Console
    Contact Us Start free

    Tag worker pools

    Tags are key-value pairs you can apply to your worker pools for fine-grained access control. Tags provides a way to conditionally allow or deny policies based on whether a resource has a specific tag.

    At the organization or project level, tag administrators create tags for resources across Google Cloud and manage them in Resource Manager .

    Required roles

    To get the permissions that you need to attach or detach tags, ask your administrator to grant you the following IAM roles on the Cloud Run worker pool:

    To manage access on the tag value resource in Resource Manager, your account must also have the Tag User ( roles/resourcemanager.tagUser ) role granted for the tag value . The tag value is the resource that is attached to the Cloud Run worker pool.

    For a list of IAM roles and permissions that are associated with Cloud Run, see Cloud Run IAM roles and Cloud Run IAM permissions . If your Cloud Run worker pool interfaces with Google Cloud APIs, such as Cloud Client Libraries, see the service identity configuration guide . For more information about granting roles, see deployment permissions and manage access .

    Attach tags

    Note that attaching a tag to your worker pool does not result in the creation of a new revision.

    You can attach tags using the Google Cloud CLI.

    gcloud

    You can update tags for a worker pool using the command:

    gcloud  
resource-manager  
tags  
bindings  
create  
 \ 
  
--tag-value = 
 TAG_VALUE 
  
 \ 
  
--parent = 
//run.googleapis.com/projects/ PROJECT_ID 
/locations/ REGION 
/workerpools/ WORKER_POOL 
  
 \ 
  
--location = 
 REGION

    To update more than one tag, supply a comma-delimited list of key/value pairs.

    Replace:

    • TAG_VALUE with the value for the key. You can use several different types of values, such as a permanent ID such as tagValues/12345678901 , a namespaced value such as 123456789012/env/prod , or a short name such as prod .
    • PROJECT_ID with project ID of your Google Cloud project
    • REGION with region your Cloud Run worker pool is deployed to
    • WORKER_POOL with name of your Cloud Run worker pool

    Detach a tag

    Use the Google Cloud CLI to detach tags from your worker pool.

    gcloud

    To detach a tag from a worker pool:

    gcloud  
resource-manager  
tags  
bindings  
delete  
 \ 
  
--tag-value = 
 TAG_VALUE 
  
 \ 
  
--parent = 
//run.googleapis.com/projects/ PROJECT_ID 
/locations/ REGION 
/workerpools/ WORKER_POOL 
  
 \ 
  
--location = 
 REGION

    To detach more than one tag, supply a comma-delimited list of key/value pairs.

    Replace

    • TAG_VALUE with the value for the key: you can several different types of values: a permanent ID such as tagValues/12345678901 , a namespaced value such as 123456789012/env/prod , or a short name such as prod .
    • PROJECT_ID with project ID of your Google Cloud project
    • REGION with region your Cloud Run worker pool is deployed to
    • WORKER_POOL with name of your Cloud Run worker pool
    Design a Mobile Site
    View Site in Mobile | Classic
    Share by: