A runtime using a Compute Engine instance. # @!attribute [rw] machine_type # @return [::String] # Optional. The type of machine to use for VM instances—for example, # `"e2-standard-4"`. For more information about machine types that # Cloud Workstations supports, see the list of # [available machine # types](https://cloud.google.com/workstations/docs/available-machine-types). # @!attribute [rw] service_account # @return [::String] # Optional. The email address of the service account for Cloud # Workstations VMs created with this configuration. When specified, be # sure that the service account has `logginglogEntries.create` permission # on the project so it can write logs out to Cloud Logging. If using a # custom container image, the service account must have permissions to # pull the specified image. # # If you as the administrator want to be able to `ssh` into the # underlying VM, you need to set this value to a service account # for which you have the `iam.serviceAccounts.actAs` permission. # Conversely, if you don't want anyone to be able to `ssh` into the # underlying VM, use a service account where no one has that # permission. # # If not set, VMs run with a service account provided by the # Cloud Workstations service, and the image must be publicly # accessible. # @!attribute [rw] service_account_scopes # @return [::Array<::String>] # Optional. Scopes to grant to the # {::Google::Cloud::Workstations::V1::WorkstationConfig::Host::GceInstance#service_account service_account}. # Various scopes are automatically added based on feature usage. When # specified, users of workstations under this configuration must have # `iam.serviceAccounts.actAs` on the service account. # @!attribute [rw] tags # @return [::Array<::String>] # Optional. Network tags to add to the Compute Engine VMs backing the # workstations. This option applies # [network # tags](https://cloud.google.com/vpc/docs/add-remove-network-tags) to VMs # created with this configuration. These network tags enable the creation # of [firewall # rules](https://cloud.google.com/workstations/docs/configure-firewall-rules). # @!attribute [rw] pool_size # @return [::Integer] # Optional. The number of VMs that the system should keep idle so that # new workstations can be started quickly for new users. Defaults to `0` # in the API. # @!attribute [r] pooled_instances # @return [::Integer] # Output only. Number of instances currently available in the pool for # faster workstation startup. # @!attribute [rw] disable_public_ip_addresses # @return [::Boolean] # Optional. When set to true, disables public IP addresses for VMs. If # you disable public IP addresses, you must set up Private Google Access # or Cloud NAT on your network. If you use Private Google Access and you # use `private.googleapis.com` or `restricted.googleapis.com` for # Container Registry and Artifact Registry, make sure that you set # up DNS records for domains `*.gcr.io` and `*.pkg.dev`. # Defaults to false (VMs have public IP addresses). # @!attribute [rw] enable_nested_virtualization # @return [::Boolean] # Optional. Whether to enable nested virtualization on Cloud Workstations # VMs created under this workstation configuration. # # Nested virtualization lets you run virtual machine (VM) instances # inside your workstation. Before enabling nested virtualization, # consider the following important considerations. Cloud Workstations # instances are subject to the [same restrictions as Compute Engine # instances](https://cloud.google.com/compute/docs/instances/nested-virtualization/overview#restrictions): # # * **Organization policy**: projects, folders, or # organizations may be restricted from creating nested VMs if the # **Disable VM nested virtualization** constraint is enforced in # the organization policy. For more information, see the # Compute Engine section, # [Checking whether nested virtualization is # allowed](https://cloud.google.com/compute/docs/instances/nested-virtualization/managing-constraint#checking_whether_nested_virtualization_is_allowed). # * **Performance**: nested VMs might experience a 10% or greater # decrease in performance for workloads that are CPU-bound and # possibly greater than a 10% decrease for workloads that are # input/output bound. # * **Machine Type**: nested virtualization can only be enabled on # workstation configurations that specify a # {::Google::Cloud::Workstations::V1::WorkstationConfig::Host::GceInstance#machine_type machine_type} # in the N1 or N2 machine series. # * **GPUs**: nested virtualization may not be enabled on workstation # configurations with accelerators. # * **Operating System**: Because # [Container-Optimized # OS](https://cloud.google.com/compute/docs/images/os-details#container-optimized_os_cos) # does not support nested virtualization, when nested virtualization is # enabled, the underlying Compute Engine VM instances boot from an # [Ubuntu # LTS](https://cloud.google.com/compute/docs/images/os-details#ubuntu_lts) # image. # @!attribute [rw] shielded_instance_config # @return [::Google::Cloud::Workstations::V1::WorkstationConfig::Host::GceInstance::GceShieldedInstanceConfig] # Optional. A set of Compute Engine Shielded instance options. # @!attribute [rw] confidential_instance_config # @return [::Google::Cloud::Workstations::V1::WorkstationConfig::Host::GceInstance::GceConfidentialInstanceConfig] # Optional. A set of Compute Engine Confidential VM instance options. # @!attribute [rw] boot_disk_size_gb # @return [::Integer] # Optional. The size of the boot disk for the VM in gigabytes (GB). # The minimum boot disk size is `30` GB. Defaults to `50` GB. class GceInstance include ::Google::Protobuf::MessageExts extend ::Google::Protobuf::MessageExts::ClassMethods # A set of Compute Engine Shielded instance options. # @!attribute [rw] enable_secure_boot # @return [::Boolean] # Optional. Whether the instance has Secure Boot enabled. # @!attribute [rw] enable_vtpm # @return [::Boolean] # Optional. Whether the instance has the vTPM enabled. # @!attribute [rw] enable_integrity_monitoring # @return [::Boolean] # Optional. Whether the instance has integrity monitoring enabled. class GceShieldedInstanceConfig include ::Google::Protobuf::MessageExts extend ::Google::Protobuf::MessageExts::ClassMethods end # A set of Compute Engine Confidential VM instance options. # @!attribute [rw] enable_confidential_compute # @return [::Boolean] # Optional. Whether the instance has confidential compute enabled. class GceConfidentialInstanceConfig include ::Google::Protobuf::MessageExts extend ::Google::Protobuf::MessageExts::ClassMethods end end end # A directory to persist across workstation sessions. # @!attribute [rw] gce_pd # @return [::Google::Cloud::Workstations::V1::WorkstationConfig::PersistentDirectory::GceRegionalPersistentDisk] # A PersistentDirectory backed by a Compute Engine persistent disk. # @!attribute [rw] mount_path # @return [::String] # Optional. Location of this directory in the running workstation. class PersistentDirectory include ::Google::Protobuf::MessageExts extend ::Google::Protobuf::MessageExts::ClassMethods # A PersistentDirectory backed by a Compute Engine regional persistent # disk. The # {::Google::Cloud::Workstations::V1::WorkstationConfig#persistent_directories persistent_directories} # field is repeated, but it may contain only one entry. It creates a # [persistent # disk](https://cloud.google.com/compute/docs/disks/persistent-disks) that # mounts to the workstation VM at `/home` when the session starts and # detaches when the session ends. If this field is empty, workstations # created with this configuration do not have a persistent home # directory. # @!attribute [rw] size_gb # @return [::Integer] # Optional. The GB capacity of a persistent home directory for each # workstation created with this configuration. Must be empty if # {::Google::Cloud::Workstations::V1::WorkstationConfig::PersistentDirectory::GceRegionalPersistentDisk#source_snapshot source_snapshot} # is set. # # Valid values are `10`, `50`, `100`, `200`, `500`, or `1000`. # Defaults to `200`. If less than `200` GB, the # {::Google::Cloud::Workstations::V1::WorkstationConfig::PersistentDirectory::GceRegionalPersistentDisk#disk_type disk_type} # must be # `"pd-balanced"` or `"pd-ssd"`. # @!attribute [rw] fs_type # @return [::String] # Optional. Type of file system that the disk should be formatted with. # The workstation image must support this file system type. Must be empty # if # {::Google::Cloud::Workstations::V1::WorkstationConfig::PersistentDirectory::GceRegionalPersistentDisk#source_snapshot source_snapshot} # is set. Defaults to `"ext4"`. # @!attribute [rw] disk_type # @return [::String] # Optional. The [type of the persistent # disk](https://cloud.google.com/compute/docs/disks#disk-types) for the # home directory. Defaults to `"pd-standard"`. # @!attribute [rw] source_snapshot # @return [::String] # Optional. Name of the snapshot to use as the source for the disk. If # set, # {::Google::Cloud::Workstations::V1::WorkstationConfig::PersistentDirectory::GceRegionalPersistentDisk#size_gb size_gb} # and # {::Google::Cloud::Workstations::V1::WorkstationConfig::PersistentDirectory::GceRegionalPersistentDisk#fs_type fs_type} # must be empty. # @!attribute [rw] reclaim_policy # @return [::Google::Cloud::Workstations::V1::WorkstationConfig::PersistentDirectory::GceRegionalPersistentDisk::ReclaimPolicy] # Optional. Whether the persistent disk should be deleted when the # workstation is deleted. Valid values are `DELETE` and `RETAIN`. # Defaults to `DELETE`. class GceRegionalPersistentDisk include ::Google::Protobuf::MessageExts extend ::Google::Protobuf::MessageExts::ClassMethods # Value representing what should happen to the disk after the workstation # is deleted. module ReclaimPolicy # Do not use. RECLAIM_POLICY_UNSPECIFIED = 0 # Delete the persistent disk when deleting the workstation. DELETE = 1 # Keep the persistent disk when deleting the workstation. # An administrator must manually delete the disk. RETAIN = 2 end end end # A Docker container. # @!attribute [rw] image # @return [::String] # Optional. A Docker container image that defines a custom environment. # # Cloud Workstations provides a number of # [preconfigured # images](https://cloud.google.com/workstations/docs/preconfigured-base-images), # but you can create your own # [custom container # images](https://cloud.google.com/workstations/docs/custom-container-images). # If using a private image, the `host.gceInstance.serviceAccount` field # must be specified in the workstation configuration and must have # permission to pull the specified image. Otherwise, the image must be # publicly accessible. # @!attribute [rw] command # @return [::Array<::String>] # Optional. If set, overrides the default ENTRYPOINT specified by the # image. # @!attribute [rw] args # @return [::Array<::String>] # Optional. Arguments passed to the entrypoint. # @!attribute [rw] env # @return [::Google::Protobuf::Map{::String => ::String}] # Optional. Environment variables passed to the container's entrypoint. # @!attribute [rw] working_dir # @return [::String] # Optional. If set, overrides the default DIR specified by the image. # @!attribute [rw] run_as_user # @return [::Integer] # Optional. If set, overrides the USER specified in the image with the # given uid. class Container include ::Google::Protobuf::MessageExts extend ::Google::Protobuf::MessageExts::ClassMethods # @!attribute [rw] key # @return [::String] # @!attribute [rw] value # @return [::String] class EnvEntry include ::Google::Protobuf::MessageExts extend ::Google::Protobuf::MessageExts::ClassMethods end end # A customer-managed encryption key (CMEK) for the Compute Engine # resources of the associated workstation configuration. Specify the name of # your Cloud KMS encryption key and the default service account. # We recommend that you use a separate service account and follow # [Cloud KMS best # practices](https://cloud.google.com/kms/docs/separation-of-duties). # @!attribute [rw] kms_key # @return [::String] # Immutable. The name of the Google Cloud KMS encryption key. For example, # `"projects/PROJECT_ID/locations/REGION/keyRings/KEY_RING/cryptoKeys/KEY_NAME"`. # The key must be in the same region as the workstation configuration. # @!attribute [rw] kms_key_service_account # @return [::String] # Immutable. The service account to use with the specified # KMS key. We recommend that you use a separate service account # and follow KMS best practices. For more information, see # [Separation of # duties](https://cloud.google.com/kms/docs/separation-of-duties) and # `gcloud kms keys add-iam-policy-binding` # [`--member`](https://cloud.google.com/sdk/gcloud/reference/kms/keys/add-iam-policy-binding#--member). class CustomerEncryptionKey include ::Google::Protobuf::MessageExts extend ::Google::Protobuf::MessageExts::ClassMethods end # A readiness check to be performed on a workstation. # @!attribute [rw] path # @return [::String] # Optional. Path to which the request should be sent. # @!attribute [rw] port # @return [::Integer] # Optional. Port to which the request should be sent. class ReadinessCheck include ::Google::Protobuf::MessageExts extend ::Google::Protobuf::MessageExts::ClassMethods end # @!attribute [rw] key # @return [::String] # @!attribute [rw] value # @return [::String] class AnnotationsEntry include ::Google::Protobuf::MessageExts extend ::Google::Protobuf::MessageExts::ClassMethods end # @!attribute [rw] key # @return [::String] # @!attribute [rw] value # @return [::String] class LabelsEntry include ::Google::Protobuf::MessageExts extend ::Google::Protobuf::MessageExts::ClassMethods end end |
#create_time ⇒ ::Google::Protobuf::Timestamp (readonly)
Returns Output only. Time when this workstation configuration was created.
279 280 281 282 283 284 285 286 287 288 289 290 291 292 293 294 295 296 297 298 299 300 301 302 303 304 305 306 307 308 309 310 311 312 313 314 315 316 317 318 319 320 321 322 323 324 325 326 327 328 329 330 331 332 333 334 335 336 337 338 339 340 341 342 343 344 345 346 347 348 349 350 351 352 353 354 355 356 357 358 359 360 361 362 363 364 365 366 367 368 369 370 371 372 373 374 375 376 377 378 379 380 381 382 383 384 385 386 387 388 389 390 391 392 393 394 395 396 397 398 399 400 401 402 403 404 405 406 407 408 409 410 411 412 413 414 415 416 417 418 419 420 421 422 423 424 425 426 427 428 429 430 431 432 433 434 435 436 437 438 439 440 441 442 443 444 445 446 447 448 449 450 451 452 453 454 455 456 457 458 459 460 461 462 463 464 465 466 467 468 469 470 471 472 473 474 475 476 477 478 479 480 481 482 483 484 485 486 487 488 489 490 491 492 493 494 495 496 497 498 499 500 501 502 503 504 505 506 507 508 509 510 511 512 513 514 515 516 517 518 519 520 521 522 523 524 525 526 527 528 529 530 531 532 533 534 535 536 537 538 539 540 541 542 543 544 545 546 547 548 549 550 551 552 553 554 555 556 557 558 559 560 561 562 563 564 565 566 567 568 569 570 571 572 573 574 575 576 577 578 579 580 581 582 583 584 585 586 587 588 589 590 591 592 593 594 595 596 597 598 599 600 601 602 603 604 605 606 |
# File 'proto_docs/google/cloud/workstations/v1/workstations.rb', line 279 class WorkstationConfig include ::Google::Protobuf::MessageExts extend ::Google::Protobuf::MessageExts::ClassMethods # Runtime host for a workstation. # @!attribute [rw] gce_instance # @return [::Google::Cloud::Workstations::V1::WorkstationConfig::Host::GceInstance] # Specifies a Compute Engine instance as the host. class Host include ::Google::Protobuf::MessageExts extend ::Google::Protobuf::MessageExts::ClassMethods # A runtime using a Compute Engine instance. # @!attribute [rw] machine_type # @return [::String] # Optional. The type of machine to use for VM instances—for example, # `"e2-standard-4"`. For more information about machine types that # Cloud Workstations supports, see the list of # [available machine # types](https://cloud.google.com/workstations/docs/available-machine-types). # @!attribute [rw] service_account # @return [::String] # Optional. The email address of the service account for Cloud # Workstations VMs created with this configuration. When specified, be # sure that the service account has `logginglogEntries.create` permission # on the project so it can write logs out to Cloud Logging. If using a # custom container image, the service account must have permissions to # pull the specified image. # # If you as the administrator want to be able to `ssh` into the # underlying VM, you need to set this value to a service account # for which you have the `iam.serviceAccounts.actAs` permission. # Conversely, if you don't want anyone to be able to `ssh` into the # underlying VM, use a service account where no one has that # permission. # # If not set, VMs run with a service account provided by the # Cloud Workstations service, and the image must be publicly # accessible. # @!attribute [rw] service_account_scopes # @return [::Array<::String>] # Optional. Scopes to grant to the # {::Google::Cloud::Workstations::V1::WorkstationConfig::Host::GceInstance#service_account service_account}. # Various scopes are automatically added based on feature usage. When # specified, users of workstations under this configuration must have # `iam.serviceAccounts.actAs` on the service account. # @!attribute [rw] tags # @return [::Array<::String>] # Optional. Network tags to add to the Compute Engine VMs backing the # workstations. This option applies # [network # tags](https://cloud.google.com/vpc/docs/add-remove-network-tags) to VMs # created with this configuration. These network tags enable the creation # of [firewall # rules](https://cloud.google.com/workstations/docs/configure-firewall-rules). # @!attribute [rw] pool_size # @return [::Integer] # Optional. The number of VMs that the system should keep idle so that # new workstations can be started quickly for new users. Defaults to `0` # in the API. # @!attribute [r] pooled_instances # @return [::Integer] # Output only. Number of instances currently available in the pool for # faster workstation startup. # @!attribute [rw] disable_public_ip_addresses # @return [::Boolean] # Optional. When set to true, disables public IP addresses for VMs. If # you disable public IP addresses, you must set up Private Google Access # or Cloud NAT on your network. If you use Private Google Access and you # use `private.googleapis.com` or `restricted.googleapis.com` for # Container Registry and Artifact Registry, make sure that you set # up DNS records for domains `*.gcr.io` and `*.pkg.dev`. # Defaults to false (VMs have public IP addresses). # @!attribute [rw] enable_nested_virtualization # @return [::Boolean] # Optional. Whether to enable nested virtualization on Cloud Workstations # VMs created under this workstation configuration. # # Nested virtualization lets you run virtual machine (VM) instances # inside your workstation. Before enabling nested virtualization, # consider the following important considerations. Cloud Workstations # instances are subject to the [same restrictions as Compute Engine # instances](https://cloud.google.com/compute/docs/instances/nested-virtualization/overview#restrictions): # # * **Organization policy**: projects, folders, or # organizations may be restricted from creating nested VMs if the # **Disable VM nested virtualization** constraint is enforced in # the organization policy. For more information, see the # Compute Engine section, # [Checking whether nested virtualization is # allowed](https://cloud.google.com/compute/docs/instances/nested-virtualization/managing-constraint#checking_whether_nested_virtualization_is_allowed). # * **Performance**: nested VMs might experience a 10% or greater # decrease in performance for workloads that are CPU-bound and # possibly greater than a 10% decrease for workloads that are # input/output bound. # * **Machine Type**: nested virtualization can only be enabled on # workstation configurations that specify a # {::Google::Cloud::Workstations::V1::WorkstationConfig::Host::GceInstance#machine_type machine_type} # in the N1 or N2 machine series. # * **GPUs**: nested virtualization may not be enabled on workstation # configurations with accelerators. # * **Operating System**: Because # [Container-Optimized # OS](https://cloud.google.com/compute/docs/images/os-details#container-optimized_os_cos) # does not support nested virtualization, when nested virtualization is # enabled, the underlying Compute Engine VM instances boot from an # [Ubuntu # LTS](https://cloud.google.com/compute/docs/images/os-details#ubuntu_lts) # image. # @!attribute [rw] shielded_instance_config # @return [::Google::Cloud::Workstations::V1::WorkstationConfig::Host::GceInstance::GceShieldedInstanceConfig] # Optional. A set of Compute Engine Shielded instance options. # @!attribute [rw] confidential_instance_config # @return [::Google::Cloud::Workstations::V1::WorkstationConfig::Host::GceInstance::GceConfidentialInstanceConfig] # Optional. A set of Compute Engine Confidential VM instance options. # @!attribute [rw] boot_disk_size_gb # @return [::Integer] # Optional. The size of the boot disk for the VM in gigabytes (GB). # The minimum boot disk size is `30` GB. Defaults to `50` GB. class GceInstance include ::Google::Protobuf::MessageExts extend ::Google::Protobuf::MessageExts::ClassMethods # A set of Compute Engine Shielded instance options. # @!attribute [rw] enable_secure_boot # @return [::Boolean] # Optional. Whether the instance has Secure Boot enabled. # @!attribute [rw] enable_vtpm # @return [::Boolean] # Optional. Whether the instance has the vTPM enabled. # @!attribute [rw] enable_integrity_monitoring # @return [::Boolean] # Optional. Whether the instance has integrity monitoring enabled. class GceShieldedInstanceConfig include ::Google::Protobuf::MessageExts extend ::Google::Protobuf::MessageExts::ClassMethods end # A set of Compute Engine Confidential VM instance options. # @!attribute [rw] enable_confidential_compute # @return [::Boolean] # Optional. Whether the instance has confidential compute enabled. class GceConfidentialInstanceConfig include ::Google::Protobuf::MessageExts extend ::Google::Protobuf::MessageExts::ClassMethods end end end # A directory to persist across workstation sessions. # @!attribute [rw] gce_pd # @return [::Google::Cloud::Workstations::V1::WorkstationConfig::PersistentDirectory::GceRegionalPersistentDisk] # A PersistentDirectory backed by a Compute Engine persistent disk. # @!attribute [rw] mount_path # @return [::String] # Optional. Location of this directory in the running workstation. class PersistentDirectory include ::Google::Protobuf::MessageExts extend ::Google::Protobuf::MessageExts::ClassMethods # A PersistentDirectory backed by a Compute Engine regional persistent # disk. The # {::Google::Cloud::Workstations::V1::WorkstationConfig#persistent_directories persistent_directories} # field is repeated, but it may contain only one entry. It creates a # [persistent # disk](https://cloud.google.com/compute/docs/disks/persistent-disks) that # mounts to the workstation VM at `/home` when the session starts and # detaches when the session ends. If this field is empty, workstations # created with this configuration do not have a persistent home # directory. # @!attribute [rw] size_gb # @return [::Integer] # Optional. The GB capacity of a persistent home directory for each # workstation created with this configuration. Must be empty if # {::Google::Cloud::Workstations::V1::WorkstationConfig::PersistentDirectory::GceRegionalPersistentDisk#source_snapshot source_snapshot} # is set. # # Valid values are `10`, `50`, `100`, `200`, `500`, or `1000`. # Defaults to `200`. If less than `200` GB, the # {::Google::Cloud::Workstations::V1::WorkstationConfig::PersistentDirectory::GceRegionalPersistentDisk#disk_type disk_type} # must be # `"pd-balanced"` or `"pd-ssd"`. # @!attribute [rw] fs_type # @return [::String] # Optional. Type of file system that the disk should be formatted with. # The workstation image must support this file system type. Must be empty # if # {::Google::Cloud::Workstations::V1::WorkstationConfig::PersistentDirectory::GceRegionalPersistentDisk#source_snapshot source_snapshot} # is set. Defaults to `"ext4"`. # @!attribute [rw] disk_type # @return [::String] # Optional. The [type of the persistent # disk](https://cloud.google.com/compute/docs/disks#disk-types) for the # home directory. Defaults to `"pd-standard"`. # @!attribute [rw] source_snapshot # @return [::String] # Optional. Name of the snapshot to use as the source for the disk. If # set, # {::Google::Cloud::Workstations::V1::WorkstationConfig::PersistentDirectory::GceRegionalPersistentDisk#size_gb size_gb} # and # {::Google::Cloud::Workstations::V1::WorkstationConfig::PersistentDirectory::GceRegionalPersistentDisk#fs_type fs_type} # must be empty. # @!attribute [rw] reclaim_policy # @return [::Google::Cloud::Workstations::V1::WorkstationConfig::PersistentDirectory::GceRegionalPersistentDisk::ReclaimPolicy] # Optional. Whether the persistent disk should be deleted when the # workstation is deleted. Valid values are `DELETE` and `RETAIN`. # Defaults to `DELETE`. class GceRegionalPersistentDisk include ::Google::Protobuf::MessageExts extend ::Google::Protobuf::MessageExts::ClassMethods # Value representing what should happen to the disk after the workstation # is deleted. module ReclaimPolicy # Do not use. RECLAIM_POLICY_UNSPECIFIED = 0 # Delete the persistent disk when deleting the workstation. DELETE = 1 # Keep the persistent disk when deleting the workstation. # An administrator must manually delete the disk. RETAIN = 2 end end end # A Docker container. # @!attribute [rw] image # @return [::String] # Optional. A Docker container image that defines a custom environment. # # Cloud Workstations provides a number of # [preconfigured # images](https://cloud.google.com/workstations/docs/preconfigured-base-images), # but you can create your own # [custom container # images](https://cloud.google.com/workstations/docs/custom-container-images). # If using a private image, the `host.gceInstance.serviceAccount` field # must be specified in the workstation configuration and must have # permission to pull the specified image. Otherwise, the image must be # publicly accessible. # @!attribute [rw] command # @return [::Array<::String>] # Optional. If set, overrides the default ENTRYPOINT specified by the # image. # @!attribute [rw] args # @return [::Array<::String>] # Optional. Arguments passed to the entrypoint. # @!attribute [rw] env # @return [::Google::Protobuf::Map{::String => ::String}] # Optional. Environment variables passed to the container's entrypoint. # @!attribute [rw] working_dir # @return [::String] # Optional. If set, overrides the default DIR specified by the image. # @!attribute [rw] run_as_user # @return [::Integer] # Optional. If set, overrides the USER specified in the image with the # given uid. class Container include ::Google::Protobuf::MessageExts extend ::Google::Protobuf::MessageExts::ClassMethods # @!attribute [rw] key # @return [::String] # @!attribute [rw] value # @return [::String] class EnvEntry include ::Google::Protobuf::MessageExts extend ::Google::Protobuf::MessageExts::ClassMethods end end # A customer-managed encryption key (CMEK) for the Compute Engine # resources of the associated workstation configuration. Specify the name of # your Cloud KMS encryption key and the default service account. # We recommend that you use a separate service account and follow # [Cloud KMS best # practices](https://cloud.google.com/kms/docs/separation-of-duties). # @!attribute [rw] kms_key # @return [::String] # Immutable. The name of the Google Cloud KMS encryption key. For example, # `"projects/PROJECT_ID/locations/REGION/keyRings/KEY_RING/cryptoKeys/KEY_NAME"`. # The key must be in the same region as the workstation configuration. # @!attribute [rw] kms_key_service_account # @return [::String] # Immutable. The service account to use with the specified # KMS key. We recommend that you use a separate service account # and follow KMS best practices. For more information, see # [Separation of # duties](https://cloud.google.com/kms/docs/separation-of-duties) and # `gcloud kms keys add-iam-policy-binding` # [`--member`](https://cloud.google.com/sdk/gcloud/reference/kms/keys/add-iam-policy-binding#--member). class CustomerEncryptionKey include ::Google::Protobuf::MessageExts extend ::Google::Protobuf::MessageExts::ClassMethods end # A readiness check to be performed on a workstation. # @!attribute [rw] path # @return [::String] # Optional. Path to which the request should be sent. # @!attribute [rw] port # @return [::Integer] # Optional. Port to which the request should be sent. class ReadinessCheck include ::Google::Protobuf::MessageExts extend ::Google::Protobuf::MessageExts::ClassMethods end # @!attribute [rw] key # @return [::String] # @!attribute [rw] value # @return [::String] class AnnotationsEntry include ::Google::Protobuf::MessageExts extend ::Google::Protobuf::MessageExts::ClassMethods end # @!attribute [rw] key # @return [::String] # @!attribute [rw] value # @return [::String] class LabelsEntry include ::Google::Protobuf::MessageExts extend ::Google::Protobuf::MessageExts::ClassMethods end end |
#degraded ⇒ ::Boolean (readonly)
Returns Output only. Whether this resource is degraded, in which case it may require user action to restore full functionality. See also the conditions field.
