You cannot use a deleted pool to exchange external credentials for Google Cloud credentials. However, deletion does not revoke credentials that have already been issued. Credentials issued for a deleted pool do not grant access to resources. If the pool is undeleted, and the credentials are not expired, they grant access again. You can undelete a pool for 30 days. After 30 days, deletion is permanent. You cannot update deleted pools. However, you can view and list them.
[[["Easy to understand","easyToUnderstand","thumb-up"],["Solved my problem","solvedMyProblem","thumb-up"],["Other","otherUp","thumb-up"]],[["Hard to understand","hardToUnderstand","thumb-down"],["Incorrect information or sample code","incorrectInformationOrSampleCode","thumb-down"],["Missing the information/samples I need","missingTheInformationSamplesINeed","thumb-down"],["Other","otherDown","thumb-down"]],["Last updated 2025-05-21 UTC."],[[["\u003cp\u003eThis webpage details the process of deleting a WorkloadIdentityPool, which prevents the pool from being used for exchanging external credentials, but does not revoke already issued credentials.\u003c/p\u003e\n"],["\u003cp\u003eThe deletion of a pool is reversible for 30 days, after which it becomes permanent, and while deleted, the pool cannot be updated, but can still be viewed and listed.\u003c/p\u003e\n"],["\u003cp\u003eThe HTTP request to delete a pool is a \u003ccode\u003eDELETE\u003c/code\u003e request to a specific URL using gRPC Transcoding syntax, with the pool's name provided as a required path parameter.\u003c/p\u003e\n"],["\u003cp\u003eThe request body for deleting a WorkloadIdentityPool must be empty, and a successful request returns an instance of an \u003ccode\u003eOperation\u003c/code\u003e.\u003c/p\u003e\n"],["\u003cp\u003eDeleting a pool requires specific OAuth scopes or the \u003ccode\u003eiam.workloadIdentityPools.delete\u003c/code\u003e IAM permission on the resource.\u003c/p\u003e\n"]]],[],null,[]]
