workforce_pool_subjects
Creates, updates, deletes, gets or lists a workforce_pool_subjects resource.
Overview
| Name | workforce_pool_subjects |
| Type | Resource |
| Id | google.iam.workforce_pool_subjects |
Fields
The following fields are returned by SELECT queries:
SELECT not supported for this resource, use SHOW METHODS to view available operations for the resource.
Methods
The following methods are available for this resource:
| Name | Accessible by | Required Params | Optional Params | Description |
|---|---|---|---|---|
delete | delete | locationsId, workforcePoolsId, subjectsId | Deletes a WorkforcePoolSubject. Subject must not already be in a deleted state. A WorkforcePoolSubject is automatically created the first time an external credential is exchanged for a Google Cloud credential using a mapped google.subject attribute. There is no endpoint to manually create a WorkforcePoolSubject. For 30 days after a WorkforcePoolSubject is deleted, using the same google.subject attribute in token exchanges with Google Cloud STS fails. Call UndeleteWorkforcePoolSubject to undelete a WorkforcePoolSubject that has been deleted, within within 30 days of deleting it. After 30 days, the WorkforcePoolSubject is permanently deleted. At this point, a token exchange with Google Cloud STS that uses the same mapped google.subject attribute automatically creates a new WorkforcePoolSubject that is unrelated to the previously deleted WorkforcePoolSubject but has the same google.subject value. | |
undelete | exec | locationsId, workforcePoolsId, subjectsId | Undeletes a WorkforcePoolSubject, as long as it was deleted fewer than 30 days ago. |
Parameters
Parameters can be passed in the WHERE clause of a query. Check the Methods section to see which parameters are required or optional for each operation.
| Name | Datatype | Description |
|---|---|---|
locationsId | string | |
subjectsId | string | |
workforcePoolsId | string |
DELETE examples
- delete
Deletes a WorkforcePoolSubject. Subject must not already be in a deleted state. A WorkforcePoolSubject is automatically created the first time an external credential is exchanged for a Google Cloud credential using a mapped google.subject attribute. There is no endpoint to manually create a WorkforcePoolSubject. For 30 days after a WorkforcePoolSubject is deleted, using the same google.subject attribute in token exchanges with Google Cloud STS fails. Call UndeleteWorkforcePoolSubject to undelete a WorkforcePoolSubject that has been deleted, within within 30 days of deleting it. After 30 days, the WorkforcePoolSubject is permanently deleted. At this point, a token exchange with Google Cloud STS that uses the same mapped google.subject attribute automatically creates a new WorkforcePoolSubject that is unrelated to the previously deleted WorkforcePoolSubject but has the same google.subject value.
DELETE FROM google.iam.workforce_pool_subjects
WHERE locationsId = '{{ locationsId }}' --required
AND workforcePoolsId = '{{ workforcePoolsId }}' --required
AND subjectsId = '{{ subjectsId }}' --required;
Lifecycle Methods
- undelete
Undeletes a WorkforcePoolSubject, as long as it was deleted fewer than 30 days ago.
EXEC google.iam.workforce_pool_subjects.undelete
@locationsId='{{ locationsId }}' --required,
@workforcePoolsId='{{ workforcePoolsId }}' --required,
@subjectsId='{{ subjectsId }}' --required;