279 280 281 282 283 284 285 286 287 288 289 290 291 292 293 294 295 296 297 298 299 300 301 302 303 304 305 306 307 308 309 310 311 312 313 314 315 316 317 318 319 320 321 322 323 324 325 326 327 328 329 330 331 332 333 334 335 336 337 338 339 340 341 342 343 344 345 346 347 348 349 350 351 352 353 354 355 356 357 358 359 360 361 362 363 364 365 366 367 368 369 370 371 372 373 374 375 376 377 378 379 380 381 382 383 384 385 386 387 388 389 390 391 392 393 394 395 396 397 398 399 400 401 402 403 404 405 406 407 408 409 410 411 412 413 414 415 416 417 418 419 420 421 422 423 424 425 426 427 428 429 430 431 432 433 434 435 436 437 438 439 440 441 442 443 444 445 446 447 448 449 450 451 452 453 454 455 456 457 458 459 460 461 462 463 464 465 466 467 468 469 470 471 472 473 474 475 476 477 478 479 480 481 482 483 484 485 486 487 488 489 490 491 492 493 494 495 496 497 498 499 500 501 502 503 504 505 506 507 508 509 510 511 512 513 514 515 516 517 518 519 520 521 522 523 524 525 526 527 528 529 530 531 532 533 534 535 536 537 538 539 540 541 542 543 544 545 546 547 548 549 550 551 552 553 554 555 556 557 558 559 560 561 562 563 564 565 566 567 568 569 570 571 572 573 574 575 576 577 578 579 580 581 582 583 584 585 586 587 588 589 590 591 592 593 594 595 596 597 598 599 600 601 602 603 604 605 606 |
# File 'proto_docs/google/cloud/workstations/v1/workstations.rb', line 279 class WorkstationConfig include ::Google::Protobuf::MessageExts extend ::Google::Protobuf::MessageExts::ClassMethods # Runtime host for a workstation. # @!attribute [rw] gce_instance # @return [::Google::Cloud::Workstations::V1::WorkstationConfig::Host::GceInstance] # Specifies a Compute Engine instance as the host. class Host include ::Google::Protobuf::MessageExts extend ::Google::Protobuf::MessageExts::ClassMethods # A runtime using a Compute Engine instance. # @!attribute [rw] machine_type # @return [::String] # Optional. The type of machine to use for VM instances—for example, # `"e2-standard-4"`. For more information about machine types that # Cloud Workstations supports, see the list of # [available machine # types](https://cloud.google.com/workstations/docs/available-machine-types). # @!attribute [rw] service_account # @return [::String] # Optional. The email address of the service account for Cloud # Workstations VMs created with this configuration. When specified, be # sure that the service account has `logginglogEntries.create` permission # on the project so it can write logs out to Cloud Logging. If using a # custom container image, the service account must have permissions to # pull the specified image. # # If you as the administrator want to be able to `ssh` into the # underlying VM, you need to set this value to a service account # for which you have the `iam.serviceAccounts.actAs` permission. # Conversely, if you don't want anyone to be able to `ssh` into the # underlying VM, use a service account where no one has that # permission. # # If not set, VMs run with a service account provided by the # Cloud Workstations service, and the image must be publicly # accessible. # @!attribute [rw] service_account_scopes # @return [::Array<::String>] # Optional. Scopes to grant to the # {::Google::Cloud::Workstations::V1::WorkstationConfig::Host::GceInstance#service_account service_account}. # Various scopes are automatically added based on feature usage. When # specified, users of workstations under this configuration must have # `iam.serviceAccounts.actAs` on the service account. # @!attribute [rw] tags # @return [::Array<::String>] # Optional. Network tags to add to the Compute Engine VMs backing the # workstations. This option applies # [network # tags](https://cloud.google.com/vpc/docs/add-remove-network-tags) to VMs # created with this configuration. These network tags enable the creation # of [firewall # rules](https://cloud.google.com/workstations/docs/configure-firewall-rules). # @!attribute [rw] pool_size # @return [::Integer] # Optional. The number of VMs that the system should keep idle so that # new workstations can be started quickly for new users. Defaults to `0` # in the API. # @!attribute [r] pooled_instances # @return [::Integer] # Output only. Number of instances currently available in the pool for # faster workstation startup. # @!attribute [rw] disable_public_ip_addresses # @return [::Boolean] # Optional. When set to true, disables public IP addresses for VMs. If # you disable public IP addresses, you must set up Private Google Access # or Cloud NAT on your network. If you use Private Google Access and you # use `private.googleapis.com` or `restricted.googleapis.com` for # Container Registry and Artifact Registry, make sure that you set # up DNS records for domains `*.gcr.io` and `*.pkg.dev`. # Defaults to false (VMs have public IP addresses). # @!attribute [rw] enable_nested_virtualization # @return [::Boolean] # Optional. Whether to enable nested virtualization on Cloud Workstations # VMs created under this workstation configuration. # # Nested virtualization lets you run virtual machine (VM) instances # inside your workstation. Before enabling nested virtualization, # consider the following important considerations. Cloud Workstations # instances are subject to the [same restrictions as Compute Engine # instances](https://cloud.google.com/compute/docs/instances/nested-virtualization/overview#restrictions): # # * **Organization policy**: projects, folders, or # organizations may be restricted from creating nested VMs if the # **Disable VM nested virtualization** constraint is enforced in # the organization policy. For more information, see the # Compute Engine section, # [Checking whether nested virtualization is # allowed](https://cloud.google.com/compute/docs/instances/nested-virtualization/managing-constraint#checking_whether_nested_virtualization_is_allowed). # * **Performance**: nested VMs might experience a 10% or greater # decrease in performance for workloads that are CPU-bound and # possibly greater than a 10% decrease for workloads that are # input/output bound. # * **Machine Type**: nested virtualization can only be enabled on # workstation configurations that specify a # {::Google::Cloud::Workstations::V1::WorkstationConfig::Host::GceInstance#machine_type machine_type} # in the N1 or N2 machine series. # * **GPUs**: nested virtualization may not be enabled on workstation # configurations with accelerators. # * **Operating System**: Because # [Container-Optimized # OS](https://cloud.google.com/compute/docs/images/os-details#container-optimized_os_cos) # does not support nested virtualization, when nested virtualization is # enabled, the underlying Compute Engine VM instances boot from an # [Ubuntu # LTS](https://cloud.google.com/compute/docs/images/os-details#ubuntu_lts) # image. # @!attribute [rw] shielded_instance_config # @return [::Google::Cloud::Workstations::V1::WorkstationConfig::Host::GceInstance::GceShieldedInstanceConfig] # Optional. A set of Compute Engine Shielded instance options. # @!attribute [rw] confidential_instance_config # @return [::Google::Cloud::Workstations::V1::WorkstationConfig::Host::GceInstance::GceConfidentialInstanceConfig] # Optional. A set of Compute Engine Confidential VM instance options. # @!attribute [rw] boot_disk_size_gb # @return [::Integer] # Optional. The size of the boot disk for the VM in gigabytes (GB). # The minimum boot disk size is `30` GB. Defaults to `50` GB. class GceInstance include ::Google::Protobuf::MessageExts extend ::Google::Protobuf::MessageExts::ClassMethods # A set of Compute Engine Shielded instance options. # @!attribute [rw] enable_secure_boot # @return [::Boolean] # Optional. Whether the instance has Secure Boot enabled. # @!attribute [rw] enable_vtpm # @return [::Boolean] # Optional. Whether the instance has the vTPM enabled. # @!attribute [rw] enable_integrity_monitoring # @return [::Boolean] # Optional. Whether the instance has integrity monitoring enabled. class GceShieldedInstanceConfig include ::Google::Protobuf::MessageExts extend ::Google::Protobuf::MessageExts::ClassMethods end # A set of Compute Engine Confidential VM instance options. # @!attribute [rw] enable_confidential_compute # @return [::Boolean] # Optional. Whether the instance has confidential compute enabled. class GceConfidentialInstanceConfig include ::Google::Protobuf::MessageExts extend ::Google::Protobuf::MessageExts::ClassMethods end end end # A directory to persist across workstation sessions. # @!attribute [rw] gce_pd # @return [::Google::Cloud::Workstations::V1::WorkstationConfig::PersistentDirectory::GceRegionalPersistentDisk] # A PersistentDirectory backed by a Compute Engine persistent disk. # @!attribute [rw] mount_path # @return [::String] # Optional. Location of this directory in the running workstation. class PersistentDirectory include ::Google::Protobuf::MessageExts extend ::Google::Protobuf::MessageExts::ClassMethods # A PersistentDirectory backed by a Compute Engine regional persistent # disk. The # {::Google::Cloud::Workstations::V1::WorkstationConfig#persistent_directories persistent_directories} # field is repeated, but it may contain only one entry. It creates a # [persistent # disk](https://cloud.google.com/compute/docs/disks/persistent-disks) that # mounts to the workstation VM at `/home` when the session starts and # detaches when the session ends. If this field is empty, workstations # created with this configuration do not have a persistent home # directory. # @!attribute [rw] size_gb # @return [::Integer] # Optional. The GB capacity of a persistent home directory for each # workstation created with this configuration. Must be empty if # {::Google::Cloud::Workstations::V1::WorkstationConfig::PersistentDirectory::GceRegionalPersistentDisk#source_snapshot source_snapshot} # is set. # # Valid values are `10`, `50`, `100`, `200`, `500`, or `1000`. # Defaults to `200`. If less than `200` GB, the # {::Google::Cloud::Workstations::V1::WorkstationConfig::PersistentDirectory::GceRegionalPersistentDisk#disk_type disk_type} # must be # `"pd-balanced"` or `"pd-ssd"`. # @!attribute [rw] fs_type # @return [::String] # Optional. Type of file system that the disk should be formatted with. # The workstation image must support this file system type. Must be empty # if # {::Google::Cloud::Workstations::V1::WorkstationConfig::PersistentDirectory::GceRegionalPersistentDisk#source_snapshot source_snapshot} # is set. Defaults to `"ext4"`. # @!attribute [rw] disk_type # @return [::String] # Optional. The [type of the persistent # disk](https://cloud.google.com/compute/docs/disks#disk-types) for the # home directory. Defaults to `"pd-standard"`. # @!attribute [rw] source_snapshot # @return [::String] # Optional. Name of the snapshot to use as the source for the disk. If # set, # {::Google::Cloud::Workstations::V1::WorkstationConfig::PersistentDirectory::GceRegionalPersistentDisk#size_gb size_gb} # and # {::Google::Cloud::Workstations::V1::WorkstationConfig::PersistentDirectory::GceRegionalPersistentDisk#fs_type fs_type} # must be empty. # @!attribute [rw] reclaim_policy # @return [::Google::Cloud::Workstations::V1::WorkstationConfig::PersistentDirectory::GceRegionalPersistentDisk::ReclaimPolicy] # Optional. Whether the persistent disk should be deleted when the # workstation is deleted. Valid values are `DELETE` and `RETAIN`. # Defaults to `DELETE`. class GceRegionalPersistentDisk include ::Google::Protobuf::MessageExts extend ::Google::Protobuf::MessageExts::ClassMethods # Value representing what should happen to the disk after the workstation # is deleted. module ReclaimPolicy # Do not use. RECLAIM_POLICY_UNSPECIFIED = 0 # Delete the persistent disk when deleting the workstation. DELETE = 1 # Keep the persistent disk when deleting the workstation. # An administrator must manually delete the disk. RETAIN = 2 end end end # A Docker container. # @!attribute [rw] image # @return [::String] # Optional. A Docker container image that defines a custom environment. # # Cloud Workstations provides a number of # [preconfigured # images](https://cloud.google.com/workstations/docs/preconfigured-base-images), # but you can create your own # [custom container # images](https://cloud.google.com/workstations/docs/custom-container-images). # If using a private image, the `host.gceInstance.serviceAccount` field # must be specified in the workstation configuration and must have # permission to pull the specified image. Otherwise, the image must be # publicly accessible. # @!attribute [rw] command # @return [::Array<::String>] # Optional. If set, overrides the default ENTRYPOINT specified by the # image. # @!attribute [rw] args # @return [::Array<::String>] # Optional. Arguments passed to the entrypoint. # @!attribute [rw] env # @return [::Google::Protobuf::Map{::String => ::String}] # Optional. Environment variables passed to the container's entrypoint. # @!attribute [rw] working_dir # @return [::String] # Optional. If set, overrides the default DIR specified by the image. # @!attribute [rw] run_as_user # @return [::Integer] # Optional. If set, overrides the USER specified in the image with the # given uid. class Container include ::Google::Protobuf::MessageExts extend ::Google::Protobuf::MessageExts::ClassMethods # @!attribute [rw] key # @return [::String] # @!attribute [rw] value # @return [::String] class EnvEntry include ::Google::Protobuf::MessageExts extend ::Google::Protobuf::MessageExts::ClassMethods end end # A customer-managed encryption key (CMEK) for the Compute Engine # resources of the associated workstation configuration. Specify the name of # your Cloud KMS encryption key and the default service account. # We recommend that you use a separate service account and follow # [Cloud KMS best # practices](https://cloud.google.com/kms/docs/separation-of-duties). # @!attribute [rw] kms_key # @return [::String] # Immutable. The name of the Google Cloud KMS encryption key. For example, # `"projects/PROJECT_ID/locations/REGION/keyRings/KEY_RING/cryptoKeys/KEY_NAME"`. # The key must be in the same region as the workstation configuration. # @!attribute [rw] kms_key_service_account # @return [::String] # Immutable. The service account to use with the specified # KMS key. We recommend that you use a separate service account # and follow KMS best practices. For more information, see # [Separation of # duties](https://cloud.google.com/kms/docs/separation-of-duties) and # `gcloud kms keys add-iam-policy-binding` # [`--member`](https://cloud.google.com/sdk/gcloud/reference/kms/keys/add-iam-policy-binding#--member). class CustomerEncryptionKey include ::Google::Protobuf::MessageExts extend ::Google::Protobuf::MessageExts::ClassMethods end # A readiness check to be performed on a workstation. # @!attribute [rw] path # @return [::String] # Optional. Path to which the request should be sent. # @!attribute [rw] port # @return [::Integer] # Optional. Port to which the request should be sent. class ReadinessCheck include ::Google::Protobuf::MessageExts extend ::Google::Protobuf::MessageExts::ClassMethods end # @!attribute [rw] key # @return [::String] # @!attribute [rw] value # @return [::String] class AnnotationsEntry include ::Google::Protobuf::MessageExts extend ::Google::Protobuf::MessageExts::ClassMethods end # @!attribute [rw] key # @return [::String] # @!attribute [rw] value # @return [::String] class LabelsEntry include ::Google::Protobuf::MessageExts extend ::Google::Protobuf::MessageExts::ClassMethods end end |
#delete_time ⇒ ::Google::Protobuf::Timestamp (readonly)
Returns Output only. Time when this workstation configuration was soft-deleted.
279 280 281 282 283 284 285 286 287 288 289 290 291 292 293 294 295 296 297 298 299 300 301 302 303 304 305 306 307 308 309 310 311 312 313 314 315 316 317 318 319 320 321 322 323 324 325 326 327 328 329 330 331 332 333 334 335 336 337 338 339 340 341 342 343 344 345 346 347 348 349 350 351 352 353 354 355 356 357 358 359 360 361 362 363 364 365 366 367 368 369 370 371 372 373 374 375 376 377 378 379 380 381 382 383 384 385 386 387 388 389 390 391 392 393 394 395 396 397 398 399 400 401 402 403 404 405 406 407 408 409 410 411 412 413 414 415 416 417 418 419 420 421 422 423 424 425 426 427 428 429 430 431 432 433 434 435 436 437 438 439 440 441 442 443 444 445 446 447 448 449 450 451 452 453 454 455 456 457 458 459 460 461 462 463 464 465 466 467 468 469 470 471 472 473 474 475 476 477 478 479 480 481 482 483 484 485 486 487 488 489 490 491 492 493 494 495 496 497 498 499 500 501 502 503 504 505 506 507 508 509 510 511 512 513 514 515 516 517 518 519 520 521 522 523 524 525 526 527 528 529 530 531 532 533 534 535 536 537 538 539 540 541 542 543 544 545 546 547 548 549 550 551 552 553 554 555 556 557 558 559 560 561 562 563 564 565 566 567 568 569 570 571 572 573 574 575 576 577 578 579 580 581 582 583 584 585 586 587 588 589 590 591 592 593 594 595 596 597 598 599 600 601 602 603 604 605 606 |
# File 'proto_docs/google/cloud/workstations/v1/workstations.rb', line 279 class WorkstationConfig include ::Google::Protobuf::MessageExts extend ::Google::Protobuf::MessageExts::ClassMethods # Runtime host for a workstation. # @!attribute [rw] gce_instance # @return [::Google::Cloud::Workstations::V1::WorkstationConfig::Host::GceInstance] # Specifies a Compute Engine instance as the host. class Host include ::Google::Protobuf::MessageExts extend ::Google::Protobuf::MessageExts::ClassMethods # A runtime using a Compute Engine instance. # @!attribute [rw] machine_type # @return [::String] # Optional. The type of machine to use for VM instances—for example, # `"e2-standard-4"`. For more information about machine types that # Cloud Workstations supports, see the list of # [available machine # types](https://cloud.google.com/workstations/docs/available-machine-types). # @!attribute [rw] service_account # @return [::String] # Optional. The email address of the service account for Cloud # Workstations VMs created with this configuration. When specified, be # sure that the service account has `logginglogEntries.create` permission # on the project so it can write logs out to Cloud Logging. If using a # custom container image, the service account must have permissions to # pull the specified image. # # If you as the administrator want to be able to `ssh` into the # underlying VM, you need to set this value to a service account # for which you have the `iam.serviceAccounts.actAs` permission. # Conversely, if you don't want anyone to be able to `ssh` into the # underlying VM, use a service account where no one has that # permission. # # If not set, VMs run with a service account provided by the # Cloud Workstations service, and the image must be publicly # accessible. # @!attribute [rw] service_account_scopes # @return [::Array<::String>] # Optional. Scopes to grant to the # {::Google::Cloud::Workstations::V1::WorkstationConfig::Host::GceInstance#service_account service_account}. # Various scopes are automatically added based on feature usage. When # specified, users of workstations under this configuration must have # `iam.serviceAccounts.actAs` on the service account. # @!attribute [rw] tags # @return [::Array<::String>] # Optional. Network tags to add to the Compute Engine VMs backing the # workstations. This option applies # [network # tags](https://cloud.google.com/vpc/docs/add-remove-network-tags) to VMs # created with this configuration. These network tags enable the creation # of [firewall # rules](https://cloud.google.com/workstations/docs/configure-firewall-rules). # @!attribute [rw] pool_size # @return [::Integer] # Optional. The number of VMs that the system should keep idle so that # new workstations can be started quickly for new users. Defaults to `0` # in the API. # @!attribute [r] pooled_instances # @return [::Integer] # Output only. Number of instances currently available in the pool for # faster workstation startup. # @!attribute [rw] disable_public_ip_addresses # @return [::Boolean] # Optional. When set to true, disables public IP addresses for VMs. If # you disable public IP addresses, you must set up Private Google Access # or Cloud NAT on your network. If you use Private Google Access and you # use `private.googleapis.com` or `restricted.googleapis.com` for # Container Registry and Artifact Registry, make sure that you set # up DNS records for domains `*.gcr.io` and `*.pkg.dev`. # Defaults to false (VMs have public IP addresses). # @!attribute [rw] enable_nested_virtualization # @return [::Boolean] # Optional. Whether to enable nested virtualization on Cloud Workstations # VMs created under this workstation configuration. # # Nested virtualization lets you run virtual machine (VM) instances # inside your workstation. Before enabling nested virtualization, # consider the following important considerations. Cloud Workstations # instances are subject to the [same restrictions as Compute Engine # instances](https://cloud.google.com/compute/docs/instances/nested-virtualization/overview#restrictions): # # * **Organization policy**: projects, folders, or # organizations may be restricted from creating nested VMs if the # **Disable VM nested virtualization** constraint is enforced in # the organization policy. For more information, see the # Compute Engine section, # [Checking whether nested virtualization is # allowed](https://cloud.google.com/compute/docs/instances/nested-virtualization/managing-constraint#checking_whether_nested_virtualization_is_allowed). # * **Performance**: nested VMs might experience a 10% or greater # decrease in performance for workloads that are CPU-bound and # possibly greater than a 10% decrease for workloads that are # input/output bound. # * **Machine Type**: nested virtualization can only be enabled on # workstation configurations that specify a # {::Google::Cloud::Workstations::V1::WorkstationConfig::Host::GceInstance#machine_type machine_type} # in the N1 or N2 machine series. # * **GPUs**: nested virtualization may not be enabled on workstation # configurations with accelerators. # * **Operating System**: Because # [Container-Optimized # OS](https://cloud.google.com/compute/docs/images/os-details#container-optimized_os_cos) # does not support nested virtualization, when nested virtualization is # enabled, the underlying Compute Engine VM instances boot from an # [Ubuntu # LTS](https://cloud.google.com/compute/docs/images/os-details#ubuntu_lts) # image. # @!attribute [rw] shielded_instance_config # @return [::Google::Cloud::Workstations::V1::WorkstationConfig::Host::GceInstance::GceShieldedInstanceConfig] # Optional. A set of Compute Engine Shielded instance options. # @!attribute [rw] confidential_instance_config # @return [::Google::Cloud::Workstations::V1::WorkstationConfig::Host::GceInstance::GceConfidentialInstanceConfig] # Optional. A set of Compute Engine Confidential VM instance options. # @!attribute [rw] boot_disk_size_gb # @return [::Integer] # Optional. The size of the boot disk for the VM in gigabytes (GB). # The minimum boot disk size is `30` GB. Defaults to `50` GB. class GceInstance include ::Google::Protobuf::MessageExts extend ::Google::Protobuf::MessageExts::ClassMethods # A set of Compute Engine Shielded instance options. # @!attribute [rw] enable_secure_boot # @return [::Boolean] # Optional. Whether the instance has Secure Boot enabled. # @!attribute [rw] enable_vtpm # @return [::Boolean] # Optional. Whether the instance has the vTPM enabled. # @!attribute [rw] enable_integrity_monitoring # @return [::Boolean] # Optional. Whether the instance has integrity monitoring enabled. class GceShieldedInstanceConfig include ::Google::Protobuf::MessageExts extend ::Google::Protobuf::MessageExts::ClassMethods end # A set of Compute Engine Confidential VM instance options. # @!attribute [rw] enable_confidential_compute # @return [::Boolean] # Optional. Whether the instance has confidential compute enabled. class GceConfidentialInstanceConfig include ::Google::Protobuf::MessageExts extend ::Google::Protobuf::MessageExts::ClassMethods end end end # A directory to persist across workstation sessions. # @!attribute [rw] gce_pd # @return [::Google::Cloud::Workstations::V1::WorkstationConfig::PersistentDirectory::GceRegionalPersistentDisk] # A PersistentDirectory backed by a Compute Engine persistent disk. # @!attribute [rw] mount_path # @return [::String] # Optional. Location of this directory in the running workstation. class PersistentDirectory include ::Google::Protobuf::MessageExts extend ::Google::Protobuf::MessageExts::ClassMethods # A PersistentDirectory backed by a Compute Engine regional persistent # disk. The # {::Google::Cloud::Workstations::V1::WorkstationConfig#persistent_directories persistent_directories} # field is repeated, but it may contain only one entry. It creates a # [persistent # disk](https://cloud.google.com/compute/docs/disks/persistent-disks) that # mounts to the workstation VM at `/home` when the session starts and # detaches when the session ends. If this field is empty, workstations # created with this configuration do not have a persistent home # directory. # @!attribute [rw] size_gb # @return [::Integer] # Optional. The GB capacity of a persistent home directory for each # workstation created with this configuration. Must be empty if # {::Google::Cloud::Workstations::V1::WorkstationConfig::PersistentDirectory::GceRegionalPersistentDisk#source_snapshot source_snapshot} # is set. # # Valid values are `10`, `50`, `100`, `200`, `500`, or `1000`. # Defaults to `200`. If less than `200` GB, the # {::Google::Cloud::Workstations::V1::WorkstationConfig::PersistentDirectory::GceRegionalPersistentDisk#disk_type disk_type} # must be # `"pd-balanced"` or `"pd-ssd"`. # @!attribute [rw] fs_type # @return [::String] # Optional. Type of file system that the disk should be formatted with. # The workstation image must support this file system type. Must be empty # if # {::Google::Cloud::Workstations::V1::WorkstationConfig::PersistentDirectory::GceRegionalPersistentDisk#source_snapshot source_snapshot} # is set. Defaults to `"ext4"`. # @!attribute [rw] disk_type # @return [::String] # Optional. The [type of the persistent # disk](https://cloud.google.com/compute/docs/disks#disk-types) for the # home directory. Defaults to `"pd-standard"`. # @!attribute [rw] source_snapshot # @return [::String] # Optional. Name of the snapshot to use as the source for the disk. If # set, # {::Google::Cloud::Workstations::V1::WorkstationConfig::PersistentDirectory::GceRegionalPersistentDisk#size_gb size_gb} # and # {::Google::Cloud::Workstations::V1::WorkstationConfig::PersistentDirectory::GceRegionalPersistentDisk#fs_type fs_type} # must be empty. # @!attribute [rw] reclaim_policy # @return [::Google::Cloud::Workstations::V1::WorkstationConfig::PersistentDirectory::GceRegionalPersistentDisk::ReclaimPolicy] # Optional. Whether the persistent disk should be deleted when the # workstation is deleted. Valid values are `DELETE` and `RETAIN`. # Defaults to `DELETE`. class GceRegionalPersistentDisk include ::Google::Protobuf::MessageExts extend ::Google::Protobuf::MessageExts::ClassMethods # Value representing what should happen to the disk after the workstation # is deleted. module ReclaimPolicy # Do not use. RECLAIM_POLICY_UNSPECIFIED = 0 # Delete the persistent disk when deleting the workstation. DELETE = 1 # Keep the persistent disk when deleting the workstation. # An administrator must manually delete the disk. RETAIN = 2 end end end # A Docker container. # @!attribute [rw] image # @return [::String] # Optional. A Docker container image that defines a custom environment. # # Cloud Workstations provides a number of # [preconfigured # images](https://cloud.google.com/workstations/docs/preconfigured-base-images), # but you can create your own # [custom container # images](https://cloud.google.com/workstations/docs/custom-container-images). # If using a private image, the `host.gceInstance.serviceAccount` field # must be specified in the workstation configuration and must have # permission to pull the specified image. Otherwise, the image must be # publicly accessible. # @!attribute [rw] command # @return [::Array<::String>] # Optional. If set, overrides the default ENTRYPOINT specified by the # image. # @!attribute [rw] args # @return [::Array<::String>] # Optional. Arguments passed to the entrypoint. # @!attribute [rw] env # @return [::Google::Protobuf::Map{::String => ::String}] # Optional. Environment variables passed to the container's entrypoint. # @!attribute [rw] working_dir # @return [::String] # Optional. If set, overrides the default DIR specified by the image. # @!attribute [rw] run_as_user # @return [::Integer] # Optional. If set, overrides the USER specified in the image with the # given uid. class Container include ::Google::Protobuf::MessageExts extend ::Google::Protobuf::MessageExts::ClassMethods # @!attribute [rw] key # @return [::String] # @!attribute [rw] value # @return [::String] class EnvEntry include ::Google::Protobuf::MessageExts extend ::Google::Protobuf::MessageExts::ClassMethods end end # A customer-managed encryption key (CMEK) for the Compute Engine # resources of the associated workstation configuration. Specify the name of # your Cloud KMS encryption key and the default service account. # We recommend that you use a separate service account and follow # [Cloud KMS best # practices](https://cloud.google.com/kms/docs/separation-of-duties). # @!attribute [rw] kms_key # @return [::String] # Immutable. The name of the Google Cloud KMS encryption key. For example, # `"projects/PROJECT_ID/locations/REGION/keyRings/KEY_RING/cryptoKeys/KEY_NAME"`. # The key must be in the same region as the workstation configuration. # @!attribute [rw] kms_key_service_account # @return [::String] # Immutable. The service account to use with the specified # KMS key. We recommend that you use a separate service account # and follow KMS best practices. For more information, see # [Separation of # duties](https://cloud.google.com/kms/docs/separation-of-duties) and # `gcloud kms keys add-iam-policy-binding` # [`--member`](https://cloud.google.com/sdk/gcloud/reference/kms/keys/add-iam-policy-binding#--member). class CustomerEncryptionKey include ::Google::Protobuf::MessageExts extend ::Google::Protobuf::MessageExts::ClassMethods end # A readiness check to be performed on a workstation. # @!attribute [rw] path # @return [::String] # Optional. Path to which the request should be sent. # @!attribute [rw] port # @return [::Integer] # Optional. Port to which the request should be sent. class ReadinessCheck include ::Google::Protobuf::MessageExts extend ::Google::Protobuf::MessageExts::ClassMethods end # @!attribute [rw] key # @return [::String] # @!attribute [rw] value # @return [::String] class AnnotationsEntry include ::Google::Protobuf::MessageExts extend ::Google::Protobuf::MessageExts::ClassMethods end # @!attribute [rw] key # @return [::String] # @!attribute [rw] value # @return [::String] class LabelsEntry include ::Google::Protobuf::MessageExts extend ::Google::Protobuf::MessageExts::ClassMethods end end |
#display_name ⇒ ::String
Returns Optional. Human-readable name for this workstation configuration.
279 280 281 282 283 284 285 286 287 288 289 290 291 292 293 294 295 296 297 298 299 300 301 302 303 304 305 306 307 308 309 310 311 312 313 314 315 316 317 318 319 320 321 322 323 324 325 326 327 328 329 330 331 332 333 334 335 336 337 338 339 340 341 342 343 344 345 346 347 348 349 350 351 352 353 354 355 356 357 358 359 360 361 362 363 364 365 366 367 368 369 370 371 372 373 374 375 376 377 378 379 380 381 382 383 384 385 386 387 388 389 390 391 392 393 394 395 396 397 398 399 400 401 402 403 404 405 406 407 408 409 410 411 412 413 414 415 416 417 418 419 420 421 422 423 424 425 426 427 428 429 430 431 432 433 434 435 436 437 438 439 440 441 442 443 444 445 446 447 448 449 450 451 452 453 454 455 456 457 458 459 460 461 462 463 464 465 466 467 468 469 470 471 472 473 474 475 476 477 478 479 480 481 482 483 484 485 486 487 488 489 490 491 492 493 494 495 496 497 498 499 500 501 502 503 504 505 506 507 508 509 510 511 512 513 514 515 516 517 518 519 520 521 522 523 524 525 526 527 528 529 530 531 532 533 534 535 536 537 538 539 540 541 542 543 544 545 546 547 548 549 550 551 552 553 554 555 556 557 558 559 560 561 562 563 564 565 566 567 568 569 570 571 572 573 574 575 576 577 578 579 580 581 582 583 584 585 586 587 588 589 590 591 592 593 594 595 596 597 598 599 600 601 602 603 604 605 606 |
# File 'proto_docs/google/cloud/workstations/v1/workstations.rb', line 279 class WorkstationConfig include ::Google::Protobuf::MessageExts extend ::Google::Protobuf::MessageExts::ClassMethods # Runtime host for a workstation. # @!attribute [rw] gce_instance # @return [::Google::Cloud::Workstations::V1::WorkstationConfig::Host::GceInstance] # Specifies a Compute Engine instance as the host. class Host include ::Google::Protobuf::MessageExts extend ::Google::Protobuf::MessageExts::ClassMethods # A runtime using a Compute Engine instance. # @!attribute [rw] machine_type # @return [::String] # Optional. The type of machine to use for VM instances—for example, # `"e2-standard-4"`. For more information about machine types that # Cloud Workstations supports, see the list of # [available machine # types](https://cloud.google.com/workstations/docs/available-machine-types). # @!attribute [rw] service_account # @return [::String] # Optional. The email address of the service account for Cloud # Workstations VMs created with this configuration. When specified, be # sure that the service account has `logginglogEntries.create` permission # on the project so it can write logs out to Cloud Logging. If using a # custom container image, the service account must have permissions to # pull the specified image. # # If you as the administrator want to be able to `ssh` into the # underlying VM, you need to set this value to a service account # for which you have the `iam.serviceAccounts.actAs` permission. # Conversely, if you don't want anyone to be able to `ssh` into the # underlying VM, use a service account where no one has that # permission. # # If not set, VMs run with a service account provided by the # Cloud Workstations service, and the image must be publicly # accessible. # @!attribute [rw] service_account_scopes # @return [::Array<::String>] # Optional. Scopes to grant to the # {::Google::Cloud::Workstations::V1::WorkstationConfig::Host::GceInstance#service_account service_account}. # Various scopes are automatically added based on feature usage. When # specified, users of workstations under this configuration must have # `iam.serviceAccounts.actAs` on the service account. # @!attribute [rw] tags # @return [::Array<::String>] # Optional. Network tags to add to the Compute Engine VMs backing the # workstations. This option applies # [network # tags](https://cloud.google.com/vpc/docs/add-remove-network-tags) to VMs # created with this configuration. These network tags enable the creation # of [firewall # rules](https://cloud.google.com/workstations/docs/configure-firewall-rules). # @!attribute [rw] pool_size # @return [::Integer] # Optional. The number of VMs that the system should keep idle so that # new workstations can be started quickly for new users. Defaults to `0` # in the API. # @!attribute [r] pooled_instances # @return [::Integer] # Output only. Number of instances currently available in the pool for # faster workstation startup. # @!attribute [rw] disable_public_ip_addresses # @return [::Boolean] # Optional. When set to true, disables public IP addresses for VMs. If # you disable public IP addresses, you must set up Private Google Access # or Cloud NAT on your network. If you use Private Google Access and you # use `private.googleapis.com` or `restricted.googleapis.com` for # Container Registry and Artifact Registry, make sure that you set # up DNS records for domains `*.gcr.io` and `*.pkg.dev`. # Defaults to false (VMs have public IP addresses). # @!attribute [rw] enable_nested_virtualization # @return [::Boolean] # Optional. Whether to enable nested virtualization on Cloud Workstations # VMs created under this workstation configuration. # # Nested virtualization lets you run virtual machine (VM) instances # inside your workstation. Before enabling nested virtualization, # consider the following important considerations. Cloud Workstations # instances are subject to the [same restrictions as Compute Engine # instances](https://cloud.google.com/compute/docs/instances/nested-virtualization/overview#restrictions): # # * **Organization policy**: projects, folders, or # organizations may be restricted from creating nested VMs if the # **Disable VM nested virtualization** constraint is enforced in # the organization policy. For more information, see the # Compute Engine section, # [Checking whether nested virtualization is # allowed](https://cloud.google.com/compute/docs/instances/nested-virtualization/managing-constraint#checking_whether_nested_virtualization_is_allowed). # * **Performance**: nested VMs might experience a 10% or greater # decrease in performance for workloads that are CPU-bound and # possibly greater than a 10% decrease for workloads that are # input/output bound. # * **Machine Type**: nested virtualization can only be enabled on # workstation configurations that specify a # {::Google::Cloud::Workstations::V1::WorkstationConfig::Host::GceInstance#machine_type machine_type} # in the N1 or N2 machine series. # * **GPUs**: nested virtualization may not be enabled on workstation # configurations with accelerators. # * **Operating System**: Because # [Container-Optimized # OS](https://cloud.google.com/compute/docs/images/os-details#container-optimized_os_cos) # does not support nested virtualization, when nested virtualization is # enabled, the underlying Compute Engine VM instances boot from an # [Ubuntu # LTS](https://cloud.google.com/compute/docs/images/os-details#ubuntu_lts) # image. # @!attribute [rw] shielded_instance_config # @return [::Google::Cloud::Workstations::V1::WorkstationConfig::Host::GceInstance::GceShieldedInstanceConfig] # Optional. A set of Compute Engine Shielded instance options. # @!attribute [rw] confidential_instance_config # @return [::Google::Cloud::Workstations::V1::WorkstationConfig::Host::GceInstance::GceConfidentialInstanceConfig] # Optional. A set of Compute Engine Confidential VM instance options. # @!attribute [rw] boot_disk_size_gb # @return [::Integer] # Optional. The size of the boot disk for the VM in gigabytes (GB). # The minimum boot disk size is `30` GB. Defaults to `50` GB. class GceInstance include ::Google::Protobuf::MessageExts extend ::Google::Protobuf::MessageExts::ClassMethods # A set of Compute Engine Shielded instance options. # @!attribute [rw] enable_secure_boot # @return [::Boolean] # Optional. Whether the instance has Secure Boot enabled. # @!attribute [rw] enable_vtpm # @return [::Boolean] # Optional. Whether the instance has the vTPM enabled. # @!attribute [rw] enable_integrity_monitoring # @return [::Boolean] # Optional. Whether the instance has integrity monitoring enabled. class GceShieldedInstanceConfig include ::Google::Protobuf::MessageExts extend ::Google::Protobuf::MessageExts::ClassMethods end # A set of Compute Engine Confidential VM instance options. # @!attribute [rw] enable_confidential_compute # @return [::Boolean] # Optional. Whether the instance has confidential compute enabled. class GceConfidentialInstanceConfig include ::Google::Protobuf::MessageExts extend ::Google::Protobuf::MessageExts::ClassMethods end end end # A directory to persist across workstation sessions. # @!attribute [rw] gce_pd # @return [::Google::Cloud::Workstations::V1::WorkstationConfig::PersistentDirectory::GceRegionalPersistentDisk] # A PersistentDirectory backed by a Compute Engine persistent disk. # @!attribute [rw] mount_path # @return [::String] # Optional. Location of this directory in the running workstation. class PersistentDirectory include ::Google::Protobuf::MessageExts extend ::Google::Protobuf::MessageExts::ClassMethods # A PersistentDirectory backed by a Compute Engine regional persistent # disk. The # {::Google::Cloud::Workstations::V1::WorkstationConfig#persistent_directories persistent_directories} # field is repeated, but it may contain only one entry. It creates a # [persistent # disk](https://cloud.google.com/compute/docs/disks/persistent-disks) that # mounts to the workstation VM at `/home` when the session starts and # detaches when the session ends. If this field is empty, workstations # created with this configuration do not have a persistent home # directory. # @!attribute [rw] size_gb # @return [::Integer] # Optional. The GB capacity of a persistent home directory for each # workstation created with this configuration. Must be empty if # {::Google::Cloud::Workstations::V1::WorkstationConfig::PersistentDirectory::GceRegionalPersistentDisk#source_snapshot source_snapshot} # is set. # # Valid values are `10`, `50`, `100`, `200`, `500`, or `1000`. # Defaults to `200`. If less than `200` GB, the # {::Google::Cloud::Workstations::V1::WorkstationConfig::PersistentDirectory::GceRegionalPersistentDisk#disk_type disk_type} # must be # `"pd-balanced"` or `"pd-ssd"`. # @!attribute [rw] fs_type # @return [::String] # Optional. Type of file system that the disk should be formatted with. # The workstation image must support this file system type. Must be empty # if # {::Google::Cloud::Workstations::V1::WorkstationConfig::PersistentDirectory::GceRegionalPersistentDisk#source_snapshot source_snapshot} # is set. Defaults to `"ext4"`. # @!attribute [rw] disk_type # @return [::String] # Optional. The [type of the persistent # disk](https://cloud.google.com/compute/docs/disks#disk-types) for the # home directory. Defaults to `"pd-standard"`. # @!attribute [rw] source_snapshot # @return [::String] # Optional. Name of the snapshot to use as the source for the disk. If # set, # {::Google::Cloud::Workstations::V1::WorkstationConfig::PersistentDirectory::GceRegionalPersistentDisk#size_gb size_gb} # and # {::Google::Cloud::Workstations::V1::WorkstationConfig::PersistentDirectory::GceRegionalPersistentDisk#fs_type fs_type} # must be empty. # @!attribute [rw] reclaim_policy # @return [::Google::Cloud::Workstations::V1::WorkstationConfig::PersistentDirectory::GceRegionalPersistentDisk::ReclaimPolicy] # Optional. Whether the persistent disk should be deleted when the # workstation is deleted. Valid values are `DELETE` and `RETAIN`. # Defaults to `DELETE`. class GceRegionalPersistentDisk include ::Google::Protobuf::MessageExts extend ::Google::Protobuf::MessageExts::ClassMethods # Value representing what should happen to the disk after the workstation # is deleted. module ReclaimPolicy # Do not use. RECLAIM_POLICY_UNSPECIFIED = 0 # Delete the persistent disk when deleting the workstation. DELETE = 1 # Keep the persistent disk when deleting the workstation. # An administrator must manually delete the disk. RETAIN = 2 end end end # A Docker container. # @!attribute [rw] image # @return [::String] # Optional. A Docker container image that defines a custom environment. # # Cloud Workstations provides a number of # [preconfigured # images](https://cloud.google.com/workstations/docs/preconfigured-base-images), # but you can create your own # [custom container # images](https://cloud.google.com/workstations/docs/custom-container-images). # If using a private image, the `host.gceInstance.serviceAccount` field # must be specified in the workstation configuration and must have # permission to pull the specified image. Otherwise, the image must be # publicly accessible. # @!attribute [rw] command # @return [::Array<::String>] # Optional. If set, overrides the default ENTRYPOINT specified by the # image. # @!attribute [rw] args # @return [::Array<::String>] # Optional. Arguments passed to the entrypoint. # @!attribute [rw] env # @return [::Google::Protobuf::Map{::String => ::String}] # Optional. Environment variables passed to the container's entrypoint. # @!attribute [rw] working_dir # @return [::String] # Optional. If set, overrides the default DIR specified by the image. # @!attribute [rw] run_as_user # @return [::Integer] # Optional. If set, overrides the USER specified in the image with the # given uid. class Container include ::Google::Protobuf::MessageExts extend ::Google::Protobuf::MessageExts::ClassMethods # @!attribute [rw] key # @return [::String] # @!attribute [rw] value # @return [::String] class EnvEntry include ::Google::Protobuf::MessageExts extend ::Google::Protobuf::MessageExts::ClassMethods end end # A customer-managed encryption key (CMEK) for the Compute Engine # resources of the associated workstation configuration. Specify the name of # your Cloud KMS encryption key and the default service account. # We recommend that you use a separate service account and follow # [Cloud KMS best # practices](https://cloud.google.com/kms/docs/separation-of-duties). # @!attribute [rw] kms_key # @return [::String] # Immutable. The name of the Google Cloud KMS encryption key. For example, # `"projects/PROJECT_ID/locations/REGION/keyRings/KEY_RING/cryptoKeys/KEY_NAME"`. # The key must be in the same region as the workstation configuration. # @!attribute [rw] kms_key_service_account # @return [::String] # Immutable. The service account to use with the specified # KMS key. We recommend that you use a separate service account # and follow KMS best practices. For more information, see # [Separation of # duties](https://cloud.google.com/kms/docs/separation-of-duties) and # `gcloud kms keys add-iam-policy-binding` # [`--member`](https://cloud.google.com/sdk/gcloud/reference/kms/keys/add-iam-policy-binding#--member). class CustomerEncryptionKey include ::Google::Protobuf::MessageExts extend ::Google::Protobuf::MessageExts::ClassMethods end # A readiness check to be performed on a workstation. # @!attribute [rw] path # @return [::String] # Optional. Path to which the request should be sent. # @!attribute [rw] port # @return [::Integer] # Optional. Port to which the request should be sent. class ReadinessCheck include ::Google::Protobuf::MessageExts extend ::Google::Protobuf::MessageExts::ClassMethods end # @!attribute [rw] key # @return [::String] # @!attribute [rw] value # @return [::String] class AnnotationsEntry include ::Google::Protobuf::MessageExts extend ::Google::Protobuf::MessageExts::ClassMethods end # @!attribute [rw] key # @return [::String] # @!attribute [rw] value # @return [::String] class LabelsEntry include ::Google::Protobuf::MessageExts extend ::Google::Protobuf::MessageExts::ClassMethods end end |
#encryption_key ⇒ ::Google::Cloud::Workstations::V1::WorkstationConfig::CustomerEncryptionKey
Returns Immutable. Encrypts resources of this workstation configuration using a customer-managed encryption key (CMEK).
