From d4d1489f674b11c5c192b5b511d696bcb808487a Mon Sep 17 00:00:00 2001 From: VenelinMartinov Date: Mon, 3 Jun 2024 10:30:24 +0100 Subject: [PATCH] Upgrade terraform-provider-google-beta to v5.31.1 (#2043) This PR was generated via `$ upgrade-provider pulumi/pulumi-gcp --kind=provider`. --- - Upgrading terraform-provider-google-beta from 5.30.0 to 5.31.1. Fixes #2035 --- .../pulumi-resource-gcp/bridge-metadata.json | 393 ++ provider/cmd/pulumi-resource-gcp/schema.json | 2776 +++++++++++++- provider/provider_yaml_test.go | 1 + provider/resources.go | 24 + sdk/dotnet/AppEngine/DomainMapping.cs | 2 +- .../Inputs/FlexibleAppVersionNetworkArgs.cs | 7 + .../FlexibleAppVersionNetworkGetArgs.cs | 7 + .../Outputs/FlexibleAppVersionNetwork.cs | 8 + .../TableExternalDataConfigurationArgs.cs | 7 + ...nalDataConfigurationBigtableOptionsArgs.cs | 50 + ...gurationBigtableOptionsColumnFamilyArgs.cs | 56 + ...onBigtableOptionsColumnFamilyColumnArgs.cs | 56 + ...igtableOptionsColumnFamilyColumnGetArgs.cs | 56 + ...ationBigtableOptionsColumnFamilyGetArgs.cs | 56 + ...DataConfigurationBigtableOptionsGetArgs.cs | 50 + .../TableExternalDataConfigurationGetArgs.cs | 7 + .../Inputs/TableTableReplicationInfoArgs.cs | 3 +- .../TableTableReplicationInfoGetArgs.cs | 3 +- .../Outputs/TableExternalDataConfiguration.cs | 8 + ...xternalDataConfigurationBigtableOptions.cs | 49 + ...onfigurationBigtableOptionsColumnFamily.cs | 56 + ...rationBigtableOptionsColumnFamilyColumn.cs | 63 + .../Outputs/TableTableReplicationInfo.cs | 3 +- sdk/dotnet/BigQuery/Table.cs | 48 +- sdk/dotnet/CloudFunctionsV2/Function.cs | 8 - .../Inputs/ServiceTemplateSpecVolumeArgs.cs | 9 + .../ServiceTemplateSpecVolumeCsiArgs.cs | 2 - .../ServiceTemplateSpecVolumeCsiGetArgs.cs | 2 - .../ServiceTemplateSpecVolumeGetArgs.cs | 9 + .../ServiceTemplateSpecVolumeNfsArgs.cs | 40 + .../ServiceTemplateSpecVolumeNfsGetArgs.cs | 40 + .../GetServiceTemplateSpecVolumeNfResult.cs | 42 + .../GetServiceTemplateSpecVolumeResult.cs | 9 + .../Outputs/ServiceTemplateSpecVolume.cs | 10 + .../Outputs/ServiceTemplateSpecVolumeCsi.cs | 2 - .../Outputs/ServiceTemplateSpecVolumeNfs.cs | 44 + sdk/dotnet/Composer/UserWorkloadsSecret.cs | 4 +- sdk/dotnet/Compute/GetSubnetworks.cs | 163 + .../InstanceFromMachineImageSchedulingArgs.cs | 6 + ...stanceFromMachineImageSchedulingGetArgs.cs | 6 + ...ImageSchedulingOnInstanceStopActionArgs.cs | 26 + ...geSchedulingOnInstanceStopActionGetArgs.cs | 26 + .../InstanceFromTemplateSchedulingArgs.cs | 6 + .../InstanceFromTemplateSchedulingGetArgs.cs | 6 + ...plateSchedulingOnInstanceStopActionArgs.cs | 26 + ...teSchedulingOnInstanceStopActionGetArgs.cs | 26 + .../Compute/Inputs/InstanceSchedulingArgs.cs | 9 +- .../Inputs/InstanceSchedulingGetArgs.cs | 9 +- .../InstanceSchedulingMaxRunDurationArgs.cs | 11 +- ...InstanceSchedulingMaxRunDurationGetArgs.cs | 11 +- ...tanceSchedulingOnInstanceStopActionArgs.cs | 26 + ...ceSchedulingOnInstanceStopActionGetArgs.cs | 26 + .../Inputs/InstanceTemplateSchedulingArgs.cs | 9 +- .../InstanceTemplateSchedulingGetArgs.cs | 9 +- ...nceTemplateSchedulingMaxRunDurationArgs.cs | 11 +- ...TemplateSchedulingMaxRunDurationGetArgs.cs | 11 +- ...plateSchedulingOnInstanceStopActionArgs.cs | 26 + ...teSchedulingOnInstanceStopActionGetArgs.cs | 26 + .../RegionInstanceTemplateSchedulingArgs.cs | 6 + ...RegionInstanceTemplateSchedulingGetArgs.cs | 6 + ...plateSchedulingOnInstanceStopActionArgs.cs | 26 + ...teSchedulingOnInstanceStopActionGetArgs.cs | 26 + ...SecurityPolicyAdvancedOptionsConfigArgs.cs | 1 + ...urityPolicyAdvancedOptionsConfigGetArgs.cs | 1 + .../SecurityPolicyRuleRateLimitOptionsArgs.cs | 67 +- ...icyRuleRateLimitOptionsBanThresholdArgs.cs | 8 +- ...RuleRateLimitOptionsBanThresholdGetArgs.cs | 8 +- ...eRateLimitOptionsEnforceOnKeyConfigArgs.cs | 27 +- ...teLimitOptionsEnforceOnKeyConfigGetArgs.cs | 27 +- ...teLimitOptionsExceedRedirectOptionsArgs.cs | 6 +- ...imitOptionsExceedRedirectOptionsGetArgs.cs | 6 +- ...curityPolicyRuleRateLimitOptionsGetArgs.cs | 67 +- ...eRateLimitOptionsRateLimitThresholdArgs.cs | 8 +- ...teLimitOptionsRateLimitThresholdGetArgs.cs | 8 +- sdk/dotnet/Compute/InstanceGroupMembership.cs | 2 +- sdk/dotnet/Compute/InterconnectAttachment.cs | 33 + sdk/dotnet/Compute/NetworkEndpoint.cs | 2 +- sdk/dotnet/Compute/NetworkEndpointList.cs | 2 +- ...nceSchedulingOnInstanceStopActionResult.cs | 27 + .../Outputs/GetInstanceSchedulingResult.cs | 7 + ...ateSchedulingOnInstanceStopActionResult.cs | 27 + .../GetInstanceTemplateSchedulingResult.cs | 7 + ...ateSchedulingOnInstanceStopActionResult.cs | 27 + ...tRegionInstanceTemplateSchedulingResult.cs | 7 + .../Outputs/GetSubnetworksSubnetworkResult.cs | 67 + .../InstanceFromMachineImageScheduling.cs | 7 + ...hineImageSchedulingOnInstanceStopAction.cs | 27 + .../Outputs/InstanceFromTemplateScheduling.cs | 7 + ...mTemplateSchedulingOnInstanceStopAction.cs | 27 + .../Compute/Outputs/InstanceScheduling.cs | 10 +- .../InstanceSchedulingMaxRunDuration.cs | 11 +- .../InstanceSchedulingOnInstanceStopAction.cs | 27 + .../Outputs/InstanceTemplateScheduling.cs | 10 +- ...nstanceTemplateSchedulingMaxRunDuration.cs | 11 +- ...eTemplateSchedulingOnInstanceStopAction.cs | 27 + .../RegionInstanceTemplateScheduling.cs | 7 + ...eTemplateSchedulingOnInstanceStopAction.cs | 27 + .../SecurityPolicyAdvancedOptionsConfig.cs | 1 + .../SecurityPolicyRuleRateLimitOptions.cs | 67 +- ...yPolicyRuleRateLimitOptionsBanThreshold.cs | 8 +- ...yRuleRateLimitOptionsEnforceOnKeyConfig.cs | 27 +- ...leRateLimitOptionsExceedRedirectOptions.cs | 6 +- ...yRuleRateLimitOptionsRateLimitThreshold.cs | 8 +- sdk/dotnet/Compute/RegionSslPolicy.cs | 24 +- sdk/dotnet/Compute/SecurityPolicyRule.cs | 21 + .../Container/Inputs/ClusterNodeConfigArgs.cs | 6 + .../ClusterNodeConfigContainerdConfigArgs.cs | 26 + ...lusterNodeConfigContainerdConfigGetArgs.cs | 26 + ...rdConfigPrivateRegistryAccessConfigArgs.cs | 38 + ...figCertificateAuthorityDomainConfigArgs.cs | 38 + ...igGcpSecretManagerCertificateConfigArgs.cs | 26 + ...cpSecretManagerCertificateConfigGetArgs.cs | 26 + ...CertificateAuthorityDomainConfigGetArgs.cs | 38 + ...onfigPrivateRegistryAccessConfigGetArgs.cs | 38 + .../Inputs/ClusterNodeConfigGetArgs.cs | 6 + ...rNodePoolDefaultsNodeConfigDefaultsArgs.cs | 6 + ...sNodeConfigDefaultsContainerdConfigArgs.cs | 26 + ...deConfigDefaultsContainerdConfigGetArgs.cs | 26 + ...rdConfigPrivateRegistryAccessConfigArgs.cs | 38 + ...figCertificateAuthorityDomainConfigArgs.cs | 38 + ...igGcpSecretManagerCertificateConfigArgs.cs | 26 + ...cpSecretManagerCertificateConfigGetArgs.cs | 26 + ...CertificateAuthorityDomainConfigGetArgs.cs | 38 + ...onfigPrivateRegistryAccessConfigGetArgs.cs | 38 + ...dePoolDefaultsNodeConfigDefaultsGetArgs.cs | 6 + .../Inputs/ClusterNodePoolNodeConfigArgs.cs | 6 + ...rNodePoolNodeConfigContainerdConfigArgs.cs | 26 + ...dePoolNodeConfigContainerdConfigGetArgs.cs | 26 + ...rdConfigPrivateRegistryAccessConfigArgs.cs | 38 + ...figCertificateAuthorityDomainConfigArgs.cs | 38 + ...igGcpSecretManagerCertificateConfigArgs.cs | 26 + ...cpSecretManagerCertificateConfigGetArgs.cs | 26 + ...CertificateAuthorityDomainConfigGetArgs.cs | 38 + ...onfigPrivateRegistryAccessConfigGetArgs.cs | 38 + .../ClusterNodePoolNodeConfigGetArgs.cs | 6 + .../Inputs/NodePoolNodeConfigArgs.cs | 6 + .../NodePoolNodeConfigContainerdConfigArgs.cs | 26 + ...dePoolNodeConfigContainerdConfigGetArgs.cs | 26 + ...rdConfigPrivateRegistryAccessConfigArgs.cs | 38 + ...figCertificateAuthorityDomainConfigArgs.cs | 38 + ...igGcpSecretManagerCertificateConfigArgs.cs | 26 + ...cpSecretManagerCertificateConfigGetArgs.cs | 26 + ...CertificateAuthorityDomainConfigGetArgs.cs | 38 + ...onfigPrivateRegistryAccessConfigGetArgs.cs | 38 + .../Inputs/NodePoolNodeConfigGetArgs.cs | 6 + .../Container/Outputs/ClusterNodeConfig.cs | 7 + .../ClusterNodeConfigContainerdConfig.cs | 27 + ...ainerdConfigPrivateRegistryAccessConfig.cs | 35 + ...sConfigCertificateAuthorityDomainConfig.cs | 35 + ...ConfigGcpSecretManagerCertificateConfig.cs | 27 + ...usterNodePoolDefaultsNodeConfigDefaults.cs | 7 + ...aultsNodeConfigDefaultsContainerdConfig.cs | 27 + ...ainerdConfigPrivateRegistryAccessConfig.cs | 35 + ...sConfigCertificateAuthorityDomainConfig.cs | 35 + ...ConfigGcpSecretManagerCertificateConfig.cs | 27 + .../Outputs/ClusterNodePoolNodeConfig.cs | 7 + ...usterNodePoolNodeConfigContainerdConfig.cs | 27 + ...ainerdConfigPrivateRegistryAccessConfig.cs | 35 + ...sConfigCertificateAuthorityDomainConfig.cs | 35 + ...ConfigGcpSecretManagerCertificateConfig.cs | 27 + ...GcpSecretManagerCertificateConfigResult.cs | 27 + ...gCertificateAuthorityDomainConfigResult.cs | 35 + ...ConfigPrivateRegistryAccessConfigResult.cs | 35 + ...ClusterNodeConfigContainerdConfigResult.cs | 27 + .../Outputs/GetClusterNodeConfigResult.cs | 7 + ...GcpSecretManagerCertificateConfigResult.cs | 27 + ...gCertificateAuthorityDomainConfigResult.cs | 35 + ...ConfigPrivateRegistryAccessConfigResult.cs | 35 + ...NodeConfigDefaultContainerdConfigResult.cs | 27 + ...rNodePoolDefaultNodeConfigDefaultResult.cs | 7 + ...GcpSecretManagerCertificateConfigResult.cs | 27 + ...gCertificateAuthorityDomainConfigResult.cs | 35 + ...ConfigPrivateRegistryAccessConfigResult.cs | 35 + ...odePoolNodeConfigContainerdConfigResult.cs | 27 + .../GetClusterNodePoolNodeConfigResult.cs | 7 + .../Container/Outputs/NodePoolNodeConfig.cs | 7 + .../NodePoolNodeConfigContainerdConfig.cs | 27 + ...ainerdConfigPrivateRegistryAccessConfig.cs | 35 + ...sConfigCertificateAuthorityDomainConfig.cs | 35 + ...ConfigGcpSecretManagerCertificateConfig.cs | 27 + sdk/dotnet/DataPlex/AspectType.cs | 565 +++ sdk/dotnet/DataPlex/AspectTypeIamBinding.cs | 449 +++ sdk/dotnet/DataPlex/AspectTypeIamMember.cs | 437 +++ sdk/dotnet/DataPlex/AspectTypeIamPolicy.cs | 377 ++ sdk/dotnet/DataPlex/EntryGroup.cs | 393 ++ sdk/dotnet/DataPlex/EntryGroupIamBinding.cs | 449 +++ sdk/dotnet/DataPlex/EntryGroupIamMember.cs | 437 +++ sdk/dotnet/DataPlex/EntryGroupIamPolicy.cs | 377 ++ sdk/dotnet/DataPlex/GetAspectTypeIamPolicy.cs | 163 + sdk/dotnet/DataPlex/GetEntryGroupIamPolicy.cs | 163 + .../AspectTypeIamBindingConditionArgs.cs | 29 + .../AspectTypeIamBindingConditionGetArgs.cs | 29 + .../AspectTypeIamMemberConditionArgs.cs | 29 + .../AspectTypeIamMemberConditionGetArgs.cs | 29 + .../EntryGroupIamBindingConditionArgs.cs | 29 + .../EntryGroupIamBindingConditionGetArgs.cs | 29 + .../EntryGroupIamMemberConditionArgs.cs | 29 + .../EntryGroupIamMemberConditionGetArgs.cs | 29 + .../Outputs/AspectTypeIamBindingCondition.cs | 33 + .../Outputs/AspectTypeIamMemberCondition.cs | 33 + .../Outputs/EntryGroupIamBindingCondition.cs | 33 + .../Outputs/EntryGroupIamMemberCondition.cs | 33 + sdk/dotnet/Datastream/ConnectionProfile.cs | 18 + sdk/dotnet/Datastream/PrivateConnection.cs | 18 + sdk/dotnet/Datastream/Stream.cs | 18 + sdk/dotnet/Kms/AutokeyConfig.cs | 272 ++ sdk/dotnet/Kms/KeyHandle.cs | 374 ++ .../LbRouteExtensionExtensionChainArgs.cs | 51 + ...uteExtensionExtensionChainExtensionArgs.cs | 74 + ...ExtensionExtensionChainExtensionGetArgs.cs | 74 + .../LbRouteExtensionExtensionChainGetArgs.cs | 51 + ...tensionExtensionChainMatchConditionArgs.cs | 26 + ...sionExtensionChainMatchConditionGetArgs.cs | 26 + ...ficExtensionExtensionChainExtensionArgs.cs | 8 +- ...ExtensionExtensionChainExtensionGetArgs.cs | 8 +- .../NetworkServices/LbRouteExtension.cs | 361 ++ .../NetworkServices/LbTrafficExtension.cs | 18 +- .../Outputs/LbRouteExtensionExtensionChain.cs | 49 + ...LbRouteExtensionExtensionChainExtension.cs | 75 + ...teExtensionExtensionChainMatchCondition.cs | 27 + ...TrafficExtensionExtensionChainExtension.cs | 8 +- sdk/dotnet/OrgPolicy/Policy.cs | 2 +- .../SubscriptionCloudStorageConfigArgs.cs | 6 + .../SubscriptionCloudStorageConfigGetArgs.cs | 6 + ...GetSubscriptionCloudStorageConfigResult.cs | 7 + .../Outputs/SubscriptionCloudStorageConfig.cs | 7 + sdk/dotnet/PubSub/Subscription.cs | 6 +- sdk/dotnet/Sql/User.cs | 4 +- .../Tpu/Inputs/V2VmAcceleratorConfigArgs.cs | 2 +- .../Inputs/V2VmAcceleratorConfigGetArgs.cs | 2 +- .../Tpu/Outputs/V2VmAcceleratorConfig.cs | 2 +- sdk/go/gcp/appengine/domainMapping.go | 6 +- sdk/go/gcp/appengine/pulumiTypes.go | 23 + sdk/go/gcp/bigquery/pulumiTypes.go | 526 ++- sdk/go/gcp/bigquery/table.go | 96 +- sdk/go/gcp/cloudfunctionsv2/function.go | 10 +- sdk/go/gcp/cloudrun/pulumiTypes.go | 347 +- sdk/go/gcp/composer/userWorkloadsSecret.go | 4 +- sdk/go/gcp/compute/getSubnetworks.go | 146 + sdk/go/gcp/compute/instanceGroupMembership.go | 2 +- sdk/go/gcp/compute/interconnectAttachment.go | 45 + sdk/go/gcp/compute/networkEndpoint.go | 2 +- sdk/go/gcp/compute/networkEndpointList.go | 2 +- sdk/go/gcp/compute/pulumiTypes.go | 2217 ++++++----- sdk/go/gcp/compute/pulumiTypes1.go | 1390 +++++++ sdk/go/gcp/compute/regionSslPolicy.go | 34 +- sdk/go/gcp/compute/securityPolicyRule.go | 21 + sdk/go/gcp/container/pulumiTypes.go | 3311 +++++++++++++++++ sdk/go/gcp/dataplex/aspectType.go | 663 ++++ sdk/go/gcp/dataplex/aspectTypeIamBinding.go | 643 ++++ sdk/go/gcp/dataplex/aspectTypeIamMember.go | 643 ++++ sdk/go/gcp/dataplex/aspectTypeIamPolicy.go | 550 +++ sdk/go/gcp/dataplex/entryGroup.go | 490 +++ sdk/go/gcp/dataplex/entryGroupIamBinding.go | 643 ++++ sdk/go/gcp/dataplex/entryGroupIamMember.go | 643 ++++ sdk/go/gcp/dataplex/entryGroupIamPolicy.go | 550 +++ sdk/go/gcp/dataplex/getAspectTypeIamPolicy.go | 151 + sdk/go/gcp/dataplex/getEntryGroupIamPolicy.go | 151 + sdk/go/gcp/dataplex/init.go | 56 + sdk/go/gcp/dataplex/pulumiTypes.go | 668 ++++ sdk/go/gcp/datastream/connectionProfile.go | 15 + sdk/go/gcp/datastream/privateConnection.go | 15 + sdk/go/gcp/datastream/stream.go | 15 + sdk/go/gcp/kms/autokeyConfig.go | 394 ++ sdk/go/gcp/kms/init.go | 14 + sdk/go/gcp/kms/keyHandle.go | 490 +++ sdk/go/gcp/networkservices/init.go | 7 + .../gcp/networkservices/lbRouteExtension.go | 450 +++ .../gcp/networkservices/lbTrafficExtension.go | 36 +- sdk/go/gcp/networkservices/pulumiTypes.go | 394 +- sdk/go/gcp/orgpolicy/policy.go | 2 +- sdk/go/gcp/pubsub/pulumiTypes.go | 28 + sdk/go/gcp/pubsub/subscription.go | 22 +- sdk/go/gcp/sql/user.go | 4 +- sdk/go/gcp/tpu/pulumiTypes.go | 8 +- .../pulumi/gcp/appengine/DomainMapping.java | 6 +- .../inputs/FlexibleAppVersionNetworkArgs.java | 41 + .../outputs/FlexibleAppVersionNetwork.java | 23 + .../java/com/pulumi/gcp/bigquery/Table.java | 32 +- .../com/pulumi/gcp/bigquery/TableArgs.java | 64 +- .../TableExternalDataConfigurationArgs.java | 42 + ...lDataConfigurationBigtableOptionsArgs.java | 206 + ...rationBigtableOptionsColumnFamilyArgs.java | 244 ++ ...BigtableOptionsColumnFamilyColumnArgs.java | 269 ++ .../gcp/bigquery/inputs/TableState.java | 64 +- .../inputs/TableTableReplicationInfoArgs.java | 12 +- .../TableExternalDataConfiguration.java | 24 + ...ernalDataConfigurationBigtableOptions.java | 125 + ...figurationBigtableOptionsColumnFamily.java | 147 + ...tionBigtableOptionsColumnFamilyColumn.java | 163 + .../outputs/TableTableReplicationInfo.java | 6 +- .../pulumi/gcp/cloudfunctionsv2/Function.java | 2 - .../inputs/ServiceTemplateSpecVolumeArgs.java | 50 + .../ServiceTemplateSpecVolumeCsiArgs.java | 8 - .../ServiceTemplateSpecVolumeNfsArgs.java | 173 + .../outputs/GetServiceTemplateSpecVolume.java | 31 + .../GetServiceTemplateSpecVolumeNf.java | 105 + .../outputs/ServiceTemplateSpecVolume.java | 28 + .../outputs/ServiceTemplateSpecVolumeCsi.java | 4 - .../outputs/ServiceTemplateSpecVolumeNfs.java | 109 + .../gcp/composer/UserWorkloadsSecret.java | 4 +- .../pulumi/gcp/compute/ComputeFunctions.java | 279 ++ .../gcp/compute/InstanceGroupMembership.java | 2 +- .../gcp/compute/InterconnectAttachment.java | 24 + .../compute/InterconnectAttachmentArgs.java | 57 + .../pulumi/gcp/compute/NetworkEndpoint.java | 2 +- .../gcp/compute/NetworkEndpointList.java | 2 +- .../pulumi/gcp/compute/RegionSslPolicy.java | 12 +- .../gcp/compute/RegionSslPolicyArgs.java | 30 +- .../gcp/compute/SecurityPolicyRule.java | 17 + .../gcp/compute/SecurityPolicyRuleArgs.java | 42 + .../compute/inputs/GetSubnetworksArgs.java | 165 + .../inputs/GetSubnetworksPlainArgs.java | 132 + ...nstanceFromMachineImageSchedulingArgs.java | 38 + ...ageSchedulingOnInstanceStopActionArgs.java | 83 + .../InstanceFromTemplateSchedulingArgs.java | 38 + ...ateSchedulingOnInstanceStopActionArgs.java | 83 + .../inputs/InstanceSchedulingArgs.java | 50 +- .../InstanceSchedulingMaxRunDurationArgs.java | 44 +- ...nceSchedulingOnInstanceStopActionArgs.java | 83 + .../InstanceTemplateSchedulingArgs.java | 50 +- ...eTemplateSchedulingMaxRunDurationArgs.java | 44 +- ...ateSchedulingOnInstanceStopActionArgs.java | 83 + .../inputs/InterconnectAttachmentState.java | 57 + .../RegionInstanceTemplateSchedulingArgs.java | 38 + ...ateSchedulingOnInstanceStopActionArgs.java | 83 + .../compute/inputs/RegionSslPolicyState.java | 16 +- ...curityPolicyAdvancedOptionsConfigArgs.java | 4 + ...ecurityPolicyRuleRateLimitOptionsArgs.java | 267 +- ...yRuleRateLimitOptionsBanThresholdArgs.java | 29 +- ...ateLimitOptionsEnforceOnKeyConfigArgs.java | 108 +- ...LimitOptionsExceedRedirectOptionsArgs.java | 22 +- ...ateLimitOptionsRateLimitThresholdArgs.java | 29 +- .../inputs/SecurityPolicyRuleState.java | 42 + .../outputs/GetInstanceScheduling.java | 27 + ...nstanceSchedulingOnInstanceStopAction.java | 58 + .../GetInstanceTemplateScheduling.java | 27 + ...emplateSchedulingOnInstanceStopAction.java | 58 + .../GetRegionInstanceTemplateScheduling.java | 27 + ...emplateSchedulingOnInstanceStopAction.java | 58 + .../compute/outputs/GetSubnetworksResult.java | 127 + .../outputs/GetSubnetworksSubnetwork.java | 189 + .../InstanceFromMachineImageScheduling.java | 22 + ...neImageSchedulingOnInstanceStopAction.java | 57 + .../InstanceFromTemplateScheduling.java | 22 + ...emplateSchedulingOnInstanceStopAction.java | 57 + .../compute/outputs/InstanceScheduling.java | 28 +- .../InstanceSchedulingMaxRunDuration.java | 22 +- ...nstanceSchedulingOnInstanceStopAction.java | 57 + .../outputs/InstanceTemplateScheduling.java | 28 +- ...tanceTemplateSchedulingMaxRunDuration.java | 22 +- ...emplateSchedulingOnInstanceStopAction.java | 57 + .../RegionInstanceTemplateScheduling.java | 22 + ...emplateSchedulingOnInstanceStopAction.java | 57 + .../SecurityPolicyAdvancedOptionsConfig.java | 2 + .../SecurityPolicyRuleRateLimitOptions.java | 153 +- ...olicyRuleRateLimitOptionsBanThreshold.java | 31 +- ...uleRateLimitOptionsEnforceOnKeyConfig.java | 54 +- ...RateLimitOptionsExceedRedirectOptions.java | 19 +- ...uleRateLimitOptionsRateLimitThreshold.java | 31 +- .../inputs/ClusterNodeConfigArgs.java | 38 + ...ClusterNodeConfigContainerdConfigArgs.java | 83 + ...ConfigPrivateRegistryAccessConfigArgs.java | 136 + ...gCertificateAuthorityDomainConfigArgs.java | 137 + ...GcpSecretManagerCertificateConfigArgs.java | 85 + ...odePoolDefaultsNodeConfigDefaultsArgs.java | 38 + ...odeConfigDefaultsContainerdConfigArgs.java | 83 + ...ConfigPrivateRegistryAccessConfigArgs.java | 136 + ...gCertificateAuthorityDomainConfigArgs.java | 137 + ...GcpSecretManagerCertificateConfigArgs.java | 85 + .../inputs/ClusterNodePoolNodeConfigArgs.java | 38 + ...odePoolNodeConfigContainerdConfigArgs.java | 83 + ...ConfigPrivateRegistryAccessConfigArgs.java | 136 + ...gCertificateAuthorityDomainConfigArgs.java | 137 + ...GcpSecretManagerCertificateConfigArgs.java | 85 + .../inputs/NodePoolNodeConfigArgs.java | 38 + ...odePoolNodeConfigContainerdConfigArgs.java | 83 + ...ConfigPrivateRegistryAccessConfigArgs.java | 136 + ...gCertificateAuthorityDomainConfigArgs.java | 137 + ...GcpSecretManagerCertificateConfigArgs.java | 85 + .../container/outputs/ClusterNodeConfig.java | 22 + .../ClusterNodeConfigContainerdConfig.java | 57 + ...nerdConfigPrivateRegistryAccessConfig.java | 85 + ...onfigCertificateAuthorityDomainConfig.java | 86 + ...nfigGcpSecretManagerCertificateConfig.java | 58 + ...terNodePoolDefaultsNodeConfigDefaults.java | 22 + ...ltsNodeConfigDefaultsContainerdConfig.java | 57 + ...nerdConfigPrivateRegistryAccessConfig.java | 85 + ...onfigCertificateAuthorityDomainConfig.java | 86 + ...nfigGcpSecretManagerCertificateConfig.java | 58 + .../outputs/ClusterNodePoolNodeConfig.java | 22 + ...terNodePoolNodeConfigContainerdConfig.java | 57 + ...nerdConfigPrivateRegistryAccessConfig.java | 85 + ...onfigCertificateAuthorityDomainConfig.java | 86 + ...nfigGcpSecretManagerCertificateConfig.java | 58 + .../outputs/GetClusterNodeConfig.java | 27 + .../GetClusterNodeConfigContainerdConfig.java | 62 + ...nerdConfigPrivateRegistryAccessConfig.java | 86 + ...onfigCertificateAuthorityDomainConfig.java | 89 + ...nfigGcpSecretManagerCertificateConfig.java | 58 + ...usterNodePoolDefaultNodeConfigDefault.java | 27 + ...aultNodeConfigDefaultContainerdConfig.java | 62 + ...nerdConfigPrivateRegistryAccessConfig.java | 86 + ...onfigCertificateAuthorityDomainConfig.java | 89 + ...nfigGcpSecretManagerCertificateConfig.java | 58 + .../outputs/GetClusterNodePoolNodeConfig.java | 27 + ...terNodePoolNodeConfigContainerdConfig.java | 62 + ...nerdConfigPrivateRegistryAccessConfig.java | 86 + ...onfigCertificateAuthorityDomainConfig.java | 89 + ...nfigGcpSecretManagerCertificateConfig.java | 58 + .../container/outputs/NodePoolNodeConfig.java | 22 + .../NodePoolNodeConfigContainerdConfig.java | 57 + ...nerdConfigPrivateRegistryAccessConfig.java | 85 + ...onfigCertificateAuthorityDomainConfig.java | 86 + ...nfigGcpSecretManagerCertificateConfig.java | 58 + .../com/pulumi/gcp/dataplex/AspectType.java | 544 +++ .../pulumi/gcp/dataplex/AspectTypeArgs.java | 322 ++ .../gcp/dataplex/AspectTypeIamBinding.java | 484 +++ .../dataplex/AspectTypeIamBindingArgs.java | 316 ++ .../gcp/dataplex/AspectTypeIamMember.java | 483 +++ .../gcp/dataplex/AspectTypeIamMemberArgs.java | 295 ++ .../gcp/dataplex/AspectTypeIamPolicy.java | 439 +++ .../gcp/dataplex/AspectTypeIamPolicyArgs.java | 193 + .../gcp/dataplex/DataplexFunctions.java | 358 ++ .../com/pulumi/gcp/dataplex/EntryGroup.java | 374 ++ .../pulumi/gcp/dataplex/EntryGroupArgs.java | 285 ++ .../gcp/dataplex/EntryGroupIamBinding.java | 484 +++ .../dataplex/EntryGroupIamBindingArgs.java | 316 ++ .../gcp/dataplex/EntryGroupIamMember.java | 483 +++ .../gcp/dataplex/EntryGroupIamMemberArgs.java | 295 ++ .../gcp/dataplex/EntryGroupIamPolicy.java | 439 +++ .../gcp/dataplex/EntryGroupIamPolicyArgs.java | 193 + .../AspectTypeIamBindingConditionArgs.java | 104 + .../inputs/AspectTypeIamBindingState.java | 343 ++ .../AspectTypeIamMemberConditionArgs.java | 104 + .../inputs/AspectTypeIamMemberState.java | 322 ++ .../inputs/AspectTypeIamPolicyState.java | 223 ++ .../gcp/dataplex/inputs/AspectTypeState.java | 589 +++ .../EntryGroupIamBindingConditionArgs.java | 104 + .../inputs/EntryGroupIamBindingState.java | 343 ++ .../EntryGroupIamMemberConditionArgs.java | 104 + .../inputs/EntryGroupIamMemberState.java | 322 ++ .../inputs/EntryGroupIamPolicyState.java | 223 ++ .../gcp/dataplex/inputs/EntryGroupState.java | 552 +++ .../inputs/GetAspectTypeIamPolicyArgs.java | 149 + .../GetAspectTypeIamPolicyPlainArgs.java | 122 + .../inputs/GetEntryGroupIamPolicyArgs.java | 149 + .../GetEntryGroupIamPolicyPlainArgs.java | 122 + .../AspectTypeIamBindingCondition.java | 80 + .../outputs/AspectTypeIamMemberCondition.java | 80 + .../EntryGroupIamBindingCondition.java | 80 + .../outputs/EntryGroupIamMemberCondition.java | 80 + .../outputs/GetAspectTypeIamPolicyResult.java | 151 + .../outputs/GetEntryGroupIamPolicyResult.java | 151 + .../gcp/datastream/ConnectionProfile.java | 15 + .../gcp/datastream/ConnectionProfileArgs.java | 38 + .../gcp/datastream/PrivateConnection.java | 15 + .../gcp/datastream/PrivateConnectionArgs.java | 38 + .../com/pulumi/gcp/datastream/Stream.java | 15 + .../com/pulumi/gcp/datastream/StreamArgs.java | 38 + .../inputs/ConnectionProfileState.java | 38 + .../inputs/PrivateConnectionState.java | 38 + .../gcp/datastream/inputs/StreamState.java | 38 + .../com/pulumi/gcp/kms/AutokeyConfig.java | 241 ++ .../com/pulumi/gcp/kms/AutokeyConfigArgs.java | 140 + .../java/com/pulumi/gcp/kms/KeyHandle.java | 322 ++ .../com/pulumi/gcp/kms/KeyHandleArgs.java | 221 ++ .../gcp/kms/inputs/AutokeyConfigState.java | 136 + .../pulumi/gcp/kms/inputs/KeyHandleState.java | 259 ++ .../gcp/networkservices/LbRouteExtension.java | 265 ++ .../networkservices/LbRouteExtensionArgs.java | 403 ++ .../networkservices/LbTrafficExtension.java | 12 +- .../LbTrafficExtensionArgs.java | 24 +- .../LbRouteExtensionExtensionChainArgs.java | 209 ++ ...eExtensionExtensionChainExtensionArgs.java | 338 ++ ...nsionExtensionChainMatchConditionArgs.java | 85 + .../inputs/LbRouteExtensionState.java | 468 +++ ...cExtensionExtensionChainExtensionArgs.java | 26 +- .../inputs/LbTrafficExtensionState.java | 24 +- .../LbRouteExtensionExtensionChain.java | 124 + ...RouteExtensionExtensionChainExtension.java | 196 + ...ExtensionExtensionChainMatchCondition.java | 58 + ...afficExtensionExtensionChainExtension.java | 28 +- .../java/com/pulumi/gcp/orgpolicy/Policy.java | 2 +- .../com/pulumi/gcp/pubsub/Subscription.java | 6 +- .../SubscriptionCloudStorageConfigArgs.java | 37 + .../GetSubscriptionCloudStorageConfig.java | 23 + .../SubscriptionCloudStorageConfig.java | 21 + .../main/java/com/pulumi/gcp/sql/User.java | 4 +- .../tpu/inputs/V2VmAcceleratorConfigArgs.java | 8 +- .../tpu/outputs/V2VmAcceleratorConfig.java | 4 +- sdk/nodejs/appengine/domainMapping.ts | 2 +- sdk/nodejs/bigquery/table.ts | 48 +- sdk/nodejs/cloudfunctionsv2/function.ts | 2 - sdk/nodejs/composer/userWorkloadsSecret.ts | 4 +- sdk/nodejs/compute/getSubnetworks.ts | 114 + sdk/nodejs/compute/index.ts | 5 + sdk/nodejs/compute/instanceGroupMembership.ts | 2 +- sdk/nodejs/compute/interconnectAttachment.ts | 29 + sdk/nodejs/compute/networkEndpoint.ts | 2 +- sdk/nodejs/compute/networkEndpointList.ts | 2 +- sdk/nodejs/compute/regionSslPolicy.ts | 25 +- sdk/nodejs/compute/securityPolicyRule.ts | 17 + sdk/nodejs/dataplex/aspectType.ts | 466 +++ sdk/nodejs/dataplex/aspectTypeIamBinding.ts | 349 ++ sdk/nodejs/dataplex/aspectTypeIamMember.ts | 349 ++ sdk/nodejs/dataplex/aspectTypeIamPolicy.ts | 292 ++ sdk/nodejs/dataplex/entryGroup.ts | 298 ++ sdk/nodejs/dataplex/entryGroupIamBinding.ts | 349 ++ sdk/nodejs/dataplex/entryGroupIamMember.ts | 349 ++ sdk/nodejs/dataplex/entryGroupIamPolicy.ts | 292 ++ sdk/nodejs/dataplex/getAspectTypeIamPolicy.ts | 106 + sdk/nodejs/dataplex/getEntryGroupIamPolicy.ts | 106 + sdk/nodejs/dataplex/index.ts | 74 + sdk/nodejs/datastream/connectionProfile.ts | 14 + sdk/nodejs/datastream/privateConnection.ts | 14 + sdk/nodejs/datastream/stream.ts | 14 + sdk/nodejs/kms/autokeyConfig.ts | 199 + sdk/nodejs/kms/index.ts | 16 + sdk/nodejs/kms/keyHandle.ts | 274 ++ sdk/nodejs/networkservices/index.ts | 8 + .../networkservices/lbRouteExtension.ts | 273 ++ .../networkservices/lbTrafficExtension.ts | 18 +- sdk/nodejs/orgpolicy/policy.ts | 2 +- sdk/nodejs/pubsub/subscription.ts | 6 +- sdk/nodejs/sql/user.ts | 4 +- sdk/nodejs/tsconfig.json | 14 + sdk/nodejs/types/input.ts | 554 ++- sdk/nodejs/types/output.ts | 760 +++- sdk/python/pulumi_gcp/__init__.py | 88 + sdk/python/pulumi_gcp/appengine/_inputs.py | 18 + .../pulumi_gcp/appengine/domain_mapping.py | 2 +- sdk/python/pulumi_gcp/appengine/outputs.py | 16 + sdk/python/pulumi_gcp/bigquery/_inputs.py | 288 +- sdk/python/pulumi_gcp/bigquery/outputs.py | 291 +- sdk/python/pulumi_gcp/bigquery/table.py | 112 +- .../pulumi_gcp/cloudfunctionsv2/function.py | 4 - sdk/python/pulumi_gcp/cloudrun/_inputs.py | 84 +- sdk/python/pulumi_gcp/cloudrun/outputs.py | 141 +- .../composer/user_workloads_secret.py | 8 +- sdk/python/pulumi_gcp/compute/__init__.py | 1 + sdk/python/pulumi_gcp/compute/_inputs.py | 574 ++- .../pulumi_gcp/compute/get_subnetworks.py | 157 + .../compute/instance_group_membership.py | 4 +- .../compute/interconnect_attachment.py | 82 + .../pulumi_gcp/compute/network_endpoint.py | 4 +- .../compute/network_endpoint_list.py | 4 +- sdk/python/pulumi_gcp/compute/outputs.py | 770 +++- .../pulumi_gcp/compute/region_ssl_policy.py | 79 +- .../compute/security_policy_rule.py | 56 +- sdk/python/pulumi_gcp/container/_inputs.py | 560 +++ sdk/python/pulumi_gcp/container/outputs.py | 1157 +++++- sdk/python/pulumi_gcp/dataplex/__init__.py | 10 + sdk/python/pulumi_gcp/dataplex/_inputs.py | 160 + sdk/python/pulumi_gcp/dataplex/aspect_type.py | 1077 ++++++ .../dataplex/aspect_type_iam_binding.py | 765 ++++ .../dataplex/aspect_type_iam_member.py | 765 ++++ .../dataplex/aspect_type_iam_policy.py | 604 +++ sdk/python/pulumi_gcp/dataplex/entry_group.py | 722 ++++ .../dataplex/entry_group_iam_binding.py | 765 ++++ .../dataplex/entry_group_iam_member.py | 765 ++++ .../dataplex/entry_group_iam_policy.py | 604 +++ .../dataplex/get_aspect_type_iam_policy.py | 164 + .../dataplex/get_entry_group_iam_policy.py | 164 + sdk/python/pulumi_gcp/dataplex/outputs.py | 112 + .../datastream/connection_profile.py | 47 + .../datastream/private_connection.py | 47 + sdk/python/pulumi_gcp/datastream/stream.py | 47 + sdk/python/pulumi_gcp/kms/__init__.py | 2 + sdk/python/pulumi_gcp/kms/autokey_config.py | 366 ++ sdk/python/pulumi_gcp/kms/key_handle.py | 548 +++ .../pulumi_gcp/networkservices/__init__.py | 1 + .../pulumi_gcp/networkservices/_inputs.py | 272 +- .../networkservices/lb_route_extension.py | 663 ++++ .../networkservices/lb_traffic_extension.py | 42 +- .../pulumi_gcp/networkservices/outputs.py | 271 +- sdk/python/pulumi_gcp/orgpolicy/policy.py | 4 +- sdk/python/pulumi_gcp/pubsub/_inputs.py | 16 + sdk/python/pulumi_gcp/pubsub/outputs.py | 25 + sdk/python/pulumi_gcp/pubsub/subscription.py | 12 +- sdk/python/pulumi_gcp/sql/user.py | 8 +- sdk/python/pulumi_gcp/tpu/_inputs.py | 4 +- sdk/python/pulumi_gcp/tpu/outputs.py | 4 +- upstream | 2 +- 584 files changed, 69279 insertions(+), 2992 deletions(-) create mode 100644 sdk/dotnet/BigQuery/Inputs/TableExternalDataConfigurationBigtableOptionsArgs.cs create mode 100644 sdk/dotnet/BigQuery/Inputs/TableExternalDataConfigurationBigtableOptionsColumnFamilyArgs.cs create mode 100644 sdk/dotnet/BigQuery/Inputs/TableExternalDataConfigurationBigtableOptionsColumnFamilyColumnArgs.cs create mode 100644 sdk/dotnet/BigQuery/Inputs/TableExternalDataConfigurationBigtableOptionsColumnFamilyColumnGetArgs.cs create mode 100644 sdk/dotnet/BigQuery/Inputs/TableExternalDataConfigurationBigtableOptionsColumnFamilyGetArgs.cs create mode 100644 sdk/dotnet/BigQuery/Inputs/TableExternalDataConfigurationBigtableOptionsGetArgs.cs create mode 100644 sdk/dotnet/BigQuery/Outputs/TableExternalDataConfigurationBigtableOptions.cs create mode 100644 sdk/dotnet/BigQuery/Outputs/TableExternalDataConfigurationBigtableOptionsColumnFamily.cs create mode 100644 sdk/dotnet/BigQuery/Outputs/TableExternalDataConfigurationBigtableOptionsColumnFamilyColumn.cs create mode 100644 sdk/dotnet/CloudRun/Inputs/ServiceTemplateSpecVolumeNfsArgs.cs create mode 100644 sdk/dotnet/CloudRun/Inputs/ServiceTemplateSpecVolumeNfsGetArgs.cs create mode 100644 sdk/dotnet/CloudRun/Outputs/GetServiceTemplateSpecVolumeNfResult.cs create mode 100644 sdk/dotnet/CloudRun/Outputs/ServiceTemplateSpecVolumeNfs.cs create mode 100644 sdk/dotnet/Compute/GetSubnetworks.cs create mode 100644 sdk/dotnet/Compute/Inputs/InstanceFromMachineImageSchedulingOnInstanceStopActionArgs.cs create mode 100644 sdk/dotnet/Compute/Inputs/InstanceFromMachineImageSchedulingOnInstanceStopActionGetArgs.cs create mode 100644 sdk/dotnet/Compute/Inputs/InstanceFromTemplateSchedulingOnInstanceStopActionArgs.cs create mode 100644 sdk/dotnet/Compute/Inputs/InstanceFromTemplateSchedulingOnInstanceStopActionGetArgs.cs create mode 100644 sdk/dotnet/Compute/Inputs/InstanceSchedulingOnInstanceStopActionArgs.cs create mode 100644 sdk/dotnet/Compute/Inputs/InstanceSchedulingOnInstanceStopActionGetArgs.cs create mode 100644 sdk/dotnet/Compute/Inputs/InstanceTemplateSchedulingOnInstanceStopActionArgs.cs create mode 100644 sdk/dotnet/Compute/Inputs/InstanceTemplateSchedulingOnInstanceStopActionGetArgs.cs create mode 100644 sdk/dotnet/Compute/Inputs/RegionInstanceTemplateSchedulingOnInstanceStopActionArgs.cs create mode 100644 sdk/dotnet/Compute/Inputs/RegionInstanceTemplateSchedulingOnInstanceStopActionGetArgs.cs create mode 100644 sdk/dotnet/Compute/Outputs/GetInstanceSchedulingOnInstanceStopActionResult.cs create mode 100644 sdk/dotnet/Compute/Outputs/GetInstanceTemplateSchedulingOnInstanceStopActionResult.cs create mode 100644 sdk/dotnet/Compute/Outputs/GetRegionInstanceTemplateSchedulingOnInstanceStopActionResult.cs create mode 100644 sdk/dotnet/Compute/Outputs/GetSubnetworksSubnetworkResult.cs create mode 100644 sdk/dotnet/Compute/Outputs/InstanceFromMachineImageSchedulingOnInstanceStopAction.cs create mode 100644 sdk/dotnet/Compute/Outputs/InstanceFromTemplateSchedulingOnInstanceStopAction.cs create mode 100644 sdk/dotnet/Compute/Outputs/InstanceSchedulingOnInstanceStopAction.cs create mode 100644 sdk/dotnet/Compute/Outputs/InstanceTemplateSchedulingOnInstanceStopAction.cs create mode 100644 sdk/dotnet/Compute/Outputs/RegionInstanceTemplateSchedulingOnInstanceStopAction.cs create mode 100644 sdk/dotnet/Container/Inputs/ClusterNodeConfigContainerdConfigArgs.cs create mode 100644 sdk/dotnet/Container/Inputs/ClusterNodeConfigContainerdConfigGetArgs.cs create mode 100644 sdk/dotnet/Container/Inputs/ClusterNodeConfigContainerdConfigPrivateRegistryAccessConfigArgs.cs create mode 100644 sdk/dotnet/Container/Inputs/ClusterNodeConfigContainerdConfigPrivateRegistryAccessConfigCertificateAuthorityDomainConfigArgs.cs create mode 100644 sdk/dotnet/Container/Inputs/ClusterNodeConfigContainerdConfigPrivateRegistryAccessConfigCertificateAuthorityDomainConfigGcpSecretManagerCertificateConfigArgs.cs create mode 100644 sdk/dotnet/Container/Inputs/ClusterNodeConfigContainerdConfigPrivateRegistryAccessConfigCertificateAuthorityDomainConfigGcpSecretManagerCertificateConfigGetArgs.cs create mode 100644 sdk/dotnet/Container/Inputs/ClusterNodeConfigContainerdConfigPrivateRegistryAccessConfigCertificateAuthorityDomainConfigGetArgs.cs create mode 100644 sdk/dotnet/Container/Inputs/ClusterNodeConfigContainerdConfigPrivateRegistryAccessConfigGetArgs.cs create mode 100644 sdk/dotnet/Container/Inputs/ClusterNodePoolDefaultsNodeConfigDefaultsContainerdConfigArgs.cs create mode 100644 sdk/dotnet/Container/Inputs/ClusterNodePoolDefaultsNodeConfigDefaultsContainerdConfigGetArgs.cs create mode 100644 sdk/dotnet/Container/Inputs/ClusterNodePoolDefaultsNodeConfigDefaultsContainerdConfigPrivateRegistryAccessConfigArgs.cs create mode 100644 sdk/dotnet/Container/Inputs/ClusterNodePoolDefaultsNodeConfigDefaultsContainerdConfigPrivateRegistryAccessConfigCertificateAuthorityDomainConfigArgs.cs create mode 100644 sdk/dotnet/Container/Inputs/ClusterNodePoolDefaultsNodeConfigDefaultsContainerdConfigPrivateRegistryAccessConfigCertificateAuthorityDomainConfigGcpSecretManagerCertificateConfigArgs.cs create mode 100644 sdk/dotnet/Container/Inputs/ClusterNodePoolDefaultsNodeConfigDefaultsContainerdConfigPrivateRegistryAccessConfigCertificateAuthorityDomainConfigGcpSecretManagerCertificateConfigGetArgs.cs create mode 100644 sdk/dotnet/Container/Inputs/ClusterNodePoolDefaultsNodeConfigDefaultsContainerdConfigPrivateRegistryAccessConfigCertificateAuthorityDomainConfigGetArgs.cs create mode 100644 sdk/dotnet/Container/Inputs/ClusterNodePoolDefaultsNodeConfigDefaultsContainerdConfigPrivateRegistryAccessConfigGetArgs.cs create mode 100644 sdk/dotnet/Container/Inputs/ClusterNodePoolNodeConfigContainerdConfigArgs.cs create mode 100644 sdk/dotnet/Container/Inputs/ClusterNodePoolNodeConfigContainerdConfigGetArgs.cs create mode 100644 sdk/dotnet/Container/Inputs/ClusterNodePoolNodeConfigContainerdConfigPrivateRegistryAccessConfigArgs.cs create mode 100644 sdk/dotnet/Container/Inputs/ClusterNodePoolNodeConfigContainerdConfigPrivateRegistryAccessConfigCertificateAuthorityDomainConfigArgs.cs create mode 100644 sdk/dotnet/Container/Inputs/ClusterNodePoolNodeConfigContainerdConfigPrivateRegistryAccessConfigCertificateAuthorityDomainConfigGcpSecretManagerCertificateConfigArgs.cs create mode 100644 sdk/dotnet/Container/Inputs/ClusterNodePoolNodeConfigContainerdConfigPrivateRegistryAccessConfigCertificateAuthorityDomainConfigGcpSecretManagerCertificateConfigGetArgs.cs create mode 100644 sdk/dotnet/Container/Inputs/ClusterNodePoolNodeConfigContainerdConfigPrivateRegistryAccessConfigCertificateAuthorityDomainConfigGetArgs.cs create mode 100644 sdk/dotnet/Container/Inputs/ClusterNodePoolNodeConfigContainerdConfigPrivateRegistryAccessConfigGetArgs.cs create mode 100644 sdk/dotnet/Container/Inputs/NodePoolNodeConfigContainerdConfigArgs.cs create mode 100644 sdk/dotnet/Container/Inputs/NodePoolNodeConfigContainerdConfigGetArgs.cs create mode 100644 sdk/dotnet/Container/Inputs/NodePoolNodeConfigContainerdConfigPrivateRegistryAccessConfigArgs.cs create mode 100644 sdk/dotnet/Container/Inputs/NodePoolNodeConfigContainerdConfigPrivateRegistryAccessConfigCertificateAuthorityDomainConfigArgs.cs create mode 100644 sdk/dotnet/Container/Inputs/NodePoolNodeConfigContainerdConfigPrivateRegistryAccessConfigCertificateAuthorityDomainConfigGcpSecretManagerCertificateConfigArgs.cs create mode 100644 sdk/dotnet/Container/Inputs/NodePoolNodeConfigContainerdConfigPrivateRegistryAccessConfigCertificateAuthorityDomainConfigGcpSecretManagerCertificateConfigGetArgs.cs create mode 100644 sdk/dotnet/Container/Inputs/NodePoolNodeConfigContainerdConfigPrivateRegistryAccessConfigCertificateAuthorityDomainConfigGetArgs.cs create mode 100644 sdk/dotnet/Container/Inputs/NodePoolNodeConfigContainerdConfigPrivateRegistryAccessConfigGetArgs.cs create mode 100644 sdk/dotnet/Container/Outputs/ClusterNodeConfigContainerdConfig.cs create mode 100644 sdk/dotnet/Container/Outputs/ClusterNodeConfigContainerdConfigPrivateRegistryAccessConfig.cs create mode 100644 sdk/dotnet/Container/Outputs/ClusterNodeConfigContainerdConfigPrivateRegistryAccessConfigCertificateAuthorityDomainConfig.cs create mode 100644 sdk/dotnet/Container/Outputs/ClusterNodeConfigContainerdConfigPrivateRegistryAccessConfigCertificateAuthorityDomainConfigGcpSecretManagerCertificateConfig.cs create mode 100644 sdk/dotnet/Container/Outputs/ClusterNodePoolDefaultsNodeConfigDefaultsContainerdConfig.cs create mode 100644 sdk/dotnet/Container/Outputs/ClusterNodePoolDefaultsNodeConfigDefaultsContainerdConfigPrivateRegistryAccessConfig.cs create mode 100644 sdk/dotnet/Container/Outputs/ClusterNodePoolDefaultsNodeConfigDefaultsContainerdConfigPrivateRegistryAccessConfigCertificateAuthorityDomainConfig.cs create mode 100644 sdk/dotnet/Container/Outputs/ClusterNodePoolDefaultsNodeConfigDefaultsContainerdConfigPrivateRegistryAccessConfigCertificateAuthorityDomainConfigGcpSecretManagerCertificateConfig.cs create mode 100644 sdk/dotnet/Container/Outputs/ClusterNodePoolNodeConfigContainerdConfig.cs create mode 100644 sdk/dotnet/Container/Outputs/ClusterNodePoolNodeConfigContainerdConfigPrivateRegistryAccessConfig.cs create mode 100644 sdk/dotnet/Container/Outputs/ClusterNodePoolNodeConfigContainerdConfigPrivateRegistryAccessConfigCertificateAuthorityDomainConfig.cs create mode 100644 sdk/dotnet/Container/Outputs/ClusterNodePoolNodeConfigContainerdConfigPrivateRegistryAccessConfigCertificateAuthorityDomainConfigGcpSecretManagerCertificateConfig.cs create mode 100644 sdk/dotnet/Container/Outputs/GetClusterNodeConfigContainerdConfigPrivateRegistryAccessConfigCertificateAuthorityDomainConfigGcpSecretManagerCertificateConfigResult.cs create mode 100644 sdk/dotnet/Container/Outputs/GetClusterNodeConfigContainerdConfigPrivateRegistryAccessConfigCertificateAuthorityDomainConfigResult.cs create mode 100644 sdk/dotnet/Container/Outputs/GetClusterNodeConfigContainerdConfigPrivateRegistryAccessConfigResult.cs create mode 100644 sdk/dotnet/Container/Outputs/GetClusterNodeConfigContainerdConfigResult.cs create mode 100644 sdk/dotnet/Container/Outputs/GetClusterNodePoolDefaultNodeConfigDefaultContainerdConfigPrivateRegistryAccessConfigCertificateAuthorityDomainConfigGcpSecretManagerCertificateConfigResult.cs create mode 100644 sdk/dotnet/Container/Outputs/GetClusterNodePoolDefaultNodeConfigDefaultContainerdConfigPrivateRegistryAccessConfigCertificateAuthorityDomainConfigResult.cs create mode 100644 sdk/dotnet/Container/Outputs/GetClusterNodePoolDefaultNodeConfigDefaultContainerdConfigPrivateRegistryAccessConfigResult.cs create mode 100644 sdk/dotnet/Container/Outputs/GetClusterNodePoolDefaultNodeConfigDefaultContainerdConfigResult.cs create mode 100644 sdk/dotnet/Container/Outputs/GetClusterNodePoolNodeConfigContainerdConfigPrivateRegistryAccessConfigCertificateAuthorityDomainConfigGcpSecretManagerCertificateConfigResult.cs create mode 100644 sdk/dotnet/Container/Outputs/GetClusterNodePoolNodeConfigContainerdConfigPrivateRegistryAccessConfigCertificateAuthorityDomainConfigResult.cs create mode 100644 sdk/dotnet/Container/Outputs/GetClusterNodePoolNodeConfigContainerdConfigPrivateRegistryAccessConfigResult.cs create mode 100644 sdk/dotnet/Container/Outputs/GetClusterNodePoolNodeConfigContainerdConfigResult.cs create mode 100644 sdk/dotnet/Container/Outputs/NodePoolNodeConfigContainerdConfig.cs create mode 100644 sdk/dotnet/Container/Outputs/NodePoolNodeConfigContainerdConfigPrivateRegistryAccessConfig.cs create mode 100644 sdk/dotnet/Container/Outputs/NodePoolNodeConfigContainerdConfigPrivateRegistryAccessConfigCertificateAuthorityDomainConfig.cs create mode 100644 sdk/dotnet/Container/Outputs/NodePoolNodeConfigContainerdConfigPrivateRegistryAccessConfigCertificateAuthorityDomainConfigGcpSecretManagerCertificateConfig.cs create mode 100644 sdk/dotnet/DataPlex/AspectType.cs create mode 100644 sdk/dotnet/DataPlex/AspectTypeIamBinding.cs create mode 100644 sdk/dotnet/DataPlex/AspectTypeIamMember.cs create mode 100644 sdk/dotnet/DataPlex/AspectTypeIamPolicy.cs create mode 100644 sdk/dotnet/DataPlex/EntryGroup.cs create mode 100644 sdk/dotnet/DataPlex/EntryGroupIamBinding.cs create mode 100644 sdk/dotnet/DataPlex/EntryGroupIamMember.cs create mode 100644 sdk/dotnet/DataPlex/EntryGroupIamPolicy.cs create mode 100644 sdk/dotnet/DataPlex/GetAspectTypeIamPolicy.cs create mode 100644 sdk/dotnet/DataPlex/GetEntryGroupIamPolicy.cs create mode 100644 sdk/dotnet/DataPlex/Inputs/AspectTypeIamBindingConditionArgs.cs create mode 100644 sdk/dotnet/DataPlex/Inputs/AspectTypeIamBindingConditionGetArgs.cs create mode 100644 sdk/dotnet/DataPlex/Inputs/AspectTypeIamMemberConditionArgs.cs create mode 100644 sdk/dotnet/DataPlex/Inputs/AspectTypeIamMemberConditionGetArgs.cs create mode 100644 sdk/dotnet/DataPlex/Inputs/EntryGroupIamBindingConditionArgs.cs create mode 100644 sdk/dotnet/DataPlex/Inputs/EntryGroupIamBindingConditionGetArgs.cs create mode 100644 sdk/dotnet/DataPlex/Inputs/EntryGroupIamMemberConditionArgs.cs create mode 100644 sdk/dotnet/DataPlex/Inputs/EntryGroupIamMemberConditionGetArgs.cs create mode 100644 sdk/dotnet/DataPlex/Outputs/AspectTypeIamBindingCondition.cs create mode 100644 sdk/dotnet/DataPlex/Outputs/AspectTypeIamMemberCondition.cs create mode 100644 sdk/dotnet/DataPlex/Outputs/EntryGroupIamBindingCondition.cs create mode 100644 sdk/dotnet/DataPlex/Outputs/EntryGroupIamMemberCondition.cs create mode 100644 sdk/dotnet/Kms/AutokeyConfig.cs create mode 100644 sdk/dotnet/Kms/KeyHandle.cs create mode 100644 sdk/dotnet/NetworkServices/Inputs/LbRouteExtensionExtensionChainArgs.cs create mode 100644 sdk/dotnet/NetworkServices/Inputs/LbRouteExtensionExtensionChainExtensionArgs.cs create mode 100644 sdk/dotnet/NetworkServices/Inputs/LbRouteExtensionExtensionChainExtensionGetArgs.cs create mode 100644 sdk/dotnet/NetworkServices/Inputs/LbRouteExtensionExtensionChainGetArgs.cs create mode 100644 sdk/dotnet/NetworkServices/Inputs/LbRouteExtensionExtensionChainMatchConditionArgs.cs create mode 100644 sdk/dotnet/NetworkServices/Inputs/LbRouteExtensionExtensionChainMatchConditionGetArgs.cs create mode 100644 sdk/dotnet/NetworkServices/LbRouteExtension.cs create mode 100644 sdk/dotnet/NetworkServices/Outputs/LbRouteExtensionExtensionChain.cs create mode 100644 sdk/dotnet/NetworkServices/Outputs/LbRouteExtensionExtensionChainExtension.cs create mode 100644 sdk/dotnet/NetworkServices/Outputs/LbRouteExtensionExtensionChainMatchCondition.cs create mode 100644 sdk/go/gcp/compute/getSubnetworks.go create mode 100644 sdk/go/gcp/dataplex/aspectType.go create mode 100644 sdk/go/gcp/dataplex/aspectTypeIamBinding.go create mode 100644 sdk/go/gcp/dataplex/aspectTypeIamMember.go create mode 100644 sdk/go/gcp/dataplex/aspectTypeIamPolicy.go create mode 100644 sdk/go/gcp/dataplex/entryGroup.go create mode 100644 sdk/go/gcp/dataplex/entryGroupIamBinding.go create mode 100644 sdk/go/gcp/dataplex/entryGroupIamMember.go create mode 100644 sdk/go/gcp/dataplex/entryGroupIamPolicy.go create mode 100644 sdk/go/gcp/dataplex/getAspectTypeIamPolicy.go create mode 100644 sdk/go/gcp/dataplex/getEntryGroupIamPolicy.go create mode 100644 sdk/go/gcp/kms/autokeyConfig.go create mode 100644 sdk/go/gcp/kms/keyHandle.go create mode 100644 sdk/go/gcp/networkservices/lbRouteExtension.go create mode 100644 sdk/java/src/main/java/com/pulumi/gcp/bigquery/inputs/TableExternalDataConfigurationBigtableOptionsArgs.java create mode 100644 sdk/java/src/main/java/com/pulumi/gcp/bigquery/inputs/TableExternalDataConfigurationBigtableOptionsColumnFamilyArgs.java create mode 100644 sdk/java/src/main/java/com/pulumi/gcp/bigquery/inputs/TableExternalDataConfigurationBigtableOptionsColumnFamilyColumnArgs.java create mode 100644 sdk/java/src/main/java/com/pulumi/gcp/bigquery/outputs/TableExternalDataConfigurationBigtableOptions.java create mode 100644 sdk/java/src/main/java/com/pulumi/gcp/bigquery/outputs/TableExternalDataConfigurationBigtableOptionsColumnFamily.java create mode 100644 sdk/java/src/main/java/com/pulumi/gcp/bigquery/outputs/TableExternalDataConfigurationBigtableOptionsColumnFamilyColumn.java create mode 100644 sdk/java/src/main/java/com/pulumi/gcp/cloudrun/inputs/ServiceTemplateSpecVolumeNfsArgs.java create mode 100644 sdk/java/src/main/java/com/pulumi/gcp/cloudrun/outputs/GetServiceTemplateSpecVolumeNf.java create mode 100644 sdk/java/src/main/java/com/pulumi/gcp/cloudrun/outputs/ServiceTemplateSpecVolumeNfs.java create mode 100644 sdk/java/src/main/java/com/pulumi/gcp/compute/inputs/GetSubnetworksArgs.java create mode 100644 sdk/java/src/main/java/com/pulumi/gcp/compute/inputs/GetSubnetworksPlainArgs.java create mode 100644 sdk/java/src/main/java/com/pulumi/gcp/compute/inputs/InstanceFromMachineImageSchedulingOnInstanceStopActionArgs.java create mode 100644 sdk/java/src/main/java/com/pulumi/gcp/compute/inputs/InstanceFromTemplateSchedulingOnInstanceStopActionArgs.java create mode 100644 sdk/java/src/main/java/com/pulumi/gcp/compute/inputs/InstanceSchedulingOnInstanceStopActionArgs.java create mode 100644 sdk/java/src/main/java/com/pulumi/gcp/compute/inputs/InstanceTemplateSchedulingOnInstanceStopActionArgs.java create mode 100644 sdk/java/src/main/java/com/pulumi/gcp/compute/inputs/RegionInstanceTemplateSchedulingOnInstanceStopActionArgs.java create mode 100644 sdk/java/src/main/java/com/pulumi/gcp/compute/outputs/GetInstanceSchedulingOnInstanceStopAction.java create mode 100644 sdk/java/src/main/java/com/pulumi/gcp/compute/outputs/GetInstanceTemplateSchedulingOnInstanceStopAction.java create mode 100644 sdk/java/src/main/java/com/pulumi/gcp/compute/outputs/GetRegionInstanceTemplateSchedulingOnInstanceStopAction.java create mode 100644 sdk/java/src/main/java/com/pulumi/gcp/compute/outputs/GetSubnetworksResult.java create mode 100644 sdk/java/src/main/java/com/pulumi/gcp/compute/outputs/GetSubnetworksSubnetwork.java create mode 100644 sdk/java/src/main/java/com/pulumi/gcp/compute/outputs/InstanceFromMachineImageSchedulingOnInstanceStopAction.java create mode 100644 sdk/java/src/main/java/com/pulumi/gcp/compute/outputs/InstanceFromTemplateSchedulingOnInstanceStopAction.java create mode 100644 sdk/java/src/main/java/com/pulumi/gcp/compute/outputs/InstanceSchedulingOnInstanceStopAction.java create mode 100644 sdk/java/src/main/java/com/pulumi/gcp/compute/outputs/InstanceTemplateSchedulingOnInstanceStopAction.java create mode 100644 sdk/java/src/main/java/com/pulumi/gcp/compute/outputs/RegionInstanceTemplateSchedulingOnInstanceStopAction.java create mode 100644 sdk/java/src/main/java/com/pulumi/gcp/container/inputs/ClusterNodeConfigContainerdConfigArgs.java create mode 100644 sdk/java/src/main/java/com/pulumi/gcp/container/inputs/ClusterNodeConfigContainerdConfigPrivateRegistryAccessConfigArgs.java create mode 100644 sdk/java/src/main/java/com/pulumi/gcp/container/inputs/ClusterNodeConfigContainerdConfigPrivateRegistryAccessConfigCertificateAuthorityDomainConfigArgs.java create mode 100644 sdk/java/src/main/java/com/pulumi/gcp/container/inputs/ClusterNodeConfigContainerdConfigPrivateRegistryAccessConfigCertificateAuthorityDomainConfigGcpSecretManagerCertificateConfigArgs.java create mode 100644 sdk/java/src/main/java/com/pulumi/gcp/container/inputs/ClusterNodePoolDefaultsNodeConfigDefaultsContainerdConfigArgs.java create mode 100644 sdk/java/src/main/java/com/pulumi/gcp/container/inputs/ClusterNodePoolDefaultsNodeConfigDefaultsContainerdConfigPrivateRegistryAccessConfigArgs.java create mode 100644 sdk/java/src/main/java/com/pulumi/gcp/container/inputs/ClusterNodePoolDefaultsNodeConfigDefaultsContainerdConfigPrivateRegistryAccessConfigCertificateAuthorityDomainConfigArgs.java create mode 100644 sdk/java/src/main/java/com/pulumi/gcp/container/inputs/ClusterNodePoolDefaultsNodeConfigDefaultsContainerdConfigPrivateRegistryAccessConfigCertificateAuthorityDomainConfigGcpSecretManagerCertificateConfigArgs.java create mode 100644 sdk/java/src/main/java/com/pulumi/gcp/container/inputs/ClusterNodePoolNodeConfigContainerdConfigArgs.java create mode 100644 sdk/java/src/main/java/com/pulumi/gcp/container/inputs/ClusterNodePoolNodeConfigContainerdConfigPrivateRegistryAccessConfigArgs.java create mode 100644 sdk/java/src/main/java/com/pulumi/gcp/container/inputs/ClusterNodePoolNodeConfigContainerdConfigPrivateRegistryAccessConfigCertificateAuthorityDomainConfigArgs.java create mode 100644 sdk/java/src/main/java/com/pulumi/gcp/container/inputs/ClusterNodePoolNodeConfigContainerdConfigPrivateRegistryAccessConfigCertificateAuthorityDomainConfigGcpSecretManagerCertificateConfigArgs.java create mode 100644 sdk/java/src/main/java/com/pulumi/gcp/container/inputs/NodePoolNodeConfigContainerdConfigArgs.java create mode 100644 sdk/java/src/main/java/com/pulumi/gcp/container/inputs/NodePoolNodeConfigContainerdConfigPrivateRegistryAccessConfigArgs.java create mode 100644 sdk/java/src/main/java/com/pulumi/gcp/container/inputs/NodePoolNodeConfigContainerdConfigPrivateRegistryAccessConfigCertificateAuthorityDomainConfigArgs.java create mode 100644 sdk/java/src/main/java/com/pulumi/gcp/container/inputs/NodePoolNodeConfigContainerdConfigPrivateRegistryAccessConfigCertificateAuthorityDomainConfigGcpSecretManagerCertificateConfigArgs.java create mode 100644 sdk/java/src/main/java/com/pulumi/gcp/container/outputs/ClusterNodeConfigContainerdConfig.java create mode 100644 sdk/java/src/main/java/com/pulumi/gcp/container/outputs/ClusterNodeConfigContainerdConfigPrivateRegistryAccessConfig.java create mode 100644 sdk/java/src/main/java/com/pulumi/gcp/container/outputs/ClusterNodeConfigContainerdConfigPrivateRegistryAccessConfigCertificateAuthorityDomainConfig.java create mode 100644 sdk/java/src/main/java/com/pulumi/gcp/container/outputs/ClusterNodeConfigContainerdConfigPrivateRegistryAccessConfigCertificateAuthorityDomainConfigGcpSecretManagerCertificateConfig.java create mode 100644 sdk/java/src/main/java/com/pulumi/gcp/container/outputs/ClusterNodePoolDefaultsNodeConfigDefaultsContainerdConfig.java create mode 100644 sdk/java/src/main/java/com/pulumi/gcp/container/outputs/ClusterNodePoolDefaultsNodeConfigDefaultsContainerdConfigPrivateRegistryAccessConfig.java create mode 100644 sdk/java/src/main/java/com/pulumi/gcp/container/outputs/ClusterNodePoolDefaultsNodeConfigDefaultsContainerdConfigPrivateRegistryAccessConfigCertificateAuthorityDomainConfig.java create mode 100644 sdk/java/src/main/java/com/pulumi/gcp/container/outputs/ClusterNodePoolDefaultsNodeConfigDefaultsContainerdConfigPrivateRegistryAccessConfigCertificateAuthorityDomainConfigGcpSecretManagerCertificateConfig.java create mode 100644 sdk/java/src/main/java/com/pulumi/gcp/container/outputs/ClusterNodePoolNodeConfigContainerdConfig.java create mode 100644 sdk/java/src/main/java/com/pulumi/gcp/container/outputs/ClusterNodePoolNodeConfigContainerdConfigPrivateRegistryAccessConfig.java create mode 100644 sdk/java/src/main/java/com/pulumi/gcp/container/outputs/ClusterNodePoolNodeConfigContainerdConfigPrivateRegistryAccessConfigCertificateAuthorityDomainConfig.java create mode 100644 sdk/java/src/main/java/com/pulumi/gcp/container/outputs/ClusterNodePoolNodeConfigContainerdConfigPrivateRegistryAccessConfigCertificateAuthorityDomainConfigGcpSecretManagerCertificateConfig.java create mode 100644 sdk/java/src/main/java/com/pulumi/gcp/container/outputs/GetClusterNodeConfigContainerdConfig.java create mode 100644 sdk/java/src/main/java/com/pulumi/gcp/container/outputs/GetClusterNodeConfigContainerdConfigPrivateRegistryAccessConfig.java create mode 100644 sdk/java/src/main/java/com/pulumi/gcp/container/outputs/GetClusterNodeConfigContainerdConfigPrivateRegistryAccessConfigCertificateAuthorityDomainConfig.java create mode 100644 sdk/java/src/main/java/com/pulumi/gcp/container/outputs/GetClusterNodeConfigContainerdConfigPrivateRegistryAccessConfigCertificateAuthorityDomainConfigGcpSecretManagerCertificateConfig.java create mode 100644 sdk/java/src/main/java/com/pulumi/gcp/container/outputs/GetClusterNodePoolDefaultNodeConfigDefaultContainerdConfig.java create mode 100644 sdk/java/src/main/java/com/pulumi/gcp/container/outputs/GetClusterNodePoolDefaultNodeConfigDefaultContainerdConfigPrivateRegistryAccessConfig.java create mode 100644 sdk/java/src/main/java/com/pulumi/gcp/container/outputs/GetClusterNodePoolDefaultNodeConfigDefaultContainerdConfigPrivateRegistryAccessConfigCertificateAuthorityDomainConfig.java create mode 100644 sdk/java/src/main/java/com/pulumi/gcp/container/outputs/GetClusterNodePoolDefaultNodeConfigDefaultContainerdConfigPrivateRegistryAccessConfigCertificateAuthorityDomainConfigGcpSecretManagerCertificateConfig.java create mode 100644 sdk/java/src/main/java/com/pulumi/gcp/container/outputs/GetClusterNodePoolNodeConfigContainerdConfig.java create mode 100644 sdk/java/src/main/java/com/pulumi/gcp/container/outputs/GetClusterNodePoolNodeConfigContainerdConfigPrivateRegistryAccessConfig.java create mode 100644 sdk/java/src/main/java/com/pulumi/gcp/container/outputs/GetClusterNodePoolNodeConfigContainerdConfigPrivateRegistryAccessConfigCertificateAuthorityDomainConfig.java create mode 100644 sdk/java/src/main/java/com/pulumi/gcp/container/outputs/GetClusterNodePoolNodeConfigContainerdConfigPrivateRegistryAccessConfigCertificateAuthorityDomainConfigGcpSecretManagerCertificateConfig.java create mode 100644 sdk/java/src/main/java/com/pulumi/gcp/container/outputs/NodePoolNodeConfigContainerdConfig.java create mode 100644 sdk/java/src/main/java/com/pulumi/gcp/container/outputs/NodePoolNodeConfigContainerdConfigPrivateRegistryAccessConfig.java create mode 100644 sdk/java/src/main/java/com/pulumi/gcp/container/outputs/NodePoolNodeConfigContainerdConfigPrivateRegistryAccessConfigCertificateAuthorityDomainConfig.java create mode 100644 sdk/java/src/main/java/com/pulumi/gcp/container/outputs/NodePoolNodeConfigContainerdConfigPrivateRegistryAccessConfigCertificateAuthorityDomainConfigGcpSecretManagerCertificateConfig.java create mode 100644 sdk/java/src/main/java/com/pulumi/gcp/dataplex/AspectType.java create mode 100644 sdk/java/src/main/java/com/pulumi/gcp/dataplex/AspectTypeArgs.java create mode 100644 sdk/java/src/main/java/com/pulumi/gcp/dataplex/AspectTypeIamBinding.java create mode 100644 sdk/java/src/main/java/com/pulumi/gcp/dataplex/AspectTypeIamBindingArgs.java create mode 100644 sdk/java/src/main/java/com/pulumi/gcp/dataplex/AspectTypeIamMember.java create mode 100644 sdk/java/src/main/java/com/pulumi/gcp/dataplex/AspectTypeIamMemberArgs.java create mode 100644 sdk/java/src/main/java/com/pulumi/gcp/dataplex/AspectTypeIamPolicy.java create mode 100644 sdk/java/src/main/java/com/pulumi/gcp/dataplex/AspectTypeIamPolicyArgs.java create mode 100644 sdk/java/src/main/java/com/pulumi/gcp/dataplex/EntryGroup.java create mode 100644 sdk/java/src/main/java/com/pulumi/gcp/dataplex/EntryGroupArgs.java create mode 100644 sdk/java/src/main/java/com/pulumi/gcp/dataplex/EntryGroupIamBinding.java create mode 100644 sdk/java/src/main/java/com/pulumi/gcp/dataplex/EntryGroupIamBindingArgs.java create mode 100644 sdk/java/src/main/java/com/pulumi/gcp/dataplex/EntryGroupIamMember.java create mode 100644 sdk/java/src/main/java/com/pulumi/gcp/dataplex/EntryGroupIamMemberArgs.java create mode 100644 sdk/java/src/main/java/com/pulumi/gcp/dataplex/EntryGroupIamPolicy.java create mode 100644 sdk/java/src/main/java/com/pulumi/gcp/dataplex/EntryGroupIamPolicyArgs.java create mode 100644 sdk/java/src/main/java/com/pulumi/gcp/dataplex/inputs/AspectTypeIamBindingConditionArgs.java create mode 100644 sdk/java/src/main/java/com/pulumi/gcp/dataplex/inputs/AspectTypeIamBindingState.java create mode 100644 sdk/java/src/main/java/com/pulumi/gcp/dataplex/inputs/AspectTypeIamMemberConditionArgs.java create mode 100644 sdk/java/src/main/java/com/pulumi/gcp/dataplex/inputs/AspectTypeIamMemberState.java create mode 100644 sdk/java/src/main/java/com/pulumi/gcp/dataplex/inputs/AspectTypeIamPolicyState.java create mode 100644 sdk/java/src/main/java/com/pulumi/gcp/dataplex/inputs/AspectTypeState.java create mode 100644 sdk/java/src/main/java/com/pulumi/gcp/dataplex/inputs/EntryGroupIamBindingConditionArgs.java create mode 100644 sdk/java/src/main/java/com/pulumi/gcp/dataplex/inputs/EntryGroupIamBindingState.java create mode 100644 sdk/java/src/main/java/com/pulumi/gcp/dataplex/inputs/EntryGroupIamMemberConditionArgs.java create mode 100644 sdk/java/src/main/java/com/pulumi/gcp/dataplex/inputs/EntryGroupIamMemberState.java create mode 100644 sdk/java/src/main/java/com/pulumi/gcp/dataplex/inputs/EntryGroupIamPolicyState.java create mode 100644 sdk/java/src/main/java/com/pulumi/gcp/dataplex/inputs/EntryGroupState.java create mode 100644 sdk/java/src/main/java/com/pulumi/gcp/dataplex/inputs/GetAspectTypeIamPolicyArgs.java create mode 100644 sdk/java/src/main/java/com/pulumi/gcp/dataplex/inputs/GetAspectTypeIamPolicyPlainArgs.java create mode 100644 sdk/java/src/main/java/com/pulumi/gcp/dataplex/inputs/GetEntryGroupIamPolicyArgs.java create mode 100644 sdk/java/src/main/java/com/pulumi/gcp/dataplex/inputs/GetEntryGroupIamPolicyPlainArgs.java create mode 100644 sdk/java/src/main/java/com/pulumi/gcp/dataplex/outputs/AspectTypeIamBindingCondition.java create mode 100644 sdk/java/src/main/java/com/pulumi/gcp/dataplex/outputs/AspectTypeIamMemberCondition.java create mode 100644 sdk/java/src/main/java/com/pulumi/gcp/dataplex/outputs/EntryGroupIamBindingCondition.java create mode 100644 sdk/java/src/main/java/com/pulumi/gcp/dataplex/outputs/EntryGroupIamMemberCondition.java create mode 100644 sdk/java/src/main/java/com/pulumi/gcp/dataplex/outputs/GetAspectTypeIamPolicyResult.java create mode 100644 sdk/java/src/main/java/com/pulumi/gcp/dataplex/outputs/GetEntryGroupIamPolicyResult.java create mode 100644 sdk/java/src/main/java/com/pulumi/gcp/kms/AutokeyConfig.java create mode 100644 sdk/java/src/main/java/com/pulumi/gcp/kms/AutokeyConfigArgs.java create mode 100644 sdk/java/src/main/java/com/pulumi/gcp/kms/KeyHandle.java create mode 100644 sdk/java/src/main/java/com/pulumi/gcp/kms/KeyHandleArgs.java create mode 100644 sdk/java/src/main/java/com/pulumi/gcp/kms/inputs/AutokeyConfigState.java create mode 100644 sdk/java/src/main/java/com/pulumi/gcp/kms/inputs/KeyHandleState.java create mode 100644 sdk/java/src/main/java/com/pulumi/gcp/networkservices/LbRouteExtension.java create mode 100644 sdk/java/src/main/java/com/pulumi/gcp/networkservices/LbRouteExtensionArgs.java create mode 100644 sdk/java/src/main/java/com/pulumi/gcp/networkservices/inputs/LbRouteExtensionExtensionChainArgs.java create mode 100644 sdk/java/src/main/java/com/pulumi/gcp/networkservices/inputs/LbRouteExtensionExtensionChainExtensionArgs.java create mode 100644 sdk/java/src/main/java/com/pulumi/gcp/networkservices/inputs/LbRouteExtensionExtensionChainMatchConditionArgs.java create mode 100644 sdk/java/src/main/java/com/pulumi/gcp/networkservices/inputs/LbRouteExtensionState.java create mode 100644 sdk/java/src/main/java/com/pulumi/gcp/networkservices/outputs/LbRouteExtensionExtensionChain.java create mode 100644 sdk/java/src/main/java/com/pulumi/gcp/networkservices/outputs/LbRouteExtensionExtensionChainExtension.java create mode 100644 sdk/java/src/main/java/com/pulumi/gcp/networkservices/outputs/LbRouteExtensionExtensionChainMatchCondition.java create mode 100644 sdk/nodejs/compute/getSubnetworks.ts create mode 100644 sdk/nodejs/dataplex/aspectType.ts create mode 100644 sdk/nodejs/dataplex/aspectTypeIamBinding.ts create mode 100644 sdk/nodejs/dataplex/aspectTypeIamMember.ts create mode 100644 sdk/nodejs/dataplex/aspectTypeIamPolicy.ts create mode 100644 sdk/nodejs/dataplex/entryGroup.ts create mode 100644 sdk/nodejs/dataplex/entryGroupIamBinding.ts create mode 100644 sdk/nodejs/dataplex/entryGroupIamMember.ts create mode 100644 sdk/nodejs/dataplex/entryGroupIamPolicy.ts create mode 100644 sdk/nodejs/dataplex/getAspectTypeIamPolicy.ts create mode 100644 sdk/nodejs/dataplex/getEntryGroupIamPolicy.ts create mode 100644 sdk/nodejs/kms/autokeyConfig.ts create mode 100644 sdk/nodejs/kms/keyHandle.ts create mode 100644 sdk/nodejs/networkservices/lbRouteExtension.ts create mode 100644 sdk/python/pulumi_gcp/compute/get_subnetworks.py create mode 100644 sdk/python/pulumi_gcp/dataplex/aspect_type.py create mode 100644 sdk/python/pulumi_gcp/dataplex/aspect_type_iam_binding.py create mode 100644 sdk/python/pulumi_gcp/dataplex/aspect_type_iam_member.py create mode 100644 sdk/python/pulumi_gcp/dataplex/aspect_type_iam_policy.py create mode 100644 sdk/python/pulumi_gcp/dataplex/entry_group.py create mode 100644 sdk/python/pulumi_gcp/dataplex/entry_group_iam_binding.py create mode 100644 sdk/python/pulumi_gcp/dataplex/entry_group_iam_member.py create mode 100644 sdk/python/pulumi_gcp/dataplex/entry_group_iam_policy.py create mode 100644 sdk/python/pulumi_gcp/dataplex/get_aspect_type_iam_policy.py create mode 100644 sdk/python/pulumi_gcp/dataplex/get_entry_group_iam_policy.py create mode 100644 sdk/python/pulumi_gcp/kms/autokey_config.py create mode 100644 sdk/python/pulumi_gcp/kms/key_handle.py create mode 100644 sdk/python/pulumi_gcp/networkservices/lb_route_extension.py diff --git a/provider/cmd/pulumi-resource-gcp/bridge-metadata.json b/provider/cmd/pulumi-resource-gcp/bridge-metadata.json index df4168a761..05093cc49d 100644 --- a/provider/cmd/pulumi-resource-gcp/bridge-metadata.json +++ b/provider/cmd/pulumi-resource-gcp/bridge-metadata.json @@ -2536,6 +2536,23 @@ "avro_options": { "maxItemsOne": true }, + "bigtable_options": { + "maxItemsOne": true, + "elem": { + "fields": { + "column_family": { + "maxItemsOne": false, + "elem": { + "fields": { + "column": { + "maxItemsOne": false + } + } + } + } + } + } + }, "csv_options": { "maxItemsOne": true }, @@ -3389,6 +3406,9 @@ "empty_dir": { "maxItemsOne": true }, + "nfs": { + "maxItemsOne": true + }, "secret": { "maxItemsOne": true, "elem": { @@ -5613,6 +5633,9 @@ } } } + }, + "on_instance_stop_action": { + "maxItemsOne": true } } } @@ -5725,6 +5748,9 @@ } } } + }, + "on_instance_stop_action": { + "maxItemsOne": true } } } @@ -5837,6 +5863,9 @@ } } } + }, + "on_instance_stop_action": { + "maxItemsOne": true } } } @@ -6075,6 +6104,9 @@ } } } + }, + "on_instance_stop_action": { + "maxItemsOne": true } } } @@ -6947,6 +6979,9 @@ } } } + }, + "on_instance_stop_action": { + "maxItemsOne": true } } } @@ -8042,6 +8077,25 @@ } } } + }, + "rate_limit_options": { + "maxItemsOne": true, + "elem": { + "fields": { + "ban_threshold": { + "maxItemsOne": true + }, + "enforce_on_key_configs": { + "maxItemsOne": false + }, + "exceed_redirect_options": { + "maxItemsOne": true + }, + "rate_limit_threshold": { + "maxItemsOne": true + } + } + } } } }, @@ -9440,6 +9494,33 @@ "confidential_nodes": { "maxItemsOne": true }, + "containerd_config": { + "maxItemsOne": true, + "elem": { + "fields": { + "private_registry_access_config": { + "maxItemsOne": true, + "elem": { + "fields": { + "certificate_authority_domain_config": { + "maxItemsOne": false, + "elem": { + "fields": { + "fqdns": { + "maxItemsOne": false + }, + "gcp_secret_manager_certificate_config": { + "maxItemsOne": true + } + } + } + } + } + } + } + } + } + }, "effective_taints": { "maxItemsOne": false }, @@ -9582,6 +9663,33 @@ "confidential_nodes": { "maxItemsOne": true }, + "containerd_config": { + "maxItemsOne": true, + "elem": { + "fields": { + "private_registry_access_config": { + "maxItemsOne": true, + "elem": { + "fields": { + "certificate_authority_domain_config": { + "maxItemsOne": false, + "elem": { + "fields": { + "fqdns": { + "maxItemsOne": false + }, + "gcp_secret_manager_certificate_config": { + "maxItemsOne": true + } + } + } + } + } + } + } + } + } + }, "effective_taints": { "maxItemsOne": false }, @@ -9730,6 +9838,33 @@ "maxItemsOne": true, "elem": { "fields": { + "containerd_config": { + "maxItemsOne": true, + "elem": { + "fields": { + "private_registry_access_config": { + "maxItemsOne": true, + "elem": { + "fields": { + "certificate_authority_domain_config": { + "maxItemsOne": false, + "elem": { + "fields": { + "fqdns": { + "maxItemsOne": false + }, + "gcp_secret_manager_certificate_config": { + "maxItemsOne": true + } + } + } + } + } + } + } + } + } + }, "gcfs_config": { "maxItemsOne": true } @@ -9864,6 +9999,33 @@ "confidential_nodes": { "maxItemsOne": true }, + "containerd_config": { + "maxItemsOne": true, + "elem": { + "fields": { + "private_registry_access_config": { + "maxItemsOne": true, + "elem": { + "fields": { + "certificate_authority_domain_config": { + "maxItemsOne": false, + "elem": { + "fields": { + "fqdns": { + "maxItemsOne": false + }, + "gcp_secret_manager_certificate_config": { + "maxItemsOne": true + } + } + } + } + } + } + } + } + } + }, "effective_taints": { "maxItemsOne": false }, @@ -12427,6 +12589,35 @@ } } }, + "google_dataplex_aspect_type": { + "current": "gcp:dataplex/aspectType:AspectType", + "majorVersion": 7 + }, + "google_dataplex_aspect_type_iam_binding": { + "current": "gcp:dataplex/aspectTypeIamBinding:AspectTypeIamBinding", + "majorVersion": 7, + "fields": { + "condition": { + "maxItemsOne": true + }, + "members": { + "maxItemsOne": false + } + } + }, + "google_dataplex_aspect_type_iam_member": { + "current": "gcp:dataplex/aspectTypeIamMember:AspectTypeIamMember", + "majorVersion": 7, + "fields": { + "condition": { + "maxItemsOne": true + } + } + }, + "google_dataplex_aspect_type_iam_policy": { + "current": "gcp:dataplex/aspectTypeIamPolicy:AspectTypeIamPolicy", + "majorVersion": 7 + }, "google_dataplex_asset": { "current": "gcp:dataplex/asset:Asset", "majorVersion": 7, @@ -12645,6 +12836,35 @@ "current": "gcp:dataplex/datascanIamPolicy:DatascanIamPolicy", "majorVersion": 7 }, + "google_dataplex_entry_group": { + "current": "gcp:dataplex/entryGroup:EntryGroup", + "majorVersion": 7 + }, + "google_dataplex_entry_group_iam_binding": { + "current": "gcp:dataplex/entryGroupIamBinding:EntryGroupIamBinding", + "majorVersion": 7, + "fields": { + "condition": { + "maxItemsOne": true + }, + "members": { + "maxItemsOne": false + } + } + }, + "google_dataplex_entry_group_iam_member": { + "current": "gcp:dataplex/entryGroupIamMember:EntryGroupIamMember", + "majorVersion": 7, + "fields": { + "condition": { + "maxItemsOne": true + } + } + }, + "google_dataplex_entry_group_iam_policy": { + "current": "gcp:dataplex/entryGroupIamPolicy:EntryGroupIamPolicy", + "majorVersion": 7 + }, "google_dataplex_lake": { "current": "gcp:dataplex/lake:Lake", "majorVersion": 7, @@ -18798,6 +19018,10 @@ } } }, + "google_kms_autokey_config": { + "current": "gcp:kms/autokeyConfig:AutokeyConfig", + "majorVersion": 7 + }, "google_kms_crypto_key": { "current": "gcp:kms/cryptoKey:CryptoKey", "majorVersion": 7, @@ -18893,6 +19117,10 @@ } } }, + "google_kms_key_handle": { + "current": "gcp:kms/keyHandle:KeyHandle", + "majorVersion": 7 + }, "google_kms_key_ring": { "current": "gcp:kms/keyRing:KeyRing", "majorVersion": 7 @@ -20554,6 +20782,35 @@ } } }, + "google_network_services_lb_route_extension": { + "current": "gcp:networkservices/lbRouteExtension:LbRouteExtension", + "majorVersion": 7, + "fields": { + "extension_chains": { + "maxItemsOne": false, + "elem": { + "fields": { + "extensions": { + "maxItemsOne": false, + "elem": { + "fields": { + "forward_headers": { + "maxItemsOne": false + } + } + } + }, + "match_condition": { + "maxItemsOne": true + } + } + } + }, + "forwarding_rules": { + "maxItemsOne": false + } + } + }, "google_network_services_lb_traffic_extension": { "current": "gcp:networkservices/lbTrafficExtension:LbTrafficExtension", "majorVersion": 7, @@ -25834,6 +26091,9 @@ "empty_dir": { "maxItemsOne": false }, + "nfs": { + "maxItemsOne": false + }, "secret": { "maxItemsOne": false, "elem": { @@ -27029,6 +27289,9 @@ } } } + }, + "on_instance_stop_action": { + "maxItemsOne": false } } } @@ -27233,6 +27496,9 @@ } } } + }, + "on_instance_stop_action": { + "maxItemsOne": false } } } @@ -27469,6 +27735,9 @@ } } } + }, + "on_instance_stop_action": { + "maxItemsOne": false } } } @@ -27805,6 +28074,15 @@ "current": "gcp:compute/getSubnetworkIamPolicy:getSubnetworkIamPolicy", "majorVersion": 7 }, + "google_compute_subnetworks": { + "current": "gcp:compute/getSubnetworks:getSubnetworks", + "majorVersion": 7, + "fields": { + "subnetworks": { + "maxItemsOne": false + } + } + }, "google_compute_vpn_gateway": { "current": "gcp:compute/getVPNGateway:getVPNGateway", "majorVersion": 7 @@ -28107,6 +28385,33 @@ "confidential_nodes": { "maxItemsOne": false }, + "containerd_config": { + "maxItemsOne": false, + "elem": { + "fields": { + "private_registry_access_config": { + "maxItemsOne": false, + "elem": { + "fields": { + "certificate_authority_domain_config": { + "maxItemsOne": false, + "elem": { + "fields": { + "fqdns": { + "maxItemsOne": false + }, + "gcp_secret_manager_certificate_config": { + "maxItemsOne": false + } + } + } + } + } + } + } + } + } + }, "effective_taints": { "maxItemsOne": false }, @@ -28249,6 +28554,33 @@ "confidential_nodes": { "maxItemsOne": false }, + "containerd_config": { + "maxItemsOne": false, + "elem": { + "fields": { + "private_registry_access_config": { + "maxItemsOne": false, + "elem": { + "fields": { + "certificate_authority_domain_config": { + "maxItemsOne": false, + "elem": { + "fields": { + "fqdns": { + "maxItemsOne": false + }, + "gcp_secret_manager_certificate_config": { + "maxItemsOne": false + } + } + } + } + } + } + } + } + } + }, "effective_taints": { "maxItemsOne": false }, @@ -28397,6 +28729,33 @@ "maxItemsOne": false, "elem": { "fields": { + "containerd_config": { + "maxItemsOne": false, + "elem": { + "fields": { + "private_registry_access_config": { + "maxItemsOne": false, + "elem": { + "fields": { + "certificate_authority_domain_config": { + "maxItemsOne": false, + "elem": { + "fields": { + "fqdns": { + "maxItemsOne": false + }, + "gcp_secret_manager_certificate_config": { + "maxItemsOne": false + } + } + } + } + } + } + } + } + } + }, "gcfs_config": { "maxItemsOne": false } @@ -28530,6 +28889,10 @@ "current": "gcp:dataform/getRepositoryIamPolicy:getRepositoryIamPolicy", "majorVersion": 7 }, + "google_dataplex_aspect_type_iam_policy": { + "current": "gcp:dataplex/getAspectTypeIamPolicy:getAspectTypeIamPolicy", + "majorVersion": 7 + }, "google_dataplex_asset_iam_policy": { "current": "gcp:dataplex/getAssetIamPolicy:getAssetIamPolicy", "majorVersion": 7 @@ -28538,6 +28901,10 @@ "current": "gcp:dataplex/getDatascanIamPolicy:getDatascanIamPolicy", "majorVersion": 7 }, + "google_dataplex_entry_group_iam_policy": { + "current": "gcp:dataplex/getEntryGroupIamPolicy:getEntryGroupIamPolicy", + "majorVersion": 7 + }, "google_dataplex_lake_iam_policy": { "current": "gcp:dataplex/getLakeIamPolicy:getLakeIamPolicy", "majorVersion": 7 @@ -30676,6 +31043,10 @@ "effective_labels", "terraform_labels" ], + "google_dataplex_aspect_type": [ + "effective_labels", + "terraform_labels" + ], "google_dataplex_asset": [ "effective_labels", "terraform_labels" @@ -30684,6 +31055,10 @@ "effective_labels", "terraform_labels" ], + "google_dataplex_entry_group": [ + "effective_labels", + "terraform_labels" + ], "google_dataplex_lake": [ "effective_labels", "terraform_labels" @@ -30964,6 +31339,10 @@ "effective_labels", "terraform_labels" ], + "google_network_services_lb_route_extension": [ + "effective_labels", + "terraform_labels" + ], "google_network_services_lb_traffic_extension": [ "effective_labels", "terraform_labels" @@ -31689,6 +32068,10 @@ "gcp:dataloss/preventionInspectTemplate:PreventionInspectTemplate": 0, "gcp:dataloss/preventionJobTrigger:PreventionJobTrigger": 0, "gcp:dataloss/preventionStoredInfoType:PreventionStoredInfoType": 0, + "gcp:dataplex/aspectType:AspectType": 0, + "gcp:dataplex/aspectTypeIamBinding:AspectTypeIamBinding": 0, + "gcp:dataplex/aspectTypeIamMember:AspectTypeIamMember": 0, + "gcp:dataplex/aspectTypeIamPolicy:AspectTypeIamPolicy": 0, "gcp:dataplex/asset:Asset": 0, "gcp:dataplex/assetIamBinding:AssetIamBinding": 0, "gcp:dataplex/assetIamMember:AssetIamMember": 0, @@ -31697,6 +32080,10 @@ "gcp:dataplex/datascanIamBinding:DatascanIamBinding": 0, "gcp:dataplex/datascanIamMember:DatascanIamMember": 0, "gcp:dataplex/datascanIamPolicy:DatascanIamPolicy": 0, + "gcp:dataplex/entryGroup:EntryGroup": 0, + "gcp:dataplex/entryGroupIamBinding:EntryGroupIamBinding": 0, + "gcp:dataplex/entryGroupIamMember:EntryGroupIamMember": 0, + "gcp:dataplex/entryGroupIamPolicy:EntryGroupIamPolicy": 0, "gcp:dataplex/lake:Lake": 0, "gcp:dataplex/lakeIamBinding:LakeIamBinding": 0, "gcp:dataplex/lakeIamMember:LakeIamMember": 0, @@ -31917,12 +32304,14 @@ "gcp:integrationconnectors/connection:Connection": 0, "gcp:integrationconnectors/endpointAttachment:EndpointAttachment": 0, "gcp:integrationconnectors/managedZone:ManagedZone": 0, + "gcp:kms/autokeyConfig:AutokeyConfig": 0, "gcp:kms/cryptoKey:CryptoKey": 0, "gcp:kms/cryptoKeyIAMBinding:CryptoKeyIAMBinding": 0, "gcp:kms/cryptoKeyIAMMember:CryptoKeyIAMMember": 0, "gcp:kms/cryptoKeyIAMPolicy:CryptoKeyIAMPolicy": 0, "gcp:kms/cryptoKeyVersion:CryptoKeyVersion": 0, "gcp:kms/ekmConnection:EkmConnection": 0, + "gcp:kms/keyHandle:KeyHandle": 0, "gcp:kms/keyRing:KeyRing": 0, "gcp:kms/keyRingIAMBinding:KeyRingIAMBinding": 0, "gcp:kms/keyRingIAMMember:KeyRingIAMMember": 0, @@ -31998,6 +32387,7 @@ "gcp:networkservices/gateway:Gateway": 0, "gcp:networkservices/grpcRoute:GrpcRoute": 0, "gcp:networkservices/httpRoute:HttpRoute": 0, + "gcp:networkservices/lbRouteExtension:LbRouteExtension": 0, "gcp:networkservices/lbTrafficExtension:LbTrafficExtension": 0, "gcp:networkservices/mesh:Mesh": 0, "gcp:networkservices/serviceBinding:ServiceBinding": 0, @@ -32314,6 +32704,7 @@ "gcp:compute/getSnapshotIamPolicy:getSnapshotIamPolicy": 0, "gcp:compute/getSubnetwork:getSubnetwork": 0, "gcp:compute/getSubnetworkIamPolicy:getSubnetworkIamPolicy": 0, + "gcp:compute/getSubnetworks:getSubnetworks": 0, "gcp:compute/getVPNGateway:getVPNGateway": 0, "gcp:compute/getZones:getZones": 0, "gcp:compute/routerStatus:RouterStatus": 0, @@ -32332,8 +32723,10 @@ "gcp:datacatalog/getTaxonomyIamPolicy:getTaxonomyIamPolicy": 0, "gcp:dataform/getRepositoryIamPolicy:getRepositoryIamPolicy": 0, "gcp:datafusion/getInstanceIamPolicy:getInstanceIamPolicy": 0, + "gcp:dataplex/getAspectTypeIamPolicy:getAspectTypeIamPolicy": 0, "gcp:dataplex/getAssetIamPolicy:getAssetIamPolicy": 0, "gcp:dataplex/getDatascanIamPolicy:getDatascanIamPolicy": 0, + "gcp:dataplex/getEntryGroupIamPolicy:getEntryGroupIamPolicy": 0, "gcp:dataplex/getLakeIamPolicy:getLakeIamPolicy": 0, "gcp:dataplex/getTaskIamPolicy:getTaskIamPolicy": 0, "gcp:dataplex/getZoneIamPolicy:getZoneIamPolicy": 0, diff --git a/provider/cmd/pulumi-resource-gcp/schema.json b/provider/cmd/pulumi-resource-gcp/schema.json index a0089ab812..ef7080c81a 100644 --- a/provider/cmd/pulumi-resource-gcp/schema.json +++ b/provider/cmd/pulumi-resource-gcp/schema.json @@ -4706,6 +4706,10 @@ }, "description": "List of ports, or port pairs, to forward from the virtual machine to the application container.\n" }, + "instanceIpMode": { + "type": "string", + "description": "Prevent instances from receiving an ephemeral external IP address.\nPossible values are: `EXTERNAL`, `INTERNAL`.\n" + }, "instanceTag": { "type": "string", "description": "Tag to apply to the instance during creation.\n" @@ -9128,6 +9132,10 @@ "$ref": "#/types/gcp:bigquery/TableExternalDataConfigurationAvroOptions:TableExternalDataConfigurationAvroOptions", "description": "Additional options if `source_format` is set to\n\"AVRO\". Structure is documented below.\n" }, + "bigtableOptions": { + "$ref": "#/types/gcp:bigquery/TableExternalDataConfigurationBigtableOptions:TableExternalDataConfigurationBigtableOptions", + "description": "Additional properties to set if\n`source_format` is set to \"BIGTABLE\". Structure is documented below.\n" + }, "compression": { "type": "string", "description": "The compression type of the data source.\nValid values are \"NONE\" or \"GZIP\".\n" @@ -9228,6 +9236,87 @@ "useAvroLogicalTypes" ] }, + "gcp:bigquery/TableExternalDataConfigurationBigtableOptions:TableExternalDataConfigurationBigtableOptions": { + "properties": { + "columnFamilies": { + "type": "array", + "items": { + "$ref": "#/types/gcp:bigquery/TableExternalDataConfigurationBigtableOptionsColumnFamily:TableExternalDataConfigurationBigtableOptionsColumnFamily" + }, + "description": "A list of column families to expose in the table schema along with their types. This list restricts the column families that can be referenced in queries and specifies their value types. You can use this list to do type conversions - see the 'type' field for more details. If you leave this list empty, all column families are present in the table schema and their values are read as BYTES. During a query only the column families referenced in that query are read from Bigtable. Structure is documented below.\n" + }, + "ignoreUnspecifiedColumnFamilies": { + "type": "boolean", + "description": "If field is true, then the column families that are not specified in columnFamilies list are not exposed in the table schema. Otherwise, they are read with BYTES type values. The default value is false.\n" + }, + "outputColumnFamiliesAsJson": { + "type": "boolean", + "description": "If field is true, then each column family will be read as a single JSON column. Otherwise they are read as a repeated cell structure containing timestamp/value tuples. The default value is false.\n" + }, + "readRowkeyAsString": { + "type": "boolean", + "description": "If field is true, then the rowkey column families will be read and converted to string. Otherwise they are read with BYTES type values and users need to manually cast them with CAST if necessary. The default value is false.\n" + } + }, + "type": "object" + }, + "gcp:bigquery/TableExternalDataConfigurationBigtableOptionsColumnFamily:TableExternalDataConfigurationBigtableOptionsColumnFamily": { + "properties": { + "columns": { + "type": "array", + "items": { + "$ref": "#/types/gcp:bigquery/TableExternalDataConfigurationBigtableOptionsColumnFamilyColumn:TableExternalDataConfigurationBigtableOptionsColumnFamilyColumn" + }, + "description": "A List of columns that should be exposed as individual fields as opposed to a list of (column name, value) pairs. All columns whose qualifier matches a qualifier in this list can be accessed as Other columns can be accessed as a list through column field. Structure is documented below.\n" + }, + "encoding": { + "type": "string", + "description": "The encoding of the values when the type is not STRING. Acceptable encoding values are: TEXT - indicates values are alphanumeric text strings. BINARY - indicates values are encoded using HBase Bytes.toBytes family of functions. This can be overridden for a specific column by listing that column in 'columns' and specifying an encoding for it.\n" + }, + "familyId": { + "type": "string", + "description": "Identifier of the column family.\n" + }, + "onlyReadLatest": { + "type": "boolean", + "description": "If this is set only the latest version of value are exposed for all columns in this column family. This can be overridden for a specific column by listing that column in 'columns' and specifying a different setting for that column.\n" + }, + "type": { + "type": "string", + "description": "The type to convert the value in cells of this column family. The values are expected to be encoded using HBase Bytes.toBytes function when using the BINARY encoding value. Following BigQuery types are allowed (case-sensitive): \"BYTES\", \"STRING\", \"INTEGER\", \"FLOAT\", \"BOOLEAN\", \"JSON\". Default type is BYTES. This can be overridden for a specific column by listing that column in 'columns' and specifying a type for it.\n" + } + }, + "type": "object" + }, + "gcp:bigquery/TableExternalDataConfigurationBigtableOptionsColumnFamilyColumn:TableExternalDataConfigurationBigtableOptionsColumnFamilyColumn": { + "properties": { + "encoding": { + "type": "string", + "description": "The encoding of the values when the type is not STRING. Acceptable encoding values are: TEXT - indicates values are alphanumeric text strings. BINARY - indicates values are encoded using HBase Bytes.toBytes family of functions. 'encoding' can also be set at the column family level. However, the setting at this level takes precedence if 'encoding' is set at both levels.\n" + }, + "fieldName": { + "type": "string", + "description": "If the qualifier is not a valid BigQuery field identifier i.e. does not match [a-zA-Z][a-zA-Z0-9_]*, a valid identifier must be provided as the column field name and is used as field name in queries.\n" + }, + "onlyReadLatest": { + "type": "boolean", + "description": "If this is set, only the latest version of value in this column are exposed. 'onlyReadLatest' can also be set at the column family level. However, the setting at this level takes precedence if 'onlyReadLatest' is set at both levels.\n" + }, + "qualifierEncoded": { + "type": "string", + "description": "Qualifier of the column. Columns in the parent column family that has this exact qualifier are exposed as . field. If the qualifier is valid UTF-8 string, it can be specified in the qualifierString field. Otherwise, a base-64 encoded value must be set to qualifierEncoded. The column field name is the same as the column qualifier. However, if the qualifier is not a valid BigQuery field identifier i.e. does not match [a-zA-Z][a-zA-Z0-9_]*, a valid identifier must be provided as fieldName.\n" + }, + "qualifierString": { + "type": "string", + "description": "Qualifier string.\n" + }, + "type": { + "type": "string", + "description": "The type to convert the value in cells of this column. The values are expected to be encoded using HBase Bytes.toBytes function when using the BINARY encoding value. Following BigQuery types are allowed (case-sensitive): \"BYTES\", \"STRING\", \"INTEGER\", \"FLOAT\", \"BOOLEAN\", \"JSON\", Default type is \"BYTES\". 'type' can also be set at the column family level. However, the setting at this level takes precedence if 'type' is set at both levels.\n" + } + }, + "type": "object" + }, "gcp:bigquery/TableExternalDataConfigurationCsvOptions:TableExternalDataConfigurationCsvOptions": { "properties": { "allowJaggedRows": { @@ -9473,7 +9562,7 @@ "properties": { "replicationIntervalMs": { "type": "integer", - "description": "The interval at which the source materialized view is polled for updates. The default is 300000.\n", + "description": "The interval at which the source\nmaterialized view is polled for updates. The default is 300000.\n", "willReplaceOnChanges": true }, "sourceDatasetId": { @@ -21301,6 +21390,10 @@ "type": "string", "description": "Volume's name.\n" }, + "nfs": { + "$ref": "#/types/gcp:cloudrun/ServiceTemplateSpecVolumeNfs:ServiceTemplateSpecVolumeNfs", + "description": "A filesystem backed by a Network File System share. This filesystem requires the\nrun.googleapis.com/execution-environment annotation to be set to \"gen2\" and\nrun.googleapis.com/launch-stage set to \"BETA\" or \"ALPHA\".\nStructure is documented below.\n" + }, "secret": { "$ref": "#/types/gcp:cloudrun/ServiceTemplateSpecVolumeSecret:ServiceTemplateSpecVolumeSecret", "description": "The secret's value will be presented as the content of a file whose\nname is defined in the item path. If no items are defined, the name of\nthe file is the secret_name.\nStructure is documented below.\n" @@ -21326,7 +21419,7 @@ "additionalProperties": { "type": "string" }, - "description": "Driver-specific attributes. The following options are supported for available drivers:\n* gcsfuse.run.googleapis.com\n* bucketName: The name of the Cloud Storage Bucket that backs this volume. The Cloud Run Service identity must have access to this bucket.\n\n- - -\n" + "description": "Driver-specific attributes. The following options are supported for available drivers:\n* gcsfuse.run.googleapis.com\n* bucketName: The name of the Cloud Storage Bucket that backs this volume. The Cloud Run Service identity must have access to this bucket.\n" } }, "type": "object", @@ -21355,6 +21448,27 @@ }, "type": "object" }, + "gcp:cloudrun/ServiceTemplateSpecVolumeNfs:ServiceTemplateSpecVolumeNfs": { + "properties": { + "path": { + "type": "string", + "description": "Path exported by the NFS server\n" + }, + "readOnly": { + "type": "boolean", + "description": "If true, mount the NFS volume as read only in all mounts. Defaults to false.\n\n- - -\n" + }, + "server": { + "type": "string", + "description": "IP address or hostname of the NFS server\n" + } + }, + "type": "object", + "required": [ + "path", + "server" + ] + }, "gcp:cloudrun/ServiceTemplateSpecVolumeSecret:ServiceTemplateSpecVolumeSecret": { "properties": { "defaultMode": { @@ -22415,6 +22529,13 @@ "type": "string", "description": "The name of the Cloud Run Service.\n" }, + "nfs": { + "type": "array", + "items": { + "$ref": "#/types/gcp:cloudrun/getServiceTemplateSpecVolumeNf:getServiceTemplateSpecVolumeNf" + }, + "description": "A filesystem backed by a Network File System share. This filesystem requires the\nrun.googleapis.com/execution-environment annotation to be set to \"gen2\" and\nrun.googleapis.com/launch-stage set to \"BETA\" or \"ALPHA\".\n" + }, "secrets": { "type": "array", "items": { @@ -22428,6 +22549,7 @@ "csis", "emptyDirs", "name", + "nfs", "secrets" ], "language": { @@ -22488,6 +22610,33 @@ } } }, + "gcp:cloudrun/getServiceTemplateSpecVolumeNf:getServiceTemplateSpecVolumeNf": { + "properties": { + "path": { + "type": "string", + "description": "Path exported by the NFS server\n" + }, + "readOnly": { + "type": "boolean", + "description": "If true, mount the NFS volume as read only in all mounts. Defaults to false.\n" + }, + "server": { + "type": "string", + "description": "IP address or hostname of the NFS server\n" + } + }, + "type": "object", + "required": [ + "path", + "readOnly", + "server" + ], + "language": { + "nodejs": { + "requiredInputs": [] + } + } + }, "gcp:cloudrun/getServiceTemplateSpecVolumeSecret:getServiceTemplateSpecVolumeSecret": { "properties": { "defaultMode": { @@ -30384,6 +30533,11 @@ "type": "string", "description": "Describes maintenance behavior for the instance. One of MIGRATE or TERMINATE,\n" }, + "onInstanceStopAction": { + "$ref": "#/types/gcp:compute/InstanceFromMachineImageSchedulingOnInstanceStopAction:InstanceFromMachineImageSchedulingOnInstanceStopAction", + "description": "Defines the behaviour for instances with the instance_termination_action.\n", + "willReplaceOnChanges": true + }, "preemptible": { "type": "boolean", "description": "Whether the instance is preemptible.\n", @@ -30407,6 +30561,7 @@ "minNodeCpus", "nodeAffinities", "onHostMaintenance", + "onInstanceStopAction", "preemptible", "provisioningModel" ] @@ -30487,6 +30642,23 @@ "values" ] }, + "gcp:compute/InstanceFromMachineImageSchedulingOnInstanceStopAction:InstanceFromMachineImageSchedulingOnInstanceStopAction": { + "properties": { + "discardLocalSsd": { + "type": "boolean", + "description": "If true, the contents of any attached Local SSD disks will be discarded.\n", + "willReplaceOnChanges": true + } + }, + "type": "object", + "language": { + "nodejs": { + "requiredOutputs": [ + "discardLocalSsd" + ] + } + } + }, "gcp:compute/InstanceFromMachineImageScratchDisk:InstanceFromMachineImageScratchDisk": { "properties": { "deviceName": { @@ -31128,6 +31300,11 @@ "type": "string", "description": "Describes maintenance behavior for the instance. One of MIGRATE or TERMINATE,\n" }, + "onInstanceStopAction": { + "$ref": "#/types/gcp:compute/InstanceFromTemplateSchedulingOnInstanceStopAction:InstanceFromTemplateSchedulingOnInstanceStopAction", + "description": "Defines the behaviour for instances with the instance_termination_action.\n", + "willReplaceOnChanges": true + }, "preemptible": { "type": "boolean", "description": "Whether the instance is preemptible.\n", @@ -31151,6 +31328,7 @@ "minNodeCpus", "nodeAffinities", "onHostMaintenance", + "onInstanceStopAction", "preemptible", "provisioningModel" ] @@ -31231,6 +31409,23 @@ "values" ] }, + "gcp:compute/InstanceFromTemplateSchedulingOnInstanceStopAction:InstanceFromTemplateSchedulingOnInstanceStopAction": { + "properties": { + "discardLocalSsd": { + "type": "boolean", + "description": "If true, the contents of any attached Local SSD disks will be discarded.\n", + "willReplaceOnChanges": true + } + }, + "type": "object", + "language": { + "nodejs": { + "requiredOutputs": [ + "discardLocalSsd" + ] + } + } + }, "gcp:compute/InstanceFromTemplateScratchDisk:InstanceFromTemplateScratchDisk": { "properties": { "deviceName": { @@ -31999,7 +32194,7 @@ }, "maxRunDuration": { "$ref": "#/types/gcp:compute/InstanceSchedulingMaxRunDuration:InstanceSchedulingMaxRunDuration", - "description": "The duration of the instance. Instance will run and be terminated after then, the termination action could be defined in `instance_termination_action`. Only support `DELETE` `instance_termination_action` at this point. Structure is documented below.\n\u003ca name=\"nested_max_run_duration\"\u003e\u003c/a\u003eThe `max_run_duration` block supports:\n", + "description": "The duration of the instance. Instance will run and be terminated after then, the termination action could be defined in `instance_termination_action`. Structure is documented below.\n", "willReplaceOnChanges": true }, "minNodeCpus": { @@ -32017,6 +32212,11 @@ "type": "string", "description": "Describes maintenance behavior for the\ninstance. Can be MIGRATE or TERMINATE, for more info, read\n[here](https://cloud.google.com/compute/docs/instances/setting-instance-scheduling-options).\n" }, + "onInstanceStopAction": { + "$ref": "#/types/gcp:compute/InstanceSchedulingOnInstanceStopAction:InstanceSchedulingOnInstanceStopAction", + "description": "Specifies the action to be performed when the instance is terminated using `max_run_duration` and `STOP` `instance_termination_action`. Only support `true` `discard_local_ssd` at this point. Structure is documented below.\n", + "willReplaceOnChanges": true + }, "preemptible": { "type": "boolean", "description": "Specifies if the instance is preemptible.\nIf this field is set to true, then `automatic_restart` must be\nset to false. Defaults to false.\n", @@ -32060,12 +32260,12 @@ "properties": { "nanos": { "type": "integer", - "description": "Span of time that's a fraction of a second at nanosecond\nresolution. Durations less than one second are represented\nwith a 0 seconds field and a positive nanos field. Must\nbe from 0 to 999,999,999 inclusive.\n", + "description": "Span of time that's a fraction of a second at nanosecond\nresolution. Durations less than one second are represented with a 0\n`seconds` field and a positive `nanos` field. Must be from 0 to\n999,999,999 inclusive.\n", "willReplaceOnChanges": true }, "seconds": { "type": "integer", - "description": "Span of time at a resolution of a second.\nMust be from 0 to 315,576,000,000 inclusive.\n", + "description": "Span of time at a resolution of a second. Must be from 0 to\n315,576,000,000 inclusive. Note: these bounds are computed from: 60\nsec/min * 60 min/hr * 24 hr/day * 365.25 days/year * 10000 years.\n", "willReplaceOnChanges": true } }, @@ -32099,6 +32299,16 @@ "values" ] }, + "gcp:compute/InstanceSchedulingOnInstanceStopAction:InstanceSchedulingOnInstanceStopAction": { + "properties": { + "discardLocalSsd": { + "type": "boolean", + "description": "Whether to discard local SSDs attached to the VM while terminating using `max_run_duration`. Only supports `true` at this point.\n", + "willReplaceOnChanges": true + } + }, + "type": "object" + }, "gcp:compute/InstanceScratchDisk:InstanceScratchDisk": { "properties": { "deviceName": { @@ -32683,7 +32893,7 @@ }, "maxRunDuration": { "$ref": "#/types/gcp:compute/InstanceTemplateSchedulingMaxRunDuration:InstanceTemplateSchedulingMaxRunDuration", - "description": "The duration of the instance. Instance will run and be terminated after then, the termination action could be defined in `instance_termination_action`. Only support `DELETE` `instance_termination_action` at this point. Structure is documented below.\n\u003ca name=\"nested_max_run_duration\"\u003e\u003c/a\u003eThe `max_run_duration` block supports:\n", + "description": "The duration of the instance. Instance will run and be terminated after then, the termination action could be defined in `instance_termination_action`. Structure is documented below.\n", "willReplaceOnChanges": true }, "minNodeCpus": { @@ -32704,6 +32914,11 @@ "description": "Defines the maintenance behavior for this\ninstance.\n", "willReplaceOnChanges": true }, + "onInstanceStopAction": { + "$ref": "#/types/gcp:compute/InstanceTemplateSchedulingOnInstanceStopAction:InstanceTemplateSchedulingOnInstanceStopAction", + "description": "Specifies the action to be performed when the instance is terminated using `max_run_duration` and `STOP` `instance_termination_action`. Only support `true` `discard_local_ssd` at this point. Structure is documented below.\n", + "willReplaceOnChanges": true + }, "preemptible": { "type": "boolean", "description": "Allows instance to be preempted. This defaults to\nfalse. Read more on this\n[here](https://cloud.google.com/compute/docs/instances/preemptible).\n", @@ -32747,12 +32962,12 @@ "properties": { "nanos": { "type": "integer", - "description": "Span of time that's a fraction of a second at nanosecond\nresolution. Durations less than one second are represented\nwith a 0 seconds field and a positive nanos field. Must\nbe from 0 to 999,999,999 inclusive.\n", + "description": "Span of time that's a fraction of a second at nanosecond\nresolution. Durations less than one second are represented with a 0\n`seconds` field and a positive `nanos` field. Must be from 0 to\n999,999,999 inclusive.\n", "willReplaceOnChanges": true }, "seconds": { "type": "integer", - "description": "Span of time at a resolution of a second.\nMust be from 0 to 315,576,000,000 inclusive.\n", + "description": "Span of time at a resolution of a second. Must be from 0 to\n315,576,000,000 inclusive. Note: these bounds are computed from: 60\nsec/min * 60 min/hr * 24 hr/day * 365.25 days/year * 10000 years.\n", "willReplaceOnChanges": true } }, @@ -32785,6 +33000,16 @@ "values" ] }, + "gcp:compute/InstanceTemplateSchedulingOnInstanceStopAction:InstanceTemplateSchedulingOnInstanceStopAction": { + "properties": { + "discardLocalSsd": { + "type": "boolean", + "description": "Whether to discard local SSDs attached to the VM while terminating using `max_run_duration`. Only supports `true` at this point.\n", + "willReplaceOnChanges": true + } + }, + "type": "object" + }, "gcp:compute/InstanceTemplateServiceAccount:InstanceTemplateServiceAccount": { "properties": { "email": { @@ -35598,6 +35823,11 @@ "description": "Defines the maintenance behavior for this\ninstance.\n", "willReplaceOnChanges": true }, + "onInstanceStopAction": { + "$ref": "#/types/gcp:compute/RegionInstanceTemplateSchedulingOnInstanceStopAction:RegionInstanceTemplateSchedulingOnInstanceStopAction", + "description": "Defines the behaviour for instances with the instance_termination_action.\n", + "willReplaceOnChanges": true + }, "preemptible": { "type": "boolean", "description": "Allows instance to be preempted. This defaults to\nfalse. Read more on this\n[here](https://cloud.google.com/compute/docs/instances/preemptible).\n", @@ -35679,6 +35909,16 @@ "values" ] }, + "gcp:compute/RegionInstanceTemplateSchedulingOnInstanceStopAction:RegionInstanceTemplateSchedulingOnInstanceStopAction": { + "properties": { + "discardLocalSsd": { + "type": "boolean", + "description": "If true, the contents of any attached Local SSD disks will be discarded.\n", + "willReplaceOnChanges": true + } + }, + "type": "object" + }, "gcp:compute/RegionInstanceTemplateServiceAccount:RegionInstanceTemplateServiceAccount": { "properties": { "email": { @@ -38780,7 +39020,7 @@ }, "jsonParsing": { "type": "string", - "description": "Whether or not to JSON parse the payload body. Defaults to `DISABLED`.\n* `DISABLED` - Don't parse JSON payloads in POST bodies.\n* `STANDARD` - Parse JSON payloads in POST bodies.\n" + "description": "Whether or not to JSON parse the payload body. Defaults to `DISABLED`.\n* `DISABLED` - Don't parse JSON payloads in POST bodies.\n* `STANDARD` - Parse JSON payloads in POST bodies.\n* `STANDARD_WITH_GRAPHQL` - Parse JSON and GraphQL payloads in POST bodies.\n" }, "logLevel": { "type": "string", @@ -39087,50 +39327,45 @@ "properties": { "banDurationSec": { "type": "integer", - "description": "Can only be specified if the `action` for the rule is `rate_based_ban`.\nIf specified, determines the time (in seconds) the traffic will continue to be banned by the rate limit after the rate falls below the threshold.\n" + "description": "Can only be specified if the action for the rule is \"rate_based_ban\".\nIf specified, determines the time (in seconds) the traffic will continue to be banned by the rate limit after the rate falls below the threshold.\n" }, "banThreshold": { "$ref": "#/types/gcp:compute/SecurityPolicyRuleRateLimitOptionsBanThreshold:SecurityPolicyRuleRateLimitOptionsBanThreshold", - "description": "Can only be specified if the `action` for the rule is `rate_based_ban`.\nIf specified, the key will be banned for the configured `ban_duration_sec` when the number of requests that exceed the `rate_limit_threshold` also\nexceed this `ban_threshold`. Structure is documented below.\n" + "description": "Can only be specified if the action for the rule is \"rate_based_ban\".\nIf specified, the key will be banned for the configured 'banDurationSec' when the number of requests that exceed the 'rateLimitThreshold' also exceed this 'banThreshold'.\nStructure is documented below.\n" }, "conformAction": { "type": "string", - "description": "Action to take for requests that are under the configured rate limit threshold. Valid option is `allow` only.\n" + "description": "Action to take for requests that are under the configured rate limit threshold.\nValid option is \"allow\" only.\n" }, "enforceOnKey": { "type": "string", - "description": "Determines the key to enforce the rate_limit_threshold on. If not specified, defaults to `ALL`.\n\n* `ALL`: A single rate limit threshold is applied to all the requests matching this rule.\n* `IP`: The source IP address of the request is the key. Each IP has this limit enforced separately.\n* `HTTP_HEADER`: The value of the HTTP header whose name is configured under `enforce_on_key_name`. The key value is truncated to the first 128 bytes of the header value. If no such header is present in the request, the key type defaults to `ALL`.\n* `XFF_IP`: The first IP address (i.e. the originating client IP address) specified in the list of IPs under `X-Forwarded-For` HTTP header. If no such header is present or the value is not a valid IP, the key type defaults to `ALL`.\n* `HTTP_COOKIE`: The value of the HTTP cookie whose name is configured under `enforce_on_key_name`. The key value is truncated to the first 128 bytes of the cookie value. If no such cookie is present in the request, the key type defaults to `ALL`.\n* `HTTP_PATH`: The URL path of the HTTP request. The key value is truncated to the first 128 bytes\n* `SNI`: Server name indication in the TLS session of the HTTPS request. The key value is truncated to the first 128 bytes. The key type defaults to `ALL` on a HTTP session.\n* `REGION_CODE`: The country/region from which the request originates.\n" + "description": "Determines the key to enforce the rateLimitThreshold on. Possible values are:\n* ALL: A single rate limit threshold is applied to all the requests matching this rule. This is the default value if \"enforceOnKey\" is not configured.\n* IP: The source IP address of the request is the key. Each IP has this limit enforced separately.\n* HTTP_HEADER: The value of the HTTP header whose name is configured under \"enforceOnKeyName\". The key value is truncated to the first 128 bytes of the header value. If no such header is present in the request, the key type defaults to ALL.\n* XFF_IP: The first IP address (i.e. the originating client IP address) specified in the list of IPs under X-Forwarded-For HTTP header. If no such header is present or the value is not a valid IP, the key defaults to the source IP address of the request i.e. key type IP.\n* HTTP_COOKIE: The value of the HTTP cookie whose name is configured under \"enforceOnKeyName\". The key value is truncated to the first 128 bytes of the cookie value. If no such cookie is present in the request, the key type defaults to ALL.\n* HTTP_PATH: The URL path of the HTTP request. The key value is truncated to the first 128 bytes.\n* SNI: Server name indication in the TLS session of the HTTPS request. The key value is truncated to the first 128 bytes. The key type defaults to ALL on a HTTP session.\n* REGION_CODE: The country/region from which the request originates.\n* TLS_JA3_FINGERPRINT: JA3 TLS/SSL fingerprint if the client connects using HTTPS, HTTP/2 or HTTP/3. If not available, the key type defaults to ALL.\n* USER_IP: The IP address of the originating client, which is resolved based on \"userIpRequestHeaders\" configured with the security policy. If there is no \"userIpRequestHeaders\" configuration or an IP address cannot be resolved from it, the key type defaults to IP.\nPossible values are: `ALL`, `IP`, `HTTP_HEADER`, `XFF_IP`, `HTTP_COOKIE`, `HTTP_PATH`, `SNI`, `REGION_CODE`, `TLS_JA3_FINGERPRINT`, `USER_IP`.\n" }, "enforceOnKeyConfigs": { "type": "array", "items": { "$ref": "#/types/gcp:compute/SecurityPolicyRuleRateLimitOptionsEnforceOnKeyConfig:SecurityPolicyRuleRateLimitOptionsEnforceOnKeyConfig" }, - "description": "If specified, any combination of values of enforce_on_key_type/enforce_on_key_name is treated as the key on which rate limit threshold/action is enforced. You can specify up to 3 enforce_on_key_configs. If `enforce_on_key_configs` is specified, `enforce_on_key` must be set to an empty string. Structure is documented below.\n\n**Note:** To avoid the conflict between `enforce_on_key` and `enforce_on_key_configs`, the field `enforce_on_key` needs to be set to an empty string.\n" + "description": "If specified, any combination of values of enforceOnKeyType/enforceOnKeyName is treated as the key on which ratelimit threshold/action is enforced.\nYou can specify up to 3 enforceOnKeyConfigs.\nIf enforceOnKeyConfigs is specified, enforceOnKey must not be specified.\nStructure is documented below.\n" }, "enforceOnKeyName": { "type": "string", - "description": "Rate limit key name applicable only for the following key types:\n\n* `HTTP_HEADER` -- Name of the HTTP header whose value is taken as the key value.\n* `HTTP_COOKIE` -- Name of the HTTP cookie whose value is taken as the key value.\n" + "description": "Rate limit key name applicable only for the following key types:\nHTTP_HEADER -- Name of the HTTP header whose value is taken as the key value.\nHTTP_COOKIE -- Name of the HTTP cookie whose value is taken as the key value.\n" }, "exceedAction": { "type": "string", - "description": "When a request is denied, returns the HTTP response code specified.\nValid options are `deny()` where valid values for status are 403, 404, 429, and 502.\n" + "description": "Action to take for requests that are above the configured rate limit threshold, to either deny with a specified HTTP response code, or redirect to a different endpoint.\nValid options are deny(STATUS), where valid values for STATUS are 403, 404, 429, and 502.\n" }, "exceedRedirectOptions": { "$ref": "#/types/gcp:compute/SecurityPolicyRuleRateLimitOptionsExceedRedirectOptions:SecurityPolicyRuleRateLimitOptionsExceedRedirectOptions", - "description": "Parameters defining the redirect action that is used as the exceed action. Cannot be specified if the exceed action is not redirect.\n" + "description": "Parameters defining the redirect action that is used as the exceed action. Cannot be specified if the exceed action is not redirect. This field is only supported in Global Security Policies of type CLOUD_ARMOR.\nStructure is documented below.\n" }, "rateLimitThreshold": { "$ref": "#/types/gcp:compute/SecurityPolicyRuleRateLimitOptionsRateLimitThreshold:SecurityPolicyRuleRateLimitOptionsRateLimitThreshold", - "description": "Threshold at which to begin ratelimiting. Structure is documented below.\n" + "description": "Threshold at which to begin ratelimiting.\nStructure is documented below.\n" } }, - "type": "object", - "required": [ - "conformAction", - "exceedAction", - "rateLimitThreshold" - ] + "type": "object" }, "gcp:compute/SecurityPolicyRuleRateLimitOptionsBanThreshold:SecurityPolicyRuleRateLimitOptionsBanThreshold": { "properties": { @@ -39143,21 +39378,17 @@ "description": "Interval over which the threshold is computed.\n" } }, - "type": "object", - "required": [ - "count", - "intervalSec" - ] + "type": "object" }, "gcp:compute/SecurityPolicyRuleRateLimitOptionsEnforceOnKeyConfig:SecurityPolicyRuleRateLimitOptionsEnforceOnKeyConfig": { "properties": { "enforceOnKeyName": { "type": "string", - "description": "Rate limit key name applicable only for the following key types:\n\n* `HTTP_HEADER` -- Name of the HTTP header whose value is taken as the key value.\n* `HTTP_COOKIE` -- Name of the HTTP cookie whose value is taken as the key value.\n" + "description": "Rate limit key name applicable only for the following key types:\nHTTP_HEADER -- Name of the HTTP header whose value is taken as the key value.\nHTTP_COOKIE -- Name of the HTTP cookie whose value is taken as the key value.\n" }, "enforceOnKeyType": { "type": "string", - "description": "Determines the key to enforce the `rate_limit_threshold` on. If not specified, defaults to `ALL`.\n\n* `ALL`: A single rate limit threshold is applied to all the requests matching this rule.\n* `IP`: The source IP address of the request is the key. Each IP has this limit enforced separately.\n* `HTTP_HEADER`: The value of the HTTP header whose name is configured on `enforce_on_key_name`. The key value is truncated to the first 128 bytes of the header value. If no such header is present in the request, the key type defaults to `ALL`.\n* `XFF_IP`: The first IP address (i.e. the originating client IP address) specified in the list of IPs under X-Forwarded-For HTTP header. If no such header is present or the value is not a valid IP, the key type defaults to `ALL`.\n* `HTTP_COOKIE`: The value of the HTTP cookie whose name is configured under `enforce_on_key_name`. The key value is truncated to the first 128 bytes of the cookie value. If no such cookie is present in the request, the key type defaults to `ALL`.\n* `HTTP_PATH`: The URL path of the HTTP request. The key value is truncated to the first 128 bytes\n* `SNI`: Server name indication in the TLS session of the HTTPS request. The key value is truncated to the first 128 bytes. The key type defaults to `ALL` on a HTTP session.\n* `REGION_CODE`: The country/region from which the request originates.\n" + "description": "Determines the key to enforce the rateLimitThreshold on. Possible values are:\n* ALL: A single rate limit threshold is applied to all the requests matching this rule. This is the default value if \"enforceOnKeyConfigs\" is not configured.\n* IP: The source IP address of the request is the key. Each IP has this limit enforced separately.\n* HTTP_HEADER: The value of the HTTP header whose name is configured under \"enforceOnKeyName\". The key value is truncated to the first 128 bytes of the header value. If no such header is present in the request, the key type defaults to ALL.\n* XFF_IP: The first IP address (i.e. the originating client IP address) specified in the list of IPs under X-Forwarded-For HTTP header. If no such header is present or the value is not a valid IP, the key defaults to the source IP address of the request i.e. key type IP.\n* HTTP_COOKIE: The value of the HTTP cookie whose name is configured under \"enforceOnKeyName\". The key value is truncated to the first 128 bytes of the cookie value. If no such cookie is present in the request, the key type defaults to ALL.\n* HTTP_PATH: The URL path of the HTTP request. The key value is truncated to the first 128 bytes.\n* SNI: Server name indication in the TLS session of the HTTPS request. The key value is truncated to the first 128 bytes. The key type defaults to ALL on a HTTP session.\n* REGION_CODE: The country/region from which the request originates.\n* TLS_JA3_FINGERPRINT: JA3 TLS/SSL fingerprint if the client connects using HTTPS, HTTP/2 or HTTP/3. If not available, the key type defaults to ALL.\n* USER_IP: The IP address of the originating client, which is resolved based on \"userIpRequestHeaders\" configured with the security policy. If there is no \"userIpRequestHeaders\" configuration or an IP address cannot be resolved from it, the key type defaults to IP.\nPossible values are: `ALL`, `IP`, `HTTP_HEADER`, `XFF_IP`, `HTTP_COOKIE`, `HTTP_PATH`, `SNI`, `REGION_CODE`, `TLS_JA3_FINGERPRINT`, `USER_IP`.\n" } }, "type": "object" @@ -39166,17 +39397,14 @@ "properties": { "target": { "type": "string", - "description": "Target for the redirect action. This is required if the type is `EXTERNAL_302` and cannot be specified for `GOOGLE_RECAPTCHA`.\n" + "description": "Target for the redirect action. This is required if the type is EXTERNAL_302 and cannot be specified for GOOGLE_RECAPTCHA.\n" }, "type": { "type": "string", "description": "Type of the redirect action.\n" } }, - "type": "object", - "required": [ - "type" - ] + "type": "object" }, "gcp:compute/SecurityPolicyRuleRateLimitOptionsRateLimitThreshold:SecurityPolicyRuleRateLimitOptionsRateLimitThreshold": { "properties": { @@ -39189,11 +39417,7 @@ "description": "Interval over which the threshold is computed.\n" } }, - "type": "object", - "required": [ - "count", - "intervalSec" - ] + "type": "object" }, "gcp:compute/SecurityPolicyRuleRedirectOptions:SecurityPolicyRuleRedirectOptions": { "properties": { @@ -44017,6 +44241,13 @@ "type": "string", "description": "Describes maintenance behavior for the\ninstance. One of `MIGRATE` or `TERMINATE`, for more info, read\n[here](https://cloud.google.com/compute/docs/instances/setting-instance-scheduling-options)\n" }, + "onInstanceStopActions": { + "type": "array", + "items": { + "$ref": "#/types/gcp:compute/getInstanceSchedulingOnInstanceStopAction:getInstanceSchedulingOnInstanceStopAction" + }, + "description": "Defines the behaviour for instances with the instance_termination_action.\n" + }, "preemptible": { "type": "boolean", "description": "Whether the instance is preemptible.\n" @@ -44036,6 +44267,7 @@ "minNodeCpus", "nodeAffinities", "onHostMaintenance", + "onInstanceStopActions", "preemptible", "provisioningModel" ], @@ -44116,6 +44348,23 @@ } } }, + "gcp:compute/getInstanceSchedulingOnInstanceStopAction:getInstanceSchedulingOnInstanceStopAction": { + "properties": { + "discardLocalSsd": { + "type": "boolean", + "description": "If true, the contents of any attached Local SSD disks will be discarded.\n" + } + }, + "type": "object", + "required": [ + "discardLocalSsd" + ], + "language": { + "nodejs": { + "requiredInputs": [] + } + } + }, "gcp:compute/getInstanceScratchDisk:getInstanceScratchDisk": { "properties": { "deviceName": { @@ -44744,6 +44993,13 @@ "type": "string", "description": "Defines the maintenance behavior for this\ninstance.\n" }, + "onInstanceStopActions": { + "type": "array", + "items": { + "$ref": "#/types/gcp:compute/getInstanceTemplateSchedulingOnInstanceStopAction:getInstanceTemplateSchedulingOnInstanceStopAction" + }, + "description": "Defines the behaviour for instances with the instance_termination_action.\n" + }, "preemptible": { "type": "boolean", "description": "Allows instance to be preempted. This defaults to\nfalse. Read more on this\n[here](https://cloud.google.com/compute/docs/instances/preemptible).\n" @@ -44763,6 +45019,7 @@ "minNodeCpus", "nodeAffinities", "onHostMaintenance", + "onInstanceStopActions", "preemptible", "provisioningModel" ], @@ -44845,6 +45102,23 @@ } } }, + "gcp:compute/getInstanceTemplateSchedulingOnInstanceStopAction:getInstanceTemplateSchedulingOnInstanceStopAction": { + "properties": { + "discardLocalSsd": { + "type": "boolean", + "description": "If true, the contents of any attached Local SSD disks will be discarded.\n" + } + }, + "type": "object", + "required": [ + "discardLocalSsd" + ], + "language": { + "nodejs": { + "requiredInputs": [] + } + } + }, "gcp:compute/getInstanceTemplateServiceAccount:getInstanceTemplateServiceAccount": { "properties": { "email": { @@ -45722,6 +45996,13 @@ "type": "string", "description": "Defines the maintenance behavior for this\ninstance.\n" }, + "onInstanceStopActions": { + "type": "array", + "items": { + "$ref": "#/types/gcp:compute/getRegionInstanceTemplateSchedulingOnInstanceStopAction:getRegionInstanceTemplateSchedulingOnInstanceStopAction" + }, + "description": "Defines the behaviour for instances with the instance_termination_action.\n" + }, "preemptible": { "type": "boolean", "description": "Allows instance to be preempted. This defaults to\nfalse. Read more on this\n[here](https://cloud.google.com/compute/docs/instances/preemptible).\n" @@ -45741,6 +46022,7 @@ "minNodeCpus", "nodeAffinities", "onHostMaintenance", + "onInstanceStopActions", "preemptible", "provisioningModel" ], @@ -45823,6 +46105,23 @@ } } }, + "gcp:compute/getRegionInstanceTemplateSchedulingOnInstanceStopAction:getRegionInstanceTemplateSchedulingOnInstanceStopAction": { + "properties": { + "discardLocalSsd": { + "type": "boolean", + "description": "If true, the contents of any attached Local SSD disks will be discarded.\n" + } + }, + "type": "object", + "required": [ + "discardLocalSsd" + ], + "language": { + "nodejs": { + "requiredInputs": [] + } + } + }, "gcp:compute/getRegionInstanceTemplateServiceAccount:getRegionInstanceTemplateServiceAccount": { "properties": { "email": { @@ -46943,6 +47242,52 @@ } } }, + "gcp:compute/getSubnetworksSubnetwork:getSubnetworksSubnetwork": { + "properties": { + "description": { + "type": "string", + "description": "Description of the subnetwork.\n" + }, + "ipCidrRange": { + "type": "string", + "description": "The IP address range represented as a CIDR block.\n" + }, + "name": { + "type": "string", + "description": "The name of the subnetwork.\n" + }, + "network": { + "type": "string", + "description": "The self link of the parent network.\n" + }, + "networkSelfLink": { + "type": "string" + }, + "privateIpGoogleAccess": { + "type": "boolean", + "description": "Whether the VMs in the subnet can access Google services without assigned external IP addresses.\n" + }, + "selfLink": { + "type": "string", + "description": "The self link of the subnetwork.\n" + } + }, + "type": "object", + "required": [ + "description", + "ipCidrRange", + "name", + "network", + "networkSelfLink", + "privateIpGoogleAccess", + "selfLink" + ], + "language": { + "nodejs": { + "requiredInputs": [] + } + } + }, "gcp:config/batching:batching": { "properties": { "enableBatching": { @@ -49459,6 +49804,10 @@ "description": "Configuration for [Confidential Nodes](https://cloud.google.com/kubernetes-engine/docs/how-to/confidential-gke-nodes) feature. Structure is documented below documented below.\n", "willReplaceOnChanges": true }, + "containerdConfig": { + "$ref": "#/types/gcp:container/ClusterNodeConfigContainerdConfig:ClusterNodeConfigContainerdConfig", + "description": "Parameters to customize containerd runtime. Structure is documented below.\n" + }, "diskSizeGb": { "type": "integer", "description": "Size of the disk attached to each node, specified\nin GB. The smallest allowed disk size is 10GB. Defaults to 100GB.\n" @@ -49713,6 +50062,66 @@ "enabled" ] }, + "gcp:container/ClusterNodeConfigContainerdConfig:ClusterNodeConfigContainerdConfig": { + "properties": { + "privateRegistryAccessConfig": { + "$ref": "#/types/gcp:container/ClusterNodeConfigContainerdConfigPrivateRegistryAccessConfig:ClusterNodeConfigContainerdConfigPrivateRegistryAccessConfig", + "description": "Configuration for private container registries. There are two fields in this config:\n" + } + }, + "type": "object" + }, + "gcp:container/ClusterNodeConfigContainerdConfigPrivateRegistryAccessConfig:ClusterNodeConfigContainerdConfigPrivateRegistryAccessConfig": { + "properties": { + "certificateAuthorityDomainConfigs": { + "type": "array", + "items": { + "$ref": "#/types/gcp:container/ClusterNodeConfigContainerdConfigPrivateRegistryAccessConfigCertificateAuthorityDomainConfig:ClusterNodeConfigContainerdConfigPrivateRegistryAccessConfigCertificateAuthorityDomainConfig" + }, + "description": "List of configuration objects for CA and domains. Each object identifies a certificate and its assigned domains. See [how to configure for private container registries](https://cloud.google.com/kubernetes-engine/docs/how-to/access-private-registries-private-certificates) for more detail. Example: \n" + }, + "enabled": { + "type": "boolean", + "description": "Enables private registry config. If set to false, all other fields in this object must not be set.\n" + } + }, + "type": "object", + "required": [ + "enabled" + ] + }, + "gcp:container/ClusterNodeConfigContainerdConfigPrivateRegistryAccessConfigCertificateAuthorityDomainConfig:ClusterNodeConfigContainerdConfigPrivateRegistryAccessConfigCertificateAuthorityDomainConfig": { + "properties": { + "fqdns": { + "type": "array", + "items": { + "type": "string" + }, + "description": "List of fully-qualified-domain-names. IPv4s and port specification are supported.\n" + }, + "gcpSecretManagerCertificateConfig": { + "$ref": "#/types/gcp:container/ClusterNodeConfigContainerdConfigPrivateRegistryAccessConfigCertificateAuthorityDomainConfigGcpSecretManagerCertificateConfig:ClusterNodeConfigContainerdConfigPrivateRegistryAccessConfigCertificateAuthorityDomainConfigGcpSecretManagerCertificateConfig", + "description": "Parameters for configuring a certificate hosted in GCP SecretManager.\n" + } + }, + "type": "object", + "required": [ + "fqdns", + "gcpSecretManagerCertificateConfig" + ] + }, + "gcp:container/ClusterNodeConfigContainerdConfigPrivateRegistryAccessConfigCertificateAuthorityDomainConfigGcpSecretManagerCertificateConfig:ClusterNodeConfigContainerdConfigPrivateRegistryAccessConfigCertificateAuthorityDomainConfigGcpSecretManagerCertificateConfig": { + "properties": { + "secretUri": { + "type": "string", + "description": "URI for the secret that hosts a certificate. Must be in the format 'projects/PROJECT_NUM/secrets/SECRET_NAME/versions/VERSION_OR_LATEST'.\n" + } + }, + "type": "object", + "required": [ + "secretUri" + ] + }, "gcp:container/ClusterNodeConfigEffectiveTaint:ClusterNodeConfigEffectiveTaint": { "properties": { "effect": { @@ -50265,6 +50674,10 @@ }, "gcp:container/ClusterNodePoolDefaultsNodeConfigDefaults:ClusterNodePoolDefaultsNodeConfigDefaults": { "properties": { + "containerdConfig": { + "$ref": "#/types/gcp:container/ClusterNodePoolDefaultsNodeConfigDefaultsContainerdConfig:ClusterNodePoolDefaultsNodeConfigDefaultsContainerdConfig", + "description": "Parameters for containerd configuration.\n" + }, "gcfsConfig": { "$ref": "#/types/gcp:container/ClusterNodePoolDefaultsNodeConfigDefaultsGcfsConfig:ClusterNodePoolDefaultsNodeConfigDefaultsGcfsConfig", "description": "The default Google Container Filesystem (GCFS) configuration at the cluster level. e.g. enable [image streaming](https://cloud.google.com/kubernetes-engine/docs/how-to/image-streaming) across all the node pools within the cluster. Structure is documented below.\n" @@ -50283,6 +50696,66 @@ } } }, + "gcp:container/ClusterNodePoolDefaultsNodeConfigDefaultsContainerdConfig:ClusterNodePoolDefaultsNodeConfigDefaultsContainerdConfig": { + "properties": { + "privateRegistryAccessConfig": { + "$ref": "#/types/gcp:container/ClusterNodePoolDefaultsNodeConfigDefaultsContainerdConfigPrivateRegistryAccessConfig:ClusterNodePoolDefaultsNodeConfigDefaultsContainerdConfigPrivateRegistryAccessConfig", + "description": "Configuration for private container registries. There are two fields in this config:\n" + } + }, + "type": "object" + }, + "gcp:container/ClusterNodePoolDefaultsNodeConfigDefaultsContainerdConfigPrivateRegistryAccessConfig:ClusterNodePoolDefaultsNodeConfigDefaultsContainerdConfigPrivateRegistryAccessConfig": { + "properties": { + "certificateAuthorityDomainConfigs": { + "type": "array", + "items": { + "$ref": "#/types/gcp:container/ClusterNodePoolDefaultsNodeConfigDefaultsContainerdConfigPrivateRegistryAccessConfigCertificateAuthorityDomainConfig:ClusterNodePoolDefaultsNodeConfigDefaultsContainerdConfigPrivateRegistryAccessConfigCertificateAuthorityDomainConfig" + }, + "description": "List of configuration objects for CA and domains. Each object identifies a certificate and its assigned domains. See [how to configure for private container registries](https://cloud.google.com/kubernetes-engine/docs/how-to/access-private-registries-private-certificates) for more detail. Example: \n" + }, + "enabled": { + "type": "boolean", + "description": "Enables private registry config. If set to false, all other fields in this object must not be set.\n" + } + }, + "type": "object", + "required": [ + "enabled" + ] + }, + "gcp:container/ClusterNodePoolDefaultsNodeConfigDefaultsContainerdConfigPrivateRegistryAccessConfigCertificateAuthorityDomainConfig:ClusterNodePoolDefaultsNodeConfigDefaultsContainerdConfigPrivateRegistryAccessConfigCertificateAuthorityDomainConfig": { + "properties": { + "fqdns": { + "type": "array", + "items": { + "type": "string" + }, + "description": "List of fully-qualified-domain-names. IPv4s and port specification are supported.\n" + }, + "gcpSecretManagerCertificateConfig": { + "$ref": "#/types/gcp:container/ClusterNodePoolDefaultsNodeConfigDefaultsContainerdConfigPrivateRegistryAccessConfigCertificateAuthorityDomainConfigGcpSecretManagerCertificateConfig:ClusterNodePoolDefaultsNodeConfigDefaultsContainerdConfigPrivateRegistryAccessConfigCertificateAuthorityDomainConfigGcpSecretManagerCertificateConfig", + "description": "Parameters for configuring a certificate hosted in GCP SecretManager.\n" + } + }, + "type": "object", + "required": [ + "fqdns", + "gcpSecretManagerCertificateConfig" + ] + }, + "gcp:container/ClusterNodePoolDefaultsNodeConfigDefaultsContainerdConfigPrivateRegistryAccessConfigCertificateAuthorityDomainConfigGcpSecretManagerCertificateConfig:ClusterNodePoolDefaultsNodeConfigDefaultsContainerdConfigPrivateRegistryAccessConfigCertificateAuthorityDomainConfigGcpSecretManagerCertificateConfig": { + "properties": { + "secretUri": { + "type": "string", + "description": "URI for the secret that hosts a certificate. Must be in the format 'projects/PROJECT_NUM/secrets/SECRET_NAME/versions/VERSION_OR_LATEST'.\n" + } + }, + "type": "object", + "required": [ + "secretUri" + ] + }, "gcp:container/ClusterNodePoolDefaultsNodeConfigDefaultsGcfsConfig:ClusterNodePoolDefaultsNodeConfigDefaultsGcfsConfig": { "properties": { "enabled": { @@ -50450,6 +50923,10 @@ "description": "Configuration for [Confidential Nodes](https://cloud.google.com/kubernetes-engine/docs/how-to/confidential-gke-nodes) feature. Structure is documented below documented below.\n", "willReplaceOnChanges": true }, + "containerdConfig": { + "$ref": "#/types/gcp:container/ClusterNodePoolNodeConfigContainerdConfig:ClusterNodePoolNodeConfigContainerdConfig", + "description": "Parameters to customize containerd runtime. Structure is documented below.\n" + }, "diskSizeGb": { "type": "integer", "description": "Size of the disk attached to each node, specified\nin GB. The smallest allowed disk size is 10GB. Defaults to 100GB.\n" @@ -50701,6 +51178,66 @@ "enabled" ] }, + "gcp:container/ClusterNodePoolNodeConfigContainerdConfig:ClusterNodePoolNodeConfigContainerdConfig": { + "properties": { + "privateRegistryAccessConfig": { + "$ref": "#/types/gcp:container/ClusterNodePoolNodeConfigContainerdConfigPrivateRegistryAccessConfig:ClusterNodePoolNodeConfigContainerdConfigPrivateRegistryAccessConfig", + "description": "Configuration for private container registries. There are two fields in this config:\n" + } + }, + "type": "object" + }, + "gcp:container/ClusterNodePoolNodeConfigContainerdConfigPrivateRegistryAccessConfig:ClusterNodePoolNodeConfigContainerdConfigPrivateRegistryAccessConfig": { + "properties": { + "certificateAuthorityDomainConfigs": { + "type": "array", + "items": { + "$ref": "#/types/gcp:container/ClusterNodePoolNodeConfigContainerdConfigPrivateRegistryAccessConfigCertificateAuthorityDomainConfig:ClusterNodePoolNodeConfigContainerdConfigPrivateRegistryAccessConfigCertificateAuthorityDomainConfig" + }, + "description": "List of configuration objects for CA and domains. Each object identifies a certificate and its assigned domains. See [how to configure for private container registries](https://cloud.google.com/kubernetes-engine/docs/how-to/access-private-registries-private-certificates) for more detail. Example: \n" + }, + "enabled": { + "type": "boolean", + "description": "Enables private registry config. If set to false, all other fields in this object must not be set.