Policy: GCP > Project > Organization Policy > Disable Workload Identity Cluster Creation
Manage the GCP Organization Policy "Disable Workload Identity Cluster Creation" for the project.
This boolean constraint, when set to True, requires that all new GKE clusters have Workload Identity disabled at creation time. Existing GKE clusters with Workload Identity already enabled will continue to work as usual.
By default, Workload Identity can be enabled for any GKE cluster.
Resource Types
This policy targets the following resource types:
Primary Policy
This policy is used with the following primary policy:
Controls
- GCP > Project > Organization Policy > Disable Workload Identity Cluster Creation
- GCP > Project > Organization Policy
Policy Specification
Schema Type | |
|---|---|
Default | |
Valid Values [YAML] |
|
Examples [YAML] |
|
Category
In Your Workspace
Developers
- tmod:@turbot/turbot#/control/categories/policy
- tmod:@turbot/gcp-orgpolicy#/policy/types/iamDisableWorkloadIdentityClusterCreation
- turbot graphql policy-type --id "tmod:@turbot/gcp-orgpolicy#/policy/types/iamDisableWorkloadIdentityClusterCreation"
- turbot graphql policy-settings --filter "policyTypeId:tmod:@turbot/gcp-orgpolicy#/policy/types/iamDisableWorkloadIdentityClusterCreation"
Get Policy TypeGet Policy Settings
Category URI
Policy Type URI
GraphQL
CLI