If specified, the boot disk of the Compute Engine instance and the persistent disk are encrypted using this encryption key. If this field is not set, the disks are encrypted using a generated key. Customer-managed encryption keys do not protect disk metadata.
If the customer-managed encryption key is rotated, when the workstation instance is stopped, the system attempts to recreate the persistent disk with the new version of the key. Be sure to keep older versions of the key until the persistent disk is recreated. Otherwise, data on the persistent disk might be lost.
If the encryption key is revoked, the workstation session automatically stops within 7 hours.
Immutable after the workstation configuration is created.
279 280 281 282 283 284 285 286 287 288 289 290 291 292 293 294 295 296 297 298 299 300 301 302 303 304 305 306 307 308 309 310 311 312 313 314 315 316 317 318 319 320 321 322 323 324 325 326 327 328 329 330 331 332 333 334 335 336 337 338 339 340 341 342 343 344 345 346 347 348 349 350 351 352 353 354 355 356 357 358 359 360 361 362 363 364 365 366 367 368 369 370 371 372 373 374 375 376 377 378 379 380 381 382 383 384 385 386 387 388 389 390 391 392 393 394 395 396 397 398 399 400 401 402 403 404 405 406 407 408 409 410 411 412 413 414 415 416 417 418 419 420 421 422 423 424 425 426 427 428 429 430 431 432 433 434 435 436 437 438 439 440 441 442 443 444 445 446 447 448 449 450 451 452 453 454 455 456 457 458 459 460 461 462 463 464 465 466 467 468 469 470 471 472 473 474 475 476 477 478 479 480 481 482 483 484 485 486 487 488 489 490 491 492 493 494 495 496 497 498 499 500 501 502 503 504 505 506 507 508 509 510 511 512 513 514 515 516 517 518 519 520 521 522 523 524 525 526 527 528 529 530 531 532 533 534 535 536 537 538 539 540 541 542 543 544 545 546 547 548 549 550 551 552 553 554 555 556 557 558 559 560 561 562 563 564 565 566 567 568 569 570 571 572 573 574 575 576 577 578 579 580 581 582 583 584 585 586 587 588 589 590 591 592 593 594 595 596 597 598 599 600 601 602 603 604 605 606 |
# File 'proto_docs/google/cloud/workstations/v1/workstations.rb', line 279 class WorkstationConfig include ::Google::Protobuf::MessageExts extend ::Google::Protobuf::MessageExts::ClassMethods # Runtime host for a workstation. # @!attribute [rw] gce_instance # @return [::Google::Cloud::Workstations::V1::WorkstationConfig::Host::GceInstance] # Specifies a Compute Engine instance as the host. class Host include ::Google::Protobuf::MessageExts extend ::Google::Protobuf::MessageExts::ClassMethods # A runtime using a Compute Engine instance. # @!attribute [rw] machine_type # @return [::String] # Optional. The type of machine to use for VM instances—for example, # `"e2-standard-4"`. For more information about machine types that # Cloud Workstations supports, see the list of # [available machine # types](https://cloud.google.com/workstations/docs/available-machine-types). # @!attribute [rw] service_account # @return [::String] # Optional. The email address of the service account for Cloud # Workstations VMs created with this configuration. When specified, be # sure that the service account has `logginglogEntries.create` permission # on the project so it can write logs out to Cloud Logging. If using a # custom container image, the service account must have permissions to # pull the specified image. # # If you as the administrator want to be able to `ssh` into the # underlying VM, you need to set this value to a service account # for which you have the `iam.serviceAccounts.actAs` permission. # Conversely, if you don't want anyone to be able to `ssh` into the # underlying VM, use a service account where no one has that # permission. # # If not set, VMs run with a service account provided by the # Cloud Workstations service, and the image must be publicly # accessible. # @!attribute [rw] service_account_scopes # @return [::Array<::String>] # Optional. Scopes to grant to the # {::Google::Cloud::Workstations::V1::WorkstationConfig::Host::GceInstance#service_account service_account}. # Various scopes are automatically added based on feature usage. When # specified, users of workstations under this configuration must have # `iam.serviceAccounts.actAs` on the service account. # @!attribute [rw] tags # @return [::Array<::String>] # Optional. Network tags to add to the Compute Engine VMs backing the # workstations. This option applies # [network # tags](https://cloud.google.com/vpc/docs/add-remove-network-tags) to VMs # created with this configuration. These network tags enable the creation # of [firewall # rules](https://cloud.google.com/workstations/docs/configure-firewall-rules). # @!attribute [rw] pool_size # @return [::Integer] # Optional. The number of VMs that the system should keep idle so that # new workstations can be started quickly for new users. Defaults to `0` # in the API. # @!attribute [r] pooled_instances # @return [::Integer] # Output only. Number of instances currently available in the pool for # faster workstation startup. # @!attribute [rw] disable_public_ip_addresses # @return [::Boolean] # Optional. When set to true, disables public IP addresses for VMs. If # you disable public IP addresses, you must set up Private Google Access # or Cloud NAT on your network. If you use Private Google Access and you # use `private.googleapis.com` or `restricted.googleapis.com` for # Container Registry and Artifact Registry, make sure that you set # up DNS records for domains `*.gcr.io` and `*.pkg.dev`. # Defaults to false (VMs have public IP addresses). # @!attribute [rw] enable_nested_virtualization # @return [::Boolean] # Optional. Whether to enable nested virtualization on Cloud Workstations # VMs created under this workstation configuration. # # Nested virtualization lets you run virtual machine (VM) instances # inside your workstation. Before enabling nested virtualization, # consider the following important considerations. Cloud Workstations # instances are subject to the [same restrictions as Compute Engine # instances](https://cloud.google.com/compute/docs/instances/nested-virtualization/overview#restrictions): # # * **Organization policy**: projects, folders, or # organizations may be restricted from creating nested VMs if the # **Disable VM nested virtualization** constraint is enforced in # the organization policy. For more information, see the # Compute Engine section, # [Checking whether nested virtualization is # allowed](https://cloud.google.com/compute/docs/instances/nested-virtualization/managing-constraint#checking_whether_nested_virtualization_is_allowed). # * **Performance**: nested VMs might experience a 10% or greater # decrease in performance for workloads that are CPU-bound and # possibly greater than a 10% decrease for workloads that are # input/output bound. # * **Machine Type**: nested virtualization can only be enabled on # workstation configurations that specify a # {::Google::Cloud::Workstations::V1::WorkstationConfig::Host::GceInstance#machine_type machine_type} # in the N1 or N2 machine series. # * **GPUs**: nested virtualization may not be enabled on workstation # configurations with accelerators. # * **Operating System**: Because # [Container-Optimized # OS](https://cloud.google.com/compute/docs/images/os-details#container-optimized_os_cos) # does not support nested virtualization, when nested virtualization is # enabled, the underlying Compute Engine VM instances boot from an # [Ubuntu # LTS](https://cloud.google.com/compute/docs/images/os-details#ubuntu_lts) # image. # @!attribute [rw] shielded_instance_config # @return [::Google::Cloud::Workstations::V1::WorkstationConfig::Host::GceInstance::GceShieldedInstanceConfig] # Optional. A set of Compute Engine Shielded instance options. # @!attribute [rw] confidential_instance_config # @return [::Google::Cloud::Workstations::V1::WorkstationConfig::Host::GceInstance::GceConfidentialInstanceConfig] # Optional. A set of Compute Engine Confidential VM instance options. # @!attribute [rw] boot_disk_size_gb # @return [::Integer] # Optional. The size of the boot disk for the VM in gigabytes (GB). # The minimum boot disk size is `30` GB. Defaults to `50` GB. class GceInstance include ::Google::Protobuf::MessageExts extend ::Google::Protobuf::MessageExts::ClassMethods # A set of Compute Engine Shielded instance options. # @!attribute [rw] enable_secure_boot # @return [::Boolean] # Optional. Whether the instance has Secure Boot enabled. # @!attribute [rw] enable_vtpm # @return [::Boolean] # Optional. Whether the instance has the vTPM enabled. # @!attribute [rw] enable_integrity_monitoring # @return [::Boolean] # Optional. Whether the instance has integrity monitoring enabled. class GceShieldedInstanceConfig include ::Google::Protobuf::MessageExts extend ::Google::Protobuf::MessageExts::ClassMethods end # A set of Compute Engine Confidential VM instance options. # @!attribute [rw] enable_confidential_compute # @return [::Boolean] # Optional. Whether the instance has confidential compute enabled. class GceConfidentialInstanceConfig include ::Google::Protobuf::MessageExts extend ::Google::Protobuf::MessageExts::ClassMethods end end end # A directory to persist across workstation sessions. # @!attribute [rw] gce_pd # @return [::Google::Cloud::Workstations::V1::WorkstationConfig::PersistentDirectory::GceRegionalPersistentDisk] # A PersistentDirectory backed by a Compute Engine persistent disk. # @!attribute [rw] mount_path # @return [::String] # Optional. Location of this directory in the running workstation. class PersistentDirectory include ::Google::Protobuf::MessageExts extend ::Google::Protobuf::MessageExts::ClassMethods # A PersistentDirectory backed by a Compute Engine regional persistent # disk. The # {::Google::Cloud::Workstations::V1::WorkstationConfig#persistent_directories persistent_directories} # field is repeated, but it may contain only one entry. It creates a # [persistent # disk](https://cloud.google.com/compute/docs/disks/persistent-disks) that # mounts to the workstation VM at `/home` when the session starts and # detaches when the session ends. If this field is empty, workstations # created with this configuration do not have a persistent home # directory. # @!attribute [rw] size_gb # @return [::Integer] # Optional. The GB capacity of a persistent home directory for each # workstation created with this configuration. Must be empty if # {::Google::Cloud::Workstations::V1::WorkstationConfig::PersistentDirectory::GceRegionalPersistentDisk#source_snapshot source_snapshot} # is set. # # Valid values are `10`, `50`, `100`, `200`, `500`, or `1000`. # Defaults to `200`. If less than `200` GB, the # {::Google::Cloud::Workstations::V1::WorkstationConfig::PersistentDirectory::GceRegionalPersistentDisk#disk_type disk_type} # must be # `"pd-balanced"` or `"pd-ssd"`. # @!attribute [rw] fs_type # @return [::String] # Optional. Type of file system that the disk should be formatted with. # The workstation image must support this file system type. Must be empty # if # {::Google::Cloud::Workstations::V1::WorkstationConfig::PersistentDirectory::GceRegionalPersistentDisk#source_snapshot source_snapshot} # is set. Defaults to `"ext4"`. # @!attribute [rw] disk_type # @return [::String] # Optional. The [type of the persistent # disk](https://cloud.google.com/compute/docs/disks#disk-types) for the # home directory. Defaults to `"pd-standard"`. # @!attribute [rw] source_snapshot # @return [::String] # Optional. Name of the snapshot to use as the source for the disk. If # set, # {::Google::Cloud::Workstations::V1::WorkstationConfig::PersistentDirectory::GceRegionalPersistentDisk#size_gb size_gb} # and # {::Google::Cloud::Workstations::V1::WorkstationConfig::PersistentDirectory::GceRegionalPersistentDisk#fs_type fs_type} # must be empty. # @!attribute [rw] reclaim_policy # @return [::Google::Cloud::Workstations::V1::WorkstationConfig::PersistentDirectory::GceRegionalPersistentDisk::ReclaimPolicy] # Optional. Whether the persistent disk should be deleted when the # workstation is deleted. Valid values are `DELETE` and `RETAIN`. # Defaults to `DELETE`. class GceRegionalPersistentDisk include ::Google::Protobuf::MessageExts extend ::Google::Protobuf::MessageExts::ClassMethods # Value representing what should happen to the disk after the workstation # is deleted. module ReclaimPolicy # Do not use. RECLAIM_POLICY_UNSPECIFIED = 0 # Delete the persistent disk when deleting the workstation. DELETE = 1 # Keep the persistent disk when deleting the workstation. # An administrator must manually delete the disk. RETAIN = 2 end end end # A Docker container. # @!attribute [rw] image # @return [::String] # Optional. A Docker container image that defines a custom environment. # # Cloud Workstations provides a number of # [preconfigured # images](https://cloud.google.com/workstations/docs/preconfigured-base-images), # but you can create your own # [custom container # images](https://cloud.google.com/workstations/docs/custom-container-images). # If using a private image, the `host.gceInstance.serviceAccount` field # must be specified in the workstation configuration and must have # permission to pull the specified image. Otherwise, the image must be # publicly accessible. # @!attribute [rw] command # @return [::Array<::String>] # Optional. If set, overrides the default ENTRYPOINT specified by the # image. # @!attribute [rw] args # @return [::Array<::String>] # Optional. Arguments passed to the entrypoint. # @!attribute [rw] env # @return [::Google::Protobuf::Map{::String => ::String}] # Optional. Environment variables passed to the container's entrypoint. # @!attribute [rw] working_dir # @return [::String] # Optional. If set, overrides the default DIR specified by the image. # @!attribute [rw] run_as_user # @return [::Integer] # Optional. If set, overrides the USER specified in the image with the # given uid. class Container include ::Google::Protobuf::MessageExts extend ::Google::Protobuf::MessageExts::ClassMethods # @!attribute [rw] key # @return [::String] # @!attribute [rw] value # @return [::String] class EnvEntry include ::Google::Protobuf::MessageExts extend ::Google::Protobuf::MessageExts::ClassMethods end end # A customer-managed encryption key (CMEK) for the Compute Engine # resources of the associated workstation configuration. Specify the name of # your Cloud KMS encryption key and the default service account. # We recommend that you use a separate service account and follow # [Cloud KMS best # practices](https://cloud.google.com/kms/docs/separation-of-duties). # @!attribute [rw] kms_key # @return [::String] # Immutable. The name of the Google Cloud KMS encryption key. For example, # `"projects/PROJECT_ID/locations/REGION/keyRings/KEY_RING/cryptoKeys/KEY_NAME"`. # The key must be in the same region as the workstation configuration. # @!attribute [rw] kms_key_service_account # @return [::String] # Immutable. The service account to use with the specified # KMS key. We recommend that you use a separate service account # and follow KMS best practices. For more information, see # [Separation of # duties](https://cloud.google.com/kms/docs/separation-of-duties) and # `gcloud kms keys add-iam-policy-binding` # [`--member`](https://cloud.google.com/sdk/gcloud/reference/kms/keys/add-iam-policy-binding#--member). class CustomerEncryptionKey include ::Google::Protobuf::MessageExts extend ::Google::Protobuf::MessageExts::ClassMethods end # A readiness check to be performed on a workstation. # @!attribute [rw] path # @return [::String] # Optional. Path to which the request should be sent. # @!attribute [rw] port # @return [::Integer] # Optional. Port to which the request should be sent. class ReadinessCheck include ::Google::Protobuf::MessageExts extend ::Google::Protobuf::MessageExts::ClassMethods end # @!attribute [rw] key # @return [::String] # @!attribute [rw] value # @return [::String] class AnnotationsEntry include ::Google::Protobuf::MessageExts extend ::Google::Protobuf::MessageExts::ClassMethods end # @!attribute [rw] key # @return [::String] # @!attribute [rw] value # @return [::String] class LabelsEntry include ::Google::Protobuf::MessageExts extend ::Google::Protobuf::MessageExts::ClassMethods end end |
#etag ⇒ ::String
Returns Optional. Checksum computed by the server. May be sent on update and delete requests to make sure that the client has an up-to-date value before proceeding.
279 280 281 282 283 284 285 286 287 288 289 290 291 292 293 294 295 296 297 298 299 300 301 302 303 304 305 306 307 308 309 310 311 312 313 314 315 316 317 318 319 320 321 322 323 324 325 326 327 328 329 330 331 332 333 334 335 336 337 338 339 340 341 342 343 344 345 346 347 348 349 350 351 352 353 354 355 356 357 358 359 360 361 362 363 364 365 366 367 368 369 370 371 372 373 374 375 376 377 378 379 380 381 382 383 384 385 386 387 388 389 390 391 392 393 394 395 396 397 398 399 400 401 402 403 404 405 406 407 408 409 410 411 412 413 414 415 416 417 418 419 420 421 422 423 424 425 426 427 428 429 430 431 432 433 434 435 436 437 438 439 440 441 442 443 444 445 446 447 448 449 450 451 452 453 454 455 456 457 458 459 460 461 462 463 464 465 466 467 468 469 470 471 472 473 474 475 476 477 478 479 480 481 482 483 484 485 486 487 488 489 490 491 492 493 494 495 496 497 498 499 500 501 502 503 504 505 506 507 508 509 510 511 512 513 514 515 516 517 518 519 520 521 522 523 524 525 526 527 528 529 530 531 532 533 534 535 536 537 538 539 540 541 542 543 544 545 546 547 548 549 550 551 552 553 554 555 556 557 558 559 560 561 562 563 564 565 566 567 568 569 570 571 572 573 574 575 576 577 578 579 580 581 582 583 584 585 586 587 588 589 590 591 592 593 594 595 596 597 598 599 600 601 602 603 604 605 606 |
# File 'proto_docs/google/cloud/workstations/v1/workstations.rb', line 279 class WorkstationConfig include ::Google::Protobuf::MessageExts extend ::Google::Protobuf::MessageExts::ClassMethods # Runtime host for a workstation. # @!attribute [rw] gce_instance # @return [::Google::Cloud::Workstations::V1::WorkstationConfig::Host::GceInstance] # Specifies a Compute Engine instance as the host. class Host include ::Google::Protobuf::MessageExts extend ::Google::Protobuf::MessageExts::ClassMethods # A runtime using a Compute Engine instance. # @!attribute [rw] machine_type # @return [::String] # Optional. The type of machine to use for VM instances—for example, # `"e2-standard-4"`. For more information about machine types that # Cloud Workstations supports, see the list of # [available machine # types](https://cloud.google.com/workstations/docs/available-machine-types). # @!attribute [rw] service_account # @return [::String] # Optional. The email address of the service account for Cloud # Workstations VMs created with this configuration. When specified, be # sure that the service account has `logginglogEntries.create` permission # on the project so it can write logs out to Cloud Logging. If using a # custom container image, the service account must have permissions to # pull the specified image. # # If you as the administrator want to be able to `ssh` into the # underlying VM, you need to set this value to a service account # for which you have the `iam.serviceAccounts.actAs` permission. # Conversely, if you don't want anyone to be able to `ssh` into the # underlying VM, use a service account where no one has that # permission. # # If not set, VMs run with a service account provided by the # Cloud Workstations service, and the image must be publicly # accessible. # @!attribute [rw] service_account_scopes # @return [::Array<::String>] # Optional. Scopes to grant to the # {::Google::Cloud::Workstations::V1::WorkstationConfig::Host::GceInstance#service_account service_account}. # Various scopes are automatically added based on feature usage. When # specified, users of workstations under this configuration must have # `iam.serviceAccounts.actAs` on the service account. # @!attribute [rw] tags # @return [::Array<::String>] # Optional. Network tags to add to the Compute Engine VMs backing the # workstations. This option applies # [network # tags](https://cloud.google.com/vpc/docs/add-remove-network-tags) to VMs # created with this configuration. These network tags enable the creation # of [firewall # rules](https://cloud.google.com/workstations/docs/configure-firewall-rules). # @!attribute [rw] pool_size # @return [::Integer] # Optional. The number of VMs that the system should keep idle so that # new workstations can be started quickly for new users. Defaults to `0` # in the API. # @!attribute [r] pooled_instances # @return [::Integer] # Output only. Number of instances currently available in the pool for # faster workstation startup. # @!attribute [rw] disable_public_ip_addresses # @return [::Boolean] # Optional. When set to true, disables public IP addresses for VMs. If # you disable public IP addresses, you must set up Private Google Access # or Cloud NAT on your network. If you use Private Google Access and you # use `private.googleapis.com` or `restricted.googleapis.com` for # Container Registry and Artifact Registry, make sure that you set # up DNS records for domains `*.gcr.io` and `*.pkg.dev`. # Defaults to false (VMs have public IP addresses). # @!attribute [rw] enable_nested_virtualization # @return [::Boolean] # Optional. Whether to enable nested virtualization on Cloud Workstations # VMs created under this workstation configuration. # # Nested virtualization lets you run virtual machine (VM) instances # inside your workstation. Before enabling nested virtualization, # consider the following important considerations. Cloud Workstations # instances are subject to the [same restrictions as Compute Engine # instances](https://cloud.google.com/compute/docs/instances/nested-virtualization/overview#restrictions): # # * **Organization policy**: projects, folders, or # organizations may be restricted from creating nested VMs if the # **Disable VM nested virtualization** constraint is enforced in # the organization policy. For more information, see the # Compute Engine section, # [Checking whether nested virtualization is # allowed](https://cloud.google.com/compute/docs/instances/nested-virtualization/managing-constraint#checking_whether_nested_virtualization_is_allowed). # * **Performance**: nested VMs might experience a 10% or greater # decrease in performance for workloads that are CPU-bound and # possibly greater than a 10% decrease for workloads that are # input/output bound. # * **Machine Type**: nested virtualization can only be enabled on # workstation configurations that specify a # {::Google::Cloud::Workstations::V1::WorkstationConfig::Host::GceInstance#machine_type machine_type} # in the N1 or N2 machine series. # * **GPUs**: nested virtualization may not be enabled on workstation # configurations with accelerators. # * **Operating System**: Because # [Container-Optimized # OS](https://cloud.google.com/compute/docs/images/os-details#container-optimized_os_cos) # does not support nested virtualization, when nested virtualization is # enabled, the underlying Compute Engine VM instances boot from an # [Ubuntu # LTS](https://cloud.google.com/compute/docs/images/os-details#ubuntu_lts) # image. # @!attribute [rw] shielded_instance_config # @return [::Google::Cloud::Workstations::V1::WorkstationConfig::Host::GceInstance::GceShieldedInstanceConfig] # Optional. A set of Compute Engine Shielded instance options. # @!attribute [rw] confidential_instance_config # @return [::Google::Cloud::Workstations::V1::WorkstationConfig::Host::GceInstance::GceConfidentialInstanceConfig] # Optional. A set of Compute Engine Confidential VM instance options. # @!attribute [rw] boot_disk_size_gb # @return [::Integer] # Optional. The size of the boot disk for the VM in gigabytes (GB). # The minimum boot disk size is `30` GB. Defaults to `50` GB. class GceInstance include ::Google::Protobuf::MessageExts extend ::Google::Protobuf::MessageExts::ClassMethods # A set of Compute Engine Shielded instance options. # @!attribute [rw] enable_secure_boot # @return [::Boolean] # Optional. Whether the instance has Secure Boot enabled. # @!attribute [rw] enable_vtpm # @return [::Boolean] # Optional. Whether the instance has the vTPM enabled. # @!attribute [rw] enable_integrity_monitoring # @return [::Boolean] # Optional. Whether the instance has integrity monitoring enabled. class GceShieldedInstanceConfig include ::Google::Protobuf::MessageExts extend ::Google::Protobuf::MessageExts::ClassMethods end # A set of Compute Engine Confidential VM instance options. # @!attribute [rw] enable_confidential_compute # @return [::Boolean] # Optional. Whether the instance has confidential compute enabled. class GceConfidentialInstanceConfig include ::Google::Protobuf::MessageExts extend ::Google::Protobuf::MessageExts::ClassMethods end end end # A directory to persist across workstation sessions. # @!attribute [rw] gce_pd # @return [::Google::Cloud::Workstations::V1::WorkstationConfig::PersistentDirectory::GceRegionalPersistentDisk] # A PersistentDirectory backed by a Compute Engine persistent disk. # @!attribute [rw] mount_path # @return [::String] # Optional. Location of this directory in the running workstation. class PersistentDirectory include ::Google::Protobuf::MessageExts extend ::Google::Protobuf::MessageExts::ClassMethods # A PersistentDirectory backed by a Compute Engine regional persistent # disk. The # {::Google::Cloud::Workstations::V1::WorkstationConfig#persistent_directories persistent_directories} # field is repeated, but it may contain only one entry. It creates a # [persistent # disk](https://cloud.google.com/compute/docs/disks/persistent-disks) that # mounts to the workstation VM at `/home` when the session starts and # detaches when the session ends. If this field is empty, workstations # created with this configuration do not have a persistent home # directory. # @!attribute [rw] size_gb # @return [::Integer] # Optional. The GB capacity of a persistent home directory for each # workstation created with this configuration. Must be empty if # {::Google::Cloud::Workstations::V1::WorkstationConfig::PersistentDirectory::GceRegionalPersistentDisk#source_snapshot source_snapshot} # is set. # # Valid values are `10`, `50`, `100`, `200`, `500`, or `1000`. # Defaults to `200`. If less than `200` GB, the # {::Google::Cloud::Workstations::V1::WorkstationConfig::PersistentDirectory::GceRegionalPersistentDisk#disk_type disk_type} # must be # `"pd-balanced"` or `"pd-ssd"`. # @!attribute [rw] fs_type # @return [::String] # Optional. Type of file system that the disk should be formatted with. # The workstation image must support this file system type. Must be empty # if # {::Google::Cloud::Workstations::V1::WorkstationConfig::PersistentDirectory::GceRegionalPersistentDisk#source_snapshot source_snapshot} # is set. Defaults to `"ext4"`. # @!attribute [rw] disk_type # @return [::String] # Optional. The [type of the persistent # disk](https://cloud.google.com/compute/docs/disks#disk-types) for the # home directory. Defaults to `"pd-standard"`. # @!attribute [rw] source_snapshot # @return [::String] # Optional. Name of the snapshot to use as the source for the disk. If # set, # {::Google::Cloud::Workstations::V1::WorkstationConfig::PersistentDirectory::GceRegionalPersistentDisk#size_gb size_gb} # and # {::Google::Cloud::Workstations::V1::WorkstationConfig::PersistentDirectory::GceRegionalPersistentDisk#fs_type fs_type} # must be empty. # @!attribute [rw] reclaim_policy # @return [::Google::Cloud::Workstations::V1::WorkstationConfig::PersistentDirectory::GceRegionalPersistentDisk::ReclaimPolicy] # Optional. Whether the persistent disk should be deleted when the # workstation is deleted. Valid values are `DELETE` and `RETAIN`. # Defaults to `DELETE`. class GceRegionalPersistentDisk include ::Google::Protobuf::MessageExts extend ::Google::Protobuf::MessageExts::ClassMethods # Value representing what should happen to the disk after the workstation # is deleted. module ReclaimPolicy # Do not use. RECLAIM_POLICY_UNSPECIFIED = 0 # Delete the persistent disk when deleting the workstation. DELETE = 1 # Keep the persistent disk when deleting the workstation. # An administrator must manually delete the disk. RETAIN = 2 end end end # A Docker container. # @!attribute [rw] image # @return [::String] # Optional. A Docker container image that defines a custom environment. # # Cloud Workstations provides a number of # [preconfigured # images](https://cloud.google.com/workstations/docs/preconfigured-base-images), # but you can create your own # [custom container # images](https://cloud.google.com/workstations/docs/custom-container-images). # If using a private image, the `host.gceInstance.serviceAccount` field # must be specified in the workstation configuration and must have # permission to pull the specified image. Otherwise, the image must be # publicly accessible. # @!attribute [rw] command # @return [::Array<::String>] # Optional. If set, overrides the default ENTRYPOINT specified by the # image. # @!attribute [rw] args # @return [::Array<::String>] # Optional. Arguments passed to the entrypoint. # @!attribute [rw] env # @return [::Google::Protobuf::Map{::String => ::String}] # Optional. Environment variables passed to the container's entrypoint. # @!attribute [rw] working_dir # @return [::String] # Optional. If set, overrides the default DIR specified by the image. # @!attribute [rw] run_as_user # @return [::Integer] # Optional. If set, overrides the USER specified in the image with the # given uid. class Container include ::Google::Protobuf::MessageExts extend ::Google::Protobuf::MessageExts::ClassMethods # @!attribute [rw] key # @return [::String] # @!attribute [rw] value # @return [::String] class EnvEntry include ::Google::Protobuf::MessageExts extend ::Google::Protobuf::MessageExts::ClassMethods end end # A customer-managed encryption key (CMEK) for the Compute Engine # resources of the associated workstation configuration. Specify the name of # your Cloud KMS encryption key and the default service account. # We recommend that you use a separate service account and follow # [Cloud KMS best # practices](https://cloud.google.com/kms/docs/separation-of-duties). # @!attribute [rw] kms_key # @return [::String] # Immutable. The name of the Google Cloud KMS encryption key. For example, # `"projects/PROJECT_ID/locations/REGION/keyRings/KEY_RING/cryptoKeys/KEY_NAME"`. # The key must be in the same region as the workstation configuration. # @!attribute [rw] kms_key_service_account # @return [::String] # Immutable. The service account to use with the specified # KMS key. We recommend that you use a separate service account # and follow KMS best practices. For more information, see # [Separation of # duties](https://cloud.google.com/kms/docs/separation-of-duties) and # `gcloud kms keys add-iam-policy-binding` # [`--member`](https://cloud.google.com/sdk/gcloud/reference/kms/keys/add-iam-policy-binding#--member). class CustomerEncryptionKey include ::Google::Protobuf::MessageExts extend ::Google::Protobuf::MessageExts::ClassMethods end # A readiness check to be performed on a workstation. # @!attribute [rw] path # @return [::String] # Optional. Path to which the request should be sent. # @!attribute [rw] port # @return [::Integer] # Optional. Port to which the request should be sent. class ReadinessCheck include ::Google::Protobuf::MessageExts extend ::Google::Protobuf::MessageExts::ClassMethods end # @!attribute [rw] key # @return [::String] # @!attribute [rw] value # @return [::String] class AnnotationsEntry include ::Google::Protobuf::MessageExts extend ::Google::Protobuf::MessageExts::ClassMethods end # @!attribute [rw] key # @return [::String] # @!attribute [rw] value # @return [::String] class LabelsEntry include ::Google::Protobuf::MessageExts extend ::Google::Protobuf::MessageExts::ClassMethods end end |
#host ⇒ ::Google::Cloud::Workstations::V1::WorkstationConfig::Host
Returns Optional. Runtime host for the workstation.