\n" + } + }, + "type": "object", + "required": [ + "enabled" + ] + }, + "gcp:container/ClusterNodePoolNodeConfigContainerdConfigPrivateRegistryAccessConfigCertificateAuthorityDomainConfig:ClusterNodePoolNodeConfigContainerdConfigPrivateRegistryAccessConfigCertificateAuthorityDomainConfig": { + "properties": { + "fqdns": { + "type": "array", + "items": { + "type": "string" + }, + "description": "List of fully-qualified-domain-names. IPv4s and port specification are supported.\n" + }, + "gcpSecretManagerCertificateConfig": { + "$ref": "#/types/gcp:container/ClusterNodePoolNodeConfigContainerdConfigPrivateRegistryAccessConfigCertificateAuthorityDomainConfigGcpSecretManagerCertificateConfig:ClusterNodePoolNodeConfigContainerdConfigPrivateRegistryAccessConfigCertificateAuthorityDomainConfigGcpSecretManagerCertificateConfig", + "description": "Parameters for configuring a certificate hosted in GCP SecretManager.\n" + } + }, + "type": "object", + "required": [ + "fqdns", + "gcpSecretManagerCertificateConfig" + ] + }, + "gcp:container/ClusterNodePoolNodeConfigContainerdConfigPrivateRegistryAccessConfigCertificateAuthorityDomainConfigGcpSecretManagerCertificateConfig:ClusterNodePoolNodeConfigContainerdConfigPrivateRegistryAccessConfigCertificateAuthorityDomainConfigGcpSecretManagerCertificateConfig": { + "properties": { + "secretUri": { + "type": "string", + "description": "URI for the secret that hosts a certificate. Must be in the format 'projects/PROJECT_NUM/secrets/SECRET_NAME/versions/VERSION_OR_LATEST'.\n" + } + }, + "type": "object", + "required": [ + "secretUri" + ] + }, "gcp:container/ClusterNodePoolNodeConfigEffectiveTaint:ClusterNodePoolNodeConfigEffectiveTaint": { "properties": { "effect": { @@ -51674,6 +52211,10 @@ "description": "Configuration for Confidential Nodes feature. Structure is documented below.\n", "willReplaceOnChanges": true }, + "containerdConfig": { + "$ref": "#/types/gcp:container/NodePoolNodeConfigContainerdConfig:NodePoolNodeConfigContainerdConfig", + "description": "Parameters for containerd configuration.\n" + }, "diskSizeGb": { "type": "integer", "description": "Size of the disk attached to each node, specified in GB. The smallest allowed disk size is 10GB.\n" @@ -51925,6 +52466,66 @@ "enabled" ] }, + "gcp:container/NodePoolNodeConfigContainerdConfig:NodePoolNodeConfigContainerdConfig": { + "properties": { + "privateRegistryAccessConfig": { + "$ref": "#/types/gcp:container/NodePoolNodeConfigContainerdConfigPrivateRegistryAccessConfig:NodePoolNodeConfigContainerdConfigPrivateRegistryAccessConfig", + "description": "Parameters for private container registries configuration.\n" + } + }, + "type": "object" + }, + "gcp:container/NodePoolNodeConfigContainerdConfigPrivateRegistryAccessConfig:NodePoolNodeConfigContainerdConfigPrivateRegistryAccessConfig": { + "properties": { + "certificateAuthorityDomainConfigs": { + "type": "array", + "items": { + "$ref": "#/types/gcp:container/NodePoolNodeConfigContainerdConfigPrivateRegistryAccessConfigCertificateAuthorityDomainConfig:NodePoolNodeConfigContainerdConfigPrivateRegistryAccessConfigCertificateAuthorityDomainConfig" + }, + "description": "Parameters for configuring CA certificate and domains.\n" + }, + "enabled": { + "type": "boolean", + "description": "Whether or not private registries are configured.\n" + } + }, + "type": "object", + "required": [ + "enabled" + ] + }, + "gcp:container/NodePoolNodeConfigContainerdConfigPrivateRegistryAccessConfigCertificateAuthorityDomainConfig:NodePoolNodeConfigContainerdConfigPrivateRegistryAccessConfigCertificateAuthorityDomainConfig": { + "properties": { + "fqdns": { + "type": "array", + "items": { + "type": "string" + }, + "description": "List of fully-qualified-domain-names. IPv4s and port specification are supported.\n" + }, + "gcpSecretManagerCertificateConfig": { + "$ref": "#/types/gcp:container/NodePoolNodeConfigContainerdConfigPrivateRegistryAccessConfigCertificateAuthorityDomainConfigGcpSecretManagerCertificateConfig:NodePoolNodeConfigContainerdConfigPrivateRegistryAccessConfigCertificateAuthorityDomainConfigGcpSecretManagerCertificateConfig", + "description": "Parameters for configuring a certificate hosted in GCP SecretManager.\n" + } + }, + "type": "object", + "required": [ + "fqdns", + "gcpSecretManagerCertificateConfig" + ] + }, + "gcp:container/NodePoolNodeConfigContainerdConfigPrivateRegistryAccessConfigCertificateAuthorityDomainConfigGcpSecretManagerCertificateConfig:NodePoolNodeConfigContainerdConfigPrivateRegistryAccessConfigCertificateAuthorityDomainConfigGcpSecretManagerCertificateConfig": { + "properties": { + "secretUri": { + "type": "string", + "description": "URI for the secret that hosts a certificate. Must be in the format 'projects/PROJECT_NUM/secrets/SECRET_NAME/versions/VERSION_OR_LATEST'.\n" + } + }, + "type": "object", + "required": [ + "secretUri" + ] + }, "gcp:container/NodePoolNodeConfigEffectiveTaint:NodePoolNodeConfigEffectiveTaint": { "properties": { "effect": { @@ -53779,6 +54380,13 @@ }, "description": "Configuration for the confidential nodes feature, which makes nodes run on confidential VMs. Warning: This configuration can't be changed (or added/removed) after pool creation without deleting and recreating the entire pool.\n" }, + "containerdConfigs": { + "type": "array", + "items": { + "$ref": "#/types/gcp:container/getClusterNodeConfigContainerdConfig:getClusterNodeConfigContainerdConfig" + }, + "description": "Parameters for containerd configuration.\n" + }, "diskSizeGb": { "type": "integer", "description": "Size of the disk attached to each node, specified in GB. The smallest allowed disk size is 10GB.\n" @@ -54001,6 +54609,7 @@ "advancedMachineFeatures", "bootDiskKmsKey", "confidentialNodes", + "containerdConfigs", "diskSizeGb", "diskType", "effectiveTaints", @@ -54083,6 +54692,96 @@ } } }, + "gcp:container/getClusterNodeConfigContainerdConfig:getClusterNodeConfigContainerdConfig": { + "properties": { + "privateRegistryAccessConfigs": { + "type": "array", + "items": { + "$ref": "#/types/gcp:container/getClusterNodeConfigContainerdConfigPrivateRegistryAccessConfig:getClusterNodeConfigContainerdConfigPrivateRegistryAccessConfig" + }, + "description": "Parameters for private container registries configuration.\n" + } + }, + "type": "object", + "required": [ + "privateRegistryAccessConfigs" + ], + "language": { + "nodejs": { + "requiredInputs": [] + } + } + }, + "gcp:container/getClusterNodeConfigContainerdConfigPrivateRegistryAccessConfig:getClusterNodeConfigContainerdConfigPrivateRegistryAccessConfig": { + "properties": { + "certificateAuthorityDomainConfigs": { + "type": "array", + "items": { + "$ref": "#/types/gcp:container/getClusterNodeConfigContainerdConfigPrivateRegistryAccessConfigCertificateAuthorityDomainConfig:getClusterNodeConfigContainerdConfigPrivateRegistryAccessConfigCertificateAuthorityDomainConfig" + }, + "description": "Parameters for configuring CA certificate and domains.\n" + }, + "enabled": { + "type": "boolean", + "description": "Whether or not private registries are configured.\n" + } + }, + "type": "object", + "required": [ + "certificateAuthorityDomainConfigs", + "enabled" + ], + "language": { + "nodejs": { + "requiredInputs": [] + } + } + }, + "gcp:container/getClusterNodeConfigContainerdConfigPrivateRegistryAccessConfigCertificateAuthorityDomainConfig:getClusterNodeConfigContainerdConfigPrivateRegistryAccessConfigCertificateAuthorityDomainConfig": { + "properties": { + "fqdns": { + "type": "array", + "items": { + "type": "string" + }, + "description": "List of fully-qualified-domain-names. IPv4s and port specification are supported.\n" + }, + "gcpSecretManagerCertificateConfigs": { + "type": "array", + "items": { + "$ref": "#/types/gcp:container/getClusterNodeConfigContainerdConfigPrivateRegistryAccessConfigCertificateAuthorityDomainConfigGcpSecretManagerCertificateConfig:getClusterNodeConfigContainerdConfigPrivateRegistryAccessConfigCertificateAuthorityDomainConfigGcpSecretManagerCertificateConfig" + }, + "description": "Parameters for configuring a certificate hosted in GCP SecretManager.\n" + } + }, + "type": "object", + "required": [ + "fqdns", + "gcpSecretManagerCertificateConfigs" + ], + "language": { + "nodejs": { + "requiredInputs": [] + } + } + }, + "gcp:container/getClusterNodeConfigContainerdConfigPrivateRegistryAccessConfigCertificateAuthorityDomainConfigGcpSecretManagerCertificateConfig:getClusterNodeConfigContainerdConfigPrivateRegistryAccessConfigCertificateAuthorityDomainConfigGcpSecretManagerCertificateConfig": { + "properties": { + "secretUri": { + "type": "string", + "description": "URI for the secret that hosts a certificate. Must be in the format 'projects/PROJECT_NUM/secrets/SECRET_NAME/versions/VERSION_OR_LATEST'.\n" + } + }, + "type": "object", + "required": [ + "secretUri" + ], + "language": { + "nodejs": { + "requiredInputs": [] + } + } + }, "gcp:container/getClusterNodeConfigEffectiveTaint:getClusterNodeConfigEffectiveTaint": { "properties": { "effect": { @@ -54781,6 +55480,13 @@ }, "gcp:container/getClusterNodePoolDefaultNodeConfigDefault:getClusterNodePoolDefaultNodeConfigDefault": { "properties": { + "containerdConfigs": { + "type": "array", + "items": { + "$ref": "#/types/gcp:container/getClusterNodePoolDefaultNodeConfigDefaultContainerdConfig:getClusterNodePoolDefaultNodeConfigDefaultContainerdConfig" + }, + "description": "Parameters for containerd configuration.\n" + }, "gcfsConfigs": { "type": "array", "items": { @@ -54795,6 +55501,7 @@ }, "type": "object", "required": [ + "containerdConfigs", "gcfsConfigs", "loggingVariant" ], @@ -54804,6 +55511,96 @@ } } }, + "gcp:container/getClusterNodePoolDefaultNodeConfigDefaultContainerdConfig:getClusterNodePoolDefaultNodeConfigDefaultContainerdConfig": { + "properties": { + "privateRegistryAccessConfigs": { + "type": "array", + "items": { + "$ref": "#/types/gcp:container/getClusterNodePoolDefaultNodeConfigDefaultContainerdConfigPrivateRegistryAccessConfig:getClusterNodePoolDefaultNodeConfigDefaultContainerdConfigPrivateRegistryAccessConfig" + }, + "description": "Parameters for private container registries configuration.\n" + } + }, + "type": "object", + "required": [ + "privateRegistryAccessConfigs" + ], + "language": { + "nodejs": { + "requiredInputs": [] + } + } + }, + "gcp:container/getClusterNodePoolDefaultNodeConfigDefaultContainerdConfigPrivateRegistryAccessConfig:getClusterNodePoolDefaultNodeConfigDefaultContainerdConfigPrivateRegistryAccessConfig": { + "properties": { + "certificateAuthorityDomainConfigs": { + "type": "array", + "items": { + "$ref": "#/types/gcp:container/getClusterNodePoolDefaultNodeConfigDefaultContainerdConfigPrivateRegistryAccessConfigCertificateAuthorityDomainConfig:getClusterNodePoolDefaultNodeConfigDefaultContainerdConfigPrivateRegistryAccessConfigCertificateAuthorityDomainConfig" + }, + "description": "Parameters for configuring CA certificate and domains.\n" + }, + "enabled": { + "type": "boolean", + "description": "Whether or not private registries are configured.\n" + } + }, + "type": "object", + "required": [ + "certificateAuthorityDomainConfigs", + "enabled" + ], + "language": { + "nodejs": { + "requiredInputs": [] + } + } + }, + "gcp:container/getClusterNodePoolDefaultNodeConfigDefaultContainerdConfigPrivateRegistryAccessConfigCertificateAuthorityDomainConfig:getClusterNodePoolDefaultNodeConfigDefaultContainerdConfigPrivateRegistryAccessConfigCertificateAuthorityDomainConfig": { + "properties": { + "fqdns": { + "type": "array", + "items": { + "type": "string" + }, + "description": "List of fully-qualified-domain-names. IPv4s and port specification are supported.\n" + }, + "gcpSecretManagerCertificateConfigs": { + "type": "array", + "items": { + "$ref": "#/types/gcp:container/getClusterNodePoolDefaultNodeConfigDefaultContainerdConfigPrivateRegistryAccessConfigCertificateAuthorityDomainConfigGcpSecretManagerCertificateConfig:getClusterNodePoolDefaultNodeConfigDefaultContainerdConfigPrivateRegistryAccessConfigCertificateAuthorityDomainConfigGcpSecretManagerCertificateConfig" + }, + "description": "Parameters for configuring a certificate hosted in GCP SecretManager.\n" + } + }, + "type": "object", + "required": [ + "fqdns", + "gcpSecretManagerCertificateConfigs" + ], + "language": { + "nodejs": { + "requiredInputs": [] + } + } + }, + "gcp:container/getClusterNodePoolDefaultNodeConfigDefaultContainerdConfigPrivateRegistryAccessConfigCertificateAuthorityDomainConfigGcpSecretManagerCertificateConfig:getClusterNodePoolDefaultNodeConfigDefaultContainerdConfigPrivateRegistryAccessConfigCertificateAuthorityDomainConfigGcpSecretManagerCertificateConfig": { + "properties": { + "secretUri": { + "type": "string", + "description": "URI for the secret that hosts a certificate. Must be in the format 'projects/PROJECT_NUM/secrets/SECRET_NAME/versions/VERSION_OR_LATEST'.\n" + } + }, + "type": "object", + "required": [ + "secretUri" + ], + "language": { + "nodejs": { + "requiredInputs": [] + } + } + }, "gcp:container/getClusterNodePoolDefaultNodeConfigDefaultGcfsConfig:getClusterNodePoolDefaultNodeConfigDefaultGcfsConfig": { "properties": { "enabled": { @@ -55009,6 +55806,13 @@ }, "description": "Configuration for the confidential nodes feature, which makes nodes run on confidential VMs. Warning: This configuration can't be changed (or added/removed) after pool creation without deleting and recreating the entire pool.\n" }, + "containerdConfigs": { + "type": "array", + "items": { + "$ref": "#/types/gcp:container/getClusterNodePoolNodeConfigContainerdConfig:getClusterNodePoolNodeConfigContainerdConfig" + }, + "description": "Parameters for containerd configuration.\n" + }, "diskSizeGb": { "type": "integer", "description": "Size of the disk attached to each node, specified in GB. The smallest allowed disk size is 10GB.\n" @@ -55231,6 +56035,7 @@ "advancedMachineFeatures", "bootDiskKmsKey", "confidentialNodes", + "containerdConfigs", "diskSizeGb", "diskType", "effectiveTaints", @@ -55313,6 +56118,96 @@ } } }, + "gcp:container/getClusterNodePoolNodeConfigContainerdConfig:getClusterNodePoolNodeConfigContainerdConfig": { + "properties": { + "privateRegistryAccessConfigs": { + "type": "array", + "items": { + "$ref": "#/types/gcp:container/getClusterNodePoolNodeConfigContainerdConfigPrivateRegistryAccessConfig:getClusterNodePoolNodeConfigContainerdConfigPrivateRegistryAccessConfig" + }, + "description": "Parameters for private container registries configuration.\n" + } + }, + "type": "object", + "required": [ + "privateRegistryAccessConfigs" + ], + "language": { + "nodejs": { + "requiredInputs": [] + } + } + }, + "gcp:container/getClusterNodePoolNodeConfigContainerdConfigPrivateRegistryAccessConfig:getClusterNodePoolNodeConfigContainerdConfigPrivateRegistryAccessConfig": { + "properties": { + "certificateAuthorityDomainConfigs": { + "type": "array", + "items": { + "$ref": "#/types/gcp:container/getClusterNodePoolNodeConfigContainerdConfigPrivateRegistryAccessConfigCertificateAuthorityDomainConfig:getClusterNodePoolNodeConfigContainerdConfigPrivateRegistryAccessConfigCertificateAuthorityDomainConfig" + }, + "description": "Parameters for configuring CA certificate and domains.\n" + }, + "enabled": { + "type": "boolean", + "description": "Whether or not private registries are configured.\n" + } + }, + "type": "object", + "required": [ + "certificateAuthorityDomainConfigs", + "enabled" + ], + "language": { + "nodejs": { + "requiredInputs": [] + } + } + }, + "gcp:container/getClusterNodePoolNodeConfigContainerdConfigPrivateRegistryAccessConfigCertificateAuthorityDomainConfig:getClusterNodePoolNodeConfigContainerdConfigPrivateRegistryAccessConfigCertificateAuthorityDomainConfig": { + "properties": { + "fqdns": { + "type": "array", + "items": { + "type": "string" + }, + "description": "List of fully-qualified-domain-names. IPv4s and port specification are supported.\n" + }, + "gcpSecretManagerCertificateConfigs": { + "type": "array", + "items": { + "$ref": "#/types/gcp:container/getClusterNodePoolNodeConfigContainerdConfigPrivateRegistryAccessConfigCertificateAuthorityDomainConfigGcpSecretManagerCertificateConfig:getClusterNodePoolNodeConfigContainerdConfigPrivateRegistryAccessConfigCertificateAuthorityDomainConfigGcpSecretManagerCertificateConfig" + }, + "description": "Parameters for configuring a certificate hosted in GCP SecretManager.\n" + } + }, + "type": "object", + "required": [ + "fqdns", + "gcpSecretManagerCertificateConfigs" + ], + "language": { + "nodejs": { + "requiredInputs": [] + } + } + }, + "gcp:container/getClusterNodePoolNodeConfigContainerdConfigPrivateRegistryAccessConfigCertificateAuthorityDomainConfigGcpSecretManagerCertificateConfig:getClusterNodePoolNodeConfigContainerdConfigPrivateRegistryAccessConfigCertificateAuthorityDomainConfigGcpSecretManagerCertificateConfig": { + "properties": { + "secretUri": { + "type": "string", + "description": "URI for the secret that hosts a certificate. Must be in the format 'projects/PROJECT_NUM/secrets/SECRET_NAME/versions/VERSION_OR_LATEST'.\n" + } + }, + "type": "object", + "required": [ + "secretUri" + ], + "language": { + "nodejs": { + "requiredInputs": [] + } + } + }, "gcp:container/getClusterNodePoolNodeConfigEffectiveTaint:getClusterNodePoolNodeConfigEffectiveTaint": { "properties": { "effect": { @@ -64205,6 +65100,48 @@ "pattern" ] }, + "gcp:dataplex/AspectTypeIamBindingCondition:AspectTypeIamBindingCondition": { + "properties": { + "description": { + "type": "string", + "willReplaceOnChanges": true + }, + "expression": { + "type": "string", + "willReplaceOnChanges": true + }, + "title": { + "type": "string", + "willReplaceOnChanges": true + } + }, + "type": "object", + "required": [ + "expression", + "title" + ] + }, + "gcp:dataplex/AspectTypeIamMemberCondition:AspectTypeIamMemberCondition": { + "properties": { + "description": { + "type": "string", + "willReplaceOnChanges": true + }, + "expression": { + "type": "string", + "willReplaceOnChanges": true + }, + "title": { + "type": "string", + "willReplaceOnChanges": true + } + }, + "type": "object", + "required": [ + "expression", + "title" + ] + }, "gcp:dataplex/AssetDiscoverySpec:AssetDiscoverySpec": { "properties": { "csvOptions": { @@ -64887,6 +65824,48 @@ "title" ] }, + "gcp:dataplex/EntryGroupIamBindingCondition:EntryGroupIamBindingCondition": { + "properties": { + "description": { + "type": "string", + "willReplaceOnChanges": true + }, + "expression": { + "type": "string", + "willReplaceOnChanges": true + }, + "title": { + "type": "string", + "willReplaceOnChanges": true + } + }, + "type": "object", + "required": [ + "expression", + "title" + ] + }, + "gcp:dataplex/EntryGroupIamMemberCondition:EntryGroupIamMemberCondition": { + "properties": { + "description": { + "type": "string", + "willReplaceOnChanges": true + }, + "expression": { + "type": "string", + "willReplaceOnChanges": true + }, + "title": { + "type": "string", + "willReplaceOnChanges": true + } + }, + "type": "object", + "required": [ + "expression", + "title" + ] + }, "gcp:dataplex/LakeAssetStatus:LakeAssetStatus": { "properties": { "activeAssets": { @@ -90377,6 +91356,79 @@ }, "type": "object" }, + "gcp:networkservices/LbRouteExtensionExtensionChain:LbRouteExtensionExtensionChain": { + "properties": { + "extensions": { + "type": "array", + "items": { + "$ref": "#/types/gcp:networkservices/LbRouteExtensionExtensionChainExtension:LbRouteExtensionExtensionChainExtension" + }, + "description": "A set of extensions to execute for the matching request.\nAt least one extension is required. Up to 3 extensions can be defined for each extension chain for\nLbTrafficExtension resource. LbRouteExtension chains are limited to 1 extension per extension chain.\nStructure is documented below.\n" + }, + "matchCondition": { + "$ref": "#/types/gcp:networkservices/LbRouteExtensionExtensionChainMatchCondition:LbRouteExtensionExtensionChainMatchCondition", + "description": "Conditions under which this chain is invoked for a request.\nStructure is documented below.\n" + }, + "name": { + "type": "string", + "description": "The name for this extension chain. The name is logged as part of the HTTP request logs.\nThe name must conform with RFC-1034, is restricted to lower-cased letters, numbers and hyphens,\nand can have a maximum length of 63 characters. Additionally, the first character must be a letter\nand the last character must be a letter or a number.\n" + } + }, + "type": "object", + "required": [ + "extensions", + "matchCondition", + "name" + ] + }, + "gcp:networkservices/LbRouteExtensionExtensionChainExtension:LbRouteExtensionExtensionChainExtension": { + "properties": { + "authority": { + "type": "string", + "description": "The :authority header in the gRPC request sent from Envoy to the extension service.\n" + }, + "failOpen": { + "type": "boolean", + "description": "Determines how the proxy behaves if the call to the extension fails or times out.\nWhen set to TRUE, request or response processing continues without error.\nAny subsequent extensions in the extension chain are also executed.\nWhen set to FALSE: * If response headers have not been delivered to the downstream client,\na generic 500 error is returned to the client. The error response can be tailored by\nconfiguring a custom error response in the load balancer.\n" + }, + "forwardHeaders": { + "type": "array", + "items": { + "type": "string" + }, + "description": "List of the HTTP headers to forward to the extension (from the client or backend).\nIf omitted, all headers are sent. Each element is a string indicating the header name.\n\n- - -\n" + }, + "name": { + "type": "string", + "description": "The name for this extension. The name is logged as part of the HTTP request logs.\nThe name must conform with RFC-1034, is restricted to lower-cased letters, numbers and hyphens,\nand can have a maximum length of 63 characters. Additionally, the first character must be a letter\nand the last a letter or a number.\n" + }, + "service": { + "type": "string", + "description": "The reference to the service that runs the extension. Must be a reference to a backend service\n" + }, + "timeout": { + "type": "string", + "description": "Specifies the timeout for each individual message on the stream. The timeout must be between 10-1000 milliseconds.\nA duration in seconds with up to nine fractional digits, ending with 's'. Example: \"3.5s\".\n" + } + }, + "type": "object", + "required": [ + "name", + "service" + ] + }, + "gcp:networkservices/LbRouteExtensionExtensionChainMatchCondition:LbRouteExtensionExtensionChainMatchCondition": { + "properties": { + "celExpression": { + "type": "string", + "description": "A Common Expression Language (CEL) expression that is used to match requests for which the extension chain is executed.\n" + } + }, + "type": "object", + "required": [ + "celExpression" + ] + }, "gcp:networkservices/LbTrafficExtensionExtensionChain:LbTrafficExtensionExtensionChain": { "properties": { "extensions": { @@ -90441,10 +91493,8 @@ }, "type": "object", "required": [ - "authority", "name", - "service", - "timeout" + "service" ] }, "gcp:networkservices/LbTrafficExtensionExtensionChainMatchCondition:LbTrafficExtensionExtensionChainMatchCondition": { @@ -94879,6 +95929,10 @@ "type": "string", "description": "User-provided name for the Cloud Storage bucket. The bucket must be created by the user. The bucket name must be without any prefix like \"gs://\".\n" }, + "filenameDatetimeFormat": { + "type": "string", + "description": "User-provided format string specifying how to represent datetimes in Cloud Storage filenames.\n" + }, "filenamePrefix": { "type": "string", "description": "User-provided prefix for Cloud Storage filename.\n" @@ -95224,6 +96278,10 @@ "type": "string", "description": "User-provided name for the Cloud Storage bucket. The bucket must be created by the user. The bucket name must be without any prefix like \"gs://\".\n" }, + "filenameDatetimeFormat": { + "type": "string", + "description": "User-provided format string specifying how to represent datetimes in Cloud Storage filenames.\n" + }, "filenamePrefix": { "type": "string", "description": "User-provided prefix for Cloud Storage filename.\n" @@ -95249,6 +96307,7 @@ "required": [ "avroConfigs", "bucket", + "filenameDatetimeFormat", "filenamePrefix", "filenameSuffix", "maxBytes", @@ -102583,7 +103642,7 @@ }, "type": { "type": "string", - "description": "Type of TPU.\nPossible values are: `V2`, `V3`, `V4`.\n", + "description": "Type of TPU.\nPossible values are: `V2`, `V3`, `V4`, `V5P`.\n", "willReplaceOnChanges": true } }, @@ -113944,7 +115003,8 @@ "domainName", "name", "project", - "resourceRecords" + "resourceRecords", + "sslSettings" ], "inputProperties": { "domainName": { @@ -120954,7 +122014,7 @@ "properties": { "allowResourceTagsOnDeletion": { "type": "boolean", - "description": "Whether or not to allow table deletion when there are still resource tags attached.\n" + "description": "This field is in beta. If set to true, it allows table deletion when there\nare still resource tags attached. The default value is false.\n" }, "clusterings": { "type": "array", @@ -121067,7 +122127,7 @@ "additionalProperties": { "type": "string" }, - "description": "The tags attached to this table. Tag keys are globally unique. Tag key is expected to be in the namespaced format, for\nexample \"123456789012/environment\" where 123456789012 is the ID of the parent organization or project resource for this\ntag key. Tag value is expected to be the short name, for example \"Production\".\n" + "description": "This field is in beta. The tags attached to this table. Tag keys are\nglobally unique. Tag key is expected to be in the namespaced format, for\nexample \"123456789012/environment\" where 123456789012 is the ID of the\nparent organization or project resource for this tag key. Tag value is\nexpected to be the short name, for example \"Production\".\n" }, "schema": { "type": "string", @@ -121087,7 +122147,7 @@ }, "tableReplicationInfo": { "$ref": "#/types/gcp:bigquery/TableTableReplicationInfo:TableTableReplicationInfo", - "description": "Replication info of a table created using \"AS REPLICA\" DDL like: \"CREATE MATERIALIZED VIEW mv1 AS REPLICA OF src_mv\".\n" + "description": "Replication info of a table created\nusing \"AS REPLICA\" DDL like:\n`CREATE MATERIALIZED VIEW mv1 AS REPLICA OF src_mv`.\nStructure is documented below.\n" }, "timePartitioning": { "$ref": "#/types/gcp:bigquery/TableTimePartitioning:TableTimePartitioning", @@ -121123,7 +122183,7 @@ "inputProperties": { "allowResourceTagsOnDeletion": { "type": "boolean", - "description": "Whether or not to allow table deletion when there are still resource tags attached.\n" + "description": "This field is in beta. If set to true, it allows table deletion when there\nare still resource tags attached. The default value is false.\n" }, "clusterings": { "type": "array", @@ -121195,7 +122255,7 @@ "additionalProperties": { "type": "string" }, - "description": "The tags attached to this table. Tag keys are globally unique. Tag key is expected to be in the namespaced format, for\nexample \"123456789012/environment\" where 123456789012 is the ID of the parent organization or project resource for this\ntag key. Tag value is expected to be the short name, for example \"Production\".\n" + "description": "This field is in beta. The tags attached to this table. Tag keys are\nglobally unique. Tag key is expected to be in the namespaced format, for\nexample \"123456789012/environment\" where 123456789012 is the ID of the\nparent organization or project resource for this tag key. Tag value is\nexpected to be the short name, for example \"Production\".\n" }, "schema": { "type": "string", @@ -121212,7 +122272,7 @@ }, "tableReplicationInfo": { "$ref": "#/types/gcp:bigquery/TableTableReplicationInfo:TableTableReplicationInfo", - "description": "Replication info of a table created using \"AS REPLICA\" DDL like: \"CREATE MATERIALIZED VIEW mv1 AS REPLICA OF src_mv\".\n", + "description": "Replication info of a table created\nusing \"AS REPLICA\" DDL like:\n`CREATE MATERIALIZED VIEW mv1 AS REPLICA OF src_mv`.\nStructure is documented below.\n", "willReplaceOnChanges": true }, "timePartitioning": { @@ -121233,7 +122293,7 @@ "properties": { "allowResourceTagsOnDeletion": { "type": "boolean", - "description": "Whether or not to allow table deletion when there are still resource tags attached.\n" + "description": "This field is in beta. If set to true, it allows table deletion when there\nare still resource tags attached. The default value is false.\n" }, "clusterings": { "type": "array", @@ -121349,7 +122409,7 @@ "additionalProperties": { "type": "string" }, - "description": "The tags attached to this table. Tag keys are globally unique. Tag key is expected to be in the namespaced format, for\nexample \"123456789012/environment\" where 123456789012 is the ID of the parent organization or project resource for this\ntag key. Tag value is expected to be the short name, for example \"Production\".\n" + "description": "This field is in beta. The tags attached to this table. Tag keys are\nglobally unique. Tag key is expected to be in the namespaced format, for\nexample \"123456789012/environment\" where 123456789012 is the ID of the\nparent organization or project resource for this tag key. Tag value is\nexpected to be the short name, for example \"Production\".\n" }, "schema": { "type": "string", @@ -121370,7 +122430,7 @@ }, "tableReplicationInfo": { "$ref": "#/types/gcp:bigquery/TableTableReplicationInfo:TableTableReplicationInfo", - "description": "Replication info of a table created using \"AS REPLICA\" DDL like: \"CREATE MATERIALIZED VIEW mv1 AS REPLICA OF src_mv\".\n", + "description": "Replication info of a table created\nusing \"AS REPLICA\" DDL like:\n`CREATE MATERIALIZED VIEW mv1 AS REPLICA OF src_mv`.\nStructure is documented below.\n", "willReplaceOnChanges": true }, "timePartitioning": { @@ -132720,7 +133780,7 @@ } }, "gcp:cloudfunctionsv2/function:Function": { - "description": "A Cloud Function that contains user computation executed in response to an event.\n\n\nTo get more information about function, see:\n\n* [API documentation](https://cloud.google.com/functions/docs/reference/rest/v2beta/projects.locations.functions)\n\n## Example Usage\n\n### Cloudfunctions2 Basic\n\n\n\u003c!--Start PulumiCodeChooser --\u003e\n```typescript\nimport * as pulumi from \"@pulumi/pulumi\";\nimport * as gcp from \"@pulumi/gcp\";\n\nconst project = \"my-project-name\";\nconst bucket = new gcp.storage.Bucket(\"bucket\", {\n name: `${project}-gcf-source`,\n location: \"US\",\n uniformBucketLevelAccess: true,\n});\nconst object = new gcp.storage.BucketObject(\"object\", {\n name: \"function-source.zip\",\n bucket: bucket.name,\n source: new pulumi.asset.FileAsset(\"function-source.zip\"),\n});\nconst _function = new gcp.cloudfunctionsv2.Function(\"function\", {\n name: \"function-v2\",\n location: \"us-central1\",\n description: \"a new function\",\n buildConfig: {\n runtime: \"nodejs16\",\n entryPoint: \"helloHttp\",\n source: {\n storageSource: {\n bucket: bucket.name,\n object: object.name,\n },\n },\n },\n serviceConfig: {\n maxInstanceCount: 1,\n availableMemory: \"256M\",\n timeoutSeconds: 60,\n },\n});\nexport const functionUri = _function.serviceConfig.apply(serviceConfig =\u003e serviceConfig?.uri);\n```\n```python\nimport pulumi\nimport pulumi_gcp as gcp\n\nproject = \"my-project-name\"\nbucket = gcp.storage.Bucket(\"bucket\",\n name=f\"{project}-gcf-source\",\n location=\"US\",\n uniform_bucket_level_access=True)\nobject = gcp.storage.BucketObject(\"object\",\n name=\"function-source.zip\",\n bucket=bucket.name,\n source=pulumi.FileAsset(\"function-source.zip\"))\nfunction = gcp.cloudfunctionsv2.Function(\"function\",\n name=\"function-v2\",\n location=\"us-central1\",\n description=\"a new function\",\n build_config=gcp.cloudfunctionsv2.FunctionBuildConfigArgs(\n runtime=\"nodejs16\",\n entry_point=\"helloHttp\",\n source=gcp.cloudfunctionsv2.FunctionBuildConfigSourceArgs(\n storage_source=gcp.cloudfunctionsv2.FunctionBuildConfigSourceStorageSourceArgs(\n bucket=bucket.name,\n object=object.name,\n ),\n ),\n ),\n service_config=gcp.cloudfunctionsv2.FunctionServiceConfigArgs(\n max_instance_count=1,\n available_memory=\"256M\",\n timeout_seconds=60,\n ))\npulumi.export(\"functionUri\", function.service_config.uri)\n```\n```csharp\nusing System.Collections.Generic;\nusing System.Linq;\nusing Pulumi;\nusing Gcp = Pulumi.Gcp;\n\nreturn await Deployment.RunAsync(() =\u003e \n{\n var project = \"my-project-name\";\n\n var bucket = new Gcp.Storage.Bucket(\"bucket\", new()\n {\n Name = $\"{project}-gcf-source\",\n Location = \"US\",\n UniformBucketLevelAccess = true,\n });\n\n var @object = new Gcp.Storage.BucketObject(\"object\", new()\n {\n Name = \"function-source.zip\",\n Bucket = bucket.Name,\n Source = new FileAsset(\"function-source.zip\"),\n });\n\n var function = new Gcp.CloudFunctionsV2.Function(\"function\", new()\n {\n Name = \"function-v2\",\n Location = \"us-central1\",\n Description = \"a new function\",\n BuildConfig = new Gcp.CloudFunctionsV2.Inputs.FunctionBuildConfigArgs\n {\n Runtime = \"nodejs16\",\n EntryPoint = \"helloHttp\",\n Source = new Gcp.CloudFunctionsV2.Inputs.FunctionBuildConfigSourceArgs\n {\n StorageSource = new Gcp.CloudFunctionsV2.Inputs.FunctionBuildConfigSourceStorageSourceArgs\n {\n Bucket = bucket.Name,\n Object = @object.Name,\n },\n },\n },\n ServiceConfig = new Gcp.CloudFunctionsV2.Inputs.FunctionServiceConfigArgs\n {\n MaxInstanceCount = 1,\n AvailableMemory = \"256M\",\n TimeoutSeconds = 60,\n },\n });\n\n return new Dictionary\u003cstring, object?\u003e\n {\n [\"functionUri\"] = function.ServiceConfig.Apply(serviceConfig =\u003e serviceConfig?.Uri),\n };\n});\n```\n```go\npackage main\n\nimport (\n\t\"fmt\"\n\n\t\"github.com/pulumi/pulumi-gcp/sdk/v7/go/gcp/cloudfunctionsv2\"\n\t\"github.com/pulumi/pulumi-gcp/sdk/v7/go/gcp/storage\"\n\t\"github.com/pulumi/pulumi/sdk/v3/go/pulumi\"\n)\n\nfunc main() {\n\tpulumi.Run(func(ctx *pulumi.Context) error {\n\t\tproject := \"my-project-name\"\n\t\tbucket, err := storage.NewBucket(ctx, \"bucket\", \u0026storage.BucketArgs{\n\t\t\tName: pulumi.String(fmt.Sprintf(\"%v-gcf-source\", project)),\n\t\t\tLocation: pulumi.String(\"US\"),\n\t\t\tUniformBucketLevelAccess: pulumi.Bool(true),\n\t\t})\n\t\tif err != nil {\n\t\t\treturn err\n\t\t}\n\t\tobject, err := storage.NewBucketObject(ctx, \"object\", \u0026storage.BucketObjectArgs{\n\t\t\tName: pulumi.String(\"function-source.zip\"),\n\t\t\tBucket: bucket.Name,\n\t\t\tSource: pulumi.NewFileAsset(\"function-source.zip\"),\n\t\t})\n\t\tif err != nil {\n\t\t\treturn err\n\t\t}\n\t\tfunction, err := cloudfunctionsv2.NewFunction(ctx, \"function\", \u0026cloudfunctionsv2.FunctionArgs{\n\t\t\tName: pulumi.String(\"function-v2\"),\n\t\t\tLocation: pulumi.String(\"us-central1\"),\n\t\t\tDescription: pulumi.String(\"a new function\"),\n\t\t\tBuildConfig: \u0026cloudfunctionsv2.FunctionBuildConfigArgs{\n\t\t\t\tRuntime: pulumi.String(\"nodejs16\"),\n\t\t\t\tEntryPoint: pulumi.String(\"helloHttp\"),\n\t\t\t\tSource: \u0026cloudfunctionsv2.FunctionBuildConfigSourceArgs{\n\t\t\t\t\tStorageSource: \u0026cloudfunctionsv2.FunctionBuildConfigSourceStorageSourceArgs{\n\t\t\t\t\t\tBucket: bucket.Name,\n\t\t\t\t\t\tObject: object.Name,\n\t\t\t\t\t},\n\t\t\t\t},\n\t\t\t},\n\t\t\tServiceConfig: \u0026cloudfunctionsv2.FunctionServiceConfigArgs{\n\t\t\t\tMaxInstanceCount: pulumi.Int(1),\n\t\t\t\tAvailableMemory: pulumi.String(\"256M\"),\n\t\t\t\tTimeoutSeconds: pulumi.Int(60),\n\t\t\t},\n\t\t})\n\t\tif err != nil {\n\t\t\treturn err\n\t\t}\n\t\tctx.Export(\"functionUri\", function.ServiceConfig.ApplyT(func(serviceConfig cloudfunctionsv2.FunctionServiceConfig) (*string, error) {\n\t\t\treturn \u0026serviceConfig.Uri, nil\n\t\t}).(pulumi.StringPtrOutput))\n\t\treturn nil\n\t})\n}\n```\n```java\npackage generated_program;\n\nimport com.pulumi.Context;\nimport com.pulumi.Pulumi;\nimport com.pulumi.core.Output;\nimport com.pulumi.gcp.storage.Bucket;\nimport com.pulumi.gcp.storage.BucketArgs;\nimport com.pulumi.gcp.storage.BucketObject;\nimport com.pulumi.gcp.storage.BucketObjectArgs;\nimport com.pulumi.gcp.cloudfunctionsv2.Function;\nimport com.pulumi.gcp.cloudfunctionsv2.FunctionArgs;\nimport com.pulumi.gcp.cloudfunctionsv2.inputs.FunctionBuildConfigArgs;\nimport com.pulumi.gcp.cloudfunctionsv2.inputs.FunctionBuildConfigSourceArgs;\nimport com.pulumi.gcp.cloudfunctionsv2.inputs.FunctionBuildConfigSourceStorageSourceArgs;\nimport com.pulumi.gcp.cloudfunctionsv2.inputs.FunctionServiceConfigArgs;\nimport com.pulumi.asset.FileAsset;\nimport java.util.List;\nimport java.util.ArrayList;\nimport java.util.Map;\nimport java.io.File;\nimport java.nio.file.Files;\nimport java.nio.file.Paths;\n\npublic class App {\n public static void main(String[] args) {\n Pulumi.run(App::stack);\n }\n\n public static void stack(Context ctx) {\n final var project = \"my-project-name\";\n\n var bucket = new Bucket(\"bucket\", BucketArgs.builder()\n .name(String.format(\"%s-gcf-source\", project))\n .location(\"US\")\n .uniformBucketLevelAccess(true)\n .build());\n\n var object = new BucketObject(\"object\", BucketObjectArgs.builder()\n .name(\"function-source.zip\")\n .bucket(bucket.name())\n .source(new FileAsset(\"function-source.zip\"))\n .build());\n\n var function = new Function(\"function\", FunctionArgs.builder()\n .name(\"function-v2\")\n .location(\"us-central1\")\n .description(\"a new function\")\n .buildConfig(FunctionBuildConfigArgs.builder()\n .runtime(\"nodejs16\")\n .entryPoint(\"helloHttp\")\n .source(FunctionBuildConfigSourceArgs.builder()\n .storageSource(FunctionBuildConfigSourceStorageSourceArgs.builder()\n .bucket(bucket.name())\n .object(object.name())\n .build())\n .build())\n .build())\n .serviceConfig(FunctionServiceConfigArgs.builder()\n .maxInstanceCount(1)\n .availableMemory(\"256M\")\n .timeoutSeconds(60)\n .build())\n .build());\n\n ctx.export(\"functionUri\", function.serviceConfig().applyValue(serviceConfig -\u003e serviceConfig.uri()));\n }\n}\n```\n```yaml\nresources:\n bucket:\n type: gcp:storage:Bucket\n properties:\n name: ${project}-gcf-source\n location: US\n uniformBucketLevelAccess: true\n object:\n type: gcp:storage:BucketObject\n properties:\n name: function-source.zip\n bucket: ${bucket.name}\n source:\n fn::FileAsset: function-source.zip\n function:\n type: gcp:cloudfunctionsv2:Function\n properties:\n name: function-v2\n location: us-central1\n description: a new function\n buildConfig:\n runtime: nodejs16\n entryPoint: helloHttp\n source:\n storageSource:\n bucket: ${bucket.name}\n object: ${object.name}\n serviceConfig:\n maxInstanceCount: 1\n availableMemory: 256M\n timeoutSeconds: 60\nvariables:\n project: my-project-name\noutputs:\n functionUri: ${function.serviceConfig.uri}\n```\n\u003c!--End PulumiCodeChooser --\u003e\n### Cloudfunctions2 Full\n\n\n\u003c!--Start PulumiCodeChooser --\u003e\n```typescript\nimport * as pulumi from \"@pulumi/pulumi\";\nimport * as gcp from \"@pulumi/gcp\";\n\nconst project = \"my-project-name\";\nconst account = new gcp.serviceaccount.Account(\"account\", {\n accountId: \"gcf-sa\",\n displayName: \"Test Service Account\",\n});\nconst topic = new gcp.pubsub.Topic(\"topic\", {name: \"functions2-topic\"});\nconst bucket = new gcp.storage.Bucket(\"bucket\", {\n name: `${project}-gcf-source`,\n location: \"US\",\n uniformBucketLevelAccess: true,\n});\nconst object = new gcp.storage.BucketObject(\"object\", {\n name: \"function-source.zip\",\n bucket: bucket.name,\n source: new pulumi.asset.FileAsset(\"function-source.zip\"),\n});\nconst _function = new gcp.cloudfunctionsv2.Function(\"function\", {\n name: \"gcf-function\",\n location: \"us-central1\",\n description: \"a new function\",\n buildConfig: {\n runtime: \"nodejs16\",\n entryPoint: \"helloPubSub\",\n environmentVariables: {\n BUILD_CONFIG_TEST: \"build_test\",\n },\n source: {\n storageSource: {\n bucket: bucket.name,\n object: object.name,\n },\n },\n },\n serviceConfig: {\n maxInstanceCount: 3,\n minInstanceCount: 1,\n availableMemory: \"4Gi\",\n timeoutSeconds: 60,\n maxInstanceRequestConcurrency: 80,\n availableCpu: \"4\",\n environmentVariables: {\n SERVICE_CONFIG_TEST: \"config_test\",\n },\n ingressSettings: \"ALLOW_INTERNAL_ONLY\",\n allTrafficOnLatestRevision: true,\n serviceAccountEmail: account.email,\n },\n eventTrigger: {\n triggerRegion: \"us-central1\",\n eventType: \"google.cloud.pubsub.topic.v1.messagePublished\",\n pubsubTopic: topic.id,\n retryPolicy: \"RETRY_POLICY_RETRY\",\n },\n});\n```\n```python\nimport pulumi\nimport pulumi_gcp as gcp\n\nproject = \"my-project-name\"\naccount = gcp.serviceaccount.Account(\"account\",\n account_id=\"gcf-sa\",\n display_name=\"Test Service Account\")\ntopic = gcp.pubsub.Topic(\"topic\", name=\"functions2-topic\")\nbucket = gcp.storage.Bucket(\"bucket\",\n name=f\"{project}-gcf-source\",\n location=\"US\",\n uniform_bucket_level_access=True)\nobject = gcp.storage.BucketObject(\"object\",\n name=\"function-source.zip\",\n bucket=bucket.name,\n source=pulumi.FileAsset(\"function-source.zip\"))\nfunction = gcp.cloudfunctionsv2.Function(\"function\",\n name=\"gcf-function\",\n location=\"us-central1\",\n description=\"a new function\",\n build_config=gcp.cloudfunctionsv2.FunctionBuildConfigArgs(\n runtime=\"nodejs16\",\n entry_point=\"helloPubSub\",\n environment_variables={\n \"BUILD_CONFIG_TEST\": \"build_test\",\n },\n source=gcp.cloudfunctionsv2.FunctionBuildConfigSourceArgs(\n storage_source=gcp.cloudfunctionsv2.FunctionBuildConfigSourceStorageSourceArgs(\n bucket=bucket.name,\n object=object.name,\n ),\n ),\n ),\n service_config=gcp.cloudfunctionsv2.FunctionServiceConfigArgs(\n max_instance_count=3,\n min_instance_count=1,\n available_memory=\"4Gi\",\n timeout_seconds=60,\n max_instance_request_concurrency=80,\n available_cpu=\"4\",\n environment_variables={\n \"SERVICE_CONFIG_TEST\": \"config_test\",\n },\n ingress_settings=\"ALLOW_INTERNAL_ONLY\",\n all_traffic_on_latest_revision=True,\n service_account_email=account.email,\n ),\n event_trigger=gcp.cloudfunctionsv2.FunctionEventTriggerArgs(\n trigger_region=\"us-central1\",\n event_type=\"google.cloud.pubsub.topic.v1.messagePublished\",\n pubsub_topic=topic.id,\n retry_policy=\"RETRY_POLICY_RETRY\",\n ))\n```\n```csharp\nusing System.Collections.Generic;\nusing System.Linq;\nusing Pulumi;\nusing Gcp = Pulumi.Gcp;\n\nreturn await Deployment.RunAsync(() =\u003e \n{\n var project = \"my-project-name\";\n\n var account = new Gcp.ServiceAccount.Account(\"account\", new()\n {\n AccountId = \"gcf-sa\",\n DisplayName = \"Test Service Account\",\n });\n\n var topic = new Gcp.PubSub.Topic(\"topic\", new()\n {\n Name = \"functions2-topic\",\n });\n\n var bucket = new Gcp.Storage.Bucket(\"bucket\", new()\n {\n Name = $\"{project}-gcf-source\",\n Location = \"US\",\n UniformBucketLevelAccess = true,\n });\n\n var @object = new Gcp.Storage.BucketObject(\"object\", new()\n {\n Name = \"function-source.zip\",\n Bucket = bucket.Name,\n Source = new FileAsset(\"function-source.zip\"),\n });\n\n var function = new Gcp.CloudFunctionsV2.Function(\"function\", new()\n {\n Name = \"gcf-function\",\n Location = \"us-central1\",\n Description = \"a new function\",\n BuildConfig = new Gcp.CloudFunctionsV2.Inputs.FunctionBuildConfigArgs\n {\n Runtime = \"nodejs16\",\n EntryPoint = \"helloPubSub\",\n EnvironmentVariables = \n {\n { \"BUILD_CONFIG_TEST\", \"build_test\" },\n },\n Source = new Gcp.CloudFunctionsV2.Inputs.FunctionBuildConfigSourceArgs\n {\n StorageSource = new Gcp.CloudFunctionsV2.Inputs.FunctionBuildConfigSourceStorageSourceArgs\n {\n Bucket = bucket.Name,\n Object = @object.Name,\n },\n },\n },\n ServiceConfig = new Gcp.CloudFunctionsV2.Inputs.FunctionServiceConfigArgs\n {\n MaxInstanceCount = 3,\n MinInstanceCount = 1,\n AvailableMemory = \"4Gi\",\n TimeoutSeconds = 60,\n MaxInstanceRequestConcurrency = 80,\n AvailableCpu = \"4\",\n EnvironmentVariables = \n {\n { \"SERVICE_CONFIG_TEST\", \"config_test\" },\n },\n IngressSettings = \"ALLOW_INTERNAL_ONLY\",\n AllTrafficOnLatestRevision = true,\n ServiceAccountEmail = account.Email,\n },\n EventTrigger = new Gcp.CloudFunctionsV2.Inputs.FunctionEventTriggerArgs\n {\n TriggerRegion = \"us-central1\",\n EventType = \"google.cloud.pubsub.topic.v1.messagePublished\",\n PubsubTopic = topic.Id,\n RetryPolicy = \"RETRY_POLICY_RETRY\",\n },\n });\n\n});\n```\n```go\npackage main\n\nimport (\n\t\"fmt\"\n\n\t\"github.com/pulumi/pulumi-gcp/sdk/v7/go/gcp/cloudfunctionsv2\"\n\t\"github.com/pulumi/pulumi-gcp/sdk/v7/go/gcp/pubsub\"\n\t\"github.com/pulumi/pulumi-gcp/sdk/v7/go/gcp/serviceaccount\"\n\t\"github.com/pulumi/pulumi-gcp/sdk/v7/go/gcp/storage\"\n\t\"github.com/pulumi/pulumi/sdk/v3/go/pulumi\"\n)\n\nfunc main() {\n\tpulumi.Run(func(ctx *pulumi.Context) error {\n\t\tproject := \"my-project-name\"\n\t\taccount, err := serviceaccount.NewAccount(ctx, \"account\", \u0026serviceaccount.AccountArgs{\n\t\t\tAccountId: pulumi.String(\"gcf-sa\"),\n\t\t\tDisplayName: pulumi.String(\"Test Service Account\"),\n\t\t})\n\t\tif err != nil {\n\t\t\treturn err\n\t\t}\n\t\ttopic, err := pubsub.NewTopic(ctx, \"topic\", \u0026pubsub.TopicArgs{\n\t\t\tName: pulumi.String(\"functions2-topic\"),\n\t\t})\n\t\tif err != nil {\n\t\t\treturn err\n\t\t}\n\t\tbucket, err := storage.NewBucket(ctx, \"bucket\", \u0026storage.BucketArgs{\n\t\t\tName: pulumi.String(fmt.Sprintf(\"%v-gcf-source\", project)),\n\t\t\tLocation: pulumi.String(\"US\"),\n\t\t\tUniformBucketLevelAccess: pulumi.Bool(true),\n\t\t})\n\t\tif err != nil {\n\t\t\treturn err\n\t\t}\n\t\tobject, err := storage.NewBucketObject(ctx, \"object\", \u0026storage.BucketObjectArgs{\n\t\t\tName: pulumi.String(\"function-source.zip\"),\n\t\t\tBucket: bucket.Name,\n\t\t\tSource: pulumi.NewFileAsset(\"function-source.zip\"),\n\t\t})\n\t\tif err != nil {\n\t\t\treturn err\n\t\t}\n\t\t_, err = cloudfunctionsv2.NewFunction(ctx, \"function\", \u0026cloudfunctionsv2.FunctionArgs{\n\t\t\tName: pulumi.String(\"gcf-function\"),\n\t\t\tLocation: pulumi.String(\"us-central1\"),\n\t\t\tDescription: pulumi.String(\"a new function\"),\n\t\t\tBuildConfig: \u0026cloudfunctionsv2.FunctionBuildConfigArgs{\n\t\t\t\tRuntime: pulumi.String(\"nodejs16\"),\n\t\t\t\tEntryPoint: pulumi.String(\"helloPubSub\"),\n\t\t\t\tEnvironmentVariables: pulumi.StringMap{\n\t\t\t\t\t\"BUILD_CONFIG_TEST\": pulumi.String(\"build_test\"),\n\t\t\t\t},\n\t\t\t\tSource: \u0026cloudfunctionsv2.FunctionBuildConfigSourceArgs{\n\t\t\t\t\tStorageSource: \u0026cloudfunctionsv2.FunctionBuildConfigSourceStorageSourceArgs{\n\t\t\t\t\t\tBucket: bucket.Name,\n\t\t\t\t\t\tObject: object.Name,\n\t\t\t\t\t},\n\t\t\t\t},\n\t\t\t},\n\t\t\tServiceConfig: \u0026cloudfunctionsv2.FunctionServiceConfigArgs{\n\t\t\t\tMaxInstanceCount: pulumi.Int(3),\n\t\t\t\tMinInstanceCount: pulumi.Int(1),\n\t\t\t\tAvailableMemory: pulumi.String(\"4Gi\"),\n\t\t\t\tTimeoutSeconds: pulumi.Int(60),\n\t\t\t\tMaxInstanceRequestConcurrency: pulumi.Int(80),\n\t\t\t\tAvailableCpu: pulumi.String(\"4\"),\n\t\t\t\tEnvironmentVariables: pulumi.StringMap{\n\t\t\t\t\t\"SERVICE_CONFIG_TEST\": pulumi.String(\"config_test\"),\n\t\t\t\t},\n\t\t\t\tIngressSettings: pulumi.String(\"ALLOW_INTERNAL_ONLY\"),\n\t\t\t\tAllTrafficOnLatestRevision: pulumi.Bool(true),\n\t\t\t\tServiceAccountEmail: account.Email,\n\t\t\t},\n\t\t\tEventTrigger: \u0026cloudfunctionsv2.FunctionEventTriggerArgs{\n\t\t\t\tTriggerRegion: pulumi.String(\"us-central1\"),\n\t\t\t\tEventType: pulumi.String(\"google.cloud.pubsub.topic.v1.messagePublished\"),\n\t\t\t\tPubsubTopic: topic.ID(),\n\t\t\t\tRetryPolicy: pulumi.String(\"RETRY_POLICY_RETRY\"),\n\t\t\t},\n\t\t})\n\t\tif err != nil {\n\t\t\treturn err\n\t\t}\n\t\treturn nil\n\t})\n}\n```\n```java\npackage generated_program;\n\nimport com.pulumi.Context;\nimport com.pulumi.Pulumi;\nimport com.pulumi.core.Output;\nimport com.pulumi.gcp.serviceaccount.Account;\nimport com.pulumi.gcp.serviceaccount.AccountArgs;\nimport com.pulumi.gcp.pubsub.Topic;\nimport com.pulumi.gcp.pubsub.TopicArgs;\nimport com.pulumi.gcp.storage.Bucket;\nimport com.pulumi.gcp.storage.BucketArgs;\nimport com.pulumi.gcp.storage.BucketObject;\nimport com.pulumi.gcp.storage.BucketObjectArgs;\nimport com.pulumi.gcp.cloudfunctionsv2.Function;\nimport com.pulumi.gcp.cloudfunctionsv2.FunctionArgs;\nimport com.pulumi.gcp.cloudfunctionsv2.inputs.FunctionBuildConfigArgs;\nimport com.pulumi.gcp.cloudfunctionsv2.inputs.FunctionBuildConfigSourceArgs;\nimport com.pulumi.gcp.cloudfunctionsv2.inputs.FunctionBuildConfigSourceStorageSourceArgs;\nimport com.pulumi.gcp.cloudfunctionsv2.inputs.FunctionServiceConfigArgs;\nimport com.pulumi.gcp.cloudfunctionsv2.inputs.FunctionEventTriggerArgs;\nimport com.pulumi.asset.FileAsset;\nimport java.util.List;\nimport java.util.ArrayList;\nimport java.util.Map;\nimport java.io.File;\nimport java.nio.file.Files;\nimport java.nio.file.Paths;\n\npublic class App {\n public static void main(String[] args) {\n Pulumi.run(App::stack);\n }\n\n public static void stack(Context ctx) {\n final var project = \"my-project-name\";\n\n var account = new Account(\"account\", AccountArgs.builder()\n .accountId(\"gcf-sa\")\n .displayName(\"Test Service Account\")\n .build());\n\n var topic = new Topic(\"topic\", TopicArgs.builder()\n .name(\"functions2-topic\")\n .build());\n\n var bucket = new Bucket(\"bucket\", BucketArgs.builder()\n .name(String.format(\"%s-gcf-source\", project))\n .location(\"US\")\n .uniformBucketLevelAccess(true)\n .build());\n\n var object = new BucketObject(\"object\", BucketObjectArgs.builder()\n .name(\"function-source.zip\")\n .bucket(bucket.name())\n .source(new FileAsset(\"function-source.zip\"))\n .build());\n\n var function = new Function(\"function\", FunctionArgs.builder()\n .name(\"gcf-function\")\n .location(\"us-central1\")\n .description(\"a new function\")\n .buildConfig(FunctionBuildConfigArgs.builder()\n .runtime(\"nodejs16\")\n .entryPoint(\"helloPubSub\")\n .environmentVariables(Map.of(\"BUILD_CONFIG_TEST\", \"build_test\"))\n .source(FunctionBuildConfigSourceArgs.builder()\n .storageSource(FunctionBuildConfigSourceStorageSourceArgs.builder()\n .bucket(bucket.name())\n .object(object.name())\n .build())\n .build())\n .build())\n .serviceConfig(FunctionServiceConfigArgs.builder()\n .maxInstanceCount(3)\n .minInstanceCount(1)\n .availableMemory(\"4Gi\")\n .timeoutSeconds(60)\n .maxInstanceRequestConcurrency(80)\n .availableCpu(\"4\")\n .environmentVariables(Map.of(\"SERVICE_CONFIG_TEST\", \"config_test\"))\n .ingressSettings(\"ALLOW_INTERNAL_ONLY\")\n .allTrafficOnLatestRevision(true)\n .serviceAccountEmail(account.email())\n .build())\n .eventTrigger(FunctionEventTriggerArgs.builder()\n .triggerRegion(\"us-central1\")\n .eventType(\"google.cloud.pubsub.topic.v1.messagePublished\")\n .pubsubTopic(topic.id())\n .retryPolicy(\"RETRY_POLICY_RETRY\")\n .build())\n .build());\n\n }\n}\n```\n```yaml\nresources:\n account:\n type: gcp:serviceaccount:Account\n properties:\n accountId: gcf-sa\n displayName: Test Service Account\n topic:\n type: gcp:pubsub:Topic\n properties:\n name: functions2-topic\n bucket:\n type: gcp:storage:Bucket\n properties:\n name: ${project}-gcf-source\n location: US\n uniformBucketLevelAccess: true\n object:\n type: gcp:storage:BucketObject\n properties:\n name: function-source.zip\n bucket: ${bucket.name}\n source:\n fn::FileAsset: function-source.zip\n function:\n type: gcp:cloudfunctionsv2:Function\n properties:\n name: gcf-function\n location: us-central1\n description: a new function\n buildConfig:\n runtime: nodejs16\n entryPoint: helloPubSub\n environmentVariables:\n BUILD_CONFIG_TEST: build_test\n source:\n storageSource:\n bucket: ${bucket.name}\n object: ${object.name}\n serviceConfig:\n maxInstanceCount: 3\n minInstanceCount: 1\n availableMemory: 4Gi\n timeoutSeconds: 60\n maxInstanceRequestConcurrency: 80\n availableCpu: '4'\n environmentVariables:\n SERVICE_CONFIG_TEST: config_test\n ingressSettings: ALLOW_INTERNAL_ONLY\n allTrafficOnLatestRevision: true\n serviceAccountEmail: ${account.email}\n eventTrigger:\n triggerRegion: us-central1\n eventType: google.cloud.pubsub.topic.v1.messagePublished\n pubsubTopic: ${topic.id}\n retryPolicy: RETRY_POLICY_RETRY\nvariables:\n project: my-project-name\n```\n\u003c!--End PulumiCodeChooser --\u003e\n### Cloudfunctions2 Scheduler Auth\n\n\n\u003c!--Start PulumiCodeChooser --\u003e\n```typescript\nimport * as pulumi from \"@pulumi/pulumi\";\nimport * as gcp from \"@pulumi/gcp\";\n\nconst project = \"my-project-name\";\nconst account = new gcp.serviceaccount.Account(\"account\", {\n accountId: \"gcf-sa\",\n displayName: \"Test Service Account\",\n});\nconst bucket = new gcp.storage.Bucket(\"bucket\", {\n name: `${project}-gcf-source`,\n location: \"US\",\n uniformBucketLevelAccess: true,\n});\nconst object = new gcp.storage.BucketObject(\"object\", {\n name: \"function-source.zip\",\n bucket: bucket.name,\n source: new pulumi.asset.FileAsset(\"function-source.zip\"),\n});\nconst _function = new gcp.cloudfunctionsv2.Function(\"function\", {\n name: \"gcf-function\",\n location: \"us-central1\",\n description: \"a new function\",\n buildConfig: {\n runtime: \"nodejs16\",\n entryPoint: \"helloHttp\",\n source: {\n storageSource: {\n bucket: bucket.name,\n object: object.name,\n },\n },\n },\n serviceConfig: {\n minInstanceCount: 1,\n availableMemory: \"256M\",\n timeoutSeconds: 60,\n serviceAccountEmail: account.email,\n },\n});\nconst invoker = new gcp.cloudfunctionsv2.FunctionIamMember(\"invoker\", {\n project: _function.project,\n location: _function.location,\n cloudFunction: _function.name,\n role: \"roles/cloudfunctions.invoker\",\n member: pulumi.interpolate`serviceAccount:${account.email}`,\n});\nconst cloudRunInvoker = new gcp.cloudrun.IamMember(\"cloud_run_invoker\", {\n project: _function.project,\n location: _function.location,\n service: _function.name,\n role: \"roles/run.invoker\",\n member: pulumi.interpolate`serviceAccount:${account.email}`,\n});\nconst invokeCloudFunction = new gcp.cloudscheduler.Job(\"invoke_cloud_function\", {\n name: \"invoke-gcf-function\",\n description: \"Schedule the HTTPS trigger for cloud function\",\n schedule: \"0 0 * * *\",\n project: _function.project,\n region: _function.location,\n httpTarget: {\n uri: _function.serviceConfig.apply(serviceConfig =\u003e serviceConfig?.uri),\n httpMethod: \"POST\",\n oidcToken: {\n audience: _function.serviceConfig.apply(serviceConfig =\u003e `${serviceConfig?.uri}/`),\n serviceAccountEmail: account.email,\n },\n },\n});\n```\n```python\nimport pulumi\nimport pulumi_gcp as gcp\n\nproject = \"my-project-name\"\naccount = gcp.serviceaccount.Account(\"account\",\n account_id=\"gcf-sa\",\n display_name=\"Test Service Account\")\nbucket = gcp.storage.Bucket(\"bucket\",\n name=f\"{project}-gcf-source\",\n location=\"US\",\n uniform_bucket_level_access=True)\nobject = gcp.storage.BucketObject(\"object\",\n name=\"function-source.zip\",\n bucket=bucket.name,\n source=pulumi.FileAsset(\"function-source.zip\"))\nfunction = gcp.cloudfunctionsv2.Function(\"function\",\n name=\"gcf-function\",\n location=\"us-central1\",\n description=\"a new function\",\n build_config=gcp.cloudfunctionsv2.FunctionBuildConfigArgs(\n runtime=\"nodejs16\",\n entry_point=\"helloHttp\",\n source=gcp.cloudfunctionsv2.FunctionBuildConfigSourceArgs(\n storage_source=gcp.cloudfunctionsv2.FunctionBuildConfigSourceStorageSourceArgs(\n bucket=bucket.name,\n object=object.name,\n ),\n ),\n ),\n service_config=gcp.cloudfunctionsv2.FunctionServiceConfigArgs(\n min_instance_count=1,\n available_memory=\"256M\",\n timeout_seconds=60,\n service_account_email=account.email,\n ))\ninvoker = gcp.cloudfunctionsv2.FunctionIamMember(\"invoker\",\n project=function.project,\n location=function.location,\n cloud_function=function.name,\n role=\"roles/cloudfunctions.invoker\",\n member=account.email.apply(lambda email: f\"serviceAccount:{email}\"))\ncloud_run_invoker = gcp.cloudrun.IamMember(\"cloud_run_invoker\",\n project=function.project,\n location=function.location,\n service=function.name,\n role=\"roles/run.invoker\",\n member=account.email.apply(lambda email: f\"serviceAccount:{email}\"))\ninvoke_cloud_function = gcp.cloudscheduler.Job(\"invoke_cloud_function\",\n name=\"invoke-gcf-function\",\n description=\"Schedule the HTTPS trigger for cloud function\",\n schedule=\"0 0 * * *\",\n project=function.project,\n region=function.location,\n http_target=gcp.cloudscheduler.JobHttpTargetArgs(\n uri=function.service_config.uri,\n http_method=\"POST\",\n oidc_token=gcp.cloudscheduler.JobHttpTargetOidcTokenArgs(\n audience=function.service_config.apply(lambda service_config: f\"{service_config.uri}/\"),\n service_account_email=account.email,\n ),\n ))\n```\n```csharp\nusing System.Collections.Generic;\nusing System.Linq;\nusing Pulumi;\nusing Gcp = Pulumi.Gcp;\n\nreturn await Deployment.RunAsync(() =\u003e \n{\n var project = \"my-project-name\";\n\n var account = new Gcp.ServiceAccount.Account(\"account\", new()\n {\n AccountId = \"gcf-sa\",\n DisplayName = \"Test Service Account\",\n });\n\n var bucket = new Gcp.Storage.Bucket(\"bucket\", new()\n {\n Name = $\"{project}-gcf-source\",\n Location = \"US\",\n UniformBucketLevelAccess = true,\n });\n\n var @object = new Gcp.Storage.BucketObject(\"object\", new()\n {\n Name = \"function-source.zip\",\n Bucket = bucket.Name,\n Source = new FileAsset(\"function-source.zip\"),\n });\n\n var function = new Gcp.CloudFunctionsV2.Function(\"function\", new()\n {\n Name = \"gcf-function\",\n Location = \"us-central1\",\n Description = \"a new function\",\n BuildConfig = new Gcp.CloudFunctionsV2.Inputs.FunctionBuildConfigArgs\n {\n Runtime = \"nodejs16\",\n EntryPoint = \"helloHttp\",\n Source = new Gcp.CloudFunctionsV2.Inputs.FunctionBuildConfigSourceArgs\n {\n StorageSource = new Gcp.CloudFunctionsV2.Inputs.FunctionBuildConfigSourceStorageSourceArgs\n {\n Bucket = bucket.Name,\n Object = @object.Name,\n },\n },\n },\n ServiceConfig = new Gcp.CloudFunctionsV2.Inputs.FunctionServiceConfigArgs\n {\n MinInstanceCount = 1,\n AvailableMemory = \"256M\",\n TimeoutSeconds = 60,\n ServiceAccountEmail = account.Email,\n },\n });\n\n var invoker = new Gcp.CloudFunctionsV2.FunctionIamMember(\"invoker\", new()\n {\n Project = function.Project,\n Location = function.Location,\n CloudFunction = function.Name,\n Role = \"roles/cloudfunctions.invoker\",\n Member = account.Email.Apply(email =\u003e $\"serviceAccount:{email}\"),\n });\n\n var cloudRunInvoker = new Gcp.CloudRun.IamMember(\"cloud_run_invoker\", new()\n {\n Project = function.Project,\n Location = function.Location,\n Service = function.Name,\n Role = \"roles/run.invoker\",\n Member = account.Email.Apply(email =\u003e $\"serviceAccount:{email}\"),\n });\n\n var invokeCloudFunction = new Gcp.CloudScheduler.Job(\"invoke_cloud_function\", new()\n {\n Name = \"invoke-gcf-function\",\n Description = \"Schedule the HTTPS trigger for cloud function\",\n Schedule = \"0 0 * * *\",\n Project = function.Project,\n Region = function.Location,\n HttpTarget = new Gcp.CloudScheduler.Inputs.JobHttpTargetArgs\n {\n Uri = function.ServiceConfig.Apply(serviceConfig =\u003e serviceConfig?.Uri),\n HttpMethod = \"POST\",\n OidcToken = new Gcp.CloudScheduler.Inputs.JobHttpTargetOidcTokenArgs\n {\n Audience = function.ServiceConfig.Apply(serviceConfig =\u003e $\"{serviceConfig?.Uri}/\"),\n ServiceAccountEmail = account.Email,\n },\n },\n });\n\n});\n```\n```go\npackage main\n\nimport (\n\t\"fmt\"\n\n\t\"github.com/pulumi/pulumi-gcp/sdk/v7/go/gcp/cloudfunctionsv2\"\n\t\"github.com/pulumi/pulumi-gcp/sdk/v7/go/gcp/cloudrun\"\n\t\"github.com/pulumi/pulumi-gcp/sdk/v7/go/gcp/cloudscheduler\"\n\t\"github.com/pulumi/pulumi-gcp/sdk/v7/go/gcp/serviceaccount\"\n\t\"github.com/pulumi/pulumi-gcp/sdk/v7/go/gcp/storage\"\n\t\"github.com/pulumi/pulumi/sdk/v3/go/pulumi\"\n)\n\nfunc main() {\n\tpulumi.Run(func(ctx *pulumi.Context) error {\n\t\tproject := \"my-project-name\"\n\t\taccount, err := serviceaccount.NewAccount(ctx, \"account\", \u0026serviceaccount.AccountArgs{\n\t\t\tAccountId: pulumi.String(\"gcf-sa\"),\n\t\t\tDisplayName: pulumi.String(\"Test Service Account\"),\n\t\t})\n\t\tif err != nil {\n\t\t\treturn err\n\t\t}\n\t\tbucket, err := storage.NewBucket(ctx, \"bucket\", \u0026storage.BucketArgs{\n\t\t\tName: pulumi.String(fmt.Sprintf(\"%v-gcf-source\", project)),\n\t\t\tLocation: pulumi.String(\"US\"),\n\t\t\tUniformBucketLevelAccess: pulumi.Bool(true),\n\t\t})\n\t\tif err != nil {\n\t\t\treturn err\n\t\t}\n\t\tobject, err := storage.NewBucketObject(ctx, \"object\", \u0026storage.BucketObjectArgs{\n\t\t\tName: pulumi.String(\"function-source.zip\"),\n\t\t\tBucket: bucket.Name,\n\t\t\tSource: pulumi.NewFileAsset(\"function-source.zip\"),\n\t\t})\n\t\tif err != nil {\n\t\t\treturn err\n\t\t}\n\t\tfunction, err := cloudfunctionsv2.NewFunction(ctx, \"function\", \u0026cloudfunctionsv2.FunctionArgs{\n\t\t\tName: pulumi.String(\"gcf-function\"),\n\t\t\tLocation: pulumi.String(\"us-central1\"),\n\t\t\tDescription: pulumi.String(\"a new function\"),\n\t\t\tBuildConfig: \u0026cloudfunctionsv2.FunctionBuildConfigArgs{\n\t\t\t\tRuntime: pulumi.String(\"nodejs16\"),\n\t\t\t\tEntryPoint: pulumi.String(\"helloHttp\"),\n\t\t\t\tSource: \u0026cloudfunctionsv2.FunctionBuildConfigSourceArgs{\n\t\t\t\t\tStorageSource: \u0026cloudfunctionsv2.FunctionBuildConfigSourceStorageSourceArgs{\n\t\t\t\t\t\tBucket: bucket.Name,\n\t\t\t\t\t\tObject: object.Name,\n\t\t\t\t\t},\n\t\t\t\t},\n\t\t\t},\n\t\t\tServiceConfig: \u0026cloudfunctionsv2.FunctionServiceConfigArgs{\n\t\t\t\tMinInstanceCount: pulumi.Int(1),\n\t\t\t\tAvailableMemory: pulumi.String(\"256M\"),\n\t\t\t\tTimeoutSeconds: pulumi.Int(60),\n\t\t\t\tServiceAccountEmail: account.Email,\n\t\t\t},\n\t\t})\n\t\tif err != nil {\n\t\t\treturn err\n\t\t}\n\t\t_, err = cloudfunctionsv2.NewFunctionIamMember(ctx, \"invoker\", \u0026cloudfunctionsv2.FunctionIamMemberArgs{\n\t\t\tProject: function.Project,\n\t\t\tLocation: function.Location,\n\t\t\tCloudFunction: function.Name,\n\t\t\tRole: pulumi.String(\"roles/cloudfunctions.invoker\"),\n\t\t\tMember: account.Email.ApplyT(func(email string) (string, error) {\n\t\t\t\treturn fmt.Sprintf(\"serviceAccount:%v\", email), nil\n\t\t\t}).(pulumi.StringOutput),\n\t\t})\n\t\tif err != nil {\n\t\t\treturn err\n\t\t}\n\t\t_, err = cloudrun.NewIamMember(ctx, \"cloud_run_invoker\", \u0026cloudrun.IamMemberArgs{\n\t\t\tProject: function.Project,\n\t\t\tLocation: function.Location,\n\t\t\tService: function.Name,\n\t\t\tRole: pulumi.String(\"roles/run.invoker\"),\n\t\t\tMember: account.Email.ApplyT(func(email string) (string, error) {\n\t\t\t\treturn fmt.Sprintf(\"serviceAccount:%v\", email), nil\n\t\t\t}).(pulumi.StringOutput),\n\t\t})\n\t\tif err != nil {\n\t\t\treturn err\n\t\t}\n\t\t_, err = cloudscheduler.NewJob(ctx, \"invoke_cloud_function\", \u0026cloudscheduler.JobArgs{\n\t\t\tName: pulumi.String(\"invoke-gcf-function\"),\n\t\t\tDescription: pulumi.String(\"Schedule the HTTPS trigger for cloud function\"),\n\t\t\tSchedule: pulumi.String(\"0 0 * * *\"),\n\t\t\tProject: function.Project,\n\t\t\tRegion: function.Location,\n\t\t\tHttpTarget: \u0026cloudscheduler.JobHttpTargetArgs{\n\t\t\t\tUri: function.ServiceConfig.ApplyT(func(serviceConfig cloudfunctionsv2.FunctionServiceConfig) (*string, error) {\n\t\t\t\t\treturn \u0026serviceConfig.Uri, nil\n\t\t\t\t}).(pulumi.StringPtrOutput),\n\t\t\t\tHttpMethod: pulumi.String(\"POST\"),\n\t\t\t\tOidcToken: \u0026cloudscheduler.JobHttpTargetOidcTokenArgs{\n\t\t\t\t\tAudience: function.ServiceConfig.ApplyT(func(serviceConfig cloudfunctionsv2.FunctionServiceConfig) (string, error) {\n\t\t\t\t\t\treturn fmt.Sprintf(\"%v/\", serviceConfig.Uri), nil\n\t\t\t\t\t}).(pulumi.StringOutput),\n\t\t\t\t\tServiceAccountEmail: account.Email,\n\t\t\t\t},\n\t\t\t},\n\t\t})\n\t\tif err != nil {\n\t\t\treturn err\n\t\t}\n\t\treturn nil\n\t})\n}\n```\n```java\npackage generated_program;\n\nimport com.pulumi.Context;\nimport com.pulumi.Pulumi;\nimport com.pulumi.core.Output;\nimport com.pulumi.gcp.serviceaccount.Account;\nimport com.pulumi.gcp.serviceaccount.AccountArgs;\nimport com.pulumi.gcp.storage.Bucket;\nimport com.pulumi.gcp.storage.BucketArgs;\nimport com.pulumi.gcp.storage.BucketObject;\nimport com.pulumi.gcp.storage.BucketObjectArgs;\nimport com.pulumi.gcp.cloudfunctionsv2.Function;\nimport com.pulumi.gcp.cloudfunctionsv2.FunctionArgs;\nimport com.pulumi.gcp.cloudfunctionsv2.inputs.FunctionBuildConfigArgs;\nimport com.pulumi.gcp.cloudfunctionsv2.inputs.FunctionBuildConfigSourceArgs;\nimport com.pulumi.gcp.cloudfunctionsv2.inputs.FunctionBuildConfigSourceStorageSourceArgs;\nimport com.pulumi.gcp.cloudfunctionsv2.inputs.FunctionServiceConfigArgs;\nimport com.pulumi.gcp.cloudfunctionsv2.FunctionIamMember;\nimport com.pulumi.gcp.cloudfunctionsv2.FunctionIamMemberArgs;\nimport com.pulumi.gcp.cloudrun.IamMember;\nimport com.pulumi.gcp.cloudrun.IamMemberArgs;\nimport com.pulumi.gcp.cloudscheduler.Job;\nimport com.pulumi.gcp.cloudscheduler.JobArgs;\nimport com.pulumi.gcp.cloudscheduler.inputs.JobHttpTargetArgs;\nimport com.pulumi.gcp.cloudscheduler.inputs.JobHttpTargetOidcTokenArgs;\nimport com.pulumi.asset.FileAsset;\nimport java.util.List;\nimport java.util.ArrayList;\nimport java.util.Map;\nimport java.io.File;\nimport java.nio.file.Files;\nimport java.nio.file.Paths;\n\npublic class App {\n public static void main(String[] args) {\n Pulumi.run(App::stack);\n }\n\n public static void stack(Context ctx) {\n final var project = \"my-project-name\";\n\n var account = new Account(\"account\", AccountArgs.builder()\n .accountId(\"gcf-sa\")\n .displayName(\"Test Service Account\")\n .build());\n\n var bucket = new Bucket(\"bucket\", BucketArgs.builder()\n .name(String.format(\"%s-gcf-source\", project))\n .location(\"US\")\n .uniformBucketLevelAccess(true)\n .build());\n\n var object = new BucketObject(\"object\", BucketObjectArgs.builder()\n .name(\"function-source.zip\")\n .bucket(bucket.name())\n .source(new FileAsset(\"function-source.zip\"))\n .build());\n\n var function = new Function(\"function\", FunctionArgs.builder()\n .name(\"gcf-function\")\n .location(\"us-central1\")\n .description(\"a new function\")\n .buildConfig(FunctionBuildConfigArgs.builder()\n .runtime(\"nodejs16\")\n .entryPoint(\"helloHttp\")\n .source(FunctionBuildConfigSourceArgs.builder()\n .storageSource(FunctionBuildConfigSourceStorageSourceArgs.builder()\n .bucket(bucket.name())\n .object(object.name())\n .build())\n .build())\n .build())\n .serviceConfig(FunctionServiceConfigArgs.builder()\n .minInstanceCount(1)\n .availableMemory(\"256M\")\n .timeoutSeconds(60)\n .serviceAccountEmail(account.email())\n .build())\n .build());\n\n var invoker = new FunctionIamMember(\"invoker\", FunctionIamMemberArgs.builder()\n .project(function.project())\n .location(function.location())\n .cloudFunction(function.name())\n .role(\"roles/cloudfunctions.invoker\")\n .member(account.email().applyValue(email -\u003e String.format(\"serviceAccount:%s\", email)))\n .build());\n\n var cloudRunInvoker = new IamMember(\"cloudRunInvoker\", IamMemberArgs.builder()\n .project(function.project())\n .location(function.location())\n .service(function.name())\n .role(\"roles/run.invoker\")\n .member(account.email().applyValue(email -\u003e String.format(\"serviceAccount:%s\", email)))\n .build());\n\n var invokeCloudFunction = new Job(\"invokeCloudFunction\", JobArgs.builder()\n .name(\"invoke-gcf-function\")\n .description(\"Schedule the HTTPS trigger for cloud function\")\n .schedule(\"0 0 * * *\")\n .project(function.project())\n .region(function.location())\n .httpTarget(JobHttpTargetArgs.builder()\n .uri(function.serviceConfig().applyValue(serviceConfig -\u003e serviceConfig.uri()))\n .httpMethod(\"POST\")\n .oidcToken(JobHttpTargetOidcTokenArgs.builder()\n .audience(function.serviceConfig().applyValue(serviceConfig -\u003e String.format(\"%s/\", serviceConfig.uri())))\n .serviceAccountEmail(account.email())\n .build())\n .build())\n .build());\n\n }\n}\n```\n```yaml\nresources:\n account:\n type: gcp:serviceaccount:Account\n properties:\n accountId: gcf-sa\n displayName: Test Service Account\n bucket:\n type: gcp:storage:Bucket\n properties:\n name: ${project}-gcf-source\n location: US\n uniformBucketLevelAccess: true\n object:\n type: gcp:storage:BucketObject\n properties:\n name: function-source.zip\n bucket: ${bucket.name}\n source:\n fn::FileAsset: function-source.zip\n function:\n type: gcp:cloudfunctionsv2:Function\n properties:\n name: gcf-function\n location: us-central1\n description: a new function\n buildConfig:\n runtime: nodejs16\n entryPoint: helloHttp\n source:\n storageSource:\n bucket: ${bucket.name}\n object: ${object.name}\n serviceConfig:\n minInstanceCount: 1\n availableMemory: 256M\n timeoutSeconds: 60\n serviceAccountEmail: ${account.email}\n invoker:\n type: gcp:cloudfunctionsv2:FunctionIamMember\n properties:\n project: ${function.project}\n location: ${function.location}\n cloudFunction: ${function.name}\n role: roles/cloudfunctions.invoker\n member: serviceAccount:${account.email}\n cloudRunInvoker:\n type: gcp:cloudrun:IamMember\n name: cloud_run_invoker\n properties:\n project: ${function.project}\n location: ${function.location}\n service: ${function.name}\n role: roles/run.invoker\n member: serviceAccount:${account.email}\n invokeCloudFunction:\n type: gcp:cloudscheduler:Job\n name: invoke_cloud_function\n properties:\n name: invoke-gcf-function\n description: Schedule the HTTPS trigger for cloud function\n schedule: 0 0 * * *\n project: ${function.project}\n region: ${function.location}\n httpTarget:\n uri: ${function.serviceConfig.uri}\n httpMethod: POST\n oidcToken:\n audience: ${function.serviceConfig.uri}/\n serviceAccountEmail: ${account.email}\nvariables:\n project: my-project-name\n```\n\u003c!--End PulumiCodeChooser --\u003e\n### Cloudfunctions2 Basic Gcs\n\n\n\u003c!--Start PulumiCodeChooser --\u003e\n```typescript\nimport * as pulumi from \"@pulumi/pulumi\";\nimport * as gcp from \"@pulumi/gcp\";\n\nconst source_bucket = new gcp.storage.Bucket(\"source-bucket\", {\n name: \"gcf-source-bucket\",\n location: \"US\",\n uniformBucketLevelAccess: true,\n});\nconst object = new gcp.storage.BucketObject(\"object\", {\n name: \"function-source.zip\",\n bucket: source_bucket.name,\n source: new pulumi.asset.FileAsset(\"function-source.zip\"),\n});\nconst trigger_bucket = new gcp.storage.Bucket(\"trigger-bucket\", {\n name: \"gcf-trigger-bucket\",\n location: \"us-central1\",\n uniformBucketLevelAccess: true,\n});\nconst gcsAccount = gcp.storage.getProjectServiceAccount({});\n// To use GCS CloudEvent triggers, the GCS service account requires the Pub/Sub Publisher(roles/pubsub.publisher) IAM role in the specified project.\n// (See https://cloud.google.com/eventarc/docs/run/quickstart-storage#before-you-begin)\nconst gcs_pubsub_publishing = new gcp.projects.IAMMember(\"gcs-pubsub-publishing\", {\n project: \"my-project-name\",\n role: \"roles/pubsub.publisher\",\n member: gcsAccount.then(gcsAccount =\u003e `serviceAccount:${gcsAccount.emailAddress}`),\n});\nconst account = new gcp.serviceaccount.Account(\"account\", {\n accountId: \"gcf-sa\",\n displayName: \"Test Service Account - used for both the cloud function and eventarc trigger in the test\",\n});\n// Permissions on the service account used by the function and Eventarc trigger\nconst invoking = new gcp.projects.IAMMember(\"invoking\", {\n project: \"my-project-name\",\n role: \"roles/run.invoker\",\n member: pulumi.interpolate`serviceAccount:${account.email}`,\n}, {\n dependsOn: [gcs_pubsub_publishing],\n});\nconst event_receiving = new gcp.projects.IAMMember(\"event-receiving\", {\n project: \"my-project-name\",\n role: \"roles/eventarc.eventReceiver\",\n member: pulumi.interpolate`serviceAccount:${account.email}`,\n}, {\n dependsOn: [invoking],\n});\nconst artifactregistry_reader = new gcp.projects.IAMMember(\"artifactregistry-reader\", {\n project: \"my-project-name\",\n role: \"roles/artifactregistry.reader\",\n member: pulumi.interpolate`serviceAccount:${account.email}`,\n}, {\n dependsOn: [event_receiving],\n});\nconst _function = new gcp.cloudfunctionsv2.Function(\"function\", {\n name: \"gcf-function\",\n location: \"us-central1\",\n description: \"a new function\",\n buildConfig: {\n runtime: \"nodejs12\",\n entryPoint: \"entryPoint\",\n environmentVariables: {\n BUILD_CONFIG_TEST: \"build_test\",\n },\n source: {\n storageSource: {\n bucket: source_bucket.name,\n object: object.name,\n },\n },\n },\n serviceConfig: {\n maxInstanceCount: 3,\n minInstanceCount: 1,\n availableMemory: \"256M\",\n timeoutSeconds: 60,\n environmentVariables: {\n SERVICE_CONFIG_TEST: \"config_test\",\n },\n ingressSettings: \"ALLOW_INTERNAL_ONLY\",\n allTrafficOnLatestRevision: true,\n serviceAccountEmail: account.email,\n },\n eventTrigger: {\n eventType: \"google.cloud.storage.object.v1.finalized\",\n retryPolicy: \"RETRY_POLICY_RETRY\",\n serviceAccountEmail: account.email,\n eventFilters: [{\n attribute: \"bucket\",\n value: trigger_bucket.name,\n }],\n },\n}, {\n dependsOn: [\n event_receiving,\n artifactregistry_reader,\n ],\n});\n```\n```python\nimport pulumi\nimport pulumi_gcp as gcp\n\nsource_bucket = gcp.storage.Bucket(\"source-bucket\",\n name=\"gcf-source-bucket\",\n location=\"US\",\n uniform_bucket_level_access=True)\nobject = gcp.storage.BucketObject(\"object\",\n name=\"function-source.zip\",\n bucket=source_bucket.name,\n source=pulumi.FileAsset(\"function-source.zip\"))\ntrigger_bucket = gcp.storage.Bucket(\"trigger-bucket\",\n name=\"gcf-trigger-bucket\",\n location=\"us-central1\",\n uniform_bucket_level_access=True)\ngcs_account = gcp.storage.get_project_service_account()\n# To use GCS CloudEvent triggers, the GCS service account requires the Pub/Sub Publisher(roles/pubsub.publisher) IAM role in the specified project.\n# (See https://cloud.google.com/eventarc/docs/run/quickstart-storage#before-you-begin)\ngcs_pubsub_publishing = gcp.projects.IAMMember(\"gcs-pubsub-publishing\",\n project=\"my-project-name\",\n role=\"roles/pubsub.publisher\",\n member=f\"serviceAccount:{gcs_account.email_address}\")\naccount = gcp.serviceaccount.Account(\"account\",\n account_id=\"gcf-sa\",\n display_name=\"Test Service Account - used for both the cloud function and eventarc trigger in the test\")\n# Permissions on the service account used by the function and Eventarc trigger\ninvoking = gcp.projects.IAMMember(\"invoking\",\n project=\"my-project-name\",\n role=\"roles/run.invoker\",\n member=account.email.apply(lambda email: f\"serviceAccount:{email}\"),\n opts=pulumi.ResourceOptions(depends_on=[gcs_pubsub_publishing]))\nevent_receiving = gcp.projects.IAMMember(\"event-receiving\",\n project=\"my-project-name\",\n role=\"roles/eventarc.eventReceiver\",\n member=account.email.apply(lambda email: f\"serviceAccount:{email}\"),\n opts=pulumi.ResourceOptions(depends_on=[invoking]))\nartifactregistry_reader = gcp.projects.IAMMember(\"artifactregistry-reader\",\n project=\"my-project-name\",\n role=\"roles/artifactregistry.reader\",\n member=account.email.apply(lambda email: f\"serviceAccount:{email}\"),\n opts=pulumi.ResourceOptions(depends_on=[event_receiving]))\nfunction = gcp.cloudfunctionsv2.Function(\"function\",\n name=\"gcf-function\",\n location=\"us-central1\",\n description=\"a new function\",\n build_config=gcp.cloudfunctionsv2.FunctionBuildConfigArgs(\n runtime=\"nodejs12\",\n entry_point=\"entryPoint\",\n environment_variables={\n \"BUILD_CONFIG_TEST\": \"build_test\",\n },\n source=gcp.cloudfunctionsv2.FunctionBuildConfigSourceArgs(\n storage_source=gcp.cloudfunctionsv2.FunctionBuildConfigSourceStorageSourceArgs(\n bucket=source_bucket.name,\n object=object.name,\n ),\n ),\n ),\n service_config=gcp.cloudfunctionsv2.FunctionServiceConfigArgs(\n max_instance_count=3,\n min_instance_count=1,\n available_memory=\"256M\",\n timeout_seconds=60,\n environment_variables={\n \"SERVICE_CONFIG_TEST\": \"config_test\",\n },\n ingress_settings=\"ALLOW_INTERNAL_ONLY\",\n all_traffic_on_latest_revision=True,\n service_account_email=account.email,\n ),\n event_trigger=gcp.cloudfunctionsv2.FunctionEventTriggerArgs(\n event_type=\"google.cloud.storage.object.v1.finalized\",\n retry_policy=\"RETRY_POLICY_RETRY\",\n service_account_email=account.email,\n event_filters=[gcp.cloudfunctionsv2.FunctionEventTriggerEventFilterArgs(\n attribute=\"bucket\",\n value=trigger_bucket.name,\n )],\n ),\n opts=pulumi.ResourceOptions(depends_on=[\n event_receiving,\n artifactregistry_reader,\n ]))\n```\n```csharp\nusing System.Collections.Generic;\nusing System.Linq;\nusing Pulumi;\nusing Gcp = Pulumi.Gcp;\n\nreturn await Deployment.RunAsync(() =\u003e \n{\n var source_bucket = new Gcp.Storage.Bucket(\"source-bucket\", new()\n {\n Name = \"gcf-source-bucket\",\n Location = \"US\",\n UniformBucketLevelAccess = true,\n });\n\n var @object = new Gcp.Storage.BucketObject(\"object\", new()\n {\n Name = \"function-source.zip\",\n Bucket = source_bucket.Name,\n Source = new FileAsset(\"function-source.zip\"),\n });\n\n var trigger_bucket = new Gcp.Storage.Bucket(\"trigger-bucket\", new()\n {\n Name = \"gcf-trigger-bucket\",\n Location = \"us-central1\",\n UniformBucketLevelAccess = true,\n });\n\n var gcsAccount = Gcp.Storage.GetProjectServiceAccount.Invoke();\n\n // To use GCS CloudEvent triggers, the GCS service account requires the Pub/Sub Publisher(roles/pubsub.publisher) IAM role in the specified project.\n // (See https://cloud.google.com/eventarc/docs/run/quickstart-storage#before-you-begin)\n var gcs_pubsub_publishing = new Gcp.Projects.IAMMember(\"gcs-pubsub-publishing\", new()\n {\n Project = \"my-project-name\",\n Role = \"roles/pubsub.publisher\",\n Member = $\"serviceAccount:{gcsAccount.Apply(getProjectServiceAccountResult =\u003e getProjectServiceAccountResult.EmailAddress)}\",\n });\n\n var account = new Gcp.ServiceAccount.Account(\"account\", new()\n {\n AccountId = \"gcf-sa\",\n DisplayName = \"Test Service Account - used for both the cloud function and eventarc trigger in the test\",\n });\n\n // Permissions on the service account used by the function and Eventarc trigger\n var invoking = new Gcp.Projects.IAMMember(\"invoking\", new()\n {\n Project = \"my-project-name\",\n Role = \"roles/run.invoker\",\n Member = account.Email.Apply(email =\u003e $\"serviceAccount:{email}\"),\n }, new CustomResourceOptions\n {\n DependsOn =\n {\n gcs_pubsub_publishing,\n },\n });\n\n var event_receiving = new Gcp.Projects.IAMMember(\"event-receiving\", new()\n {\n Project = \"my-project-name\",\n Role = \"roles/eventarc.eventReceiver\",\n Member = account.Email.Apply(email =\u003e $\"serviceAccount:{email}\"),\n }, new CustomResourceOptions\n {\n DependsOn =\n {\n invoking,\n },\n });\n\n var artifactregistry_reader = new Gcp.Projects.IAMMember(\"artifactregistry-reader\", new()\n {\n Project = \"my-project-name\",\n Role = \"roles/artifactregistry.reader\",\n Member = account.Email.Apply(email =\u003e $\"serviceAccount:{email}\"),\n }, new CustomResourceOptions\n {\n DependsOn =\n {\n event_receiving,\n },\n });\n\n var function = new Gcp.CloudFunctionsV2.Function(\"function\", new()\n {\n Name = \"gcf-function\",\n Location = \"us-central1\",\n Description = \"a new function\",\n BuildConfig = new Gcp.CloudFunctionsV2.Inputs.FunctionBuildConfigArgs\n {\n Runtime = \"nodejs12\",\n EntryPoint = \"entryPoint\",\n EnvironmentVariables = \n {\n { \"BUILD_CONFIG_TEST\", \"build_test\" },\n },\n Source = new Gcp.CloudFunctionsV2.Inputs.FunctionBuildConfigSourceArgs\n {\n StorageSource = new Gcp.CloudFunctionsV2.Inputs.FunctionBuildConfigSourceStorageSourceArgs\n {\n Bucket = source_bucket.Name,\n Object = @object.Name,\n },\n },\n },\n ServiceConfig = new Gcp.CloudFunctionsV2.Inputs.FunctionServiceConfigArgs\n {\n MaxInstanceCount = 3,\n MinInstanceCount = 1,\n AvailableMemory = \"256M\",\n TimeoutSeconds = 60,\n EnvironmentVariables = \n {\n { \"SERVICE_CONFIG_TEST\", \"config_test\" },\n },\n IngressSettings = \"ALLOW_INTERNAL_ONLY\",\n AllTrafficOnLatestRevision = true,\n ServiceAccountEmail = account.Email,\n },\n EventTrigger = new Gcp.CloudFunctionsV2.Inputs.FunctionEventTriggerArgs\n {\n EventType = \"google.cloud.storage.object.v1.finalized\",\n RetryPolicy = \"RETRY_POLICY_RETRY\",\n ServiceAccountEmail = account.Email,\n EventFilters = new[]\n {\n new Gcp.CloudFunctionsV2.Inputs.FunctionEventTriggerEventFilterArgs\n {\n Attribute = \"bucket\",\n Value = trigger_bucket.Name,\n },\n },\n },\n }, new CustomResourceOptions\n {\n DependsOn =\n {\n event_receiving,\n artifactregistry_reader,\n },\n });\n\n});\n```\n```go\npackage main\n\nimport (\n\t\"fmt\"\n\n\t\"github.com/pulumi/pulumi-gcp/sdk/v7/go/gcp/cloudfunctionsv2\"\n\t\"github.com/pulumi/pulumi-gcp/sdk/v7/go/gcp/projects\"\n\t\"github.com/pulumi/pulumi-gcp/sdk/v7/go/gcp/serviceaccount\"\n\t\"github.com/pulumi/pulumi-gcp/sdk/v7/go/gcp/storage\"\n\t\"github.com/pulumi/pulumi/sdk/v3/go/pulumi\"\n)\n\nfunc main() {\n\tpulumi.Run(func(ctx *pulumi.Context) error {\n\t\t_, err := storage.NewBucket(ctx, \"source-bucket\", \u0026storage.BucketArgs{\n\t\t\tName: pulumi.String(\"gcf-source-bucket\"),\n\t\t\tLocation: pulumi.String(\"US\"),\n\t\t\tUniformBucketLevelAccess: pulumi.Bool(true),\n\t\t})\n\t\tif err != nil {\n\t\t\treturn err\n\t\t}\n\t\tobject, err := storage.NewBucketObject(ctx, \"object\", \u0026storage.BucketObjectArgs{\n\t\t\tName: pulumi.String(\"function-source.zip\"),\n\t\t\tBucket: source_bucket.Name,\n\t\t\tSource: pulumi.NewFileAsset(\"function-source.zip\"),\n\t\t})\n\t\tif err != nil {\n\t\t\treturn err\n\t\t}\n\t\t_, err = storage.NewBucket(ctx, \"trigger-bucket\", \u0026storage.BucketArgs{\n\t\t\tName: pulumi.String(\"gcf-trigger-bucket\"),\n\t\t\tLocation: pulumi.String(\"us-central1\"),\n\t\t\tUniformBucketLevelAccess: pulumi.Bool(true),\n\t\t})\n\t\tif err != nil {\n\t\t\treturn err\n\t\t}\n\t\tgcsAccount, err := storage.GetProjectServiceAccount(ctx, nil, nil)\n\t\tif err != nil {\n\t\t\treturn err\n\t\t}\n\t\t// To use GCS CloudEvent triggers, the GCS service account requires the Pub/Sub Publisher(roles/pubsub.publisher) IAM role in the specified project.\n\t\t// (See https://cloud.google.com/eventarc/docs/run/quickstart-storage#before-you-begin)\n\t\t_, err = projects.NewIAMMember(ctx, \"gcs-pubsub-publishing\", \u0026projects.IAMMemberArgs{\n\t\t\tProject: pulumi.String(\"my-project-name\"),\n\t\t\tRole: pulumi.String(\"roles/pubsub.publisher\"),\n\t\t\tMember: pulumi.String(fmt.Sprintf(\"serviceAccount:%v\", gcsAccount.EmailAddress)),\n\t\t})\n\t\tif err != nil {\n\t\t\treturn err\n\t\t}\n\t\taccount, err := serviceaccount.NewAccount(ctx, \"account\", \u0026serviceaccount.AccountArgs{\n\t\t\tAccountId: pulumi.String(\"gcf-sa\"),\n\t\t\tDisplayName: pulumi.String(\"Test Service Account - used for both the cloud function and eventarc trigger in the test\"),\n\t\t})\n\t\tif err != nil {\n\t\t\treturn err\n\t\t}\n\t\t// Permissions on the service account used by the function and Eventarc trigger\n\t\tinvoking, err := projects.NewIAMMember(ctx, \"invoking\", \u0026projects.IAMMemberArgs{\n\t\t\tProject: pulumi.String(\"my-project-name\"),\n\t\t\tRole: pulumi.String(\"roles/run.invoker\"),\n\t\t\tMember: account.Email.ApplyT(func(email string) (string, error) {\n\t\t\t\treturn fmt.Sprintf(\"serviceAccount:%v\", email), nil\n\t\t\t}).(pulumi.StringOutput),\n\t\t}, pulumi.DependsOn([]pulumi.Resource{\n\t\t\tgcs_pubsub_publishing,\n\t\t}))\n\t\tif err != nil {\n\t\t\treturn err\n\t\t}\n\t\t_, err = projects.NewIAMMember(ctx, \"event-receiving\", \u0026projects.IAMMemberArgs{\n\t\t\tProject: pulumi.String(\"my-project-name\"),\n\t\t\tRole: pulumi.String(\"roles/eventarc.eventReceiver\"),\n\t\t\tMember: account.Email.ApplyT(func(email string) (string, error) {\n\t\t\t\treturn fmt.Sprintf(\"serviceAccount:%v\", email), nil\n\t\t\t}).(pulumi.StringOutput),\n\t\t}, pulumi.DependsOn([]pulumi.Resource{\n\t\t\tinvoking,\n\t\t}))\n\t\tif err != nil {\n\t\t\treturn err\n\t\t}\n\t\t_, err = projects.NewIAMMember(ctx, \"artifactregistry-reader\", \u0026projects.IAMMemberArgs{\n\t\t\tProject: pulumi.String(\"my-project-name\"),\n\t\t\tRole: pulumi.String(\"roles/artifactregistry.reader\"),\n\t\t\tMember: account.Email.ApplyT(func(email string) (string, error) {\n\t\t\t\treturn fmt.Sprintf(\"serviceAccount:%v\", email), nil\n\t\t\t}).(pulumi.StringOutput),\n\t\t}, pulumi.DependsOn([]pulumi.Resource{\n\t\t\tevent_receiving,\n\t\t}))\n\t\tif err != nil {\n\t\t\treturn err\n\t\t}\n\t\t_, err = cloudfunctionsv2.NewFunction(ctx, \"function\", \u0026cloudfunctionsv2.FunctionArgs{\n\t\t\tName: pulumi.String(\"gcf-function\"),\n\t\t\tLocation: pulumi.String(\"us-central1\"),\n\t\t\tDescription: pulumi.String(\"a new function\"),\n\t\t\tBuildConfig: \u0026cloudfunctionsv2.FunctionBuildConfigArgs{\n\t\t\t\tRuntime: pulumi.String(\"nodejs12\"),\n\t\t\t\tEntryPoint: pulumi.String(\"entryPoint\"),\n\t\t\t\tEnvironmentVariables: pulumi.StringMap{\n\t\t\t\t\t\"BUILD_CONFIG_TEST\": pulumi.String(\"build_test\"),\n\t\t\t\t},\n\t\t\t\tSource: \u0026cloudfunctionsv2.FunctionBuildConfigSourceArgs{\n\t\t\t\t\tStorageSource: \u0026cloudfunctionsv2.FunctionBuildConfigSourceStorageSourceArgs{\n\t\t\t\t\t\tBucket: source_bucket.Name,\n\t\t\t\t\t\tObject: object.Name,\n\t\t\t\t\t},\n\t\t\t\t},\n\t\t\t},\n\t\t\tServiceConfig: \u0026cloudfunctionsv2.FunctionServiceConfigArgs{\n\t\t\t\tMaxInstanceCount: pulumi.Int(3),\n\t\t\t\tMinInstanceCount: pulumi.Int(1),\n\t\t\t\tAvailableMemory: pulumi.String(\"256M\"),\n\t\t\t\tTimeoutSeconds: pulumi.Int(60),\n\t\t\t\tEnvironmentVariables: pulumi.StringMap{\n\t\t\t\t\t\"SERVICE_CONFIG_TEST\": pulumi.String(\"config_test\"),\n\t\t\t\t},\n\t\t\t\tIngressSettings: pulumi.String(\"ALLOW_INTERNAL_ONLY\"),\n\t\t\t\tAllTrafficOnLatestRevision: pulumi.Bool(true),\n\t\t\t\tServiceAccountEmail: account.Email,\n\t\t\t},\n\t\t\tEventTrigger: \u0026cloudfunctionsv2.FunctionEventTriggerArgs{\n\t\t\t\tEventType: pulumi.String(\"google.cloud.storage.object.v1.finalized\"),\n\t\t\t\tRetryPolicy: pulumi.String(\"RETRY_POLICY_RETRY\"),\n\t\t\t\tServiceAccountEmail: account.Email,\n\t\t\t\tEventFilters: cloudfunctionsv2.FunctionEventTriggerEventFilterArray{\n\t\t\t\t\t\u0026cloudfunctionsv2.FunctionEventTriggerEventFilterArgs{\n\t\t\t\t\t\tAttribute: pulumi.String(\"bucket\"),\n\t\t\t\t\t\tValue: trigger_bucket.Name,\n\t\t\t\t\t},\n\t\t\t\t},\n\t\t\t},\n\t\t}, pulumi.DependsOn([]pulumi.Resource{\n\t\t\tevent_receiving,\n\t\t\tartifactregistry_reader,\n\t\t}))\n\t\tif err != nil {\n\t\t\treturn err\n\t\t}\n\t\treturn nil\n\t})\n}\n```\n```java\npackage generated_program;\n\nimport com.pulumi.Context;\nimport com.pulumi.Pulumi;\nimport com.pulumi.core.Output;\nimport com.pulumi.gcp.storage.Bucket;\nimport com.pulumi.gcp.storage.BucketArgs;\nimport com.pulumi.gcp.storage.BucketObject;\nimport com.pulumi.gcp.storage.BucketObjectArgs;\nimport com.pulumi.gcp.storage.StorageFunctions;\nimport com.pulumi.gcp.storage.inputs.GetProjectServiceAccountArgs;\nimport com.pulumi.gcp.projects.IAMMember;\nimport com.pulumi.gcp.projects.IAMMemberArgs;\nimport com.pulumi.gcp.serviceaccount.Account;\nimport com.pulumi.gcp.serviceaccount.AccountArgs;\nimport com.pulumi.gcp.cloudfunctionsv2.Function;\nimport com.pulumi.gcp.cloudfunctionsv2.FunctionArgs;\nimport com.pulumi.gcp.cloudfunctionsv2.inputs.FunctionBuildConfigArgs;\nimport com.pulumi.gcp.cloudfunctionsv2.inputs.FunctionBuildConfigSourceArgs;\nimport com.pulumi.gcp.cloudfunctionsv2.inputs.FunctionBuildConfigSourceStorageSourceArgs;\nimport com.pulumi.gcp.cloudfunctionsv2.inputs.FunctionServiceConfigArgs;\nimport com.pulumi.gcp.cloudfunctionsv2.inputs.FunctionEventTriggerArgs;\nimport com.pulumi.resources.CustomResourceOptions;\nimport com.pulumi.asset.FileAsset;\nimport java.util.List;\nimport java.util.ArrayList;\nimport java.util.Map;\nimport java.io.File;\nimport java.nio.file.Files;\nimport java.nio.file.Paths;\n\npublic class App {\n public static void main(String[] args) {\n Pulumi.run(App::stack);\n }\n\n public static void stack(Context ctx) {\n var source_bucket = new Bucket(\"source-bucket\", BucketArgs.builder()\n .name(\"gcf-source-bucket\")\n .location(\"US\")\n .uniformBucketLevelAccess(true)\n .build());\n\n var object = new BucketObject(\"object\", BucketObjectArgs.builder()\n .name(\"function-source.zip\")\n .bucket(source_bucket.name())\n .source(new FileAsset(\"function-source.zip\"))\n .build());\n\n var trigger_bucket = new Bucket(\"trigger-bucket\", BucketArgs.builder()\n .name(\"gcf-trigger-bucket\")\n .location(\"us-central1\")\n .uniformBucketLevelAccess(true)\n .build());\n\n final var gcsAccount = StorageFunctions.getProjectServiceAccount();\n\n // To use GCS CloudEvent triggers, the GCS service account requires the Pub/Sub Publisher(roles/pubsub.publisher) IAM role in the specified project.\n // (See https://cloud.google.com/eventarc/docs/run/quickstart-storage#before-you-begin)\n var gcs_pubsub_publishing = new IAMMember(\"gcs-pubsub-publishing\", IAMMemberArgs.builder()\n .project(\"my-project-name\")\n .role(\"roles/pubsub.publisher\")\n .member(String.format(\"serviceAccount:%s\", gcsAccount.applyValue(getProjectServiceAccountResult -\u003e getProjectServiceAccountResult.emailAddress())))\n .build());\n\n var account = new Account(\"account\", AccountArgs.builder()\n .accountId(\"gcf-sa\")\n .displayName(\"Test Service Account - used for both the cloud function and eventarc trigger in the test\")\n .build());\n\n // Permissions on the service account used by the function and Eventarc trigger\n var invoking = new IAMMember(\"invoking\", IAMMemberArgs.builder()\n .project(\"my-project-name\")\n .role(\"roles/run.invoker\")\n .member(account.email().applyValue(email -\u003e String.format(\"serviceAccount:%s\", email)))\n .build(), CustomResourceOptions.builder()\n .dependsOn(gcs_pubsub_publishing)\n .build());\n\n var event_receiving = new IAMMember(\"event-receiving\", IAMMemberArgs.builder()\n .project(\"my-project-name\")\n .role(\"roles/eventarc.eventReceiver\")\n .member(account.email().applyValue(email -\u003e String.format(\"serviceAccount:%s\", email)))\n .build(), CustomResourceOptions.builder()\n .dependsOn(invoking)\n .build());\n\n var artifactregistry_reader = new IAMMember(\"artifactregistry-reader\", IAMMemberArgs.builder()\n .project(\"my-project-name\")\n .role(\"roles/artifactregistry.reader\")\n .member(account.email().applyValue(email -\u003e String.format(\"serviceAccount:%s\", email)))\n .build(), CustomResourceOptions.builder()\n .dependsOn(event_receiving)\n .build());\n\n var function = new Function(\"function\", FunctionArgs.builder()\n .name(\"gcf-function\")\n .location(\"us-central1\")\n .description(\"a new function\")\n .buildConfig(FunctionBuildConfigArgs.builder()\n .runtime(\"nodejs12\")\n .entryPoint(\"entryPoint\")\n .environmentVariables(Map.of(\"BUILD_CONFIG_TEST\", \"build_test\"))\n .source(FunctionBuildConfigSourceArgs.builder()\n .storageSource(FunctionBuildConfigSourceStorageSourceArgs.builder()\n .bucket(source_bucket.name())\n .object(object.name())\n .build())\n .build())\n .build())\n .serviceConfig(FunctionServiceConfigArgs.builder()\n .maxInstanceCount(3)\n .minInstanceCount(1)\n .availableMemory(\"256M\")\n .timeoutSeconds(60)\n .environmentVariables(Map.of(\"SERVICE_CONFIG_TEST\", \"config_test\"))\n .ingressSettings(\"ALLOW_INTERNAL_ONLY\")\n .allTrafficOnLatestRevision(true)\n .serviceAccountEmail(account.email())\n .build())\n .eventTrigger(FunctionEventTriggerArgs.builder()\n .eventType(\"google.cloud.storage.object.v1.finalized\")\n .retryPolicy(\"RETRY_POLICY_RETRY\")\n .serviceAccountEmail(account.email())\n .eventFilters(FunctionEventTriggerEventFilterArgs.builder()\n .attribute(\"bucket\")\n .value(trigger_bucket.name())\n .build())\n .build())\n .build(), CustomResourceOptions.builder()\n .dependsOn( \n event_receiving,\n artifactregistry_reader)\n .build());\n\n }\n}\n```\n```yaml\nresources:\n source-bucket:\n type: gcp:storage:Bucket\n properties:\n name: gcf-source-bucket\n location: US\n uniformBucketLevelAccess: true\n object:\n type: gcp:storage:BucketObject\n properties:\n name: function-source.zip\n bucket: ${[\"source-bucket\"].name}\n source:\n fn::FileAsset: function-source.zip\n trigger-bucket:\n type: gcp:storage:Bucket\n properties:\n name: gcf-trigger-bucket\n location: us-central1\n uniformBucketLevelAccess: true\n # To use GCS CloudEvent triggers, the GCS service account requires the Pub/Sub Publisher(roles/pubsub.publisher) IAM role in the specified project.\n # (See https://cloud.google.com/eventarc/docs/run/quickstart-storage#before-you-begin)\n gcs-pubsub-publishing:\n type: gcp:projects:IAMMember\n properties:\n project: my-project-name\n role: roles/pubsub.publisher\n member: serviceAccount:${gcsAccount.emailAddress}\n account:\n type: gcp:serviceaccount:Account\n properties:\n accountId: gcf-sa\n displayName: Test Service Account - used for both the cloud function and eventarc trigger in the test\n # Permissions on the service account used by the function and Eventarc trigger\n invoking:\n type: gcp:projects:IAMMember\n properties:\n project: my-project-name\n role: roles/run.invoker\n member: serviceAccount:${account.email}\n options:\n dependson:\n - ${[\"gcs-pubsub-publishing\"]}\n event-receiving:\n type: gcp:projects:IAMMember\n properties:\n project: my-project-name\n role: roles/eventarc.eventReceiver\n member: serviceAccount:${account.email}\n options:\n dependson:\n - ${invoking}\n artifactregistry-reader:\n type: gcp:projects:IAMMember\n properties:\n project: my-project-name\n role: roles/artifactregistry.reader\n member: serviceAccount:${account.email}\n options:\n dependson:\n - ${[\"event-receiving\"]}\n function:\n type: gcp:cloudfunctionsv2:Function\n properties:\n name: gcf-function\n location: us-central1\n description: a new function\n buildConfig:\n runtime: nodejs12\n entryPoint: entryPoint\n environmentVariables:\n BUILD_CONFIG_TEST: build_test\n source:\n storageSource:\n bucket: ${[\"source-bucket\"].name}\n object: ${object.name}\n serviceConfig:\n maxInstanceCount: 3\n minInstanceCount: 1\n availableMemory: 256M\n timeoutSeconds: 60\n environmentVariables:\n SERVICE_CONFIG_TEST: config_test\n ingressSettings: ALLOW_INTERNAL_ONLY\n allTrafficOnLatestRevision: true\n serviceAccountEmail: ${account.email}\n eventTrigger:\n eventType: google.cloud.storage.object.v1.finalized\n retryPolicy: RETRY_POLICY_RETRY\n serviceAccountEmail: ${account.email}\n eventFilters:\n - attribute: bucket\n value: ${[\"trigger-bucket\"].name}\n options:\n dependson:\n - ${[\"event-receiving\"]}\n - ${[\"artifactregistry-reader\"]}\nvariables:\n gcsAccount:\n fn::invoke:\n Function: gcp:storage:getProjectServiceAccount\n Arguments: {}\n```\n\u003c!--End PulumiCodeChooser --\u003e\n### Cloudfunctions2 Basic Auditlogs\n\n\n\u003c!--Start PulumiCodeChooser --\u003e\n```typescript\nimport * as pulumi from \"@pulumi/pulumi\";\nimport * as gcp from \"@pulumi/gcp\";\n\n// This example follows the examples shown in this Google Cloud Community blog post\n// https://medium.com/google-cloud/applying-a-path-pattern-when-filtering-in-eventarc-f06b937b4c34\n// and the docs:\n// https://cloud.google.com/eventarc/docs/path-patterns\nconst source_bucket = new gcp.storage.Bucket(\"source-bucket\", {\n name: \"gcf-source-bucket\",\n location: \"US\",\n uniformBucketLevelAccess: true,\n});\nconst object = new gcp.storage.BucketObject(\"object\", {\n name: \"function-source.zip\",\n bucket: source_bucket.name,\n source: new pulumi.asset.FileAsset(\"function-source.zip\"),\n});\nconst account = new gcp.serviceaccount.Account(\"account\", {\n accountId: \"gcf-sa\",\n displayName: \"Test Service Account - used for both the cloud function and eventarc trigger in the test\",\n});\n// Note: The right way of listening for Cloud Storage events is to use a Cloud Storage trigger.\n// Here we use Audit Logs to monitor the bucket so path patterns can be used in the example of\n// google_cloudfunctions2_function below (Audit Log events have path pattern support)\nconst audit_log_bucket = new gcp.storage.Bucket(\"audit-log-bucket\", {\n name: \"gcf-auditlog-bucket\",\n location: \"us-central1\",\n uniformBucketLevelAccess: true,\n});\n// Permissions on the service account used by the function and Eventarc trigger\nconst invoking = new gcp.projects.IAMMember(\"invoking\", {\n project: \"my-project-name\",\n role: \"roles/run.invoker\",\n member: pulumi.interpolate`serviceAccount:${account.email}`,\n});\nconst event_receiving = new gcp.projects.IAMMember(\"event-receiving\", {\n project: \"my-project-name\",\n role: \"roles/eventarc.eventReceiver\",\n member: pulumi.interpolate`serviceAccount:${account.email}`,\n}, {\n dependsOn: [invoking],\n});\nconst artifactregistry_reader = new gcp.projects.IAMMember(\"artifactregistry-reader\", {\n project: \"my-project-name\",\n role: \"roles/artifactregistry.reader\",\n member: pulumi.interpolate`serviceAccount:${account.email}`,\n}, {\n dependsOn: [event_receiving],\n});\nconst _function = new gcp.cloudfunctionsv2.Function(\"function\", {\n name: \"gcf-function\",\n location: \"us-central1\",\n description: \"a new function\",\n buildConfig: {\n runtime: \"nodejs12\",\n entryPoint: \"entryPoint\",\n environmentVariables: {\n BUILD_CONFIG_TEST: \"build_test\",\n },\n source: {\n storageSource: {\n bucket: source_bucket.name,\n object: object.name,\n },\n },\n },\n serviceConfig: {\n maxInstanceCount: 3,\n minInstanceCount: 1,\n availableMemory: \"256M\",\n timeoutSeconds: 60,\n environmentVariables: {\n SERVICE_CONFIG_TEST: \"config_test\",\n },\n ingressSettings: \"ALLOW_INTERNAL_ONLY\",\n allTrafficOnLatestRevision: true,\n serviceAccountEmail: account.email,\n },\n eventTrigger: {\n triggerRegion: \"us-central1\",\n eventType: \"google.cloud.audit.log.v1.written\",\n retryPolicy: \"RETRY_POLICY_RETRY\",\n serviceAccountEmail: account.email,\n eventFilters: [\n {\n attribute: \"serviceName\",\n value: \"storage.googleapis.com\",\n },\n {\n attribute: \"methodName\",\n value: \"storage.objects.create\",\n },\n {\n attribute: \"resourceName\",\n value: pulumi.interpolate`/projects/_/buckets/${audit_log_bucket.name}/objects/*.txt`,\n operator: \"match-path-pattern\",\n },\n ],\n },\n}, {\n dependsOn: [\n event_receiving,\n artifactregistry_reader,\n ],\n});\n```\n```python\nimport pulumi\nimport pulumi_gcp as gcp\n\n# This example follows the examples shown in this Google Cloud Community blog post\n# https://medium.com/google-cloud/applying-a-path-pattern-when-filtering-in-eventarc-f06b937b4c34\n# and the docs:\n# https://cloud.google.com/eventarc/docs/path-patterns\nsource_bucket = gcp.storage.Bucket(\"source-bucket\",\n name=\"gcf-source-bucket\",\n location=\"US\",\n uniform_bucket_level_access=True)\nobject = gcp.storage.BucketObject(\"object\",\n name=\"function-source.zip\",\n bucket=source_bucket.name,\n source=pulumi.FileAsset(\"function-source.zip\"))\naccount = gcp.serviceaccount.Account(\"account\",\n account_id=\"gcf-sa\",\n display_name=\"Test Service Account - used for both the cloud function and eventarc trigger in the test\")\n# Note: The right way of listening for Cloud Storage events is to use a Cloud Storage trigger.\n# Here we use Audit Logs to monitor the bucket so path patterns can be used in the example of\n# google_cloudfunctions2_function below (Audit Log events have path pattern support)\naudit_log_bucket = gcp.storage.Bucket(\"audit-log-bucket\",\n name=\"gcf-auditlog-bucket\",\n location=\"us-central1\",\n uniform_bucket_level_access=True)\n# Permissions on the service account used by the function and Eventarc trigger\ninvoking = gcp.projects.IAMMember(\"invoking\",\n project=\"my-project-name\",\n role=\"roles/run.invoker\",\n member=account.email.apply(lambda email: f\"serviceAccount:{email}\"))\nevent_receiving = gcp.projects.IAMMember(\"event-receiving\",\n project=\"my-project-name\",\n role=\"roles/eventarc.eventReceiver\",\n member=account.email.apply(lambda email: f\"serviceAccount:{email}\"),\n opts=pulumi.ResourceOptions(depends_on=[invoking]))\nartifactregistry_reader = gcp.projects.IAMMember(\"artifactregistry-reader\",\n project=\"my-project-name\",\n role=\"roles/artifactregistry.reader\",\n member=account.email.apply(lambda email: f\"serviceAccount:{email}\"),\n opts=pulumi.ResourceOptions(depends_on=[event_receiving]))\nfunction = gcp.cloudfunctionsv2.Function(\"function\",\n name=\"gcf-function\",\n location=\"us-central1\",\n description=\"a new function\",\n build_config=gcp.cloudfunctionsv2.FunctionBuildConfigArgs(\n runtime=\"nodejs12\",\n entry_point=\"entryPoint\",\n environment_variables={\n \"BUILD_CONFIG_TEST\": \"build_test\",\n },\n source=gcp.cloudfunctionsv2.FunctionBuildConfigSourceArgs(\n storage_source=gcp.cloudfunctionsv2.FunctionBuildConfigSourceStorageSourceArgs(\n bucket=source_bucket.name,\n object=object.name,\n ),\n ),\n ),\n service_config=gcp.cloudfunctionsv2.FunctionServiceConfigArgs(\n max_instance_count=3,\n min_instance_count=1,\n available_memory=\"256M\",\n timeout_seconds=60,\n environment_variables={\n \"SERVICE_CONFIG_TEST\": \"config_test\",\n },\n ingress_settings=\"ALLOW_INTERNAL_ONLY\",\n all_traffic_on_latest_revision=True,\n service_account_email=account.email,\n ),\n event_trigger=gcp.cloudfunctionsv2.FunctionEventTriggerArgs(\n trigger_region=\"us-central1\",\n event_type=\"google.cloud.audit.log.v1.written\",\n retry_policy=\"RETRY_POLICY_RETRY\",\n service_account_email=account.email,\n event_filters=[\n gcp.cloudfunctionsv2.FunctionEventTriggerEventFilterArgs(\n attribute=\"serviceName\",\n value=\"storage.googleapis.com\",\n ),\n gcp.cloudfunctionsv2.FunctionEventTriggerEventFilterArgs(\n attribute=\"methodName\",\n value=\"storage.objects.create\",\n ),\n gcp.cloudfunctionsv2.FunctionEventTriggerEventFilterArgs(\n attribute=\"resourceName\",\n value=audit_log_bucket.name.apply(lambda name: f\"/projects/_/buckets/{name}/objects/*.txt\"),\n operator=\"match-path-pattern\",\n ),\n ],\n ),\n opts=pulumi.ResourceOptions(depends_on=[\n event_receiving,\n artifactregistry_reader,\n ]))\n```\n```csharp\nusing System.Collections.Generic;\nusing System.Linq;\nusing Pulumi;\nusing Gcp = Pulumi.Gcp;\n\nreturn await Deployment.RunAsync(() =\u003e \n{\n // This example follows the examples shown in this Google Cloud Community blog post\n // https://medium.com/google-cloud/applying-a-path-pattern-when-filtering-in-eventarc-f06b937b4c34\n // and the docs:\n // https://cloud.google.com/eventarc/docs/path-patterns\n var source_bucket = new Gcp.Storage.Bucket(\"source-bucket\", new()\n {\n Name = \"gcf-source-bucket\",\n Location = \"US\",\n UniformBucketLevelAccess = true,\n });\n\n var @object = new Gcp.Storage.BucketObject(\"object\", new()\n {\n Name = \"function-source.zip\",\n Bucket = source_bucket.Name,\n Source = new FileAsset(\"function-source.zip\"),\n });\n\n var account = new Gcp.ServiceAccount.Account(\"account\", new()\n {\n AccountId = \"gcf-sa\",\n DisplayName = \"Test Service Account - used for both the cloud function and eventarc trigger in the test\",\n });\n\n // Note: The right way of listening for Cloud Storage events is to use a Cloud Storage trigger.\n // Here we use Audit Logs to monitor the bucket so path patterns can be used in the example of\n // google_cloudfunctions2_function below (Audit Log events have path pattern support)\n var audit_log_bucket = new Gcp.Storage.Bucket(\"audit-log-bucket\", new()\n {\n Name = \"gcf-auditlog-bucket\",\n Location = \"us-central1\",\n UniformBucketLevelAccess = true,\n });\n\n // Permissions on the service account used by the function and Eventarc trigger\n var invoking = new Gcp.Projects.IAMMember(\"invoking\", new()\n {\n Project = \"my-project-name\",\n Role = \"roles/run.invoker\",\n Member = account.Email.Apply(email =\u003e $\"serviceAccount:{email}\"),\n });\n\n var event_receiving = new Gcp.Projects.IAMMember(\"event-receiving\", new()\n {\n Project = \"my-project-name\",\n Role = \"roles/eventarc.eventReceiver\",\n Member = account.Email.Apply(email =\u003e $\"serviceAccount:{email}\"),\n }, new CustomResourceOptions\n {\n DependsOn =\n {\n invoking,\n },\n });\n\n var artifactregistry_reader = new Gcp.Projects.IAMMember(\"artifactregistry-reader\", new()\n {\n Project = \"my-project-name\",\n Role = \"roles/artifactregistry.reader\",\n Member = account.Email.Apply(email =\u003e $\"serviceAccount:{email}\"),\n }, new CustomResourceOptions\n {\n DependsOn =\n {\n event_receiving,\n },\n });\n\n var function = new Gcp.CloudFunctionsV2.Function(\"function\", new()\n {\n Name = \"gcf-function\",\n Location = \"us-central1\",\n Description = \"a new function\",\n BuildConfig = new Gcp.CloudFunctionsV2.Inputs.FunctionBuildConfigArgs\n {\n Runtime = \"nodejs12\",\n EntryPoint = \"entryPoint\",\n EnvironmentVariables = \n {\n { \"BUILD_CONFIG_TEST\", \"build_test\" },\n },\n Source = new Gcp.CloudFunctionsV2.Inputs.FunctionBuildConfigSourceArgs\n {\n StorageSource = new Gcp.CloudFunctionsV2.Inputs.FunctionBuildConfigSourceStorageSourceArgs\n {\n Bucket = source_bucket.Name,\n Object = @object.Name,\n },\n },\n },\n ServiceConfig = new Gcp.CloudFunctionsV2.Inputs.FunctionServiceConfigArgs\n {\n MaxInstanceCount = 3,\n MinInstanceCount = 1,\n AvailableMemory = \"256M\",\n TimeoutSeconds = 60,\n EnvironmentVariables = \n {\n { \"SERVICE_CONFIG_TEST\", \"config_test\" },\n },\n IngressSettings = \"ALLOW_INTERNAL_ONLY\",\n AllTrafficOnLatestRevision = true,\n ServiceAccountEmail = account.Email,\n },\n EventTrigger = new Gcp.CloudFunctionsV2.Inputs.FunctionEventTriggerArgs\n {\n TriggerRegion = \"us-central1\",\n EventType = \"google.cloud.audit.log.v1.written\",\n RetryPolicy = \"RETRY_POLICY_RETRY\",\n ServiceAccountEmail = account.Email,\n EventFilters = new[]\n {\n new Gcp.CloudFunctionsV2.Inputs.FunctionEventTriggerEventFilterArgs\n {\n Attribute = \"serviceName\",\n Value = \"storage.googleapis.com\",\n },\n new Gcp.CloudFunctionsV2.Inputs.FunctionEventTriggerEventFilterArgs\n {\n Attribute = \"methodName\",\n Value = \"storage.objects.create\",\n },\n new Gcp.CloudFunctionsV2.Inputs.FunctionEventTriggerEventFilterArgs\n {\n Attribute = \"resourceName\",\n Value = audit_log_bucket.Name.Apply(name =\u003e $\"/projects/_/buckets/{name}/objects/*.txt\"),\n Operator = \"match-path-pattern\",\n },\n },\n },\n }, new CustomResourceOptions\n {\n DependsOn =\n {\n event_receiving,\n artifactregistry_reader,\n },\n });\n\n});\n```\n```go\npackage main\n\nimport (\n\t\"fmt\"\n\n\t\"github.com/pulumi/pulumi-gcp/sdk/v7/go/gcp/cloudfunctionsv2\"\n\t\"github.com/pulumi/pulumi-gcp/sdk/v7/go/gcp/projects\"\n\t\"github.com/pulumi/pulumi-gcp/sdk/v7/go/gcp/serviceaccount\"\n\t\"github.com/pulumi/pulumi-gcp/sdk/v7/go/gcp/storage\"\n\t\"github.com/pulumi/pulumi/sdk/v3/go/pulumi\"\n)\n\nfunc main() {\n\tpulumi.Run(func(ctx *pulumi.Context) error {\n\t\t// This example follows the examples shown in this Google Cloud Community blog post\n\t\t// https://medium.com/google-cloud/applying-a-path-pattern-when-filtering-in-eventarc-f06b937b4c34\n\t\t// and the docs:\n\t\t// https://cloud.google.com/eventarc/docs/path-patterns\n\t\t_, err := storage.NewBucket(ctx, \"source-bucket\", \u0026storage.BucketArgs{\n\t\t\tName: pulumi.String(\"gcf-source-bucket\"),\n\t\t\tLocation: pulumi.String(\"US\"),\n\t\t\tUniformBucketLevelAccess: pulumi.Bool(true),\n\t\t})\n\t\tif err != nil {\n\t\t\treturn err\n\t\t}\n\t\tobject, err := storage.NewBucketObject(ctx, \"object\", \u0026storage.BucketObjectArgs{\n\t\t\tName: pulumi.String(\"function-source.zip\"),\n\t\t\tBucket: source_bucket.Name,\n\t\t\tSource: pulumi.NewFileAsset(\"function-source.zip\"),\n\t\t})\n\t\tif err != nil {\n\t\t\treturn err\n\t\t}\n\t\taccount, err := serviceaccount.NewAccount(ctx, \"account\", \u0026serviceaccount.AccountArgs{\n\t\t\tAccountId: pulumi.String(\"gcf-sa\"),\n\t\t\tDisplayName: pulumi.String(\"Test Service Account - used for both the cloud function and eventarc trigger in the test\"),\n\t\t})\n\t\tif err != nil {\n\t\t\treturn err\n\t\t}\n\t\t// Note: The right way of listening for Cloud Storage events is to use a Cloud Storage trigger.\n\t\t// Here we use Audit Logs to monitor the bucket so path patterns can be used in the example of\n\t\t// google_cloudfunctions2_function below (Audit Log events have path pattern support)\n\t\t_, err = storage.NewBucket(ctx, \"audit-log-bucket\", \u0026storage.BucketArgs{\n\t\t\tName: pulumi.String(\"gcf-auditlog-bucket\"),\n\t\t\tLocation: pulumi.String(\"us-central1\"),\n\t\t\tUniformBucketLevelAccess: pulumi.Bool(true),\n\t\t})\n\t\tif err != nil {\n\t\t\treturn err\n\t\t}\n\t\t// Permissions on the service account used by the function and Eventarc trigger\n\t\tinvoking, err := projects.NewIAMMember(ctx, \"invoking\", \u0026projects.IAMMemberArgs{\n\t\t\tProject: pulumi.String(\"my-project-name\"),\n\t\t\tRole: pulumi.String(\"roles/run.invoker\"),\n\t\t\tMember: account.Email.ApplyT(func(email string) (string, error) {\n\t\t\t\treturn fmt.Sprintf(\"serviceAccount:%v\", email), nil\n\t\t\t}).(pulumi.StringOutput),\n\t\t})\n\t\tif err != nil {\n\t\t\treturn err\n\t\t}\n\t\t_, err = projects.NewIAMMember(ctx, \"event-receiving\", \u0026projects.IAMMemberArgs{\n\t\t\tProject: pulumi.String(\"my-project-name\"),\n\t\t\tRole: pulumi.String(\"roles/eventarc.eventReceiver\"),\n\t\t\tMember: account.Email.ApplyT(func(email string) (string, error) {\n\t\t\t\treturn fmt.Sprintf(\"serviceAccount:%v\", email), nil\n\t\t\t}).(pulumi.StringOutput),\n\t\t}, pulumi.DependsOn([]pulumi.Resource{\n\t\t\tinvoking,\n\t\t}))\n\t\tif err != nil {\n\t\t\treturn err\n\t\t}\n\t\t_, err = projects.NewIAMMember(ctx, \"artifactregistry-reader\", \u0026projects.IAMMemberArgs{\n\t\t\tProject: pulumi.String(\"my-project-name\"),\n\t\t\tRole: pulumi.String(\"roles/artifactregistry.reader\"),\n\t\t\tMember: account.Email.ApplyT(func(email string) (string, error) {\n\t\t\t\treturn fmt.Sprintf(\"serviceAccount:%v\", email), nil\n\t\t\t}).(pulumi.StringOutput),\n\t\t}, pulumi.DependsOn([]pulumi.Resource{\n\t\t\tevent_receiving,\n\t\t}))\n\t\tif err != nil {\n\t\t\treturn err\n\t\t}\n\t\t_, err = cloudfunctionsv2.NewFunction(ctx, \"function\", \u0026cloudfunctionsv2.FunctionArgs{\n\t\t\tName: pulumi.String(\"gcf-function\"),\n\t\t\tLocation: pulumi.String(\"us-central1\"),\n\t\t\tDescription: pulumi.String(\"a new function\"),\n\t\t\tBuildConfig: \u0026cloudfunctionsv2.FunctionBuildConfigArgs{\n\t\t\t\tRuntime: pulumi.String(\"nodejs12\"),\n\t\t\t\tEntryPoint: pulumi.String(\"entryPoint\"),\n\t\t\t\tEnvironmentVariables: pulumi.StringMap{\n\t\t\t\t\t\"BUILD_CONFIG_TEST\": pulumi.String(\"build_test\"),\n\t\t\t\t},\n\t\t\t\tSource: \u0026cloudfunctionsv2.FunctionBuildConfigSourceArgs{\n\t\t\t\t\tStorageSource: \u0026cloudfunctionsv2.FunctionBuildConfigSourceStorageSourceArgs{\n\t\t\t\t\t\tBucket: source_bucket.Name,\n\t\t\t\t\t\tObject: object.Name,\n\t\t\t\t\t},\n\t\t\t\t},\n\t\t\t},\n\t\t\tServiceConfig: \u0026cloudfunctionsv2.FunctionServiceConfigArgs{\n\t\t\t\tMaxInstanceCount: pulumi.Int(3),\n\t\t\t\tMinInstanceCount: pulumi.Int(1),\n\t\t\t\tAvailableMemory: pulumi.String(\"256M\"),\n\t\t\t\tTimeoutSeconds: pulumi.Int(60),\n\t\t\t\tEnvironmentVariables: pulumi.StringMap{\n\t\t\t\t\t\"SERVICE_CONFIG_TEST\": pulumi.String(\"config_test\"),\n\t\t\t\t},\n\t\t\t\tIngressSettings: pulumi.String(\"ALLOW_INTERNAL_ONLY\"),\n\t\t\t\tAllTrafficOnLatestRevision: pulumi.Bool(true),\n\t\t\t\tServiceAccountEmail: account.Email,\n\t\t\t},\n\t\t\tEventTrigger: \u0026cloudfunctionsv2.FunctionEventTriggerArgs{\n\t\t\t\tTriggerRegion: pulumi.String(\"us-central1\"),\n\t\t\t\tEventType: pulumi.String(\"google.cloud.audit.log.v1.written\"),\n\t\t\t\tRetryPolicy: pulumi.String(\"RETRY_POLICY_RETRY\"),\n\t\t\t\tServiceAccountEmail: account.Email,\n\t\t\t\tEventFilters: cloudfunctionsv2.FunctionEventTriggerEventFilterArray{\n\t\t\t\t\t\u0026cloudfunctionsv2.FunctionEventTriggerEventFilterArgs{\n\t\t\t\t\t\tAttribute: pulumi.String(\"serviceName\"),\n\t\t\t\t\t\tValue: pulumi.String(\"storage.googleapis.com\"),\n\t\t\t\t\t},\n\t\t\t\t\t\u0026cloudfunctionsv2.FunctionEventTriggerEventFilterArgs{\n\t\t\t\t\t\tAttribute: pulumi.String(\"methodName\"),\n\t\t\t\t\t\tValue: pulumi.String(\"storage.objects.create\"),\n\t\t\t\t\t},\n\t\t\t\t\t\u0026cloudfunctionsv2.FunctionEventTriggerEventFilterArgs{\n\t\t\t\t\t\tAttribute: pulumi.String(\"resourceName\"),\n\t\t\t\t\t\tValue: audit_log_bucket.Name.ApplyT(func(name string) (string, error) {\n\t\t\t\t\t\t\treturn fmt.Sprintf(\"/projects/_/buckets/%v/objects/*.txt\", name), nil\n\t\t\t\t\t\t}).(pulumi.StringOutput),\n\t\t\t\t\t\tOperator: pulumi.String(\"match-path-pattern\"),\n\t\t\t\t\t},\n\t\t\t\t},\n\t\t\t},\n\t\t}, pulumi.DependsOn([]pulumi.Resource{\n\t\t\tevent_receiving,\n\t\t\tartifactregistry_reader,\n\t\t}))\n\t\tif err != nil {\n\t\t\treturn err\n\t\t}\n\t\treturn nil\n\t})\n}\n```\n```java\npackage generated_program;\n\nimport com.pulumi.Context;\nimport com.pulumi.Pulumi;\nimport com.pulumi.core.Output;\nimport com.pulumi.gcp.storage.Bucket;\nimport com.pulumi.gcp.storage.BucketArgs;\nimport com.pulumi.gcp.storage.BucketObject;\nimport com.pulumi.gcp.storage.BucketObjectArgs;\nimport com.pulumi.gcp.serviceaccount.Account;\nimport com.pulumi.gcp.serviceaccount.AccountArgs;\nimport com.pulumi.gcp.projects.IAMMember;\nimport com.pulumi.gcp.projects.IAMMemberArgs;\nimport com.pulumi.gcp.cloudfunctionsv2.Function;\nimport com.pulumi.gcp.cloudfunctionsv2.FunctionArgs;\nimport com.pulumi.gcp.cloudfunctionsv2.inputs.FunctionBuildConfigArgs;\nimport com.pulumi.gcp.cloudfunctionsv2.inputs.FunctionBuildConfigSourceArgs;\nimport com.pulumi.gcp.cloudfunctionsv2.inputs.FunctionBuildConfigSourceStorageSourceArgs;\nimport com.pulumi.gcp.cloudfunctionsv2.inputs.FunctionServiceConfigArgs;\nimport com.pulumi.gcp.cloudfunctionsv2.inputs.FunctionEventTriggerArgs;\nimport com.pulumi.resources.CustomResourceOptions;\nimport com.pulumi.asset.FileAsset;\nimport java.util.List;\nimport java.util.ArrayList;\nimport java.util.Map;\nimport java.io.File;\nimport java.nio.file.Files;\nimport java.nio.file.Paths;\n\npublic class App {\n public static void main(String[] args) {\n Pulumi.run(App::stack);\n }\n\n public static void stack(Context ctx) {\n // This example follows the examples shown in this Google Cloud Community blog post\n // https://medium.com/google-cloud/applying-a-path-pattern-when-filtering-in-eventarc-f06b937b4c34\n // and the docs:\n // https://cloud.google.com/eventarc/docs/path-patterns\n var source_bucket = new Bucket(\"source-bucket\", BucketArgs.builder()\n .name(\"gcf-source-bucket\")\n .location(\"US\")\n .uniformBucketLevelAccess(true)\n .build());\n\n var object = new BucketObject(\"object\", BucketObjectArgs.builder()\n .name(\"function-source.zip\")\n .bucket(source_bucket.name())\n .source(new FileAsset(\"function-source.zip\"))\n .build());\n\n var account = new Account(\"account\", AccountArgs.builder()\n .accountId(\"gcf-sa\")\n .displayName(\"Test Service Account - used for both the cloud function and eventarc trigger in the test\")\n .build());\n\n // Note: The right way of listening for Cloud Storage events is to use a Cloud Storage trigger.\n // Here we use Audit Logs to monitor the bucket so path patterns can be used in the example of\n // google_cloudfunctions2_function below (Audit Log events have path pattern support)\n var audit_log_bucket = new Bucket(\"audit-log-bucket\", BucketArgs.builder()\n .name(\"gcf-auditlog-bucket\")\n .location(\"us-central1\")\n .uniformBucketLevelAccess(true)\n .build());\n\n // Permissions on the service account used by the function and Eventarc trigger\n var invoking = new IAMMember(\"invoking\", IAMMemberArgs.builder()\n .project(\"my-project-name\")\n .role(\"roles/run.invoker\")\n .member(account.email().applyValue(email -\u003e String.format(\"serviceAccount:%s\", email)))\n .build());\n\n var event_receiving = new IAMMember(\"event-receiving\", IAMMemberArgs.builder()\n .project(\"my-project-name\")\n .role(\"roles/eventarc.eventReceiver\")\n .member(account.email().applyValue(email -\u003e String.format(\"serviceAccount:%s\", email)))\n .build(), CustomResourceOptions.builder()\n .dependsOn(invoking)\n .build());\n\n var artifactregistry_reader = new IAMMember(\"artifactregistry-reader\", IAMMemberArgs.builder()\n .project(\"my-project-name\")\n .role(\"roles/artifactregistry.reader\")\n .member(account.email().applyValue(email -\u003e String.format(\"serviceAccount:%s\", email)))\n .build(), CustomResourceOptions.builder()\n .dependsOn(event_receiving)\n .build());\n\n var function = new Function(\"function\", FunctionArgs.builder()\n .name(\"gcf-function\")\n .location(\"us-central1\")\n .description(\"a new function\")\n .buildConfig(FunctionBuildConfigArgs.builder()\n .runtime(\"nodejs12\")\n .entryPoint(\"entryPoint\")\n .environmentVariables(Map.of(\"BUILD_CONFIG_TEST\", \"build_test\"))\n .source(FunctionBuildConfigSourceArgs.builder()\n .storageSource(FunctionBuildConfigSourceStorageSourceArgs.builder()\n .bucket(source_bucket.name())\n .object(object.name())\n .build())\n .build())\n .build())\n .serviceConfig(FunctionServiceConfigArgs.builder()\n .maxInstanceCount(3)\n .minInstanceCount(1)\n .availableMemory(\"256M\")\n .timeoutSeconds(60)\n .environmentVariables(Map.of(\"SERVICE_CONFIG_TEST\", \"config_test\"))\n .ingressSettings(\"ALLOW_INTERNAL_ONLY\")\n .allTrafficOnLatestRevision(true)\n .serviceAccountEmail(account.email())\n .build())\n .eventTrigger(FunctionEventTriggerArgs.builder()\n .triggerRegion(\"us-central1\")\n .eventType(\"google.cloud.audit.log.v1.written\")\n .retryPolicy(\"RETRY_POLICY_RETRY\")\n .serviceAccountEmail(account.email())\n .eventFilters( \n FunctionEventTriggerEventFilterArgs.builder()\n .attribute(\"serviceName\")\n .value(\"storage.googleapis.com\")\n .build(),\n FunctionEventTriggerEventFilterArgs.builder()\n .attribute(\"methodName\")\n .value(\"storage.objects.create\")\n .build(),\n FunctionEventTriggerEventFilterArgs.builder()\n .attribute(\"resourceName\")\n .value(audit_log_bucket.name().applyValue(name -\u003e String.format(\"/projects/_/buckets/%s/objects/*.txt\", name)))\n .operator(\"match-path-pattern\")\n .build())\n .build())\n .build(), CustomResourceOptions.builder()\n .dependsOn( \n event_receiving,\n artifactregistry_reader)\n .build());\n\n }\n}\n```\n```yaml\nresources:\n # This example follows the examples shown in this Google Cloud Community blog post\n # https://medium.com/google-cloud/applying-a-path-pattern-when-filtering-in-eventarc-f06b937b4c34\n # and the docs:\n # https://cloud.google.com/eventarc/docs/path-patterns\n source-bucket:\n type: gcp:storage:Bucket\n properties:\n name: gcf-source-bucket\n location: US\n uniformBucketLevelAccess: true\n object:\n type: gcp:storage:BucketObject\n properties:\n name: function-source.zip\n bucket: ${[\"source-bucket\"].name}\n source:\n fn::FileAsset: function-source.zip\n account:\n type: gcp:serviceaccount:Account\n properties:\n accountId: gcf-sa\n displayName: Test Service Account - used for both the cloud function and eventarc trigger in the test\n # Note: The right way of listening for Cloud Storage events is to use a Cloud Storage trigger.\n # Here we use Audit Logs to monitor the bucket so path patterns can be used in the example of\n # google_cloudfunctions2_function below (Audit Log events have path pattern support)\n audit-log-bucket:\n type: gcp:storage:Bucket\n properties:\n name: gcf-auditlog-bucket\n location: us-central1\n uniformBucketLevelAccess: true\n # Permissions on the service account used by the function and Eventarc trigger\n invoking:\n type: gcp:projects:IAMMember\n properties:\n project: my-project-name\n role: roles/run.invoker\n member: serviceAccount:${account.email}\n event-receiving:\n type: gcp:projects:IAMMember\n properties:\n project: my-project-name\n role: roles/eventarc.eventReceiver\n member: serviceAccount:${account.email}\n options:\n dependson:\n - ${invoking}\n artifactregistry-reader:\n type: gcp:projects:IAMMember\n properties:\n project: my-project-name\n role: roles/artifactregistry.reader\n member: serviceAccount:${account.email}\n options:\n dependson:\n - ${[\"event-receiving\"]}\n function:\n type: gcp:cloudfunctionsv2:Function\n properties:\n name: gcf-function\n location: us-central1\n description: a new function\n buildConfig:\n runtime: nodejs12\n entryPoint: entryPoint\n environmentVariables:\n BUILD_CONFIG_TEST: build_test\n source:\n storageSource:\n bucket: ${[\"source-bucket\"].name}\n object: ${object.name}\n serviceConfig:\n maxInstanceCount: 3\n minInstanceCount: 1\n availableMemory: 256M\n timeoutSeconds: 60\n environmentVariables:\n SERVICE_CONFIG_TEST: config_test\n ingressSettings: ALLOW_INTERNAL_ONLY\n allTrafficOnLatestRevision: true\n serviceAccountEmail: ${account.email}\n eventTrigger:\n triggerRegion: us-central1\n eventType: google.cloud.audit.log.v1.written\n retryPolicy: RETRY_POLICY_RETRY\n serviceAccountEmail: ${account.email}\n eventFilters:\n - attribute: serviceName\n value: storage.googleapis.com\n - attribute: methodName\n value: storage.objects.create\n - attribute: resourceName\n value: /projects/_/buckets/${[\"audit-log-bucket\"].name}/objects/*.txt\n operator: match-path-pattern\n options:\n dependson:\n - ${[\"event-receiving\"]}\n - ${[\"artifactregistry-reader\"]}\n```\n\u003c!--End PulumiCodeChooser --\u003e\n### Cloudfunctions2 Basic Builder\n\n\n\u003c!--Start PulumiCodeChooser --\u003e\n```typescript\nimport * as pulumi from \"@pulumi/pulumi\";\nimport * as gcp from \"@pulumi/gcp\";\nimport * as time from \"@pulumi/time\";\n\nconst project = \"my-project-name\";\nconst account = new gcp.serviceaccount.Account(\"account\", {\n accountId: \"gcf-sa\",\n displayName: \"Test Service Account\",\n});\nconst logWriter = new gcp.projects.IAMMember(\"log_writer\", {\n project: account.project,\n role: \"roles/logging.logWriter\",\n member: pulumi.interpolate`serviceAccount:${account.email}`,\n});\nconst artifactRegistryWriter = new gcp.projects.IAMMember(\"artifact_registry_writer\", {\n project: account.project,\n role: \"roles/artifactregistry.writer\",\n member: pulumi.interpolate`serviceAccount:${account.email}`,\n});\nconst storageObjectAdmin = new gcp.projects.IAMMember(\"storage_object_admin\", {\n project: account.project,\n role: \"roles/storage.objectAdmin\",\n member: pulumi.interpolate`serviceAccount:${account.email}`,\n});\nconst bucket = new gcp.storage.Bucket(\"bucket\", {\n name: `${project}-gcf-source`,\n location: \"US\",\n uniformBucketLevelAccess: true,\n});\nconst object = new gcp.storage.BucketObject(\"object\", {\n name: \"function-source.zip\",\n bucket: bucket.name,\n source: new pulumi.asset.FileAsset(\"function-source.zip\"),\n});\n// builder permissions need to stablize before it can pull the source zip\nconst wait60s = new time.index.Sleep(\"wait_60s\", {createDuration: \"60s\"}, {\n dependsOn: [\n logWriter,\n artifactRegistryWriter,\n storageObjectAdmin,\n ],\n});\nconst _function = new gcp.cloudfunctionsv2.Function(\"function\", {\n name: \"function-v2\",\n location: \"us-central1\",\n description: \"a new function\",\n buildConfig: {\n runtime: \"nodejs16\",\n entryPoint: \"helloHttp\",\n source: {\n storageSource: {\n bucket: bucket.name,\n object: object.name,\n },\n },\n serviceAccount: account.id,\n },\n serviceConfig: {\n maxInstanceCount: 1,\n availableMemory: \"256M\",\n timeoutSeconds: 60,\n },\n}, {\n dependsOn: [wait60s],\n});\nexport const functionUri = _function.serviceConfig.apply(serviceConfig =\u003e serviceConfig?.uri);\n```\n```python\nimport pulumi\nimport pulumi_gcp as gcp\nimport pulumi_time as time\n\nproject = \"my-project-name\"\naccount = gcp.serviceaccount.Account(\"account\",\n account_id=\"gcf-sa\",\n display_name=\"Test Service Account\")\nlog_writer = gcp.projects.IAMMember(\"log_writer\",\n project=account.project,\n role=\"roles/logging.logWriter\",\n member=account.email.apply(lambda email: f\"serviceAccount:{email}\"))\nartifact_registry_writer = gcp.projects.IAMMember(\"artifact_registry_writer\",\n project=account.project,\n role=\"roles/artifactregistry.writer\",\n member=account.email.apply(lambda email: f\"serviceAccount:{email}\"))\nstorage_object_admin = gcp.projects.IAMMember(\"storage_object_admin\",\n project=account.project,\n role=\"roles/storage.objectAdmin\",\n member=account.email.apply(lambda email: f\"serviceAccount:{email}\"))\nbucket = gcp.storage.Bucket(\"bucket\",\n name=f\"{project}-gcf-source\",\n location=\"US\",\n uniform_bucket_level_access=True)\nobject = gcp.storage.BucketObject(\"object\",\n name=\"function-source.zip\",\n bucket=bucket.name,\n source=pulumi.FileAsset(\"function-source.zip\"))\n# builder permissions need to stablize before it can pull the source zip\nwait60s = time.index.Sleep(\"wait_60s\", create_duration=60s,\nopts=pulumi.ResourceOptions(depends_on=[\n log_writer,\n artifact_registry_writer,\n storage_object_admin,\n ]))\nfunction = gcp.cloudfunctionsv2.Function(\"function\",\n name=\"function-v2\",\n location=\"us-central1\",\n description=\"a new function\",\n build_config=gcp.cloudfunctionsv2.FunctionBuildConfigArgs(\n runtime=\"nodejs16\",\n entry_point=\"helloHttp\",\n source=gcp.cloudfunctionsv2.FunctionBuildConfigSourceArgs(\n storage_source=gcp.cloudfunctionsv2.FunctionBuildConfigSourceStorageSourceArgs(\n bucket=bucket.name,\n object=object.name,\n ),\n ),\n service_account=account.id,\n ),\n service_config=gcp.cloudfunctionsv2.FunctionServiceConfigArgs(\n max_instance_count=1,\n available_memory=\"256M\",\n timeout_seconds=60,\n ),\n opts=pulumi.ResourceOptions(depends_on=[wait60s]))\npulumi.export(\"functionUri\", function.service_config.uri)\n```\n```csharp\nusing System.Collections.Generic;\nusing System.Linq;\nusing Pulumi;\nusing Gcp = Pulumi.Gcp;\nusing Time = Pulumi.Time;\n\nreturn await Deployment.RunAsync(() =\u003e \n{\n var project = \"my-project-name\";\n\n var account = new Gcp.ServiceAccount.Account(\"account\", new()\n {\n AccountId = \"gcf-sa\",\n DisplayName = \"Test Service Account\",\n });\n\n var logWriter = new Gcp.Projects.IAMMember(\"log_writer\", new()\n {\n Project = account.Project,\n Role = \"roles/logging.logWriter\",\n Member = account.Email.Apply(email =\u003e $\"serviceAccount:{email}\"),\n });\n\n var artifactRegistryWriter = new Gcp.Projects.IAMMember(\"artifact_registry_writer\", new()\n {\n Project = account.Project,\n Role = \"roles/artifactregistry.writer\",\n Member = account.Email.Apply(email =\u003e $\"serviceAccount:{email}\"),\n });\n\n var storageObjectAdmin = new Gcp.Projects.IAMMember(\"storage_object_admin\", new()\n {\n Project = account.Project,\n Role = \"roles/storage.objectAdmin\",\n Member = account.Email.Apply(email =\u003e $\"serviceAccount:{email}\"),\n });\n\n var bucket = new Gcp.Storage.Bucket(\"bucket\", new()\n {\n Name = $\"{project}-gcf-source\",\n Location = \"US\",\n UniformBucketLevelAccess = true,\n });\n\n var @object = new Gcp.Storage.BucketObject(\"object\", new()\n {\n Name = \"function-source.zip\",\n Bucket = bucket.Name,\n Source = new FileAsset(\"function-source.zip\"),\n });\n\n // builder permissions need to stablize before it can pull the source zip\n var wait60s = new Time.Index.Sleep(\"wait_60s\", new()\n {\n CreateDuration = \"60s\",\n }, new CustomResourceOptions\n {\n DependsOn =\n {\n logWriter,\n artifactRegistryWriter,\n storageObjectAdmin,\n },\n });\n\n var function = new Gcp.CloudFunctionsV2.Function(\"function\", new()\n {\n Name = \"function-v2\",\n Location = \"us-central1\",\n Description = \"a new function\",\n BuildConfig = new Gcp.CloudFunctionsV2.Inputs.FunctionBuildConfigArgs\n {\n Runtime = \"nodejs16\",\n EntryPoint = \"helloHttp\",\n Source = new Gcp.CloudFunctionsV2.Inputs.FunctionBuildConfigSourceArgs\n {\n StorageSource = new Gcp.CloudFunctionsV2.Inputs.FunctionBuildConfigSourceStorageSourceArgs\n {\n Bucket = bucket.Name,\n Object = @object.Name,\n },\n },\n ServiceAccount = account.Id,\n },\n ServiceConfig = new Gcp.CloudFunctionsV2.Inputs.FunctionServiceConfigArgs\n {\n MaxInstanceCount = 1,\n AvailableMemory = \"256M\",\n TimeoutSeconds = 60,\n },\n }, new CustomResourceOptions\n {\n DependsOn =\n {\n wait60s,\n },\n });\n\n return new Dictionary\u003cstring, object?