Reputation: 7309
What is the location argument of GCP workload identity pools
According to the documentation:
an example of creating an identity pool would be
gcloud iam workload-identity-pools create my-workload-identity-pool --location="global" --display-name="My workload pool" --description="My workload pool description" --disabled
What does the location global mean? What is the purpose of this argument? It is apparently not a location like us-central1 but a logical location.
Which values are available? I don't find any good documentation on this so i am asking.
Upvotes: 6
Views: 1596
Answers (1)
Reputation: 9810
The gcloud iam workload-identity-pools create command you mentioned ultimately calls the API method projects.locations.workloadIdentityPools.create which states that the only supported location is global. This makes sense since workload-identity-pools is a feature of the IAM (Identity and Access Management) service, which is a global product replicated across regions.
Now as per why this argument is required in the gcloud command while it isn't even asked in the corresponding Cloud Console form, this seems to be a design decision but in any case the only option is indeed global.
Upvotes: 7
Related Questions
- Access Cloud Run URL for GCP authenticated users
- How to create the GCP workload identity IAM bindings in Terraform?
- GCP IAM Binding for GKE Node Pool using Workload Identity
- Google Identity Platform OAuth server
- How to use gcp workload identity in java springboot application?
- GCP service Account Authentication
- GCP Identity Platform with Google IDP
- Limiting Access to GCP Resources with Google Identity and IAM
- GCP service accounts use case
- Documentation GCP Service Account Delegation