279 280 281 282 283 284 285 286 287 288 289 290 291 292 293 294 295 296 297 298 299 300 301 302 303 304 305 306 307 308 309 310 311 312 313 314 315 316 317 318 319 320 321 322 323 324 325 326 327 328 329 330 331 332 333 334 335 336 337 338 339 340 341 342 343 344 345 346 347 348 349 350 351 352 353 354 355 356 357 358 359 360 361 362 363 364 365 366 367 368 369 370 371 372 373 374 375 376 377 378 379 380 381 382 383 384 385 386 387 388 389 390 391 392 393 394 395 396 397 398 399 400 401 402 403 404 405 406 407 408 409 410 411 412 413 414 415 416 417 418 419 420 421 422 423 424 425 426 427 428 429 430 431 432 433 434 435 436 437 438 439 440 441 442 443 444 445 446 447 448 449 450 451 452 453 454 455 456 457 458 459 460 461 462 463 464 465 466 467 468 469 470 471 472 473 474 475 476 477 478 479 480 481 482 483 484 485 486 487 488 489 490 491 492 493 494 495 496 497 498 499 500 501 502 503 504 505 506 507 508 509 510 511 512 513 514 515 516 517 518 519 520 521 522 523 524 525 526 527 528 529 530 531 532 533 534 535 536 537 538 539 540 541 542 543 544 545 546 547 548 549 550 551 552 553 554 555 556 557 558 559 560 561 562 563 564 565 566 567 568 569 570 571 572 573 574 575 576 577 578 579 580 581 582 583 584 585 586 587 588 589 590 591 592 593 594 595 596 597 598 599 600 601 602 603 604 605 606 |
# File 'proto_docs/google/cloud/workstations/v1/workstations.rb', line 279 class WorkstationConfig include ::Google::Protobuf::MessageExts extend ::Google::Protobuf::MessageExts::ClassMethods # Runtime host for a workstation. # @!attribute [rw] gce_instance # @return [::Google::Cloud::Workstations::V1::WorkstationConfig::Host::GceInstance] # Specifies a Compute Engine instance as the host. class Host include ::Google::Protobuf::MessageExts extend ::Google::Protobuf::MessageExts::ClassMethods # A runtime using a Compute Engine instance. # @!attribute [rw] machine_type # @return [::String] # Optional. The type of machine to use for VM instances—for example, # `"e2-standard-4"`. For more information about machine types that # Cloud Workstations supports, see the list of # [available machine # types](https://cloud.google.com/workstations/docs/available-machine-types). # @!attribute [rw] service_account # @return [::String] # Optional. The email address of the service account for Cloud # Workstations VMs created with this configuration. When specified, be # sure that the service account has `logginglogEntries.create` permission # on the project so it can write logs out to Cloud Logging. If using a # custom container image, the service account must have permissions to # pull the specified image. # # If you as the administrator want to be able to `ssh` into the # underlying VM, you need to set this value to a service account # for which you have the `iam.serviceAccounts.actAs` permission. # Conversely, if you don't want anyone to be able to `ssh` into the # underlying VM, use a service account where no one has that # permission. # # If not set, VMs run with a service account provided by the # Cloud Workstations service, and the image must be publicly # accessible. # @!attribute [rw] service_account_scopes # @return [::Array<::String>] # Optional. Scopes to grant to the # {::Google::Cloud::Workstations::V1::WorkstationConfig::Host::GceInstance#service_account service_account}. # Various scopes are automatically added based on feature usage. When # specified, users of workstations under this configuration must have # `iam.serviceAccounts.actAs` on the service account. # @!attribute [rw] tags # @return [::Array<::String>] # Optional. Network tags to add to the Compute Engine VMs backing the # workstations. This option applies # [network # tags](https://cloud.google.com/vpc/docs/add-remove-network-tags) to VMs # created with this configuration. These network tags enable the creation # of [firewall # rules](https://cloud.google.com/workstations/docs/configure-firewall-rules). # @!attribute [rw] pool_size # @return [::Integer] # Optional. The number of VMs that the system should keep idle so that # new workstations can be started quickly for new users. Defaults to `0` # in the API. # @!attribute [r] pooled_instances # @return [::Integer] # Output only. Number of instances currently available in the pool for # faster workstation startup. # @!attribute [rw] disable_public_ip_addresses # @return [::Boolean] # Optional. When set to true, disables public IP addresses for VMs. If # you disable public IP addresses, you must set up Private Google Access # or Cloud NAT on your network. If you use Private Google Access and you # use `private.googleapis.com` or `restricted.googleapis.com` for # Container Registry and Artifact Registry, make sure that you set # up DNS records for domains `*.gcr.io` and `*.pkg.dev`. # Defaults to false (VMs have public IP addresses). # @!attribute [rw] enable_nested_virtualization # @return [::Boolean] # Optional. Whether to enable nested virtualization on Cloud Workstations # VMs created under this workstation configuration. # # Nested virtualization lets you run virtual machine (VM) instances # inside your workstation. Before enabling nested virtualization, # consider the following important considerations. Cloud Workstations # instances are subject to the [same restrictions as Compute Engine # instances](https://cloud.google.com/compute/docs/instances/nested-virtualization/overview#restrictions): # # * **Organization policy**: projects, folders, or # organizations may be restricted from creating nested VMs if the # **Disable VM nested virtualization** constraint is enforced in # the organization policy. For more information, see the # Compute Engine section, # [Checking whether nested virtualization is # allowed](https://cloud.google.com/compute/docs/instances/nested-virtualization/managing-constraint#checking_whether_nested_virtualization_is_allowed). # * **Performance**: nested VMs might experience a 10% or greater # decrease in performance for workloads that are CPU-bound and # possibly greater than a 10% decrease for workloads that are # input/output bound. # * **Machine Type**: nested virtualization can only be enabled on # workstation configurations that specify a # {::Google::Cloud::Workstations::V1::WorkstationConfig::Host::GceInstance#machine_type machine_type} # in the N1 or N2 machine series. # * **GPUs**: nested virtualization may not be enabled on workstation # configurations with accelerators. # * **Operating System**: Because # [Container-Optimized # OS](https://cloud.google.com/compute/docs/images/os-details#container-optimized_os_cos) # does not support nested virtualization, when nested virtualization is # enabled, the underlying Compute Engine VM instances boot from an # [Ubuntu # LTS](https://cloud.google.com/compute/docs/images/os-details#ubuntu_lts) # image. # @!attribute [rw] shielded_instance_config # @return [::Google::Cloud::Workstations::V1::WorkstationConfig::Host::GceInstance::GceShieldedInstanceConfig] # Optional. A set of Compute Engine Shielded instance options. # @!attribute [rw] confidential_instance_config # @return [::Google::Cloud::Workstations::V1::WorkstationConfig::Host::GceInstance::GceConfidentialInstanceConfig] # Optional. A set of Compute Engine Confidential VM instance options. # @!attribute [rw] boot_disk_size_gb # @return [::Integer] # Optional. The size of the boot disk for the VM in gigabytes (GB). # The minimum boot disk size is `30` GB. Defaults to `50` GB. class GceInstance include ::Google::Protobuf::MessageExts extend ::Google::Protobuf::MessageExts::ClassMethods # A set of Compute Engine Shielded instance options. # @!attribute [rw] enable_secure_boot # @return [::Boolean] # Optional. Whether the instance has Secure Boot enabled. # @!attribute [rw] enable_vtpm # @return [::Boolean] # Optional. Whether the instance has the vTPM enabled. # @!attribute [rw] enable_integrity_monitoring # @return [::Boolean] # Optional. Whether the instance has integrity monitoring enabled. class GceShieldedInstanceConfig include ::Google::Protobuf::MessageExts extend ::Google::Protobuf::MessageExts::ClassMethods end # A set of Compute Engine Confidential VM instance options. # @!attribute [rw] enable_confidential_compute # @return [::Boolean] # Optional. Whether the instance has confidential compute enabled. class GceConfidentialInstanceConfig include ::Google::Protobuf::MessageExts extend ::Google::Protobuf::MessageExts::ClassMethods end end end # A directory to persist across workstation sessions. # @!attribute [rw] gce_pd # @return [::Google::Cloud::Workstations::V1::WorkstationConfig::PersistentDirectory::GceRegionalPersistentDisk] # A PersistentDirectory backed by a Compute Engine persistent disk. # @!attribute [rw] mount_path # @return [::String] # Optional. Location of this directory in the running workstation. class PersistentDirectory include ::Google::Protobuf::MessageExts extend ::Google::Protobuf::MessageExts::ClassMethods # A PersistentDirectory backed by a Compute Engine regional persistent # disk. The # {::Google::Cloud::Workstations::V1::WorkstationConfig#persistent_directories persistent_directories} # field is repeated, but it may contain only one entry. It creates a # [persistent # disk](https://cloud.google.com/compute/docs/disks/persistent-disks) that # mounts to the workstation VM at `/home` when the session starts and # detaches when the session ends. If this field is empty, workstations # created with this configuration do not have a persistent home # directory. # @!attribute [rw] size_gb # @return [::Integer] # Optional. The GB capacity of a persistent home directory for each # workstation created with this configuration. Must be empty if # {::Google::Cloud::Workstations::V1::WorkstationConfig::PersistentDirectory::GceRegionalPersistentDisk#source_snapshot source_snapshot} # is set. # # Valid values are `10`, `50`, `100`, `200`, `500`, or `1000`. # Defaults to `200`. If less than `200` GB, the # {::Google::Cloud::Workstations::V1::WorkstationConfig::PersistentDirectory::GceRegionalPersistentDisk#disk_type disk_type} # must be # `"pd-balanced"` or `"pd-ssd"`. # @!attribute [rw] fs_type # @return [::String] # Optional. Type of file system that the disk should be formatted with. # The workstation image must support this file system type. Must be empty # if # {::Google::Cloud::Workstations::V1::WorkstationConfig::PersistentDirectory::GceRegionalPersistentDisk#source_snapshot source_snapshot} # is set. Defaults to `"ext4"`. # @!attribute [rw] disk_type # @return [::String] # Optional. The [type of the persistent # disk](https://cloud.google.com/compute/docs/disks#disk-types) for the # home directory. Defaults to `"pd-standard"`. # @!attribute [rw] source_snapshot # @return [::String] # Optional. Name of the snapshot to use as the source for the disk. If # set, # {::Google::Cloud::Workstations::V1::WorkstationConfig::PersistentDirectory::GceRegionalPersistentDisk#size_gb size_gb} # and # {::Google::Cloud::Workstations::V1::WorkstationConfig::PersistentDirectory::GceRegionalPersistentDisk#fs_type fs_type} # must be empty. # @!attribute [rw] reclaim_policy # @return [::Google::Cloud::Workstations::V1::WorkstationConfig::PersistentDirectory::GceRegionalPersistentDisk::ReclaimPolicy] # Optional. Whether the persistent disk should be deleted when the # workstation is deleted. Valid values are `DELETE` and `RETAIN`. # Defaults to `DELETE`. class GceRegionalPersistentDisk include ::Google::Protobuf::MessageExts extend ::Google::Protobuf::MessageExts::ClassMethods # Value representing what should happen to the disk after the workstation # is deleted. module ReclaimPolicy # Do not use. RECLAIM_POLICY_UNSPECIFIED = 0 # Delete the persistent disk when deleting the workstation. DELETE = 1 # Keep the persistent disk when deleting the workstation. # An administrator must manually delete the disk. RETAIN = 2 end end end # A Docker container. # @!attribute [rw] image # @return [::String] # Optional. A Docker container image that defines a custom environment. # # Cloud Workstations provides a number of # [preconfigured # images](https://cloud.google.com/workstations/docs/preconfigured-base-images), # but you can create your own # [custom container # images](https://cloud.google.com/workstations/docs/custom-container-images). # If using a private image, the `host.gceInstance.serviceAccount` field # must be specified in the workstation configuration and must have # permission to pull the specified image. Otherwise, the image must be # publicly accessible. # @!attribute [rw] command # @return [::Array<::String>] # Optional. If set, overrides the default ENTRYPOINT specified by the # image. # @!attribute [rw] args # @return [::Array<::String>] # Optional. Arguments passed to the entrypoint. # @!attribute [rw] env # @return [::Google::Protobuf::Map{::String => ::String}] # Optional. Environment variables passed to the container's entrypoint. # @!attribute [rw] working_dir # @return [::String] # Optional. If set, overrides the default DIR specified by the image. # @!attribute [rw] run_as_user # @return [::Integer] # Optional. If set, overrides the USER specified in the image with the # given uid. class Container include ::Google::Protobuf::MessageExts extend ::Google::Protobuf::MessageExts::ClassMethods # @!attribute [rw] key # @return [::String] # @!attribute [rw] value # @return [::String] class EnvEntry include ::Google::Protobuf::MessageExts extend ::Google::Protobuf::MessageExts::ClassMethods end end # A customer-managed encryption key (CMEK) for the Compute Engine # resources of the associated workstation configuration. Specify the name of # your Cloud KMS encryption key and the default service account. # We recommend that you use a separate service account and follow # [Cloud KMS best # practices](https://cloud.google.com/kms/docs/separation-of-duties). # @!attribute [rw] kms_key # @return [::String] # Immutable. The name of the Google Cloud KMS encryption key. For example, # `"projects/PROJECT_ID/locations/REGION/keyRings/KEY_RING/cryptoKeys/KEY_NAME"`. # The key must be in the same region as the workstation configuration. # @!attribute [rw] kms_key_service_account # @return [::String] # Immutable. The service account to use with the specified # KMS key. We recommend that you use a separate service account # and follow KMS best practices. For more information, see # [Separation of # duties](https://cloud.google.com/kms/docs/separation-of-duties) and # `gcloud kms keys add-iam-policy-binding` # [`--member`](https://cloud.google.com/sdk/gcloud/reference/kms/keys/add-iam-policy-binding#--member). class CustomerEncryptionKey include ::Google::Protobuf::MessageExts extend ::Google::Protobuf::MessageExts::ClassMethods end # A readiness check to be performed on a workstation. # @!attribute [rw] path # @return [::String] # Optional. Path to which the request should be sent. # @!attribute [rw] port # @return [::Integer] # Optional. Port to which the request should be sent. class ReadinessCheck include ::Google::Protobuf::MessageExts extend ::Google::Protobuf::MessageExts::ClassMethods end # @!attribute [rw] key # @return [::String] # @!attribute [rw] value # @return [::String] class AnnotationsEntry include ::Google::Protobuf::MessageExts extend ::Google::Protobuf::MessageExts::ClassMethods end # @!attribute [rw] key # @return [::String] # @!attribute [rw] value # @return [::String] class LabelsEntry include ::Google::Protobuf::MessageExts extend ::Google::Protobuf::MessageExts::ClassMethods end end |
#idle_timeout ⇒ ::Google::Protobuf::Duration
Returns Optional. Number of seconds to wait before automatically stopping a workstation after it last received user traffic.
A value of "0s"
indicates that Cloud Workstations VMs created with this
configuration should never time out due to idleness.
Provide
duration
terminated by s
for seconds—for example, "7200s"
(2 hours).
The default is "1200s"
(20 minutes).
279 280 281 282 283 284 285 286 287 288 289 290 291 292 293 294 295 296 297 298 299 300 301 302 303 304 305 306 307 308 309 310 311 312 313 314 315 316 317 318 319 320 321 322 323 324 325 326 327 328 329 330 331 332 333 334 335 336 337 338 339 340 341 342 343 344 345 346 347 348 349 350 351 352 353 354 355 356 357 358 359 360 361 362 363 364 365 366 367 368 369 370 371 372 373 374 375 376 377 378 379 380 381 382 383 384 385 386 387 388 389 390 391 392 393 394 395 396 397 398 399 400 401 402 403 404 405 406 407 408 409 410 411 412 413 414 415 416 417 418 419 420 421 422 423 424 425 426 427 428 429 430 431 432 433 434 435 436 437 438 439 440 441 442 443 444 445 446 447 448 449 450 451 452 453 454 455 456 457 458 459 460 461 462 463 464 465 466 467 468 469 470 471 472 473 474 475 476 477 478 479 480 481 482 483 484 485 486 487 488 489 490 491 492 493 494 495 496 497 498 499 500 501 502 503 504 505 506 507 508 509 510 511 512 513 514 515 516 517 518 519 520 521 522 523 524 525 526 527 528 529 530 531 532 533 534 535 536 537 538 539 540 541 542 543 544 545 546 547 548 549 550 551 552 553 554 555 556 557 558 559 560 561 562 563 564 565 566 567 568 569 570 571 572 573 574 575 576 577 578 579 580 581 582 583 584 585 586 587 588 589 590 591 592 593 594 595 596 597 598 599 600 601 602 603 604 605 606 |
# File 'proto_docs/google/cloud/workstations/v1/workstations.rb', line 279 class WorkstationConfig include ::Google::Protobuf::MessageExts extend ::Google::Protobuf::MessageExts::ClassMethods # Runtime host for a workstation. # @!attribute [rw] gce_instance # @return [::Google::Cloud::Workstations::V1::WorkstationConfig::Host::GceInstance] # Specifies a Compute Engine instance as the host. class Host include ::Google::Protobuf::MessageExts extend ::Google::Protobuf::MessageExts::ClassMethods # A runtime using a Compute Engine instance. # @!attribute [rw] machine_type # @return [::String] # Optional. The type of machine to use for VM instances—for example, # `"e2-standard-4"`. For more information about machine types that # Cloud Workstations supports, see the list of # [available machine # types](https://cloud.google.com/workstations/docs/available-machine-types). # @!attribute [rw] service_account # @return [::String] # Optional. The email address of the service account for Cloud # Workstations VMs created with this configuration. When specified, be # sure that the service account has `logginglogEntries.create` permission # on the project so it can write logs out to Cloud Logging. If using a # custom container image, the service account must have permissions to # pull the specified image. # # If you as the administrator want to be able to `ssh` into the # underlying VM, you need to set this value to a service account # for which you have the `iam.serviceAccounts.actAs` permission. # Conversely, if you don't want anyone to be able to `ssh` into the # underlying VM, use a service account where no one has that # permission. # # If not set, VMs run with a service account provided by the # Cloud Workstations service, and the image must be publicly # accessible. # @!attribute [rw] service_account_scopes # @return [::Array<::String>] # Optional. Scopes to grant to the # {::Google::Cloud::Workstations::V1::WorkstationConfig::Host::GceInstance#service_account service_account}. # Various scopes are automatically added based on feature usage. When # specified, users of workstations under this configuration must have # `iam.serviceAccounts.actAs` on the service account. # @!attribute [rw] tags # @return [::Array<::String>] # Optional. Network tags to add to the Compute Engine VMs backing the # workstations. This option applies # [network # tags](https://cloud.google.com/vpc/docs/add-remove-network-tags) to VMs # created with this configuration. These network tags enable the creation # of [firewall # rules](https://cloud.google.com/workstations/docs/configure-firewall-rules). # @!attribute [rw] pool_size # @return [::Integer] # Optional. The number of VMs that the system should keep idle so that # new workstations can be started quickly for new users. Defaults to `0` # in the API. # @!attribute [r] pooled_instances # @return [::Integer] # Output only. Number of instances currently available in the pool for # faster workstation startup. # @!attribute [rw] disable_public_ip_addresses # @return [::Boolean] # Optional. When set to true, disables public IP addresses for VMs. If # you disable public IP addresses, you must set up Private Google Access # or Cloud NAT on your network. If you use Private Google Access and you # use `private.googleapis.com` or `restricted.googleapis.com` for # Container Registry and Artifact Registry, make sure that you set # up DNS records for domains `*.gcr.io` and `*.pkg.dev`. # Defaults to false (VMs have public IP addresses). # @!attribute [rw] enable_nested_virtualization # @return [::Boolean] # Optional. Whether to enable nested virtualization on Cloud Workstations # VMs created under this workstation configuration. # # Nested virtualization lets you run virtual machine (VM) instances # inside your workstation. Before enabling nested virtualization, # consider the following important considerations. Cloud Workstations # instances are subject to the [same restrictions as Compute Engine # instances](https://cloud.google.com/compute/docs/instances/nested-virtualization/overview#restrictions): # # * **Organization policy**: projects, folders, or # organizations may be restricted from creating nested VMs if the # **Disable VM nested virtualization** constraint is enforced in # the organization policy. For more information, see the # Compute Engine section, # [Checking whether nested virtualization is # allowed](https://cloud.google.com/compute/docs/instances/nested-virtualization/managing-constraint#checking_whether_nested_virtualization_is_allowed). # * **Performance**: nested VMs might experience a 10% or greater # decrease in performance for workloads that are CPU-bound and # possibly greater than a 10% decrease for workloads that are # input/output bound. # * **Machine Type**: nested virtualization can only be enabled on # workstation configurations that specify a # {::Google::Cloud::Workstations::V1::WorkstationConfig::Host::GceInstance#machine_type machine_type} # in the N1 or N2 machine series. # * **GPUs**: nested virtualization may not be enabled on workstation # configurations with accelerators. # * **Operating System**: Because # [Container-Optimized # OS](https://cloud.google.com/compute/docs/images/os-details#container-optimized_os_cos) # does not support nested virtualization, when nested virtualization is # enabled, the underlying Compute Engine VM instances boot from an # [Ubuntu # LTS](https://cloud.google.com/compute/docs/images/os-details#ubuntu_lts) # image. # @!attribute [rw] shielded_instance_config # @return [::Google::Cloud::Workstations::V1::WorkstationConfig::Host::GceInstance::GceShieldedInstanceConfig] # Optional. A set of Compute Engine Shielded instance options. # @!attribute [rw] confidential_instance_config # @return [::Google::Cloud::Workstations::V1::WorkstationConfig::Host::GceInstance::GceConfidentialInstanceConfig] # Optional. A set of Compute Engine Confidential VM instance options. # @!attribute [rw] boot_disk_size_gb # @return [::Integer] # Optional. The size of the boot disk for the VM in gigabytes (GB). # The minimum boot disk size is `30` GB. Defaults to `50` GB. class GceInstance include ::Google::Protobuf::MessageExts extend ::Google::Protobuf::MessageExts::ClassMethods # A set of Compute Engine Shielded instance options. # @!attribute [rw] enable_secure_boot # @return [::Boolean] # Optional. Whether the instance has Secure Boot enabled. # @!attribute [rw] enable_vtpm # @return [::Boolean] # Optional. Whether the instance has the vTPM enabled. # @!attribute [rw] enable_integrity_monitoring # @return [::Boolean] # Optional. Whether the instance has integrity monitoring enabled. class GceShieldedInstanceConfig include ::Google::Protobuf::MessageExts extend ::Google::Protobuf::MessageExts::ClassMethods end # A set of Compute Engine Confidential VM instance options. # @!attribute [rw] enable_confidential_compute # @return [::Boolean] # Optional. Whether the instance has confidential compute enabled. class GceConfidentialInstanceConfig include ::Google::Protobuf::MessageExts extend ::Google::Protobuf::MessageExts::ClassMethods end end end # A directory to persist across workstation sessions. # @!attribute [rw] gce_pd # @return [::Google::Cloud::Workstations::V1::WorkstationConfig::PersistentDirectory::GceRegionalPersistentDisk] # A PersistentDirectory backed by a Compute Engine persistent disk. # @!attribute [rw] mount_path # @return [::String] # Optional. Location of this directory in the running workstation. class PersistentDirectory include ::Google::Protobuf::MessageExts extend ::Google::Protobuf::MessageExts::ClassMethods # A PersistentDirectory backed by a Compute Engine regional persistent # disk. The # {::Google::Cloud::Workstations::V1::WorkstationConfig#persistent_directories persistent_directories} # field is repeated, but it may contain only one entry. It creates a # [persistent # disk](https://cloud.google.com/compute/docs/disks/persistent-disks) that # mounts to the workstation VM at `/home` when the session starts and # detaches when the session ends. If this field is empty, workstations # created with this configuration do not have a persistent home # directory. # @!attribute [rw] size_gb # @return [::Integer] # Optional. The GB capacity of a persistent home directory for each # workstation created with this configuration. Must be empty if # {::Google::Cloud::Workstations::V1::WorkstationConfig::PersistentDirectory::GceRegionalPersistentDisk#source_snapshot source_snapshot} # is set. # # Valid values are `10`, `50`, `100`, `200`, `500`, or `1000`. # Defaults to `200`. If less than `200` GB, the # {::Google::Cloud::Workstations::V1::WorkstationConfig::PersistentDirectory::GceRegionalPersistentDisk#disk_type disk_type} # must be # `"pd-balanced"` or `"pd-ssd"`. # @!attribute [rw] fs_type # @return [::String] # Optional. Type of file system that the disk should be formatted with. # The workstation image must support this file system type. Must be empty # if # {::Google::Cloud::Workstations::V1::WorkstationConfig::PersistentDirectory::GceRegionalPersistentDisk#source_snapshot source_snapshot} # is set. Defaults to `"ext4"`. # @!attribute [rw] disk_type # @return [::String] # Optional. The [type of the persistent # disk](https://cloud.google.com/compute/docs/disks#disk-types) for the # home directory. Defaults to `"pd-standard"`. # @!attribute [rw] source_snapshot # @return [::String] # Optional. Name of the snapshot to use as the source for the disk. If # set, # {::Google::Cloud::Workstations::V1::WorkstationConfig::PersistentDirectory::GceRegionalPersistentDisk#size_gb size_gb} # and # {::Google::Cloud::Workstations::V1::WorkstationConfig::PersistentDirectory::GceRegionalPersistentDisk#fs_type fs_type} # must be empty. # @!attribute [rw] reclaim_policy # @return [::Google::Cloud::Workstations::V1::WorkstationConfig::PersistentDirectory::GceRegionalPersistentDisk::ReclaimPolicy] # Optional. Whether the persistent disk should be deleted when the # workstation is deleted. Valid values are `DELETE` and `RETAIN`. # Defaults to `DELETE`. class GceRegionalPersistentDisk include ::Google::Protobuf::MessageExts extend ::Google::Protobuf::MessageExts::ClassMethods # Value representing what should happen to the disk after the workstation # is deleted. module ReclaimPolicy # Do not use. RECLAIM_POLICY_UNSPECIFIED = 0 # Delete the persistent disk when deleting the workstation. DELETE = 1 # Keep the persistent disk when deleting the workstation. # An administrator must manually delete the disk. RETAIN = 2 end end end # A Docker container. # @!attribute [rw] image # @return [::String] # Optional. A Docker container image that defines a custom environment. # # Cloud Workstations provides a number of # [preconfigured # images](https://cloud.google.com/workstations/docs/preconfigured-base-images), # but you can create your own # [custom container # images](https://cloud.google.com/workstations/docs/custom-container-images). # If using a private image, the `host.gceInstance.serviceAccount` field # must be specified in the workstation configuration and must have # permission to pull the specified image. Otherwise, the image must be # publicly accessible. # @!attribute [rw] command # @return [::Array<::String>] # Optional. If set, overrides the default ENTRYPOINT specified by the # image. # @!attribute [rw] args # @return [::Array<::String>] # Optional. Arguments passed to the entrypoint. # @!attribute [rw] env # @return [::Google::Protobuf::Map{::String => ::String}] # Optional. Environment variables passed to the container's entrypoint. # @!attribute [rw] working_dir # @return [::String] # Optional. If set, overrides the default DIR specified by the image. # @!attribute [rw] run_as_user # @return [::Integer] # Optional. If set, overrides the USER specified in the image with the # given uid. class Container include ::Google::Protobuf::MessageExts extend ::Google::Protobuf::MessageExts::ClassMethods # @!attribute [rw] key # @return [::String] # @!attribute [rw] value # @return [::String] class EnvEntry include ::Google::Protobuf::MessageExts extend ::Google::Protobuf::MessageExts::ClassMethods end end # A customer-managed encryption key (CMEK) for the Compute Engine # resources of the associated workstation configuration. Specify the name of # your Cloud KMS encryption key and the default service account. # We recommend that you use a separate service account and follow # [Cloud KMS best # practices](https://cloud.google.com/kms/docs/separation-of-duties). # @!attribute [rw] kms_key # @return [::String] # Immutable. The name of the Google Cloud KMS encryption key. For example, # `"projects/PROJECT_ID/locations/REGION/keyRings/KEY_RING/cryptoKeys/KEY_NAME"`. # The key must be in the same region as the workstation configuration. # @!attribute [rw] kms_key_service_account # @return [::String] # Immutable. The service account to use with the specified # KMS key. We recommend that you use a separate service account # and follow KMS best practices. For more information, see # [Separation of # duties](https://cloud.google.com/kms/docs/separation-of-duties) and # `gcloud kms keys add-iam-policy-binding` # [`--member`](https://cloud.google.com/sdk/gcloud/reference/kms/keys/add-iam-policy-binding#--member). class CustomerEncryptionKey include ::Google::Protobuf::MessageExts extend ::Google::Protobuf::MessageExts::ClassMethods end # A readiness check to be performed on a workstation. # @!attribute [rw] path # @return [::String] # Optional. Path to which the request should be sent. # @!attribute [rw] port # @return [::Integer] # Optional. Port to which the request should be sent. class ReadinessCheck include ::Google::Protobuf::MessageExts extend ::Google::Protobuf::MessageExts::ClassMethods end # @!attribute [rw] key # @return [::String] # @!attribute [rw] value # @return [::String] class AnnotationsEntry include ::Google::Protobuf::MessageExts extend ::Google::Protobuf::MessageExts::ClassMethods end # @!attribute [rw] key # @return [::String] # @!attribute [rw] value # @return [::String] class LabelsEntry include ::Google::Protobuf::MessageExts extend ::Google::Protobuf::MessageExts::ClassMethods end end |
#labels ⇒ ::Google::Protobuf::Map{::String => ::String}
Returns Optional. Labels that are applied to the workstation configuration and that are also propagated to the underlying Compute Engine resources.