\u003e\n {\n [\"functionUri\"] = function.ServiceConfig.Apply(serviceConfig =\u003e serviceConfig?.Uri),\n };\n});\n```\n```go\npackage main\n\nimport (\n\t\"fmt\"\n\n\t\"github.com/pulumi/pulumi-gcp/sdk/v7/go/gcp/cloudfunctionsv2\"\n\t\"github.com/pulumi/pulumi-gcp/sdk/v7/go/gcp/projects\"\n\t\"github.com/pulumi/pulumi-gcp/sdk/v7/go/gcp/serviceaccount\"\n\t\"github.com/pulumi/pulumi-gcp/sdk/v7/go/gcp/storage\"\n\t\"github.com/pulumi/pulumi-time/sdk/go/time\"\n\t\"github.com/pulumi/pulumi/sdk/v3/go/pulumi\"\n)\n\nfunc main() {\n\tpulumi.Run(func(ctx *pulumi.Context) error {\n\t\tproject := \"my-project-name\"\n\t\taccount, err := serviceaccount.NewAccount(ctx, \"account\", \u0026serviceaccount.AccountArgs{\n\t\t\tAccountId: pulumi.String(\"gcf-sa\"),\n\t\t\tDisplayName: pulumi.String(\"Test Service Account\"),\n\t\t})\n\t\tif err != nil {\n\t\t\treturn err\n\t\t}\n\t\tlogWriter, err := projects.NewIAMMember(ctx, \"log_writer\", \u0026projects.IAMMemberArgs{\n\t\t\tProject: account.Project,\n\t\t\tRole: pulumi.String(\"roles/logging.logWriter\"),\n\t\t\tMember: account.Email.ApplyT(func(email string) (string, error) {\n\t\t\t\treturn fmt.Sprintf(\"serviceAccount:%v\", email), nil\n\t\t\t}).(pulumi.StringOutput),\n\t\t})\n\t\tif err != nil {\n\t\t\treturn err\n\t\t}\n\t\tartifactRegistryWriter, err := projects.NewIAMMember(ctx, \"artifact_registry_writer\", \u0026projects.IAMMemberArgs{\n\t\t\tProject: account.Project,\n\t\t\tRole: pulumi.String(\"roles/artifactregistry.writer\"),\n\t\t\tMember: account.Email.ApplyT(func(email string) (string, error) {\n\t\t\t\treturn fmt.Sprintf(\"serviceAccount:%v\", email), nil\n\t\t\t}).(pulumi.StringOutput),\n\t\t})\n\t\tif err != nil {\n\t\t\treturn err\n\t\t}\n\t\tstorageObjectAdmin, err := projects.NewIAMMember(ctx, \"storage_object_admin\", \u0026projects.IAMMemberArgs{\n\t\t\tProject: account.Project,\n\t\t\tRole: pulumi.String(\"roles/storage.objectAdmin\"),\n\t\t\tMember: account.Email.ApplyT(func(email string) (string, error) {\n\t\t\t\treturn fmt.Sprintf(\"serviceAccount:%v\", email), nil\n\t\t\t}).(pulumi.StringOutput),\n\t\t})\n\t\tif err != nil {\n\t\t\treturn err\n\t\t}\n\t\tbucket, err := storage.NewBucket(ctx, \"bucket\", \u0026storage.BucketArgs{\n\t\t\tName: pulumi.String(fmt.Sprintf(\"%v-gcf-source\", project)),\n\t\t\tLocation: pulumi.String(\"US\"),\n\t\t\tUniformBucketLevelAccess: pulumi.Bool(true),\n\t\t})\n\t\tif err != nil {\n\t\t\treturn err\n\t\t}\n\t\tobject, err := storage.NewBucketObject(ctx, \"object\", \u0026storage.BucketObjectArgs{\n\t\t\tName: pulumi.String(\"function-source.zip\"),\n\t\t\tBucket: bucket.Name,\n\t\t\tSource: pulumi.NewFileAsset(\"function-source.zip\"),\n\t\t})\n\t\tif err != nil {\n\t\t\treturn err\n\t\t}\n\t\t// builder permissions need to stablize before it can pull the source zip\n\t\twait60s, err := time.NewSleep(ctx, \"wait_60s\", \u0026time.SleepArgs{\n\t\t\tCreateDuration: \"60s\",\n\t\t}, pulumi.DependsOn([]pulumi.Resource{\n\t\t\tlogWriter,\n\t\t\tartifactRegistryWriter,\n\t\t\tstorageObjectAdmin,\n\t\t}))\n\t\tif err != nil {\n\t\t\treturn err\n\t\t}\n\t\tfunction, err := cloudfunctionsv2.NewFunction(ctx, \"function\", \u0026cloudfunctionsv2.FunctionArgs{\n\t\t\tName: pulumi.String(\"function-v2\"),\n\t\t\tLocation: pulumi.String(\"us-central1\"),\n\t\t\tDescription: pulumi.String(\"a new function\"),\n\t\t\tBuildConfig: \u0026cloudfunctionsv2.FunctionBuildConfigArgs{\n\t\t\t\tRuntime: pulumi.String(\"nodejs16\"),\n\t\t\t\tEntryPoint: pulumi.String(\"helloHttp\"),\n\t\t\t\tSource: \u0026cloudfunctionsv2.FunctionBuildConfigSourceArgs{\n\t\t\t\t\tStorageSource: \u0026cloudfunctionsv2.FunctionBuildConfigSourceStorageSourceArgs{\n\t\t\t\t\t\tBucket: bucket.Name,\n\t\t\t\t\t\tObject: object.Name,\n\t\t\t\t\t},\n\t\t\t\t},\n\t\t\t\tServiceAccount: account.ID(),\n\t\t\t},\n\t\t\tServiceConfig: \u0026cloudfunctionsv2.FunctionServiceConfigArgs{\n\t\t\t\tMaxInstanceCount: pulumi.Int(1),\n\t\t\t\tAvailableMemory: pulumi.String(\"256M\"),\n\t\t\t\tTimeoutSeconds: pulumi.Int(60),\n\t\t\t},\n\t\t}, pulumi.DependsOn([]pulumi.Resource{\n\t\t\twait60s,\n\t\t}))\n\t\tif err != nil {\n\t\t\treturn err\n\t\t}\n\t\tctx.Export(\"functionUri\", function.ServiceConfig.ApplyT(func(serviceConfig cloudfunctionsv2.FunctionServiceConfig) (*string, error) {\n\t\t\treturn \u0026serviceConfig.Uri, nil\n\t\t}).(pulumi.StringPtrOutput))\n\t\treturn nil\n\t})\n}\n```\n```java\npackage generated_program;\n\nimport com.pulumi.Context;\nimport com.pulumi.Pulumi;\nimport com.pulumi.core.Output;\nimport com.pulumi.gcp.serviceaccount.Account;\nimport com.pulumi.gcp.serviceaccount.AccountArgs;\nimport com.pulumi.gcp.projects.IAMMember;\nimport com.pulumi.gcp.projects.IAMMemberArgs;\nimport com.pulumi.gcp.storage.Bucket;\nimport com.pulumi.gcp.storage.BucketArgs;\nimport com.pulumi.gcp.storage.BucketObject;\nimport com.pulumi.gcp.storage.BucketObjectArgs;\nimport com.pulumi.time.sleep;\nimport com.pulumi.time.SleepArgs;\nimport com.pulumi.gcp.cloudfunctionsv2.Function;\nimport com.pulumi.gcp.cloudfunctionsv2.FunctionArgs;\nimport com.pulumi.gcp.cloudfunctionsv2.inputs.FunctionBuildConfigArgs;\nimport com.pulumi.gcp.cloudfunctionsv2.inputs.FunctionBuildConfigSourceArgs;\nimport com.pulumi.gcp.cloudfunctionsv2.inputs.FunctionBuildConfigSourceStorageSourceArgs;\nimport com.pulumi.gcp.cloudfunctionsv2.inputs.FunctionServiceConfigArgs;\nimport com.pulumi.resources.CustomResourceOptions;\nimport com.pulumi.asset.FileAsset;\nimport java.util.List;\nimport java.util.ArrayList;\nimport java.util.Map;\nimport java.io.File;\nimport java.nio.file.Files;\nimport java.nio.file.Paths;\n\npublic class App {\n public static void main(String[] args) {\n Pulumi.run(App::stack);\n }\n\n public static void stack(Context ctx) {\n final var project = \"my-project-name\";\n\n var account = new Account(\"account\", AccountArgs.builder()\n .accountId(\"gcf-sa\")\n .displayName(\"Test Service Account\")\n .build());\n\n var logWriter = new IAMMember(\"logWriter\", IAMMemberArgs.builder()\n .project(account.project())\n .role(\"roles/logging.logWriter\")\n .member(account.email().applyValue(email -\u003e String.format(\"serviceAccount:%s\", email)))\n .build());\n\n var artifactRegistryWriter = new IAMMember(\"artifactRegistryWriter\", IAMMemberArgs.builder()\n .project(account.project())\n .role(\"roles/artifactregistry.writer\")\n .member(account.email().applyValue(email -\u003e String.format(\"serviceAccount:%s\", email)))\n .build());\n\n var storageObjectAdmin = new IAMMember(\"storageObjectAdmin\", IAMMemberArgs.builder()\n .project(account.project())\n .role(\"roles/storage.objectAdmin\")\n .member(account.email().applyValue(email -\u003e String.format(\"serviceAccount:%s\", email)))\n .build());\n\n var bucket = new Bucket(\"bucket\", BucketArgs.builder()\n .name(String.format(\"%s-gcf-source\", project))\n .location(\"US\")\n .uniformBucketLevelAccess(true)\n .build());\n\n var object = new BucketObject(\"object\", BucketObjectArgs.builder()\n .name(\"function-source.zip\")\n .bucket(bucket.name())\n .source(new FileAsset(\"function-source.zip\"))\n .build());\n\n // builder permissions need to stablize before it can pull the source zip\n var wait60s = new Sleep(\"wait60s\", SleepArgs.builder()\n .createDuration(\"60s\")\n .build(), CustomResourceOptions.builder()\n .dependsOn( \n logWriter,\n artifactRegistryWriter,\n storageObjectAdmin)\n .build());\n\n var function = new Function(\"function\", FunctionArgs.builder()\n .name(\"function-v2\")\n .location(\"us-central1\")\n .description(\"a new function\")\n .buildConfig(FunctionBuildConfigArgs.builder()\n .runtime(\"nodejs16\")\n .entryPoint(\"helloHttp\")\n .source(FunctionBuildConfigSourceArgs.builder()\n .storageSource(FunctionBuildConfigSourceStorageSourceArgs.builder()\n .bucket(bucket.name())\n .object(object.name())\n .build())\n .build())\n .serviceAccount(account.id())\n .build())\n .serviceConfig(FunctionServiceConfigArgs.builder()\n .maxInstanceCount(1)\n .availableMemory(\"256M\")\n .timeoutSeconds(60)\n .build())\n .build(), CustomResourceOptions.builder()\n .dependsOn(wait60s)\n .build());\n\n ctx.export(\"functionUri\", function.serviceConfig().applyValue(serviceConfig -\u003e serviceConfig.uri()));\n }\n}\n```\n```yaml\nresources:\n account:\n type: gcp:serviceaccount:Account\n properties:\n accountId: gcf-sa\n displayName: Test Service Account\n logWriter:\n type: gcp:projects:IAMMember\n name: log_writer\n properties:\n project: ${account.project}\n role: roles/logging.logWriter\n member: serviceAccount:${account.email}\n artifactRegistryWriter:\n type: gcp:projects:IAMMember\n name: artifact_registry_writer\n properties:\n project: ${account.project}\n role: roles/artifactregistry.writer\n member: serviceAccount:${account.email}\n storageObjectAdmin:\n type: gcp:projects:IAMMember\n name: storage_object_admin\n properties:\n project: ${account.project}\n role: roles/storage.objectAdmin\n member: serviceAccount:${account.email}\n bucket:\n type: gcp:storage:Bucket\n properties:\n name: ${project}-gcf-source\n location: US\n uniformBucketLevelAccess: true\n object:\n type: gcp:storage:BucketObject\n properties:\n name: function-source.zip\n bucket: ${bucket.name}\n source:\n fn::FileAsset: function-source.zip\n # builder permissions need to stablize before it can pull the source zip\n wait60s:\n type: time:sleep\n name: wait_60s\n properties:\n createDuration: 60s\n options:\n dependson:\n - ${logWriter}\n - ${artifactRegistryWriter}\n - ${storageObjectAdmin}\n function:\n type: gcp:cloudfunctionsv2:Function\n properties:\n name: function-v2\n location: us-central1\n description: a new function\n buildConfig:\n runtime: nodejs16\n entryPoint: helloHttp\n source:\n storageSource:\n bucket: ${bucket.name}\n object: ${object.name}\n serviceAccount: ${account.id}\n serviceConfig:\n maxInstanceCount: 1\n availableMemory: 256M\n timeoutSeconds: 60\n options:\n dependson:\n - ${wait60s}\nvariables:\n project: my-project-name\noutputs:\n functionUri: ${function.serviceConfig.uri}\n```\n\u003c!--End PulumiCodeChooser --\u003e\n### Cloudfunctions2 Secret Env\n\n\n\u003c!--Start PulumiCodeChooser --\u003e\n```typescript\nimport * as pulumi from \"@pulumi/pulumi\";\nimport * as gcp from \"@pulumi/gcp\";\n\nconst project = \"my-project-name\";\nconst bucket = new gcp.storage.Bucket(\"bucket\", {\n name: `${project}-gcf-source`,\n location: \"US\",\n uniformBucketLevelAccess: true,\n});\nconst object = new gcp.storage.BucketObject(\"object\", {\n name: \"function-source.zip\",\n bucket: bucket.name,\n source: new pulumi.asset.FileAsset(\"function-source.zip\"),\n});\nconst secret = new gcp.secretmanager.Secret(\"secret\", {\n secretId: \"secret\",\n replication: {\n userManaged: {\n replicas: [{\n location: \"us-central1\",\n }],\n },\n },\n});\nconst secretSecretVersion = new gcp.secretmanager.SecretVersion(\"secret\", {\n secret: secret.name,\n secretData: \"secret\",\n enabled: true,\n});\nconst _function = new gcp.cloudfunctionsv2.Function(\"function\", {\n name: \"function-secret\",\n location: \"us-central1\",\n description: \"a new function\",\n buildConfig: {\n runtime: \"nodejs16\",\n entryPoint: \"helloHttp\",\n source: {\n storageSource: {\n bucket: bucket.name,\n object: object.name,\n },\n },\n },\n serviceConfig: {\n maxInstanceCount: 1,\n availableMemory: \"256M\",\n timeoutSeconds: 60,\n secretEnvironmentVariables: [{\n key: \"TEST\",\n projectId: project,\n secret: secret.secretId,\n version: \"latest\",\n }],\n },\n}, {\n dependsOn: [secretSecretVersion],\n});\n```\n```python\nimport pulumi\nimport pulumi_gcp as gcp\n\nproject = \"my-project-name\"\nbucket = gcp.storage.Bucket(\"bucket\",\n name=f\"{project}-gcf-source\",\n location=\"US\",\n uniform_bucket_level_access=True)\nobject = gcp.storage.BucketObject(\"object\",\n name=\"function-source.zip\",\n bucket=bucket.name,\n source=pulumi.FileAsset(\"function-source.zip\"))\nsecret = gcp.secretmanager.Secret(\"secret\",\n secret_id=\"secret\",\n replication=gcp.secretmanager.SecretReplicationArgs(\n user_managed=gcp.secretmanager.SecretReplicationUserManagedArgs(\n replicas=[gcp.secretmanager.SecretReplicationUserManagedReplicaArgs(\n location=\"us-central1\",\n )],\n ),\n ))\nsecret_secret_version = gcp.secretmanager.SecretVersion(\"secret\",\n secret=secret.name,\n secret_data=\"secret\",\n enabled=True)\nfunction = gcp.cloudfunctionsv2.Function(\"function\",\n name=\"function-secret\",\n location=\"us-central1\",\n description=\"a new function\",\n build_config=gcp.cloudfunctionsv2.FunctionBuildConfigArgs(\n runtime=\"nodejs16\",\n entry_point=\"helloHttp\",\n source=gcp.cloudfunctionsv2.FunctionBuildConfigSourceArgs(\n storage_source=gcp.cloudfunctionsv2.FunctionBuildConfigSourceStorageSourceArgs(\n bucket=bucket.name,\n object=object.name,\n ),\n ),\n ),\n service_config=gcp.cloudfunctionsv2.FunctionServiceConfigArgs(\n max_instance_count=1,\n available_memory=\"256M\",\n timeout_seconds=60,\n secret_environment_variables=[gcp.cloudfunctionsv2.FunctionServiceConfigSecretEnvironmentVariableArgs(\n key=\"TEST\",\n project_id=project,\n secret=secret.secret_id,\n version=\"latest\",\n )],\n ),\n opts=pulumi.ResourceOptions(depends_on=[secret_secret_version]))\n```\n```csharp\nusing System.Collections.Generic;\nusing System.Linq;\nusing Pulumi;\nusing Gcp = Pulumi.Gcp;\n\nreturn await Deployment.RunAsync(() =\u003e \n{\n var project = \"my-project-name\";\n\n var bucket = new Gcp.Storage.Bucket(\"bucket\", new()\n {\n Name = $\"{project}-gcf-source\",\n Location = \"US\",\n UniformBucketLevelAccess = true,\n });\n\n var @object = new Gcp.Storage.BucketObject(\"object\", new()\n {\n Name = \"function-source.zip\",\n Bucket = bucket.Name,\n Source = new FileAsset(\"function-source.zip\"),\n });\n\n var secret = new Gcp.SecretManager.Secret(\"secret\", new()\n {\n SecretId = \"secret\",\n Replication = new Gcp.SecretManager.Inputs.SecretReplicationArgs\n {\n UserManaged = new Gcp.SecretManager.Inputs.SecretReplicationUserManagedArgs\n {\n Replicas = new[]\n {\n new Gcp.SecretManager.Inputs.SecretReplicationUserManagedReplicaArgs\n {\n Location = \"us-central1\",\n },\n },\n },\n },\n });\n\n var secretSecretVersion = new Gcp.SecretManager.SecretVersion(\"secret\", new()\n {\n Secret = secret.Name,\n SecretData = \"secret\",\n Enabled = true,\n });\n\n var function = new Gcp.CloudFunctionsV2.Function(\"function\", new()\n {\n Name = \"function-secret\",\n Location = \"us-central1\",\n Description = \"a new function\",\n BuildConfig = new Gcp.CloudFunctionsV2.Inputs.FunctionBuildConfigArgs\n {\n Runtime = \"nodejs16\",\n EntryPoint = \"helloHttp\",\n Source = new Gcp.CloudFunctionsV2.Inputs.FunctionBuildConfigSourceArgs\n {\n StorageSource = new Gcp.CloudFunctionsV2.Inputs.FunctionBuildConfigSourceStorageSourceArgs\n {\n Bucket = bucket.Name,\n Object = @object.Name,\n },\n },\n },\n ServiceConfig = new Gcp.CloudFunctionsV2.Inputs.FunctionServiceConfigArgs\n {\n MaxInstanceCount = 1,\n AvailableMemory = \"256M\",\n TimeoutSeconds = 60,\n SecretEnvironmentVariables = new[]\n {\n new Gcp.CloudFunctionsV2.Inputs.FunctionServiceConfigSecretEnvironmentVariableArgs\n {\n Key = \"TEST\",\n ProjectId = project,\n Secret = secret.SecretId,\n Version = \"latest\",\n },\n },\n },\n }, new CustomResourceOptions\n {\n DependsOn =\n {\n secretSecretVersion,\n },\n });\n\n});\n```\n```go\npackage main\n\nimport (\n\t\"fmt\"\n\n\t\"github.com/pulumi/pulumi-gcp/sdk/v7/go/gcp/cloudfunctionsv2\"\n\t\"github.com/pulumi/pulumi-gcp/sdk/v7/go/gcp/secretmanager\"\n\t\"github.com/pulumi/pulumi-gcp/sdk/v7/go/gcp/storage\"\n\t\"github.com/pulumi/pulumi/sdk/v3/go/pulumi\"\n)\n\nfunc main() {\n\tpulumi.Run(func(ctx *pulumi.Context) error {\n\t\tproject := \"my-project-name\"\n\t\tbucket, err := storage.NewBucket(ctx, \"bucket\", \u0026storage.BucketArgs{\n\t\t\tName: pulumi.String(fmt.Sprintf(\"%v-gcf-source\", project)),\n\t\t\tLocation: pulumi.String(\"US\"),\n\t\t\tUniformBucketLevelAccess: pulumi.Bool(true),\n\t\t})\n\t\tif err != nil {\n\t\t\treturn err\n\t\t}\n\t\tobject, err := storage.NewBucketObject(ctx, \"object\", \u0026storage.BucketObjectArgs{\n\t\t\tName: pulumi.String(\"function-source.zip\"),\n\t\t\tBucket: bucket.Name,\n\t\t\tSource: pulumi.NewFileAsset(\"function-source.zip\"),\n\t\t})\n\t\tif err != nil {\n\t\t\treturn err\n\t\t}\n\t\tsecret, err := secretmanager.NewSecret(ctx, \"secret\", \u0026secretmanager.SecretArgs{\n\t\t\tSecretId: pulumi.String(\"secret\"),\n\t\t\tReplication: \u0026secretmanager.SecretReplicationArgs{\n\t\t\t\tUserManaged: \u0026secretmanager.SecretReplicationUserManagedArgs{\n\t\t\t\t\tReplicas: secretmanager.SecretReplicationUserManagedReplicaArray{\n\t\t\t\t\t\t\u0026secretmanager.SecretReplicationUserManagedReplicaArgs{\n\t\t\t\t\t\t\tLocation: pulumi.String(\"us-central1\"),\n\t\t\t\t\t\t},\n\t\t\t\t\t},\n\t\t\t\t},\n\t\t\t},\n\t\t})\n\t\tif err != nil {\n\t\t\treturn err\n\t\t}\n\t\tsecretSecretVersion, err := secretmanager.NewSecretVersion(ctx, \"secret\", \u0026secretmanager.SecretVersionArgs{\n\t\t\tSecret: secret.Name,\n\t\t\tSecretData: pulumi.String(\"secret\"),\n\t\t\tEnabled: pulumi.Bool(true),\n\t\t})\n\t\tif err != nil {\n\t\t\treturn err\n\t\t}\n\t\t_, err = cloudfunctionsv2.NewFunction(ctx, \"function\", \u0026cloudfunctionsv2.FunctionArgs{\n\t\t\tName: pulumi.String(\"function-secret\"),\n\t\t\tLocation: pulumi.String(\"us-central1\"),\n\t\t\tDescription: pulumi.String(\"a new function\"),\n\t\t\tBuildConfig: \u0026cloudfunctionsv2.FunctionBuildConfigArgs{\n\t\t\t\tRuntime: pulumi.String(\"nodejs16\"),\n\t\t\t\tEntryPoint: pulumi.String(\"helloHttp\"),\n\t\t\t\tSource: \u0026cloudfunctionsv2.FunctionBuildConfigSourceArgs{\n\t\t\t\t\tStorageSource: \u0026cloudfunctionsv2.FunctionBuildConfigSourceStorageSourceArgs{\n\t\t\t\t\t\tBucket: bucket.Name,\n\t\t\t\t\t\tObject: object.Name,\n\t\t\t\t\t},\n\t\t\t\t},\n\t\t\t},\n\t\t\tServiceConfig: \u0026cloudfunctionsv2.FunctionServiceConfigArgs{\n\t\t\t\tMaxInstanceCount: pulumi.Int(1),\n\t\t\t\tAvailableMemory: pulumi.String(\"256M\"),\n\t\t\t\tTimeoutSeconds: pulumi.Int(60),\n\t\t\t\tSecretEnvironmentVariables: cloudfunctionsv2.FunctionServiceConfigSecretEnvironmentVariableArray{\n\t\t\t\t\t\u0026cloudfunctionsv2.FunctionServiceConfigSecretEnvironmentVariableArgs{\n\t\t\t\t\t\tKey: pulumi.String(\"TEST\"),\n\t\t\t\t\t\tProjectId: pulumi.String(project),\n\t\t\t\t\t\tSecret: secret.SecretId,\n\t\t\t\t\t\tVersion: pulumi.String(\"latest\"),\n\t\t\t\t\t},\n\t\t\t\t},\n\t\t\t},\n\t\t}, pulumi.DependsOn([]pulumi.Resource{\n\t\t\tsecretSecretVersion,\n\t\t}))\n\t\tif err != nil {\n\t\t\treturn err\n\t\t}\n\t\treturn nil\n\t})\n}\n```\n```java\npackage generated_program;\n\nimport com.pulumi.Context;\nimport com.pulumi.Pulumi;\nimport com.pulumi.core.Output;\nimport com.pulumi.gcp.storage.Bucket;\nimport com.pulumi.gcp.storage.BucketArgs;\nimport com.pulumi.gcp.storage.BucketObject;\nimport com.pulumi.gcp.storage.BucketObjectArgs;\nimport com.pulumi.gcp.secretmanager.Secret;\nimport com.pulumi.gcp.secretmanager.SecretArgs;\nimport com.pulumi.gcp.secretmanager.inputs.SecretReplicationArgs;\nimport com.pulumi.gcp.secretmanager.inputs.SecretReplicationUserManagedArgs;\nimport com.pulumi.gcp.secretmanager.SecretVersion;\nimport com.pulumi.gcp.secretmanager.SecretVersionArgs;\nimport com.pulumi.gcp.cloudfunctionsv2.Function;\nimport com.pulumi.gcp.cloudfunctionsv2.FunctionArgs;\nimport com.pulumi.gcp.cloudfunctionsv2.inputs.FunctionBuildConfigArgs;\nimport com.pulumi.gcp.cloudfunctionsv2.inputs.FunctionBuildConfigSourceArgs;\nimport com.pulumi.gcp.cloudfunctionsv2.inputs.FunctionBuildConfigSourceStorageSourceArgs;\nimport com.pulumi.gcp.cloudfunctionsv2.inputs.FunctionServiceConfigArgs;\nimport com.pulumi.resources.CustomResourceOptions;\nimport com.pulumi.asset.FileAsset;\nimport java.util.List;\nimport java.util.ArrayList;\nimport java.util.Map;\nimport java.io.File;\nimport java.nio.file.Files;\nimport java.nio.file.Paths;\n\npublic class App {\n public static void main(String[] args) {\n Pulumi.run(App::stack);\n }\n\n public static void stack(Context ctx) {\n final var project = \"my-project-name\";\n\n var bucket = new Bucket(\"bucket\", BucketArgs.builder()\n .name(String.format(\"%s-gcf-source\", project))\n .location(\"US\")\n .uniformBucketLevelAccess(true)\n .build());\n\n var object = new BucketObject(\"object\", BucketObjectArgs.builder()\n .name(\"function-source.zip\")\n .bucket(bucket.name())\n .source(new FileAsset(\"function-source.zip\"))\n .build());\n\n var secret = new Secret(\"secret\", SecretArgs.builder()\n .secretId(\"secret\")\n .replication(SecretReplicationArgs.builder()\n .userManaged(SecretReplicationUserManagedArgs.builder()\n .replicas(SecretReplicationUserManagedReplicaArgs.builder()\n .location(\"us-central1\")\n .build())\n .build())\n .build())\n .build());\n\n var secretSecretVersion = new SecretVersion(\"secretSecretVersion\", SecretVersionArgs.builder()\n .secret(secret.name())\n .secretData(\"secret\")\n .enabled(true)\n .build());\n\n var function = new Function(\"function\", FunctionArgs.builder()\n .name(\"function-secret\")\n .location(\"us-central1\")\n .description(\"a new function\")\n .buildConfig(FunctionBuildConfigArgs.builder()\n .runtime(\"nodejs16\")\n .entryPoint(\"helloHttp\")\n .source(FunctionBuildConfigSourceArgs.builder()\n .storageSource(FunctionBuildConfigSourceStorageSourceArgs.builder()\n .bucket(bucket.name())\n .object(object.name())\n .build())\n .build())\n .build())\n .serviceConfig(FunctionServiceConfigArgs.builder()\n .maxInstanceCount(1)\n .availableMemory(\"256M\")\n .timeoutSeconds(60)\n .secretEnvironmentVariables(FunctionServiceConfigSecretEnvironmentVariableArgs.builder()\n .key(\"TEST\")\n .projectId(project)\n .secret(secret.secretId())\n .version(\"latest\")\n .build())\n .build())\n .build(), CustomResourceOptions.builder()\n .dependsOn(secretSecretVersion)\n .build());\n\n }\n}\n```\n```yaml\nresources:\n bucket:\n type: gcp:storage:Bucket\n properties:\n name: ${project}-gcf-source\n location: US\n uniformBucketLevelAccess: true\n object:\n type: gcp:storage:BucketObject\n properties:\n name: function-source.zip\n bucket: ${bucket.name}\n source:\n fn::FileAsset: function-source.zip\n function:\n type: gcp:cloudfunctionsv2:Function\n properties:\n name: function-secret\n location: us-central1\n description: a new function\n buildConfig:\n runtime: nodejs16\n entryPoint: helloHttp\n source:\n storageSource:\n bucket: ${bucket.name}\n object: ${object.name}\n serviceConfig:\n maxInstanceCount: 1\n availableMemory: 256M\n timeoutSeconds: 60\n secretEnvironmentVariables:\n - key: TEST\n projectId: ${project}\n secret: ${secret.secretId}\n version: latest\n options:\n dependson:\n - ${secretSecretVersion}\n secret:\n type: gcp:secretmanager:Secret\n properties:\n secretId: secret\n replication:\n userManaged:\n replicas:\n - location: us-central1\n secretSecretVersion:\n type: gcp:secretmanager:SecretVersion\n name: secret\n properties:\n secret: ${secret.name}\n secretData: secret\n enabled: true\nvariables:\n project: my-project-name\n```\n\u003c!--End PulumiCodeChooser --\u003e\n### Cloudfunctions2 Secret Volume\n\n\n\u003c!--Start PulumiCodeChooser --\u003e\n```typescript\nimport * as pulumi from \"@pulumi/pulumi\";\nimport * as gcp from \"@pulumi/gcp\";\n\nconst project = \"my-project-name\";\nconst bucket = new gcp.storage.Bucket(\"bucket\", {\n name: `${project}-gcf-source`,\n location: \"US\",\n uniformBucketLevelAccess: true,\n});\nconst object = new gcp.storage.BucketObject(\"object\", {\n name: \"function-source.zip\",\n bucket: bucket.name,\n source: new pulumi.asset.FileAsset(\"function-source.zip\"),\n});\nconst secret = new gcp.secretmanager.Secret(\"secret\", {\n secretId: \"secret\",\n replication: {\n userManaged: {\n replicas: [{\n location: \"us-central1\",\n }],\n },\n },\n});\nconst secretSecretVersion = new gcp.secretmanager.SecretVersion(\"secret\", {\n secret: secret.name,\n secretData: \"secret\",\n enabled: true,\n});\nconst _function = new gcp.cloudfunctionsv2.Function(\"function\", {\n name: \"function-secret\",\n location: \"us-central1\",\n description: \"a new function\",\n buildConfig: {\n runtime: \"nodejs16\",\n entryPoint: \"helloHttp\",\n source: {\n storageSource: {\n bucket: bucket.name,\n object: object.name,\n },\n },\n },\n serviceConfig: {\n maxInstanceCount: 1,\n availableMemory: \"256M\",\n timeoutSeconds: 60,\n secretVolumes: [{\n mountPath: \"/etc/secrets\",\n projectId: project,\n secret: secret.secretId,\n }],\n },\n}, {\n dependsOn: [secretSecretVersion],\n});\n```\n```python\nimport pulumi\nimport pulumi_gcp as gcp\n\nproject = \"my-project-name\"\nbucket = gcp.storage.Bucket(\"bucket\",\n name=f\"{project}-gcf-source\",\n location=\"US\",\n uniform_bucket_level_access=True)\nobject = gcp.storage.BucketObject(\"object\",\n name=\"function-source.zip\",\n bucket=bucket.name,\n source=pulumi.FileAsset(\"function-source.zip\"))\nsecret = gcp.secretmanager.Secret(\"secret\",\n secret_id=\"secret\",\n replication=gcp.secretmanager.SecretReplicationArgs(\n user_managed=gcp.secretmanager.SecretReplicationUserManagedArgs(\n replicas=[gcp.secretmanager.SecretReplicationUserManagedReplicaArgs(\n location=\"us-central1\",\n )],\n ),\n ))\nsecret_secret_version = gcp.secretmanager.SecretVersion(\"secret\",\n secret=secret.name,\n secret_data=\"secret\",\n enabled=True)\nfunction = gcp.cloudfunctionsv2.Function(\"function\",\n name=\"function-secret\",\n location=\"us-central1\",\n description=\"a new function\",\n build_config=gcp.cloudfunctionsv2.FunctionBuildConfigArgs(\n runtime=\"nodejs16\",\n entry_point=\"helloHttp\",\n source=gcp.cloudfunctionsv2.FunctionBuildConfigSourceArgs(\n storage_source=gcp.cloudfunctionsv2.FunctionBuildConfigSourceStorageSourceArgs(\n bucket=bucket.name,\n object=object.name,\n ),\n ),\n ),\n service_config=gcp.cloudfunctionsv2.FunctionServiceConfigArgs(\n max_instance_count=1,\n available_memory=\"256M\",\n timeout_seconds=60,\n secret_volumes=[gcp.cloudfunctionsv2.FunctionServiceConfigSecretVolumeArgs(\n mount_path=\"/etc/secrets\",\n project_id=project,\n secret=secret.secret_id,\n )],\n ),\n opts=pulumi.ResourceOptions(depends_on=[secret_secret_version]))\n```\n```csharp\nusing System.Collections.Generic;\nusing System.Linq;\nusing Pulumi;\nusing Gcp = Pulumi.Gcp;\n\nreturn await Deployment.RunAsync(() =\u003e \n{\n var project = \"my-project-name\";\n\n var bucket = new Gcp.Storage.Bucket(\"bucket\", new()\n {\n Name = $\"{project}-gcf-source\",\n Location = \"US\",\n UniformBucketLevelAccess = true,\n });\n\n var @object = new Gcp.Storage.BucketObject(\"object\", new()\n {\n Name = \"function-source.zip\",\n Bucket = bucket.Name,\n Source = new FileAsset(\"function-source.zip\"),\n });\n\n var secret = new Gcp.SecretManager.Secret(\"secret\", new()\n {\n SecretId = \"secret\",\n Replication = new Gcp.SecretManager.Inputs.SecretReplicationArgs\n {\n UserManaged = new Gcp.SecretManager.Inputs.SecretReplicationUserManagedArgs\n {\n Replicas = new[]\n {\n new Gcp.SecretManager.Inputs.SecretReplicationUserManagedReplicaArgs\n {\n Location = \"us-central1\",\n },\n },\n },\n },\n });\n\n var secretSecretVersion = new Gcp.SecretManager.SecretVersion(\"secret\", new()\n {\n Secret = secret.Name,\n SecretData = \"secret\",\n Enabled = true,\n });\n\n var function = new Gcp.CloudFunctionsV2.Function(\"function\", new()\n {\n Name = \"function-secret\",\n Location = \"us-central1\",\n Description = \"a new function\",\n BuildConfig = new Gcp.CloudFunctionsV2.Inputs.FunctionBuildConfigArgs\n {\n Runtime = \"nodejs16\",\n EntryPoint = \"helloHttp\",\n Source = new Gcp.CloudFunctionsV2.Inputs.FunctionBuildConfigSourceArgs\n {\n StorageSource = new Gcp.CloudFunctionsV2.Inputs.FunctionBuildConfigSourceStorageSourceArgs\n {\n Bucket = bucket.Name,\n Object = @object.Name,\n },\n },\n },\n ServiceConfig = new Gcp.CloudFunctionsV2.Inputs.FunctionServiceConfigArgs\n {\n MaxInstanceCount = 1,\n AvailableMemory = \"256M\",\n TimeoutSeconds = 60,\n SecretVolumes = new[]\n {\n new Gcp.CloudFunctionsV2.Inputs.FunctionServiceConfigSecretVolumeArgs\n {\n MountPath = \"/etc/secrets\",\n ProjectId = project,\n Secret = secret.SecretId,\n },\n },\n },\n }, new CustomResourceOptions\n {\n DependsOn =\n {\n secretSecretVersion,\n },\n });\n\n});\n```\n```go\npackage main\n\nimport (\n\t\"fmt\"\n\n\t\"github.com/pulumi/pulumi-gcp/sdk/v7/go/gcp/cloudfunctionsv2\"\n\t\"github.com/pulumi/pulumi-gcp/sdk/v7/go/gcp/secretmanager\"\n\t\"github.com/pulumi/pulumi-gcp/sdk/v7/go/gcp/storage\"\n\t\"github.com/pulumi/pulumi/sdk/v3/go/pulumi\"\n)\n\nfunc main() {\n\tpulumi.Run(func(ctx *pulumi.Context) error {\n\t\tproject := \"my-project-name\"\n\t\tbucket, err := storage.NewBucket(ctx, \"bucket\", \u0026storage.BucketArgs{\n\t\t\tName: pulumi.String(fmt.Sprintf(\"%v-gcf-source\", project)),\n\t\t\tLocation: pulumi.String(\"US\"),\n\t\t\tUniformBucketLevelAccess: pulumi.Bool(true),\n\t\t})\n\t\tif err != nil {\n\t\t\treturn err\n\t\t}\n\t\tobject, err := storage.NewBucketObject(ctx, \"object\", \u0026storage.BucketObjectArgs{\n\t\t\tName: pulumi.String(\"function-source.zip\"),\n\t\t\tBucket: bucket.Name,\n\t\t\tSource: pulumi.NewFileAsset(\"function-source.zip\"),\n\t\t})\n\t\tif err != nil {\n\t\t\treturn err\n\t\t}\n\t\tsecret, err := secretmanager.NewSecret(ctx, \"secret\", \u0026secretmanager.SecretArgs{\n\t\t\tSecretId: pulumi.String(\"secret\"),\n\t\t\tReplication: \u0026secretmanager.SecretReplicationArgs{\n\t\t\t\tUserManaged: \u0026secretmanager.SecretReplicationUserManagedArgs{\n\t\t\t\t\tReplicas: secretmanager.SecretReplicationUserManagedReplicaArray{\n\t\t\t\t\t\t\u0026secretmanager.SecretReplicationUserManagedReplicaArgs{\n\t\t\t\t\t\t\tLocation: pulumi.String(\"us-central1\"),\n\t\t\t\t\t\t},\n\t\t\t\t\t},\n\t\t\t\t},\n\t\t\t},\n\t\t})\n\t\tif err != nil {\n\t\t\treturn err\n\t\t}\n\t\tsecretSecretVersion, err := secretmanager.NewSecretVersion(ctx, \"secret\", \u0026secretmanager.SecretVersionArgs{\n\t\t\tSecret: secret.Name,\n\t\t\tSecretData: pulumi.String(\"secret\"),\n\t\t\tEnabled: pulumi.Bool(true),\n\t\t})\n\t\tif err != nil {\n\t\t\treturn err\n\t\t}\n\t\t_, err = cloudfunctionsv2.NewFunction(ctx, \"function\", \u0026cloudfunctionsv2.FunctionArgs{\n\t\t\tName: pulumi.String(\"function-secret\"),\n\t\t\tLocation: pulumi.String(\"us-central1\"),\n\t\t\tDescription: pulumi.String(\"a new function\"),\n\t\t\tBuildConfig: \u0026cloudfunctionsv2.FunctionBuildConfigArgs{\n\t\t\t\tRuntime: pulumi.String(\"nodejs16\"),\n\t\t\t\tEntryPoint: pulumi.String(\"helloHttp\"),\n\t\t\t\tSource: \u0026cloudfunctionsv2.FunctionBuildConfigSourceArgs{\n\t\t\t\t\tStorageSource: \u0026cloudfunctionsv2.FunctionBuildConfigSourceStorageSourceArgs{\n\t\t\t\t\t\tBucket: bucket.Name,\n\t\t\t\t\t\tObject: object.Name,\n\t\t\t\t\t},\n\t\t\t\t},\n\t\t\t},\n\t\t\tServiceConfig: \u0026cloudfunctionsv2.FunctionServiceConfigArgs{\n\t\t\t\tMaxInstanceCount: pulumi.Int(1),\n\t\t\t\tAvailableMemory: pulumi.String(\"256M\"),\n\t\t\t\tTimeoutSeconds: pulumi.Int(60),\n\t\t\t\tSecretVolumes: cloudfunctionsv2.FunctionServiceConfigSecretVolumeArray{\n\t\t\t\t\t\u0026cloudfunctionsv2.FunctionServiceConfigSecretVolumeArgs{\n\t\t\t\t\t\tMountPath: pulumi.String(\"/etc/secrets\"),\n\t\t\t\t\t\tProjectId: pulumi.String(project),\n\t\t\t\t\t\tSecret: secret.SecretId,\n\t\t\t\t\t},\n\t\t\t\t},\n\t\t\t},\n\t\t}, pulumi.DependsOn([]pulumi.Resource{\n\t\t\tsecretSecretVersion,\n\t\t}))\n\t\tif err != nil {\n\t\t\treturn err\n\t\t}\n\t\treturn nil\n\t})\n}\n```\n```java\npackage generated_program;\n\nimport com.pulumi.Context;\nimport com.pulumi.Pulumi;\nimport com.pulumi.core.Output;\nimport com.pulumi.gcp.storage.Bucket;\nimport com.pulumi.gcp.storage.BucketArgs;\nimport com.pulumi.gcp.storage.BucketObject;\nimport com.pulumi.gcp.storage.BucketObjectArgs;\nimport com.pulumi.gcp.secretmanager.Secret;\nimport com.pulumi.gcp.secretmanager.SecretArgs;\nimport com.pulumi.gcp.secretmanager.inputs.SecretReplicationArgs;\nimport com.pulumi.gcp.secretmanager.inputs.SecretReplicationUserManagedArgs;\nimport com.pulumi.gcp.secretmanager.SecretVersion;\nimport com.pulumi.gcp.secretmanager.SecretVersionArgs;\nimport com.pulumi.gcp.cloudfunctionsv2.Function;\nimport com.pulumi.gcp.cloudfunctionsv2.FunctionArgs;\nimport com.pulumi.gcp.cloudfunctionsv2.inputs.FunctionBuildConfigArgs;\nimport com.pulumi.gcp.cloudfunctionsv2.inputs.FunctionBuildConfigSourceArgs;\nimport com.pulumi.gcp.cloudfunctionsv2.inputs.FunctionBuildConfigSourceStorageSourceArgs;\nimport com.pulumi.gcp.cloudfunctionsv2.inputs.FunctionServiceConfigArgs;\nimport com.pulumi.resources.CustomResourceOptions;\nimport com.pulumi.asset.FileAsset;\nimport java.util.List;\nimport java.util.ArrayList;\nimport java.util.Map;\nimport java.io.File;\nimport java.nio.file.Files;\nimport java.nio.file.Paths;\n\npublic class App {\n public static void main(String[] args) {\n Pulumi.run(App::stack);\n }\n\n public static void stack(Context ctx) {\n final var project = \"my-project-name\";\n\n var bucket = new Bucket(\"bucket\", BucketArgs.builder()\n .name(String.format(\"%s-gcf-source\", project))\n .location(\"US\")\n .uniformBucketLevelAccess(true)\n .build());\n\n var object = new BucketObject(\"object\", BucketObjectArgs.builder()\n .name(\"function-source.zip\")\n .bucket(bucket.name())\n .source(new FileAsset(\"function-source.zip\"))\n .build());\n\n var secret = new Secret(\"secret\", SecretArgs.builder()\n .secretId(\"secret\")\n .replication(SecretReplicationArgs.builder()\n .userManaged(SecretReplicationUserManagedArgs.builder()\n .replicas(SecretReplicationUserManagedReplicaArgs.builder()\n .location(\"us-central1\")\n .build())\n .build())\n .build())\n .build());\n\n var secretSecretVersion = new SecretVersion(\"secretSecretVersion\", SecretVersionArgs.builder()\n .secret(secret.name())\n .secretData(\"secret\")\n .enabled(true)\n .build());\n\n var function = new Function(\"function\", FunctionArgs.builder()\n .name(\"function-secret\")\n .location(\"us-central1\")\n .description(\"a new function\")\n .buildConfig(FunctionBuildConfigArgs.builder()\n .runtime(\"nodejs16\")\n .entryPoint(\"helloHttp\")\n .source(FunctionBuildConfigSourceArgs.builder()\n .storageSource(FunctionBuildConfigSourceStorageSourceArgs.builder()\n .bucket(bucket.name())\n .object(object.name())\n .build())\n .build())\n .build())\n .serviceConfig(FunctionServiceConfigArgs.builder()\n .maxInstanceCount(1)\n .availableMemory(\"256M\")\n .timeoutSeconds(60)\n .secretVolumes(FunctionServiceConfigSecretVolumeArgs.builder()\n .mountPath(\"/etc/secrets\")\n .projectId(project)\n .secret(secret.secretId())\n .build())\n .build())\n .build(), CustomResourceOptions.builder()\n .dependsOn(secretSecretVersion)\n .build());\n\n }\n}\n```\n```yaml\nresources:\n bucket:\n type: gcp:storage:Bucket\n properties:\n name: ${project}-gcf-source\n location: US\n uniformBucketLevelAccess: true\n object:\n type: gcp:storage:BucketObject\n properties:\n name: function-source.zip\n bucket: ${bucket.name}\n source:\n fn::FileAsset: function-source.zip\n function:\n type: gcp:cloudfunctionsv2:Function\n properties:\n name: function-secret\n location: us-central1\n description: a new function\n buildConfig:\n runtime: nodejs16\n entryPoint: helloHttp\n source:\n storageSource:\n bucket: ${bucket.name}\n object: ${object.name}\n serviceConfig:\n maxInstanceCount: 1\n availableMemory: 256M\n timeoutSeconds: 60\n secretVolumes:\n - mountPath: /etc/secrets\n projectId: ${project}\n secret: ${secret.secretId}\n options:\n dependson:\n - ${secretSecretVersion}\n secret:\n type: gcp:secretmanager:Secret\n properties:\n secretId: secret\n replication:\n userManaged:\n replicas:\n - location: us-central1\n secretSecretVersion:\n type: gcp:secretmanager:SecretVersion\n name: secret\n properties:\n secret: ${secret.name}\n secretData: secret\n enabled: true\nvariables:\n project: my-project-name\n```\n\u003c!--End PulumiCodeChooser --\u003e\n### Cloudfunctions2 Private Workerpool\n\n\n\u003c!--Start PulumiCodeChooser --\u003e\n```typescript\nimport * as pulumi from \"@pulumi/pulumi\";\nimport * as gcp from \"@pulumi/gcp\";\n\nconst project = \"my-project-name\";\nconst bucket = new gcp.storage.Bucket(\"bucket\", {\n name: `${project}-gcf-source`,\n location: \"US\",\n uniformBucketLevelAccess: true,\n});\nconst object = new gcp.storage.BucketObject(\"object\", {\n name: \"function-source.zip\",\n bucket: bucket.name,\n source: new pulumi.asset.FileAsset(\"function-source.zip\"),\n});\nconst pool = new gcp.cloudbuild.WorkerPool(\"pool\", {\n name: \"workerpool\",\n location: \"us-central1\",\n workerConfig: {\n diskSizeGb: 100,\n machineType: \"e2-standard-8\",\n noExternalIp: false,\n },\n});\nconst _function = new gcp.cloudfunctionsv2.Function(\"function\", {\n name: \"function-workerpool\",\n location: \"us-central1\",\n description: \"a new function\",\n buildConfig: {\n runtime: \"nodejs16\",\n entryPoint: \"helloHttp\",\n source: {\n storageSource: {\n bucket: bucket.name,\n object: object.name,\n },\n },\n workerPool: pool.id,\n },\n serviceConfig: {\n maxInstanceCount: 1,\n availableMemory: \"256M\",\n timeoutSeconds: 60,\n },\n});\n```\n```python\nimport pulumi\nimport pulumi_gcp as gcp\n\nproject = \"my-project-name\"\nbucket = gcp.storage.Bucket(\"bucket\",\n name=f\"{project}-gcf-source\",\n location=\"US\",\n uniform_bucket_level_access=True)\nobject = gcp.storage.BucketObject(\"object\",\n name=\"function-source.zip\",\n bucket=bucket.name,\n source=pulumi.FileAsset(\"function-source.zip\"))\npool = gcp.cloudbuild.WorkerPool(\"pool\",\n name=\"workerpool\",\n location=\"us-central1\",\n worker_config=gcp.cloudbuild.WorkerPoolWorkerConfigArgs(\n disk_size_gb=100,\n machine_type=\"e2-standard-8\",\n no_external_ip=False,\n ))\nfunction = gcp.cloudfunctionsv2.Function(\"function\",\n name=\"function-workerpool\",\n location=\"us-central1\",\n description=\"a new function\",\n build_config=gcp.cloudfunctionsv2.FunctionBuildConfigArgs(\n runtime=\"nodejs16\",\n entry_point=\"helloHttp\",\n source=gcp.cloudfunctionsv2.FunctionBuildConfigSourceArgs(\n storage_source=gcp.cloudfunctionsv2.FunctionBuildConfigSourceStorageSourceArgs(\n bucket=bucket.name,\n object=object.name,\n ),\n ),\n worker_pool=pool.id,\n ),\n service_config=gcp.cloudfunctionsv2.FunctionServiceConfigArgs(\n max_instance_count=1,\n available_memory=\"256M\",\n timeout_seconds=60,\n ))\n```\n```csharp\nusing System.Collections.Generic;\nusing System.Linq;\nusing Pulumi;\nusing Gcp = Pulumi.Gcp;\n\nreturn await Deployment.RunAsync(() =\u003e \n{\n var project = \"my-project-name\";\n\n var bucket = new Gcp.Storage.Bucket(\"bucket\", new()\n {\n Name = $\"{project}-gcf-source\",\n Location = \"US\",\n UniformBucketLevelAccess = true,\n });\n\n var @object = new Gcp.Storage.BucketObject(\"object\", new()\n {\n Name = \"function-source.zip\",\n Bucket = bucket.Name,\n Source = new FileAsset(\"function-source.zip\"),\n });\n\n var pool = new Gcp.CloudBuild.WorkerPool(\"pool\", new()\n {\n Name = \"workerpool\",\n Location = \"us-central1\",\n WorkerConfig = new Gcp.CloudBuild.Inputs.WorkerPoolWorkerConfigArgs\n {\n DiskSizeGb = 100,\n MachineType = \"e2-standard-8\",\n NoExternalIp = false,\n },\n });\n\n var function = new Gcp.CloudFunctionsV2.Function(\"function\", new()\n {\n Name = \"function-workerpool\",\n Location = \"us-central1\",\n Description = \"a new function\",\n BuildConfig = new Gcp.CloudFunctionsV2.Inputs.FunctionBuildConfigArgs\n {\n Runtime = \"nodejs16\",\n EntryPoint = \"helloHttp\",\n Source = new Gcp.CloudFunctionsV2.Inputs.FunctionBuildConfigSourceArgs\n {\n StorageSource = new Gcp.CloudFunctionsV2.Inputs.FunctionBuildConfigSourceStorageSourceArgs\n {\n Bucket = bucket.Name,\n Object = @object.Name,\n },\n },\n WorkerPool = pool.Id,\n },\n ServiceConfig = new Gcp.CloudFunctionsV2.Inputs.FunctionServiceConfigArgs\n {\n MaxInstanceCount = 1,\n AvailableMemory = \"256M\",\n TimeoutSeconds = 60,\n },\n });\n\n});\n```\n```go\npackage main\n\nimport (\n\t\"fmt\"\n\n\t\"github.com/pulumi/pulumi-gcp/sdk/v7/go/gcp/cloudbuild\"\n\t\"github.com/pulumi/pulumi-gcp/sdk/v7/go/gcp/cloudfunctionsv2\"\n\t\"github.com/pulumi/pulumi-gcp/sdk/v7/go/gcp/storage\"\n\t\"github.com/pulumi/pulumi/sdk/v3/go/pulumi\"\n)\n\nfunc main() {\n\tpulumi.Run(func(ctx *pulumi.Context) error {\n\t\tproject := \"my-project-name\"\n\t\tbucket, err := storage.NewBucket(ctx, \"bucket\", \u0026storage.BucketArgs{\n\t\t\tName: pulumi.String(fmt.Sprintf(\"%v-gcf-source\", project)),\n\t\t\tLocation: pulumi.String(\"US\"),\n\t\t\tUniformBucketLevelAccess: pulumi.Bool(true),\n\t\t})\n\t\tif err != nil {\n\t\t\treturn err\n\t\t}\n\t\tobject, err := storage.NewBucketObject(ctx, \"object\", \u0026storage.BucketObjectArgs{\n\t\t\tName: pulumi.String(\"function-source.zip\"),\n\t\t\tBucket: bucket.Name,\n\t\t\tSource: pulumi.NewFileAsset(\"function-source.zip\"),\n\t\t})\n\t\tif err != nil {\n\t\t\treturn err\n\t\t}\n\t\tpool, err := cloudbuild.NewWorkerPool(ctx, \"pool\", \u0026cloudbuild.WorkerPoolArgs{\n\t\t\tName: pulumi.String(\"workerpool\"),\n\t\t\tLocation: pulumi.String(\"us-central1\"),\n\t\t\tWorkerConfig: \u0026cloudbuild.WorkerPoolWorkerConfigArgs{\n\t\t\t\tDiskSizeGb: pulumi.Int(100),\n\t\t\t\tMachineType: pulumi.String(\"e2-standard-8\"),\n\t\t\t\tNoExternalIp: pulumi.Bool(false),\n\t\t\t},\n\t\t})\n\t\tif err != nil {\n\t\t\treturn err\n\t\t}\n\t\t_, err = cloudfunctionsv2.NewFunction(ctx, \"function\", \u0026cloudfunctionsv2.FunctionArgs{\n\t\t\tName: pulumi.String(\"function-workerpool\"),\n\t\t\tLocation: pulumi.String(\"us-central1\"),\n\t\t\tDescription: pulumi.String(\"a new function\"),\n\t\t\tBuildConfig: \u0026cloudfunctionsv2.FunctionBuildConfigArgs{\n\t\t\t\tRuntime: pulumi.String(\"nodejs16\"),\n\t\t\t\tEntryPoint: pulumi.String(\"helloHttp\"),\n\t\t\t\tSource: \u0026cloudfunctionsv2.FunctionBuildConfigSourceArgs{\n\t\t\t\t\tStorageSource: \u0026cloudfunctionsv2.FunctionBuildConfigSourceStorageSourceArgs{\n\t\t\t\t\t\tBucket: bucket.Name,\n\t\t\t\t\t\tObject: object.Name,\n\t\t\t\t\t},\n\t\t\t\t},\n\t\t\t\tWorkerPool: pool.ID(),\n\t\t\t},\n\t\t\tServiceConfig: \u0026cloudfunctionsv2.FunctionServiceConfigArgs{\n\t\t\t\tMaxInstanceCount: pulumi.Int(1),\n\t\t\t\tAvailableMemory: pulumi.String(\"256M\"),\n\t\t\t\tTimeoutSeconds: pulumi.Int(60),\n\t\t\t},\n\t\t})\n\t\tif err != nil {\n\t\t\treturn err\n\t\t}\n\t\treturn nil\n\t})\n}\n```\n```java\npackage generated_program;\n\nimport com.pulumi.Context;\nimport com.pulumi.Pulumi;\nimport com.pulumi.core.Output;\nimport com.pulumi.gcp.storage.Bucket;\nimport com.pulumi.gcp.storage.BucketArgs;\nimport com.pulumi.gcp.storage.BucketObject;\nimport com.pulumi.gcp.storage.BucketObjectArgs;\nimport com.pulumi.gcp.cloudbuild.WorkerPool;\nimport com.pulumi.gcp.cloudbuild.WorkerPoolArgs;\nimport com.pulumi.gcp.cloudbuild.inputs.WorkerPoolWorkerConfigArgs;\nimport com.pulumi.gcp.cloudfunctionsv2.Function;\nimport com.pulumi.gcp.cloudfunctionsv2.FunctionArgs;\nimport com.pulumi.gcp.cloudfunctionsv2.inputs.FunctionBuildConfigArgs;\nimport com.pulumi.gcp.cloudfunctionsv2.inputs.FunctionBuildConfigSourceArgs;\nimport com.pulumi.gcp.cloudfunctionsv2.inputs.FunctionBuildConfigSourceStorageSourceArgs;\nimport com.pulumi.gcp.cloudfunctionsv2.inputs.FunctionServiceConfigArgs;\nimport com.pulumi.asset.FileAsset;\nimport java.util.List;\nimport java.util.ArrayList;\nimport java.util.Map;\nimport java.io.File;\nimport java.nio.file.Files;\nimport java.nio.file.Paths;\n\npublic class App {\n public static void main(String[] args) {\n Pulumi.run(App::stack);\n }\n\n public static void stack(Context ctx) {\n final var project = \"my-project-name\";\n\n var bucket = new Bucket(\"bucket\", BucketArgs.builder()\n .name(String.format(\"%s-gcf-source\", project))\n .location(\"US\")\n .uniformBucketLevelAccess(true)\n .build());\n\n var object = new BucketObject(\"object\", BucketObjectArgs.builder()\n .name(\"function-source.zip\")\n .bucket(bucket.name())\n .source(new FileAsset(\"function-source.zip\"))\n .build());\n\n var pool = new WorkerPool(\"pool\", WorkerPoolArgs.builder()\n .name(\"workerpool\")\n .location(\"us-central1\")\n .workerConfig(WorkerPoolWorkerConfigArgs.builder()\n .diskSizeGb(100)\n .machineType(\"e2-standard-8\")\n .noExternalIp(false)\n .build())\n .build());\n\n var function = new Function(\"function\", FunctionArgs.builder()\n .name(\"function-workerpool\")\n .location(\"us-central1\")\n .description(\"a new function\")\n .buildConfig(FunctionBuildConfigArgs.builder()\n .runtime(\"nodejs16\")\n .entryPoint(\"helloHttp\")\n .source(FunctionBuildConfigSourceArgs.builder()\n .storageSource(FunctionBuildConfigSourceStorageSourceArgs.builder()\n .bucket(bucket.name())\n .object(object.name())\n .build())\n .build())\n .workerPool(pool.id())\n .build())\n .serviceConfig(FunctionServiceConfigArgs.builder()\n .maxInstanceCount(1)\n .availableMemory(\"256M\")\n .timeoutSeconds(60)\n .build())\n .build());\n\n }\n}\n```\n```yaml\nresources:\n bucket:\n type: gcp:storage:Bucket\n properties:\n name: ${project}-gcf-source\n location: US\n uniformBucketLevelAccess: true\n object:\n type: gcp:storage:BucketObject\n properties:\n name: function-source.zip\n bucket: ${bucket.name}\n source:\n fn::FileAsset: function-source.zip\n pool:\n type: gcp:cloudbuild:WorkerPool\n properties:\n name: workerpool\n location: us-central1\n workerConfig:\n diskSizeGb: 100\n machineType: e2-standard-8\n noExternalIp: false\n function:\n type: gcp:cloudfunctionsv2:Function\n properties:\n name: function-workerpool\n location: us-central1\n description: a new function\n buildConfig:\n runtime: nodejs16\n entryPoint: helloHttp\n source:\n storageSource:\n bucket: ${bucket.name}\n object: ${object.name}\n workerPool: ${pool.id}\n serviceConfig:\n maxInstanceCount: 1\n availableMemory: 256M\n timeoutSeconds: 60\nvariables:\n project: my-project-name\n```\n\u003c!--End PulumiCodeChooser --\u003e\n### Cloudfunctions2 Cmek Docs\n\n\n\u003c!--Start PulumiCodeChooser --\u003e\n```typescript\nimport * as pulumi from \"@pulumi/pulumi\";\nimport * as gcp from \"@pulumi/gcp\";\n\nconst project = \"my-project-name\";\nconst projectGetProject = gcp.organizations.getProject({});\nconst bucket = new gcp.storage.Bucket(\"bucket\", {\n name: `${project}-gcf-source`,\n location: \"US\",\n uniformBucketLevelAccess: true,\n});\nconst object = new gcp.storage.BucketObject(\"object\", {\n name: \"function-source.zip\",\n bucket: bucket.name,\n source: new pulumi.asset.FileAsset(\"function-source.zip\"),\n});\nconst eaSa = new gcp.projects.ServiceIdentity(\"ea_sa\", {\n project: projectGetProject.then(projectGetProject =\u003e projectGetProject.projectId),\n service: \"eventarc.googleapis.com\",\n});\nconst unencoded_ar_repo = new gcp.artifactregistry.Repository(\"unencoded-ar-repo\", {\n repositoryId: \"ar-repo\",\n location: \"us-central1\",\n format: \"DOCKER\",\n});\nconst gcfCmekKeyuser = new gcp.kms.CryptoKeyIAMBinding(\"gcf_cmek_keyuser\", {\n cryptoKeyId: \"cmek-key\",\n role: \"roles/cloudkms.cryptoKeyEncrypterDecrypter\",\n members: [\n projectGetProject.then(projectGetProject =\u003e `serviceAccount:service-${projectGetProject.number}@gcf-admin-robot.iam.gserviceaccount.com`),\n projectGetProject.then(projectGetProject =\u003e `serviceAccount:service-${projectGetProject.number}@gcp-sa-artifactregistry.iam.gserviceaccount.com`),\n projectGetProject.then(projectGetProject =\u003e `serviceAccount:service-${projectGetProject.number}@gs-project-accounts.iam.gserviceaccount.com`),\n projectGetProject.then(projectGetProject =\u003e `serviceAccount:service-${projectGetProject.number}@serverless-robot-prod.iam.gserviceaccount.com`),\n pulumi.interpolate`serviceAccount:${eaSa.email}`,\n ],\n}, {\n dependsOn: [eaSa],\n});\nconst encoded_ar_repo = new gcp.artifactregistry.Repository(\"encoded-ar-repo\", {\n location: \"us-central1\",\n repositoryId: \"cmek-repo\",\n format: \"DOCKER\",\n kmsKeyName: \"cmek-key\",\n}, {\n dependsOn: [gcfCmekKeyuser],\n});\nconst binding = new gcp.artifactregistry.RepositoryIamBinding(\"binding\", {\n location: encoded_ar_repo.location,\n repository: encoded_ar_repo.name,\n role: \"roles/artifactregistry.admin\",\n members: [projectGetProject.then(projectGetProject =\u003e `serviceAccount:service-${projectGetProject.number}@gcf-admin-robot.iam.gserviceaccount.com`)],\n});\nconst _function = new gcp.cloudfunctionsv2.Function(\"function\", {\n name: \"function-cmek\",\n location: \"us-central1\",\n description: \"CMEK function\",\n kmsKeyName: \"cmek-key\",\n buildConfig: {\n runtime: \"nodejs16\",\n entryPoint: \"helloHttp\",\n dockerRepository: encoded_ar_repo.id,\n source: {\n storageSource: {\n bucket: bucket.name,\n object: object.name,\n },\n },\n },\n serviceConfig: {\n maxInstanceCount: 1,\n availableMemory: \"256M\",\n timeoutSeconds: 60,\n },\n}, {\n dependsOn: [gcfCmekKeyuser],\n});\n```\n```python\nimport pulumi\nimport pulumi_gcp as gcp\n\nproject = \"my-project-name\"\nproject_get_project = gcp.organizations.get_project()\nbucket = gcp.storage.Bucket(\"bucket\",\n name=f\"{project}-gcf-source\",\n location=\"US\",\n uniform_bucket_level_access=True)\nobject = gcp.storage.BucketObject(\"object\",\n name=\"function-source.zip\",\n bucket=bucket.name,\n source=pulumi.FileAsset(\"function-source.zip\"))\nea_sa = gcp.projects.ServiceIdentity(\"ea_sa\",\n project=project_get_project.project_id,\n service=\"eventarc.googleapis.com\")\nunencoded_ar_repo = gcp.artifactregistry.Repository(\"unencoded-ar-repo\",\n repository_id=\"ar-repo\",\n location=\"us-central1\",\n format=\"DOCKER\")\ngcf_cmek_keyuser = gcp.kms.CryptoKeyIAMBinding(\"gcf_cmek_keyuser\",\n crypto_key_id=\"cmek-key\",\n role=\"roles/cloudkms.cryptoKeyEncrypterDecrypter\",\n members=[\n f\"serviceAccount:service-{project_get_project.number}@gcf-admin-robot.iam.gserviceaccount.com\",\n f\"serviceAccount:service-{project_get_project.number}@gcp-sa-artifactregistry.iam.gserviceaccount.com\",\n f\"serviceAccount:service-{project_get_project.number}@gs-project-accounts.iam.gserviceaccount.com\",\n f\"serviceAccount:service-{project_get_project.number}@serverless-robot-prod.iam.gserviceaccount.com\",\n ea_sa.email.apply(lambda email: f\"serviceAccount:{email}\"),\n ],\n opts=pulumi.ResourceOptions(depends_on=[ea_sa]))\nencoded_ar_repo = gcp.artifactregistry.Repository(\"encoded-ar-repo\",\n location=\"us-central1\",\n repository_id=\"cmek-repo\",\n format=\"DOCKER\",\n kms_key_name=\"cmek-key\",\n opts=pulumi.ResourceOptions(depends_on=[gcf_cmek_keyuser]))\nbinding = gcp.artifactregistry.RepositoryIamBinding(\"binding\",\n location=encoded_ar_repo.location,\n repository=encoded_ar_repo.name,\n role=\"roles/artifactregistry.admin\",\n members=[f\"serviceAccount:service-{project_get_project.number}@gcf-admin-robot.iam.gserviceaccount.com\"])\nfunction = gcp.cloudfunctionsv2.Function(\"function\",\n name=\"function-cmek\",\n location=\"us-central1\",\n description=\"CMEK function\",\n kms_key_name=\"cmek-key\",\n build_config=gcp.cloudfunctionsv2.FunctionBuildConfigArgs(\n runtime=\"nodejs16\",\n entry_point=\"helloHttp\",\n docker_repository=encoded_ar_repo.id,\n source=gcp.cloudfunctionsv2.FunctionBuildConfigSourceArgs(\n storage_source=gcp.cloudfunctionsv2.FunctionBuildConfigSourceStorageSourceArgs(\n bucket=bucket.name,\n object=object.name,\n ),\n ),\n ),\n service_config=gcp.cloudfunctionsv2.FunctionServiceConfigArgs(\n max_instance_count=1,\n available_memory=\"256M\",\n timeout_seconds=60,\n ),\n opts=pulumi.ResourceOptions(depends_on=[gcf_cmek_keyuser]))\n```\n```csharp\nusing System.Collections.Generic;\nusing System.Linq;\nusing Pulumi;\nusing Gcp = Pulumi.Gcp;\n\nreturn await Deployment.RunAsync(() =\u003e \n{\n var project = \"my-project-name\";\n\n var projectGetProject = Gcp.Organizations.GetProject.Invoke();\n\n var bucket = new Gcp.Storage.Bucket(\"bucket\", new()\n {\n Name = $\"{project}-gcf-source\",\n Location = \"US\",\n UniformBucketLevelAccess = true,\n });\n\n var @object = new Gcp.Storage.BucketObject(\"object\", new()\n {\n Name = \"function-source.zip\",\n Bucket = bucket.Name,\n Source = new FileAsset(\"function-source.zip\"),\n });\n\n var eaSa = new Gcp.Projects.ServiceIdentity(\"ea_sa\", new()\n {\n Project = projectGetProject.Apply(getProjectResult =\u003e getProjectResult.ProjectId),\n Service = \"eventarc.googleapis.com\",\n });\n\n var unencoded_ar_repo = new Gcp.ArtifactRegistry.Repository(\"unencoded-ar-repo\", new()\n {\n RepositoryId = \"ar-repo\",\n Location = \"us-central1\",\n Format = \"DOCKER\",\n });\n\n var gcfCmekKeyuser = new Gcp.Kms.CryptoKeyIAMBinding(\"gcf_cmek_keyuser\", new()\n {\n CryptoKeyId = \"cmek-key\",\n Role = \"roles/cloudkms.cryptoKeyEncrypterDecrypter\",\n Members = new[]\n {\n $\"serviceAccount:service-{projectGetProject.Apply(getProjectResult =\u003e getProjectResult.Number)}@gcf-admin-robot.iam.gserviceaccount.com\",\n $\"serviceAccount:service-{projectGetProject.Apply(getProjectResult =\u003e getProjectResult.Number)}@gcp-sa-artifactregistry.iam.gserviceaccount.com\",\n $\"serviceAccount:service-{projectGetProject.Apply(getProjectResult =\u003e getProjectResult.Number)}@gs-project-accounts.iam.gserviceaccount.com\",\n $\"serviceAccount:service-{projectGetProject.Apply(getProjectResult =\u003e getProjectResult.Number)}@serverless-robot-prod.iam.gserviceaccount.com\",\n eaSa.Email.Apply(email =\u003e $\"serviceAccount:{email}\"),\n },\n }, new CustomResourceOptions\n {\n DependsOn =\n {\n eaSa,\n },\n });\n\n var encoded_ar_repo = new Gcp.ArtifactRegistry.Repository(\"encoded-ar-repo\", new()\n {\n Location = \"us-central1\",\n RepositoryId = \"cmek-repo\",\n Format = \"DOCKER\",\n KmsKeyName = \"cmek-key\",\n }, new CustomResourceOptions\n {\n DependsOn =\n {\n gcfCmekKeyuser,\n },\n });\n\n var binding = new Gcp.ArtifactRegistry.RepositoryIamBinding(\"binding\", new()\n {\n Location = encoded_ar_repo.Location,\n Repository = encoded_ar_repo.Name,\n Role = \"roles/artifactregistry.admin\",\n Members = new[]\n {\n $\"serviceAccount:service-{projectGetProject.Apply(getProjectResult =\u003e getProjectResult.Number)}@gcf-admin-robot.iam.gserviceaccount.com\",\n },\n });\n\n var function = new Gcp.CloudFunctionsV2.Function(\"function\", new()\n {\n Name = \"function-cmek\",\n Location = \"us-central1\",\n Description = \"CMEK function\",\n KmsKeyName = \"cmek-key\",\n BuildConfig = new Gcp.CloudFunctionsV2.Inputs.FunctionBuildConfigArgs\n {\n Runtime = \"nodejs16\",\n EntryPoint = \"helloHttp\",\n DockerRepository = encoded_ar_repo.Id,\n Source = new Gcp.CloudFunctionsV2.Inputs.FunctionBuildConfigSourceArgs\n {\n StorageSource = new Gcp.CloudFunctionsV2.Inputs.FunctionBuildConfigSourceStorageSourceArgs\n {\n Bucket = bucket.Name,\n Object = @object.Name,\n },\n },\n },\n ServiceConfig = new Gcp.CloudFunctionsV2.Inputs.FunctionServiceConfigArgs\n {\n MaxInstanceCount = 1,\n AvailableMemory = \"256M\",\n TimeoutSeconds = 60,\n },\n }, new CustomResourceOptions\n {\n DependsOn =\n {\n gcfCmekKeyuser,\n },\n });\n\n});\n```\n```go\npackage main\n\nimport (\n\t\"fmt\"\n\n\t\"github.com/pulumi/pulumi-gcp/sdk/v7/go/gcp/artifactregistry\"\n\t\"github.com/pulumi/pulumi-gcp/sdk/v7/go/gcp/cloudfunctionsv2\"\n\t\"github.com/pulumi/pulumi-gcp/sdk/v7/go/gcp/kms\"\n\t\"github.com/pulumi/pulumi-gcp/sdk/v7/go/gcp/organizations\"\n\t\"github.com/pulumi/pulumi-gcp/sdk/v7/go/gcp/projects\"\n\t\"github.com/pulumi/pulumi-gcp/sdk/v7/go/gcp/storage\"\n\t\"github.com/pulumi/pulumi/sdk/v3/go/pulumi\"\n)\n\nfunc main() {\n\tpulumi.Run(func(ctx *pulumi.Context) error {\n\t\tproject := \"my-project-name\"\n\t\tprojectGetProject, err := organizations.LookupProject(ctx, nil, nil)\n\t\tif err != nil {\n\t\t\treturn err\n\t\t}\n\t\tbucket, err := storage.NewBucket(ctx, \"bucket\", \u0026storage.BucketArgs{\n\t\t\tName: pulumi.String(fmt.Sprintf(\"%v-gcf-source\", project)),\n\t\t\tLocation: pulumi.String(\"US\"),\n\t\t\tUniformBucketLevelAccess: pulumi.Bool(true),\n\t\t})\n\t\tif err != nil {\n\t\t\treturn err\n\t\t}\n\t\tobject, err := storage.NewBucketObject(ctx, \"object\", \u0026storage.BucketObjectArgs{\n\t\t\tName: pulumi.String(\"function-source.zip\"),\n\t\t\tBucket: bucket.Name,\n\t\t\tSource: pulumi.NewFileAsset(\"function-source.zip\"),\n\t\t})\n\t\tif err != nil {\n\t\t\treturn err\n\t\t}\n\t\teaSa, err := projects.NewServiceIdentity(ctx, \"ea_sa\", \u0026projects.ServiceIdentityArgs{\n\t\t\tProject: pulumi.String(projectGetProject.ProjectId),\n\t\t\tService: pulumi.String(\"eventarc.googleapis.com\"),\n\t\t})\n\t\tif err != nil {\n\t\t\treturn err\n\t\t}\n\t\t_, err = artifactregistry.NewRepository(ctx, \"unencoded-ar-repo\", \u0026artifactregistry.RepositoryArgs{\n\t\t\tRepositoryId: pulumi.String(\"ar-repo\"),\n\t\t\tLocation: pulumi.String(\"us-central1\"),\n\t\t\tFormat: pulumi.String(\"DOCKER\"),\n\t\t})\n\t\tif err != nil {\n\t\t\treturn err\n\t\t}\n\t\tgcfCmekKeyuser, err := kms.NewCryptoKeyIAMBinding(ctx, \"gcf_cmek_keyuser\", \u0026kms.CryptoKeyIAMBindingArgs{\n\t\t\tCryptoKeyId: pulumi.String(\"cmek-key\"),\n\t\t\tRole: pulumi.String(\"roles/cloudkms.cryptoKeyEncrypterDecrypter\"),\n\t\t\tMembers: pulumi.StringArray{\n\t\t\t\tpulumi.String(fmt.Sprintf(\"serviceAccount:service-%v@gcf-admin-robot.iam.gserviceaccount.com\", projectGetProject.Number)),\n\t\t\t\tpulumi.String(fmt.Sprintf(\"serviceAccount:service-%v@gcp-sa-artifactregistry.iam.gserviceaccount.com\", projectGetProject.Number)),\n\t\t\t\tpulumi.String(fmt.Sprintf(\"serviceAccount:service-%v@gs-project-accounts.iam.gserviceaccount.com\", projectGetProject.Number)),\n\t\t\t\tpulumi.String(fmt.Sprintf(\"serviceAccount:service-%v@serverless-robot-prod.iam.gserviceaccount.com\", projectGetProject.Number)),\n\t\t\t\teaSa.Email.ApplyT(func(email string) (string, error) {\n\t\t\t\t\treturn fmt.Sprintf(\"serviceAccount:%v\", email), nil\n\t\t\t\t}).(pulumi.StringOutput),\n\t\t\t},\n\t\t}, pulumi.DependsOn([]pulumi.Resource{\n\t\t\teaSa,\n\t\t}))\n\t\tif err != nil {\n\t\t\treturn err\n\t\t}\n\t\t_, err = artifactregistry.NewRepository(ctx, \"encoded-ar-repo\", \u0026artifactregistry.RepositoryArgs{\n\t\t\tLocation: pulumi.String(\"us-central1\"),\n\t\t\tRepositoryId: pulumi.String(\"cmek-repo\"),\n\t\t\tFormat: pulumi.String(\"DOCKER\"),\n\t\t\tKmsKeyName: pulumi.String(\"cmek-key\"),\n\t\t}, pulumi.DependsOn([]pulumi.Resource{\n\t\t\tgcfCmekKeyuser,\n\t\t}))\n\t\tif err != nil {\n\t\t\treturn err\n\t\t}\n\t\t_, err = artifactregistry.NewRepositoryIamBinding(ctx, \"binding\", \u0026artifactregistry.RepositoryIamBindingArgs{\n\t\t\tLocation: encoded_ar_repo.Location,\n\t\t\tRepository: encoded_ar_repo.Name,\n\t\t\tRole: pulumi.String(\"roles/artifactregistry.admin\"),\n\t\t\tMembers: pulumi.StringArray{\n\t\t\t\tpulumi.String(fmt.Sprintf(\"serviceAccount:service-%v@gcf-admin-robot.iam.gserviceaccount.com\", projectGetProject.Number)),\n\t\t\t},\n\t\t})\n\t\tif err != nil {\n\t\t\treturn err\n\t\t}\n\t\t_, err = cloudfunctionsv2.NewFunction(ctx, \"function\", \u0026cloudfunctionsv2.FunctionArgs{\n\t\t\tName: pulumi.String(\"function-cmek\"),\n\t\t\tLocation: pulumi.String(\"us-central1\"),\n\t\t\tDescription: pulumi.String(\"CMEK function\"),\n\t\t\tKmsKeyName: pulumi.String(\"cmek-key\"),\n\t\t\tBuildConfig: \u0026cloudfunctionsv2.FunctionBuildConfigArgs{\n\t\t\t\tRuntime: pulumi.String(\"nodejs16\"),\n\t\t\t\tEntryPoint: pulumi.String(\"helloHttp\"),\n\t\t\t\tDockerRepository: encoded_ar_repo.ID(),\n\t\t\t\tSource: \u0026cloudfunctionsv2.FunctionBuildConfigSourceArgs{\n\t\t\t\t\tStorageSource: \u0026cloudfunctionsv2.FunctionBuildConfigSourceStorageSourceArgs{\n\t\t\t\t\t\tBucket: bucket.Name,\n\t\t\t\t\t\tObject: object.Name,\n\t\t\t\t\t},\n\t\t\t\t},\n\t\t\t},\n\t\t\tServiceConfig: \u0026cloudfunctionsv2.FunctionServiceConfigArgs{\n\t\t\t\tMaxInstanceCount: pulumi.Int(1),\n\t\t\t\tAvailableMemory: pulumi.String(\"256M\"),\n\t\t\t\tTimeoutSeconds: pulumi.Int(60),\n\t\t\t},\n\t\t}, pulumi.DependsOn([]pulumi.Resource{\n\t\t\tgcfCmekKeyuser,\n\t\t}))\n\t\tif err != nil {\n\t\t\treturn err\n\t\t}\n\t\treturn nil\n\t})\n}\n```\n```java\npackage generated_program;\n\nimport com.pulumi.Context;\nimport com.pulumi.Pulumi;\nimport com.pulumi.core.Output;\nimport com.pulumi.gcp.organizations.OrganizationsFunctions;\nimport com.pulumi.gcp.organizations.inputs.GetProjectArgs;\nimport com.pulumi.gcp.storage.Bucket;\nimport com.pulumi.gcp.storage.BucketArgs;\nimport com.pulumi.gcp.storage.BucketObject;\nimport com.pulumi.gcp.storage.BucketObjectArgs;\nimport com.pulumi.gcp.projects.ServiceIdentity;\nimport com.pulumi.gcp.projects.ServiceIdentityArgs;\nimport com.pulumi.gcp.artifactregistry.Repository;\nimport com.pulumi.gcp.artifactregistry.RepositoryArgs;\nimport com.pulumi.gcp.kms.CryptoKeyIAMBinding;\nimport com.pulumi.gcp.kms.CryptoKeyIAMBindingArgs;\nimport com.pulumi.gcp.artifactregistry.RepositoryIamBinding;\nimport com.pulumi.gcp.artifactregistry.RepositoryIamBindingArgs;\nimport com.pulumi.gcp.cloudfunctionsv2.Function;\nimport com.pulumi.gcp.cloudfunctionsv2.FunctionArgs;\nimport com.pulumi.gcp.cloudfunctionsv2.inputs.FunctionBuildConfigArgs;\nimport com.pulumi.gcp.cloudfunctionsv2.inputs.FunctionBuildConfigSourceArgs;\nimport com.pulumi.gcp.cloudfunctionsv2.inputs.FunctionBuildConfigSourceStorageSourceArgs;\nimport com.pulumi.gcp.cloudfunctionsv2.inputs.FunctionServiceConfigArgs;\nimport com.pulumi.resources.CustomResourceOptions;\nimport com.pulumi.asset.FileAsset;\nimport java.util.List;\nimport java.util.ArrayList;\nimport java.util.Map;\nimport java.io.File;\nimport java.nio.file.Files;\nimport java.nio.file.Paths;\n\npublic class App {\n public static void main(String[] args) {\n Pulumi.run(App::stack);\n }\n\n public static void stack(Context ctx) {\n final var project = \"my-project-name\";\n\n final var projectGetProject = OrganizationsFunctions.getProject();\n\n var bucket = new Bucket(\"bucket\", BucketArgs.builder()\n .name(String.format(\"%s-gcf-source\", project))\n .location(\"US\")\n .uniformBucketLevelAccess(true)\n .build());\n\n var object = new BucketObject(\"object\", BucketObjectArgs.builder()\n .name(\"function-source.zip\")\n .bucket(bucket.name())\n .source(new FileAsset(\"function-source.zip\"))\n .build());\n\n var eaSa = new ServiceIdentity(\"eaSa\", ServiceIdentityArgs.builder()\n .project(projectGetProject.applyValue(getProjectResult -\u003e getProjectResult.projectId()))\n .service(\"eventarc.googleapis.com\")\n .build());\n\n var unencoded_ar_repo = new Repository(\"unencoded-ar-repo\", RepositoryArgs.builder()\n .repositoryId(\"ar-repo\")\n .location(\"us-central1\")\n .format(\"DOCKER\")\n .build());\n\n var gcfCmekKeyuser = new CryptoKeyIAMBinding(\"gcfCmekKeyuser\", CryptoKeyIAMBindingArgs.builder()\n .cryptoKeyId(\"cmek-key\")\n .role(\"roles/cloudkms.cryptoKeyEncrypterDecrypter\")\n .members( \n String.format(\"serviceAccount:service-%s@gcf-admin-robot.iam.gserviceaccount.com\", projectGetProject.applyValue(getProjectResult -\u003e getProjectResult.number())),\n String.format(\"serviceAccount:service-%s@gcp-sa-artifactregistry.iam.gserviceaccount.com\", projectGetProject.applyValue(getProjectResult -\u003e getProjectResult.number())),\n String.format(\"serviceAccount:service-%s@gs-project-accounts.iam.gserviceaccount.com\", projectGetProject.applyValue(getProjectResult -\u003e getProjectResult.number())),\n String.format(\"serviceAccount:service-%s@serverless-robot-prod.iam.gserviceaccount.com\", projectGetProject.applyValue(getProjectResult -\u003e getProjectResult.number())),\n eaSa.email().applyValue(email -\u003e String.format(\"serviceAccount:%s\", email)))\n .build(), CustomResourceOptions.builder()\n .dependsOn(eaSa)\n .build());\n\n var encoded_ar_repo = new Repository(\"encoded-ar-repo\", RepositoryArgs.builder()\n .location(\"us-central1\")\n .repositoryId(\"cmek-repo\")\n .format(\"DOCKER\")\n .kmsKeyName(\"cmek-key\")\n .build(), CustomResourceOptions.builder()\n .dependsOn(gcfCmekKeyuser)\n .build());\n\n var binding = new RepositoryIamBinding(\"binding\", RepositoryIamBindingArgs.builder()\n .location(encoded_ar_repo.location())\n .repository(encoded_ar_repo.name())\n .role(\"roles/artifactregistry.admin\")\n .members(String.format(\"serviceAccount:service-%s@gcf-admin-robot.iam.gserviceaccount.com\", projectGetProject.applyValue(getProjectResult -\u003e getProjectResult.number())))\n .build());\n\n var function = new Function(\"function\", FunctionArgs.builder()\n .name(\"function-cmek\")\n .location(\"us-central1\")\n .description(\"CMEK function\")\n .kmsKeyName(\"cmek-key\")\n .buildConfig(FunctionBuildConfigArgs.builder()\n .runtime(\"nodejs16\")\n .entryPoint(\"helloHttp\")\n .dockerRepository(encoded_ar_repo.id())\n .source(FunctionBuildConfigSourceArgs.builder()\n .storageSource(FunctionBuildConfigSourceStorageSourceArgs.builder()\n .bucket(bucket.name())\n .object(object.name())\n .build())\n .build())\n .build())\n .serviceConfig(FunctionServiceConfigArgs.builder()\n .maxInstanceCount(1)\n .availableMemory(\"256M\")\n .timeoutSeconds(60)\n .build())\n .build(), CustomResourceOptions.builder()\n .dependsOn(gcfCmekKeyuser)\n .build());\n\n }\n}\n```\n```yaml\nresources:\n bucket:\n type: gcp:storage:Bucket\n properties:\n name: ${project}-gcf-source\n location: US\n uniformBucketLevelAccess: true\n object:\n type: gcp:storage:BucketObject\n properties:\n name: function-source.zip\n bucket: ${bucket.name}\n source:\n fn::FileAsset: function-source.zip\n eaSa:\n type: gcp:projects:ServiceIdentity\n name: ea_sa\n properties:\n project: ${projectGetProject.projectId}\n service: eventarc.googleapis.com\n unencoded-ar-repo:\n type: gcp:artifactregistry:Repository\n properties:\n repositoryId: ar-repo\n location: us-central1\n format: DOCKER\n binding:\n type: gcp:artifactregistry:RepositoryIamBinding\n properties:\n location: ${[\"encoded-ar-repo\"].location}\n repository: ${[\"encoded-ar-repo\"].name}\n role: roles/artifactregistry.admin\n members:\n - serviceAccount:service-${projectGetProject.number}@gcf-admin-robot.iam.gserviceaccount.com\n gcfCmekKeyuser:\n type: gcp:kms:CryptoKeyIAMBinding\n name: gcf_cmek_keyuser\n properties:\n cryptoKeyId: cmek-key\n role: roles/cloudkms.cryptoKeyEncrypterDecrypter\n members:\n - serviceAccount:service-${projectGetProject.number}@gcf-admin-robot.iam.gserviceaccount.com\n - serviceAccount:service-${projectGetProject.number}@gcp-sa-artifactregistry.iam.gserviceaccount.com\n - serviceAccount:service-${projectGetProject.number}@gs-project-accounts.iam.gserviceaccount.com\n - serviceAccount:service-${projectGetProject.number}@serverless-robot-prod.iam.gserviceaccount.com\n - serviceAccount:${eaSa.email}\n options:\n dependson:\n - ${eaSa}\n encoded-ar-repo:\n type: gcp:artifactregistry:Repository\n properties:\n location: us-central1\n repositoryId: cmek-repo\n format: DOCKER\n kmsKeyName: cmek-key\n options:\n dependson:\n - ${gcfCmekKeyuser}\n function:\n type: gcp:cloudfunctionsv2:Function\n properties:\n name: function-cmek\n location: us-central1\n description: CMEK function\n kmsKeyName: cmek-key\n buildConfig:\n runtime: nodejs16\n entryPoint: helloHttp\n dockerRepository: ${[\"encoded-ar-repo\"].id}\n source:\n storageSource:\n bucket: ${bucket.name}\n object: ${object.name}\n serviceConfig:\n maxInstanceCount: 1\n availableMemory: 256M\n timeoutSeconds: 60\n options:\n dependson:\n - ${gcfCmekKeyuser}\nvariables:\n project: my-project-name\n projectGetProject:\n fn::invoke:\n Function: gcp:organizations:getProject\n Arguments: {}\n```\n\u003c!--End PulumiCodeChooser --\u003e\n\n## Import\n\nfunction can be imported using any of these accepted formats:\n\n* `projects/{{project}}/locations/{{location}}/functions/{{name}}`\n\n* `{{project}}/{{location}}/{{name}}`\n\n* `{{location}}/{{name}}`\n\nWhen using the `pulumi import` command, function can be imported using one of the formats above. For example:\n\n```sh\n$ pulumi import gcp:cloudfunctionsv2/function:Function default projects/{{project}}/locations/{{location}}/functions/{{name}}\n```\n\n```sh\n$ pulumi import gcp:cloudfunctionsv2/function:Function default {{project}}/{{location}}/{{name}}\n```\n\n```sh\n$ pulumi import gcp:cloudfunctionsv2/function:Function default {{location}}/{{name}}\n```\n\n", + "description": "A Cloud Function that contains user computation executed in response to an event.\n\n\nTo get more information about function, see:\n\n* [API documentation](https://cloud.google.com/functions/docs/reference/rest/v2beta/projects.locations.functions)\n\n## Example Usage\n\n### Cloudfunctions2 Basic\n\n\n\u003c!--Start PulumiCodeChooser --\u003e\n```typescript\nimport * as pulumi from \"@pulumi/pulumi\";\nimport * as gcp from \"@pulumi/gcp\";\n\nconst project = \"my-project-name\";\nconst bucket = new gcp.storage.Bucket(\"bucket\", {\n name: `${project}-gcf-source`,\n location: \"US\",\n uniformBucketLevelAccess: true,\n});\nconst object = new gcp.storage.BucketObject(\"object\", {\n name: \"function-source.zip\",\n bucket: bucket.name,\n source: new pulumi.asset.FileAsset(\"function-source.zip\"),\n});\nconst _function = new gcp.cloudfunctionsv2.Function(\"function\", {\n name: \"function-v2\",\n location: \"us-central1\",\n description: \"a new function\",\n buildConfig: {\n runtime: \"nodejs16\",\n entryPoint: \"helloHttp\",\n source: {\n storageSource: {\n bucket: bucket.name,\n object: object.name,\n },\n },\n },\n serviceConfig: {\n maxInstanceCount: 1,\n availableMemory: \"256M\",\n timeoutSeconds: 60,\n },\n});\n```\n```python\nimport pulumi\nimport pulumi_gcp as gcp\n\nproject = \"my-project-name\"\nbucket = gcp.storage.Bucket(\"bucket\",\n name=f\"{project}-gcf-source\",\n location=\"US\",\n uniform_bucket_level_access=True)\nobject = gcp.storage.BucketObject(\"object\",\n name=\"function-source.zip\",\n bucket=bucket.name,\n source=pulumi.FileAsset(\"function-source.zip\"))\nfunction = gcp.cloudfunctionsv2.Function(\"function\",\n name=\"function-v2\",\n location=\"us-central1\",\n description=\"a new function\",\n build_config=gcp.cloudfunctionsv2.FunctionBuildConfigArgs(\n runtime=\"nodejs16\",\n entry_point=\"helloHttp\",\n source=gcp.cloudfunctionsv2.FunctionBuildConfigSourceArgs(\n storage_source=gcp.cloudfunctionsv2.FunctionBuildConfigSourceStorageSourceArgs(\n bucket=bucket.name,\n object=object.name,\n ),\n ),\n ),\n service_config=gcp.cloudfunctionsv2.FunctionServiceConfigArgs(\n max_instance_count=1,\n available_memory=\"256M\",\n timeout_seconds=60,\n ))\n```\n```csharp\nusing System.Collections.Generic;\nusing System.Linq;\nusing Pulumi;\nusing Gcp = Pulumi.Gcp;\n\nreturn await Deployment.RunAsync(() =\u003e \n{\n var project = \"my-project-name\";\n\n var bucket = new Gcp.Storage.Bucket(\"bucket\", new()\n {\n Name = $\"{project}-gcf-source\",\n Location = \"US\",\n UniformBucketLevelAccess = true,\n });\n\n var @object = new Gcp.Storage.BucketObject(\"object\", new()\n {\n Name = \"function-source.zip\",\n Bucket = bucket.Name,\n Source = new FileAsset(\"function-source.zip\"),\n });\n\n var function = new Gcp.CloudFunctionsV2.Function(\"function\", new()\n {\n Name = \"function-v2\",\n Location = \"us-central1\",\n Description = \"a new function\",\n BuildConfig = new Gcp.CloudFunctionsV2.Inputs.FunctionBuildConfigArgs\n {\n Runtime = \"nodejs16\",\n EntryPoint = \"helloHttp\",\n Source = new Gcp.CloudFunctionsV2.Inputs.FunctionBuildConfigSourceArgs\n {\n StorageSource = new Gcp.CloudFunctionsV2.Inputs.FunctionBuildConfigSourceStorageSourceArgs\n {\n Bucket = bucket.Name,\n Object = @object.Name,\n },\n },\n },\n ServiceConfig = new Gcp.CloudFunctionsV2.Inputs.FunctionServiceConfigArgs\n {\n MaxInstanceCount = 1,\n AvailableMemory = \"256M\",\n TimeoutSeconds = 60,\n },\n });\n\n});\n```\n```go\npackage main\n\nimport (\n\t\"fmt\"\n\n\t\"github.com/pulumi/pulumi-gcp/sdk/v7/go/gcp/cloudfunctionsv2\"\n\t\"github.com/pulumi/pulumi-gcp/sdk/v7/go/gcp/storage\"\n\t\"github.com/pulumi/pulumi/sdk/v3/go/pulumi\"\n)\n\nfunc main() {\n\tpulumi.Run(func(ctx *pulumi.Context) error {\n\t\tproject := \"my-project-name\"\n\t\tbucket, err := storage.NewBucket(ctx, \"bucket\", \u0026storage.BucketArgs{\n\t\t\tName: pulumi.String(fmt.Sprintf(\"%v-gcf-source\", project)),\n\t\t\tLocation: pulumi.String(\"US\"),\n\t\t\tUniformBucketLevelAccess: pulumi.Bool(true),\n\t\t})\n\t\tif err != nil {\n\t\t\treturn err\n\t\t}\n\t\tobject, err := storage.NewBucketObject(ctx, \"object\", \u0026storage.BucketObjectArgs{\n\t\t\tName: pulumi.String(\"function-source.zip\"),\n\t\t\tBucket: bucket.Name,\n\t\t\tSource: pulumi.NewFileAsset(\"function-source.zip\"),\n\t\t})\n\t\tif err != nil {\n\t\t\treturn err\n\t\t}\n\t\t_, err = cloudfunctionsv2.NewFunction(ctx, \"function\", \u0026cloudfunctionsv2.FunctionArgs{\n\t\t\tName: pulumi.String(\"function-v2\"),\n\t\t\tLocation: pulumi.String(\"us-central1\"),\n\t\t\tDescription: pulumi.String(\"a new function\"),\n\t\t\tBuildConfig: \u0026cloudfunctionsv2.FunctionBuildConfigArgs{\n\t\t\t\tRuntime: pulumi.String(\"nodejs16\"),\n\t\t\t\tEntryPoint: pulumi.String(\"helloHttp\"),\n\t\t\t\tSource: \u0026cloudfunctionsv2.FunctionBuildConfigSourceArgs{\n\t\t\t\t\tStorageSource: \u0026cloudfunctionsv2.FunctionBuildConfigSourceStorageSourceArgs{\n\t\t\t\t\t\tBucket: bucket.Name,\n\t\t\t\t\t\tObject: object.Name,\n\t\t\t\t\t},\n\t\t\t\t},\n\t\t\t},\n\t\t\tServiceConfig: \u0026cloudfunctionsv2.FunctionServiceConfigArgs{\n\t\t\t\tMaxInstanceCount: pulumi.Int(1),\n\t\t\t\tAvailableMemory: pulumi.String(\"256M\"),\n\t\t\t\tTimeoutSeconds: pulumi.Int(60),\n\t\t\t},\n\t\t})\n\t\tif err != nil {\n\t\t\treturn err\n\t\t}\n\t\treturn nil\n\t})\n}\n```\n```java\npackage generated_program;\n\nimport com.pulumi.Context;\nimport com.pulumi.Pulumi;\nimport com.pulumi.core.Output;\nimport com.pulumi.gcp.storage.Bucket;\nimport com.pulumi.gcp.storage.BucketArgs;\nimport com.pulumi.gcp.storage.BucketObject;\nimport com.pulumi.gcp.storage.BucketObjectArgs;\nimport com.pulumi.gcp.cloudfunctionsv2.Function;\nimport com.pulumi.gcp.cloudfunctionsv2.FunctionArgs;\nimport com.pulumi.gcp.cloudfunctionsv2.inputs.FunctionBuildConfigArgs;\nimport com.pulumi.gcp.cloudfunctionsv2.inputs.FunctionBuildConfigSourceArgs;\nimport com.pulumi.gcp.cloudfunctionsv2.inputs.FunctionBuildConfigSourceStorageSourceArgs;\nimport com.pulumi.gcp.cloudfunctionsv2.inputs.FunctionServiceConfigArgs;\nimport com.pulumi.asset.FileAsset;\nimport java.util.List;\nimport java.util.ArrayList;\nimport java.util.Map;\nimport java.io.File;\nimport java.nio.file.Files;\nimport java.nio.file.Paths;\n\npublic class App {\n public static void main(String[] args) {\n Pulumi.run(App::stack);\n }\n\n public static void stack(Context ctx) {\n final var project = \"my-project-name\";\n\n var bucket = new Bucket(\"bucket\", BucketArgs.builder()\n .name(String.format(\"%s-gcf-source\", project))\n .location(\"US\")\n .uniformBucketLevelAccess(true)\n .build());\n\n var object = new BucketObject(\"object\", BucketObjectArgs.builder()\n .name(\"function-source.zip\")\n .bucket(bucket.name())\n .source(new FileAsset(\"function-source.zip\"))\n .build());\n\n var function = new Function(\"function\", FunctionArgs.builder()\n .name(\"function-v2\")\n .location(\"us-central1\")\n .description(\"a new function\")\n .buildConfig(FunctionBuildConfigArgs.builder()\n .runtime(\"nodejs16\")\n .entryPoint(\"helloHttp\")\n .source(FunctionBuildConfigSourceArgs.builder()\n .storageSource(FunctionBuildConfigSourceStorageSourceArgs.builder()\n .bucket(bucket.name())\n .object(object.name())\n .build())\n .build())\n .build())\n .serviceConfig(FunctionServiceConfigArgs.builder()\n .maxInstanceCount(1)\n .availableMemory(\"256M\")\n .timeoutSeconds(60)\n .build())\n .build());\n\n }\n}\n```\n```yaml\nresources:\n bucket:\n type: gcp:storage:Bucket\n properties:\n name: ${project}-gcf-source\n location: US\n uniformBucketLevelAccess: true\n object:\n type: gcp:storage:BucketObject\n properties:\n name: function-source.zip\n bucket: ${bucket.name}\n source:\n fn::FileAsset: function-source.zip\n function:\n type: gcp:cloudfunctionsv2:Function\n properties:\n name: function-v2\n location: us-central1\n description: a new function\n buildConfig:\n runtime: nodejs16\n entryPoint: helloHttp\n source:\n storageSource:\n bucket: ${bucket.name}\n object: ${object.name}\n serviceConfig:\n maxInstanceCount: 1\n availableMemory: 256M\n timeoutSeconds: 60\nvariables:\n project: my-project-name\n```\n\u003c!--End PulumiCodeChooser --\u003e\n### Cloudfunctions2 Full\n\n\n\u003c!--Start PulumiCodeChooser --\u003e\n```typescript\nimport * as pulumi from \"@pulumi/pulumi\";\nimport * as gcp from \"@pulumi/gcp\";\n\nconst project = \"my-project-name\";\nconst account = new gcp.serviceaccount.Account(\"account\", {\n accountId: \"gcf-sa\",\n displayName: \"Test Service Account\",\n});\nconst topic = new gcp.pubsub.Topic(\"topic\", {name: \"functions2-topic\"});\nconst bucket = new gcp.storage.Bucket(\"bucket\", {\n name: `${project}-gcf-source`,\n location: \"US\",\n uniformBucketLevelAccess: true,\n});\nconst object = new gcp.storage.BucketObject(\"object\", {\n name: \"function-source.zip\",\n bucket: bucket.name,\n source: new pulumi.asset.FileAsset(\"function-source.zip\"),\n});\nconst _function = new gcp.cloudfunctionsv2.Function(\"function\", {\n name: \"gcf-function\",\n location: \"us-central1\",\n description: \"a new function\",\n buildConfig: {\n runtime: \"nodejs16\",\n entryPoint: \"helloPubSub\",\n environmentVariables: {\n BUILD_CONFIG_TEST: \"build_test\",\n },\n source: {\n storageSource: {\n bucket: bucket.name,\n object: object.name,\n },\n },\n },\n serviceConfig: {\n maxInstanceCount: 3,\n minInstanceCount: 1,\n availableMemory: \"4Gi\",\n timeoutSeconds: 60,\n maxInstanceRequestConcurrency: 80,\n availableCpu: \"4\",\n environmentVariables: {\n SERVICE_CONFIG_TEST: \"config_test\",\n },\n ingressSettings: \"ALLOW_INTERNAL_ONLY\",\n allTrafficOnLatestRevision: true,\n serviceAccountEmail: account.email,\n },\n eventTrigger: {\n triggerRegion: \"us-central1\",\n eventType: \"google.cloud.pubsub.topic.v1.messagePublished\",\n pubsubTopic: topic.id,\n retryPolicy: \"RETRY_POLICY_RETRY\",\n },\n});\n```\n```python\nimport pulumi\nimport pulumi_gcp as gcp\n\nproject = \"my-project-name\"\naccount = gcp.serviceaccount.Account(\"account\",\n account_id=\"gcf-sa\",\n display_name=\"Test Service Account\")\ntopic = gcp.pubsub.Topic(\"topic\", name=\"functions2-topic\")\nbucket = gcp.storage.Bucket(\"bucket\",\n name=f\"{project}-gcf-source\",\n location=\"US\",\n uniform_bucket_level_access=True)\nobject = gcp.storage.BucketObject(\"object\",\n name=\"function-source.zip\",\n bucket=bucket.name,\n source=pulumi.FileAsset(\"function-source.zip\"))\nfunction = gcp.cloudfunctionsv2.Function(\"function\",\n name=\"gcf-function\",\n location=\"us-central1\",\n description=\"a new function\",\n build_config=gcp.cloudfunctionsv2.FunctionBuildConfigArgs(\n runtime=\"nodejs16\",\n entry_point=\"helloPubSub\",\n environment_variables={\n \"BUILD_CONFIG_TEST\": \"build_test\",\n },\n source=gcp.cloudfunctionsv2.FunctionBuildConfigSourceArgs(\n storage_source=gcp.cloudfunctionsv2.FunctionBuildConfigSourceStorageSourceArgs(\n bucket=bucket.name,\n object=object.name,\n ),\n ),\n ),\n service_config=gcp.cloudfunctionsv2.FunctionServiceConfigArgs(\n max_instance_count=3,\n min_instance_count=1,\n available_memory=\"4Gi\",\n timeout_seconds=60,\n max_instance_request_concurrency=80,\n available_cpu=\"4\",\n environment_variables={\n \"SERVICE_CONFIG_TEST\": \"config_test\",\n },\n ingress_settings=\"ALLOW_INTERNAL_ONLY\",\n all_traffic_on_latest_revision=True,\n service_account_email=account.email,\n ),\n event_trigger=gcp.cloudfunctionsv2.FunctionEventTriggerArgs(\n trigger_region=\"us-central1\",\n event_type=\"google.cloud.pubsub.topic.v1.messagePublished\",\n pubsub_topic=topic.id,\n retry_policy=\"RETRY_POLICY_RETRY\",\n ))\n```\n```csharp\nusing System.Collections.Generic;\nusing System.Linq;\nusing Pulumi;\nusing Gcp = Pulumi.Gcp;\n\nreturn await Deployment.RunAsync(() =\u003e \n{\n var project = \"my-project-name\";\n\n var account = new Gcp.ServiceAccount.Account(\"account\", new()\n {\n AccountId = \"gcf-sa\",\n DisplayName = \"Test Service Account\",\n });\n\n var topic = new Gcp.PubSub.Topic(\"topic\", new()\n {\n Name = \"functions2-topic\",\n });\n\n var bucket = new Gcp.Storage.Bucket(\"bucket\", new()\n {\n Name = $\"{project}-gcf-source\",\n Location = \"US\",\n UniformBucketLevelAccess = true,\n });\n\n var @object = new Gcp.Storage.BucketObject(\"object\", new()\n {\n Name = \"function-source.zip\",\n Bucket = bucket.Name,\n Source = new FileAsset(\"function-source.zip\"),\n });\n\n var function = new Gcp.CloudFunctionsV2.Function(\"function\", new()\n {\n Name = \"gcf-function\",\n Location = \"us-central1\",\n Description = \"a new function\",\n BuildConfig = new Gcp.CloudFunctionsV2.Inputs.FunctionBuildConfigArgs\n {\n Runtime = \"nodejs16\",\n EntryPoint = \"helloPubSub\",\n EnvironmentVariables = \n {\n { \"BUILD_CONFIG_TEST\", \"build_test\" },\n },\n Source = new Gcp.CloudFunctionsV2.Inputs.FunctionBuildConfigSourceArgs\n {\n StorageSource = new Gcp.CloudFunctionsV2.Inputs.FunctionBuildConfigSourceStorageSourceArgs\n {\n Bucket = bucket.Name,\n Object = @object.Name,\n },\n },\n },\n ServiceConfig = new Gcp.CloudFunctionsV2.Inputs.FunctionServiceConfigArgs\n {\n MaxInstanceCount = 3,\n MinInstanceCount = 1,\n AvailableMemory = \"4Gi\",\n TimeoutSeconds = 60,\n MaxInstanceRequestConcurrency = 80,\n AvailableCpu = \"4\",\n EnvironmentVariables = \n {\n { \"SERVICE_CONFIG_TEST\", \"config_test\" },\n },\n IngressSettings = \"ALLOW_INTERNAL_ONLY\",\n AllTrafficOnLatestRevision = true,\n ServiceAccountEmail = account.Email,\n },\n EventTrigger = new Gcp.CloudFunctionsV2.Inputs.FunctionEventTriggerArgs\n {\n TriggerRegion = \"us-central1\",\n EventType = \"google.cloud.pubsub.topic.v1.messagePublished\",\n PubsubTopic = topic.Id,\n RetryPolicy = \"RETRY_POLICY_RETRY\",\n },\n });\n\n});\n```\n```go\npackage main\n\nimport (\n\t\"fmt\"\n\n\t\"github.com/pulumi/pulumi-gcp/sdk/v7/go/gcp/cloudfunctionsv2\"\n\t\"github.com/pulumi/pulumi-gcp/sdk/v7/go/gcp/pubsub\"\n\t\"github.com/pulumi/pulumi-gcp/sdk/v7/go/gcp/serviceaccount\"\n\t\"github.com/pulumi/pulumi-gcp/sdk/v7/go/gcp/storage\"\n\t\"github.com/pulumi/pulumi/sdk/v3/go/pulumi\"\n)\n\nfunc main() {\n\tpulumi.Run(func(ctx *pulumi.Context) error {\n\t\tproject := \"my-project-name\"\n\t\taccount, err := serviceaccount.NewAccount(ctx, \"account\", \u0026serviceaccount.AccountArgs{\n\t\t\tAccountId: pulumi.String(\"gcf-sa\"),\n\t\t\tDisplayName: pulumi.String(\"Test Service Account\"),\n\t\t})\n\t\tif err != nil {\n\t\t\treturn err\n\t\t}\n\t\ttopic, err := pubsub.NewTopic(ctx, \"topic\", \u0026pubsub.TopicArgs{\n\t\t\tName: pulumi.String(\"functions2-topic\"),\n\t\t})\n\t\tif err != nil {\n\t\t\treturn err\n\t\t}\n\t\tbucket, err := storage.NewBucket(ctx, \"bucket\", \u0026storage.BucketArgs{\n\t\t\tName: pulumi.String(fmt.Sprintf(\"%v-gcf-source\", project)),\n\t\t\tLocation: pulumi.String(\"US\"),\n\t\t\tUniformBucketLevelAccess: pulumi.Bool(true),\n\t\t})\n\t\tif err != nil {\n\t\t\treturn err\n\t\t}\n\t\tobject, err := storage.NewBucketObject(ctx, \"object\", \u0026storage.BucketObjectArgs{\n\t\t\tName: pulumi.String(\"function-source.zip\"),\n\t\t\tBucket: bucket.Name,\n\t\t\tSource: pulumi.NewFileAsset(\"function-source.zip\"),\n\t\t})\n\t\tif err != nil {\n\t\t\treturn err\n\t\t}\n\t\t_, err = cloudfunctionsv2.NewFunction(ctx, \"function\", \u0026cloudfunctionsv2.FunctionArgs{\n\t\t\tName: pulumi.String(\"gcf-function\"),\n\t\t\tLocation: pulumi.String(\"us-central1\"),\n\t\t\tDescription: pulumi.String(\"a new function\"),\n\t\t\tBuildConfig: \u0026cloudfunctionsv2.FunctionBuildConfigArgs{\n\t\t\t\tRuntime: pulumi.String(\"nodejs16\"),\n\t\t\t\tEntryPoint: pulumi.String(\"helloPubSub\"),\n\t\t\t\tEnvironmentVariables: pulumi.StringMap{\n\t\t\t\t\t\"BUILD_CONFIG_TEST\": pulumi.String(\"build_test\"),\n\t\t\t\t},\n\t\t\t\tSource: \u0026cloudfunctionsv2.FunctionBuildConfigSourceArgs{\n\t\t\t\t\tStorageSource: \u0026cloudfunctionsv2.FunctionBuildConfigSourceStorageSourceArgs{\n\t\t\t\t\t\tBucket: bucket.Name,\n\t\t\t\t\t\tObject: object.Name,\n\t\t\t\t\t},\n\t\t\t\t},\n\t\t\t},\n\t\t\tServiceConfig: \u0026cloudfunctionsv2.FunctionServiceConfigArgs{\n\t\t\t\tMaxInstanceCount: pulumi.Int(3),\n\t\t\t\tMinInstanceCount: pulumi.Int(1),\n\t\t\t\tAvailableMemory: pulumi.String(\"4Gi\"),\n\t\t\t\tTimeoutSeconds: pulumi.Int(60),\n\t\t\t\tMaxInstanceRequestConcurrency: pulumi.Int(80),\n\t\t\t\tAvailableCpu: pulumi.String(\"4\"),\n\t\t\t\tEnvironmentVariables: pulumi.StringMap{\n\t\t\t\t\t\"SERVICE_CONFIG_TEST\": pulumi.String(\"config_test\"),\n\t\t\t\t},\n\t\t\t\tIngressSettings: pulumi.String(\"ALLOW_INTERNAL_ONLY\"),\n\t\t\t\tAllTrafficOnLatestRevision: pulumi.Bool(true),\n\t\t\t\tServiceAccountEmail: account.Email,\n\t\t\t},\n\t\t\tEventTrigger: \u0026cloudfunctionsv2.FunctionEventTriggerArgs{\n\t\t\t\tTriggerRegion: pulumi.String(\"us-central1\"),\n\t\t\t\tEventType: pulumi.String(\"google.cloud.pubsub.topic.v1.messagePublished\"),\n\t\t\t\tPubsubTopic: topic.ID(),\n\t\t\t\tRetryPolicy: pulumi.String(\"RETRY_POLICY_RETRY\"),\n\t\t\t},\n\t\t})\n\t\tif err != nil {\n\t\t\treturn err\n\t\t}\n\t\treturn nil\n\t})\n}\n```\n```java\npackage generated_program;\n\nimport com.pulumi.Context;\nimport com.pulumi.Pulumi;\nimport com.pulumi.core.Output;\nimport com.pulumi.gcp.serviceaccount.Account;\nimport com.pulumi.gcp.serviceaccount.AccountArgs;\nimport com.pulumi.gcp.pubsub.Topic;\nimport com.pulumi.gcp.pubsub.TopicArgs;\nimport com.pulumi.gcp.storage.Bucket;\nimport com.pulumi.gcp.storage.BucketArgs;\nimport com.pulumi.gcp.storage.BucketObject;\nimport com.pulumi.gcp.storage.BucketObjectArgs;\nimport com.pulumi.gcp.cloudfunctionsv2.Function;\nimport com.pulumi.gcp.cloudfunctionsv2.FunctionArgs;\nimport com.pulumi.gcp.cloudfunctionsv2.inputs.FunctionBuildConfigArgs;\nimport com.pulumi.gcp.cloudfunctionsv2.inputs.FunctionBuildConfigSourceArgs;\nimport com.pulumi.gcp.cloudfunctionsv2.inputs.FunctionBuildConfigSourceStorageSourceArgs;\nimport com.pulumi.gcp.cloudfunctionsv2.inputs.FunctionServiceConfigArgs;\nimport com.pulumi.gcp.cloudfunctionsv2.inputs.FunctionEventTriggerArgs;\nimport com.pulumi.asset.FileAsset;\nimport java.util.List;\nimport java.util.ArrayList;\nimport java.util.Map;\nimport java.io.File;\nimport java.nio.file.Files;\nimport java.nio.file.Paths;\n\npublic class App {\n public static void main(String[] args) {\n Pulumi.run(App::stack);\n }\n\n public static void stack(Context ctx) {\n final var project = \"my-project-name\";\n\n var account = new Account(\"account\", AccountArgs.builder()\n .accountId(\"gcf-sa\")\n .displayName(\"Test Service Account\")\n .build());\n\n var topic = new Topic(\"topic\", TopicArgs.builder()\n .name(\"functions2-topic\")\n .build());\n\n var bucket = new Bucket(\"bucket\", BucketArgs.builder()\n .name(String.format(\"%s-gcf-source\", project))\n .location(\"US\")\n .uniformBucketLevelAccess(true)\n .build());\n\n var object = new BucketObject(\"object\", BucketObjectArgs.builder()\n .name(\"function-source.zip\")\n .bucket(bucket.name())\n .source(new FileAsset(\"function-source.zip\"))\n .build());\n\n var function = new Function(\"function\", FunctionArgs.builder()\n .name(\"gcf-function\")\n .location(\"us-central1\")\n .description(\"a new function\")\n .buildConfig(FunctionBuildConfigArgs.builder()\n .runtime(\"nodejs16\")\n .entryPoint(\"helloPubSub\")\n .environmentVariables(Map.of(\"BUILD_CONFIG_TEST\", \"build_test\"))\n .source(FunctionBuildConfigSourceArgs.builder()\n .storageSource(FunctionBuildConfigSourceStorageSourceArgs.builder()\n .bucket(bucket.name())\n .object(object.name())\n .build())\n .build())\n .build())\n .serviceConfig(FunctionServiceConfigArgs.builder()\n .maxInstanceCount(3)\n .minInstanceCount(1)\n .availableMemory(\"4Gi\")\n .timeoutSeconds(60)\n .maxInstanceRequestConcurrency(80)\n .availableCpu(\"4\")\n .environmentVariables(Map.of(\"SERVICE_CONFIG_TEST\", \"config_test\"))\n .ingressSettings(\"ALLOW_INTERNAL_ONLY\")\n .allTrafficOnLatestRevision(true)\n .serviceAccountEmail(account.email())\n .build())\n .eventTrigger(FunctionEventTriggerArgs.builder()\n .triggerRegion(\"us-central1\")\n .eventType(\"google.cloud.pubsub.topic.v1.messagePublished\")\n .pubsubTopic(topic.id())\n .retryPolicy(\"RETRY_POLICY_RETRY\")\n .build())\n .build());\n\n }\n}\n```\n```yaml\nresources:\n account:\n type: gcp:serviceaccount:Account\n properties:\n accountId: gcf-sa\n displayName: Test Service Account\n topic:\n type: gcp:pubsub:Topic\n properties:\n name: functions2-topic\n bucket:\n type: gcp:storage:Bucket\n properties:\n name: ${project}-gcf-source\n location: US\n uniformBucketLevelAccess: true\n object:\n type: gcp:storage:BucketObject\n properties:\n name: function-source.zip\n bucket: ${bucket.name}\n source:\n fn::FileAsset: function-source.zip\n function:\n type: gcp:cloudfunctionsv2:Function\n properties:\n name: gcf-function\n location: us-central1\n description: a new function\n buildConfig:\n runtime: nodejs16\n entryPoint: helloPubSub\n environmentVariables:\n BUILD_CONFIG_TEST: build_test\n source:\n storageSource:\n bucket: ${bucket.name}\n object: ${object.name}\n serviceConfig:\n maxInstanceCount: 3\n minInstanceCount: 1\n availableMemory: 4Gi\n timeoutSeconds: 60\n maxInstanceRequestConcurrency: 80\n availableCpu: '4'\n environmentVariables:\n SERVICE_CONFIG_TEST: config_test\n ingressSettings: ALLOW_INTERNAL_ONLY\n allTrafficOnLatestRevision: true\n serviceAccountEmail: ${account.email}\n eventTrigger:\n triggerRegion: us-central1\n eventType: google.cloud.pubsub.topic.v1.messagePublished\n pubsubTopic: ${topic.id}\n retryPolicy: RETRY_POLICY_RETRY\nvariables:\n project: my-project-name\n```\n\u003c!--End PulumiCodeChooser --\u003e\n### Cloudfunctions2 Scheduler Auth\n\n\n\u003c!--Start PulumiCodeChooser --\u003e\n```typescript\nimport * as pulumi from \"@pulumi/pulumi\";\nimport * as gcp from \"@pulumi/gcp\";\n\nconst project = \"my-project-name\";\nconst account = new gcp.serviceaccount.Account(\"account\", {\n accountId: \"gcf-sa\",\n displayName: \"Test Service Account\",\n});\nconst bucket = new gcp.storage.Bucket(\"bucket\", {\n name: `${project}-gcf-source`,\n location: \"US\",\n uniformBucketLevelAccess: true,\n});\nconst object = new gcp.storage.BucketObject(\"object\", {\n name: \"function-source.zip\",\n bucket: bucket.name,\n source: new pulumi.asset.FileAsset(\"function-source.zip\"),\n});\nconst _function = new gcp.cloudfunctionsv2.Function(\"function\", {\n name: \"gcf-function\",\n location: \"us-central1\",\n description: \"a new function\",\n buildConfig: {\n runtime: \"nodejs16\",\n entryPoint: \"helloHttp\",\n source: {\n storageSource: {\n bucket: bucket.name,\n object: object.name,\n },\n },\n },\n serviceConfig: {\n minInstanceCount: 1,\n availableMemory: \"256M\",\n timeoutSeconds: 60,\n serviceAccountEmail: account.email,\n },\n});\nconst invoker = new gcp.cloudfunctionsv2.FunctionIamMember(\"invoker\", {\n project: _function.project,\n location: _function.location,\n cloudFunction: _function.name,\n role: \"roles/cloudfunctions.invoker\",\n member: pulumi.interpolate`serviceAccount:${account.email}`,\n});\nconst cloudRunInvoker = new gcp.cloudrun.IamMember(\"cloud_run_invoker\", {\n project: _function.project,\n location: _function.location,\n service: _function.name,\n role: \"roles/run.invoker\",\n member: pulumi.interpolate`serviceAccount:${account.email}`,\n});\nconst invokeCloudFunction = new gcp.cloudscheduler.Job(\"invoke_cloud_function\", {\n name: \"invoke-gcf-function\",\n description: \"Schedule the HTTPS trigger for cloud function\",\n schedule: \"0 0 * * *\",\n project: _function.project,\n region: _function.location,\n httpTarget: {\n uri: _function.serviceConfig.apply(serviceConfig =\u003e serviceConfig?.uri),\n httpMethod: \"POST\",\n oidcToken: {\n audience: _function.serviceConfig.apply(serviceConfig =\u003e `${serviceConfig?.uri}/`),\n serviceAccountEmail: account.email,\n },\n },\n});\n```\n```python\nimport pulumi\nimport pulumi_gcp as gcp\n\nproject = \"my-project-name\"\naccount = gcp.serviceaccount.Account(\"account\",\n account_id=\"gcf-sa\",\n display_name=\"Test Service Account\")\nbucket = gcp.storage.Bucket(\"bucket\",\n name=f\"{project}-gcf-source\",\n location=\"US\",\n uniform_bucket_level_access=True)\nobject = gcp.storage.BucketObject(\"object\",\n name=\"function-source.zip\",\n bucket=bucket.name,\n source=pulumi.FileAsset(\"function-source.zip\"))\nfunction = gcp.cloudfunctionsv2.Function(\"function\",\n name=\"gcf-function\",\n location=\"us-central1\",\n description=\"a new function\",\n build_config=gcp.cloudfunctionsv2.FunctionBuildConfigArgs(\n runtime=\"nodejs16\",\n entry_point=\"helloHttp\",\n source=gcp.cloudfunctionsv2.FunctionBuildConfigSourceArgs(\n storage_source=gcp.cloudfunctionsv2.FunctionBuildConfigSourceStorageSourceArgs(\n bucket=bucket.name,\n object=object.name,\n ),\n ),\n ),\n service_config=gcp.cloudfunctionsv2.FunctionServiceConfigArgs(\n min_instance_count=1,\n available_memory=\"256M\",\n timeout_seconds=60,\n service_account_email=account.email,\n ))\ninvoker = gcp.cloudfunctionsv2.FunctionIamMember(\"invoker\",\n project=function.project,\n location=function.location,\n cloud_function=function.name,\n role=\"roles/cloudfunctions.invoker\",\n member=account.email.apply(lambda email: f\"serviceAccount:{email}\"))\ncloud_run_invoker = gcp.cloudrun.IamMember(\"cloud_run_invoker\",\n project=function.project,\n location=function.location,\n service=function.name,\n role=\"roles/run.invoker\",\n member=account.email.apply(lambda email: f\"serviceAccount:{email}\"))\ninvoke_cloud_function = gcp.cloudscheduler.Job(\"invoke_cloud_function\",\n name=\"invoke-gcf-function\",\n description=\"Schedule the HTTPS trigger for cloud function\",\n schedule=\"0 0 * * *\",\n project=function.project,\n region=function.location,\n http_target=gcp.cloudscheduler.JobHttpTargetArgs(\n uri=function.service_config.uri,\n http_method=\"POST\",\n oidc_token=gcp.cloudscheduler.JobHttpTargetOidcTokenArgs(\n audience=function.service_config.apply(lambda service_config: f\"{service_config.uri}/\"),\n service_account_email=account.email,\n ),\n ))\n```\n```csharp\nusing System.Collections.Generic;\nusing System.Linq;\nusing Pulumi;\nusing Gcp = Pulumi.Gcp;\n\nreturn await Deployment.RunAsync(() =\u003e \n{\n var project = \"my-project-name\";\n\n var account = new Gcp.ServiceAccount.Account(\"account\", new()\n {\n AccountId = \"gcf-sa\",\n DisplayName = \"Test Service Account\",\n });\n\n var bucket = new Gcp.Storage.Bucket(\"bucket\", new()\n {\n Name = $\"{project}-gcf-source\",\n Location = \"US\",\n UniformBucketLevelAccess = true,\n });\n\n var @object = new Gcp.Storage.BucketObject(\"object\", new()\n {\n Name = \"function-source.zip\",\n Bucket = bucket.Name,\n Source = new FileAsset(\"function-source.zip\"),\n });\n\n var function = new Gcp.CloudFunctionsV2.Function(\"function\", new()\n {\n Name = \"gcf-function\",\n Location = \"us-central1\",\n Description = \"a new function\",\n BuildConfig = new Gcp.CloudFunctionsV2.Inputs.FunctionBuildConfigArgs\n {\n Runtime = \"nodejs16\",\n EntryPoint = \"helloHttp\",\n Source = new Gcp.CloudFunctionsV2.Inputs.FunctionBuildConfigSourceArgs\n {\n StorageSource = new Gcp.CloudFunctionsV2.Inputs.FunctionBuildConfigSourceStorageSourceArgs\n {\n Bucket = bucket.Name,\n Object = @object.Name,\n },\n },\n },\n ServiceConfig = new Gcp.CloudFunctionsV2.Inputs.FunctionServiceConfigArgs\n {\n MinInstanceCount = 1,\n AvailableMemory = \"256M\",\n TimeoutSeconds = 60,\n ServiceAccountEmail = account.Email,\n },\n });\n\n var invoker = new Gcp.CloudFunctionsV2.FunctionIamMember(\"invoker\", new()\n {\n Project = function.Project,\n Location = function.Location,\n CloudFunction = function.Name,\n Role = \"roles/cloudfunctions.invoker\",\n Member = account.Email.Apply(email =\u003e $\"serviceAccount:{email}\"),\n });\n\n var cloudRunInvoker = new Gcp.CloudRun.IamMember(\"cloud_run_invoker\", new()\n {\n Project = function.Project,\n Location = function.Location,\n Service = function.Name,\n Role = \"roles/run.invoker\",\n Member = account.Email.Apply(email =\u003e $\"serviceAccount:{email}\"),\n });\n\n var invokeCloudFunction = new Gcp.CloudScheduler.Job(\"invoke_cloud_function\", new()\n {\n Name = \"invoke-gcf-function\",\n Description = \"Schedule the HTTPS trigger for cloud function\",\n Schedule = \"0 0 * * *\",\n Project = function.Project,\n Region = function.Location,\n HttpTarget = new Gcp.CloudScheduler.Inputs.JobHttpTargetArgs\n {\n Uri = function.ServiceConfig.Apply(serviceConfig =\u003e serviceConfig?.Uri),\n HttpMethod = \"POST\",\n OidcToken = new Gcp.CloudScheduler.Inputs.JobHttpTargetOidcTokenArgs\n {\n Audience = function.ServiceConfig.Apply(serviceConfig =\u003e $\"{serviceConfig?.Uri}/\"),\n ServiceAccountEmail = account.Email,\n },\n },\n });\n\n});\n```\n```go\npackage main\n\nimport (\n\t\"fmt\"\n\n\t\"github.com/pulumi/pulumi-gcp/sdk/v7/go/gcp/cloudfunctionsv2\"\n\t\"github.com/pulumi/pulumi-gcp/sdk/v7/go/gcp/cloudrun\"\n\t\"github.com/pulumi/pulumi-gcp/sdk/v7/go/gcp/cloudscheduler\"\n\t\"github.com/pulumi/pulumi-gcp/sdk/v7/go/gcp/serviceaccount\"\n\t\"github.com/pulumi/pulumi-gcp/sdk/v7/go/gcp/storage\"\n\t\"github.com/pulumi/pulumi/sdk/v3/go/pulumi\"\n)\n\nfunc main() {\n\tpulumi.Run(func(ctx *pulumi.Context) error {\n\t\tproject := \"my-project-name\"\n\t\taccount, err := serviceaccount.NewAccount(ctx, \"account\", \u0026serviceaccount.AccountArgs{\n\t\t\tAccountId: pulumi.String(\"gcf-sa\"),\n\t\t\tDisplayName: pulumi.String(\"Test Service Account\"),\n\t\t})\n\t\tif err != nil {\n\t\t\treturn err\n\t\t}\n\t\tbucket, err := storage.NewBucket(ctx, \"bucket\", \u0026storage.BucketArgs{\n\t\t\tName: pulumi.String(fmt.Sprintf(\"%v-gcf-source\", project)),\n\t\t\tLocation: pulumi.String(\"US\"),\n\t\t\tUniformBucketLevelAccess: pulumi.Bool(true),\n\t\t})\n\t\tif err != nil {\n\t\t\treturn err\n\t\t}\n\t\tobject, err := storage.NewBucketObject(ctx, \"object\", \u0026storage.BucketObjectArgs{\n\t\t\tName: pulumi.String(\"function-source.zip\"),\n\t\t\tBucket: bucket.Name,\n\t\t\tSource: pulumi.NewFileAsset(\"function-source.zip\"),\n\t\t})\n\t\tif err != nil {\n\t\t\treturn err\n\t\t}\n\t\tfunction, err := cloudfunctionsv2.NewFunction(ctx, \"function\", \u0026cloudfunctionsv2.FunctionArgs{\n\t\t\tName: pulumi.String(\"gcf-function\"),\n\t\t\tLocation: pulumi.String(\"us-central1\"),\n\t\t\tDescription: pulumi.String(\"a new function\"),\n\t\t\tBuildConfig: \u0026cloudfunctionsv2.FunctionBuildConfigArgs{\n\t\t\t\tRuntime: pulumi.String(\"nodejs16\"),\n\t\t\t\tEntryPoint: pulumi.String(\"helloHttp\"),\n\t\t\t\tSource: \u0026cloudfunctionsv2.FunctionBuildConfigSourceArgs{\n\t\t\t\t\tStorageSource: \u0026cloudfunctionsv2.FunctionBuildConfigSourceStorageSourceArgs{\n\t\t\t\t\t\tBucket: bucket.Name,\n\t\t\t\t\t\tObject: object.Name,\n\t\t\t\t\t},\n\t\t\t\t},\n\t\t\t},\n\t\t\tServiceConfig: \u0026cloudfunctionsv2.FunctionServiceConfigArgs{\n\t\t\t\tMinInstanceCount: pulumi.Int(1),\n\t\t\t\tAvailableMemory: pulumi.String(\"256M\"),\n\t\t\t\tTimeoutSeconds: pulumi.Int(60),\n\t\t\t\tServiceAccountEmail: account.Email,\n\t\t\t},\n\t\t})\n\t\tif err != nil {\n\t\t\treturn err\n\t\t}\n\t\t_, err = cloudfunctionsv2.NewFunctionIamMember(ctx, \"invoker\", \u0026cloudfunctionsv2.FunctionIamMemberArgs{\n\t\t\tProject: function.Project,\n\t\t\tLocation: function.Location,\n\t\t\tCloudFunction: function.Name,\n\t\t\tRole: pulumi.String(\"roles/cloudfunctions.invoker\"),\n\t\t\tMember: account.Email.ApplyT(func(email string) (string, error) {\n\t\t\t\treturn fmt.Sprintf(\"serviceAccount:%v\", email), nil\n\t\t\t}).(pulumi.StringOutput),\n\t\t})\n\t\tif err != nil {\n\t\t\treturn err\n\t\t}\n\t\t_, err = cloudrun.NewIamMember(ctx, \"cloud_run_invoker\", \u0026cloudrun.IamMemberArgs{\n\t\t\tProject: function.Project,\n\t\t\tLocation: function.Location,\n\t\t\tService: function.Name,\n\t\t\tRole: pulumi.String(\"roles/run.invoker\"),\n\t\t\tMember: account.Email.ApplyT(func(email string) (string, error) {\n\t\t\t\treturn fmt.Sprintf(\"serviceAccount:%v\", email), nil\n\t\t\t}).(pulumi.StringOutput),\n\t\t})\n\t\tif err != nil {\n\t\t\treturn err\n\t\t}\n\t\t_, err = cloudscheduler.NewJob(ctx, \"invoke_cloud_function\", \u0026cloudscheduler.JobArgs{\n\t\t\tName: pulumi.String(\"invoke-gcf-function\"),\n\t\t\tDescription: pulumi.String(\"Schedule the HTTPS trigger for cloud function\"),\n\t\t\tSchedule: pulumi.String(\"0 0 * * *\"),\n\t\t\tProject: function.Project,\n\t\t\tRegion: function.Location,\n\t\t\tHttpTarget: \u0026cloudscheduler.JobHttpTargetArgs{\n\t\t\t\tUri: function.ServiceConfig.ApplyT(func(serviceConfig cloudfunctionsv2.FunctionServiceConfig) (*string, error) {\n\t\t\t\t\treturn \u0026serviceConfig.Uri, nil\n\t\t\t\t}).(pulumi.StringPtrOutput),\n\t\t\t\tHttpMethod: pulumi.String(\"POST\"),\n\t\t\t\tOidcToken: \u0026cloudscheduler.JobHttpTargetOidcTokenArgs{\n\t\t\t\t\tAudience: function.ServiceConfig.ApplyT(func(serviceConfig cloudfunctionsv2.FunctionServiceConfig) (string, error) {\n\t\t\t\t\t\treturn fmt.Sprintf(\"%v/\", serviceConfig.Uri), nil\n\t\t\t\t\t}).(pulumi.StringOutput),\n\t\t\t\t\tServiceAccountEmail: account.Email,\n\t\t\t\t},\n\t\t\t},\n\t\t})\n\t\tif err != nil {\n\t\t\treturn err\n\t\t}\n\t\treturn nil\n\t})\n}\n```\n```java\npackage generated_program;\n\nimport com.pulumi.Context;\nimport com.pulumi.Pulumi;\nimport com.pulumi.core.Output;\nimport com.pulumi.gcp.serviceaccount.Account;\nimport com.pulumi.gcp.serviceaccount.AccountArgs;\nimport com.pulumi.gcp.storage.Bucket;\nimport com.pulumi.gcp.storage.BucketArgs;\nimport com.pulumi.gcp.storage.BucketObject;\nimport com.pulumi.gcp.storage.BucketObjectArgs;\nimport com.pulumi.gcp.cloudfunctionsv2.Function;\nimport com.pulumi.gcp.cloudfunctionsv2.FunctionArgs;\nimport com.pulumi.gcp.cloudfunctionsv2.inputs.FunctionBuildConfigArgs;\nimport com.pulumi.gcp.cloudfunctionsv2.inputs.FunctionBuildConfigSourceArgs;\nimport com.pulumi.gcp.cloudfunctionsv2.inputs.FunctionBuildConfigSourceStorageSourceArgs;\nimport com.pulumi.gcp.cloudfunctionsv2.inputs.FunctionServiceConfigArgs;\nimport com.pulumi.gcp.cloudfunctionsv2.FunctionIamMember;\nimport com.pulumi.gcp.cloudfunctionsv2.FunctionIamMemberArgs;\nimport com.pulumi.gcp.cloudrun.IamMember;\nimport com.pulumi.gcp.cloudrun.IamMemberArgs;\nimport com.pulumi.gcp.cloudscheduler.Job;\nimport com.pulumi.gcp.cloudscheduler.JobArgs;\nimport com.pulumi.gcp.cloudscheduler.inputs.JobHttpTargetArgs;\nimport com.pulumi.gcp.cloudscheduler.inputs.JobHttpTargetOidcTokenArgs;\nimport com.pulumi.asset.FileAsset;\nimport java.util.List;\nimport java.util.ArrayList;\nimport java.util.Map;\nimport java.io.File;\nimport java.nio.file.Files;\nimport java.nio.file.Paths;\n\npublic class App {\n public static void main(String[] args) {\n Pulumi.run(App::stack);\n }\n\n public static void stack(Context ctx) {\n final var project = \"my-project-name\";\n\n var account = new Account(\"account\", AccountArgs.builder()\n .accountId(\"gcf-sa\")\n .displayName(\"Test Service Account\")\n .build());\n\n var bucket = new Bucket(\"bucket\", BucketArgs.builder()\n .name(String.format(\"%s-gcf-source\", project))\n .location(\"US\")\n .uniformBucketLevelAccess(true)\n .build());\n\n var object = new BucketObject(\"object\", BucketObjectArgs.builder()\n .name(\"function-source.zip\")\n .bucket(bucket.name())\n .source(new FileAsset(\"function-source.zip\"))\n .build());\n\n var function = new Function(\"function\", FunctionArgs.builder()\n .name(\"gcf-function\")\n .location(\"us-central1\")\n .description(\"a new function\")\n .buildConfig(FunctionBuildConfigArgs.builder()\n .runtime(\"nodejs16\")\n .entryPoint(\"helloHttp\")\n .source(FunctionBuildConfigSourceArgs.builder()\n .storageSource(FunctionBuildConfigSourceStorageSourceArgs.builder()\n .bucket(bucket.name())\n .object(object.name())\n .build())\n .build())\n .build())\n .serviceConfig(FunctionServiceConfigArgs.builder()\n .minInstanceCount(1)\n .availableMemory(\"256M\")\n .timeoutSeconds(60)\n .serviceAccountEmail(account.email())\n .build())\n .build());\n\n var invoker = new FunctionIamMember(\"invoker\", FunctionIamMemberArgs.builder()\n .project(function.project())\n .location(function.location())\n .cloudFunction(function.name())\n .role(\"roles/cloudfunctions.invoker\")\n .member(account.email().applyValue(email -\u003e String.format(\"serviceAccount:%s\", email)))\n .build());\n\n var cloudRunInvoker = new IamMember(\"cloudRunInvoker\", IamMemberArgs.builder()\n .project(function.project())\n .location(function.location())\n .service(function.name())\n .role(\"roles/run.invoker\")\n .member(account.email().applyValue(email -\u003e String.format(\"serviceAccount:%s\", email)))\n .build());\n\n var invokeCloudFunction = new Job(\"invokeCloudFunction\", JobArgs.builder()\n .name(\"invoke-gcf-function\")\n .description(\"Schedule the HTTPS trigger for cloud function\")\n .schedule(\"0 0 * * *\")\n .project(function.project())\n .region(function.location())\n .httpTarget(JobHttpTargetArgs.builder()\n .uri(function.serviceConfig().applyValue(serviceConfig -\u003e serviceConfig.uri()))\n .httpMethod(\"POST\")\n .oidcToken(JobHttpTargetOidcTokenArgs.builder()\n .audience(function.serviceConfig().applyValue(serviceConfig -\u003e String.format(\"%s/\", serviceConfig.uri())))\n .serviceAccountEmail(account.email())\n .build())\n .build())\n .build());\n\n }\n}\n```\n```yaml\nresources:\n account:\n type: gcp:serviceaccount:Account\n properties:\n accountId: gcf-sa\n displayName: Test Service Account\n bucket:\n type: gcp:storage:Bucket\n properties:\n name: ${project}-gcf-source\n location: US\n uniformBucketLevelAccess: true\n object:\n type: gcp:storage:BucketObject\n properties:\n name: function-source.zip\n bucket: ${bucket.name}\n source:\n fn::FileAsset: function-source.zip\n function:\n type: gcp:cloudfunctionsv2:Function\n properties:\n name: gcf-function\n location: us-central1\n description: a new function\n buildConfig:\n runtime: nodejs16\n entryPoint: helloHttp\n source:\n storageSource:\n bucket: ${bucket.name}\n object: ${object.name}\n serviceConfig:\n minInstanceCount: 1\n availableMemory: 256M\n timeoutSeconds: 60\n serviceAccountEmail: ${account.email}\n invoker:\n type: gcp:cloudfunctionsv2:FunctionIamMember\n properties:\n project: ${function.project}\n location: ${function.location}\n cloudFunction: ${function.name}\n role: roles/cloudfunctions.invoker\n member: serviceAccount:${account.email}\n cloudRunInvoker:\n type: gcp:cloudrun:IamMember\n name: cloud_run_invoker\n properties:\n project: ${function.project}\n location: ${function.location}\n service: ${function.name}\n role: roles/run.invoker\n member: serviceAccount:${account.email}\n invokeCloudFunction:\n type: gcp:cloudscheduler:Job\n name: invoke_cloud_function\n properties:\n name: invoke-gcf-function\n description: Schedule the HTTPS trigger for cloud function\n schedule: 0 0 * * *\n project: ${function.project}\n region: ${function.location}\n httpTarget:\n uri: ${function.serviceConfig.uri}\n httpMethod: POST\n oidcToken:\n audience: ${function.serviceConfig.uri}/\n serviceAccountEmail: ${account.email}\nvariables:\n project: my-project-name\n```\n\u003c!--End PulumiCodeChooser --\u003e\n### Cloudfunctions2 Basic Gcs\n\n\n\u003c!--Start PulumiCodeChooser --\u003e\n```typescript\nimport * as pulumi from \"@pulumi/pulumi\";\nimport * as gcp from \"@pulumi/gcp\";\n\nconst source_bucket = new gcp.storage.Bucket(\"source-bucket\", {\n name: \"gcf-source-bucket\",\n location: \"US\",\n uniformBucketLevelAccess: true,\n});\nconst object = new gcp.storage.BucketObject(\"object\", {\n name: \"function-source.zip\",\n bucket: source_bucket.name,\n source: new pulumi.asset.FileAsset(\"function-source.zip\"),\n});\nconst trigger_bucket = new gcp.storage.Bucket(\"trigger-bucket\", {\n name: \"gcf-trigger-bucket\",\n location: \"us-central1\",\n uniformBucketLevelAccess: true,\n});\nconst gcsAccount = gcp.storage.getProjectServiceAccount({});\n// To use GCS CloudEvent triggers, the GCS service account requires the Pub/Sub Publisher(roles/pubsub.publisher) IAM role in the specified project.\n// (See https://cloud.google.com/eventarc/docs/run/quickstart-storage#before-you-begin)\nconst gcs_pubsub_publishing = new gcp.projects.IAMMember(\"gcs-pubsub-publishing\", {\n project: \"my-project-name\",\n role: \"roles/pubsub.publisher\",\n member: gcsAccount.then(gcsAccount =\u003e `serviceAccount:${gcsAccount.emailAddress}`),\n});\nconst account = new gcp.serviceaccount.Account(\"account\", {\n accountId: \"gcf-sa\",\n displayName: \"Test Service Account - used for both the cloud function and eventarc trigger in the test\",\n});\n// Permissions on the service account used by the function and Eventarc trigger\nconst invoking = new gcp.projects.IAMMember(\"invoking\", {\n project: \"my-project-name\",\n role: \"roles/run.invoker\",\n member: pulumi.interpolate`serviceAccount:${account.email}`,\n}, {\n dependsOn: [gcs_pubsub_publishing],\n});\nconst event_receiving = new gcp.projects.IAMMember(\"event-receiving\", {\n project: \"my-project-name\",\n role: \"roles/eventarc.eventReceiver\",\n member: pulumi.interpolate`serviceAccount:${account.email}`,\n}, {\n dependsOn: [invoking],\n});\nconst artifactregistry_reader = new gcp.projects.IAMMember(\"artifactregistry-reader\", {\n project: \"my-project-name\",\n role: \"roles/artifactregistry.reader\",\n member: pulumi.interpolate`serviceAccount:${account.email}`,\n}, {\n dependsOn: [event_receiving],\n});\nconst _function = new gcp.cloudfunctionsv2.Function(\"function\", {\n name: \"gcf-function\",\n location: \"us-central1\",\n description: \"a new function\",\n buildConfig: {\n runtime: \"nodejs12\",\n entryPoint: \"entryPoint\",\n environmentVariables: {\n BUILD_CONFIG_TEST: \"build_test\",\n },\n source: {\n storageSource: {\n bucket: source_bucket.name,\n object: object.name,\n },\n },\n },\n serviceConfig: {\n maxInstanceCount: 3,\n minInstanceCount: 1,\n availableMemory: \"256M\",\n timeoutSeconds: 60,\n environmentVariables: {\n SERVICE_CONFIG_TEST: \"config_test\",\n },\n ingressSettings: \"ALLOW_INTERNAL_ONLY\",\n allTrafficOnLatestRevision: true,\n serviceAccountEmail: account.email,\n },\n eventTrigger: {\n eventType: \"google.cloud.storage.object.v1.finalized\",\n retryPolicy: \"RETRY_POLICY_RETRY\",\n serviceAccountEmail: account.email,\n eventFilters: [{\n attribute: \"bucket\",\n value: trigger_bucket.name,\n }],\n },\n}, {\n dependsOn: [\n event_receiving,\n artifactregistry_reader,\n ],\n});\n```\n```python\nimport pulumi\nimport pulumi_gcp as gcp\n\nsource_bucket = gcp.storage.Bucket(\"source-bucket\",\n name=\"gcf-source-bucket\",\n location=\"US\",\n uniform_bucket_level_access=True)\nobject = gcp.storage.BucketObject(\"object\",\n name=\"function-source.zip\",\n bucket=source_bucket.name,\n source=pulumi.FileAsset(\"function-source.zip\"))\ntrigger_bucket = gcp.storage.Bucket(\"trigger-bucket\",\n name=\"gcf-trigger-bucket\",\n location=\"us-central1\",\n uniform_bucket_level_access=True)\ngcs_account = gcp.storage.get_project_service_account()\n# To use GCS CloudEvent triggers, the GCS service account requires the Pub/Sub Publisher(roles/pubsub.publisher) IAM role in the specified project.\n# (See https://cloud.google.com/eventarc/docs/run/quickstart-storage#before-you-begin)\ngcs_pubsub_publishing = gcp.projects.IAMMember(\"gcs-pubsub-publishing\",\n project=\"my-project-name\",\n role=\"roles/pubsub.publisher\",\n member=f\"serviceAccount:{gcs_account.email_address}\")\naccount = gcp.serviceaccount.Account(\"account\",\n account_id=\"gcf-sa\",\n display_name=\"Test Service Account - used for both the cloud function and eventarc trigger in the test\")\n# Permissions on the service account used by the function and Eventarc trigger\ninvoking = gcp.projects.IAMMember(\"invoking\",\n project=\"my-project-name\",\n role=\"roles/run.invoker\",\n member=account.email.apply(lambda email: f\"serviceAccount:{email}\"),\n opts=pulumi.ResourceOptions(depends_on=[gcs_pubsub_publishing]))\nevent_receiving = gcp.projects.IAMMember(\"event-receiving\",\n project=\"my-project-name\",\n role=\"roles/eventarc.eventReceiver\",\n member=account.email.apply(lambda email: f\"serviceAccount:{email}\"),\n opts=pulumi.ResourceOptions(depends_on=[invoking]))\nartifactregistry_reader = gcp.projects.IAMMember(\"artifactregistry-reader\",\n project=\"my-project-name\",\n role=\"roles/artifactregistry.reader\",\n member=account.email.apply(lambda email: f\"serviceAccount:{email}\"),\n opts=pulumi.ResourceOptions(depends_on=[event_receiving]))\nfunction = gcp.cloudfunctionsv2.Function(\"function\",\n name=\"gcf-function\",\n location=\"us-central1\",\n description=\"a new function\",\n build_config=gcp.cloudfunctionsv2.FunctionBuildConfigArgs(\n runtime=\"nodejs12\",\n entry_point=\"entryPoint\",\n environment_variables={\n \"BUILD_CONFIG_TEST\": \"build_test\",\n },\n source=gcp.cloudfunctionsv2.FunctionBuildConfigSourceArgs(\n storage_source=gcp.cloudfunctionsv2.FunctionBuildConfigSourceStorageSourceArgs(\n bucket=source_bucket.name,\n object=object.name,\n ),\n ),\n ),\n service_config=gcp.cloudfunctionsv2.FunctionServiceConfigArgs(\n max_instance_count=3,\n min_instance_count=1,\n available_memory=\"256M\",\n timeout_seconds=60,\n environment_variables={\n \"SERVICE_CONFIG_TEST\": \"config_test\",\n },\n ingress_settings=\"ALLOW_INTERNAL_ONLY\",\n all_traffic_on_latest_revision=True,\n service_account_email=account.email,\n ),\n event_trigger=gcp.cloudfunctionsv2.FunctionEventTriggerArgs(\n event_type=\"google.cloud.storage.object.v1.finalized\",\n retry_policy=\"RETRY_POLICY_RETRY\",\n service_account_email=account.email,\n event_filters=[gcp.cloudfunctionsv2.FunctionEventTriggerEventFilterArgs(\n attribute=\"bucket\",\n value=trigger_bucket.name,\n )],\n ),\n opts=pulumi.ResourceOptions(depends_on=[\n event_receiving,\n artifactregistry_reader,\n ]))\n```\n```csharp\nusing System.Collections.Generic;\nusing System.Linq;\nusing Pulumi;\nusing Gcp = Pulumi.Gcp;\n\nreturn await Deployment.RunAsync(() =\u003e \n{\n var source_bucket = new Gcp.Storage.Bucket(\"source-bucket\", new()\n {\n Name = \"gcf-source-bucket\",\n Location = \"US\",\n UniformBucketLevelAccess = true,\n });\n\n var @object = new Gcp.Storage.BucketObject(\"object\", new()\n {\n Name = \"function-source.zip\",\n Bucket = source_bucket.Name,\n Source = new FileAsset(\"function-source.zip\"),\n });\n\n var trigger_bucket = new Gcp.Storage.Bucket(\"trigger-bucket\", new()\n {\n Name = \"gcf-trigger-bucket\",\n Location = \"us-central1\",\n UniformBucketLevelAccess = true,\n });\n\n var gcsAccount = Gcp.Storage.GetProjectServiceAccount.Invoke();\n\n // To use GCS CloudEvent triggers, the GCS service account requires the Pub/Sub Publisher(roles/pubsub.publisher) IAM role in the specified project.\n // (See https://cloud.google.com/eventarc/docs/run/quickstart-storage#before-you-begin)\n var gcs_pubsub_publishing = new Gcp.Projects.IAMMember(\"gcs-pubsub-publishing\", new()\n {\n Project = \"my-project-name\",\n Role = \"roles/pubsub.publisher\",\n Member = $\"serviceAccount:{gcsAccount.Apply(getProjectServiceAccountResult =\u003e getProjectServiceAccountResult.EmailAddress)}\",\n });\n\n var account = new Gcp.ServiceAccount.Account(\"account\", new()\n {\n AccountId = \"gcf-sa\",\n DisplayName = \"Test Service Account - used for both the cloud function and eventarc trigger in the test\",\n });\n\n // Permissions on the service account used by the function and Eventarc trigger\n var invoking = new Gcp.Projects.IAMMember(\"invoking\", new()\n {\n Project = \"my-project-name\",\n Role = \"roles/run.invoker\",\n Member = account.Email.Apply(email =\u003e $\"serviceAccount:{email}\"),\n }, new CustomResourceOptions\n {\n DependsOn =\n {\n gcs_pubsub_publishing,\n },\n });\n\n var event_receiving = new Gcp.Projects.IAMMember(\"event-receiving\", new()\n {\n Project = \"my-project-name\",\n Role = \"roles/eventarc.eventReceiver\",\n Member = account.Email.Apply(email =\u003e $\"serviceAccount:{email}\"),\n }, new CustomResourceOptions\n {\n DependsOn =\n {\n invoking,\n },\n });\n\n var artifactregistry_reader = new Gcp.Projects.IAMMember(\"artifactregistry-reader\", new()\n {\n Project = \"my-project-name\",\n Role = \"roles/artifactregistry.reader\",\n Member = account.Email.Apply(email =\u003e $\"serviceAccount:{email}\"),\n }, new CustomResourceOptions\n {\n DependsOn =\n {\n event_receiving,\n },\n });\n\n var function = new Gcp.CloudFunctionsV2.Function(\"function\", new()\n {\n Name = \"gcf-function\",\n Location = \"us-central1\",\n Description = \"a new function\",\n BuildConfig = new Gcp.CloudFunctionsV2.Inputs.FunctionBuildConfigArgs\n {\n Runtime = \"nodejs12\",\n EntryPoint = \"entryPoint\",\n EnvironmentVariables = \n {\n { \"BUILD_CONFIG_TEST\", \"build_test\" },\n },\n Source = new Gcp.CloudFunctionsV2.Inputs.FunctionBuildConfigSourceArgs\n {\n StorageSource = new Gcp.CloudFunctionsV2.Inputs.FunctionBuildConfigSourceStorageSourceArgs\n {\n Bucket = source_bucket.Name,\n Object = @object.Name,\n },\n },\n },\n ServiceConfig = new Gcp.CloudFunctionsV2.Inputs.FunctionServiceConfigArgs\n {\n MaxInstanceCount = 3,\n MinInstanceCount = 1,\n AvailableMemory = \"256M\",\n TimeoutSeconds = 60,\n EnvironmentVariables = \n {\n { \"SERVICE_CONFIG_TEST\", \"config_test\" },\n },\n IngressSettings = \"ALLOW_INTERNAL_ONLY\",\n AllTrafficOnLatestRevision = true,\n ServiceAccountEmail = account.Email,\n },\n EventTrigger = new Gcp.CloudFunctionsV2.Inputs.FunctionEventTriggerArgs\n {\n EventType = \"google.cloud.storage.object.v1.finalized\",\n RetryPolicy = \"RETRY_POLICY_RETRY\",\n ServiceAccountEmail = account.Email,\n EventFilters = new[]\n {\n new Gcp.CloudFunctionsV2.Inputs.FunctionEventTriggerEventFilterArgs\n {\n Attribute = \"bucket\",\n Value = trigger_bucket.Name,\n },\n },\n },\n }, new CustomResourceOptions\n {\n DependsOn =\n {\n event_receiving,\n artifactregistry_reader,\n },\n });\n\n});\n```\n```go\npackage main\n\nimport (\n\t\"fmt\"\n\n\t\"github.com/pulumi/pulumi-gcp/sdk/v7/go/gcp/cloudfunctionsv2\"\n\t\"github.com/pulumi/pulumi-gcp/sdk/v7/go/gcp/projects\"\n\t\"github.com/pulumi/pulumi-gcp/sdk/v7/go/gcp/serviceaccount\"\n\t\"github.com/pulumi/pulumi-gcp/sdk/v7/go/gcp/storage\"\n\t\"github.com/pulumi/pulumi/sdk/v3/go/pulumi\"\n)\n\nfunc main() {\n\tpulumi.Run(func(ctx *pulumi.Context) error {\n\t\t_, err := storage.NewBucket(ctx, \"source-bucket\", \u0026storage.BucketArgs{\n\t\t\tName: pulumi.String(\"gcf-source-bucket\"),\n\t\t\tLocation: pulumi.String(\"US\"),\n\t\t\tUniformBucketLevelAccess: pulumi.Bool(true),\n\t\t})\n\t\tif err != nil {\n\t\t\treturn err\n\t\t}\n\t\tobject, err := storage.NewBucketObject(ctx, \"object\", \u0026storage.BucketObjectArgs{\n\t\t\tName: pulumi.String(\"function-source.zip\"),\n\t\t\tBucket: source_bucket.Name,\n\t\t\tSource: pulumi.NewFileAsset(\"function-source.zip\"),\n\t\t})\n\t\tif err != nil {\n\t\t\treturn err\n\t\t}\n\t\t_, err = storage.NewBucket(ctx, \"trigger-bucket\", \u0026storage.BucketArgs{\n\t\t\tName: pulumi.String(\"gcf-trigger-bucket\"),\n\t\t\tLocation: pulumi.String(\"us-central1\"),\n\t\t\tUniformBucketLevelAccess: pulumi.Bool(true),\n\t\t})\n\t\tif err != nil {\n\t\t\treturn err\n\t\t}\n\t\tgcsAccount, err := storage.GetProjectServiceAccount(ctx, nil, nil)\n\t\tif err != nil {\n\t\t\treturn err\n\t\t}\n\t\t// To use GCS CloudEvent triggers, the GCS service account requires the Pub/Sub Publisher(roles/pubsub.publisher) IAM role in the specified project.\n\t\t// (See https://cloud.google.com/eventarc/docs/run/quickstart-storage#before-you-begin)\n\t\t_, err = projects.NewIAMMember(ctx, \"gcs-pubsub-publishing\", \u0026projects.IAMMemberArgs{\n\t\t\tProject: pulumi.String(\"my-project-name\"),\n\t\t\tRole: pulumi.String(\"roles/pubsub.publisher\"),\n\t\t\tMember: pulumi.String(fmt.Sprintf(\"serviceAccount:%v\", gcsAccount.EmailAddress)),\n\t\t})\n\t\tif err != nil {\n\t\t\treturn err\n\t\t}\n\t\taccount, err := serviceaccount.NewAccount(ctx, \"account\", \u0026serviceaccount.AccountArgs{\n\t\t\tAccountId: pulumi.String(\"gcf-sa\"),\n\t\t\tDisplayName: pulumi.String(\"Test Service Account - used for both the cloud function and eventarc trigger in the test\"),\n\t\t})\n\t\tif err != nil {\n\t\t\treturn err\n\t\t}\n\t\t// Permissions on the service account used by the function and Eventarc trigger\n\t\tinvoking, err := projects.NewIAMMember(ctx, \"invoking\", \u0026projects.IAMMemberArgs{\n\t\t\tProject: pulumi.String(\"my-project-name\"),\n\t\t\tRole: pulumi.String(\"roles/run.invoker\"),\n\t\t\tMember: account.Email.ApplyT(func(email string) (string, error) {\n\t\t\t\treturn fmt.Sprintf(\"serviceAccount:%v\", email), nil\n\t\t\t}).(pulumi.StringOutput),\n\t\t}, pulumi.DependsOn([]pulumi.Resource{\n\t\t\tgcs_pubsub_publishing,\n\t\t}))\n\t\tif err != nil {\n\t\t\treturn err\n\t\t}\n\t\t_, err = projects.NewIAMMember(ctx, \"event-receiving\", \u0026projects.IAMMemberArgs{\n\t\t\tProject: pulumi.String(\"my-project-name\"),\n\t\t\tRole: pulumi.String(\"roles/eventarc.eventReceiver\"),\n\t\t\tMember: account.Email.ApplyT(func(email string) (string, error) {\n\t\t\t\treturn fmt.Sprintf(\"serviceAccount:%v\", email), nil\n\t\t\t}).(pulumi.StringOutput),\n\t\t}, pulumi.DependsOn([]pulumi.Resource{\n\t\t\tinvoking,\n\t\t}))\n\t\tif err != nil {\n\t\t\treturn err\n\t\t}\n\t\t_, err = projects.NewIAMMember(ctx, \"artifactregistry-reader\", \u0026projects.IAMMemberArgs{\n\t\t\tProject: pulumi.String(\"my-project-name\"),\n\t\t\tRole: pulumi.String(\"roles/artifactregistry.reader\"),\n\t\t\tMember: account.Email.ApplyT(func(email string) (string, error) {\n\t\t\t\treturn fmt.Sprintf(\"serviceAccount:%v\", email), nil\n\t\t\t}).(pulumi.StringOutput),\n\t\t}, pulumi.DependsOn([]pulumi.Resource{\n\t\t\tevent_receiving,\n\t\t}))\n\t\tif err != nil {\n\t\t\treturn err\n\t\t}\n\t\t_, err = cloudfunctionsv2.NewFunction(ctx, \"function\", \u0026cloudfunctionsv2.FunctionArgs{\n\t\t\tName: pulumi.String(\"gcf-function\"),\n\t\t\tLocation: pulumi.String(\"us-central1\"),\n\t\t\tDescription: pulumi.String(\"a new function\"),\n\t\t\tBuildConfig: \u0026cloudfunctionsv2.FunctionBuildConfigArgs{\n\t\t\t\tRuntime: pulumi.String(\"nodejs12\"),\n\t\t\t\tEntryPoint: pulumi.String(\"entryPoint\"),\n\t\t\t\tEnvironmentVariables: pulumi.StringMap{\n\t\t\t\t\t\"BUILD_CONFIG_TEST\": pulumi.String(\"build_test\"),\n\t\t\t\t},\n\t\t\t\tSource: \u0026cloudfunctionsv2.FunctionBuildConfigSourceArgs{\n\t\t\t\t\tStorageSource: \u0026cloudfunctionsv2.FunctionBuildConfigSourceStorageSourceArgs{\n\t\t\t\t\t\tBucket: source_bucket.Name,\n\t\t\t\t\t\tObject: object.Name,\n\t\t\t\t\t},\n\t\t\t\t},\n\t\t\t},\n\t\t\tServiceConfig: \u0026cloudfunctionsv2.FunctionServiceConfigArgs{\n\t\t\t\tMaxInstanceCount: pulumi.Int(3),\n\t\t\t\tMinInstanceCount: pulumi.Int(1),\n\t\t\t\tAvailableMemory: pulumi.String(\"256M\"),\n\t\t\t\tTimeoutSeconds: pulumi.Int(60),\n\t\t\t\tEnvironmentVariables: pulumi.StringMap{\n\t\t\t\t\t\"SERVICE_CONFIG_TEST\": pulumi.String(\"config_test\"),\n\t\t\t\t},\n\t\t\t\tIngressSettings: pulumi.String(\"ALLOW_INTERNAL_ONLY\"),\n\t\t\t\tAllTrafficOnLatestRevision: pulumi.Bool(true),\n\t\t\t\tServiceAccountEmail: account.Email,\n\t\t\t},\n\t\t\tEventTrigger: \u0026cloudfunctionsv2.FunctionEventTriggerArgs{\n\t\t\t\tEventType: pulumi.String(\"google.cloud.storage.object.v1.finalized\"),\n\t\t\t\tRetryPolicy: pulumi.String(\"RETRY_POLICY_RETRY\"),\n\t\t\t\tServiceAccountEmail: account.Email,\n\t\t\t\tEventFilters: cloudfunctionsv2.FunctionEventTriggerEventFilterArray{\n\t\t\t\t\t\u0026cloudfunctionsv2.FunctionEventTriggerEventFilterArgs{\n\t\t\t\t\t\tAttribute: pulumi.String(\"bucket\"),\n\t\t\t\t\t\tValue: trigger_bucket.Name,\n\t\t\t\t\t},\n\t\t\t\t},\n\t\t\t},\n\t\t}, pulumi.DependsOn([]pulumi.Resource{\n\t\t\tevent_receiving,\n\t\t\tartifactregistry_reader,\n\t\t}))\n\t\tif err != nil {\n\t\t\treturn err\n\t\t}\n\t\treturn nil\n\t})\n}\n```\n```java\npackage generated_program;\n\nimport com.pulumi.Context;\nimport com.pulumi.Pulumi;\nimport com.pulumi.core.Output;\nimport com.pulumi.gcp.storage.Bucket;\nimport com.pulumi.gcp.storage.BucketArgs;\nimport com.pulumi.gcp.storage.BucketObject;\nimport com.pulumi.gcp.storage.BucketObjectArgs;\nimport com.pulumi.gcp.storage.StorageFunctions;\nimport com.pulumi.gcp.storage.inputs.GetProjectServiceAccountArgs;\nimport com.pulumi.gcp.projects.IAMMember;\nimport com.pulumi.gcp.projects.IAMMemberArgs;\nimport com.pulumi.gcp.serviceaccount.Account;\nimport com.pulumi.gcp.serviceaccount.AccountArgs;\nimport com.pulumi.gcp.cloudfunctionsv2.Function;\nimport com.pulumi.gcp.cloudfunctionsv2.FunctionArgs;\nimport com.pulumi.gcp.cloudfunctionsv2.inputs.FunctionBuildConfigArgs;\nimport com.pulumi.gcp.cloudfunctionsv2.inputs.FunctionBuildConfigSourceArgs;\nimport com.pulumi.gcp.cloudfunctionsv2.inputs.FunctionBuildConfigSourceStorageSourceArgs;\nimport com.pulumi.gcp.cloudfunctionsv2.inputs.FunctionServiceConfigArgs;\nimport com.pulumi.gcp.cloudfunctionsv2.inputs.FunctionEventTriggerArgs;\nimport com.pulumi.resources.CustomResourceOptions;\nimport com.pulumi.asset.FileAsset;\nimport java.util.List;\nimport java.util.ArrayList;\nimport java.util.Map;\nimport java.io.File;\nimport java.nio.file.Files;\nimport java.nio.file.Paths;\n\npublic class App {\n public static void main(String[] args) {\n Pulumi.run(App::stack);\n }\n\n public static void stack(Context ctx) {\n var source_bucket = new Bucket(\"source-bucket\", BucketArgs.builder()\n .name(\"gcf-source-bucket\")\n .location(\"US\")\n .uniformBucketLevelAccess(true)\n .build());\n\n var object = new BucketObject(\"object\", BucketObjectArgs.builder()\n .name(\"function-source.zip\")\n .bucket(source_bucket.name())\n .source(new FileAsset(\"function-source.zip\"))\n .build());\n\n var trigger_bucket = new Bucket(\"trigger-bucket\", BucketArgs.builder()\n .name(\"gcf-trigger-bucket\")\n .location(\"us-central1\")\n .uniformBucketLevelAccess(true)\n .build());\n\n final var gcsAccount = StorageFunctions.getProjectServiceAccount();\n\n // To use GCS CloudEvent triggers, the GCS service account requires the Pub/Sub Publisher(roles/pubsub.publisher) IAM role in the specified project.