Stay organized with collectionsSave and categorize content based on your preferences.
This document describes how to use custom rules in Workload Manager to evaluate
your workloads against best practices recommended for your organization.
From theRules table, select the custom rules you want to validate
the selected resources against.
In theScope & filterspane, select the resources that you want to
include in the evaluation.
ClickBrowse scopesand select the organizations, folders, or projects
in which you want to run the evaluation.
Optional: In theApply filters to resourcessection, use filters
to only select specific resources.
In theLocation for evaluation datasection, select theRegionswhere you want Workload Manager to store the evaluation data.
ClickContinue.
In theFrequency & notificationsection, do the following:
Optional: To export evaluation results to a BigQuery dataset,
selectSave to BigQuery dataset, and then
specify the name of the dataset.
Optional: To create a separate table for each evaluation, clickCreate a new results table for this evaluation.
Optional: To encrypt evaluation data with customer-managed encryption keys (CMEK),
clickEncryptionand provide an encryption key for each region. For more
information, seeEnable customer-managed encryption keys for evaluations.
ClickContinue.
In theEvaluation scopesection, select the resources that you want to
include in the evaluation.
ClickBrowse scopesand select the organizations, folders, or projects
in which you want to run the evaluation.
Optional: In theApply filters to resourcessection, use filters
to only select specific resources.
ClickContinue.
In theEvaluation rulessection, select the custom rules you want to validate
the selected resources against.
In theSchedulingsection, select the frequency at which you want the evaluation to run.
ClickContinue.
In theNotificationssection, select the notification channel and select
the events for which you want to receive notifications.
ClickContinue.
Review the evaluation settings, and then clickCreate.
Run the evaluation
To run a workload evaluation, follow these steps:
In the Google Cloud console, go to theWorkload Managerpage.
On theEvaluation informationpage, clickRun. A workload evaluation
takes a few minutes to complete. There might be evaluations that aren't
completely real-time due to the time it takes for an evaluation to complete.
[[["Easy to understand","easyToUnderstand","thumb-up"],["Solved my problem","solvedMyProblem","thumb-up"],["Other","otherUp","thumb-up"]],[["Hard to understand","hardToUnderstand","thumb-down"],["Incorrect information or sample code","incorrectInformationOrSampleCode","thumb-down"],["Missing the information/samples I need","missingTheInformationSamplesINeed","thumb-down"],["Other","otherDown","thumb-down"]],["Last updated 2025-09-04 UTC."],[],[],null,["# Evaluate your workloads using custom rules\n\nThis document describes how to use custom rules in Workload Manager to evaluate\nyour workloads against best practices recommended for your organization.\n\nFor more information, see [About custom rules in Workload Manager](/workload-manager/docs/evaluate/custom-rules/about-custom-rules).\n\nBefore you begin\n----------------\n\n- [Create custom rules using Rego](/workload-manager/docs/evaluate/custom-rules/rego-custom-rules) and upload rules to a Cloud Storage bucket.\n- Enable the following APIs in your Google Cloud project where you create and run the evaluation:\n - Service Usage API\n - Cloud Monitoring API\n\n### Required roles\n\nFor more information about the required IAM roles, see [required permissions\nto create and run an evaluation](/workload-manager/docs/roles#summary_of_required_permissions_to_create_and_run_an_evaluation).\n\nEvaluate workloads using custom rules\n-------------------------------------\n\nTo create a workload evaluation using custom rules, follow these steps:\n\n1. In the Google Cloud console, go to the **Workload Manager** page.\n\n Go to [Workload Manager](https://console.cloud.google.com/workload-manager)\n2. Select a Google Cloud project.\n\n3. If prompted, to enable the required API for Workload Manager, click **Enable**.\n\n4. Click add**New evaluation**.\n\n5. In the **Evaluation details** section, do the following:\n\n 1. For **Evaluation name**, enter a name for the workload evaluation.\n 2. For **Workload type** , select **Custom**.\n 3. Select the Cloud Storage bucket containing the custom rules.\n\n You can use the sample rules available in the [GoogleCloudPlatform/workload-manager](https://github.com/GoogleCloudPlatform/workload-manager)\n GitHub repository or build your own rules and upload them to the Cloud Storage bucket.\n For more information, see [Write custom rules using Rego](/workload-manager/docs/evaluate/custom-rules/rego-custom-rules).\n 4. In the **Location for evaluation data** section, select the **Regions**\n where you want Workload Manager to store the evaluation data.\n\n 5. Optional: To export evaluation results to a BigQuery dataset,\n select **Save evaluation results to BigQuery dataset**, and then\n specify the name of the dataset.\n\n | **Note:** Ensure that the BigQuery dataset is regional. Workload Manager doesn't support exporting data to multi-region datasets. You must also create and use a dataset in the same region as the one you selected for evaluation in the previous step. If your organization uses a [Resource Location Restriction](/resource-manager/docs/organization-policy/defining-locations) policy, then create a BigQuery dataset in one of the allowed regions and [Workload Manager supported regions](/workload-manager/docs/evaluate/locations).\n 6. Optional: To create a separate table for each evaluation, click **Create a new results table for this evaluation**.\n\n 7. Optional: To encrypt evaluation data with customer-managed encryption keys (CMEK),\n click **Encryption** and provide an encryption key for each region. For more\n information, see [Enable customer-managed encryption keys for evaluations](/workload-manager/docs/evaluate/custom-rules/enable-cmek).\n\n6. Click **Continue**.\n\n7. In the **Evaluation scope** section, select the resources that you want to\n include in the evaluation.\n\n 1. Click **Browse scopes** and select the organizations, folders, or projects in which you want to run the evaluation.\n 2. Optional: In the **Apply filters to resources** section, use filters to only select specific resources.\n8. Click **Continue**.\n\n9. In the **Evaluation rules** section, select the custom rules you want to validate\n the selected resources against.\n\n10. In the **Scheduling** section, select the frequency at which you want the evaluation to run.\n\n11. Click **Continue**.\n\n12. In the **Notifications** section, select the notification channel and select\n the events for which you want to receive notifications.\n\n13. Click **Continue**.\n\n14. Review the evaluation settings, and then click **Create**.\n\nRun the evaluation\n------------------\n\nTo run a workload evaluation, follow these steps:\n\n1. In the Google Cloud console, go to the **Workload Manager** page.\n\n Go to [Workload Manager](https://console.cloud.google.com/workloads?walkthrough_id=workload-manager--create-evaluation).\n2. Click the **Evaluation name**.\n\n3. On the **Evaluation information** page, click **Run**. A workload evaluation\n takes a few minutes to complete. There might be evaluations that aren't\n completely real-time due to the time it takes for an evaluation to complete.\n\nWhat's next\n-----------\n\n- Learn more [about workload evaluations](/workload-manager/docs/about-evaluations)."]]