279 280 281 282 283 284 285 286 287 288 289 290 291 292 293 294 295 296 297 298 299 300 301 302 303 304 305 306 307 308 309 310 311 312 313 314 315 316 317 318 319 320 321 322 323 324 325 326 327 328 329 330 331 332 333 334 335 336 337 338 339 340 341 342 343 344 345 346 347 348 349 350 351 352 353 354 355 356 357 358 359 360 361 362 363 364 365 366 367 368 369 370 371 372 373 374 375 376 377 378 379 380 381 382 383 384 385 386 387 388 389 390 391 392 393 394 395 396 397 398 399 400 401 402 403 404 405 406 407 408 409 410 411 412 413 414 415 416 417 418 419 420 421 422 423 424 425 426 427 428 429 430 431 432 433 434 435 436 437 438 439 440 441 442 443 444 445 446 447 448 449 450 451 452 453 454 455 456 457 458 459 460 461 462 463 464 465 466 467 468 469 470 471 472 473 474 475 476 477 478 479 480 481 482 483 484 485 486 487 488 489 490 491 492 493 494 495 496 497 498 499 500 501 502 503 504 505 506 507 508 509 510 511 512 513 514 515 516 517 518 519 520 521 522 523 524 525 526 527 528 529 530 531 532 533 534 535 536 537 538 539 540 541 542 543 544 545 546 547 548 549 550 551 552 553 554 555 556 557 558 559 560 561 562 563 564 565 566 567 568 569 570 571 572 573 574 575 576 577 578 579 580 581 582 583 584 585 586 587 588 589 590 591 592 593 594 595 596 597 598 599 600 601 602 603 604 605 606 |
# File 'proto_docs/google/cloud/workstations/v1/workstations.rb', line 279 class WorkstationConfig include ::Google::Protobuf::MessageExts extend ::Google::Protobuf::MessageExts::ClassMethods # Runtime host for a workstation. # @!attribute [rw] gce_instance # @return [::Google::Cloud::Workstations::V1::WorkstationConfig::Host::GceInstance] # Specifies a Compute Engine instance as the host. class Host include ::Google::Protobuf::MessageExts extend ::Google::Protobuf::MessageExts::ClassMethods # A runtime using a Compute Engine instance. # @!attribute [rw] machine_type # @return [::String] # Optional. The type of machine to use for VM instances—for example, # `"e2-standard-4"`. For more information about machine types that # Cloud Workstations supports, see the list of # [available machine # types](https://cloud.google.com/workstations/docs/available-machine-types). # @!attribute [rw] service_account # @return [::String] # Optional. The email address of the service account for Cloud # Workstations VMs created with this configuration. When specified, be # sure that the service account has `logginglogEntries.create` permission # on the project so it can write logs out to Cloud Logging. If using a # custom container image, the service account must have permissions to # pull the specified image. # # If you as the administrator want to be able to `ssh` into the # underlying VM, you need to set this value to a service account # for which you have the `iam.serviceAccounts.actAs` permission. # Conversely, if you don't want anyone to be able to `ssh` into the # underlying VM, use a service account where no one has that # permission. # # If not set, VMs run with a service account provided by the # Cloud Workstations service, and the image must be publicly # accessible. # @!attribute [rw] service_account_scopes # @return [::Array<::String>] # Optional. Scopes to grant to the # {::Google::Cloud::Workstations::V1::WorkstationConfig::Host::GceInstance#service_account service_account}. # Various scopes are automatically added based on feature usage. When # specified, users of workstations under this configuration must have # `iam.serviceAccounts.actAs` on the service account. # @!attribute [rw] tags # @return [::Array<::String>] # Optional. Network tags to add to the Compute Engine VMs backing the # workstations. This option applies # [network # tags](https://cloud.google.com/vpc/docs/add-remove-network-tags) to VMs # created with this configuration. These network tags enable the creation # of [firewall # rules](https://cloud.google.com/workstations/docs/configure-firewall-rules). # @!attribute [rw] pool_size # @return [::Integer] # Optional. The number of VMs that the system should keep idle so that # new workstations can be started quickly for new users. Defaults to `0` # in the API. # @!attribute [r] pooled_instances # @return [::Integer] # Output only. Number of instances currently available in the pool for # faster workstation startup. # @!attribute [rw] disable_public_ip_addresses # @return [::Boolean] # Optional. When set to true, disables public IP addresses for VMs. If # you disable public IP addresses, you must set up Private Google Access # or Cloud NAT on your network. If you use Private Google Access and you # use `private.googleapis.com` or `restricted.googleapis.com` for # Container Registry and Artifact Registry, make sure that you set # up DNS records for domains `*.gcr.io` and `*.pkg.dev`. # Defaults to false (VMs have public IP addresses). # @!attribute [rw] enable_nested_virtualization # @return [::Boolean] # Optional. Whether to enable nested virtualization on Cloud Workstations # VMs created under this workstation configuration. # # Nested virtualization lets you run virtual machine (VM) instances # inside your workstation. Before enabling nested virtualization, # consider the following important considerations. Cloud Workstations # instances are subject to the [same restrictions as Compute Engine # instances](https://cloud.google.com/compute/docs/instances/nested-virtualization/overview#restrictions): # # * **Organization policy**: projects, folders, or # organizations may be restricted from creating nested VMs if the # **Disable VM nested virtualization** constraint is enforced in # the organization policy. For more information, see the # Compute Engine section, # [Checking whether nested virtualization is # allowed](https://cloud.google.com/compute/docs/instances/nested-virtualization/managing-constraint#checking_whether_nested_virtualization_is_allowed). # * **Performance**: nested VMs might experience a 10% or greater # decrease in performance for workloads that are CPU-bound and # possibly greater than a 10% decrease for workloads that are # input/output bound. # * **Machine Type**: nested virtualization can only be enabled on # workstation configurations that specify a # {::Google::Cloud::Workstations::V1::WorkstationConfig::Host::GceInstance#machine_type machine_type} # in the N1 or N2 machine series. # * **GPUs**: nested virtualization may not be enabled on workstation # configurations with accelerators. # * **Operating System**: Because # [Container-Optimized # OS](https://cloud.google.com/compute/docs/images/os-details#container-optimized_os_cos) # does not support nested virtualization, when nested virtualization is # enabled, the underlying Compute Engine VM instances boot from an # [Ubuntu # LTS](https://cloud.google.com/compute/docs/images/os-details#ubuntu_lts) # image. # @!attribute [rw] shielded_instance_config # @return [::Google::Cloud::Workstations::V1::WorkstationConfig::Host::GceInstance::GceShieldedInstanceConfig] # Optional. A set of Compute Engine Shielded instance options. # @!attribute [rw] confidential_instance_config # @return [::Google::Cloud::Workstations::V1::WorkstationConfig::Host::GceInstance::GceConfidentialInstanceConfig] # Optional. A set of Compute Engine Confidential VM instance options. # @!attribute [rw] boot_disk_size_gb # @return [::Integer] # Optional. The size of the boot disk for the VM in gigabytes (GB). # The minimum boot disk size is `30` GB. Defaults to `50` GB. class GceInstance include ::Google::Protobuf::MessageExts extend ::Google::Protobuf::MessageExts::ClassMethods # A set of Compute Engine Shielded instance options. # @!attribute [rw] enable_secure_boot # @return [::Boolean] # Optional. Whether the instance has Secure Boot enabled. # @!attribute [rw] enable_vtpm # @return [::Boolean] # Optional. Whether the instance has the vTPM enabled. # @!attribute [rw] enable_integrity_monitoring # @return [::Boolean] # Optional. Whether the instance has integrity monitoring enabled. class GceShieldedInstanceConfig include ::Google::Protobuf::MessageExts extend ::Google::Protobuf::MessageExts::ClassMethods end # A set of Compute Engine Confidential VM instance options. # @!attribute [rw] enable_confidential_compute # @return [::Boolean] # Optional. Whether the instance has confidential compute enabled. class GceConfidentialInstanceConfig include ::Google::Protobuf::MessageExts extend ::Google::Protobuf::MessageExts::ClassMethods end end end # A directory to persist across workstation sessions. # @!attribute [rw] gce_pd # @return [::Google::Cloud::Workstations::V1::WorkstationConfig::PersistentDirectory::GceRegionalPersistentDisk] # A PersistentDirectory backed by a Compute Engine persistent disk. # @!attribute [rw] mount_path # @return [::String] # Optional. Location of this directory in the running workstation. class PersistentDirectory include ::Google::Protobuf::MessageExts extend ::Google::Protobuf::MessageExts::ClassMethods # A PersistentDirectory backed by a Compute Engine regional persistent # disk. The # {::Google::Cloud::Workstations::V1::WorkstationConfig#persistent_directories persistent_directories} # field is repeated, but it may contain only one entry. It creates a # [persistent # disk](https://cloud.google.com/compute/docs/disks/persistent-disks) that # mounts to the workstation VM at `/home` when the session starts and # detaches when the session ends. If this field is empty, workstations # created with this configuration do not have a persistent home # directory. # @!attribute [rw] size_gb # @return [::Integer] # Optional. The GB capacity of a persistent home directory for each # workstation created with this configuration. Must be empty if # {::Google::Cloud::Workstations::V1::WorkstationConfig::PersistentDirectory::GceRegionalPersistentDisk#source_snapshot source_snapshot} # is set. # # Valid values are `10`, `50`, `100`, `200`, `500`, or `1000`. # Defaults to `200`. If less than `200` GB, the # {::Google::Cloud::Workstations::V1::WorkstationConfig::PersistentDirectory::GceRegionalPersistentDisk#disk_type disk_type} # must be # `"pd-balanced"` or `"pd-ssd"`. # @!attribute [rw] fs_type # @return [::String] # Optional. Type of file system that the disk should be formatted with. # The workstation image must support this file system type. Must be empty # if # {::Google::Cloud::Workstations::V1::WorkstationConfig::PersistentDirectory::GceRegionalPersistentDisk#source_snapshot source_snapshot} # is set. Defaults to `"ext4"`. # @!attribute [rw] disk_type # @return [::String] # Optional. The [type of the persistent # disk](https://cloud.google.com/compute/docs/disks#disk-types) for the # home directory. Defaults to `"pd-standard"`. # @!attribute [rw] source_snapshot # @return [::String] # Optional. Name of the snapshot to use as the source for the disk. If # set, # {::Google::Cloud::Workstations::V1::WorkstationConfig::PersistentDirectory::GceRegionalPersistentDisk#size_gb size_gb} # and # {::Google::Cloud::Workstations::V1::WorkstationConfig::PersistentDirectory::GceRegionalPersistentDisk#fs_type fs_type} # must be empty. # @!attribute [rw] reclaim_policy # @return [::Google::Cloud::Workstations::V1::WorkstationConfig::PersistentDirectory::GceRegionalPersistentDisk::ReclaimPolicy] # Optional. Whether the persistent disk should be deleted when the # workstation is deleted. Valid values are `DELETE` and `RETAIN`. # Defaults to `DELETE`. class GceRegionalPersistentDisk include ::Google::Protobuf::MessageExts extend ::Google::Protobuf::MessageExts::ClassMethods # Value representing what should happen to the disk after the workstation # is deleted. module ReclaimPolicy # Do not use. RECLAIM_POLICY_UNSPECIFIED = 0 # Delete the persistent disk when deleting the workstation. DELETE = 1 # Keep the persistent disk when deleting the workstation. # An administrator must manually delete the disk. RETAIN = 2 end end end # A Docker container. # @!attribute [rw] image # @return [::String] # Optional. A Docker container image that defines a custom environment. # # Cloud Workstations provides a number of # [preconfigured # images](https://cloud.google.com/workstations/docs/preconfigured-base-images), # but you can create your own # [custom container # images](https://cloud.google.com/workstations/docs/custom-container-images). # If using a private image, the `host.gceInstance.serviceAccount` field # must be specified in the workstation configuration and must have # permission to pull the specified image. Otherwise, the image must be # publicly accessible. # @!attribute [rw] command # @return [::Array<::String>] # Optional. If set, overrides the default ENTRYPOINT specified by the # image. # @!attribute [rw] args # @return [::Array<::String>] # Optional. Arguments passed to the entrypoint. # @!attribute [rw] env # @return [::Google::Protobuf::Map{::String => ::String}] # Optional. Environment variables passed to the container's entrypoint. # @!attribute [rw] working_dir # @return [::String] # Optional. If set, overrides the default DIR specified by the image. # @!attribute [rw] run_as_user # @return [::Integer] # Optional. If set, overrides the USER specified in the image with the # given uid. class Container include ::Google::Protobuf::MessageExts extend ::Google::Protobuf::MessageExts::ClassMethods # @!attribute [rw] key # @return [::String] # @!attribute [rw] value # @return [::String] class EnvEntry include ::Google::Protobuf::MessageExts extend ::Google::Protobuf::MessageExts::ClassMethods end end # A customer-managed encryption key (CMEK) for the Compute Engine # resources of the associated workstation configuration. Specify the name of # your Cloud KMS encryption key and the default service account. # We recommend that you use a separate service account and follow # [Cloud KMS best # practices](https://cloud.google.com/kms/docs/separation-of-duties). # @!attribute [rw] kms_key # @return [::String] # Immutable. The name of the Google Cloud KMS encryption key. For example, # `"projects/PROJECT_ID/locations/REGION/keyRings/KEY_RING/cryptoKeys/KEY_NAME"`. # The key must be in the same region as the workstation configuration. # @!attribute [rw] kms_key_service_account # @return [::String] # Immutable. The service account to use with the specified # KMS key. We recommend that you use a separate service account # and follow KMS best practices. For more information, see # [Separation of # duties](https://cloud.google.com/kms/docs/separation-of-duties) and # `gcloud kms keys add-iam-policy-binding` # [`--member`](https://cloud.google.com/sdk/gcloud/reference/kms/keys/add-iam-policy-binding#--member). class CustomerEncryptionKey include ::Google::Protobuf::MessageExts extend ::Google::Protobuf::MessageExts::ClassMethods end # A readiness check to be performed on a workstation. # @!attribute [rw] path # @return [::String] # Optional. Path to which the request should be sent. # @!attribute [rw] port # @return [::Integer] # Optional. Port to which the request should be sent. class ReadinessCheck include ::Google::Protobuf::MessageExts extend ::Google::Protobuf::MessageExts::ClassMethods end # @!attribute [rw] key # @return [::String] # @!attribute [rw] value # @return [::String] class AnnotationsEntry include ::Google::Protobuf::MessageExts extend ::Google::Protobuf::MessageExts::ClassMethods end # @!attribute [rw] key # @return [::String] # @!attribute [rw] value # @return [::String] class LabelsEntry include ::Google::Protobuf::MessageExts extend ::Google::Protobuf::MessageExts::ClassMethods end end |
#name ⇒ ::String
Returns Full name of this workstation configuration.
279 280 281 282 283 284 285 286 287 288 289 290 291 292 293 294 295 296 297 298 299 300 301 302 303 304 305 306 307 308 309 310 311 312 313 314 315 316 317 318 319 320 321 322 323 324 325 326 327 328 329 330 331 332 333 334 335 336 337 338 339 340 341 342 343 344 345 346 347 348 349 350 351 352 353 354 355 356 357 358 359 360 361 362 363 364 365 366 367 368 369 370 371 372 373 374 375 376 377 378 379 380 381 382 383 384 385 386 387 388 389 390 391 392 393 394 395 396 397 398 399 400 401 402 403 404 405 406 407 408 409 410 411 412 413 414 415 416 417 418 419 420 421 422 423 424 425 426 427 428 429 430 431 432 433 434 435 436 437 438 439 440 441 442 443 444 445 446 447 448 449 450 451 452 453 454 455 456 457 458 459 460 461 462 463 464 465 466 467 468 469 470 471 472 473 474 475 476 477 478 479 480 481 482 483 484 485 486 487 488 489 490 491 492 493 494 495 496 497 498 499 500 501 502 503 504 505 506 507 508 509 510 511 512 513 514 515 516 517 518 519 520 521 522 523 524 525 526 527 528 529 530 531 532 533 534 535 536 537 538 539 540 541 542 543 544 545 546 547 548 549 550 551 552 553 554 555 556 557 558 559 560 561 562 563 564 565 566 567 568 569 570 571 572 573 574 575 576 577 578 579 580 581 582 583 584 585 586 587 588 589 590 591 592 593 594 595 596 597 598 599 600 601 602 603 604 605 606 |
# File 'proto_docs/google/cloud/workstations/v1/workstations.rb', line 279 class WorkstationConfig include ::Google::Protobuf::MessageExts extend ::Google::Protobuf::MessageExts::ClassMethods # Runtime host for a workstation. # @!attribute [rw] gce_instance # @return [::Google::Cloud::Workstations::V1::WorkstationConfig::Host::GceInstance] # Specifies a Compute Engine instance as the host. class Host include ::Google::Protobuf::MessageExts extend ::Google::Protobuf::MessageExts::ClassMethods # A runtime using a Compute Engine instance. # @!attribute [rw] machine_type # @return [::String] # Optional. The type of machine to use for VM instances—for example, # `"e2-standard-4"`. For more information about machine types that # Cloud Workstations supports, see the list of # [available machine # types](https://cloud.google.com/workstations/docs/available-machine-types). # @!attribute [rw] service_account # @return [::String] # Optional. The email address of the service account for Cloud # Workstations VMs created with this configuration. When specified, be # sure that the service account has `logginglogEntries.create` permission # on the project so it can write logs out to Cloud Logging. If using a # custom container image, the service account must have permissions to # pull the specified image. # # If you as the administrator want to be able to `ssh` into the # underlying VM, you need to set this value to a service account # for which you have the `iam.serviceAccounts.actAs` permission. # Conversely, if you don't want anyone to be able to `ssh` into the # underlying VM, use a service account where no one has that # permission. # # If not set, VMs run with a service account provided by the # Cloud Workstations service, and the image must be publicly # accessible. # @!attribute [rw] service_account_scopes # @return [::Array<::String>] # Optional. Scopes to grant to the # {::Google::Cloud::Workstations::V1::WorkstationConfig::Host::GceInstance#service_account service_account}. # Various scopes are automatically added based on feature usage. When # specified, users of workstations under this configuration must have # `iam.serviceAccounts.actAs` on the service account. # @!attribute [rw] tags # @return [::Array<::String>] # Optional. Network tags to add to the Compute Engine VMs backing the # workstations. This option applies # [network # tags](https://cloud.google.com/vpc/docs/add-remove-network-tags) to VMs # created with this configuration. These network tags enable the creation # of [firewall # rules](https://cloud.google.com/workstations/docs/configure-firewall-rules). # @!attribute [rw] pool_size # @return [::Integer] # Optional. The number of VMs that the system should keep idle so that # new workstations can be started quickly for new users. Defaults to `0` # in the API. # @!attribute [r] pooled_instances # @return [::Integer] # Output only. Number of instances currently available in the pool for # faster workstation startup. # @!attribute [rw] disable_public_ip_addresses # @return [::Boolean] # Optional. When set to true, disables public IP addresses for VMs. If # you disable public IP addresses, you must set up Private Google Access # or Cloud NAT on your network. If you use Private Google Access and you # use `private.googleapis.com` or `restricted.googleapis.com` for # Container Registry and Artifact Registry, make sure that you set # up DNS records for domains `*.gcr.io` and `*.pkg.dev`. # Defaults to false (VMs have public IP addresses). # @!attribute [rw] enable_nested_virtualization # @return [::Boolean] # Optional. Whether to enable nested virtualization on Cloud Workstations # VMs created under this workstation configuration. # # Nested virtualization lets you run virtual machine (VM) instances # inside your workstation. Before enabling nested virtualization, # consider the following important considerations. Cloud Workstations # instances are subject to the [same restrictions as Compute Engine # instances](https://cloud.google.com/compute/docs/instances/nested-virtualization/overview#restrictions): # # * **Organization policy**: projects, folders, or # organizations may be restricted from creating nested VMs if the # **Disable VM nested virtualization** constraint is enforced in # the organization policy. For more information, see the # Compute Engine section, # [Checking whether nested virtualization is # allowed](https://cloud.google.com/compute/docs/instances/nested-virtualization/managing-constraint#checking_whether_nested_virtualization_is_allowed). # * **Performance**: nested VMs might experience a 10% or greater # decrease in performance for workloads that are CPU-bound and # possibly greater than a 10% decrease for workloads that are # input/output bound. # * **Machine Type**: nested virtualization can only be enabled on # workstation configurations that specify a # {::Google::Cloud::Workstations::V1::WorkstationConfig::Host::GceInstance#machine_type machine_type} # in the N1 or N2 machine series. # * **GPUs**: nested virtualization may not be enabled on workstation # configurations with accelerators. # * **Operating System**: Because # [Container-Optimized # OS](https://cloud.google.com/compute/docs/images/os-details#container-optimized_os_cos) # does not support nested virtualization, when nested virtualization is # enabled, the underlying Compute Engine VM instances boot from an # [Ubuntu # LTS](https://cloud.google.com/compute/docs/images/os-details#ubuntu_lts) # image. # @!attribute [rw] shielded_instance_config # @return [::Google::Cloud::Workstations::V1::WorkstationConfig::Host::GceInstance::GceShieldedInstanceConfig] # Optional. A set of Compute Engine Shielded instance options. # @!attribute [rw] confidential_instance_config # @return [::Google::Cloud::Workstations::V1::WorkstationConfig::Host::GceInstance::GceConfidentialInstanceConfig] # Optional. A set of Compute Engine Confidential VM instance options. # @!attribute [rw] boot_disk_size_gb # @return [::Integer] # Optional. The size of the boot disk for the VM in gigabytes (GB). # The minimum boot disk size is `30` GB. Defaults to `50` GB. class GceInstance include ::Google::Protobuf::MessageExts extend ::Google::Protobuf::MessageExts::ClassMethods # A set of Compute Engine Shielded instance options. # @!attribute [rw] enable_secure_boot # @return [::Boolean] # Optional. Whether the instance has Secure Boot enabled. # @!attribute [rw] enable_vtpm # @return [::Boolean] # Optional. Whether the instance has the vTPM enabled. # @!attribute [rw] enable_integrity_monitoring # @return [::Boolean] # Optional. Whether the instance has integrity monitoring enabled. class GceShieldedInstanceConfig include ::Google::Protobuf::MessageExts extend ::Google::Protobuf::MessageExts::ClassMethods end # A set of Compute Engine Confidential VM instance options. # @!attribute [rw] enable_confidential_compute # @return [::Boolean] # Optional. Whether the instance has confidential compute enabled. class GceConfidentialInstanceConfig include ::Google::Protobuf::MessageExts extend ::Google::Protobuf::MessageExts::ClassMethods end end end # A directory to persist across workstation sessions. # @!attribute [rw] gce_pd # @return [::Google::Cloud::Workstations::V1::WorkstationConfig::PersistentDirectory::GceRegionalPersistentDisk] # A PersistentDirectory backed by a Compute Engine persistent disk. # @!attribute [rw] mount_path # @return [::String] # Optional. Location of this directory in the running workstation. class PersistentDirectory include ::Google::Protobuf::MessageExts extend ::Google::Protobuf::MessageExts::ClassMethods # A PersistentDirectory backed by a Compute Engine regional persistent # disk. The # {::Google::Cloud::Workstations::V1::WorkstationConfig#persistent_directories persistent_directories} # field is repeated, but it may contain only one entry. It creates a # [persistent # disk](https://cloud.google.com/compute/docs/disks/persistent-disks) that # mounts to the workstation VM at `/home` when the session starts and # detaches when the session ends. If this field is empty, workstations # created with this configuration do not have a persistent home # directory. # @!attribute [rw] size_gb # @return [::Integer] # Optional. The GB capacity of a persistent home directory for each # workstation created with this configuration. Must be empty if # {::Google::Cloud::Workstations::V1::WorkstationConfig::PersistentDirectory::GceRegionalPersistentDisk#source_snapshot source_snapshot} # is set. # # Valid values are `10`, `50`, `100`, `200`, `500`, or `1000`. # Defaults to `200`. If less than `200` GB, the # {::Google::Cloud::Workstations::V1::WorkstationConfig::PersistentDirectory::GceRegionalPersistentDisk#disk_type disk_type} # must be # `"pd-balanced"` or `"pd-ssd"`. # @!attribute [rw] fs_type # @return [::String] # Optional. Type of file system that the disk should be formatted with. # The workstation image must support this file system type. Must be empty # if # {::Google::Cloud::Workstations::V1::WorkstationConfig::PersistentDirectory::GceRegionalPersistentDisk#source_snapshot source_snapshot} # is set. Defaults to `"ext4"`. # @!attribute [rw] disk_type # @return [::String] # Optional. The [type of the persistent # disk](https://cloud.google.com/compute/docs/disks#disk-types) for the # home directory. Defaults to `"pd-standard"`. # @!attribute [rw] source_snapshot # @return [::String] # Optional. Name of the snapshot to use as the source for the disk. If # set, # {::Google::Cloud::Workstations::V1::WorkstationConfig::PersistentDirectory::GceRegionalPersistentDisk#size_gb size_gb} # and # {::Google::Cloud::Workstations::V1::WorkstationConfig::PersistentDirectory::GceRegionalPersistentDisk#fs_type fs_type} # must be empty. # @!attribute [rw] reclaim_policy # @return [::Google::Cloud::Workstations::V1::WorkstationConfig::PersistentDirectory::GceRegionalPersistentDisk::ReclaimPolicy] # Optional. Whether the persistent disk should be deleted when the # workstation is deleted. Valid values are `DELETE` and `RETAIN`. # Defaults to `DELETE`. class GceRegionalPersistentDisk include ::Google::Protobuf::MessageExts extend ::Google::Protobuf::MessageExts::ClassMethods # Value representing what should happen to the disk after the workstation # is deleted. module ReclaimPolicy # Do not use. RECLAIM_POLICY_UNSPECIFIED = 0 # Delete the persistent disk when deleting the workstation. DELETE = 1 # Keep the persistent disk when deleting the workstation. # An administrator must manually delete the disk. RETAIN = 2 end end end # A Docker container. # @!attribute [rw] image # @return [::String] # Optional. A Docker container image that defines a custom environment. # # Cloud Workstations provides a number of # [preconfigured # images](https://cloud.google.com/workstations/docs/preconfigured-base-images), # but you can create your own # [custom container # images](https://cloud.google.com/workstations/docs/custom-container-images). # If using a private image, the `host.gceInstance.serviceAccount` field # must be specified in the workstation configuration and must have # permission to pull the specified image. Otherwise, the image must be # publicly accessible. # @!attribute [rw] command # @return [::Array<::String>] # Optional. If set, overrides the default ENTRYPOINT specified by the # image. # @!attribute [rw] args # @return [::Array<::String>] # Optional. Arguments passed to the entrypoint. # @!attribute [rw] env # @return [::Google::Protobuf::Map{::String => ::String}] # Optional. Environment variables passed to the container's entrypoint. # @!attribute [rw] working_dir # @return [::String] # Optional. If set, overrides the default DIR specified by the image. # @!attribute [rw] run_as_user # @return [::Integer] # Optional. If set, overrides the USER specified in the image with the # given uid. class Container include ::Google::Protobuf::MessageExts extend ::Google::Protobuf::MessageExts::ClassMethods # @!attribute [rw] key # @return [::String] # @!attribute [rw] value # @return [::String] class EnvEntry include ::Google::Protobuf::MessageExts extend ::Google::Protobuf::MessageExts::ClassMethods end end # A customer-managed encryption key (CMEK) for the Compute Engine # resources of the associated workstation configuration. Specify the name of # your Cloud KMS encryption key and the default service account. # We recommend that you use a separate service account and follow # [Cloud KMS best # practices](https://cloud.google.com/kms/docs/separation-of-duties). # @!attribute [rw] kms_key # @return [::String] # Immutable. The name of the Google Cloud KMS encryption key. For example, # `"projects/PROJECT_ID/locations/REGION/keyRings/KEY_RING/cryptoKeys/KEY_NAME"`. # The key must be in the same region as the workstation configuration. # @!attribute [rw] kms_key_service_account # @return [::String] # Immutable. The service account to use with the specified # KMS key. We recommend that you use a separate service account # and follow KMS best practices. For more information, see # [Separation of # duties](https://cloud.google.com/kms/docs/separation-of-duties) and # `gcloud kms keys add-iam-policy-binding` # [`--member`](https://cloud.google.com/sdk/gcloud/reference/kms/keys/add-iam-policy-binding#--member). class CustomerEncryptionKey include ::Google::Protobuf::MessageExts extend ::Google::Protobuf::MessageExts::ClassMethods end # A readiness check to be performed on a workstation. # @!attribute [rw] path # @return [::String] # Optional. Path to which the request should be sent. # @!attribute [rw] port # @return [::Integer] # Optional. Port to which the request should be sent. class ReadinessCheck include ::Google::Protobuf::MessageExts extend ::Google::Protobuf::MessageExts::ClassMethods end # @!attribute [rw] key # @return [::String] # @!attribute [rw] value # @return [::String] class AnnotationsEntry include ::Google::Protobuf::MessageExts extend ::Google::Protobuf::MessageExts::ClassMethods end # @!attribute [rw] key # @return [::String] # @!attribute [rw] value # @return [::String] class LabelsEntry include ::Google::Protobuf::MessageExts extend ::Google::Protobuf::MessageExts::ClassMethods end end |
#persistent_directories ⇒ ::Array<::Google::Cloud::Workstations::V1::WorkstationConfig::PersistentDirectory>
Returns Optional. Directories to persist across workstation sessions.