\n // (See https://cloud.google.com/eventarc/docs/run/quickstart-storage#before-you-begin)\n var gcs_pubsub_publishing = new IAMMember(\"gcs-pubsub-publishing\", IAMMemberArgs.builder()\n .project(\"my-project-name\")\n .role(\"roles/pubsub.publisher\")\n .member(String.format(\"serviceAccount:%s\", gcsAccount.applyValue(getProjectServiceAccountResult -\u003e getProjectServiceAccountResult.emailAddress())))\n .build());\n\n var account = new Account(\"account\", AccountArgs.builder()\n .accountId(\"gcf-sa\")\n .displayName(\"Test Service Account - used for both the cloud function and eventarc trigger in the test\")\n .build());\n\n // Permissions on the service account used by the function and Eventarc trigger\n var invoking = new IAMMember(\"invoking\", IAMMemberArgs.builder()\n .project(\"my-project-name\")\n .role(\"roles/run.invoker\")\n .member(account.email().applyValue(email -\u003e String.format(\"serviceAccount:%s\", email)))\n .build(), CustomResourceOptions.builder()\n .dependsOn(gcs_pubsub_publishing)\n .build());\n\n var event_receiving = new IAMMember(\"event-receiving\", IAMMemberArgs.builder()\n .project(\"my-project-name\")\n .role(\"roles/eventarc.eventReceiver\")\n .member(account.email().applyValue(email -\u003e String.format(\"serviceAccount:%s\", email)))\n .build(), CustomResourceOptions.builder()\n .dependsOn(invoking)\n .build());\n\n var artifactregistry_reader = new IAMMember(\"artifactregistry-reader\", IAMMemberArgs.builder()\n .project(\"my-project-name\")\n .role(\"roles/artifactregistry.reader\")\n .member(account.email().applyValue(email -\u003e String.format(\"serviceAccount:%s\", email)))\n .build(), CustomResourceOptions.builder()\n .dependsOn(event_receiving)\n .build());\n\n var function = new Function(\"function\", FunctionArgs.builder()\n .name(\"gcf-function\")\n .location(\"us-central1\")\n .description(\"a new function\")\n .buildConfig(FunctionBuildConfigArgs.builder()\n .runtime(\"nodejs12\")\n .entryPoint(\"entryPoint\")\n .environmentVariables(Map.of(\"BUILD_CONFIG_TEST\", \"build_test\"))\n .source(FunctionBuildConfigSourceArgs.builder()\n .storageSource(FunctionBuildConfigSourceStorageSourceArgs.builder()\n .bucket(source_bucket.name())\n .object(object.name())\n .build())\n .build())\n .build())\n .serviceConfig(FunctionServiceConfigArgs.builder()\n .maxInstanceCount(3)\n .minInstanceCount(1)\n .availableMemory(\"256M\")\n .timeoutSeconds(60)\n .environmentVariables(Map.of(\"SERVICE_CONFIG_TEST\", \"config_test\"))\n .ingressSettings(\"ALLOW_INTERNAL_ONLY\")\n .allTrafficOnLatestRevision(true)\n .serviceAccountEmail(account.email())\n .build())\n .eventTrigger(FunctionEventTriggerArgs.builder()\n .eventType(\"google.cloud.storage.object.v1.finalized\")\n .retryPolicy(\"RETRY_POLICY_RETRY\")\n .serviceAccountEmail(account.email())\n .eventFilters(FunctionEventTriggerEventFilterArgs.builder()\n .attribute(\"bucket\")\n .value(trigger_bucket.name())\n .build())\n .build())\n .build(), CustomResourceOptions.builder()\n .dependsOn( \n event_receiving,\n artifactregistry_reader)\n .build());\n\n }\n}\n```\n```yaml\nresources:\n source-bucket:\n type: gcp:storage:Bucket\n properties:\n name: gcf-source-bucket\n location: US\n uniformBucketLevelAccess: true\n object:\n type: gcp:storage:BucketObject\n properties:\n name: function-source.zip\n bucket: ${[\"source-bucket\"].name}\n source:\n fn::FileAsset: function-source.zip\n trigger-bucket:\n type: gcp:storage:Bucket\n properties:\n name: gcf-trigger-bucket\n location: us-central1\n uniformBucketLevelAccess: true\n # To use GCS CloudEvent triggers, the GCS service account requires the Pub/Sub Publisher(roles/pubsub.publisher) IAM role in the specified project.\n # (See https://cloud.google.com/eventarc/docs/run/quickstart-storage#before-you-begin)\n gcs-pubsub-publishing:\n type: gcp:projects:IAMMember\n properties:\n project: my-project-name\n role: roles/pubsub.publisher\n member: serviceAccount:${gcsAccount.emailAddress}\n account:\n type: gcp:serviceaccount:Account\n properties:\n accountId: gcf-sa\n displayName: Test Service Account - used for both the cloud function and eventarc trigger in the test\n # Permissions on the service account used by the function and Eventarc trigger\n invoking:\n type: gcp:projects:IAMMember\n properties:\n project: my-project-name\n role: roles/run.invoker\n member: serviceAccount:${account.email}\n options:\n dependson:\n - ${[\"gcs-pubsub-publishing\"]}\n event-receiving:\n type: gcp:projects:IAMMember\n properties:\n project: my-project-name\n role: roles/eventarc.eventReceiver\n member: serviceAccount:${account.email}\n options:\n dependson:\n - ${invoking}\n artifactregistry-reader:\n type: gcp:projects:IAMMember\n properties:\n project: my-project-name\n role: roles/artifactregistry.reader\n member: serviceAccount:${account.email}\n options:\n dependson:\n - ${[\"event-receiving\"]}\n function:\n type: gcp:cloudfunctionsv2:Function\n properties:\n name: gcf-function\n location: us-central1\n description: a new function\n buildConfig:\n runtime: nodejs12\n entryPoint: entryPoint\n environmentVariables:\n BUILD_CONFIG_TEST: build_test\n source:\n storageSource:\n bucket: ${[\"source-bucket\"].name}\n object: ${object.name}\n serviceConfig:\n maxInstanceCount: 3\n minInstanceCount: 1\n availableMemory: 256M\n timeoutSeconds: 60\n environmentVariables:\n SERVICE_CONFIG_TEST: config_test\n ingressSettings: ALLOW_INTERNAL_ONLY\n allTrafficOnLatestRevision: true\n serviceAccountEmail: ${account.email}\n eventTrigger:\n eventType: google.cloud.storage.object.v1.finalized\n retryPolicy: RETRY_POLICY_RETRY\n serviceAccountEmail: ${account.email}\n eventFilters:\n - attribute: bucket\n value: ${[\"trigger-bucket\"].name}\n options:\n dependson:\n - ${[\"event-receiving\"]}\n - ${[\"artifactregistry-reader\"]}\nvariables:\n gcsAccount:\n fn::invoke:\n Function: gcp:storage:getProjectServiceAccount\n Arguments: {}\n```\n\u003c!--End PulumiCodeChooser --\u003e\n### Cloudfunctions2 Basic Auditlogs\n\n\n\u003c!--Start PulumiCodeChooser --\u003e\n```typescript\nimport * as pulumi from \"@pulumi/pulumi\";\nimport * as gcp from \"@pulumi/gcp\";\n\n// This example follows the examples shown in this Google Cloud Community blog post\n// https://medium.com/google-cloud/applying-a-path-pattern-when-filtering-in-eventarc-f06b937b4c34\n// and the docs:\n// https://cloud.google.com/eventarc/docs/path-patterns\nconst source_bucket = new gcp.storage.Bucket(\"source-bucket\", {\n name: \"gcf-source-bucket\",\n location: \"US\",\n uniformBucketLevelAccess: true,\n});\nconst object = new gcp.storage.BucketObject(\"object\", {\n name: \"function-source.zip\",\n bucket: source_bucket.name,\n source: new pulumi.asset.FileAsset(\"function-source.zip\"),\n});\nconst account = new gcp.serviceaccount.Account(\"account\", {\n accountId: \"gcf-sa\",\n displayName: \"Test Service Account - used for both the cloud function and eventarc trigger in the test\",\n});\n// Note: The right way of listening for Cloud Storage events is to use a Cloud Storage trigger.\n// Here we use Audit Logs to monitor the bucket so path patterns can be used in the example of\n// google_cloudfunctions2_function below (Audit Log events have path pattern support)\nconst audit_log_bucket = new gcp.storage.Bucket(\"audit-log-bucket\", {\n name: \"gcf-auditlog-bucket\",\n location: \"us-central1\",\n uniformBucketLevelAccess: true,\n});\n// Permissions on the service account used by the function and Eventarc trigger\nconst invoking = new gcp.projects.IAMMember(\"invoking\", {\n project: \"my-project-name\",\n role: \"roles/run.invoker\",\n member: pulumi.interpolate`serviceAccount:${account.email}`,\n});\nconst event_receiving = new gcp.projects.IAMMember(\"event-receiving\", {\n project: \"my-project-name\",\n role: \"roles/eventarc.eventReceiver\",\n member: pulumi.interpolate`serviceAccount:${account.email}`,\n}, {\n dependsOn: [invoking],\n});\nconst artifactregistry_reader = new gcp.projects.IAMMember(\"artifactregistry-reader\", {\n project: \"my-project-name\",\n role: \"roles/artifactregistry.reader\",\n member: pulumi.interpolate`serviceAccount:${account.email}`,\n}, {\n dependsOn: [event_receiving],\n});\nconst _function = new gcp.cloudfunctionsv2.Function(\"function\", {\n name: \"gcf-function\",\n location: \"us-central1\",\n description: \"a new function\",\n buildConfig: {\n runtime: \"nodejs12\",\n entryPoint: \"entryPoint\",\n environmentVariables: {\n BUILD_CONFIG_TEST: \"build_test\",\n },\n source: {\n storageSource: {\n bucket: source_bucket.name,\n object: object.name,\n },\n },\n },\n serviceConfig: {\n maxInstanceCount: 3,\n minInstanceCount: 1,\n availableMemory: \"256M\",\n timeoutSeconds: 60,\n environmentVariables: {\n SERVICE_CONFIG_TEST: \"config_test\",\n },\n ingressSettings: \"ALLOW_INTERNAL_ONLY\",\n allTrafficOnLatestRevision: true,\n serviceAccountEmail: account.email,\n },\n eventTrigger: {\n triggerRegion: \"us-central1\",\n eventType: \"google.cloud.audit.log.v1.written\",\n retryPolicy: \"RETRY_POLICY_RETRY\",\n serviceAccountEmail: account.email,\n eventFilters: [\n {\n attribute: \"serviceName\",\n value: \"storage.googleapis.com\",\n },\n {\n attribute: \"methodName\",\n value: \"storage.objects.create\",\n },\n {\n attribute: \"resourceName\",\n value: pulumi.interpolate`/projects/_/buckets/${audit_log_bucket.name}/objects/*.txt`,\n operator: \"match-path-pattern\",\n },\n ],\n },\n}, {\n dependsOn: [\n event_receiving,\n artifactregistry_reader,\n ],\n});\n```\n```python\nimport pulumi\nimport pulumi_gcp as gcp\n\n# This example follows the examples shown in this Google Cloud Community blog post\n# https://medium.com/google-cloud/applying-a-path-pattern-when-filtering-in-eventarc-f06b937b4c34\n# and the docs:\n# https://cloud.google.com/eventarc/docs/path-patterns\nsource_bucket = gcp.storage.Bucket(\"source-bucket\",\n name=\"gcf-source-bucket\",\n location=\"US\",\n uniform_bucket_level_access=True)\nobject = gcp.storage.BucketObject(\"object\",\n name=\"function-source.zip\",\n bucket=source_bucket.name,\n source=pulumi.FileAsset(\"function-source.zip\"))\naccount = gcp.serviceaccount.Account(\"account\",\n account_id=\"gcf-sa\",\n display_name=\"Test Service Account - used for both the cloud function and eventarc trigger in the test\")\n# Note: The right way of listening for Cloud Storage events is to use a Cloud Storage trigger.\n# Here we use Audit Logs to monitor the bucket so path patterns can be used in the example of\n# google_cloudfunctions2_function below (Audit Log events have path pattern support)\naudit_log_bucket = gcp.storage.Bucket(\"audit-log-bucket\",\n name=\"gcf-auditlog-bucket\",\n location=\"us-central1\",\n uniform_bucket_level_access=True)\n# Permissions on the service account used by the function and Eventarc trigger\ninvoking = gcp.projects.IAMMember(\"invoking\",\n project=\"my-project-name\",\n role=\"roles/run.invoker\",\n member=account.email.apply(lambda email: f\"serviceAccount:{email}\"))\nevent_receiving = gcp.projects.IAMMember(\"event-receiving\",\n project=\"my-project-name\",\n role=\"roles/eventarc.eventReceiver\",\n member=account.email.apply(lambda email: f\"serviceAccount:{email}\"),\n opts=pulumi.ResourceOptions(depends_on=[invoking]))\nartifactregistry_reader = gcp.projects.IAMMember(\"artifactregistry-reader\",\n project=\"my-project-name\",\n role=\"roles/artifactregistry.reader\",\n member=account.email.apply(lambda email: f\"serviceAccount:{email}\"),\n opts=pulumi.ResourceOptions(depends_on=[event_receiving]))\nfunction = gcp.cloudfunctionsv2.Function(\"function\",\n name=\"gcf-function\",\n location=\"us-central1\",\n description=\"a new function\",\n build_config=gcp.cloudfunctionsv2.FunctionBuildConfigArgs(\n runtime=\"nodejs12\",\n entry_point=\"entryPoint\",\n environment_variables={\n \"BUILD_CONFIG_TEST\": \"build_test\",\n },\n source=gcp.cloudfunctionsv2.FunctionBuildConfigSourceArgs(\n storage_source=gcp.cloudfunctionsv2.FunctionBuildConfigSourceStorageSourceArgs(\n bucket=source_bucket.name,\n object=object.name,\n ),\n ),\n ),\n service_config=gcp.cloudfunctionsv2.FunctionServiceConfigArgs(\n max_instance_count=3,\n min_instance_count=1,\n available_memory=\"256M\",\n timeout_seconds=60,\n environment_variables={\n \"SERVICE_CONFIG_TEST\": \"config_test\",\n },\n ingress_settings=\"ALLOW_INTERNAL_ONLY\",\n all_traffic_on_latest_revision=True,\n service_account_email=account.email,\n ),\n event_trigger=gcp.cloudfunctionsv2.FunctionEventTriggerArgs(\n trigger_region=\"us-central1\",\n event_type=\"google.cloud.audit.log.v1.written\",\n retry_policy=\"RETRY_POLICY_RETRY\",\n service_account_email=account.email,\n event_filters=[\n gcp.cloudfunctionsv2.FunctionEventTriggerEventFilterArgs(\n attribute=\"serviceName\",\n value=\"storage.googleapis.com\",\n ),\n gcp.cloudfunctionsv2.FunctionEventTriggerEventFilterArgs(\n attribute=\"methodName\",\n value=\"storage.objects.create\",\n ),\n gcp.cloudfunctionsv2.FunctionEventTriggerEventFilterArgs(\n attribute=\"resourceName\",\n value=audit_log_bucket.name.apply(lambda name: f\"/projects/_/buckets/{name}/objects/*.txt\"),\n operator=\"match-path-pattern\",\n ),\n ],\n ),\n opts=pulumi.ResourceOptions(depends_on=[\n event_receiving,\n artifactregistry_reader,\n ]))\n```\n```csharp\nusing System.Collections.Generic;\nusing System.Linq;\nusing Pulumi;\nusing Gcp = Pulumi.Gcp;\n\nreturn await Deployment.RunAsync(() =\u003e \n{\n // This example follows the examples shown in this Google Cloud Community blog post\n // https://medium.com/google-cloud/applying-a-path-pattern-when-filtering-in-eventarc-f06b937b4c34\n // and the docs:\n // https://cloud.google.com/eventarc/docs/path-patterns\n var source_bucket = new Gcp.Storage.Bucket(\"source-bucket\", new()\n {\n Name = \"gcf-source-bucket\",\n Location = \"US\",\n UniformBucketLevelAccess = true,\n });\n\n var @object = new Gcp.Storage.BucketObject(\"object\", new()\n {\n Name = \"function-source.zip\",\n Bucket = source_bucket.Name,\n Source = new FileAsset(\"function-source.zip\"),\n });\n\n var account = new Gcp.ServiceAccount.Account(\"account\", new()\n {\n AccountId = \"gcf-sa\",\n DisplayName = \"Test Service Account - used for both the cloud function and eventarc trigger in the test\",\n });\n\n // Note: The right way of listening for Cloud Storage events is to use a Cloud Storage trigger.\n // Here we use Audit Logs to monitor the bucket so path patterns can be used in the example of\n // google_cloudfunctions2_function below (Audit Log events have path pattern support)\n var audit_log_bucket = new Gcp.Storage.Bucket(\"audit-log-bucket\", new()\n {\n Name = \"gcf-auditlog-bucket\",\n Location = \"us-central1\",\n UniformBucketLevelAccess = true,\n });\n\n // Permissions on the service account used by the function and Eventarc trigger\n var invoking = new Gcp.Projects.IAMMember(\"invoking\", new()\n {\n Project = \"my-project-name\",\n Role = \"roles/run.invoker\",\n Member = account.Email.Apply(email =\u003e $\"serviceAccount:{email}\"),\n });\n\n var event_receiving = new Gcp.Projects.IAMMember(\"event-receiving\", new()\n {\n Project = \"my-project-name\",\n Role = \"roles/eventarc.eventReceiver\",\n Member = account.Email.Apply(email =\u003e $\"serviceAccount:{email}\"),\n }, new CustomResourceOptions\n {\n DependsOn =\n {\n invoking,\n },\n });\n\n var artifactregistry_reader = new Gcp.Projects.IAMMember(\"artifactregistry-reader\", new()\n {\n Project = \"my-project-name\",\n Role = \"roles/artifactregistry.reader\",\n Member = account.Email.Apply(email =\u003e $\"serviceAccount:{email}\"),\n }, new CustomResourceOptions\n {\n DependsOn =\n {\n event_receiving,\n },\n });\n\n var function = new Gcp.CloudFunctionsV2.Function(\"function\", new()\n {\n Name = \"gcf-function\",\n Location = \"us-central1\",\n Description = \"a new function\",\n BuildConfig = new Gcp.CloudFunctionsV2.Inputs.FunctionBuildConfigArgs\n {\n Runtime = \"nodejs12\",\n EntryPoint = \"entryPoint\",\n EnvironmentVariables = \n {\n { \"BUILD_CONFIG_TEST\", \"build_test\" },\n },\n Source = new Gcp.CloudFunctionsV2.Inputs.FunctionBuildConfigSourceArgs\n {\n StorageSource = new Gcp.CloudFunctionsV2.Inputs.FunctionBuildConfigSourceStorageSourceArgs\n {\n Bucket = source_bucket.Name,\n Object = @object.Name,\n },\n },\n },\n ServiceConfig = new Gcp.CloudFunctionsV2.Inputs.FunctionServiceConfigArgs\n {\n MaxInstanceCount = 3,\n MinInstanceCount = 1,\n AvailableMemory = \"256M\",\n TimeoutSeconds = 60,\n EnvironmentVariables = \n {\n { \"SERVICE_CONFIG_TEST\", \"config_test\" },\n },\n IngressSettings = \"ALLOW_INTERNAL_ONLY\",\n AllTrafficOnLatestRevision = true,\n ServiceAccountEmail = account.Email,\n },\n EventTrigger = new Gcp.CloudFunctionsV2.Inputs.FunctionEventTriggerArgs\n {\n TriggerRegion = \"us-central1\",\n EventType = \"google.cloud.audit.log.v1.written\",\n RetryPolicy = \"RETRY_POLICY_RETRY\",\n ServiceAccountEmail = account.Email,\n EventFilters = new[]\n {\n new Gcp.CloudFunctionsV2.Inputs.FunctionEventTriggerEventFilterArgs\n {\n Attribute = \"serviceName\",\n Value = \"storage.googleapis.com\",\n },\n new Gcp.CloudFunctionsV2.Inputs.FunctionEventTriggerEventFilterArgs\n {\n Attribute = \"methodName\",\n Value = \"storage.objects.create\",\n },\n new Gcp.CloudFunctionsV2.Inputs.FunctionEventTriggerEventFilterArgs\n {\n Attribute = \"resourceName\",\n Value = audit_log_bucket.Name.Apply(name =\u003e $\"/projects/_/buckets/{name}/objects/*.txt\"),\n Operator = \"match-path-pattern\",\n },\n },\n },\n }, new CustomResourceOptions\n {\n DependsOn =\n {\n event_receiving,\n artifactregistry_reader,\n },\n });\n\n});\n```\n```go\npackage main\n\nimport (\n\t\"fmt\"\n\n\t\"github.com/pulumi/pulumi-gcp/sdk/v7/go/gcp/cloudfunctionsv2\"\n\t\"github.com/pulumi/pulumi-gcp/sdk/v7/go/gcp/projects\"\n\t\"github.com/pulumi/pulumi-gcp/sdk/v7/go/gcp/serviceaccount\"\n\t\"github.com/pulumi/pulumi-gcp/sdk/v7/go/gcp/storage\"\n\t\"github.com/pulumi/pulumi/sdk/v3/go/pulumi\"\n)\n\nfunc main() {\n\tpulumi.Run(func(ctx *pulumi.Context) error {\n\t\t// This example follows the examples shown in this Google Cloud Community blog post\n\t\t// https://medium.com/google-cloud/applying-a-path-pattern-when-filtering-in-eventarc-f06b937b4c34\n\t\t// and the docs:\n\t\t// https://cloud.google.com/eventarc/docs/path-patterns\n\t\t_, err := storage.NewBucket(ctx, \"source-bucket\", \u0026storage.BucketArgs{\n\t\t\tName: pulumi.String(\"gcf-source-bucket\"),\n\t\t\tLocation: pulumi.String(\"US\"),\n\t\t\tUniformBucketLevelAccess: pulumi.Bool(true),\n\t\t})\n\t\tif err != nil {\n\t\t\treturn err\n\t\t}\n\t\tobject, err := storage.NewBucketObject(ctx, \"object\", \u0026storage.BucketObjectArgs{\n\t\t\tName: pulumi.String(\"function-source.zip\"),\n\t\t\tBucket: source_bucket.Name,\n\t\t\tSource: pulumi.NewFileAsset(\"function-source.zip\"),\n\t\t})\n\t\tif err != nil {\n\t\t\treturn err\n\t\t}\n\t\taccount, err := serviceaccount.NewAccount(ctx, \"account\", \u0026serviceaccount.AccountArgs{\n\t\t\tAccountId: pulumi.String(\"gcf-sa\"),\n\t\t\tDisplayName: pulumi.String(\"Test Service Account - used for both the cloud function and eventarc trigger in the test\"),\n\t\t})\n\t\tif err != nil {\n\t\t\treturn err\n\t\t}\n\t\t// Note: The right way of listening for Cloud Storage events is to use a Cloud Storage trigger.\n\t\t// Here we use Audit Logs to monitor the bucket so path patterns can be used in the example of\n\t\t// google_cloudfunctions2_function below (Audit Log events have path pattern support)\n\t\t_, err = storage.NewBucket(ctx, \"audit-log-bucket\", \u0026storage.BucketArgs{\n\t\t\tName: pulumi.String(\"gcf-auditlog-bucket\"),\n\t\t\tLocation: pulumi.String(\"us-central1\"),\n\t\t\tUniformBucketLevelAccess: pulumi.Bool(true),\n\t\t})\n\t\tif err != nil {\n\t\t\treturn err\n\t\t}\n\t\t// Permissions on the service account used by the function and Eventarc trigger\n\t\tinvoking, err := projects.NewIAMMember(ctx, \"invoking\", \u0026projects.IAMMemberArgs{\n\t\t\tProject: pulumi.String(\"my-project-name\"),\n\t\t\tRole: pulumi.String(\"roles/run.invoker\"),\n\t\t\tMember: account.Email.ApplyT(func(email string) (string, error) {\n\t\t\t\treturn fmt.Sprintf(\"serviceAccount:%v\", email), nil\n\t\t\t}).(pulumi.StringOutput),\n\t\t})\n\t\tif err != nil {\n\t\t\treturn err\n\t\t}\n\t\t_, err = projects.NewIAMMember(ctx, \"event-receiving\", \u0026projects.IAMMemberArgs{\n\t\t\tProject: pulumi.String(\"my-project-name\"),\n\t\t\tRole: pulumi.String(\"roles/eventarc.eventReceiver\"),\n\t\t\tMember: account.Email.ApplyT(func(email string) (string, error) {\n\t\t\t\treturn fmt.Sprintf(\"serviceAccount:%v\", email), nil\n\t\t\t}).(pulumi.StringOutput),\n\t\t}, pulumi.DependsOn([]pulumi.Resource{\n\t\t\tinvoking,\n\t\t}))\n\t\tif err != nil {\n\t\t\treturn err\n\t\t}\n\t\t_, err = projects.NewIAMMember(ctx, \"artifactregistry-reader\", \u0026projects.IAMMemberArgs{\n\t\t\tProject: pulumi.String(\"my-project-name\"),\n\t\t\tRole: pulumi.String(\"roles/artifactregistry.reader\"),\n\t\t\tMember: account.Email.ApplyT(func(email string) (string, error) {\n\t\t\t\treturn fmt.Sprintf(\"serviceAccount:%v\", email), nil\n\t\t\t}).(pulumi.StringOutput),\n\t\t}, pulumi.DependsOn([]pulumi.Resource{\n\t\t\tevent_receiving,\n\t\t}))\n\t\tif err != nil {\n\t\t\treturn err\n\t\t}\n\t\t_, err = cloudfunctionsv2.NewFunction(ctx, \"function\", \u0026cloudfunctionsv2.FunctionArgs{\n\t\t\tName: pulumi.String(\"gcf-function\"),\n\t\t\tLocation: pulumi.String(\"us-central1\"),\n\t\t\tDescription: pulumi.String(\"a new function\"),\n\t\t\tBuildConfig: \u0026cloudfunctionsv2.FunctionBuildConfigArgs{\n\t\t\t\tRuntime: pulumi.String(\"nodejs12\"),\n\t\t\t\tEntryPoint: pulumi.String(\"entryPoint\"),\n\t\t\t\tEnvironmentVariables: pulumi.StringMap{\n\t\t\t\t\t\"BUILD_CONFIG_TEST\": pulumi.String(\"build_test\"),\n\t\t\t\t},\n\t\t\t\tSource: \u0026cloudfunctionsv2.FunctionBuildConfigSourceArgs{\n\t\t\t\t\tStorageSource: \u0026cloudfunctionsv2.FunctionBuildConfigSourceStorageSourceArgs{\n\t\t\t\t\t\tBucket: source_bucket.Name,\n\t\t\t\t\t\tObject: object.Name,\n\t\t\t\t\t},\n\t\t\t\t},\n\t\t\t},\n\t\t\tServiceConfig: \u0026cloudfunctionsv2.FunctionServiceConfigArgs{\n\t\t\t\tMaxInstanceCount: pulumi.Int(3),\n\t\t\t\tMinInstanceCount: pulumi.Int(1),\n\t\t\t\tAvailableMemory: pulumi.String(\"256M\"),\n\t\t\t\tTimeoutSeconds: pulumi.Int(60),\n\t\t\t\tEnvironmentVariables: pulumi.StringMap{\n\t\t\t\t\t\"SERVICE_CONFIG_TEST\": pulumi.String(\"config_test\"),\n\t\t\t\t},\n\t\t\t\tIngressSettings: pulumi.String(\"ALLOW_INTERNAL_ONLY\"),\n\t\t\t\tAllTrafficOnLatestRevision: pulumi.Bool(true),\n\t\t\t\tServiceAccountEmail: account.Email,\n\t\t\t},\n\t\t\tEventTrigger: \u0026cloudfunctionsv2.FunctionEventTriggerArgs{\n\t\t\t\tTriggerRegion: pulumi.String(\"us-central1\"),\n\t\t\t\tEventType: pulumi.String(\"google.cloud.audit.log.v1.written\"),\n\t\t\t\tRetryPolicy: pulumi.String(\"RETRY_POLICY_RETRY\"),\n\t\t\t\tServiceAccountEmail: account.Email,\n\t\t\t\tEventFilters: cloudfunctionsv2.FunctionEventTriggerEventFilterArray{\n\t\t\t\t\t\u0026cloudfunctionsv2.FunctionEventTriggerEventFilterArgs{\n\t\t\t\t\t\tAttribute: pulumi.String(\"serviceName\"),\n\t\t\t\t\t\tValue: pulumi.String(\"storage.googleapis.com\"),\n\t\t\t\t\t},\n\t\t\t\t\t\u0026cloudfunctionsv2.FunctionEventTriggerEventFilterArgs{\n\t\t\t\t\t\tAttribute: pulumi.String(\"methodName\"),\n\t\t\t\t\t\tValue: pulumi.String(\"storage.objects.create\"),\n\t\t\t\t\t},\n\t\t\t\t\t\u0026cloudfunctionsv2.FunctionEventTriggerEventFilterArgs{\n\t\t\t\t\t\tAttribute: pulumi.String(\"resourceName\"),\n\t\t\t\t\t\tValue: audit_log_bucket.Name.ApplyT(func(name string) (string, error) {\n\t\t\t\t\t\t\treturn fmt.Sprintf(\"/projects/_/buckets/%v/objects/*.txt\", name), nil\n\t\t\t\t\t\t}).(pulumi.StringOutput),\n\t\t\t\t\t\tOperator: pulumi.String(\"match-path-pattern\"),\n\t\t\t\t\t},\n\t\t\t\t},\n\t\t\t},\n\t\t}, pulumi.DependsOn([]pulumi.Resource{\n\t\t\tevent_receiving,\n\t\t\tartifactregistry_reader,\n\t\t}))\n\t\tif err != nil {\n\t\t\treturn err\n\t\t}\n\t\treturn nil\n\t})\n}\n```\n```java\npackage generated_program;\n\nimport com.pulumi.Context;\nimport com.pulumi.Pulumi;\nimport com.pulumi.core.Output;\nimport com.pulumi.gcp.storage.Bucket;\nimport com.pulumi.gcp.storage.BucketArgs;\nimport com.pulumi.gcp.storage.BucketObject;\nimport com.pulumi.gcp.storage.BucketObjectArgs;\nimport com.pulumi.gcp.serviceaccount.Account;\nimport com.pulumi.gcp.serviceaccount.AccountArgs;\nimport com.pulumi.gcp.projects.IAMMember;\nimport com.pulumi.gcp.projects.IAMMemberArgs;\nimport com.pulumi.gcp.cloudfunctionsv2.Function;\nimport com.pulumi.gcp.cloudfunctionsv2.FunctionArgs;\nimport com.pulumi.gcp.cloudfunctionsv2.inputs.FunctionBuildConfigArgs;\nimport com.pulumi.gcp.cloudfunctionsv2.inputs.FunctionBuildConfigSourceArgs;\nimport com.pulumi.gcp.cloudfunctionsv2.inputs.FunctionBuildConfigSourceStorageSourceArgs;\nimport com.pulumi.gcp.cloudfunctionsv2.inputs.FunctionServiceConfigArgs;\nimport com.pulumi.gcp.cloudfunctionsv2.inputs.FunctionEventTriggerArgs;\nimport com.pulumi.resources.CustomResourceOptions;\nimport com.pulumi.asset.FileAsset;\nimport java.util.List;\nimport java.util.ArrayList;\nimport java.util.Map;\nimport java.io.File;\nimport java.nio.file.Files;\nimport java.nio.file.Paths;\n\npublic class App {\n public static void main(String[] args) {\n Pulumi.run(App::stack);\n }\n\n public static void stack(Context ctx) {\n // This example follows the examples shown in this Google Cloud Community blog post\n // https://medium.com/google-cloud/applying-a-path-pattern-when-filtering-in-eventarc-f06b937b4c34\n // and the docs:\n // https://cloud.google.com/eventarc/docs/path-patterns\n var source_bucket = new Bucket(\"source-bucket\", BucketArgs.builder()\n .name(\"gcf-source-bucket\")\n .location(\"US\")\n .uniformBucketLevelAccess(true)\n .build());\n\n var object = new BucketObject(\"object\", BucketObjectArgs.builder()\n .name(\"function-source.zip\")\n .bucket(source_bucket.name())\n .source(new FileAsset(\"function-source.zip\"))\n .build());\n\n var account = new Account(\"account\", AccountArgs.builder()\n .accountId(\"gcf-sa\")\n .displayName(\"Test Service Account - used for both the cloud function and eventarc trigger in the test\")\n .build());\n\n // Note: The right way of listening for Cloud Storage events is to use a Cloud Storage trigger.\n // Here we use Audit Logs to monitor the bucket so path patterns can be used in the example of\n // google_cloudfunctions2_function below (Audit Log events have path pattern support)\n var audit_log_bucket = new Bucket(\"audit-log-bucket\", BucketArgs.builder()\n .name(\"gcf-auditlog-bucket\")\n .location(\"us-central1\")\n .uniformBucketLevelAccess(true)\n .build());\n\n // Permissions on the service account used by the function and Eventarc trigger\n var invoking = new IAMMember(\"invoking\", IAMMemberArgs.builder()\n .project(\"my-project-name\")\n .role(\"roles/run.invoker\")\n .member(account.email().applyValue(email -\u003e String.format(\"serviceAccount:%s\", email)))\n .build());\n\n var event_receiving = new IAMMember(\"event-receiving\", IAMMemberArgs.builder()\n .project(\"my-project-name\")\n .role(\"roles/eventarc.eventReceiver\")\n .member(account.email().applyValue(email -\u003e String.format(\"serviceAccount:%s\", email)))\n .build(), CustomResourceOptions.builder()\n .dependsOn(invoking)\n .build());\n\n var artifactregistry_reader = new IAMMember(\"artifactregistry-reader\", IAMMemberArgs.builder()\n .project(\"my-project-name\")\n .role(\"roles/artifactregistry.reader\")\n .member(account.email().applyValue(email -\u003e String.format(\"serviceAccount:%s\", email)))\n .build(), CustomResourceOptions.builder()\n .dependsOn(event_receiving)\n .build());\n\n var function = new Function(\"function\", FunctionArgs.builder()\n .name(\"gcf-function\")\n .location(\"us-central1\")\n .description(\"a new function\")\n .buildConfig(FunctionBuildConfigArgs.builder()\n .runtime(\"nodejs12\")\n .entryPoint(\"entryPoint\")\n .environmentVariables(Map.of(\"BUILD_CONFIG_TEST\", \"build_test\"))\n .source(FunctionBuildConfigSourceArgs.builder()\n .storageSource(FunctionBuildConfigSourceStorageSourceArgs.builder()\n .bucket(source_bucket.name())\n .object(object.name())\n .build())\n .build())\n .build())\n .serviceConfig(FunctionServiceConfigArgs.builder()\n .maxInstanceCount(3)\n .minInstanceCount(1)\n .availableMemory(\"256M\")\n .timeoutSeconds(60)\n .environmentVariables(Map.of(\"SERVICE_CONFIG_TEST\", \"config_test\"))\n .ingressSettings(\"ALLOW_INTERNAL_ONLY\")\n .allTrafficOnLatestRevision(true)\n .serviceAccountEmail(account.email())\n .build())\n .eventTrigger(FunctionEventTriggerArgs.builder()\n .triggerRegion(\"us-central1\")\n .eventType(\"google.cloud.audit.log.v1.written\")\n .retryPolicy(\"RETRY_POLICY_RETRY\")\n .serviceAccountEmail(account.email())\n .eventFilters( \n FunctionEventTriggerEventFilterArgs.builder()\n .attribute(\"serviceName\")\n .value(\"storage.googleapis.com\")\n .build(),\n FunctionEventTriggerEventFilterArgs.builder()\n .attribute(\"methodName\")\n .value(\"storage.objects.create\")\n .build(),\n FunctionEventTriggerEventFilterArgs.builder()\n .attribute(\"resourceName\")\n .value(audit_log_bucket.name().applyValue(name -\u003e String.format(\"/projects/_/buckets/%s/objects/*.txt\", name)))\n .operator(\"match-path-pattern\")\n .build())\n .build())\n .build(), CustomResourceOptions.builder()\n .dependsOn( \n event_receiving,\n artifactregistry_reader)\n .build());\n\n }\n}\n```\n```yaml\nresources:\n # This example follows the examples shown in this Google Cloud Community blog post\n # https://medium.com/google-cloud/applying-a-path-pattern-when-filtering-in-eventarc-f06b937b4c34\n # and the docs:\n # https://cloud.google.com/eventarc/docs/path-patterns\n source-bucket:\n type: gcp:storage:Bucket\n properties:\n name: gcf-source-bucket\n location: US\n uniformBucketLevelAccess: true\n object:\n type: gcp:storage:BucketObject\n properties:\n name: function-source.zip\n bucket: ${[\"source-bucket\"].name}\n source:\n fn::FileAsset: function-source.zip\n account:\n type: gcp:serviceaccount:Account\n properties:\n accountId: gcf-sa\n displayName: Test Service Account - used for both the cloud function and eventarc trigger in the test\n # Note: The right way of listening for Cloud Storage events is to use a Cloud Storage trigger.\n # Here we use Audit Logs to monitor the bucket so path patterns can be used in the example of\n # google_cloudfunctions2_function below (Audit Log events have path pattern support)\n audit-log-bucket:\n type: gcp:storage:Bucket\n properties:\n name: gcf-auditlog-bucket\n location: us-central1\n uniformBucketLevelAccess: true\n # Permissions on the service account used by the function and Eventarc trigger\n invoking:\n type: gcp:projects:IAMMember\n properties:\n project: my-project-name\n role: roles/run.invoker\n member: serviceAccount:${account.email}\n event-receiving:\n type: gcp:projects:IAMMember\n properties:\n project: my-project-name\n role: roles/eventarc.eventReceiver\n member: serviceAccount:${account.email}\n options:\n dependson:\n - ${invoking}\n artifactregistry-reader:\n type: gcp:projects:IAMMember\n properties:\n project: my-project-name\n role: roles/artifactregistry.reader\n member: serviceAccount:${account.email}\n options:\n dependson:\n - ${[\"event-receiving\"]}\n function:\n type: gcp:cloudfunctionsv2:Function\n properties:\n name: gcf-function\n location: us-central1\n description: a new function\n buildConfig:\n runtime: nodejs12\n entryPoint: entryPoint\n environmentVariables:\n BUILD_CONFIG_TEST: build_test\n source:\n storageSource:\n bucket: ${[\"source-bucket\"].name}\n object: ${object.name}\n serviceConfig:\n maxInstanceCount: 3\n minInstanceCount: 1\n availableMemory: 256M\n timeoutSeconds: 60\n environmentVariables:\n SERVICE_CONFIG_TEST: config_test\n ingressSettings: ALLOW_INTERNAL_ONLY\n allTrafficOnLatestRevision: true\n serviceAccountEmail: ${account.email}\n eventTrigger:\n triggerRegion: us-central1\n eventType: google.cloud.audit.log.v1.written\n retryPolicy: RETRY_POLICY_RETRY\n serviceAccountEmail: ${account.email}\n eventFilters:\n - attribute: serviceName\n value: storage.googleapis.com\n - attribute: methodName\n value: storage.objects.create\n - attribute: resourceName\n value: /projects/_/buckets/${[\"audit-log-bucket\"].name}/objects/*.txt\n operator: match-path-pattern\n options:\n dependson:\n - ${[\"event-receiving\"]}\n - ${[\"artifactregistry-reader\"]}\n```\n\u003c!--End PulumiCodeChooser --\u003e\n### Cloudfunctions2 Basic Builder\n\n\n\u003c!--Start PulumiCodeChooser --\u003e\n```typescript\nimport * as pulumi from \"@pulumi/pulumi\";\nimport * as gcp from \"@pulumi/gcp\";\nimport * as time from \"@pulumi/time\";\n\nconst project = \"my-project-name\";\nconst account = new gcp.serviceaccount.Account(\"account\", {\n accountId: \"gcf-sa\",\n displayName: \"Test Service Account\",\n});\nconst logWriter = new gcp.projects.IAMMember(\"log_writer\", {\n project: account.project,\n role: \"roles/logging.logWriter\",\n member: pulumi.interpolate`serviceAccount:${account.email}`,\n});\nconst artifactRegistryWriter = new gcp.projects.IAMMember(\"artifact_registry_writer\", {\n project: account.project,\n role: \"roles/artifactregistry.writer\",\n member: pulumi.interpolate`serviceAccount:${account.email}`,\n});\nconst storageObjectAdmin = new gcp.projects.IAMMember(\"storage_object_admin\", {\n project: account.project,\n role: \"roles/storage.objectAdmin\",\n member: pulumi.interpolate`serviceAccount:${account.email}`,\n});\nconst bucket = new gcp.storage.Bucket(\"bucket\", {\n name: `${project}-gcf-source`,\n location: \"US\",\n uniformBucketLevelAccess: true,\n});\nconst object = new gcp.storage.BucketObject(\"object\", {\n name: \"function-source.zip\",\n bucket: bucket.name,\n source: new pulumi.asset.FileAsset(\"function-source.zip\"),\n});\n// builder permissions need to stablize before it can pull the source zip\nconst wait60s = new time.index.Sleep(\"wait_60s\", {createDuration: \"60s\"}, {\n dependsOn: [\n logWriter,\n artifactRegistryWriter,\n storageObjectAdmin,\n ],\n});\nconst _function = new gcp.cloudfunctionsv2.Function(\"function\", {\n name: \"function-v2\",\n location: \"us-central1\",\n description: \"a new function\",\n buildConfig: {\n runtime: \"nodejs16\",\n entryPoint: \"helloHttp\",\n source: {\n storageSource: {\n bucket: bucket.name,\n object: object.name,\n },\n },\n serviceAccount: account.id,\n },\n serviceConfig: {\n maxInstanceCount: 1,\n availableMemory: \"256M\",\n timeoutSeconds: 60,\n },\n}, {\n dependsOn: [wait60s],\n});\n```\n```python\nimport pulumi\nimport pulumi_gcp as gcp\nimport pulumi_time as time\n\nproject = \"my-project-name\"\naccount = gcp.serviceaccount.Account(\"account\",\n account_id=\"gcf-sa\",\n display_name=\"Test Service Account\")\nlog_writer = gcp.projects.IAMMember(\"log_writer\",\n project=account.project,\n role=\"roles/logging.logWriter\",\n member=account.email.apply(lambda email: f\"serviceAccount:{email}\"))\nartifact_registry_writer = gcp.projects.IAMMember(\"artifact_registry_writer\",\n project=account.project,\n role=\"roles/artifactregistry.writer\",\n member=account.email.apply(lambda email: f\"serviceAccount:{email}\"))\nstorage_object_admin = gcp.projects.IAMMember(\"storage_object_admin\",\n project=account.project,\n role=\"roles/storage.objectAdmin\",\n member=account.email.apply(lambda email: f\"serviceAccount:{email}\"))\nbucket = gcp.storage.Bucket(\"bucket\",\n name=f\"{project}-gcf-source\",\n location=\"US\",\n uniform_bucket_level_access=True)\nobject = gcp.storage.BucketObject(\"object\",\n name=\"function-source.zip\",\n bucket=bucket.name,\n source=pulumi.FileAsset(\"function-source.zip\"))\n# builder permissions need to stablize before it can pull the source zip\nwait60s = time.index.Sleep(\"wait_60s\", create_duration=60s,\nopts=pulumi.ResourceOptions(depends_on=[\n log_writer,\n artifact_registry_writer,\n storage_object_admin,\n ]))\nfunction = gcp.cloudfunctionsv2.Function(\"function\",\n name=\"function-v2\",\n location=\"us-central1\",\n description=\"a new function\",\n build_config=gcp.cloudfunctionsv2.FunctionBuildConfigArgs(\n runtime=\"nodejs16\",\n entry_point=\"helloHttp\",\n source=gcp.cloudfunctionsv2.FunctionBuildConfigSourceArgs(\n storage_source=gcp.cloudfunctionsv2.FunctionBuildConfigSourceStorageSourceArgs(\n bucket=bucket.name,\n object=object.name,\n ),\n ),\n service_account=account.id,\n ),\n service_config=gcp.cloudfunctionsv2.FunctionServiceConfigArgs(\n max_instance_count=1,\n available_memory=\"256M\",\n timeout_seconds=60,\n ),\n opts=pulumi.ResourceOptions(depends_on=[wait60s]))\n```\n```csharp\nusing System.Collections.Generic;\nusing System.Linq;\nusing Pulumi;\nusing Gcp = Pulumi.Gcp;\nusing Time = Pulumi.Time;\n\nreturn await Deployment.RunAsync(() =\u003e \n{\n var project = \"my-project-name\";\n\n var account = new Gcp.ServiceAccount.Account(\"account\", new()\n {\n AccountId = \"gcf-sa\",\n DisplayName = \"Test Service Account\",\n });\n\n var logWriter = new Gcp.Projects.IAMMember(\"log_writer\", new()\n {\n Project = account.Project,\n Role = \"roles/logging.logWriter\",\n Member = account.Email.Apply(email =\u003e $\"serviceAccount:{email}\"),\n });\n\n var artifactRegistryWriter = new Gcp.Projects.IAMMember(\"artifact_registry_writer\", new()\n {\n Project = account.Project,\n Role = \"roles/artifactregistry.writer\",\n Member = account.Email.Apply(email =\u003e $\"serviceAccount:{email}\"),\n });\n\n var storageObjectAdmin = new Gcp.Projects.IAMMember(\"storage_object_admin\", new()\n {\n Project = account.Project,\n Role = \"roles/storage.objectAdmin\",\n Member = account.Email.Apply(email =\u003e $\"serviceAccount:{email}\"),\n });\n\n var bucket = new Gcp.Storage.Bucket(\"bucket\", new()\n {\n Name = $\"{project}-gcf-source\",\n Location = \"US\",\n UniformBucketLevelAccess = true,\n });\n\n var @object = new Gcp.Storage.BucketObject(\"object\", new()\n {\n Name = \"function-source.zip\",\n Bucket = bucket.Name,\n Source = new FileAsset(\"function-source.zip\"),\n });\n\n // builder permissions need to stablize before it can pull the source zip\n var wait60s = new Time.Index.Sleep(\"wait_60s\", new()\n {\n CreateDuration = \"60s\",\n }, new CustomResourceOptions\n {\n DependsOn =\n {\n logWriter,\n artifactRegistryWriter,\n storageObjectAdmin,\n },\n });\n\n var function = new Gcp.CloudFunctionsV2.Function(\"function\", new()\n {\n Name = \"function-v2\",\n Location = \"us-central1\",\n Description = \"a new function\",\n BuildConfig = new Gcp.CloudFunctionsV2.Inputs.FunctionBuildConfigArgs\n {\n Runtime = \"nodejs16\",\n EntryPoint = \"helloHttp\",\n Source = new Gcp.CloudFunctionsV2.Inputs.FunctionBuildConfigSourceArgs\n {\n StorageSource = new Gcp.CloudFunctionsV2.Inputs.FunctionBuildConfigSourceStorageSourceArgs\n {\n Bucket = bucket.Name,\n Object = @object.Name,\n },\n },\n ServiceAccount = account.Id,\n },\n ServiceConfig = new Gcp.CloudFunctionsV2.Inputs.FunctionServiceConfigArgs\n {\n MaxInstanceCount = 1,\n AvailableMemory = \"256M\",\n TimeoutSeconds = 60,\n },\n }, new CustomResourceOptions\n {\n DependsOn =\n {\n wait60s,\n },\n });\n\n});\n```\n```go\npackage main\n\nimport (\n\t\"fmt\"\n\n\t\"github.com/pulumi/pulumi-gcp/sdk/v7/go/gcp/cloudfunctionsv2\"\n\t\"github.com/pulumi/pulumi-gcp/sdk/v7/go/gcp/projects\"\n\t\"github.com/pulumi/pulumi-gcp/sdk/v7/go/gcp/serviceaccount\"\n\t\"github.com/pulumi/pulumi-gcp/sdk/v7/go/gcp/storage\"\n\t\"github.com/pulumi/pulumi-time/sdk/go/time\"\n\t\"github.com/pulumi/pulumi/sdk/v3/go/pulumi\"\n)\n\nfunc main() {\n\tpulumi.Run(func(ctx *pulumi.Context) error {\n\t\tproject := \"my-project-name\"\n\t\taccount, err := serviceaccount.NewAccount(ctx, \"account\", \u0026serviceaccount.AccountArgs{\n\t\t\tAccountId: pulumi.String(\"gcf-sa\"),\n\t\t\tDisplayName: pulumi.String(\"Test Service Account\"),\n\t\t})\n\t\tif err != nil {\n\t\t\treturn err\n\t\t}\n\t\tlogWriter, err := projects.NewIAMMember(ctx, \"log_writer\", \u0026projects.IAMMemberArgs{\n\t\t\tProject: account.Project,\n\t\t\tRole: pulumi.String(\"roles/logging.logWriter\"),\n\t\t\tMember: account.Email.ApplyT(func(email string) (string, error) {\n\t\t\t\treturn fmt.Sprintf(\"serviceAccount:%v\", email), nil\n\t\t\t}).(pulumi.StringOutput),\n\t\t})\n\t\tif err != nil {\n\t\t\treturn err\n\t\t}\n\t\tartifactRegistryWriter, err := projects.NewIAMMember(ctx, \"artifact_registry_writer\", \u0026projects.IAMMemberArgs{\n\t\t\tProject: account.Project,\n\t\t\tRole: pulumi.String(\"roles/artifactregistry.writer\"),\n\t\t\tMember: account.Email.ApplyT(func(email string) (string, error) {\n\t\t\t\treturn fmt.Sprintf(\"serviceAccount:%v\", email), nil\n\t\t\t}).(pulumi.StringOutput),\n\t\t})\n\t\tif err != nil {\n\t\t\treturn err\n\t\t}\n\t\tstorageObjectAdmin, err := projects.NewIAMMember(ctx, \"storage_object_admin\", \u0026projects.IAMMemberArgs{\n\t\t\tProject: account.Project,\n\t\t\tRole: pulumi.String(\"roles/storage.objectAdmin\"),\n\t\t\tMember: account.Email.ApplyT(func(email string) (string, error) {\n\t\t\t\treturn fmt.Sprintf(\"serviceAccount:%v\", email), nil\n\t\t\t}).(pulumi.StringOutput),\n\t\t})\n\t\tif err != nil {\n\t\t\treturn err\n\t\t}\n\t\tbucket, err := storage.NewBucket(ctx, \"bucket\", \u0026storage.BucketArgs{\n\t\t\tName: pulumi.String(fmt.Sprintf(\"%v-gcf-source\", project)),\n\t\t\tLocation: pulumi.String(\"US\"),\n\t\t\tUniformBucketLevelAccess: pulumi.Bool(true),\n\t\t})\n\t\tif err != nil {\n\t\t\treturn err\n\t\t}\n\t\tobject, err := storage.NewBucketObject(ctx, \"object\", \u0026storage.BucketObjectArgs{\n\t\t\tName: pulumi.String(\"function-source.zip\"),\n\t\t\tBucket: bucket.Name,\n\t\t\tSource: pulumi.NewFileAsset(\"function-source.zip\"),\n\t\t})\n\t\tif err != nil {\n\t\t\treturn err\n\t\t}\n\t\t// builder permissions need to stablize before it can pull the source zip\n\t\twait60s, err := time.NewSleep(ctx, \"wait_60s\", \u0026time.SleepArgs{\n\t\t\tCreateDuration: \"60s\",\n\t\t}, pulumi.DependsOn([]pulumi.Resource{\n\t\t\tlogWriter,\n\t\t\tartifactRegistryWriter,\n\t\t\tstorageObjectAdmin,\n\t\t}))\n\t\tif err != nil {\n\t\t\treturn err\n\t\t}\n\t\t_, err = cloudfunctionsv2.NewFunction(ctx, \"function\", \u0026cloudfunctionsv2.FunctionArgs{\n\t\t\tName: pulumi.String(\"function-v2\"),\n\t\t\tLocation: pulumi.String(\"us-central1\"),\n\t\t\tDescription: pulumi.String(\"a new function\"),\n\t\t\tBuildConfig: \u0026cloudfunctionsv2.FunctionBuildConfigArgs{\n\t\t\t\tRuntime: pulumi.String(\"nodejs16\"),\n\t\t\t\tEntryPoint: pulumi.String(\"helloHttp\"),\n\t\t\t\tSource: \u0026cloudfunctionsv2.FunctionBuildConfigSourceArgs{\n\t\t\t\t\tStorageSource: \u0026cloudfunctionsv2.FunctionBuildConfigSourceStorageSourceArgs{\n\t\t\t\t\t\tBucket: bucket.Name,\n\t\t\t\t\t\tObject: object.Name,\n\t\t\t\t\t},\n\t\t\t\t},\n\t\t\t\tServiceAccount: account.ID(),\n\t\t\t},\n\t\t\tServiceConfig: \u0026cloudfunctionsv2.FunctionServiceConfigArgs{\n\t\t\t\tMaxInstanceCount: pulumi.Int(1),\n\t\t\t\tAvailableMemory: pulumi.String(\"256M\"),\n\t\t\t\tTimeoutSeconds: pulumi.Int(60),\n\t\t\t},\n\t\t}, pulumi.DependsOn([]pulumi.Resource{\n\t\t\twait60s,\n\t\t}))\n\t\tif err != nil {\n\t\t\treturn err\n\t\t}\n\t\treturn nil\n\t})\n}\n```\n```java\npackage generated_program;\n\nimport com.pulumi.Context;\nimport com.pulumi.Pulumi;\nimport com.pulumi.core.Output;\nimport com.pulumi.gcp.serviceaccount.Account;\nimport com.pulumi.gcp.serviceaccount.AccountArgs;\nimport com.pulumi.gcp.projects.IAMMember;\nimport com.pulumi.gcp.projects.IAMMemberArgs;\nimport com.pulumi.gcp.storage.Bucket;\nimport com.pulumi.gcp.storage.BucketArgs;\nimport com.pulumi.gcp.storage.BucketObject;\nimport com.pulumi.gcp.storage.BucketObjectArgs;\nimport com.pulumi.time.sleep;\nimport com.pulumi.time.SleepArgs;\nimport com.pulumi.gcp.cloudfunctionsv2.Function;\nimport com.pulumi.gcp.cloudfunctionsv2.FunctionArgs;\nimport com.pulumi.gcp.cloudfunctionsv2.inputs.FunctionBuildConfigArgs;\nimport com.pulumi.gcp.cloudfunctionsv2.inputs.FunctionBuildConfigSourceArgs;\nimport com.pulumi.gcp.cloudfunctionsv2.inputs.FunctionBuildConfigSourceStorageSourceArgs;\nimport com.pulumi.gcp.cloudfunctionsv2.inputs.FunctionServiceConfigArgs;\nimport com.pulumi.resources.CustomResourceOptions;\nimport com.pulumi.asset.FileAsset;\nimport java.util.List;\nimport java.util.ArrayList;\nimport java.util.Map;\nimport java.io.File;\nimport java.nio.file.Files;\nimport java.nio.file.Paths;\n\npublic class App {\n public static void main(String[] args) {\n Pulumi.run(App::stack);\n }\n\n public static void stack(Context ctx) {\n final var project = \"my-project-name\";\n\n var account = new Account(\"account\", AccountArgs.builder()\n .accountId(\"gcf-sa\")\n .displayName(\"Test Service Account\")\n .build());\n\n var logWriter = new IAMMember(\"logWriter\", IAMMemberArgs.builder()\n .project(account.project())\n .role(\"roles/logging.logWriter\")\n .member(account.email().applyValue(email -\u003e String.format(\"serviceAccount:%s\", email)))\n .build());\n\n var artifactRegistryWriter = new IAMMember(\"artifactRegistryWriter\", IAMMemberArgs.builder()\n .project(account.project())\n .role(\"roles/artifactregistry.writer\")\n .member(account.email().applyValue(email -\u003e String.format(\"serviceAccount:%s\", email)))\n .build());\n\n var storageObjectAdmin = new IAMMember(\"storageObjectAdmin\", IAMMemberArgs.builder()\n .project(account.project())\n .role(\"roles/storage.objectAdmin\")\n .member(account.email().applyValue(email -\u003e String.format(\"serviceAccount:%s\", email)))\n .build());\n\n var bucket = new Bucket(\"bucket\", BucketArgs.builder()\n .name(String.format(\"%s-gcf-source\", project))\n .location(\"US\")\n .uniformBucketLevelAccess(true)\n .build());\n\n var object = new BucketObject(\"object\", BucketObjectArgs.builder()\n .name(\"function-source.zip\")\n .bucket(bucket.name())\n .source(new FileAsset(\"function-source.zip\"))\n .build());\n\n // builder permissions need to stablize before it can pull the source zip\n var wait60s = new Sleep(\"wait60s\", SleepArgs.builder()\n .createDuration(\"60s\")\n .build(), CustomResourceOptions.builder()\n .dependsOn( \n logWriter,\n artifactRegistryWriter,\n storageObjectAdmin)\n .build());\n\n var function = new Function(\"function\", FunctionArgs.builder()\n .name(\"function-v2\")\n .location(\"us-central1\")\n .description(\"a new function\")\n .buildConfig(FunctionBuildConfigArgs.builder()\n .runtime(\"nodejs16\")\n .entryPoint(\"helloHttp\")\n .source(FunctionBuildConfigSourceArgs.builder()\n .storageSource(FunctionBuildConfigSourceStorageSourceArgs.builder()\n .bucket(bucket.name())\n .object(object.name())\n .build())\n .build())\n .serviceAccount(account.id())\n .build())\n .serviceConfig(FunctionServiceConfigArgs.builder()\n .maxInstanceCount(1)\n .availableMemory(\"256M\")\n .timeoutSeconds(60)\n .build())\n .build(), CustomResourceOptions.builder()\n .dependsOn(wait60s)\n .build());\n\n }\n}\n```\n```yaml\nresources:\n account:\n type: gcp:serviceaccount:Account\n properties:\n accountId: gcf-sa\n displayName: Test Service Account\n logWriter:\n type: gcp:projects:IAMMember\n name: log_writer\n properties:\n project: ${account.project}\n role: roles/logging.logWriter\n member: serviceAccount:${account.email}\n artifactRegistryWriter:\n type: gcp:projects:IAMMember\n name: artifact_registry_writer\n properties:\n project: ${account.project}\n role: roles/artifactregistry.writer\n member: serviceAccount:${account.email}\n storageObjectAdmin:\n type: gcp:projects:IAMMember\n name: storage_object_admin\n properties:\n project: ${account.project}\n role: roles/storage.objectAdmin\n member: serviceAccount:${account.email}\n bucket:\n type: gcp:storage:Bucket\n properties:\n name: ${project}-gcf-source\n location: US\n uniformBucketLevelAccess: true\n object:\n type: gcp:storage:BucketObject\n properties:\n name: function-source.zip\n bucket: ${bucket.name}\n source:\n fn::FileAsset: function-source.zip\n # builder permissions need to stablize before it can pull the source zip\n wait60s:\n type: time:sleep\n name: wait_60s\n properties:\n createDuration: 60s\n options:\n dependson:\n - ${logWriter}\n - ${artifactRegistryWriter}\n - ${storageObjectAdmin}\n function:\n type: gcp:cloudfunctionsv2:Function\n properties:\n name: function-v2\n location: us-central1\n description: a new function\n buildConfig:\n runtime: nodejs16\n entryPoint: helloHttp\n source:\n storageSource:\n bucket: ${bucket.name}\n object: ${object.name}\n serviceAccount: ${account.id}\n serviceConfig:\n maxInstanceCount: 1\n availableMemory: 256M\n timeoutSeconds: 60\n options:\n dependson:\n - ${wait60s}\nvariables:\n project: my-project-name\n```\n\u003c!--End PulumiCodeChooser --\u003e\n### Cloudfunctions2 Secret Env\n\n\n\u003c!--Start PulumiCodeChooser --\u003e\n```typescript\nimport * as pulumi from \"@pulumi/pulumi\";\nimport * as gcp from \"@pulumi/gcp\";\n\nconst project = \"my-project-name\";\nconst bucket = new gcp.storage.Bucket(\"bucket\", {\n name: `${project}-gcf-source`,\n location: \"US\",\n uniformBucketLevelAccess: true,\n});\nconst object = new gcp.storage.BucketObject(\"object\", {\n name: \"function-source.zip\",\n bucket: bucket.name,\n source: new pulumi.asset.FileAsset(\"function-source.zip\"),\n});\nconst secret = new gcp.secretmanager.Secret(\"secret\", {\n secretId: \"secret\",\n replication: {\n userManaged: {\n replicas: [{\n location: \"us-central1\",\n }],\n },\n },\n});\nconst secretSecretVersion = new gcp.secretmanager.SecretVersion(\"secret\", {\n secret: secret.name,\n secretData: \"secret\",\n enabled: true,\n});\nconst _function = new gcp.cloudfunctionsv2.Function(\"function\", {\n name: \"function-secret\",\n location: \"us-central1\",\n description: \"a new function\",\n buildConfig: {\n runtime: \"nodejs16\",\n entryPoint: \"helloHttp\",\n source: {\n storageSource: {\n bucket: bucket.name,\n object: object.name,\n },\n },\n },\n serviceConfig: {\n maxInstanceCount: 1,\n availableMemory: \"256M\",\n timeoutSeconds: 60,\n secretEnvironmentVariables: [{\n key: \"TEST\",\n projectId: project,\n secret: secret.secretId,\n version: \"latest\",\n }],\n },\n}, {\n dependsOn: [secretSecretVersion],\n});\n```\n```python\nimport pulumi\nimport pulumi_gcp as gcp\n\nproject = \"my-project-name\"\nbucket = gcp.storage.Bucket(\"bucket\",\n name=f\"{project}-gcf-source\",\n location=\"US\",\n uniform_bucket_level_access=True)\nobject = gcp.storage.BucketObject(\"object\",\n name=\"function-source.zip\",\n bucket=bucket.name,\n source=pulumi.FileAsset(\"function-source.zip\"))\nsecret = gcp.secretmanager.Secret(\"secret\",\n secret_id=\"secret\",\n replication=gcp.secretmanager.SecretReplicationArgs(\n user_managed=gcp.secretmanager.SecretReplicationUserManagedArgs(\n replicas=[gcp.secretmanager.SecretReplicationUserManagedReplicaArgs(\n location=\"us-central1\",\n )],\n ),\n ))\nsecret_secret_version = gcp.secretmanager.SecretVersion(\"secret\",\n secret=secret.name,\n secret_data=\"secret\",\n enabled=True)\nfunction = gcp.cloudfunctionsv2.Function(\"function\",\n name=\"function-secret\",\n location=\"us-central1\",\n description=\"a new function\",\n build_config=gcp.cloudfunctionsv2.FunctionBuildConfigArgs(\n runtime=\"nodejs16\",\n entry_point=\"helloHttp\",\n source=gcp.cloudfunctionsv2.FunctionBuildConfigSourceArgs(\n storage_source=gcp.cloudfunctionsv2.FunctionBuildConfigSourceStorageSourceArgs(\n bucket=bucket.name,\n object=object.name,\n ),\n ),\n ),\n service_config=gcp.cloudfunctionsv2.FunctionServiceConfigArgs(\n max_instance_count=1,\n available_memory=\"256M\",\n timeout_seconds=60,\n secret_environment_variables=[gcp.cloudfunctionsv2.FunctionServiceConfigSecretEnvironmentVariableArgs(\n key=\"TEST\",\n project_id=project,\n secret=secret.secret_id,\n version=\"latest\",\n )],\n ),\n opts=pulumi.ResourceOptions(depends_on=[secret_secret_version]))\n```\n```csharp\nusing System.Collections.Generic;\nusing System.Linq;\nusing Pulumi;\nusing Gcp = Pulumi.Gcp;\n\nreturn await Deployment.RunAsync(() =\u003e \n{\n var project = \"my-project-name\";\n\n var bucket = new Gcp.Storage.Bucket(\"bucket\", new()\n {\n Name = $\"{project}-gcf-source\",\n Location = \"US\",\n UniformBucketLevelAccess = true,\n });\n\n var @object = new Gcp.Storage.BucketObject(\"object\", new()\n {\n Name = \"function-source.zip\",\n Bucket = bucket.Name,\n Source = new FileAsset(\"function-source.zip\"),\n });\n\n var secret = new Gcp.SecretManager.Secret(\"secret\", new()\n {\n SecretId = \"secret\",\n Replication = new Gcp.SecretManager.Inputs.SecretReplicationArgs\n {\n UserManaged = new Gcp.SecretManager.Inputs.SecretReplicationUserManagedArgs\n {\n Replicas = new[]\n {\n new Gcp.SecretManager.Inputs.SecretReplicationUserManagedReplicaArgs\n {\n Location = \"us-central1\",\n },\n },\n },\n },\n });\n\n var secretSecretVersion = new Gcp.SecretManager.SecretVersion(\"secret\", new()\n {\n Secret = secret.Name,\n SecretData = \"secret\",\n Enabled = true,\n });\n\n var function = new Gcp.CloudFunctionsV2.Function(\"function\", new()\n {\n Name = \"function-secret\",\n Location = \"us-central1\",\n Description = \"a new function\",\n BuildConfig = new Gcp.CloudFunctionsV2.Inputs.FunctionBuildConfigArgs\n {\n Runtime = \"nodejs16\",\n EntryPoint = \"helloHttp\",\n Source = new Gcp.CloudFunctionsV2.Inputs.FunctionBuildConfigSourceArgs\n {\n StorageSource = new Gcp.CloudFunctionsV2.Inputs.FunctionBuildConfigSourceStorageSourceArgs\n {\n Bucket = bucket.Name,\n Object = @object.Name,\n },\n },\n },\n ServiceConfig = new Gcp.CloudFunctionsV2.Inputs.FunctionServiceConfigArgs\n {\n MaxInstanceCount = 1,\n AvailableMemory = \"256M\",\n TimeoutSeconds = 60,\n SecretEnvironmentVariables = new[]\n {\n new Gcp.CloudFunctionsV2.Inputs.FunctionServiceConfigSecretEnvironmentVariableArgs\n {\n Key = \"TEST\",\n ProjectId = project,\n Secret = secret.SecretId,\n Version = \"latest\",\n },\n },\n },\n }, new CustomResourceOptions\n {\n DependsOn =\n {\n secretSecretVersion,\n },\n });\n\n});\n```\n```go\npackage main\n\nimport (\n\t\"fmt\"\n\n\t\"github.com/pulumi/pulumi-gcp/sdk/v7/go/gcp/cloudfunctionsv2\"\n\t\"github.com/pulumi/pulumi-gcp/sdk/v7/go/gcp/secretmanager\"\n\t\"github.com/pulumi/pulumi-gcp/sdk/v7/go/gcp/storage\"\n\t\"github.com/pulumi/pulumi/sdk/v3/go/pulumi\"\n)\n\nfunc main() {\n\tpulumi.Run(func(ctx *pulumi.Context) error {\n\t\tproject := \"my-project-name\"\n\t\tbucket, err := storage.NewBucket(ctx, \"bucket\", \u0026storage.BucketArgs{\n\t\t\tName: pulumi.String(fmt.Sprintf(\"%v-gcf-source\", project)),\n\t\t\tLocation: pulumi.String(\"US\"),\n\t\t\tUniformBucketLevelAccess: pulumi.Bool(true),\n\t\t})\n\t\tif err != nil {\n\t\t\treturn err\n\t\t}\n\t\tobject, err := storage.NewBucketObject(ctx, \"object\", \u0026storage.BucketObjectArgs{\n\t\t\tName: pulumi.String(\"function-source.zip\"),\n\t\t\tBucket: bucket.Name,\n\t\t\tSource: pulumi.NewFileAsset(\"function-source.zip\"),\n\t\t})\n\t\tif err != nil {\n\t\t\treturn err\n\t\t}\n\t\tsecret, err := secretmanager.NewSecret(ctx, \"secret\", \u0026secretmanager.SecretArgs{\n\t\t\tSecretId: pulumi.String(\"secret\"),\n\t\t\tReplication: \u0026secretmanager.SecretReplicationArgs{\n\t\t\t\tUserManaged: \u0026secretmanager.SecretReplicationUserManagedArgs{\n\t\t\t\t\tReplicas: secretmanager.SecretReplicationUserManagedReplicaArray{\n\t\t\t\t\t\t\u0026secretmanager.SecretReplicationUserManagedReplicaArgs{\n\t\t\t\t\t\t\tLocation: pulumi.String(\"us-central1\"),\n\t\t\t\t\t\t},\n\t\t\t\t\t},\n\t\t\t\t},\n\t\t\t},\n\t\t})\n\t\tif err != nil {\n\t\t\treturn err\n\t\t}\n\t\tsecretSecretVersion, err := secretmanager.NewSecretVersion(ctx, \"secret\", \u0026secretmanager.SecretVersionArgs{\n\t\t\tSecret: secret.Name,\n\t\t\tSecretData: pulumi.String(\"secret\"),\n\t\t\tEnabled: pulumi.Bool(true),\n\t\t})\n\t\tif err != nil {\n\t\t\treturn err\n\t\t}\n\t\t_, err = cloudfunctionsv2.NewFunction(ctx, \"function\", \u0026cloudfunctionsv2.FunctionArgs{\n\t\t\tName: pulumi.String(\"function-secret\"),\n\t\t\tLocation: pulumi.String(\"us-central1\"),\n\t\t\tDescription: pulumi.String(\"a new function\"),\n\t\t\tBuildConfig: \u0026cloudfunctionsv2.FunctionBuildConfigArgs{\n\t\t\t\tRuntime: pulumi.String(\"nodejs16\"),\n\t\t\t\tEntryPoint: pulumi.String(\"helloHttp\"),\n\t\t\t\tSource: \u0026cloudfunctionsv2.FunctionBuildConfigSourceArgs{\n\t\t\t\t\tStorageSource: \u0026cloudfunctionsv2.FunctionBuildConfigSourceStorageSourceArgs{\n\t\t\t\t\t\tBucket: bucket.Name,\n\t\t\t\t\t\tObject: object.Name,\n\t\t\t\t\t},\n\t\t\t\t},\n\t\t\t},\n\t\t\tServiceConfig: \u0026cloudfunctionsv2.FunctionServiceConfigArgs{\n\t\t\t\tMaxInstanceCount: pulumi.Int(1),\n\t\t\t\tAvailableMemory: pulumi.String(\"256M\"),\n\t\t\t\tTimeoutSeconds: pulumi.Int(60),\n\t\t\t\tSecretEnvironmentVariables: cloudfunctionsv2.FunctionServiceConfigSecretEnvironmentVariableArray{\n\t\t\t\t\t\u0026cloudfunctionsv2.FunctionServiceConfigSecretEnvironmentVariableArgs{\n\t\t\t\t\t\tKey: pulumi.String(\"TEST\"),\n\t\t\t\t\t\tProjectId: pulumi.String(project),\n\t\t\t\t\t\tSecret: secret.SecretId,\n\t\t\t\t\t\tVersion: pulumi.String(\"latest\"),\n\t\t\t\t\t},\n\t\t\t\t},\n\t\t\t},\n\t\t}, pulumi.DependsOn([]pulumi.Resource{\n\t\t\tsecretSecretVersion,\n\t\t}))\n\t\tif err != nil {\n\t\t\treturn err\n\t\t}\n\t\treturn nil\n\t})\n}\n```\n```java\npackage generated_program;\n\nimport com.pulumi.Context;\nimport com.pulumi.Pulumi;\nimport com.pulumi.core.Output;\nimport com.pulumi.gcp.storage.Bucket;\nimport com.pulumi.gcp.storage.BucketArgs;\nimport com.pulumi.gcp.storage.BucketObject;\nimport com.pulumi.gcp.storage.BucketObjectArgs;\nimport com.pulumi.gcp.secretmanager.Secret;\nimport com.pulumi.gcp.secretmanager.SecretArgs;\nimport com.pulumi.gcp.secretmanager.inputs.SecretReplicationArgs;\nimport com.pulumi.gcp.secretmanager.inputs.SecretReplicationUserManagedArgs;\nimport com.pulumi.gcp.secretmanager.SecretVersion;\nimport com.pulumi.gcp.secretmanager.SecretVersionArgs;\nimport com.pulumi.gcp.cloudfunctionsv2.Function;\nimport com.pulumi.gcp.cloudfunctionsv2.FunctionArgs;\nimport com.pulumi.gcp.cloudfunctionsv2.inputs.FunctionBuildConfigArgs;\nimport com.pulumi.gcp.cloudfunctionsv2.inputs.FunctionBuildConfigSourceArgs;\nimport com.pulumi.gcp.cloudfunctionsv2.inputs.FunctionBuildConfigSourceStorageSourceArgs;\nimport com.pulumi.gcp.cloudfunctionsv2.inputs.FunctionServiceConfigArgs;\nimport com.pulumi.resources.CustomResourceOptions;\nimport com.pulumi.asset.FileAsset;\nimport java.util.List;\nimport java.util.ArrayList;\nimport java.util.Map;\nimport java.io.File;\nimport java.nio.file.Files;\nimport java.nio.file.Paths;\n\npublic class App {\n public static void main(String[] args) {\n Pulumi.run(App::stack);\n }\n\n public static void stack(Context ctx) {\n final var project = \"my-project-name\";\n\n var bucket = new Bucket(\"bucket\", BucketArgs.builder()\n .name(String.format(\"%s-gcf-source\", project))\n .location(\"US\")\n .uniformBucketLevelAccess(true)\n .build());\n\n var object = new BucketObject(\"object\", BucketObjectArgs.builder()\n .name(\"function-source.zip\")\n .bucket(bucket.name())\n .source(new FileAsset(\"function-source.zip\"))\n .build());\n\n var secret = new Secret(\"secret\", SecretArgs.builder()\n .secretId(\"secret\")\n .replication(SecretReplicationArgs.builder()\n .userManaged(SecretReplicationUserManagedArgs.builder()\n .replicas(SecretReplicationUserManagedReplicaArgs.builder()\n .location(\"us-central1\")\n .build())\n .build())\n .build())\n .build());\n\n var secretSecretVersion = new SecretVersion(\"secretSecretVersion\", SecretVersionArgs.builder()\n .secret(secret.name())\n .secretData(\"secret\")\n .enabled(true)\n .build());\n\n var function = new Function(\"function\", FunctionArgs.builder()\n .name(\"function-secret\")\n .location(\"us-central1\")\n .description(\"a new function\")\n .buildConfig(FunctionBuildConfigArgs.builder()\n .runtime(\"nodejs16\")\n .entryPoint(\"helloHttp\")\n .source(FunctionBuildConfigSourceArgs.builder()\n .storageSource(FunctionBuildConfigSourceStorageSourceArgs.builder()\n .bucket(bucket.name())\n .object(object.name())\n .build())\n .build())\n .build())\n .serviceConfig(FunctionServiceConfigArgs.builder()\n .maxInstanceCount(1)\n .availableMemory(\"256M\")\n .timeoutSeconds(60)\n .secretEnvironmentVariables(FunctionServiceConfigSecretEnvironmentVariableArgs.builder()\n .key(\"TEST\")\n .projectId(project)\n .secret(secret.secretId())\n .version(\"latest\")\n .build())\n .build())\n .build(), CustomResourceOptions.builder()\n .dependsOn(secretSecretVersion)\n .build());\n\n }\n}\n```\n```yaml\nresources:\n bucket:\n type: gcp:storage:Bucket\n properties:\n name: ${project}-gcf-source\n location: US\n uniformBucketLevelAccess: true\n object:\n type: gcp:storage:BucketObject\n properties:\n name: function-source.zip\n bucket: ${bucket.name}\n source:\n fn::FileAsset: function-source.zip\n function:\n type: gcp:cloudfunctionsv2:Function\n properties:\n name: function-secret\n location: us-central1\n description: a new function\n buildConfig:\n runtime: nodejs16\n entryPoint: helloHttp\n source:\n storageSource:\n bucket: ${bucket.name}\n object: ${object.name}\n serviceConfig:\n maxInstanceCount: 1\n availableMemory: 256M\n timeoutSeconds: 60\n secretEnvironmentVariables:\n - key: TEST\n projectId: ${project}\n secret: ${secret.secretId}\n version: latest\n options:\n dependson:\n - ${secretSecretVersion}\n secret:\n type: gcp:secretmanager:Secret\n properties:\n secretId: secret\n replication:\n userManaged:\n replicas:\n - location: us-central1\n secretSecretVersion:\n type: gcp:secretmanager:SecretVersion\n name: secret\n properties:\n secret: ${secret.name}\n secretData: secret\n enabled: true\nvariables:\n project: my-project-name\n```\n\u003c!--End PulumiCodeChooser --\u003e\n### Cloudfunctions2 Secret Volume\n\n\n\u003c!--Start PulumiCodeChooser --\u003e\n```typescript\nimport * as pulumi from \"@pulumi/pulumi\";\nimport * as gcp from \"@pulumi/gcp\";\n\nconst project = \"my-project-name\";\nconst bucket = new gcp.storage.Bucket(\"bucket\", {\n name: `${project}-gcf-source`,\n location: \"US\",\n uniformBucketLevelAccess: true,\n});\nconst object = new gcp.storage.BucketObject(\"object\", {\n name: \"function-source.zip\",\n bucket: bucket.name,\n source: new pulumi.asset.FileAsset(\"function-source.zip\"),\n});\nconst secret = new gcp.secretmanager.Secret(\"secret\", {\n secretId: \"secret\",\n replication: {\n userManaged: {\n replicas: [{\n location: \"us-central1\",\n }],\n },\n },\n});\nconst secretSecretVersion = new gcp.secretmanager.SecretVersion(\"secret\", {\n secret: secret.name,\n secretData: \"secret\",\n enabled: true,\n});\nconst _function = new gcp.cloudfunctionsv2.Function(\"function\", {\n name: \"function-secret\",\n location: \"us-central1\",\n description: \"a new function\",\n buildConfig: {\n runtime: \"nodejs16\",\n entryPoint: \"helloHttp\",\n source: {\n storageSource: {\n bucket: bucket.name,\n object: object.name,\n },\n },\n },\n serviceConfig: {\n maxInstanceCount: 1,\n availableMemory: \"256M\",\n timeoutSeconds: 60,\n secretVolumes: [{\n mountPath: \"/etc/secrets\",\n projectId: project,\n secret: secret.secretId,\n }],\n },\n}, {\n dependsOn: [secretSecretVersion],\n});\n```\n```python\nimport pulumi\nimport pulumi_gcp as gcp\n\nproject = \"my-project-name\"\nbucket = gcp.storage.Bucket(\"bucket\",\n name=f\"{project}-gcf-source\",\n location=\"US\",\n uniform_bucket_level_access=True)\nobject = gcp.storage.BucketObject(\"object\",\n name=\"function-source.zip\",\n bucket=bucket.name,\n source=pulumi.FileAsset(\"function-source.zip\"))\nsecret = gcp.secretmanager.Secret(\"secret\",\n secret_id=\"secret\",\n replication=gcp.secretmanager.SecretReplicationArgs(\n user_managed=gcp.secretmanager.SecretReplicationUserManagedArgs(\n replicas=[gcp.secretmanager.SecretReplicationUserManagedReplicaArgs(\n location=\"us-central1\",\n )],\n ),\n ))\nsecret_secret_version = gcp.secretmanager.SecretVersion(\"secret\",\n secret=secret.name,\n secret_data=\"secret\",\n enabled=True)\nfunction = gcp.cloudfunctionsv2.Function(\"function\",\n name=\"function-secret\",\n location=\"us-central1\",\n description=\"a new function\",\n build_config=gcp.cloudfunctionsv2.FunctionBuildConfigArgs(\n runtime=\"nodejs16\",\n entry_point=\"helloHttp\",\n source=gcp.cloudfunctionsv2.FunctionBuildConfigSourceArgs(\n storage_source=gcp.cloudfunctionsv2.FunctionBuildConfigSourceStorageSourceArgs(\n bucket=bucket.name,\n object=object.name,\n ),\n ),\n ),\n service_config=gcp.cloudfunctionsv2.FunctionServiceConfigArgs(\n max_instance_count=1,\n available_memory=\"256M\",\n timeout_seconds=60,\n secret_volumes=[gcp.cloudfunctionsv2.FunctionServiceConfigSecretVolumeArgs(\n mount_path=\"/etc/secrets\",\n project_id=project,\n secret=secret.secret_id,\n )],\n ),\n opts=pulumi.ResourceOptions(depends_on=[secret_secret_version]))\n```\n```csharp\nusing System.Collections.Generic;\nusing System.Linq;\nusing Pulumi;\nusing Gcp = Pulumi.Gcp;\n\nreturn await Deployment.RunAsync(() =\u003e \n{\n var project = \"my-project-name\";\n\n var bucket = new Gcp.Storage.Bucket(\"bucket\", new()\n {\n Name = $\"{project}-gcf-source\",\n Location = \"US\",\n UniformBucketLevelAccess = true,\n });\n\n var @object = new Gcp.Storage.BucketObject(\"object\", new()\n {\n Name = \"function-source.zip\",\n Bucket = bucket.Name,\n Source = new FileAsset(\"function-source.zip\"),\n });\n\n var secret = new Gcp.SecretManager.Secret(\"secret\", new()\n {\n SecretId = \"secret\",\n Replication = new Gcp.SecretManager.Inputs.SecretReplicationArgs\n {\n UserManaged = new Gcp.SecretManager.Inputs.SecretReplicationUserManagedArgs\n {\n Replicas = new[]\n {\n new Gcp.SecretManager.Inputs.SecretReplicationUserManagedReplicaArgs\n {\n Location = \"us-central1\",\n },\n },\n },\n },\n });\n\n var secretSecretVersion = new Gcp.SecretManager.SecretVersion(\"secret\", new()\n {\n Secret = secret.Name,\n SecretData = \"secret\",\n Enabled = true,\n });\n\n var function = new Gcp.CloudFunctionsV2.Function(\"function\", new()\n {\n Name = \"function-secret\",\n Location = \"us-central1\",\n Description = \"a new function\",\n BuildConfig = new Gcp.CloudFunctionsV2.Inputs.FunctionBuildConfigArgs\n {\n Runtime = \"nodejs16\",\n EntryPoint = \"helloHttp\",\n Source = new Gcp.CloudFunctionsV2.Inputs.FunctionBuildConfigSourceArgs\n {\n StorageSource = new Gcp.CloudFunctionsV2.Inputs.FunctionBuildConfigSourceStorageSourceArgs\n {\n Bucket = bucket.Name,\n Object = @object.Name,\n },\n },\n },\n ServiceConfig = new Gcp.CloudFunctionsV2.Inputs.FunctionServiceConfigArgs\n {\n MaxInstanceCount = 1,\n AvailableMemory = \"256M\",\n TimeoutSeconds = 60,\n SecretVolumes = new[]\n {\n new Gcp.CloudFunctionsV2.Inputs.FunctionServiceConfigSecretVolumeArgs\n {\n MountPath = \"/etc/secrets\",\n ProjectId = project,\n Secret = secret.SecretId,\n },\n },\n },\n }, new CustomResourceOptions\n {\n DependsOn =\n {\n secretSecretVersion,\n },\n });\n\n});\n```\n```go\npackage main\n\nimport (\n\t\"fmt\"\n\n\t\"github.com/pulumi/pulumi-gcp/sdk/v7/go/gcp/cloudfunctionsv2\"\n\t\"github.com/pulumi/pulumi-gcp/sdk/v7/go/gcp/secretmanager\"\n\t\"github.com/pulumi/pulumi-gcp/sdk/v7/go/gcp/storage\"\n\t\"github.com/pulumi/pulumi/sdk/v3/go/pulumi\"\n)\n\nfunc main() {\n\tpulumi.Run(func(ctx *pulumi.Context) error {\n\t\tproject := \"my-project-name\"\n\t\tbucket, err := storage.NewBucket(ctx, \"bucket\", \u0026storage.BucketArgs{\n\t\t\tName: pulumi.String(fmt.Sprintf(\"%v-gcf-source\", project)),\n\t\t\tLocation: pulumi.String(\"US\"),\n\t\t\tUniformBucketLevelAccess: pulumi.Bool(true),\n\t\t})\n\t\tif err != nil {\n\t\t\treturn err\n\t\t}\n\t\tobject, err := storage.NewBucketObject(ctx, \"object\", \u0026storage.BucketObjectArgs{\n\t\t\tName: pulumi.String(\"function-source.zip\"),\n\t\t\tBucket: bucket.Name,\n\t\t\tSource: pulumi.NewFileAsset(\"function-source.zip\"),\n\t\t})\n\t\tif err != nil {\n\t\t\treturn err\n\t\t}\n\t\tsecret, err := secretmanager.NewSecret(ctx, \"secret\", \u0026secretmanager.SecretArgs{\n\t\t\tSecretId: pulumi.String(\"secret\"),\n\t\t\tReplication: \u0026secretmanager.SecretReplicationArgs{\n\t\t\t\tUserManaged: \u0026secretmanager.SecretReplicationUserManagedArgs{\n\t\t\t\t\tReplicas: secretmanager.SecretReplicationUserManagedReplicaArray{\n\t\t\t\t\t\t\u0026secretmanager.SecretReplicationUserManagedReplicaArgs{\n\t\t\t\t\t\t\tLocation: pulumi.String(\"us-central1\"),\n\t\t\t\t\t\t},\n\t\t\t\t\t},\n\t\t\t\t},\n\t\t\t},\n\t\t})\n\t\tif err != nil {\n\t\t\treturn err\n\t\t}\n\t\tsecretSecretVersion, err := secretmanager.NewSecretVersion(ctx, \"secret\", \u0026secretmanager.SecretVersionArgs{\n\t\t\tSecret: secret.Name,\n\t\t\tSecretData: pulumi.String(\"secret\"),\n\t\t\tEnabled: pulumi.Bool(true),\n\t\t})\n\t\tif err != nil {\n\t\t\treturn err\n\t\t}\n\t\t_, err = cloudfunctionsv2.NewFunction(ctx, \"function\", \u0026cloudfunctionsv2.FunctionArgs{\n\t\t\tName: pulumi.String(\"function-secret\"),\n\t\t\tLocation: pulumi.String(\"us-central1\"),\n\t\t\tDescription: pulumi.String(\"a new function\"),\n\t\t\tBuildConfig: \u0026cloudfunctionsv2.FunctionBuildConfigArgs{\n\t\t\t\tRuntime: pulumi.String(\"nodejs16\"),\n\t\t\t\tEntryPoint: pulumi.String(\"helloHttp\"),\n\t\t\t\tSource: \u0026cloudfunctionsv2.FunctionBuildConfigSourceArgs{\n\t\t\t\t\tStorageSource: \u0026cloudfunctionsv2.FunctionBuildConfigSourceStorageSourceArgs{\n\t\t\t\t\t\tBucket: bucket.Name,\n\t\t\t\t\t\tObject: object.Name,\n\t\t\t\t\t},\n\t\t\t\t},\n\t\t\t},\n\t\t\tServiceConfig: \u0026cloudfunctionsv2.FunctionServiceConfigArgs{\n\t\t\t\tMaxInstanceCount: pulumi.Int(1),\n\t\t\t\tAvailableMemory: pulumi.String(\"256M\"),\n\t\t\t\tTimeoutSeconds: pulumi.Int(60),\n\t\t\t\tSecretVolumes: cloudfunctionsv2.FunctionServiceConfigSecretVolumeArray{\n\t\t\t\t\t\u0026cloudfunctionsv2.FunctionServiceConfigSecretVolumeArgs{\n\t\t\t\t\t\tMountPath: pulumi.String(\"/etc/secrets\"),\n\t\t\t\t\t\tProjectId: pulumi.String(project),\n\t\t\t\t\t\tSecret: secret.SecretId,\n\t\t\t\t\t},\n\t\t\t\t},\n\t\t\t},\n\t\t}, pulumi.DependsOn([]pulumi.Resource{\n\t\t\tsecretSecretVersion,\n\t\t}))\n\t\tif err != nil {\n\t\t\treturn err\n\t\t}\n\t\treturn nil\n\t})\n}\n```\n```java\npackage generated_program;\n\nimport com.pulumi.Context;\nimport com.pulumi.Pulumi;\nimport com.pulumi.core.Output;\nimport com.pulumi.gcp.storage.Bucket;\nimport com.pulumi.gcp.storage.BucketArgs;\nimport com.pulumi.gcp.storage.BucketObject;\nimport com.pulumi.gcp.storage.BucketObjectArgs;\nimport com.pulumi.gcp.secretmanager.Secret;\nimport com.pulumi.gcp.secretmanager.SecretArgs;\nimport com.pulumi.gcp.secretmanager.inputs.SecretReplicationArgs;\nimport com.pulumi.gcp.secretmanager.inputs.SecretReplicationUserManagedArgs;\nimport com.pulumi.gcp.secretmanager.SecretVersion;\nimport com.pulumi.gcp.secretmanager.SecretVersionArgs;\nimport com.pulumi.gcp.cloudfunctionsv2.Function;\nimport com.pulumi.gcp.cloudfunctionsv2.FunctionArgs;\nimport com.pulumi.gcp.cloudfunctionsv2.inputs.FunctionBuildConfigArgs;\nimport com.pulumi.gcp.cloudfunctionsv2.inputs.FunctionBuildConfigSourceArgs;\nimport com.pulumi.gcp.cloudfunctionsv2.inputs.FunctionBuildConfigSourceStorageSourceArgs;\nimport com.pulumi.gcp.cloudfunctionsv2.inputs.FunctionServiceConfigArgs;\nimport com.pulumi.resources.CustomResourceOptions;\nimport com.pulumi.asset.FileAsset;\nimport java.util.List;\nimport java.util.ArrayList;\nimport java.util.Map;\nimport java.io.File;\nimport java.nio.file.Files;\nimport java.nio.file.Paths;\n\npublic class App {\n public static void main(String[] args) {\n Pulumi.run(App::stack);\n }\n\n public static void stack(Context ctx) {\n final var project = \"my-project-name\";\n\n var bucket = new Bucket(\"bucket\", BucketArgs.builder()\n .name(String.format(\"%s-gcf-source\", project))\n .location(\"US\")\n .uniformBucketLevelAccess(true)\n .build());\n\n var object = new BucketObject(\"object\", BucketObjectArgs.builder()\n .name(\"function-source.zip\")\n .bucket(bucket.name())\n .source(new FileAsset(\"function-source.zip\"))\n .build());\n\n var secret = new Secret(\"secret\", SecretArgs.builder()\n .secretId(\"secret\")\n .replication(SecretReplicationArgs.builder()\n .userManaged(SecretReplicationUserManagedArgs.builder()\n .replicas(SecretReplicationUserManagedReplicaArgs.builder()\n .location(\"us-central1\")\n .build())\n .build())\n .build())\n .build());\n\n var secretSecretVersion = new SecretVersion(\"secretSecretVersion\", SecretVersionArgs.builder()\n .secret(secret.name())\n .secretData(\"secret\")\n .enabled(true)\n .build());\n\n var function = new Function(\"function\", FunctionArgs.builder()\n .name(\"function-secret\")\n .location(\"us-central1\")\n .description(\"a new function\")\n .buildConfig(FunctionBuildConfigArgs.builder()\n .runtime(\"nodejs16\")\n .entryPoint(\"helloHttp\")\n .source(FunctionBuildConfigSourceArgs.builder()\n .storageSource(FunctionBuildConfigSourceStorageSourceArgs.builder()\n .bucket(bucket.name())\n .object(object.name())\n .build())\n .build())\n .build())\n .serviceConfig(FunctionServiceConfigArgs.builder()\n .maxInstanceCount(1)\n .availableMemory(\"256M\")\n .timeoutSeconds(60)\n .secretVolumes(FunctionServiceConfigSecretVolumeArgs.builder()\n .mountPath(\"/etc/secrets\")\n .projectId(project)\n .secret(secret.secretId())\n .build())\n .build())\n .build(), CustomResourceOptions.builder()\n .dependsOn(secretSecretVersion)\n .build());\n\n }\n}\n```\n```yaml\nresources:\n bucket:\n type: gcp:storage:Bucket\n properties:\n name: ${project}-gcf-source\n location: US\n uniformBucketLevelAccess: true\n object:\n type: gcp:storage:BucketObject\n properties:\n name: function-source.zip\n bucket: ${bucket.name}\n source:\n fn::FileAsset: function-source.zip\n function:\n type: gcp:cloudfunctionsv2:Function\n properties:\n name: function-secret\n location: us-central1\n description: a new function\n buildConfig:\n runtime: nodejs16\n entryPoint: helloHttp\n source:\n storageSource:\n bucket: ${bucket.name}\n object: ${object.name}\n serviceConfig:\n maxInstanceCount: 1\n availableMemory: 256M\n timeoutSeconds: 60\n secretVolumes:\n - mountPath: /etc/secrets\n projectId: ${project}\n secret: ${secret.secretId}\n options:\n dependson:\n - ${secretSecretVersion}\n secret:\n type: gcp:secretmanager:Secret\n properties:\n secretId: secret\n replication:\n userManaged:\n replicas:\n - location: us-central1\n secretSecretVersion:\n type: gcp:secretmanager:SecretVersion\n name: secret\n properties:\n secret: ${secret.name}\n secretData: secret\n enabled: true\nvariables:\n project: my-project-name\n```\n\u003c!--End PulumiCodeChooser --\u003e\n### Cloudfunctions2 Private Workerpool\n\n\n\u003c!--Start PulumiCodeChooser --\u003e\n```typescript\nimport * as pulumi from \"@pulumi/pulumi\";\nimport * as gcp from \"@pulumi/gcp\";\n\nconst project = \"my-project-name\";\nconst bucket = new gcp.storage.Bucket(\"bucket\", {\n name: `${project}-gcf-source`,\n location: \"US\",\n uniformBucketLevelAccess: true,\n});\nconst object = new gcp.storage.BucketObject(\"object\", {\n name: \"function-source.zip\",\n bucket: bucket.name,\n source: new pulumi.asset.FileAsset(\"function-source.zip\"),\n});\nconst pool = new gcp.cloudbuild.WorkerPool(\"pool\", {\n name: \"workerpool\",\n location: \"us-central1\",\n workerConfig: {\n diskSizeGb: 100,\n machineType: \"e2-standard-8\",\n noExternalIp: false,\n },\n});\nconst _function = new gcp.cloudfunctionsv2.Function(\"function\", {\n name: \"function-workerpool\",\n location: \"us-central1\",\n description: \"a new function\",\n buildConfig: {\n runtime: \"nodejs16\",\n entryPoint: \"helloHttp\",\n source: {\n storageSource: {\n bucket: bucket.name,\n object: object.name,\n },\n },\n workerPool: pool.id,\n },\n serviceConfig: {\n maxInstanceCount: 1,\n availableMemory: \"256M\",\n timeoutSeconds: 60,\n },\n});\n```\n```python\nimport pulumi\nimport pulumi_gcp as gcp\n\nproject = \"my-project-name\"\nbucket = gcp.storage.Bucket(\"bucket\",\n name=f\"{project}-gcf-source\",\n location=\"US\",\n uniform_bucket_level_access=True)\nobject = gcp.storage.BucketObject(\"object\",\n name=\"function-source.zip\",\n bucket=bucket.name,\n source=pulumi.FileAsset(\"function-source.zip\"))\npool = gcp.cloudbuild.WorkerPool(\"pool\",\n name=\"workerpool\",\n location=\"us-central1\",\n worker_config=gcp.cloudbuild.WorkerPoolWorkerConfigArgs(\n disk_size_gb=100,\n machine_type=\"e2-standard-8\",\n no_external_ip=False,\n ))\nfunction = gcp.cloudfunctionsv2.Function(\"function\",\n name=\"function-workerpool\",\n location=\"us-central1\",\n description=\"a new function\",\n build_config=gcp.cloudfunctionsv2.FunctionBuildConfigArgs(\n runtime=\"nodejs16\",\n entry_point=\"helloHttp\",\n source=gcp.cloudfunctionsv2.FunctionBuildConfigSourceArgs(\n storage_source=gcp.cloudfunctionsv2.FunctionBuildConfigSourceStorageSourceArgs(\n bucket=bucket.name,\n object=object.name,\n ),\n ),\n worker_pool=pool.id,\n ),\n service_config=gcp.cloudfunctionsv2.FunctionServiceConfigArgs(\n max_instance_count=1,\n available_memory=\"256M\",\n timeout_seconds=60,\n ))\n```\n```csharp\nusing System.Collections.Generic;\nusing System.Linq;\nusing Pulumi;\nusing Gcp = Pulumi.Gcp;\n\nreturn await Deployment.RunAsync(() =\u003e \n{\n var project = \"my-project-name\";\n\n var bucket = new Gcp.Storage.Bucket(\"bucket\", new()\n {\n Name = $\"{project}-gcf-source\",\n Location = \"US\",\n UniformBucketLevelAccess = true,\n });\n\n var @object = new Gcp.Storage.BucketObject(\"object\", new()\n {\n Name = \"function-source.zip\",\n Bucket = bucket.Name,\n Source = new FileAsset(\"function-source.zip\"),\n });\n\n var pool = new Gcp.CloudBuild.WorkerPool(\"pool\", new()\n {\n Name = \"workerpool\",\n Location = \"us-central1\",\n WorkerConfig = new Gcp.CloudBuild.Inputs.WorkerPoolWorkerConfigArgs\n {\n DiskSizeGb = 100,\n MachineType = \"e2-standard-8\",\n NoExternalIp = false,\n },\n });\n\n var function = new Gcp.CloudFunctionsV2.Function(\"function\", new()\n {\n Name = \"function-workerpool\",\n Location = \"us-central1\",\n Description = \"a new function\",\n BuildConfig = new Gcp.CloudFunctionsV2.Inputs.FunctionBuildConfigArgs\n {\n Runtime = \"nodejs16\",\n EntryPoint = \"helloHttp\",\n Source = new Gcp.CloudFunctionsV2.Inputs.FunctionBuildConfigSourceArgs\n {\n StorageSource = new Gcp.CloudFunctionsV2.Inputs.FunctionBuildConfigSourceStorageSourceArgs\n {\n Bucket = bucket.Name,\n Object = @object.Name,\n },\n },\n WorkerPool = pool.Id,\n },\n ServiceConfig = new Gcp.CloudFunctionsV2.Inputs.FunctionServiceConfigArgs\n {\n MaxInstanceCount = 1,\n AvailableMemory = \"256M\",\n TimeoutSeconds = 60,\n },\n });\n\n});\n```\n```go\npackage main\n\nimport (\n\t\"fmt\"\n\n\t\"github.com/pulumi/pulumi-gcp/sdk/v7/go/gcp/cloudbuild\"\n\t\"github.com/pulumi/pulumi-gcp/sdk/v7/go/gcp/cloudfunctionsv2\"\n\t\"github.com/pulumi/pulumi-gcp/sdk/v7/go/gcp/storage\"\n\t\"github.com/pulumi/pulumi/sdk/v3/go/pulumi\"\n)\n\nfunc main() {\n\tpulumi.Run(func(ctx *pulumi.Context) error {\n\t\tproject := \"my-project-name\"\n\t\tbucket, err := storage.NewBucket(ctx, \"bucket\", \u0026storage.BucketArgs{\n\t\t\tName: pulumi.String(fmt.Sprintf(\"%v-gcf-source\", project)),\n\t\t\tLocation: pulumi.String(\"US\"),\n\t\t\tUniformBucketLevelAccess: pulumi.Bool(true),\n\t\t})\n\t\tif err != nil {\n\t\t\treturn err\n\t\t}\n\t\tobject, err := storage.NewBucketObject(ctx, \"object\", \u0026storage.BucketObjectArgs{\n\t\t\tName: pulumi.String(\"function-source.zip\"),\n\t\t\tBucket: bucket.Name,\n\t\t\tSource: pulumi.NewFileAsset(\"function-source.zip\"),\n\t\t})\n\t\tif err != nil {\n\t\t\treturn err\n\t\t}\n\t\tpool, err := cloudbuild.NewWorkerPool(ctx, \"pool\", \u0026cloudbuild.WorkerPoolArgs{\n\t\t\tName: pulumi.String(\"workerpool\"),\n\t\t\tLocation: pulumi.String(\"us-central1\"),\n\t\t\tWorkerConfig: \u0026cloudbuild.WorkerPoolWorkerConfigArgs{\n\t\t\t\tDiskSizeGb: pulumi.Int(100),\n\t\t\t\tMachineType: pulumi.String(\"e2-standard-8\"),\n\t\t\t\tNoExternalIp: pulumi.Bool(false),\n\t\t\t},\n\t\t})\n\t\tif err != nil {\n\t\t\treturn err\n\t\t}\n\t\t_, err = cloudfunctionsv2.NewFunction(ctx, \"function\", \u0026cloudfunctionsv2.FunctionArgs{\n\t\t\tName: pulumi.String(\"function-workerpool\"),\n\t\t\tLocation: pulumi.String(\"us-central1\"),\n\t\t\tDescription: pulumi.String(\"a new function\"),\n\t\t\tBuildConfig: \u0026cloudfunctionsv2.FunctionBuildConfigArgs{\n\t\t\t\tRuntime: pulumi.String(\"nodejs16\"),\n\t\t\t\tEntryPoint: pulumi.String(\"helloHttp\"),\n\t\t\t\tSource: \u0026cloudfunctionsv2.FunctionBuildConfigSourceArgs{\n\t\t\t\t\tStorageSource: \u0026cloudfunctionsv2.FunctionBuildConfigSourceStorageSourceArgs{\n\t\t\t\t\t\tBucket: bucket.Name,\n\t\t\t\t\t\tObject: object.Name,\n\t\t\t\t\t},\n\t\t\t\t},\n\t\t\t\tWorkerPool: pool.ID(),\n\t\t\t},\n\t\t\tServiceConfig: \u0026cloudfunctionsv2.FunctionServiceConfigArgs{\n\t\t\t\tMaxInstanceCount: pulumi.Int(1),\n\t\t\t\tAvailableMemory: pulumi.String(\"256M\"),\n\t\t\t\tTimeoutSeconds: pulumi.Int(60),\n\t\t\t},\n\t\t})\n\t\tif err != nil {\n\t\t\treturn err\n\t\t}\n\t\treturn nil\n\t})\n}\n```\n```java\npackage generated_program;\n\nimport com.pulumi.Context;\nimport com.pulumi.Pulumi;\nimport com.pulumi.core.Output;\nimport com.pulumi.gcp.storage.Bucket;\nimport com.pulumi.gcp.storage.BucketArgs;\nimport com.pulumi.gcp.storage.BucketObject;\nimport com.pulumi.gcp.storage.BucketObjectArgs;\nimport com.pulumi.gcp.cloudbuild.WorkerPool;\nimport com.pulumi.gcp.cloudbuild.WorkerPoolArgs;\nimport com.pulumi.gcp.cloudbuild.inputs.WorkerPoolWorkerConfigArgs;\nimport com.pulumi.gcp.cloudfunctionsv2.Function;\nimport com.pulumi.gcp.cloudfunctionsv2.FunctionArgs;\nimport com.pulumi.gcp.cloudfunctionsv2.inputs.FunctionBuildConfigArgs;\nimport com.pulumi.gcp.cloudfunctionsv2.inputs.FunctionBuildConfigSourceArgs;\nimport com.pulumi.gcp.cloudfunctionsv2.inputs.FunctionBuildConfigSourceStorageSourceArgs;\nimport com.pulumi.gcp.cloudfunctionsv2.inputs.FunctionServiceConfigArgs;\nimport com.pulumi.asset.FileAsset;\nimport java.util.List;\nimport java.util.ArrayList;\nimport java.util.Map;\nimport java.io.File;\nimport java.nio.file.Files;\nimport java.nio.file.Paths;\n\npublic class App {\n public static void main(String[] args) {\n Pulumi.run(App::stack);\n }\n\n public static void stack(Context ctx) {\n final var project = \"my-project-name\";\n\n var bucket = new Bucket(\"bucket\", BucketArgs.builder()\n .name(String.format(\"%s-gcf-source\", project))\n .location(\"US\")\n .uniformBucketLevelAccess(true)\n .build());\n\n var object = new BucketObject(\"object\", BucketObjectArgs.builder()\n .name(\"function-source.zip\")\n .bucket(bucket.name())\n .source(new FileAsset(\"function-source.zip\"))\n .build());\n\n var pool = new WorkerPool(\"pool\", WorkerPoolArgs.builder()\n .name(\"workerpool\")\n .location(\"us-central1\")\n .workerConfig(WorkerPoolWorkerConfigArgs.builder()\n .diskSizeGb(100)\n .machineType(\"e2-standard-8\")\n .noExternalIp(false)\n .build())\n .build());\n\n var function = new Function(\"function\", FunctionArgs.builder()\n .name(\"function-workerpool\")\n .location(\"us-central1\")\n .description(\"a new function\")\n .buildConfig(FunctionBuildConfigArgs.builder()\n .runtime(\"nodejs16\")\n .entryPoint(\"helloHttp\")\n .source(FunctionBuildConfigSourceArgs.builder()\n .storageSource(FunctionBuildConfigSourceStorageSourceArgs.builder()\n .bucket(bucket.name())\n .object(object.name())\n .build())\n .build())\n .workerPool(pool.id())\n .build())\n .serviceConfig(FunctionServiceConfigArgs.builder()\n .maxInstanceCount(1)\n .availableMemory(\"256M\")\n .timeoutSeconds(60)\n .build())\n .build());\n\n }\n}\n```\n```yaml\nresources:\n bucket:\n type: gcp:storage:Bucket\n properties:\n name: ${project}-gcf-source\n location: US\n uniformBucketLevelAccess: true\n object:\n type: gcp:storage:BucketObject\n properties:\n name: function-source.zip\n bucket: ${bucket.name}\n source:\n fn::FileAsset: function-source.zip\n pool:\n type: gcp:cloudbuild:WorkerPool\n properties:\n name: workerpool\n location: us-central1\n workerConfig:\n diskSizeGb: 100\n machineType: e2-standard-8\n noExternalIp: false\n function:\n type: gcp:cloudfunctionsv2:Function\n properties:\n name: function-workerpool\n location: us-central1\n description: a new function\n buildConfig:\n runtime: nodejs16\n entryPoint: helloHttp\n source:\n storageSource:\n bucket: ${bucket.name}\n object: ${object.name}\n workerPool: ${pool.id}\n serviceConfig:\n maxInstanceCount: 1\n availableMemory: 256M\n timeoutSeconds: 60\nvariables:\n project: my-project-name\n```\n\u003c!--End PulumiCodeChooser --\u003e\n### Cloudfunctions2 Cmek Docs\n\n\n\u003c!--Start PulumiCodeChooser --\u003e\n```typescript\nimport * as pulumi from \"@pulumi/pulumi\";\nimport * as gcp from \"@pulumi/gcp\";\n\nconst project = \"my-project-name\";\nconst projectGetProject = gcp.organizations.getProject({});\nconst bucket = new gcp.storage.Bucket(\"bucket\", {\n name: `${project}-gcf-source`,\n location: \"US\",\n uniformBucketLevelAccess: true,\n});\nconst object = new gcp.storage.BucketObject(\"object\", {\n name: \"function-source.zip\",\n bucket: bucket.name,\n source: new pulumi.asset.FileAsset(\"function-source.zip\"),\n});\nconst eaSa = new gcp.projects.ServiceIdentity(\"ea_sa\", {\n project: projectGetProject.then(projectGetProject =\u003e projectGetProject.projectId),\n service: \"eventarc.googleapis.com\",\n});\nconst unencoded_ar_repo = new gcp.artifactregistry.Repository(\"unencoded-ar-repo\", {\n repositoryId: \"ar-repo\",\n location: \"us-central1\",\n format: \"DOCKER\",\n});\nconst gcfCmekKeyuser = new gcp.kms.CryptoKeyIAMBinding(\"gcf_cmek_keyuser\", {\n cryptoKeyId: \"cmek-key\",\n role: \"roles/cloudkms.cryptoKeyEncrypterDecrypter\",\n members: [\n projectGetProject.then(projectGetProject =\u003e `serviceAccount:service-${projectGetProject.number}@gcf-admin-robot.iam.gserviceaccount.com`),\n projectGetProject.then(projectGetProject =\u003e `serviceAccount:service-${projectGetProject.number}@gcp-sa-artifactregistry.iam.gserviceaccount.com`),\n projectGetProject.then(projectGetProject =\u003e `serviceAccount:service-${projectGetProject.number}@gs-project-accounts.iam.gserviceaccount.com`),\n projectGetProject.then(projectGetProject =\u003e `serviceAccount:service-${projectGetProject.number}@serverless-robot-prod.iam.gserviceaccount.com`),\n pulumi.interpolate`serviceAccount:${eaSa.email}`,\n ],\n}, {\n dependsOn: [eaSa],\n});\nconst encoded_ar_repo = new gcp.artifactregistry.Repository(\"encoded-ar-repo\", {\n location: \"us-central1\",\n repositoryId: \"cmek-repo\",\n format: \"DOCKER\",\n kmsKeyName: \"cmek-key\",\n}, {\n dependsOn: [gcfCmekKeyuser],\n});\nconst binding = new gcp.artifactregistry.RepositoryIamBinding(\"binding\", {\n location: encoded_ar_repo.location,\n repository: encoded_ar_repo.name,\n role: \"roles/artifactregistry.admin\",\n members: [projectGetProject.then(projectGetProject =\u003e `serviceAccount:service-${projectGetProject.number}@gcf-admin-robot.iam.gserviceaccount.com`)],\n});\nconst _function = new gcp.cloudfunctionsv2.Function(\"function\", {\n name: \"function-cmek\",\n location: \"us-central1\",\n description: \"CMEK function\",\n kmsKeyName: \"cmek-key\",\n buildConfig: {\n runtime: \"nodejs16\",\n entryPoint: \"helloHttp\",\n dockerRepository: encoded_ar_repo.id,\n source: {\n storageSource: {\n bucket: bucket.name,\n object: object.name,\n },\n },\n },\n serviceConfig: {\n maxInstanceCount: 1,\n availableMemory: \"256M\",\n timeoutSeconds: 60,\n },\n}, {\n dependsOn: [gcfCmekKeyuser],\n});\n```\n```python\nimport pulumi\nimport pulumi_gcp as gcp\n\nproject = \"my-project-name\"\nproject_get_project = gcp.organizations.get_project()\nbucket = gcp.storage.Bucket(\"bucket\",\n name=f\"{project}-gcf-source\",\n location=\"US\",\n uniform_bucket_level_access=True)\nobject = gcp.storage.BucketObject(\"object\",\n name=\"function-source.zip\",\n bucket=bucket.name,\n source=pulumi.FileAsset(\"function-source.zip\"))\nea_sa = gcp.projects.ServiceIdentity(\"ea_sa\",\n project=project_get_project.project_id,\n service=\"eventarc.googleapis.com\")\nunencoded_ar_repo = gcp.artifactregistry.Repository(\"unencoded-ar-repo\",\n repository_id=\"ar-repo\",\n location=\"us-central1\",\n format=\"DOCKER\")\ngcf_cmek_keyuser = gcp.kms.CryptoKeyIAMBinding(\"gcf_cmek_keyuser\",\n crypto_key_id=\"cmek-key\",\n role=\"roles/cloudkms.cryptoKeyEncrypterDecrypter\",\n members=[\n f\"serviceAccount:service-{project_get_project.number}@gcf-admin-robot.iam.gserviceaccount.com\",\n f\"serviceAccount:service-{project_get_project.number}@gcp-sa-artifactregistry.iam.gserviceaccount.com\",\n f\"serviceAccount:service-{project_get_project.number}@gs-project-accounts.iam.gserviceaccount.com\",\n f\"serviceAccount:service-{project_get_project.number}@serverless-robot-prod.iam.gserviceaccount.com\",\n ea_sa.email.apply(lambda email: f\"serviceAccount:{email}\"),\n ],\n opts=pulumi.ResourceOptions(depends_on=[ea_sa]))\nencoded_ar_repo = gcp.artifactregistry.Repository(\"encoded-ar-repo\",\n location=\"us-central1\",\n repository_id=\"cmek-repo\",\n format=\"DOCKER\",\n kms_key_name=\"cmek-key\",\n opts=pulumi.ResourceOptions(depends_on=[gcf_cmek_keyuser]))\nbinding = gcp.artifactregistry.RepositoryIamBinding(\"binding\",\n location=encoded_ar_repo.location,\n repository=encoded_ar_repo.name,\n role=\"roles/artifactregistry.admin\",\n members=[f\"serviceAccount:service-{project_get_project.number}@gcf-admin-robot.iam.gserviceaccount.com\"])\nfunction = gcp.cloudfunctionsv2.Function(\"function\",\n name=\"function-cmek\",\n location=\"us-central1\",\n description=\"CMEK function\",\n kms_key_name=\"cmek-key\",\n build_config=gcp.cloudfunctionsv2.FunctionBuildConfigArgs(\n runtime=\"nodejs16\",\n entry_point=\"helloHttp\",\n docker_repository=encoded_ar_repo.id,\n source=gcp.cloudfunctionsv2.FunctionBuildConfigSourceArgs(\n storage_source=gcp.cloudfunctionsv2.FunctionBuildConfigSourceStorageSourceArgs(\n bucket=bucket.name,\n object=object.name,\n ),\n ),\n ),\n service_config=gcp.cloudfunctionsv2.FunctionServiceConfigArgs(\n max_instance_count=1,\n available_memory=\"256M\",\n timeout_seconds=60,\n ),\n opts=pulumi.ResourceOptions(depends_on=[gcf_cmek_keyuser]))\n```\n```csharp\nusing System.Collections.Generic;\nusing System.Linq;\nusing Pulumi;\nusing Gcp = Pulumi.Gcp;\n\nreturn await Deployment.RunAsync(() =\u003e \n{\n var project = \"my-project-name\";\n\n var projectGetProject = Gcp.Organizations.GetProject.Invoke();\n\n var bucket = new Gcp.Storage.Bucket(\"bucket\", new()\n {\n Name = $\"{project}-gcf-source\",\n Location = \"US\",\n UniformBucketLevelAccess = true,\n });\n\n var @object = new Gcp.Storage.BucketObject(\"object\", new()\n {\n Name = \"function-source.zip\",\n Bucket = bucket.Name,\n Source = new FileAsset(\"function-source.zip\"),\n });\n\n var eaSa = new Gcp.Projects.ServiceIdentity(\"ea_sa\", new()\n {\n Project = projectGetProject.Apply(getProjectResult =\u003e getProjectResult.ProjectId),\n Service = \"eventarc.googleapis.com\",\n });\n\n var unencoded_ar_repo = new Gcp.ArtifactRegistry.Repository(\"unencoded-ar-repo\", new()\n {\n RepositoryId = \"ar-repo\",\n Location = \"us-central1\",\n Format = \"DOCKER\",\n });\n\n var gcfCmekKeyuser = new Gcp.Kms.CryptoKeyIAMBinding(\"gcf_cmek_keyuser\", new()\n {\n CryptoKeyId = \"cmek-key\",\n Role = \"roles/cloudkms.cryptoKeyEncrypterDecrypter\",\n Members = new[]\n {\n $\"serviceAccount:service-{projectGetProject.Apply(getProjectResult =\u003e getProjectResult.Number)}@gcf-admin-robot.iam.gserviceaccount.com\",\n $\"serviceAccount:service-{projectGetProject.Apply(getProjectResult =\u003e getProjectResult.Number)}@gcp-sa-artifactregistry.iam.gserviceaccount.com\",\n $\"serviceAccount:service-{projectGetProject.Apply(getProjectResult =\u003e getProjectResult.Number)}@gs-project-accounts.iam.gserviceaccount.com\",\n $\"serviceAccount:service-{projectGetProject.Apply(getProjectResult =\u003e getProjectResult.Number)}@serverless-robot-prod.iam.gserviceaccount.com\",\n eaSa.Email.Apply(email =\u003e $\"serviceAccount:{email}\"),\n },\n }, new CustomResourceOptions\n {\n DependsOn =\n {\n eaSa,\n },\n });\n\n var encoded_ar_repo = new Gcp.ArtifactRegistry.Repository(\"encoded-ar-repo\", new()\n {\n Location = \"us-central1\",\n RepositoryId = \"cmek-repo\",\n Format = \"DOCKER\",\n KmsKeyName = \"cmek-key\",\n }, new CustomResourceOptions\n {\n DependsOn =\n {\n gcfCmekKeyuser,\n },\n });\n\n var binding = new Gcp.ArtifactRegistry.RepositoryIamBinding(\"binding\", new()\n {\n Location = encoded_ar_repo.Location,\n Repository = encoded_ar_repo.Name,\n Role = \"roles/artifactregistry.admin\",\n Members = new[]\n {\n $\"serviceAccount:service-{projectGetProject.Apply(getProjectResult =\u003e getProjectResult.Number)}@gcf-admin-robot.iam.gserviceaccount.com\",\n },\n });\n\n var function = new Gcp.CloudFunctionsV2.Function(\"function\", new()\n {\n Name = \"function-cmek\",\n Location = \"us-central1\",\n Description = \"CMEK function\",\n KmsKeyName = \"cmek-key\",\n BuildConfig = new Gcp.CloudFunctionsV2.Inputs.FunctionBuildConfigArgs\n {\n Runtime = \"nodejs16\",\n EntryPoint = \"helloHttp\",\n DockerRepository = encoded_ar_repo.Id,\n Source = new Gcp.CloudFunctionsV2.Inputs.FunctionBuildConfigSourceArgs\n {\n StorageSource = new Gcp.CloudFunctionsV2.Inputs.FunctionBuildConfigSourceStorageSourceArgs\n {\n Bucket = bucket.Name,\n Object = @object.Name,\n },\n },\n },\n ServiceConfig = new Gcp.CloudFunctionsV2.Inputs.FunctionServiceConfigArgs\n {\n MaxInstanceCount = 1,\n AvailableMemory = \"256M\",\n TimeoutSeconds = 60,\n },\n }, new CustomResourceOptions\n {\n DependsOn =\n {\n gcfCmekKeyuser,\n },\n });\n\n});\n```\n```go\npackage main\n\nimport (\n\t\"fmt\"\n\n\t\"github.com/pulumi/pulumi-gcp/sdk/v7/go/gcp/artifactregistry\"\n\t\"github.com/pulumi/pulumi-gcp/sdk/v7/go/gcp/cloudfunctionsv2\"\n\t\"github.com/pulumi/pulumi-gcp/sdk/v7/go/gcp/kms\"\n\t\"github.com/pulumi/pulumi-gcp/sdk/v7/go/gcp/organizations\"\n\t\"github.com/pulumi/pulumi-gcp/sdk/v7/go/gcp/projects\"\n\t\"github.com/pulumi/pulumi-gcp/sdk/v7/go/gcp/storage\"\n\t\"github.com/pulumi/pulumi/sdk/v3/go/pulumi\"\n)\n\nfunc main() {\n\tpulumi.Run(func(ctx *pulumi.Context) error {\n\t\tproject := \"my-project-name\"\n\t\tprojectGetProject, err := organizations.LookupProject(ctx, nil, nil)\n\t\tif err != nil {\n\t\t\treturn err\n\t\t}\n\t\tbucket, err := storage.NewBucket(ctx, \"bucket\", \u0026storage.BucketArgs{\n\t\t\tName: pulumi.String(fmt.Sprintf(\"%v-gcf-source\", project)),\n\t\t\tLocation: pulumi.String(\"US\"),\n\t\t\tUniformBucketLevelAccess: pulumi.Bool(true),\n\t\t})\n\t\tif err != nil {\n\t\t\treturn err\n\t\t}\n\t\tobject, err := storage.NewBucketObject(ctx, \"object\", \u0026storage.BucketObjectArgs{\n\t\t\tName: pulumi.String(\"function-source.zip\"),\n\t\t\tBucket: bucket.Name,\n\t\t\tSource: pulumi.NewFileAsset(\"function-source.zip\"),\n\t\t})\n\t\tif err != nil {\n\t\t\treturn err\n\t\t}\n\t\teaSa, err := projects.NewServiceIdentity(ctx, \"ea_sa\", \u0026projects.ServiceIdentityArgs{\n\t\t\tProject: pulumi.String(projectGetProject.ProjectId),\n\t\t\tService: pulumi.String(\"eventarc.googleapis.com\"),\n\t\t})\n\t\tif err != nil {\n\t\t\treturn err\n\t\t}\n\t\t_, err = artifactregistry.NewRepository(ctx, \"unencoded-ar-repo\", \u0026artifactregistry.RepositoryArgs{\n\t\t\tRepositoryId: pulumi.String(\"ar-repo\"),\n\t\t\tLocation: pulumi.String(\"us-central1\"),\n\t\t\tFormat: pulumi.String(\"DOCKER\"),\n\t\t})\n\t\tif err != nil {\n\t\t\treturn err\n\t\t}\n\t\tgcfCmekKeyuser, err := kms.NewCryptoKeyIAMBinding(ctx, \"gcf_cmek_keyuser\", \u0026kms.CryptoKeyIAMBindingArgs{\n\t\t\tCryptoKeyId: pulumi.String(\"cmek-key\"),\n\t\t\tRole: pulumi.String(\"roles/cloudkms.cryptoKeyEncrypterDecrypter\"),\n\t\t\tMembers: pulumi.StringArray{\n\t\t\t\tpulumi.String(fmt.Sprintf(\"serviceAccount:service-%v@gcf-admin-robot.iam.gserviceaccount.com\", projectGetProject.Number)),\n\t\t\t\tpulumi.String(fmt.Sprintf(\"serviceAccount:service-%v@gcp-sa-artifactregistry.iam.gserviceaccount.com\", projectGetProject.Number)),\n\t\t\t\tpulumi.String(fmt.Sprintf(\"serviceAccount:service-%v@gs-project-accounts.iam.gserviceaccount.com\", projectGetProject.Number)),\n\t\t\t\tpulumi.String(fmt.Sprintf(\"serviceAccount:service-%v@serverless-robot-prod.iam.gserviceaccount.com\", projectGetProject.Number)),\n\t\t\t\teaSa.Email.ApplyT(func(email string) (string, error) {\n\t\t\t\t\treturn fmt.Sprintf(\"serviceAccount:%v\", email), nil\n\t\t\t\t}).(pulumi.StringOutput),\n\t\t\t},\n\t\t}, pulumi.DependsOn([]pulumi.Resource{\n\t\t\teaSa,\n\t\t}))\n\t\tif err != nil {\n\t\t\treturn err\n\t\t}\n\t\t_, err = artifactregistry.NewRepository(ctx, \"encoded-ar-repo\", \u0026artifactregistry.RepositoryArgs{\n\t\t\tLocation: pulumi.String(\"us-central1\"),\n\t\t\tRepositoryId: pulumi.String(\"cmek-repo\"),\n\t\t\tFormat: pulumi.String(\"DOCKER\"),\n\t\t\tKmsKeyName: pulumi.String(\"cmek-key\"),\n\t\t}, pulumi.DependsOn([]pulumi.Resource{\n\t\t\tgcfCmekKeyuser,\n\t\t}))\n\t\tif err != nil {\n\t\t\treturn err\n\t\t}\n\t\t_, err = artifactregistry.NewRepositoryIamBinding(ctx, \"binding\", \u0026artifactregistry.RepositoryIamBindingArgs{\n\t\t\tLocation: encoded_ar_repo.Location,\n\t\t\tRepository: encoded_ar_repo.Name,\n\t\t\tRole: pulumi.String(\"roles/artifactregistry.admin\"),\n\t\t\tMembers: pulumi.StringArray{\n\t\t\t\tpulumi.String(fmt.Sprintf(\"serviceAccount:service-%v@gcf-admin-robot.iam.gserviceaccount.com\", projectGetProject.Number)),\n\t\t\t},\n\t\t})\n\t\tif err != nil {\n\t\t\treturn err\n\t\t}\n\t\t_, err = cloudfunctionsv2.NewFunction(ctx, \"function\", \u0026cloudfunctionsv2.FunctionArgs{\n\t\t\tName: pulumi.String(\"function-cmek\"),\n\t\t\tLocation: pulumi.String(\"us-central1\"),\n\t\t\tDescription: pulumi.String(\"CMEK function\"),\n\t\t\tKmsKeyName: pulumi.String(\"cmek-key\"),\n\t\t\tBuildConfig: \u0026cloudfunctionsv2.FunctionBuildConfigArgs{\n\t\t\t\tRuntime: pulumi.String(\"nodejs16\"),\n\t\t\t\tEntryPoint: pulumi.String(\"helloHttp\"),\n\t\t\t\tDockerRepository: encoded_ar_repo.ID(),\n\t\t\t\tSource: \u0026cloudfunctionsv2.FunctionBuildConfigSourceArgs{\n\t\t\t\t\tStorageSource: \u0026cloudfunctionsv2.FunctionBuildConfigSourceStorageSourceArgs{\n\t\t\t\t\t\tBucket: bucket.Name,\n\t\t\t\t\t\tObject: object.Name,\n\t\t\t\t\t},\n\t\t\t\t},\n\t\t\t},\n\t\t\tServiceConfig: \u0026cloudfunctionsv2.FunctionServiceConfigArgs{\n\t\t\t\tMaxInstanceCount: pulumi.Int(1),\n\t\t\t\tAvailableMemory: pulumi.String(\"256M\"),\n\t\t\t\tTimeoutSeconds: pulumi.Int(60),\n\t\t\t},\n\t\t}, pulumi.DependsOn([]pulumi.Resource{\n\t\t\tgcfCmekKeyuser,\n\t\t}))\n\t\tif err != nil {\n\t\t\treturn err\n\t\t}\n\t\treturn nil\n\t})\n}\n```\n```java\npackage generated_program;\n\nimport com.pulumi.Context;\nimport com.pulumi.Pulumi;\nimport com.pulumi.core.Output;\nimport com.pulumi.gcp.organizations.OrganizationsFunctions;\nimport com.pulumi.gcp.organizations.inputs.GetProjectArgs;\nimport com.pulumi.gcp.storage.Bucket;\nimport com.pulumi.gcp.storage.BucketArgs;\nimport com.pulumi.gcp.storage.BucketObject;\nimport com.pulumi.gcp.storage.BucketObjectArgs;\nimport com.pulumi.gcp.projects.ServiceIdentity;\nimport com.pulumi.gcp.projects.ServiceIdentityArgs;\nimport com.pulumi.gcp.artifactregistry.Repository;\nimport com.pulumi.gcp.artifactregistry.RepositoryArgs;\nimport com.pulumi.gcp.kms.CryptoKeyIAMBinding;\nimport com.pulumi.gcp.kms.CryptoKeyIAMBindingArgs;\nimport com.pulumi.gcp.artifactregistry.RepositoryIamBinding;\nimport com.pulumi.gcp.artifactregistry.RepositoryIamBindingArgs;\nimport com.pulumi.gcp.cloudfunctionsv2.Function;\nimport com.pulumi.gcp.cloudfunctionsv2.FunctionArgs;\nimport com.pulumi.gcp.cloudfunctionsv2.inputs.FunctionBuildConfigArgs;\nimport com.pulumi.gcp.cloudfunctionsv2.inputs.FunctionBuildConfigSourceArgs;\nimport com.pulumi.gcp.cloudfunctionsv2.inputs.FunctionBuildConfigSourceStorageSourceArgs;\nimport com.pulumi.gcp.cloudfunctionsv2.inputs.FunctionServiceConfigArgs;\nimport com.pulumi.resources.CustomResourceOptions;\nimport com.pulumi.asset.FileAsset;\nimport java.util.List;\nimport java.util.ArrayList;\nimport java.util.Map;\nimport java.io.File;\nimport java.nio.file.Files;\nimport java.nio.file.Paths;\n\npublic class App {\n public static void main(String[] args) {\n Pulumi.run(App::stack);\n }\n\n public static void stack(Context ctx) {\n final var project = \"my-project-name\";\n\n final var projectGetProject = OrganizationsFunctions.getProject();\n\n var bucket = new Bucket(\"bucket\", BucketArgs.builder()\n .name(String.format(\"%s-gcf-source\", project))\n .location(\"US\")\n .uniformBucketLevelAccess(true)\n .build());\n\n var object = new BucketObject(\"object\", BucketObjectArgs.builder()\n .name(\"function-source.zip\")\n .bucket(bucket.name())\n .source(new FileAsset(\"function-source.zip\"))\n .build());\n\n var eaSa = new ServiceIdentity(\"eaSa\", ServiceIdentityArgs.builder()\n .project(projectGetProject.applyValue(getProjectResult -\u003e getProjectResult.projectId()))\n .service(\"eventarc.googleapis.com\")\n .build());\n\n var unencoded_ar_repo = new Repository(\"unencoded-ar-repo\", RepositoryArgs.builder()\n .repositoryId(\"ar-repo\")\n .location(\"us-central1\")\n .format(\"DOCKER\")\n .build());\n\n var gcfCmekKeyuser = new CryptoKeyIAMBinding(\"gcfCmekKeyuser\", CryptoKeyIAMBindingArgs.builder()\n .cryptoKeyId(\"cmek-key\")\n .role(\"roles/cloudkms.cryptoKeyEncrypterDecrypter\")\n .members( \n String.format(\"serviceAccount:service-%s@gcf-admin-robot.iam.gserviceaccount.com\", projectGetProject.applyValue(getProjectResult -\u003e getProjectResult.number())),\n String.format(\"serviceAccount:service-%s@gcp-sa-artifactregistry.iam.gserviceaccount.com\", projectGetProject.applyValue(getProjectResult -\u003e getProjectResult.number())),\n String.format(\"serviceAccount:service-%s@gs-project-accounts.iam.gserviceaccount.com\", projectGetProject.applyValue(getProjectResult -\u003e getProjectResult.number())),\n String.format(\"serviceAccount:service-%s@serverless-robot-prod.iam.gserviceaccount.com\", projectGetProject.applyValue(getProjectResult -\u003e getProjectResult.number())),\n eaSa.email().applyValue(email -\u003e String.format(\"serviceAccount:%s\", email)))\n .build(), CustomResourceOptions.builder()\n .dependsOn(eaSa)\n .build());\n\n var encoded_ar_repo = new Repository(\"encoded-ar-repo\", RepositoryArgs.builder()\n .location(\"us-central1\")\n .repositoryId(\"cmek-repo\")\n .format(\"DOCKER\")\n .kmsKeyName(\"cmek-key\")\n .build(), CustomResourceOptions.builder()\n .dependsOn(gcfCmekKeyuser)\n .build());\n\n var binding = new RepositoryIamBinding(\"binding\", RepositoryIamBindingArgs.builder()\n .location(encoded_ar_repo.location())\n .repository(encoded_ar_repo.name())\n .role(\"roles/artifactregistry.admin\")\n .members(String.format(\"serviceAccount:service-%s@gcf-admin-robot.iam.gserviceaccount.com\", projectGetProject.applyValue(getProjectResult -\u003e getProjectResult.number())))\n .build());\n\n var function = new Function(\"function\", FunctionArgs.builder()\n .name(\"function-cmek\")\n .location(\"us-central1\")\n .description(\"CMEK function\")\n .kmsKeyName(\"cmek-key\")\n .buildConfig(FunctionBuildConfigArgs.builder()\n .runtime(\"nodejs16\")\n .entryPoint(\"helloHttp\")\n .dockerRepository(encoded_ar_repo.id())\n .source(FunctionBuildConfigSourceArgs.builder()\n .storageSource(FunctionBuildConfigSourceStorageSourceArgs.builder()\n .bucket(bucket.name())\n .object(object.name())\n .build())\n .build())\n .build())\n .serviceConfig(FunctionServiceConfigArgs.builder()\n .maxInstanceCount(1)\n .availableMemory(\"256M\")\n .timeoutSeconds(60)\n .build())\n .build(), CustomResourceOptions.builder()\n .dependsOn(gcfCmekKeyuser)\n .build());\n\n }\n}\n```\n```yaml\nresources:\n bucket:\n type: gcp:storage:Bucket\n properties:\n name: ${project}-gcf-source\n location: US\n uniformBucketLevelAccess: true\n object:\n type: gcp:storage:BucketObject\n properties:\n name: function-source.zip\n bucket: ${bucket.name}\n source:\n fn::FileAsset: function-source.zip\n eaSa:\n type: gcp:projects:ServiceIdentity\n name: ea_sa\n properties:\n project: ${projectGetProject.projectId}\n service: eventarc.googleapis.com\n unencoded-ar-repo:\n type: gcp:artifactregistry:Repository\n properties:\n repositoryId: ar-repo\n location: us-central1\n format: DOCKER\n binding:\n type: gcp:artifactregistry:RepositoryIamBinding\n properties:\n location: ${[\"encoded-ar-repo\"].location}\n repository: ${[\"encoded-ar-repo\"].name}\n role: roles/artifactregistry.admin\n members:\n - serviceAccount:service-${projectGetProject.number}@gcf-admin-robot.iam.gserviceaccount.com\n gcfCmekKeyuser:\n type: gcp:kms:CryptoKeyIAMBinding\n name: gcf_cmek_keyuser\n properties:\n cryptoKeyId: cmek-key\n role: roles/cloudkms.cryptoKeyEncrypterDecrypter\n members:\n - serviceAccount:service-${projectGetProject.number}@gcf-admin-robot.iam.gserviceaccount.com\n - serviceAccount:service-${projectGetProject.number}@gcp-sa-artifactregistry.iam.gserviceaccount.com\n - serviceAccount:service-${projectGetProject.number}@gs-project-accounts.iam.gserviceaccount.com\n - serviceAccount:service-${projectGetProject.number}@serverless-robot-prod.iam.gserviceaccount.com\n - serviceAccount:${eaSa.email}\n options:\n dependson:\n - ${eaSa}\n encoded-ar-repo:\n type: gcp:artifactregistry:Repository\n properties:\n location: us-central1\n repositoryId: cmek-repo\n format: DOCKER\n kmsKeyName: cmek-key\n options:\n dependson:\n - ${gcfCmekKeyuser}\n function:\n type: gcp:cloudfunctionsv2:Function\n properties:\n name: function-cmek\n location: us-central1\n description: CMEK function\n kmsKeyName: cmek-key\n buildConfig:\n runtime: nodejs16\n entryPoint: helloHttp\n dockerRepository: ${[\"encoded-ar-repo\"].id}\n source:\n storageSource:\n bucket: ${bucket.name}\n object: ${object.name}\n serviceConfig:\n maxInstanceCount: 1\n availableMemory: 256M\n timeoutSeconds: 60\n options:\n dependson:\n - ${gcfCmekKeyuser}\nvariables:\n project: my-project-name\n projectGetProject:\n fn::invoke:\n Function: gcp:organizations:getProject\n Arguments: {}\n```\n\u003c!--End PulumiCodeChooser --\u003e\n\n## Import\n\nfunction can be imported using any of these accepted formats:\n\n* `projects/{{project}}/locations/{{location}}/functions/{{name}}`\n\n* `{{project}}/{{location}}/{{name}}`\n\n* `{{location}}/{{name}}`\n\nWhen using the `pulumi import` command, function can be imported using one of the formats above. For example:\n\n```sh\n$ pulumi import gcp:cloudfunctionsv2/function:Function default projects/{{project}}/locations/{{location}}/functions/{{name}}\n```\n\n```sh\n$ pulumi import gcp:cloudfunctionsv2/function:Function default {{project}}/{{location}}/{{name}}\n```\n\n```sh\n$ pulumi import gcp:cloudfunctionsv2/function:Function default {{location}}/{{name}}\n```\n\n", "properties": { "buildConfig": { "$ref": "#/types/gcp:cloudfunctionsv2/FunctionBuildConfig:FunctionBuildConfig", @@ -136657,7 +137717,7 @@ } }, "gcp:composer/userWorkloadsSecret:UserWorkloadsSecret": { - "description": "## Example Usage\n\n\u003c!--Start PulumiCodeChooser --\u003e\n```typescript\nimport * as pulumi from \"@pulumi/pulumi\";\nimport * as gcp from \"@pulumi/gcp\";\nimport * as std from \"@pulumi/std\";\n\nconst example = new gcp.composer.Environment(\"example\", {\n name: \"example-environment\",\n project: \"example-project\",\n region: \"us-central1\",\n config: {\n softwareConfig: {\n imageVersion: \"example-image-version\",\n },\n },\n});\nconst exampleUserWorkloadsSecret = new gcp.composer.UserWorkloadsSecret(\"example\", {\n name: \"example-secret\",\n project: \"example-project\",\n region: \"us-central1\",\n environment: example.name,\n data: {\n email: std.base64encode({\n input: \"example-email\",\n }).then(invoke =\u003e invoke.result),\n password: std.base64encode({\n input: \"example-password\",\n }).then(invoke =\u003e invoke.result),\n },\n});\n```\n```python\nimport pulumi\nimport pulumi_gcp as gcp\nimport pulumi_std as std\n\nexample = gcp.composer.Environment(\"example\",\n name=\"example-environment\",\n project=\"example-project\",\n region=\"us-central1\",\n config=gcp.composer.EnvironmentConfigArgs(\n software_config=gcp.composer.EnvironmentConfigSoftwareConfigArgs(\n image_version=\"example-image-version\",\n ),\n ))\nexample_user_workloads_secret = gcp.composer.UserWorkloadsSecret(\"example\",\n name=\"example-secret\",\n project=\"example-project\",\n region=\"us-central1\",\n environment=example.name,\n data={\n \"email\": std.base64encode(input=\"example-email\").result,\n \"password\": std.base64encode(input=\"example-password\").result,\n })\n```\n```csharp\nusing System.Collections.Generic;\nusing System.Linq;\nusing Pulumi;\nusing Gcp = Pulumi.Gcp;\nusing Std = Pulumi.Std;\n\nreturn await Deployment.RunAsync(() =\u003e \n{\n var example = new Gcp.Composer.Environment(\"example\", new()\n {\n Name = \"example-environment\",\n Project = \"example-project\",\n Region = \"us-central1\",\n Config = new Gcp.Composer.Inputs.EnvironmentConfigArgs\n {\n SoftwareConfig = new Gcp.Composer.Inputs.EnvironmentConfigSoftwareConfigArgs\n {\n ImageVersion = \"example-image-version\",\n },\n },\n });\n\n var exampleUserWorkloadsSecret = new Gcp.Composer.UserWorkloadsSecret(\"example\", new()\n {\n Name = \"example-secret\",\n Project = \"example-project\",\n Region = \"us-central1\",\n Environment = example.Name,\n Data = \n {\n { \"email\", Std.Base64encode.Invoke(new()\n {\n Input = \"example-email\",\n }).Apply(invoke =\u003e invoke.Result) },\n { \"password\", Std.Base64encode.Invoke(new()\n {\n Input = \"example-password\",\n }).Apply(invoke =\u003e invoke.Result) },\n },\n });\n\n});\n```\n```go\npackage main\n\nimport (\n\t\"github.com/pulumi/pulumi-gcp/sdk/v7/go/gcp/composer\"\n\t\"github.com/pulumi/pulumi-std/sdk/go/std\"\n\t\"github.com/pulumi/pulumi/sdk/v3/go/pulumi\"\n)\n\nfunc main() {\n\tpulumi.Run(func(ctx *pulumi.Context) error {\n\t\texample, err := composer.NewEnvironment(ctx, \"example\", \u0026composer.EnvironmentArgs{\n\t\t\tName: pulumi.String(\"example-environment\"),\n\t\t\tProject: pulumi.String(\"example-project\"),\n\t\t\tRegion: pulumi.String(\"us-central1\"),\n\t\t\tConfig: \u0026composer.EnvironmentConfigArgs{\n\t\t\t\tSoftwareConfig: \u0026composer.EnvironmentConfigSoftwareConfigArgs{\n\t\t\t\t\tImageVersion: pulumi.String(\"example-image-version\"),\n\t\t\t\t},\n\t\t\t},\n\t\t})\n\t\tif err != nil {\n\t\t\treturn err\n\t\t}\n\t\tinvokeBase64encode, err := std.Base64encode(ctx, \u0026std.Base64encodeArgs{\n\t\t\tInput: \"example-email\",\n\t\t}, nil)\n\t\tif err != nil {\n\t\t\treturn err\n\t\t}\n\t\tinvokeBase64encode1, err := std.Base64encode(ctx, \u0026std.Base64encodeArgs{\n\t\t\tInput: \"example-password\",\n\t\t}, nil)\n\t\tif err != nil {\n\t\t\treturn err\n\t\t}\n\t\t_, err = composer.NewUserWorkloadsSecret(ctx, \"example\", \u0026composer.UserWorkloadsSecretArgs{\n\t\t\tName: pulumi.String(\"example-secret\"),\n\t\t\tProject: pulumi.String(\"example-project\"),\n\t\t\tRegion: pulumi.String(\"us-central1\"),\n\t\t\tEnvironment: example.Name,\n\t\t\tData: pulumi.Map{\n\t\t\t\t\"email\": invokeBase64encode.Result,\n\t\t\t\t\"password\": invokeBase64encode1.Result,\n\t\t\t},\n\t\t})\n\t\tif err != nil {\n\t\t\treturn err\n\t\t}\n\t\treturn nil\n\t})\n}\n```\n```java\npackage generated_program;\n\nimport com.pulumi.Context;\nimport com.pulumi.Pulumi;\nimport com.pulumi.core.Output;\nimport com.pulumi.gcp.composer.Environment;\nimport com.pulumi.gcp.composer.EnvironmentArgs;\nimport com.pulumi.gcp.composer.inputs.EnvironmentConfigArgs;\nimport com.pulumi.gcp.composer.inputs.EnvironmentConfigSoftwareConfigArgs;\nimport com.pulumi.gcp.composer.UserWorkloadsSecret;\nimport com.pulumi.gcp.composer.UserWorkloadsSecretArgs;\nimport java.util.List;\nimport java.util.ArrayList;\nimport java.util.Map;\nimport java.io.File;\nimport java.nio.file.Files;\nimport java.nio.file.Paths;\n\npublic class App {\n public static void main(String[] args) {\n Pulumi.run(App::stack);\n }\n\n public static void stack(Context ctx) {\n var example = new Environment(\"example\", EnvironmentArgs.builder()\n .name(\"example-environment\")\n .project(\"example-project\")\n .region(\"us-central1\")\n .config(EnvironmentConfigArgs.builder()\n .softwareConfig(EnvironmentConfigSoftwareConfigArgs.builder()\n .imageVersion(\"example-image-version\")\n .build())\n .build())\n .build());\n\n var exampleUserWorkloadsSecret = new UserWorkloadsSecret(\"exampleUserWorkloadsSecret\", UserWorkloadsSecretArgs.builder()\n .name(\"example-secret\")\n .project(\"example-project\")\n .region(\"us-central1\")\n .environment(example.name())\n .data(Map.ofEntries(\n Map.entry(\"email\", StdFunctions.base64encode(Base64encodeArgs.builder()\n .input(\"example-email\")\n .build()).result()),\n Map.entry(\"password\", StdFunctions.base64encode(Base64encodeArgs.builder()\n .input(\"example-password\")\n .build()).result())\n ))\n .build());\n\n }\n}\n```\n```yaml\nresources:\n example:\n type: gcp:composer:Environment\n properties:\n name: example-environment\n project: example-project\n region: us-central1\n config:\n softwareConfig:\n imageVersion: example-image-version\n exampleUserWorkloadsSecret:\n type: gcp:composer:UserWorkloadsSecret\n name: example\n properties:\n name: example-secret\n project: example-project\n region: us-central1\n environment: ${example.name}\n data:\n email:\n fn::invoke:\n Function: std:base64encode\n Arguments:\n input: example-email\n Return: result\n password:\n fn::invoke:\n Function: std:base64encode\n Arguments:\n input: example-password\n Return: result\n```\n\u003c!--End PulumiCodeChooser --\u003e\n\n## Import\n\nSecret can be imported using any of these accepted formats:\n\n* `projects/{{project}}/locations/{{region}}/environments/{{environment}}/userWorkloadsSecrets/{{name}}`\n\n* `{{project}}/{{region}}/{{environment}}/{{name}}`\n\n* `{{name}}`\n\nWhen using the `pulumi import` command, Environment can be imported using one of the formats above. For example:\n\n```sh\n$ pulumi import gcp:composer/userWorkloadsSecret:UserWorkloadsSecret example projects/{{project}}/locations/{{region}}/environments/{{environment}}/userWorkloadsSecrets/{{name}}\n```\n\n```sh\n$ pulumi import gcp:composer/userWorkloadsSecret:UserWorkloadsSecret example {{project}}/{{region}}/{{environment}}/{{name}}\n```\n\n```sh\n$ pulumi import gcp:composer/userWorkloadsSecret:UserWorkloadsSecret example {{name}}\n```\n\n", + "description": "## Example Usage\n\n\u003c!--Start PulumiCodeChooser --\u003e\n```typescript\nimport * as pulumi from \"@pulumi/pulumi\";\nimport * as gcp from \"@pulumi/gcp\";\nimport * as std from \"@pulumi/std\";\n\nconst example = new gcp.composer.Environment(\"example\", {\n name: \"example-environment\",\n project: \"example-project\",\n region: \"us-central1\",\n config: {\n softwareConfig: {\n imageVersion: \"example-image-version\",\n },\n },\n});\nconst exampleUserWorkloadsSecret = new gcp.composer.UserWorkloadsSecret(\"example\", {\n name: \"example-secret\",\n project: \"example-project\",\n region: \"us-central1\",\n environment: example.name,\n data: {\n email: std.base64encode({\n input: \"example-email\",\n }).then(invoke =\u003e invoke.result),\n password: std.base64encode({\n input: \"example-password\",\n }).then(invoke =\u003e invoke.result),\n },\n});\n```\n```python\nimport pulumi\nimport pulumi_gcp as gcp\nimport pulumi_std as std\n\nexample = gcp.composer.Environment(\"example\",\n name=\"example-environment\",\n project=\"example-project\",\n region=\"us-central1\",\n config=gcp.composer.EnvironmentConfigArgs(\n software_config=gcp.composer.EnvironmentConfigSoftwareConfigArgs(\n image_version=\"example-image-version\",\n ),\n ))\nexample_user_workloads_secret = gcp.composer.UserWorkloadsSecret(\"example\",\n name=\"example-secret\",\n project=\"example-project\",\n region=\"us-central1\",\n environment=example.name,\n data={\n \"email\": std.base64encode(input=\"example-email\").result,\n \"password\": std.base64encode(input=\"example-password\").result,\n })\n```\n```csharp\nusing System.Collections.Generic;\nusing System.Linq;\nusing Pulumi;\nusing Gcp = Pulumi.Gcp;\nusing Std = Pulumi.Std;\n\nreturn await Deployment.RunAsync(() =\u003e \n{\n var example = new Gcp.Composer.Environment(\"example\", new()\n {\n Name = \"example-environment\",\n Project = \"example-project\",\n Region = \"us-central1\",\n Config = new Gcp.Composer.Inputs.EnvironmentConfigArgs\n {\n SoftwareConfig = new Gcp.Composer.Inputs.EnvironmentConfigSoftwareConfigArgs\n {\n ImageVersion = \"example-image-version\",\n },\n },\n });\n\n var exampleUserWorkloadsSecret = new Gcp.Composer.UserWorkloadsSecret(\"example\", new()\n {\n Name = \"example-secret\",\n Project = \"example-project\",\n Region = \"us-central1\",\n Environment = example.Name,\n Data = \n {\n { \"email\", Std.Base64encode.Invoke(new()\n {\n Input = \"example-email\",\n }).Apply(invoke =\u003e invoke.Result) },\n { \"password\", Std.Base64encode.Invoke(new()\n {\n Input = \"example-password\",\n }).Apply(invoke =\u003e invoke.Result) },\n },\n });\n\n});\n```\n```go\npackage main\n\nimport (\n\t\"github.com/pulumi/pulumi-gcp/sdk/v7/go/gcp/composer\"\n\t\"github.com/pulumi/pulumi-std/sdk/go/std\"\n\t\"github.com/pulumi/pulumi/sdk/v3/go/pulumi\"\n)\n\nfunc main() {\n\tpulumi.Run(func(ctx *pulumi.Context) error {\n\t\texample, err := composer.NewEnvironment(ctx, \"example\", \u0026composer.EnvironmentArgs{\n\t\t\tName: pulumi.String(\"example-environment\"),\n\t\t\tProject: pulumi.String(\"example-project\"),\n\t\t\tRegion: pulumi.String(\"us-central1\"),\n\t\t\tConfig: \u0026composer.EnvironmentConfigArgs{\n\t\t\t\tSoftwareConfig: \u0026composer.EnvironmentConfigSoftwareConfigArgs{\n\t\t\t\t\tImageVersion: pulumi.String(\"example-image-version\"),\n\t\t\t\t},\n\t\t\t},\n\t\t})\n\t\tif err != nil {\n\t\t\treturn err\n\t\t}\n\t\tinvokeBase64encode, err := std.Base64encode(ctx, \u0026std.Base64encodeArgs{\n\t\t\tInput: \"example-email\",\n\t\t}, nil)\n\t\tif err != nil {\n\t\t\treturn err\n\t\t}\n\t\tinvokeBase64encode1, err := std.Base64encode(ctx, \u0026std.Base64encodeArgs{\n\t\t\tInput: \"example-password\",\n\t\t}, nil)\n\t\tif err != nil {\n\t\t\treturn err\n\t\t}\n\t\t_, err = composer.NewUserWorkloadsSecret(ctx, \"example\", \u0026composer.UserWorkloadsSecretArgs{\n\t\t\tName: pulumi.String(\"example-secret\"),\n\t\t\tProject: pulumi.String(\"example-project\"),\n\t\t\tRegion: pulumi.String(\"us-central1\"),\n\t\t\tEnvironment: example.Name,\n\t\t\tData: pulumi.Map{\n\t\t\t\t\"email\": invokeBase64encode.Result,\n\t\t\t\t\"password\": invokeBase64encode1.Result,\n\t\t\t},\n\t\t})\n\t\tif err != nil {\n\t\t\treturn err\n\t\t}\n\t\treturn nil\n\t})\n}\n```\n```java\npackage generated_program;\n\nimport com.pulumi.Context;\nimport com.pulumi.Pulumi;\nimport com.pulumi.core.Output;\nimport com.pulumi.gcp.composer.Environment;\nimport com.pulumi.gcp.composer.EnvironmentArgs;\nimport com.pulumi.gcp.composer.inputs.EnvironmentConfigArgs;\nimport com.pulumi.gcp.composer.inputs.EnvironmentConfigSoftwareConfigArgs;\nimport com.pulumi.gcp.composer.UserWorkloadsSecret;\nimport com.pulumi.gcp.composer.UserWorkloadsSecretArgs;\nimport java.util.List;\nimport java.util.ArrayList;\nimport java.util.Map;\nimport java.io.File;\nimport java.nio.file.Files;\nimport java.nio.file.Paths;\n\npublic class App {\n public static void main(String[] args) {\n Pulumi.run(App::stack);\n }\n\n public static void stack(Context ctx) {\n var example = new Environment(\"example\", EnvironmentArgs.builder()\n .name(\"example-environment\")\n .project(\"example-project\")\n .region(\"us-central1\")\n .config(EnvironmentConfigArgs.builder()\n .softwareConfig(EnvironmentConfigSoftwareConfigArgs.builder()\n .imageVersion(\"example-image-version\")\n .build())\n .build())\n .build());\n\n var exampleUserWorkloadsSecret = new UserWorkloadsSecret(\"exampleUserWorkloadsSecret\", UserWorkloadsSecretArgs.builder()\n .name(\"example-secret\")\n .project(\"example-project\")\n .region(\"us-central1\")\n .environment(example.name())\n .data(Map.ofEntries(\n Map.entry(\"email\", StdFunctions.base64encode(Base64encodeArgs.builder()\n .input(\"example-email\")\n .build()).result()),\n Map.entry(\"password\", StdFunctions.base64encode(Base64encodeArgs.builder()\n .input(\"example-password\")\n .build()).result())\n ))\n .build());\n\n }\n}\n```\n```yaml\nresources:\n example:\n type: gcp:composer:Environment\n properties:\n name: example-environment\n project: example-project\n region: us-central1\n config:\n softwareConfig:\n imageVersion: example-image-version\n exampleUserWorkloadsSecret:\n type: gcp:composer:UserWorkloadsSecret\n name: example\n properties:\n name: example-secret\n project: example-project\n region: us-central1\n environment: ${example.name}\n data:\n email:\n fn::invoke:\n Function: std:base64encode\n Arguments:\n input: example-email\n Return: result\n password:\n fn::invoke:\n Function: std:base64encode\n Arguments:\n input: example-password\n Return: result\n```\n\u003c!--End PulumiCodeChooser --\u003e\n\n## Import\n\nSecret can be imported using any of these accepted formats:\n\n* `projects/{{project}}/locations/{{region}}/environments/{{environment}}/userWorkloadsSecrets/{{name}}`\n\n* `{{project}}/{{region}}/{{environment}}/{{name}}`\n\n* `{{environment}}/{{name}}`\n\nWhen using the `pulumi import` command, Environment can be imported using one of the formats above. For example:\n\n```sh\n$ pulumi import gcp:composer/userWorkloadsSecret:UserWorkloadsSecret example projects/{{project}}/locations/{{region}}/environments/{{environment}}/userWorkloadsSecrets/{{name}}\n```\n\n```sh\n$ pulumi import gcp:composer/userWorkloadsSecret:UserWorkloadsSecret example {{project}}/{{region}}/{{environment}}/{{name}}\n```\n\n```sh\n$ pulumi import gcp:composer/userWorkloadsSecret:UserWorkloadsSecret example {{environment}}/{{name}}\n```\n\n", "properties": { "data": { "type": "object", @@ -145407,7 +146467,7 @@ } }, "gcp:compute/instanceGroupMembership:InstanceGroupMembership": { - "description": "Represents the Instance membership to the Instance Group.\n\n\u003e **NOTE** You can use this resource instead of the `instances` field in the\n`gcp.compute.InstanceGroup`, however it's not recommended to use it alongside this field.\nIt might cause inconsistencies, as they can end up competing over control.\n\n\u003e **NOTE** This resource has been added to avoid a situation, where after\nInstance is recreated, it's removed from Instance Group and it's needed to\nperform `apply` twice. To avoid situations like this, please use this resource\nwith the lifecycle `update_triggered_by` method, with the passed Instance's ID.\n\n\nTo get more information about InstanceGroupMembership, see:\n\n* [API documentation](https://cloud.google.com/compute/docs/reference/rest/v1/instanceGroups)\n* How-to Guides\n * [Add instances](https://cloud.google.com/compute/docs/reference/rest/v1/instanceGroups/addInstances)\n * [Remove instances](https://cloud.google.com/compute/docs/reference/rest/v1/instanceGroups/removeInstances)\n * [List instances](https://cloud.google.com/compute/docs/reference/rest/v1/instanceGroups/listInstances)\n\n## Example Usage\n\n### Instance Group Membership\n\n\n\u003c!