Workload Manager API

Name: Workload Manager API API
Brand: Workload Manager API
Availability: InStock

✓ Official Vendor SpecCloud InfrastructureComputeoauth214 EndpointsREST

For Agents

Run best-practice validations against SAP, SQL Server, and other enterprise workloads on Google Cloud. List evaluations, trigger executions, and pull rule results for compliance reporting.

Quickstart

Get started with Workload Manager API in minutes using your preferred integration method.

# Add to your MCP client config (Claude Desktop, Cursor, Windsurf)
{
  "jentic": {
    "url": "https://api.jentic.com/mcp",
    "auth": "oauth"
  }
}

# Then ask your agent:
"run a workload evaluation"

# → Jentic returns the GET /events tool with parameter schema, agent executes.

Capabilities

What an agent can do with Workload Manager API API.

Create and list evaluations that target enterprise workloads such as SAP or SQL Server

Trigger an evaluation execution on demand and track it via long-running operations

Retrieve execution results enumerating which rules passed or failed for a workload

List discovered workload profiles automatically detected in the project

GET STARTED

Start building with Workload Manager API API

Explore with Jentic

View OpenAPI Document

Use for: List all SAP workload evaluations in a project, Trigger an on-demand execution for an evaluation, Retrieve rule results for the latest execution, List discovered workload profiles in us-central1

Not supported: Does not handle application code scanning, runtime workload execution, container image building, or non-Google-Cloud workloads — use for best-practice evaluation of enterprise workloads on Google Cloud only.

The Google Workload Manager API automates the validation of enterprise workloads — SAP, Microsoft SQL Server, and other regulated deployments — against best-practice rules and recommendations on Google Cloud. Through evaluations and rules, teams discover deployed workload profiles, run on-demand or scheduled checks, and ingest insights for centralised reporting. The API exposes evaluations, executions, results, discovered profiles, and rules so engineering and SRE teams can shift workload compliance left into automation.

Use Cases

Patterns agents use Workload Manager API API for, with concrete tasks.

★ Continuous SAP best-practice validation

SAP teams running on Google Cloud schedule evaluations to detect drift from Google's recommended SAP NetWeaver and HANA configurations. The API exposes both the evaluation definition and execution control surface so that runs can be triggered from CI on every infrastructure change. Rule results feed into the team's compliance dashboards and ticketing.

POST to /v1/{+name}/executions:run for an SAP evaluation and poll the returned operation until done, then list executions to retrieve the resulting rule pass/fail counts.

SQL Server workload audits

Database administrators use Workload Manager to audit SQL Server deployments against Microsoft and Google best practices for HA, backup, and security configuration. Discovered profiles surface running instances automatically; evaluations encode the desired state. This produces an objective, repeatable audit trail in place of manual checklists.

List discoveredprofiles for type=SQL_SERVER, then for each profile create an evaluation execution and report any failed rules.

Compliance ingestion from third-party scanners

Teams running additional scanners outside Google Cloud push workload-level insights into Workload Manager via /v1/{+location}/insights:writeInsight. This consolidates findings from Trivy, Wiz, or in-house tooling into the same evaluation-and-execution model the Cloud Console uses, giving security leadership a single view across native and third-party data.

POST to /v1/{+location}/insights:writeInsight with a sentenceFingerprint payload and verify the response contains a successful status.

Agent-driven compliance reporting through Jentic

A compliance agent connected to Jentic can list evaluations, trigger executions, and assemble a report of failing rules without engineers writing client glue. Search Jentic for run a workload evaluation, load the executions:run operation, and execute it scoped to the right evaluation. Tokens stay isolated in the Jentic vault.

Through Jentic, list evaluations, run each one via /v1/{+name}/executions:run, and produce a Markdown report grouping failed rules by workload type.

Key Endpoints

14 endpoints — the google workload manager api automates the validation of enterprise workloads — sap, microsoft sql server, and other regulated deployments — against best-practice rules and recommendations on google cloud.

METHOD

PATH

DESCRIPTION

GET

/v1/{+parent}/evaluations

List evaluations

POST

/v1/{+name}/executions:run

Trigger an evaluation execution

GET

/v1/{+parent}/discoveredprofiles

List discovered workload profiles

POST

/v1/{+location}/insights:writeInsight

Write a workload insight

POST

/v1/{+name}:cancel

Cancel a long-running operation

GET

/v1/{+name}/operations

List long-running operations

GET

/v1/{+parent}/evaluations

List evaluations

POST

/v1/{+name}/executions:run

Trigger an evaluation execution

GET

/v1/{+parent}/discoveredprofiles

List discovered workload profiles

POST

/v1/{+location}/insights:writeInsight

Write a workload insight

POST

/v1/{+name}:cancel

Cancel a long-running operation

Why though Jentic?

Three things that make agents converge on Jentic-routed access.

Credential isolation

OAuth 2.0 client credentials for the Google Cloud project are stored encrypted in the Jentic vault. Agents execute with scoped access tokens; raw client secrets never enter the model context.

Intent-based discovery

Agents call Jentic search with intents like run a workload evaluation or list discovered workload profiles and Jentic returns the matching operation with its input schema.

Time to first call

Direct integration: 1-2 days for OAuth setup, operation polling, and result aggregation. Through Jentic: under an hour to run an evaluation and read back rule results.

Related APIs

Alternatives and complements available in the Jentic catalogue.

Complementary

Web Security Scanner API

Application-layer vulnerability scanning for App Engine, Compute, and GKE

Pair Web Security Scanner (app-layer DAST) with Workload Manager (workload configuration) for full-stack compliance.

Complementary

Cloud Asset Inventory API

Inventories all GCP resources to scope evaluations

Use Cloud Asset to enumerate workloads, then Workload Manager to validate them.

Complementary

Cloud Monitoring API

Surface evaluation failures as alerts in operational dashboards

Push Workload Manager rule failures to Cloud Monitoring so SRE on-call sees them alongside other alerts.

FAQs

Specific to using Workload Manager API API through Jentic.

What authentication does the Workload Manager API use?

OAuth 2.0 (Oauth2 and Oauth2c schemes) scoped to https://www.googleapis.com/auth/cloud-platform. Through Jentic the OAuth credentials are stored encrypted and short-lived access tokens are exchanged at execution time.

Which workload types does Workload Manager support?

The discoveredprofiles resource recognises SAP (NetWeaver and HANA), Microsoft SQL Server, and other enterprise workload types as Google adds rule packs. Evaluations target one workload type at a time. Check the discoveredprofiles list output for the supported types in your project.

What are the rate limits for the Workload Manager API?

Per-project quotas for evaluation create and execution run calls are managed in the Cloud Console under APIs and Services. Discovery and read operations have generous defaults; the practical bound is how often you choose to run evaluations across the workload fleet.

How do I trigger an evaluation through Jentic?

Search Jentic for run a workload evaluation, load the schema for POST /v1/{+name}/executions:run, and execute it with the evaluation name. The response is a long-running operation; poll /v1/{+name}/operations until done is true and then list executions to read rule results.

Can I import findings from non-Google scanners?

Yes. POST /v1/{+location}/insights:writeInsight accepts a structured insight payload so you can centralise findings from Wiz, Trivy, or in-house scanners alongside Workload Manager's own evaluation results.