279 280 281 282 283 284 285 286 287 288 289 290 291 292 293 294 295 296 297 298 299 300 301 302 303 304 305 306 307 308 309 310 311 312 313 314 315 316 317 318 319 320 321 322 323 324 325 326 327 328 329 330 331 332 333 334 335 336 337 338 339 340 341 342 343 344 345 346 347 348 349 350 351 352 353 354 355 356 357 358 359 360 361 362 363 364 365 366 367 368 369 370 371 372 373 374 375 376 377 378 379 380 381 382 383 384 385 386 387 388 389 390 391 392 393 394 395 396 397 398 399 400 401 402 403 404 405 406 407 408 409 410 411 412 413 414 415 416 417 418 419 420 421 422 423 424 425 426 427 428 429 430 431 432 433 434 435 436 437 438 439 440 441 442 443 444 445 446 447 448 449 450 451 452 453 454 455 456 457 458 459 460 461 462 463 464 465 466 467 468 469 470 471 472 473 474 475 476 477 478 479 480 481 482 483 484 485 486 487 488 489 490 491 492 493 494 495 496 497 498 499 500 501 502 503 504 505 506 507 508 509 510 511 512 513 514 515 516 517 518 519 520 521 522 523 524 525 526 527 528 529 530 531 532 533 534 535 536 537 538 539 540 541 542 543 544 545 546 547 548 549 550 551 552 553 554 555 556 557 558 559 560 561 562 563 564 565 566 567 568 569 570 571 572 573 574 575 576 577 578 579 580 581 582 583 584 585 586 587 588 589 590 591 592 593 594 595 596 597 598 599 600 601 602 603 604 605 606 |
# File 'proto_docs/google/cloud/workstations/v1/workstations.rb', line 279 class WorkstationConfig include ::Google::Protobuf::MessageExts extend ::Google::Protobuf::MessageExts::ClassMethods # Runtime host for a workstation. # @!attribute [rw] gce_instance # @return [::Google::Cloud::Workstations::V1::WorkstationConfig::Host::GceInstance] # Specifies a Compute Engine instance as the host. class Host include ::Google::Protobuf::MessageExts extend ::Google::Protobuf::MessageExts::ClassMethods # A runtime using a Compute Engine instance. # @!attribute [rw] machine_type # @return [::String] # Optional. The type of machine to use for VM instances—for example, # `"e2-standard-4"`. For more information about machine types that # Cloud Workstations supports, see the list of # [available machine # types](https://cloud.google.com/workstations/docs/available-machine-types). # @!attribute [rw] service_account # @return [::String] # Optional. The email address of the service account for Cloud # Workstations VMs created with this configuration. When specified, be # sure that the service account has `logginglogEntries.create` permission # on the project so it can write logs out to Cloud Logging. If using a # custom container image, the service account must have permissions to # pull the specified image. # # If you as the administrator want to be able to `ssh` into the # underlying VM, you need to set this value to a service account # for which you have the `iam.serviceAccounts.actAs` permission. # Conversely, if you don't want anyone to be able to `ssh` into the # underlying VM, use a service account where no one has that # permission. # # If not set, VMs run with a service account provided by the # Cloud Workstations service, and the image must be publicly # accessible. # @!attribute [rw] service_account_scopes # @return [::Array<::String>] # Optional. Scopes to grant to the # {::Google::Cloud::Workstations::V1::WorkstationConfig::Host::GceInstance#service_account service_account}. # Various scopes are automatically added based on feature usage. When # specified, users of workstations under this configuration must have # `iam.serviceAccounts.actAs` on the service account. # @!attribute [rw] tags # @return [::Array<::String>] # Optional. Network tags to add to the Compute Engine VMs backing the # workstations. This option applies # [network # tags](https://cloud.google.com/vpc/docs/add-remove-network-tags) to VMs # created with this configuration. These network tags enable the creation # of [firewall # rules](https://cloud.google.com/workstations/docs/configure-firewall-rules). # @!attribute [rw] pool_size # @return [::Integer] # Optional. The number of VMs that the system should keep idle so that # new workstations can be started quickly for new users. Defaults to `0` # in the API. # @!attribute [r] pooled_instances # @return [::Integer] # Output only. Number of instances currently available in the pool for # faster workstation startup. # @!attribute [rw] disable_public_ip_addresses # @return [::Boolean] # Optional. When set to true, disables public IP addresses for VMs. If # you disable public IP addresses, you must set up Private Google Access # or Cloud NAT on your network. If you use Private Google Access and you # use `private.googleapis.com` or `restricted.googleapis.com` for # Container Registry and Artifact Registry, make sure that you set # up DNS records for domains `*.gcr.io` and `*.pkg.dev`. # Defaults to false (VMs have public IP addresses). # @!attribute [rw] enable_nested_virtualization # @return [::Boolean] # Optional. Whether to enable nested virtualization on Cloud Workstations # VMs created under this workstation configuration. # # Nested virtualization lets you run virtual machine (VM) instances # inside your workstation. Before enabling nested virtualization, # consider the following important considerations. Cloud Workstations # instances are subject to the [same restrictions as Compute Engine # instances](https://cloud.google.com/compute/docs/instances/nested-virtualization/overview#restrictions): # # * **Organization policy**: projects, folders, or # organizations may be restricted from creating nested VMs if the # **Disable VM nested virtualization** constraint is enforced in # the organization policy. For more information, see the # Compute Engine section, # [Checking whether nested virtualization is # allowed](https://cloud.google.com/compute/docs/instances/nested-virtualization/managing-constraint#checking_whether_nested_virtualization_is_allowed). # * **Performance**: nested VMs might experience a 10% or greater # decrease in performance for workloads that are CPU-bound and # possibly greater than a 10% decrease for workloads that are # input/output bound. # * **Machine Type**: nested virtualization can only be enabled on # workstation configurations that specify a # {::Google::Cloud::Workstations::V1::WorkstationConfig::Host::GceInstance#machine_type machine_type} # in the N1 or N2 machine series. # * **GPUs**: nested virtualization may not be enabled on workstation # configurations with accelerators. # * **Operating System**: Because # [Container-Optimized # OS](https://cloud.google.com/compute/docs/images/os-details#container-optimized_os_cos) # does not support nested virtualization, when nested virtualization is # enabled, the underlying Compute Engine VM instances boot from an # [Ubuntu # LTS](https://cloud.google.com/compute/docs/images/os-details#ubuntu_lts) # image. # @!attribute [rw] shielded_instance_config # @return [::Google::Cloud::Workstations::V1::WorkstationConfig::Host::GceInstance::GceShieldedInstanceConfig] # Optional. A set of Compute Engine Shielded instance options. # @!attribute [rw] confidential_instance_config # @return [::Google::Cloud::Workstations::V1::WorkstationConfig::Host::GceInstance::GceConfidentialInstanceConfig] # Optional. A set of Compute Engine Confidential VM instance options. # @!attribute [rw] boot_disk_size_gb # @return [::Integer] # Optional. The size of the boot disk for the VM in gigabytes (GB). # The minimum boot disk size is `30` GB. Defaults to `50` GB. class GceInstance include ::Google::Protobuf::MessageExts extend ::Google::Protobuf::MessageExts::ClassMethods # A set of Compute Engine Shielded instance options. # @!attribute [rw] enable_secure_boot # @return [::Boolean] # Optional. Whether the instance has Secure Boot enabled. # @!attribute [rw] enable_vtpm # @return [::Boolean] # Optional. Whether the instance has the vTPM enabled. # @!attribute [rw] enable_integrity_monitoring # @return [::Boolean] # Optional. Whether the instance has integrity monitoring enabled. class GceShieldedInstanceConfig include ::Google::Protobuf::MessageExts extend ::Google::Protobuf::MessageExts::ClassMethods end # A set of Compute Engine Confidential VM instance options. # @!attribute [rw] enable_confidential_compute # @return [::Boolean] # Optional. Whether the instance has confidential compute enabled. class GceConfidentialInstanceConfig include ::Google::Protobuf::MessageExts extend ::Google::Protobuf::MessageExts::ClassMethods end end end # A directory to persist across workstation sessions. # @!attribute [rw] gce_pd # @return [::Google::Cloud::Workstations::V1::WorkstationConfig::PersistentDirectory::GceRegionalPersistentDisk] # A PersistentDirectory backed by a Compute Engine persistent disk. # @!attribute [rw] mount_path # @return [::String] # Optional. Location of this directory in the running workstation. class PersistentDirectory include ::Google::Protobuf::MessageExts extend ::Google::Protobuf::MessageExts::ClassMethods # A PersistentDirectory backed by a Compute Engine regional persistent # disk. The # {::Google::Cloud::Workstations::V1::WorkstationConfig#persistent_directories persistent_directories} # field is repeated, but it may contain only one entry. It creates a # [persistent # disk](https://cloud.google.com/compute/docs/disks/persistent-disks) that # mounts to the workstation VM at `/home` when the session starts and # detaches when the session ends. If this field is empty, workstations # created with this configuration do not have a persistent home # directory. # @!attribute [rw] size_gb # @return [::Integer] # Optional. The GB capacity of a persistent home directory for each # workstation created with this configuration. Must be empty if # {::Google::Cloud::Workstations::V1::WorkstationConfig::PersistentDirectory::GceRegionalPersistentDisk#source_snapshot source_snapshot} # is set. # # Valid values are `10`, `50`, `100`, `200`, `500`, or `1000`. # Defaults to `200`. If less than `200` GB, the # {::Google::Cloud::Workstations::V1::WorkstationConfig::PersistentDirectory::GceRegionalPersistentDisk#disk_type disk_type} # must be # `"pd-balanced"` or `"pd-ssd"`. # @!attribute [rw] fs_type # @return [::String] # Optional. Type of file system that the disk should be formatted with. # The workstation image must support this file system type. Must be empty # if # {::Google::Cloud::Workstations::V1::WorkstationConfig::PersistentDirectory::GceRegionalPersistentDisk#source_snapshot source_snapshot} # is set. Defaults to `"ext4"`. # @!attribute [rw] disk_type # @return [::String] # Optional. The [type of the persistent # disk](https://cloud.google.com/compute/docs/disks#disk-types) for the # home directory. Defaults to `"pd-standard"`. # @!attribute [rw] source_snapshot # @return [::String] # Optional. Name of the snapshot to use as the source for the disk. If # set, # {::Google::Cloud::Workstations::V1::WorkstationConfig::PersistentDirectory::GceRegionalPersistentDisk#size_gb size_gb} # and # {::Google::Cloud::Workstations::V1::WorkstationConfig::PersistentDirectory::GceRegionalPersistentDisk#fs_type fs_type} # must be empty. # @!attribute [rw] reclaim_policy # @return [::Google::Cloud::Workstations::V1::WorkstationConfig::PersistentDirectory::GceRegionalPersistentDisk::ReclaimPolicy] # Optional. Whether the persistent disk should be deleted when the # workstation is deleted. Valid values are `DELETE` and `RETAIN`. # Defaults to `DELETE`. class GceRegionalPersistentDisk include ::Google::Protobuf::MessageExts extend ::Google::Protobuf::MessageExts::ClassMethods # Value representing what should happen to the disk after the workstation # is deleted. module ReclaimPolicy # Do not use. RECLAIM_POLICY_UNSPECIFIED = 0 # Delete the persistent disk when deleting the workstation. DELETE = 1 # Keep the persistent disk when deleting the workstation. # An administrator must manually delete the disk. RETAIN = 2 end end end # A Docker container. # @!attribute [rw] image # @return [::String] # Optional. A Docker container image that defines a custom environment. # # Cloud Workstations provides a number of # [preconfigured # images](https://cloud.google.com/workstations/docs/preconfigured-base-images), # but you can create your own # [custom container # images](https://cloud.google.com/workstations/docs/custom-container-images). # If using a private image, the `host.gceInstance.serviceAccount` field # must be specified in the workstation configuration and must have # permission to pull the specified image. Otherwise, the image must be # publicly accessible. # @!attribute [rw] command # @return [::Array<::String>] # Optional. If set, overrides the default ENTRYPOINT specified by the # image. # @!attribute [rw] args # @return [::Array<::String>] # Optional. Arguments passed to the entrypoint. # @!attribute [rw] env # @return [::Google::Protobuf::Map{::String => ::String}] # Optional. Environment variables passed to the container's entrypoint. # @!attribute [rw] working_dir # @return [::String] # Optional. If set, overrides the default DIR specified by the image. # @!attribute [rw] run_as_user # @return [::Integer] # Optional. If set, overrides the USER specified in the image with the # given uid. class Container include ::Google::Protobuf::MessageExts extend ::Google::Protobuf::MessageExts::ClassMethods # @!attribute [rw] key # @return [::String] # @!attribute [rw] value # @return [::String] class EnvEntry include ::Google::Protobuf::MessageExts extend ::Google::Protobuf::MessageExts::ClassMethods end end # A customer-managed encryption key (CMEK) for the Compute Engine # resources of the associated workstation configuration. Specify the name of # your Cloud KMS encryption key and the default service account. # We recommend that you use a separate service account and follow # [Cloud KMS best # practices](https://cloud.google.com/kms/docs/separation-of-duties). # @!attribute [rw] kms_key # @return [::String] # Immutable. The name of the Google Cloud KMS encryption key. For example, # `"projects/PROJECT_ID/locations/REGION/keyRings/KEY_RING/cryptoKeys/KEY_NAME"`. # The key must be in the same region as the workstation configuration. # @!attribute [rw] kms_key_service_account # @return [::String] # Immutable. The service account to use with the specified # KMS key. We recommend that you use a separate service account # and follow KMS best practices. For more information, see # [Separation of # duties](https://cloud.google.com/kms/docs/separation-of-duties) and # `gcloud kms keys add-iam-policy-binding` # [`--member`](https://cloud.google.com/sdk/gcloud/reference/kms/keys/add-iam-policy-binding#--member). class CustomerEncryptionKey include ::Google::Protobuf::MessageExts extend ::Google::Protobuf::MessageExts::ClassMethods end # A readiness check to be performed on a workstation. # @!attribute [rw] path # @return [::String] # Optional. Path to which the request should be sent. # @!attribute [rw] port # @return [::Integer] # Optional. Port to which the request should be sent. class ReadinessCheck include ::Google::Protobuf::MessageExts extend ::Google::Protobuf::MessageExts::ClassMethods end # @!attribute [rw] key # @return [::String] # @!attribute [rw] value # @return [::String] class AnnotationsEntry include ::Google::Protobuf::MessageExts extend ::Google::Protobuf::MessageExts::ClassMethods end # @!attribute [rw] key # @return [::String] # @!attribute [rw] value # @return [::String] class LabelsEntry include ::Google::Protobuf::MessageExts extend ::Google::Protobuf::MessageExts::ClassMethods end end |
#readiness_checks ⇒ ::Array<::Google::Cloud::Workstations::V1::WorkstationConfig::ReadinessCheck>
Returns Optional. Readiness checks to perform when starting a workstation using this workstation configuration. Mark a workstation as running only after all specified readiness checks return 200 status codes.
279 280 281 282 283 284 285 286 287 288 289 290 291 292 293 294 295 296 297 298 299 300 301 302 303 304 305 306 307 308 309 310 311 312 313 314 315 316 317 318 319 320 321 322 323 324 325 326 327 328 329 330 331 332 333 334 335 336 337 338 339 340 341 342 343 344 345 346 347 348 349 350 351 352 353 354 355 356 357 358 359 360 361 362 363 364 365 366 367 368 369 370 371 372 373 374 375 376 377 378 379 380 381 382 383 384 385 386 387 388 389 390 391 392 393 394 395 396 397 398 399 400 401 402 403 404 405 406 407 408 409 410 411 412 413 414 415 416 417 418 419 420 421 422 423 424 425 426 427 428 429 430 431 432 433 434 435 436 437 438 439 440 441 442 443 444 445 446 447 448 449 450 451 452 453 454 455 456 457 458 459 460 461 462 463 464 465 466 467 468 469 470 471 472 473 474 475 476 477 478 479 480 481 482 483 484 485 486 487 488 489 490 491 492 493 494 495 496 497 498 499 500 501 502 503 504 505 506 507 508 509 510 511 512 513 514 515 516 517 518 519 520 521 522 523 524 525 526 527 528 529 530 531 532 533 534 535 536 537 538 539 540 541 542 543 544 545 546 547 548 549 550 551 552 553 554 555 556 557 558 559 560 561 562 563 564 565 566 567 568 569 570 571 572 573 574 575 576 577 578 579 580 581 582 583 584 585 586 587 588 589 590 591 592 593 594 595 596 597 598 599 600 601 602 603 604 605 606 |
# File 'proto_docs/google/cloud/workstations/v1/workstations.rb', line 279 class WorkstationConfig include ::Google::Protobuf::MessageExts extend ::Google::Protobuf::MessageExts::ClassMethods # Runtime host for a workstation. # @!attribute [rw] gce_instance # @return [::Google::Cloud::Workstations::V1::WorkstationConfig::Host::GceInstance] # Specifies a Compute Engine instance as the host. class Host include ::Google::Protobuf::MessageExts extend ::Google::Protobuf::MessageExts::ClassMethods # A runtime using a Compute Engine instance. # @!attribute [rw] machine_type # @return [::String] # Optional. The type of machine to use for VM instances—for example, # `"e2-standard-4"`. For more information about machine types that # Cloud Workstations supports, see the list of # [available machine # types](https://cloud.google.com/workstations/docs/available-machine-types). # @!attribute [rw] service_account # @return [::String] # Optional. The email address of the service account for Cloud # Workstations VMs created with this configuration. When specified, be # sure that the service account has `logginglogEntries.create` permission # on the project so it can write logs out to Cloud Logging. If using a # custom container image, the service account must have permissions to # pull the specified image. # # If you as the administrator want to be able to `ssh` into the # underlying VM, you need to set this value to a service account # for which you have the `iam.serviceAccounts.actAs` permission. # Conversely, if you don't want anyone to be able to `ssh` into the # underlying VM, use a service account where no one has that # permission. # # If not set, VMs run with a service account provided by the # Cloud Workstations service, and the image must be publicly # accessible. # @!attribute [rw] service_account_scopes # @return [::Array<::String>] # Optional. Scopes to grant to the # {::Google::Cloud::Workstations::V1::WorkstationConfig::Host::GceInstance#service_account service_account}. # Various scopes are automatically added based on feature usage. When # specified, users of workstations under this configuration must have # `iam.serviceAccounts.actAs` on the service account. # @!attribute [rw] tags # @return [::Array<::String>] # Optional. Network tags to add to the Compute Engine VMs backing the # workstations. This option applies # [network # tags](https://cloud.google.com/vpc/docs/add-remove-network-tags) to VMs # created with this configuration. These network tags enable the creation # of [firewall # rules](https://cloud.google.com/workstations/docs/configure-firewall-rules). # @!attribute [rw] pool_size # @return [::Integer] # Optional. The number of VMs that the system should keep idle so that # new workstations can be started quickly for new users. Defaults to `0` # in the API. # @!attribute [r] pooled_instances # @return [::Integer] # Output only. Number of instances currently available in the pool for # faster workstation startup. # @!attribute [rw] disable_public_ip_addresses # @return [::Boolean] # Optional. When set to true, disables public IP addresses for VMs. If # you disable public IP addresses, you must set up Private Google Access # or Cloud NAT on your network. If you use Private Google Access and you # use `private.googleapis.com` or `restricted.googleapis.com` for # Container Registry and Artifact Registry, make sure that you set # up DNS records for domains `*.gcr.io` and `*.pkg.dev`. # Defaults to false (VMs have public IP addresses). # @!attribute [rw] enable_nested_virtualization # @return [::Boolean] # Optional. Whether to enable nested virtualization on Cloud Workstations # VMs created under this workstation configuration. # # Nested virtualization lets you run virtual machine (VM) instances # inside your workstation. Before enabling nested virtualization, # consider the following important considerations. Cloud Workstations # instances are subject to the [same restrictions as Compute Engine # instances](https://cloud.google.com/compute/docs/instances/nested-virtualization/overview#restrictions): # # * **Organization policy**: projects, folders, or # organizations may be restricted from creating nested VMs if the # **Disable VM nested virtualization** constraint is enforced in # the organization policy. For more information, see the # Compute Engine section, # [Checking whether nested virtualization is # allowed](https://cloud.google.com/compute/docs/instances/nested-virtualization/managing-constraint#checking_whether_nested_virtualization_is_allowed). # * **Performance**: nested VMs might experience a 10% or greater # decrease in performance for workloads that are CPU-bound and # possibly greater than a 10% decrease for workloads that are # input/output bound. # * **Machine Type**: nested virtualization can only be enabled on # workstation configurations that specify a # {::Google::Cloud::Workstations::V1::WorkstationConfig::Host::GceInstance#machine_type machine_type} # in the N1 or N2 machine series. # * **GPUs**: nested virtualization may not be enabled on workstation # configurations with accelerators. # * **Operating System**: Because # [Container-Optimized # OS](https://cloud.google.com/compute/docs/images/os-details#container-optimized_os_cos) # does not support nested virtualization, when nested virtualization is # enabled, the underlying Compute Engine VM instances boot from an # [Ubuntu # LTS](https://cloud.google.com/compute/docs/images/os-details#ubuntu_lts) # image. # @!attribute [rw] shielded_instance_config # @return [::Google::Cloud::Workstations::V1::WorkstationConfig::Host::GceInstance::GceShieldedInstanceConfig] # Optional. A set of Compute Engine Shielded instance options. # @!attribute [rw] confidential_instance_config # @return [::Google::Cloud::Workstations::V1::WorkstationConfig::Host::GceInstance::GceConfidentialInstanceConfig] # Optional. A set of Compute Engine Confidential VM instance options. # @!attribute [rw] boot_disk_size_gb # @return [::Integer] # Optional. The size of the boot disk for the VM in gigabytes (GB). # The minimum boot disk size is `30` GB. Defaults to `50` GB. class GceInstance include ::Google::Protobuf::MessageExts extend ::Google::Protobuf::MessageExts::ClassMethods # A set of Compute Engine Shielded instance options. # @!attribute [rw] enable_secure_boot # @return [::Boolean] # Optional. Whether the instance has Secure Boot enabled. # @!attribute [rw] enable_vtpm # @return [::Boolean] # Optional. Whether the instance has the vTPM enabled. # @!attribute [rw] enable_integrity_monitoring # @return [::Boolean] # Optional. Whether the instance has integrity monitoring enabled. class GceShieldedInstanceConfig include ::Google::Protobuf::MessageExts extend ::Google::Protobuf::MessageExts::ClassMethods end # A set of Compute Engine Confidential VM instance options. # @!attribute [rw] enable_confidential_compute # @return [::Boolean] # Optional. Whether the instance has confidential compute enabled. class GceConfidentialInstanceConfig include ::Google::Protobuf::MessageExts extend ::Google::Protobuf::MessageExts::ClassMethods end end end # A directory to persist across workstation sessions. # @!attribute [rw] gce_pd # @return [::Google::Cloud::Workstations::V1::WorkstationConfig::PersistentDirectory::GceRegionalPersistentDisk] # A PersistentDirectory backed by a Compute Engine persistent disk. # @!attribute [rw] mount_path # @return [::String] # Optional. Location of this directory in the running workstation. class PersistentDirectory include ::Google::Protobuf::MessageExts extend ::Google::Protobuf::MessageExts::ClassMethods # A PersistentDirectory backed by a Compute Engine regional persistent # disk. The # {::Google::Cloud::Workstations::V1::WorkstationConfig#persistent_directories persistent_directories} # field is repeated, but it may contain only one entry. It creates a # [persistent # disk](https://cloud.google.com/compute/docs/disks/persistent-disks) that # mounts to the workstation VM at `/home` when the session starts and # detaches when the session ends. If this field is empty, workstations # created with this configuration do not have a persistent home # directory. # @!attribute [rw] size_gb # @return [::Integer] # Optional. The GB capacity of a persistent home directory for each # workstation created with this configuration. Must be empty if # {::Google::Cloud::Workstations::V1::WorkstationConfig::PersistentDirectory::GceRegionalPersistentDisk#source_snapshot source_snapshot} # is set. # # Valid values are `10`, `50`, `100`, `200`, `500`, or `1000`. # Defaults to `200`. If less than `200` GB, the # {::Google::Cloud::Workstations::V1::WorkstationConfig::PersistentDirectory::GceRegionalPersistentDisk#disk_type disk_type} # must be # `"pd-balanced"` or `"pd-ssd"`. # @!attribute [rw] fs_type # @return [::String] # Optional. Type of file system that the disk should be formatted with. # The workstation image must support this file system type. Must be empty # if # {::Google::Cloud::Workstations::V1::WorkstationConfig::PersistentDirectory::GceRegionalPersistentDisk#source_snapshot source_snapshot} # is set. Defaults to `"ext4"`. # @!attribute [rw] disk_type # @return [::String] # Optional. The [type of the persistent # disk](https://cloud.google.com/compute/docs/disks#disk-types) for the # home directory. Defaults to `"pd-standard"`. # @!attribute [rw] source_snapshot # @return [::String] # Optional. Name of the snapshot to use as the source for the disk. If # set, # {::Google::Cloud::Workstations::V1::WorkstationConfig::PersistentDirectory::GceRegionalPersistentDisk#size_gb size_gb} # and # {::Google::Cloud::Workstations::V1::WorkstationConfig::PersistentDirectory::GceRegionalPersistentDisk#fs_type fs_type} # must be empty. # @!attribute [rw] reclaim_policy # @return [::Google::Cloud::Workstations::V1::WorkstationConfig::PersistentDirectory::GceRegionalPersistentDisk::ReclaimPolicy] # Optional. Whether the persistent disk should be deleted when the # workstation is deleted. Valid values are `DELETE` and `RETAIN`. # Defaults to `DELETE`. class GceRegionalPersistentDisk include ::Google::Protobuf::MessageExts extend ::Google::Protobuf::MessageExts::ClassMethods # Value representing what should happen to the disk after the workstation # is deleted. module ReclaimPolicy # Do not use. RECLAIM_POLICY_UNSPECIFIED = 0 # Delete the persistent disk when deleting the workstation. DELETE = 1 # Keep the persistent disk when deleting the workstation. # An administrator must manually delete the disk. RETAIN = 2 end end end # A Docker container. # @!attribute [rw] image # @return [::String] # Optional. A Docker container image that defines a custom environment. # # Cloud Workstations provides a number of # [preconfigured # images](https://cloud.google.com/workstations/docs/preconfigured-base-images), # but you can create your own # [custom container # images](https://cloud.google.com/workstations/docs/custom-container-images). # If using a private image, the `host.gceInstance.serviceAccount` field # must be specified in the workstation configuration and must have # permission to pull the specified image. Otherwise, the image must be # publicly accessible. # @!attribute [rw] command # @return [::Array<::String>] # Optional. If set, overrides the default ENTRYPOINT specified by the # image. # @!attribute [rw] args # @return [::Array<::String>] # Optional. Arguments passed to the entrypoint. # @!attribute [rw] env # @return [::Google::Protobuf::Map{::String => ::String}] # Optional. Environment variables passed to the container's entrypoint. # @!attribute [rw] working_dir # @return [::String] # Optional. If set, overrides the default DIR specified by the image. # @!attribute [rw] run_as_user # @return [::Integer] # Optional. If set, overrides the USER specified in the image with the # given uid. class Container include ::Google::Protobuf::MessageExts extend ::Google::Protobuf::MessageExts::ClassMethods # @!attribute [rw] key # @return [::String] # @!attribute [rw] value # @return [::String] class EnvEntry include ::Google::Protobuf::MessageExts extend ::Google::Protobuf::MessageExts::ClassMethods end end # A customer-managed encryption key (CMEK) for the Compute Engine # resources of the associated workstation configuration. Specify the name of # your Cloud KMS encryption key and the default service account. # We recommend that you use a separate service account and follow # [Cloud KMS best # practices](https://cloud.google.com/kms/docs/separation-of-duties). # @!attribute [rw] kms_key # @return [::String] # Immutable. The name of the Google Cloud KMS encryption key. For example, # `"projects/PROJECT_ID/locations/REGION/keyRings/KEY_RING/cryptoKeys/KEY_NAME"`. # The key must be in the same region as the workstation configuration. # @!attribute [rw] kms_key_service_account # @return [::String] # Immutable. The service account to use with the specified # KMS key. We recommend that you use a separate service account # and follow KMS best practices. For more information, see # [Separation of # duties](https://cloud.google.com/kms/docs/separation-of-duties) and # `gcloud kms keys add-iam-policy-binding` # [`--member`](https://cloud.google.com/sdk/gcloud/reference/kms/keys/add-iam-policy-binding#--member). class CustomerEncryptionKey include ::Google::Protobuf::MessageExts extend ::Google::Protobuf::MessageExts::ClassMethods end # A readiness check to be performed on a workstation. # @!attribute [rw] path # @return [::String] # Optional. Path to which the request should be sent. # @!attribute [rw] port # @return [::Integer] # Optional. Port to which the request should be sent. class ReadinessCheck include ::Google::Protobuf::MessageExts extend ::Google::Protobuf::MessageExts::ClassMethods end # @!attribute [rw] key # @return [::String] # @!attribute [rw] value # @return [::String] class AnnotationsEntry include ::Google::Protobuf::MessageExts extend ::Google::Protobuf::MessageExts::ClassMethods end # @!attribute [rw] key # @return [::String] # @!attribute [rw] value # @return [::String] class LabelsEntry include ::Google::Protobuf::MessageExts extend ::Google::Protobuf::MessageExts::ClassMethods end end |
#reconciling ⇒ ::Boolean (readonly)
Returns Output only. Indicates whether this workstation configuration is currently being updated to match its intended state.
279 280 281 282 283 284 285 286 287 288 289 290 291 292 293 294 295 296 297 298 299 300 301 302 303 304 305 306 307 308 309 310 311 312 313 314 315 316 317 318 319 320 321 322 323 324 325 326 327 328 329 330 331 332 333 334 335 336 337 338 339 340 341 342 343 344 345 346 347 348 349 350 351 352 353 354 355 356 357 358 359 360 361 362 363 364 365 366 367 368 369 370 371 372 373 374 375 376 377 378 379 380 381 382 383 384 385 386 387 388 389 390 391 392 393 394 395 396 397 398 399 400 401 402 403 404 405 406 407 408 409 410 411 412 413 414 415 416 417 418 419 420 421 422 423 424 425 426 427 428 429 430 431 432 433 434 435 436 437 438 439 440 441 442 443 444 445 446 447 448 449 450 451 452 453 454 455 456 457 458 459 460 461 462 463 464 465 466 467 468 469 470 471 472 473 474 475 476 477 478 479 480 481 482 483 484 485 486 487 488 489 490 491 492 493 494 495 496 497 498 499 500 501 502 503 504 505 506 507 508 509 510 511 512 513 514 515 516 517 518 519 520 521 522 523 524 525 526 527 528 529 530 531 532 533 534 535 536 537 538 539 540 541 542 543 544 545 546 547 548 549 550 551 552 553 554 555 556 557 558 559 560 561 562 563 564 565 566 567 568 569 570 571 572 573 574 575 576 577 578 579 580 581 582 583 584 585 586 587 588 589 590 591 592 593 594 595 596 597 598 599 600 601 602 603 604 605 606 |
# File 'proto_docs/google/cloud/workstations/v1/workstations.rb', line 279 class WorkstationConfig include ::Google::Protobuf::MessageExts extend ::Google::Protobuf::MessageExts::ClassMethods # Runtime host for a workstation. # @!attribute [rw] gce_instance # @return [::Google::Cloud::Workstations::V1::WorkstationConfig::Host::GceInstance] # Specifies a Compute Engine instance as the host. class Host include ::Google::Protobuf::MessageExts extend ::Google::Protobuf::MessageExts::ClassMethods # A runtime using a Compute Engine instance. # @!attribute [rw] machine_type # @return [::String] # Optional. The type of machine to use for VM instances—for example, # `"e2-standard-4"`. For more information about machine types that # Cloud Workstations supports, see the list of # [available machine # types](https://cloud.google.com/workstations/docs/available-machine-types). # @!attribute [rw] service_account # @return [::String] # Optional. The email address of the service account for Cloud # Workstations VMs created with this configuration. When specified, be # sure that the service account has `logginglogEntries.create` permission # on the project so it can write logs out to Cloud Logging. If using a # custom container image, the service account must have permissions to # pull the specified image. # # If you as the administrator want to be able to `ssh` into the # underlying VM, you need to set this value to a service account # for which you have the `iam.serviceAccounts.actAs` permission. # Conversely, if you don't want anyone to be able to `ssh` into the # underlying VM, use a service account where no one has that # permission. # # If not set, VMs run with a service account provided by the # Cloud Workstations service, and the image must be publicly # accessible. # @!attribute [rw] service_account_scopes # @return [::Array<::String>] # Optional. Scopes to grant to the # {::Google::Cloud::Workstations::V1::WorkstationConfig::Host::GceInstance#service_account service_account}. # Various scopes are automatically added based on feature usage. When # specified, users of workstations under this configuration must have # `iam.serviceAccounts.actAs` on the service account. # @!attribute [rw] tags # @return [::Array<::String>] # Optional. Network tags to add to the Compute Engine VMs backing the # workstations. This option applies # [network # tags](https://cloud.google.com/vpc/docs/add-remove-network-tags) to VMs # created with this configuration. These network tags enable the creation # of [firewall # rules](https://cloud.google.com/workstations/docs/configure-firewall-rules). # @!attribute [rw] pool_size # @return [::Integer] # Optional. The number of VMs that the system should keep idle so that # new workstations can be started quickly for new users. Defaults to `0` # in the API. # @!attribute [r] pooled_instances # @return [::Integer] # Output only. Number of instances currently available in the pool for # faster workstation startup. # @!attribute [rw] disable_public_ip_addresses # @return [::Boolean] # Optional. When set to true, disables public IP addresses for VMs. If # you disable public IP addresses, you must set up Private Google Access # or Cloud NAT on your network. If you use Private Google Access and you # use `private.googleapis.com` or `restricted.googleapis.com` for # Container Registry and Artifact Registry, make sure that you set # up DNS records for domains `*.gcr.io` and `*.pkg.dev`. # Defaults to false (VMs have public IP addresses). # @!attribute [rw] enable_nested_virtualization # @return [::Boolean] # Optional. Whether to enable nested virtualization on Cloud Workstations # VMs created under this workstation configuration. # # Nested virtualization lets you run virtual machine (VM) instances # inside your workstation. Before enabling nested virtualization, # consider the following important considerations. Cloud Workstations # instances are subject to the [same restrictions as Compute Engine # instances](https://cloud.google.com/compute/docs/instances/nested-virtualization/overview#restrictions): # # * **Organization policy**: projects, folders, or # organizations may be restricted from creating nested VMs if the # **Disable VM nested virtualization** constraint is enforced in # the organization policy. For more information, see the # Compute Engine section, # [Checking whether nested virtualization is # allowed](https://cloud.google.com/compute/docs/instances/nested-virtualization/managing-constraint#checking_whether_nested_virtualization_is_allowed). # * **Performance**: nested VMs might experience a 10% or greater # decrease in performance for workloads that are CPU-bound and # possibly greater than a 10% decrease for workloads that are # input/output bound. # * **Machine Type**: nested virtualization can only be enabled on # workstation configurations that specify a # {::Google::Cloud::Workstations::V1::WorkstationConfig::Host::GceInstance#machine_type machine_type} # in the N1 or N2 machine series. # * **GPUs**: nested virtualization may not be enabled on workstation # configurations with accelerators. # * **Operating System**: Because # [Container-Optimized # OS](https://cloud.google.com/compute/docs/images/os-details#container-optimized_os_cos) # does not support nested virtualization, when nested virtualization is # enabled, the underlying Compute Engine VM instances boot from an # [Ubuntu # LTS](https://cloud.google.com/compute/docs/images/os-details#ubuntu_lts) # image. # @!attribute [rw] shielded_instance_config # @return [::Google::Cloud::Workstations::V1::WorkstationConfig::Host::GceInstance::GceShieldedInstanceConfig] # Optional. A set of Compute Engine Shielded instance options. # @!attribute [rw] confidential_instance_config # @return [::Google::Cloud::Workstations::V1::WorkstationConfig::Host::GceInstance::GceConfidentialInstanceConfig] # Optional. A set of Compute Engine Confidential VM instance options. # @!attribute [rw] boot_disk_size_gb # @return [::Integer] # Optional. The size of the boot disk for the VM in gigabytes (GB). # The minimum boot disk size is `30` GB. Defaults to `50` GB. class GceInstance include ::Google::Protobuf::MessageExts extend ::Google::Protobuf::MessageExts::ClassMethods # A set of Compute Engine Shielded instance options. # @!attribute [rw] enable_secure_boot # @return [::Boolean] # Optional. Whether the instance has Secure Boot enabled. # @!attribute [rw] enable_vtpm # @return [::Boolean] # Optional. Whether the instance has the vTPM enabled. # @!attribute [rw] enable_integrity_monitoring # @return [::Boolean] # Optional. Whether the instance has integrity monitoring enabled. class GceShieldedInstanceConfig include ::Google::Protobuf::MessageExts extend ::Google::Protobuf::MessageExts::ClassMethods end # A set of Compute Engine Confidential VM instance options. # @!attribute [rw] enable_confidential_compute # @return [::Boolean] # Optional. Whether the instance has confidential compute enabled. class GceConfidentialInstanceConfig include ::Google::Protobuf::MessageExts extend ::Google::Protobuf::MessageExts::ClassMethods end end end # A directory to persist across workstation sessions. # @!attribute [rw] gce_pd # @return [::Google::Cloud::Workstations::V1::WorkstationConfig::PersistentDirectory::GceRegionalPersistentDisk] # A PersistentDirectory backed by a Compute Engine persistent disk. # @!attribute [rw] mount_path # @return [::String] # Optional. Location of this directory in the running workstation. class PersistentDirectory include ::Google::Protobuf::MessageExts extend ::Google::Protobuf::MessageExts::ClassMethods # A PersistentDirectory backed by a Compute Engine regional persistent # disk. The # {::Google::Cloud::Workstations::V1::WorkstationConfig#persistent_directories persistent_directories} # field is repeated, but it may contain only one entry. It creates a # [persistent # disk](https://cloud.google.com/compute/docs/disks/persistent-disks) that # mounts to the workstation VM at `/home` when the session starts and # detaches when the session ends. If this field is empty, workstations # created with this configuration do not have a persistent home # directory. # @!attribute [rw] size_gb # @return [::Integer] # Optional. The GB capacity of a persistent home directory for each # workstation created with this configuration. Must be empty if # {::Google::Cloud::Workstations::V1::WorkstationConfig::PersistentDirectory::GceRegionalPersistentDisk#source_snapshot source_snapshot} # is set. # # Valid values are `10`, `50`, `100`, `200`, `500`, or `1000`. # Defaults to `200`. If less than `200` GB, the # {::Google::Cloud::Workstations::V1::WorkstationConfig::PersistentDirectory::GceRegionalPersistentDisk#disk_type disk_type} # must be # `"pd-balanced"` or `"pd-ssd"`. # @!attribute [rw] fs_type # @return [::String] # Optional. Type of file system that the disk should be formatted with. # The workstation image must support this file system type. Must be empty # if # {::Google::Cloud::Workstations::V1::WorkstationConfig::PersistentDirectory::GceRegionalPersistentDisk#source_snapshot source_snapshot} # is set. Defaults to `"ext4"`. # @!attribute [rw] disk_type # @return [::String] # Optional. The [type of the persistent # disk](https://cloud.google.com/compute/docs/disks#disk-types) for the # home directory. Defaults to `"pd-standard"`. # @!attribute [rw] source_snapshot # @return [::String] # Optional. Name of the snapshot to use as the source for the disk. If # set, # {::Google::Cloud::Workstations::V1::WorkstationConfig::PersistentDirectory::GceRegionalPersistentDisk#size_gb size_gb} # and # {::Google::Cloud::Workstations::V1::WorkstationConfig::PersistentDirectory::GceRegionalPersistentDisk#fs_type fs_type} # must be empty. # @!attribute [rw] reclaim_policy # @return [::Google::Cloud::Workstations::V1::WorkstationConfig::PersistentDirectory::GceRegionalPersistentDisk::ReclaimPolicy] # Optional. Whether the persistent disk should be deleted when the # workstation is deleted. Valid values are `DELETE` and `RETAIN`. # Defaults to `DELETE`. class GceRegionalPersistentDisk include ::Google::Protobuf::MessageExts extend ::Google::Protobuf::MessageExts::ClassMethods # Value representing what should happen to the disk after the workstation # is deleted. module ReclaimPolicy # Do not use. RECLAIM_POLICY_UNSPECIFIED = 0 # Delete the persistent disk when deleting the workstation. DELETE = 1 # Keep the persistent disk when deleting the workstation. # An administrator must manually delete the disk. RETAIN = 2 end end end # A Docker container. # @!attribute [rw] image # @return [::String] # Optional. A Docker container image that defines a custom environment. # # Cloud Workstations provides a number of # [preconfigured # images](https://cloud.google.com/workstations/docs/preconfigured-base-images), # but you can create your own # [custom container # images](https://cloud.google.com/workstations/docs/custom-container-images). # If using a private image, the `host.gceInstance.serviceAccount` field # must be specified in the workstation configuration and must have # permission to pull the specified image. Otherwise, the image must be # publicly accessible. # @!attribute [rw] command # @return [::Array<::String>] # Optional. If set, overrides the default ENTRYPOINT specified by the # image. # @!attribute [rw] args # @return [::Array<::String>] # Optional. Arguments passed to the entrypoint. # @!attribute [rw] env # @return [::Google::Protobuf::Map{::String => ::String}] # Optional. Environment variables passed to the container's entrypoint. # @!attribute [rw] working_dir # @return [::String] # Optional. If set, overrides the default DIR specified by the image. # @!attribute [rw] run_as_user # @return [::Integer] # Optional. If set, overrides the USER specified in the image with the # given uid. class Container include ::Google::Protobuf::MessageExts extend ::Google::Protobuf::MessageExts::ClassMethods # @!attribute [rw] key # @return [::String] # @!attribute [rw] value # @return [::String] class EnvEntry include ::Google::Protobuf::MessageExts extend ::Google::Protobuf::MessageExts::ClassMethods end end # A customer-managed encryption key (CMEK) for the Compute Engine # resources of the associated workstation configuration. Specify the name of # your Cloud KMS encryption key and the default service account. # We recommend that you use a separate service account and follow # [Cloud KMS best # practices](https://cloud.google.com/kms/docs/separation-of-duties). # @!attribute [rw] kms_key # @return [::String] # Immutable. The name of the Google Cloud KMS encryption key. For example, # `"projects/PROJECT_ID/locations/REGION/keyRings/KEY_RING/cryptoKeys/KEY_NAME"`. # The key must be in the same region as the workstation configuration. # @!attribute [rw] kms_key_service_account # @return [::String] # Immutable. The service account to use with the specified # KMS key. We recommend that you use a separate service account # and follow KMS best practices. For more information, see # [Separation of # duties](https://cloud.google.com/kms/docs/separation-of-duties) and # `gcloud kms keys add-iam-policy-binding` # [`--member`](https://cloud.google.com/sdk/gcloud/reference/kms/keys/add-iam-policy-binding#--member). class CustomerEncryptionKey include ::Google::Protobuf::MessageExts extend ::Google::Protobuf::MessageExts::ClassMethods end # A readiness check to be performed on a workstation. # @!attribute [rw] path # @return [::String] # Optional. Path to which the request should be sent. # @!attribute [rw] port # @return [::Integer] # Optional. Port to which the request should be sent. class ReadinessCheck include ::Google::Protobuf::MessageExts extend ::Google::Protobuf::MessageExts::ClassMethods end # @!attribute [rw] key # @return [::String] # @!attribute [rw] value # @return [::String] class AnnotationsEntry include ::Google::Protobuf::MessageExts extend ::Google::Protobuf::MessageExts::ClassMethods end # @!attribute [rw] key # @return [::String] # @!attribute [rw] value # @return [::String] class LabelsEntry include ::Google::Protobuf::MessageExts extend ::Google::Protobuf::MessageExts::ClassMethods end end |
#replica_zones ⇒ ::Array<::String>
Returns Optional. Immutable. Specifies the zones used to replicate the VM and disk
resources within the region. If set, exactly two zones within the
workstation cluster's region must be specified—for example,
['us-central1-a', 'us-central1-f']
. If this field is empty, two default
zones within the region are used.