--Start PulumiCodeChooser --\u003e\n```typescript\nimport * as pulumi from \"@pulumi/pulumi\";\nimport * as gcp from \"@pulumi/gcp\";\n\nconst default_network = new gcp.compute.Network(\"default-network\", {name: \"network\"});\nconst default_instance = new gcp.compute.Instance(\"default-instance\", {\n name: \"instance\",\n machineType: \"e2-medium\",\n bootDisk: {\n initializeParams: {\n image: \"debian-cloud/debian-11\",\n },\n },\n networkInterfaces: [{\n network: default_network.name,\n }],\n});\nconst default_instance_group = new gcp.compute.InstanceGroup(\"default-instance-group\", {name: \"instance-group\"});\nconst default_ig_membership = new gcp.compute.InstanceGroupMembership(\"default-ig-membership\", {\n instance: default_instance.selfLink,\n instanceGroup: default_instance_group.name,\n});\n```\n```python\nimport pulumi\nimport pulumi_gcp as gcp\n\ndefault_network = gcp.compute.Network(\"default-network\", name=\"network\")\ndefault_instance = gcp.compute.Instance(\"default-instance\",\n name=\"instance\",\n machine_type=\"e2-medium\",\n boot_disk=gcp.compute.InstanceBootDiskArgs(\n initialize_params=gcp.compute.InstanceBootDiskInitializeParamsArgs(\n image=\"debian-cloud/debian-11\",\n ),\n ),\n network_interfaces=[gcp.compute.InstanceNetworkInterfaceArgs(\n network=default_network.name,\n )])\ndefault_instance_group = gcp.compute.InstanceGroup(\"default-instance-group\", name=\"instance-group\")\ndefault_ig_membership = gcp.compute.InstanceGroupMembership(\"default-ig-membership\",\n instance=default_instance.self_link,\n instance_group=default_instance_group.name)\n```\n```csharp\nusing System.Collections.Generic;\nusing System.Linq;\nusing Pulumi;\nusing Gcp = Pulumi.Gcp;\n\nreturn await Deployment.RunAsync(() =\u003e \n{\n var default_network = new Gcp.Compute.Network(\"default-network\", new()\n {\n Name = \"network\",\n });\n\n var default_instance = new Gcp.Compute.Instance(\"default-instance\", new()\n {\n Name = \"instance\",\n MachineType = \"e2-medium\",\n BootDisk = new Gcp.Compute.Inputs.InstanceBootDiskArgs\n {\n InitializeParams = new Gcp.Compute.Inputs.InstanceBootDiskInitializeParamsArgs\n {\n Image = \"debian-cloud/debian-11\",\n },\n },\n NetworkInterfaces = new[]\n {\n new Gcp.Compute.Inputs.InstanceNetworkInterfaceArgs\n {\n Network = default_network.Name,\n },\n },\n });\n\n var default_instance_group = new Gcp.Compute.InstanceGroup(\"default-instance-group\", new()\n {\n Name = \"instance-group\",\n });\n\n var default_ig_membership = new Gcp.Compute.InstanceGroupMembership(\"default-ig-membership\", new()\n {\n Instance = default_instance.SelfLink,\n InstanceGroup = default_instance_group.Name,\n });\n\n});\n```\n```go\npackage main\n\nimport (\n\t\"github.com/pulumi/pulumi-gcp/sdk/v7/go/gcp/compute\"\n\t\"github.com/pulumi/pulumi/sdk/v3/go/pulumi\"\n)\n\nfunc main() {\n\tpulumi.Run(func(ctx *pulumi.Context) error {\n\t\t_, err := compute.NewNetwork(ctx, \"default-network\", \u0026compute.NetworkArgs{\n\t\t\tName: pulumi.String(\"network\"),\n\t\t})\n\t\tif err != nil {\n\t\t\treturn err\n\t\t}\n\t\t_, err = compute.NewInstance(ctx, \"default-instance\", \u0026compute.InstanceArgs{\n\t\t\tName: pulumi.String(\"instance\"),\n\t\t\tMachineType: pulumi.String(\"e2-medium\"),\n\t\t\tBootDisk: \u0026compute.InstanceBootDiskArgs{\n\t\t\t\tInitializeParams: \u0026compute.InstanceBootDiskInitializeParamsArgs{\n\t\t\t\t\tImage: pulumi.String(\"debian-cloud/debian-11\"),\n\t\t\t\t},\n\t\t\t},\n\t\t\tNetworkInterfaces: compute.InstanceNetworkInterfaceArray{\n\t\t\t\t\u0026compute.InstanceNetworkInterfaceArgs{\n\t\t\t\t\tNetwork: default_network.Name,\n\t\t\t\t},\n\t\t\t},\n\t\t})\n\t\tif err != nil {\n\t\t\treturn err\n\t\t}\n\t\t_, err = compute.NewInstanceGroup(ctx, \"default-instance-group\", \u0026compute.InstanceGroupArgs{\n\t\t\tName: pulumi.String(\"instance-group\"),\n\t\t})\n\t\tif err != nil {\n\t\t\treturn err\n\t\t}\n\t\t_, err = compute.NewInstanceGroupMembership(ctx, \"default-ig-membership\", \u0026compute.InstanceGroupMembershipArgs{\n\t\t\tInstance: default_instance.SelfLink,\n\t\t\tInstanceGroup: default_instance_group.Name,\n\t\t})\n\t\tif err != nil {\n\t\t\treturn err\n\t\t}\n\t\treturn nil\n\t})\n}\n```\n```java\npackage generated_program;\n\nimport com.pulumi.Context;\nimport com.pulumi.Pulumi;\nimport com.pulumi.core.Output;\nimport com.pulumi.gcp.compute.Network;\nimport com.pulumi.gcp.compute.NetworkArgs;\nimport com.pulumi.gcp.compute.Instance;\nimport com.pulumi.gcp.compute.InstanceArgs;\nimport com.pulumi.gcp.compute.inputs.InstanceBootDiskArgs;\nimport com.pulumi.gcp.compute.inputs.InstanceBootDiskInitializeParamsArgs;\nimport com.pulumi.gcp.compute.inputs.InstanceNetworkInterfaceArgs;\nimport com.pulumi.gcp.compute.InstanceGroup;\nimport com.pulumi.gcp.compute.InstanceGroupArgs;\nimport com.pulumi.gcp.compute.InstanceGroupMembership;\nimport com.pulumi.gcp.compute.InstanceGroupMembershipArgs;\nimport java.util.List;\nimport java.util.ArrayList;\nimport java.util.Map;\nimport java.io.File;\nimport java.nio.file.Files;\nimport java.nio.file.Paths;\n\npublic class App {\n public static void main(String[] args) {\n Pulumi.run(App::stack);\n }\n\n public static void stack(Context ctx) {\n var default_network = new Network(\"default-network\", NetworkArgs.builder()\n .name(\"network\")\n .build());\n\n var default_instance = new Instance(\"default-instance\", InstanceArgs.builder()\n .name(\"instance\")\n .machineType(\"e2-medium\")\n .bootDisk(InstanceBootDiskArgs.builder()\n .initializeParams(InstanceBootDiskInitializeParamsArgs.builder()\n .image(\"debian-cloud/debian-11\")\n .build())\n .build())\n .networkInterfaces(InstanceNetworkInterfaceArgs.builder()\n .network(default_network.name())\n .build())\n .build());\n\n var default_instance_group = new InstanceGroup(\"default-instance-group\", InstanceGroupArgs.builder()\n .name(\"instance-group\")\n .build());\n\n var default_ig_membership = new InstanceGroupMembership(\"default-ig-membership\", InstanceGroupMembershipArgs.builder()\n .instance(default_instance.selfLink())\n .instanceGroup(default_instance_group.name())\n .build());\n\n }\n}\n```\n```yaml\nresources:\n default-network:\n type: gcp:compute:Network\n properties:\n name: network\n default-instance:\n type: gcp:compute:Instance\n properties:\n name: instance\n machineType: e2-medium\n bootDisk:\n initializeParams:\n image: debian-cloud/debian-11\n networkInterfaces:\n - network: ${[\"default-network\"].name}\n default-instance-group:\n type: gcp:compute:InstanceGroup\n properties:\n name: instance-group\n default-ig-membership:\n type: gcp:compute:InstanceGroupMembership\n properties:\n instance: ${[\"default-instance\"].selfLink}\n instanceGroup: ${[\"default-instance-group\"].name}\n```\n\u003c!--End PulumiCodeChooser --\u003e\n\n## Import\n\nInstanceGroupMembership can be imported using any of these accepted formats:\n\n* `projects/{{project}}/zones/{{zone}}/instanceGroups/{{instance_group}}/{{instance}}`\n\n* `{{project}}/{{zone}}/{{instance_group}}/{{instance}}`\n\n* `{{zone}}/{{instance_group}}/{{instance}}`\n\n* `{{instance_group}}/{{instance}}`\n\nWhen using the `pulumi import` command, InstanceGroupMembership can be imported using one of the formats above. For example:\n\n```sh\n$ pulumi import gcp:compute/instanceGroupMembership:InstanceGroupMembership default projects/{{project}}/zones/{{zone}}/instanceGroups/{{instance_group}}/{{instance}}\n```\n\n```sh\n$ pulumi import gcp:compute/instanceGroupMembership:InstanceGroupMembership default {{project}}/{{zone}}/{{instance_group}}/{{instance}}\n```\n\n```sh\n$ pulumi import gcp:compute/instanceGroupMembership:InstanceGroupMembership default {{zone}}/{{instance_group}}/{{instance}}\n```\n\n```sh\n$ pulumi import gcp:compute/instanceGroupMembership:InstanceGroupMembership default {{instance_group}}/{{instance}}\n```\n\n", + "description": "Represents the Instance membership to the Instance Group.\n\n\u003e **NOTE** You can use this resource instead of the `instances` field in the\n`gcp.compute.InstanceGroup`, however it's not recommended to use it alongside this field.\nIt might cause inconsistencies, as they can end up competing over control.\n\n\u003e **NOTE** This resource has been added to avoid a situation, where after\nInstance is recreated, it's removed from Instance Group and it's needed to\nperform `apply` twice. To avoid situations like this, please use this resource\nwith the lifecycle `replace_triggered_by` method, with the passed Instance's ID.\n\n\nTo get more information about InstanceGroupMembership, see:\n\n* [API documentation](https://cloud.google.com/compute/docs/reference/rest/v1/instanceGroups)\n* How-to Guides\n * [Add instances](https://cloud.google.com/compute/docs/reference/rest/v1/instanceGroups/addInstances)\n * [Remove instances](https://cloud.google.com/compute/docs/reference/rest/v1/instanceGroups/removeInstances)\n * [List instances](https://cloud.google.com/compute/docs/reference/rest/v1/instanceGroups/listInstances)\n\n## Example Usage\n\n### Instance Group Membership\n\n\n\u003c!--Start PulumiCodeChooser --\u003e\n```typescript\nimport * as pulumi from \"@pulumi/pulumi\";\nimport * as gcp from \"@pulumi/gcp\";\n\nconst default_network = new gcp.compute.Network(\"default-network\", {name: \"network\"});\nconst default_instance = new gcp.compute.Instance(\"default-instance\", {\n name: \"instance\",\n machineType: \"e2-medium\",\n bootDisk: {\n initializeParams: {\n image: \"debian-cloud/debian-11\",\n },\n },\n networkInterfaces: [{\n network: default_network.name,\n }],\n});\nconst default_instance_group = new gcp.compute.InstanceGroup(\"default-instance-group\", {name: \"instance-group\"});\nconst default_ig_membership = new gcp.compute.InstanceGroupMembership(\"default-ig-membership\", {\n instance: default_instance.selfLink,\n instanceGroup: default_instance_group.name,\n});\n```\n```python\nimport pulumi\nimport pulumi_gcp as gcp\n\ndefault_network = gcp.compute.Network(\"default-network\", name=\"network\")\ndefault_instance = gcp.compute.Instance(\"default-instance\",\n name=\"instance\",\n machine_type=\"e2-medium\",\n boot_disk=gcp.compute.InstanceBootDiskArgs(\n initialize_params=gcp.compute.InstanceBootDiskInitializeParamsArgs(\n image=\"debian-cloud/debian-11\",\n ),\n ),\n network_interfaces=[gcp.compute.InstanceNetworkInterfaceArgs(\n network=default_network.name,\n )])\ndefault_instance_group = gcp.compute.InstanceGroup(\"default-instance-group\", name=\"instance-group\")\ndefault_ig_membership = gcp.compute.InstanceGroupMembership(\"default-ig-membership\",\n instance=default_instance.self_link,\n instance_group=default_instance_group.name)\n```\n```csharp\nusing System.Collections.Generic;\nusing System.Linq;\nusing Pulumi;\nusing Gcp = Pulumi.Gcp;\n\nreturn await Deployment.RunAsync(() =\u003e \n{\n var default_network = new Gcp.Compute.Network(\"default-network\", new()\n {\n Name = \"network\",\n });\n\n var default_instance = new Gcp.Compute.Instance(\"default-instance\", new()\n {\n Name = \"instance\",\n MachineType = \"e2-medium\",\n BootDisk = new Gcp.Compute.Inputs.InstanceBootDiskArgs\n {\n InitializeParams = new Gcp.Compute.Inputs.InstanceBootDiskInitializeParamsArgs\n {\n Image = \"debian-cloud/debian-11\",\n },\n },\n NetworkInterfaces = new[]\n {\n new Gcp.Compute.Inputs.InstanceNetworkInterfaceArgs\n {\n Network = default_network.Name,\n },\n },\n });\n\n var default_instance_group = new Gcp.Compute.InstanceGroup(\"default-instance-group\", new()\n {\n Name = \"instance-group\",\n });\n\n var default_ig_membership = new Gcp.Compute.InstanceGroupMembership(\"default-ig-membership\", new()\n {\n Instance = default_instance.SelfLink,\n InstanceGroup = default_instance_group.Name,\n });\n\n});\n```\n```go\npackage main\n\nimport (\n\t\"github.com/pulumi/pulumi-gcp/sdk/v7/go/gcp/compute\"\n\t\"github.com/pulumi/pulumi/sdk/v3/go/pulumi\"\n)\n\nfunc main() {\n\tpulumi.Run(func(ctx *pulumi.Context) error {\n\t\t_, err := compute.NewNetwork(ctx, \"default-network\", \u0026compute.NetworkArgs{\n\t\t\tName: pulumi.String(\"network\"),\n\t\t})\n\t\tif err != nil {\n\t\t\treturn err\n\t\t}\n\t\t_, err = compute.NewInstance(ctx, \"default-instance\", \u0026compute.InstanceArgs{\n\t\t\tName: pulumi.String(\"instance\"),\n\t\t\tMachineType: pulumi.String(\"e2-medium\"),\n\t\t\tBootDisk: \u0026compute.InstanceBootDiskArgs{\n\t\t\t\tInitializeParams: \u0026compute.InstanceBootDiskInitializeParamsArgs{\n\t\t\t\t\tImage: pulumi.String(\"debian-cloud/debian-11\"),\n\t\t\t\t},\n\t\t\t},\n\t\t\tNetworkInterfaces: compute.InstanceNetworkInterfaceArray{\n\t\t\t\t\u0026compute.InstanceNetworkInterfaceArgs{\n\t\t\t\t\tNetwork: default_network.Name,\n\t\t\t\t},\n\t\t\t},\n\t\t})\n\t\tif err != nil {\n\t\t\treturn err\n\t\t}\n\t\t_, err = compute.NewInstanceGroup(ctx, \"default-instance-group\", \u0026compute.InstanceGroupArgs{\n\t\t\tName: pulumi.String(\"instance-group\"),\n\t\t})\n\t\tif err != nil {\n\t\t\treturn err\n\t\t}\n\t\t_, err = compute.NewInstanceGroupMembership(ctx, \"default-ig-membership\", \u0026compute.InstanceGroupMembershipArgs{\n\t\t\tInstance: default_instance.SelfLink,\n\t\t\tInstanceGroup: default_instance_group.Name,\n\t\t})\n\t\tif err != nil {\n\t\t\treturn err\n\t\t}\n\t\treturn nil\n\t})\n}\n```\n```java\npackage generated_program;\n\nimport com.pulumi.Context;\nimport com.pulumi.Pulumi;\nimport com.pulumi.core.Output;\nimport com.pulumi.gcp.compute.Network;\nimport com.pulumi.gcp.compute.NetworkArgs;\nimport com.pulumi.gcp.compute.Instance;\nimport com.pulumi.gcp.compute.InstanceArgs;\nimport com.pulumi.gcp.compute.inputs.InstanceBootDiskArgs;\nimport com.pulumi.gcp.compute.inputs.InstanceBootDiskInitializeParamsArgs;\nimport com.pulumi.gcp.compute.inputs.InstanceNetworkInterfaceArgs;\nimport com.pulumi.gcp.compute.InstanceGroup;\nimport com.pulumi.gcp.compute.InstanceGroupArgs;\nimport com.pulumi.gcp.compute.InstanceGroupMembership;\nimport com.pulumi.gcp.compute.InstanceGroupMembershipArgs;\nimport java.util.List;\nimport java.util.ArrayList;\nimport java.util.Map;\nimport java.io.File;\nimport java.nio.file.Files;\nimport java.nio.file.Paths;\n\npublic class App {\n public static void main(String[] args) {\n Pulumi.run(App::stack);\n }\n\n public static void stack(Context ctx) {\n var default_network = new Network(\"default-network\", NetworkArgs.builder()\n .name(\"network\")\n .build());\n\n var default_instance = new Instance(\"default-instance\", InstanceArgs.builder()\n .name(\"instance\")\n .machineType(\"e2-medium\")\n .bootDisk(InstanceBootDiskArgs.builder()\n .initializeParams(InstanceBootDiskInitializeParamsArgs.builder()\n .image(\"debian-cloud/debian-11\")\n .build())\n .build())\n .networkInterfaces(InstanceNetworkInterfaceArgs.builder()\n .network(default_network.name())\n .build())\n .build());\n\n var default_instance_group = new InstanceGroup(\"default-instance-group\", InstanceGroupArgs.builder()\n .name(\"instance-group\")\n .build());\n\n var default_ig_membership = new InstanceGroupMembership(\"default-ig-membership\", InstanceGroupMembershipArgs.builder()\n .instance(default_instance.selfLink())\n .instanceGroup(default_instance_group.name())\n .build());\n\n }\n}\n```\n```yaml\nresources:\n default-network:\n type: gcp:compute:Network\n properties:\n name: network\n default-instance:\n type: gcp:compute:Instance\n properties:\n name: instance\n machineType: e2-medium\n bootDisk:\n initializeParams:\n image: debian-cloud/debian-11\n networkInterfaces:\n - network: ${[\"default-network\"].name}\n default-instance-group:\n type: gcp:compute:InstanceGroup\n properties:\n name: instance-group\n default-ig-membership:\n type: gcp:compute:InstanceGroupMembership\n properties:\n instance: ${[\"default-instance\"].selfLink}\n instanceGroup: ${[\"default-instance-group\"].name}\n```\n\u003c!--End PulumiCodeChooser --\u003e\n\n## Import\n\nInstanceGroupMembership can be imported using any of these accepted formats:\n\n* `projects/{{project}}/zones/{{zone}}/instanceGroups/{{instance_group}}/{{instance}}`\n\n* `{{project}}/{{zone}}/{{instance_group}}/{{instance}}`\n\n* `{{zone}}/{{instance_group}}/{{instance}}`\n\n* `{{instance_group}}/{{instance}}`\n\nWhen using the `pulumi import` command, InstanceGroupMembership can be imported using one of the formats above. For example:\n\n```sh\n$ pulumi import gcp:compute/instanceGroupMembership:InstanceGroupMembership default projects/{{project}}/zones/{{zone}}/instanceGroups/{{instance_group}}/{{instance}}\n```\n\n```sh\n$ pulumi import gcp:compute/instanceGroupMembership:InstanceGroupMembership default {{project}}/{{zone}}/{{instance_group}}/{{instance}}\n```\n\n```sh\n$ pulumi import gcp:compute/instanceGroupMembership:InstanceGroupMembership default {{zone}}/{{instance_group}}/{{instance}}\n```\n\n```sh\n$ pulumi import gcp:compute/instanceGroupMembership:InstanceGroupMembership default {{instance_group}}/{{instance}}\n```\n\n", "properties": { "instance": { "type": "string", @@ -147045,6 +148105,10 @@ "type": "string", "description": "[Output Only] The current state of this attachment's functionality.\n" }, + "subnetLength": { + "type": "integer", + "description": "Length of the IPv4 subnet mask. Allowed values: 29 (default), 30. The default value is 29,\nexcept for Cross-Cloud Interconnect connections that use an InterconnectRemoteLocation with a\nconstraints.subnetLengthRange.min equal to 30. For example, connections that use an Azure\nremote location fall into this category. In these cases, the default value is 30, and\nrequesting 29 returns an error. Where both 29 and 30 are allowed, 29 is preferred, because it\ngives Google Cloud Support more debugging visibility.\n" + }, "type": { "type": "string", "description": "The type of InterconnectAttachment you wish to create. Defaults to\nDEDICATED.\nPossible values are: `DEDICATED`, `PARTNER`, `PARTNER_PROVIDER`.\n" @@ -147148,6 +148212,11 @@ "type": "string", "description": "The stack type for this interconnect attachment to identify whether the IPv6\nfeature is enabled or not. If not specified, IPV4_ONLY will be used.\nThis field can be both set at interconnect attachments creation and update\ninterconnect attachment operations.\nPossible values are: `IPV4_IPV6`, `IPV4_ONLY`.\n" }, + "subnetLength": { + "type": "integer", + "description": "Length of the IPv4 subnet mask. Allowed values: 29 (default), 30. The default value is 29,\nexcept for Cross-Cloud Interconnect connections that use an InterconnectRemoteLocation with a\nconstraints.subnetLengthRange.min equal to 30. For example, connections that use an Azure\nremote location fall into this category. In these cases, the default value is 30, and\nrequesting 29 returns an error. Where both 29 and 30 are allowed, 29 is preferred, because it\ngives Google Cloud Support more debugging visibility.\n", + "willReplaceOnChanges": true + }, "type": { "type": "string", "description": "The type of InterconnectAttachment you wish to create. Defaults to\nDEDICATED.\nPossible values are: `DEDICATED`, `PARTNER`, `PARTNER_PROVIDER`.\n", @@ -147282,6 +148351,11 @@ "type": "string", "description": "[Output Only] The current state of this attachment's functionality.\n" }, + "subnetLength": { + "type": "integer", + "description": "Length of the IPv4 subnet mask. Allowed values: 29 (default), 30. The default value is 29,\nexcept for Cross-Cloud Interconnect connections that use an InterconnectRemoteLocation with a\nconstraints.subnetLengthRange.min equal to 30. For example, connections that use an Azure\nremote location fall into this category. In these cases, the default value is 30, and\nrequesting 29 returns an error. Where both 29 and 30 are allowed, 29 is preferred, because it\ngives Google Cloud Support more debugging visibility.\n", + "willReplaceOnChanges": true + }, "type": { "type": "string", "description": "The type of InterconnectAttachment you wish to create. Defaults to\nDEDICATED.\nPossible values are: `DEDICATED`, `PARTNER`, `PARTNER_PROVIDER`.\n", @@ -148541,7 +149615,7 @@ } }, "gcp:compute/networkEndpoint:NetworkEndpoint": { - "description": "A Network endpoint represents a IP address and port combination that is\npart of a specific network endpoint group (NEG). NEGs are zonal\ncollections of these endpoints for GCP resources within a\nsingle subnet. **NOTE**: Network endpoints cannot be created outside of a\nnetwork endpoint group.\n\n\u003e **NOTE** In case the Endpoint's Instance is recreated, it's needed to\nperform `apply` twice. To avoid situations like this, please use this resource\nwith the lifecycle `update_triggered_by` method, with the passed Instance's ID.\n\n\nTo get more information about NetworkEndpoint, see:\n\n* [API documentation](https://cloud.google.com/compute/docs/reference/rest/beta/networkEndpointGroups)\n* How-to Guides\n * [Official Documentation](https://cloud.google.com/load-balancing/docs/negs/)\n\n## Example Usage\n\n### Network Endpoint\n\n\n\u003c!--Start PulumiCodeChooser --\u003e\n```typescript\nimport * as pulumi from \"@pulumi/pulumi\";\nimport * as gcp from \"@pulumi/gcp\";\n\nconst myImage = gcp.compute.getImage({\n family: \"debian-11\",\n project: \"debian-cloud\",\n});\nconst _default = new gcp.compute.Network(\"default\", {\n name: \"neg-network\",\n autoCreateSubnetworks: false,\n});\nconst defaultSubnetwork = new gcp.compute.Subnetwork(\"default\", {\n name: \"neg-subnetwork\",\n ipCidrRange: \"10.0.0.1/16\",\n region: \"us-central1\",\n network: _default.id,\n});\nconst endpoint_instance = new gcp.compute.Instance(\"endpoint-instance\", {\n networkInterfaces: [{\n accessConfigs: [{}],\n subnetwork: defaultSubnetwork.id,\n }],\n name: \"endpoint-instance\",\n machineType: \"e2-medium\",\n bootDisk: {\n initializeParams: {\n image: myImage.then(myImage =\u003e myImage.selfLink),\n },\n },\n});\nconst default_endpoint = new gcp.compute.NetworkEndpoint(\"default-endpoint\", {\n networkEndpointGroup: neg.name,\n instance: endpoint_instance.name,\n port: neg.defaultPort,\n ipAddress: endpoint_instance.networkInterfaces.apply(networkInterfaces =\u003e networkInterfaces[0].networkIp),\n});\nconst group = new gcp.compute.NetworkEndpointGroup(\"group\", {\n name: \"my-lb-neg\",\n network: _default.id,\n subnetwork: defaultSubnetwork.id,\n defaultPort: 90,\n zone: \"us-central1-a\",\n});\n```\n```python\nimport pulumi\nimport pulumi_gcp as gcp\n\nmy_image = gcp.compute.get_image(family=\"debian-11\",\n project=\"debian-cloud\")\ndefault = gcp.compute.Network(\"default\",\n name=\"neg-network\",\n auto_create_subnetworks=False)\ndefault_subnetwork = gcp.compute.Subnetwork(\"default\",\n name=\"neg-subnetwork\",\n ip_cidr_range=\"10.0.0.1/16\",\n region=\"us-central1\",\n network=default.id)\nendpoint_instance = gcp.compute.Instance(\"endpoint-instance\",\n network_interfaces=[gcp.compute.InstanceNetworkInterfaceArgs(\n access_configs=[gcp.compute.InstanceNetworkInterfaceAccessConfigArgs()],\n subnetwork=default_subnetwork.id,\n )],\n name=\"endpoint-instance\",\n machine_type=\"e2-medium\",\n boot_disk=gcp.compute.InstanceBootDiskArgs(\n initialize_params=gcp.compute.InstanceBootDiskInitializeParamsArgs(\n image=my_image.self_link,\n ),\n ))\ndefault_endpoint = gcp.compute.NetworkEndpoint(\"default-endpoint\",\n network_endpoint_group=neg[\"name\"],\n instance=endpoint_instance.name,\n port=neg[\"defaultPort\"],\n ip_address=endpoint_instance.network_interfaces[0].network_ip)\ngroup = gcp.compute.NetworkEndpointGroup(\"group\",\n name=\"my-lb-neg\",\n network=default.id,\n subnetwork=default_subnetwork.id,\n default_port=90,\n zone=\"us-central1-a\")\n```\n```csharp\nusing System.Collections.Generic;\nusing System.Linq;\nusing Pulumi;\nusing Gcp = Pulumi.Gcp;\n\nreturn await Deployment.RunAsync(() =\u003e \n{\n var myImage = Gcp.Compute.GetImage.Invoke(new()\n {\n Family = \"debian-11\",\n Project = \"debian-cloud\",\n });\n\n var @default = new Gcp.Compute.Network(\"default\", new()\n {\n Name = \"neg-network\",\n AutoCreateSubnetworks = false,\n });\n\n var defaultSubnetwork = new Gcp.Compute.Subnetwork(\"default\", new()\n {\n Name = \"neg-subnetwork\",\n IpCidrRange = \"10.0.0.1/16\",\n Region = \"us-central1\",\n Network = @default.Id,\n });\n\n var endpoint_instance = new Gcp.Compute.Instance(\"endpoint-instance\", new()\n {\n NetworkInterfaces = new[]\n {\n new Gcp.Compute.Inputs.InstanceNetworkInterfaceArgs\n {\n AccessConfigs = new[]\n {\n null,\n },\n Subnetwork = defaultSubnetwork.Id,\n },\n },\n Name = \"endpoint-instance\",\n MachineType = \"e2-medium\",\n BootDisk = new Gcp.Compute.Inputs.InstanceBootDiskArgs\n {\n InitializeParams = new Gcp.Compute.Inputs.InstanceBootDiskInitializeParamsArgs\n {\n Image = myImage.Apply(getImageResult =\u003e getImageResult.SelfLink),\n },\n },\n });\n\n var default_endpoint = new Gcp.Compute.NetworkEndpoint(\"default-endpoint\", new()\n {\n NetworkEndpointGroup = neg.Name,\n Instance = endpoint_instance.Name,\n Port = neg.DefaultPort,\n IpAddress = endpoint_instance.NetworkInterfaces.Apply(networkInterfaces =\u003e networkInterfaces[0].NetworkIp),\n });\n\n var @group = new Gcp.Compute.NetworkEndpointGroup(\"group\", new()\n {\n Name = \"my-lb-neg\",\n Network = @default.Id,\n Subnetwork = defaultSubnetwork.Id,\n DefaultPort = 90,\n Zone = \"us-central1-a\",\n });\n\n});\n```\n```go\npackage main\n\nimport (\n\t\"github.com/pulumi/pulumi-gcp/sdk/v7/go/gcp/compute\"\n\t\"github.com/pulumi/pulumi/sdk/v3/go/pulumi\"\n)\n\nfunc main() {\n\tpulumi.Run(func(ctx *pulumi.Context) error {\n\t\tmyImage, err := compute.LookupImage(ctx, \u0026compute.LookupImageArgs{\n\t\t\tFamily: pulumi.StringRef(\"debian-11\"),\n\t\t\tProject: pulumi.StringRef(\"debian-cloud\"),\n\t\t}, nil)\n\t\tif err != nil {\n\t\t\treturn err\n\t\t}\n\t\t_, err = compute.NewNetwork(ctx, \"default\", \u0026compute.NetworkArgs{\n\t\t\tName: pulumi.String(\"neg-network\"),\n\t\t\tAutoCreateSubnetworks: pulumi.Bool(false),\n\t\t})\n\t\tif err != nil {\n\t\t\treturn err\n\t\t}\n\t\tdefaultSubnetwork, err := compute.NewSubnetwork(ctx, \"default\", \u0026compute.SubnetworkArgs{\n\t\t\tName: pulumi.String(\"neg-subnetwork\"),\n\t\t\tIpCidrRange: pulumi.String(\"10.0.0.1/16\"),\n\t\t\tRegion: pulumi.String(\"us-central1\"),\n\t\t\tNetwork: _default.ID(),\n\t\t})\n\t\tif err != nil {\n\t\t\treturn err\n\t\t}\n\t\t_, err = compute.NewInstance(ctx, \"endpoint-instance\", \u0026compute.InstanceArgs{\n\t\t\tNetworkInterfaces: compute.InstanceNetworkInterfaceArray{\n\t\t\t\t\u0026compute.InstanceNetworkInterfaceArgs{\n\t\t\t\t\tAccessConfigs: compute.InstanceNetworkInterfaceAccessConfigArray{\n\t\t\t\t\t\tnil,\n\t\t\t\t\t},\n\t\t\t\t\tSubnetwork: defaultSubnetwork.ID(),\n\t\t\t\t},\n\t\t\t},\n\t\t\tName: pulumi.String(\"endpoint-instance\"),\n\t\t\tMachineType: pulumi.String(\"e2-medium\"),\n\t\t\tBootDisk: \u0026compute.InstanceBootDiskArgs{\n\t\t\t\tInitializeParams: \u0026compute.InstanceBootDiskInitializeParamsArgs{\n\t\t\t\t\tImage: pulumi.String(myImage.SelfLink),\n\t\t\t\t},\n\t\t\t},\n\t\t})\n\t\tif err != nil {\n\t\t\treturn err\n\t\t}\n\t\t_, err = compute.NewNetworkEndpoint(ctx, \"default-endpoint\", \u0026compute.NetworkEndpointArgs{\n\t\t\tNetworkEndpointGroup: pulumi.Any(neg.Name),\n\t\t\tInstance: endpoint_instance.Name,\n\t\t\tPort: pulumi.Any(neg.DefaultPort),\n\t\t\tIpAddress: endpoint_instance.NetworkInterfaces.ApplyT(func(networkInterfaces []compute.InstanceNetworkInterface) (*string, error) {\n\t\t\t\treturn \u0026networkInterfaces[0].NetworkIp, nil\n\t\t\t}).(pulumi.StringPtrOutput),\n\t\t})\n\t\tif err != nil {\n\t\t\treturn err\n\t\t}\n\t\t_, err = compute.NewNetworkEndpointGroup(ctx, \"group\", \u0026compute.NetworkEndpointGroupArgs{\n\t\t\tName: pulumi.String(\"my-lb-neg\"),\n\t\t\tNetwork: _default.ID(),\n\t\t\tSubnetwork: defaultSubnetwork.ID(),\n\t\t\tDefaultPort: pulumi.Int(90),\n\t\t\tZone: pulumi.String(\"us-central1-a\"),\n\t\t})\n\t\tif err != nil {\n\t\t\treturn err\n\t\t}\n\t\treturn nil\n\t})\n}\n```\n```java\npackage generated_program;\n\nimport com.pulumi.Context;\nimport com.pulumi.Pulumi;\nimport com.pulumi.core.Output;\nimport com.pulumi.gcp.compute.ComputeFunctions;\nimport com.pulumi.gcp.compute.inputs.GetImageArgs;\nimport com.pulumi.gcp.compute.Network;\nimport com.pulumi.gcp.compute.NetworkArgs;\nimport com.pulumi.gcp.compute.Subnetwork;\nimport com.pulumi.gcp.compute.SubnetworkArgs;\nimport com.pulumi.gcp.compute.Instance;\nimport com.pulumi.gcp.compute.InstanceArgs;\nimport com.pulumi.gcp.compute.inputs.InstanceNetworkInterfaceArgs;\nimport com.pulumi.gcp.compute.inputs.InstanceBootDiskArgs;\nimport com.pulumi.gcp.compute.inputs.InstanceBootDiskInitializeParamsArgs;\nimport com.pulumi.gcp.compute.NetworkEndpoint;\nimport com.pulumi.gcp.compute.NetworkEndpointArgs;\nimport com.pulumi.gcp.compute.NetworkEndpointGroup;\nimport com.pulumi.gcp.compute.NetworkEndpointGroupArgs;\nimport java.util.List;\nimport java.util.ArrayList;\nimport java.util.Map;\nimport java.io.File;\nimport java.nio.file.Files;\nimport java.nio.file.Paths;\n\npublic class App {\n public static void main(String[] args) {\n Pulumi.run(App::stack);\n }\n\n public static void stack(Context ctx) {\n final var myImage = ComputeFunctions.getImage(GetImageArgs.builder()\n .family(\"debian-11\")\n .project(\"debian-cloud\")\n .build());\n\n var default_ = new Network(\"default\", NetworkArgs.builder()\n .name(\"neg-network\")\n .autoCreateSubnetworks(false)\n .build());\n\n var defaultSubnetwork = new Subnetwork(\"defaultSubnetwork\", SubnetworkArgs.builder()\n .name(\"neg-subnetwork\")\n .ipCidrRange(\"10.0.0.1/16\")\n .region(\"us-central1\")\n .network(default_.id())\n .build());\n\n var endpoint_instance = new Instance(\"endpoint-instance\", InstanceArgs.builder()\n .networkInterfaces(InstanceNetworkInterfaceArgs.builder()\n .accessConfigs()\n .subnetwork(defaultSubnetwork.id())\n .build())\n .name(\"endpoint-instance\")\n .machineType(\"e2-medium\")\n .bootDisk(InstanceBootDiskArgs.builder()\n .initializeParams(InstanceBootDiskInitializeParamsArgs.builder()\n .image(myImage.applyValue(getImageResult -\u003e getImageResult.selfLink()))\n .build())\n .build())\n .build());\n\n var default_endpoint = new NetworkEndpoint(\"default-endpoint\", NetworkEndpointArgs.builder()\n .networkEndpointGroup(neg.name())\n .instance(endpoint_instance.name())\n .port(neg.defaultPort())\n .ipAddress(endpoint_instance.networkInterfaces().applyValue(networkInterfaces -\u003e networkInterfaces[0].networkIp()))\n .build());\n\n var group = new NetworkEndpointGroup(\"group\", NetworkEndpointGroupArgs.builder()\n .name(\"my-lb-neg\")\n .network(default_.id())\n .subnetwork(defaultSubnetwork.id())\n .defaultPort(\"90\")\n .zone(\"us-central1-a\")\n .build());\n\n }\n}\n```\n```yaml\nresources:\n default-endpoint:\n type: gcp:compute:NetworkEndpoint\n properties:\n networkEndpointGroup: ${neg.name}\n instance: ${[\"endpoint-instance\"].name}\n port: ${neg.defaultPort}\n ipAddress: ${[\"endpoint-instance\"].networkInterfaces[0].networkIp}\n endpoint-instance:\n type: gcp:compute:Instance\n properties:\n networkInterfaces:\n - accessConfigs:\n - {}\n subnetwork: ${defaultSubnetwork.id}\n name: endpoint-instance\n machineType: e2-medium\n bootDisk:\n initializeParams:\n image: ${myImage.selfLink}\n group:\n type: gcp:compute:NetworkEndpointGroup\n properties:\n name: my-lb-neg\n network: ${default.id}\n subnetwork: ${defaultSubnetwork.id}\n defaultPort: '90'\n zone: us-central1-a\n default:\n type: gcp:compute:Network\n properties:\n name: neg-network\n autoCreateSubnetworks: false\n defaultSubnetwork:\n type: gcp:compute:Subnetwork\n name: default\n properties:\n name: neg-subnetwork\n ipCidrRange: 10.0.0.1/16\n region: us-central1\n network: ${default.id}\nvariables:\n myImage:\n fn::invoke:\n Function: gcp:compute:getImage\n Arguments:\n family: debian-11\n project: debian-cloud\n```\n\u003c!--End PulumiCodeChooser --\u003e\n\n## Import\n\nNetworkEndpoint can be imported using any of these accepted formats:\n\n* `projects/{{project}}/zones/{{zone}}/networkEndpointGroups/{{network_endpoint_group}}/{{instance}}/{{ip_address}}/{{port}}`\n\n* `{{project}}/{{zone}}/{{network_endpoint_group}}/{{instance}}/{{ip_address}}/{{port}}`\n\n* `{{zone}}/{{network_endpoint_group}}/{{instance}}/{{ip_address}}/{{port}}`\n\n* `{{network_endpoint_group}}/{{instance}}/{{ip_address}}/{{port}}`\n\nWhen using the `pulumi import` command, NetworkEndpoint can be imported using one of the formats above. For example:\n\n```sh\n$ pulumi import gcp:compute/networkEndpoint:NetworkEndpoint default projects/{{project}}/zones/{{zone}}/networkEndpointGroups/{{network_endpoint_group}}/{{instance}}/{{ip_address}}/{{port}}\n```\n\n```sh\n$ pulumi import gcp:compute/networkEndpoint:NetworkEndpoint default {{project}}/{{zone}}/{{network_endpoint_group}}/{{instance}}/{{ip_address}}/{{port}}\n```\n\n```sh\n$ pulumi import gcp:compute/networkEndpoint:NetworkEndpoint default {{zone}}/{{network_endpoint_group}}/{{instance}}/{{ip_address}}/{{port}}\n```\n\n```sh\n$ pulumi import gcp:compute/networkEndpoint:NetworkEndpoint default {{network_endpoint_group}}/{{instance}}/{{ip_address}}/{{port}}\n```\n\n", + "description": "A Network endpoint represents a IP address and port combination that is\npart of a specific network endpoint group (NEG). NEGs are zonal\ncollections of these endpoints for GCP resources within a\nsingle subnet. **NOTE**: Network endpoints cannot be created outside of a\nnetwork endpoint group.\n\n\u003e **NOTE** In case the Endpoint's Instance is recreated, it's needed to\nperform `apply` twice. To avoid situations like this, please use this resource\nwith the lifecycle `replace_triggered_by` method, with the passed Instance's ID.\n\n\nTo get more information about NetworkEndpoint, see:\n\n* [API documentation](https://cloud.google.com/compute/docs/reference/rest/beta/networkEndpointGroups)\n* How-to Guides\n * [Official Documentation](https://cloud.google.com/load-balancing/docs/negs/)\n\n## Example Usage\n\n### Network Endpoint\n\n\n\u003c!--Start PulumiCodeChooser --\u003e\n```typescript\nimport * as pulumi from \"@pulumi/pulumi\";\nimport * as gcp from \"@pulumi/gcp\";\n\nconst myImage = gcp.compute.getImage({\n family: \"debian-11\",\n project: \"debian-cloud\",\n});\nconst _default = new gcp.compute.Network(\"default\", {\n name: \"neg-network\",\n autoCreateSubnetworks: false,\n});\nconst defaultSubnetwork = new gcp.compute.Subnetwork(\"default\", {\n name: \"neg-subnetwork\",\n ipCidrRange: \"10.0.0.1/16\",\n region: \"us-central1\",\n network: _default.id,\n});\nconst endpoint_instance = new gcp.compute.Instance(\"endpoint-instance\", {\n networkInterfaces: [{\n accessConfigs: [{}],\n subnetwork: defaultSubnetwork.id,\n }],\n name: \"endpoint-instance\",\n machineType: \"e2-medium\",\n bootDisk: {\n initializeParams: {\n image: myImage.then(myImage =\u003e myImage.selfLink),\n },\n },\n});\nconst default_endpoint = new gcp.compute.NetworkEndpoint(\"default-endpoint\", {\n networkEndpointGroup: neg.name,\n instance: endpoint_instance.name,\n port: neg.defaultPort,\n ipAddress: endpoint_instance.networkInterfaces.apply(networkInterfaces =\u003e networkInterfaces[0].networkIp),\n});\nconst group = new gcp.compute.NetworkEndpointGroup(\"group\", {\n name: \"my-lb-neg\",\n network: _default.id,\n subnetwork: defaultSubnetwork.id,\n defaultPort: 90,\n zone: \"us-central1-a\",\n});\n```\n```python\nimport pulumi\nimport pulumi_gcp as gcp\n\nmy_image = gcp.compute.get_image(family=\"debian-11\",\n project=\"debian-cloud\")\ndefault = gcp.compute.Network(\"default\",\n name=\"neg-network\",\n auto_create_subnetworks=False)\ndefault_subnetwork = gcp.compute.Subnetwork(\"default\",\n name=\"neg-subnetwork\",\n ip_cidr_range=\"10.0.0.1/16\",\n region=\"us-central1\",\n network=default.id)\nendpoint_instance = gcp.compute.Instance(\"endpoint-instance\",\n network_interfaces=[gcp.compute.InstanceNetworkInterfaceArgs(\n access_configs=[gcp.compute.InstanceNetworkInterfaceAccessConfigArgs()],\n subnetwork=default_subnetwork.id,\n )],\n name=\"endpoint-instance\",\n machine_type=\"e2-medium\",\n boot_disk=gcp.compute.InstanceBootDiskArgs(\n initialize_params=gcp.compute.InstanceBootDiskInitializeParamsArgs(\n image=my_image.self_link,\n ),\n ))\ndefault_endpoint = gcp.compute.NetworkEndpoint(\"default-endpoint\",\n network_endpoint_group=neg[\"name\"],\n instance=endpoint_instance.name,\n port=neg[\"defaultPort\"],\n ip_address=endpoint_instance.network_interfaces[0].network_ip)\ngroup = gcp.compute.NetworkEndpointGroup(\"group\",\n name=\"my-lb-neg\",\n network=default.id,\n subnetwork=default_subnetwork.id,\n default_port=90,\n zone=\"us-central1-a\")\n```\n```csharp\nusing System.Collections.Generic;\nusing System.Linq;\nusing Pulumi;\nusing Gcp = Pulumi.Gcp;\n\nreturn await Deployment.RunAsync(() =\u003e \n{\n var myImage = Gcp.Compute.GetImage.Invoke(new()\n {\n Family = \"debian-11\",\n Project = \"debian-cloud\",\n });\n\n var @default = new Gcp.Compute.Network(\"default\", new()\n {\n Name = \"neg-network\",\n AutoCreateSubnetworks = false,\n });\n\n var defaultSubnetwork = new Gcp.Compute.Subnetwork(\"default\", new()\n {\n Name = \"neg-subnetwork\",\n IpCidrRange = \"10.0.0.1/16\",\n Region = \"us-central1\",\n Network = @default.Id,\n });\n\n var endpoint_instance = new Gcp.Compute.Instance(\"endpoint-instance\", new()\n {\n NetworkInterfaces = new[]\n {\n new Gcp.Compute.Inputs.InstanceNetworkInterfaceArgs\n {\n AccessConfigs = new[]\n {\n null,\n },\n Subnetwork = defaultSubnetwork.Id,\n },\n },\n Name = \"endpoint-instance\",\n MachineType = \"e2-medium\",\n BootDisk = new Gcp.Compute.Inputs.InstanceBootDiskArgs\n {\n InitializeParams = new Gcp.Compute.Inputs.InstanceBootDiskInitializeParamsArgs\n {\n Image = myImage.Apply(getImageResult =\u003e getImageResult.SelfLink),\n },\n },\n });\n\n var default_endpoint = new Gcp.Compute.NetworkEndpoint(\"default-endpoint\", new()\n {\n NetworkEndpointGroup = neg.Name,\n Instance = endpoint_instance.Name,\n Port = neg.DefaultPort,\n IpAddress = endpoint_instance.NetworkInterfaces.Apply(networkInterfaces =\u003e networkInterfaces[0].NetworkIp),\n });\n\n var @group = new Gcp.Compute.NetworkEndpointGroup(\"group\", new()\n {\n Name = \"my-lb-neg\",\n Network = @default.Id,\n Subnetwork = defaultSubnetwork.Id,\n DefaultPort = 90,\n Zone = \"us-central1-a\",\n });\n\n});\n```\n```go\npackage main\n\nimport (\n\t\"github.com/pulumi/pulumi-gcp/sdk/v7/go/gcp/compute\"\n\t\"github.com/pulumi/pulumi/sdk/v3/go/pulumi\"\n)\n\nfunc main() {\n\tpulumi.Run(func(ctx *pulumi.Context) error {\n\t\tmyImage, err := compute.LookupImage(ctx, \u0026compute.LookupImageArgs{\n\t\t\tFamily: pulumi.StringRef(\"debian-11\"),\n\t\t\tProject: pulumi.StringRef(\"debian-cloud\"),\n\t\t}, nil)\n\t\tif err != nil {\n\t\t\treturn err\n\t\t}\n\t\t_, err = compute.NewNetwork(ctx, \"default\", \u0026compute.NetworkArgs{\n\t\t\tName: pulumi.String(\"neg-network\"),\n\t\t\tAutoCreateSubnetworks: pulumi.Bool(false),\n\t\t})\n\t\tif err != nil {\n\t\t\treturn err\n\t\t}\n\t\tdefaultSubnetwork, err := compute.NewSubnetwork(ctx, \"default\", \u0026compute.SubnetworkArgs{\n\t\t\tName: pulumi.String(\"neg-subnetwork\"),\n\t\t\tIpCidrRange: pulumi.String(\"10.0.0.1/16\"),\n\t\t\tRegion: pulumi.String(\"us-central1\"),\n\t\t\tNetwork: _default.ID(),\n\t\t})\n\t\tif err != nil {\n\t\t\treturn err\n\t\t}\n\t\t_, err = compute.NewInstance(ctx, \"endpoint-instance\", \u0026compute.InstanceArgs{\n\t\t\tNetworkInterfaces: compute.InstanceNetworkInterfaceArray{\n\t\t\t\t\u0026compute.InstanceNetworkInterfaceArgs{\n\t\t\t\t\tAccessConfigs: compute.InstanceNetworkInterfaceAccessConfigArray{\n\t\t\t\t\t\tnil,\n\t\t\t\t\t},\n\t\t\t\t\tSubnetwork: defaultSubnetwork.ID(),\n\t\t\t\t},\n\t\t\t},\n\t\t\tName: pulumi.String(\"endpoint-instance\"),\n\t\t\tMachineType: pulumi.String(\"e2-medium\"),\n\t\t\tBootDisk: \u0026compute.InstanceBootDiskArgs{\n\t\t\t\tInitializeParams: \u0026compute.InstanceBootDiskInitializeParamsArgs{\n\t\t\t\t\tImage: pulumi.String(myImage.SelfLink),\n\t\t\t\t},\n\t\t\t},\n\t\t})\n\t\tif err != nil {\n\t\t\treturn err\n\t\t}\n\t\t_, err = compute.NewNetworkEndpoint(ctx, \"default-endpoint\", \u0026compute.NetworkEndpointArgs{\n\t\t\tNetworkEndpointGroup: pulumi.Any(neg.Name),\n\t\t\tInstance: endpoint_instance.Name,\n\t\t\tPort: pulumi.Any(neg.DefaultPort),\n\t\t\tIpAddress: endpoint_instance.NetworkInterfaces.ApplyT(func(networkInterfaces []compute.InstanceNetworkInterface) (*string, error) {\n\t\t\t\treturn \u0026networkInterfaces[0].NetworkIp, nil\n\t\t\t}).(pulumi.StringPtrOutput),\n\t\t})\n\t\tif err != nil {\n\t\t\treturn err\n\t\t}\n\t\t_, err = compute.NewNetworkEndpointGroup(ctx, \"group\", \u0026compute.NetworkEndpointGroupArgs{\n\t\t\tName: pulumi.String(\"my-lb-neg\"),\n\t\t\tNetwork: _default.ID(),\n\t\t\tSubnetwork: defaultSubnetwork.ID(),\n\t\t\tDefaultPort: pulumi.Int(90),\n\t\t\tZone: pulumi.String(\"us-central1-a\"),\n\t\t})\n\t\tif err != nil {\n\t\t\treturn err\n\t\t}\n\t\treturn nil\n\t})\n}\n```\n```java\npackage generated_program;\n\nimport com.pulumi.Context;\nimport com.pulumi.Pulumi;\nimport com.pulumi.core.Output;\nimport com.pulumi.gcp.compute.ComputeFunctions;\nimport com.pulumi.gcp.compute.inputs.GetImageArgs;\nimport com.pulumi.gcp.compute.Network;\nimport com.pulumi.gcp.compute.NetworkArgs;\nimport com.pulumi.gcp.compute.Subnetwork;\nimport com.pulumi.gcp.compute.SubnetworkArgs;\nimport com.pulumi.gcp.compute.Instance;\nimport com.pulumi.gcp.compute.InstanceArgs;\nimport com.pulumi.gcp.compute.inputs.InstanceNetworkInterfaceArgs;\nimport com.pulumi.gcp.compute.inputs.InstanceBootDiskArgs;\nimport com.pulumi.gcp.compute.inputs.InstanceBootDiskInitializeParamsArgs;\nimport com.pulumi.gcp.compute.NetworkEndpoint;\nimport com.pulumi.gcp.compute.NetworkEndpointArgs;\nimport com.pulumi.gcp.compute.NetworkEndpointGroup;\nimport com.pulumi.gcp.compute.NetworkEndpointGroupArgs;\nimport java.util.List;\nimport java.util.ArrayList;\nimport java.util.Map;\nimport java.io.File;\nimport java.nio.file.Files;\nimport java.nio.file.Paths;\n\npublic class App {\n public static void main(String[] args) {\n Pulumi.run(App::stack);\n }\n\n public static void stack(Context ctx) {\n final var myImage = ComputeFunctions.getImage(GetImageArgs.builder()\n .family(\"debian-11\")\n .project(\"debian-cloud\")\n .build());\n\n var default_ = new Network(\"default\", NetworkArgs.builder()\n .name(\"neg-network\")\n .autoCreateSubnetworks(false)\n .build());\n\n var defaultSubnetwork = new Subnetwork(\"defaultSubnetwork\", SubnetworkArgs.builder()\n .name(\"neg-subnetwork\")\n .ipCidrRange(\"10.0.0.1/16\")\n .region(\"us-central1\")\n .network(default_.id())\n .build());\n\n var endpoint_instance = new Instance(\"endpoint-instance\", InstanceArgs.builder()\n .networkInterfaces(InstanceNetworkInterfaceArgs.builder()\n .accessConfigs()\n .subnetwork(defaultSubnetwork.id())\n .build())\n .name(\"endpoint-instance\")\n .machineType(\"e2-medium\")\n .bootDisk(InstanceBootDiskArgs.builder()\n .initializeParams(InstanceBootDiskInitializeParamsArgs.builder()\n .image(myImage.applyValue(getImageResult -\u003e getImageResult.selfLink()))\n .build())\n .build())\n .build());\n\n var default_endpoint = new NetworkEndpoint(\"default-endpoint\", NetworkEndpointArgs.builder()\n .networkEndpointGroup(neg.name())\n .instance(endpoint_instance.name())\n .port(neg.defaultPort())\n .ipAddress(endpoint_instance.networkInterfaces().applyValue(networkInterfaces -\u003e networkInterfaces[0].networkIp()))\n .build());\n\n var group = new NetworkEndpointGroup(\"group\", NetworkEndpointGroupArgs.builder()\n .name(\"my-lb-neg\")\n .network(default_.id())\n .subnetwork(defaultSubnetwork.id())\n .defaultPort(\"90\")\n .zone(\"us-central1-a\")\n .build());\n\n }\n}\n```\n```yaml\nresources:\n default-endpoint:\n type: gcp:compute:NetworkEndpoint\n properties:\n networkEndpointGroup: ${neg.name}\n instance: ${[\"endpoint-instance\"].name}\n port: ${neg.defaultPort}\n ipAddress: ${[\"endpoint-instance\"].networkInterfaces[0].networkIp}\n endpoint-instance:\n type: gcp:compute:Instance\n properties:\n networkInterfaces:\n - accessConfigs:\n - {}\n subnetwork: ${defaultSubnetwork.id}\n name: endpoint-instance\n machineType: e2-medium\n bootDisk:\n initializeParams:\n image: ${myImage.selfLink}\n group:\n type: gcp:compute:NetworkEndpointGroup\n properties:\n name: my-lb-neg\n network: ${default.id}\n subnetwork: ${defaultSubnetwork.id}\n defaultPort: '90'\n zone: us-central1-a\n default:\n type: gcp:compute:Network\n properties:\n name: neg-network\n autoCreateSubnetworks: false\n defaultSubnetwork:\n type: gcp:compute:Subnetwork\n name: default\n properties:\n name: neg-subnetwork\n ipCidrRange: 10.0.0.1/16\n region: us-central1\n network: ${default.id}\nvariables:\n myImage:\n fn::invoke:\n Function: gcp:compute:getImage\n Arguments:\n family: debian-11\n project: debian-cloud\n```\n\u003c!--End PulumiCodeChooser --\u003e\n\n## Import\n\nNetworkEndpoint can be imported using any of these accepted formats:\n\n* `projects/{{project}}/zones/{{zone}}/networkEndpointGroups/{{network_endpoint_group}}/{{instance}}/{{ip_address}}/{{port}}`\n\n* `{{project}}/{{zone}}/{{network_endpoint_group}}/{{instance}}/{{ip_address}}/{{port}}`\n\n* `{{zone}}/{{network_endpoint_group}}/{{instance}}/{{ip_address}}/{{port}}`\n\n* `{{network_endpoint_group}}/{{instance}}/{{ip_address}}/{{port}}`\n\nWhen using the `pulumi import` command, NetworkEndpoint can be imported using one of the formats above. For example:\n\n```sh\n$ pulumi import gcp:compute/networkEndpoint:NetworkEndpoint default projects/{{project}}/zones/{{zone}}/networkEndpointGroups/{{network_endpoint_group}}/{{instance}}/{{ip_address}}/{{port}}\n```\n\n```sh\n$ pulumi import gcp:compute/networkEndpoint:NetworkEndpoint default {{project}}/{{zone}}/{{network_endpoint_group}}/{{instance}}/{{ip_address}}/{{port}}\n```\n\n```sh\n$ pulumi import gcp:compute/networkEndpoint:NetworkEndpoint default {{zone}}/{{network_endpoint_group}}/{{instance}}/{{ip_address}}/{{port}}\n```\n\n```sh\n$ pulumi import gcp:compute/networkEndpoint:NetworkEndpoint default {{network_endpoint_group}}/{{instance}}/{{ip_address}}/{{port}}\n```\n\n", "properties": { "instance": { "type": "string", @@ -148800,7 +149874,7 @@ } }, "gcp:compute/networkEndpointList:NetworkEndpointList": { - "description": "A set of network endpoints belonging to a network endpoint group (NEG). A\nsingle network endpoint represents a IP address and port combination that is\npart of a specific network endpoint group (NEG). NEGs are zonal collections\nof these endpoints for GCP resources within a single subnet. **NOTE**:\nNetwork endpoints cannot be created outside of a network endpoint group.\n\nThis resource is authoritative for a single NEG. Any endpoints not specified\nby this resource will be deleted when the resource configuration is applied.\n\n\u003e **NOTE** In case the Endpoint's Instance is recreated, it's needed to\nperform `apply` twice. To avoid situations like this, please use this resource\nwith the lifecycle `update_triggered_by` method, with the passed Instance's ID.\n\n\nTo get more information about NetworkEndpoints, see:\n\n* [API documentation](https://cloud.google.com/compute/docs/reference/rest/beta/networkEndpointGroups)\n* How-to Guides\n * [Official Documentation](https://cloud.google.com/load-balancing/docs/negs/)\n\n## Example Usage\n\n### Network Endpoints\n\n\n\u003c!--Start PulumiCodeChooser --\u003e\n```typescript\nimport * as pulumi from \"@pulumi/pulumi\";\nimport * as gcp from \"@pulumi/gcp\";\n\nconst myImage = gcp.compute.getImage({\n family: \"debian-11\",\n project: \"debian-cloud\",\n});\nconst _default = new gcp.compute.Network(\"default\", {\n name: \"neg-network\",\n autoCreateSubnetworks: false,\n});\nconst defaultSubnetwork = new gcp.compute.Subnetwork(\"default\", {\n name: \"neg-subnetwork\",\n ipCidrRange: \"10.0.0.1/16\",\n region: \"us-central1\",\n network: _default.id,\n});\nconst endpoint_instance1 = new gcp.compute.Instance(\"endpoint-instance1\", {\n networkInterfaces: [{\n accessConfigs: [{}],\n subnetwork: defaultSubnetwork.id,\n }],\n name: \"endpoint-instance1\",\n machineType: \"e2-medium\",\n bootDisk: {\n initializeParams: {\n image: myImage.then(myImage =\u003e myImage.selfLink),\n },\n },\n});\nconst endpoint_instance2 = new gcp.compute.Instance(\"endpoint-instance2\", {\n networkInterfaces: [{\n accessConfigs: [{}],\n subnetwork: defaultSubnetwork.id,\n }],\n name: \"endpoint-instance2\",\n machineType: \"e2-medium\",\n bootDisk: {\n initializeParams: {\n image: myImage.then(myImage =\u003e myImage.selfLink),\n },\n },\n});\nconst default_endpoints = new gcp.compute.NetworkEndpointList(\"default-endpoints\", {\n networkEndpointGroup: neg.name,\n networkEndpoints: [\n {\n instance: endpoint_instance1.name,\n port: neg.defaultPort,\n ipAddress: endpoint_instance1.networkInterfaces.apply(networkInterfaces =\u003e networkInterfaces[0].networkIp),\n },\n {\n instance: endpoint_instance2.name,\n port: neg.defaultPort,\n ipAddress: endpoint_instance2.networkInterfaces.apply(networkInterfaces =\u003e networkInterfaces[0].networkIp),\n },\n ],\n});\nconst group = new gcp.compute.NetworkEndpointGroup(\"group\", {\n name: \"my-lb-neg\",\n network: _default.id,\n subnetwork: defaultSubnetwork.id,\n defaultPort: 90,\n zone: \"us-central1-a\",\n});\n```\n```python\nimport pulumi\nimport pulumi_gcp as gcp\n\nmy_image = gcp.compute.get_image(family=\"debian-11\",\n project=\"debian-cloud\")\ndefault = gcp.compute.Network(\"default\",\n name=\"neg-network\",\n auto_create_subnetworks=False)\ndefault_subnetwork = gcp.compute.Subnetwork(\"default\",\n name=\"neg-subnetwork\",\n ip_cidr_range=\"10.0.0.1/16\",\n region=\"us-central1\",\n network=default.id)\nendpoint_instance1 = gcp.compute.Instance(\"endpoint-instance1\",\n network_interfaces=[gcp.compute.InstanceNetworkInterfaceArgs(\n access_configs=[gcp.compute.InstanceNetworkInterfaceAccessConfigArgs()],\n subnetwork=default_subnetwork.id,\n )],\n name=\"endpoint-instance1\",\n machine_type=\"e2-medium\",\n boot_disk=gcp.compute.InstanceBootDiskArgs(\n initialize_params=gcp.compute.InstanceBootDiskInitializeParamsArgs(\n image=my_image.self_link,\n ),\n ))\nendpoint_instance2 = gcp.compute.Instance(\"endpoint-instance2\",\n network_interfaces=[gcp.compute.InstanceNetworkInterfaceArgs(\n access_configs=[gcp.compute.InstanceNetworkInterfaceAccessConfigArgs()],\n subnetwork=default_subnetwork.id,\n )],\n name=\"endpoint-instance2\",\n machine_type=\"e2-medium\",\n boot_disk=gcp.compute.InstanceBootDiskArgs(\n initialize_params=gcp.compute.InstanceBootDiskInitializeParamsArgs(\n image=my_image.self_link,\n ),\n ))\ndefault_endpoints = gcp.compute.NetworkEndpointList(\"default-endpoints\",\n network_endpoint_group=neg[\"name\"],\n network_endpoints=[\n gcp.compute.NetworkEndpointListNetworkEndpointArgs(\n instance=endpoint_instance1.name,\n port=neg[\"defaultPort\"],\n ip_address=endpoint_instance1.network_interfaces[0].network_ip,\n ),\n gcp.compute.NetworkEndpointListNetworkEndpointArgs(\n instance=endpoint_instance2.name,\n port=neg[\"defaultPort\"],\n ip_address=endpoint_instance2.network_interfaces[0].network_ip,\n ),\n ])\ngroup = gcp.compute.NetworkEndpointGroup(\"group\",\n name=\"my-lb-neg\",\n network=default.id,\n subnetwork=default_subnetwork.id,\n default_port=90,\n zone=\"us-central1-a\")\n```\n```csharp\nusing System.Collections.Generic;\nusing System.Linq;\nusing Pulumi;\nusing Gcp = Pulumi.Gcp;\n\nreturn await Deployment.RunAsync(() =\u003e \n{\n var myImage = Gcp.Compute.GetImage.Invoke(new()\n {\n Family = \"debian-11\",\n Project = \"debian-cloud\",\n });\n\n var @default = new Gcp.Compute.Network(\"default\", new()\n {\n Name = \"neg-network\",\n AutoCreateSubnetworks = false,\n });\n\n var defaultSubnetwork = new Gcp.Compute.Subnetwork(\"default\", new()\n {\n Name = \"neg-subnetwork\",\n IpCidrRange = \"10.0.0.1/16\",\n Region = \"us-central1\",\n Network = @default.Id,\n });\n\n var endpoint_instance1 = new Gcp.Compute.Instance(\"endpoint-instance1\", new()\n {\n NetworkInterfaces = new[]\n {\n new Gcp.Compute.Inputs.InstanceNetworkInterfaceArgs\n {\n AccessConfigs = new[]\n {\n null,\n },\n Subnetwork = defaultSubnetwork.Id,\n },\n },\n Name = \"endpoint-instance1\",\n MachineType = \"e2-medium\",\n BootDisk = new Gcp.Compute.Inputs.InstanceBootDiskArgs\n {\n InitializeParams = new Gcp.Compute.Inputs.InstanceBootDiskInitializeParamsArgs\n {\n Image = myImage.Apply(getImageResult =\u003e getImageResult.SelfLink),\n },\n },\n });\n\n var endpoint_instance2 = new Gcp.Compute.Instance(\"endpoint-instance2\", new()\n {\n NetworkInterfaces = new[]\n {\n new Gcp.Compute.Inputs.InstanceNetworkInterfaceArgs\n {\n AccessConfigs = new[]\n {\n null,\n },\n Subnetwork = defaultSubnetwork.Id,\n },\n },\n Name = \"endpoint-instance2\",\n MachineType = \"e2-medium\",\n BootDisk = new Gcp.Compute.Inputs.InstanceBootDiskArgs\n {\n InitializeParams = new Gcp.Compute.Inputs.InstanceBootDiskInitializeParamsArgs\n {\n Image = myImage.Apply(getImageResult =\u003e getImageResult.SelfLink),\n },\n },\n });\n\n var default_endpoints = new Gcp.Compute.NetworkEndpointList(\"default-endpoints\", new()\n {\n NetworkEndpointGroup = neg.Name,\n NetworkEndpoints = new[]\n {\n new Gcp.Compute.Inputs.NetworkEndpointListNetworkEndpointArgs\n {\n Instance = endpoint_instance1.Name,\n Port = neg.DefaultPort,\n IpAddress = endpoint_instance1.NetworkInterfaces.Apply(networkInterfaces =\u003e networkInterfaces[0].NetworkIp),\n },\n new Gcp.Compute.Inputs.NetworkEndpointListNetworkEndpointArgs\n {\n Instance = endpoint_instance2.Name,\n Port = neg.DefaultPort,\n IpAddress = endpoint_instance2.NetworkInterfaces.Apply(networkInterfaces =\u003e networkInterfaces[0].NetworkIp),\n },\n },\n });\n\n var @group = new Gcp.Compute.NetworkEndpointGroup(\"group\", new()\n {\n Name = \"my-lb-neg\",\n Network = @default.Id,\n Subnetwork = defaultSubnetwork.Id,\n DefaultPort = 90,\n Zone = \"us-central1-a\",\n });\n\n});\n```\n```go\npackage main\n\nimport (\n\t\"github.com/pulumi/pulumi-gcp/sdk/v7/go/gcp/compute\"\n\t\"github.com/pulumi/pulumi/sdk/v3/go/pulumi\"\n)\n\nfunc main() {\n\tpulumi.Run(func(ctx *pulumi.Context) error {\n\t\tmyImage, err := compute.LookupImage(ctx, \u0026compute.LookupImageArgs{\n\t\t\tFamily: pulumi.StringRef(\"debian-11\"),\n\t\t\tProject: pulumi.StringRef(\"debian-cloud\"),\n\t\t}, nil)\n\t\tif err != nil {\n\t\t\treturn err\n\t\t}\n\t\t_, err = compute.NewNetwork(ctx, \"default\", \u0026compute.NetworkArgs{\n\t\t\tName: pulumi.String(\"neg-network\"),\n\t\t\tAutoCreateSubnetworks: pulumi.Bool(false),\n\t\t})\n\t\tif err != nil {\n\t\t\treturn err\n\t\t}\n\t\tdefaultSubnetwork, err := compute.NewSubnetwork(ctx, \"default\", \u0026compute.SubnetworkArgs{\n\t\t\tName: pulumi.String(\"neg-subnetwork\"),\n\t\t\tIpCidrRange: pulumi.String(\"10.0.0.1/16\"),\n\t\t\tRegion: pulumi.String(\"us-central1\"),\n\t\t\tNetwork: _default.ID(),\n\t\t})\n\t\tif err != nil {\n\t\t\treturn err\n\t\t}\n\t\t_, err = compute.NewInstance(ctx, \"endpoint-instance1\", \u0026compute.InstanceArgs{\n\t\t\tNetworkInterfaces: compute.InstanceNetworkInterfaceArray{\n\t\t\t\t\u0026compute.InstanceNetworkInterfaceArgs{\n\t\t\t\t\tAccessConfigs: compute.InstanceNetworkInterfaceAccessConfigArray{\n\t\t\t\t\t\tnil,\n\t\t\t\t\t},\n\t\t\t\t\tSubnetwork: defaultSubnetwork.ID(),\n\t\t\t\t},\n\t\t\t},\n\t\t\tName: pulumi.String(\"endpoint-instance1\"),\n\t\t\tMachineType: pulumi.String(\"e2-medium\"),\n\t\t\tBootDisk: \u0026compute.InstanceBootDiskArgs{\n\t\t\t\tInitializeParams: \u0026compute.InstanceBootDiskInitializeParamsArgs{\n\t\t\t\t\tImage: pulumi.String(myImage.SelfLink),\n\t\t\t\t},\n\t\t\t},\n\t\t})\n\t\tif err != nil {\n\t\t\treturn err\n\t\t}\n\t\t_, err = compute.NewInstance(ctx, \"endpoint-instance2\", \u0026compute.InstanceArgs{\n\t\t\tNetworkInterfaces: compute.InstanceNetworkInterfaceArray{\n\t\t\t\t\u0026compute.InstanceNetworkInterfaceArgs{\n\t\t\t\t\tAccessConfigs: compute.InstanceNetworkInterfaceAccessConfigArray{\n\t\t\t\t\t\tnil,\n\t\t\t\t\t},\n\t\t\t\t\tSubnetwork: defaultSubnetwork.ID(),\n\t\t\t\t},\n\t\t\t},\n\t\t\tName: pulumi.String(\"endpoint-instance2\"),\n\t\t\tMachineType: pulumi.String(\"e2-medium\"),\n\t\t\tBootDisk: \u0026compute.InstanceBootDiskArgs{\n\t\t\t\tInitializeParams: \u0026compute.InstanceBootDiskInitializeParamsArgs{\n\t\t\t\t\tImage: pulumi.String(myImage.SelfLink),\n\t\t\t\t},\n\t\t\t},\n\t\t})\n\t\tif err != nil {\n\t\t\treturn err\n\t\t}\n\t\t_, err = compute.NewNetworkEndpointList(ctx, \"default-endpoints\", \u0026compute.NetworkEndpointListArgs{\n\t\t\tNetworkEndpointGroup: pulumi.Any(neg.Name),\n\t\t\tNetworkEndpoints: compute.NetworkEndpointListNetworkEndpointArray{\n\t\t\t\t\u0026compute.NetworkEndpointListNetworkEndpointArgs{\n\t\t\t\t\tInstance: endpoint_instance1.Name,\n\t\t\t\t\tPort: pulumi.Any(neg.DefaultPort),\n\t\t\t\t\tIpAddress: endpoint_instance1.NetworkInterfaces.ApplyT(func(networkInterfaces []compute.InstanceNetworkInterface) (*string, error) {\n\t\t\t\t\t\treturn \u0026networkInterfaces[0].NetworkIp, nil\n\t\t\t\t\t}).(pulumi.StringPtrOutput),\n\t\t\t\t},\n\t\t\t\t\u0026compute.NetworkEndpointListNetworkEndpointArgs{\n\t\t\t\t\tInstance: endpoint_instance2.Name,\n\t\t\t\t\tPort: pulumi.Any(neg.DefaultPort),\n\t\t\t\t\tIpAddress: endpoint_instance2.NetworkInterfaces.ApplyT(func(networkInterfaces []compute.InstanceNetworkInterface) (*string, error) {\n\t\t\t\t\t\treturn \u0026networkInterfaces[0].NetworkIp, nil\n\t\t\t\t\t}).(pulumi.StringPtrOutput),\n\t\t\t\t},\n\t\t\t},\n\t\t})\n\t\tif err != nil {\n\t\t\treturn err\n\t\t}\n\t\t_, err = compute.NewNetworkEndpointGroup(ctx, \"group\", \u0026compute.NetworkEndpointGroupArgs{\n\t\t\tName: pulumi.String(\"my-lb-neg\"),\n\t\t\tNetwork: _default.ID(),\n\t\t\tSubnetwork: defaultSubnetwork.ID(),\n\t\t\tDefaultPort: pulumi.Int(90),\n\t\t\tZone: pulumi.String(\"us-central1-a\"),\n\t\t})\n\t\tif err != nil {\n\t\t\treturn err\n\t\t}\n\t\treturn nil\n\t})\n}\n```\n```java\npackage generated_program;\n\nimport com.pulumi.Context;\nimport com.pulumi.Pulumi;\nimport com.pulumi.core.Output;\nimport com.pulumi.gcp.compute.ComputeFunctions;\nimport com.pulumi.gcp.compute.inputs.GetImageArgs;\nimport com.pulumi.gcp.compute.Network;\nimport com.pulumi.gcp.compute.NetworkArgs;\nimport com.pulumi.gcp.compute.Subnetwork;\nimport com.pulumi.gcp.compute.SubnetworkArgs;\nimport com.pulumi.gcp.compute.Instance;\nimport com.pulumi.gcp.compute.InstanceArgs;\nimport com.pulumi.gcp.compute.inputs.InstanceNetworkInterfaceArgs;\nimport com.pulumi.gcp.compute.inputs.InstanceBootDiskArgs;\nimport com.pulumi.gcp.compute.inputs.InstanceBootDiskInitializeParamsArgs;\nimport com.pulumi.gcp.compute.NetworkEndpointList;\nimport com.pulumi.gcp.compute.NetworkEndpointListArgs;\nimport com.pulumi.gcp.compute.inputs.NetworkEndpointListNetworkEndpointArgs;\nimport com.pulumi.gcp.compute.NetworkEndpointGroup;\nimport com.pulumi.gcp.compute.NetworkEndpointGroupArgs;\nimport java.util.List;\nimport java.util.ArrayList;\nimport java.util.Map;\nimport java.io.File;\nimport java.nio.file.Files;\nimport java.nio.file.Paths;\n\npublic class App {\n public static void main(String[] args) {\n Pulumi.run(App::stack);\n }\n\n public static void stack(Context ctx) {\n final var myImage = ComputeFunctions.getImage(GetImageArgs.builder()\n .family(\"debian-11\")\n .project(\"debian-cloud\")\n .build());\n\n var default_ = new Network(\"default\", NetworkArgs.builder()\n .name(\"neg-network\")\n .autoCreateSubnetworks(false)\n .build());\n\n var defaultSubnetwork = new Subnetwork(\"defaultSubnetwork\", SubnetworkArgs.builder()\n .name(\"neg-subnetwork\")\n .ipCidrRange(\"10.0.0.1/16\")\n .region(\"us-central1\")\n .network(default_.id())\n .build());\n\n var endpoint_instance1 = new Instance(\"endpoint-instance1\", InstanceArgs.builder()\n .networkInterfaces(InstanceNetworkInterfaceArgs.builder()\n .accessConfigs()\n .subnetwork(defaultSubnetwork.id())\n .build())\n .name(\"endpoint-instance1\")\n .machineType(\"e2-medium\")\n .bootDisk(InstanceBootDiskArgs.builder()\n .initializeParams(InstanceBootDiskInitializeParamsArgs.builder()\n .image(myImage.applyValue(getImageResult -\u003e getImageResult.selfLink()))\n .build())\n .build())\n .build());\n\n var endpoint_instance2 = new Instance(\"endpoint-instance2\", InstanceArgs.builder()\n .networkInterfaces(InstanceNetworkInterfaceArgs.builder()\n .accessConfigs()\n .subnetwork(defaultSubnetwork.id())\n .build())\n .name(\"endpoint-instance2\")\n .machineType(\"e2-medium\")\n .bootDisk(InstanceBootDiskArgs.builder()\n .initializeParams(InstanceBootDiskInitializeParamsArgs.builder()\n .image(myImage.applyValue(getImageResult -\u003e getImageResult.selfLink()))\n .build())\n .build())\n .build());\n\n var default_endpoints = new NetworkEndpointList(\"default-endpoints\", NetworkEndpointListArgs.builder()\n .networkEndpointGroup(neg.name())\n .networkEndpoints( \n NetworkEndpointListNetworkEndpointArgs.builder()\n .instance(endpoint_instance1.name())\n .port(neg.defaultPort())\n .ipAddress(endpoint_instance1.networkInterfaces().applyValue(networkInterfaces -\u003e networkInterfaces[0].networkIp()))\n .build(),\n NetworkEndpointListNetworkEndpointArgs.builder()\n .instance(endpoint_instance2.name())\n .port(neg.defaultPort())\n .ipAddress(endpoint_instance2.networkInterfaces().applyValue(networkInterfaces -\u003e networkInterfaces[0].networkIp()))\n .build())\n .build());\n\n var group = new NetworkEndpointGroup(\"group\", NetworkEndpointGroupArgs.builder()\n .name(\"my-lb-neg\")\n .network(default_.id())\n .subnetwork(defaultSubnetwork.id())\n .defaultPort(\"90\")\n .zone(\"us-central1-a\")\n .build());\n\n }\n}\n```\n```yaml\nresources:\n default-endpoints:\n type: gcp:compute:NetworkEndpointList\n properties:\n networkEndpointGroup: ${neg.name}\n networkEndpoints:\n - instance: ${[\"endpoint-instance1\"].name}\n port: ${neg.defaultPort}\n ipAddress: ${[\"endpoint-instance1\"].networkInterfaces[0].networkIp}\n - instance: ${[\"endpoint-instance2\"].name}\n port: ${neg.defaultPort}\n ipAddress: ${[\"endpoint-instance2\"].networkInterfaces[0].networkIp}\n endpoint-instance1:\n type: gcp:compute:Instance\n properties:\n networkInterfaces:\n - accessConfigs:\n - {}\n subnetwork: ${defaultSubnetwork.id}\n name: endpoint-instance1\n machineType: e2-medium\n bootDisk:\n initializeParams:\n image: ${myImage.selfLink}\n endpoint-instance2:\n type: gcp:compute:Instance\n properties:\n networkInterfaces:\n - accessConfigs:\n - {}\n subnetwork: ${defaultSubnetwork.id}\n name: endpoint-instance2\n machineType: e2-medium\n bootDisk:\n initializeParams:\n image: ${myImage.selfLink}\n group:\n type: gcp:compute:NetworkEndpointGroup\n properties:\n name: my-lb-neg\n network: ${default.id}\n subnetwork: ${defaultSubnetwork.id}\n defaultPort: '90'\n zone: us-central1-a\n default:\n type: gcp:compute:Network\n properties:\n name: neg-network\n autoCreateSubnetworks: false\n defaultSubnetwork:\n type: gcp:compute:Subnetwork\n name: default\n properties:\n name: neg-subnetwork\n ipCidrRange: 10.0.0.1/16\n region: us-central1\n network: ${default.id}\nvariables:\n myImage:\n fn::invoke:\n Function: gcp:compute:getImage\n Arguments:\n family: debian-11\n project: debian-cloud\n```\n\u003c!--End PulumiCodeChooser --\u003e\n\n## Import\n\nNetworkEndpoints can be imported using any of these accepted formats:\n\n* `projects/{{project}}/zones/{{zone}}/networkEndpointGroups/{{network_endpoint_group}}`\n\n* `{{project}}/{{zone}}/{{network_endpoint_group}}`\n\n* `{{zone}}/{{network_endpoint_group}}`\n\n* `{{network_endpoint_group}}`\n\nWhen using the `pulumi import` command, NetworkEndpoints can be imported using one of the formats above. For example:\n\n```sh\n$ pulumi import gcp:compute/networkEndpointList:NetworkEndpointList default projects/{{project}}/zones/{{zone}}/networkEndpointGroups/{{network_endpoint_group}}\n```\n\n```sh\n$ pulumi import gcp:compute/networkEndpointList:NetworkEndpointList default {{project}}/{{zone}}/{{network_endpoint_group}}\n```\n\n```sh\n$ pulumi import gcp:compute/networkEndpointList:NetworkEndpointList default {{zone}}/{{network_endpoint_group}}\n```\n\n```sh\n$ pulumi import gcp:compute/networkEndpointList:NetworkEndpointList default {{network_endpoint_group}}\n```\n\n", + "description": "A set of network endpoints belonging to a network endpoint group (NEG). A\nsingle network endpoint represents a IP address and port combination that is\npart of a specific network endpoint group (NEG). NEGs are zonal collections\nof these endpoints for GCP resources within a single subnet. **NOTE**:\nNetwork endpoints cannot be created outside of a network endpoint group.\n\nThis resource is authoritative for a single NEG. Any endpoints not specified\nby this resource will be deleted when the resource configuration is applied.\n\n\u003e **NOTE** In case the Endpoint's Instance is recreated, it's needed to\nperform `apply` twice. To avoid situations like this, please use this resource\nwith the lifecycle `replace_triggered_by` method, with the passed Instance's ID.\n\n\nTo get more information about NetworkEndpoints, see:\n\n* [API documentation](https://cloud.google.com/compute/docs/reference/rest/beta/networkEndpointGroups)\n* How-to Guides\n * [Official Documentation](https://cloud.google.com/load-balancing/docs/negs/)\n\n## Example Usage\n\n### Network Endpoints\n\n\n\u003c!--Start PulumiCodeChooser --\u003e\n```typescript\nimport * as pulumi from \"@pulumi/pulumi\";\nimport * as gcp from \"@pulumi/gcp\";\n\nconst myImage = gcp.compute.getImage({\n family: \"debian-11\",\n project: \"debian-cloud\",\n});\nconst _default = new gcp.compute.Network(\"default\", {\n name: \"neg-network\",\n autoCreateSubnetworks: false,\n});\nconst defaultSubnetwork = new gcp.compute.Subnetwork(\"default\", {\n name: \"neg-subnetwork\",\n ipCidrRange: \"10.0.0.1/16\",\n region: \"us-central1\",\n network: _default.id,\n});\nconst endpoint_instance1 = new gcp.compute.Instance(\"endpoint-instance1\", {\n networkInterfaces: [{\n accessConfigs: [{}],\n subnetwork: defaultSubnetwork.id,\n }],\n name: \"endpoint-instance1\",\n machineType: \"e2-medium\",\n bootDisk: {\n initializeParams: {\n image: myImage.then(myImage =\u003e myImage.selfLink),\n },\n },\n});\nconst endpoint_instance2 = new gcp.compute.Instance(\"endpoint-instance2\", {\n networkInterfaces: [{\n accessConfigs: [{}],\n subnetwork: defaultSubnetwork.id,\n }],\n name: \"endpoint-instance2\",\n machineType: \"e2-medium\",\n bootDisk: {\n initializeParams: {\n image: myImage.then(myImage =\u003e myImage.selfLink),\n },\n },\n});\nconst default_endpoints = new gcp.compute.NetworkEndpointList(\"default-endpoints\", {\n networkEndpointGroup: neg.name,\n networkEndpoints: [\n {\n instance: endpoint_instance1.name,\n port: neg.defaultPort,\n ipAddress: endpoint_instance1.networkInterfaces.apply(networkInterfaces =\u003e networkInterfaces[0].networkIp),\n },\n {\n instance: endpoint_instance2.name,\n port: neg.defaultPort,\n ipAddress: endpoint_instance2.networkInterfaces.apply(networkInterfaces =\u003e networkInterfaces[0].networkIp),\n },\n ],\n});\nconst group = new gcp.compute.NetworkEndpointGroup(\"group\", {\n name: \"my-lb-neg\",\n network: _default.id,\n subnetwork: defaultSubnetwork.id,\n defaultPort: 90,\n zone: \"us-central1-a\",\n});\n```\n```python\nimport pulumi\nimport pulumi_gcp as gcp\n\nmy_image = gcp.compute.get_image(family=\"debian-11\",\n project=\"debian-cloud\")\ndefault = gcp.compute.Network(\"default\",\n name=\"neg-network\",\n auto_create_subnetworks=False)\ndefault_subnetwork = gcp.compute.Subnetwork(\"default\",\n name=\"neg-subnetwork\",\n ip_cidr_range=\"10.0.0.1/16\",\n region=\"us-central1\",\n network=default.id)\nendpoint_instance1 = gcp.compute.Instance(\"endpoint-instance1\",\n network_interfaces=[gcp.compute.InstanceNetworkInterfaceArgs(\n access_configs=[gcp.compute.InstanceNetworkInterfaceAccessConfigArgs()],\n subnetwork=default_subnetwork.id,\n )],\n name=\"endpoint-instance1\",\n machine_type=\"e2-medium\",\n boot_disk=gcp.compute.InstanceBootDiskArgs(\n initialize_params=gcp.compute.InstanceBootDiskInitializeParamsArgs(\n image=my_image.self_link,\n ),\n ))\nendpoint_instance2 = gcp.compute.Instance(\"endpoint-instance2\",\n network_interfaces=[gcp.compute.InstanceNetworkInterfaceArgs(\n access_configs=[gcp.compute.InstanceNetworkInterfaceAccessConfigArgs()],\n subnetwork=default_subnetwork.id,\n )],\n name=\"endpoint-instance2\",\n machine_type=\"e2-medium\",\n boot_disk=gcp.compute.InstanceBootDiskArgs(\n initialize_params=gcp.compute.InstanceBootDiskInitializeParamsArgs(\n image=my_image.self_link,\n ),\n ))\ndefault_endpoints = gcp.compute.NetworkEndpointList(\"default-endpoints\",\n network_endpoint_group=neg[\"name\"],\n network_endpoints=[\n gcp.compute.NetworkEndpointListNetworkEndpointArgs(\n instance=endpoint_instance1.name,\n port=neg[\"defaultPort\"],\n ip_address=endpoint_instance1.network_interfaces[0].network_ip,\n ),\n gcp.compute.NetworkEndpointListNetworkEndpointArgs(\n instance=endpoint_instance2.name,\n port=neg[\"defaultPort\"],\n ip_address=endpoint_instance2.network_interfaces[0].network_ip,\n ),\n ])\ngroup = gcp.compute.NetworkEndpointGroup(\"group\",\n name=\"my-lb-neg\",\n network=default.id,\n subnetwork=default_subnetwork.id,\n default_port=90,\n zone=\"us-central1-a\")\n```\n```csharp\nusing System.Collections.Generic;\nusing System.Linq;\nusing Pulumi;\nusing Gcp = Pulumi.Gcp;\n\nreturn await Deployment.RunAsync(() =\u003e \n{\n var myImage = Gcp.Compute.GetImage.Invoke(new()\n {\n Family = \"debian-11\",\n Project = \"debian-cloud\",\n });\n\n var @default = new Gcp.Compute.Network(\"default\", new()\n {\n Name = \"neg-network\",\n AutoCreateSubnetworks = false,\n });\n\n var defaultSubnetwork = new Gcp.Compute.Subnetwork(\"default\", new()\n {\n Name = \"neg-subnetwork\",\n IpCidrRange = \"10.0.0.1/16\",\n Region = \"us-central1\",\n Network = @default.Id,\n });\n\n var endpoint_instance1 = new Gcp.Compute.Instance(\"endpoint-instance1\", new()\n {\n NetworkInterfaces = new[]\n {\n new Gcp.Compute.Inputs.InstanceNetworkInterfaceArgs\n {\n AccessConfigs = new[]\n {\n null,\n },\n Subnetwork = defaultSubnetwork.Id,\n },\n },\n Name = \"endpoint-instance1\",\n MachineType = \"e2-medium\",\n BootDisk = new Gcp.Compute.Inputs.InstanceBootDiskArgs\n {\n InitializeParams = new Gcp.Compute.Inputs.InstanceBootDiskInitializeParamsArgs\n {\n Image = myImage.Apply(getImageResult =\u003e getImageResult.SelfLink),\n },\n },\n });\n\n var endpoint_instance2 = new Gcp.Compute.Instance(\"endpoint-instance2\", new()\n {\n NetworkInterfaces = new[]\n {\n new Gcp.Compute.Inputs.InstanceNetworkInterfaceArgs\n {\n AccessConfigs = new[]\n {\n null,\n },\n Subnetwork = defaultSubnetwork.Id,\n },\n },\n Name = \"endpoint-instance2\",\n MachineType = \"e2-medium\",\n BootDisk = new Gcp.Compute.Inputs.InstanceBootDiskArgs\n {\n InitializeParams = new Gcp.Compute.Inputs.InstanceBootDiskInitializeParamsArgs\n {\n Image = myImage.Apply(getImageResult =\u003e getImageResult.SelfLink),\n },\n },\n });\n\n var default_endpoints = new Gcp.Compute.NetworkEndpointList(\"default-endpoints\", new()\n {\n NetworkEndpointGroup = neg.Name,\n NetworkEndpoints = new[]\n {\n new Gcp.Compute.Inputs.NetworkEndpointListNetworkEndpointArgs\n {\n Instance = endpoint_instance1.Name,\n Port = neg.DefaultPort,\n IpAddress = endpoint_instance1.NetworkInterfaces.Apply(networkInterfaces =\u003e networkInterfaces[0].NetworkIp),\n },\n new Gcp.Compute.Inputs.NetworkEndpointListNetworkEndpointArgs\n {\n Instance = endpoint_instance2.Name,\n Port = neg.DefaultPort,\n IpAddress = endpoint_instance2.NetworkInterfaces.Apply(networkInterfaces =\u003e networkInterfaces[0].NetworkIp),\n },\n },\n });\n\n var @group = new Gcp.Compute.NetworkEndpointGroup(\"group\", new()\n {\n Name = \"my-lb-neg\",\n Network = @default.Id,\n Subnetwork = defaultSubnetwork.Id,\n DefaultPort = 90,\n Zone = \"us-central1-a\",\n });\n\n});\n```\n```go\npackage main\n\nimport (\n\t\"github.com/pulumi/pulumi-gcp/sdk/v7/go/gcp/compute\"\n\t\"github.com/pulumi/pulumi/sdk/v3/go/pulumi\"\n)\n\nfunc main() {\n\tpulumi.Run(func(ctx *pulumi.Context) error {\n\t\tmyImage, err := compute.LookupImage(ctx, \u0026compute.LookupImageArgs{\n\t\t\tFamily: pulumi.StringRef(\"debian-11\"),\n\t\t\tProject: pulumi.StringRef(\"debian-cloud\"),\n\t\t}, nil)\n\t\tif err != nil {\n\t\t\treturn err\n\t\t}\n\t\t_, err = compute.NewNetwork(ctx, \"default\", \u0026compute.NetworkArgs{\n\t\t\tName: pulumi.String(\"neg-network\"),\n\t\t\tAutoCreateSubnetworks: pulumi.Bool(false),\n\t\t})\n\t\tif err != nil {\n\t\t\treturn err\n\t\t}\n\t\tdefaultSubnetwork, err := compute.NewSubnetwork(ctx, \"default\", \u0026compute.SubnetworkArgs{\n\t\t\tName: pulumi.String(\"neg-subnetwork\"),\n\t\t\tIpCidrRange: pulumi.String(\"10.0.0.1/16\"),\n\t\t\tRegion: pulumi.String(\"us-central1\"),\n\t\t\tNetwork: _default.ID(),\n\t\t})\n\t\tif err != nil {\n\t\t\treturn err\n\t\t}\n\t\t_, err = compute.NewInstance(ctx, \"endpoint-instance1\", \u0026compute.InstanceArgs{\n\t\t\tNetworkInterfaces: compute.InstanceNetworkInterfaceArray{\n\t\t\t\t\u0026compute.InstanceNetworkInterfaceArgs{\n\t\t\t\t\tAccessConfigs: compute.InstanceNetworkInterfaceAccessConfigArray{\n\t\t\t\t\t\tnil,\n\t\t\t\t\t},\n\t\t\t\t\tSubnetwork: defaultSubnetwork.ID(),\n\t\t\t\t},\n\t\t\t},\n\t\t\tName: pulumi.String(\"endpoint-instance1\"),\n\t\t\tMachineType: pulumi.String(\"e2-medium\"),\n\t\t\tBootDisk: \u0026compute.InstanceBootDiskArgs{\n\t\t\t\tInitializeParams: \u0026compute.InstanceBootDiskInitializeParamsArgs{\n\t\t\t\t\tImage: pulumi.String(myImage.SelfLink),\n\t\t\t\t},\n\t\t\t},\n\t\t})\n\t\tif err != nil {\n\t\t\treturn err\n\t\t}\n\t\t_, err = compute.NewInstance(ctx, \"endpoint-instance2\", \u0026compute.InstanceArgs{\n\t\t\tNetworkInterfaces: compute.InstanceNetworkInterfaceArray{\n\t\t\t\t\u0026compute.InstanceNetworkInterfaceArgs{\n\t\t\t\t\tAccessConfigs: compute.InstanceNetworkInterfaceAccessConfigArray{\n\t\t\t\t\t\tnil,\n\t\t\t\t\t},\n\t\t\t\t\tSubnetwork: defaultSubnetwork.ID(),\n\t\t\t\t},\n\t\t\t},\n\t\t\tName: pulumi.String(\"endpoint-instance2\"),\n\t\t\tMachineType: pulumi.String(\"e2-medium\"),\n\t\t\tBootDisk: \u0026compute.InstanceBootDiskArgs{\n\t\t\t\tInitializeParams: \u0026compute.InstanceBootDiskInitializeParamsArgs{\n\t\t\t\t\tImage: pulumi.String(myImage.SelfLink),\n\t\t\t\t},\n\t\t\t},\n\t\t})\n\t\tif err != nil {\n\t\t\treturn err\n\t\t}\n\t\t_, err = compute.NewNetworkEndpointList(ctx, \"default-endpoints\", \u0026compute.NetworkEndpointListArgs{\n\t\t\tNetworkEndpointGroup: pulumi.Any(neg.Name),\n\t\t\tNetworkEndpoints: compute.NetworkEndpointListNetworkEndpointArray{\n\t\t\t\t\u0026compute.NetworkEndpointListNetworkEndpointArgs{\n\t\t\t\t\tInstance: endpoint_instance1.Name,\n\t\t\t\t\tPort: pulumi.Any(neg.DefaultPort),\n\t\t\t\t\tIpAddress: endpoint_instance1.NetworkInterfaces.ApplyT(func(networkInterfaces []compute.InstanceNetworkInterface) (*string, error) {\n\t\t\t\t\t\treturn \u0026networkInterfaces[0].NetworkIp, nil\n\t\t\t\t\t}).(pulumi.StringPtrOutput),\n\t\t\t\t},\n\t\t\t\t\u0026compute.NetworkEndpointListNetworkEndpointArgs{\n\t\t\t\t\tInstance: endpoint_instance2.Name,\n\t\t\t\t\tPort: pulumi.Any(neg.DefaultPort),\n\t\t\t\t\tIpAddress: endpoint_instance2.NetworkInterfaces.ApplyT(func(networkInterfaces []compute.InstanceNetworkInterface) (*string, error) {\n\t\t\t\t\t\treturn \u0026networkInterfaces[0].NetworkIp, nil\n\t\t\t\t\t}).(pulumi.StringPtrOutput),\n\t\t\t\t},\n\t\t\t},\n\t\t})\n\t\tif err != nil {\n\t\t\treturn err\n\t\t}\n\t\t_, err = compute.NewNetworkEndpointGroup(ctx, \"group\", \u0026compute.NetworkEndpointGroupArgs{\n\t\t\tName: pulumi.String(\"my-lb-neg\"),\n\t\t\tNetwork: _default.ID(),\n\t\t\tSubnetwork: defaultSubnetwork.ID(),\n\t\t\tDefaultPort: pulumi.Int(90),\n\t\t\tZone: pulumi.String(\"us-central1-a\"),\n\t\t})\n\t\tif err != nil {\n\t\t\treturn err\n\t\t}\n\t\treturn nil\n\t})\n}\n```\n```java\npackage generated_program;\n\nimport com.pulumi.Context;\nimport com.pulumi.Pulumi;\nimport com.pulumi.core.Output;\nimport com.pulumi.gcp.compute.ComputeFunctions;\nimport com.pulumi.gcp.compute.inputs.GetImageArgs;\nimport com.pulumi.gcp.compute.Network;\nimport com.pulumi.gcp.compute.NetworkArgs;\nimport com.pulumi.gcp.compute.Subnetwork;\nimport com.pulumi.gcp.compute.SubnetworkArgs;\nimport com.pulumi.gcp.compute.Instance;\nimport com.pulumi.gcp.compute.InstanceArgs;\nimport com.pulumi.gcp.compute.inputs.InstanceNetworkInterfaceArgs;\nimport com.pulumi.gcp.compute.inputs.InstanceBootDiskArgs;\nimport com.pulumi.gcp.compute.inputs.InstanceBootDiskInitializeParamsArgs;\nimport com.pulumi.gcp.compute.NetworkEndpointList;\nimport com.pulumi.gcp.compute.NetworkEndpointListArgs;\nimport com.pulumi.gcp.compute.inputs.NetworkEndpointListNetworkEndpointArgs;\nimport com.pulumi.gcp.compute.NetworkEndpointGroup;\nimport com.pulumi.gcp.compute.NetworkEndpointGroupArgs;\nimport java.util.List;\nimport java.util.ArrayList;\nimport java.util.Map;\nimport java.io.File;\nimport java.nio.file.Files;\nimport java.nio.file.Paths;\n\npublic class App {\n public static void main(String[] args) {\n Pulumi.run(App::stack);\n }\n\n public static void stack(Context ctx) {\n final var myImage = ComputeFunctions.getImage(GetImageArgs.builder()\n .family(\"debian-11\")\n .project(\"debian-cloud\")\n .build());\n\n var default_ = new Network(\"default\", NetworkArgs.builder()\n .name(\"neg-network\")\n .autoCreateSubnetworks(false)\n .build());\n\n var defaultSubnetwork = new Subnetwork(\"defaultSubnetwork\", SubnetworkArgs.builder()\n .name(\"neg-subnetwork\")\n .ipCidrRange(\"10.0.0.1/16\")\n .region(\"us-central1\")\n .network(default_.id())\n .build());\n\n var endpoint_instance1 = new Instance(\"endpoint-instance1\", InstanceArgs.builder()\n .networkInterfaces(InstanceNetworkInterfaceArgs.builder()\n .accessConfigs()\n .subnetwork(defaultSubnetwork.id())\n .build())\n .name(\"endpoint-instance1\")\n .machineType(\"e2-medium\")\n .bootDisk(InstanceBootDiskArgs.builder()\n .initializeParams(InstanceBootDiskInitializeParamsArgs.builder()\n .image(myImage.applyValue(getImageResult -\u003e getImageResult.selfLink()))\n .build())\n .build())\n .build());\n\n var endpoint_instance2 = new Instance(\"endpoint-instance2\", InstanceArgs.builder()\n .networkInterfaces(InstanceNetworkInterfaceArgs.builder()\n .accessConfigs()\n .subnetwork(defaultSubnetwork.id())\n .build())\n .name(\"endpoint-instance2\")\n .machineType(\"e2-medium\")\n .bootDisk(InstanceBootDiskArgs.builder()\n .initializeParams(InstanceBootDiskInitializeParamsArgs.builder()\n .image(myImage.applyValue(getImageResult -\u003e getImageResult.selfLink()))\n .build())\n .build())\n .build());\n\n var default_endpoints = new NetworkEndpointList(\"default-endpoints\", NetworkEndpointListArgs.builder()\n .networkEndpointGroup(neg.name())\n .networkEndpoints( \n NetworkEndpointListNetworkEndpointArgs.builder()\n .instance(endpoint_instance1.name())\n .port(neg.defaultPort())\n .ipAddress(endpoint_instance1.networkInterfaces().applyValue(networkInterfaces -\u003e networkInterfaces[0].networkIp()))\n .build(),\n NetworkEndpointListNetworkEndpointArgs.builder()\n .instance(endpoint_instance2.name())\n .port(neg.defaultPort())\n .ipAddress(endpoint_instance2.networkInterfaces().applyValue(networkInterfaces -\u003e networkInterfaces[0].networkIp()))\n .build())\n .build());\n\n var group = new NetworkEndpointGroup(\"group\", NetworkEndpointGroupArgs.builder()\n .name(\"my-lb-neg\")\n .network(default_.id())\n .subnetwork(defaultSubnetwork.id())\n .defaultPort(\"90\")\n .zone(\"us-central1-a\")\n .build());\n\n }\n}\n```\n```yaml\nresources:\n default-endpoints:\n type: gcp:compute:NetworkEndpointList\n properties:\n networkEndpointGroup: ${neg.name}\n networkEndpoints:\n - instance: ${[\"endpoint-instance1\"].name}\n port: ${neg.defaultPort}\n ipAddress: ${[\"endpoint-instance1\"].networkInterfaces[0].networkIp}\n - instance: ${[\"endpoint-instance2\"].name}\n port: ${neg.defaultPort}\n ipAddress: ${[\"endpoint-instance2\"].networkInterfaces[0].networkIp}\n endpoint-instance1:\n type: gcp:compute:Instance\n properties:\n networkInterfaces:\n - accessConfigs:\n - {}\n subnetwork: ${defaultSubnetwork.id}\n name: endpoint-instance1\n machineType: e2-medium\n bootDisk:\n initializeParams:\n image: ${myImage.selfLink}\n endpoint-instance2:\n type: gcp:compute:Instance\n properties:\n networkInterfaces:\n - accessConfigs:\n - {}\n subnetwork: ${defaultSubnetwork.id}\n name: endpoint-instance2\n machineType: e2-medium\n bootDisk:\n initializeParams:\n image: ${myImage.selfLink}\n group:\n type: gcp:compute:NetworkEndpointGroup\n properties:\n name: my-lb-neg\n network: ${default.id}\n subnetwork: ${defaultSubnetwork.id}\n defaultPort: '90'\n zone: us-central1-a\n default:\n type: gcp:compute:Network\n properties:\n name: neg-network\n autoCreateSubnetworks: false\n defaultSubnetwork:\n type: gcp:compute:Subnetwork\n name: default\n properties:\n name: neg-subnetwork\n ipCidrRange: 10.0.0.1/16\n region: us-central1\n network: ${default.id}\nvariables:\n myImage:\n fn::invoke:\n Function: gcp:compute:getImage\n Arguments:\n family: debian-11\n project: debian-cloud\n```\n\u003c!--End PulumiCodeChooser --\u003e\n\n## Import\n\nNetworkEndpoints can be imported using any of these accepted formats:\n\n* `projects/{{project}}/zones/{{zone}}/networkEndpointGroups/{{network_endpoint_group}}`\n\n* `{{project}}/{{zone}}/{{network_endpoint_group}}`\n\n* `{{zone}}/{{network_endpoint_group}}`\n\n* `{{network_endpoint_group}}`\n\nWhen using the `pulumi import` command, NetworkEndpoints can be imported using one of the formats above. For example:\n\n```sh\n$ pulumi import gcp:compute/networkEndpointList:NetworkEndpointList default projects/{{project}}/zones/{{zone}}/networkEndpointGroups/{{network_endpoint_group}}\n```\n\n```sh\n$ pulumi import gcp:compute/networkEndpointList:NetworkEndpointList default {{project}}/{{zone}}/{{network_endpoint_group}}\n```\n\n```sh\n$ pulumi import gcp:compute/networkEndpointList:NetworkEndpointList default {{zone}}/{{network_endpoint_group}}\n```\n\n```sh\n$ pulumi import gcp:compute/networkEndpointList:NetworkEndpointList default {{network_endpoint_group}}\n```\n\n", "properties": { "networkEndpointGroup": { "type": "string", @@ -155395,7 +156469,7 @@ }, "name": { "type": "string", - "description": "Name of the resource. Provided by the client when the resource is\ncreated. The name must be 1-63 characters long, and comply with\nRFC1035. Specifically, the name must be 1-63 characters long and match\nthe regular expression `a-z?` which means the\nfirst character must be a lowercase letter, and all following\ncharacters must be a dash, lowercase letter, or digit, except the last\ncharacter, which cannot be a dash.\n" + "description": "Name of the resource. Provided by the client when the resource is\ncreated. The name must be 1-63 characters long, and comply with\nRFC1035. Specifically, the name must be 1-63 characters long and match\nthe regular expression `a-z?` which means the\nfirst character must be a lowercase letter, and all following\ncharacters must be a dash, lowercase letter, or digit, except the last\ncharacter, which cannot be a dash.\n\n\n- - -\n" }, "profile": { "type": "string", @@ -155407,7 +156481,7 @@ }, "region": { "type": "string", - "description": "The region where the regional SSL policy resides.\n\n\n- - -\n" + "description": "The region where the regional SSL policy resides.\n" }, "selfLink": { "type": "string", @@ -155442,7 +156516,7 @@ }, "name": { "type": "string", - "description": "Name of the resource. Provided by the client when the resource is\ncreated. The name must be 1-63 characters long, and comply with\nRFC1035. Specifically, the name must be 1-63 characters long and match\nthe regular expression `a-z?` which means the\nfirst character must be a lowercase letter, and all following\ncharacters must be a dash, lowercase letter, or digit, except the last\ncharacter, which cannot be a dash.\n", + "description": "Name of the resource. Provided by the client when the resource is\ncreated. The name must be 1-63 characters long, and comply with\nRFC1035. Specifically, the name must be 1-63 characters long and match\nthe regular expression `a-z?` which means the\nfirst character must be a lowercase letter, and all following\ncharacters must be a dash, lowercase letter, or digit, except the last\ncharacter, which cannot be a dash.\n\n\n- - -\n", "willReplaceOnChanges": true }, "profile": { @@ -155456,13 +156530,10 @@ }, "region": { "type": "string", - "description": "The region where the regional SSL policy resides.\n\n\n- - -\n", + "description": "The region where the regional SSL policy resides.\n", "willReplaceOnChanges": true } }, - "requiredInputs": [ - "region" - ], "stateInputs": { "description": "Input properties used for looking up and filtering RegionSslPolicy resources.\n", "properties": { @@ -155499,7 +156570,7 @@ }, "name": { "type": "string", - "description": "Name of the resource. Provided by the client when the resource is\ncreated. The name must be 1-63 characters long, and comply with\nRFC1035. Specifically, the name must be 1-63 characters long and match\nthe regular expression `a-z?` which means the\nfirst character must be a lowercase letter, and all following\ncharacters must be a dash, lowercase letter, or digit, except the last\ncharacter, which cannot be a dash.\n", + "description": "Name of the resource. Provided by the client when the resource is\ncreated. The name must be 1-63 characters long, and comply with\nRFC1035. Specifically, the name must be 1-63 characters long and match\nthe regular expression `a-z?` which means the\nfirst character must be a lowercase letter, and all following\ncharacters must be a dash, lowercase letter, or digit, except the last\ncharacter, which cannot be a dash.\n\n\n- - -\n", "willReplaceOnChanges": true }, "profile": { @@ -155513,7 +156584,7 @@ }, "region": { "type": "string", - "description": "The region where the regional SSL policy resides.\n\n\n- - -\n", + "description": "The region where the regional SSL policy resides.\n", "willReplaceOnChanges": true }, "selfLink": { @@ -158189,6 +159260,10 @@ "type": "string", "description": "The ID of the project in which the resource belongs.\nIf it is not provided, the provider project is used.\n" }, + "rateLimitOptions": { + "$ref": "#/types/gcp:compute/SecurityPolicyRuleRateLimitOptions:SecurityPolicyRuleRateLimitOptions", + "description": "Must be specified if the action is \"rate_based_ban\" or \"throttle\". Cannot be specified for any other actions.\nStructure is documented below.\n" + }, "securityPolicy": { "type": "string", "description": "The name of the security policy this rule belongs to.\n\n\n- - -\n" @@ -158231,6 +159306,10 @@ "description": "The ID of the project in which the resource belongs.\nIf it is not provided, the provider project is used.\n", "willReplaceOnChanges": true }, + "rateLimitOptions": { + "$ref": "#/types/gcp:compute/SecurityPolicyRuleRateLimitOptions:SecurityPolicyRuleRateLimitOptions", + "description": "Must be specified if the action is \"rate_based_ban\" or \"throttle\". Cannot be specified for any other actions.\nStructure is documented below.\n" + }, "securityPolicy": { "type": "string", "description": "The name of the security policy this rule belongs to.\n\n\n- - -\n", @@ -158275,6 +159354,10 @@ "description": "The ID of the project in which the resource belongs.\nIf it is not provided, the provider project is used.\n", "willReplaceOnChanges": true }, + "rateLimitOptions": { + "$ref": "#/types/gcp:compute/SecurityPolicyRuleRateLimitOptions:SecurityPolicyRuleRateLimitOptions", + "description": "Must be specified if the action is \"rate_based_ban\" or \"throttle\". Cannot be specified for any other actions.\nStructure is documented below.\n" + }, "securityPolicy": { "type": "string", "description": "The name of the security policy this rule belongs to.\n\n\n- - -\n", @@ -170430,6 +171513,514 @@ "type": "object" } }, + "gcp:dataplex/aspectType:AspectType": { + "description": "An Aspect Type is a template for creating Aspects.\n\n\n\n## Example Usage\n\n### Dataplex Aspect Type Basic\n\n\n\u003c!--Start PulumiCodeChooser --\u003e\n```typescript\nimport * as pulumi from \"@pulumi/pulumi\";\nimport * as gcp from \"@pulumi/gcp\";\n\nconst testAspectTypeBasic = new gcp.dataplex.AspectType(\"test_aspect_type_basic\", {\n aspectTypeId: \"aspect-type-basic\",\n project: \"my-project-name\",\n location: \"us-central1\",\n metadataTemplate: `{\n \"name\": \"tf-test-template\",\n \"type\": \"record\",\n \"recordFields\": [\n {\n \"name\": \"type\",\n \"type\": \"enum\",\n \"annotations\": {\n \"displayName\": \"Type\",\n \"description\": \"Specifies the type of view represented by the entry.\"\n },\n \"index\": 1,\n \"constraints\": {\n \"required\": true\n },\n \"enumValues\": [\n {\n \"name\": \"VIEW\",\n \"index\": 1\n }\n ]\n }\n ]\n}\n`,\n});\n```\n```python\nimport pulumi\nimport pulumi_gcp as gcp\n\ntest_aspect_type_basic = gcp.dataplex.AspectType(\"test_aspect_type_basic\",\n aspect_type_id=\"aspect-type-basic\",\n project=\"my-project-name\",\n location=\"us-central1\",\n metadata_template=\"\"\"{\n \"name\": \"tf-test-template\",\n \"type\": \"record\",\n \"recordFields\": [\n {\n \"name\": \"type\",\n \"type\": \"enum\",\n \"annotations\": {\n \"displayName\": \"Type\",\n \"description\": \"Specifies the type of view represented by the entry.\"\n },\n \"index\": 1,\n \"constraints\": {\n \"required\": true\n },\n \"enumValues\": [\n {\n \"name\": \"VIEW\",\n \"index\": 1\n }\n ]\n }\n ]\n}\n\"\"\")\n```\n```csharp\nusing System.Collections.Generic;\nusing System.Linq;\nusing Pulumi;\nusing Gcp = Pulumi.Gcp;\n\nreturn await Deployment.RunAsync(() =\u003e \n{\n var testAspectTypeBasic = new Gcp.DataPlex.AspectType(\"test_aspect_type_basic\", new()\n {\n AspectTypeId = \"aspect-type-basic\",\n Project = \"my-project-name\",\n Location = \"us-central1\",\n MetadataTemplate = @\"{\n \"\"name\"\": \"\"tf-test-template\"\",\n \"\"type\"\": \"\"record\"\",\n \"\"recordFields\"\": [\n {\n \"\"name\"\": \"\"type\"\",\n \"\"type\"\": \"\"enum\"\",\n \"\"annotations\"\": {\n \"\"displayName\"\": \"\"Type\"\",\n \"\"description\"\": \"\"Specifies the type of view represented by the entry.\"\"\n },\n \"\"index\"\": 1,\n \"\"constraints\"\": {\n \"\"required\"\": true\n },\n \"\"enumValues\"\": [\n {\n \"\"name\"\": \"\"VIEW\"\",\n \"\"index\"\": 1\n }\n ]\n }\n ]\n}\n\",\n });\n\n});\n```\n```go\npackage main\n\nimport (\n\t\"github.com/pulumi/pulumi-gcp/sdk/v7/go/gcp/dataplex\"\n\t\"github.com/pulumi/pulumi/sdk/v3/go/pulumi\"\n)\n\nfunc main() {\n\tpulumi.Run(func(ctx *pulumi.Context) error {\n\t\t_, err := dataplex.NewAspectType(ctx, \"test_aspect_type_basic\", \u0026dataplex.AspectTypeArgs{\n\t\t\tAspectTypeId: pulumi.String(\"aspect-type-basic\"),\n\t\t\tProject: pulumi.String(\"my-project-name\"),\n\t\t\tLocation: pulumi.String(\"us-central1\"),\n\t\t\tMetadataTemplate: pulumi.String(`{\n \"name\": \"tf-test-template\",\n \"type\": \"record\",\n \"recordFields\": [\n {\n \"name\": \"type\",\n \"type\": \"enum\",\n \"annotations\": {\n \"displayName\": \"Type\",\n \"description\": \"Specifies the type of view represented by the entry.\"\n },\n \"index\": 1,\n \"constraints\": {\n \"required\": true\n },\n \"enumValues\": [\n {\n \"name\": \"VIEW\",\n \"index\": 1\n }\n ]\n }\n ]\n}\n`),\n\t\t})\n\t\tif err != nil {\n\t\t\treturn err\n\t\t}\n\t\treturn nil\n\t})\n}\n```\n```java\npackage generated_program;\n\nimport com.pulumi.Context;\nimport com.pulumi.Pulumi;\nimport com.pulumi.core.Output;\nimport com.pulumi.gcp.dataplex.AspectType;\nimport com.pulumi.gcp.dataplex.AspectTypeArgs;\nimport java.util.List;\nimport java.util.ArrayList;\nimport java.util.Map;\nimport java.io.File;\nimport java.nio.file.Files;\nimport java.nio.file.Paths;\n\npublic class App {\n public static void main(String[] args) {\n Pulumi.run(App::stack);\n }\n\n public static void stack(Context ctx) {\n var testAspectTypeBasic = new AspectType(\"testAspectTypeBasic\", AspectTypeArgs.builder()\n .aspectTypeId(\"aspect-type-basic\")\n .project(\"my-project-name\")\n .location(\"us-central1\")\n .metadataTemplate(\"\"\"\n{\n \"name\": \"tf-test-template\",\n \"type\": \"record\",\n \"recordFields\": [\n {\n \"name\": \"type\",\n \"type\": \"enum\",\n \"annotations\": {\n \"displayName\": \"Type\",\n \"description\": \"Specifies the type of view represented by the entry.\"\n },\n \"index\": 1,\n \"constraints\": {\n \"required\": true\n },\n \"enumValues\": [\n {\n \"name\": \"VIEW\",\n \"index\": 1\n }\n ]\n }\n ]\n}\n \"\"\")\n .build());\n\n }\n}\n```\n```yaml\nresources:\n testAspectTypeBasic:\n type: gcp:dataplex:AspectType\n name: test_aspect_type_basic\n properties:\n aspectTypeId: aspect-type-basic\n project: my-project-name\n location: us-central1\n metadataTemplate: |\n {\n \"name\": \"tf-test-template\",\n \"type\": \"record\",\n \"recordFields\": [\n {\n \"name\": \"type\",\n \"type\": \"enum\",\n \"annotations\": {\n \"displayName\": \"Type\",\n \"description\": \"Specifies the type of view represented by the entry.\"\n },\n \"index\": 1,\n \"constraints\": {\n \"required\": true\n },\n \"enumValues\": [\n {\n \"name\": \"VIEW\",\n \"index\": 1\n }\n ]\n }\n ]\n }\n```\n\u003c!--End PulumiCodeChooser --\u003e\n### Dataplex Aspect Type Full\n\n\n\u003c!--Start PulumiCodeChooser --\u003e\n```typescript\nimport * as pulumi from \"@pulumi/pulumi\";\nimport * as gcp from \"@pulumi/gcp\";\n\nconst testAspectTypeFull = new gcp.dataplex.AspectType(\"test_aspect_type_full\", {\n aspectTypeId: \"aspect-type-full\",\n project: \"my-project-name\",\n location: \"us-central1\",\n labels: {\n tag: \"test-tf\",\n },\n displayName: \"terraform aspect type\",\n description: \"aspect type created by Terraform\",\n metadataTemplate: `{\n \"type\": \"record\",\n \"name\": \"Schema\",\n \"recordFields\": [\n {\n \"name\": \"fields\",\n \"type\": \"array\",\n \"index\": 1,\n \"arrayItems\": {\n \"name\": \"field\",\n \"type\": \"record\",\n \"typeId\": \"field\",\n \"recordFields\": [\n {\n \"name\": \"name\",\n \"type\": \"string\",\n \"index\": 1,\n \"constraints\": {\n \"required\": true\n }\n },\n {\n \"name\": \"description\",\n \"type\": \"string\",\n \"index\": 2\n },\n {\n \"name\": \"dataType\",\n \"type\": \"string\",\n \"index\": 3,\n \"constraints\": {\n \"required\": true\n }\n },\n {\n \"name\": \"metadataType\",\n \"type\": \"enum\",\n \"index\": 4,\n \"constraints\": {\n \"required\": true\n },\n \"enumValues\": [\n {\n \"name\": \"BOOLEAN\",\n \"index\": 1\n },\n {\n \"name\": \"NUMBER\",\n \"index\": 2\n },\n {\n \"name\": \"STRING\",\n \"index\": 3\n },\n {\n \"name\": \"BYTES\",\n \"index\": 4\n },\n {\n \"name\": \"DATETIME\",\n \"index\": 5\n },\n {\n \"name\": \"TIMESTAMP\",\n \"index\": 6\n },\n {\n \"name\": \"GEOSPATIAL\",\n \"index\": 7\n },\n {\n \"name\": \"STRUCT\",\n \"index\": 8\n },\n {\n \"name\": \"OTHER\",\n \"index\": 100\n }\n ]\n },\n {\n \"name\": \"mode\",\n \"type\": \"enum\",\n \"index\": 5,\n \"enumValues\": [\n {\n \"name\": \"NULLABLE\",\n \"index\": 1\n },\n {\n \"name\": \"REPEATED\",\n \"index\": 2\n },\n {\n \"name\": \"REQUIRED\",\n \"index\": 3\n }\n ]\n },\n {\n \"name\": \"defaultValue\",\n \"type\": \"string\",\n \"index\": 6\n },\n {\n \"name\": \"annotations\",\n \"type\": \"map\",\n \"index\": 7,\n \"mapItems\": {\n \"name\": \"label\",\n \"type\": \"string\"\n }\n },\n {\n \"name\": \"fields\",\n \"type\": \"array\",\n \"index\": 20,\n \"arrayItems\": {\n \"name\": \"field\",\n \"type\": \"record\",\n \"typeRef\": \"field\"\n }\n }\n ]\n }\n }\n ]\n}\n`,\n});\n```\n```python\nimport pulumi\nimport pulumi_gcp as gcp\n\ntest_aspect_type_full = gcp.dataplex.AspectType(\"test_aspect_type_full\",\n aspect_type_id=\"aspect-type-full\",\n project=\"my-project-name\",\n location=\"us-central1\",\n labels={\n \"tag\": \"test-tf\",\n },\n display_name=\"terraform aspect type\",\n description=\"aspect type created by Terraform\",\n metadata_template=\"\"\"{\n \"type\": \"record\",\n \"name\": \"Schema\",\n \"recordFields\": [\n {\n \"name\": \"fields\",\n \"type\": \"array\",\n \"index\": 1,\n \"arrayItems\": {\n \"name\": \"field\",\n \"type\": \"record\",\n \"typeId\": \"field\",\n \"recordFields\": [\n {\n \"name\": \"name\",\n \"type\": \"string\",\n \"index\": 1,\n \"constraints\": {\n \"required\": true\n }\n },\n {\n \"name\": \"description\",\n \"type\": \"string\",\n \"index\": 2\n },\n {\n \"name\": \"dataType\",\n \"type\": \"string\",\n \"index\": 3,\n \"constraints\": {\n \"required\": true\n }\n },\n {\n \"name\": \"metadataType\",\n \"type\": \"enum\",\n \"index\": 4,\n \"constraints\": {\n \"required\": true\n },\n \"enumValues\": [\n {\n \"name\": \"BOOLEAN\",\n \"index\": 1\n },\n {\n \"name\": \"NUMBER\",\n \"index\": 2\n },\n {\n \"name\": \"STRING\",\n \"index\": 3\n },\n {\n \"name\": \"BYTES\",\n \"index\": 4\n },\n {\n \"name\": \"DATETIME\",\n \"index\": 5\n },\n {\n \"name\": \"TIMESTAMP\",\n \"index\": 6\n },\n {\n \"name\": \"GEOSPATIAL\",\n \"index\": 7\n },\n {\n \"name\": \"STRUCT\",\n \"index\": 8\n },\n {\n \"name\": \"OTHER\",\n \"index\": 100\n }\n ]\n },\n {\n \"name\": \"mode\",\n \"type\": \"enum\",\n \"index\": 5,\n \"enumValues\": [\n {\n \"name\": \"NULLABLE\",\n \"index\": 1\n },\n {\n \"name\": \"REPEATED\",\n \"index\": 2\n },\n {\n \"name\": \"REQUIRED\",\n \"index\": 3\n }\n ]\n },\n {\n \"name\": \"defaultValue\",\n \"type\": \"string\",\n \"index\": 6\n },\n {\n \"name\": \"annotations\",\n \"type\": \"map\",\n \"index\": 7,\n \"mapItems\": {\n \"name\": \"label\",\n \"type\": \"string\"\n }\n },\n {\n \"name\": \"fields\",\n \"type\": \"array\",\n \"index\": 20,\n \"arrayItems\": {\n \"name\": \"field\",\n \"type\": \"record\",\n \"typeRef\": \"field\"\n }\n }\n ]\n }\n }\n ]\n}\n\"\"\")\n```\n```csharp\nusing System.Collections.Generic;\nusing System.Linq;\nusing Pulumi;\nusing Gcp = Pulumi.Gcp;\n\nreturn await Deployment.RunAsync(() =\u003e \n{\n var testAspectTypeFull = new Gcp.DataPlex.AspectType(\"test_aspect_type_full\", new()\n {\n AspectTypeId = \"aspect-type-full\",\n Project = \"my-project-name\",\n Location = \"us-central1\",\n Labels = \n {\n { \"tag\", \"test-tf\" },\n },\n DisplayName = \"terraform aspect type\",\n Description = \"aspect type created by Terraform\",\n MetadataTemplate = @\"{\n \"\"type\"\": \"\"record\"\",\n \"\"name\"\": \"\"Schema\"\",\n \"\"recordFields\"\": [\n {\n \"\"name\"\": \"\"fields\"\",\n \"\"type\"\": \"\"array\"\",\n \"\"index\"\": 1,\n \"\"arrayItems\"\": {\n \"\"name\"\": \"\"field\"\",\n \"\"type\"\": \"\"record\"\",\n \"\"typeId\"\": \"\"field\"\",\n \"\"recordFields\"\": [\n {\n \"\"name\"\": \"\"name\"\",\n \"\"type\"\": \"\"string\"\",\n \"\"index\"\": 1,\n \"\"constraints\"\": {\n \"\"required\"\": true\n }\n },\n {\n \"\"name\"\": \"\"description\"\",\n \"\"type\"\": \"\"string\"\",\n \"\"index\"\": 2\n },\n {\n \"\"name\"\": \"\"dataType\"\",\n \"\"type\"\": \"\"string\"\",\n \"\"index\"\": 3,\n \"\"constraints\"\": {\n \"\"required\"\": true\n }\n },\n {\n \"\"name\"\": \"\"metadataType\"\",\n \"\"type\"\": \"\"enum\"\",\n \"\"index\"\": 4,\n \"\"constraints\"\": {\n \"\"required\"\": true\n },\n \"\"enumValues\"\": [\n {\n \"\"name\"\": \"\"BOOLEAN\"\",\n \"\"index\"\": 1\n },\n {\n \"\"name\"\": \"\"NUMBER\"\",\n \"\"index\"\": 2\n },\n {\n \"\"name\"\": \"\"STRING\"\",\n \"\"index\"\": 3\n },\n {\n \"\"name\"\": \"\"BYTES\"\",\n \"\"index\"\": 4\n },\n {\n \"\"name\"\": \"\"DATETIME\"\",\n \"\"index\"\": 5\n },\n {\n \"\"name\"\": \"\"TIMESTAMP\"\",\n \"\"index\"\": 6\n },\n {\n \"\"name\"\": \"\"GEOSPATIAL\"\",\n \"\"index\"\": 7\n },\n {\n \"\"name\"\": \"\"STRUCT\"\",\n \"\"index\"\": 8\n },\n {\n \"\"name\"\": \"\"OTHER\"\",\n \"\"index\"\": 100\n }\n ]\n },\n {\n \"\"name\"\": \"\"mode\"\",\n \"\"type\"\": \"\"enum\"\",\n \"\"index\"\": 5,\n \"\"enumValues\"\": [\n {\n \"\"name\"\": \"\"NULLABLE\"\",\n \"\"index\"\": 1\n },\n {\n \"\"name\"\": \"\"REPEATED\"\",\n \"\"index\"\": 2\n },\n {\n \"\"name\"\": \"\"REQUIRED\"\",\n \"\"index\"\": 3\n }\n ]\n },\n {\n \"\"name\"\": \"\"defaultValue\"\",\n \"\"type\"\": \"\"string\"\",\n \"\"index\"\": 6\n },\n {\n \"\"name\"\": \"\"annotations\"\",\n \"\"type\"\": \"\"map\"\",\n \"\"index\"\": 7,\n \"\"mapItems\"\": {\n \"\"name\"\": \"\"label\"\",\n \"\"type\"\": \"\"string\"\"\n }\n },\n {\n \"\"name\"\": \"\"fields\"\",\n \"\"type\"\": \"\"array\"\",\n \"\"index\"\": 20,\n \"\"arrayItems\"\": {\n \"\"name\"\": \"\"field\"\",\n \"\"type\"\": \"\"record\"\",\n \"\"typeRef\"\": \"\"field\"\"\n }\n }\n ]\n }\n }\n ]\n}\n\",\n });\n\n});\n```\n```go\npackage main\n\nimport (\n\t\"github.com/pulumi/pulumi-gcp/sdk/v7/go/gcp/dataplex\"\n\t\"github.com/pulumi/pulumi/sdk/v3/go/pulumi\"\n)\n\nfunc main() {\n\tpulumi.Run(func(ctx *pulumi.Context) error {\n\t\t_, err := dataplex.NewAspectType(ctx, \"test_aspect_type_full\", \u0026dataplex.AspectTypeArgs{\n\t\t\tAspectTypeId: pulumi.String(\"aspect-type-full\"),\n\t\t\tProject: pulumi.String(\"my-project-name\"),\n\t\t\tLocation: pulumi.String(\"us-central1\"),\n\t\t\tLabels: pulumi.StringMap{\n\t\t\t\t\"tag\": pulumi.String(\"test-tf\"),\n\t\t\t},\n\t\t\tDisplayName: pulumi.String(\"terraform aspect type\"),\n\t\t\tDescription: pulumi.String(\"aspect type created by Terraform\"),\n\t\t\tMetadataTemplate: pulumi.String(`{\n \"type\": \"record\",\n \"name\": \"Schema\",\n \"recordFields\": [\n {\n \"name\": \"fields\",\n \"type\": \"array\",\n \"index\": 1,\n \"arrayItems\": {\n \"name\": \"field\",\n \"type\": \"record\",\n \"typeId\": \"field\",\n \"recordFields\": [\n {\n \"name\": \"name\",\n \"type\": \"string\",\n \"index\": 1,\n \"constraints\": {\n \"required\": true\n }\n },\n {\n \"name\": \"description\",\n \"type\": \"string\",\n \"index\": 2\n },\n {\n \"name\": \"dataType\",\n \"type\": \"string\",\n \"index\": 3,\n \"constraints\": {\n \"required\": true\n }\n },\n {\n \"name\": \"metadataType\",\n \"type\": \"enum\",\n \"index\": 4,\n \"constraints\": {\n \"required\": true\n },\n \"enumValues\": [\n {\n \"name\": \"BOOLEAN\",\n \"index\": 1\n },\n {\n \"name\": \"NUMBER\",\n \"index\": 2\n },\n {\n \"name\": \"STRING\",\n \"index\": 3\n },\n {\n \"name\": \"BYTES\",\n \"index\": 4\n },\n {\n \"name\": \"DATETIME\",\n \"index\": 5\n },\n {\n \"name\": \"TIMESTAMP\",\n \"index\": 6\n },\n {\n \"name\": \"GEOSPATIAL\",\n \"index\": 7\n },\n {\n \"name\": \"STRUCT\",\n \"index\": 8\n },\n {\n \"name\": \"OTHER\",\n \"index\": 100\n }\n ]\n },\n {\n \"name\": \"mode\",\n \"type\": \"enum\",\n \"index\": 5,\n \"enumValues\": [\n {\n \"name\": \"NULLABLE\",\n \"index\": 1\n },\n {\n \"name\": \"REPEATED\",\n \"index\": 2\n },\n {\n \"name\": \"REQUIRED\",\n \"index\": 3\n }\n ]\n },\n {\n \"name\": \"defaultValue\",\n \"type\": \"string\",\n \"index\": 6\n },\n {\n \"name\": \"annotations\",\n \"type\": \"map\",\n \"index\": 7,\n \"mapItems\": {\n \"name\": \"label\",\n \"type\": \"string\"\n }\n },\n {\n \"name\": \"fields\",\n \"type\": \"array\",\n \"index\": 20,\n \"arrayItems\": {\n \"name\": \"field\",\n \"type\": \"record\",\n \"typeRef\": \"field\"\n }\n }\n ]\n }\n }\n ]\n}\n`),\n\t\t})\n\t\tif err != nil {\n\t\t\treturn err\n\t\t}\n\t\treturn nil\n\t})\n}\n```\n```java\npackage generated_program;\n\nimport com.pulumi.Context;\nimport com.pulumi.Pulumi;\nimport com.pulumi.core.Output;\nimport com.pulumi.gcp.dataplex.AspectType;\nimport com.pulumi.gcp.dataplex.AspectTypeArgs;\nimport java.util.List;\nimport java.util.ArrayList;\nimport java.util.Map;\nimport java.io.File;\nimport java.nio.file.Files;\nimport java.nio.file.Paths;\n\npublic class App {\n public static void main(String[] args) {\n Pulumi.run(App::stack);\n }\n\n public static void stack(Context ctx) {\n var testAspectTypeFull = new AspectType(\"testAspectTypeFull\", AspectTypeArgs.builder()\n .aspectTypeId(\"aspect-type-full\")\n .project(\"my-project-name\")\n .location(\"us-central1\")\n .labels(Map.of(\"tag\", \"test-tf\"))\n .displayName(\"terraform aspect type\")\n .description(\"aspect type created by Terraform\")\n .metadataTemplate(\"\"\"\n{\n \"type\": \"record\",\n \"name\": \"Schema\",\n \"recordFields\": [\n {\n \"name\": \"fields\",\n \"type\": \"array\",\n \"index\": 1,\n \"arrayItems\": {\n \"name\": \"field\",\n \"type\": \"record\",\n \"typeId\": \"field\",\n \"recordFields\": [\n {\n \"name\": \"name\",\n \"type\": \"string\",\n \"index\": 1,\n \"constraints\": {\n \"required\": true\n }\n },\n {\n \"name\": \"description\",\n \"type\": \"string\",\n \"index\": 2\n },\n {\n \"name\": \"dataType\",\n \"type\": \"string\",\n \"index\": 3,\n \"constraints\": {\n \"required\": true\n }\n },\n {\n \"name\": \"metadataType\",\n \"type\": \"enum\",\n \"index\": 4,\n \"constraints\": {\n \"required\": true\n },\n \"enumValues\": [\n {\n \"name\": \"BOOLEAN\",\n \"index\": 1\n },\n {\n \"name\": \"NUMBER\",\n \"index\": 2\n },\n {\n \"name\": \"STRING\",\n \"index\": 3\n },\n {\n \"name\": \"BYTES\",\n \"index\": 4\n },\n {\n \"name\": \"DATETIME\",\n \"index\": 5\n },\n {\n \"name\": \"TIMESTAMP\",\n \"index\": 6\n },\n {\n \"name\": \"GEOSPATIAL\",\n \"index\": 7\n },\n {\n \"name\": \"STRUCT\",\n \"index\": 8\n },\n {\n \"name\": \"OTHER\",\n \"index\": 100\n }\n ]\n },\n {\n \"name\": \"mode\",\n \"type\": \"enum\",\n \"index\": 5,\n \"enumValues\": [\n {\n \"name\": \"NULLABLE\",\n \"index\": 1\n },\n {\n \"name\": \"REPEATED\",\n \"index\": 2\n },\n {\n \"name\": \"REQUIRED\",\n \"index\": 3\n }\n ]\n },\n {\n \"name\": \"defaultValue\",\n \"type\": \"string\",\n \"index\": 6\n },\n {\n \"name\": \"annotations\",\n \"type\": \"map\",\n \"index\": 7,\n \"mapItems\": {\n \"name\": \"label\",\n \"type\": \"string\"\n }\n },\n {\n \"name\": \"fields\",\n \"type\": \"array\",\n \"index\": 20,\n \"arrayItems\": {\n \"name\": \"field\",\n \"type\": \"record\",\n \"typeRef\": \"field\"\n }\n }\n ]\n }\n }\n ]\n}\n \"\"\")\n .build());\n\n }\n}\n```\n```yaml\nresources:\n testAspectTypeFull:\n type: gcp:dataplex:AspectType\n name: test_aspect_type_full\n properties:\n aspectTypeId: aspect-type-full\n project: my-project-name\n location: us-central1\n labels:\n tag: test-tf\n displayName: terraform aspect type\n description: aspect type created by Terraform\n metadataTemplate: |\n {\n \"type\": \"record\",\n \"name\": \"Schema\",\n \"recordFields\": [\n {\n \"name\": \"fields\",\n \"type\": \"array\",\n \"index\": 1,\n \"arrayItems\": {\n \"name\": \"field\",\n \"type\": \"record\",\n \"typeId\": \"field\",\n \"recordFields\": [\n {\n \"name\": \"name\",\n \"type\": \"string\",\n \"index\": 1,\n \"constraints\": {\n \"required\": true\n }\n },\n {\n \"name\": \"description\",\n \"type\": \"string\",\n \"index\": 2\n },\n {\n \"name\": \"dataType\",\n \"type\": \"string\",\n \"index\": 3,\n \"constraints\": {\n \"required\": true\n }\n },\n {\n \"name\": \"metadataType\",\n \"type\": \"enum\",\n \"index\": 4,\n \"constraints\": {\n \"required\": true\n },\n \"enumValues\": [\n {\n \"name\": \"BOOLEAN\",\n \"index\": 1\n },\n {\n \"name\": \"NUMBER\",\n \"index\": 2\n },\n {\n \"name\": \"STRING\",\n \"index\": 3\n },\n {\n \"name\": \"BYTES\",\n \"index\": 4\n },\n {\n \"name\": \"DATETIME\",\n \"index\": 5\n },\n {\n \"name\": \"TIMESTAMP\",\n \"index\": 6\n },\n {\n \"name\": \"GEOSPATIAL\",\n \"index\": 7\n },\n {\n \"name\": \"STRUCT\",\n \"index\": 8\n },\n {\n \"name\": \"OTHER\",\n \"index\": 100\n }\n ]\n },\n {\n \"name\": \"mode\",\n \"type\": \"enum\",\n \"index\": 5,\n \"enumValues\": [\n {\n \"name\": \"NULLABLE\",\n \"index\": 1\n },\n {\n \"name\": \"REPEATED\",\n \"index\": 2\n },\n {\n \"name\": \"REQUIRED\",\n \"index\": 3\n }\n ]\n },\n {\n \"name\": \"defaultValue\",\n \"type\": \"string\",\n \"index\": 6\n },\n {\n \"name\": \"annotations\",\n \"type\": \"map\",\n \"index\": 7,\n \"mapItems\": {\n \"name\": \"label\",\n \"type\": \"string\"\n }\n },\n {\n \"name\": \"fields\",\n \"type\": \"array\",\n \"index\": 20,\n \"arrayItems\": {\n \"name\": \"field\",\n \"type\": \"record\",\n \"typeRef\": \"field\"\n }\n }\n ]\n }\n }\n ]\n }\n```\n\u003c!--End PulumiCodeChooser --\u003e\n\n## Import\n\nAspectType can be imported using any of these accepted formats:\n\n* `projects/{{project}}/locations/{{location}}/aspectTypes/{{aspect_type_id}}`\n\n* `{{project}}/{{location}}/{{aspect_type_id}}`\n\n* `{{location}}/{{aspect_type_id}}`\n\nWhen using the `pulumi import` command, AspectType can be imported using one of the formats above. For example:\n\n```sh\n$ pulumi import gcp:dataplex/aspectType:AspectType default projects/{{project}}/locations/{{location}}/aspectTypes/{{aspect_type_id}}\n```\n\n```sh\n$ pulumi import gcp:dataplex/aspectType:AspectType default {{project}}/{{location}}/{{aspect_type_id}}\n```\n\n```sh\n$ pulumi import gcp:dataplex/aspectType:AspectType default {{location}}/{{aspect_type_id}}\n```\n\n", + "properties": { + "aspectTypeId": { + "type": "string", + "description": "The aspect type id of the aspect type.\n" + }, + "createTime": { + "type": "string", + "description": "The time when the AspectType was created.\n" + }, + "description": { + "type": "string", + "description": "Description of the AspectType.\n" + }, + "displayName": { + "type": "string", + "description": "User friendly display name.\n" + }, + "effectiveLabels": { + "type": "object", + "additionalProperties": { + "type": "string" + }, + "description": "All of labels (key/value pairs) present on the resource in GCP, including the labels configured through Pulumi, other clients and services.\n", + "secret": true + }, + "labels": { + "type": "object", + "additionalProperties": { + "type": "string" + }, + "description": "User-defined labels for the AspectType.\n\n**Note**: This field is non-authoritative, and will only manage the labels present in your configuration.\nPlease refer to the field `effective_labels` for all of the labels present on the resource.\n" + }, + "location": { + "type": "string", + "description": "The location where aspect type will be created in.\n" + }, + "metadataTemplate": { + "type": "string", + "description": "MetadataTemplate of the Aspect.\n" + }, + "name": { + "type": "string", + "description": "The relative resource name of the AspectType, of the form: projects/{project_number}/locations/{location_id}/aspectTypes/{aspect_type_id}\n" + }, + "project": { + "type": "string", + "description": "The ID of the project in which the resource belongs.\nIf it is not provided, the provider project is used.\n" + }, + "pulumiLabels": { + "type": "object", + "additionalProperties": { + "type": "string" + }, + "description": "The combination of labels configured directly on the resource\nand default labels configured on the provider.\n", + "secret": true + }, + "transferStatus": { + "type": "string", + "description": "Denotes the transfer status of the Aspect Type. It is unspecified\nfor Aspect Type created from Dataplex API.\n" + }, + "uid": { + "type": "string", + "description": "System generated globally unique ID for the AspectType. This ID will be different if the AspectType is deleted and re-created with the same name.\n" + }, + "updateTime": { + "type": "string", + "description": "The time when the AspectType was last updated.\n" + } + }, + "required": [ + "createTime", + "effectiveLabels", + "name", + "project", + "pulumiLabels", + "transferStatus", + "uid", + "updateTime" + ], + "inputProperties": { + "aspectTypeId": { + "type": "string", + "description": "The aspect type id of the aspect type.\n", + "willReplaceOnChanges": true + }, + "description": { + "type": "string", + "description": "Description of the AspectType.\n" + }, + "displayName": { + "type": "string", + "description": "User friendly display name.\n" + }, + "labels": { + "type": "object", + "additionalProperties": { + "type": "string" + }, + "description": "User-defined labels for the AspectType.\n\n**Note**: This field is non-authoritative, and will only manage the labels present in your configuration.\nPlease refer to the field `effective_labels` for all of the labels present on the resource.\n" + }, + "location": { + "type": "string", + "description": "The location where aspect type will be created in.\n", + "willReplaceOnChanges": true + }, + "metadataTemplate": { + "type": "string", + "description": "MetadataTemplate of the Aspect.\n" + }, + "project": { + "type": "string", + "description": "The ID of the project in which the resource belongs.\nIf it is not provided, the provider project is used.\n", + "willReplaceOnChanges": true + } + }, + "stateInputs": { + "description": "Input properties used for looking up and filtering AspectType resources.\n", + "properties": { + "aspectTypeId": { + "type": "string", + "description": "The aspect type id of the aspect type.\n", + "willReplaceOnChanges": true + }, + "createTime": { + "type": "string", + "description": "The time when the AspectType was created.\n" + }, + "description": { + "type": "string", + "description": "Description of the AspectType.\n" + }, + "displayName": { + "type": "string", + "description": "User friendly display name.\n" + }, + "effectiveLabels": { + "type": "object", + "additionalProperties": { + "type": "string" + }, + "description": "All of labels (key/value pairs) present on the resource in GCP, including the labels configured through Pulumi, other clients and services.\n", + "secret": true + }, + "labels": { + "type": "object", + "additionalProperties": { + "type": "string" + }, + "description": "User-defined labels for the AspectType.\n\n**Note**: This field is non-authoritative, and will only manage the labels present in your configuration.\nPlease refer to the field `effective_labels` for all of the labels present on the resource.\n" + }, + "location": { + "type": "string", + "description": "The location where aspect type will be created in.\n", + "willReplaceOnChanges": true + }, + "metadataTemplate": { + "type": "string", + "description": "MetadataTemplate of the Aspect.\n" + }, + "name": { + "type": "string", + "description": "The relative resource name of the AspectType, of the form: projects/{project_number}/locations/{location_id}/aspectTypes/{aspect_type_id}\n" + }, + "project": { + "type": "string", + "description": "The ID of the project in which the resource belongs.\nIf it is not provided, the provider project is used.\n", + "willReplaceOnChanges": true + }, + "pulumiLabels": { + "type": "object", + "additionalProperties": { + "type": "string" + }, + "description": "The combination of labels configured directly on the resource\nand default labels configured on the provider.\n", + "secret": true + }, + "transferStatus": { + "type": "string", + "description": "Denotes the transfer status of the Aspect Type. It is unspecified\nfor Aspect Type created from Dataplex API.\n" + }, + "uid": { + "type": "string", + "description": "System generated globally unique ID for the AspectType. This ID will be different if the AspectType is deleted and re-created with the same name.\n" + }, + "updateTime": { + "type": "string", + "description": "The time when the AspectType was last updated.\n" + } + }, + "type": "object" + } + }, + "gcp:dataplex/aspectTypeIamBinding:AspectTypeIamBinding": { + "description": "Three different resources help you manage your IAM policy for Dataplex AspectType. Each of these resources serves a different use case:\n\n* `gcp.dataplex.AspectTypeIamPolicy`: Authoritative. Sets the IAM policy for the aspecttype and replaces any existing policy already attached.\n* `gcp.dataplex.AspectTypeIamBinding`: Authoritative for a given role. Updates the IAM policy to grant a role to a list of members. Other roles within the IAM policy for the aspecttype are preserved.\n* `gcp.dataplex.AspectTypeIamMember`: Non-authoritative. Updates the IAM policy to grant a role to a new member. Other members for the role for the aspecttype are preserved.\n\nA data source can be used to retrieve policy data in advent you do not need creation\n\n* `gcp.dataplex.AspectTypeIamPolicy`: Retrieves the IAM policy for the aspecttype\n\n\u003e **Note:** `gcp.dataplex.AspectTypeIamPolicy` **cannot** be used in conjunction with `gcp.dataplex.AspectTypeIamBinding` and `gcp.dataplex.AspectTypeIamMember` or they will fight over what your policy should be.\n\n\u003e **Note:** `gcp.dataplex.AspectTypeIamBinding` resources **can be** used in conjunction with `gcp.dataplex.AspectTypeIamMember` resources **only if** they do not grant privilege to the same role.\n\n\n\n## gcp.dataplex.AspectTypeIamPolicy\n\n\u003c!--Start PulumiCodeChooser --\u003e\n```typescript\nimport * as pulumi from \"@pulumi/pulumi\";\nimport * as gcp from \"@pulumi/gcp\";\n\nconst admin = gcp.organizations.getIAMPolicy({\n bindings: [{\n role: \"roles/viewer\",\n members: [\"user:jane@example.com\"],\n }],\n});\nconst policy = new gcp.dataplex.AspectTypeIamPolicy(\"policy\", {\n project: testAspectTypeBasic.project,\n location: testAspectTypeBasic.location,\n aspectTypeId: testAspectTypeBasic.aspectTypeId,\n policyData: admin.then(admin =\u003e admin.policyData),\n});\n```\n```python\nimport pulumi\nimport pulumi_gcp as gcp\n\nadmin = gcp.organizations.get_iam_policy(bindings=[gcp.organizations.GetIAMPolicyBindingArgs(\n role=\"roles/viewer\",\n members=[\"user:jane@example.com\"],\n)])\npolicy = gcp.dataplex.AspectTypeIamPolicy(\"policy\",\n project=test_aspect_type_basic[\"project\"],\n location=test_aspect_type_basic[\"location\"],\n aspect_type_id=test_aspect_type_basic[\"aspectTypeId\"],\n policy_data=admin.policy_data)\n```\n```csharp\nusing System.Collections.Generic;\nusing System.Linq;\nusing Pulumi;\nusing Gcp = Pulumi.Gcp;\n\nreturn await Deployment.RunAsync(() =\u003e \n{\n var admin = Gcp.Organizations.GetIAMPolicy.Invoke(new()\n {\n Bindings = new[]\n {\n new Gcp.Organizations.Inputs.GetIAMPolicyBindingInputArgs\n {\n Role = \"roles/viewer\",\n Members = new[]\n {\n \"user:jane@example.com\",\n },\n },\n },\n });\n\n var policy = new Gcp.DataPlex.AspectTypeIamPolicy(\"policy\", new()\n {\n Project = testAspectTypeBasic.Project,\n Location = testAspectTypeBasic.Location,\n AspectTypeId = testAspectTypeBasic.AspectTypeId,\n PolicyData = admin.Apply(getIAMPolicyResult =\u003e getIAMPolicyResult.PolicyData),\n });\n\n});\n```\n```go\npackage main\n\nimport (\n\t\"github.com/pulumi/pulumi-gcp/sdk/v7/go/gcp/dataplex\"\n\t\"github.com/pulumi/pulumi-gcp/sdk/v7/go/gcp/organizations\"\n\t\"github.com/pulumi/pulumi/sdk/v3/go/pulumi\"\n)\n\nfunc main() {\n\tpulumi.Run(func(ctx *pulumi.Context) error {\n\t\tadmin, err := organizations.LookupIAMPolicy(ctx, \u0026organizations.LookupIAMPolicyArgs{\n\t\t\tBindings: []organizations.GetIAMPolicyBinding{\n\t\t\t\t{\n\t\t\t\t\tRole: \"roles/viewer\",\n\t\t\t\t\tMembers: []string{\n\t\t\t\t\t\t\"user:jane@example.com\",\n\t\t\t\t\t},\n\t\t\t\t},\n\t\t\t},\n\t\t}, nil)\n\t\tif err != nil {\n\t\t\treturn err\n\t\t}\n\t\t_, err = dataplex.NewAspectTypeIamPolicy(ctx, \"policy\", \u0026dataplex.AspectTypeIamPolicyArgs{\n\t\t\tProject: pulumi.Any(testAspectTypeBasic.Project),\n\t\t\tLocation: pulumi.Any(testAspectTypeBasic.Location),\n\t\t\tAspectTypeId: pulumi.Any(testAspectTypeBasic.AspectTypeId),\n\t\t\tPolicyData: pulumi.String(admin.PolicyData),\n\t\t})\n\t\tif err != nil {\n\t\t\treturn err\n\t\t}\n\t\treturn nil\n\t})\n}\n```\n```java\npackage generated_program;\n\nimport com.pulumi.Context;\nimport com.pulumi.Pulumi;\nimport com.pulumi.core.Output;\nimport com.pulumi.gcp.organizations.OrganizationsFunctions;\nimport com.pulumi.gcp.organizations.inputs.GetIAMPolicyArgs;\nimport com.pulumi.gcp.dataplex.AspectTypeIamPolicy;\nimport com.pulumi.gcp.dataplex.AspectTypeIamPolicyArgs;\nimport java.util.List;\nimport java.util.ArrayList;\nimport java.util.Map;\nimport java.io.File;\nimport java.nio.file.Files;\nimport java.nio.file.Paths;\n\npublic class App {\n public static void main(String[] args) {\n Pulumi.run(App::stack);\n }\n\n public static void stack(Context ctx) {\n final var admin = OrganizationsFunctions.getIAMPolicy(GetIAMPolicyArgs.builder()\n .bindings(GetIAMPolicyBindingArgs.builder()\n .role(\"roles/viewer\")\n .members(\"user:jane@example.com\")\n .build())\n .build());\n\n var policy = new AspectTypeIamPolicy(\"policy\", AspectTypeIamPolicyArgs.builder()\n .project(testAspectTypeBasic.project())\n .location(testAspectTypeBasic.location())\n .aspectTypeId(testAspectTypeBasic.aspectTypeId())\n .policyData(admin.applyValue(getIAMPolicyResult -\u003e getIAMPolicyResult.policyData()))\n .build());\n\n }\n}\n```\n```yaml\nresources:\n policy:\n type: gcp:dataplex:AspectTypeIamPolicy\n properties:\n project: ${testAspectTypeBasic.project}\n location: ${testAspectTypeBasic.location}\n aspectTypeId: ${testAspectTypeBasic.aspectTypeId}\n policyData: ${admin.policyData}\nvariables:\n admin:\n fn::invoke:\n Function: gcp:organizations:getIAMPolicy\n Arguments:\n bindings:\n - role: roles/viewer\n members:\n - user:jane@example.com\n```\n\u003c!--End PulumiCodeChooser --\u003e\n\n## gcp.dataplex.AspectTypeIamBinding\n\n\u003c!--Start PulumiCodeChooser --\u003e\n```typescript\nimport * as pulumi from \"@pulumi/pulumi\";\nimport * as gcp from \"@pulumi/gcp\";\n\nconst binding = new gcp.dataplex.AspectTypeIamBinding(\"binding\", {\n project: testAspectTypeBasic.project,\n location: testAspectTypeBasic.location,\n aspectTypeId: testAspectTypeBasic.aspectTypeId,\n role: \"roles/viewer\",\n members: [\"user:jane@example.com\"],\n});\n```\n```python\nimport pulumi\nimport pulumi_gcp as gcp\n\nbinding = gcp.dataplex.AspectTypeIamBinding(\"binding\",\n project=test_aspect_type_basic[\"project\"],\n location=test_aspect_type_basic[\"location\"],\n aspect_type_id=test_aspect_type_basic[\"aspectTypeId\"],\n role=\"roles/viewer\",\n members=[\"user:jane@example.com\"])\n```\n```csharp\nusing System.Collections.Generic;\nusing System.Linq;\nusing Pulumi;\nusing Gcp = Pulumi.Gcp;\n\nreturn await Deployment.RunAsync(() =\u003e \n{\n var binding = new Gcp.DataPlex.AspectTypeIamBinding(\"binding\", new()\n {\n Project = testAspectTypeBasic.Project,\n Location = testAspectTypeBasic.Location,\n AspectTypeId = testAspectTypeBasic.AspectTypeId,\n Role = \"roles/viewer\",\n Members = new[]\n {\n \"user:jane@example.com\",\n },\n });\n\n});\n```\n```go\npackage main\n\nimport (\n\t\"github.com/pulumi/pulumi-gcp/sdk/v7/go/gcp/dataplex\"\n\t\"github.com/pulumi/pulumi/sdk/v3/go/pulumi\"\n)\n\nfunc main() {\n\tpulumi.Run(func(ctx *pulumi.Context) error {\n\t\t_, err := dataplex.NewAspectTypeIamBinding(ctx, \"binding\", \u0026dataplex.AspectTypeIamBindingArgs{\n\t\t\tProject: pulumi.Any(testAspectTypeBasic.Project),\n\t\t\tLocation: pulumi.Any(testAspectTypeBasic.Location),\n\t\t\tAspectTypeId: pulumi.Any(testAspectTypeBasic.AspectTypeId),\n\t\t\tRole: pulumi.String(\"roles/viewer\"),\n\t\t\tMembers: pulumi.StringArray{\n\t\t\t\tpulumi.String(\"user:jane@example.com\"),\n\t\t\t},\n\t\t})\n\t\tif err != nil {\n\t\t\treturn err\n\t\t}\n\t\treturn nil\n\t})\n}\n```\n```java\npackage generated_program;\n\nimport com.pulumi.Context;\nimport com.pulumi.Pulumi;\nimport com.pulumi.core.Output;\nimport com.pulumi.gcp.dataplex.AspectTypeIamBinding;\nimport com.pulumi.gcp.dataplex.AspectTypeIamBindingArgs;\nimport java.util.List;\nimport java.util.ArrayList;\nimport java.util.Map;\nimport java.io.File;\nimport java.nio.file.Files;\nimport java.nio.file.Paths;\n\npublic class App {\n public static void main(String[] args) {\n Pulumi.run(App::stack);\n }\n\n public static void stack(Context ctx) {\n var binding = new AspectTypeIamBinding(\"binding\", AspectTypeIamBindingArgs.builder()\n .project(testAspectTypeBasic.project())\n .location(testAspectTypeBasic.location())\n .aspectTypeId(testAspectTypeBasic.aspectTypeId())\n .role(\"roles/viewer\")\n .members(\"user:jane@example.com\")\n .build());\n\n }\n}\n```\n```yaml\nresources:\n binding:\n type: gcp:dataplex:AspectTypeIamBinding\n properties:\n project: ${testAspectTypeBasic.project}\n location: ${testAspectTypeBasic.location}\n aspectTypeId: ${testAspectTypeBasic.aspectTypeId}\n role: roles/viewer\n members:\n - user:jane@example.com\n```\n\u003c!--End PulumiCodeChooser --\u003e\n\n## gcp.dataplex.AspectTypeIamMember\n\n\u003c!--Start PulumiCodeChooser --\u003e\n```typescript\nimport * as pulumi from \"@pulumi/pulumi\";\nimport * as gcp from \"@pulumi/gcp\";\n\nconst member = new gcp.dataplex.AspectTypeIamMember(\"member\", {\n project: testAspectTypeBasic.project,\n location: testAspectTypeBasic.location,\n aspectTypeId: testAspectTypeBasic.aspectTypeId,\n role: \"roles/viewer\",\n member: \"user:jane@example.com\",\n});\n```\n```python\nimport pulumi\nimport pulumi_gcp as gcp\n\nmember = gcp.dataplex.AspectTypeIamMember(\"member\",\n project=test_aspect_type_basic[\"project\"],\n location=test_aspect_type_basic[\"location\"],\n aspect_type_id=test_aspect_type_basic[\"aspectTypeId\"],\n role=\"roles/viewer\",\n member=\"user:jane@example.com\")\n```\n```csharp\nusing System.Collections.Generic;\nusing System.Linq;\nusing Pulumi;\nusing Gcp = Pulumi.Gcp;\n\nreturn await Deployment.RunAsync(() =\u003e \n{\n var member = new Gcp.DataPlex.AspectTypeIamMember(\"member\", new()\n {\n Project = testAspectTypeBasic.Project,\n Location = testAspectTypeBasic.Location,\n AspectTypeId = testAspectTypeBasic.AspectTypeId,\n Role = \"roles/viewer\",\n Member = \"user:jane@example.com\",\n });\n\n});\n```\n```go\npackage main\n\nimport (\n\t\"github.com/pulumi/pulumi-gcp/sdk/v7/go/gcp/dataplex\"\n\t\"github.com/pulumi/pulumi/sdk/v3/go/pulumi\"\n)\n\nfunc main() {\n\tpulumi.Run(func(ctx *pulumi.Context) error {\n\t\t_, err := dataplex.NewAspectTypeIamMember(ctx, \"member\", \u0026dataplex.AspectTypeIamMemberArgs{\n\t\t\tProject: pulumi.Any(testAspectTypeBasic.Project),\n\t\t\tLocation: pulumi.Any(testAspectTypeBasic.Location),\n\t\t\tAspectTypeId: pulumi.Any(testAspectTypeBasic.AspectTypeId),\n\t\t\tRole: pulumi.String(\"roles/viewer\"),\n\t\t\tMember: pulumi.String(\"user:jane@example.com\"),\n\t\t})\n\t\tif err != nil {\n\t\t\treturn err\n\t\t}\n\t\treturn nil\n\t})\n}\n```\n```java\npackage generated_program;\n\nimport com.pulumi.Context;\nimport com.pulumi.Pulumi;\nimport com.pulumi.core.Output;\nimport com.pulumi.gcp.dataplex.AspectTypeIamMember;\nimport com.pulumi.gcp.dataplex.AspectTypeIamMemberArgs;\nimport java.util.List;\nimport java.util.ArrayList;\nimport java.util.Map;\nimport java.io.File;\nimport java.nio.file.Files;\nimport java.nio.file.Paths;\n\npublic class App {\n public static void main(String[] args) {\n Pulumi.run(App::stack);\n }\n\n public static void stack(Context ctx) {\n var member = new AspectTypeIamMember(\"member\", AspectTypeIamMemberArgs.builder()\n .project(testAspectTypeBasic.project())\n .location(testAspectTypeBasic.location())\n .aspectTypeId(testAspectTypeBasic.aspectTypeId())\n .role(\"roles/viewer\")\n .member(\"user:jane@example.com\")\n .build());\n\n }\n}\n```\n```yaml\nresources:\n member:\n type: gcp:dataplex:AspectTypeIamMember\n properties:\n project: ${testAspectTypeBasic.project}\n location: ${testAspectTypeBasic.location}\n aspectTypeId: ${testAspectTypeBasic.aspectTypeId}\n role: roles/viewer\n member: user:jane@example.com\n```\n\u003c!--End PulumiCodeChooser --\u003e\n\n\n## gcp.dataplex.AspectTypeIamPolicy\n\n\u003c!--Start PulumiCodeChooser --\u003e\n```typescript\nimport * as pulumi from \"@pulumi/pulumi\";\nimport * as gcp from \"@pulumi/gcp\";\n\nconst admin = gcp.organizations.getIAMPolicy({\n bindings: [{\n role: \"roles/viewer\",\n members: [\"user:jane@example.com\"],\n }],\n});\nconst policy = new gcp.dataplex.AspectTypeIamPolicy(\"policy\", {\n project: testAspectTypeBasic.project,\n location: testAspectTypeBasic.location,\n aspectTypeId: testAspectTypeBasic.aspectTypeId,\n policyData: admin.then(admin =\u003e admin.policyData),\n});\n```\n```python\nimport pulumi\nimport pulumi_gcp as gcp\n\nadmin = gcp.organizations.get_iam_policy(bindings=[gcp.organizations.GetIAMPolicyBindingArgs(\n role=\"roles/viewer\",\n members=[\"user:jane@example.com\"],\n)])\npolicy = gcp.dataplex.AspectTypeIamPolicy(\"policy\",\n project=test_aspect_type_basic[\"project\"],\n location=test_aspect_type_basic[\"location\"],\n aspect_type_id=test_aspect_type_basic[\"aspectTypeId\"],\n policy_data=admin.policy_data)\n```\n```csharp\nusing System.Collections.Generic;\nusing System.Linq;\nusing Pulumi;\nusing Gcp = Pulumi.Gcp;\n\nreturn await Deployment.RunAsync(() =\u003e \n{\n var admin = Gcp.Organizations.GetIAMPolicy.Invoke(new()\n {\n Bindings = new[]\n {\n new Gcp.Organizations.Inputs.GetIAMPolicyBindingInputArgs\n {\n Role = \"roles/viewer\",\n Members = new[]\n {\n \"user:jane@example.com\",\n },\n },\n },\n });\n\n var policy = new Gcp.DataPlex.AspectTypeIamPolicy(\"policy\", new()\n {\n Project = testAspectTypeBasic.Project,\n Location = testAspectTypeBasic.Location,\n AspectTypeId = testAspectTypeBasic.AspectTypeId,\n PolicyData = admin.Apply(getIAMPolicyResult =\u003e getIAMPolicyResult.PolicyData),\n });\n\n});\n```\n```go\npackage main\n\nimport (\n\t\"github.com/pulumi/pulumi-gcp/sdk/v7/go/gcp/dataplex\"\n\t\"github.com/pulumi/pulumi-gcp/sdk/v7/go/gcp/organizations\"\n\t\"github.com/pulumi/pulumi/sdk/v3/go/pulumi\"\n)\n\nfunc main() {\n\tpulumi.Run(func(ctx *pulumi.Context) error {\n\t\tadmin, err := organizations.LookupIAMPolicy(ctx, \u0026organizations.LookupIAMPolicyArgs{\n\t\t\tBindings: []organizations.GetIAMPolicyBinding{\n\t\t\t\t{\n\t\t\t\t\tRole: \"roles/viewer\",\n\t\t\t\t\tMembers: []string{\n\t\t\t\t\t\t\"user:jane@example.com\",\n\t\t\t\t\t},\n\t\t\t\t},\n\t\t\t},\n\t\t}, nil)\n\t\tif err != nil {\n\t\t\treturn err\n\t\t}\n\t\t_, err = dataplex.NewAspectTypeIamPolicy(ctx, \"policy\", \u0026dataplex.AspectTypeIamPolicyArgs{\n\t\t\tProject: pulumi.Any(testAspectTypeBasic.Project),\n\t\t\tLocation: pulumi.Any(testAspectTypeBasic.Location),\n\t\t\tAspectTypeId: pulumi.Any(testAspectTypeBasic.AspectTypeId),\n\t\t\tPolicyData: pulumi.String(admin.PolicyData),\n\t\t})\n\t\tif err != nil {\n\t\t\treturn err\n\t\t}\n\t\treturn nil\n\t})\n}\n```\n```java\npackage generated_program;\n\nimport com.pulumi.Context;\nimport com.pulumi.Pulumi;\nimport com.pulumi.core.Output;\nimport com.pulumi.gcp.organizations.OrganizationsFunctions;\nimport com.pulumi.gcp.organizations.inputs.GetIAMPolicyArgs;\nimport com.pulumi.gcp.dataplex.AspectTypeIamPolicy;\nimport com.pulumi.gcp.dataplex.AspectTypeIamPolicyArgs;\nimport java.util.List;\nimport java.util.ArrayList;\nimport java.util.Map;\nimport java.io.File;\nimport java.nio.file.Files;\nimport java.nio.file.Paths;\n\npublic class App {\n public static void main(String[] args) {\n Pulumi.run(App::stack);\n }\n\n public static void stack(Context ctx) {\n final var admin = OrganizationsFunctions.getIAMPolicy(GetIAMPolicyArgs.builder()\n .bindings(GetIAMPolicyBindingArgs.builder()\n .role(\"roles/viewer\")\n .members(\"user:jane@example.com\")\n .build())\n .build());\n\n var policy = new AspectTypeIamPolicy(\"policy\", AspectTypeIamPolicyArgs.builder()\n .project(testAspectTypeBasic.project())\n .location(testAspectTypeBasic.location())\n .aspectTypeId(testAspectTypeBasic.aspectTypeId())\n .policyData(admin.applyValue(getIAMPolicyResult -\u003e getIAMPolicyResult.policyData()))\n .build());\n\n }\n}\n```\n```yaml\nresources:\n policy:\n type: gcp:dataplex:AspectTypeIamPolicy\n properties:\n project: ${testAspectTypeBasic.project}\n location: ${testAspectTypeBasic.location}\n aspectTypeId: ${testAspectTypeBasic.aspectTypeId}\n policyData: ${admin.policyData}\nvariables:\n admin:\n fn::invoke:\n Function: gcp:organizations:getIAMPolicy\n Arguments:\n bindings:\n - role: roles/viewer\n members:\n - user:jane@example.com\n```\n\u003c!--End PulumiCodeChooser --\u003e\n\n## gcp.dataplex.AspectTypeIamBinding\n\n\u003c!--Start PulumiCodeChooser --\u003e\n```typescript\nimport * as pulumi from \"@pulumi/pulumi\";\nimport * as gcp from \"@pulumi/gcp\";\n\nconst binding = new gcp.dataplex.AspectTypeIamBinding(\"binding\", {\n project: testAspectTypeBasic.project,\n location: testAspectTypeBasic.location,\n aspectTypeId: testAspectTypeBasic.aspectTypeId,\n role: \"roles/viewer\",\n members: [\"user:jane@example.com\"],\n});\n```\n```python\nimport pulumi\nimport pulumi_gcp as gcp\n\nbinding = gcp.dataplex.AspectTypeIamBinding(\"binding\",\n project=test_aspect_type_basic[\"project\"],\n location=test_aspect_type_basic[\"location\"],\n aspect_type_id=test_aspect_type_basic[\"aspectTypeId\"],\n role=\"roles/viewer\",\n members=[\"user:jane@example.com\"])\n```\n```csharp\nusing System.Collections.Generic;\nusing System.Linq;\nusing Pulumi;\nusing Gcp = Pulumi.Gcp;\n\nreturn await Deployment.RunAsync(() =\u003e \n{\n var binding = new Gcp.DataPlex.AspectTypeIamBinding(\"binding\", new()\n {\n Project = testAspectTypeBasic.Project,\n Location = testAspectTypeBasic.Location,\n AspectTypeId = testAspectTypeBasic.AspectTypeId,\n Role = \"roles/viewer\",\n Members = new[]\n {\n \"user:jane@example.com\",\n },\n });\n\n});\n```\n```go\npackage main\n\nimport (\n\t\"github.com/pulumi/pulumi-gcp/sdk/v7/go/gcp/dataplex\"\n\t\"github.com/pulumi/pulumi/sdk/v3/go/pulumi\"\n)\n\nfunc main() {\n\tpulumi.Run(func(ctx *pulumi.Context) error {\n\t\t_, err := dataplex.NewAspectTypeIamBinding(ctx, \"binding\", \u0026dataplex.AspectTypeIamBindingArgs{\n\t\t\tProject: pulumi.Any(testAspectTypeBasic.Project),\n\t\t\tLocation: pulumi.Any(testAspectTypeBasic.Location),\n\t\t\tAspectTypeId: pulumi.Any(testAspectTypeBasic.AspectTypeId),\n\t\t\tRole: pulumi.String(\"roles/viewer\"),\n\t\t\tMembers: pulumi.StringArray{\n\t\t\t\tpulumi.String(\"user:jane@example.com\"),\n\t\t\t},\n\t\t})\n\t\tif err != nil {\n\t\t\treturn err\n\t\t}\n\t\treturn nil\n\t})\n}\n```\n```java\npackage generated_program;\n\nimport com.pulumi.Context;\nimport com.pulumi.Pulumi;\nimport com.pulumi.core.Output;\nimport com.pulumi.gcp.dataplex.AspectTypeIamBinding;\nimport com.pulumi.gcp.dataplex.AspectTypeIamBindingArgs;\nimport java.util.List;\nimport java.util.ArrayList;\nimport java.util.Map;\nimport java.io.File;\nimport java.nio.file.Files;\nimport java.nio.file.Paths;\n\npublic class App {\n public static void main(String[] args) {\n Pulumi.run(App::stack);\n }\n\n public static void stack(Context ctx) {\n var binding = new AspectTypeIamBinding(\"binding\", AspectTypeIamBindingArgs.builder()\n .project(testAspectTypeBasic.project())\n .location(testAspectTypeBasic.location())\n .aspectTypeId(testAspectTypeBasic.aspectTypeId())\n .role(\"roles/viewer\")\n .members(\"user:jane@example.com\")\n .build());\n\n }\n}\n```\n```yaml\nresources:\n binding:\n type: gcp:dataplex:AspectTypeIamBinding\n properties:\n project: ${testAspectTypeBasic.project}\n location: ${testAspectTypeBasic.location}\n aspectTypeId: ${testAspectTypeBasic.aspectTypeId}\n role: roles/viewer\n members:\n - user:jane@example.com\n```\n\u003c!--End PulumiCodeChooser --\u003e\n\n## gcp.dataplex.AspectTypeIamMember\n\n\u003c!--Start PulumiCodeChooser --\u003e\n```typescript\nimport * as pulumi from \"@pulumi/pulumi\";\nimport * as gcp from \"@pulumi/gcp\";\n\nconst member = new gcp.dataplex.AspectTypeIamMember(\"member\", {\n project: testAspectTypeBasic.project,\n location: testAspectTypeBasic.location,\n aspectTypeId: testAspectTypeBasic.aspectTypeId,\n role: \"roles/viewer\",\n member: \"user:jane@example.com\",\n});\n```\n```python\nimport pulumi\nimport pulumi_gcp as gcp\n\nmember = gcp.dataplex.AspectTypeIamMember(\"member\",\n project=test_aspect_type_basic[\"project\"],\n location=test_aspect_type_basic[\"location\"],\n aspect_type_id=test_aspect_type_basic[\"aspectTypeId\"],\n role=\"roles/viewer\",\n member=\"user:jane@example.com\")\n```\n```csharp\nusing System.Collections.Generic;\nusing System.Linq;\nusing Pulumi;\nusing Gcp = Pulumi.Gcp;\n\nreturn await Deployment.RunAsync(() =\u003e \n{\n var member = new Gcp.DataPlex.AspectTypeIamMember(\"member\", new()\n {\n Project = testAspectTypeBasic.Project,\n Location = testAspectTypeBasic.Location,\n AspectTypeId = testAspectTypeBasic.AspectTypeId,\n Role = \"roles/viewer\",\n Member = \"user:jane@example.com\",\n });\n\n});\n```\n```go\npackage main\n\nimport (\n\t\"github.com/pulumi/pulumi-gcp/sdk/v7/go/gcp/dataplex\"\n\t\"github.com/pulumi/pulumi/sdk/v3/go/pulumi\"\n)\n\nfunc main() {\n\tpulumi.Run(func(ctx *pulumi.Context) error {\n\t\t_, err := dataplex.NewAspectTypeIamMember(ctx, \"member\", \u0026dataplex.AspectTypeIamMemberArgs{\n\t\t\tProject: pulumi.Any(testAspectTypeBasic.Project),\n\t\t\tLocation: pulumi.Any(testAspectTypeBasic.Location),\n\t\t\tAspectTypeId: pulumi.Any(testAspectTypeBasic.AspectTypeId),\n\t\t\tRole: pulumi.String(\"roles/viewer\"),\n\t\t\tMember: pulumi.String(\"user:jane@example.com\"),\n\t\t})\n\t\tif err != nil {\n\t\t\treturn err\n\t\t}\n\t\treturn nil\n\t})\n}\n```\n```java\npackage generated_program;\n\nimport com.pulumi.Context;\nimport com.pulumi.Pulumi;\nimport com.pulumi.core.Output;\nimport com.pulumi.gcp.dataplex.AspectTypeIamMember;\nimport com.pulumi.gcp.dataplex.AspectTypeIamMemberArgs;\nimport java.util.List;\nimport java.util.ArrayList;\nimport java.util.Map;\nimport java.io.File;\nimport java.nio.file.Files;\nimport java.nio.file.Paths;\n\npublic class App {\n public static void main(String[] args) {\n Pulumi.run(App::stack);\n }\n\n public static void stack(Context ctx) {\n var member = new AspectTypeIamMember(\"member\", AspectTypeIamMemberArgs.builder()\n .project(testAspectTypeBasic.project())\n .location(testAspectTypeBasic.location())\n .aspectTypeId(testAspectTypeBasic.aspectTypeId())\n .role(\"roles/viewer\")\n .member(\"user:jane@example.com\")\n .build());\n\n }\n}\n```\n```yaml\nresources:\n member:\n type: gcp:dataplex:AspectTypeIamMember\n properties:\n project: ${testAspectTypeBasic.project}\n location: ${testAspectTypeBasic.location}\n aspectTypeId: ${testAspectTypeBasic.aspectTypeId}\n role: roles/viewer\n member: user:jane@example.com\n```\n\u003c!--End PulumiCodeChooser --\u003e\n\n## Import\n\nFor all import syntaxes, the \"resource in question\" can take any of the following forms:\n\n* projects/{{project}}/locations/{{location}}/aspectTypes/{{aspect_type_id}}\n\n* {{project}}/{{location}}/{{aspect_type_id}}\n\n* {{location}}/{{aspect_type_id}}\n\n* {{aspect_type_id}}\n\nAny variables not passed in the import command will be taken from the provider configuration.\n\nDataplex aspecttype IAM resources can be imported using the resource identifiers, role, and member.\n\nIAM member imports use space-delimited identifiers: the resource in question, the role, and the member identity, e.g.\n\n```sh\n$ pulumi import gcp:dataplex/aspectTypeIamBinding:AspectTypeIamBinding editor \"projects/{{project}}/locations/{{location}}/aspectTypes/{{aspect_type_id}} roles/viewer user:jane@example.com\"\n```\n\nIAM binding imports use space-delimited identifiers: the resource in question and the role, e.g.\n\n```sh\n$ pulumi import gcp:dataplex/aspectTypeIamBinding:AspectTypeIamBinding editor \"projects/{{project}}/locations/{{location}}/aspectTypes/{{aspect_type_id}} roles/viewer\"\n```\n\nIAM policy imports use the identifier of the resource in question, e.g.\n\n```sh\n$ pulumi import gcp:dataplex/aspectTypeIamBinding:AspectTypeIamBinding editor projects/{{project}}/locations/{{location}}/aspectTypes/{{aspect_type_id}}\n```\n\n-\u003e **Custom Roles**: If you're importing a IAM resource with a custom role, make sure to use the\n\n full name of the custom role, e.g. `[projects/my-project|organizations/my-org]/roles/my-custom-role`.\n\n", + "properties": { + "aspectTypeId": { + "type": "string" + }, + "condition": { + "$ref": "#/types/gcp:dataplex/AspectTypeIamBindingCondition:AspectTypeIamBindingCondition" + }, + "etag": { + "type": "string", + "description": "(Computed) The etag of the IAM policy.\n" + }, + "location": { + "type": "string", + "description": "The location where aspect type will be created in.\nUsed to find the parent resource to bind the IAM policy to\n" + }, + "members": { + "type": "array", + "items": { + "type": "string" + }, + "description": "Identities that will be granted the privilege in `role`.\nEach entry can have one of the following values:\n* **allUsers**: A special identifier that represents anyone who is on the internet; with or without a Google account.\n* **allAuthenticatedUsers**: A special identifier that represents anyone who is authenticated with a Google account or a service account.\n* **user:{emailid}**: An email address that represents a specific Google account. For example, alice@gmail.com or joe@example.com.\n* **serviceAccount:{emailid}**: An email address that represents a service account. For example, my-other-app@appspot.gserviceaccount.com.\n* **group:{emailid}**: An email address that represents a Google group. For example, admins@example.com.\n* **domain:{domain}**: A G Suite domain (primary, instead of alias) name that represents all the users of that domain. For example, google.com or example.com.\n* **projectOwner:projectid**: Owners of the given project. For example, \"projectOwner:my-example-project\"\n* **projectEditor:projectid**: Editors of the given project. For example, \"projectEditor:my-example-project\"\n* **projectViewer:projectid**: Viewers of the given project. For example, \"projectViewer:my-example-project\"\n" + }, + "project": { + "type": "string", + "description": "The ID of the project in which the resource belongs.\nIf it is not provided, the project will be parsed from the identifier of the parent resource. If no project is provided in the parent identifier and no project is specified, the provider project is used.\n" + }, + "role": { + "type": "string", + "description": "The role that should be applied. Only one\n`gcp.dataplex.AspectTypeIamBinding` can be used per role. Note that custom roles must be of the format\n`[projects|organizations]/{parent-name}/roles/{role-name}`.\n" + } + }, + "required": [ + "aspectTypeId", + "etag", + "location", + "members", + "project", + "role" + ], + "inputProperties": { + "aspectTypeId": { + "type": "string", + "willReplaceOnChanges": true + }, + "condition": { + "$ref": "#/types/gcp:dataplex/AspectTypeIamBindingCondition:AspectTypeIamBindingCondition", + "willReplaceOnChanges": true + }, + "location": { + "type": "string", + "description": "The location where aspect type will be created in.\nUsed to find the parent resource to bind the IAM policy to\n", + "willReplaceOnChanges": true + }, + "members": { + "type": "array", + "items": { + "type": "string" + }, + "description": "Identities that will be granted the privilege in `role`.\nEach entry can have one of the following values:\n* **allUsers**: A special identifier that represents anyone who is on the internet; with or without a Google account.\n* **allAuthenticatedUsers**: A special identifier that represents anyone who is authenticated with a Google account or a service account.\n* **user:{emailid}**: An email address that represents a specific Google account. For example, alice@gmail.com or joe@example.com.\n* **serviceAccount:{emailid}**: An email address that represents a service account. For example, my-other-app@appspot.gserviceaccount.com.\n* **group:{emailid}**: An email address that represents a Google group. For example, admins@example.com.\n* **domain:{domain}**: A G Suite domain (primary, instead of alias) name that represents all the users of that domain. For example, google.com or example.com.\n* **projectOwner:projectid**: Owners of the given project. For example, \"projectOwner:my-example-project\"\n* **projectEditor:projectid**: Editors of the given project. For example, \"projectEditor:my-example-project\"\n* **projectViewer:projectid**: Viewers of the given project. For example, \"projectViewer:my-example-project\"\n" + }, + "project": { + "type": "string", + "description": "The ID of the project in which the resource belongs.\nIf it is not provided, the project will be parsed from the identifier of the parent resource. If no project is provided in the parent identifier and no project is specified, the provider project is used.\n", + "willReplaceOnChanges": true + }, + "role": { + "type": "string", + "description": "The role that should be applied. Only one\n`gcp.dataplex.AspectTypeIamBinding` can be used per role. Note that custom roles must be of the format\n`[projects|organizations]/{parent-name}/roles/{role-name}`.\n", + "willReplaceOnChanges": true + } + }, + "requiredInputs": [ + "aspectTypeId", + "members", + "role" + ], + "stateInputs": { + "description": "Input properties used for looking up and filtering AspectTypeIamBinding resources.\n", + "properties": { + "aspectTypeId": { + "type": "string", + "willReplaceOnChanges": true + }, + "condition": { + "$ref": "#/types/gcp:dataplex/AspectTypeIamBindingCondition:AspectTypeIamBindingCondition", + "willReplaceOnChanges": true + }, + "etag": { + "type": "string", + "description": "(Computed) The etag of the IAM policy.\n" + }, + "location": { + "type": "string", + "description": "The location where aspect type will be created in.\nUsed to find the parent resource to bind the IAM policy to\n", + "willReplaceOnChanges": true + }, + "members": { + "type": "array", + "items": { + "type": "string" + }, + "description": "Identities that will be granted the privilege in `role`.\nEach entry can have one of the following values:\n* **allUsers**: A special identifier that represents anyone who is on the internet; with or without a Google account.\n* **allAuthenticatedUsers**: A special identifier that represents anyone who is authenticated with a Google account or a service account.\n* **user:{emailid}**: An email address that represents a specific Google account. For example, alice@gmail.com or joe@example.com.\n* **serviceAccount:{emailid}**: An email address that represents a service account. For example, my-other-app@appspot.gserviceaccount.com.\n* **group:{emailid}**: An email address that represents a Google group. For example, admins@example.com.\n* **domain:{domain}**: A G Suite domain (primary, instead of alias) name that represents all the users of that domain. For example, google.com or example.com.\n* **projectOwner:projectid**: Owners of the given project. For example, \"projectOwner:my-example-project\"\n* **projectEditor:projectid**: Editors of the given project. For example, \"projectEditor:my-example-project\"\n* **projectViewer:projectid**: Viewers of the given project. For example, \"projectViewer:my-example-project\"\n" + }, + "project": { + "type": "string", + "description": "The ID of the project in which the resource belongs.\nIf it is not provided, the project will be parsed from the identifier of the parent resource. If no project is provided in the parent identifier and no project is specified, the provider project is used.\n", + "willReplaceOnChanges": true + }, + "role": { + "type": "string", + "description": "The role that should be applied. Only one\n`gcp.dataplex.AspectTypeIamBinding` can be used per role. Note that custom roles must be of the format\n`[projects|organizations]/{parent-name}/roles/{role-name}`.\n", + "willReplaceOnChanges": true + } + }, + "type": "object" + } + }, + "gcp:dataplex/aspectTypeIamMember:AspectTypeIamMember": { + "description": "Three different resources help you manage your IAM policy for Dataplex AspectType. Each of these resources serves a different use case:\n\n* `gcp.dataplex.AspectTypeIamPolicy`: Authoritative. Sets the IAM policy for the aspecttype and replaces any existing policy already attached.\n* `gcp.dataplex.AspectTypeIamBinding`: Authoritative for a given role. Updates the IAM policy to grant a role to a list of members. Other roles within the IAM policy for the aspecttype are preserved.\n* `gcp.dataplex.AspectTypeIamMember`: Non-authoritative. Updates the IAM policy to grant a role to a new member. Other members for the role for the aspecttype are preserved.\n\nA data source can be used to retrieve policy data in advent you do not need creation\n\n* `gcp.dataplex.AspectTypeIamPolicy`: Retrieves the IAM policy for the aspecttype\n\n\u003e **Note:** `gcp.dataplex.AspectTypeIamPolicy` **cannot** be used in conjunction with `gcp.dataplex.AspectTypeIamBinding` and `gcp.dataplex.AspectTypeIamMember` or they will fight over what your policy should be.\n\n\u003e **Note:** `gcp.dataplex.AspectTypeIamBinding` resources **can be** used in conjunction with `gcp.dataplex.AspectTypeIamMember` resources **only if** they do not grant privilege to the same role.\n\n\n\n## gcp.dataplex.AspectTypeIamPolicy\n\n\u003c!--Start PulumiCodeChooser --\u003e\n```typescript\nimport * as pulumi from \"@pulumi/pulumi\";\nimport * as gcp from \"@pulumi/gcp\";\n\nconst admin = gcp.organizations.getIAMPolicy({\n bindings: [{\n role: \"roles/viewer\",\n members: [\"user:jane@example.com\"],\n }],\n});\nconst policy = new gcp.dataplex.AspectTypeIamPolicy(\"policy\", {\n project: testAspectTypeBasic.project,\n location: testAspectTypeBasic.location,\n aspectTypeId: testAspectTypeBasic.aspectTypeId,\n policyData: admin.then(admin =\u003e admin.policyData),\n});\n```\n```python\nimport pulumi\nimport pulumi_gcp as gcp\n\nadmin = gcp.organizations.get_iam_policy(bindings=[gcp.organizations.GetIAMPolicyBindingArgs(\n role=\"roles/viewer\",\n members=[\"user:jane@example.com\"],\n)])\npolicy = gcp.dataplex.AspectTypeIamPolicy(\"policy\",\n project=test_aspect_type_basic[\"project\"],\n location=test_aspect_type_basic[\"location\"],\n aspect_type_id=test_aspect_type_basic[\"aspectTypeId\"],\n policy_data=admin.policy_data)\n```\n```csharp\nusing System.Collections.Generic;\nusing System.Linq;\nusing Pulumi;\nusing Gcp = Pulumi.Gcp;\n\nreturn await Deployment.RunAsync(() =\u003e \n{\n var admin = Gcp.Organizations.GetIAMPolicy.Invoke(new()\n {\n Bindings = new[]\n {\n new Gcp.Organizations.Inputs.GetIAMPolicyBindingInputArgs\n {\n Role = \"roles/viewer\",\n Members = new[]\n {\n \"user:jane@example.com\",\n },\n },\n },\n });\n\n var policy = new Gcp.DataPlex.AspectTypeIamPolicy(\"policy\", new()\n {\n Project = testAspectTypeBasic.Project,\n Location = testAspectTypeBasic.Location,\n AspectTypeId = testAspectTypeBasic.AspectTypeId,\n PolicyData = admin.Apply(getIAMPolicyResult =\u003e getIAMPolicyResult.PolicyData),\n });\n\n});\n```\n```go\npackage main\n\nimport (\n\t\"github.com/pulumi/pulumi-gcp/sdk/v7/go/gcp/dataplex\"\n\t\"github.com/pulumi/pulumi-gcp/sdk/v7/go/gcp/organizations\"\n\t\"github.com/pulumi/pulumi/sdk/v3/go/pulumi\"\n)\n\nfunc main() {\n\tpulumi.Run(func(ctx *pulumi.Context) error {\n\t\tadmin, err := organizations.LookupIAMPolicy(ctx, \u0026organizations.LookupIAMPolicyArgs{\n\t\t\tBindings: []organizations.GetIAMPolicyBinding{\n\t\t\t\t{\n\t\t\t\t\tRole: \"roles/viewer\",\n\t\t\t\t\tMembers: []string{\n\t\t\t\t\t\t\"user:jane@example.com\",\n\t\t\t\t\t},\n\t\t\t\t},\n\t\t\t},\n\t\t}, nil)\n\t\tif err != nil {\n\t\t\treturn err\n\t\t}\n\t\t_, err = dataplex.NewAspectTypeIamPolicy(ctx, \"policy\", \u0026dataplex.AspectTypeIamPolicyArgs{\n\t\t\tProject: pulumi.Any(testAspectTypeBasic.Project),\n\t\t\tLocation: pulumi.Any(testAspectTypeBasic.Location),\n\t\t\tAspectTypeId: pulumi.Any(testAspectTypeBasic.AspectTypeId),\n\t\t\tPolicyData: pulumi.String(admin.PolicyData),\n\t\t})\n\t\tif err != nil {\n\t\t\treturn err\n\t\t}\n\t\treturn nil\n\t})\n}\n```\n```java\npackage generated_program;\n\nimport com.pulumi.Context;\nimport com.pulumi.Pulumi;\nimport com.pulumi.core.Output;\nimport com.pulumi.gcp.organizations.OrganizationsFunctions;\nimport com.pulumi.gcp.organizations.inputs.GetIAMPolicyArgs;\nimport com.pulumi.gcp.dataplex.AspectTypeIamPolicy;\nimport com.pulumi.gcp.dataplex.AspectTypeIamPolicyArgs;\nimport java.util.List;\nimport java.util.ArrayList;\nimport java.util.Map;\nimport java.io.File;\nimport java.nio.file.Files;\nimport java.nio.file.Paths;\n\npublic class App {\n public static void main(String[] args) {\n Pulumi.run(App::stack);\n }\n\n public static void stack(Context ctx) {\n final var admin = OrganizationsFunctions.getIAMPolicy(GetIAMPolicyArgs.builder()\n .bindings(GetIAMPolicyBindingArgs.builder()\n .role(\"roles/viewer\")\n .members(\"user:jane@example.com\")\n .build())\n .build());\n\n var policy = new AspectTypeIamPolicy(\"policy\", AspectTypeIamPolicyArgs.builder()\n .project(testAspectTypeBasic.project())\n .location(testAspectTypeBasic.location())\n .aspectTypeId(testAspectTypeBasic.aspectTypeId())\n .policyData(admin.applyValue(getIAMPolicyResult -\u003e getIAMPolicyResult.policyData()))\n .build());\n\n }\n}\n```\n```yaml\nresources:\n policy:\n type: gcp:dataplex:AspectTypeIamPolicy\n properties:\n project: ${testAspectTypeBasic.project}\n location: ${testAspectTypeBasic.location}\n aspectTypeId: ${testAspectTypeBasic.aspectTypeId}\n policyData: ${admin.policyData}\nvariables:\n admin:\n fn::invoke:\n Function: gcp:organizations:getIAMPolicy\n Arguments:\n bindings:\n - role: roles/viewer\n members:\n - user:jane@example.com\n```\n\u003c!--End PulumiCodeChooser --\u003e\n\n## gcp.dataplex.AspectTypeIamBinding\n\n\u003c!--Start PulumiCodeChooser --\u003e\n```typescript\nimport * as pulumi from \"@pulumi/pulumi\";\nimport * as gcp from \"@pulumi/gcp\";\n\nconst binding = new gcp.dataplex.AspectTypeIamBinding(\"binding\", {\n project: testAspectTypeBasic.project,\n location: testAspectTypeBasic.location,\n aspectTypeId: testAspectTypeBasic.aspectTypeId,\n role: \"roles/viewer\",\n members: [\"user:jane@example.com\"],\n});\n```\n```python\nimport pulumi\nimport pulumi_gcp as gcp\n\nbinding = gcp.dataplex.AspectTypeIamBinding(\"binding\",\n project=test_aspect_type_basic[\"project\"],\n location=test_aspect_type_basic[\"location\"],\n aspect_type_id=test_aspect_type_basic[\"aspectTypeId\"],\n role=\"roles/viewer\",\n members=[\"user:jane@example.com\"])\n```\n```csharp\nusing System.Collections.Generic;\nusing System.Linq;\nusing Pulumi;\nusing Gcp = Pulumi.Gcp;\n\nreturn await Deployment.RunAsync(() =\u003e \n{\n var binding = new Gcp.DataPlex.AspectTypeIamBinding(\"binding\", new()\n {\n Project = testAspectTypeBasic.Project,\n Location = testAspectTypeBasic.Location,\n AspectTypeId = testAspectTypeBasic.AspectTypeId,\n Role = \"roles/viewer\",\n Members = new[]\n {\n \"user:jane@example.com\",\n },\n });\n\n});\n```\n```go\npackage main\n\nimport (\n\t\"github.com/pulumi/pulumi-gcp/sdk/v7/go/gcp/dataplex\"\n\t\"github.com/pulumi/pulumi/sdk/v3/go/pulumi\"\n)\n\nfunc main() {\n\tpulumi.Run(func(ctx *pulumi.Context) error {\n\t\t_, err := dataplex.NewAspectTypeIamBinding(ctx, \"binding\", \u0026dataplex.AspectTypeIamBindingArgs{\n\t\t\tProject: pulumi.Any(testAspectTypeBasic.Project),\n\t\t\tLocation: pulumi.Any(testAspectTypeBasic.Location),\n\t\t\tAspectTypeId: pulumi.Any(testAspectTypeBasic.AspectTypeId),\n\t\t\tRole: pulumi.String(\"roles/viewer\"),\n\t\t\tMembers: pulumi.StringArray{\n\t\t\t\tpulumi.String(\"user:jane@example.com\"),\n\t\t\t},\n\t\t})\n\t\tif err != nil {\n\t\t\treturn err\n\t\t}\n\t\treturn nil\n\t})\n}\n```\n```java\npackage generated_program;\n\nimport com.pulumi.Context;\nimport com.pulumi.Pulumi;\nimport com.pulumi.core.Output;\nimport com.pulumi.gcp.dataplex.AspectTypeIamBinding;\nimport com.pulumi.gcp.dataplex.AspectTypeIamBindingArgs;\nimport java.util.List;\nimport java.util.ArrayList;\nimport java.util.Map;\nimport java.io.File;\nimport java.nio.file.Files;\nimport java.nio.file.Paths;\n\npublic class App {\n public static void main(String[] args) {\n Pulumi.run(App::stack);\n }\n\n public static void stack(Context ctx) {\n var binding = new AspectTypeIamBinding(\"binding\", AspectTypeIamBindingArgs.builder()\n .project(testAspectTypeBasic.project())\n .location(testAspectTypeBasic.location())\n .aspectTypeId(testAspectTypeBasic.aspectTypeId())\n .role(\"roles/viewer\")\n .members(\"user:jane@example.com\")\n .build());\n\n }\n}\n```\n```yaml\nresources:\n binding:\n type: gcp:dataplex:AspectTypeIamBinding\n properties:\n project: ${testAspectTypeBasic.project}\n location: ${testAspectTypeBasic.location}\n aspectTypeId: ${testAspectTypeBasic.aspectTypeId}\n role: roles/viewer\n members:\n - user:jane@example.com\n```\n\u003c!--End PulumiCodeChooser --\u003e\n\n## gcp.dataplex.AspectTypeIamMember\n\n\u003c!--Start PulumiCodeChooser --\u003e\n```typescript\nimport * as pulumi from \"@pulumi/pulumi\";\nimport * as gcp from \"@pulumi/gcp\";\n\nconst member = new gcp.dataplex.AspectTypeIamMember(\"member\", {\n project: testAspectTypeBasic.project,\n location: testAspectTypeBasic.location,\n aspectTypeId: testAspectTypeBasic.aspectTypeId,\n role: \"roles/viewer\",\n member: \"user:jane@example.com\",\n});\n```\n```python\nimport pulumi\nimport pulumi_gcp as gcp\n\nmember = gcp.dataplex.AspectTypeIamMember(\"member\",\n project=test_aspect_type_basic[\"project\"],\n location=test_aspect_type_basic[\"location\"],\n aspect_type_id=test_aspect_type_basic[\"aspectTypeId\"],\n role=\"roles/viewer\",\n member=\"user:jane@example.com\")\n```\n```csharp\nusing System.Collections.Generic;\nusing System.Linq;\nusing Pulumi;\nusing Gcp = Pulumi.Gcp;\n\nreturn await Deployment.RunAsync(() =\u003e \n{\n var member = new Gcp.DataPlex.AspectTypeIamMember(\"member\", new()\n {\n Project = testAspectTypeBasic.Project,\n Location = testAspectTypeBasic.Location,\n AspectTypeId = testAspectTypeBasic.AspectTypeId,\n Role = \"roles/viewer\",\n Member = \"user:jane@example.com\",\n });\n\n});\n```\n```go\npackage main\n\nimport (\n\t\"github.com/pulumi/pulumi-gcp/sdk/v7/go/gcp/dataplex\"\n\t\"github.com/pulumi/pulumi/sdk/v3/go/pulumi\"\n)\n\nfunc main() {\n\tpulumi.Run(func(ctx *pulumi.Context) error {\n\t\t_, err := dataplex.NewAspectTypeIamMember(ctx, \"member\", \u0026dataplex.AspectTypeIamMemberArgs{\n\t\t\tProject: pulumi.Any(testAspectTypeBasic.Project),\n\t\t\tLocation: pulumi.Any(testAspectTypeBasic.Location),\n\t\t\tAspectTypeId: pulumi.Any(testAspectTypeBasic.AspectTypeId),\n\t\t\tRole: pulumi.String(\"roles/viewer\"),\n\t\t\tMember: pulumi.String(\"user:jane@example.com\"),\n\t\t})\n\t\tif err != nil {\n\t\t\treturn err\n\t\t}\n\t\treturn nil\n\t})\n}\n```\n```java\npackage generated_program;\n\nimport com.pulumi.Context;\nimport com.pulumi.Pulumi;\nimport com.pulumi.core.Output;\nimport com.pulumi.gcp.dataplex.AspectTypeIamMember;\nimport com.pulumi.gcp.dataplex.AspectTypeIamMemberArgs;\nimport java.util.List;\nimport java.util.ArrayList;\nimport java.util.Map;\nimport java.io.File;\nimport java.nio.file.Files;\nimport java.nio.file.Paths;\n\npublic class App {\n public static void main(String[] args) {\n Pulumi.run(App::stack);\n }\n\n public static void stack(Context ctx) {\n var member = new AspectTypeIamMember(\"member\", AspectTypeIamMemberArgs.builder()\n .project(testAspectTypeBasic.project())\n .location(testAspectTypeBasic.location())\n .aspectTypeId(testAspectTypeBasic.aspectTypeId())\n .role(\"roles/viewer\")\n .member(\"user:jane@example.com\")\n .build());\n\n }\n}\n```\n```yaml\nresources:\n member:\n type: gcp:dataplex:AspectTypeIamMember\n properties:\n project: ${testAspectTypeBasic.project}\n location: ${testAspectTypeBasic.location}\n aspectTypeId: ${testAspectTypeBasic.aspectTypeId}\n role: roles/viewer\n member: user:jane@example.com\n```\n\u003c!--End PulumiCodeChooser --\u003e\n\n\n## gcp.dataplex.AspectTypeIamPolicy\n\n\u003c!--Start PulumiCodeChooser --\u003e\n```typescript\nimport * as pulumi from \"@pulumi/pulumi\";\nimport * as gcp from \"@pulumi/gcp\";\n\nconst admin = gcp.organizations.getIAMPolicy({\n bindings: [{\n role: \"roles/viewer\",\n members: [\"user:jane@example.com\"],\n }],\n});\nconst policy = new gcp.dataplex.AspectTypeIamPolicy(\"policy\", {\n project: testAspectTypeBasic.project,\n location: testAspectTypeBasic.location,\n aspectTypeId: testAspectTypeBasic.aspectTypeId,\n policyData: admin.then(admin =\u003e admin.policyData),\n});\n```\n```python\nimport pulumi\nimport pulumi_gcp as gcp\n\nadmin = gcp.organizations.get_iam_policy(bindings=[gcp.organizations.GetIAMPolicyBindingArgs(\n role=\"roles/viewer\",\n members=[\"user:jane@example.com\"],\n)])\npolicy = gcp.dataplex.AspectTypeIamPolicy(\"policy\",\n project=test_aspect_type_basic[\"project\"],\n location=test_aspect_type_basic[\"location\"],\n aspect_type_id=test_aspect_type_basic[\"aspectTypeId\"],\n policy_data=admin.policy_data)\n```\n```csharp\nusing System.Collections.Generic;\nusing System.Linq;\nusing Pulumi;\nusing Gcp = Pulumi.Gcp;\n\nreturn await Deployment.RunAsync(() =\u003e \n{\n var admin = Gcp.Organizations.GetIAMPolicy.Invoke(new()\n {\n Bindings = new[]\n {\n new Gcp.Organizations.Inputs.GetIAMPolicyBindingInputArgs\n {\n Role = \"roles/viewer\",\n Members = new[]\n {\n \"user:jane@example.com\",\n },\n },\n },\n });\n\n var policy = new Gcp.DataPlex.AspectTypeIamPolicy(\"policy\", new()\n {\n Project = testAspectTypeBasic.Project,\n Location = testAspectTypeBasic.Location,\n AspectTypeId = testAspectTypeBasic.AspectTypeId,\n PolicyData = admin.Apply(getIAMPolicyResult =\u003e getIAMPolicyResult.PolicyData),\n });\n\n});\n```\n```go\npackage main\n\nimport (\n\t\"github.com/pulumi/pulumi-gcp/sdk/v7/go/gcp/dataplex\"\n\t\"github.com/pulumi/pulumi-gcp/sdk/v7/go/gcp/organizations\"\n\t\"github.com/pulumi/pulumi/sdk/v3/go/pulumi\"\n)\n\nfunc main() {\n\tpulumi.Run(func(ctx *pulumi.Context) error {\n\t\tadmin, err := organizations.LookupIAMPolicy(ctx, \u0026organizations.LookupIAMPolicyArgs{\n\t\t\tBindings: []organizations.GetIAMPolicyBinding{\n\t\t\t\t{\n\t\t\t\t\tRole: \"roles/viewer\",\n\t\t\t\t\tMembers: []string{\n\t\t\t\t\t\t\"user:jane@example.com\",\n\t\t\t\t\t},\n\t\t\t\t},\n\t\t\t},\n\t\t}, nil)\n\t\tif err != nil {\n\t\t\treturn err\n\t\t}\n\t\t_, err = dataplex.NewAspectTypeIamPolicy(ctx, \"policy\", \u0026dataplex.AspectTypeIamPolicyArgs{\n\t\t\tProject: pulumi.Any(testAspectTypeBasic.Project),\n\t\t\tLocation: pulumi.Any(testAspectTypeBasic.Location),\n\t\t\tAspectTypeId: pulumi.Any(testAspectTypeBasic.AspectTypeId),\n\t\t\tPolicyData: pulumi.String(admin.PolicyData),\n\t\t})\n\t\tif err != nil {\n\t\t\treturn err\n\t\t}\n\t\treturn nil\n\t})\n}\n```\n```java\npackage generated_program;\n\nimport com.pulumi.Context;\nimport com.pulumi.Pulumi;\nimport com.pulumi.core.Output;\nimport com.pulumi.gcp.organizations.OrganizationsFunctions;\nimport com.pulumi.gcp.organizations.inputs.GetIAMPolicyArgs;\nimport com.pulumi.gcp.dataplex.AspectTypeIamPolicy;\nimport com.pulumi.gcp.dataplex.AspectTypeIamPolicyArgs;\nimport java.util.List;\nimport java.util.ArrayList;\nimport java.util.Map;\nimport java.io.File;\nimport java.nio.file.Files;\nimport java.nio.file.Paths;\n\npublic class App {\n public static void main(String[] args) {\n Pulumi.run(App::stack);\n }\n\n public static void stack(Context ctx) {\n final var admin = OrganizationsFunctions.getIAMPolicy(GetIAMPolicyArgs.builder()\n .bindings(GetIAMPolicyBindingArgs.builder()\n .role(\"roles/viewer\")\n .members(\"user:jane@example.com\")\n .build())\n .build());\n\n var policy = new AspectTypeIamPolicy(\"policy\", AspectTypeIamPolicyArgs.builder()\n .project(testAspectTypeBasic.project())\n .location(testAspectTypeBasic.location())\n .aspectTypeId(testAspectTypeBasic.aspectTypeId())\n .policyData(admin.applyValue(getIAMPolicyResult -\u003e getIAMPolicyResult.policyData()))\n .build());\n\n }\n}\n```\n```yaml\nresources:\n policy:\n type: gcp:dataplex:AspectTypeIamPolicy\n properties:\n project: ${testAspectTypeBasic.project}\n location: ${testAspectTypeBasic.location}\n aspectTypeId: ${testAspectTypeBasic.aspectTypeId}\n policyData: ${admin.policyData}\nvariables:\n admin:\n fn::invoke:\n Function: gcp:organizations:getIAMPolicy\n Arguments:\n bindings:\n - role: roles/viewer\n members:\n - user:jane@example.com\n```\n\u003c!--End PulumiCodeChooser --\u003e\n\n## gcp.dataplex.AspectTypeIamBinding\n\n\u003c!--Start PulumiCodeChooser --\u003e\n```typescript\nimport * as pulumi from \"@pulumi/pulumi\";\nimport * as gcp from \"@pulumi/gcp\";\n\nconst binding = new gcp.dataplex.AspectTypeIamBinding(\"binding\", {\n project: testAspectTypeBasic.project,\n location: testAspectTypeBasic.location,\n aspectTypeId: testAspectTypeBasic.aspectTypeId,\n role: \"roles/viewer\",\n members: [\"user:jane@example.com\"],\n});\n```\n```python\nimport pulumi\nimport pulumi_gcp as gcp\n\nbinding = gcp.dataplex.AspectTypeIamBinding(\"binding\",\n project=test_aspect_type_basic[\"project\"],\n location=test_aspect_type_basic[\"location\"],\n aspect_type_id=test_aspect_type_basic[\"aspectTypeId\"],\n role=\"roles/viewer\",\n members=[\"user:jane@example.com\"])\n```\n```csharp\nusing System.Collections.Generic;\nusing System.Linq;\nusing Pulumi;\nusing Gcp = Pulumi.Gcp;\n\nreturn await Deployment.RunAsync(() =\u003e \n{\n var binding = new Gcp.DataPlex.AspectTypeIamBinding(\"binding\", new()\n {\n Project = testAspectTypeBasic.Project,\n Location = testAspectTypeBasic.Location,\n AspectTypeId = testAspectTypeBasic.AspectTypeId,\n Role = \"roles/viewer\",\n Members = new[]\n {\n \"user:jane@example.com\",\n },\n });\n\n});\n```\n```go\npackage main\n\nimport (\n\t\"github.com/pulumi/pulumi-gcp/sdk/v7/go/gcp/dataplex\"\n\t\"github.com/pulumi/pulumi/sdk/v3/go/pulumi\"\n)\n\nfunc main() {\n\tpulumi.Run(func(ctx *pulumi.Context) error {\n\t\t_, err := dataplex.NewAspectTypeIamBinding(ctx, \"binding\", \u0026dataplex.AspectTypeIamBindingArgs{\n\t\t\tProject: pulumi.Any(testAspectTypeBasic.Project),\n\t\t\tLocation: pulumi.Any(testAspectTypeBasic.Location),\n\t\t\tAspectTypeId: pulumi.Any(testAspectTypeBasic.AspectTypeId),\n\t\t\tRole: pulumi.String(\"roles/viewer\"),\n\t\t\tMembers: pulumi.StringArray{\n\t\t\t\tpulumi.String(\"user:jane@example.com\"),\n\t\t\t},\n\t\t})\n\t\tif err != nil {\n\t\t\treturn err\n\t\t}\n\t\treturn nil\n\t})\n}\n```\n```java\npackage generated_program;\n\nimport com.pulumi.Context;\nimport com.pulumi.Pulumi;\nimport com.pulumi.core.Output;\nimport com.pulumi.gcp.dataplex.AspectTypeIamBinding;\nimport com.pulumi.gcp.dataplex.AspectTypeIamBindingArgs;\nimport java.util.List;\nimport java.util.ArrayList;\nimport java.util.Map;\nimport java.io.File;\nimport java.nio.file.Files;\nimport java.nio.file.Paths;\n\npublic class App {\n public static void main(String[] args) {\n Pulumi.run(App::stack);\n }\n\n public static void stack(Context ctx) {\n var binding = new AspectTypeIamBinding(\"binding\", AspectTypeIamBindingArgs.builder()\n .project(testAspectTypeBasic.project())\n .location(testAspectTypeBasic.location())\n .aspectTypeId(testAspectTypeBasic.aspectTypeId())\n .role(\"roles/viewer\")\n .members(\"user:jane@example.com\")\n .build());\n\n }\n}\n```\n```yaml\nresources:\n binding:\n type: gcp:dataplex:AspectTypeIamBinding\n properties:\n project: ${testAspectTypeBasic.project}\n location: ${testAspectTypeBasic.location}\n aspectTypeId: ${testAspectTypeBasic.aspectTypeId}\n role: roles/viewer\n members:\n - user:jane@example.com\n```\n\u003c!--End PulumiCodeChooser --\u003e\n\n## gcp.dataplex.AspectTypeIamMember\n\n\u003c!--Start PulumiCodeChooser --\u003e\n```typescript\nimport * as pulumi from \"@pulumi/pulumi\";\nimport * as gcp from \"@pulumi/gcp\";\n\nconst member = new gcp.dataplex.AspectTypeIamMember(\"member\", {\n project: testAspectTypeBasic.project,\n location: testAspectTypeBasic.location,\n aspectTypeId: testAspectTypeBasic.aspectTypeId,\n role: \"roles/viewer\",\n member: \"user:jane@example.com\",\n});\n```\n```python\nimport pulumi\nimport pulumi_gcp as gcp\n\nmember = gcp.dataplex.AspectTypeIamMember(\"member\",\n project=test_aspect_type_basic[\"project\"],\n location=test_aspect_type_basic[\"location\"],\n aspect_type_id=test_aspect_type_basic[\"aspectTypeId\"],\n role=\"roles/viewer\",\n member=\"user:jane@example.com\")\n```\n```csharp\nusing System.Collections.Generic;\nusing System.Linq;\nusing Pulumi;\nusing Gcp = Pulumi.Gcp;\n\nreturn await Deployment.RunAsync(() =\u003e \n{\n var member = new Gcp.DataPlex.AspectTypeIamMember(\"member\", new()\n {\n Project = testAspectTypeBasic.Project,\n Location = testAspectTypeBasic.Location,\n AspectTypeId = testAspectTypeBasic.AspectTypeId,\n Role = \"roles/viewer\",\n Member = \"user:jane@example.com\",\n });\n\n});\n```\n```go\npackage main\n\nimport (\n\t\"github.com/pulumi/pulumi-gcp/sdk/v7/go/gcp/dataplex\"\n\t\"github.com/pulumi/pulumi/sdk/v3/go/pulumi\"\n)\n\nfunc main() {\n\tpulumi.Run(func(ctx *pulumi.Context) error {\n\t\t_, err := dataplex.NewAspectTypeIamMember(ctx, \"member\", \u0026dataplex.AspectTypeIamMemberArgs{\n\t\t\tProject: pulumi.Any(testAspectTypeBasic.Project),\n\t\t\tLocation: pulumi.Any(testAspectTypeBasic.Location),\n\t\t\tAspectTypeId: pulumi.Any(testAspectTypeBasic.AspectTypeId),\n\t\t\tRole: pulumi.String(\"roles/viewer\"),\n\t\t\tMember: pulumi.String(\"user:jane@example.com\"),\n\t\t})\n\t\tif err != nil {\n\t\t\treturn err\n\t\t}\n\t\treturn nil\n\t})\n}\n```\n```java\npackage generated_program;\n\nimport com.pulumi.Context;\nimport com.pulumi.Pulumi;\nimport com.pulumi.core.Output;\nimport com.pulumi.gcp.dataplex.AspectTypeIamMember;\nimport com.pulumi.gcp.dataplex.AspectTypeIamMemberArgs;\nimport java.util.List;\nimport java.util.ArrayList;\nimport java.util.Map;\nimport java.io.File;\nimport java.nio.file.Files;\nimport java.nio.file.Paths;\n\npublic class App {\n public static void main(String[] args) {\n Pulumi.run(App::stack);\n }\n\n public static void stack(Context ctx) {\n var member = new AspectTypeIamMember(\"member\", AspectTypeIamMemberArgs.builder()\n .project(testAspectTypeBasic.project())\n .location(testAspectTypeBasic.location())\n .aspectTypeId(testAspectTypeBasic.aspectTypeId())\n .role(\"roles/viewer\")\n .member(\"user:jane@example.com\")\n .build());\n\n }\n}\n```\n```yaml\nresources:\n member:\n type: gcp:dataplex:AspectTypeIamMember\n properties:\n project: ${testAspectTypeBasic.project}\n location: ${testAspectTypeBasic.location}\n aspectTypeId: ${testAspectTypeBasic.aspectTypeId}\n role: roles/viewer\n member: user:jane@example.com\n```\n\u003c!--End PulumiCodeChooser --\u003e\n\n## Import\n\nFor all import syntaxes, the \"resource in question\" can take any of the following forms:\n\n* projects/{{project}}/locations/{{location}}/aspectTypes/{{aspect_type_id}}\n\n* {{project}}/{{location}}/{{aspect_type_id}}\n\n* {{location}}/{{aspect_type_id}}\n\n* {{aspect_type_id}}\n\nAny variables not passed in the import command will be taken from the provider configuration.\n\nDataplex aspecttype IAM resources can be imported using the resource identifiers, role, and member.\n\nIAM member imports use space-delimited identifiers: the resource in question, the role, and the member identity, e.g.\n\n```sh\n$ pulumi import gcp:dataplex/aspectTypeIamMember:AspectTypeIamMember editor \"projects/{{project}}/locations/{{location}}/aspectTypes/{{aspect_type_id}} roles/viewer user:jane@example.com\"\n```\n\nIAM binding imports use space-delimited identifiers: the resource in question and the role, e.g.\n\n```sh\n$ pulumi import gcp:dataplex/aspectTypeIamMember:AspectTypeIamMember editor \"projects/{{project}}/locations/{{location}}/aspectTypes/{{aspect_type_id}} roles/viewer\"\n```\n\nIAM policy imports use the identifier of the resource in question, e.g.\n\n```sh\n$ pulumi import gcp:dataplex/aspectTypeIamMember:AspectTypeIamMember editor projects/{{project}}/locations/{{location}}/aspectTypes/{{aspect_type_id}}\n```\n\n-\u003e **Custom Roles**: If you're importing a IAM resource with a custom role, make sure to use the\n\n full name of the custom role, e.g. `[projects/my-project|organizations/my-org]/roles/my-custom-role`.\n\n", + "properties": { + "aspectTypeId": { + "type": "string" + }, + "condition": { + "$ref": "#/types/gcp:dataplex/AspectTypeIamMemberCondition:AspectTypeIamMemberCondition" + }, + "etag": { + "type": "string", + "description": "(Computed) The etag of the IAM policy.\n" + }, + "location": { + "type": "string", + "description": "The location where aspect type will be created in.\nUsed to find the parent resource to bind the IAM policy to\n" + }, + "member": { + "type": "string", + "description": "Identities that will be granted the privilege in `role`.\nEach entry can have one of the following values:\n* **allUsers**: A special identifier that represents anyone who is on the internet; with or without a Google account.\n* **allAuthenticatedUsers**: A special identifier that represents anyone who is authenticated with a Google account or a service account.\n* **user:{emailid}**: An email address that represents a specific Google account. For example, alice@gmail.com or joe@example.com.\n* **serviceAccount:{emailid}**: An email address that represents a service account. For example, my-other-app@appspot.gserviceaccount.com.\n* **group:{emailid}**: An email address that represents a Google group. For example, admins@example.com.\n* **domain:{domain}**: A G Suite domain (primary, instead of alias) name that represents all the users of that domain. For example, google.com or example.com.\n* **projectOwner:projectid**: Owners of the given project. For example, \"projectOwner:my-example-project\"\n* **projectEditor:projectid**: Editors of the given project. For example, \"projectEditor:my-example-project\"\n* **projectViewer:projectid**: Viewers of the given project. For example, \"projectViewer:my-example-project\"\n" + }, + "project": { + "type": "string", + "description": "The ID of the project in which the resource belongs.\nIf it is not provided, the project will be parsed from the identifier of the parent resource. If no project is provided in the parent identifier and no project is specified, the provider project is used.\n" + }, + "role": { + "type": "string", + "description": "The role that should be applied. Only one\n`gcp.dataplex.AspectTypeIamBinding` can be used per role. Note that custom roles must be of the format\n`[projects|organizations]/{parent-name}/roles/{role-name}`.\n" + } + }, + "required": [ + "aspectTypeId", + "etag", + "location", + "member", + "project", + "role" + ], + "inputProperties": { + "aspectTypeId": { + "type": "string", + "willReplaceOnChanges": true + }, + "condition": { + "$ref": "#/types/gcp:dataplex/AspectTypeIamMemberCondition:AspectTypeIamMemberCondition", + "willReplaceOnChanges": true + }, + "location": { + "type": "string", + "description": "The location where aspect type will be created in.\nUsed to find the parent resource to bind the IAM policy to\n", + "willReplaceOnChanges": true + }, + "member": { + "type": "string", + "description": "Identities that will be granted the privilege in `role`.\nEach entry can have one of the following values:\n* **allUsers**: A special identifier that represents anyone who is on the internet; with or without a Google account.\n* **allAuthenticatedUsers**: A special identifier that represents anyone who is authenticated with a Google account or a service account.\n* **user:{emailid}**: An email address that represents a specific Google account. For example, alice@gmail.com or joe@example.com.\n* **serviceAccount:{emailid}**: An email address that represents a service account. For example, my-other-app@appspot.gserviceaccount.com.\n* **group:{emailid}**: An email address that represents a Google group. For example, admins@example.com.\n* **domain:{domain}**: A G Suite domain (primary, instead of alias) name that represents all the users of that domain. For example, google.com or example.com.\n* **projectOwner:projectid**: Owners of the given project. For example, \"projectOwner:my-example-project\"\n* **projectEditor:projectid**: Editors of the given project. For example, \"projectEditor:my-example-project\"\n* **projectViewer:projectid**: Viewers of the given project. For example, \"projectViewer:my-example-project\"\n", + "willReplaceOnChanges": true + }, + "project": { + "type": "string", + "description": "The ID of the project in which the resource belongs.\nIf it is not provided, the project will be parsed from the identifier of the parent resource. If no project is provided in the parent identifier and no project is specified, the provider project is used.\n", + "willReplaceOnChanges": true + }, + "role": { + "type": "string", + "description": "The role that should be applied. Only one\n`gcp.dataplex.AspectTypeIamBinding` can be used per role. Note that custom roles must be of the format\n`[projects|organizations]/{parent-name}/roles/{role-name}`.\n", + "willReplaceOnChanges": true + } + }, + "requiredInputs": [ + "aspectTypeId", + "member", + "role" + ], + "stateInputs": { + "description": "Input properties used for looking up and filtering AspectTypeIamMember resources.\n", + "properties": { + "aspectTypeId": { + "type": "string", + "willReplaceOnChanges": true + }, + "condition": { + "$ref": "#/types/gcp:dataplex/AspectTypeIamMemberCondition:AspectTypeIamMemberCondition", + "willReplaceOnChanges": true + }, + "etag": { + "type": "string", + "description": "(Computed) The etag of the IAM policy.\n" + }, + "location": { + "type": "string", + "description": "The location where aspect type will be created in.\nUsed to find the parent resource to bind the IAM policy to\n", + "willReplaceOnChanges": true + }, + "member": { + "type": "string", + "description": "Identities that will be granted the privilege in `role`.\nEach entry can have one of the following values:\n* **allUsers**: A special identifier that represents anyone who is on the internet; with or without a Google account.\n* **allAuthenticatedUsers**: A special identifier that represents anyone who is authenticated with a Google account or a service account.\n* **user:{emailid}**: An email address that represents a specific Google account. For example, alice@gmail.com or joe@example.com.\n* **serviceAccount:{emailid}**: An email address that represents a service account. For example, my-other-app@appspot.gserviceaccount.com.\n* **group:{emailid}**: An email address that represents a Google group. For example, admins@example.com.\n* **domain:{domain}**: A G Suite domain (primary, instead of alias) name that represents all the users of that domain. For example, google.com or example.com.\n* **projectOwner:projectid**: Owners of the given project. For example, \"projectOwner:my-example-project\"\n* **projectEditor:projectid**: Editors of the given project. For example, \"projectEditor:my-example-project\"\n* **projectViewer:projectid**: Viewers of the given project. For example, \"projectViewer:my-example-project\"\n", + "willReplaceOnChanges": true + }, + "project": { + "type": "string", + "description": "The ID of the project in which the resource belongs.\nIf it is not provided, the project will be parsed from the identifier of the parent resource. If no project is provided in the parent identifier and no project is specified, the provider project is used.\n", + "willReplaceOnChanges": true + }, + "role": { + "type": "string", + "description": "The role that should be applied. Only one\n`gcp.dataplex.AspectTypeIamBinding` can be used per role. Note that custom roles must be of the format\n`[projects|organizations]/{parent-name}/roles/{role-name}`.\n", + "willReplaceOnChanges": true + } + }, + "type": "object" + } + }, + "gcp:dataplex/aspectTypeIamPolicy:AspectTypeIamPolicy": { + "description": "Three different resources help you manage your IAM policy for Dataplex AspectType. Each of these resources serves a different use case:\n\n* `gcp.dataplex.AspectTypeIamPolicy`: Authoritative. Sets the IAM policy for the aspecttype and replaces any existing policy already attached.\n* `gcp.dataplex.AspectTypeIamBinding`: Authoritative for a given role. Updates the IAM policy to grant a role to a list of members. Other roles within the IAM policy for the aspecttype are preserved.\n* `gcp.dataplex.AspectTypeIamMember`: Non-authoritative. Updates the IAM policy to grant a role to a new member. Other members for the role for the aspecttype are preserved.\n\nA data source can be used to retrieve policy data in advent you do not need creation\n\n* `gcp.dataplex.AspectTypeIamPolicy`: Retrieves the IAM policy for the aspecttype\n\n\u003e **Note:** `gcp.dataplex.AspectTypeIamPolicy` **cannot** be used in conjunction with `gcp.dataplex.AspectTypeIamBinding` and `gcp.dataplex.AspectTypeIamMember` or they will fight over what your policy should be.\n\n\u003e **Note:** `gcp.dataplex.AspectTypeIamBinding` resources **can be** used in conjunction with `gcp.dataplex.AspectTypeIamMember` resources **only if** they do not grant privilege to the same role.\n\n\n\n## gcp.dataplex.AspectTypeIamPolicy\n\n\u003c!--Start PulumiCodeChooser --\u003e\n```typescript\nimport * as pulumi from \"@pulumi/pulumi\";\nimport * as gcp from \"@pulumi/gcp\";\n\nconst admin = gcp.organizations.getIAMPolicy({\n bindings: [{\n role: \"roles/viewer\",\n members: [\"user:jane@example.com\"],\n }],\n});\nconst policy = new gcp.dataplex.AspectTypeIamPolicy(\"policy\", {\n project: testAspectTypeBasic.project,\n location: testAspectTypeBasic.location,\n aspectTypeId: testAspectTypeBasic.aspectTypeId,\n policyData: admin.then(admin =\u003e admin.policyData),\n});\n```\n```python\nimport pulumi\nimport pulumi_gcp as gcp\n\nadmin = gcp.organizations.get_iam_policy(bindings=[gcp.organizations.GetIAMPolicyBindingArgs(\n role=\"roles/viewer\",\n members=[\"user:jane@example.com\"],\n)])\npolicy = gcp.dataplex.AspectTypeIamPolicy(\"policy\",\n project=test_aspect_type_basic[\"project\"],\n location=test_aspect_type_basic[\"location\"],\n aspect_type_id=test_aspect_type_basic[\"aspectTypeId\"],\n policy_data=admin.policy_data)\n```\n```csharp\nusing System.Collections.Generic;\nusing System.Linq;\nusing Pulumi;\nusing Gcp = Pulumi.Gcp;\n\nreturn await Deployment.RunAsync(() =\u003e \n{\n var admin = Gcp.Organizations.GetIAMPolicy.Invoke(new()\n {\n Bindings = new[]\n {\n new Gcp.Organizations.Inputs.GetIAMPolicyBindingInputArgs\n {\n Role = \"roles/viewer\",\n Members = new[]\n {\n \"user:jane@example.com\",\n },\n },\n },\n });\n\n var policy = new Gcp.DataPlex.AspectTypeIamPolicy(\"policy\", new()\n {\n Project = testAspectTypeBasic.Project,\n Location = testAspectTypeBasic.Location,\n AspectTypeId = testAspectTypeBasic.AspectTypeId,\n PolicyData = admin.Apply(getIAMPolicyResult =\u003e getIAMPolicyResult.PolicyData),\n });\n\n});\n```\n```go\npackage main\n\nimport (\n\t\"github.com/pulumi/pulumi-gcp/sdk/v7/go/gcp/dataplex\"\n\t\"github.com/pulumi/pulumi-gcp/sdk/v7/go/gcp/organizations\"\n\t\"github.com/pulumi/pulumi/sdk/v3/go/pulumi\"\n)\n\nfunc main() {\n\tpulumi.Run(func(ctx *pulumi.Context) error {\n\t\tadmin, err := organizations.LookupIAMPolicy(ctx, \u0026organizations.LookupIAMPolicyArgs{\n\t\t\tBindings: []organizations.GetIAMPolicyBinding{\n\t\t\t\t{\n\t\t\t\t\tRole: \"roles/viewer\",\n\t\t\t\t\tMembers: []string{\n\t\t\t\t\t\t\"user:jane@example.com\",\n\t\t\t\t\t},\n\t\t\t\t},\n\t\t\t},\n\t\t}, nil)\n\t\tif err != nil {\n\t\t\treturn err\n\t\t}\n\t\t_, err = dataplex.NewAspectTypeIamPolicy(ctx, \"policy\", \u0026dataplex.AspectTypeIamPolicyArgs{\n\t\t\tProject: pulumi.Any(testAspectTypeBasic.Project),\n\t\t\tLocation: pulumi.Any(testAspectTypeBasic.Location),\n\t\t\tAspectTypeId: pulumi.Any(testAspectTypeBasic.AspectTypeId),\n\t\t\tPolicyData: pulumi.String(admin.PolicyData),\n\t\t})\n\t\tif err != nil {\n\t\t\treturn err\n\t\t}\n\t\treturn nil\n\t})\n}\n```\n```java\npackage generated_program;\n\nimport com.pulumi.Context;\nimport com.pulumi.Pulumi;\nimport com.pulumi.core.Output;\nimport com.pulumi.gcp.organizations.OrganizationsFunctions;\nimport com.pulumi.gcp.organizations.inputs.GetIAMPolicyArgs;\nimport com.pulumi.gcp.dataplex.AspectTypeIamPolicy;\nimport com.pulumi.gcp.dataplex.AspectTypeIamPolicyArgs;\nimport java.util.List;\nimport java.util.ArrayList;\nimport java.util.Map;\nimport java.io.File;\nimport java.nio.file.Files;\nimport java.nio.file.Paths;\n\npublic class App {\n public static void main(String[] args) {\n Pulumi.run(App::stack);\n }\n\n public static void stack(Context ctx) {\n final var admin = OrganizationsFunctions.getIAMPolicy(GetIAMPolicyArgs.builder()\n .bindings(GetIAMPolicyBindingArgs.builder()\n .role(\"roles/viewer\")\n .members(\"user:jane@example.com\")\n .build())\n .build());\n\n var policy = new AspectTypeIamPolicy(\"policy\", AspectTypeIamPolicyArgs.builder()\n .project(testAspectTypeBasic.project())\n .location(testAspectTypeBasic.location())\n .aspectTypeId(testAspectTypeBasic.aspectTypeId())\n .policyData(admin.applyValue(getIAMPolicyResult -\u003e getIAMPolicyResult.policyData()))\n .build());\n\n }\n}\n```\n```yaml\nresources:\n policy:\n type: gcp:dataplex:AspectTypeIamPolicy\n properties:\n project: ${testAspectTypeBasic.project}\n location: ${testAspectTypeBasic.location}\n aspectTypeId: ${testAspectTypeBasic.aspectTypeId}\n policyData: ${admin.policyData}\nvariables:\n admin:\n fn::invoke:\n Function: gcp:organizations:getIAMPolicy\n Arguments:\n bindings:\n - role: roles/viewer\n members:\n - user:jane@example.com\n```\n\u003c!--End PulumiCodeChooser --\u003e\n\n## gcp.dataplex.AspectTypeIamBinding\n\n\u003c!--Start PulumiCodeChooser --\u003e\n```typescript\nimport * as pulumi from \"@pulumi/pulumi\";\nimport * as gcp from \"@pulumi/gcp\";\n\nconst binding = new gcp.dataplex.AspectTypeIamBinding(\"binding\", {\n project: testAspectTypeBasic.project,\n location: testAspectTypeBasic.location,\n aspectTypeId: testAspectTypeBasic.aspectTypeId,\n role: \"roles/viewer\",\n members: [\"user:jane@example.com\"],\n});\n```\n```python\nimport pulumi\nimport pulumi_gcp as gcp\n\nbinding = gcp.dataplex.AspectTypeIamBinding(\"binding\",\n project=test_aspect_type_basic[\"project\"],\n location=test_aspect_type_basic[\"location\"],\n aspect_type_id=test_aspect_type_basic[\"aspectTypeId\"],\n role=\"roles/viewer\",\n members=[\"user:jane@example.com\"])\n```\n```csharp\nusing System.Collections.Generic;\nusing System.Linq;\nusing Pulumi;\nusing Gcp = Pulumi.Gcp;\n\nreturn await Deployment.RunAsync(() =\u003e \n{\n var binding = new Gcp.DataPlex.AspectTypeIamBinding(\"binding\", new()\n {\n Project = testAspectTypeBasic.Project,\n Location = testAspectTypeBasic.Location,\n AspectTypeId = testAspectTypeBasic.AspectTypeId,\n Role = \"roles/viewer\",\n Members = new[]\n {\n \"user:jane@example.com\",\n },\n });\n\n});\n```\n```go\npackage main\n\nimport (\n\t\"github.com/pulumi/pulumi-gcp/sdk/v7/go/gcp/dataplex\"\n\t\"github.com/pulumi/pulumi/sdk/v3/go/pulumi\"\n)\n\nfunc main() {\n\tpulumi.Run(func(ctx *pulumi.Context) error {\n\t\t_, err := dataplex.NewAspectTypeIamBinding(ctx, \"binding\", \u0026dataplex.AspectTypeIamBindingArgs{\n\t\t\tProject: pulumi.Any(testAspectTypeBasic.Project),\n\t\t\tLocation: pulumi.Any(testAspectTypeBasic.Location),\n\t\t\tAspectTypeId: pulumi.Any(testAspectTypeBasic.AspectTypeId),\n\t\t\tRole: pulumi.String(\"roles/viewer\"),\n\t\t\tMembers: pulumi.StringArray{\n\t\t\t\tpulumi.String(\"user:jane@example.com\"),\n\t\t\t},\n\t\t})\n\t\tif err != nil {\n\t\t\treturn err\n\t\t}\n\t\treturn nil\n\t})\n}\n```\n```java\npackage generated_program;\n\nimport com.pulumi.Context;\nimport com.pulumi.Pulumi;\nimport com.pulumi.core.Output;\nimport com.pulumi.gcp.dataplex.AspectTypeIamBinding;\nimport com.pulumi.gcp.dataplex.AspectTypeIamBindingArgs;\nimport java.util.List;\nimport java.util.ArrayList;\nimport java.util.Map;\nimport java.io.File;\nimport java.nio.file.Files;\nimport java.nio.file.Paths;\n\npublic class App {\n public static void main(String[] args) {\n Pulumi.run(App::stack);\n }\n\n public static void stack(Context ctx) {\n var binding = new AspectTypeIamBinding(\"binding\", AspectTypeIamBindingArgs.builder()\n .project(testAspectTypeBasic.project())\n .location(testAspectTypeBasic.location())\n .aspectTypeId(testAspectTypeBasic.aspectTypeId())\n .role(\"roles/viewer\")\n .members(\"user:jane@example.com\")\n .build());\n\n }\n}\n```\n```yaml\nresources:\n binding:\n type: gcp:dataplex:AspectTypeIamBinding\n properties:\n project: ${testAspectTypeBasic.project}\n location: ${testAspectTypeBasic.location}\n aspectTypeId: ${testAspectTypeBasic.aspectTypeId}\n role: roles/viewer\n members:\n - user:jane@example.com\n```\n\u003c!--End PulumiCodeChooser --\u003e\n\n## gcp.dataplex.AspectTypeIamMember\n\n\u003c!--Start PulumiCodeChooser --\u003e\n```typescript\nimport * as pulumi from \"@pulumi/pulumi\";\nimport * as gcp from \"@pulumi/gcp\";\n\nconst member = new gcp.dataplex.AspectTypeIamMember(\"member\", {\n project: testAspectTypeBasic.project,\n location: testAspectTypeBasic.location,\n aspectTypeId: testAspectTypeBasic.aspectTypeId,\n role: \"roles/viewer\",\n member: \"user:jane@example.com\",\n});\n```\n```python\nimport pulumi\nimport pulumi_gcp as gcp\n\nmember = gcp.dataplex.AspectTypeIamMember(\"member\",\n project=test_aspect_type_basic[\"project\"],\n location=test_aspect_type_basic[\"location\"],\n aspect_type_id=test_aspect_type_basic[\"aspectTypeId\"],\n role=\"roles/viewer\",\n member=\"user:jane@example.com\")\n```\n```csharp\nusing System.Collections.Generic;\nusing System.Linq;\nusing Pulumi;\nusing Gcp = Pulumi.Gcp;\n\nreturn await Deployment.RunAsync(() =\u003e \n{\n var member = new Gcp.DataPlex.AspectTypeIamMember(\"member\", new()\n {\n Project = testAspectTypeBasic.Project,\n Location = testAspectTypeBasic.Location,\n AspectTypeId = testAspectTypeBasic.AspectTypeId,\n Role = \"roles/viewer\",\n Member = \"user:jane@example.com\",\n });\n\n});\n```\n```go\npackage main\n\nimport (\n\t\"github.com/pulumi/pulumi-gcp/sdk/v7/go/gcp/dataplex\"\n\t\"github.com/pulumi/pulumi/sdk/v3/go/pulumi\"\n)\n\nfunc main() {\n\tpulumi.Run(func(ctx *pulumi.Context) error {\n\t\t_, err := dataplex.NewAspectTypeIamMember(ctx, \"member\", \u0026dataplex.AspectTypeIamMemberArgs{\n\t\t\tProject: pulumi.Any(testAspectTypeBasic.Project),\n\t\t\tLocation: pulumi.Any(testAspectTypeBasic.Location),\n\t\t\tAspectTypeId: pulumi.Any(testAspectTypeBasic.AspectTypeId),\n\t\t\tRole: pulumi.String(\"roles/viewer\"),\n\t\t\tMember: pulumi.String(\"user:jane@example.com\"),\n\t\t})\n\t\tif err != nil {\n\t\t\treturn err\n\t\t}\n\t\treturn nil\n\t})\n}\n```\n```java\npackage generated_program;\n\nimport com.pulumi.Context;\nimport com.pulumi.Pulumi;\nimport com.pulumi.core.Output;\nimport com.pulumi.gcp.dataplex.AspectTypeIamMember;\nimport com.pulumi.gcp.dataplex.AspectTypeIamMemberArgs;\nimport java.util.List;\nimport java.util.ArrayList;\nimport java.util.Map;\nimport java.io.File;\nimport java.nio.file.Files;\nimport java.nio.file.Paths;\n\npublic class App {\n public static void main(String[] args) {\n Pulumi.run(App::stack);\n }\n\n public static void stack(Context ctx) {\n var member = new AspectTypeIamMember(\"member\", AspectTypeIamMemberArgs.builder()\n .project(testAspectTypeBasic.project())\n .location(testAspectTypeBasic.location())\n .aspectTypeId(testAspectTypeBasic.aspectTypeId())\n .role(\"roles/viewer\")\n .member(\"user:jane@example.com\")\n .build());\n\n }\n}\n```\n```yaml\nresources:\n member:\n type: gcp:dataplex:AspectTypeIamMember\n properties:\n project: ${testAspectTypeBasic.project}\n location: ${testAspectTypeBasic.location}\n aspectTypeId: ${testAspectTypeBasic.aspectTypeId}\n role: roles/viewer\n member: user:jane@example.com\n```\n\u003c!--End PulumiCodeChooser --\u003e\n\n\n## gcp.dataplex.AspectTypeIamPolicy\n\n\u003c!--Start PulumiCodeChooser --\u003e\n```typescript\nimport * as pulumi from \"@pulumi/pulumi\";\nimport * as gcp from \"@pulumi/gcp\";\n\nconst admin = gcp.organizations.getIAMPolicy({\n bindings: [{\n role: \"roles/viewer\",\n members: [\"user:jane@example.com\"],\n }],\n});\nconst policy = new gcp.dataplex.AspectTypeIamPolicy(\"policy\", {\n project: testAspectTypeBasic.project,\n location: testAspectTypeBasic.location,\n aspectTypeId: testAspectTypeBasic.aspectTypeId,\n policyData: admin.then(admin =\u003e admin.policyData),\n});\n```\n```python\nimport pulumi\nimport pulumi_gcp as gcp\n\nadmin = gcp.organizations.get_iam_policy(bindings=[gcp.organizations.GetIAMPolicyBindingArgs(\n role=\"roles/viewer\",\n members=[\"user:jane@example.com\"],\n)])\npolicy = gcp.dataplex.AspectTypeIamPolicy(\"policy\",\n project=test_aspect_type_basic[\"project\"],\n location=test_aspect_type_basic[\"location\"],\n aspect_type_id=test_aspect_type_basic[\"aspectTypeId\"],\n policy_data=admin.policy_data)\n```\n```csharp\nusing System.Collections.Generic;\nusing System.Linq;\nusing Pulumi;\nusing Gcp = Pulumi.Gcp;\n\nreturn await Deployment.RunAsync(() =\u003e \n{\n var admin = Gcp.Organizations.GetIAMPolicy.Invoke(new()\n {\n Bindings = new[]\n {\n new Gcp.Organizations.Inputs.GetIAMPolicyBindingInputArgs\n {\n Role = \"roles/viewer\",\n Members = new[]\n {\n \"user:jane@example.com\",\n },\n },\n },\n });\n\n var policy = new Gcp.DataPlex.AspectTypeIamPolicy(\"policy\", new()\n {\n Project = testAspectTypeBasic.Project,\n Location = testAspectTypeBasic.Location,\n AspectTypeId = testAspectTypeBasic.AspectTypeId,\n PolicyData = admin.Apply(getIAMPolicyResult =\u003e getIAMPolicyResult.PolicyData),\n });\n\n});\n```\n```go\npackage main\n\nimport (\n\t\"github.com/pulumi/pulumi-gcp/sdk/v7/go/gcp/dataplex\"\n\t\"github.com/pulumi/pulumi-gcp/sdk/v7/go/gcp/organizations\"\n\t\"github.com/pulumi/pulumi/sdk/v3/go/pulumi\"\n)\n\nfunc main() {\n\tpulumi.Run(func(ctx *pulumi.Context) error {\n\t\tadmin, err := organizations.LookupIAMPolicy(ctx, \u0026organizations.LookupIAMPolicyArgs{\n\t\t\tBindings: []organizations.GetIAMPolicyBinding{\n\t\t\t\t{\n\t\t\t\t\tRole: \"roles/viewer\",\n\t\t\t\t\tMembers: []string{\n\t\t\t\t\t\t\"user:jane@example.com\",\n\t\t\t\t\t},\n\t\t\t\t},\n\t\t\t},\n\t\t}, nil)\n\t\tif err != nil {\n\t\t\treturn err\n\t\t}\n\t\t_, err = dataplex.NewAspectTypeIamPolicy(ctx, \"policy\", \u0026dataplex.AspectTypeIamPolicyArgs{\n\t\t\tProject: pulumi.Any(testAspectTypeBasic.Project),\n\t\t\tLocation: pulumi.Any(testAspectTypeBasic.Location),\n\t\t\tAspectTypeId: pulumi.Any(testAspectTypeBasic.AspectTypeId),\n\t\t\tPolicyData: pulumi.String(admin.PolicyData),\n\t\t})\n\t\tif err != nil {\n\t\t\treturn err\n\t\t}\n\t\treturn nil\n\t})\n}\n```\n```java\npackage generated_program;\n\nimport com.pulumi.Context;\nimport com.pulumi.Pulumi;\nimport com.pulumi.core.Output;\nimport com.pulumi.gcp.organizations.OrganizationsFunctions;\nimport com.pulumi.gcp.organizations.inputs.GetIAMPolicyArgs;\nimport com.pulumi.gcp.dataplex.AspectTypeIamPolicy;\nimport com.pulumi.gcp.dataplex.AspectTypeIamPolicyArgs;\nimport java.util.List;\nimport java.util.ArrayList;\nimport java.util.Map;\nimport java.io.File;\nimport java.nio.file.Files;\nimport java.nio.file.Paths;\n\npublic class App {\n public static void main(String[] args) {\n Pulumi.run(App::stack);\n }\n\n public static void stack(Context ctx) {\n final var admin = OrganizationsFunctions.getIAMPolicy(GetIAMPolicyArgs.builder()\n .bindings(GetIAMPolicyBindingArgs.builder()\n .role(\"roles/viewer\")\n .members(\"user:jane@example.com\")\n .build())\n .build());\n\n var policy = new AspectTypeIamPolicy(\"policy\", AspectTypeIamPolicyArgs.builder()\n .project(testAspectTypeBasic.project())\n .location(testAspectTypeBasic.location())\n .aspectTypeId(testAspectTypeBasic.aspectTypeId())\n .policyData(admin.applyValue(getIAMPolicyResult -\u003e getIAMPolicyResult.policyData()))\n .build());\n\n }\n}\n```\n```yaml\nresources:\n policy:\n type: gcp:dataplex:AspectTypeIamPolicy\n properties:\n project: ${testAspectTypeBasic.project}\n location: ${testAspectTypeBasic.location}\n aspectTypeId: ${testAspectTypeBasic.aspectTypeId}\n policyData: ${admin.policyData}\nvariables:\n admin:\n fn::invoke:\n Function: gcp:organizations:getIAMPolicy\n Arguments:\n bindings:\n - role: roles/viewer\n members:\n - user:jane@example.com\n```\n\u003c!--End PulumiCodeChooser --\u003e\n\n## gcp.dataplex.AspectTypeIamBinding\n\n\u003c!--Start PulumiCodeChooser --\u003e\n```typescript\nimport * as pulumi from \"@pulumi/pulumi\";\nimport * as gcp from \"@pulumi/gcp\";\n\nconst binding = new gcp.dataplex.AspectTypeIamBinding(\"binding\", {\n project: testAspectTypeBasic.project,\n location: testAspectTypeBasic.location,\n aspectTypeId: testAspectTypeBasic.aspectTypeId,\n role: \"roles/viewer\",\n members: [\"user:jane@example.com\"],\n});\n```\n```python\nimport pulumi\nimport pulumi_gcp as gcp\n\nbinding = gcp.dataplex.AspectTypeIamBinding(\"binding\",\n project=test_aspect_type_basic[\"project\"],\n location=test_aspect_type_basic[\"location\"],\n aspect_type_id=test_aspect_type_basic[\"aspectTypeId\"],\n role=\"roles/viewer\",\n members=[\"user:jane@example.com\"])\n```\n```csharp\nusing System.Collections.Generic;\nusing System.Linq;\nusing Pulumi;\nusing Gcp = Pulumi.Gcp;\n\nreturn await Deployment.RunAsync(() =\u003e \n{\n var binding = new Gcp.DataPlex.AspectTypeIamBinding(\"binding\", new()\n {\n Project = testAspectTypeBasic.Project,\n Location = testAspectTypeBasic.Location,\n AspectTypeId = testAspectTypeBasic.AspectTypeId,\n Role = \"roles/viewer\",\n Members = new[]\n {\n \"user:jane@example.com\",\n },\n });\n\n});\n```\n```go\npackage main\n\nimport (\n\t\"github.com/pulumi/pulumi-gcp/sdk/v7/go/gcp/dataplex\"\n\t\"github.com/pulumi/pulumi/sdk/v3/go/pulumi\"\n)\n\nfunc main() {\n\tpulumi.Run(func(ctx *pulumi.Context) error {\n\t\t_, err := dataplex.NewAspectTypeIamBinding(ctx, \"binding\", \u0026dataplex.AspectTypeIamBindingArgs{\n\t\t\tProject: pulumi.Any(testAspectTypeBasic.Project),\n\t\t\tLocation: pulumi.Any(testAspectTypeBasic.Location),\n\t\t\tAspectTypeId: pulumi.Any(testAspectTypeBasic.AspectTypeId),\n\t\t\tRole: pulumi.String(\"roles/viewer\"),\n\t\t\tMembers: pulumi.StringArray{\n\t\t\t\tpulumi.String(\"user:jane@example.com\"),\n\t\t\t},\n\t\t})\n\t\tif err != nil {\n\t\t\treturn err\n\t\t}\n\t\treturn nil\n\t})\n}\n```\n```java\npackage generated_program;\n\nimport com.pulumi.Context;\nimport com.pulumi.Pulumi;\nimport com.pulumi.core.Output;\nimport com.pulumi.gcp.dataplex.AspectTypeIamBinding;\nimport com.pulumi.gcp.dataplex.AspectTypeIamBindingArgs;\nimport java.util.List;\nimport java.util.ArrayList;\nimport java.util.Map;\nimport java.io.File;\nimport java.nio.file.Files;\nimport java.nio.file.Paths;\n\npublic class App {\n public static void main(String[] args) {\n Pulumi.run(App::stack);\n }\n\n public static void stack(Context ctx) {\n var binding = new AspectTypeIamBinding(\"binding\", AspectTypeIamBindingArgs.builder()\n .project(testAspectTypeBasic.project())\n .location(testAspectTypeBasic.location())\n .aspectTypeId(testAspectTypeBasic.aspectTypeId())\n .role(\"roles/viewer\")\n .members(\"user:jane@example.com\")\n .build());\n\n }\n}\n```\n```yaml\nresources:\n binding:\n type: gcp:dataplex:AspectTypeIamBinding\n properties:\n project: ${testAspectTypeBasic.project}\n location: ${testAspectTypeBasic.location}\n aspectTypeId: ${testAspectTypeBasic.aspectTypeId}\n role: roles/viewer\n members:\n - user:jane@example.com\n```\n\u003c!--End PulumiCodeChooser --\u003e\n\n## gcp.dataplex.AspectTypeIamMember\n\n\u003c!--Start PulumiCodeChooser --\u003e\n```typescript\nimport * as pulumi from \"@pulumi/pulumi\";\nimport * as gcp from \"@pulumi/gcp\";\n\nconst member = new gcp.dataplex.AspectTypeIamMember(\"member\", {\n project: testAspectTypeBasic.project,\n location: testAspectTypeBasic.location,\n aspectTypeId: testAspectTypeBasic.aspectTypeId,\n role: \"roles/viewer\",\n member: \"user:jane@example.com\",\n});\n```\n```python\nimport pulumi\nimport pulumi_gcp as gcp\n\nmember = gcp.dataplex.AspectTypeIamMember(\"member\",\n project=test_aspect_type_basic[\"project\"],\n location=test_aspect_type_basic[\"location\"],\n aspect_type_id=test_aspect_type_basic[\"aspectTypeId\"],\n role=\"roles/viewer\",\n member=\"user:jane@example.com\")\n```\n```csharp\nusing System.Collections.Generic;\nusing System.Linq;\nusing Pulumi;\nusing Gcp = Pulumi.Gcp;\n\nreturn await Deployment.RunAsync(() =\u003e \n{\n var member = new Gcp.DataPlex.AspectTypeIamMember(\"member\", new()\n {\n Project = testAspectTypeBasic.Project,\n Location = testAspectTypeBasic.Location,\n AspectTypeId = testAspectTypeBasic.AspectTypeId,\n Role = \"roles/viewer\",\n Member = \"user:jane@example.com\",\n });\n\n});\n```\n```go\npackage main\n\nimport (\n\t\"github.com/pulumi/pulumi-gcp/sdk/v7/go/gcp/dataplex\"\n\t\"github.com/pulumi/pulumi/sdk/v3/go/pulumi\"\n)\n\nfunc main() {\n\tpulumi.Run(func(ctx *pulumi.Context) error {\n\t\t_, err := dataplex.NewAspectTypeIamMember(ctx, \"member\", \u0026dataplex.AspectTypeIamMemberArgs{\n\t\t\tProject: pulumi.Any(testAspectTypeBasic.Project),\n\t\t\tLocation: pulumi.Any(testAspectTypeBasic.Location),\n\t\t\tAspectTypeId: pulumi.Any(testAspectTypeBasic.AspectTypeId),\n\t\t\tRole: pulumi.String(\"roles/viewer\"),\n\t\t\tMember: pulumi.String(\"user:jane@example.com\"),\n\t\t})\n\t\tif err != nil {\n\t\t\treturn err\n\t\t}\n\t\treturn nil\n\t})\n}\n```\n```java\npackage generated_program;\n\nimport com.pulumi.Context;\nimport com.pulumi.Pulumi;\nimport com.pulumi.core.Output;\nimport com.pulumi.gcp.dataplex.AspectTypeIamMember;\nimport com.pulumi.gcp.dataplex.AspectTypeIamMemberArgs;\nimport java.util.List;\nimport java.util.ArrayList;\nimport java.util.Map;\nimport java.io.File;\nimport java.nio.file.Files;\nimport java.nio.file.Paths;\n\npublic class App {\n public static void main(String[] args) {\n Pulumi.run(App::stack);\n }\n\n public static void stack(Context ctx) {\n var member = new AspectTypeIamMember(\"member\", AspectTypeIamMemberArgs.builder()\n .project(testAspectTypeBasic.project())\n .location(testAspectTypeBasic.location())\n .aspectTypeId(testAspectTypeBasic.aspectTypeId())\n .role(\"roles/viewer\")\n .member(\"user:jane@example.com\")\n .build());\n\n }\n}\n```\n```yaml\nresources:\n member:\n type: gcp:dataplex:AspectTypeIamMember\n properties:\n project: ${testAspectTypeBasic.project}\n location: ${testAspectTypeBasic.location}\n aspectTypeId: ${testAspectTypeBasic.aspectTypeId}\n role: roles/viewer\n member: user:jane@example.com\n```\n\u003c!--End PulumiCodeChooser --\u003e\n\n## Import\n\nFor all import syntaxes, the \"resource in question\" can take any of the following forms:\n\n* projects/{{project}}/locations/{{location}}/aspectTypes/{{aspect_type_id}}\n\n* {{project}}/{{location}}/{{aspect_type_id}}\n\n* {{location}}/{{aspect_type_id}}\n\n* {{aspect_type_id}}\n\nAny variables not passed in the import command will be taken from the provider configuration.\n\nDataplex aspecttype IAM resources can be imported using the resource identifiers, role, and member.\n\nIAM member imports use space-delimited identifiers: the resource in question, the role, and the member identity, e.g.\n\n```sh\n$ pulumi import gcp:dataplex/aspectTypeIamPolicy:AspectTypeIamPolicy editor \"projects/{{project}}/locations/{{location}}/aspectTypes/{{aspect_type_id}} roles/viewer user:jane@example.com\"\n```\n\nIAM binding imports use space-delimited identifiers: the resource in question and the role, e.g.\n\n```sh\n$ pulumi import gcp:dataplex/aspectTypeIamPolicy:AspectTypeIamPolicy editor \"projects/{{project}}/locations/{{location}}/aspectTypes/{{aspect_type_id}} roles/viewer\"\n```\n\nIAM policy imports use the identifier of the resource in question, e.g.\n\n```sh\n$ pulumi import gcp:dataplex/aspectTypeIamPolicy:AspectTypeIamPolicy editor projects/{{project}}/locations/{{location}}/aspectTypes/{{aspect_type_id}}\n```\n\n-\u003e **Custom Roles**: If you're importing a IAM resource with a custom role, make sure to use the\n\n full name of the custom role, e.g. `[projects/my-project|organizations/my-org]/roles/my-custom-role`.\n\n", + "properties": { + "aspectTypeId": { + "type": "string" + }, + "etag": { + "type": "string", + "description": "(Computed) The etag of the IAM policy.\n" + }, + "location": { + "type": "string", + "description": "The location where aspect type will be created in.\nUsed to find the parent resource to bind the IAM policy to\n" + }, + "policyData": { + "type": "string", + "description": "The policy data generated by\na `gcp.organizations.getIAMPolicy` data source.\n" + }, + "project": { + "type": "string", + "description": "The ID of the project in which the resource belongs.\nIf it is not provided, the project will be parsed from the identifier of the parent resource. If no project is provided in the parent identifier and no project is specified, the provider project is used.\n" + } + }, + "required": [ + "aspectTypeId", + "etag", + "location", + "policyData", + "project" + ], + "inputProperties": { + "aspectTypeId": { + "type": "string", + "willReplaceOnChanges": true + }, + "location": { + "type": "string", + "description": "The location where aspect type will be created in.\nUsed to find the parent resource to bind the IAM policy to\n", + "willReplaceOnChanges": true + }, + "policyData": { + "type": "string", + "description": "The policy data generated by\na `gcp.organizations.getIAMPolicy` data source.\n" + }, + "project": { + "type": "string", + "description": "The ID of the project in which the resource belongs.\nIf it is not provided, the project will be parsed from the identifier of the parent resource. If no project is provided in the parent identifier and no project is specified, the provider project is used.\n", + "willReplaceOnChanges": true + } + }, + "requiredInputs": [ + "aspectTypeId", + "policyData" + ], + "stateInputs": { + "description": "Input properties used for looking up and filtering AspectTypeIamPolicy resources.\n", + "properties": { + "aspectTypeId": { + "type": "string", + "willReplaceOnChanges": true + }, + "etag": { + "type": "string", + "description": "(Computed) The etag of the IAM policy.\n" + }, + "location": { + "type": "string", + "description": "The location where aspect type will be created in.\nUsed to find the parent resource to bind the IAM policy to\n", + "willReplaceOnChanges": true + }, + "policyData": { + "type": "string", + "description": "The policy data generated by\na `gcp.organizations.getIAMPolicy` data source.\n" + }, + "project": { + "type": "string", + "description": "The ID of the project in which the resource belongs.\nIf it is not provided, the project will be parsed from the identifier of the parent resource. If no project is provided in the parent identifier and no project is specified, the provider project is used.\n", + "willReplaceOnChanges": true + } + }, + "type": "object" + } + }, "gcp:dataplex/asset:Asset": { "description": "The Dataplex Asset resource\n\n## Example Usage\n\n### Basic_asset\n\u003c!--Start PulumiCodeChooser --\u003e\n```typescript\nimport * as pulumi from \"@pulumi/pulumi\";\nimport * as gcp from \"@pulumi/gcp\";\n\nconst basicBucket = new gcp.storage.Bucket(\"basic_bucket\", {\n name: \"bucket\",\n location: \"us-west1\",\n uniformBucketLevelAccess: true,\n project: \"my-project-name\",\n});\nconst basicLake = new gcp.dataplex.Lake(\"basic_lake\", {\n name: \"lake\",\n location: \"us-west1\",\n project: \"my-project-name\",\n});\nconst basicZone = new gcp.dataplex.Zone(\"basic_zone\", {\n name: \"zone\",\n location: \"us-west1\",\n lake: basicLake.name,\n type: \"RAW\",\n discoverySpec: {\n enabled: false,\n },\n resourceSpec: {\n locationType: \"SINGLE_REGION\",\n },\n project: \"my-project-name\",\n});\nconst primary = new gcp.dataplex.Asset(\"primary\", {\n name: \"asset\",\n location: \"us-west1\",\n lake: basicLake.name,\n dataplexZone: basicZone.name,\n discoverySpec: {\n enabled: false,\n },\n resourceSpec: {\n name: \"projects/my-project-name/buckets/bucket\",\n type: \"STORAGE_BUCKET\",\n },\n labels: {\n env: \"foo\",\n \"my-asset\": \"exists\",\n },\n project: \"my-project-name\",\n}, {\n dependsOn: [basicBucket],\n});\n```\n```python\nimport pulumi\nimport pulumi_gcp as gcp\n\nbasic_bucket = gcp.storage.Bucket(\"basic_bucket\",\n name=\"bucket\",\n location=\"us-west1\",\n uniform_bucket_level_access=True,\n project=\"my-project-name\")\nbasic_lake = gcp.dataplex.Lake(\"basic_lake\",\n name=\"lake\",\n location=\"us-west1\",\n project=\"my-project-name\")\nbasic_zone = gcp.dataplex.Zone(\"basic_zone\",\n name=\"zone\",\n location=\"us-west1\",\n lake=basic_lake.name,\n type=\"RAW\",\n discovery_spec=gcp.dataplex.ZoneDiscoverySpecArgs(\n enabled=False,\n ),\n resource_spec=gcp.dataplex.ZoneResourceSpecArgs(\n location_type=\"SINGLE_REGION\",\n ),\n project=\"my-project-name\")\nprimary = gcp.dataplex.Asset(\"primary\",\n name=\"asset\",\n location=\"us-west1\",\n lake=basic_lake.name,\n dataplex_zone=basic_zone.name,\n discovery_spec=gcp.dataplex.AssetDiscoverySpecArgs(\n enabled=False,\n ),\n resource_spec=gcp.dataplex.AssetResourceSpecArgs(\n name=\"projects/my-project-name/buckets/bucket\",\n type=\"STORAGE_BUCKET\",\n ),\n labels={\n \"env\": \"foo\",\n \"my-asset\": \"exists\",\n },\n project=\"my-project-name\",\n opts=pulumi.ResourceOptions(depends_on=[basic_bucket]))\n```\n```csharp\nusing System.Collections.Generic;\nusing System.Linq;\nusing Pulumi;\nusing Gcp = Pulumi.Gcp;\n\nreturn await Deployment.RunAsync(() =\u003e \n{\n var basicBucket = new Gcp.Storage.Bucket(\"basic_bucket\", new()\n {\n Name = \"bucket\",\n Location = \"us-west1\",\n UniformBucketLevelAccess = true,\n Project = \"my-project-name\",\n });\n\n var basicLake = new Gcp.DataPlex.Lake(\"basic_lake\", new()\n {\n Name = \"lake\",\n Location = \"us-west1\",\n Project = \"my-project-name\",\n });\n\n var basicZone = new Gcp.DataPlex.Zone(\"basic_zone\", new()\n {\n Name = \"zone\",\n Location = \"us-west1\",\n Lake = basicLake.Name,\n Type = \"RAW\",\n DiscoverySpec = new Gcp.DataPlex.Inputs.ZoneDiscoverySpecArgs\n {\n Enabled = false,\n },\n ResourceSpec = new Gcp.DataPlex.Inputs.ZoneResourceSpecArgs\n {\n LocationType = \"SINGLE_REGION\",\n },\n Project = \"my-project-name\",\n });\n\n var primary = new Gcp.DataPlex.Asset(\"primary\", new()\n {\n Name = \"asset\",\n Location = \"us-west1\",\n Lake = basicLake.Name,\n DataplexZone = basicZone.Name,\n DiscoverySpec = new Gcp.DataPlex.Inputs.AssetDiscoverySpecArgs\n {\n Enabled = false,\n },\n ResourceSpec = new Gcp.DataPlex.Inputs.AssetResourceSpecArgs\n {\n Name = \"projects/my-project-name/buckets/bucket\",\n Type = \"STORAGE_BUCKET\",\n },\n Labels = \n {\n { \"env\", \"foo\" },\n { \"my-asset\", \"exists\" },\n },\n Project = \"my-project-name\",\n }, new CustomResourceOptions\n {\n DependsOn =\n {\n basicBucket,\n },\n });\n\n});\n```\n```go\npackage main\n\nimport (\n\t\"github.com/pulumi/pulumi-gcp/sdk/v7/go/gcp/dataplex\"\n\t\"github.com/pulumi/pulumi-gcp/sdk/v7/go/gcp/storage\"\n\t\"github.com/pulumi/pulumi/sdk/v3/go/pulumi\"\n)\n\nfunc main() {\n\tpulumi.Run(func(ctx *pulumi.Context) error {\n\t\tbasicBucket, err := storage.NewBucket(ctx, \"basic_bucket\", \u0026storage.BucketArgs{\n\t\t\tName: pulumi.String(\"bucket\"),\n\t\t\tLocation: pulumi.String(\"us-west1\"),\n\t\t\tUniformBucketLevelAccess: pulumi.Bool(true),\n\t\t\tProject: pulumi.String(\"my-project-name\"),\n\t\t})\n\t\tif err != nil {\n\t\t\treturn err\n\t\t}\n\t\tbasicLake, err := dataplex.NewLake(ctx, \"basic_lake\", \u0026dataplex.LakeArgs{\n\t\t\tName: pulumi.String(\"lake\"),\n\t\t\tLocation: pulumi.String(\"us-west1\"),\n\t\t\tProject: pulumi.String(\"my-project-name\"),\n\t\t})\n\t\tif err != nil {\n\t\t\treturn err\n\t\t}\n\t\tbasicZone, err := dataplex.NewZone(ctx, \"basic_zone\", \u0026dataplex.ZoneArgs{\n\t\t\tName: pulumi.String(\"zone\"),\n\t\t\tLocation: pulumi.String(\"us-west1\"),\n\t\t\tLake: basicLake.Name,\n\t\t\tType: pulumi.String(\"RAW\"),\n\t\t\tDiscoverySpec: \u0026dataplex.ZoneDiscoverySpecArgs{\n\t\t\t\tEnabled: pulumi.Bool(false),\n\t\t\t},\n\t\t\tResourceSpec: \u0026dataplex.ZoneResourceSpecArgs{\n\t\t\t\tLocationType: pulumi.String(\"SINGLE_REGION\"),\n\t\t\t},\n\t\t\tProject: pulumi.String(\"my-project-name\"),\n\t\t})\n\t\tif err != nil {\n\t\t\treturn err\n\t\t}\n\t\t_, err = dataplex.NewAsset(ctx, \"primary\", \u0026dataplex.AssetArgs{\n\t\t\tName: pulumi.String(\"asset\"),\n\t\t\tLocation: pulumi.String(\"us-west1\"),\n\t\t\tLake: basicLake.Name,\n\t\t\tDataplexZone: basicZone.Name,\n\t\t\tDiscoverySpec: \u0026dataplex.AssetDiscoverySpecArgs{\n\t\t\t\tEnabled: pulumi.Bool(false),\n\t\t\t},\n\t\t\tResourceSpec: \u0026dataplex.AssetResourceSpecArgs{\n\t\t\t\tName: pulumi.String(\"projects/my-project-name/buckets/bucket\"),\n\t\t\t\tType: pulumi.String(\"STORAGE_BUCKET\"),\n\t\t\t},\n\t\t\tLabels: pulumi.StringMap{\n\t\t\t\t\"env\": pulumi.String(\"foo\"),\n\t\t\t\t\"my-asset\": pulumi.String(\"exists\"),\n\t\t\t},\n\t\t\tProject: pulumi.String(\"my-project-name\"),\n\t\t}, pulumi.DependsOn([]pulumi.Resource{\n\t\t\tbasicBucket,\n\t\t}))\n\t\tif err != nil {\n\t\t\treturn err\n\t\t}\n\t\treturn nil\n\t})\n}\n```\n```java\npackage generated_program;\n\nimport com.pulumi.Context;\nimport com.pulumi.Pulumi;\nimport com.pulumi.core.Output;\nimport com.pulumi.gcp.storage.Bucket;\nimport com.pulumi.gcp.storage.BucketArgs;\nimport com.pulumi.gcp.dataplex.Lake;\nimport com.pulumi.gcp.dataplex.LakeArgs;\nimport com.pulumi.gcp.dataplex.Zone;\nimport com.pulumi.gcp.dataplex.ZoneArgs;\nimport com.pulumi.gcp.dataplex.inputs.ZoneDiscoverySpecArgs;\nimport com.pulumi.gcp.dataplex.inputs.ZoneResourceSpecArgs;\nimport com.pulumi.gcp.dataplex.Asset;\nimport com.pulumi.gcp.dataplex.AssetArgs;\nimport com.pulumi.gcp.dataplex.inputs.AssetDiscoverySpecArgs;\nimport com.pulumi.gcp.dataplex.inputs.AssetResourceSpecArgs;\nimport com.pulumi.resources.CustomResourceOptions;\nimport java.util.List;\nimport java.util.ArrayList;\nimport java.util.Map;\nimport java.io.File;\nimport java.nio.file.Files;\nimport java.nio.file.Paths;\n\npublic class App {\n public static void main(String[] args) {\n Pulumi.run(App::stack);\n }\n\n public static void stack(Context ctx) {\n var basicBucket = new Bucket(\"basicBucket\", BucketArgs.builder()\n .name(\"bucket\")\n .location(\"us-west1\")\n .uniformBucketLevelAccess(true)\n .project(\"my-project-name\")\n .build());\n\n var basicLake = new Lake(\"basicLake\", LakeArgs.builder()\n .name(\"lake\")\n .location(\"us-west1\")\n .project(\"my-project-name\")\n .build());\n\n var basicZone = new Zone(\"basicZone\", ZoneArgs.builder()\n .name(\"zone\")\n .location(\"us-west1\")\n .lake(basicLake.name())\n .type(\"RAW\")\n .discoverySpec(ZoneDiscoverySpecArgs.builder()\n .enabled(false)\n .build())\n .resourceSpec(ZoneResourceSpecArgs.builder()\n .locationType(\"SINGLE_REGION\")\n .build())\n .project(\"my-project-name\")\n .build());\n\n var primary = new Asset(\"primary\", AssetArgs.builder()\n .name(\"asset\")\n .location(\"us-west1\")\n .lake(basicLake.name())\n .dataplexZone(basicZone.name())\n .discoverySpec(AssetDiscoverySpecArgs.builder()\n .enabled(false)\n .build())\n .resourceSpec(AssetResourceSpecArgs.builder()\n .name(\"projects/my-project-name/buckets/bucket\")\n .type(\"STORAGE_BUCKET\")\n .build())\n .labels(Map.ofEntries(\n Map.entry(\"env\", \"foo\"),\n Map.entry(\"my-asset\", \"exists\")\n ))\n .project(\"my-project-name\")\n .build(), CustomResourceOptions.builder()\n .dependsOn(basicBucket)\n .build());\n\n }\n}\n```\n```yaml\nresources:\n basicBucket:\n type: gcp:storage:Bucket\n name: basic_bucket\n properties:\n name: bucket\n location: us-west1\n uniformBucketLevelAccess: true\n project: my-project-name\n basicLake:\n type: gcp:dataplex:Lake\n name: basic_lake\n properties:\n name: lake\n location: us-west1\n project: my-project-name\n basicZone:\n type: gcp:dataplex:Zone\n name: basic_zone\n properties:\n name: zone\n location: us-west1\n lake: ${basicLake.name}\n type: RAW\n discoverySpec:\n enabled: false\n resourceSpec:\n locationType: SINGLE_REGION\n project: my-project-name\n primary:\n type: gcp:dataplex:Asset\n properties:\n name: asset\n location: us-west1\n lake: ${basicLake.name}\n dataplexZone: ${basicZone.name}\n discoverySpec:\n enabled: false\n resourceSpec:\n name: projects/my-project-name/buckets/bucket\n type: STORAGE_BUCKET\n labels:\n env: foo\n my-asset: exists\n project: my-project-name\n options:\n dependson:\n - ${basicBucket}\n```\n\u003c!--End PulumiCodeChooser --\u003e\n\n## Import\n\nAsset can be imported using any of these accepted formats:\n\n* `projects/{{project}}/locations/{{location}}/lakes/{{lake}}/zones/{{dataplex_zone}}/assets/{{name}}`\n\n* `{{project}}/{{location}}/{{lake}}/{{dataplex_zone}}/{{name}}`\n\n* `{{location}}/{{lake}}/{{dataplex_zone}}/{{name}}`\n\nWhen using the `pulumi import` command, Asset can be imported using one of the formats above. For example:\n\n```sh\n$ pulumi import gcp:dataplex/asset:Asset default projects/{{project}}/locations/{{location}}/lakes/{{lake}}/zones/{{dataplex_zone}}/assets/{{name}}\n```\n\n```sh\n$ pulumi import gcp:dataplex/asset:Asset default {{project}}/{{location}}/{{lake}}/{{dataplex_zone}}/{{name}}\n```\n\n```sh\n$ pulumi import gcp:dataplex/asset:Asset default {{location}}/{{lake}}/{{dataplex_zone}}/{{name}}\n```\n\n", "properties": { @@ -171680,6 +173271,502 @@ "type": "object" } }, + "gcp:dataplex/entryGroup:EntryGroup": { + "description": "An Entry Group represents a logical grouping of one or more Entries.\n\n\n\n## Example Usage\n\n### Dataplex Entry Group Basic\n\n\n\u003c!--Start PulumiCodeChooser --\u003e\n```typescript\nimport * as pulumi from \"@pulumi/pulumi\";\nimport * as gcp from \"@pulumi/gcp\";\n\nconst testEntryGroupBasic = new gcp.dataplex.EntryGroup(\"test_entry_group_basic\", {\n entryGroupId: \"entry-group-basic\",\n project: \"my-project-name\",\n location: \"us-central1\",\n});\n```\n```python\nimport pulumi\nimport pulumi_gcp as gcp\n\ntest_entry_group_basic = gcp.dataplex.EntryGroup(\"test_entry_group_basic\",\n entry_group_id=\"entry-group-basic\",\n project=\"my-project-name\",\n location=\"us-central1\")\n```\n```csharp\nusing System.Collections.Generic;\nusing System.Linq;\nusing Pulumi;\nusing Gcp = Pulumi.Gcp;\n\nreturn await Deployment.RunAsync(() =\u003e \n{\n var testEntryGroupBasic = new Gcp.DataPlex.EntryGroup(\"test_entry_group_basic\", new()\n {\n EntryGroupId = \"entry-group-basic\",\n Project = \"my-project-name\",\n Location = \"us-central1\",\n });\n\n});\n```\n```go\npackage main\n\nimport (\n\t\"github.com/pulumi/pulumi-gcp/sdk/v7/go/gcp/dataplex\"\n\t\"github.com/pulumi/pulumi/sdk/v3/go/pulumi\"\n)\n\nfunc main() {\n\tpulumi.Run(func(ctx *pulumi.Context) error {\n\t\t_, err := dataplex.NewEntryGroup(ctx, \"test_entry_group_basic\", \u0026dataplex.EntryGroupArgs{\n\t\t\tEntryGroupId: pulumi.String(\"entry-group-basic\"),\n\t\t\tProject: pulumi.String(\"my-project-name\"),\n\t\t\tLocation: pulumi.String(\"us-central1\"),\n\t\t})\n\t\tif err != nil {\n\t\t\treturn err\n\t\t}\n\t\treturn nil\n\t})\n}\n```\n```java\npackage generated_program;\n\nimport com.pulumi.Context;\nimport com.pulumi.Pulumi;\nimport com.pulumi.core.Output;\nimport com.pulumi.gcp.dataplex.EntryGroup;\nimport com.pulumi.gcp.dataplex.EntryGroupArgs;\nimport java.util.List;\nimport java.util.ArrayList;\nimport java.util.Map;\nimport java.io.File;\nimport java.nio.file.Files;\nimport java.nio.file.Paths;\n\npublic class App {\n public static void main(String[] args) {\n Pulumi.run(App::stack);\n }\n\n public static void stack(Context ctx) {\n var testEntryGroupBasic = new EntryGroup(\"testEntryGroupBasic\", EntryGroupArgs.builder()\n .entryGroupId(\"entry-group-basic\")\n .project(\"my-project-name\")\n .location(\"us-central1\")\n .build());\n\n }\n}\n```\n```yaml\nresources:\n testEntryGroupBasic:\n type: gcp:dataplex:EntryGroup\n name: test_entry_group_basic\n properties:\n entryGroupId: entry-group-basic\n project: my-project-name\n location: us-central1\n```\n\u003c!--End PulumiCodeChooser --\u003e\n### Dataplex Entry Group Full\n\n\n\u003c!--Start PulumiCodeChooser --\u003e\n```typescript\nimport * as pulumi from \"@pulumi/pulumi\";\nimport * as gcp from \"@pulumi/gcp\";\n\nconst testEntryGroupFull = new gcp.dataplex.EntryGroup(\"test_entry_group_full\", {\n entryGroupId: \"entry-group-full\",\n project: \"my-project-name\",\n location: \"us-central1\",\n labels: {\n tag: \"test-tf\",\n },\n displayName: \"terraform entry group\",\n description: \"entry group created by Terraform\",\n});\n```\n```python\nimport pulumi\nimport pulumi_gcp as gcp\n\ntest_entry_group_full = gcp.dataplex.EntryGroup(\"test_entry_group_full\",\n entry_group_id=\"entry-group-full\",\n project=\"my-project-name\",\n location=\"us-central1\",\n labels={\n \"tag\": \"test-tf\",\n },\n display_name=\"terraform entry group\",\n description=\"entry group created by Terraform\")\n```\n```csharp\nusing System.Collections.Generic;\nusing System.Linq;\nusing Pulumi;\nusing Gcp = Pulumi.Gcp;\n\nreturn await Deployment.RunAsync(() =\u003e \n{\n var testEntryGroupFull = new Gcp.DataPlex.EntryGroup(\"test_entry_group_full\", new()\n {\n EntryGroupId = \"entry-group-full\",\n Project = \"my-project-name\",\n Location = \"us-central1\",\n Labels = \n {\n { \"tag\", \"test-tf\" },\n },\n DisplayName = \"terraform entry group\",\n Description = \"entry group created by Terraform\",\n });\n\n});\n```\n```go\npackage main\n\nimport (\n\t\"github.com/pulumi/pulumi-gcp/sdk/v7/go/gcp/dataplex\"\n\t\"github.com/pulumi/pulumi/sdk/v3/go/pulumi\"\n)\n\nfunc main() {\n\tpulumi.Run(func(ctx *pulumi.Context) error {\n\t\t_, err := dataplex.NewEntryGroup(ctx, \"test_entry_group_full\", \u0026dataplex.EntryGroupArgs{\n\t\t\tEntryGroupId: pulumi.String(\"entry-group-full\"),\n\t\t\tProject: pulumi.String(\"my-project-name\"),\n\t\t\tLocation: pulumi.String(\"us-central1\"),\n\t\t\tLabels: pulumi.StringMap{\n\t\t\t\t\"tag\": pulumi.String(\"test-tf\"),\n\t\t\t},\n\t\t\tDisplayName: pulumi.String(\"terraform entry group\"),\n\t\t\tDescription: pulumi.String(\"entry group created by Terraform\"),\n\t\t})\n\t\tif err != nil {\n\t\t\treturn err\n\t\t}\n\t\treturn nil\n\t})\n}\n```\n```java\npackage generated_program;\n\nimport com.pulumi.Context;\nimport com.pulumi.Pulumi;\nimport com.pulumi.core.Output;\nimport com.pulumi.gcp.dataplex.EntryGroup;\nimport com.pulumi.gcp.dataplex.EntryGroupArgs;\nimport java.util.List;\nimport java.util.ArrayList;\nimport java.util.Map;\nimport java.io.File;\nimport java.nio.file.Files;\nimport java.nio.file.Paths;\n\npublic class App {\n public static void main(String[] args) {\n Pulumi.run(App::stack);\n }\n\n public static void stack(Context ctx) {\n var testEntryGroupFull = new EntryGroup(\"testEntryGroupFull\", EntryGroupArgs.builder()\n .entryGroupId(\"entry-group-full\")\n .project(\"my-project-name\")\n .location(\"us-central1\")\n .labels(Map.of(\"tag\", \"test-tf\"))\n .displayName(\"terraform entry group\")\n .description(\"entry group created by Terraform\")\n .build());\n\n }\n}\n```\n```yaml\nresources:\n testEntryGroupFull:\n type: gcp:dataplex:EntryGroup\n name: test_entry_group_full\n properties:\n entryGroupId: entry-group-full\n project: my-project-name\n location: us-central1\n labels:\n tag: test-tf\n displayName: terraform entry group\n description: entry group created by Terraform\n```\n\u003c!--End PulumiCodeChooser --\u003e\n\n## Import\n\nEntryGroup can be imported using any of these accepted formats:\n\n* `projects/{{project}}/locations/{{location}}/entryGroups/{{entry_group_id}}`\n\n* `{{project}}/{{location}}/{{entry_group_id}}`\n\n* `{{location}}/{{entry_group_id}}`\n\nWhen using the `pulumi import` command, EntryGroup can be imported using one of the formats above. For example:\n\n```sh\n$ pulumi import gcp:dataplex/entryGroup:EntryGroup default projects/{{project}}/locations/{{location}}/entryGroups/{{entry_group_id}}\n```\n\n```sh\n$ pulumi import gcp:dataplex/entryGroup:EntryGroup default {{project}}/{{location}}/{{entry_group_id}}\n```\n\n```sh\n$ pulumi import gcp:dataplex/entryGroup:EntryGroup default {{location}}/{{entry_group_id}}\n```\n\n", + "properties": { + "createTime": { + "type": "string", + "description": "The time when the EntryGroup was created.\n" + }, + "description": { + "type": "string", + "description": "Description of the EntryGroup.\n" + }, + "displayName": { + "type": "string", + "description": "User friendly display name.\n" + }, + "effectiveLabels": { + "type": "object", + "additionalProperties": { + "type": "string" + }, + "description": "All of labels (key/value pairs) present on the resource in GCP, including the labels configured through Pulumi, other clients and services.\n", + "secret": true + }, + "entryGroupId": { + "type": "string", + "description": "The entry group id of the entry group.\n" + }, + "labels": { + "type": "object", + "additionalProperties": { + "type": "string" + }, + "description": "User-defined labels for the EntryGroup.\n\n**Note**: This field is non-authoritative, and will only manage the labels present in your configuration.\nPlease refer to the field `effective_labels` for all of the labels present on the resource.\n" + }, + "location": { + "type": "string", + "description": "The location where entry group will be created in.\n" + }, + "name": { + "type": "string", + "description": "The relative resource name of the EntryGroup, of the form: projects/{project_number}/locations/{location_id}/entryGroups/{entry_group_id}\n" + }, + "project": { + "type": "string", + "description": "The ID of the project in which the resource belongs.\nIf it is not provided, the provider project is used.\n" + }, + "pulumiLabels": { + "type": "object", + "additionalProperties": { + "type": "string" + }, + "description": "The combination of labels configured directly on the resource\nand default labels configured on the provider.\n", + "secret": true + }, + "transferStatus": { + "type": "string", + "description": "Denotes the transfer status of the Entry Group. It is unspecified\nfor Entry Group created from Dataplex API.\n" + }, + "uid": { + "type": "string", + "description": "System generated globally unique ID for the EntryGroup. This ID will be different if the EntryGroup is deleted and re-created with the same name.\n" + }, + "updateTime": { + "type": "string", + "description": "The time when the EntryGroup was last updated.\n" + } + }, + "required": [ + "createTime", + "effectiveLabels", + "name", + "project", + "pulumiLabels", + "transferStatus", + "uid", + "updateTime" + ], + "inputProperties": { + "description": { + "type": "string", + "description": "Description of the EntryGroup.\n" + }, + "displayName": { + "type": "string", + "description": "User friendly display name.\n" + }, + "entryGroupId": { + "type": "string", + "description": "The entry group id of the entry group.\n", + "willReplaceOnChanges": true + }, + "labels": { + "type": "object", + "additionalProperties": { + "type": "string" + }, + "description": "User-defined labels for the EntryGroup.\n\n**Note**: This field is non-authoritative, and will only manage the labels present in your configuration.\nPlease refer to the field `effective_labels` for all of the labels present on the resource.\n" + }, + "location": { + "type": "string", + "description": "The location where entry group will be created in.\n", + "willReplaceOnChanges": true + }, + "project": { + "type": "string", + "description": "The ID of the project in which the resource belongs.\nIf it is not provided, the provider project is used.\n", + "willReplaceOnChanges": true + } + }, + "stateInputs": { + "description": "Input properties used for looking up and filtering EntryGroup resources.\n", + "properties": { + "createTime": { + "type": "string", + "description": "The time when the EntryGroup was created.\n" + }, + "description": { + "type": "string", + "description": "Description of the EntryGroup.\n" + }, + "displayName": { + "type": "string", + "description": "User friendly display name.\n" + }, + "effectiveLabels": { + "type": "object", + "additionalProperties": { + "type": "string" + }, + "description": "All of labels (key/value pairs) present on the resource in GCP, including the labels configured through Pulumi, other clients and services.\n", + "secret": true + }, + "entryGroupId": { + "type": "string", + "description": "The entry group id of the entry group.\n", + "willReplaceOnChanges": true + }, + "labels": { + "type": "object", + "additionalProperties": { + "type": "string" + }, + "description": "User-defined labels for the EntryGroup.\n\n**Note**: This field is non-authoritative, and will only manage the labels present in your configuration.\nPlease refer to the field `effective_labels` for all of the labels present on the resource.\n" + }, + "location": { + "type": "string", + "description": "The location where entry group will be created in.\n", + "willReplaceOnChanges": true + }, + "name": { + "type": "string", + "description": "The relative resource name of the EntryGroup, of the form: projects/{project_number}/locations/{location_id}/entryGroups/{entry_group_id}\n" + }, + "project": { + "type": "string", + "description": "The ID of the project in which the resource belongs.\nIf it is not provided, the provider project is used.\n", + "willReplaceOnChanges": true + }, + "pulumiLabels": { + "type": "object", + "additionalProperties": { + "type": "string" + }, + "description": "The combination of labels configured directly on the resource\nand default labels configured on the provider.\n", + "secret": true + }, + "transferStatus": { + "type": "string", + "description": "Denotes the transfer status of the Entry Group. It is unspecified\nfor Entry Group created from Dataplex API.\n" + }, + "uid": { + "type": "string", + "description": "System generated globally unique ID for the EntryGroup. This ID will be different if the EntryGroup is deleted and re-created with the same name.\n" + }, + "updateTime": { + "type": "string", + "description": "The time when the EntryGroup was last updated.\n" + } + }, + "type": "object" + } + }, + "gcp:dataplex/entryGroupIamBinding:EntryGroupIamBinding": { + "description": "Three different resources help you manage your IAM policy for Dataplex EntryGroup. Each of these resources serves a different use case:\n\n* `gcp.dataplex.EntryGroupIamPolicy`: Authoritative. Sets the IAM policy for the entrygroup and replaces any existing policy already attached.\n* `gcp.dataplex.EntryGroupIamBinding`: Authoritative for a given role. Updates the IAM policy to grant a role to a list of members. Other roles within the IAM policy for the entrygroup are preserved.\n* `gcp.dataplex.EntryGroupIamMember`: Non-authoritative. Updates the IAM policy to grant a role to a new member. Other members for the role for the entrygroup are preserved.\n\nA data source can be used to retrieve policy data in advent you do not need creation\n\n* `gcp.dataplex.EntryGroupIamPolicy`: Retrieves the IAM policy for the entrygroup\n\n\u003e **Note:** `gcp.dataplex.EntryGroupIamPolicy` **cannot** be used in conjunction with `gcp.dataplex.EntryGroupIamBinding` and `gcp.dataplex.EntryGroupIamMember` or they will fight over what your policy should be.\n\n\u003e **Note:** `gcp.dataplex.EntryGroupIamBinding` resources **can be** used in conjunction with `gcp.dataplex.EntryGroupIamMember` resources **only if** they do not grant privilege to the same role.\n\n\n\n## gcp.dataplex.EntryGroupIamPolicy\n\n\u003c!--Start PulumiCodeChooser --\u003e\n```typescript\nimport * as pulumi from \"@pulumi/pulumi\";\nimport * as gcp from \"@pulumi/gcp\";\n\nconst admin = gcp.organizations.getIAMPolicy({\n bindings: [{\n role: \"roles/viewer\",\n members: [\"user:jane@example.com\"],\n }],\n});\nconst policy = new gcp.dataplex.EntryGroupIamPolicy(\"policy\", {\n project: testEntryGroupBasic.project,\n location: testEntryGroupBasic.location,\n entryGroupId: testEntryGroupBasic.entryGroupId,\n policyData: admin.then(admin =\u003e admin.policyData),\n});\n```\n```python\nimport pulumi\nimport pulumi_gcp as gcp\n\nadmin = gcp.organizations.get_iam_policy(bindings=[gcp.organizations.GetIAMPolicyBindingArgs(\n role=\"roles/viewer\",\n members=[\"user:jane@example.com\"],\n)])\npolicy = gcp.dataplex.EntryGroupIamPolicy(\"policy\",\n project=test_entry_group_basic[\"project\"],\n location=test_entry_group_basic[\"location\"],\n entry_group_id=test_entry_group_basic[\"entryGroupId\"],\n policy_data=admin.policy_data)\n```\n```csharp\nusing System.Collections.Generic;\nusing System.Linq;\nusing Pulumi;\nusing Gcp = Pulumi.Gcp;\n\nreturn await Deployment.RunAsync(() =\u003e \n{\n var admin = Gcp.Organizations.GetIAMPolicy.Invoke(new()\n {\n Bindings = new[]\n {\n new Gcp.Organizations.Inputs.GetIAMPolicyBindingInputArgs\n {\n Role = \"roles/viewer\",\n Members = new[]\n {\n \"user:jane@example.com\",\n },\n },\n },\n });\n\n var policy = new Gcp.DataPlex.EntryGroupIamPolicy(\"policy\", new()\n {\n Project = testEntryGroupBasic.Project,\n Location = testEntryGroupBasic.Location,\n EntryGroupId = testEntryGroupBasic.EntryGroupId,\n PolicyData = admin.Apply(getIAMPolicyResult =\u003e getIAMPolicyResult.PolicyData),\n });\n\n});\n```\n```go\npackage main\n\nimport (\n\t\"github.com/pulumi/pulumi-gcp/sdk/v7/go/gcp/dataplex\"\n\t\"github.com/pulumi/pulumi-gcp/sdk/v7/go/gcp/organizations\"\n\t\"github.com/pulumi/pulumi/sdk/v3/go/pulumi\"\n)\n\nfunc main() {\n\tpulumi.Run(func(ctx *pulumi.Context) error {\n\t\tadmin, err := organizations.LookupIAMPolicy(ctx, \u0026organizations.LookupIAMPolicyArgs{\n\t\t\tBindings: []organizations.GetIAMPolicyBinding{\n\t\t\t\t{\n\t\t\t\t\tRole: \"roles/viewer\",\n\t\t\t\t\tMembers: []string{\n\t\t\t\t\t\t\"user:jane@example.com\",\n\t\t\t\t\t},\n\t\t\t\t},\n\t\t\t},\n\t\t}, nil)\n\t\tif err != nil {\n\t\t\treturn err\n\t\t}\n\t\t_, err = dataplex.NewEntryGroupIamPolicy(ctx, \"policy\", \u0026dataplex.EntryGroupIamPolicyArgs{\n\t\t\tProject: pulumi.Any(testEntryGroupBasic.Project),\n\t\t\tLocation: pulumi.Any(testEntryGroupBasic.Location),\n\t\t\tEntryGroupId: pulumi.Any(testEntryGroupBasic.EntryGroupId),\n\t\t\tPolicyData: pulumi.String(admin.PolicyData),\n\t\t})\n\t\tif err != nil {\n\t\t\treturn err\n\t\t}\n\t\treturn nil\n\t})\n}\n```\n```java\npackage generated_program;\n\nimport com.pulumi.Context;\nimport com.pulumi.Pulumi;\nimport com.pulumi.core.Output;\nimport com.pulumi.gcp.organizations.OrganizationsFunctions;\nimport com.pulumi.gcp.organizations.inputs.GetIAMPolicyArgs;\nimport com.pulumi.gcp.dataplex.EntryGroupIamPolicy;\nimport com.pulumi.gcp.dataplex.EntryGroupIamPolicyArgs;\nimport java.util.List;\nimport java.util.ArrayList;\nimport java.util.Map;\nimport java.io.File;\nimport java.nio.file.Files;\nimport java.nio.file.Paths;\n\npublic class App {\n public static void main(String[] args) {\n Pulumi.run(App::stack);\n }\n\n public static void stack(Context ctx) {\n final var admin = OrganizationsFunctions.getIAMPolicy(GetIAMPolicyArgs.builder()\n .bindings(GetIAMPolicyBindingArgs.builder()\n .role(\"roles/viewer\")\n .members(\"user:jane@example.com\")\n .build())\n .build());\n\n var policy = new EntryGroupIamPolicy(\"policy\", EntryGroupIamPolicyArgs.builder()\n .project(testEntryGroupBasic.project())\n .location(testEntryGroupBasic.location())\n .entryGroupId(testEntryGroupBasic.entryGroupId())\n .policyData(admin.applyValue(getIAMPolicyResult -\u003e getIAMPolicyResult.policyData()))\n .build());\n\n }\n}\n```\n```yaml\nresources:\n policy:\n type: gcp:dataplex:EntryGroupIamPolicy\n properties:\n project: ${testEntryGroupBasic.project}\n location: ${testEntryGroupBasic.location}\n entryGroupId: ${testEntryGroupBasic.entryGroupId}\n policyData: ${admin.policyData}\nvariables:\n admin:\n fn::invoke:\n Function: gcp:organizations:getIAMPolicy\n Arguments:\n bindings:\n - role: roles/viewer\n members:\n - user:jane@example.com\n```\n\u003c!--End PulumiCodeChooser --\u003e\n\n## gcp.dataplex.EntryGroupIamBinding\n\n\u003c!--Start PulumiCodeChooser --\u003e\n```typescript\nimport * as pulumi from \"@pulumi/pulumi\";\nimport * as gcp from \"@pulumi/gcp\";\n\nconst binding = new gcp.dataplex.EntryGroupIamBinding(\"binding\", {\n project: testEntryGroupBasic.project,\n location: testEntryGroupBasic.location,\n entryGroupId: testEntryGroupBasic.entryGroupId,\n role: \"roles/viewer\",\n members: [\"user:jane@example.com\"],\n});\n```\n```python\nimport pulumi\nimport pulumi_gcp as gcp\n\nbinding = gcp.dataplex.EntryGroupIamBinding(\"binding\",\n project=test_entry_group_basic[\"project\"],\n location=test_entry_group_basic[\"location\"],\n entry_group_id=test_entry_group_basic[\"entryGroupId\"],\n role=\"roles/viewer\",\n members=[\"user:jane@example.com\"])\n```\n```csharp\nusing System.Collections.Generic;\nusing System.Linq;\nusing Pulumi;\nusing Gcp = Pulumi.Gcp;\n\nreturn await Deployment.RunAsync(() =\u003e \n{\n var binding = new Gcp.DataPlex.EntryGroupIamBinding(\"binding\", new()\n {\n Project = testEntryGroupBasic.Project,\n Location = testEntryGroupBasic.Location,\n EntryGroupId = testEntryGroupBasic.EntryGroupId,\n Role = \"roles/viewer\",\n Members = new[]\n {\n \"user:jane@example.com\",\n },\n });\n\n});\n```\n```go\npackage main\n\nimport (\n\t\"github.com/pulumi/pulumi-gcp/sdk/v7/go/gcp/dataplex\"\n\t\"github.com/pulumi/pulumi/sdk/v3/go/pulumi\"\n)\n\nfunc main() {\n\tpulumi.Run(func(ctx *pulumi.Context) error {\n\t\t_, err := dataplex.NewEntryGroupIamBinding(ctx, \"binding\", \u0026dataplex.EntryGroupIamBindingArgs{\n\t\t\tProject: pulumi.Any(testEntryGroupBasic.Project),\n\t\t\tLocation: pulumi.Any(testEntryGroupBasic.Location),\n\t\t\tEntryGroupId: pulumi.Any(testEntryGroupBasic.EntryGroupId),\n\t\t\tRole: pulumi.String(\"roles/viewer\"),\n\t\t\tMembers: pulumi.StringArray{\n\t\t\t\tpulumi.String(\"user:jane@example.com\"),\n\t\t\t},\n\t\t})\n\t\tif err != nil {\n\t\t\treturn err\n\t\t}\n\t\treturn nil\n\t})\n}\n```\n```java\npackage generated_program;\n\nimport com.pulumi.Context;\nimport com.pulumi.Pulumi;\nimport com.pulumi.core.Output;\nimport com.pulumi.gcp.dataplex.EntryGroupIamBinding;\nimport com.pulumi.gcp.dataplex.EntryGroupIamBindingArgs;\nimport java.util.List;\nimport java.util.ArrayList;\nimport java.util.Map;\nimport java.io.File;\nimport java.nio.file.Files;\nimport java.nio.file.Paths;\n\npublic class App {\n public static void main(String[] args) {\n Pulumi.run(App::stack);\n }\n\n public static void stack(Context ctx) {\n var binding = new EntryGroupIamBinding(\"binding\", EntryGroupIamBindingArgs.builder()\n .project(testEntryGroupBasic.project())\n .location(testEntryGroupBasic.location())\n .entryGroupId(testEntryGroupBasic.entryGroupId())\n .role(\"roles/viewer\")\n .members(\"user:jane@example.com\")\n .build());\n\n }\n}\n```\n```yaml\nresources:\n binding:\n type: gcp:dataplex:EntryGroupIamBinding\n properties:\n project: ${testEntryGroupBasic.project}\n location: ${testEntryGroupBasic.location}\n entryGroupId: ${testEntryGroupBasic.entryGroupId}\n role: roles/viewer\n members:\n - user:jane@example.com\n```\n\u003c!--End PulumiCodeChooser --\u003e\n\n## gcp.dataplex.EntryGroupIamMember\n\n\u003c!--Start PulumiCodeChooser --\u003e\n```typescript\nimport * as pulumi from \"@pulumi/pulumi\";\nimport * as gcp from \"@pulumi/gcp\";\n\nconst member = new gcp.dataplex.EntryGroupIamMember(\"member\", {\n project: testEntryGroupBasic.project,\n location: testEntryGroupBasic.location,\n entryGroupId: testEntryGroupBasic.entryGroupId,\n role: \"roles/viewer\",\n member: \"user:jane@example.com\",\n});\n```\n```python\nimport pulumi\nimport pulumi_gcp as gcp\n\nmember = gcp.dataplex.EntryGroupIamMember(\"member\",\n project=test_entry_group_basic[\"project\"],\n location=test_entry_group_basic[\"location\"],\n entry_group_id=test_entry_group_basic[\"entryGroupId\"],\n role=\"roles/viewer\",\n member=\"user:jane@example.com\")\n```\n```csharp\nusing System.Collections.Generic;\nusing System.Linq;\nusing Pulumi;\nusing Gcp = Pulumi.Gcp;\n\nreturn await Deployment.RunAsync(() =\u003e \n{\n var member = new Gcp.DataPlex.EntryGroupIamMember(\"member\", new()\n {\n Project = testEntryGroupBasic.Project,\n Location = testEntryGroupBasic.Location,\n EntryGroupId = testEntryGroupBasic.EntryGroupId,\n Role = \"roles/viewer\",\n Member = \"user:jane@example.com\",\n });\n\n});\n```\n```go\npackage main\n\nimport (\n\t\"github.com/pulumi/pulumi-gcp/sdk/v7/go/gcp/dataplex\"\n\t\"github.com/pulumi/pulumi/sdk/v3/go/pulumi\"\n)\n\nfunc main() {\n\tpulumi.Run(func(ctx *pulumi.Context) error {\n\t\t_, err := dataplex.NewEntryGroupIamMember(ctx, \"member\", \u0026dataplex.EntryGroupIamMemberArgs{\n\t\t\tProject: pulumi.Any(testEntryGroupBasic.Project),\n\t\t\tLocation: pulumi.Any(testEntryGroupBasic.Location),\n\t\t\tEntryGroupId: pulumi.Any(testEntryGroupBasic.EntryGroupId),\n\t\t\tRole: pulumi.String(\"roles/viewer\"),\n\t\t\tMember: pulumi.String(\"user:jane@example.com\"),\n\t\t})\n\t\tif err != nil {\n\t\t\treturn err\n\t\t}\n\t\treturn nil\n\t})\n}\n```\n```java\npackage generated_program;\n\nimport com.pulumi.Context;\nimport com.pulumi.Pulumi;\nimport com.pulumi.core.Output;\nimport com.pulumi.gcp.dataplex.EntryGroupIamMember;\nimport com.pulumi.gcp.dataplex.EntryGroupIamMemberArgs;\nimport java.util.List;\nimport java.util.ArrayList;\nimport java.util.Map;\nimport java.io.File;\nimport java.nio.file.Files;\nimport java.nio.file.Paths;\n\npublic class App {\n public static void main(String[] args) {\n Pulumi.run(App::stack);\n }\n\n public static void stack(Context ctx) {\n var member = new EntryGroupIamMember(\"member\", EntryGroupIamMemberArgs.builder()\n .project(testEntryGroupBasic.project())\n .location(testEntryGroupBasic.location())\n .entryGroupId(testEntryGroupBasic.entryGroupId())\n .role(\"roles/viewer\")\n .member(\"user:jane@example.com\")\n .build());\n\n }\n}\n```\n```yaml\nresources:\n member:\n type: gcp:dataplex:EntryGroupIamMember\n properties:\n project: ${testEntryGroupBasic.project}\n location: ${testEntryGroupBasic.location}\n entryGroupId: ${testEntryGroupBasic.entryGroupId}\n role: roles/viewer\n member: user:jane@example.com\n```\n\u003c!--End PulumiCodeChooser --\u003e\n\n\n## gcp.dataplex.EntryGroupIamPolicy\n\n\u003c!--Start PulumiCodeChooser --\u003e\n```typescript\nimport * as pulumi from \"@pulumi/pulumi\";\nimport * as gcp from \"@pulumi/gcp\";\n\nconst admin = gcp.organizations.getIAMPolicy({\n bindings: [{\n role: \"roles/viewer\",\n members: [\"user:jane@example.com\"],\n }],\n});\nconst policy = new gcp.dataplex.EntryGroupIamPolicy(\"policy\", {\n project: testEntryGroupBasic.project,\n location: testEntryGroupBasic.location,\n entryGroupId: testEntryGroupBasic.entryGroupId,\n policyData: admin.then(admin =\u003e admin.policyData),\n});\n```\n```python\nimport pulumi\nimport pulumi_gcp as gcp\n\nadmin = gcp.organizations.get_iam_policy(bindings=[gcp.organizations.GetIAMPolicyBindingArgs(\n role=\"roles/viewer\",\n members=[\"user:jane@example.com\"],\n)])\npolicy = gcp.dataplex.EntryGroupIamPolicy(\"policy\",\n project=test_entry_group_basic[\"project\"],\n location=test_entry_group_basic[\"location\"],\n entry_group_id=test_entry_group_basic[\"entryGroupId\"],\n policy_data=admin.policy_data)\n```\n```csharp\nusing System.Collections.Generic;\nusing System.Linq;\nusing Pulumi;\nusing Gcp = Pulumi.Gcp;\n\nreturn await Deployment.RunAsync(() =\u003e \n{\n var admin = Gcp.Organizations.GetIAMPolicy.Invoke(new()\n {\n Bindings = new[]\n {\n new Gcp.Organizations.Inputs.GetIAMPolicyBindingInputArgs\n {\n Role = \"roles/viewer\",\n Members = new[]\n {\n \"user:jane@example.com\",\n },\n },\n },\n });\n\n var policy = new Gcp.DataPlex.EntryGroupIamPolicy(\"policy\", new()\n {\n Project = testEntryGroupBasic.Project,\n Location = testEntryGroupBasic.Location,\n EntryGroupId = testEntryGroupBasic.EntryGroupId,\n PolicyData = admin.Apply(getIAMPolicyResult =\u003e getIAMPolicyResult.PolicyData),\n });\n\n});\n```\n```go\npackage main\n\nimport (\n\t\"github.com/pulumi/pulumi-gcp/sdk/v7/go/gcp/dataplex\"\n\t\"github.com/pulumi/pulumi-gcp/sdk/v7/go/gcp/organizations\"\n\t\"github.com/pulumi/pulumi/sdk/v3/go/pulumi\"\n)\n\nfunc main() {\n\tpulumi.Run(func(ctx *pulumi.Context) error {\n\t\tadmin, err := organizations.LookupIAMPolicy(ctx, \u0026organizations.LookupIAMPolicyArgs{\n\t\t\tBindings: []organizations.GetIAMPolicyBinding{\n\t\t\t\t{\n\t\t\t\t\tRole: \"roles/viewer\",\n\t\t\t\t\tMembers: []string{\n\t\t\t\t\t\t\"user:jane@example.com\",\n\t\t\t\t\t},\n\t\t\t\t},\n\t\t\t},\n\t\t}, nil)\n\t\tif err != nil {\n\t\t\treturn err\n\t\t}\n\t\t_, err = dataplex.NewEntryGroupIamPolicy(ctx, \"policy\", \u0026dataplex.EntryGroupIamPolicyArgs{\n\t\t\tProject: pulumi.Any(testEntryGroupBasic.Project),\n\t\t\tLocation: pulumi.Any(testEntryGroupBasic.Location),\n\t\t\tEntryGroupId: pulumi.Any(testEntryGroupBasic.EntryGroupId),\n\t\t\tPolicyData: pulumi.String(admin.PolicyData),\n\t\t})\n\t\tif err != nil {\n\t\t\treturn err\n\t\t}\n\t\treturn nil\n\t})\n}\n```\n```java\npackage generated_program;\n\nimport com.pulumi.Context;\nimport com.pulumi.Pulumi;\nimport com.pulumi.core.Output;\nimport com.pulumi.gcp.organizations.OrganizationsFunctions;\nimport com.pulumi.gcp.organizations.inputs.GetIAMPolicyArgs;\nimport com.pulumi.gcp.dataplex.EntryGroupIamPolicy;\nimport com.pulumi.gcp.dataplex.EntryGroupIamPolicyArgs;\nimport java.util.List;\nimport java.util.ArrayList;\nimport java.util.Map;\nimport java.io.File;\nimport java.nio.file.Files;\nimport java.nio.file.Paths;\n\npublic class App {\n public static void main(String[] args) {\n Pulumi.run(App::stack);\n }\n\n public static void stack(Context ctx) {\n final var admin = OrganizationsFunctions.getIAMPolicy(GetIAMPolicyArgs.builder()\n .bindings(GetIAMPolicyBindingArgs.builder()\n .role(\"roles/viewer\")\n .members(\"user:jane@example.com\")\n .build())\n .build());\n\n var policy = new EntryGroupIamPolicy(\"policy\", EntryGroupIamPolicyArgs.builder()\n .project(testEntryGroupBasic.project())\n .location(testEntryGroupBasic.location())\n .entryGroupId(testEntryGroupBasic.entryGroupId())\n .policyData(admin.applyValue(getIAMPolicyResult -\u003e getIAMPolicyResult.policyData()))\n .build());\n\n }\n}\n```\n```yaml\nresources:\n policy:\n type: gcp:dataplex:EntryGroupIamPolicy\n properties:\n project: ${testEntryGroupBasic.project}\n location: ${testEntryGroupBasic.location}\n entryGroupId: ${testEntryGroupBasic.entryGroupId}\n policyData: ${admin.policyData}\nvariables:\n admin:\n fn::invoke:\n Function: gcp:organizations:getIAMPolicy\n Arguments:\n bindings:\n - role: roles/viewer\n members:\n - user:jane@example.com\n```\n\u003c!--End PulumiCodeChooser --\u003e\n\n## gcp.dataplex.EntryGroupIamBinding\n\n\u003c!--Start PulumiCodeChooser --\u003e\n```typescript\nimport * as pulumi from \"@pulumi/pulumi\";\nimport * as gcp from \"@pulumi/gcp\";\n\nconst binding = new gcp.dataplex.EntryGroupIamBinding(\"binding\", {\n project: testEntryGroupBasic.project,\n location: testEntryGroupBasic.location,\n entryGroupId: testEntryGroupBasic.entryGroupId,\n role: \"roles/viewer\",\n members: [\"user:jane@example.com\"],\n});\n```\n```python\nimport pulumi\nimport pulumi_gcp as gcp\n\nbinding = gcp.dataplex.EntryGroupIamBinding(\"binding\",\n project=test_entry_group_basic[\"project\"],\n location=test_entry_group_basic[\"location\"],\n entry_group_id=test_entry_group_basic[\"entryGroupId\"],\n role=\"roles/viewer\",\n members=[\"user:jane@example.com\"])\n```\n```csharp\nusing System.Collections.Generic;\nusing System.Linq;\nusing Pulumi;\nusing Gcp = Pulumi.Gcp;\n\nreturn await Deployment.RunAsync(() =\u003e \n{\n var binding = new Gcp.DataPlex.EntryGroupIamBinding(\"binding\", new()\n {\n Project = testEntryGroupBasic.Project,\n Location = testEntryGroupBasic.Location,\n EntryGroupId = testEntryGroupBasic.EntryGroupId,\n Role = \"roles/viewer\",\n Members = new[]\n {\n \"user:jane@example.com\",\n },\n });\n\n});\n```\n```go\npackage main\n\nimport (\n\t\"github.com/pulumi/pulumi-gcp/sdk/v7/go/gcp/dataplex\"\n\t\"github.com/pulumi/pulumi/sdk/v3/go/pulumi\"\n)\n\nfunc main() {\n\tpulumi.Run(func(ctx *pulumi.Context) error {\n\t\t_, err := dataplex.NewEntryGroupIamBinding(ctx, \"binding\", \u0026dataplex.EntryGroupIamBindingArgs{\n\t\t\tProject: pulumi.Any(testEntryGroupBasic.Project),\n\t\t\tLocation: pulumi.Any(testEntryGroupBasic.Location),\n\t\t\tEntryGroupId: pulumi.Any(testEntryGroupBasic.EntryGroupId),\n\t\t\tRole: pulumi.String(\"roles/viewer\"),\n\t\t\tMembers: pulumi.StringArray{\n\t\t\t\tpulumi.String(\"user:jane@example.com\"),\n\t\t\t},\n\t\t})\n\t\tif err != nil {\n\t\t\treturn err\n\t\t}\n\t\treturn nil\n\t})\n}\n```\n```java\npackage generated_program;\n\nimport com.pulumi.Context;\nimport com.pulumi.Pulumi;\nimport com.pulumi.core.Output;\nimport com.pulumi.gcp.dataplex.EntryGroupIamBinding;\nimport com.pulumi.gcp.dataplex.EntryGroupIamBindingArgs;\nimport java.util.List;\nimport java.util.ArrayList;\nimport java.util.Map;\nimport java.io.File;\nimport java.nio.file.Files;\nimport java.nio.file.Paths;\n\npublic class App {\n public static void main(String[] args) {\n Pulumi.run(App::stack);\n }\n\n public static void stack(Context ctx) {\n var binding = new EntryGroupIamBinding(\"binding\", EntryGroupIamBindingArgs.builder()\n .project(testEntryGroupBasic.project())\n .location(testEntryGroupBasic.location())\n .entryGroupId(testEntryGroupBasic.entryGroupId())\n .role(\"roles/viewer\")\n .members(\"user:jane@example.com\")\n .build());\n\n }\n}\n```\n```yaml\nresources:\n binding:\n type: gcp:dataplex:EntryGroupIamBinding\n properties:\n project: ${testEntryGroupBasic.project}\n location: ${testEntryGroupBasic.location}\n entryGroupId: ${testEntryGroupBasic.entryGroupId}\n role: roles/viewer\n members:\n - user:jane@example.com\n```\n\u003c!--End PulumiCodeChooser --\u003e\n\n## gcp.dataplex.EntryGroupIamMember\n\n\u003c!--Start PulumiCodeChooser --\u003e\n```typescript\nimport * as pulumi from \"@pulumi/pulumi\";\nimport * as gcp from \"@pulumi/gcp\";\n\nconst member = new gcp.dataplex.EntryGroupIamMember(\"member\", {\n project: testEntryGroupBasic.project,\n location: testEntryGroupBasic.location,\n entryGroupId: testEntryGroupBasic.entryGroupId,\n role: \"roles/viewer\",\n member: \"user:jane@example.com\",\n});\n```\n```python\nimport pulumi\nimport pulumi_gcp as gcp\n\nmember = gcp.dataplex.EntryGroupIamMember(\"member\",\n project=test_entry_group_basic[\"project\"],\n location=test_entry_group_basic[\"location\"],\n entry_group_id=test_entry_group_basic[\"entryGroupId\"],\n role=\"roles/viewer\",\n member=\"user:jane@example.com\")\n```\n```csharp\nusing System.Collections.Generic;\nusing System.Linq;\nusing Pulumi;\nusing Gcp = Pulumi.Gcp;\n\nreturn await Deployment.RunAsync(() =\u003e \n{\n var member = new Gcp.DataPlex.EntryGroupIamMember(\"member\", new()\n {\n Project = testEntryGroupBasic.Project,\n Location = testEntryGroupBasic.Location,\n EntryGroupId = testEntryGroupBasic.EntryGroupId,\n Role = \"roles/viewer\",\n Member = \"user:jane@example.com\",\n });\n\n});\n```\n```go\npackage main\n\nimport (\n\t\"github.com/pulumi/pulumi-gcp/sdk/v7/go/gcp/dataplex\"\n\t\"github.com/pulumi/pulumi/sdk/v3/go/pulumi\"\n)\n\nfunc main() {\n\tpulumi.Run(func(ctx *pulumi.Context) error {\n\t\t_, err := dataplex.NewEntryGroupIamMember(ctx, \"member\", \u0026dataplex.EntryGroupIamMemberArgs{\n\t\t\tProject: pulumi.Any(testEntryGroupBasic.Project),\n\t\t\tLocation: pulumi.Any(testEntryGroupBasic.Location),\n\t\t\tEntryGroupId: pulumi.Any(testEntryGroupBasic.EntryGroupId),\n\t\t\tRole: pulumi.String(\"roles/viewer\"),\n\t\t\tMember: pulumi.String(\"user:jane@example.com\"),\n\t\t})\n\t\tif err != nil {\n\t\t\treturn err\n\t\t}\n\t\treturn nil\n\t})\n}\n```\n```java\npackage generated_program;\n\nimport com.pulumi.Context;\nimport com.pulumi.Pulumi;\nimport com.pulumi.core.Output;\nimport com.pulumi.gcp.dataplex.EntryGroupIamMember;\nimport com.pulumi.gcp.dataplex.EntryGroupIamMemberArgs;\nimport java.util.List;\nimport java.util.ArrayList;\nimport java.util.Map;\nimport java.io.File;\nimport java.nio.file.Files;\nimport java.nio.file.Paths;\n\npublic class App {\n public static void main(String[] args) {\n Pulumi.run(App::stack);\n }\n\n public static void stack(Context ctx) {\n var member = new EntryGroupIamMember(\"member\", EntryGroupIamMemberArgs.builder()\n .project(testEntryGroupBasic.project())\n .location(testEntryGroupBasic.location())\n .entryGroupId(testEntryGroupBasic.entryGroupId())\n .role(\"roles/viewer\")\n .member(\"user:jane@example.com\")\n .build());\n\n }\n}\n```\n```yaml\nresources:\n member:\n type: gcp:dataplex:EntryGroupIamMember\n properties:\n project: ${testEntryGroupBasic.project}\n location: ${testEntryGroupBasic.location}\n entryGroupId: ${testEntryGroupBasic.entryGroupId}\n role: roles/viewer\n member: user:jane@example.com\n```\n\u003c!--End PulumiCodeChooser --\u003e\n\n## Import\n\nFor all import syntaxes, the \"resource in question\" can take any of the following forms:\n\n* projects/{{project}}/locations/{{location}}/entryGroups/{{entry_group_id}}\n\n* {{project}}/{{location}}/{{entry_group_id}}\n\n* {{location}}/{{entry_group_id}}\n\n* {{entry_group_id}}\n\nAny variables not passed in the import command will be taken from the provider configuration.\n\nDataplex entrygroup IAM resources can be imported using the resource identifiers, role, and member.\n\nIAM member imports use space-delimited identifiers: the resource in question, the role, and the member identity, e.g.\n\n```sh\n$ pulumi import gcp:dataplex/entryGroupIamBinding:EntryGroupIamBinding editor \"projects/{{project}}/locations/{{location}}/entryGroups/{{entry_group_id}} roles/viewer user:jane@example.com\"\n```\n\nIAM binding imports use space-delimited identifiers: the resource in question and the role, e.g.