Immutable after the workstation configuration is created.
279 280 281 282 283 284 285 286 287 288 289 290 291 292 293 294 295 296 297 298 299 300 301 302 303 304 305 306 307 308 309 310 311 312 313 314 315 316 317 318 319 320 321 322 323 324 325 326 327 328 329 330 331 332 333 334 335 336 337 338 339 340 341 342 343 344 345 346 347 348 349 350 351 352 353 354 355 356 357 358 359 360 361 362 363 364 365 366 367 368 369 370 371 372 373 374 375 376 377 378 379 380 381 382 383 384 385 386 387 388 389 390 391 392 393 394 395 396 397 398 399 400 401 402 403 404 405 406 407 408 409 410 411 412 413 414 415 416 417 418 419 420 421 422 423 424 425 426 427 428 429 430 431 432 433 434 435 436 437 438 439 440 441 442 443 444 445 446 447 448 449 450 451 452 453 454 455 456 457 458 459 460 461 462 463 464 465 466 467 468 469 470 471 472 473 474 475 476 477 478 479 480 481 482 483 484 485 486 487 488 489 490 491 492 493 494 495 496 497 498 499 500 501 502 503 504 505 506 507 508 509 510 511 512 513 514 515 516 517 518 519 520 521 522 523 524 525 526 527 528 529 530 531 532 533 534 535 536 537 538 539 540 541 542 543 544 545 546 547 548 549 550 551 552 553 554 555 556 557 558 559 560 561 562 563 564 565 566 567 568 569 570 571 572 573 574 575 576 577 578 579 580 581 582 583 584 585 586 587 588 589 590 591 592 593 594 595 596 597 598 599 600 601 602 603 604 605 606 |
# File 'proto_docs/google/cloud/workstations/v1/workstations.rb', line 279 class WorkstationConfig include ::Google::Protobuf::MessageExts extend ::Google::Protobuf::MessageExts::ClassMethods # Runtime host for a workstation. # @!attribute [rw] gce_instance # @return [::Google::Cloud::Workstations::V1::WorkstationConfig::Host::GceInstance] # Specifies a Compute Engine instance as the host. class Host include ::Google::Protobuf::MessageExts extend ::Google::Protobuf::MessageExts::ClassMethods # A runtime using a Compute Engine instance. # @!attribute [rw] machine_type # @return [::String] # Optional. The type of machine to use for VM instances—for example, # `"e2-standard-4"`. For more information about machine types that # Cloud Workstations supports, see the list of # [available machine # types](https://cloud.google.com/workstations/docs/available-machine-types). # @!attribute [rw] service_account # @return [::String] # Optional. The email address of the service account for Cloud # Workstations VMs created with this configuration. When specified, be # sure that the service account has `logginglogEntries.create` permission # on the project so it can write logs out to Cloud Logging. If using a # custom container image, the service account must have permissions to # pull the specified image. # # If you as the administrator want to be able to `ssh` into the # underlying VM, you need to set this value to a service account # for which you have the `iam.serviceAccounts.actAs` permission. # Conversely, if you don't want anyone to be able to `ssh` into the # underlying VM, use a service account where no one has that # permission. # # If not set, VMs run with a service account provided by the # Cloud Workstations service, and the image must be publicly # accessible. # @!attribute [rw] service_account_scopes # @return [::Array<::String>] # Optional. Scopes to grant to the # {::Google::Cloud::Workstations::V1::WorkstationConfig::Host::GceInstance#service_account service_account}. # Various scopes are automatically added based on feature usage. When # specified, users of workstations under this configuration must have # `iam.serviceAccounts.actAs` on the service account. # @!attribute [rw] tags # @return [::Array<::String>] # Optional. Network tags to add to the Compute Engine VMs backing the # workstations. This option applies # [network # tags](https://cloud.google.com/vpc/docs/add-remove-network-tags) to VMs # created with this configuration. These network tags enable the creation # of [firewall # rules](https://cloud.google.com/workstations/docs/configure-firewall-rules). # @!attribute [rw] pool_size # @return [::Integer] # Optional. The number of VMs that the system should keep idle so that # new workstations can be started quickly for new users. Defaults to `0` # in the API. # @!attribute [r] pooled_instances # @return [::Integer] # Output only. Number of instances currently available in the pool for # faster workstation startup. # @!attribute [rw] disable_public_ip_addresses # @return [::Boolean] # Optional. When set to true, disables public IP addresses for VMs. If # you disable public IP addresses, you must set up Private Google Access # or Cloud NAT on your network. If you use Private Google Access and you # use `private.googleapis.com` or `restricted.googleapis.com` for # Container Registry and Artifact Registry, make sure that you set # up DNS records for domains `*.gcr.io` and `*.pkg.dev`. # Defaults to false (VMs have public IP addresses). # @!attribute [rw] enable_nested_virtualization # @return [::Boolean] # Optional. Whether to enable nested virtualization on Cloud Workstations # VMs created under this workstation configuration. # # Nested virtualization lets you run virtual machine (VM) instances # inside your workstation. Before enabling nested virtualization, # consider the following important considerations. Cloud Workstations # instances are subject to the [same restrictions as Compute Engine # instances](https://cloud.google.com/compute/docs/instances/nested-virtualization/overview#restrictions): # # * **Organization policy**: projects, folders, or # organizations may be restricted from creating nested VMs if the # **Disable VM nested virtualization** constraint is enforced in # the organization policy. For more information, see the # Compute Engine section, # [Checking whether nested virtualization is # allowed](https://cloud.google.com/compute/docs/instances/nested-virtualization/managing-constraint#checking_whether_nested_virtualization_is_allowed). # * **Performance**: nested VMs might experience a 10% or greater # decrease in performance for workloads that are CPU-bound and # possibly greater than a 10% decrease for workloads that are # input/output bound. # * **Machine Type**: nested virtualization can only be enabled on # workstation configurations that specify a # {::Google::Cloud::Workstations::V1::WorkstationConfig::Host::GceInstance#machine_type machine_type} # in the N1 or N2 machine series. # * **GPUs**: nested virtualization may not be enabled on workstation # configurations with accelerators. # * **Operating System**: Because # [Container-Optimized # OS](https://cloud.google.com/compute/docs/images/os-details#container-optimized_os_cos) # does not support nested virtualization, when nested virtualization is # enabled, the underlying Compute Engine VM instances boot from an # [Ubuntu # LTS](https://cloud.google.com/compute/docs/images/os-details#ubuntu_lts) # image. # @!attribute [rw] shielded_instance_config # @return [::Google::Cloud::Workstations::V1::WorkstationConfig::Host::GceInstance::GceShieldedInstanceConfig] # Optional. A set of Compute Engine Shielded instance options. # @!attribute [rw] confidential_instance_config # @return [::Google::Cloud::Workstations::V1::WorkstationConfig::Host::GceInstance::GceConfidentialInstanceConfig] # Optional. A set of Compute Engine Confidential VM instance options. # @!attribute [rw] boot_disk_size_gb # @return [::Integer] # Optional. The size of the boot disk for the VM in gigabytes (GB). # The minimum boot disk size is `30` GB. Defaults to `50` GB. class GceInstance include ::Google::Protobuf::MessageExts extend ::Google::Protobuf::MessageExts::ClassMethods # A set of Compute Engine Shielded instance options. # @!attribute [rw] enable_secure_boot # @return [::Boolean] # Optional. Whether the instance has Secure Boot enabled. # @!attribute [rw] enable_vtpm # @return [::Boolean] # Optional. Whether the instance has the vTPM enabled. # @!attribute [rw] enable_integrity_monitoring # @return [::Boolean] # Optional. Whether the instance has integrity monitoring enabled. class GceShieldedInstanceConfig include ::Google::Protobuf::MessageExts extend ::Google::Protobuf::MessageExts::ClassMethods end # A set of Compute Engine Confidential VM instance options. # @!attribute [rw] enable_confidential_compute # @return [::Boolean] # Optional. Whether the instance has confidential compute enabled. class GceConfidentialInstanceConfig include ::Google::Protobuf::MessageExts extend ::Google::Protobuf::MessageExts::ClassMethods end end end # A directory to persist across workstation sessions. # @!attribute [rw] gce_pd # @return [::Google::Cloud::Workstations::V1::WorkstationConfig::PersistentDirectory::GceRegionalPersistentDisk] # A PersistentDirectory backed by a Compute Engine persistent disk. # @!attribute [rw] mount_path # @return [::String] # Optional. Location of this directory in the running workstation. class PersistentDirectory include ::Google::Protobuf::MessageExts extend ::Google::Protobuf::MessageExts::ClassMethods # A PersistentDirectory backed by a Compute Engine regional persistent # disk. The # {::Google::Cloud::Workstations::V1::WorkstationConfig#persistent_directories persistent_directories} # field is repeated, but it may contain only one entry. It creates a # [persistent # disk](https://cloud.google.com/compute/docs/disks/persistent-disks) that # mounts to the workstation VM at `/home` when the session starts and # detaches when the session ends. If this field is empty, workstations # created with this configuration do not have a persistent home # directory. # @!attribute [rw] size_gb # @return [::Integer] # Optional. The GB capacity of a persistent home directory for each # workstation created with this configuration. Must be empty if # {::Google::Cloud::Workstations::V1::WorkstationConfig::PersistentDirectory::GceRegionalPersistentDisk#source_snapshot source_snapshot} # is set. # # Valid values are `10`, `50`, `100`, `200`, `500`, or `1000`. # Defaults to `200`. If less than `200` GB, the # {::Google::Cloud::Workstations::V1::WorkstationConfig::PersistentDirectory::GceRegionalPersistentDisk#disk_type disk_type} # must be # `"pd-balanced"` or `"pd-ssd"`. # @!attribute [rw] fs_type # @return [::String] # Optional. Type of file system that the disk should be formatted with. # The workstation image must support this file system type. Must be empty # if # {::Google::Cloud::Workstations::V1::WorkstationConfig::PersistentDirectory::GceRegionalPersistentDisk#source_snapshot source_snapshot} # is set. Defaults to `"ext4"`. # @!attribute [rw] disk_type # @return [::String] # Optional. The [type of the persistent # disk](https://cloud.google.com/compute/docs/disks#disk-types) for the # home directory. Defaults to `"pd-standard"`. # @!attribute [rw] source_snapshot # @return [::String] # Optional. Name of the snapshot to use as the source for the disk. If # set, # {::Google::Cloud::Workstations::V1::WorkstationConfig::PersistentDirectory::GceRegionalPersistentDisk#size_gb size_gb} # and # {::Google::Cloud::Workstations::V1::WorkstationConfig::PersistentDirectory::GceRegionalPersistentDisk#fs_type fs_type} # must be empty. # @!attribute [rw] reclaim_policy # @return [::Google::Cloud::Workstations::V1::WorkstationConfig::PersistentDirectory::GceRegionalPersistentDisk::ReclaimPolicy] # Optional. Whether the persistent disk should be deleted when the # workstation is deleted. Valid values are `DELETE` and `RETAIN`. # Defaults to `DELETE`. class GceRegionalPersistentDisk include ::Google::Protobuf::MessageExts extend ::Google::Protobuf::MessageExts::ClassMethods # Value representing what should happen to the disk after the workstation # is deleted. module ReclaimPolicy # Do not use. RECLAIM_POLICY_UNSPECIFIED = 0 # Delete the persistent disk when deleting the workstation. DELETE = 1 # Keep the persistent disk when deleting the workstation. # An administrator must manually delete the disk. RETAIN = 2 end end end # A Docker container. # @!attribute [rw] image # @return [::String] # Optional. A Docker container image that defines a custom environment. # # Cloud Workstations provides a number of # [preconfigured # images](https://cloud.google.com/workstations/docs/preconfigured-base-images), # but you can create your own # [custom container # images](https://cloud.google.com/workstations/docs/custom-container-images). # If using a private image, the `host.gceInstance.serviceAccount` field # must be specified in the workstation configuration and must have # permission to pull the specified image. Otherwise, the image must be # publicly accessible. # @!attribute [rw] command # @return [::Array<::String>] # Optional. If set, overrides the default ENTRYPOINT specified by the # image. # @!attribute [rw] args # @return [::Array<::String>] # Optional. Arguments passed to the entrypoint. # @!attribute [rw] env # @return [::Google::Protobuf::Map{::String => ::String}] # Optional. Environment variables passed to the container's entrypoint. # @!attribute [rw] working_dir # @return [::String] # Optional. If set, overrides the default DIR specified by the image. # @!attribute [rw] run_as_user # @return [::Integer] # Optional. If set, overrides the USER specified in the image with the # given uid. class Container include ::Google::Protobuf::MessageExts extend ::Google::Protobuf::MessageExts::ClassMethods # @!attribute [rw] key # @return [::String] # @!attribute [rw] value # @return [::String] class EnvEntry include ::Google::Protobuf::MessageExts extend ::Google::Protobuf::MessageExts::ClassMethods end end # A customer-managed encryption key (CMEK) for the Compute Engine # resources of the associated workstation configuration. Specify the name of # your Cloud KMS encryption key and the default service account. # We recommend that you use a separate service account and follow # [Cloud KMS best # practices](https://cloud.google.com/kms/docs/separation-of-duties). # @!attribute [rw] kms_key # @return [::String] # Immutable. The name of the Google Cloud KMS encryption key. For example, # `"projects/PROJECT_ID/locations/REGION/keyRings/KEY_RING/cryptoKeys/KEY_NAME"`. # The key must be in the same region as the workstation configuration. # @!attribute [rw] kms_key_service_account # @return [::String] # Immutable. The service account to use with the specified # KMS key. We recommend that you use a separate service account # and follow KMS best practices. For more information, see # [Separation of # duties](https://cloud.google.com/kms/docs/separation-of-duties) and # `gcloud kms keys add-iam-policy-binding` # [`--member`](https://cloud.google.com/sdk/gcloud/reference/kms/keys/add-iam-policy-binding#--member). class CustomerEncryptionKey include ::Google::Protobuf::MessageExts extend ::Google::Protobuf::MessageExts::ClassMethods end # A readiness check to be performed on a workstation. # @!attribute [rw] path # @return [::String] # Optional. Path to which the request should be sent. # @!attribute [rw] port # @return [::Integer] # Optional. Port to which the request should be sent. class ReadinessCheck include ::Google::Protobuf::MessageExts extend ::Google::Protobuf::MessageExts::ClassMethods end # @!attribute [rw] key # @return [::String] # @!attribute [rw] value # @return [::String] class AnnotationsEntry include ::Google::Protobuf::MessageExts extend ::Google::Protobuf::MessageExts::ClassMethods end # @!attribute [rw] key # @return [::String] # @!attribute [rw] value # @return [::String] class LabelsEntry include ::Google::Protobuf::MessageExts extend ::Google::Protobuf::MessageExts::ClassMethods end end |
#running_timeout ⇒ ::Google::Protobuf::Duration
Returns Optional. Number of seconds that a workstation can run until it is automatically shut down. We recommend that workstations be shut down daily to reduce costs and so that security updates can be applied upon restart. The idle_timeout and running_timeout fields are independent of each other. Note that the running_timeout field shuts down VMs after the specified time, regardless of whether or not the VMs are idle.
Provide duration terminated by s
for seconds—for example, "54000s"
(15 hours). Defaults to "43200s"
(12 hours). A value of "0s"
indicates
that workstations using this configuration should never time out. If
encryption_key
is set, it must be greater than "0s"
and less than
"86400s"
(24 hours).
Warning: A value of "0s"
indicates that Cloud Workstations VMs created
with this configuration have no maximum running time. This is strongly
discouraged because you incur costs and will not pick up security updates.
279 280 281 282 283 284 285 286 287 288 289 290 291 292 293 294 295 296 297 298 299 300 301 302 303 304 305 306 307 308 309 310 311 312 313 314 315 316 317 318 319 320 321 322 323 324 325 326 327 328 329 330 331 332 333 334 335 336 337 338 339 340 341 342 343 344 345 346 347 348 349 350 351 352 353 354 355 356 357 358 359 360 361 362 363 364 365 366 367 368 369 370 371 372 373 374 375 376 377 378 379 380 381 382 383 384 385 386 387 388 389 390 391 392 393 394 395 396 397 398 399 400 401 402 403 404 405 406 407 408 409 410 411 412 413 414 415 416 417 418 419 420 421 422 423 424 425 426 427 428 429 430 431 432 433 434 435 436 437 438 439 440 441 442 443 444 445 446 447 448 449 450 451 452 453 454 455 456 457 458 459 460 461 462 463 464 465 466 467 468 469 470 471 472 473 474 475 476 477 478 479 480 481 482 483 484 485 486 487 488 489 490 491 492 493 494 495 496 497 498 499 500 501 502 503 504 505 506 507 508 509 510 511 512 513 514 515 516 517 518 519 520 521 522 523 524 525 526 527 528 529 530 531 532 533 534 535 536 537 538 539 540 541 542 543 544 545 546 547 548 549 550 551 552 553 554 555 556 557 558 559 560 561 562 563 564 565 566 567 568 569 570 571 572 573 574 575 576 577 578 579 580 581 582 583 584 585 586 587 588 589 590 591 592 593 594 595 596 597 598 599 600 601 602 603 604 605 606 |
# File 'proto_docs/google/cloud/workstations/v1/workstations.rb', line 279 class WorkstationConfig include ::Google::Protobuf::MessageExts extend ::Google::Protobuf::MessageExts::ClassMethods # Runtime host for a workstation. # @!attribute [rw] gce_instance # @return [::Google::Cloud::Workstations::V1::WorkstationConfig::Host::GceInstance] # Specifies a Compute Engine instance as the host. class Host include ::Google::Protobuf::MessageExts extend ::Google::Protobuf::MessageExts::ClassMethods # A runtime using a Compute Engine instance. # @!attribute [rw] machine_type # @return [::String] # Optional. The type of machine to use for VM instances—for example, # `"e2-standard-4"`. For more information about machine types that # Cloud Workstations supports, see the list of # [available machine # types](https://cloud.google.com/workstations/docs/available-machine-types). # @!attribute [rw] service_account # @return [::String] # Optional. The email address of the service account for Cloud # Workstations VMs created with this configuration. When specified, be # sure that the service account has `logginglogEntries.create` permission # on the project so it can write logs out to Cloud Logging. If using a # custom container image, the service account must have permissions to # pull the specified image. # # If you as the administrator want to be able to `ssh` into the # underlying VM, you need to set this value to a service account # for which you have the `iam.serviceAccounts.actAs` permission. # Conversely, if you don't want anyone to be able to `ssh` into the # underlying VM, use a service account where no one has that # permission. # # If not set, VMs run with a service account provided by the # Cloud Workstations service, and the image must be publicly # accessible. # @!attribute [rw] service_account_scopes # @return [::Array<::String>] # Optional. Scopes to grant to the # {::Google::Cloud::Workstations::V1::WorkstationConfig::Host::GceInstance#service_account service_account}. # Various scopes are automatically added based on feature usage. When # specified, users of workstations under this configuration must have # `iam.serviceAccounts.actAs` on the service account. # @!attribute [rw] tags # @return [::Array<::String>] # Optional. Network tags to add to the Compute Engine VMs backing the # workstations. This option applies # [network # tags](https://cloud.google.com/vpc/docs/add-remove-network-tags) to VMs # created with this configuration. These network tags enable the creation # of [firewall # rules](https://cloud.google.com/workstations/docs/configure-firewall-rules). # @!attribute [rw] pool_size # @return [::Integer] # Optional. The number of VMs that the system should keep idle so that # new workstations can be started quickly for new users. Defaults to `0` # in the API. # @!attribute [r] pooled_instances # @return [::Integer] # Output only. Number of instances currently available in the pool for # faster workstation startup. # @!attribute [rw] disable_public_ip_addresses # @return [::Boolean] # Optional. When set to true, disables public IP addresses for VMs. If # you disable public IP addresses, you must set up Private Google Access # or Cloud NAT on your network. If you use Private Google Access and you # use `private.googleapis.com` or `restricted.googleapis.com` for # Container Registry and Artifact Registry, make sure that you set # up DNS records for domains `*.gcr.io` and `*.pkg.dev`. # Defaults to false (VMs have public IP addresses). # @!attribute [rw] enable_nested_virtualization # @return [::Boolean] # Optional. Whether to enable nested virtualization on Cloud Workstations # VMs created under this workstation configuration. # # Nested virtualization lets you run virtual machine (VM) instances # inside your workstation. Before enabling nested virtualization, # consider the following important considerations. Cloud Workstations # instances are subject to the [same restrictions as Compute Engine # instances](https://cloud.google.com/compute/docs/instances/nested-virtualization/overview#restrictions): # # * **Organization policy**: projects, folders, or # organizations may be restricted from creating nested VMs if the # **Disable VM nested virtualization** constraint is enforced in # the organization policy. For more information, see the # Compute Engine section, # [Checking whether nested virtualization is # allowed](https://cloud.google.com/compute/docs/instances/nested-virtualization/managing-constraint#checking_whether_nested_virtualization_is_allowed). # * **Performance**: nested VMs might experience a 10% or greater # decrease in performance for workloads that are CPU-bound and # possibly greater than a 10% decrease for workloads that are # input/output bound. # * **Machine Type**: nested virtualization can only be enabled on # workstation configurations that specify a # {::Google::Cloud::Workstations::V1::WorkstationConfig::Host::GceInstance#machine_type machine_type} # in the N1 or N2 machine series. # * **GPUs**: nested virtualization may not be enabled on workstation # configurations with accelerators. # * **Operating System**: Because # [Container-Optimized # OS](https://cloud.google.com/compute/docs/images/os-details#container-optimized_os_cos) # does not support nested virtualization, when nested virtualization is # enabled, the underlying Compute Engine VM instances boot from an # [Ubuntu # LTS](https://cloud.google.com/compute/docs/images/os-details#ubuntu_lts) # image. # @!attribute [rw] shielded_instance_config # @return [::Google::Cloud::Workstations::V1::WorkstationConfig::Host::GceInstance::GceShieldedInstanceConfig] # Optional. A set of Compute Engine Shielded instance options. # @!attribute [rw] confidential_instance_config # @return [::Google::Cloud::Workstations::V1::WorkstationConfig::Host::GceInstance::GceConfidentialInstanceConfig] # Optional. A set of Compute Engine Confidential VM instance options. # @!attribute [rw] boot_disk_size_gb # @return [::Integer] # Optional. The size of the boot disk for the VM in gigabytes (GB). # The minimum boot disk size is `30` GB. Defaults to `50` GB. class GceInstance include ::Google::Protobuf::MessageExts extend ::Google::Protobuf::MessageExts::ClassMethods # A set of Compute Engine Shielded instance options. # @!attribute [rw] enable_secure_boot # @return [::Boolean] # Optional. Whether the instance has Secure Boot enabled. # @!attribute [rw] enable_vtpm # @return [::Boolean] # Optional. Whether the instance has the vTPM enabled. # @!attribute [rw] enable_integrity_monitoring # @return [::Boolean] # Optional. Whether the instance has integrity monitoring enabled. class GceShieldedInstanceConfig include ::Google::Protobuf::MessageExts extend ::Google::Protobuf::MessageExts::ClassMethods end # A set of Compute Engine Confidential VM instance options. # @!attribute [rw] enable_confidential_compute # @return [::Boolean] # Optional. Whether the instance has confidential compute enabled. class GceConfidentialInstanceConfig include ::Google::Protobuf::MessageExts extend ::Google::Protobuf::MessageExts::ClassMethods end end end # A directory to persist across workstation sessions. # @!attribute [rw] gce_pd # @return [::Google::Cloud::Workstations::V1::WorkstationConfig::PersistentDirectory::GceRegionalPersistentDisk] # A PersistentDirectory backed by a Compute Engine persistent disk. # @!attribute [rw] mount_path # @return [::String] # Optional. Location of this directory in the running workstation. class PersistentDirectory include ::Google::Protobuf::MessageExts extend ::Google::Protobuf::MessageExts::ClassMethods # A PersistentDirectory backed by a Compute Engine regional persistent # disk. The # {::Google::Cloud::Workstations::V1::WorkstationConfig#persistent_directories persistent_directories} # field is repeated, but it may contain only one entry. It creates a # [persistent # disk](https://cloud.google.com/compute/docs/disks/persistent-disks) that # mounts to the workstation VM at `/home` when the session starts and # detaches when the session ends. If this field is empty, workstations # created with this configuration do not have a persistent home # directory. # @!attribute [rw] size_gb # @return [::Integer] # Optional. The GB capacity of a persistent home directory for each # workstation created with this configuration. Must be empty if # {::Google::Cloud::Workstations::V1::WorkstationConfig::PersistentDirectory::GceRegionalPersistentDisk#source_snapshot source_snapshot} # is set. # # Valid values are `10`, `50`, `100`, `200`, `500`, or `1000`. # Defaults to `200`. If less than `200` GB, the # {::Google::Cloud::Workstations::V1::WorkstationConfig::PersistentDirectory::GceRegionalPersistentDisk#disk_type disk_type} # must be # `"pd-balanced"` or `"pd-ssd"`. # @!attribute [rw] fs_type # @return [::String] # Optional. Type of file system that the disk should be formatted with. # The workstation image must support this file system type. Must be empty # if # {::Google::Cloud::Workstations::V1::WorkstationConfig::PersistentDirectory::GceRegionalPersistentDisk#source_snapshot source_snapshot} # is set. Defaults to `"ext4"`. # @!attribute [rw] disk_type # @return [::String] # Optional. The [type of the persistent # disk](https://cloud.google.com/compute/docs/disks#disk-types) for the # home directory. Defaults to `"pd-standard"`. # @!attribute [rw] source_snapshot # @return [::String] # Optional. Name of the snapshot to use as the source for the disk. If # set, # {::Google::Cloud::Workstations::V1::WorkstationConfig::PersistentDirectory::GceRegionalPersistentDisk#size_gb size_gb} # and # {::Google::Cloud::Workstations::V1::WorkstationConfig::PersistentDirectory::GceRegionalPersistentDisk#fs_type fs_type} # must be empty. # @!attribute [rw] reclaim_policy # @return [::Google::Cloud::Workstations::V1::WorkstationConfig::PersistentDirectory::GceRegionalPersistentDisk::ReclaimPolicy] # Optional. Whether the persistent disk should be deleted when the # workstation is deleted. Valid values are `DELETE` and `RETAIN`. # Defaults to `DELETE`. class GceRegionalPersistentDisk include ::Google::Protobuf::MessageExts extend ::Google::Protobuf::MessageExts::ClassMethods # Value representing what should happen to the disk after the workstation # is deleted. module ReclaimPolicy # Do not use. RECLAIM_POLICY_UNSPECIFIED = 0 # Delete the persistent disk when deleting the workstation. DELETE = 1 # Keep the persistent disk when deleting the workstation. # An administrator must manually delete the disk. RETAIN = 2 end end end # A Docker container. # @!attribute [rw] image # @return [::String] # Optional. A Docker container image that defines a custom environment. # # Cloud Workstations provides a number of # [preconfigured # images](https://cloud.google.com/workstations/docs/preconfigured-base-images), # but you can create your own # [custom container # images](https://cloud.google.com/workstations/docs/custom-container-images). # If using a private image, the `host.gceInstance.serviceAccount` field # must be specified in the workstation configuration and must have # permission to pull the specified image. Otherwise, the image must be # publicly accessible. # @!attribute [rw] command # @return [::Array<::String>] # Optional. If set, overrides the default ENTRYPOINT specified by the # image. # @!attribute [rw] args # @return [::Array<::String>] # Optional. Arguments passed to the entrypoint. # @!attribute [rw] env # @return [::Google::Protobuf::Map{::String => ::String}] # Optional. Environment variables passed to the container's entrypoint. # @!attribute [rw] working_dir # @return [::String] # Optional. If set, overrides the default DIR specified by the image. # @!attribute [rw] run_as_user # @return [::Integer] # Optional. If set, overrides the USER specified in the image with the # given uid. class Container include ::Google::Protobuf::MessageExts extend ::Google::Protobuf::MessageExts::ClassMethods # @!attribute [rw] key # @return [::String] # @!attribute [rw] value # @return [::String] class EnvEntry include ::Google::Protobuf::MessageExts extend ::Google::Protobuf::MessageExts::ClassMethods end end # A customer-managed encryption key (CMEK) for the Compute Engine # resources of the associated workstation configuration. Specify the name of # your Cloud KMS encryption key and the default service account. # We recommend that you use a separate service account and follow # [Cloud KMS best # practices](https://cloud.google.com/kms/docs/separation-of-duties). # @!attribute [rw] kms_key # @return [::String] # Immutable. The name of the Google Cloud KMS encryption key. For example, # `"projects/PROJECT_ID/locations/REGION/keyRings/KEY_RING/cryptoKeys/KEY_NAME"`. # The key must be in the same region as the workstation configuration. # @!attribute [rw] kms_key_service_account # @return [::String] # Immutable. The service account to use with the specified # KMS key. We recommend that you use a separate service account # and follow KMS best practices. For more information, see # [Separation of # duties](https://cloud.google.com/kms/docs/separation-of-duties) and # `gcloud kms keys add-iam-policy-binding` # [`--member`](https://cloud.google.com/sdk/gcloud/reference/kms/keys/add-iam-policy-binding#--member). class CustomerEncryptionKey include ::Google::Protobuf::MessageExts extend ::Google::Protobuf::MessageExts::ClassMethods end # A readiness check to be performed on a workstation. # @!attribute [rw] path # @return [::String] # Optional. Path to which the request should be sent. # @!attribute [rw] port # @return [::Integer] # Optional. Port to which the request should be sent. class ReadinessCheck include ::Google::Protobuf::MessageExts extend ::Google::Protobuf::MessageExts::ClassMethods end # @!attribute [rw] key # @return [::String] # @!attribute [rw] value # @return [::String] class AnnotationsEntry include ::Google::Protobuf::MessageExts extend ::Google::Protobuf::MessageExts::ClassMethods end # @!attribute [rw] key # @return [::String] # @!attribute [rw] value # @return [::String] class LabelsEntry include ::Google::Protobuf::MessageExts extend ::Google::Protobuf::MessageExts::ClassMethods end end |
#uid ⇒ ::String (readonly)
Returns Output only. A system-assigned unique identifier for this workstation configuration.
279 280 281 282 283 284 285 286 287 288 289 290 291 292 293 294 295 296 297 298 299 300 301 302 303 304 305 306 307 308 309 310 311 312 313 314 315 316 317 318 319 320 321 322 323 324 325 326 327 328 329 330 331 332 333 334 335 336 337 338 339 340 341 342 343 344 345 346 347 348 349 350 351 352 353 354 355 356 357 358 359 360 361 362 363 364 365 366 367 368 369 370 371 372 373 374 375 376 377 378 379 380 381 382 383 384 385 386 387 388 389 390 391 392 393 394 395 396 397 398 399 400 401 402 403 404 405 406 407 408 409 410 411 412 413 414 415 416 417 418 419 420 421 422 423 424 425 426 427 428 429 430 431 432 433 434 435 436 437 438 439 440 441 442 443 444 445 446 447 448 449 450 451 452 453 454 455 456 457 458 459 460 461 462 463 464 465 466 467 468 469 470 471 472 473 474 475 476 477 478 479 480 481 482 483 484 485 486 487 488 489 490 491 492 493 494 495 496 497 498 499 500 501 502 503 504 505 506 507 508 509 510 511 512 513 514 515 516 517 518 519 520 521 522 523 524 525 526 527 528 529 530 531 532 533 534 535 536 537 538 539 540 541 542 543 544 545 546 547 548 549 550 551 552 553 554 555 556 557 558 559 560 561 562 563 564 565 566 567 568 569 570 571 572 573 574 575 576 577 578 579 580 581 582 583 584 585 586 587 588 589 590 591 592 593 594 595 596 597 598 599 600 601 602 603 604 605 606 |
# File 'proto_docs/google/cloud/workstations/v1/workstations.rb', line 279 class WorkstationConfig include ::Google::Protobuf::MessageExts extend ::Google::Protobuf::MessageExts::ClassMethods # Runtime host for a workstation. # @!attribute [rw] gce_instance # @return [::Google::Cloud::Workstations::V1::WorkstationConfig::Host::GceInstance] # Specifies a Compute Engine instance as the host. class Host include ::Google::Protobuf::MessageExts extend ::Google::Protobuf::MessageExts::ClassMethods # A runtime using a Compute Engine instance. # @!attribute [rw] machine_type # @return [::String] # Optional. The type of machine to use for VM instances—for example, # `"e2-standard-4"`. For more information about machine types that # Cloud Workstations supports, see the list of # [available machine # types](https://cloud.google.com/workstations/docs/available-machine-types). # @!attribute [rw] service_account # @return [::String] # Optional. The email address of the service account for Cloud # Workstations VMs created with this configuration. When specified, be # sure that the service account has `logginglogEntries.create` permission # on the project so it can write logs out to Cloud Logging. If using a # custom container image, the service account must have permissions to # pull the specified image. # # If you as the administrator want to be able to `ssh` into the # underlying VM, you need to set this value to a service account # for which you have the `iam.serviceAccounts.actAs` permission. # Conversely, if you don't want anyone to be able to `ssh` into the # underlying VM, use a service account where no one has that # permission. # # If not set, VMs run with a service account provided by the # Cloud Workstations service, and the image must be publicly # accessible. # @!attribute [rw] service_account_scopes # @return [::Array<::String>] # Optional. Scopes to grant to the # {::Google::Cloud::Workstations::V1::WorkstationConfig::Host::GceInstance#service_account service_account}. # Various scopes are automatically added based on feature usage. When # specified, users of workstations under this configuration must have # `iam.serviceAccounts.actAs` on the service account. # @!attribute [rw] tags # @return [::Array<::String>] # Optional. Network tags to add to the Compute Engine VMs backing the # workstations. This option applies # [network # tags](https://cloud.google.com/vpc/docs/add-remove-network-tags) to VMs # created with this configuration. These network tags enable the creation # of [firewall # rules](https://cloud.google.com/workstations/docs/configure-firewall-rules). # @!attribute [rw] pool_size # @return [::Integer] # Optional. The number of VMs that the system should keep idle so that # new workstations can be started quickly for new users. Defaults to `0` # in the API. # @!attribute [r] pooled_instances # @return [::Integer] # Output only. Number of instances currently available in the pool for # faster workstation startup. # @!attribute [rw] disable_public_ip_addresses # @return [::Boolean] # Optional. When set to true, disables public IP addresses for VMs. If # you disable public IP addresses, you must set up Private Google Access # or Cloud NAT on your network. If you use Private Google Access and you # use `private.googleapis.com` or `restricted.googleapis.com` for # Container Registry and Artifact Registry, make sure that you set # up DNS records for domains `*.gcr.io` and `*.pkg.dev`. # Defaults to false (VMs have public IP addresses). # @!attribute [rw] enable_nested_virtualization # @return [::Boolean] # Optional. Whether to enable nested virtualization on Cloud Workstations # VMs created under this workstation configuration. # # Nested virtualization lets you run virtual machine (VM) instances # inside your workstation. Before enabling nested virtualization, # consider the following important considerations. Cloud Workstations # instances are subject to the [same restrictions as Compute Engine # instances](https://cloud.google.com/compute/docs/instances/nested-virtualization/overview#restrictions): # # * **Organization policy**: projects, folders, or # organizations may be restricted from creating nested VMs if the # **Disable VM nested virtualization** constraint is enforced in # the organization policy. For more information, see the # Compute Engine section, # [Checking whether nested virtualization is # allowed](https://cloud.google.com/compute/docs/instances/nested-virtualization/managing-constraint#checking_whether_nested_virtualization_is_allowed). # * **Performance**: nested VMs might experience a 10% or greater # decrease in performance for workloads that are CPU-bound and # possibly greater than a 10% decrease for workloads that are # input/output bound. # * **Machine Type**: nested virtualization can only be enabled on # workstation configurations that specify a # {::Google::Cloud::Workstations::V1::WorkstationConfig::Host::GceInstance#machine_type machine_type} # in the N1 or N2 machine series. # * **GPUs**: nested virtualization may not be enabled on workstation # configurations with accelerators. # * **Operating System**: Because # [Container-Optimized # OS](https://cloud.google.com/compute/docs/images/os-details#container-optimized_os_cos) # does not support nested virtualization, when nested virtualization is # enabled, the underlying Compute Engine VM instances boot from an # [Ubuntu # LTS](https://cloud.google.com/compute/docs/images/os-details#ubuntu_lts) # image. # @!attribute [rw] shielded_instance_config # @return [::Google::Cloud::Workstations::V1::WorkstationConfig::Host::GceInstance::GceShieldedInstanceConfig] # Optional. A set of Compute Engine Shielded instance options. # @!attribute [rw] confidential_instance_config # @return [::Google::Cloud::Workstations::V1::WorkstationConfig::Host::GceInstance::GceConfidentialInstanceConfig] # Optional. A set of Compute Engine Confidential VM instance options. # @!attribute [rw] boot_disk_size_gb # @return [::Integer] # Optional. The size of the boot disk for the VM in gigabytes (GB). # The minimum boot disk size is `30` GB. Defaults to `50` GB. class GceInstance include ::Google::Protobuf::MessageExts extend ::Google::Protobuf::MessageExts::ClassMethods # A set of Compute Engine Shielded instance options. # @!attribute [rw] enable_secure_boot # @return [::Boolean] # Optional. Whether the instance has Secure Boot enabled. # @!attribute [rw] enable_vtpm # @return [::Boolean] # Optional. Whether the instance has the vTPM enabled. # @!attribute [rw] enable_integrity_monitoring # @return [::Boolean] # Optional. Whether the instance has integrity monitoring enabled. class GceShieldedInstanceConfig include ::Google::Protobuf::MessageExts extend ::Google::Protobuf::MessageExts::ClassMethods end # A set of Compute Engine Confidential VM instance options. # @!attribute [rw] enable_confidential_compute # @return [::Boolean] # Optional. Whether the instance has confidential compute enabled. class GceConfidentialInstanceConfig include ::Google::Protobuf::MessageExts extend ::Google::Protobuf::MessageExts::ClassMethods end end end # A directory to persist across workstation sessions. # @!attribute [rw] gce_pd # @return [::Google::Cloud::Workstations::V1::WorkstationConfig::PersistentDirectory::GceRegionalPersistentDisk] # A PersistentDirectory backed by a Compute Engine persistent disk. # @!attribute [rw] mount_path # @return [::String] # Optional. Location of this directory in the running workstation. class PersistentDirectory include ::Google::Protobuf::MessageExts extend ::Google::Protobuf::MessageExts::ClassMethods # A PersistentDirectory backed by a Compute Engine regional persistent # disk. The # {::Google::Cloud::Workstations::V1::WorkstationConfig#persistent_directories persistent_directories} # field is repeated, but it may contain only one entry. It creates a # [persistent # disk](https://cloud.google.com/compute/docs/disks/persistent-disks) that # mounts to the workstation VM at `/home` when the session starts and # detaches when the session ends. If this field is empty, workstations # created with this configuration do not have a persistent home # directory. # @!attribute [rw] size_gb # @return [::Integer] # Optional. The GB capacity of a persistent home directory for each # workstation created with this configuration. Must be empty if # {::Google::Cloud::Workstations::V1::WorkstationConfig::PersistentDirectory::GceRegionalPersistentDisk#source_snapshot source_snapshot} # is set. # # Valid values are `10`, `50`, `100`, `200`, `500`, or `1000`. # Defaults to `200`. If less than `200` GB, the # {::Google::Cloud::Workstations::V1::WorkstationConfig::PersistentDirectory::GceRegionalPersistentDisk#disk_type disk_type} # must be # `"pd-balanced"` or `"pd-ssd"`. # @!attribute [rw] fs_type # @return [::String] # Optional. Type of file system that the disk should be formatted with. # The workstation image must support this file system type. Must be empty # if # {::Google::Cloud::Workstations::V1::WorkstationConfig::PersistentDirectory::GceRegionalPersistentDisk#source_snapshot source_snapshot} # is set. Defaults to `"ext4"`. # @!attribute [rw] disk_type # @return [::String] # Optional. The [type of the persistent # disk](https://cloud.google.com/compute/docs/disks#disk-types) for the # home directory. Defaults to `"pd-standard"`. # @!attribute [rw] source_snapshot # @return [::String] # Optional. Name of the snapshot to use as the source for the disk. If # set, # {::Google::Cloud::Workstations::V1::WorkstationConfig::PersistentDirectory::GceRegionalPersistentDisk#size_gb size_gb} # and # {::Google::Cloud::Workstations::V1::WorkstationConfig::PersistentDirectory::GceRegionalPersistentDisk#fs_type fs_type} # must be empty. # @!attribute [rw] reclaim_policy # @return [::Google::Cloud::Workstations::V1::WorkstationConfig::PersistentDirectory::GceRegionalPersistentDisk::ReclaimPolicy] # Optional. Whether the persistent disk should be deleted when the # workstation is deleted. Valid values are `DELETE` and `RETAIN`. # Defaults to `DELETE`. class GceRegionalPersistentDisk include ::Google::Protobuf::MessageExts extend ::Google::Protobuf::MessageExts::ClassMethods # Value representing what should happen to the disk after the workstation # is deleted. module ReclaimPolicy # Do not use. RECLAIM_POLICY_UNSPECIFIED = 0 # Delete the persistent disk when deleting the workstation. DELETE = 1 # Keep the persistent disk when deleting the workstation. # An administrator must manually delete the disk. RETAIN = 2 end end end # A Docker container. # @!attribute [rw] image # @return [::String] # Optional. A Docker container image that defines a custom environment. # # Cloud Workstations provides a number of # [preconfigured # images](https://cloud.google.com/workstations/docs/preconfigured-base-images), # but you can create your own # [custom container # images](https://cloud.google.com/workstations/docs/custom-container-images). # If using a private image, the `host.gceInstance.serviceAccount` field # must be specified in the workstation configuration and must have # permission to pull the specified image. Otherwise, the image must be # publicly accessible. # @!attribute [rw] command # @return [::Array<::String>] # Optional. If set, overrides the default ENTRYPOINT specified by the # image. # @!attribute [rw] args # @return [::Array<::String>] # Optional. Arguments passed to the entrypoint. # @!attribute [rw] env # @return [::Google::Protobuf::Map{::String => ::String}] # Optional. Environment variables passed to the container's entrypoint. # @!attribute [rw] working_dir # @return [::String] # Optional. If set, overrides the default DIR specified by the image. # @!attribute [rw] run_as_user # @return [::Integer] # Optional. If set, overrides the USER specified in the image with the # given uid. class Container include ::Google::Protobuf::MessageExts extend ::Google::Protobuf::MessageExts::ClassMethods # @!attribute [rw] key # @return [::String] # @!attribute [rw] value # @return [::String] class EnvEntry include ::Google::Protobuf::MessageExts extend ::Google::Protobuf::MessageExts::ClassMethods end end # A customer-managed encryption key (CMEK) for the Compute Engine # resources of the associated workstation configuration. Specify the name of # your Cloud KMS encryption key and the default service account. # We recommend that you use a separate service account and follow # [Cloud KMS best # practices](https://cloud.google.com/kms/docs/separation-of-duties). # @!attribute [rw] kms_key # @return [::String] # Immutable. The name of the Google Cloud KMS encryption key. For example, # `"projects/PROJECT_ID/locations/REGION/keyRings/KEY_RING/cryptoKeys/KEY_NAME"`. # The key must be in the same region as the workstation configuration. # @!attribute [rw] kms_key_service_account # @return [::String] # Immutable. The service account to use with the specified # KMS key. We recommend that you use a separate service account # and follow KMS best practices. For more information, see # [Separation of # duties](https://cloud.google.com/kms/docs/separation-of-duties) and # `gcloud kms keys add-iam-policy-binding` # [`--member`](https://cloud.google.com/sdk/gcloud/reference/kms/keys/add-iam-policy-binding#--member). class CustomerEncryptionKey include ::Google::Protobuf::MessageExts extend ::Google::Protobuf::MessageExts::ClassMethods end # A readiness check to be performed on a workstation. # @!attribute [rw] path # @return [::String] # Optional. Path to which the request should be sent. # @!attribute [rw] port # @return [::Integer] # Optional. Port to which the request should be sent. class ReadinessCheck include ::Google::Protobuf::MessageExts extend ::Google::Protobuf::MessageExts::ClassMethods end # @!attribute [rw] key # @return [::String] # @!attribute [rw] value # @return [::String] class AnnotationsEntry include ::Google::Protobuf::MessageExts extend ::Google::Protobuf::MessageExts::ClassMethods end # @!attribute [rw] key # @return [::String] # @!attribute [rw] value # @return [::String] class LabelsEntry include ::Google::Protobuf::MessageExts extend ::Google::Protobuf::MessageExts::ClassMethods end end |
#update_time ⇒ ::Google::Protobuf::Timestamp (readonly)
Returns Output only. Time when this workstation configuration was most recently updated.
279 280 281 282 283 284 285 286 287 288 289 290 291 292 293 294 295 296 297 298 299 300 301 302 303 304 305 306 307 308 309 310 311 312 313 314 315 316 317 318 319 320 321 322 323 324 325 326 327 328 329 330 331 332 333 334 335 336 337 338 339 340 341 342 343 344 345 346 347 348 349 350 351 352 353 354 355 356 357 358 359 360 361 362 363 364 365 366 367 368 369 370 371 372 373 374 375 376 377 378 379 380 381 382 383 384 385 386 387 388 389 390 391 392 393 394 395 396 397 398 399 400 401 402 403 404 405 406 407 408 409 410 411 412 413 414 415 416 417 418 419 420 421 422 423 424 425 426 427 428 429 430 431 432 433 434 435 436 437 438 439 440 441 442 443 444 445 446 447 448 449 450 451 452 453 454 455 456 457 458 459 460 461 462 463 464 465 466 467 468 469 470 471 472 473 474 475 476 477 478 479 480 481 482 483 484 485 486 487 488 489 490 491 492 493 494 495 496 497 498 499 500 501 502 503 504 505 506 507 508 509 510 511 512 513 514 515 516 517 518 519 520 521 522 523 524 525 526 527 528 529 530 531 532 533 534 535 536 537 538 539 540 541 542 543 544 545 546 547 548 549 550 551 552 553 554 555 556 557 558 559 560 561 562 563 564 565 566 567 568 569 570 571 572 573 574 575 576 577 578 579 580 581 582 583 584 585 586 587 588 589 590 591 592 593 594 595 596 597 598 599 600 601 602 603 604 605 606 |
# File 'proto_docs/google/cloud/workstations/v1/workstations.rb', line 279 class WorkstationConfig include ::Google::Protobuf::MessageExts extend ::Google::Protobuf::MessageExts::ClassMethods # Runtime host for a workstation. # @!attribute [rw] gce_instance # @return [::Google::Cloud::Workstations::V1::WorkstationConfig::Host::GceInstance] # Specifies a Compute Engine instance as the host. class Host include ::Google::Protobuf::MessageExts extend ::Google::Protobuf::MessageExts::ClassMethods # A runtime using a Compute Engine instance. # @!attribute [rw] machine_type # @return [::String] # Optional. The type of machine to use for VM instances—for example, # `"e2-standard-4"`. For more information about machine types that # Cloud Workstations supports, see the list of # [available machine # types](https://cloud.google.com/workstations/docs/available-machine-types). # @!attribute [rw] service_account # @return [::String] # Optional. The email address of the service account for Cloud # Workstations VMs created with this configuration. When specified, be # sure that the service account has `logginglogEntries.create` permission # on the project so it can write logs out to Cloud Logging. If using a # custom container image, the service account must have permissions to # pull the specified image. # # If you as the administrator want to be able to `ssh` into the # underlying VM, you need to set this value to a service account # for which you have the `iam.serviceAccounts.actAs` permission. # Conversely, if you don't want anyone to be able to `ssh` into the # underlying VM, use a service account where no one has that # permission. # # If not set, VMs run with a service account provided by the # Cloud Workstations service, and the image must be publicly # accessible. # @!attribute [rw] service_account_scopes # @return [::Array<::String>] # Optional. Scopes to grant to the # {::Google::Cloud::Workstations::V1::WorkstationConfig::Host::GceInstance#service_account service_account}. # Various scopes are automatically added based on feature usage. When # specified, users of workstations under this configuration must have # `iam.serviceAccounts.actAs` on the service account. # @!attribute [rw] tags # @return [::Array<::String>] # Optional. Network tags to add to the Compute Engine VMs backing the # workstations. This option applies # [network # tags](https://cloud.google.com/vpc/docs/add-remove-network-tags) to VMs # created with this configuration. These network tags enable the creation # of [firewall # rules](https://cloud.google.com/workstations/docs/configure-firewall-rules). # @!attribute [rw] pool_size # @return [::Integer] # Optional. The number of VMs that the system should keep idle so that # new workstations can be started quickly for new users. Defaults to `0` # in the API. # @!attribute [r] pooled_instances # @return [::Integer] # Output only. Number of instances currently available in the pool for # faster workstation startup. # @!attribute [rw] disable_public_ip_addresses # @return [::Boolean] # Optional. When set to true, disables public IP addresses for VMs. If # you disable public IP addresses, you must set up Private Google Access # or Cloud NAT on your network. If you use Private Google Access and you # use `private.googleapis.com` or `restricted.googleapis.com` for # Container Registry and Artifact Registry, make sure that you set # up DNS records for domains `*.gcr.io` and `*.pkg.dev`. # Defaults to false (VMs have public IP addresses). # @!attribute [rw] enable_nested_virtualization # @return [::Boolean] # Optional. Whether to enable nested virtualization on Cloud Workstations # VMs created under this workstation configuration. # # Nested virtualization lets you run virtual machine (VM) instances # inside your workstation. Before enabling nested virtualization, # consider the following important considerations. Cloud Workstations # instances are subject to the [same restrictions as Compute Engine # instances](https://cloud.google.com/compute/docs/instances/nested-virtualization/overview#restrictions): # # * **Organization policy**: projects, folders, or # organizations may be restricted from creating nested VMs if the # **Disable VM nested virtualization** constraint is enforced in # the organization policy. For more information, see the # Compute Engine section, # [Checking whether nested virtualization is # allowed](https://cloud.google.com/compute/docs/instances/nested-virtualization/managing-constraint#checking_whether_nested_virtualization_is_allowed). # * **Performance**: nested VMs might experience a 10% or greater # decrease in performance for workloads that are CPU-bound and # possibly greater than a 10% decrease for workloads that are # input/output bound. # * **Machine Type**: nested virtualization can only be enabled on # workstation configurations that specify a # {::Google::Cloud::Workstations::V1::WorkstationConfig::Host::GceInstance#machine_type machine_type} # in the N1 or N2 machine series. # * **GPUs**: nested virtualization may not be enabled on workstation # configurations with accelerators. # * **Operating System**: Because # [Container-Optimized # OS](https://cloud.google.com/compute/docs/images/os-details#container-optimized_os_cos) # does not support nested virtualization, when nested virtualization is # enabled, the underlying Compute Engine VM instances boot from an # [Ubuntu # LTS](https://cloud.google.com/compute/docs/images/os-details#ubuntu_lts) # image. # @!attribute [rw] shielded_instance_config # @return [::Google::Cloud::Workstations::V1::WorkstationConfig::Host::GceInstance::GceShieldedInstanceConfig] # Optional. A set of Compute Engine Shielded instance options. # @!attribute [rw] confidential_instance_config # @return [::Google::Cloud::Workstations::V1::WorkstationConfig::Host::GceInstance::GceConfidentialInstanceConfig] # Optional. A set of Compute Engine Confidential VM instance options. # @!attribute [rw] boot_disk_size_gb # @return [::Integer] # Optional. The size of the boot disk for the VM in gigabytes (GB). # The minimum boot disk size is `30` GB. Defaults to `50` GB. class GceInstance include ::Google::Protobuf::MessageExts extend ::Google::Protobuf::MessageExts::ClassMethods # A set of Compute Engine Shielded instance options. # @!attribute [rw] enable_secure_boot # @return [::Boolean] # Optional. Whether the instance has Secure Boot enabled. # @!attribute [rw] enable_vtpm # @return [::Boolean] # Optional. Whether the instance has the vTPM enabled. # @!attribute [rw] enable_integrity_monitoring # @return [::Boolean] # Optional. Whether the instance has integrity monitoring enabled. class GceShieldedInstanceConfig include ::Google::Protobuf::MessageExts extend ::Google::Protobuf::MessageExts::ClassMethods end # A set of Compute Engine Confidential VM instance options. # @!attribute [rw] enable_confidential_compute # @return [::Boolean] # Optional. Whether the instance has confidential compute enabled. class GceConfidentialInstanceConfig include ::Google::Protobuf::MessageExts extend ::Google::Protobuf::MessageExts::ClassMethods end end end # A directory to persist across workstation sessions. # @!attribute [rw] gce_pd # @return [::Google::Cloud::Workstations::V1::WorkstationConfig::PersistentDirectory::GceRegionalPersistentDisk] # A PersistentDirectory backed by a Compute Engine persistent disk. # @!attribute [rw] mount_path # @return [::String] # Optional. Location of this directory in the running workstation. class PersistentDirectory include ::Google::Protobuf::MessageExts extend ::Google::Protobuf::MessageExts::ClassMethods # A PersistentDirectory backed by a Compute Engine regional persistent # disk. The # {::Google::Cloud::Workstations::V1::WorkstationConfig#persistent_directories persistent_directories} # field is repeated, but it may contain only one entry. It creates a # [persistent # disk](https://cloud.google.com/compute/docs/disks/persistent-disks) that # mounts to the workstation VM at `/home` when the session starts and # detaches when the session ends. If this field is empty, workstations # created with this configuration do not have a persistent home # directory. # @!attribute [rw] size_gb # @return [::Integer] # Optional. The GB capacity of a persistent home directory for each # workstation created with this configuration. Must be empty if # {::Google::Cloud::Workstations::V1::WorkstationConfig::PersistentDirectory::GceRegionalPersistentDisk#source_snapshot source_snapshot} # is set. # # Valid values are `10`, `50`, `100`, `200`, `500`, or `1000`. # Defaults to `200`. If less than `200` GB, the # {::Google::Cloud::Workstations::V1::WorkstationConfig::PersistentDirectory::GceRegionalPersistentDisk#disk_type disk_type} # must be # `"pd-balanced"` or `"pd-ssd"`. # @!attribute [rw] fs_type # @return [::String] # Optional. Type of file system that the disk should be formatted with. # The workstation image must support this file system type. Must be empty # if # {::Google::Cloud::Workstations::V1::WorkstationConfig::PersistentDirectory::GceRegionalPersistentDisk#source_snapshot source_snapshot} # is set. Defaults to `"ext4"`. # @!attribute [rw] disk_type # @return [::String] # Optional. The [type of the persistent # disk](https://cloud.google.com/compute/docs/disks#disk-types) for the # home directory. Defaults to `"pd-standard"`. # @!attribute [rw] source_snapshot # @return [::String] # Optional. Name of the snapshot to use as the source for the disk. If # set, # {::Google::Cloud::Workstations::V1::WorkstationConfig::PersistentDirectory::GceRegionalPersistentDisk#size_gb size_gb} # and # {::Google::Cloud::Workstations::V1::WorkstationConfig::PersistentDirectory::GceRegionalPersistentDisk#fs_type fs_type} # must be empty. # @!attribute [rw] reclaim_policy # @return [::Google::Cloud::Workstations::V1::WorkstationConfig::PersistentDirectory::GceRegionalPersistentDisk::ReclaimPolicy] # Optional. Whether the persistent disk should be deleted when the # workstation is deleted. Valid values are `DELETE` and `RETAIN`. # Defaults to `DELETE`. class GceRegionalPersistentDisk include ::Google::Protobuf::MessageExts extend ::Google::Protobuf::MessageExts::ClassMethods # Value representing what should happen to the disk after the workstation # is deleted. module ReclaimPolicy # Do not use. RECLAIM_POLICY_UNSPECIFIED = 0 # Delete the persistent disk when deleting the workstation. DELETE = 1 # Keep the persistent disk when deleting the workstation. # An administrator must manually delete the disk. RETAIN = 2 end end end # A Docker container. # @!attribute [rw] image # @return [::String] # Optional. A Docker container image that defines a custom environment. # # Cloud Workstations provides a number of # [preconfigured # images](https://cloud.google.com/workstations/docs/preconfigured-base-images), # but you can create your own # [custom container # images](https://cloud.google.com/workstations/docs/custom-container-images). # If using a private image, the `host.gceInstance.serviceAccount` field # must be specified in the workstation configuration and must have # permission to pull the specified image. Otherwise, the image must be # publicly accessible. # @!attribute [rw] command # @return [::Array<::String>] # Optional. If set, overrides the default ENTRYPOINT specified by the # image. # @!attribute [rw] args # @return [::Array<::String>] # Optional. Arguments passed to the entrypoint. # @!attribute [rw] env # @return [::Google::Protobuf::Map{::String => ::String}] # Optional. Environment variables passed to the container's entrypoint. # @!attribute [rw] working_dir # @return [::String] # Optional. If set, overrides the default DIR specified by the image. # @!attribute [rw] run_as_user # @return [::Integer] # Optional. If set, overrides the USER specified in the image with the # given uid. class Container include ::Google::Protobuf::MessageExts extend ::Google::Protobuf::MessageExts::ClassMethods # @!attribute [rw] key # @return [::String] # @!attribute [rw] value # @return [::String] class EnvEntry include ::Google::Protobuf::MessageExts extend ::Google::Protobuf::MessageExts::ClassMethods end end # A customer-managed encryption key (CMEK) for the Compute Engine # resources of the associated workstation configuration. Specify the name of # your Cloud KMS encryption key and the default service account. # We recommend that you use a separate service account and follow # [Cloud KMS best # practices](https://cloud.google.com/kms/docs/separation-of-duties). # @!attribute [rw] kms_key # @return [::String] # Immutable. The name of the Google Cloud KMS encryption key. For example, # `"projects/PROJECT_ID/locations/REGION/keyRings/KEY_RING/cryptoKeys/KEY_NAME"`. # The key must be in the same region as the workstation configuration. # @!attribute [rw] kms_key_service_account # @return [::String] # Immutable. The service account to use with the specified # KMS key. We recommend that you use a separate service account # and follow KMS best practices. For more information, see # [Separation of # duties](https://cloud.google.com/kms/docs/separation-of-duties) and # `gcloud kms keys add-iam-policy-binding` # [`--member`](https://cloud.google.com/sdk/gcloud/reference/kms/keys/add-iam-policy-binding#--member). class CustomerEncryptionKey include ::Google::Protobuf::MessageExts extend ::Google::Protobuf::MessageExts::ClassMethods end # A readiness check to be performed on a workstation. # @!attribute [rw] path # @return [::String] # Optional. Path to which the request should be sent. # @!attribute [rw] port # @return [::Integer] # Optional. Port to which the request should be sent. class ReadinessCheck include ::Google::Protobuf::MessageExts extend ::Google::Protobuf::MessageExts::ClassMethods end # @!attribute [rw] key # @return [::String] # @!attribute [rw] value # @return [::String] class AnnotationsEntry include ::Google::Protobuf::MessageExts extend ::Google::Protobuf::MessageExts::ClassMethods end # @!attribute [rw] key # @return [::String] # @!attribute [rw] value # @return [::String] class LabelsEntry include ::Google::Protobuf::MessageExts extend ::Google::Protobuf::MessageExts::ClassMethods end end |