\n\n```sh\n$ pulumi import gcp:dataplex/entryGroupIamBinding:EntryGroupIamBinding editor \"projects/{{project}}/locations/{{location}}/entryGroups/{{entry_group_id}} roles/viewer\"\n```\n\nIAM policy imports use the identifier of the resource in question, e.g.\n\n```sh\n$ pulumi import gcp:dataplex/entryGroupIamBinding:EntryGroupIamBinding editor projects/{{project}}/locations/{{location}}/entryGroups/{{entry_group_id}}\n```\n\n-\u003e **Custom Roles**: If you're importing a IAM resource with a custom role, make sure to use the\n\n full name of the custom role, e.g. `[projects/my-project|organizations/my-org]/roles/my-custom-role`.\n\n", + "properties": { + "condition": { + "$ref": "#/types/gcp:dataplex/EntryGroupIamBindingCondition:EntryGroupIamBindingCondition" + }, + "entryGroupId": { + "type": "string" + }, + "etag": { + "type": "string", + "description": "(Computed) The etag of the IAM policy.\n" + }, + "location": { + "type": "string", + "description": "The location where entry group will be created in.\nUsed to find the parent resource to bind the IAM policy to\n" + }, + "members": { + "type": "array", + "items": { + "type": "string" + }, + "description": "Identities that will be granted the privilege in `role`.\nEach entry can have one of the following values:\n* **allUsers**: A special identifier that represents anyone who is on the internet; with or without a Google account.\n* **allAuthenticatedUsers**: A special identifier that represents anyone who is authenticated with a Google account or a service account.\n* **user:{emailid}**: An email address that represents a specific Google account. For example, alice@gmail.com or joe@example.com.\n* **serviceAccount:{emailid}**: An email address that represents a service account. For example, my-other-app@appspot.gserviceaccount.com.\n* **group:{emailid}**: An email address that represents a Google group. For example, admins@example.com.\n* **domain:{domain}**: A G Suite domain (primary, instead of alias) name that represents all the users of that domain. For example, google.com or example.com.\n* **projectOwner:projectid**: Owners of the given project. For example, \"projectOwner:my-example-project\"\n* **projectEditor:projectid**: Editors of the given project. For example, \"projectEditor:my-example-project\"\n* **projectViewer:projectid**: Viewers of the given project. For example, \"projectViewer:my-example-project\"\n" + }, + "project": { + "type": "string", + "description": "The ID of the project in which the resource belongs.\nIf it is not provided, the project will be parsed from the identifier of the parent resource. If no project is provided in the parent identifier and no project is specified, the provider project is used.\n" + }, + "role": { + "type": "string", + "description": "The role that should be applied. Only one\n`gcp.dataplex.EntryGroupIamBinding` can be used per role. Note that custom roles must be of the format\n`[projects|organizations]/{parent-name}/roles/{role-name}`.\n" + } + }, + "required": [ + "entryGroupId", + "etag", + "location", + "members", + "project", + "role" + ], + "inputProperties": { + "condition": { + "$ref": "#/types/gcp:dataplex/EntryGroupIamBindingCondition:EntryGroupIamBindingCondition", + "willReplaceOnChanges": true + }, + "entryGroupId": { + "type": "string", + "willReplaceOnChanges": true + }, + "location": { + "type": "string", + "description": "The location where entry group will be created in.\nUsed to find the parent resource to bind the IAM policy to\n", + "willReplaceOnChanges": true + }, + "members": { + "type": "array", + "items": { + "type": "string" + }, + "description": "Identities that will be granted the privilege in `role`.\nEach entry can have one of the following values:\n* **allUsers**: A special identifier that represents anyone who is on the internet; with or without a Google account.\n* **allAuthenticatedUsers**: A special identifier that represents anyone who is authenticated with a Google account or a service account.\n* **user:{emailid}**: An email address that represents a specific Google account. For example, alice@gmail.com or joe@example.com.\n* **serviceAccount:{emailid}**: An email address that represents a service account. For example, my-other-app@appspot.gserviceaccount.com.\n* **group:{emailid}**: An email address that represents a Google group. For example, admins@example.com.\n* **domain:{domain}**: A G Suite domain (primary, instead of alias) name that represents all the users of that domain. For example, google.com or example.com.\n* **projectOwner:projectid**: Owners of the given project. For example, \"projectOwner:my-example-project\"\n* **projectEditor:projectid**: Editors of the given project. For example, \"projectEditor:my-example-project\"\n* **projectViewer:projectid**: Viewers of the given project. For example, \"projectViewer:my-example-project\"\n" + }, + "project": { + "type": "string", + "description": "The ID of the project in which the resource belongs.\nIf it is not provided, the project will be parsed from the identifier of the parent resource. If no project is provided in the parent identifier and no project is specified, the provider project is used.\n", + "willReplaceOnChanges": true + }, + "role": { + "type": "string", + "description": "The role that should be applied. Only one\n`gcp.dataplex.EntryGroupIamBinding` can be used per role. Note that custom roles must be of the format\n`[projects|organizations]/{parent-name}/roles/{role-name}`.\n", + "willReplaceOnChanges": true + } + }, + "requiredInputs": [ + "entryGroupId", + "members", + "role" + ], + "stateInputs": { + "description": "Input properties used for looking up and filtering EntryGroupIamBinding resources.\n", + "properties": { + "condition": { + "$ref": "#/types/gcp:dataplex/EntryGroupIamBindingCondition:EntryGroupIamBindingCondition", + "willReplaceOnChanges": true + }, + "entryGroupId": { + "type": "string", + "willReplaceOnChanges": true + }, + "etag": { + "type": "string", + "description": "(Computed) The etag of the IAM policy.\n" + }, + "location": { + "type": "string", + "description": "The location where entry group will be created in.\nUsed to find the parent resource to bind the IAM policy to\n", + "willReplaceOnChanges": true + }, + "members": { + "type": "array", + "items": { + "type": "string" + }, + "description": "Identities that will be granted the privilege in `role`.\nEach entry can have one of the following values:\n* **allUsers**: A special identifier that represents anyone who is on the internet; with or without a Google account.\n* **allAuthenticatedUsers**: A special identifier that represents anyone who is authenticated with a Google account or a service account.\n* **user:{emailid}**: An email address that represents a specific Google account. For example, alice@gmail.com or joe@example.com.\n* **serviceAccount:{emailid}**: An email address that represents a service account. For example, my-other-app@appspot.gserviceaccount.com.\n* **group:{emailid}**: An email address that represents a Google group. For example, admins@example.com.\n* **domain:{domain}**: A G Suite domain (primary, instead of alias) name that represents all the users of that domain. For example, google.com or example.com.\n* **projectOwner:projectid**: Owners of the given project. For example, \"projectOwner:my-example-project\"\n* **projectEditor:projectid**: Editors of the given project. For example, \"projectEditor:my-example-project\"\n* **projectViewer:projectid**: Viewers of the given project. For example, \"projectViewer:my-example-project\"\n" + }, + "project": { + "type": "string", + "description": "The ID of the project in which the resource belongs.\nIf it is not provided, the project will be parsed from the identifier of the parent resource. If no project is provided in the parent identifier and no project is specified, the provider project is used.\n", + "willReplaceOnChanges": true + }, + "role": { + "type": "string", + "description": "The role that should be applied. Only one\n`gcp.dataplex.EntryGroupIamBinding` can be used per role. Note that custom roles must be of the format\n`[projects|organizations]/{parent-name}/roles/{role-name}`.\n", + "willReplaceOnChanges": true + } + }, + "type": "object" + } + }, + "gcp:dataplex/entryGroupIamMember:EntryGroupIamMember": { + "description": "Three different resources help you manage your IAM policy for Dataplex EntryGroup. Each of these resources serves a different use case:\n\n* `gcp.dataplex.EntryGroupIamPolicy`: Authoritative. Sets the IAM policy for the entrygroup and replaces any existing policy already attached.\n* `gcp.dataplex.EntryGroupIamBinding`: Authoritative for a given role. Updates the IAM policy to grant a role to a list of members. Other roles within the IAM policy for the entrygroup are preserved.\n* `gcp.dataplex.EntryGroupIamMember`: Non-authoritative. Updates the IAM policy to grant a role to a new member. Other members for the role for the entrygroup are preserved.\n\nA data source can be used to retrieve policy data in advent you do not need creation\n\n* `gcp.dataplex.EntryGroupIamPolicy`: Retrieves the IAM policy for the entrygroup\n\n\u003e **Note:** `gcp.dataplex.EntryGroupIamPolicy` **cannot** be used in conjunction with `gcp.dataplex.EntryGroupIamBinding` and `gcp.dataplex.EntryGroupIamMember` or they will fight over what your policy should be.\n\n\u003e **Note:** `gcp.dataplex.EntryGroupIamBinding` resources **can be** used in conjunction with `gcp.dataplex.EntryGroupIamMember` resources **only if** they do not grant privilege to the same role.\n\n\n\n## gcp.dataplex.EntryGroupIamPolicy\n\n\u003c!--Start PulumiCodeChooser --\u003e\n```typescript\nimport * as pulumi from \"@pulumi/pulumi\";\nimport * as gcp from \"@pulumi/gcp\";\n\nconst admin = gcp.organizations.getIAMPolicy({\n bindings: [{\n role: \"roles/viewer\",\n members: [\"user:jane@example.com\"],\n }],\n});\nconst policy = new gcp.dataplex.EntryGroupIamPolicy(\"policy\", {\n project: testEntryGroupBasic.project,\n location: testEntryGroupBasic.location,\n entryGroupId: testEntryGroupBasic.entryGroupId,\n policyData: admin.then(admin =\u003e admin.policyData),\n});\n```\n```python\nimport pulumi\nimport pulumi_gcp as gcp\n\nadmin = gcp.organizations.get_iam_policy(bindings=[gcp.organizations.GetIAMPolicyBindingArgs(\n role=\"roles/viewer\",\n members=[\"user:jane@example.com\"],\n)])\npolicy = gcp.dataplex.EntryGroupIamPolicy(\"policy\",\n project=test_entry_group_basic[\"project\"],\n location=test_entry_group_basic[\"location\"],\n entry_group_id=test_entry_group_basic[\"entryGroupId\"],\n policy_data=admin.policy_data)\n```\n```csharp\nusing System.Collections.Generic;\nusing System.Linq;\nusing Pulumi;\nusing Gcp = Pulumi.Gcp;\n\nreturn await Deployment.RunAsync(() =\u003e \n{\n var admin = Gcp.Organizations.GetIAMPolicy.Invoke(new()\n {\n Bindings = new[]\n {\n new Gcp.Organizations.Inputs.GetIAMPolicyBindingInputArgs\n {\n Role = \"roles/viewer\",\n Members = new[]\n {\n \"user:jane@example.com\",\n },\n },\n },\n });\n\n var policy = new Gcp.DataPlex.EntryGroupIamPolicy(\"policy\", new()\n {\n Project = testEntryGroupBasic.Project,\n Location = testEntryGroupBasic.Location,\n EntryGroupId = testEntryGroupBasic.EntryGroupId,\n PolicyData = admin.Apply(getIAMPolicyResult =\u003e getIAMPolicyResult.PolicyData),\n });\n\n});\n```\n```go\npackage main\n\nimport (\n\t\"github.com/pulumi/pulumi-gcp/sdk/v7/go/gcp/dataplex\"\n\t\"github.com/pulumi/pulumi-gcp/sdk/v7/go/gcp/organizations\"\n\t\"github.com/pulumi/pulumi/sdk/v3/go/pulumi\"\n)\n\nfunc main() {\n\tpulumi.Run(func(ctx *pulumi.Context) error {\n\t\tadmin, err := organizations.LookupIAMPolicy(ctx, \u0026organizations.LookupIAMPolicyArgs{\n\t\t\tBindings: []organizations.GetIAMPolicyBinding{\n\t\t\t\t{\n\t\t\t\t\tRole: \"roles/viewer\",\n\t\t\t\t\tMembers: []string{\n\t\t\t\t\t\t\"user:jane@example.com\",\n\t\t\t\t\t},\n\t\t\t\t},\n\t\t\t},\n\t\t}, nil)\n\t\tif err != nil {\n\t\t\treturn err\n\t\t}\n\t\t_, err = dataplex.NewEntryGroupIamPolicy(ctx, \"policy\", \u0026dataplex.EntryGroupIamPolicyArgs{\n\t\t\tProject: pulumi.Any(testEntryGroupBasic.Project),\n\t\t\tLocation: pulumi.Any(testEntryGroupBasic.Location),\n\t\t\tEntryGroupId: pulumi.Any(testEntryGroupBasic.EntryGroupId),\n\t\t\tPolicyData: pulumi.String(admin.PolicyData),\n\t\t})\n\t\tif err != nil {\n\t\t\treturn err\n\t\t}\n\t\treturn nil\n\t})\n}\n```\n```java\npackage generated_program;\n\nimport com.pulumi.Context;\nimport com.pulumi.Pulumi;\nimport com.pulumi.core.Output;\nimport com.pulumi.gcp.organizations.OrganizationsFunctions;\nimport com.pulumi.gcp.organizations.inputs.GetIAMPolicyArgs;\nimport com.pulumi.gcp.dataplex.EntryGroupIamPolicy;\nimport com.pulumi.gcp.dataplex.EntryGroupIamPolicyArgs;\nimport java.util.List;\nimport java.util.ArrayList;\nimport java.util.Map;\nimport java.io.File;\nimport java.nio.file.Files;\nimport java.nio.file.Paths;\n\npublic class App {\n public static void main(String[] args) {\n Pulumi.run(App::stack);\n }\n\n public static void stack(Context ctx) {\n final var admin = OrganizationsFunctions.getIAMPolicy(GetIAMPolicyArgs.builder()\n .bindings(GetIAMPolicyBindingArgs.builder()\n .role(\"roles/viewer\")\n .members(\"user:jane@example.com\")\n .build())\n .build());\n\n var policy = new EntryGroupIamPolicy(\"policy\", EntryGroupIamPolicyArgs.builder()\n .project(testEntryGroupBasic.project())\n .location(testEntryGroupBasic.location())\n .entryGroupId(testEntryGroupBasic.entryGroupId())\n .policyData(admin.applyValue(getIAMPolicyResult -\u003e getIAMPolicyResult.policyData()))\n .build());\n\n }\n}\n```\n```yaml\nresources:\n policy:\n type: gcp:dataplex:EntryGroupIamPolicy\n properties:\n project: ${testEntryGroupBasic.project}\n location: ${testEntryGroupBasic.location}\n entryGroupId: ${testEntryGroupBasic.entryGroupId}\n policyData: ${admin.policyData}\nvariables:\n admin:\n fn::invoke:\n Function: gcp:organizations:getIAMPolicy\n Arguments:\n bindings:\n - role: roles/viewer\n members:\n - user:jane@example.com\n```\n\u003c!--End PulumiCodeChooser --\u003e\n\n## gcp.dataplex.EntryGroupIamBinding\n\n\u003c!--Start PulumiCodeChooser --\u003e\n```typescript\nimport * as pulumi from \"@pulumi/pulumi\";\nimport * as gcp from \"@pulumi/gcp\";\n\nconst binding = new gcp.dataplex.EntryGroupIamBinding(\"binding\", {\n project: testEntryGroupBasic.project,\n location: testEntryGroupBasic.location,\n entryGroupId: testEntryGroupBasic.entryGroupId,\n role: \"roles/viewer\",\n members: [\"user:jane@example.com\"],\n});\n```\n```python\nimport pulumi\nimport pulumi_gcp as gcp\n\nbinding = gcp.dataplex.EntryGroupIamBinding(\"binding\",\n project=test_entry_group_basic[\"project\"],\n location=test_entry_group_basic[\"location\"],\n entry_group_id=test_entry_group_basic[\"entryGroupId\"],\n role=\"roles/viewer\",\n members=[\"user:jane@example.com\"])\n```\n```csharp\nusing System.Collections.Generic;\nusing System.Linq;\nusing Pulumi;\nusing Gcp = Pulumi.Gcp;\n\nreturn await Deployment.RunAsync(() =\u003e \n{\n var binding = new Gcp.DataPlex.EntryGroupIamBinding(\"binding\", new()\n {\n Project = testEntryGroupBasic.Project,\n Location = testEntryGroupBasic.Location,\n EntryGroupId = testEntryGroupBasic.EntryGroupId,\n Role = \"roles/viewer\",\n Members = new[]\n {\n \"user:jane@example.com\",\n },\n });\n\n});\n```\n```go\npackage main\n\nimport (\n\t\"github.com/pulumi/pulumi-gcp/sdk/v7/go/gcp/dataplex\"\n\t\"github.com/pulumi/pulumi/sdk/v3/go/pulumi\"\n)\n\nfunc main() {\n\tpulumi.Run(func(ctx *pulumi.Context) error {\n\t\t_, err := dataplex.NewEntryGroupIamBinding(ctx, \"binding\", \u0026dataplex.EntryGroupIamBindingArgs{\n\t\t\tProject: pulumi.Any(testEntryGroupBasic.Project),\n\t\t\tLocation: pulumi.Any(testEntryGroupBasic.Location),\n\t\t\tEntryGroupId: pulumi.Any(testEntryGroupBasic.EntryGroupId),\n\t\t\tRole: pulumi.String(\"roles/viewer\"),\n\t\t\tMembers: pulumi.StringArray{\n\t\t\t\tpulumi.String(\"user:jane@example.com\"),\n\t\t\t},\n\t\t})\n\t\tif err != nil {\n\t\t\treturn err\n\t\t}\n\t\treturn nil\n\t})\n}\n```\n```java\npackage generated_program;\n\nimport com.pulumi.Context;\nimport com.pulumi.Pulumi;\nimport com.pulumi.core.Output;\nimport com.pulumi.gcp.dataplex.EntryGroupIamBinding;\nimport com.pulumi.gcp.dataplex.EntryGroupIamBindingArgs;\nimport java.util.List;\nimport java.util.ArrayList;\nimport java.util.Map;\nimport java.io.File;\nimport java.nio.file.Files;\nimport java.nio.file.Paths;\n\npublic class App {\n public static void main(String[] args) {\n Pulumi.run(App::stack);\n }\n\n public static void stack(Context ctx) {\n var binding = new EntryGroupIamBinding(\"binding\", EntryGroupIamBindingArgs.builder()\n .project(testEntryGroupBasic.project())\n .location(testEntryGroupBasic.location())\n .entryGroupId(testEntryGroupBasic.entryGroupId())\n .role(\"roles/viewer\")\n .members(\"user:jane@example.com\")\n .build());\n\n }\n}\n```\n```yaml\nresources:\n binding:\n type: gcp:dataplex:EntryGroupIamBinding\n properties:\n project: ${testEntryGroupBasic.project}\n location: ${testEntryGroupBasic.location}\n entryGroupId: ${testEntryGroupBasic.entryGroupId}\n role: roles/viewer\n members:\n - user:jane@example.com\n```\n\u003c!--End PulumiCodeChooser --\u003e\n\n## gcp.dataplex.EntryGroupIamMember\n\n\u003c!--Start PulumiCodeChooser --\u003e\n```typescript\nimport * as pulumi from \"@pulumi/pulumi\";\nimport * as gcp from \"@pulumi/gcp\";\n\nconst member = new gcp.dataplex.EntryGroupIamMember(\"member\", {\n project: testEntryGroupBasic.project,\n location: testEntryGroupBasic.location,\n entryGroupId: testEntryGroupBasic.entryGroupId,\n role: \"roles/viewer\",\n member: \"user:jane@example.com\",\n});\n```\n```python\nimport pulumi\nimport pulumi_gcp as gcp\n\nmember = gcp.dataplex.EntryGroupIamMember(\"member\",\n project=test_entry_group_basic[\"project\"],\n location=test_entry_group_basic[\"location\"],\n entry_group_id=test_entry_group_basic[\"entryGroupId\"],\n role=\"roles/viewer\",\n member=\"user:jane@example.com\")\n```\n```csharp\nusing System.Collections.Generic;\nusing System.Linq;\nusing Pulumi;\nusing Gcp = Pulumi.Gcp;\n\nreturn await Deployment.RunAsync(() =\u003e \n{\n var member = new Gcp.DataPlex.EntryGroupIamMember(\"member\", new()\n {\n Project = testEntryGroupBasic.Project,\n Location = testEntryGroupBasic.Location,\n EntryGroupId = testEntryGroupBasic.EntryGroupId,\n Role = \"roles/viewer\",\n Member = \"user:jane@example.com\",\n });\n\n});\n```\n```go\npackage main\n\nimport (\n\t\"github.com/pulumi/pulumi-gcp/sdk/v7/go/gcp/dataplex\"\n\t\"github.com/pulumi/pulumi/sdk/v3/go/pulumi\"\n)\n\nfunc main() {\n\tpulumi.Run(func(ctx *pulumi.Context) error {\n\t\t_, err := dataplex.NewEntryGroupIamMember(ctx, \"member\", \u0026dataplex.EntryGroupIamMemberArgs{\n\t\t\tProject: pulumi.Any(testEntryGroupBasic.Project),\n\t\t\tLocation: pulumi.Any(testEntryGroupBasic.Location),\n\t\t\tEntryGroupId: pulumi.Any(testEntryGroupBasic.EntryGroupId),\n\t\t\tRole: pulumi.String(\"roles/viewer\"),\n\t\t\tMember: pulumi.String(\"user:jane@example.com\"),\n\t\t})\n\t\tif err != nil {\n\t\t\treturn err\n\t\t}\n\t\treturn nil\n\t})\n}\n```\n```java\npackage generated_program;\n\nimport com.pulumi.Context;\nimport com.pulumi.Pulumi;\nimport com.pulumi.core.Output;\nimport com.pulumi.gcp.dataplex.EntryGroupIamMember;\nimport com.pulumi.gcp.dataplex.EntryGroupIamMemberArgs;\nimport java.util.List;\nimport java.util.ArrayList;\nimport java.util.Map;\nimport java.io.File;\nimport java.nio.file.Files;\nimport java.nio.file.Paths;\n\npublic class App {\n public static void main(String[] args) {\n Pulumi.run(App::stack);\n }\n\n public static void stack(Context ctx) {\n var member = new EntryGroupIamMember(\"member\", EntryGroupIamMemberArgs.builder()\n .project(testEntryGroupBasic.project())\n .location(testEntryGroupBasic.location())\n .entryGroupId(testEntryGroupBasic.entryGroupId())\n .role(\"roles/viewer\")\n .member(\"user:jane@example.com\")\n .build());\n\n }\n}\n```\n```yaml\nresources:\n member:\n type: gcp:dataplex:EntryGroupIamMember\n properties:\n project: ${testEntryGroupBasic.project}\n location: ${testEntryGroupBasic.location}\n entryGroupId: ${testEntryGroupBasic.entryGroupId}\n role: roles/viewer\n member: user:jane@example.com\n```\n\u003c!--End PulumiCodeChooser --\u003e\n\n\n## gcp.dataplex.EntryGroupIamPolicy\n\n\u003c!--Start PulumiCodeChooser --\u003e\n```typescript\nimport * as pulumi from \"@pulumi/pulumi\";\nimport * as gcp from \"@pulumi/gcp\";\n\nconst admin = gcp.organizations.getIAMPolicy({\n bindings: [{\n role: \"roles/viewer\",\n members: [\"user:jane@example.com\"],\n }],\n});\nconst policy = new gcp.dataplex.EntryGroupIamPolicy(\"policy\", {\n project: testEntryGroupBasic.project,\n location: testEntryGroupBasic.location,\n entryGroupId: testEntryGroupBasic.entryGroupId,\n policyData: admin.then(admin =\u003e admin.policyData),\n});\n```\n```python\nimport pulumi\nimport pulumi_gcp as gcp\n\nadmin = gcp.organizations.get_iam_policy(bindings=[gcp.organizations.GetIAMPolicyBindingArgs(\n role=\"roles/viewer\",\n members=[\"user:jane@example.com\"],\n)])\npolicy = gcp.dataplex.EntryGroupIamPolicy(\"policy\",\n project=test_entry_group_basic[\"project\"],\n location=test_entry_group_basic[\"location\"],\n entry_group_id=test_entry_group_basic[\"entryGroupId\"],\n policy_data=admin.policy_data)\n```\n```csharp\nusing System.Collections.Generic;\nusing System.Linq;\nusing Pulumi;\nusing Gcp = Pulumi.Gcp;\n\nreturn await Deployment.RunAsync(() =\u003e \n{\n var admin = Gcp.Organizations.GetIAMPolicy.Invoke(new()\n {\n Bindings = new[]\n {\n new Gcp.Organizations.Inputs.GetIAMPolicyBindingInputArgs\n {\n Role = \"roles/viewer\",\n Members = new[]\n {\n \"user:jane@example.com\",\n },\n },\n },\n });\n\n var policy = new Gcp.DataPlex.EntryGroupIamPolicy(\"policy\", new()\n {\n Project = testEntryGroupBasic.Project,\n Location = testEntryGroupBasic.Location,\n EntryGroupId = testEntryGroupBasic.EntryGroupId,\n PolicyData = admin.Apply(getIAMPolicyResult =\u003e getIAMPolicyResult.PolicyData),\n });\n\n});\n```\n```go\npackage main\n\nimport (\n\t\"github.com/pulumi/pulumi-gcp/sdk/v7/go/gcp/dataplex\"\n\t\"github.com/pulumi/pulumi-gcp/sdk/v7/go/gcp/organizations\"\n\t\"github.com/pulumi/pulumi/sdk/v3/go/pulumi\"\n)\n\nfunc main() {\n\tpulumi.Run(func(ctx *pulumi.Context) error {\n\t\tadmin, err := organizations.LookupIAMPolicy(ctx, \u0026organizations.LookupIAMPolicyArgs{\n\t\t\tBindings: []organizations.GetIAMPolicyBinding{\n\t\t\t\t{\n\t\t\t\t\tRole: \"roles/viewer\",\n\t\t\t\t\tMembers: []string{\n\t\t\t\t\t\t\"user:jane@example.com\",\n\t\t\t\t\t},\n\t\t\t\t},\n\t\t\t},\n\t\t}, nil)\n\t\tif err != nil {\n\t\t\treturn err\n\t\t}\n\t\t_, err = dataplex.NewEntryGroupIamPolicy(ctx, \"policy\", \u0026dataplex.EntryGroupIamPolicyArgs{\n\t\t\tProject: pulumi.Any(testEntryGroupBasic.Project),\n\t\t\tLocation: pulumi.Any(testEntryGroupBasic.Location),\n\t\t\tEntryGroupId: pulumi.Any(testEntryGroupBasic.EntryGroupId),\n\t\t\tPolicyData: pulumi.String(admin.PolicyData),\n\t\t})\n\t\tif err != nil {\n\t\t\treturn err\n\t\t}\n\t\treturn nil\n\t})\n}\n```\n```java\npackage generated_program;\n\nimport com.pulumi.Context;\nimport com.pulumi.Pulumi;\nimport com.pulumi.core.Output;\nimport com.pulumi.gcp.organizations.OrganizationsFunctions;\nimport com.pulumi.gcp.organizations.inputs.GetIAMPolicyArgs;\nimport com.pulumi.gcp.dataplex.EntryGroupIamPolicy;\nimport com.pulumi.gcp.dataplex.EntryGroupIamPolicyArgs;\nimport java.util.List;\nimport java.util.ArrayList;\nimport java.util.Map;\nimport java.io.File;\nimport java.nio.file.Files;\nimport java.nio.file.Paths;\n\npublic class App {\n public static void main(String[] args) {\n Pulumi.run(App::stack);\n }\n\n public static void stack(Context ctx) {\n final var admin = OrganizationsFunctions.getIAMPolicy(GetIAMPolicyArgs.builder()\n .bindings(GetIAMPolicyBindingArgs.builder()\n .role(\"roles/viewer\")\n .members(\"user:jane@example.com\")\n .build())\n .build());\n\n var policy = new EntryGroupIamPolicy(\"policy\", EntryGroupIamPolicyArgs.builder()\n .project(testEntryGroupBasic.project())\n .location(testEntryGroupBasic.location())\n .entryGroupId(testEntryGroupBasic.entryGroupId())\n .policyData(admin.applyValue(getIAMPolicyResult -\u003e getIAMPolicyResult.policyData()))\n .build());\n\n }\n}\n```\n```yaml\nresources:\n policy:\n type: gcp:dataplex:EntryGroupIamPolicy\n properties:\n project: ${testEntryGroupBasic.project}\n location: ${testEntryGroupBasic.location}\n entryGroupId: ${testEntryGroupBasic.entryGroupId}\n policyData: ${admin.policyData}\nvariables:\n admin:\n fn::invoke:\n Function: gcp:organizations:getIAMPolicy\n Arguments:\n bindings:\n - role: roles/viewer\n members:\n - user:jane@example.com\n```\n\u003c!--End PulumiCodeChooser --\u003e\n\n## gcp.dataplex.EntryGroupIamBinding\n\n\u003c!--Start PulumiCodeChooser --\u003e\n```typescript\nimport * as pulumi from \"@pulumi/pulumi\";\nimport * as gcp from \"@pulumi/gcp\";\n\nconst binding = new gcp.dataplex.EntryGroupIamBinding(\"binding\", {\n project: testEntryGroupBasic.project,\n location: testEntryGroupBasic.location,\n entryGroupId: testEntryGroupBasic.entryGroupId,\n role: \"roles/viewer\",\n members: [\"user:jane@example.com\"],\n});\n```\n```python\nimport pulumi\nimport pulumi_gcp as gcp\n\nbinding = gcp.dataplex.EntryGroupIamBinding(\"binding\",\n project=test_entry_group_basic[\"project\"],\n location=test_entry_group_basic[\"location\"],\n entry_group_id=test_entry_group_basic[\"entryGroupId\"],\n role=\"roles/viewer\",\n members=[\"user:jane@example.com\"])\n```\n```csharp\nusing System.Collections.Generic;\nusing System.Linq;\nusing Pulumi;\nusing Gcp = Pulumi.Gcp;\n\nreturn await Deployment.RunAsync(() =\u003e \n{\n var binding = new Gcp.DataPlex.EntryGroupIamBinding(\"binding\", new()\n {\n Project = testEntryGroupBasic.Project,\n Location = testEntryGroupBasic.Location,\n EntryGroupId = testEntryGroupBasic.EntryGroupId,\n Role = \"roles/viewer\",\n Members = new[]\n {\n \"user:jane@example.com\",\n },\n });\n\n});\n```\n```go\npackage main\n\nimport (\n\t\"github.com/pulumi/pulumi-gcp/sdk/v7/go/gcp/dataplex\"\n\t\"github.com/pulumi/pulumi/sdk/v3/go/pulumi\"\n)\n\nfunc main() {\n\tpulumi.Run(func(ctx *pulumi.Context) error {\n\t\t_, err := dataplex.NewEntryGroupIamBinding(ctx, \"binding\", \u0026dataplex.EntryGroupIamBindingArgs{\n\t\t\tProject: pulumi.Any(testEntryGroupBasic.Project),\n\t\t\tLocation: pulumi.Any(testEntryGroupBasic.Location),\n\t\t\tEntryGroupId: pulumi.Any(testEntryGroupBasic.EntryGroupId),\n\t\t\tRole: pulumi.String(\"roles/viewer\"),\n\t\t\tMembers: pulumi.StringArray{\n\t\t\t\tpulumi.String(\"user:jane@example.com\"),\n\t\t\t},\n\t\t})\n\t\tif err != nil {\n\t\t\treturn err\n\t\t}\n\t\treturn nil\n\t})\n}\n```\n```java\npackage generated_program;\n\nimport com.pulumi.Context;\nimport com.pulumi.Pulumi;\nimport com.pulumi.core.Output;\nimport com.pulumi.gcp.dataplex.EntryGroupIamBinding;\nimport com.pulumi.gcp.dataplex.EntryGroupIamBindingArgs;\nimport java.util.List;\nimport java.util.ArrayList;\nimport java.util.Map;\nimport java.io.File;\nimport java.nio.file.Files;\nimport java.nio.file.Paths;\n\npublic class App {\n public static void main(String[] args) {\n Pulumi.run(App::stack);\n }\n\n public static void stack(Context ctx) {\n var binding = new EntryGroupIamBinding(\"binding\", EntryGroupIamBindingArgs.builder()\n .project(testEntryGroupBasic.project())\n .location(testEntryGroupBasic.location())\n .entryGroupId(testEntryGroupBasic.entryGroupId())\n .role(\"roles/viewer\")\n .members(\"user:jane@example.com\")\n .build());\n\n }\n}\n```\n```yaml\nresources:\n binding:\n type: gcp:dataplex:EntryGroupIamBinding\n properties:\n project: ${testEntryGroupBasic.project}\n location: ${testEntryGroupBasic.location}\n entryGroupId: ${testEntryGroupBasic.entryGroupId}\n role: roles/viewer\n members:\n - user:jane@example.com\n```\n\u003c!--End PulumiCodeChooser --\u003e\n\n## gcp.dataplex.EntryGroupIamMember\n\n\u003c!--Start PulumiCodeChooser --\u003e\n```typescript\nimport * as pulumi from \"@pulumi/pulumi\";\nimport * as gcp from \"@pulumi/gcp\";\n\nconst member = new gcp.dataplex.EntryGroupIamMember(\"member\", {\n project: testEntryGroupBasic.project,\n location: testEntryGroupBasic.location,\n entryGroupId: testEntryGroupBasic.entryGroupId,\n role: \"roles/viewer\",\n member: \"user:jane@example.com\",\n});\n```\n```python\nimport pulumi\nimport pulumi_gcp as gcp\n\nmember = gcp.dataplex.EntryGroupIamMember(\"member\",\n project=test_entry_group_basic[\"project\"],\n location=test_entry_group_basic[\"location\"],\n entry_group_id=test_entry_group_basic[\"entryGroupId\"],\n role=\"roles/viewer\",\n member=\"user:jane@example.com\")\n```\n```csharp\nusing System.Collections.Generic;\nusing System.Linq;\nusing Pulumi;\nusing Gcp = Pulumi.Gcp;\n\nreturn await Deployment.RunAsync(() =\u003e \n{\n var member = new Gcp.DataPlex.EntryGroupIamMember(\"member\", new()\n {\n Project = testEntryGroupBasic.Project,\n Location = testEntryGroupBasic.Location,\n EntryGroupId = testEntryGroupBasic.EntryGroupId,\n Role = \"roles/viewer\",\n Member = \"user:jane@example.com\",\n });\n\n});\n```\n```go\npackage main\n\nimport (\n\t\"github.com/pulumi/pulumi-gcp/sdk/v7/go/gcp/dataplex\"\n\t\"github.com/pulumi/pulumi/sdk/v3/go/pulumi\"\n)\n\nfunc main() {\n\tpulumi.Run(func(ctx *pulumi.Context) error {\n\t\t_, err := dataplex.NewEntryGroupIamMember(ctx, \"member\", \u0026dataplex.EntryGroupIamMemberArgs{\n\t\t\tProject: pulumi.Any(testEntryGroupBasic.Project),\n\t\t\tLocation: pulumi.Any(testEntryGroupBasic.Location),\n\t\t\tEntryGroupId: pulumi.Any(testEntryGroupBasic.EntryGroupId),\n\t\t\tRole: pulumi.String(\"roles/viewer\"),\n\t\t\tMember: pulumi.String(\"user:jane@example.com\"),\n\t\t})\n\t\tif err != nil {\n\t\t\treturn err\n\t\t}\n\t\treturn nil\n\t})\n}\n```\n```java\npackage generated_program;\n\nimport com.pulumi.Context;\nimport com.pulumi.Pulumi;\nimport com.pulumi.core.Output;\nimport com.pulumi.gcp.dataplex.EntryGroupIamMember;\nimport com.pulumi.gcp.dataplex.EntryGroupIamMemberArgs;\nimport java.util.List;\nimport java.util.ArrayList;\nimport java.util.Map;\nimport java.io.File;\nimport java.nio.file.Files;\nimport java.nio.file.Paths;\n\npublic class App {\n public static void main(String[] args) {\n Pulumi.run(App::stack);\n }\n\n public static void stack(Context ctx) {\n var member = new EntryGroupIamMember(\"member\", EntryGroupIamMemberArgs.builder()\n .project(testEntryGroupBasic.project())\n .location(testEntryGroupBasic.location())\n .entryGroupId(testEntryGroupBasic.entryGroupId())\n .role(\"roles/viewer\")\n .member(\"user:jane@example.com\")\n .build());\n\n }\n}\n```\n```yaml\nresources:\n member:\n type: gcp:dataplex:EntryGroupIamMember\n properties:\n project: ${testEntryGroupBasic.project}\n location: ${testEntryGroupBasic.location}\n entryGroupId: ${testEntryGroupBasic.entryGroupId}\n role: roles/viewer\n member: user:jane@example.com\n```\n\u003c!--End PulumiCodeChooser --\u003e\n\n## Import\n\nFor all import syntaxes, the \"resource in question\" can take any of the following forms:\n\n* projects/{{project}}/locations/{{location}}/entryGroups/{{entry_group_id}}\n\n* {{project}}/{{location}}/{{entry_group_id}}\n\n* {{location}}/{{entry_group_id}}\n\n* {{entry_group_id}}\n\nAny variables not passed in the import command will be taken from the provider configuration.\n\nDataplex entrygroup IAM resources can be imported using the resource identifiers, role, and member.\n\nIAM member imports use space-delimited identifiers: the resource in question, the role, and the member identity, e.g.\n\n```sh\n$ pulumi import gcp:dataplex/entryGroupIamMember:EntryGroupIamMember editor \"projects/{{project}}/locations/{{location}}/entryGroups/{{entry_group_id}} roles/viewer user:jane@example.com\"\n```\n\nIAM binding imports use space-delimited identifiers: the resource in question and the role, e.g.\n\n```sh\n$ pulumi import gcp:dataplex/entryGroupIamMember:EntryGroupIamMember editor \"projects/{{project}}/locations/{{location}}/entryGroups/{{entry_group_id}} roles/viewer\"\n```\n\nIAM policy imports use the identifier of the resource in question, e.g.\n\n```sh\n$ pulumi import gcp:dataplex/entryGroupIamMember:EntryGroupIamMember editor projects/{{project}}/locations/{{location}}/entryGroups/{{entry_group_id}}\n```\n\n-\u003e **Custom Roles**: If you're importing a IAM resource with a custom role, make sure to use the\n\n full name of the custom role, e.g. `[projects/my-project|organizations/my-org]/roles/my-custom-role`.\n\n", + "properties": { + "condition": { + "$ref": "#/types/gcp:dataplex/EntryGroupIamMemberCondition:EntryGroupIamMemberCondition" + }, + "entryGroupId": { + "type": "string" + }, + "etag": { + "type": "string", + "description": "(Computed) The etag of the IAM policy.\n" + }, + "location": { + "type": "string", + "description": "The location where entry group will be created in.\nUsed to find the parent resource to bind the IAM policy to\n" + }, + "member": { + "type": "string", + "description": "Identities that will be granted the privilege in `role`.\nEach entry can have one of the following values:\n* **allUsers**: A special identifier that represents anyone who is on the internet; with or without a Google account.\n* **allAuthenticatedUsers**: A special identifier that represents anyone who is authenticated with a Google account or a service account.\n* **user:{emailid}**: An email address that represents a specific Google account. For example, alice@gmail.com or joe@example.com.\n* **serviceAccount:{emailid}**: An email address that represents a service account. For example, my-other-app@appspot.gserviceaccount.com.\n* **group:{emailid}**: An email address that represents a Google group. For example, admins@example.com.\n* **domain:{domain}**: A G Suite domain (primary, instead of alias) name that represents all the users of that domain. For example, google.com or example.com.\n* **projectOwner:projectid**: Owners of the given project. For example, \"projectOwner:my-example-project\"\n* **projectEditor:projectid**: Editors of the given project. For example, \"projectEditor:my-example-project\"\n* **projectViewer:projectid**: Viewers of the given project. For example, \"projectViewer:my-example-project\"\n" + }, + "project": { + "type": "string", + "description": "The ID of the project in which the resource belongs.\nIf it is not provided, the project will be parsed from the identifier of the parent resource. If no project is provided in the parent identifier and no project is specified, the provider project is used.\n" + }, + "role": { + "type": "string", + "description": "The role that should be applied. Only one\n`gcp.dataplex.EntryGroupIamBinding` can be used per role. Note that custom roles must be of the format\n`[projects|organizations]/{parent-name}/roles/{role-name}`.\n" + } + }, + "required": [ + "entryGroupId", + "etag", + "location", + "member", + "project", + "role" + ], + "inputProperties": { + "condition": { + "$ref": "#/types/gcp:dataplex/EntryGroupIamMemberCondition:EntryGroupIamMemberCondition", + "willReplaceOnChanges": true + }, + "entryGroupId": { + "type": "string", + "willReplaceOnChanges": true + }, + "location": { + "type": "string", + "description": "The location where entry group will be created in.\nUsed to find the parent resource to bind the IAM policy to\n", + "willReplaceOnChanges": true + }, + "member": { + "type": "string", + "description": "Identities that will be granted the privilege in `role`.\nEach entry can have one of the following values:\n* **allUsers**: A special identifier that represents anyone who is on the internet; with or without a Google account.\n* **allAuthenticatedUsers**: A special identifier that represents anyone who is authenticated with a Google account or a service account.\n* **user:{emailid}**: An email address that represents a specific Google account. For example, alice@gmail.com or joe@example.com.\n* **serviceAccount:{emailid}**: An email address that represents a service account. For example, my-other-app@appspot.gserviceaccount.com.\n* **group:{emailid}**: An email address that represents a Google group. For example, admins@example.com.\n* **domain:{domain}**: A G Suite domain (primary, instead of alias) name that represents all the users of that domain. For example, google.com or example.com.\n* **projectOwner:projectid**: Owners of the given project. For example, \"projectOwner:my-example-project\"\n* **projectEditor:projectid**: Editors of the given project. For example, \"projectEditor:my-example-project\"\n* **projectViewer:projectid**: Viewers of the given project. For example, \"projectViewer:my-example-project\"\n", + "willReplaceOnChanges": true + }, + "project": { + "type": "string", + "description": "The ID of the project in which the resource belongs.\nIf it is not provided, the project will be parsed from the identifier of the parent resource. If no project is provided in the parent identifier and no project is specified, the provider project is used.\n", + "willReplaceOnChanges": true + }, + "role": { + "type": "string", + "description": "The role that should be applied. Only one\n`gcp.dataplex.EntryGroupIamBinding` can be used per role. Note that custom roles must be of the format\n`[projects|organizations]/{parent-name}/roles/{role-name}`.\n", + "willReplaceOnChanges": true + } + }, + "requiredInputs": [ + "entryGroupId", + "member", + "role" + ], + "stateInputs": { + "description": "Input properties used for looking up and filtering EntryGroupIamMember resources.\n", + "properties": { + "condition": { + "$ref": "#/types/gcp:dataplex/EntryGroupIamMemberCondition:EntryGroupIamMemberCondition", + "willReplaceOnChanges": true + }, + "entryGroupId": { + "type": "string", + "willReplaceOnChanges": true + }, + "etag": { + "type": "string", + "description": "(Computed) The etag of the IAM policy.\n" + }, + "location": { + "type": "string", + "description": "The location where entry group will be created in.\nUsed to find the parent resource to bind the IAM policy to\n", + "willReplaceOnChanges": true + }, + "member": { + "type": "string", + "description": "Identities that will be granted the privilege in `role`.\nEach entry can have one of the following values:\n* **allUsers**: A special identifier that represents anyone who is on the internet; with or without a Google account.\n* **allAuthenticatedUsers**: A special identifier that represents anyone who is authenticated with a Google account or a service account.\n* **user:{emailid}**: An email address that represents a specific Google account. For example, alice@gmail.com or joe@example.com.\n* **serviceAccount:{emailid}**: An email address that represents a service account. For example, my-other-app@appspot.gserviceaccount.com.\n* **group:{emailid}**: An email address that represents a Google group. For example, admins@example.com.\n* **domain:{domain}**: A G Suite domain (primary, instead of alias) name that represents all the users of that domain. For example, google.com or example.com.\n* **projectOwner:projectid**: Owners of the given project. For example, \"projectOwner:my-example-project\"\n* **projectEditor:projectid**: Editors of the given project. For example, \"projectEditor:my-example-project\"\n* **projectViewer:projectid**: Viewers of the given project. For example, \"projectViewer:my-example-project\"\n", + "willReplaceOnChanges": true + }, + "project": { + "type": "string", + "description": "The ID of the project in which the resource belongs.\nIf it is not provided, the project will be parsed from the identifier of the parent resource. If no project is provided in the parent identifier and no project is specified, the provider project is used.\n", + "willReplaceOnChanges": true + }, + "role": { + "type": "string", + "description": "The role that should be applied. Only one\n`gcp.dataplex.EntryGroupIamBinding` can be used per role. Note that custom roles must be of the format\n`[projects|organizations]/{parent-name}/roles/{role-name}`.\n", + "willReplaceOnChanges": true + } + }, + "type": "object" + } + }, + "gcp:dataplex/entryGroupIamPolicy:EntryGroupIamPolicy": { + "description": "Three different resources help you manage your IAM policy for Dataplex EntryGroup. Each of these resources serves a different use case:\n\n* `gcp.dataplex.EntryGroupIamPolicy`: Authoritative. Sets the IAM policy for the entrygroup and replaces any existing policy already attached.\n* `gcp.dataplex.EntryGroupIamBinding`: Authoritative for a given role. Updates the IAM policy to grant a role to a list of members. Other roles within the IAM policy for the entrygroup are preserved.\n* `gcp.dataplex.EntryGroupIamMember`: Non-authoritative. Updates the IAM policy to grant a role to a new member. Other members for the role for the entrygroup are preserved.\n\nA data source can be used to retrieve policy data in advent you do not need creation\n\n* `gcp.dataplex.EntryGroupIamPolicy`: Retrieves the IAM policy for the entrygroup\n\n\u003e **Note:** `gcp.dataplex.EntryGroupIamPolicy` **cannot** be used in conjunction with `gcp.dataplex.EntryGroupIamBinding` and `gcp.dataplex.EntryGroupIamMember` or they will fight over what your policy should be.\n\n\u003e **Note:** `gcp.dataplex.EntryGroupIamBinding` resources **can be** used in conjunction with `gcp.dataplex.EntryGroupIamMember` resources **only if** they do not grant privilege to the same role.\n\n\n\n## gcp.dataplex.EntryGroupIamPolicy\n\n\u003c!--Start PulumiCodeChooser --\u003e\n```typescript\nimport * as pulumi from \"@pulumi/pulumi\";\nimport * as gcp from \"@pulumi/gcp\";\n\nconst admin = gcp.organizations.getIAMPolicy({\n bindings: [{\n role: \"roles/viewer\",\n members: [\"user:jane@example.com\"],\n }],\n});\nconst policy = new gcp.dataplex.EntryGroupIamPolicy(\"policy\", {\n project: testEntryGroupBasic.project,\n location: testEntryGroupBasic.location,\n entryGroupId: testEntryGroupBasic.entryGroupId,\n policyData: admin.then(admin =\u003e admin.policyData),\n});\n```\n```python\nimport pulumi\nimport pulumi_gcp as gcp\n\nadmin = gcp.organizations.get_iam_policy(bindings=[gcp.organizations.GetIAMPolicyBindingArgs(\n role=\"roles/viewer\",\n members=[\"user:jane@example.com\"],\n)])\npolicy = gcp.dataplex.EntryGroupIamPolicy(\"policy\",\n project=test_entry_group_basic[\"project\"],\n location=test_entry_group_basic[\"location\"],\n entry_group_id=test_entry_group_basic[\"entryGroupId\"],\n policy_data=admin.policy_data)\n```\n```csharp\nusing System.Collections.Generic;\nusing System.Linq;\nusing Pulumi;\nusing Gcp = Pulumi.Gcp;\n\nreturn await Deployment.RunAsync(() =\u003e \n{\n var admin = Gcp.Organizations.GetIAMPolicy.Invoke(new()\n {\n Bindings = new[]\n {\n new Gcp.Organizations.Inputs.GetIAMPolicyBindingInputArgs\n {\n Role = \"roles/viewer\",\n Members = new[]\n {\n \"user:jane@example.com\",\n },\n },\n },\n });\n\n var policy = new Gcp.DataPlex.EntryGroupIamPolicy(\"policy\", new()\n {\n Project = testEntryGroupBasic.Project,\n Location = testEntryGroupBasic.Location,\n EntryGroupId = testEntryGroupBasic.EntryGroupId,\n PolicyData = admin.Apply(getIAMPolicyResult =\u003e getIAMPolicyResult.PolicyData),\n });\n\n});\n```\n```go\npackage main\n\nimport (\n\t\"github.com/pulumi/pulumi-gcp/sdk/v7/go/gcp/dataplex\"\n\t\"github.com/pulumi/pulumi-gcp/sdk/v7/go/gcp/organizations\"\n\t\"github.com/pulumi/pulumi/sdk/v3/go/pulumi\"\n)\n\nfunc main() {\n\tpulumi.Run(func(ctx *pulumi.Context) error {\n\t\tadmin, err := organizations.LookupIAMPolicy(ctx, \u0026organizations.LookupIAMPolicyArgs{\n\t\t\tBindings: []organizations.GetIAMPolicyBinding{\n\t\t\t\t{\n\t\t\t\t\tRole: \"roles/viewer\",\n\t\t\t\t\tMembers: []string{\n\t\t\t\t\t\t\"user:jane@example.com\",\n\t\t\t\t\t},\n\t\t\t\t},\n\t\t\t},\n\t\t}, nil)\n\t\tif err != nil {\n\t\t\treturn err\n\t\t}\n\t\t_, err = dataplex.NewEntryGroupIamPolicy(ctx, \"policy\", \u0026dataplex.EntryGroupIamPolicyArgs{\n\t\t\tProject: pulumi.Any(testEntryGroupBasic.Project),\n\t\t\tLocation: pulumi.Any(testEntryGroupBasic.Location),\n\t\t\tEntryGroupId: pulumi.Any(testEntryGroupBasic.EntryGroupId),\n\t\t\tPolicyData: pulumi.String(admin.PolicyData),\n\t\t})\n\t\tif err != nil {\n\t\t\treturn err\n\t\t}\n\t\treturn nil\n\t})\n}\n```\n```java\npackage generated_program;\n\nimport com.pulumi.Context;\nimport com.pulumi.Pulumi;\nimport com.pulumi.core.Output;\nimport com.pulumi.gcp.organizations.OrganizationsFunctions;\nimport com.pulumi.gcp.organizations.inputs.GetIAMPolicyArgs;\nimport com.pulumi.gcp.dataplex.EntryGroupIamPolicy;\nimport com.pulumi.gcp.dataplex.EntryGroupIamPolicyArgs;\nimport java.util.List;\nimport java.util.ArrayList;\nimport java.util.Map;\nimport java.io.File;\nimport java.nio.file.Files;\nimport java.nio.file.Paths;\n\npublic class App {\n public static void main(String[] args) {\n Pulumi.run(App::stack);\n }\n\n public static void stack(Context ctx) {\n final var admin = OrganizationsFunctions.getIAMPolicy(GetIAMPolicyArgs.builder()\n .bindings(GetIAMPolicyBindingArgs.builder()\n .role(\"roles/viewer\")\n .members(\"user:jane@example.com\")\n .build())\n .build());\n\n var policy = new EntryGroupIamPolicy(\"policy\", EntryGroupIamPolicyArgs.builder()\n .project(testEntryGroupBasic.project())\n .location(testEntryGroupBasic.location())\n .entryGroupId(testEntryGroupBasic.entryGroupId())\n .policyData(admin.applyValue(getIAMPolicyResult -\u003e getIAMPolicyResult.policyData()))\n .build());\n\n }\n}\n```\n```yaml\nresources:\n policy:\n type: gcp:dataplex:EntryGroupIamPolicy\n properties:\n project: ${testEntryGroupBasic.project}\n location: ${testEntryGroupBasic.location}\n entryGroupId: ${testEntryGroupBasic.entryGroupId}\n policyData: ${admin.policyData}\nvariables:\n admin:\n fn::invoke:\n Function: gcp:organizations:getIAMPolicy\n Arguments:\n bindings:\n - role: roles/viewer\n members:\n - user:jane@example.com\n```\n\u003c!--End PulumiCodeChooser --\u003e\n\n## gcp.dataplex.EntryGroupIamBinding\n\n\u003c!--Start PulumiCodeChooser --\u003e\n```typescript\nimport * as pulumi from \"@pulumi/pulumi\";\nimport * as gcp from \"@pulumi/gcp\";\n\nconst binding = new gcp.dataplex.EntryGroupIamBinding(\"binding\", {\n project: testEntryGroupBasic.project,\n location: testEntryGroupBasic.location,\n entryGroupId: testEntryGroupBasic.entryGroupId,\n role: \"roles/viewer\",\n members: [\"user:jane@example.com\"],\n});\n```\n```python\nimport pulumi\nimport pulumi_gcp as gcp\n\nbinding = gcp.dataplex.EntryGroupIamBinding(\"binding\",\n project=test_entry_group_basic[\"project\"],\n location=test_entry_group_basic[\"location\"],\n entry_group_id=test_entry_group_basic[\"entryGroupId\"],\n role=\"roles/viewer\",\n members=[\"user:jane@example.com\"])\n```\n```csharp\nusing System.Collections.Generic;\nusing System.Linq;\nusing Pulumi;\nusing Gcp = Pulumi.Gcp;\n\nreturn await Deployment.RunAsync(() =\u003e \n{\n var binding = new Gcp.DataPlex.EntryGroupIamBinding(\"binding\", new()\n {\n Project = testEntryGroupBasic.Project,\n Location = testEntryGroupBasic.Location,\n EntryGroupId = testEntryGroupBasic.EntryGroupId,\n Role = \"roles/viewer\",\n Members = new[]\n {\n \"user:jane@example.com\",\n },\n });\n\n});\n```\n```go\npackage main\n\nimport (\n\t\"github.com/pulumi/pulumi-gcp/sdk/v7/go/gcp/dataplex\"\n\t\"github.com/pulumi/pulumi/sdk/v3/go/pulumi\"\n)\n\nfunc main() {\n\tpulumi.Run(func(ctx *pulumi.Context) error {\n\t\t_, err := dataplex.NewEntryGroupIamBinding(ctx, \"binding\", \u0026dataplex.EntryGroupIamBindingArgs{\n\t\t\tProject: pulumi.Any(testEntryGroupBasic.Project),\n\t\t\tLocation: pulumi.Any(testEntryGroupBasic.Location),\n\t\t\tEntryGroupId: pulumi.Any(testEntryGroupBasic.EntryGroupId),\n\t\t\tRole: pulumi.String(\"roles/viewer\"),\n\t\t\tMembers: pulumi.StringArray{\n\t\t\t\tpulumi.String(\"user:jane@example.com\"),\n\t\t\t},\n\t\t})\n\t\tif err != nil {\n\t\t\treturn err\n\t\t}\n\t\treturn nil\n\t})\n}\n```\n```java\npackage generated_program;\n\nimport com.pulumi.Context;\nimport com.pulumi.Pulumi;\nimport com.pulumi.core.Output;\nimport com.pulumi.gcp.dataplex.EntryGroupIamBinding;\nimport com.pulumi.gcp.dataplex.EntryGroupIamBindingArgs;\nimport java.util.List;\nimport java.util.ArrayList;\nimport java.util.Map;\nimport java.io.File;\nimport java.nio.file.Files;\nimport java.nio.file.Paths;\n\npublic class App {\n public static void main(String[] args) {\n Pulumi.run(App::stack);\n }\n\n public static void stack(Context ctx) {\n var binding = new EntryGroupIamBinding(\"binding\", EntryGroupIamBindingArgs.builder()\n .project(testEntryGroupBasic.project())\n .location(testEntryGroupBasic.location())\n .entryGroupId(testEntryGroupBasic.entryGroupId())\n .role(\"roles/viewer\")\n .members(\"user:jane@example.com\")\n .build());\n\n }\n}\n```\n```yaml\nresources:\n binding:\n type: gcp:dataplex:EntryGroupIamBinding\n properties:\n project: ${testEntryGroupBasic.project}\n location: ${testEntryGroupBasic.location}\n entryGroupId: ${testEntryGroupBasic.entryGroupId}\n role: roles/viewer\n members:\n - user:jane@example.com\n```\n\u003c!--End PulumiCodeChooser --\u003e\n\n## gcp.dataplex.EntryGroupIamMember\n\n\u003c!--Start PulumiCodeChooser --\u003e\n```typescript\nimport * as pulumi from \"@pulumi/pulumi\";\nimport * as gcp from \"@pulumi/gcp\";\n\nconst member = new gcp.dataplex.EntryGroupIamMember(\"member\", {\n project: testEntryGroupBasic.project,\n location: testEntryGroupBasic.location,\n entryGroupId: testEntryGroupBasic.entryGroupId,\n role: \"roles/viewer\",\n member: \"user:jane@example.com\",\n});\n```\n```python\nimport pulumi\nimport pulumi_gcp as gcp\n\nmember = gcp.dataplex.EntryGroupIamMember(\"member\",\n project=test_entry_group_basic[\"project\"],\n location=test_entry_group_basic[\"location\"],\n entry_group_id=test_entry_group_basic[\"entryGroupId\"],\n role=\"roles/viewer\",\n member=\"user:jane@example.com\")\n```\n```csharp\nusing System.Collections.Generic;\nusing System.Linq;\nusing Pulumi;\nusing Gcp = Pulumi.Gcp;\n\nreturn await Deployment.RunAsync(() =\u003e \n{\n var member = new Gcp.DataPlex.EntryGroupIamMember(\"member\", new()\n {\n Project = testEntryGroupBasic.Project,\n Location = testEntryGroupBasic.Location,\n EntryGroupId = testEntryGroupBasic.EntryGroupId,\n Role = \"roles/viewer\",\n Member = \"user:jane@example.com\",\n });\n\n});\n```\n```go\npackage main\n\nimport (\n\t\"github.com/pulumi/pulumi-gcp/sdk/v7/go/gcp/dataplex\"\n\t\"github.com/pulumi/pulumi/sdk/v3/go/pulumi\"\n)\n\nfunc main() {\n\tpulumi.Run(func(ctx *pulumi.Context) error {\n\t\t_, err := dataplex.NewEntryGroupIamMember(ctx, \"member\", \u0026dataplex.EntryGroupIamMemberArgs{\n\t\t\tProject: pulumi.Any(testEntryGroupBasic.Project),\n\t\t\tLocation: pulumi.Any(testEntryGroupBasic.Location),\n\t\t\tEntryGroupId: pulumi.Any(testEntryGroupBasic.EntryGroupId),\n\t\t\tRole: pulumi.String(\"roles/viewer\"),\n\t\t\tMember: pulumi.String(\"user:jane@example.com\"),\n\t\t})\n\t\tif err != nil {\n\t\t\treturn err\n\t\t}\n\t\treturn nil\n\t})\n}\n```\n```java\npackage generated_program;\n\nimport com.pulumi.Context;\nimport com.pulumi.Pulumi;\nimport com.pulumi.core.Output;\nimport com.pulumi.gcp.dataplex.EntryGroupIamMember;\nimport com.pulumi.gcp.dataplex.EntryGroupIamMemberArgs;\nimport java.util.List;\nimport java.util.ArrayList;\nimport java.util.Map;\nimport java.io.File;\nimport java.nio.file.Files;\nimport java.nio.file.Paths;\n\npublic class App {\n public static void main(String[] args) {\n Pulumi.run(App::stack);\n }\n\n public static void stack(Context ctx) {\n var member = new EntryGroupIamMember(\"member\", EntryGroupIamMemberArgs.builder()\n .project(testEntryGroupBasic.project())\n .location(testEntryGroupBasic.location())\n .entryGroupId(testEntryGroupBasic.entryGroupId())\n .role(\"roles/viewer\")\n .member(\"user:jane@example.com\")\n .build());\n\n }\n}\n```\n```yaml\nresources:\n member:\n type: gcp:dataplex:EntryGroupIamMember\n properties:\n project: ${testEntryGroupBasic.project}\n location: ${testEntryGroupBasic.location}\n entryGroupId: ${testEntryGroupBasic.entryGroupId}\n role: roles/viewer\n member: user:jane@example.com\n```\n\u003c!--End PulumiCodeChooser --\u003e\n\n\n## gcp.dataplex.EntryGroupIamPolicy\n\n\u003c!--Start PulumiCodeChooser --\u003e\n```typescript\nimport * as pulumi from \"@pulumi/pulumi\";\nimport * as gcp from \"@pulumi/gcp\";\n\nconst admin = gcp.organizations.getIAMPolicy({\n bindings: [{\n role: \"roles/viewer\",\n members: [\"user:jane@example.com\"],\n }],\n});\nconst policy = new gcp.dataplex.EntryGroupIamPolicy(\"policy\", {\n project: testEntryGroupBasic.project,\n location: testEntryGroupBasic.location,\n entryGroupId: testEntryGroupBasic.entryGroupId,\n policyData: admin.then(admin =\u003e admin.policyData),\n});\n```\n```python\nimport pulumi\nimport pulumi_gcp as gcp\n\nadmin = gcp.organizations.get_iam_policy(bindings=[gcp.organizations.GetIAMPolicyBindingArgs(\n role=\"roles/viewer\",\n members=[\"user:jane@example.com\"],\n)])\npolicy = gcp.dataplex.EntryGroupIamPolicy(\"policy\",\n project=test_entry_group_basic[\"project\"],\n location=test_entry_group_basic[\"location\"],\n entry_group_id=test_entry_group_basic[\"entryGroupId\"],\n policy_data=admin.policy_data)\n```\n```csharp\nusing System.Collections.Generic;\nusing System.Linq;\nusing Pulumi;\nusing Gcp = Pulumi.Gcp;\n\nreturn await Deployment.RunAsync(() =\u003e \n{\n var admin = Gcp.Organizations.GetIAMPolicy.Invoke(new()\n {\n Bindings = new[]\n {\n new Gcp.Organizations.Inputs.GetIAMPolicyBindingInputArgs\n {\n Role = \"roles/viewer\",\n Members = new[]\n {\n \"user:jane@example.com\",\n },\n },\n },\n });\n\n var policy = new Gcp.DataPlex.EntryGroupIamPolicy(\"policy\", new()\n {\n Project = testEntryGroupBasic.Project,\n Location = testEntryGroupBasic.Location,\n EntryGroupId = testEntryGroupBasic.EntryGroupId,\n PolicyData = admin.Apply(getIAMPolicyResult =\u003e getIAMPolicyResult.PolicyData),\n });\n\n});\n```\n```go\npackage main\n\nimport (\n\t\"github.com/pulumi/pulumi-gcp/sdk/v7/go/gcp/dataplex\"\n\t\"github.com/pulumi/pulumi-gcp/sdk/v7/go/gcp/organizations\"\n\t\"github.com/pulumi/pulumi/sdk/v3/go/pulumi\"\n)\n\nfunc main() {\n\tpulumi.Run(func(ctx *pulumi.Context) error {\n\t\tadmin, err := organizations.LookupIAMPolicy(ctx, \u0026organizations.LookupIAMPolicyArgs{\n\t\t\tBindings: []organizations.GetIAMPolicyBinding{\n\t\t\t\t{\n\t\t\t\t\tRole: \"roles/viewer\",\n\t\t\t\t\tMembers: []string{\n\t\t\t\t\t\t\"user:jane@example.com\",\n\t\t\t\t\t},\n\t\t\t\t},\n\t\t\t},\n\t\t}, nil)\n\t\tif err != nil {\n\t\t\treturn err\n\t\t}\n\t\t_, err = dataplex.NewEntryGroupIamPolicy(ctx, \"policy\", \u0026dataplex.EntryGroupIamPolicyArgs{\n\t\t\tProject: pulumi.Any(testEntryGroupBasic.Project),\n\t\t\tLocation: pulumi.Any(testEntryGroupBasic.Location),\n\t\t\tEntryGroupId: pulumi.Any(testEntryGroupBasic.EntryGroupId),\n\t\t\tPolicyData: pulumi.String(admin.PolicyData),\n\t\t})\n\t\tif err != nil {\n\t\t\treturn err\n\t\t}\n\t\treturn nil\n\t})\n}\n```\n```java\npackage generated_program;\n\nimport com.pulumi.Context;\nimport com.pulumi.Pulumi;\nimport com.pulumi.core.Output;\nimport com.pulumi.gcp.organizations.OrganizationsFunctions;\nimport com.pulumi.gcp.organizations.inputs.GetIAMPolicyArgs;\nimport com.pulumi.gcp.dataplex.EntryGroupIamPolicy;\nimport com.pulumi.gcp.dataplex.EntryGroupIamPolicyArgs;\nimport java.util.List;\nimport java.util.ArrayList;\nimport java.util.Map;\nimport java.io.File;\nimport java.nio.file.Files;\nimport java.nio.file.Paths;\n\npublic class App {\n public static void main(String[] args) {\n Pulumi.run(App::stack);\n }\n\n public static void stack(Context ctx) {\n final var admin = OrganizationsFunctions.getIAMPolicy(GetIAMPolicyArgs.builder()\n .bindings(GetIAMPolicyBindingArgs.builder()\n .role(\"roles/viewer\")\n .members(\"user:jane@example.com\")\n .build())\n .build());\n\n var policy = new EntryGroupIamPolicy(\"policy\", EntryGroupIamPolicyArgs.builder()\n .project(testEntryGroupBasic.project())\n .location(testEntryGroupBasic.location())\n .entryGroupId(testEntryGroupBasic.entryGroupId())\n .policyData(admin.applyValue(getIAMPolicyResult -\u003e getIAMPolicyResult.policyData()))\n .build());\n\n }\n}\n```\n```yaml\nresources:\n policy:\n type: gcp:dataplex:EntryGroupIamPolicy\n properties:\n project: ${testEntryGroupBasic.project}\n location: ${testEntryGroupBasic.location}\n entryGroupId: ${testEntryGroupBasic.entryGroupId}\n policyData: ${admin.policyData}\nvariables:\n admin:\n fn::invoke:\n Function: gcp:organizations:getIAMPolicy\n Arguments:\n bindings:\n - role: roles/viewer\n members:\n - user:jane@example.com\n```\n\u003c!--End PulumiCodeChooser --\u003e\n\n## gcp.dataplex.EntryGroupIamBinding\n\n\u003c!--Start PulumiCodeChooser --\u003e\n```typescript\nimport * as pulumi from \"@pulumi/pulumi\";\nimport * as gcp from \"@pulumi/gcp\";\n\nconst binding = new gcp.dataplex.EntryGroupIamBinding(\"binding\", {\n project: testEntryGroupBasic.project,\n location: testEntryGroupBasic.location,\n entryGroupId: testEntryGroupBasic.entryGroupId,\n role: \"roles/viewer\",\n members: [\"user:jane@example.com\"],\n});\n```\n```python\nimport pulumi\nimport pulumi_gcp as gcp\n\nbinding = gcp.dataplex.EntryGroupIamBinding(\"binding\",\n project=test_entry_group_basic[\"project\"],\n location=test_entry_group_basic[\"location\"],\n entry_group_id=test_entry_group_basic[\"entryGroupId\"],\n role=\"roles/viewer\",\n members=[\"user:jane@example.com\"])\n```\n```csharp\nusing System.Collections.Generic;\nusing System.Linq;\nusing Pulumi;\nusing Gcp = Pulumi.Gcp;\n\nreturn await Deployment.RunAsync(() =\u003e \n{\n var binding = new Gcp.DataPlex.EntryGroupIamBinding(\"binding\", new()\n {\n Project = testEntryGroupBasic.Project,\n Location = testEntryGroupBasic.Location,\n EntryGroupId = testEntryGroupBasic.EntryGroupId,\n Role = \"roles/viewer\",\n Members = new[]\n {\n \"user:jane@example.com\",\n },\n });\n\n});\n```\n```go\npackage main\n\nimport (\n\t\"github.com/pulumi/pulumi-gcp/sdk/v7/go/gcp/dataplex\"\n\t\"github.com/pulumi/pulumi/sdk/v3/go/pulumi\"\n)\n\nfunc main() {\n\tpulumi.Run(func(ctx *pulumi.Context) error {\n\t\t_, err := dataplex.NewEntryGroupIamBinding(ctx, \"binding\", \u0026dataplex.EntryGroupIamBindingArgs{\n\t\t\tProject: pulumi.Any(testEntryGroupBasic.Project),\n\t\t\tLocation: pulumi.Any(testEntryGroupBasic.Location),\n\t\t\tEntryGroupId: pulumi.Any(testEntryGroupBasic.EntryGroupId),\n\t\t\tRole: pulumi.String(\"roles/viewer\"),\n\t\t\tMembers: pulumi.StringArray{\n\t\t\t\tpulumi.String(\"user:jane@example.com\"),\n\t\t\t},\n\t\t})\n\t\tif err != nil {\n\t\t\treturn err\n\t\t}\n\t\treturn nil\n\t})\n}\n```\n```java\npackage generated_program;\n\nimport com.pulumi.Context;\nimport com.pulumi.Pulumi;\nimport com.pulumi.core.Output;\nimport com.pulumi.gcp.dataplex.EntryGroupIamBinding;\nimport com.pulumi.gcp.dataplex.EntryGroupIamBindingArgs;\nimport java.util.List;\nimport java.util.ArrayList;\nimport java.util.Map;\nimport java.io.File;\nimport java.nio.file.Files;\nimport java.nio.file.Paths;\n\npublic class App {\n public static void main(String[] args) {\n Pulumi.run(App::stack);\n }\n\n public static void stack(Context ctx) {\n var binding = new EntryGroupIamBinding(\"binding\", EntryGroupIamBindingArgs.builder()\n .project(testEntryGroupBasic.project())\n .location(testEntryGroupBasic.location())\n .entryGroupId(testEntryGroupBasic.entryGroupId())\n .role(\"roles/viewer\")\n .members(\"user:jane@example.com\")\n .build());\n\n }\n}\n```\n```yaml\nresources:\n binding:\n type: gcp:dataplex:EntryGroupIamBinding\n properties:\n project: ${testEntryGroupBasic.project}\n location: ${testEntryGroupBasic.location}\n entryGroupId: ${testEntryGroupBasic.entryGroupId}\n role: roles/viewer\n members:\n - user:jane@example.com\n```\n\u003c!--End PulumiCodeChooser --\u003e\n\n## gcp.dataplex.EntryGroupIamMember\n\n\u003c!--Start PulumiCodeChooser --\u003e\n```typescript\nimport * as pulumi from \"@pulumi/pulumi\";\nimport * as gcp from \"@pulumi/gcp\";\n\nconst member = new gcp.dataplex.EntryGroupIamMember(\"member\", {\n project: testEntryGroupBasic.project,\n location: testEntryGroupBasic.location,\n entryGroupId: testEntryGroupBasic.entryGroupId,\n role: \"roles/viewer\",\n member: \"user:jane@example.com\",\n});\n```\n```python\nimport pulumi\nimport pulumi_gcp as gcp\n\nmember = gcp.dataplex.EntryGroupIamMember(\"member\",\n project=test_entry_group_basic[\"project\"],\n location=test_entry_group_basic[\"location\"],\n entry_group_id=test_entry_group_basic[\"entryGroupId\"],\n role=\"roles/viewer\",\n member=\"user:jane@example.com\")\n```\n```csharp\nusing System.Collections.Generic;\nusing System.Linq;\nusing Pulumi;\nusing Gcp = Pulumi.Gcp;\n\nreturn await Deployment.RunAsync(() =\u003e \n{\n var member = new Gcp.DataPlex.EntryGroupIamMember(\"member\", new()\n {\n Project = testEntryGroupBasic.Project,\n Location = testEntryGroupBasic.Location,\n EntryGroupId = testEntryGroupBasic.EntryGroupId,\n Role = \"roles/viewer\",\n Member = \"user:jane@example.com\",\n });\n\n});\n```\n```go\npackage main\n\nimport (\n\t\"github.com/pulumi/pulumi-gcp/sdk/v7/go/gcp/dataplex\"\n\t\"github.com/pulumi/pulumi/sdk/v3/go/pulumi\"\n)\n\nfunc main() {\n\tpulumi.Run(func(ctx *pulumi.Context) error {\n\t\t_, err := dataplex.NewEntryGroupIamMember(ctx, \"member\", \u0026dataplex.EntryGroupIamMemberArgs{\n\t\t\tProject: pulumi.Any(testEntryGroupBasic.Project),\n\t\t\tLocation: pulumi.Any(testEntryGroupBasic.Location),\n\t\t\tEntryGroupId: pulumi.Any(testEntryGroupBasic.EntryGroupId),\n\t\t\tRole: pulumi.String(\"roles/viewer\"),\n\t\t\tMember: pulumi.String(\"user:jane@example.com\"),\n\t\t})\n\t\tif err != nil {\n\t\t\treturn err\n\t\t}\n\t\treturn nil\n\t})\n}\n```\n```java\npackage generated_program;\n\nimport com.pulumi.Context;\nimport com.pulumi.Pulumi;\nimport com.pulumi.core.Output;\nimport com.pulumi.gcp.dataplex.EntryGroupIamMember;\nimport com.pulumi.gcp.dataplex.EntryGroupIamMemberArgs;\nimport java.util.List;\nimport java.util.ArrayList;\nimport java.util.Map;\nimport java.io.File;\nimport java.nio.file.Files;\nimport java.nio.file.Paths;\n\npublic class App {\n public static void main(String[] args) {\n Pulumi.run(App::stack);\n }\n\n public static void stack(Context ctx) {\n var member = new EntryGroupIamMember(\"member\", EntryGroupIamMemberArgs.builder()\n .project(testEntryGroupBasic.project())\n .location(testEntryGroupBasic.location())\n .entryGroupId(testEntryGroupBasic.entryGroupId())\n .role(\"roles/viewer\")\n .member(\"user:jane@example.com\")\n .build());\n\n }\n}\n```\n```yaml\nresources:\n member:\n type: gcp:dataplex:EntryGroupIamMember\n properties:\n project: ${testEntryGroupBasic.project}\n location: ${testEntryGroupBasic.location}\n entryGroupId: ${testEntryGroupBasic.entryGroupId}\n role: roles/viewer\n member: user:jane@example.com\n```\n\u003c!--End PulumiCodeChooser --\u003e\n\n## Import\n\nFor all import syntaxes, the \"resource in question\" can take any of the following forms:\n\n* projects/{{project}}/locations/{{location}}/entryGroups/{{entry_group_id}}\n\n* {{project}}/{{location}}/{{entry_group_id}}\n\n* {{location}}/{{entry_group_id}}\n\n* {{entry_group_id}}\n\nAny variables not passed in the import command will be taken from the provider configuration.\n\nDataplex entrygroup IAM resources can be imported using the resource identifiers, role, and member.\n\nIAM member imports use space-delimited identifiers: the resource in question, the role, and the member identity, e.g.\n\n```sh\n$ pulumi import gcp:dataplex/entryGroupIamPolicy:EntryGroupIamPolicy editor \"projects/{{project}}/locations/{{location}}/entryGroups/{{entry_group_id}} roles/viewer user:jane@example.com\"\n```\n\nIAM binding imports use space-delimited identifiers: the resource in question and the role, e.g.\n\n```sh\n$ pulumi import gcp:dataplex/entryGroupIamPolicy:EntryGroupIamPolicy editor \"projects/{{project}}/locations/{{location}}/entryGroups/{{entry_group_id}} roles/viewer\"\n```\n\nIAM policy imports use the identifier of the resource in question, e.g.\n\n```sh\n$ pulumi import gcp:dataplex/entryGroupIamPolicy:EntryGroupIamPolicy editor projects/{{project}}/locations/{{location}}/entryGroups/{{entry_group_id}}\n```\n\n-\u003e **Custom Roles**: If you're importing a IAM resource with a custom role, make sure to use the\n\n full name of the custom role, e.g. `[projects/my-project|organizations/my-org]/roles/my-custom-role`.\n\n", + "properties": { + "entryGroupId": { + "type": "string" + }, + "etag": { + "type": "string", + "description": "(Computed) The etag of the IAM policy.\n" + }, + "location": { + "type": "string", + "description": "The location where entry group will be created in.\nUsed to find the parent resource to bind the IAM policy to\n" + }, + "policyData": { + "type": "string", + "description": "The policy data generated by\na `gcp.organizations.getIAMPolicy` data source.\n" + }, + "project": { + "type": "string", + "description": "The ID of the project in which the resource belongs.\nIf it is not provided, the project will be parsed from the identifier of the parent resource. If no project is provided in the parent identifier and no project is specified, the provider project is used.\n" + } + }, + "required": [ + "entryGroupId", + "etag", + "location", + "policyData", + "project" + ], + "inputProperties": { + "entryGroupId": { + "type": "string", + "willReplaceOnChanges": true + }, + "location": { + "type": "string", + "description": "The location where entry group will be created in.\nUsed to find the parent resource to bind the IAM policy to\n", + "willReplaceOnChanges": true + }, + "policyData": { + "type": "string", + "description": "The policy data generated by\na `gcp.organizations.getIAMPolicy` data source.\n" + }, + "project": { + "type": "string", + "description": "The ID of the project in which the resource belongs.\nIf it is not provided, the project will be parsed from the identifier of the parent resource. If no project is provided in the parent identifier and no project is specified, the provider project is used.\n", + "willReplaceOnChanges": true + } + }, + "requiredInputs": [ + "entryGroupId", + "policyData" + ], + "stateInputs": { + "description": "Input properties used for looking up and filtering EntryGroupIamPolicy resources.\n", + "properties": { + "entryGroupId": { + "type": "string", + "willReplaceOnChanges": true + }, + "etag": { + "type": "string", + "description": "(Computed) The etag of the IAM policy.\n" + }, + "location": { + "type": "string", + "description": "The location where entry group will be created in.\nUsed to find the parent resource to bind the IAM policy to\n", + "willReplaceOnChanges": true + }, + "policyData": { + "type": "string", + "description": "The policy data generated by\na `gcp.organizations.getIAMPolicy` data source.\n" + }, + "project": { + "type": "string", + "description": "The ID of the project in which the resource belongs.\nIf it is not provided, the project will be parsed from the identifier of the parent resource. If no project is provided in the parent identifier and no project is specified, the provider project is used.\n", + "willReplaceOnChanges": true + } + }, + "type": "object" + } + }, "gcp:dataplex/lake:Lake": { "description": "The Dataplex Lake resource\n\n## Example Usage\n\n### Basic_lake\nA basic example of a dataplex lake\n\u003c!--Start PulumiCodeChooser --\u003e\n```typescript\nimport * as pulumi from \"@pulumi/pulumi\";\nimport * as gcp from \"@pulumi/gcp\";\n\nconst primary = new gcp.dataplex.Lake(\"primary\", {\n location: \"us-west1\",\n name: \"lake\",\n description: \"Lake for DCL\",\n displayName: \"Lake for DCL\",\n project: \"my-project-name\",\n labels: {\n \"my-lake\": \"exists\",\n },\n});\n```\n```python\nimport pulumi\nimport pulumi_gcp as gcp\n\nprimary = gcp.dataplex.Lake(\"primary\",\n location=\"us-west1\",\n name=\"lake\",\n description=\"Lake for DCL\",\n display_name=\"Lake for DCL\",\n project=\"my-project-name\",\n labels={\n \"my-lake\": \"exists\",\n })\n```\n```csharp\nusing System.Collections.Generic;\nusing System.Linq;\nusing Pulumi;\nusing Gcp = Pulumi.Gcp;\n\nreturn await Deployment.RunAsync(() =\u003e \n{\n var primary = new Gcp.DataPlex.Lake(\"primary\", new()\n {\n Location = \"us-west1\",\n Name = \"lake\",\n Description = \"Lake for DCL\",\n DisplayName = \"Lake for DCL\",\n Project = \"my-project-name\",\n Labels = \n {\n { \"my-lake\", \"exists\" },\n },\n });\n\n});\n```\n```go\npackage main\n\nimport (\n\t\"github.com/pulumi/pulumi-gcp/sdk/v7/go/gcp/dataplex\"\n\t\"github.com/pulumi/pulumi/sdk/v3/go/pulumi\"\n)\n\nfunc main() {\n\tpulumi.Run(func(ctx *pulumi.Context) error {\n\t\t_, err := dataplex.NewLake(ctx, \"primary\", \u0026dataplex.LakeArgs{\n\t\t\tLocation: pulumi.String(\"us-west1\"),\n\t\t\tName: pulumi.String(\"lake\"),\n\t\t\tDescription: pulumi.String(\"Lake for DCL\"),\n\t\t\tDisplayName: pulumi.String(\"Lake for DCL\"),\n\t\t\tProject: pulumi.String(\"my-project-name\"),\n\t\t\tLabels: pulumi.StringMap{\n\t\t\t\t\"my-lake\": pulumi.String(\"exists\"),\n\t\t\t},\n\t\t})\n\t\tif err != nil {\n\t\t\treturn err\n\t\t}\n\t\treturn nil\n\t})\n}\n```\n```java\npackage generated_program;\n\nimport com.pulumi.Context;\nimport com.pulumi.Pulumi;\nimport com.pulumi.core.Output;\nimport com.pulumi.gcp.dataplex.Lake;\nimport com.pulumi.gcp.dataplex.LakeArgs;\nimport java.util.List;\nimport java.util.ArrayList;\nimport java.util.Map;\nimport java.io.File;\nimport java.nio.file.Files;\nimport java.nio.file.Paths;\n\npublic class App {\n public static void main(String[] args) {\n Pulumi.run(App::stack);\n }\n\n public static void stack(Context ctx) {\n var primary = new Lake(\"primary\", LakeArgs.builder()\n .location(\"us-west1\")\n .name(\"lake\")\n .description(\"Lake for DCL\")\n .displayName(\"Lake for DCL\")\n .project(\"my-project-name\")\n .labels(Map.of(\"my-lake\", \"exists\"))\n .build());\n\n }\n}\n```\n```yaml\nresources:\n primary:\n type: gcp:dataplex:Lake\n properties:\n location: us-west1\n name: lake\n description: Lake for DCL\n displayName: Lake for DCL\n project: my-project-name\n labels:\n my-lake: exists\n```\n\u003c!--End PulumiCodeChooser --\u003e\n\n## Import\n\nLake can be imported using any of these accepted formats:\n\n* `projects/{{project}}/locations/{{location}}/lakes/{{name}}`\n\n* `{{project}}/{{location}}/{{name}}`\n\n* `{{location}}/{{name}}`\n\nWhen using the `pulumi import` command, Lake can be imported using one of the formats above. For example:\n\n```sh\n$ pulumi import gcp:dataplex/lake:Lake default projects/{{project}}/locations/{{location}}/lakes/{{name}}\n```\n\n```sh\n$ pulumi import gcp:dataplex/lake:Lake default {{project}}/{{location}}/{{name}}\n```\n\n```sh\n$ pulumi import gcp:dataplex/lake:Lake default {{location}}/{{name}}\n```\n\n", "properties": { @@ -176452,6 +178539,10 @@ "type": "string", "description": "The connection profile identifier.\n" }, + "createWithoutValidation": { + "type": "boolean", + "description": "Create the connection profile without validating it.\n" + }, "displayName": { "type": "string", "description": "Display name.\n" @@ -176539,6 +178630,11 @@ "description": "The connection profile identifier.\n", "willReplaceOnChanges": true }, + "createWithoutValidation": { + "type": "boolean", + "description": "Create the connection profile without validating it.\n", + "willReplaceOnChanges": true + }, "displayName": { "type": "string", "description": "Display name.\n" @@ -176606,6 +178702,11 @@ "description": "The connection profile identifier.\n", "willReplaceOnChanges": true }, + "createWithoutValidation": { + "type": "boolean", + "description": "Create the connection profile without validating it.\n", + "willReplaceOnChanges": true + }, "displayName": { "type": "string", "description": "Display name.\n" @@ -176682,6 +178783,10 @@ "gcp:datastream/privateConnection:PrivateConnection": { "description": "The PrivateConnection resource is used to establish private connectivity between Datastream and a customer's network.\n\n\nTo get more information about PrivateConnection, see:\n\n* [API documentation](https://cloud.google.com/datastream/docs/reference/rest/v1/projects.locations.privateConnections)\n* How-to Guides\n * [Official Documentation](https://cloud.google.com/datastream/docs/create-a-private-connectivity-configuration)\n\n## Example Usage\n\n### Datastream Private Connection Full\n\n\n\u003c!--Start PulumiCodeChooser --\u003e\n```typescript\nimport * as pulumi from \"@pulumi/pulumi\";\nimport * as gcp from \"@pulumi/gcp\";\n\nconst defaultNetwork = new gcp.compute.Network(\"default\", {name: \"my-network\"});\nconst _default = new gcp.datastream.PrivateConnection(\"default\", {\n displayName: \"Connection profile\",\n location: \"us-central1\",\n privateConnectionId: \"my-connection\",\n labels: {\n key: \"value\",\n },\n vpcPeeringConfig: {\n vpc: defaultNetwork.id,\n subnet: \"10.0.0.0/29\",\n },\n});\n```\n```python\nimport pulumi\nimport pulumi_gcp as gcp\n\ndefault_network = gcp.compute.Network(\"default\", name=\"my-network\")\ndefault = gcp.datastream.PrivateConnection(\"default\",\n display_name=\"Connection profile\",\n location=\"us-central1\",\n private_connection_id=\"my-connection\",\n labels={\n \"key\": \"value\",\n },\n vpc_peering_config=gcp.datastream.PrivateConnectionVpcPeeringConfigArgs(\n vpc=default_network.id,\n subnet=\"10.0.0.0/29\",\n ))\n```\n```csharp\nusing System.Collections.Generic;\nusing System.Linq;\nusing Pulumi;\nusing Gcp = Pulumi.Gcp;\n\nreturn await Deployment.RunAsync(() =\u003e \n{\n var defaultNetwork = new Gcp.Compute.Network(\"default\", new()\n {\n Name = \"my-network\",\n });\n\n var @default = new Gcp.Datastream.PrivateConnection(\"default\", new()\n {\n DisplayName = \"Connection profile\",\n Location = \"us-central1\",\n PrivateConnectionId = \"my-connection\",\n Labels = \n {\n { \"key\", \"value\" },\n },\n VpcPeeringConfig = new Gcp.Datastream.Inputs.PrivateConnectionVpcPeeringConfigArgs\n {\n Vpc = defaultNetwork.Id,\n Subnet = \"10.0.0.0/29\",\n },\n });\n\n});\n```\n```go\npackage main\n\nimport (\n\t\"github.com/pulumi/pulumi-gcp/sdk/v7/go/gcp/compute\"\n\t\"github.com/pulumi/pulumi-gcp/sdk/v7/go/gcp/datastream\"\n\t\"github.com/pulumi/pulumi/sdk/v3/go/pulumi\"\n)\n\nfunc main() {\n\tpulumi.Run(func(ctx *pulumi.Context) error {\n\t\tdefaultNetwork, err := compute.NewNetwork(ctx, \"default\", \u0026compute.NetworkArgs{\n\t\t\tName: pulumi.String(\"my-network\"),\n\t\t})\n\t\tif err != nil {\n\t\t\treturn err\n\t\t}\n\t\t_, err = datastream.NewPrivateConnection(ctx, \"default\", \u0026datastream.PrivateConnectionArgs{\n\t\t\tDisplayName: pulumi.String(\"Connection profile\"),\n\t\t\tLocation: pulumi.String(\"us-central1\"),\n\t\t\tPrivateConnectionId: pulumi.String(\"my-connection\"),\n\t\t\tLabels: pulumi.StringMap{\n\t\t\t\t\"key\": pulumi.String(\"value\"),\n\t\t\t},\n\t\t\tVpcPeeringConfig: \u0026datastream.PrivateConnectionVpcPeeringConfigArgs{\n\t\t\t\tVpc: defaultNetwork.ID(),\n\t\t\t\tSubnet: pulumi.String(\"10.0.0.0/29\"),\n\t\t\t},\n\t\t})\n\t\tif err != nil {\n\t\t\treturn err\n\t\t}\n\t\treturn nil\n\t})\n}\n```\n```java\npackage generated_program;\n\nimport com.pulumi.Context;\nimport com.pulumi.Pulumi;\nimport com.pulumi.core.Output;\nimport com.pulumi.gcp.compute.Network;\nimport com.pulumi.gcp.compute.NetworkArgs;\nimport com.pulumi.gcp.datastream.PrivateConnection;\nimport com.pulumi.gcp.datastream.PrivateConnectionArgs;\nimport com.pulumi.gcp.datastream.inputs.PrivateConnectionVpcPeeringConfigArgs;\nimport java.util.List;\nimport java.util.ArrayList;\nimport java.util.Map;\nimport java.io.File;\nimport java.nio.file.Files;\nimport java.nio.file.Paths;\n\npublic class App {\n public static void main(String[] args) {\n Pulumi.run(App::stack);\n }\n\n public static void stack(Context ctx) {\n var defaultNetwork = new Network(\"defaultNetwork\", NetworkArgs.builder()\n .name(\"my-network\")\n .build());\n\n var default_ = new PrivateConnection(\"default\", PrivateConnectionArgs.builder()\n .displayName(\"Connection profile\")\n .location(\"us-central1\")\n .privateConnectionId(\"my-connection\")\n .labels(Map.of(\"key\", \"value\"))\n .vpcPeeringConfig(PrivateConnectionVpcPeeringConfigArgs.builder()\n .vpc(defaultNetwork.id())\n .subnet(\"10.0.0.0/29\")\n .build())\n .build());\n\n }\n}\n```\n```yaml\nresources:\n default:\n type: gcp:datastream:PrivateConnection\n properties:\n displayName: Connection profile\n location: us-central1\n privateConnectionId: my-connection\n labels:\n key: value\n vpcPeeringConfig:\n vpc: ${defaultNetwork.id}\n subnet: 10.0.0.0/29\n defaultNetwork:\n type: gcp:compute:Network\n name: default\n properties:\n name: my-network\n```\n\u003c!--End PulumiCodeChooser --\u003e\n\n## Import\n\nPrivateConnection can be imported using any of these accepted formats:\n\n* `projects/{{project}}/locations/{{location}}/privateConnections/{{private_connection_id}}`\n\n* `{{project}}/{{location}}/{{private_connection_id}}`\n\n* `{{location}}/{{private_connection_id}}`\n\nWhen using the `pulumi import` command, PrivateConnection can be imported using one of the formats above. For example:\n\n```sh\n$ pulumi import gcp:datastream/privateConnection:PrivateConnection default projects/{{project}}/locations/{{location}}/privateConnections/{{private_connection_id}}\n```\n\n```sh\n$ pulumi import gcp:datastream/privateConnection:PrivateConnection default {{project}}/{{location}}/{{private_connection_id}}\n```\n\n```sh\n$ pulumi import gcp:datastream/privateConnection:PrivateConnection default {{location}}/{{private_connection_id}}\n```\n\n", "properties": { + "createWithoutValidation": { + "type": "boolean", + "description": "If set to true, will skip validations.\n" + }, "displayName": { "type": "string", "description": "Display name.\n" @@ -176753,6 +178858,11 @@ "vpcPeeringConfig" ], "inputProperties": { + "createWithoutValidation": { + "type": "boolean", + "description": "If set to true, will skip validations.\n", + "willReplaceOnChanges": true + }, "displayName": { "type": "string", "description": "Display name.\n", @@ -176794,6 +178904,11 @@ "stateInputs": { "description": "Input properties used for looking up and filtering PrivateConnection resources.\n", "properties": { + "createWithoutValidation": { + "type": "boolean", + "description": "If set to true, will skip validations.\n", + "willReplaceOnChanges": true + }, "displayName": { "type": "string", "description": "Display name.\n", @@ -176872,6 +178987,10 @@ "$ref": "#/types/gcp:datastream/StreamBackfillNone:StreamBackfillNone", "description": "Backfill strategy to disable automatic backfill for the Stream's objects.\n" }, + "createWithoutValidation": { + "type": "boolean", + "description": "Create the stream without validating it.\n" + }, "customerManagedEncryptionKey": { "type": "string", "description": "A reference to a KMS encryption key. If provided, it will be used to encrypt the data. If left blank, data will be\nencrypted using an internal Stream-specific encryption key provisioned through KMS.\n" @@ -176956,6 +179075,11 @@ "$ref": "#/types/gcp:datastream/StreamBackfillNone:StreamBackfillNone", "description": "Backfill strategy to disable automatic backfill for the Stream's objects.\n" }, + "createWithoutValidation": { + "type": "boolean", + "description": "Create the stream without validating it.\n", + "willReplaceOnChanges": true + }, "customerManagedEncryptionKey": { "type": "string", "description": "A reference to a KMS encryption key. If provided, it will be used to encrypt the data. If left blank, data will be\nencrypted using an internal Stream-specific encryption key provisioned through KMS.\n", @@ -177017,6 +179141,11 @@ "$ref": "#/types/gcp:datastream/StreamBackfillNone:StreamBackfillNone", "description": "Backfill strategy to disable automatic backfill for the Stream's objects.\n" }, + "createWithoutValidation": { + "type": "boolean", + "description": "Create the stream without validating it.\n", + "willReplaceOnChanges": true + }, "customerManagedEncryptionKey": { "type": "string", "description": "A reference to a KMS encryption key. If provided, it will be used to encrypt the data. If left blank, data will be\nencrypted using an internal Stream-specific encryption key provisioned through KMS.\n", @@ -200867,6 +202996,51 @@ "type": "object" } }, + "gcp:kms/autokeyConfig:AutokeyConfig": { + "description": "## Example Usage\n\n### Kms Autokey Config All\n\n\n\u003c!--Start PulumiCodeChooser --\u003e\n```typescript\nimport * as pulumi from \"@pulumi/pulumi\";\nimport * as gcp from \"@pulumi/gcp\";\nimport * as time from \"@pulumi/time\";\n\n// Create Folder in GCP Organization\nconst autokmsFolder = new gcp.organizations.Folder(\"autokms_folder\", {\n displayName: \"my-folder\",\n parent: \"organizations/123456789\",\n});\n// Create the key project\nconst keyProject = new gcp.organizations.Project(\"key_project\", {\n projectId: \"key-proj\",\n name: \"key-proj\",\n folderId: autokmsFolder.folderId,\n billingAccount: \"000000-0000000-0000000-000000\",\n}, {\n dependsOn: [autokmsFolder],\n});\n// Enable the Cloud KMS API\nconst kmsApiService = new gcp.projects.Service(\"kms_api_service\", {\n service: \"cloudkms.googleapis.com\",\n project: keyProject.projectId,\n disableOnDestroy: false,\n disableDependentServices: true,\n}, {\n dependsOn: [keyProject],\n});\n// Wait delay after enabling APIs\nconst waitEnableServiceApi = new time.index.Sleep(\"wait_enable_service_api\", {createDuration: \"30s\"}, {\n dependsOn: [kmsApiService],\n});\n//Create KMS Service Agent\nconst kmsServiceAgent = new gcp.projects.ServiceIdentity(\"kms_service_agent\", {\n service: \"cloudkms.googleapis.com\",\n project: keyProject.number,\n}, {\n dependsOn: [waitEnableServiceApi],\n});\n// Wait delay after creating service agent.\nconst waitServiceAgent = new time.index.Sleep(\"wait_service_agent\", {createDuration: \"10s\"}, {\n dependsOn: [kmsServiceAgent],\n});\n//Grant the KMS Service Agent the Cloud KMS Admin role\nconst autokeyProjectAdmin = new gcp.projects.IAMMember(\"autokey_project_admin\", {\n project: keyProject.projectId,\n role: \"roles/cloudkms.admin\",\n member: pulumi.interpolate`serviceAccount:service-${keyProject.number}@gcp-sa-cloudkms.iam.gserviceaccount.com`,\n}, {\n dependsOn: [waitServiceAgent],\n});\n// Wait delay after granting IAM permissions\nconst waitSrvAccPermissions = new time.index.Sleep(\"wait_srv_acc_permissions\", {createDuration: \"10s\"}, {\n dependsOn: [autokeyProjectAdmin],\n});\nconst example_autokeyconfig = new gcp.kms.AutokeyConfig(\"example-autokeyconfig\", {\n folder: autokmsFolder.folderId,\n keyProject: pulumi.interpolate`projects/${keyProject.projectId}`,\n}, {\n dependsOn: [waitSrvAccPermissions],\n});\n```\n```python\nimport pulumi\nimport pulumi_gcp as gcp\nimport pulumi_time as time\n\n# Create Folder in GCP Organization\nautokms_folder = gcp.organizations.Folder(\"autokms_folder\",\n display_name=\"my-folder\",\n parent=\"organizations/123456789\")\n# Create the key project\nkey_project = gcp.organizations.Project(\"key_project\",\n project_id=\"key-proj\",\n name=\"key-proj\",\n folder_id=autokms_folder.folder_id,\n billing_account=\"000000-0000000-0000000-000000\",\n opts=pulumi.ResourceOptions(depends_on=[autokms_folder]))\n# Enable the Cloud KMS API\nkms_api_service = gcp.projects.Service(\"kms_api_service\",\n service=\"cloudkms.googleapis.com\",\n project=key_project.project_id,\n disable_on_destroy=False,\n disable_dependent_services=True,\n opts=pulumi.ResourceOptions(depends_on=[key_project]))\n# Wait delay after enabling APIs\nwait_enable_service_api = time.index.Sleep(\"wait_enable_service_api\", create_duration=30s,\nopts=pulumi.ResourceOptions(depends_on=[kms_api_service]))\n#Create KMS Service Agent\nkms_service_agent = gcp.projects.ServiceIdentity(\"kms_service_agent\",\n service=\"cloudkms.googleapis.com\",\n project=key_project.number,\n opts=pulumi.ResourceOptions(depends_on=[wait_enable_service_api]))\n# Wait delay after creating service agent.\nwait_service_agent = time.index.Sleep(\"wait_service_agent\", create_duration=10s,\nopts=pulumi.ResourceOptions(depends_on=[kms_service_agent]))\n#Grant the KMS Service Agent the Cloud KMS Admin role\nautokey_project_admin = gcp.projects.IAMMember(\"autokey_project_admin\",\n project=key_project.project_id,\n role=\"roles/cloudkms.admin\",\n member=key_project.number.apply(lambda number: f\"serviceAccount:service-{number}@gcp-sa-cloudkms.iam.gserviceaccount.com\"),\n opts=pulumi.ResourceOptions(depends_on=[wait_service_agent]))\n# Wait delay after granting IAM permissions\nwait_srv_acc_permissions = time.index.Sleep(\"wait_srv_acc_permissions\", create_duration=10s,\nopts=pulumi.ResourceOptions(depends_on=[autokey_project_admin]))\nexample_autokeyconfig = gcp.kms.AutokeyConfig(\"example-autokeyconfig\",\n folder=autokms_folder.folder_id,\n key_project=key_project.project_id.apply(lambda project_id: f\"projects/{project_id}\"),\n opts=pulumi.ResourceOptions(depends_on=[wait_srv_acc_permissions]))\n```\n```csharp\nusing System.Collections.Generic;\nusing System.Linq;\nusing Pulumi;\nusing Gcp = Pulumi.Gcp;\nusing Time = Pulumi.Time;\n\nreturn await Deployment.RunAsync(() =\u003e \n{\n // Create Folder in GCP Organization\n var autokmsFolder = new Gcp.Organizations.Folder(\"autokms_folder\", new()\n {\n DisplayName = \"my-folder\",\n Parent = \"organizations/123456789\",\n });\n\n // Create the key project\n var keyProject = new Gcp.Organizations.Project(\"key_project\", new()\n {\n ProjectId = \"key-proj\",\n Name = \"key-proj\",\n FolderId = autokmsFolder.FolderId,\n BillingAccount = \"000000-0000000-0000000-000000\",\n }, new CustomResourceOptions\n {\n DependsOn =\n {\n autokmsFolder,\n },\n });\n\n // Enable the Cloud KMS API\n var kmsApiService = new Gcp.Projects.Service(\"kms_api_service\", new()\n {\n ServiceName = \"cloudkms.googleapis.com\",\n Project = keyProject.ProjectId,\n DisableOnDestroy = false,\n DisableDependentServices = true,\n }, new CustomResourceOptions\n {\n DependsOn =\n {\n keyProject,\n },\n });\n\n // Wait delay after enabling APIs\n var waitEnableServiceApi = new Time.Index.Sleep(\"wait_enable_service_api\", new()\n {\n CreateDuration = \"30s\",\n }, new CustomResourceOptions\n {\n DependsOn =\n {\n kmsApiService,\n },\n });\n\n //Create KMS Service Agent\n var kmsServiceAgent = new Gcp.Projects.ServiceIdentity(\"kms_service_agent\", new()\n {\n Service = \"cloudkms.googleapis.com\",\n Project = keyProject.Number,\n }, new CustomResourceOptions\n {\n DependsOn =\n {\n waitEnableServiceApi,\n },\n });\n\n // Wait delay after creating service agent.\n var waitServiceAgent = new Time.Index.Sleep(\"wait_service_agent\", new()\n {\n CreateDuration = \"10s\",\n }, new CustomResourceOptions\n {\n DependsOn =\n {\n kmsServiceAgent,\n },\n });\n\n //Grant the KMS Service Agent the Cloud KMS Admin role\n var autokeyProjectAdmin = new Gcp.Projects.IAMMember(\"autokey_project_admin\", new()\n {\n Project = keyProject.ProjectId,\n Role = \"roles/cloudkms.admin\",\n Member = keyProject.Number.Apply(number =\u003e $\"serviceAccount:service-{number}@gcp-sa-cloudkms.iam.gserviceaccount.com\"),\n }, new CustomResourceOptions\n {\n DependsOn =\n {\n waitServiceAgent,\n },\n });\n\n // Wait delay after granting IAM permissions\n var waitSrvAccPermissions = new Time.Index.Sleep(\"wait_srv_acc_permissions\", new()\n {\n CreateDuration = \"10s\",\n }, new CustomResourceOptions\n {\n DependsOn =\n {\n autokeyProjectAdmin,\n },\n });\n\n var example_autokeyconfig = new Gcp.Kms.AutokeyConfig(\"example-autokeyconfig\", new()\n {\n Folder = autokmsFolder.FolderId,\n KeyProject = keyProject.ProjectId.Apply(projectId =\u003e $\"projects/{projectId}\"),\n }, new CustomResourceOptions\n {\n DependsOn =\n {\n waitSrvAccPermissions,\n },\n });\n\n});\n```\n```go\npackage main\n\nimport (\n\t\"fmt\"\n\n\t\"github.com/pulumi/pulumi-gcp/sdk/v7/go/gcp/kms\"\n\t\"github.com/pulumi/pulumi-gcp/sdk/v7/go/gcp/organizations\"\n\t\"github.com/pulumi/pulumi-gcp/sdk/v7/go/gcp/projects\"\n\t\"github.com/pulumi/pulumi-time/sdk/go/time\"\n\t\"github.com/pulumi/pulumi/sdk/v3/go/pulumi\"\n)\n\nfunc main() {\n\tpulumi.Run(func(ctx *pulumi.Context) error {\n\t\t// Create Folder in GCP Organization\n\t\tautokmsFolder, err := organizations.NewFolder(ctx, \"autokms_folder\", \u0026organizations.FolderArgs{\n\t\t\tDisplayName: pulumi.String(\"my-folder\"),\n\t\t\tParent: pulumi.String(\"organizations/123456789\"),\n\t\t})\n\t\tif err != nil {\n\t\t\treturn err\n\t\t}\n\t\t// Create the key project\n\t\tkeyProject, err := organizations.NewProject(ctx, \"key_project\", \u0026organizations.ProjectArgs{\n\t\t\tProjectId: pulumi.String(\"key-proj\"),\n\t\t\tName: pulumi.String(\"key-proj\"),\n\t\t\tFolderId: autokmsFolder.FolderId,\n\t\t\tBillingAccount: pulumi.String(\"000000-0000000-0000000-000000\"),\n\t\t}, pulumi.DependsOn([]pulumi.Resource{\n\t\t\tautokmsFolder,\n\t\t}))\n\t\tif err != nil {\n\t\t\treturn err\n\t\t}\n\t\t// Enable the Cloud KMS API\n\t\tkmsApiService, err := projects.NewService(ctx, \"kms_api_service\", \u0026projects.ServiceArgs{\n\t\t\tService: pulumi.String(\"cloudkms.googleapis.com\"),\n\t\t\tProject: keyProject.ProjectId,\n\t\t\tDisableOnDestroy: pulumi.Bool(false),\n\t\t\tDisableDependentServices: pulumi.Bool(true),\n\t\t}, pulumi.DependsOn([]pulumi.Resource{\n\t\t\tkeyProject,\n\t\t}))\n\t\tif err != nil {\n\t\t\treturn err\n\t\t}\n\t\t// Wait delay after enabling APIs\n\t\twaitEnableServiceApi, err := time.NewSleep(ctx, \"wait_enable_service_api\", \u0026time.SleepArgs{\n\t\t\tCreateDuration: \"30s\",\n\t\t}, pulumi.DependsOn([]pulumi.Resource{\n\t\t\tkmsApiService,\n\t\t}))\n\t\tif err != nil {\n\t\t\treturn err\n\t\t}\n\t\t// Create KMS Service Agent\n\t\tkmsServiceAgent, err := projects.NewServiceIdentity(ctx, \"kms_service_agent\", \u0026projects.ServiceIdentityArgs{\n\t\t\tService: pulumi.String(\"cloudkms.googleapis.com\"),\n\t\t\tProject: keyProject.Number,\n\t\t}, pulumi.DependsOn([]pulumi.Resource{\n\t\t\twaitEnableServiceApi,\n\t\t}))\n\t\tif err != nil {\n\t\t\treturn err\n\t\t}\n\t\t// Wait delay after creating service agent.\n\t\twaitServiceAgent, err := time.NewSleep(ctx, \"wait_service_agent\", \u0026time.SleepArgs{\n\t\t\tCreateDuration: \"10s\",\n\t\t}, pulumi.DependsOn([]pulumi.Resource{\n\t\t\tkmsServiceAgent,\n\t\t}))\n\t\tif err != nil {\n\t\t\treturn err\n\t\t}\n\t\t// Grant the KMS Service Agent the Cloud KMS Admin role\n\t\tautokeyProjectAdmin, err := projects.NewIAMMember(ctx, \"autokey_project_admin\", \u0026projects.IAMMemberArgs{\n\t\t\tProject: keyProject.ProjectId,\n\t\t\tRole: pulumi.String(\"roles/cloudkms.admin\"),\n\t\t\tMember: keyProject.Number.ApplyT(func(number string) (string, error) {\n\t\t\t\treturn fmt.Sprintf(\"serviceAccount:service-%v@gcp-sa-cloudkms.iam.gserviceaccount.com\", number), nil\n\t\t\t}).(pulumi.StringOutput),\n\t\t}, pulumi.DependsOn([]pulumi.Resource{\n\t\t\twaitServiceAgent,\n\t\t}))\n\t\tif err != nil {\n\t\t\treturn err\n\t\t}\n\t\t// Wait delay after granting IAM permissions\n\t\twaitSrvAccPermissions, err := time.NewSleep(ctx, \"wait_srv_acc_permissions\", \u0026time.SleepArgs{\n\t\t\tCreateDuration: \"10s\",\n\t\t}, pulumi.DependsOn([]pulumi.Resource{\n\t\t\tautokeyProjectAdmin,\n\t\t}))\n\t\tif err != nil {\n\t\t\treturn err\n\t\t}\n\t\t_, err = kms.NewAutokeyConfig(ctx, \"example-autokeyconfig\", \u0026kms.AutokeyConfigArgs{\n\t\t\tFolder: autokmsFolder.FolderId,\n\t\t\tKeyProject: keyProject.ProjectId.ApplyT(func(projectId string) (string, error) {\n\t\t\t\treturn fmt.Sprintf(\"projects/%v\", projectId), nil\n\t\t\t}).(pulumi.StringOutput),\n\t\t}, pulumi.DependsOn([]pulumi.Resource{\n\t\t\twaitSrvAccPermissions,\n\t\t}))\n\t\tif err != nil {\n\t\t\treturn err\n\t\t}\n\t\treturn nil\n\t})\n}\n```\n```java\npackage generated_program;\n\nimport com.pulumi.Context;\nimport com.pulumi.Pulumi;\nimport com.pulumi.core.Output;\nimport com.pulumi.gcp.organizations.Folder;\nimport com.pulumi.gcp.organizations.FolderArgs;\nimport com.pulumi.gcp.organizations.Project;\nimport com.pulumi.gcp.organizations.ProjectArgs;\nimport com.pulumi.gcp.projects.Service;\nimport com.pulumi.gcp.projects.ServiceArgs;\nimport com.pulumi.time.sleep;\nimport com.pulumi.time.SleepArgs;\nimport com.pulumi.gcp.projects.ServiceIdentity;\nimport com.pulumi.gcp.projects.ServiceIdentityArgs;\nimport com.pulumi.gcp.projects.IAMMember;\nimport com.pulumi.gcp.projects.IAMMemberArgs;\nimport com.pulumi.gcp.kms.AutokeyConfig;\nimport com.pulumi.gcp.kms.AutokeyConfigArgs;\nimport com.pulumi.resources.CustomResourceOptions;\nimport java.util.List;\nimport java.util.ArrayList;\nimport java.util.Map;\nimport java.io.File;\nimport java.nio.file.Files;\nimport java.nio.file.Paths;\n\npublic class App {\n public static void main(String[] args) {\n Pulumi.run(App::stack);\n }\n\n public static void stack(Context ctx) {\n // Create Folder in GCP Organization\n var autokmsFolder = new Folder(\"autokmsFolder\", FolderArgs.builder()\n .displayName(\"my-folder\")\n .parent(\"organizations/123456789\")\n .build());\n\n // Create the key project\n var keyProject = new Project(\"keyProject\", ProjectArgs.builder()\n .projectId(\"key-proj\")\n .name(\"key-proj\")\n .folderId(autokmsFolder.folderId())\n .billingAccount(\"000000-0000000-0000000-000000\")\n .build(), CustomResourceOptions.builder()\n .dependsOn(autokmsFolder)\n .build());\n\n // Enable the Cloud KMS API\n var kmsApiService = new Service(\"kmsApiService\", ServiceArgs.builder()\n .service(\"cloudkms.googleapis.com\")\n .project(keyProject.projectId())\n .disableOnDestroy(false)\n .disableDependentServices(true)\n .build(), CustomResourceOptions.builder()\n .dependsOn(keyProject)\n .build());\n\n // Wait delay after enabling APIs\n var waitEnableServiceApi = new Sleep(\"waitEnableServiceApi\", SleepArgs.builder()\n .createDuration(\"30s\")\n .build(), CustomResourceOptions.builder()\n .dependsOn(kmsApiService)\n .build());\n\n //Create KMS Service Agent\n var kmsServiceAgent = new ServiceIdentity(\"kmsServiceAgent\", ServiceIdentityArgs.builder()\n .service(\"cloudkms.googleapis.com\")\n .project(keyProject.number())\n .build(), CustomResourceOptions.builder()\n .dependsOn(waitEnableServiceApi)\n .build());\n\n // Wait delay after creating service agent.\n var waitServiceAgent = new Sleep(\"waitServiceAgent\", SleepArgs.builder()\n .createDuration(\"10s\")\n .build(), CustomResourceOptions.builder()\n .dependsOn(kmsServiceAgent)\n .build());\n\n //Grant the KMS Service Agent the Cloud KMS Admin role\n var autokeyProjectAdmin = new IAMMember(\"autokeyProjectAdmin\", IAMMemberArgs.builder()\n .project(keyProject.projectId())\n .role(\"roles/cloudkms.admin\")\n .member(keyProject.number().applyValue(number -\u003e String.format(\"serviceAccount:service-%s@gcp-sa-cloudkms.iam.gserviceaccount.com\", number)))\n .build(), CustomResourceOptions.builder()\n .dependsOn(waitServiceAgent)\n .build());\n\n // Wait delay after granting IAM permissions\n var waitSrvAccPermissions = new Sleep(\"waitSrvAccPermissions\", SleepArgs.builder()\n .createDuration(\"10s\")\n .build(), CustomResourceOptions.builder()\n .dependsOn(autokeyProjectAdmin)\n .build());\n\n var example_autokeyconfig = new AutokeyConfig(\"example-autokeyconfig\", AutokeyConfigArgs.builder()\n .folder(autokmsFolder.folderId())\n .keyProject(keyProject.projectId().applyValue(projectId -\u003e String.format(\"projects/%s\", projectId)))\n .build(), CustomResourceOptions.builder()\n .dependsOn(waitSrvAccPermissions)\n .build());\n\n }\n}\n```\n```yaml\nresources:\n # Create Folder in GCP Organization\n autokmsFolder:\n type: gcp:organizations:Folder\n name: autokms_folder\n properties:\n displayName: my-folder\n parent: organizations/123456789\n # Create the key project\n keyProject:\n type: gcp:organizations:Project\n name: key_project\n properties:\n projectId: key-proj\n name: key-proj\n folderId: ${autokmsFolder.folderId}\n billingAccount: 000000-0000000-0000000-000000\n options:\n dependson:\n - ${autokmsFolder}\n # Enable the Cloud KMS API\n kmsApiService:\n type: gcp:projects:Service\n name: kms_api_service\n properties:\n service: cloudkms.googleapis.com\n project: ${keyProject.projectId}\n disableOnDestroy: false\n disableDependentServices: true\n options:\n dependson:\n - ${keyProject}\n # Wait delay after enabling APIs\n waitEnableServiceApi:\n type: time:sleep\n name: wait_enable_service_api\n properties:\n createDuration: 30s\n options:\n dependson:\n - ${kmsApiService}\n #Create KMS Service Agent\n kmsServiceAgent:\n type: gcp:projects:ServiceIdentity\n name: kms_service_agent\n properties:\n service: cloudkms.googleapis.com\n project: ${keyProject.number}\n options:\n dependson:\n - ${waitEnableServiceApi}\n # Wait delay after creating service agent.\n waitServiceAgent:\n type: time:sleep\n name: wait_service_agent\n properties:\n createDuration: 10s\n options:\n dependson:\n - ${kmsServiceAgent}\n #Grant the KMS Service Agent the Cloud KMS Admin role\n autokeyProjectAdmin:\n type: gcp:projects:IAMMember\n name: autokey_project_admin\n properties:\n project: ${keyProject.projectId}\n role: roles/cloudkms.admin\n member: serviceAccount:service-${keyProject.number}@gcp-sa-cloudkms.iam.gserviceaccount.com\n options:\n dependson:\n - ${waitServiceAgent}\n # Wait delay after granting IAM permissions\n waitSrvAccPermissions:\n type: time:sleep\n name: wait_srv_acc_permissions\n properties:\n createDuration: 10s\n options:\n dependson:\n - ${autokeyProjectAdmin}\n example-autokeyconfig:\n type: gcp:kms:AutokeyConfig\n properties:\n folder: ${autokmsFolder.folderId}\n keyProject: projects/${keyProject.projectId}\n options:\n dependson:\n - ${waitSrvAccPermissions}\n```\n\u003c!--End PulumiCodeChooser --\u003e\n\n## Import\n\nAutokeyConfig can be imported using any of these accepted formats:\n\n* `folders/{{folder}}/autokeyConfig`\n\n* `{{folder}}`\n\nWhen using the `pulumi import` command, AutokeyConfig can be imported using one of the formats above. For example:\n\n```sh\n$ pulumi import gcp:kms/autokeyConfig:AutokeyConfig default folders/{{folder}}/autokeyConfig\n```\n\n```sh\n$ pulumi import gcp:kms/autokeyConfig:AutokeyConfig default {{folder}}\n```\n\n", + "properties": { + "folder": { + "type": "string", + "description": "The folder for which to retrieve config.\n\n\n- - -\n" + }, + "keyProject": { + "type": "string", + "description": "The target key project for a given folder where KMS Autokey will provision a\nCryptoKey for any new KeyHandle the Developer creates. Should have the form\n`projects/\u003cproject_id_or_number\u003e`.\n" + } + }, + "required": [ + "folder" + ], + "inputProperties": { + "folder": { + "type": "string", + "description": "The folder for which to retrieve config.\n\n\n- - -\n", + "willReplaceOnChanges": true + }, + "keyProject": { + "type": "string", + "description": "The target key project for a given folder where KMS Autokey will provision a\nCryptoKey for any new KeyHandle the Developer creates. Should have the form\n`projects/\u003cproject_id_or_number\u003e`.\n" + } + }, + "requiredInputs": [ + "folder" + ], + "stateInputs": { + "description": "Input properties used for looking up and filtering AutokeyConfig resources.\n", + "properties": { + "folder": { + "type": "string", + "description": "The folder for which to retrieve config.\n\n\n- - -\n", + "willReplaceOnChanges": true + }, + "keyProject": { + "type": "string", + "description": "The target key project for a given folder where KMS Autokey will provision a\nCryptoKey for any new KeyHandle the Developer creates. Should have the form\n`projects/\u003cproject_id_or_number\u003e`.\n" + } + }, + "type": "object" + } + }, "gcp:kms/cryptoKey:CryptoKey": { "description": "A `CryptoKey` represents a logical key that can be used for cryptographic operations.\n\n\n\u003e **Note:** CryptoKeys cannot be deleted from Google Cloud Platform.\nDestroying a provider-managed CryptoKey will remove it from state\nand delete all CryptoKeyVersions, rendering the key unusable, but *will\nnot delete the resource from the project.* When the provider destroys these keys,\nany data previously encrypted with these keys will be irrecoverable.\nFor this reason, it is strongly recommended that you add\nlifecycle\nhooks to the resource to prevent accidental destruction.\n\n\nTo get more information about CryptoKey, see:\n\n* [API documentation](https://cloud.google.com/kms/docs/reference/rest/v1/projects.locations.keyRings.cryptoKeys)\n* How-to Guides\n * [Creating a key](https://cloud.google.com/kms/docs/creating-keys#create_a_key)\n\n## Example Usage\n\n### Kms Crypto Key Basic\n\n\n\u003c!--Start PulumiCodeChooser --\u003e\n```typescript\nimport * as pulumi from \"@pulumi/pulumi\";\nimport * as gcp from \"@pulumi/gcp\";\n\nconst keyring = new gcp.kms.KeyRing(\"keyring\", {\n name: \"keyring-example\",\n location: \"global\",\n});\nconst example_key = new gcp.kms.CryptoKey(\"example-key\", {\n name: \"crypto-key-example\",\n keyRing: keyring.id,\n rotationPeriod: \"7776000s\",\n});\n```\n```python\nimport pulumi\nimport pulumi_gcp as gcp\n\nkeyring = gcp.kms.KeyRing(\"keyring\",\n name=\"keyring-example\",\n location=\"global\")\nexample_key = gcp.kms.CryptoKey(\"example-key\",\n name=\"crypto-key-example\",\n key_ring=keyring.id,\n rotation_period=\"7776000s\")\n```\n```csharp\nusing System.Collections.Generic;\nusing System.Linq;\nusing Pulumi;\nusing Gcp = Pulumi.Gcp;\n\nreturn await Deployment.RunAsync(() =\u003e \n{\n var keyring = new Gcp.Kms.KeyRing(\"keyring\", new()\n {\n Name = \"keyring-example\",\n Location = \"global\",\n });\n\n var example_key = new Gcp.Kms.CryptoKey(\"example-key\", new()\n {\n Name = \"crypto-key-example\",\n KeyRing = keyring.Id,\n RotationPeriod = \"7776000s\",\n });\n\n});\n```\n```go\npackage main\n\nimport (\n\t\"github.com/pulumi/pulumi-gcp/sdk/v7/go/gcp/kms\"\n\t\"github.com/pulumi/pulumi/sdk/v3/go/pulumi\"\n)\n\nfunc main() {\n\tpulumi.Run(func(ctx *pulumi.Context) error {\n\t\tkeyring, err := kms.NewKeyRing(ctx, \"keyring\", \u0026kms.KeyRingArgs{\n\t\t\tName: pulumi.String(\"keyring-example\"),\n\t\t\tLocation: pulumi.String(\"global\"),\n\t\t})\n\t\tif err != nil {\n\t\t\treturn err\n\t\t}\n\t\t_, err = kms.NewCryptoKey(ctx, \"example-key\", \u0026kms.CryptoKeyArgs{\n\t\t\tName: pulumi.String(\"crypto-key-example\"),\n\t\t\tKeyRing: keyring.ID(),\n\t\t\tRotationPeriod: pulumi.String(\"7776000s\"),\n\t\t})\n\t\tif err != nil {\n\t\t\treturn err\n\t\t}\n\t\treturn nil\n\t})\n}\n```\n```java\npackage generated_program;\n\nimport com.pulumi.Context;\nimport com.pulumi.Pulumi;\nimport com.pulumi.core.Output;\nimport com.pulumi.gcp.kms.KeyRing;\nimport com.pulumi.gcp.kms.KeyRingArgs;\nimport com.pulumi.gcp.kms.CryptoKey;\nimport com.pulumi.gcp.kms.CryptoKeyArgs;\nimport java.util.List;\nimport java.util.ArrayList;\nimport java.util.Map;\nimport java.io.File;\nimport java.nio.file.Files;\nimport java.nio.file.Paths;\n\npublic class App {\n public static void main(String[] args) {\n Pulumi.run(App::stack);\n }\n\n public static void stack(Context ctx) {\n var keyring = new KeyRing(\"keyring\", KeyRingArgs.builder()\n .name(\"keyring-example\")\n .location(\"global\")\n .build());\n\n var example_key = new CryptoKey(\"example-key\", CryptoKeyArgs.builder()\n .name(\"crypto-key-example\")\n .keyRing(keyring.id())\n .rotationPeriod(\"7776000s\")\n .build());\n\n }\n}\n```\n```yaml\nresources:\n keyring:\n type: gcp:kms:KeyRing\n properties:\n name: keyring-example\n location: global\n example-key:\n type: gcp:kms:CryptoKey\n properties:\n name: crypto-key-example\n keyRing: ${keyring.id}\n rotationPeriod: 7776000s\n```\n\u003c!--End PulumiCodeChooser --\u003e\n### Kms Crypto Key Asymmetric Sign\n\n\n\u003c!--Start PulumiCodeChooser --\u003e\n```typescript\nimport * as pulumi from \"@pulumi/pulumi\";\nimport * as gcp from \"@pulumi/gcp\";\n\nconst keyring = new gcp.kms.KeyRing(\"keyring\", {\n name: \"keyring-example\",\n location: \"global\",\n});\nconst example_asymmetric_sign_key = new gcp.kms.CryptoKey(\"example-asymmetric-sign-key\", {\n name: \"crypto-key-example\",\n keyRing: keyring.id,\n purpose: \"ASYMMETRIC_SIGN\",\n versionTemplate: {\n algorithm: \"EC_SIGN_P384_SHA384\",\n },\n});\n```\n```python\nimport pulumi\nimport pulumi_gcp as gcp\n\nkeyring = gcp.kms.KeyRing(\"keyring\",\n name=\"keyring-example\",\n location=\"global\")\nexample_asymmetric_sign_key = gcp.kms.CryptoKey(\"example-asymmetric-sign-key\",\n name=\"crypto-key-example\",\n key_ring=keyring.id,\n purpose=\"ASYMMETRIC_SIGN\",\n version_template=gcp.kms.CryptoKeyVersionTemplateArgs(\n algorithm=\"EC_SIGN_P384_SHA384\",\n ))\n```\n```csharp\nusing System.Collections.Generic;\nusing System.Linq;\nusing Pulumi;\nusing Gcp = Pulumi.Gcp;\n\nreturn await Deployment.RunAsync(() =\u003e \n{\n var keyring = new Gcp.Kms.KeyRing(\"keyring\", new()\n {\n Name = \"keyring-example\",\n Location = \"global\",\n });\n\n var example_asymmetric_sign_key = new Gcp.Kms.CryptoKey(\"example-asymmetric-sign-key\", new()\n {\n Name = \"crypto-key-example\",\n KeyRing = keyring.Id,\n Purpose = \"ASYMMETRIC_SIGN\",\n VersionTemplate = new Gcp.Kms.Inputs.CryptoKeyVersionTemplateArgs\n {\n Algorithm = \"EC_SIGN_P384_SHA384\",\n },\n });\n\n});\n```\n```go\npackage main\n\nimport (\n\t\"github.com/pulumi/pulumi-gcp/sdk/v7/go/gcp/kms\"\n\t\"github.com/pulumi/pulumi/sdk/v3/go/pulumi\"\n)\n\nfunc main() {\n\tpulumi.Run(func(ctx *pulumi.Context) error {\n\t\tkeyring, err := kms.NewKeyRing(ctx, \"keyring\", \u0026kms.KeyRingArgs{\n\t\t\tName: pulumi.String(\"keyring-example\"),\n\t\t\tLocation: pulumi.String(\"global\"),\n\t\t})\n\t\tif err != nil {\n\t\t\treturn err\n\t\t}\n\t\t_, err = kms.NewCryptoKey(ctx, \"example-asymmetric-sign-key\", \u0026kms.CryptoKeyArgs{\n\t\t\tName: pulumi.String(\"crypto-key-example\"),\n\t\t\tKeyRing: keyring.ID(),\n\t\t\tPurpose: pulumi.String(\"ASYMMETRIC_SIGN\"),\n\t\t\tVersionTemplate: \u0026kms.CryptoKeyVersionTemplateArgs{\n\t\t\t\tAlgorithm: pulumi.String(\"EC_SIGN_P384_SHA384\"),\n\t\t\t},\n\t\t})\n\t\tif err != nil {\n\t\t\treturn err\n\t\t}\n\t\treturn nil\n\t})\n}\n```\n```java\npackage generated_program;\n\nimport com.pulumi.Context;\nimport com.pulumi.Pulumi;\nimport com.pulumi.core.Output;\nimport com.pulumi.gcp.kms.KeyRing;\nimport com.pulumi.gcp.kms.KeyRingArgs;\nimport com.pulumi.gcp.kms.CryptoKey;\nimport com.pulumi.gcp.kms.CryptoKeyArgs;\nimport com.pulumi.gcp.kms.inputs.CryptoKeyVersionTemplateArgs;\nimport java.util.List;\nimport java.util.ArrayList;\nimport java.util.Map;\nimport java.io.File;\nimport java.nio.file.Files;\nimport java.nio.file.Paths;\n\npublic class App {\n public static void main(String[] args) {\n Pulumi.run(App::stack);\n }\n\n public static void stack(Context ctx) {\n var keyring = new KeyRing(\"keyring\", KeyRingArgs.builder()\n .name(\"keyring-example\")\n .location(\"global\")\n .build());\n\n var example_asymmetric_sign_key = new CryptoKey(\"example-asymmetric-sign-key\", CryptoKeyArgs.builder()\n .name(\"crypto-key-example\")\n .keyRing(keyring.id())\n .purpose(\"ASYMMETRIC_SIGN\")\n .versionTemplate(CryptoKeyVersionTemplateArgs.builder()\n .algorithm(\"EC_SIGN_P384_SHA384\")\n .build())\n .build());\n\n }\n}\n```\n```yaml\nresources:\n keyring:\n type: gcp:kms:KeyRing\n properties:\n name: keyring-example\n location: global\n example-asymmetric-sign-key:\n type: gcp:kms:CryptoKey\n properties:\n name: crypto-key-example\n keyRing: ${keyring.id}\n purpose: ASYMMETRIC_SIGN\n versionTemplate:\n algorithm: EC_SIGN_P384_SHA384\n```\n\u003c!--End PulumiCodeChooser --\u003e\n\n## Import\n\nCryptoKey can be imported using any of these accepted formats:\n\n* `{{key_ring}}/cryptoKeys/{{name}}`\n\n* `{{key_ring}}/{{name}}`\n\nWhen using the `pulumi import` command, CryptoKey can be imported using one of the formats above. For example:\n\n```sh\n$ pulumi import gcp:kms/cryptoKey:CryptoKey default {{key_ring}}/cryptoKeys/{{name}}\n```\n\n```sh\n$ pulumi import gcp:kms/cryptoKey:CryptoKey default {{key_ring}}/{{name}}\n```\n\n", "properties": { @@ -201561,6 +203735,94 @@ "type": "object" } }, + "gcp:kms/keyHandle:KeyHandle": { + "description": "## Example Usage\n\n### Kms Key Handle Basic\n\n\n\u003c!--Start PulumiCodeChooser --\u003e\n```typescript\nimport * as pulumi from \"@pulumi/pulumi\";\nimport * as gcp from \"@pulumi/gcp\";\nimport * as time from \"@pulumi/time\";\n\n// Create Folder in GCP Organization\nconst autokmsFolder = new gcp.organizations.Folder(\"autokms_folder\", {\n displayName: \"folder-example\",\n parent: \"organizations/123456789\",\n});\n// Create the key project\nconst keyProject = new gcp.organizations.Project(\"key_project\", {\n projectId: \"key-proj\",\n name: \"key-proj\",\n folderId: autokmsFolder.folderId,\n billingAccount: \"000000-0000000-0000000-000000\",\n}, {\n dependsOn: [autokmsFolder],\n});\n// Create the resource project\nconst resourceProject = new gcp.organizations.Project(\"resource_project\", {\n projectId: \"resources\",\n name: \"resources\",\n folderId: autokmsFolder.folderId,\n billingAccount: \"000000-0000000-0000000-000000\",\n}, {\n dependsOn: [autokmsFolder],\n});\n// Enable the Cloud KMS API\nconst kmsApiService = new gcp.projects.Service(\"kms_api_service\", {\n service: \"cloudkms.googleapis.com\",\n project: keyProject.projectId,\n disableOnDestroy: false,\n disableDependentServices: true,\n}, {\n dependsOn: [keyProject],\n});\n// Wait delay after enabling APIs\nconst waitEnableServiceApi = new time.index.Sleep(\"wait_enable_service_api\", {createDuration: \"30s\"}, {\n dependsOn: [kmsApiService],\n});\n//Create KMS Service Agent\nconst kmsServiceAgent = new gcp.projects.ServiceIdentity(\"kms_service_agent\", {\n service: \"cloudkms.googleapis.com\",\n project: keyProject.number,\n}, {\n dependsOn: [waitEnableServiceApi],\n});\n// Wait delay after creating service agent.\nconst waitServiceAgent = new time.index.Sleep(\"wait_service_agent\", {createDuration: \"10s\"}, {\n dependsOn: [kmsServiceAgent],\n});\n//Grant the KMS Service Agent the Cloud KMS Admin role\nconst autokeyProjectAdmin = new gcp.projects.IAMMember(\"autokey_project_admin\", {\n project: keyProject.projectId,\n role: \"roles/cloudkms.admin\",\n member: pulumi.interpolate`serviceAccount:service-${keyProject.number}@gcp-sa-cloudkms.iam.gserviceaccount.com`,\n}, {\n dependsOn: [waitServiceAgent],\n});\n// Wait delay after granting IAM permissions\nconst waitSrvAccPermissions = new time.index.Sleep(\"wait_srv_acc_permissions\", {createDuration: \"10s\"}, {\n dependsOn: [autokeyProjectAdmin],\n});\nconst autokeyConfig = new gcp.kms.AutokeyConfig(\"autokey_config\", {\n folder: autokmsFolder.folderId,\n keyProject: pulumi.interpolate`projects/${keyProject.projectId}`,\n}, {\n dependsOn: [waitSrvAccPermissions],\n});\n// Wait delay for autokey config to take effect\nconst waitAutokeyConfig = new time.index.Sleep(\"wait_autokey_config\", {createDuration: \"10s\"}, {\n dependsOn: [autokeyConfig],\n});\nconst example_keyhandle = new gcp.kms.KeyHandle(\"example-keyhandle\", {\n project: resourceProject.projectId,\n name: \"example-key-handle\",\n location: \"global\",\n resourceTypeSelector: \"storage.googleapis.com/Bucket\",\n}, {\n dependsOn: [waitAutokeyConfig],\n});\n```\n```python\nimport pulumi\nimport pulumi_gcp as gcp\nimport pulumi_time as time\n\n# Create Folder in GCP Organization\nautokms_folder = gcp.organizations.Folder(\"autokms_folder\",\n display_name=\"folder-example\",\n parent=\"organizations/123456789\")\n# Create the key project\nkey_project = gcp.organizations.Project(\"key_project\",\n project_id=\"key-proj\",\n name=\"key-proj\",\n folder_id=autokms_folder.folder_id,\n billing_account=\"000000-0000000-0000000-000000\",\n opts=pulumi.ResourceOptions(depends_on=[autokms_folder]))\n# Create the resource project\nresource_project = gcp.organizations.Project(\"resource_project\",\n project_id=\"resources\",\n name=\"resources\",\n folder_id=autokms_folder.folder_id,\n billing_account=\"000000-0000000-0000000-000000\",\n opts=pulumi.ResourceOptions(depends_on=[autokms_folder]))\n# Enable the Cloud KMS API\nkms_api_service = gcp.projects.Service(\"kms_api_service\",\n service=\"cloudkms.googleapis.com\",\n project=key_project.project_id,\n disable_on_destroy=False,\n disable_dependent_services=True,\n opts=pulumi.ResourceOptions(depends_on=[key_project]))\n# Wait delay after enabling APIs\nwait_enable_service_api = time.index.Sleep(\"wait_enable_service_api\", create_duration=30s,\nopts=pulumi.ResourceOptions(depends_on=[kms_api_service]))\n#Create KMS Service Agent\nkms_service_agent = gcp.projects.ServiceIdentity(\"kms_service_agent\",\n service=\"cloudkms.googleapis.com\",\n project=key_project.number,\n opts=pulumi.ResourceOptions(depends_on=[wait_enable_service_api]))\n# Wait delay after creating service agent.\nwait_service_agent = time.index.Sleep(\"wait_service_agent\", create_duration=10s,\nopts=pulumi.ResourceOptions(depends_on=[kms_service_agent]))\n#Grant the KMS Service Agent the Cloud KMS Admin role\nautokey_project_admin = gcp.projects.IAMMember(\"autokey_project_admin\",\n project=key_project.project_id,\n role=\"roles/cloudkms.admin\",\n member=key_project.number.apply(lambda number: f\"serviceAccount:service-{number}@gcp-sa-cloudkms.iam.gserviceaccount.com\"),\n opts=pulumi.ResourceOptions(depends_on=[wait_service_agent]))\n# Wait delay after granting IAM permissions\nwait_srv_acc_permissions = time.index.Sleep(\"wait_srv_acc_permissions\", create_duration=10s,\nopts=pulumi.ResourceOptions(depends_on=[autokey_project_admin]))\nautokey_config = gcp.kms.AutokeyConfig(\"autokey_config\",\n folder=autokms_folder.folder_id,\n key_project=key_project.project_id.apply(lambda project_id: f\"projects/{project_id}\"),\n opts=pulumi.ResourceOptions(depends_on=[wait_srv_acc_permissions]))\n# Wait delay for autokey config to take effect\nwait_autokey_config = time.index.Sleep(\"wait_autokey_config\", create_duration=10s,\nopts=pulumi.ResourceOptions(depends_on=[autokey_config]))\nexample_keyhandle = gcp.kms.KeyHandle(\"example-keyhandle\",\n project=resource_project.project_id,\n name=\"example-key-handle\",\n location=\"global\",\n resource_type_selector=\"storage.googleapis.com/Bucket\",\n opts=pulumi.ResourceOptions(depends_on=[wait_autokey_config]))\n```\n```csharp\nusing System.Collections.Generic;\nusing System.Linq;\nusing Pulumi;\nusing Gcp = Pulumi.Gcp;\nusing Time = Pulumi.Time;\n\nreturn await Deployment.RunAsync(() =\u003e \n{\n // Create Folder in GCP Organization\n var autokmsFolder = new Gcp.Organizations.Folder(\"autokms_folder\", new()\n {\n DisplayName = \"folder-example\",\n Parent = \"organizations/123456789\",\n });\n\n // Create the key project\n var keyProject = new Gcp.Organizations.Project(\"key_project\", new()\n {\n ProjectId = \"key-proj\",\n Name = \"key-proj\",\n FolderId = autokmsFolder.FolderId,\n BillingAccount = \"000000-0000000-0000000-000000\",\n }, new CustomResourceOptions\n {\n DependsOn =\n {\n autokmsFolder,\n },\n });\n\n // Create the resource project\n var resourceProject = new Gcp.Organizations.Project(\"resource_project\", new()\n {\n ProjectId = \"resources\",\n Name = \"resources\",\n FolderId = autokmsFolder.FolderId,\n BillingAccount = \"000000-0000000-0000000-000000\",\n }, new CustomResourceOptions\n {\n DependsOn =\n {\n autokmsFolder,\n },\n });\n\n // Enable the Cloud KMS API\n var kmsApiService = new Gcp.Projects.Service(\"kms_api_service\", new()\n {\n ServiceName = \"cloudkms.googleapis.com\",\n Project = keyProject.ProjectId,\n DisableOnDestroy = false,\n DisableDependentServices = true,\n }, new CustomResourceOptions\n {\n DependsOn =\n {\n keyProject,\n },\n });\n\n // Wait delay after enabling APIs\n var waitEnableServiceApi = new Time.Index.Sleep(\"wait_enable_service_api\", new()\n {\n CreateDuration = \"30s\",\n }, new CustomResourceOptions\n {\n DependsOn =\n {\n kmsApiService,\n },\n });\n\n //Create KMS Service Agent\n var kmsServiceAgent = new Gcp.Projects.ServiceIdentity(\"kms_service_agent\", new()\n {\n Service = \"cloudkms.googleapis.com\",\n Project = keyProject.Number,\n }, new CustomResourceOptions\n {\n DependsOn =\n {\n waitEnableServiceApi,\n },\n });\n\n // Wait delay after creating service agent.\n var waitServiceAgent = new Time.Index.Sleep(\"wait_service_agent\", new()\n {\n CreateDuration = \"10s\",\n }, new CustomResourceOptions\n {\n DependsOn =\n {\n kmsServiceAgent,\n },\n });\n\n //Grant the KMS Service Agent the Cloud KMS Admin role\n var autokeyProjectAdmin = new Gcp.Projects.IAMMember(\"autokey_project_admin\", new()\n {\n Project = keyProject.ProjectId,\n Role = \"roles/cloudkms.admin\",\n Member = keyProject.Number.Apply(number =\u003e $\"serviceAccount:service-{number}@gcp-sa-cloudkms.iam.gserviceaccount.com\"),\n }, new CustomResourceOptions\n {\n DependsOn =\n {\n waitServiceAgent,\n },\n });\n\n // Wait delay after granting IAM permissions\n var waitSrvAccPermissions = new Time.Index.Sleep(\"wait_srv_acc_permissions\", new()\n {\n CreateDuration = \"10s\",\n }, new CustomResourceOptions\n {\n DependsOn =\n {\n autokeyProjectAdmin,\n },\n });\n\n var autokeyConfig = new Gcp.Kms.AutokeyConfig(\"autokey_config\", new()\n {\n Folder = autokmsFolder.FolderId,\n KeyProject = keyProject.ProjectId.Apply(projectId =\u003e $\"projects/{projectId}\"),\n }, new CustomResourceOptions\n {\n DependsOn =\n {\n waitSrvAccPermissions,\n },\n });\n\n // Wait delay for autokey config to take effect\n var waitAutokeyConfig = new Time.Index.Sleep(\"wait_autokey_config\", new()\n {\n CreateDuration = \"10s\",\n }, new CustomResourceOptions\n {\n DependsOn =\n {\n autokeyConfig,\n },\n });\n\n var example_keyhandle = new Gcp.Kms.KeyHandle(\"example-keyhandle\", new()\n {\n Project = resourceProject.ProjectId,\n Name = \"example-key-handle\",\n Location = \"global\",\n ResourceTypeSelector = \"storage.googleapis.com/Bucket\",\n }, new CustomResourceOptions\n {\n DependsOn =\n {\n waitAutokeyConfig,\n },\n });\n\n});\n```\n```go\npackage main\n\nimport (\n\t\"fmt\"\n\n\t\"github.com/pulumi/pulumi-gcp/sdk/v7/go/gcp/kms\"\n\t\"github.com/pulumi/pulumi-gcp/sdk/v7/go/gcp/organizations\"\n\t\"github.com/pulumi/pulumi-gcp/sdk/v7/go/gcp/projects\"\n\t\"github.com/pulumi/pulumi-time/sdk/go/time\"\n\t\"github.com/pulumi/pulumi/sdk/v3/go/pulumi\"\n)\n\nfunc main() {\n\tpulumi.Run(func(ctx *pulumi.Context) error {\n\t\t// Create Folder in GCP Organization\n\t\tautokmsFolder, err := organizations.NewFolder(ctx, \"autokms_folder\", \u0026organizations.FolderArgs{\n\t\t\tDisplayName: pulumi.String(\"folder-example\"),\n\t\t\tParent: pulumi.String(\"organizations/123456789\"),\n\t\t})\n\t\tif err != nil {\n\t\t\treturn err\n\t\t}\n\t\t// Create the key project\n\t\tkeyProject, err := organizations.NewProject(ctx, \"key_project\", \u0026organizations.ProjectArgs{\n\t\t\tProjectId: pulumi.String(\"key-proj\"),\n\t\t\tName: pulumi.String(\"key-proj\"),\n\t\t\tFolderId: autokmsFolder.FolderId,\n\t\t\tBillingAccount: pulumi.String(\"000000-0000000-0000000-000000\"),\n\t\t}, pulumi.DependsOn([]pulumi.Resource{\n\t\t\tautokmsFolder,\n\t\t}))\n\t\tif err != nil {\n\t\t\treturn err\n\t\t}\n\t\t// Create the resource project\n\t\tresourceProject, err := organizations.NewProject(ctx, \"resource_project\", \u0026organizations.ProjectArgs{\n\t\t\tProjectId: pulumi.String(\"resources\"),\n\t\t\tName: pulumi.String(\"resources\"),\n\t\t\tFolderId: autokmsFolder.FolderId,\n\t\t\tBillingAccount: pulumi.String(\"000000-0000000-0000000-000000\"),\n\t\t}, pulumi.DependsOn([]pulumi.Resource{\n\t\t\tautokmsFolder,\n\t\t}))\n\t\tif err != nil {\n\t\t\treturn err\n\t\t}\n\t\t// Enable the Cloud KMS API\n\t\tkmsApiService, err := projects.NewService(ctx, \"kms_api_service\", \u0026projects.ServiceArgs{\n\t\t\tService: pulumi.String(\"cloudkms.googleapis.com\"),\n\t\t\tProject: keyProject.ProjectId,\n\t\t\tDisableOnDestroy: pulumi.Bool(false),\n\t\t\tDisableDependentServices: pulumi.Bool(true),\n\t\t}, pulumi.DependsOn([]pulumi.Resource{\n\t\t\tkeyProject,\n\t\t}))\n\t\tif err != nil {\n\t\t\treturn err\n\t\t}\n\t\t// Wait delay after enabling APIs\n\t\twaitEnableServiceApi, err := time.NewSleep(ctx, \"wait_enable_service_api\", \u0026time.SleepArgs{\n\t\t\tCreateDuration: \"30s\",\n\t\t}, pulumi.DependsOn([]pulumi.Resource{\n\t\t\tkmsApiService,\n\t\t}))\n\t\tif err != nil {\n\t\t\treturn err\n\t\t}\n\t\t// Create KMS Service Agent\n\t\tkmsServiceAgent, err := projects.NewServiceIdentity(ctx, \"kms_service_agent\", \u0026projects.ServiceIdentityArgs{\n\t\t\tService: pulumi.String(\"cloudkms.googleapis.com\"),\n\t\t\tProject: keyProject.Number,\n\t\t}, pulumi.DependsOn([]pulumi.Resource{\n\t\t\twaitEnableServiceApi,\n\t\t}))\n\t\tif err != nil {\n\t\t\treturn err\n\t\t}\n\t\t// Wait delay after creating service agent.\n\t\twaitServiceAgent, err := time.NewSleep(ctx, \"wait_service_agent\", \u0026time.SleepArgs{\n\t\t\tCreateDuration: \"10s\",\n\t\t}, pulumi.DependsOn([]pulumi.Resource{\n\t\t\tkmsServiceAgent,\n\t\t}))\n\t\tif err != nil {\n\t\t\treturn err\n\t\t}\n\t\t// Grant the KMS Service Agent the Cloud KMS Admin role\n\t\tautokeyProjectAdmin, err := projects.NewIAMMember(ctx, \"autokey_project_admin\", \u0026projects.IAMMemberArgs{\n\t\t\tProject: keyProject.ProjectId,\n\t\t\tRole: pulumi.String(\"roles/cloudkms.admin\"),\n\t\t\tMember: keyProject.Number.ApplyT(func(number string) (string, error) {\n\t\t\t\treturn fmt.Sprintf(\"serviceAccount:service-%v@gcp-sa-cloudkms.iam.gserviceaccount.com\", number), nil\n\t\t\t}).(pulumi.StringOutput),\n\t\t}, pulumi.DependsOn([]pulumi.Resource{\n\t\t\twaitServiceAgent,\n\t\t}))\n\t\tif err != nil {\n\t\t\treturn err\n\t\t}\n\t\t// Wait delay after granting IAM permissions\n\t\twaitSrvAccPermissions, err := time.NewSleep(ctx, \"wait_srv_acc_permissions\", \u0026time.SleepArgs{\n\t\t\tCreateDuration: \"10s\",\n\t\t}, pulumi.DependsOn([]pulumi.Resource{\n\t\t\tautokeyProjectAdmin,\n\t\t}))\n\t\tif err != nil {\n\t\t\treturn err\n\t\t}\n\t\tautokeyConfig, err := kms.NewAutokeyConfig(ctx, \"autokey_config\", \u0026kms.AutokeyConfigArgs{\n\t\t\tFolder: autokmsFolder.FolderId,\n\t\t\tKeyProject: keyProject.ProjectId.ApplyT(func(projectId string) (string, error) {\n\t\t\t\treturn fmt.Sprintf(\"projects/%v\", projectId), nil\n\t\t\t}).(pulumi.StringOutput),\n\t\t}, pulumi.DependsOn([]pulumi.Resource{\n\t\t\twaitSrvAccPermissions,\n\t\t}))\n\t\tif err != nil {\n\t\t\treturn err\n\t\t}\n\t\t// Wait delay for autokey config to take effect\n\t\twaitAutokeyConfig, err := time.NewSleep(ctx, \"wait_autokey_config\", \u0026time.SleepArgs{\n\t\t\tCreateDuration: \"10s\",\n\t\t}, pulumi.DependsOn([]pulumi.Resource{\n\t\t\tautokeyConfig,\n\t\t}))\n\t\tif err != nil {\n\t\t\treturn err\n\t\t}\n\t\t_, err = kms.NewKeyHandle(ctx, \"example-keyhandle\", \u0026kms.KeyHandleArgs{\n\t\t\tProject: resourceProject.ProjectId,\n\t\t\tName: pulumi.String(\"example-key-handle\"),\n\t\t\tLocation: pulumi.String(\"global\"),\n\t\t\tResourceTypeSelector: pulumi.String(\"storage.googleapis.com/Bucket\"),\n\t\t}, pulumi.DependsOn([]pulumi.Resource{\n\t\t\twaitAutokeyConfig,\n\t\t}))\n\t\tif err != nil {\n\t\t\treturn err\n\t\t}\n\t\treturn nil\n\t})\n}\n```\n```java\npackage generated_program;\n\nimport com.pulumi.Context;\nimport com.pulumi.Pulumi;\nimport com.pulumi.core.Output;\nimport com.pulumi.gcp.organizations.Folder;\nimport com.pulumi.gcp.organizations.FolderArgs;\nimport com.pulumi.gcp.organizations.Project;\nimport com.pulumi.gcp.organizations.ProjectArgs;\nimport com.pulumi.gcp.projects.Service;\nimport com.pulumi.gcp.projects.ServiceArgs;\nimport com.pulumi.time.sleep;\nimport com.pulumi.time.SleepArgs;\nimport com.pulumi.gcp.projects.ServiceIdentity;\nimport com.pulumi.gcp.projects.ServiceIdentityArgs;\nimport com.pulumi.gcp.projects.IAMMember;\nimport com.pulumi.gcp.projects.IAMMemberArgs;\nimport com.pulumi.gcp.kms.AutokeyConfig;\nimport com.pulumi.gcp.kms.AutokeyConfigArgs;\nimport com.pulumi.gcp.kms.KeyHandle;\nimport com.pulumi.gcp.kms.KeyHandleArgs;\nimport com.pulumi.resources.CustomResourceOptions;\nimport java.util.List;\nimport java.util.ArrayList;\nimport java.util.Map;\nimport java.io.File;\nimport java.nio.file.Files;\nimport java.nio.file.Paths;\n\npublic class App {\n public static void main(String[] args) {\n Pulumi.run(App::stack);\n }\n\n public static void stack(Context ctx) {\n // Create Folder in GCP Organization\n var autokmsFolder = new Folder(\"autokmsFolder\", FolderArgs.builder()\n .displayName(\"folder-example\")\n .parent(\"organizations/123456789\")\n .build());\n\n // Create the key project\n var keyProject = new Project(\"keyProject\", ProjectArgs.builder()\n .projectId(\"key-proj\")\n .name(\"key-proj\")\n .folderId(autokmsFolder.folderId())\n .billingAccount(\"000000-0000000-0000000-000000\")\n .build(), CustomResourceOptions.builder()\n .dependsOn(autokmsFolder)\n .build());\n\n // Create the resource project\n var resourceProject = new Project(\"resourceProject\", ProjectArgs.builder()\n .projectId(\"resources\")\n .name(\"resources\")\n .folderId(autokmsFolder.folderId())\n .billingAccount(\"000000-0000000-0000000-000000\")\n .build(), CustomResourceOptions.builder()\n .dependsOn(autokmsFolder)\n .build());\n\n // Enable the Cloud KMS API\n var kmsApiService = new Service(\"kmsApiService\", ServiceArgs.builder()\n .service(\"cloudkms.googleapis.com\")\n .project(keyProject.projectId())\n .disableOnDestroy(false)\n .disableDependentServices(true)\n .build(), CustomResourceOptions.builder()\n .dependsOn(keyProject)\n .build());\n\n // Wait delay after enabling APIs\n var waitEnableServiceApi = new Sleep(\"waitEnableServiceApi\", SleepArgs.builder()\n .createDuration(\"30s\")\n .build(), CustomResourceOptions.builder()\n .dependsOn(kmsApiService)\n .build());\n\n //Create KMS Service Agent\n var kmsServiceAgent = new ServiceIdentity(\"kmsServiceAgent\", ServiceIdentityArgs.builder()\n .service(\"cloudkms.googleapis.com\")\n .project(keyProject.number())\n .build(), CustomResourceOptions.builder()\n .dependsOn(waitEnableServiceApi)\n .build());\n\n // Wait delay after creating service agent.\n var waitServiceAgent = new Sleep(\"waitServiceAgent\", SleepArgs.builder()\n .createDuration(\"10s\")\n .build(), CustomResourceOptions.builder()\n .dependsOn(kmsServiceAgent)\n .build());\n\n //Grant the KMS Service Agent the Cloud KMS Admin role\n var autokeyProjectAdmin = new IAMMember(\"autokeyProjectAdmin\", IAMMemberArgs.builder()\n .project(keyProject.projectId())\n .role(\"roles/cloudkms.admin\")\n .member(keyProject.number().applyValue(number -\u003e String.format(\"serviceAccount:service-%s@gcp-sa-cloudkms.iam.gserviceaccount.com\", number)))\n .build(), CustomResourceOptions.builder()\n .dependsOn(waitServiceAgent)\n .build());\n\n // Wait delay after granting IAM permissions\n var waitSrvAccPermissions = new Sleep(\"waitSrvAccPermissions\", SleepArgs.builder()\n .createDuration(\"10s\")\n .build(), CustomResourceOptions.builder()\n .dependsOn(autokeyProjectAdmin)\n .build());\n\n var autokeyConfig = new AutokeyConfig(\"autokeyConfig\", AutokeyConfigArgs.builder()\n .folder(autokmsFolder.folderId())\n .keyProject(keyProject.projectId().applyValue(projectId -\u003e String.format(\"projects/%s\", projectId)))\n .build(), CustomResourceOptions.builder()\n .dependsOn(waitSrvAccPermissions)\n .build());\n\n // Wait delay for autokey config to take effect\n var waitAutokeyConfig = new Sleep(\"waitAutokeyConfig\", SleepArgs.builder()\n .createDuration(\"10s\")\n .build(), CustomResourceOptions.builder()\n .dependsOn(autokeyConfig)\n .build());\n\n var example_keyhandle = new KeyHandle(\"example-keyhandle\", KeyHandleArgs.builder()\n .project(resourceProject.projectId())\n .name(\"example-key-handle\")\n .location(\"global\")\n .resourceTypeSelector(\"storage.googleapis.com/Bucket\")\n .build(), CustomResourceOptions.builder()\n .dependsOn(waitAutokeyConfig)\n .build());\n\n }\n}\n```\n```yaml\nresources:\n # Create Folder in GCP Organization\n autokmsFolder:\n type: gcp:organizations:Folder\n name: autokms_folder\n properties:\n displayName: folder-example\n parent: organizations/123456789\n # Create the key project\n keyProject:\n type: gcp:organizations:Project\n name: key_project\n properties:\n projectId: key-proj\n name: key-proj\n folderId: ${autokmsFolder.folderId}\n billingAccount: 000000-0000000-0000000-000000\n options:\n dependson:\n - ${autokmsFolder}\n # Create the resource project\n resourceProject:\n type: gcp:organizations:Project\n name: resource_project\n properties:\n projectId: resources\n name: resources\n folderId: ${autokmsFolder.folderId}\n billingAccount: 000000-0000000-0000000-000000\n options:\n dependson:\n - ${autokmsFolder}\n # Enable the Cloud KMS API\n kmsApiService:\n type: gcp:projects:Service\n name: kms_api_service\n properties:\n service: cloudkms.googleapis.com\n project: ${keyProject.projectId}\n disableOnDestroy: false\n disableDependentServices: true\n options:\n dependson:\n - ${keyProject}\n # Wait delay after enabling APIs\n waitEnableServiceApi:\n type: time:sleep\n name: wait_enable_service_api\n properties:\n createDuration: 30s\n options:\n dependson:\n - ${kmsApiService}\n #Create KMS Service Agent\n kmsServiceAgent:\n type: gcp:projects:ServiceIdentity\n name: kms_service_agent\n properties:\n service: cloudkms.googleapis.com\n project: ${keyProject.number}\n options:\n dependson:\n - ${waitEnableServiceApi}\n # Wait delay after creating service agent.\n waitServiceAgent:\n type: time:sleep\n name: wait_service_agent\n properties:\n createDuration: 10s\n options:\n dependson:\n - ${kmsServiceAgent}\n #Grant the KMS Service Agent the Cloud KMS Admin role\n autokeyProjectAdmin:\n type: gcp:projects:IAMMember\n name: autokey_project_admin\n properties:\n project: ${keyProject.projectId}\n role: roles/cloudkms.admin\n member: serviceAccount:service-${keyProject.number}@gcp-sa-cloudkms.iam.gserviceaccount.com\n options:\n dependson:\n - ${waitServiceAgent}\n # Wait delay after granting IAM permissions\n waitSrvAccPermissions:\n type: time:sleep\n name: wait_srv_acc_permissions\n properties:\n createDuration: 10s\n options:\n dependson:\n - ${autokeyProjectAdmin}\n autokeyConfig:\n type: gcp:kms:AutokeyConfig\n name: autokey_config\n properties:\n folder: ${autokmsFolder.folderId}\n keyProject: projects/${keyProject.projectId}\n options:\n dependson:\n - ${waitSrvAccPermissions}\n # Wait delay for autokey config to take effect\n waitAutokeyConfig:\n type: time:sleep\n name: wait_autokey_config\n properties:\n createDuration: 10s\n options:\n dependson:\n - ${autokeyConfig}\n example-keyhandle:\n type: gcp:kms:KeyHandle\n properties:\n project: ${resourceProject.projectId}\n name: example-key-handle\n location: global\n resourceTypeSelector: storage.googleapis.com/Bucket\n options:\n dependson:\n - ${waitAutokeyConfig}\n```\n\u003c!--End PulumiCodeChooser --\u003e\n\n## Import\n\nKeyHandle can be imported using any of these accepted formats:\n\n* `projects/{{project}}/locations/{{location}}/keyHandles/{{name}}`\n\n* `{{project}}/{{location}}/{{name}}`\n\n* `{{location}}/{{name}}`\n\nWhen using the `pulumi import` command, KeyHandle can be imported using one of the formats above. For example:\n\n```sh\n$ pulumi import gcp:kms/keyHandle:KeyHandle default projects/{{project}}/locations/{{location}}/keyHandles/{{name}}\n```\n\n```sh\n$ pulumi import gcp:kms/keyHandle:KeyHandle default {{project}}/{{location}}/{{name}}\n```\n\n```sh\n$ pulumi import gcp:kms/keyHandle:KeyHandle default {{location}}/{{name}}\n```\n\n", + "properties": { + "kmsKey": { + "type": "string", + "description": "A reference to a Cloud KMS CryptoKey that can be used for CMEK in the requested\nproduct/project/location, for example\n`projects/1/locations/us-east1/keyRings/foo/cryptoKeys/bar-ffffff`\n" + }, + "location": { + "type": "string", + "description": "The location for the KeyHandle.\nA full list of valid locations can be found by running `gcloud kms locations list`.\n\n\n- - -\n" + }, + "name": { + "type": "string", + "description": "The resource name for the KeyHandle.\n" + }, + "project": { + "type": "string", + "description": "The ID of the project in which the resource belongs.\nIf it is not provided, the provider project is used.\n" + }, + "resourceTypeSelector": { + "type": "string", + "description": "Selector of the resource type where we want to protect resources.\nFor example, `storage.googleapis.com/Bucket OR compute.googleapis.com/*`\n" + } + }, + "required": [ + "kmsKey", + "location", + "name", + "project", + "resourceTypeSelector" + ], + "inputProperties": { + "location": { + "type": "string", + "description": "The location for the KeyHandle.\nA full list of valid locations can be found by running `gcloud kms locations list`.\n\n\n- - -\n", + "willReplaceOnChanges": true + }, + "name": { + "type": "string", + "description": "The resource name for the KeyHandle.\n", + "willReplaceOnChanges": true + }, + "project": { + "type": "string", + "description": "The ID of the project in which the resource belongs.\nIf it is not provided, the provider project is used.\n", + "willReplaceOnChanges": true + }, + "resourceTypeSelector": { + "type": "string", + "description": "Selector of the resource type where we want to protect resources.\nFor example, `storage.googleapis.com/Bucket OR compute.googleapis.com/*`\n", + "willReplaceOnChanges": true + } + }, + "requiredInputs": [ + "location", + "resourceTypeSelector" + ], + "stateInputs": { + "description": "Input properties used for looking up and filtering KeyHandle resources.\n", + "properties": { + "kmsKey": { + "type": "string", + "description": "A reference to a Cloud KMS CryptoKey that can be used for CMEK in the requested\nproduct/project/location, for example\n`projects/1/locations/us-east1/keyRings/foo/cryptoKeys/bar-ffffff`\n" + }, + "location": { + "type": "string", + "description": "The location for the KeyHandle.\nA full list of valid locations can be found by running `gcloud kms locations list`.\n\n\n- - -\n", + "willReplaceOnChanges": true + }, + "name": { + "type": "string", + "description": "The resource name for the KeyHandle.\n", + "willReplaceOnChanges": true + }, + "project": { + "type": "string", + "description": "The ID of the project in which the resource belongs.\nIf it is not provided, the provider project is used.\n", + "willReplaceOnChanges": true + }, + "resourceTypeSelector": { + "type": "string", + "description": "Selector of the resource type where we want to protect resources.\nFor example, `storage.googleapis.com/Bucket OR compute.googleapis.com/*`\n", + "willReplaceOnChanges": true + } + }, + "type": "object" + } + }, "gcp:kms/keyRing:KeyRing": { "description": "A `KeyRing` is a toplevel logical grouping of `CryptoKeys`.\n\n\n\u003e **Note:** KeyRings cannot be deleted from Google Cloud Platform.\nDestroying a provider-managed KeyRing will remove it from state but\n*will not delete the resource from the project.*\n\n\nTo get more information about KeyRing, see:\n\n* [API documentation](https://cloud.google.com/kms/docs/reference/rest/v1/projects.locations.keyRings)\n* How-to Guides\n * [Creating a key ring](https://cloud.google.com/kms/docs/creating-keys#create_a_key_ring)\n\n## Example Usage\n\n### Kms Key Ring Basic\n\n\n\u003c!--Start PulumiCodeChooser --\u003e\n```typescript\nimport * as pulumi from \"@pulumi/pulumi\";\nimport * as gcp from \"@pulumi/gcp\";\n\nconst example_keyring = new gcp.kms.KeyRing(\"example-keyring\", {\n name: \"keyring-example\",\n location: \"global\",\n});\n```\n```python\nimport pulumi\nimport pulumi_gcp as gcp\n\nexample_keyring = gcp.kms.KeyRing(\"example-keyring\",\n name=\"keyring-example\",\n location=\"global\")\n```\n```csharp\nusing System.Collections.Generic;\nusing System.Linq;\nusing Pulumi;\nusing Gcp = Pulumi.Gcp;\n\nreturn await Deployment.RunAsync(() =\u003e \n{\n var example_keyring = new Gcp.Kms.KeyRing(\"example-keyring\", new()\n {\n Name = \"keyring-example\",\n Location = \"global\",\n });\n\n});\n```\n```go\npackage main\n\nimport (\n\t\"github.com/pulumi/pulumi-gcp/sdk/v7/go/gcp/kms\"\n\t\"github.com/pulumi/pulumi/sdk/v3/go/pulumi\"\n)\n\nfunc main() {\n\tpulumi.Run(func(ctx *pulumi.Context) error {\n\t\t_, err := kms.NewKeyRing(ctx, \"example-keyring\", \u0026kms.KeyRingArgs{\n\t\t\tName: pulumi.String(\"keyring-example\"),\n\t\t\tLocation: pulumi.String(\"global\"),\n\t\t})\n\t\tif err != nil {\n\t\t\treturn err\n\t\t}\n\t\treturn nil\n\t})\n}\n```\n```java\npackage generated_program;\n\nimport com.pulumi.Context;\nimport com.pulumi.Pulumi;\nimport com.pulumi.core.Output;\nimport com.pulumi.gcp.kms.KeyRing;\nimport com.pulumi.gcp.kms.KeyRingArgs;\nimport java.util.List;\nimport java.util.ArrayList;\nimport java.util.Map;\nimport java.io.File;\nimport java.nio.file.Files;\nimport java.nio.file.Paths;\n\npublic class App {\n public static void main(String[] args) {\n Pulumi.run(App::stack);\n }\n\n public static void stack(Context ctx) {\n var example_keyring = new KeyRing(\"example-keyring\", KeyRingArgs.builder()\n .name(\"keyring-example\")\n .location(\"global\")\n .build());\n\n }\n}\n```\n```yaml\nresources:\n example-keyring:\n type: gcp:kms:KeyRing\n properties:\n name: keyring-example\n location: global\n```\n\u003c!--End PulumiCodeChooser --\u003e\n\n## Import\n\nKeyRing can be imported using any of these accepted formats:\n\n* `projects/{{project}}/locations/{{location}}/keyRings/{{name}}`\n\n* `{{project}}/{{location}}/{{name}}`\n\n* `{{location}}/{{name}}`\n\nWhen using the `pulumi import` command, KeyRing can be imported using one of the formats above. For example:\n\n```sh\n$ pulumi import gcp:kms/keyRing:KeyRing default projects/{{project}}/locations/{{location}}/keyRings/{{name}}\n```\n\n```sh\n$ pulumi import gcp:kms/keyRing:KeyRing default {{project}}/{{location}}/{{name}}\n```\n\n```sh\n$ pulumi import gcp:kms/keyRing:KeyRing default {{location}}/{{name}}\n```\n\n", "properties": { @@ -214271,6 +216533,195 @@ "type": "object" } }, + "gcp:networkservices/lbRouteExtension:LbRouteExtension": { + "description": "LbRouteExtension is a resource that lets you control where traffic is routed to for a given request.\n\n\nTo get more information about LbRouteExtension, see:\n\n* [API documentation](https://cloud.google.com/service-extensions/docs/reference/rest/v1beta1/projects.locations.lbRouteExtensions)\n* How-to Guides\n * [Configure a route extension](https://cloud.google.com/service-extensions/docs/configure-callout#configure_a_route_extension)\n\n## Example Usage\n\n## Import\n\nLbRouteExtension can be imported using any of these accepted formats:\n\n* `projects/{{project}}/locations/{{location}}/lbRouteExtensions/{{name}}`\n\n* `{{project}}/{{location}}/{{name}}`\n\n* `{{location}}/{{name}}`\n\nWhen using the `pulumi import` command, LbRouteExtension can be imported using one of the formats above. For example:\n\n```sh\n$ pulumi import gcp:networkservices/lbRouteExtension:LbRouteExtension default projects/{{project}}/locations/{{location}}/lbRouteExtensions/{{name}}\n```\n\n```sh\n$ pulumi import gcp:networkservices/lbRouteExtension:LbRouteExtension default {{project}}/{{location}}/{{name}}\n```\n\n```sh\n$ pulumi import gcp:networkservices/lbRouteExtension:LbRouteExtension default {{location}}/{{name}}\n```\n\n", + "properties": { + "description": { + "type": "string", + "description": "A human-readable description of the resource.\n" + }, + "effectiveLabels": { + "type": "object", + "additionalProperties": { + "type": "string" + }, + "description": "All of labels (key/value pairs) present on the resource in GCP, including the labels configured through Pulumi, other clients and services.\n", + "secret": true + }, + "extensionChains": { + "type": "array", + "items": { + "$ref": "#/types/gcp:networkservices/LbRouteExtensionExtensionChain:LbRouteExtensionExtensionChain" + }, + "description": "A set of ordered extension chains that contain the match conditions and extensions to execute.\nMatch conditions for each extension chain are evaluated in sequence for a given request.\nThe first extension chain that has a condition that matches the request is executed.\nAny subsequent extension chains do not execute. Limited to 5 extension chains per resource.\nStructure is documented below.\n" + }, + "forwardingRules": { + "type": "array", + "items": { + "type": "string" + }, + "description": "A list of references to the forwarding rules to which this service extension is attached to.\nAt least one forwarding rule is required. There can be only one LbRouteExtension resource per forwarding rule.\n" + }, + "labels": { + "type": "object", + "additionalProperties": { + "type": "string" + }, + "description": "Set of labels associated with the LbRouteExtension resource. **Note**: This field is non-authoritative, and will only\nmanage the labels present in your configuration. Please refer to the field 'effective_labels' for all of the labels\npresent on the resource.\n" + }, + "loadBalancingScheme": { + "type": "string", + "description": "All backend services and forwarding rules referenced by this extension must share the same load balancing scheme.\nFor more information, refer to [Choosing a load balancer](https://cloud.google.com/load-balancing/docs/backend-service) and\n[Supported application load balancers](https://cloud.google.com/service-extensions/docs/callouts-overview#supported-lbs).\nPossible values are: `INTERNAL_MANAGED`, `EXTERNAL_MANAGED`.\n" + }, + "location": { + "type": "string", + "description": "The location of the route extension\n" + }, + "name": { + "type": "string", + "description": "Name of the LbRouteExtension resource in the following format: projects/{project}/locations/{location}/lbRouteExtensions/{lbRouteExtension}\n" + }, + "project": { + "type": "string" + }, + "pulumiLabels": { + "type": "object", + "additionalProperties": { + "type": "string" + }, + "description": "The combination of labels configured directly on the resource\nand default labels configured on the provider.\n", + "secret": true + } + }, + "required": [ + "effectiveLabels", + "extensionChains", + "forwardingRules", + "loadBalancingScheme", + "location", + "name", + "project", + "pulumiLabels" + ], + "inputProperties": { + "description": { + "type": "string", + "description": "A human-readable description of the resource.\n" + }, + "extensionChains": { + "type": "array", + "items": { + "$ref": "#/types/gcp:networkservices/LbRouteExtensionExtensionChain:LbRouteExtensionExtensionChain" + }, + "description": "A set of ordered extension chains that contain the match conditions and extensions to execute.\nMatch conditions for each extension chain are evaluated in sequence for a given request.\nThe first extension chain that has a condition that matches the request is executed.\nAny subsequent extension chains do not execute. Limited to 5 extension chains per resource.\nStructure is documented below.\n" + }, + "forwardingRules": { + "type": "array", + "items": { + "type": "string" + }, + "description": "A list of references to the forwarding rules to which this service extension is attached to.\nAt least one forwarding rule is required. There can be only one LbRouteExtension resource per forwarding rule.\n" + }, + "labels": { + "type": "object", + "additionalProperties": { + "type": "string" + }, + "description": "Set of labels associated with the LbRouteExtension resource. **Note**: This field is non-authoritative, and will only\nmanage the labels present in your configuration. Please refer to the field 'effective_labels' for all of the labels\npresent on the resource.\n" + }, + "loadBalancingScheme": { + "type": "string", + "description": "All backend services and forwarding rules referenced by this extension must share the same load balancing scheme.\nFor more information, refer to [Choosing a load balancer](https://cloud.google.com/load-balancing/docs/backend-service) and\n[Supported application load balancers](https://cloud.google.com/service-extensions/docs/callouts-overview#supported-lbs).\nPossible values are: `INTERNAL_MANAGED`, `EXTERNAL_MANAGED`.\n", + "willReplaceOnChanges": true + }, + "location": { + "type": "string", + "description": "The location of the route extension\n", + "willReplaceOnChanges": true + }, + "name": { + "type": "string", + "description": "Name of the LbRouteExtension resource in the following format: projects/{project}/locations/{location}/lbRouteExtensions/{lbRouteExtension}\n", + "willReplaceOnChanges": true + }, + "project": { + "type": "string", + "willReplaceOnChanges": true + } + }, + "requiredInputs": [ + "extensionChains", + "forwardingRules", + "loadBalancingScheme", + "location" + ], + "stateInputs": { + "description": "Input properties used for looking up and filtering LbRouteExtension resources.\n", + "properties": { + "description": { + "type": "string", + "description": "A human-readable description of the resource.\n" + }, + "effectiveLabels": { + "type": "object", + "additionalProperties": { + "type": "string" + }, + "description": "All of labels (key/value pairs) present on the resource in GCP, including the labels configured through Pulumi, other clients and services.\n", + "secret": true + }, + "extensionChains": { + "type": "array", + "items": { + "$ref": "#/types/gcp:networkservices/LbRouteExtensionExtensionChain:LbRouteExtensionExtensionChain" + }, + "description": "A set of ordered extension chains that contain the match conditions and extensions to execute.\nMatch conditions for each extension chain are evaluated in sequence for a given request.\nThe first extension chain that has a condition that matches the request is executed.\nAny subsequent extension chains do not execute. Limited to 5 extension chains per resource.\nStructure is documented below.\n" + }, + "forwardingRules": { + "type": "array", + "items": { + "type": "string" + }, + "description": "A list of references to the forwarding rules to which this service extension is attached to.\nAt least one forwarding rule is required. There can be only one LbRouteExtension resource per forwarding rule.\n" + }, + "labels": { + "type": "object", + "additionalProperties": { + "type": "string" + }, + "description": "Set of labels associated with the LbRouteExtension resource. **Note**: This field is non-authoritative, and will only\nmanage the labels present in your configuration. Please refer to the field 'effective_labels' for all of the labels\npresent on the resource.\n" + }, + "loadBalancingScheme": { + "type": "string", + "description": "All backend services and forwarding rules referenced by this extension must share the same load balancing scheme.\nFor more information, refer to [Choosing a load balancer](https://cloud.google.com/load-balancing/docs/backend-service) and\n[Supported application load balancers](https://cloud.google.com/service-extensions/docs/callouts-overview#supported-lbs).\nPossible values are: `INTERNAL_MANAGED`, `EXTERNAL_MANAGED`.\n", + "willReplaceOnChanges": true + }, + "location": { + "type": "string", + "description": "The location of the route extension\n", + "willReplaceOnChanges": true + }, + "name": { + "type": "string", + "description": "Name of the LbRouteExtension resource in the following format: projects/{project}/locations/{location}/lbRouteExtensions/{lbRouteExtension}\n", + "willReplaceOnChanges": true + }, + "project": { + "type": "string", + "willReplaceOnChanges": true + }, + "pulumiLabels": { + "type": "object", + "additionalProperties": { + "type": "string" + }, + "description": "The combination of labels configured directly on the resource\nand default labels configured on the provider.\n", + "secret": true + } + }, + "type": "object" + } + }, "gcp:networkservices/lbTrafficExtension:LbTrafficExtension": { "description": "LbTrafficExtension is a resource that lets the extension service modify the headers and payloads of both requests and responses without impacting the choice of backend services or any other security policies associated with the backend service.\n\n\nTo get more information about LbTrafficExtension, see:\n\n* [API documentation](https://cloud.google.com/service-extensions/docs/reference/rest/v1beta1/projects.locations.lbTrafficExtensions)\n* How-to Guides\n * [Configure a traffic extension](https://cloud.google.com/service-extensions/docs/configure-callout#configure_a_traffic_extension)\n\n## Example Usage\n\n## Import\n\nLbTrafficExtension can be imported using any of these accepted formats:\n\n* `projects/{{project}}/locations/{{location}}/lbTrafficExtensions/{{name}}`\n\n* `{{project}}/{{location}}/{{name}}`\n\n* `{{location}}/{{name}}`\n\nWhen using the `pulumi import` command, LbTrafficExtension can be imported using one of the formats above. For example:\n\n```sh\n$ pulumi import gcp:networkservices/lbTrafficExtension:LbTrafficExtension default projects/{{project}}/locations/{{location}}/lbTrafficExtensions/{{name}}\n```\n\n```sh\n$ pulumi import gcp:networkservices/lbTrafficExtension:LbTrafficExtension default {{project}}/{{location}}/{{name}}\n```\n\n```sh\n$ pulumi import gcp:networkservices/lbTrafficExtension:LbTrafficExtension default {{location}}/{{name}}\n```\n\n", "properties": { @@ -214309,7 +216760,7 @@ }, "loadBalancingScheme": { "type": "string", - "description": "All backend services and forwarding rules referenced by this extension must share the same load balancing scheme. For\nmore information, refer to Choosing a load balancer. Possible values: [\"LOAD_BALANCING_SCHEME_UNSPECIFIED\",\n\"INTERNAL_MANAGED\", \"EXTERNAL_MANAGED\"]\n" + "description": "All backend services and forwarding rules referenced by this extension must share the same load balancing scheme. For\nmore information, refer to [Choosing a load balancer](https://cloud.google.com/load-balancing/docs/backend-service) and\n[Supported application load\nbalancers](https://cloud.google.com/service-extensions/docs/callouts-overview#supported-lbs). Possible values:\n[\"INTERNAL_MANAGED\", \"EXTERNAL_MANAGED\"]\n" }, "location": { "type": "string", @@ -214368,7 +216819,8 @@ }, "loadBalancingScheme": { "type": "string", - "description": "All backend services and forwarding rules referenced by this extension must share the same load balancing scheme. For\nmore information, refer to Choosing a load balancer. Possible values: [\"LOAD_BALANCING_SCHEME_UNSPECIFIED\",\n\"INTERNAL_MANAGED\", \"EXTERNAL_MANAGED\"]\n" + "description": "All backend services and forwarding rules referenced by this extension must share the same load balancing scheme. For\nmore information, refer to [Choosing a load balancer](https://cloud.google.com/load-balancing/docs/backend-service) and\n[Supported application load\nbalancers](https://cloud.google.com/service-extensions/docs/callouts-overview#supported-lbs). Possible values:\n[\"INTERNAL_MANAGED\", \"EXTERNAL_MANAGED\"]\n", + "willReplaceOnChanges": true }, "location": { "type": "string", @@ -214428,7 +216880,8 @@ }, "loadBalancingScheme": { "type": "string", - "description": "All backend services and forwarding rules referenced by this extension must share the same load balancing scheme. For\nmore information, refer to Choosing a load balancer. Possible values: [\"LOAD_BALANCING_SCHEME_UNSPECIFIED\",\n\"INTERNAL_MANAGED\", \"EXTERNAL_MANAGED\"]\n" + "description": "All backend services and forwarding rules referenced by this extension must share the same load balancing scheme. For\nmore information, refer to [Choosing a load balancer](https://cloud.google.com/load-balancing/docs/backend-service) and\n[Supported application load\nbalancers](https://cloud.google.com/service-extensions/docs/callouts-overview#supported-lbs). Possible values:\n[\"INTERNAL_MANAGED\", \"EXTERNAL_MANAGED\"]\n", + "willReplaceOnChanges": true }, "location": { "type": "string", @@ -217796,7 +220249,7 @@ } }, "gcp:orgpolicy/policy:Policy": { - "description": "An organization policy gives you programmatic control over your organization's cloud resources. Using Organization Policies, you will be able to configure constraints across your entire resource hierarchy.\n\nFor more information, see:\n* [Understanding Org Policy concepts](https://cloud.google.com/resource-manager/docs/organization-policy/overview)\n* [The resource hierarchy](https://cloud.google.com/resource-manager/docs/cloud-platform-resource-hierarchy)\n* [All valid constraints](https://cloud.google.com/resource-manager/docs/organization-policy/org-policy-constraints)\n## Example Usage\n\n### Enforce_policy\nA test of an enforce orgpolicy policy for a project\n\u003c!--Start PulumiCodeChooser --\u003e\n```typescript\nimport * as pulumi from \"@pulumi/pulumi\";\nimport * as gcp from \"@pulumi/gcp\";\n\nconst basic = new gcp.organizations.Project(\"basic\", {\n projectId: \"id\",\n name: \"id\",\n orgId: \"123456789\",\n});\nconst primary = new gcp.orgpolicy.Policy(\"primary\", {\n name: pulumi.interpolate`projects/${basic.name}/policies/iam.disableServiceAccountKeyUpload`,\n parent: pulumi.interpolate`projects/${basic.name}`,\n spec: {\n rules: [{\n enforce: \"FALSE\",\n }],\n },\n});\n```\n```python\nimport pulumi\nimport pulumi_gcp as gcp\n\nbasic = gcp.organizations.Project(\"basic\",\n project_id=\"id\",\n name=\"id\",\n org_id=\"123456789\")\nprimary = gcp.orgpolicy.Policy(\"primary\",\n name=basic.name.apply(lambda name: f\"projects/{name}/policies/iam.disableServiceAccountKeyUpload\"),\n parent=basic.name.apply(lambda name: f\"projects/{name}\"),\n spec=gcp.orgpolicy.PolicySpecArgs(\n rules=[gcp.orgpolicy.PolicySpecRuleArgs(\n enforce=\"FALSE\",\n )],\n ))\n```\n```csharp\nusing System.Collections.Generic;\nusing System.Linq;\nusing Pulumi;\nusing Gcp = Pulumi.Gcp;\n\nreturn await Deployment.RunAsync(() =\u003e \n{\n var basic = new Gcp.Organizations.Project(\"basic\", new()\n {\n ProjectId = \"id\",\n Name = \"id\",\n OrgId = \"123456789\",\n });\n\n var primary = new Gcp.OrgPolicy.Policy(\"primary\", new()\n {\n Name = basic.Name.Apply(name =\u003e $\"projects/{name}/policies/iam.disableServiceAccountKeyUpload\"),\n Parent = basic.Name.Apply(name =\u003e $\"projects/{name}\"),\n Spec = new Gcp.OrgPolicy.Inputs.PolicySpecArgs\n {\n Rules = new[]\n {\n new Gcp.OrgPolicy.Inputs.PolicySpecRuleArgs\n {\n Enforce = \"FALSE\",\n },\n },\n },\n });\n\n});\n```\n```go\npackage main\n\nimport (\n\t\"fmt\"\n\n\t\"github.com/pulumi/pulumi-gcp/sdk/v7/go/gcp/organizations\"\n\t\"github.com/pulumi/pulumi-gcp/sdk/v7/go/gcp/orgpolicy\"\n\t\"github.com/pulumi/pulumi/sdk/v3/go/pulumi\"\n)\n\nfunc main() {\n\tpulumi.Run(func(ctx *pulumi.Context) error {\n\t\tbasic, err := organizations.NewProject(ctx, \"basic\", \u0026organizations.ProjectArgs{\n\t\t\tProjectId: pulumi.String(\"id\"),\n\t\t\tName: pulumi.String(\"id\"),\n\t\t\tOrgId: pulumi.String(\"123456789\"),\n\t\t})\n\t\tif err != nil {\n\t\t\treturn err\n\t\t}\n\t\t_, err = orgpolicy.NewPolicy(ctx, \"primary\", \u0026orgpolicy.PolicyArgs{\n\t\t\tName: basic.Name.ApplyT(func(name string) (string, error) {\n\t\t\t\treturn fmt.Sprintf(\"projects/%v/policies/iam.disableServiceAccountKeyUpload\", name), nil\n\t\t\t}).(pulumi.StringOutput),\n\t\t\tParent: basic.Name.ApplyT(func(name string) (string, error) {\n\t\t\t\treturn fmt.Sprintf(\"projects/%v\", name), nil\n\t\t\t}).(pulumi.StringOutput),\n\t\t\tSpec: \u0026orgpolicy.PolicySpecArgs{\n\t\t\t\tRules: orgpolicy.PolicySpecRuleArray{\n\t\t\t\t\t\u0026orgpolicy.PolicySpecRuleArgs{\n\t\t\t\t\t\tEnforce: pulumi.String(\"FALSE\"),\n\t\t\t\t\t},\n\t\t\t\t},\n\t\t\t},\n\t\t})\n\t\tif err != nil {\n\t\t\treturn err\n\t\t}\n\t\treturn nil\n\t})\n}\n```\n```java\npackage generated_program;\n\nimport com.pulumi.Context;\nimport com.pulumi.Pulumi;\nimport com.pulumi.core.Output;\nimport com.pulumi.gcp.organizations.Project;\nimport com.pulumi.gcp.organizations.ProjectArgs;\nimport com.pulumi.gcp.orgpolicy.Policy;\nimport com.pulumi.gcp.orgpolicy.PolicyArgs;\nimport com.pulumi.gcp.orgpolicy.inputs.PolicySpecArgs;\nimport java.util.List;\nimport java.util.ArrayList;\nimport java.util.Map;\nimport java.io.File;\nimport java.nio.file.Files;\nimport java.nio.file.Paths;\n\npublic class App {\n public static void main(String[] args) {\n Pulumi.run(App::stack);\n }\n\n public static void stack(Context ctx) {\n var basic = new Project(\"basic\", ProjectArgs.builder()\n .projectId(\"id\")\n .name(\"id\")\n .orgId(\"123456789\")\n .build());\n\n var primary = new Policy(\"primary\", PolicyArgs.builder()\n .name(basic.name().applyValue(name -\u003e String.format(\"projects/%s/policies/iam.disableServiceAccountKeyUpload\", name)))\n .parent(basic.name().applyValue(name -\u003e String.format(\"projects/%s\", name)))\n .spec(PolicySpecArgs.builder()\n .rules(PolicySpecRuleArgs.builder()\n .enforce(\"FALSE\")\n .build())\n .build())\n .build());\n\n }\n}\n```\n```yaml\nresources:\n primary:\n type: gcp:orgpolicy:Policy\n properties:\n name: projects/${basic.name}/policies/iam.disableServiceAccountKeyUpload\n parent: projects/${basic.name}\n spec:\n rules:\n - enforce: FALSE\n basic:\n type: gcp:organizations:Project\n properties:\n projectId: id\n name: id\n orgId: '123456789'\n```\n\u003c!--End PulumiCodeChooser --\u003e\n### Folder_policy\nA test of an orgpolicy policy for a folder\n\u003c!--Start PulumiCodeChooser --\u003e\n```typescript\nimport * as pulumi from \"@pulumi/pulumi\";\nimport * as gcp from \"@pulumi/gcp\";\n\nconst basic = new gcp.organizations.Folder(\"basic\", {\n parent: \"organizations/123456789\",\n displayName: \"folder\",\n});\nconst primary = new gcp.orgpolicy.Policy(\"primary\", {\n name: pulumi.interpolate`${basic.name}/policies/gcp.resourceLocations`,\n parent: basic.name,\n spec: {\n inheritFromParent: true,\n rules: [{\n denyAll: \"TRUE\",\n }],\n },\n});\n```\n```python\nimport pulumi\nimport pulumi_gcp as gcp\n\nbasic = gcp.organizations.Folder(\"basic\",\n parent=\"organizations/123456789\",\n display_name=\"folder\")\nprimary = gcp.orgpolicy.Policy(\"primary\",\n name=basic.name.apply(lambda name: f\"{name}/policies/gcp.resourceLocations\"),\n parent=basic.name,\n spec=gcp.orgpolicy.PolicySpecArgs(\n inherit_from_parent=True,\n rules=[gcp.orgpolicy.PolicySpecRuleArgs(\n deny_all=\"TRUE\",\n )],\n ))\n```\n```csharp\nusing System.Collections.Generic;\nusing System.Linq;\nusing Pulumi;\nusing Gcp = Pulumi.Gcp;\n\nreturn await Deployment.RunAsync(() =\u003e \n{\n var basic = new Gcp.Organizations.Folder(\"basic\", new()\n {\n Parent = \"organizations/123456789\",\n DisplayName = \"folder\",\n });\n\n var primary = new Gcp.OrgPolicy.Policy(\"primary\", new()\n {\n Name = basic.Name.Apply(name =\u003e $\"{name}/policies/gcp.resourceLocations\"),\n Parent = basic.Name,\n Spec = new Gcp.OrgPolicy.Inputs.PolicySpecArgs\n {\n InheritFromParent = true,\n Rules = new[]\n {\n new Gcp.OrgPolicy.Inputs.PolicySpecRuleArgs\n {\n DenyAll = \"TRUE\",\n },\n },\n },\n });\n\n});\n```\n```go\npackage main\n\nimport (\n\t\"fmt\"\n\n\t\"github.com/pulumi/pulumi-gcp/sdk/v7/go/gcp/organizations\"\n\t\"github.com/pulumi/pulumi-gcp/sdk/v7/go/gcp/orgpolicy\"\n\t\"github.com/pulumi/pulumi/sdk/v3/go/pulumi\"\n)\n\nfunc main() {\n\tpulumi.Run(func(ctx *pulumi.Context) error {\n\t\tbasic, err := organizations.NewFolder(ctx, \"basic\", \u0026organizations.FolderArgs{\n\t\t\tParent: pulumi.String(\"organizations/123456789\"),\n\t\t\tDisplayName: pulumi.String(\"folder\"),\n\t\t})\n\t\tif err != nil {\n\t\t\treturn err\n\t\t}\n\t\t_, err = orgpolicy.NewPolicy(ctx, \"primary\", \u0026orgpolicy.PolicyArgs{\n\t\t\tName: basic.Name.ApplyT(func(name string) (string, error) {\n\t\t\t\treturn fmt.Sprintf(\"%v/policies/gcp.resourceLocations\", name), nil\n\t\t\t}).(pulumi.StringOutput),\n\t\t\tParent: basic.Name,\n\t\t\tSpec: \u0026orgpolicy.PolicySpecArgs{\n\t\t\t\tInheritFromParent: pulumi.Bool(true),\n\t\t\t\tRules: orgpolicy.PolicySpecRuleArray{\n\t\t\t\t\t\u0026orgpolicy.PolicySpecRuleArgs{\n\t\t\t\t\t\tDenyAll: pulumi.String(\"TRUE\"),\n\t\t\t\t\t},\n\t\t\t\t},\n\t\t\t},\n\t\t})\n\t\tif err != nil {\n\t\t\treturn err\n\t\t}\n\t\treturn nil\n\t})\n}\n```\n```java\npackage generated_program;\n\nimport com.pulumi.Context;\nimport com.pulumi.Pulumi;\nimport com.pulumi.core.Output;\nimport com.pulumi.gcp.organizations.Folder;\nimport com.pulumi.gcp.organizations.FolderArgs;\nimport com.pulumi.gcp.orgpolicy.Policy;\nimport com.pulumi.gcp.orgpolicy.PolicyArgs;\nimport com.pulumi.gcp.orgpolicy.inputs.PolicySpecArgs;\nimport java.util.List;\nimport java.util.ArrayList;\nimport java.util.Map;\nimport java.io.File;\nimport java.nio.file.Files;\nimport java.nio.file.Paths;\n\npublic class App {\n public static void main(String[] args) {\n Pulumi.run(App::stack);\n }\n\n public static void stack(Context ctx) {\n var basic = new Folder(\"basic\", FolderArgs.builder()\n .parent(\"organizations/123456789\")\n .displayName(\"folder\")\n .build());\n\n var primary = new Policy(\"primary\", PolicyArgs.builder()\n .name(basic.name().applyValue(name -\u003e String.format(\"%s/policies/gcp.resourceLocations\", name)))\n .parent(basic.name())\n .spec(PolicySpecArgs.builder()\n .inheritFromParent(true)\n .rules(PolicySpecRuleArgs.builder()\n .denyAll(\"TRUE\")\n .build())\n .build())\n .build());\n\n }\n}\n```\n```yaml\nresources:\n primary:\n type: gcp:orgpolicy:Policy\n properties:\n name: ${basic.name}/policies/gcp.resourceLocations\n parent: ${basic.name}\n spec:\n inheritFromParent: true\n rules:\n - denyAll: TRUE\n basic:\n type: gcp:organizations:Folder\n properties:\n parent: organizations/123456789\n displayName: folder\n```\n\u003c!--End PulumiCodeChooser --\u003e\n### Organization_policy\nA test of an orgpolicy policy for an organization\n\u003c!--Start PulumiCodeChooser --\u003e\n```typescript\nimport * as pulumi from \"@pulumi/pulumi\";\nimport * as gcp from \"@pulumi/gcp\";\n\nconst primary = new gcp.orgpolicy.Policy(\"primary\", {\n name: \"organizations/123456789/policies/gcp.detailedAuditLoggingMode\",\n parent: \"organizations/123456789\",\n spec: {\n reset: true,\n },\n});\n```\n```python\nimport pulumi\nimport pulumi_gcp as gcp\n\nprimary = gcp.orgpolicy.Policy(\"primary\",\n name=\"organizations/123456789/policies/gcp.detailedAuditLoggingMode\",\n parent=\"organizations/123456789\",\n spec=gcp.orgpolicy.PolicySpecArgs(\n reset=True,\n ))\n```\n```csharp\nusing System.Collections.Generic;\nusing System.Linq;\nusing Pulumi;\nusing Gcp = Pulumi.Gcp;\n\nreturn await Deployment.RunAsync(() =\u003e \n{\n var primary = new Gcp.OrgPolicy.Policy(\"primary\", new()\n {\n Name = \"organizations/123456789/policies/gcp.detailedAuditLoggingMode\",\n Parent = \"organizations/123456789\",\n Spec = new Gcp.OrgPolicy.Inputs.PolicySpecArgs\n {\n Reset = true,\n },\n });\n\n});\n```\n```go\npackage main\n\nimport (\n\t\"github.com/pulumi/pulumi-gcp/sdk/v7/go/gcp/orgpolicy\"\n\t\"github.com/pulumi/pulumi/sdk/v3/go/pulumi\"\n)\n\nfunc main() {\n\tpulumi.Run(func(ctx *pulumi.Context) error {\n\t\t_, err := orgpolicy.NewPolicy(ctx, \"primary\", \u0026orgpolicy.PolicyArgs{\n\t\t\tName: pulumi.String(\"organizations/123456789/policies/gcp.detailedAuditLoggingMode\"),\n\t\t\tParent: pulumi.String(\"organizations/123456789\"),\n\t\t\tSpec: \u0026orgpolicy.PolicySpecArgs{\n\t\t\t\tReset: pulumi.Bool(true),\n\t\t\t},\n\t\t})\n\t\tif err != nil {\n\t\t\treturn err\n\t\t}\n\t\treturn nil\n\t})\n}\n```\n```java\npackage generated_program;\n\nimport com.pulumi.Context;\nimport com.pulumi.Pulumi;\nimport com.pulumi.core.Output;\nimport com.pulumi.gcp.orgpolicy.Policy;\nimport com.pulumi.gcp.orgpolicy.PolicyArgs;\nimport com.pulumi.gcp.orgpolicy.inputs.PolicySpecArgs;\nimport java.util.List;\nimport java.util.ArrayList;\nimport java.util.Map;\nimport java.io.File;\nimport java.nio.file.Files;\nimport java.nio.file.Paths;\n\npublic class App {\n public static void main(String[] args) {\n Pulumi.run(App::stack);\n }\n\n public static void stack(Context ctx) {\n var primary = new Policy(\"primary\", PolicyArgs.builder()\n .name(\"organizations/123456789/policies/gcp.detailedAuditLoggingMode\")\n .parent(\"organizations/123456789\")\n .spec(PolicySpecArgs.builder()\n .reset(true)\n .build())\n .build());\n\n }\n}\n```\n```yaml\nresources:\n primary:\n type: gcp:orgpolicy:Policy\n properties:\n name: organizations/123456789/policies/gcp.detailedAuditLoggingMode\n parent: organizations/123456789\n spec:\n reset: true\n```\n\u003c!--End PulumiCodeChooser --\u003e\n### Project_policy\nA test of an orgpolicy policy for a project\n\u003c!--Start PulumiCodeChooser --\u003e\n```typescript\nimport * as pulumi from \"@pulumi/pulumi\";\nimport * as gcp from \"@pulumi/gcp\";\n\nconst basic = new gcp.organizations.Project(\"basic\", {\n projectId: \"id\",\n name: \"id\",\n orgId: \"123456789\",\n});\nconst primary = new gcp.orgpolicy.Policy(\"primary\", {\n name: pulumi.interpolate`projects/${basic.name}/policies/gcp.resourceLocations`,\n parent: pulumi.interpolate`projects/${basic.name}`,\n spec: {\n rules: [\n {\n condition: {\n description: \"A sample condition for the policy\",\n expression: \"resource.matchLabels('labelKeys/123', 'labelValues/345')\",\n location: \"sample-location.log\",\n title: \"sample-condition\",\n },\n values: {\n allowedValues: [\"projects/allowed-project\"],\n deniedValues: [\"projects/denied-project\"],\n },\n },\n {\n allowAll: \"TRUE\",\n },\n ],\n },\n});\n```\n```python\nimport pulumi\nimport pulumi_gcp as gcp\n\nbasic = gcp.organizations.Project(\"basic\",\n project_id=\"id\",\n name=\"id\",\n org_id=\"123456789\")\nprimary = gcp.orgpolicy.Policy(\"primary\",\n name=basic.name.apply(lambda name: f\"projects/{name}/policies/gcp.resourceLocations\"),\n parent=basic.name.apply(lambda name: f\"projects/{name}\"),\n spec=gcp.orgpolicy.PolicySpecArgs(\n rules=[\n gcp.orgpolicy.PolicySpecRuleArgs(\n condition=gcp.orgpolicy.PolicySpecRuleConditionArgs(\n description=\"A sample condition for the policy\",\n expression=\"resource.matchLabels('labelKeys/123', 'labelValues/345')\",\n location=\"sample-location.log\",\n title=\"sample-condition\",\n ),\n values=gcp.orgpolicy.PolicySpecRuleValuesArgs(\n allowed_values=[\"projects/allowed-project\"],\n denied_values=[\"projects/denied-project\"],\n ),\n ),\n gcp.orgpolicy.PolicySpecRuleArgs(\n allow_all=\"TRUE\",\n ),\n ],\n ))\n```\n```csharp\nusing System.Collections.Generic;\nusing System.Linq;\nusing Pulumi;\nusing Gcp = Pulumi.Gcp;\n\nreturn await Deployment.RunAsync(() =\u003e \n{\n var basic = new Gcp.Organizations.Project(\"basic\", new()\n {\n ProjectId = \"id\",\n Name = \"id\",\n OrgId = \"123456789\",\n });\n\n var primary = new Gcp.OrgPolicy.Policy(\"primary\", new()\n {\n Name = basic.Name.Apply(name =\u003e $\"projects/{name}/policies/gcp.resourceLocations\"),\n Parent = basic.Name.Apply(name =\u003e $\"projects/{name}\"),\n Spec = new Gcp.OrgPolicy.Inputs.PolicySpecArgs\n {\n Rules = new[]\n {\n new Gcp.OrgPolicy.Inputs.PolicySpecRuleArgs\n {\n Condition = new Gcp.OrgPolicy.Inputs.PolicySpecRuleConditionArgs\n {\n Description = \"A sample condition for the policy\",\n Expression = \"resource.matchLabels('labelKeys/123', 'labelValues/345')\",\n Location = \"sample-location.log\",\n Title = \"sample-condition\",\n },\n Values = new Gcp.OrgPolicy.Inputs.PolicySpecRuleValuesArgs\n {\n AllowedValues = new[]\n {\n \"projects/allowed-project\",\n },\n DeniedValues = new[]\n {\n \"projects/denied-project\",\n },\n },\n },\n new Gcp.OrgPolicy.Inputs.PolicySpecRuleArgs\n {\n AllowAll = \"TRUE\",\n },\n },\n },\n });\n\n});\n```\n```go\npackage main\n\nimport (\n\t\"fmt\"\n\n\t\"github.com/pulumi/pulumi-gcp/sdk/v7/go/gcp/organizations\"\n\t\"github.com/pulumi/pulumi-gcp/sdk/v7/go/gcp/orgpolicy\"\n\t\"github.com/pulumi/pulumi/sdk/v3/go/pulumi\"\n)\n\nfunc main() {\n\tpulumi.Run(func(ctx *pulumi.Context) error {\n\t\tbasic, err := organizations.NewProject(ctx, \"basic\", \u0026organizations.ProjectArgs{\n\t\t\tProjectId: pulumi.String(\"id\"),\n\t\t\tName: pulumi.String(\"id\"),\n\t\t\tOrgId: pulumi.String(\"123456789\"),\n\t\t})\n\t\tif err != nil {\n\t\t\treturn err\n\t\t}\n\t\t_, err = orgpolicy.NewPolicy(ctx, \"primary\", \u0026orgpolicy.PolicyArgs{\n\t\t\tName: basic.Name.ApplyT(func(name string) (string, error) {\n\t\t\t\treturn fmt.Sprintf(\"projects/%v/policies/gcp.resourceLocations\", name), nil\n\t\t\t}).(pulumi.StringOutput),\n\t\t\tParent: basic.Name.ApplyT(func(name string) (string, error) {\n\t\t\t\treturn fmt.Sprintf(\"projects/%v\", name), nil\n\t\t\t}).(pulumi.StringOutput),\n\t\t\tSpec: \u0026orgpolicy.PolicySpecArgs{\n\t\t\t\tRules: orgpolicy.PolicySpecRuleArray{\n\t\t\t\t\t\u0026orgpolicy.PolicySpecRuleArgs{\n\t\t\t\t\t\tCondition: \u0026orgpolicy.PolicySpecRuleConditionArgs{\n\t\t\t\t\t\t\tDescription: pulumi.String(\"A sample condition for the policy\"),\n\t\t\t\t\t\t\tExpression: pulumi.String(\"resource.matchLabels('labelKeys/123', 'labelValues/345')\"),\n\t\t\t\t\t\t\tLocation: pulumi.String(\"sample-location.log\"),\n\t\t\t\t\t\t\tTitle: pulumi.String(\"sample-condition\"),\n\t\t\t\t\t\t},\n\t\t\t\t\t\tValues: \u0026orgpolicy.PolicySpecRuleValuesArgs{\n\t\t\t\t\t\t\tAllowedValues: pulumi.StringArray{\n\t\t\t\t\t\t\t\tpulumi.String(\"projects/allowed-project\"),\n\t\t\t\t\t\t\t},\n\t\t\t\t\t\t\tDeniedValues: pulumi.StringArray{\n\t\t\t\t\t\t\t\tpulumi.String(\"projects/denied-project\"),\n\t\t\t\t\t\t\t},\n\t\t\t\t\t\t},\n\t\t\t\t\t},\n\t\t\t\t\t\u0026orgpolicy.PolicySpecRuleArgs{\n\t\t\t\t\t\tAllowAll: pulumi.String(\"TRUE\"),\n\t\t\t\t\t},\n\t\t\t\t},\n\t\t\t},\n\t\t})\n\t\tif err != nil {\n\t\t\treturn err\n\t\t}\n\t\treturn nil\n\t})\n}\n```\n```java\npackage generated_program;\n\nimport com.pulumi.Context;\nimport com.pulumi.Pulumi;\nimport com.pulumi.core.Output;\nimport com.pulumi.gcp.organizations.Project;\nimport com.pulumi.gcp.organizations.ProjectArgs;\nimport com.pulumi.gcp.orgpolicy.Policy;\nimport com.pulumi.gcp.orgpolicy.PolicyArgs;\nimport com.pulumi.gcp.orgpolicy.inputs.PolicySpecArgs;\nimport java.util.List;\nimport java.util.ArrayList;\nimport java.util.Map;\nimport java.io.File;\nimport java.nio.file.Files;\nimport java.nio.file.Paths;\n\npublic class App {\n public static void main(String[] args) {\n Pulumi.run(App::stack);\n }\n\n public static void stack(Context ctx) {\n var basic = new Project(\"basic\", ProjectArgs.builder()\n .projectId(\"id\")\n .name(\"id\")\n .orgId(\"123456789\")\n .build());\n\n var primary = new Policy(\"primary\", PolicyArgs.builder()\n .name(basic.name().applyValue(name -\u003e String.format(\"projects/%s/policies/gcp.resourceLocations\", name)))\n .parent(basic.name().applyValue(name -\u003e String.format(\"projects/%s\", name)))\n .spec(PolicySpecArgs.builder()\n .rules( \n PolicySpecRuleArgs.builder()\n .condition(PolicySpecRuleConditionArgs.builder()\n .description(\"A sample condition for the policy\")\n .expression(\"resource.matchLabels('labelKeys/123', 'labelValues/345')\")\n .location(\"sample-location.log\")\n .title(\"sample-condition\")\n .build())\n .values(PolicySpecRuleValuesArgs.builder()\n .allowedValues(\"projects/allowed-project\")\n .deniedValues(\"projects/denied-project\")\n .build())\n .build(),\n PolicySpecRuleArgs.builder()\n .allowAll(\"TRUE\")\n .build())\n .build())\n .build());\n\n }\n}\n```\n```yaml\nresources:\n primary:\n type: gcp:orgpolicy:Policy\n properties:\n name: projects/${basic.name}/policies/gcp.resourceLocations\n parent: projects/${basic.name}\n spec:\n rules:\n - condition:\n description: A sample condition for the policy\n expression: resource.matchLabels('labelKeys/123', 'labelValues/345')\n location: sample-location.log\n title: sample-condition\n values:\n allowedValues:\n - projects/allowed-project\n deniedValues:\n - projects/denied-project\n - allowAll: TRUE\n basic:\n type: gcp:organizations:Project\n properties:\n projectId: id\n name: id\n orgId: '123456789'\n```\n\u003c!--End PulumiCodeChooser --\u003e\n### Dry_run_spec\n\u003c!--Start PulumiCodeChooser --\u003e\n```typescript\nimport * as pulumi from \"@pulumi/pulumi\";\nimport * as gcp from \"@pulumi/gcp\";\n\nconst constraint = new gcp.orgpolicy.CustomConstraint(\"constraint\", {\n name: \"custom.disableGkeAutoUpgrade_87786\",\n parent: \"organizations/123456789\",\n displayName: \"Disable GKE auto upgrade\",\n description: \"Only allow GKE NodePool resource to be created or updated if AutoUpgrade is not enabled where this custom constraint is enforced.\",\n actionType: \"ALLOW\",\n condition: \"resource.management.autoUpgrade == false\",\n methodTypes: [\"CREATE\"],\n resourceTypes: [\"container.googleapis.com/NodePool\"],\n});\nconst primary = new gcp.orgpolicy.Policy(\"primary\", {\n name: pulumi.interpolate`organizations/123456789/policies/${constraint.name}`,\n parent: \"organizations/123456789\",\n spec: {\n rules: [{\n enforce: \"FALSE\",\n }],\n },\n dryRunSpec: {\n inheritFromParent: false,\n reset: false,\n rules: [{\n enforce: \"FALSE\",\n }],\n },\n});\n```\n```python\nimport pulumi\nimport pulumi_gcp as gcp\n\nconstraint = gcp.orgpolicy.CustomConstraint(\"constraint\",\n name=\"custom.disableGkeAutoUpgrade_87786\",\n parent=\"organizations/123456789\",\n display_name=\"Disable GKE auto upgrade\",\n description=\"Only allow GKE NodePool resource to be created or updated if AutoUpgrade is not enabled where this custom constraint is enforced.\",\n action_type=\"ALLOW\",\n condition=\"resource.management.autoUpgrade == false\",\n method_types=[\"CREATE\"],\n resource_types=[\"container.googleapis.com/NodePool\"])\nprimary = gcp.orgpolicy.Policy(\"primary\",\n name=constraint.name.apply(lambda name: f\"organizations/123456789/policies/{name}\"),\n parent=\"organizations/123456789\",\n spec=gcp.orgpolicy.PolicySpecArgs(\n rules=[gcp.orgpolicy.PolicySpecRuleArgs(\n enforce=\"FALSE\",\n )],\n ),\n dry_run_spec=gcp.orgpolicy.PolicyDryRunSpecArgs(\n inherit_from_parent=False,\n reset=False,\n rules=[gcp.orgpolicy.PolicyDryRunSpecRuleArgs(\n enforce=\"FALSE\",\n )],\n ))\n```\n```csharp\nusing System.Collections.Generic;\nusing System.Linq;\nusing Pulumi;\nusing Gcp = Pulumi.Gcp;\n\nreturn await Deployment.RunAsync(() =\u003e \n{\n var constraint = new Gcp.OrgPolicy.CustomConstraint(\"constraint\", new()\n {\n Name = \"custom.disableGkeAutoUpgrade_87786\",\n Parent = \"organizations/123456789\",\n DisplayName = \"Disable GKE auto upgrade\",\n Description = \"Only allow GKE NodePool resource to be created or updated if AutoUpgrade is not enabled where this custom constraint is enforced.\",\n ActionType = \"ALLOW\",\n Condition = \"resource.management.autoUpgrade == false\",\n MethodTypes = new[]\n {\n \"CREATE\",\n },\n ResourceTypes = new[]\n {\n \"container.googleapis.com/NodePool\",\n },\n });\n\n var primary = new Gcp.OrgPolicy.Policy(\"primary\", new()\n {\n Name = constraint.Name.Apply(name =\u003e $\"organizations/123456789/policies/{name}\"),\n Parent = \"organizations/123456789\",\n Spec = new Gcp.OrgPolicy.Inputs.PolicySpecArgs\n {\n Rules = new[]\n {\n new Gcp.OrgPolicy.Inputs.PolicySpecRuleArgs\n {\n Enforce = \"FALSE\",\n },\n },\n },\n DryRunSpec = new Gcp.OrgPolicy.Inputs.PolicyDryRunSpecArgs\n {\n InheritFromParent = false,\n Reset = false,\n Rules = new[]\n {\n new Gcp.OrgPolicy.Inputs.PolicyDryRunSpecRuleArgs\n {\n Enforce = \"FALSE\",\n },\n },\n },\n });\n\n});\n```\n```go\npackage main\n\nimport (\n\t\"fmt\"\n\n\t\"github.com/pulumi/pulumi-gcp/sdk/v7/go/gcp/orgpolicy\"\n\t\"github.com/pulumi/pulumi/sdk/v3/go/pulumi\"\n)\n\nfunc main() {\n\tpulumi.Run(func(ctx *pulumi.Context) error {\n\t\tconstraint, err := orgpolicy.NewCustomConstraint(ctx, \"constraint\", \u0026orgpolicy.CustomConstraintArgs{\n\t\t\tName: pulumi.String(\"custom.disableGkeAutoUpgrade_87786\"),\n\t\t\tParent: pulumi.String(\"organizations/123456789\"),\n\t\t\tDisplayName: pulumi.String(\"Disable GKE auto upgrade\"),\n\t\t\tDescription: pulumi.String(\"Only allow GKE NodePool resource to be created or updated if AutoUpgrade is not enabled where this custom constraint is enforced.\"),\n\t\t\tActionType: pulumi.String(\"ALLOW\"),\n\t\t\tCondition: pulumi.String(\"resource.management.autoUpgrade == false\"),\n\t\t\tMethodTypes: pulumi.StringArray{\n\t\t\t\tpulumi.String(\"CREATE\"),\n\t\t\t},\n\t\t\tResourceTypes: pulumi.StringArray{\n\t\t\t\tpulumi.String(\"container.googleapis.com/NodePool\"),\n\t\t\t},\n\t\t})\n\t\tif err != nil {\n\t\t\treturn err\n\t\t}\n\t\t_, err = orgpolicy.NewPolicy(ctx, \"primary\", \u0026orgpolicy.PolicyArgs{\n\t\t\tName: constraint.Name.ApplyT(func(name string) (string, error) {\n\t\t\t\treturn fmt.Sprintf(\"organizations/123456789/policies/%v\", name), nil\n\t\t\t}).(pulumi.StringOutput),\n\t\t\tParent: pulumi.String(\"organizations/123456789\"),\n\t\t\tSpec: \u0026orgpolicy.PolicySpecArgs{\n\t\t\t\tRules: orgpolicy.PolicySpecRuleArray{\n\t\t\t\t\t\u0026orgpolicy.PolicySpecRuleArgs{\n\t\t\t\t\t\tEnforce: pulumi.String(\"FALSE\"),\n\t\t\t\t\t},\n\t\t\t\t},\n\t\t\t},\n\t\t\tDryRunSpec: \u0026orgpolicy.PolicyDryRunSpecArgs{\n\t\t\t\tInheritFromParent: pulumi.Bool(false),\n\t\t\t\tReset: pulumi.Bool(false),\n\t\t\t\tRules: orgpolicy.PolicyDryRunSpecRuleArray{\n\t\t\t\t\t\u0026orgpolicy.PolicyDryRunSpecRuleArgs{\n\t\t\t\t\t\tEnforce: pulumi.String(\"FALSE\"),\n\t\t\t\t\t},\n\t\t\t\t},\n\t\t\t},\n\t\t})\n\t\tif err != nil {\n\t\t\treturn err\n\t\t}\n\t\treturn nil\n\t})\n}\n```\n```java\npackage generated_program;\n\nimport com.pulumi.Context;\nimport com.pulumi.Pulumi;\nimport com.pulumi.core.Output;\nimport com.pulumi.gcp.orgpolicy.CustomConstraint;\nimport com.pulumi.gcp.orgpolicy.CustomConstraintArgs;\nimport com.pulumi.gcp.orgpolicy.Policy;\nimport com.pulumi.gcp.orgpolicy.PolicyArgs;\nimport com.pulumi.gcp.orgpolicy.inputs.PolicySpecArgs;\nimport com.pulumi.gcp.orgpolicy.inputs.PolicyDryRunSpecArgs;\nimport java.util.List;\nimport java.util.ArrayList;\nimport java.util.Map;\nimport java.io.File;\nimport java.nio.file.Files;\nimport java.nio.file.Paths;\n\npublic class App {\n public static void main(String[] args) {\n Pulumi.run(App::stack);\n }\n\n public static void stack(Context ctx) {\n var constraint = new CustomConstraint(\"constraint\", CustomConstraintArgs.builder()\n .name(\"custom.disableGkeAutoUpgrade_87786\")\n .parent(\"organizations/123456789\")\n .displayName(\"Disable GKE auto upgrade\")\n .description(\"Only allow GKE NodePool resource to be created or updated if AutoUpgrade is not enabled where this custom constraint is enforced.\")\n .actionType(\"ALLOW\")\n .condition(\"resource.management.autoUpgrade == false\")\n .methodTypes(\"CREATE\")\n .resourceTypes(\"container.googleapis.com/NodePool\")\n .build());\n\n var primary = new Policy(\"primary\", PolicyArgs.builder()\n .name(constraint.name().applyValue(name -\u003e String.format(\"organizations/123456789/policies/%s\", name)))\n .parent(\"organizations/123456789\")\n .spec(PolicySpecArgs.builder()\n .rules(PolicySpecRuleArgs.builder()\n .enforce(\"FALSE\")\n .build())\n .build())\n .dryRunSpec(PolicyDryRunSpecArgs.builder()\n .inheritFromParent(false)\n .reset(false)\n .rules(PolicyDryRunSpecRuleArgs.builder()\n .enforce(\"FALSE\")\n .build())\n .build())\n .build());\n\n }\n}\n```\n```yaml\nresources:\n constraint:\n type: gcp:orgpolicy:CustomConstraint\n properties:\n name: custom.disableGkeAutoUpgrade_87786\n parent: organizations/123456789\n displayName: Disable GKE auto upgrade\n description: Only allow GKE NodePool resource to be created or updated if AutoUpgrade is not enabled where this custom constraint is enforced.\n actionType: ALLOW\n condition: resource.management.autoUpgrade == false\n methodTypes:\n - CREATE\n resourceTypes:\n - container.googleapis.com/NodePool\n primary:\n type: gcp:orgpolicy:Policy\n properties:\n name: organizations/123456789/policies/${constraint.name}\n parent: organizations/123456789\n spec:\n rules:\n - enforce: FALSE\n dryRunSpec:\n inheritFromParent: false\n reset: false\n rules:\n - enforce: FALSE\n```\n\u003c!--End PulumiCodeChooser --\u003e\n\n## Import\n\nPolicy can be imported using any of these accepted formats:\n* `{{parent}}/policies/{{name}}`\n\nWhen using the `pulumi import` command, Policy can be imported using one of the formats above. For example:\n\n```sh\n$ pulumi import gcp:orgpolicy/policy:Policy default {{parent}}/policies/{{name}}\n```\n", + "description": "An organization policy gives you programmatic control over your organization's cloud resources. Using Organization Policies, you will be able to configure constraints across your entire resource hierarchy.\n\nFor more information, see:\n* [Understanding Org Policy concepts](https://cloud.google.com/resource-manager/docs/organization-policy/overview)\n* [The resource hierarchy](https://cloud.google.com/resource-manager/docs/cloud-platform-resource-hierarchy)\n* [All valid constraints](https://cloud.google.com/resource-manager/docs/organization-policy/org-policy-constraints)\n## Example Usage\n\n### Enforce_policy\nA test of an enforce orgpolicy policy for a project\n\u003c!--Start PulumiCodeChooser --\u003e\n```typescript\nimport * as pulumi from \"@pulumi/pulumi\";\nimport * as gcp from \"@pulumi/gcp\";\n\nconst basic = new gcp.organizations.Project(\"basic\", {\n projectId: \"id\",\n name: \"id\",\n orgId: \"123456789\",\n});\nconst primary = new gcp.orgpolicy.Policy(\"primary\", {\n name: pulumi.interpolate`projects/${basic.name}/policies/iam.disableServiceAccountKeyUpload`,\n parent: pulumi.interpolate`projects/${basic.name}`,\n spec: {\n rules: [{\n enforce: \"FALSE\",\n }],\n },\n});\n```\n```python\nimport pulumi\nimport pulumi_gcp as gcp\n\nbasic = gcp.organizations.Project(\"basic\",\n project_id=\"id\",\n name=\"id\",\n org_id=\"123456789\")\nprimary = gcp.orgpolicy.Policy(\"primary\",\n name=basic.name.apply(lambda name: f\"projects/{name}/policies/iam.disableServiceAccountKeyUpload\"),\n parent=basic.name.apply(lambda name: f\"projects/{name}\"),\n spec=gcp.orgpolicy.PolicySpecArgs(\n rules=[gcp.orgpolicy.PolicySpecRuleArgs(\n enforce=\"FALSE\",\n )],\n ))\n```\n```csharp\nusing System.Collections.Generic;\nusing System.Linq;\nusing Pulumi;\nusing Gcp = Pulumi.Gcp;\n\nreturn await Deployment.RunAsync(() =\u003e \n{\n var basic = new Gcp.Organizations.Project(\"basic\", new()\n {\n ProjectId = \"id\",\n Name = \"id\",\n OrgId = \"123456789\",\n });\n\n var primary = new Gcp.OrgPolicy.Policy(\"primary\", new()\n {\n Name = basic.Name.Apply(name =\u003e $\"projects/{name}/policies/iam.disableServiceAccountKeyUpload\"),\n Parent = basic.Name.Apply(name =\u003e $\"projects/{name}\"),\n Spec = new Gcp.OrgPolicy.Inputs.PolicySpecArgs\n {\n Rules = new[]\n {\n new Gcp.OrgPolicy.Inputs.PolicySpecRuleArgs\n {\n Enforce = \"FALSE\",\n },\n },\n },\n });\n\n});\n```\n```go\npackage main\n\nimport (\n\t\"fmt\"\n\n\t\"github.com/pulumi/pulumi-gcp/sdk/v7/go/gcp/organizations\"\n\t\"github.com/pulumi/pulumi-gcp/sdk/v7/go/gcp/orgpolicy\"\n\t\"github.com/pulumi/pulumi/sdk/v3/go/pulumi\"\n)\n\nfunc main() {\n\tpulumi.Run(func(ctx *pulumi.Context) error {\n\t\tbasic, err := organizations.NewProject(ctx, \"basic\", \u0026organizations.ProjectArgs{\n\t\t\tProjectId: pulumi.String(\"id\"),\n\t\t\tName: pulumi.String(\"id\"),\n\t\t\tOrgId: pulumi.String(\"123456789\"),\n\t\t})\n\t\tif err != nil {\n\t\t\treturn err\n\t\t}\n\t\t_, err = orgpolicy.NewPolicy(ctx, \"primary\", \u0026orgpolicy.PolicyArgs{\n\t\t\tName: basic.Name.ApplyT(func(name string) (string, error) {\n\t\t\t\treturn fmt.Sprintf(\"projects/%v/policies/iam.disableServiceAccountKeyUpload\", name), nil\n\t\t\t}).(pulumi.StringOutput),\n\t\t\tParent: basic.Name.ApplyT(func(name string) (string, error) {\n\t\t\t\treturn fmt.Sprintf(\"projects/%v\", name), nil\n\t\t\t}).(pulumi.StringOutput),\n\t\t\tSpec: \u0026orgpolicy.PolicySpecArgs{\n\t\t\t\tRules: orgpolicy.PolicySpecRuleArray{\n\t\t\t\t\t\u0026orgpolicy.PolicySpecRuleArgs{\n\t\t\t\t\t\tEnforce: pulumi.String(\"FALSE\"),\n\t\t\t\t\t},\n\t\t\t\t},\n\t\t\t},\n\t\t})\n\t\tif err != nil {\n\t\t\treturn err\n\t\t}\n\t\treturn nil\n\t})\n}\n```\n```java\npackage generated_program;\n\nimport com.pulumi.Context;\nimport com.pulumi.Pulumi;\nimport com.pulumi.core.Output;\nimport com.pulumi.gcp.organizations.Project;\nimport com.pulumi.gcp.organizations.ProjectArgs;\nimport com.pulumi.gcp.orgpolicy.Policy;\nimport com.pulumi.gcp.orgpolicy.PolicyArgs;\nimport com.pulumi.gcp.orgpolicy.inputs.PolicySpecArgs;\nimport java.util.List;\nimport java.util.ArrayList;\nimport java.util.Map;\nimport java.io.File;\nimport java.nio.file.Files;\nimport java.nio.file.Paths;\n\npublic class App {\n public static void main(String[] args) {\n Pulumi.run(App::stack);\n }\n\n public static void stack(Context ctx) {\n var basic = new Project(\"basic\", ProjectArgs.builder()\n .projectId(\"id\")\n .name(\"id\")\n .orgId(\"123456789\")\n .build());\n\n var primary = new Policy(\"primary\", PolicyArgs.builder()\n .name(basic.name().applyValue(name -\u003e String.format(\"projects/%s/policies/iam.disableServiceAccountKeyUpload\", name)))\n .parent(basic.name().applyValue(name -\u003e String.format(\"projects/%s\", name)))\n .spec(PolicySpecArgs.builder()\n .rules(PolicySpecRuleArgs.builder()\n .enforce(\"FALSE\")\n .build())\n .build())\n .build());\n\n }\n}\n```\n```yaml\nresources:\n primary:\n type: gcp:orgpolicy:Policy\n properties:\n name: projects/${basic.name}/policies/iam.disableServiceAccountKeyUpload\n parent: projects/${basic.name}\n spec:\n rules:\n - enforce: FALSE\n basic:\n type: gcp:organizations:Project\n properties:\n projectId: id\n name: id\n orgId: '123456789'\n```\n\u003c!--End PulumiCodeChooser --\u003e\n### Folder_policy\nA test of an orgpolicy policy for a folder\n\u003c!--Start PulumiCodeChooser --\u003e\n```typescript\nimport * as pulumi from \"@pulumi/pulumi\";\nimport * as gcp from \"@pulumi/gcp\";\n\nconst basic = new gcp.organizations.Folder(\"basic\", {\n parent: \"organizations/123456789\",\n displayName: \"folder\",\n});\nconst primary = new gcp.orgpolicy.Policy(\"primary\", {\n name: pulumi.interpolate`${basic.name}/policies/gcp.resourceLocations`,\n parent: basic.name,\n spec: {\n inheritFromParent: true,\n rules: [{\n denyAll: \"TRUE\",\n }],\n },\n});\n```\n```python\nimport pulumi\nimport pulumi_gcp as gcp\n\nbasic = gcp.organizations.Folder(\"basic\",\n parent=\"organizations/123456789\",\n display_name=\"folder\")\nprimary = gcp.orgpolicy.Policy(\"primary\",\n name=basic.name.apply(lambda name: f\"{name}/policies/gcp.resourceLocations\"),\n parent=basic.name,\n spec=gcp.orgpolicy.PolicySpecArgs(\n inherit_from_parent=True,\n rules=[gcp.orgpolicy.PolicySpecRuleArgs(\n deny_all=\"TRUE\",\n )],\n ))\n```\n```csharp\nusing System.Collections.Generic;\nusing System.Linq;\nusing Pulumi;\nusing Gcp = Pulumi.Gcp;\n\nreturn await Deployment.RunAsync(() =\u003e \n{\n var basic = new Gcp.Organizations.Folder(\"basic\", new()\n {\n Parent = \"organizations/123456789\",\n DisplayName = \"folder\",\n });\n\n var primary = new Gcp.OrgPolicy.Policy(\"primary\", new()\n {\n Name = basic.Name.Apply(name =\u003e $\"{name}/policies/gcp.resourceLocations\"),\n Parent = basic.Name,\n Spec = new Gcp.OrgPolicy.Inputs.PolicySpecArgs\n {\n InheritFromParent = true,\n Rules = new[]\n {\n new Gcp.OrgPolicy.Inputs.PolicySpecRuleArgs\n {\n DenyAll = \"TRUE\",\n },\n },\n },\n });\n\n});\n```\n```go\npackage main\n\nimport (\n\t\"fmt\"\n\n\t\"github.com/pulumi/pulumi-gcp/sdk/v7/go/gcp/organizations\"\n\t\"github.com/pulumi/pulumi-gcp/sdk/v7/go/gcp/orgpolicy\"\n\t\"github.com/pulumi/pulumi/sdk/v3/go/pulumi\"\n)\n\nfunc main() {\n\tpulumi.Run(func(ctx *pulumi.Context) error {\n\t\tbasic, err := organizations.NewFolder(ctx, \"basic\", \u0026organizations.FolderArgs{\n\t\t\tParent: pulumi.String(\"organizations/123456789\"),\n\t\t\tDisplayName: pulumi.String(\"folder\"),\n\t\t})\n\t\tif err != nil {\n\t\t\treturn err\n\t\t}\n\t\t_, err = orgpolicy.NewPolicy(ctx, \"primary\", \u0026orgpolicy.PolicyArgs{\n\t\t\tName: basic.Name.ApplyT(func(name string) (string, error) {\n\t\t\t\treturn fmt.Sprintf(\"%v/policies/gcp.resourceLocations\", name), nil\n\t\t\t}).(pulumi.StringOutput),\n\t\t\tParent: basic.Name,\n\t\t\tSpec: \u0026orgpolicy.PolicySpecArgs{\n\t\t\t\tInheritFromParent: pulumi.Bool(true),\n\t\t\t\tRules: orgpolicy.PolicySpecRuleArray{\n\t\t\t\t\t\u0026orgpolicy.PolicySpecRuleArgs{\n\t\t\t\t\t\tDenyAll: pulumi.String(\"TRUE\"),\n\t\t\t\t\t},\n\t\t\t\t},\n\t\t\t},\n\t\t})\n\t\tif err != nil {\n\t\t\treturn err\n\t\t}\n\t\treturn nil\n\t})\n}\n```\n```java\npackage generated_program;\n\nimport com.pulumi.Context;\nimport com.pulumi.Pulumi;\nimport com.pulumi.core.Output;\nimport com.pulumi.gcp.organizations.Folder;\nimport com.pulumi.gcp.organizations.FolderArgs;\nimport com.pulumi.gcp.orgpolicy.Policy;\nimport com.pulumi.gcp.orgpolicy.PolicyArgs;\nimport com.pulumi.gcp.orgpolicy.inputs.PolicySpecArgs;\nimport java.util.List;\nimport java.util.ArrayList;\nimport java.util.Map;\nimport java.io.File;\nimport java.nio.file.Files;\nimport java.nio.file.Paths;\n\npublic class App {\n public static void main(String[] args) {\n Pulumi.run(App::stack);\n }\n\n public static void stack(Context ctx) {\n var basic = new Folder(\"basic\", FolderArgs.builder()\n .parent(\"organizations/123456789\")\n .displayName(\"folder\")\n .build());\n\n var primary = new Policy(\"primary\", PolicyArgs.builder()\n .name(basic.name().applyValue(name -\u003e String.format(\"%s/policies/gcp.resourceLocations\", name)))\n .parent(basic.name())\n .spec(PolicySpecArgs.builder()\n .inheritFromParent(true)\n .rules(PolicySpecRuleArgs.builder()\n .denyAll(\"TRUE\")\n .build())\n .build())\n .build());\n\n }\n}\n```\n```yaml\nresources:\n primary:\n type: gcp:orgpolicy:Policy\n properties:\n name: ${basic.name}/policies/gcp.resourceLocations\n parent: ${basic.name}\n spec:\n inheritFromParent: true\n rules:\n - denyAll: TRUE\n basic:\n type: gcp:organizations:Folder\n properties:\n parent: organizations/123456789\n displayName: folder\n```\n\u003c!--End PulumiCodeChooser --\u003e\n### Organization_policy\nA test of an orgpolicy policy for an organization\n\u003c!--Start PulumiCodeChooser --\u003e\n```typescript\nimport * as pulumi from \"@pulumi/pulumi\";\nimport * as gcp from \"@pulumi/gcp\";\n\nconst primary = new gcp.orgpolicy.Policy(\"primary\", {\n name: \"organizations/123456789/policies/gcp.detailedAuditLoggingMode\",\n parent: \"organizations/123456789\",\n spec: {\n reset: true,\n },\n});\n```\n```python\nimport pulumi\nimport pulumi_gcp as gcp\n\nprimary = gcp.orgpolicy.Policy(\"primary\",\n name=\"organizations/123456789/policies/gcp.detailedAuditLoggingMode\",\n parent=\"organizations/123456789\",\n spec=gcp.orgpolicy.PolicySpecArgs(\n reset=True,\n ))\n```\n```csharp\nusing System.Collections.Generic;\nusing System.Linq;\nusing Pulumi;\nusing Gcp = Pulumi.Gcp;\n\nreturn await Deployment.RunAsync(() =\u003e \n{\n var primary = new Gcp.OrgPolicy.Policy(\"primary\", new()\n {\n Name = \"organizations/123456789/policies/gcp.detailedAuditLoggingMode\",\n Parent = \"organizations/123456789\",\n Spec = new Gcp.OrgPolicy.Inputs.PolicySpecArgs\n {\n Reset = true,\n },\n });\n\n});\n```\n```go\npackage main\n\nimport (\n\t\"github.com/pulumi/pulumi-gcp/sdk/v7/go/gcp/orgpolicy\"\n\t\"github.com/pulumi/pulumi/sdk/v3/go/pulumi\"\n)\n\nfunc main() {\n\tpulumi.Run(func(ctx *pulumi.Context) error {\n\t\t_, err := orgpolicy.NewPolicy(ctx, \"primary\", \u0026orgpolicy.PolicyArgs{\n\t\t\tName: pulumi.String(\"organizations/123456789/policies/gcp.detailedAuditLoggingMode\"),\n\t\t\tParent: pulumi.String(\"organizations/123456789\"),\n\t\t\tSpec: \u0026orgpolicy.PolicySpecArgs{\n\t\t\t\tReset: pulumi.Bool(true),\n\t\t\t},\n\t\t})\n\t\tif err != nil {\n\t\t\treturn err\n\t\t}\n\t\treturn nil\n\t})\n}\n```\n```java\npackage generated_program;\n\nimport com.pulumi.Context;\nimport com.pulumi.Pulumi;\nimport com.pulumi.core.Output;\nimport com.pulumi.gcp.orgpolicy.Policy;\nimport com.pulumi.gcp.orgpolicy.PolicyArgs;\nimport com.pulumi.gcp.orgpolicy.inputs.PolicySpecArgs;\nimport java.util.List;\nimport java.util.ArrayList;\nimport java.util.Map;\nimport java.io.File;\nimport java.nio.file.Files;\nimport java.nio.file.Paths;\n\npublic class App {\n public static void main(String[] args) {\n Pulumi.run(App::stack);\n }\n\n public static void stack(Context ctx) {\n var primary = new Policy(\"primary\", PolicyArgs.builder()\n .name(\"organizations/123456789/policies/gcp.detailedAuditLoggingMode\")\n .parent(\"organizations/123456789\")\n .spec(PolicySpecArgs.builder()\n .reset(true)\n .build())\n .build());\n\n }\n}\n```\n```yaml\nresources:\n primary:\n type: gcp:orgpolicy:Policy\n properties:\n name: organizations/123456789/policies/gcp.detailedAuditLoggingMode\n parent: organizations/123456789\n spec:\n reset: true\n```\n\u003c!--End PulumiCodeChooser --\u003e\n### Project_policy\nA test of an orgpolicy policy for a project\n\u003c!--Start PulumiCodeChooser --\u003e\n```typescript\nimport * as pulumi from \"@pulumi/pulumi\";\nimport * as gcp from \"@pulumi/gcp\";\n\nconst basic = new gcp.organizations.Project(\"basic\", {\n projectId: \"id\",\n name: \"id\",\n orgId: \"123456789\",\n});\nconst primary = new gcp.orgpolicy.Policy(\"primary\", {\n name: pulumi.interpolate`projects/${basic.name}/policies/gcp.resourceLocations`,\n parent: pulumi.interpolate`projects/${basic.name}`,\n spec: {\n rules: [\n {\n condition: {\n description: \"A sample condition for the policy\",\n expression: \"resource.matchLabels('labelKeys/123', 'labelValues/345')\",\n location: \"sample-location.log\",\n title: \"sample-condition\",\n },\n values: {\n allowedValues: [\"projects/allowed-project\"],\n deniedValues: [\"projects/denied-project\"],\n },\n },\n {\n allowAll: \"TRUE\",\n },\n ],\n },\n});\n```\n```python\nimport pulumi\nimport pulumi_gcp as gcp\n\nbasic = gcp.organizations.Project(\"basic\",\n project_id=\"id\",\n name=\"id\",\n org_id=\"123456789\")\nprimary = gcp.orgpolicy.Policy(\"primary\",\n name=basic.name.apply(lambda name: f\"projects/{name}/policies/gcp.resourceLocations\"),\n parent=basic.name.apply(lambda name: f\"projects/{name}\"),\n spec=gcp.orgpolicy.PolicySpecArgs(\n rules=[\n gcp.orgpolicy.PolicySpecRuleArgs(\n condition=gcp.orgpolicy.PolicySpecRuleConditionArgs(\n description=\"A sample condition for the policy\",\n expression=\"resource.matchLabels('labelKeys/123', 'labelValues/345')\",\n location=\"sample-location.log\",\n title=\"sample-condition\",\n ),\n values=gcp.orgpolicy.PolicySpecRuleValuesArgs(\n allowed_values=[\"projects/allowed-project\"],\n denied_values=[\"projects/denied-project\"],\n ),\n ),\n gcp.orgpolicy.PolicySpecRuleArgs(\n allow_all=\"TRUE\",\n ),\n ],\n ))\n```\n```csharp\nusing System.Collections.Generic;\nusing System.Linq;\nusing Pulumi;\nusing Gcp = Pulumi.Gcp;\n\nreturn await Deployment.RunAsync(() =\u003e \n{\n var basic = new Gcp.Organizations.Project(\"basic\", new()\n {\n ProjectId = \"id\",\n Name = \"id\",\n OrgId = \"123456789\",\n });\n\n var primary = new Gcp.OrgPolicy.Policy(\"primary\", new()\n {\n Name = basic.Name.Apply(name =\u003e $\"projects/{name}/policies/gcp.resourceLocations\"),\n Parent = basic.Name.Apply(name =\u003e $\"projects/{name}\"),\n Spec = new Gcp.OrgPolicy.Inputs.PolicySpecArgs\n {\n Rules = new[]\n {\n new Gcp.OrgPolicy.Inputs.PolicySpecRuleArgs\n {\n Condition = new Gcp.OrgPolicy.Inputs.PolicySpecRuleConditionArgs\n {\n Description = \"A sample condition for the policy\",\n Expression = \"resource.matchLabels('labelKeys/123', 'labelValues/345')\",\n Location = \"sample-location.log\",\n Title = \"sample-condition\",\n },\n Values = new Gcp.OrgPolicy.Inputs.PolicySpecRuleValuesArgs\n {\n AllowedValues = new[]\n {\n \"projects/allowed-project\",\n },\n DeniedValues = new[]\n {\n \"projects/denied-project\",\n },\n },\n },\n new Gcp.OrgPolicy.Inputs.PolicySpecRuleArgs\n {\n AllowAll = \"TRUE\",\n },\n },\n },\n });\n\n});\n```\n```go\npackage main\n\nimport (\n\t\"fmt\"\n\n\t\"github.com/pulumi/pulumi-gcp/sdk/v7/go/gcp/organizations\"\n\t\"github.com/pulumi/pulumi-gcp/sdk/v7/go/gcp/orgpolicy\"\n\t\"github.com/pulumi/pulumi/sdk/v3/go/pulumi\"\n)\n\nfunc main() {\n\tpulumi.Run(func(ctx *pulumi.Context) error {\n\t\tbasic, err := organizations.NewProject(ctx, \"basic\", \u0026organizations.ProjectArgs{\n\t\t\tProjectId: pulumi.String(\"id\"),\n\t\t\tName: pulumi.String(\"id\"),\n\t\t\tOrgId: pulumi.String(\"123456789\"),\n\t\t})\n\t\tif err != nil {\n\t\t\treturn err\n\t\t}\n\t\t_, err = orgpolicy.NewPolicy(ctx, \"primary\", \u0026orgpolicy.PolicyArgs{\n\t\t\tName: basic.Name.ApplyT(func(name string) (string, error) {\n\t\t\t\treturn fmt.Sprintf(\"projects/%v/policies/gcp.resourceLocations\", name), nil\n\t\t\t}).(pulumi.StringOutput),\n\t\t\tParent: basic.Name.ApplyT(func(name string) (string, error) {\n\t\t\t\treturn fmt.Sprintf(\"projects/%v\", name), nil\n\t\t\t}).(pulumi.StringOutput),\n\t\t\tSpec: \u0026orgpolicy.PolicySpecArgs{\n\t\t\t\tRules: orgpolicy.PolicySpecRuleArray{\n\t\t\t\t\t\u0026orgpolicy.PolicySpecRuleArgs{\n\t\t\t\t\t\tCondition: \u0026orgpolicy.PolicySpecRuleConditionArgs{\n\t\t\t\t\t\t\tDescription: pulumi.String(\"A sample condition for the policy\"),\n\t\t\t\t\t\t\tExpression: pulumi.String(\"resource.matchLabels('labelKeys/123', 'labelValues/345')\"),\n\t\t\t\t\t\t\tLocation: pulumi.String(\"sample-location.log\"),\n\t\t\t\t\t\t\tTitle: pulumi.String(\"sample-condition\"),\n\t\t\t\t\t\t},\n\t\t\t\t\t\tValues: \u0026orgpolicy.PolicySpecRuleValuesArgs{\n\t\t\t\t\t\t\tAllowedValues: pulumi.StringArray{\n\t\t\t\t\t\t\t\tpulumi.String(\"projects/allowed-project\"),\n\t\t\t\t\t\t\t},\n\t\t\t\t\t\t\tDeniedValues: pulumi.StringArray{\n\t\t\t\t\t\t\t\tpulumi.String(\"projects/denied-project\"),\n\t\t\t\t\t\t\t},\n\t\t\t\t\t\t},\n\t\t\t\t\t},\n\t\t\t\t\t\u0026orgpolicy.PolicySpecRuleArgs{\n\t\t\t\t\t\tAllowAll: pulumi.String(\"TRUE\"),\n\t\t\t\t\t},\n\t\t\t\t},\n\t\t\t},\n\t\t})\n\t\tif err != nil {\n\t\t\treturn err\n\t\t}\n\t\treturn nil\n\t})\n}\n```\n```java\npackage generated_program;\n\nimport com.pulumi.Context;\nimport com.pulumi.Pulumi;\nimport com.pulumi.core.Output;\nimport com.pulumi.gcp.organizations.Project;\nimport com.pulumi.gcp.organizations.ProjectArgs;\nimport com.pulumi.gcp.orgpolicy.Policy;\nimport com.pulumi.gcp.orgpolicy.PolicyArgs;\nimport com.pulumi.gcp.orgpolicy.inputs.PolicySpecArgs;\nimport java.util.List;\nimport java.util.ArrayList;\nimport java.util.Map;\nimport java.io.File;\nimport java.nio.file.Files;\nimport java.nio.file.Paths;\n\npublic class App {\n public static void main(String[] args) {\n Pulumi.run(App::stack);\n }\n\n public static void stack(Context ctx) {\n var basic = new Project(\"basic\", ProjectArgs.builder()\n .projectId(\"id\")\n .name(\"id\")\n .orgId(\"123456789\")\n .build());\n\n var primary = new Policy(\"primary\", PolicyArgs.builder()\n .name(basic.name().applyValue(name -\u003e String.format(\"projects/%s/policies/gcp.resourceLocations\", name)))\n .parent(basic.name().applyValue(name -\u003e String.format(\"projects/%s\", name)))\n .spec(PolicySpecArgs.builder()\n .rules( \n PolicySpecRuleArgs.builder()\n .condition(PolicySpecRuleConditionArgs.builder()\n .description(\"A sample condition for the policy\")\n .expression(\"resource.matchLabels('labelKeys/123', 'labelValues/345')\")\n .location(\"sample-location.log\")\n .title(\"sample-condition\")\n .build())\n .values(PolicySpecRuleValuesArgs.builder()\n .allowedValues(\"projects/allowed-project\")\n .deniedValues(\"projects/denied-project\")\n .build())\n .build(),\n PolicySpecRuleArgs.builder()\n .allowAll(\"TRUE\")\n .build())\n .build())\n .build());\n\n }\n}\n```\n```yaml\nresources:\n primary:\n type: gcp:orgpolicy:Policy\n properties:\n name: projects/${basic.name}/policies/gcp.resourceLocations\n parent: projects/${basic.name}\n spec:\n rules:\n - condition:\n description: A sample condition for the policy\n expression: resource.matchLabels('labelKeys/123', 'labelValues/345')\n location: sample-location.log\n title: sample-condition\n values:\n allowedValues:\n - projects/allowed-project\n deniedValues:\n - projects/denied-project\n - allowAll: TRUE\n basic:\n type: gcp:organizations:Project\n properties:\n projectId: id\n name: id\n orgId: '123456789'\n```\n\u003c!--End PulumiCodeChooser --\u003e\n### Dry_run_spec\n\u003c!--Start PulumiCodeChooser --\u003e\n```typescript\nimport * as pulumi from \"@pulumi/pulumi\";\nimport * as gcp from \"@pulumi/gcp\";\n\nconst constraint = new gcp.orgpolicy.CustomConstraint(\"constraint\", {\n name: \"custom.disableGkeAutoUpgrade_2067\",\n parent: \"organizations/123456789\",\n displayName: \"Disable GKE auto upgrade\",\n description: \"Only allow GKE NodePool resource to be created or updated if AutoUpgrade is not enabled where this custom constraint is enforced.\",\n actionType: \"ALLOW\",\n condition: \"resource.management.autoUpgrade == false\",\n methodTypes: [\"CREATE\"],\n resourceTypes: [\"container.googleapis.com/NodePool\"],\n});\nconst primary = new gcp.orgpolicy.Policy(\"primary\", {\n name: pulumi.interpolate`organizations/123456789/policies/${constraint.name}`,\n parent: \"organizations/123456789\",\n spec: {\n rules: [{\n enforce: \"FALSE\",\n }],\n },\n dryRunSpec: {\n inheritFromParent: false,\n reset: false,\n rules: [{\n enforce: \"FALSE\",\n }],\n },\n});\n```\n```python\nimport pulumi\nimport pulumi_gcp as gcp\n\nconstraint = gcp.orgpolicy.CustomConstraint(\"constraint\",\n name=\"custom.disableGkeAutoUpgrade_2067\",\n parent=\"organizations/123456789\",\n display_name=\"Disable GKE auto upgrade\",\n description=\"Only allow GKE NodePool resource to be created or updated if AutoUpgrade is not enabled where this custom constraint is enforced.\",\n action_type=\"ALLOW\",\n condition=\"resource.management.autoUpgrade == false\",\n method_types=[\"CREATE\"],\n resource_types=[\"container.googleapis.com/NodePool\"])\nprimary = gcp.orgpolicy.Policy(\"primary\",\n name=constraint.name.apply(lambda name: f\"organizations/123456789/policies/{name}\"),\n parent=\"organizations/123456789\",\n spec=gcp.orgpolicy.PolicySpecArgs(\n rules=[gcp.orgpolicy.PolicySpecRuleArgs(\n enforce=\"FALSE\",\n )],\n ),\n dry_run_spec=gcp.orgpolicy.PolicyDryRunSpecArgs(\n inherit_from_parent=False,\n reset=False,\n rules=[gcp.orgpolicy.PolicyDryRunSpecRuleArgs(\n enforce=\"FALSE\",\n )],\n ))\n```\n```csharp\nusing System.Collections.Generic;\nusing System.Linq;\nusing Pulumi;\nusing Gcp = Pulumi.Gcp;\n\nreturn await Deployment.RunAsync(() =\u003e \n{\n var constraint = new Gcp.OrgPolicy.CustomConstraint(\"constraint\", new()\n {\n Name = \"custom.disableGkeAutoUpgrade_2067\",\n Parent = \"organizations/123456789\",\n DisplayName = \"Disable GKE auto upgrade\",\n Description = \"Only allow GKE NodePool resource to be created or updated if AutoUpgrade is not enabled where this custom constraint is enforced.\",\n ActionType = \"ALLOW\",\n Condition = \"resource.management.autoUpgrade == false\",\n MethodTypes = new[]\n {\n \"CREATE\",\n },\n ResourceTypes = new[]\n {\n \"container.googleapis.com/NodePool\",\n },\n });\n\n var primary = new Gcp.OrgPolicy.Policy(\"primary\", new()\n {\n Name = constraint.Name.Apply(name =\u003e $\"organizations/123456789/policies/{name}\"),\n Parent = \"organizations/123456789\",\n Spec = new Gcp.OrgPolicy.Inputs.PolicySpecArgs\n {\n Rules = new[]\n {\n new Gcp.OrgPolicy.Inputs.PolicySpecRuleArgs\n {\n Enforce = \"FALSE\",\n },\n },\n },\n DryRunSpec = new Gcp.OrgPolicy.Inputs.PolicyDryRunSpecArgs\n {\n InheritFromParent = false,\n Reset = false,\n Rules = new[]\n {\n new Gcp.OrgPolicy.Inputs.PolicyDryRunSpecRuleArgs\n {\n Enforce = \"FALSE\",\n },\n },\n },\n });\n\n});\n```\n```go\npackage main\n\nimport (\n\t\"fmt\"\n\n\t\"github.com/pulumi/pulumi-gcp/sdk/v7/go/gcp/orgpolicy\"\n\t\"github.com/pulumi/pulumi/sdk/v3/go/pulumi\"\n)\n\nfunc main() {\n\tpulumi.Run(func(ctx *pulumi.Context) error {\n\t\tconstraint, err := orgpolicy.NewCustomConstraint(ctx, \"constraint\", \u0026orgpolicy.CustomConstraintArgs{\n\t\t\tName: pulumi.String(\"custom.disableGkeAutoUpgrade_2067\"),\n\t\t\tParent: pulumi.String(\"organizations/123456789\"),\n\t\t\tDisplayName: pulumi.String(\"Disable GKE auto upgrade\"),\n\t\t\tDescription: pulumi.String(\"Only allow GKE NodePool resource to be created or updated if AutoUpgrade is not enabled where this custom constraint is enforced.\"),\n\t\t\tActionType: pulumi.String(\"ALLOW\"),\n\t\t\tCondition: pulumi.String(\"resource.management.autoUpgrade == false\"),\n\t\t\tMethodTypes: pulumi.StringArray{\n\t\t\t\tpulumi.String(\"CREATE\"),\n\t\t\t},\n\t\t\tResourceTypes: pulumi.StringArray{\n\t\t\t\tpulumi.String(\"container.googleapis.com/NodePool\"),\n\t\t\t},\n\t\t})\n\t\tif err != nil {\n\t\t\treturn err\n\t\t}\n\t\t_, err = orgpolicy.NewPolicy(ctx, \"primary\", \u0026orgpolicy.PolicyArgs{\n\t\t\tName: constraint.Name.ApplyT(func(name string) (string, error) {\n\t\t\t\treturn fmt.Sprintf(\"organizations/123456789/policies/%v\", name), nil\n\t\t\t}).(pulumi.StringOutput),\n\t\t\tParent: pulumi.String(\"organizations/123456789\"),\n\t\t\tSpec: \u0026orgpolicy.PolicySpecArgs{\n\t\t\t\tRules: orgpolicy.PolicySpecRuleArray{\n\t\t\t\t\t\u0026orgpolicy.PolicySpecRuleArgs{\n\t\t\t\t\t\tEnforce: pulumi.String(\"FALSE\"),\n\t\t\t\t\t},\n\t\t\t\t},\n\t\t\t},\n\t\t\tDryRunSpec: \u0026orgpolicy.PolicyDryRunSpecArgs{\n\t\t\t\tInheritFromParent: pulumi.Bool(false),\n\t\t\t\tReset: pulumi.Bool(false),\n\t\t\t\tRules: orgpolicy.PolicyDryRunSpecRuleArray{\n\t\t\t\t\t\u0026orgpolicy.PolicyDryRunSpecRuleArgs{\n\t\t\t\t\t\tEnforce: pulumi.String(\"FALSE\"),\n\t\t\t\t\t},\n\t\t\t\t},\n\t\t\t},\n\t\t})\n\t\tif err != nil {\n\t\t\treturn err\n\t\t}\n\t\treturn nil\n\t})\n}\n```\n```java\npackage generated_program;\n\nimport com.pulumi.Context;\nimport com.pulumi.Pulumi;\nimport com.pulumi.core.Output;\nimport com.pulumi.gcp.orgpolicy.CustomConstraint;\nimport com.pulumi.gcp.orgpolicy.CustomConstraintArgs;\nimport com.pulumi.gcp.orgpolicy.Policy;\nimport com.pulumi.gcp.orgpolicy.PolicyArgs;\nimport com.pulumi.gcp.orgpolicy.inputs.PolicySpecArgs;\nimport com.pulumi.gcp.orgpolicy.inputs.PolicyDryRunSpecArgs;\nimport java.util.List;\nimport java.util.ArrayList;\nimport java.util.Map;\nimport java.io.File;\nimport java.nio.file.Files;\nimport java.nio.file.Paths;\n\npublic class App {\n public static void main(String[] args) {\n Pulumi.run(App::stack);\n }\n\n public static void stack(Context ctx) {\n var constraint = new CustomConstraint(\"constraint\", CustomConstraintArgs.builder()\n .name(\"custom.disableGkeAutoUpgrade_2067\")\n .parent(\"organizations/123456789\")\n .displayName(\"Disable GKE auto upgrade\")\n .description(\"Only allow GKE NodePool resource to be created or updated if AutoUpgrade is not enabled where this custom constraint is enforced.\")\n .actionType(\"ALLOW\")\n .condition(\"resource.management.autoUpgrade == false\")\n .methodTypes(\"CREATE\")\n .resourceTypes(\"container.googleapis.com/NodePool\")\n .build());\n\n var primary = new Policy(\"primary\", PolicyArgs.builder()\n .name(constraint.name().applyValue(name -\u003e String.format(\"organizations/123456789/policies/%s\", name)))\n .parent(\"organizations/123456789\")\n .spec(PolicySpecArgs.builder()\n .rules(PolicySpecRuleArgs.builder()\n .enforce(\"FALSE\")\n .build())\n .build())\n .dryRunSpec(PolicyDryRunSpecArgs.builder()\n .inheritFromParent(false)\n .reset(false)\n .rules(PolicyDryRunSpecRuleArgs.builder()\n .enforce(\"FALSE\")\n .build())\n .build())\n .build());\n\n }\n}\n```\n```yaml\nresources:\n constraint:\n type: gcp:orgpolicy:CustomConstraint\n properties:\n name: custom.disableGkeAutoUpgrade_2067\n parent: organizations/123456789\n displayName: Disable GKE auto upgrade\n description: Only allow GKE NodePool resource to be created or updated if AutoUpgrade is not enabled where this custom constraint is enforced.\n actionType: ALLOW\n condition: resource.management.autoUpgrade == false\n methodTypes:\n - CREATE\n resourceTypes:\n - container.googleapis.com/NodePool\n primary:\n type: gcp:orgpolicy:Policy\n properties:\n name: organizations/123456789/policies/${constraint.name}\n parent: organizations/123456789\n spec:\n rules:\n - enforce: FALSE\n dryRunSpec:\n inheritFromParent: false\n reset: false\n rules:\n - enforce: FALSE\n```\n\u003c!--End PulumiCodeChooser --\u003e\n\n## Import\n\nPolicy can be imported using any of these accepted formats:\n* `{{parent}}/policies/{{name}}`\n\nWhen using the `pulumi import` command, Policy can be imported using one of the formats above. For example:\n\n```sh\n$ pulumi import gcp:orgpolicy/policy:Policy default {{parent}}/policies/{{name}}\n```\n", "properties": { "dryRunSpec": { "$ref": "#/types/gcp:orgpolicy/PolicyDryRunSpec:PolicyDryRunSpec", @@ -220728,7 +223181,7 @@ } }, "gcp:pubsub/subscription:Subscription": { - "description": "A named resource representing the stream of messages from a single,\nspecific topic, to be delivered to the subscribing application.\n\n\nTo get more information about Subscription, see:\n\n* [API documentation](https://cloud.google.com/pubsub/docs/reference/rest/v1/projects.subscriptions)\n* How-to Guides\n * [Managing Subscriptions](https://cloud.google.com/pubsub/docs/admin#managing_subscriptions)\n\n\u003e **Note:** You can retrieve the email of the Google Managed Pub/Sub Service Account used for forwarding\nby using the `gcp.projects.ServiceIdentity` resource.\n\n## Example Usage\n\n### Pubsub Subscription Push\n\n\n\u003c!--Start PulumiCodeChooser --\u003e\n```typescript\nimport * as pulumi from \"@pulumi/pulumi\";\nimport * as gcp from \"@pulumi/gcp\";\n\nconst example = new gcp.pubsub.Topic(\"example\", {name: \"example-topic\"});\nconst exampleSubscription = new gcp.pubsub.Subscription(\"example\", {\n name: \"example-subscription\",\n topic: example.id,\n ackDeadlineSeconds: 20,\n labels: {\n foo: \"bar\",\n },\n pushConfig: {\n pushEndpoint: \"https://example.com/push\",\n attributes: {\n \"x-goog-version\": \"v1\",\n },\n },\n});\n```\n```python\nimport pulumi\nimport pulumi_gcp as gcp\n\nexample = gcp.pubsub.Topic(\"example\", name=\"example-topic\")\nexample_subscription = gcp.pubsub.Subscription(\"example\",\n name=\"example-subscription\",\n topic=example.id,\n ack_deadline_seconds=20,\n labels={\n \"foo\": \"bar\",\n },\n push_config=gcp.pubsub.SubscriptionPushConfigArgs(\n push_endpoint=\"https://example.com/push\",\n attributes={\n \"x-goog-version\": \"v1\",\n },\n ))\n```\n```csharp\nusing System.Collections.Generic;\nusing System.Linq;\nusing Pulumi;\nusing Gcp = Pulumi.Gcp;\n\nreturn await Deployment.RunAsync(() =\u003e \n{\n var example = new Gcp.PubSub.Topic(\"example\", new()\n {\n Name = \"example-topic\",\n });\n\n var exampleSubscription = new Gcp.PubSub.Subscription(\"example\", new()\n {\n Name = \"example-subscription\",\n Topic = example.Id,\n AckDeadlineSeconds = 20,\n Labels = \n {\n { \"foo\", \"bar\" },\n },\n PushConfig = new Gcp.PubSub.Inputs.SubscriptionPushConfigArgs\n {\n PushEndpoint = \"https://example.com/push\",\n Attributes = \n {\n { \"x-goog-version\", \"v1\" },\n },\n },\n });\n\n});\n```\n```go\npackage main\n\nimport (\n\t\"github.com/pulumi/pulumi-gcp/sdk/v7/go/gcp/pubsub\"\n\t\"github.com/pulumi/pulumi/sdk/v3/go/pulumi\"\n)\n\nfunc main() {\n\tpulumi.Run(func(ctx *pulumi.Context) error {\n\t\texample, err := pubsub.NewTopic(ctx, \"example\", \u0026pubsub.TopicArgs{\n\t\t\tName: pulumi.String(\"example-topic\"),\n\t\t})\n\t\tif err != nil {\n\t\t\treturn err\n\t\t}\n\t\t_, err = pubsub.NewSubscription(ctx, \"example\", \u0026pubsub.SubscriptionArgs{\n\t\t\tName: pulumi.String(\"example-subscription\"),\n\t\t\tTopic: example.ID(),\n\t\t\tAckDeadlineSeconds: pulumi.Int(20),\n\t\t\tLabels: pulumi.StringMap{\n\t\t\t\t\"foo\": pulumi.String(\"bar\"),\n\t\t\t},\n\t\t\tPushConfig: \u0026pubsub.SubscriptionPushConfigArgs{\n\t\t\t\tPushEndpoint: pulumi.String(\"https://example.com/push\"),\n\t\t\t\tAttributes: pulumi.StringMap{\n\t\t\t\t\t\"x-goog-version\": pulumi.String(\"v1\"),\n\t\t\t\t},\n\t\t\t},\n\t\t})\n\t\tif err != nil {\n\t\t\treturn err\n\t\t}\n\t\treturn nil\n\t})\n}\n```\n```java\npackage generated_program;\n\nimport com.pulumi.Context;\nimport com.pulumi.Pulumi;\nimport com.pulumi.core.Output;\nimport com.pulumi.gcp.pubsub.Topic;\nimport com.pulumi.gcp.pubsub.TopicArgs;\nimport com.pulumi.gcp.pubsub.Subscription;\nimport com.pulumi.gcp.pubsub.SubscriptionArgs;\nimport com.pulumi.gcp.pubsub.inputs.SubscriptionPushConfigArgs;\nimport java.util.List;\nimport java.util.ArrayList;\nimport java.util.Map;\nimport java.io.File;\nimport java.nio.file.Files;\nimport java.nio.file.Paths;\n\npublic class App {\n public static void main(String[] args) {\n Pulumi.run(App::stack);\n }\n\n public static void stack(Context ctx) {\n var example = new Topic(\"example\", TopicArgs.builder()\n .name(\"example-topic\")\n .build());\n\n var exampleSubscription = new Subscription(\"exampleSubscription\", SubscriptionArgs.builder()\n .name(\"example-subscription\")\n .topic(example.id())\n .ackDeadlineSeconds(20)\n .labels(Map.of(\"foo\", \"bar\"))\n .pushConfig(SubscriptionPushConfigArgs.builder()\n .pushEndpoint(\"https://example.com/push\")\n .attributes(Map.of(\"x-goog-version\", \"v1\"))\n .build())\n .build());\n\n }\n}\n```\n```yaml\nresources:\n example:\n type: gcp:pubsub:Topic\n properties:\n name: example-topic\n exampleSubscription:\n type: gcp:pubsub:Subscription\n name: example\n properties:\n name: example-subscription\n topic: ${example.id}\n ackDeadlineSeconds: 20\n labels:\n foo: bar\n pushConfig:\n pushEndpoint: https://example.com/push\n attributes:\n x-goog-version: v1\n```\n\u003c!--End PulumiCodeChooser --\u003e\n### Pubsub Subscription Pull\n\n\n\u003c!--Start PulumiCodeChooser --\u003e\n```typescript\nimport * as pulumi from \"@pulumi/pulumi\";\nimport * as gcp from \"@pulumi/gcp\";\n\nconst example = new gcp.pubsub.Topic(\"example\", {name: \"example-topic\"});\nconst exampleSubscription = new gcp.pubsub.Subscription(\"example\", {\n name: \"example-subscription\",\n topic: example.id,\n labels: {\n foo: \"bar\",\n },\n messageRetentionDuration: \"1200s\",\n retainAckedMessages: true,\n ackDeadlineSeconds: 20,\n expirationPolicy: {\n ttl: \"300000.5s\",\n },\n retryPolicy: {\n minimumBackoff: \"10s\",\n },\n enableMessageOrdering: false,\n});\n```\n```python\nimport pulumi\nimport pulumi_gcp as gcp\n\nexample = gcp.pubsub.Topic(\"example\", name=\"example-topic\")\nexample_subscription = gcp.pubsub.Subscription(\"example\",\n name=\"example-subscription\",\n topic=example.id,\n labels={\n \"foo\": \"bar\",\n },\n message_retention_duration=\"1200s\",\n retain_acked_messages=True,\n ack_deadline_seconds=20,\n expiration_policy=gcp.pubsub.SubscriptionExpirationPolicyArgs(\n ttl=\"300000.5s\",\n ),\n retry_policy=gcp.pubsub.SubscriptionRetryPolicyArgs(\n minimum_backoff=\"10s\",\n ),\n enable_message_ordering=False)\n```\n```csharp\nusing System.Collections.Generic;\nusing System.Linq;\nusing Pulumi;\nusing Gcp = Pulumi.Gcp;\n\nreturn await Deployment.RunAsync(() =\u003e \n{\n var example = new Gcp.PubSub.Topic(\"example\", new()\n {\n Name = \"example-topic\",\n });\n\n var exampleSubscription = new Gcp.PubSub.Subscription(\"example\", new()\n {\n Name = \"example-subscription\",\n Topic = example.Id,\n Labels = \n {\n { \"foo\", \"bar\" },\n },\n MessageRetentionDuration = \"1200s\",\n RetainAckedMessages = true,\n AckDeadlineSeconds = 20,\n ExpirationPolicy = new Gcp.PubSub.Inputs.SubscriptionExpirationPolicyArgs\n {\n Ttl = \"300000.5s\",\n },\n RetryPolicy = new Gcp.PubSub.Inputs.SubscriptionRetryPolicyArgs\n {\n MinimumBackoff = \"10s\",\n },\n EnableMessageOrdering = false,\n });\n\n});\n```\n```go\npackage main\n\nimport (\n\t\"github.com/pulumi/pulumi-gcp/sdk/v7/go/gcp/pubsub\"\n\t\"github.com/pulumi/pulumi/sdk/v3/go/pulumi\"\n)\n\nfunc main() {\n\tpulumi.Run(func(ctx *pulumi.Context) error {\n\t\texample, err := pubsub.NewTopic(ctx, \"example\", \u0026pubsub.TopicArgs{\n\t\t\tName: pulumi.String(\"example-topic\"),\n\t\t})\n\t\tif err != nil {\n\t\t\treturn err\n\t\t}\n\t\t_, err = pubsub.NewSubscription(ctx, \"example\", \u0026pubsub.SubscriptionArgs{\n\t\t\tName: pulumi.String(\"example-subscription\"),\n\t\t\tTopic: example.ID(),\n\t\t\tLabels: pulumi.StringMap{\n\t\t\t\t\"foo\": pulumi.String(\"bar\"),\n\t\t\t},\n\t\t\tMessageRetentionDuration: pulumi.String(\"1200s\"),\n\t\t\tRetainAckedMessages: pulumi.Bool(true),\n\t\t\tAckDeadlineSeconds: pulumi.Int(20),\n\t\t\tExpirationPolicy: \u0026pubsub.SubscriptionExpirationPolicyArgs{\n\t\t\t\tTtl: pulumi.String(\"300000.5s\"),\n\t\t\t},\n\t\t\tRetryPolicy: \u0026pubsub.SubscriptionRetryPolicyArgs{\n\t\t\t\tMinimumBackoff: pulumi.String(\"10s\"),\n\t\t\t},\n\t\t\tEnableMessageOrdering: pulumi.Bool(false),\n\t\t})\n\t\tif err != nil {\n\t\t\treturn err\n\t\t}\n\t\treturn nil\n\t})\n}\n```\n```java\npackage generated_program;\n\nimport com.pulumi.Context;\nimport com.pulumi.Pulumi;\nimport com.pulumi.core.Output;\nimport com.pulumi.gcp.pubsub.Topic;\nimport com.pulumi.gcp.pubsub.TopicArgs;\nimport com.pulumi.gcp.pubsub.Subscription;\nimport com.pulumi.gcp.pubsub.SubscriptionArgs;\nimport com.pulumi.gcp.pubsub.inputs.SubscriptionExpirationPolicyArgs;\nimport com.pulumi.gcp.pubsub.inputs.SubscriptionRetryPolicyArgs;\nimport java.util.List;\nimport java.util.ArrayList;\nimport java.util.Map;\nimport java.io.File;\nimport java.nio.file.Files;\nimport java.nio.file.Paths;\n\npublic class App {\n public static void main(String[] args) {\n Pulumi.run(App::stack);\n }\n\n public static void stack(Context ctx) {\n var example = new Topic(\"example\", TopicArgs.builder()\n .name(\"example-topic\")\n .build());\n\n var exampleSubscription = new Subscription(\"exampleSubscription\", SubscriptionArgs.builder()\n .name(\"example-subscription\")\n .topic(example.id())\n .labels(Map.of(\"foo\", \"bar\"))\n .messageRetentionDuration(\"1200s\")\n .retainAckedMessages(true)\n .ackDeadlineSeconds(20)\n .expirationPolicy(SubscriptionExpirationPolicyArgs.builder()\n .ttl(\"300000.5s\")\n .build())\n .retryPolicy(SubscriptionRetryPolicyArgs.builder()\n .minimumBackoff(\"10s\")\n .build())\n .enableMessageOrdering(false)\n .build());\n\n }\n}\n```\n```yaml\nresources:\n example:\n type: gcp:pubsub:Topic\n properties:\n name: example-topic\n exampleSubscription:\n type: gcp:pubsub:Subscription\n name: example\n properties:\n name: example-subscription\n topic: ${example.id}\n labels:\n foo: bar\n messageRetentionDuration: 1200s\n retainAckedMessages: true\n ackDeadlineSeconds: 20\n expirationPolicy:\n ttl: 300000.5s\n retryPolicy:\n minimumBackoff: 10s\n enableMessageOrdering: false\n```\n\u003c!--End PulumiCodeChooser --\u003e\n### Pubsub Subscription Dead Letter\n\n\n\u003c!--Start PulumiCodeChooser --\u003e\n```typescript\nimport * as pulumi from \"@pulumi/pulumi\";\nimport * as gcp from \"@pulumi/gcp\";\n\nconst example = new gcp.pubsub.Topic(\"example\", {name: \"example-topic\"});\nconst exampleDeadLetter = new gcp.pubsub.Topic(\"example_dead_letter\", {name: \"example-topic-dead-letter\"});\nconst exampleSubscription = new gcp.pubsub.Subscription(\"example\", {\n name: \"example-subscription\",\n topic: example.id,\n deadLetterPolicy: {\n deadLetterTopic: exampleDeadLetter.id,\n maxDeliveryAttempts: 10,\n },\n});\n```\n```python\nimport pulumi\nimport pulumi_gcp as gcp\n\nexample = gcp.pubsub.Topic(\"example\", name=\"example-topic\")\nexample_dead_letter = gcp.pubsub.Topic(\"example_dead_letter\", name=\"example-topic-dead-letter\")\nexample_subscription = gcp.pubsub.Subscription(\"example\",\n name=\"example-subscription\",\n topic=example.id,\n dead_letter_policy=gcp.pubsub.SubscriptionDeadLetterPolicyArgs(\n dead_letter_topic=example_dead_letter.id,\n max_delivery_attempts=10,\n ))\n```\n```csharp\nusing System.Collections.Generic;\nusing System.Linq;\nusing Pulumi;\nusing Gcp = Pulumi.Gcp;\n\nreturn await Deployment.RunAsync(() =\u003e \n{\n var example = new Gcp.PubSub.Topic(\"example\", new()\n {\n Name = \"example-topic\",\n });\n\n var exampleDeadLetter = new Gcp.PubSub.Topic(\"example_dead_letter\", new()\n {\n Name = \"example-topic-dead-letter\",\n });\n\n var exampleSubscription = new Gcp.PubSub.Subscription(\"example\", new()\n {\n Name = \"example-subscription\",\n Topic = example.Id,\n DeadLetterPolicy = new Gcp.PubSub.Inputs.SubscriptionDeadLetterPolicyArgs\n {\n DeadLetterTopic = exampleDeadLetter.Id,\n MaxDeliveryAttempts = 10,\n },\n });\n\n});\n```\n```go\npackage main\n\nimport (\n\t\"github.com/pulumi/pulumi-gcp/sdk/v7/go/gcp/pubsub\"\n\t\"github.com/pulumi/pulumi/sdk/v3/go/pulumi\"\n)\n\nfunc main() {\n\tpulumi.Run(func(ctx *pulumi.Context) error {\n\t\texample, err := pubsub.NewTopic(ctx, \"example\", \u0026pubsub.TopicArgs{\n\t\t\tName: pulumi.String(\"example-topic\"),\n\t\t})\n\t\tif err != nil {\n\t\t\treturn err\n\t\t}\n\t\texampleDeadLetter, err := pubsub.NewTopic(ctx, \"example_dead_letter\", \u0026pubsub.TopicArgs{\n\t\t\tName: pulumi.String(\"example-topic-dead-letter\"),\n\t\t})\n\t\tif err != nil {\n\t\t\treturn err\n\t\t}\n\t\t_, err = pubsub.NewSubscription(ctx, \"example\", \u0026pubsub.SubscriptionArgs{\n\t\t\tName: pulumi.String(\"example-subscription\"),\n\t\t\tTopic: example.ID(),\n\t\t\tDeadLetterPolicy: \u0026pubsub.SubscriptionDeadLetterPolicyArgs{\n\t\t\t\tDeadLetterTopic: exampleDeadLetter.ID(),\n\t\t\t\tMaxDeliveryAttempts: pulumi.Int(10),\n\t\t\t},\n\t\t})\n\t\tif err != nil {\n\t\t\treturn err\n\t\t}\n\t\treturn nil\n\t})\n}\n```\n```java\npackage generated_program;\n\nimport com.pulumi.Context;\nimport com.pulumi.Pulumi;\nimport com.pulumi.core.Output;\nimport com.pulumi.gcp.pubsub.Topic;\nimport com.pulumi.gcp.pubsub.TopicArgs;\nimport com.pulumi.gcp.pubsub.Subscription;\nimport com.pulumi.gcp.pubsub.SubscriptionArgs;\nimport com.pulumi.gcp.pubsub.inputs.SubscriptionDeadLetterPolicyArgs;\nimport java.util.List;\nimport java.util.ArrayList;\nimport java.util.Map;\nimport java.io.File;\nimport java.nio.file.Files;\nimport java.nio.file.Paths;\n\npublic class App {\n public static void main(String[] args) {\n Pulumi.run(App::stack);\n }\n\n public static void stack(Context ctx) {\n var example = new Topic(\"example\", TopicArgs.builder()\n .name(\"example-topic\")\n .build());\n\n var exampleDeadLetter = new Topic(\"exampleDeadLetter\", TopicArgs.builder()\n .name(\"example-topic-dead-letter\")\n .build());\n\n var exampleSubscription = new Subscription(\"exampleSubscription\", SubscriptionArgs.builder()\n .name(\"example-subscription\")\n .topic(example.id())\n .deadLetterPolicy(SubscriptionDeadLetterPolicyArgs.builder()\n .deadLetterTopic(exampleDeadLetter.id())\n .maxDeliveryAttempts(10)\n .build())\n .build());\n\n }\n}\n```\n```yaml\nresources:\n example:\n type: gcp:pubsub:Topic\n properties:\n name: example-topic\n exampleDeadLetter:\n type: gcp:pubsub:Topic\n name: example_dead_letter\n properties:\n name: example-topic-dead-letter\n exampleSubscription:\n type: gcp:pubsub:Subscription\n name: example\n properties:\n name: example-subscription\n topic: ${example.id}\n deadLetterPolicy:\n deadLetterTopic: ${exampleDeadLetter.id}\n maxDeliveryAttempts: 10\n```\n\u003c!--End PulumiCodeChooser --\u003e\n### Pubsub Subscription Push Bq\n\n\n\u003c!--Start PulumiCodeChooser --\u003e\n```typescript\nimport * as pulumi from \"@pulumi/pulumi\";\nimport * as gcp from \"@pulumi/gcp\";\n\nconst example = new gcp.pubsub.Topic(\"example\", {name: \"example-topic\"});\nconst project = gcp.organizations.getProject({});\nconst viewer = new gcp.projects.IAMMember(\"viewer\", {\n project: project.then(project =\u003e project.projectId),\n role: \"roles/bigquery.metadataViewer\",\n member: project.then(project =\u003e `serviceAccount:service-${project.number}@gcp-sa-pubsub.iam.gserviceaccount.com`),\n});\nconst editor = new gcp.projects.IAMMember(\"editor\", {\n project: project.then(project =\u003e project.projectId),\n role: \"roles/bigquery.dataEditor\",\n member: project.then(project =\u003e `serviceAccount:service-${project.number}@gcp-sa-pubsub.iam.gserviceaccount.com`),\n});\nconst test = new gcp.bigquery.Dataset(\"test\", {datasetId: \"example_dataset\"});\nconst testTable = new gcp.bigquery.Table(\"test\", {\n deletionProtection: false,\n tableId: \"example_table\",\n datasetId: test.datasetId,\n schema: `[\n {\n \"name\": \"data\",\n \"type\": \"STRING\",\n \"mode\": \"NULLABLE\",\n \"description\": \"The data\"\n }\n]\n`,\n});\nconst exampleSubscription = new gcp.pubsub.Subscription(\"example\", {\n name: \"example-subscription\",\n topic: example.id,\n bigqueryConfig: {\n table: pulumi.interpolate`${testTable.project}.${testTable.datasetId}.${testTable.tableId}`,\n },\n}, {\n dependsOn: [\n viewer,\n editor,\n ],\n});\n```\n```python\nimport pulumi\nimport pulumi_gcp as gcp\n\nexample = gcp.pubsub.Topic(\"example\", name=\"example-topic\")\nproject = gcp.organizations.get_project()\nviewer = gcp.projects.IAMMember(\"viewer\",\n project=project.project_id,\n role=\"roles/bigquery.metadataViewer\",\n member=f\"serviceAccount:service-{project.number}@gcp-sa-pubsub.iam.gserviceaccount.com\")\neditor = gcp.projects.IAMMember(\"editor\",\n project=project.project_id,\n role=\"roles/bigquery.dataEditor\",\n member=f\"serviceAccount:service-{project.number}@gcp-sa-pubsub.iam.gserviceaccount.com\")\ntest = gcp.bigquery.Dataset(\"test\", dataset_id=\"example_dataset\")\ntest_table = gcp.bigquery.Table(\"test\",\n deletion_protection=False,\n table_id=\"example_table\",\n dataset_id=test.dataset_id,\n schema=\"\"\"[\n {\n \"name\": \"data\",\n \"type\": \"STRING\",\n \"mode\": \"NULLABLE\",\n \"description\": \"The data\"\n }\n]\n\"\"\")\nexample_subscription = gcp.pubsub.Subscription(\"example\",\n name=\"example-subscription\",\n topic=example.id,\n bigquery_config=gcp.pubsub.SubscriptionBigqueryConfigArgs(\n table=pulumi.Output.all(test_table.project, test_table.dataset_id, test_table.table_id).apply(lambda project, dataset_id, table_id: f\"{project}.{dataset_id}.{table_id}\"),\n ),\n opts=pulumi.ResourceOptions(depends_on=[\n viewer,\n editor,\n ]))\n```\n```csharp\nusing System.Collections.Generic;\nusing System.Linq;\nusing Pulumi;\nusing Gcp = Pulumi.Gcp;\n\nreturn await Deployment.RunAsync(() =\u003e \n{\n var example = new Gcp.PubSub.Topic(\"example\", new()\n {\n Name = \"example-topic\",\n });\n\n var project = Gcp.Organizations.GetProject.Invoke();\n\n var viewer = new Gcp.Projects.IAMMember(\"viewer\", new()\n {\n Project = project.Apply(getProjectResult =\u003e getProjectResult.ProjectId),\n Role = \"roles/bigquery.metadataViewer\",\n Member = $\"serviceAccount:service-{project.Apply(getProjectResult =\u003e getProjectResult.Number)}@gcp-sa-pubsub.iam.gserviceaccount.com\",\n });\n\n var editor = new Gcp.Projects.IAMMember(\"editor\", new()\n {\n Project = project.Apply(getProjectResult =\u003e getProjectResult.ProjectId),\n Role = \"roles/bigquery.dataEditor\",\n Member = $\"serviceAccount:service-{project.Apply(getProjectResult =\u003e getProjectResult.Number)}@gcp-sa-pubsub.iam.gserviceaccount.com\",\n });\n\n var test = new Gcp.BigQuery.Dataset(\"test\", new()\n {\n DatasetId = \"example_dataset\",\n });\n\n var testTable = new Gcp.BigQuery.Table(\"test\", new()\n {\n DeletionProtection = false,\n TableId = \"example_table\",\n DatasetId = test.DatasetId,\n Schema = @\"[\n {\n \"\"name\"\": \"\"data\"\",\n \"\"type\"\": \"\"STRING\"\",\n \"\"mode\"\": \"\"NULLABLE\"\",\n \"\"description\"\": \"\"The data\"\"\n }\n]\n\",\n });\n\n var exampleSubscription = new Gcp.PubSub.Subscription(\"example\", new()\n {\n Name = \"example-subscription\",\n Topic = example.Id,\n BigqueryConfig = new Gcp.PubSub.Inputs.SubscriptionBigqueryConfigArgs\n {\n Table = Output.Tuple(testTable.Project, testTable.DatasetId, testTable.TableId).Apply(values =\u003e\n {\n var project = values.Item1;\n var datasetId = values.Item2;\n var tableId = values.Item3;\n return $\"{project}.{datasetId}.{tableId}\";\n }),\n },\n }, new CustomResourceOptions\n {\n DependsOn =\n {\n viewer,\n editor,\n },\n });\n\n});\n```\n```go\npackage main\n\nimport (\n\t\"fmt\"\n\n\t\"github.com/pulumi/pulumi-gcp/sdk/v7/go/gcp/bigquery\"\n\t\"github.com/pulumi/pulumi-gcp/sdk/v7/go/gcp/organizations\"\n\t\"github.com/pulumi/pulumi-gcp/sdk/v7/go/gcp/projects\"\n\t\"github.com/pulumi/pulumi-gcp/sdk/v7/go/gcp/pubsub\"\n\t\"github.com/pulumi/pulumi/sdk/v3/go/pulumi\"\n)\n\nfunc main() {\n\tpulumi.Run(func(ctx *pulumi.Context) error {\n\t\texample, err := pubsub.NewTopic(ctx, \"example\", \u0026pubsub.TopicArgs{\n\t\t\tName: pulumi.String(\"example-topic\"),\n\t\t})\n\t\tif err != nil {\n\t\t\treturn err\n\t\t}\n\t\tproject, err := organizations.LookupProject(ctx, nil, nil)\n\t\tif err != nil {\n\t\t\treturn err\n\t\t}\n\t\tviewer, err := projects.NewIAMMember(ctx, \"viewer\", \u0026projects.IAMMemberArgs{\n\t\t\tProject: pulumi.String(project.ProjectId),\n\t\t\tRole: pulumi.String(\"roles/bigquery.metadataViewer\"),\n\t\t\tMember: pulumi.String(fmt.Sprintf(\"serviceAccount:service-%v@gcp-sa-pubsub.iam.gserviceaccount.com\", project.Number)),\n\t\t})\n\t\tif err != nil {\n\t\t\treturn err\n\t\t}\n\t\teditor, err := projects.NewIAMMember(ctx, \"editor\", \u0026projects.IAMMemberArgs{\n\t\t\tProject: pulumi.String(project.ProjectId),\n\t\t\tRole: pulumi.String(\"roles/bigquery.dataEditor\"),\n\t\t\tMember: pulumi.String(fmt.Sprintf(\"serviceAccount:service-%v@gcp-sa-pubsub.iam.gserviceaccount.com\", project.Number)),\n\t\t})\n\t\tif err != nil {\n\t\t\treturn err\n\t\t}\n\t\ttest, err := bigquery.NewDataset(ctx, \"test\", \u0026bigquery.DatasetArgs{\n\t\t\tDatasetId: pulumi.String(\"example_dataset\"),\n\t\t})\n\t\tif err != nil {\n\t\t\treturn err\n\t\t}\n\t\ttestTable, err := bigquery.NewTable(ctx, \"test\", \u0026bigquery.TableArgs{\n\t\t\tDeletionProtection: pulumi.Bool(false),\n\t\t\tTableId: pulumi.String(\"example_table\"),\n\t\t\tDatasetId: test.DatasetId,\n\t\t\tSchema: pulumi.String(`[\n {\n \"name\": \"data\",\n \"type\": \"STRING\",\n \"mode\": \"NULLABLE\",\n \"description\": \"The data\"\n }\n]\n`),\n\t\t})\n\t\tif err != nil {\n\t\t\treturn err\n\t\t}\n\t\t_, err = pubsub.NewSubscription(ctx, \"example\", \u0026pubsub.SubscriptionArgs{\n\t\t\tName: pulumi.String(\"example-subscription\"),\n\t\t\tTopic: example.ID(),\n\t\t\tBigqueryConfig: \u0026pubsub.SubscriptionBigqueryConfigArgs{\n\t\t\t\tTable: pulumi.All(testTable.Project, testTable.DatasetId, testTable.TableId).ApplyT(func(_args []interface{}) (string, error) {\n\t\t\t\t\tproject := _args[0].(string)\n\t\t\t\t\tdatasetId := _args[1].(string)\n\t\t\t\t\ttableId := _args[2].(string)\n\t\t\t\t\treturn fmt.Sprintf(\"%v.%v.%v\", project, datasetId, tableId), nil\n\t\t\t\t}).(pulumi.StringOutput),\n\t\t\t},\n\t\t}, pulumi.DependsOn([]pulumi.Resource{\n\t\t\tviewer,\n\t\t\teditor,\n\t\t}))\n\t\tif err != nil {\n\t\t\treturn err\n\t\t}\n\t\treturn nil\n\t})\n}\n```\n```java\npackage generated_program;\n\nimport com.pulumi.Context;\nimport com.pulumi.Pulumi;\nimport com.pulumi.core.Output;\nimport com.pulumi.gcp.pubsub.Topic;\nimport com.pulumi.gcp.pubsub.TopicArgs;\nimport com.pulumi.gcp.organizations.OrganizationsFunctions;\nimport com.pulumi.gcp.organizations.inputs.GetProjectArgs;\nimport com.pulumi.gcp.projects.IAMMember;\nimport com.pulumi.gcp.projects.IAMMemberArgs;\nimport com.pulumi.gcp.bigquery.Dataset;\nimport com.pulumi.gcp.bigquery.DatasetArgs;\nimport com.pulumi.gcp.bigquery.Table;\nimport com.pulumi.gcp.bigquery.TableArgs;\nimport com.pulumi.gcp.pubsub.Subscription;\nimport com.pulumi.gcp.pubsub.SubscriptionArgs;\nimport com.pulumi.gcp.pubsub.inputs.SubscriptionBigqueryConfigArgs;\nimport com.pulumi.resources.CustomResourceOptions;\nimport java.util.List;\nimport java.util.ArrayList;\nimport java.util.Map;\nimport java.io.File;\nimport java.nio.file.Files;\nimport java.nio.file.Paths;\n\npublic class App {\n public static void main(String[] args) {\n Pulumi.run(App::stack);\n }\n\n public static void stack(Context ctx) {\n var example = new Topic(\"example\", TopicArgs.builder()\n .name(\"example-topic\")\n .build());\n\n final var project = OrganizationsFunctions.getProject();\n\n var viewer = new IAMMember(\"viewer\", IAMMemberArgs.builder()\n .project(project.applyValue(getProjectResult -\u003e getProjectResult.projectId()))\n .role(\"roles/bigquery.metadataViewer\")\n .member(String.format(\"serviceAccount:service-%s@gcp-sa-pubsub.iam.gserviceaccount.com\", project.applyValue(getProjectResult -\u003e getProjectResult.number())))\n .build());\n\n var editor = new IAMMember(\"editor\", IAMMemberArgs.builder()\n .project(project.applyValue(getProjectResult -\u003e getProjectResult.projectId()))\n .role(\"roles/bigquery.dataEditor\")\n .member(String.format(\"serviceAccount:service-%s@gcp-sa-pubsub.iam.gserviceaccount.com\", project.applyValue(getProjectResult -\u003e getProjectResult.number())))\n .build());\n\n var test = new Dataset(\"test\", DatasetArgs.builder()\n .datasetId(\"example_dataset\")\n .build());\n\n var testTable = new Table(\"testTable\", TableArgs.builder()\n .deletionProtection(false)\n .tableId(\"example_table\")\n .datasetId(test.datasetId())\n .schema(\"\"\"\n[\n {\n \"name\": \"data\",\n \"type\": \"STRING\",\n \"mode\": \"NULLABLE\",\n \"description\": \"The data\"\n }\n]\n \"\"\")\n .build());\n\n var exampleSubscription = new Subscription(\"exampleSubscription\", SubscriptionArgs.builder()\n .name(\"example-subscription\")\n .topic(example.id())\n .bigqueryConfig(SubscriptionBigqueryConfigArgs.builder()\n .table(Output.tuple(testTable.project(), testTable.datasetId(), testTable.tableId()).applyValue(values -\u003e {\n var project = values.t1;\n var datasetId = values.t2;\n var tableId = values.t3;\n return String.format(\"%s.%s.%s\", project.applyValue(getProjectResult -\u003e getProjectResult),datasetId,tableId);\n }))\n .build())\n .build(), CustomResourceOptions.builder()\n .dependsOn( \n viewer,\n editor)\n .build());\n\n }\n}\n```\n```yaml\nresources:\n example:\n type: gcp:pubsub:Topic\n properties:\n name: example-topic\n exampleSubscription:\n type: gcp:pubsub:Subscription\n name: example\n properties:\n name: example-subscription\n topic: ${example.id}\n bigqueryConfig:\n table: ${testTable.project}.${testTable.datasetId}.${testTable.tableId}\n options:\n dependson:\n - ${viewer}\n - ${editor}\n viewer:\n type: gcp:projects:IAMMember\n properties:\n project: ${project.projectId}\n role: roles/bigquery.metadataViewer\n member: serviceAccount:service-${project.number}@gcp-sa-pubsub.iam.gserviceaccount.com\n editor:\n type: gcp:projects:IAMMember\n properties:\n project: ${project.projectId}\n role: roles/bigquery.dataEditor\n member: serviceAccount:service-${project.number}@gcp-sa-pubsub.iam.gserviceaccount.com\n test:\n type: gcp:bigquery:Dataset\n properties:\n datasetId: example_dataset\n testTable:\n type: gcp:bigquery:Table\n name: test\n properties:\n deletionProtection: false\n tableId: example_table\n datasetId: ${test.datasetId}\n schema: |\n [\n {\n \"name\": \"data\",\n \"type\": \"STRING\",\n \"mode\": \"NULLABLE\",\n \"description\": \"The data\"\n }\n ]\nvariables:\n project:\n fn::invoke:\n Function: gcp:organizations:getProject\n Arguments: {}\n```\n\u003c!--End PulumiCodeChooser --\u003e\n### Pubsub Subscription Push Bq Table Schema\n\n\n\u003c!--Start PulumiCodeChooser --\u003e\n```typescript\nimport * as pulumi from \"@pulumi/pulumi\";\nimport * as gcp from \"@pulumi/gcp\";\n\nconst example = new gcp.pubsub.Topic(\"example\", {name: \"example-topic\"});\nconst project = gcp.organizations.getProject({});\nconst viewer = new gcp.projects.IAMMember(\"viewer\", {\n project: project.then(project =\u003e project.projectId),\n role: \"roles/bigquery.metadataViewer\",\n member: project.then(project =\u003e `serviceAccount:service-${project.number}@gcp-sa-pubsub.iam.gserviceaccount.com`),\n});\nconst editor = new gcp.projects.IAMMember(\"editor\", {\n project: project.then(project =\u003e project.projectId),\n role: \"roles/bigquery.dataEditor\",\n member: project.then(project =\u003e `serviceAccount:service-${project.number}@gcp-sa-pubsub.iam.gserviceaccount.com`),\n});\nconst test = new gcp.bigquery.Dataset(\"test\", {datasetId: \"example_dataset\"});\nconst testTable = new gcp.bigquery.Table(\"test\", {\n deletionProtection: false,\n tableId: \"example_table\",\n datasetId: test.datasetId,\n schema: `[\n {\n \"name\": \"data\",\n \"type\": \"STRING\",\n \"mode\": \"NULLABLE\",\n \"description\": \"The data\"\n }\n]\n`,\n});\nconst exampleSubscription = new gcp.pubsub.Subscription(\"example\", {\n name: \"example-subscription\",\n topic: example.id,\n bigqueryConfig: {\n table: pulumi.interpolate`${testTable.project}.${testTable.datasetId}.${testTable.tableId}`,\n useTableSchema: true,\n },\n}, {\n dependsOn: [\n viewer,\n editor,\n ],\n});\n```\n```python\nimport pulumi\nimport pulumi_gcp as gcp\n\nexample = gcp.pubsub.Topic(\"example\", name=\"example-topic\")\nproject = gcp.organizations.get_project()\nviewer = gcp.projects.IAMMember(\"viewer\",\n project=project.project_id,\n role=\"roles/bigquery.metadataViewer\",\n member=f\"serviceAccount:service-{project.number}@gcp-sa-pubsub.iam.gserviceaccount.com\")\neditor = gcp.projects.IAMMember(\"editor\",\n project=project.project_id,\n role=\"roles/bigquery.dataEditor\",\n member=f\"serviceAccount:service-{project.number}@gcp-sa-pubsub.iam.gserviceaccount.com\")\ntest = gcp.bigquery.Dataset(\"test\", dataset_id=\"example_dataset\")\ntest_table = gcp.bigquery.Table(\"test\",\n deletion_protection=False,\n table_id=\"example_table\",\n dataset_id=test.dataset_id,\n schema=\"\"\"[\n {\n \"name\": \"data\",\n \"type\": \"STRING\",\n \"mode\": \"NULLABLE\",\n \"description\": \"The data\"\n }\n]\n\"\"\")\nexample_subscription = gcp.pubsub.Subscription(\"example\",\n name=\"example-subscription\",\n topic=example.id,\n bigquery_config=gcp.pubsub.SubscriptionBigqueryConfigArgs(\n table=pulumi.Output.all(test_table.project, test_table.dataset_id, test_table.table_id).apply(lambda project, dataset_id, table_id: f\"{project}.{dataset_id}.{table_id}\"),\n use_table_schema=True,\n ),\n opts=pulumi.ResourceOptions(depends_on=[\n viewer,\n editor,\n ]))\n```\n```csharp\nusing System.Collections.Generic;\nusing System.Linq;\nusing Pulumi;\nusing Gcp = Pulumi.Gcp;\n\nreturn await Deployment.RunAsync(() =\u003e \n{\n var example = new Gcp.PubSub.Topic(\"example\", new()\n {\n Name = \"example-topic\",\n });\n\n var project = Gcp.Organizations.GetProject.Invoke();\n\n var viewer = new Gcp.Projects.IAMMember(\"viewer\", new()\n {\n Project = project.Apply(getProjectResult =\u003e getProjectResult.ProjectId),\n Role = \"roles/bigquery.metadataViewer\",\n Member = $\"serviceAccount:service-{project.Apply(getProjectResult =\u003e getProjectResult.Number)}@gcp-sa-pubsub.iam.gserviceaccount.com\",\n });\n\n var editor = new Gcp.Projects.IAMMember(\"editor\", new()\n {\n Project = project.Apply(getProjectResult =\u003e getProjectResult.ProjectId),\n Role = \"roles/bigquery.dataEditor\",\n Member = $\"serviceAccount:service-{project.Apply(getProjectResult =\u003e getProjectResult.Number)}@gcp-sa-pubsub.iam.gserviceaccount.com\",\n });\n\n var test = new Gcp.BigQuery.Dataset(\"test\", new()\n {\n DatasetId = \"example_dataset\",\n });\n\n var testTable = new Gcp.BigQuery.Table(\"test\", new()\n {\n DeletionProtection = false,\n TableId = \"example_table\",\n DatasetId = test.DatasetId,\n Schema = @\"[\n {\n \"\"name\"\": \"\"data\"\",\n \"\"type\"\": \"\"STRING\"\",\n \"\"mode\"\": \"\"NULLABLE\"\",\n \"\"description\"\": \"\"The data\"\"\n }\n]\n\",\n });\n\n var exampleSubscription = new Gcp.PubSub.Subscription(\"example\", new()\n {\n Name = \"example-subscription\",\n Topic = example.Id,\n BigqueryConfig = new Gcp.PubSub.Inputs.SubscriptionBigqueryConfigArgs\n {\n Table = Output.Tuple(testTable.Project, testTable.DatasetId, testTable.TableId).Apply(values =\u003e\n {\n var project = values.Item1;\n var datasetId = values.Item2;\n var tableId = values.Item3;\n return $\"{project}.{datasetId}.{tableId}\";\n }),\n UseTableSchema = true,\n },\n }, new CustomResourceOptions\n {\n DependsOn =\n {\n viewer,\n editor,\n },\n });\n\n});\n```\n```go\npackage main\n\nimport (\n\t\"fmt\"\n\n\t\"github.com/pulumi/pulumi-gcp/sdk/v7/go/gcp/bigquery\"\n\t\"github.com/pulumi/pulumi-gcp/sdk/v7/go/gcp/organizations\"\n\t\"github.com/pulumi/pulumi-gcp/sdk/v7/go/gcp/projects\"\n\t\"github.com/pulumi/pulumi-gcp/sdk/v7/go/gcp/pubsub\"\n\t\"github.com/pulumi/pulumi/sdk/v3/go/pulumi\"\n)\n\nfunc main() {\n\tpulumi.Run(func(ctx *pulumi.Context) error {\n\t\texample, err := pubsub.NewTopic(ctx, \"example\", \u0026pubsub.TopicArgs{\n\t\t\tName: pulumi.String(\"example-topic\"),\n\t\t})\n\t\tif err != nil {\n\t\t\treturn err\n\t\t}\n\t\tproject, err := organizations.LookupProject(ctx, nil, nil)\n\t\tif err != nil {\n\t\t\treturn err\n\t\t}\n\t\tviewer, err := projects.NewIAMMember(ctx, \"viewer\", \u0026projects.IAMMemberArgs{\n\t\t\tProject: pulumi.String(project.ProjectId),\n\t\t\tRole: pulumi.String(\"roles/bigquery.metadataViewer\"),\n\t\t\tMember: pulumi.String(fmt.Sprintf(\"serviceAccount:service-%v@gcp-sa-pubsub.iam.gserviceaccount.com\", project.Number)),\n\t\t})\n\t\tif err != nil {\n\t\t\treturn err\n\t\t}\n\t\teditor, err := projects.NewIAMMember(ctx, \"editor\", \u0026projects.IAMMemberArgs{\n\t\t\tProject: pulumi.String(project.ProjectId),\n\t\t\tRole: pulumi.String(\"roles/bigquery.dataEditor\"),\n\t\t\tMember: pulumi.String(fmt.Sprintf(\"serviceAccount:service-%v@gcp-sa-pubsub.iam.gserviceaccount.com\", project.Number)),\n\t\t})\n\t\tif err != nil {\n\t\t\treturn err\n\t\t}\n\t\ttest, err := bigquery.NewDataset(ctx, \"test\", \u0026bigquery.DatasetArgs{\n\t\t\tDatasetId: pulumi.String(\"example_dataset\"),\n\t\t})\n\t\tif err != nil {\n\t\t\treturn err\n\t\t}\n\t\ttestTable, err := bigquery.NewTable(ctx, \"test\", \u0026bigquery.TableArgs{\n\t\t\tDeletionProtection: pulumi.Bool(false),\n\t\t\tTableId: pulumi.String(\"example_table\"),\n\t\t\tDatasetId: test.DatasetId,\n\t\t\tSchema: pulumi.String(`[\n {\n \"name\": \"data\",\n \"type\": \"STRING\",\n \"mode\": \"NULLABLE\",\n \"description\": \"The data\"\n }\n]\n`),\n\t\t})\n\t\tif err != nil {\n\t\t\treturn err\n\t\t}\n\t\t_, err = pubsub.NewSubscription(ctx, \"example\", \u0026pubsub.SubscriptionArgs{\n\t\t\tName: pulumi.String(\"example-subscription\"),\n\t\t\tTopic: example.ID(),\n\t\t\tBigqueryConfig: \u0026pubsub.SubscriptionBigqueryConfigArgs{\n\t\t\t\tTable: pulumi.All(testTable.Project, testTable.DatasetId, testTable.TableId).ApplyT(func(_args []interface{}) (string, error) {\n\t\t\t\t\tproject := _args[0].(string)\n\t\t\t\t\tdatasetId := _args[1].(string)\n\t\t\t\t\ttableId := _args[2].(string)\n\t\t\t\t\treturn fmt.Sprintf(\"%v.%v.%v\", project, datasetId, tableId), nil\n\t\t\t\t}).(pulumi.StringOutput),\n\t\t\t\tUseTableSchema: pulumi.Bool(true),\n\t\t\t},\n\t\t}, pulumi.DependsOn([]pulumi.Resource{\n\t\t\tviewer,\n\t\t\teditor,\n\t\t}))\n\t\tif err != nil {\n\t\t\treturn err\n\t\t}\n\t\treturn nil\n\t})\n}\n```\n```java\npackage generated_program;\n\nimport com.pulumi.Context;\nimport com.pulumi.Pulumi;\nimport com.pulumi.core.Output;\nimport com.pulumi.gcp.pubsub.Topic;\nimport com.pulumi.gcp.pubsub.TopicArgs;\nimport com.pulumi.gcp.organizations.OrganizationsFunctions;\nimport com.pulumi.gcp.organizations.inputs.GetProjectArgs;\nimport com.pulumi.gcp.projects.IAMMember;\nimport com.pulumi.gcp.projects.IAMMemberArgs;\nimport com.pulumi.gcp.bigquery.Dataset;\nimport com.pulumi.gcp.bigquery.DatasetArgs;\nimport com.pulumi.gcp.bigquery.Table;\nimport com.pulumi.gcp.bigquery.TableArgs;\nimport com.pulumi.gcp.pubsub.Subscription;\nimport com.pulumi.gcp.pubsub.SubscriptionArgs;\nimport com.pulumi.gcp.pubsub.inputs.SubscriptionBigqueryConfigArgs;\nimport com.pulumi.resources.CustomResourceOptions;\nimport java.util.List;\nimport java.util.ArrayList;\nimport java.util.Map;\nimport java.io.File;\nimport java.nio.file.Files;\nimport java.nio.file.Paths;\n\npublic class App {\n public static void main(String[] args) {\n Pulumi.run(App::stack);\n }\n\n public static void stack(Context ctx) {\n var example = new Topic(\"example\", TopicArgs.builder()\n .name(\"example-topic\")\n .build());\n\n final var project = OrganizationsFunctions.getProject();\n\n var viewer = new IAMMember(\"viewer\", IAMMemberArgs.builder()\n .project(project.applyValue(getProjectResult -\u003e getProjectResult.projectId()))\n .role(\"roles/bigquery.metadataViewer\")\n .member(String.format(\"serviceAccount:service-%s@gcp-sa-pubsub.iam.gserviceaccount.com\", project.applyValue(getProjectResult -\u003e getProjectResult.number())))\n .build());\n\n var editor = new IAMMember(\"editor\", IAMMemberArgs.builder()\n .project(project.applyValue(getProjectResult -\u003e getProjectResult.projectId()))\n .role(\"roles/bigquery.dataEditor\")\n .member(String.format(\"serviceAccount:service-%s@gcp-sa-pubsub.iam.gserviceaccount.com\", project.applyValue(getProjectResult -\u003e getProjectResult.number())))\n .build());\n\n var test = new Dataset(\"test\", DatasetArgs.builder()\n .datasetId(\"example_dataset\")\n .build());\n\n var testTable = new Table(\"testTable\", TableArgs.builder()\n .deletionProtection(false)\n .tableId(\"example_table\")\n .datasetId(test.datasetId())\n .schema(\"\"\"\n[\n {\n \"name\": \"data\",\n \"type\": \"STRING\",\n \"mode\": \"NULLABLE\",\n \"description\": \"The data\"\n }\n]\n \"\"\")\n .build());\n\n var exampleSubscription = new Subscription(\"exampleSubscription\", SubscriptionArgs.builder()\n .name(\"example-subscription\")\n .topic(example.id())\n .bigqueryConfig(SubscriptionBigqueryConfigArgs.builder()\n .table(Output.tuple(testTable.project(), testTable.datasetId(), testTable.tableId()).applyValue(values -\u003e {\n var project = values.t1;\n var datasetId = values.t2;\n var tableId = values.t3;\n return String.format(\"%s.%s.%s\", project.applyValue(getProjectResult -\u003e getProjectResult),datasetId,tableId);\n }))\n .useTableSchema(true)\n .build())\n .build(), CustomResourceOptions.builder()\n .dependsOn( \n viewer,\n editor)\n .build());\n\n }\n}\n```\n```yaml\nresources:\n example:\n type: gcp:pubsub:Topic\n properties:\n name: example-topic\n exampleSubscription:\n type: gcp:pubsub:Subscription\n name: example\n properties:\n name: example-subscription\n topic: ${example.id}\n bigqueryConfig:\n table: ${testTable.project}.${testTable.datasetId}.${testTable.tableId}\n useTableSchema: true\n options:\n dependson:\n - ${viewer}\n - ${editor}\n viewer:\n type: gcp:projects:IAMMember\n properties:\n project: ${project.projectId}\n role: roles/bigquery.metadataViewer\n member: serviceAccount:service-${project.number}@gcp-sa-pubsub.iam.gserviceaccount.com\n editor:\n type: gcp:projects:IAMMember\n properties:\n project: ${project.projectId}\n role: roles/bigquery.dataEditor\n member: serviceAccount:service-${project.number}@gcp-sa-pubsub.iam.gserviceaccount.com\n test:\n type: gcp:bigquery:Dataset\n properties:\n datasetId: example_dataset\n testTable:\n type: gcp:bigquery:Table\n name: test\n properties:\n deletionProtection: false\n tableId: example_table\n datasetId: ${test.datasetId}\n schema: |\n [\n {\n \"name\": \"data\",\n \"type\": \"STRING\",\n \"mode\": \"NULLABLE\",\n \"description\": \"The data\"\n }\n ]\nvariables:\n project:\n fn::invoke:\n Function: gcp:organizations:getProject\n Arguments: {}\n```\n\u003c!--End PulumiCodeChooser --\u003e\n### Pubsub Subscription Push Cloudstorage\n\n\n\u003c!--Start PulumiCodeChooser --\u003e\n```typescript\nimport * as pulumi from \"@pulumi/pulumi\";\nimport * as gcp from \"@pulumi/gcp\";\n\nconst example = new gcp.storage.Bucket(\"example\", {\n name: \"example-bucket\",\n location: \"US\",\n uniformBucketLevelAccess: true,\n});\nconst exampleTopic = new gcp.pubsub.Topic(\"example\", {name: \"example-topic\"});\nconst project = gcp.organizations.getProject({});\nconst admin = new gcp.storage.BucketIAMMember(\"admin\", {\n bucket: example.name,\n role: \"roles/storage.admin\",\n member: project.then(project =\u003e `serviceAccount:service-${project.number}@gcp-sa-pubsub.iam.gserviceaccount.com`),\n});\nconst exampleSubscription = new gcp.pubsub.Subscription(\"example\", {\n name: \"example-subscription\",\n topic: exampleTopic.id,\n cloudStorageConfig: {\n bucket: example.name,\n filenamePrefix: \"pre-\",\n filenameSuffix: \"-_2067\",\n maxBytes: 1000,\n maxDuration: \"300s\",\n },\n}, {\n dependsOn: [\n example,\n admin,\n ],\n});\n```\n```python\nimport pulumi\nimport pulumi_gcp as gcp\n\nexample = gcp.storage.Bucket(\"example\",\n name=\"example-bucket\",\n location=\"US\",\n uniform_bucket_level_access=True)\nexample_topic = gcp.pubsub.Topic(\"example\", name=\"example-topic\")\nproject = gcp.organizations.get_project()\nadmin = gcp.storage.BucketIAMMember(\"admin\",\n bucket=example.name,\n role=\"roles/storage.admin\",\n member=f\"serviceAccount:service-{project.number}@gcp-sa-pubsub.iam.gserviceaccount.com\")\nexample_subscription = gcp.pubsub.Subscription(\"example\",\n name=\"example-subscription\",\n topic=example_topic.id,\n cloud_storage_config=gcp.pubsub.SubscriptionCloudStorageConfigArgs(\n bucket=example.name,\n filename_prefix=\"pre-\",\n filename_suffix=\"-_2067\",\n max_bytes=1000,\n max_duration=\"300s\",\n ),\n opts=pulumi.ResourceOptions(depends_on=[\n example,\n admin,\n ]))\n```\n```csharp\nusing System.Collections.Generic;\nusing System.Linq;\nusing Pulumi;\nusing Gcp = Pulumi.Gcp;\n\nreturn await Deployment.RunAsync(() =\u003e \n{\n var example = new Gcp.Storage.Bucket(\"example\", new()\n {\n Name = \"example-bucket\",\n Location = \"US\",\n UniformBucketLevelAccess = true,\n });\n\n var exampleTopic = new Gcp.PubSub.Topic(\"example\", new()\n {\n Name = \"example-topic\",\n });\n\n var project = Gcp.Organizations.GetProject.Invoke();\n\n var admin = new Gcp.Storage.BucketIAMMember(\"admin\", new()\n {\n Bucket = example.Name,\n Role = \"roles/storage.admin\",\n Member = $\"serviceAccount:service-{project.Apply(getProjectResult =\u003e getProjectResult.Number)}@gcp-sa-pubsub.iam.gserviceaccount.com\",\n });\n\n var exampleSubscription = new Gcp.PubSub.Subscription(\"example\", new()\n {\n Name = \"example-subscription\",\n Topic = exampleTopic.Id,\n CloudStorageConfig = new Gcp.PubSub.Inputs.SubscriptionCloudStorageConfigArgs\n {\n Bucket = example.Name,\n FilenamePrefix = \"pre-\",\n FilenameSuffix = \"-_2067\",\n MaxBytes = 1000,\n MaxDuration = \"300s\",\n },\n }, new CustomResourceOptions\n {\n DependsOn =\n {\n example,\n admin,\n },\n });\n\n});\n```\n```go\npackage main\n\nimport (\n\t\"fmt\"\n\n\t\"github.com/pulumi/pulumi-gcp/sdk/v7/go/gcp/organizations\"\n\t\"github.com/pulumi/pulumi-gcp/sdk/v7/go/gcp/pubsub\"\n\t\"github.com/pulumi/pulumi-gcp/sdk/v7/go/gcp/storage\"\n\t\"github.com/pulumi/pulumi/sdk/v3/go/pulumi\"\n)\n\nfunc main() {\n\tpulumi.Run(func(ctx *pulumi.Context) error {\n\t\texample, err := storage.NewBucket(ctx, \"example\", \u0026storage.BucketArgs{\n\t\t\tName: pulumi.String(\"example-bucket\"),\n\t\t\tLocation: pulumi.String(\"US\"),\n\t\t\tUniformBucketLevelAccess: pulumi.Bool(true),\n\t\t})\n\t\tif err != nil {\n\t\t\treturn err\n\t\t}\n\t\texampleTopic, err := pubsub.NewTopic(ctx, \"example\", \u0026pubsub.TopicArgs{\n\t\t\tName: pulumi.String(\"example-topic\"),\n\t\t})\n\t\tif err != nil {\n\t\t\treturn err\n\t\t}\n\t\tproject, err := organizations.LookupProject(ctx, nil, nil)\n\t\tif err != nil {\n\t\t\treturn err\n\t\t}\n\t\tadmin, err := storage.NewBucketIAMMember(ctx, \"admin\", \u0026storage.BucketIAMMemberArgs{\n\t\t\tBucket: example.Name,\n\t\t\tRole: pulumi.String(\"roles/storage.admin\"),\n\t\t\tMember: pulumi.String(fmt.Sprintf(\"serviceAccount:service-%v@gcp-sa-pubsub.iam.gserviceaccount.com\", project.Number)),\n\t\t})\n\t\tif err != nil {\n\t\t\treturn err\n\t\t}\n\t\t_, err = pubsub.NewSubscription(ctx, \"example\", \u0026pubsub.SubscriptionArgs{\n\t\t\tName: pulumi.String(\"example-subscription\"),\n\t\t\tTopic: exampleTopic.ID(),\n\t\t\tCloudStorageConfig: \u0026pubsub.SubscriptionCloudStorageConfigArgs{\n\t\t\t\tBucket: example.Name,\n\t\t\t\tFilenamePrefix: pulumi.String(\"pre-\"),\n\t\t\t\tFilenameSuffix: pulumi.String(\"-_2067\"),\n\t\t\t\tMaxBytes: pulumi.Int(1000),\n\t\t\t\tMaxDuration: pulumi.String(\"300s\"),\n\t\t\t},\n\t\t}, pulumi.DependsOn([]pulumi.Resource{\n\t\t\texample,\n\t\t\tadmin,\n\t\t}))\n\t\tif err != nil {\n\t\t\treturn err\n\t\t}\n\t\treturn nil\n\t})\n}\n```\n```java\npackage generated_program;\n\nimport com.pulumi.Context;\nimport com.pulumi.Pulumi;\nimport com.pulumi.core.Output;\nimport com.pulumi.gcp.storage.Bucket;\nimport com.pulumi.gcp.storage.BucketArgs;\nimport com.pulumi.gcp.pubsub.Topic;\nimport com.pulumi.gcp.pubsub.TopicArgs;\nimport com.pulumi.gcp.organizations.OrganizationsFunctions;\nimport com.pulumi.gcp.organizations.inputs.GetProjectArgs;\nimport com.pulumi.gcp.storage.BucketIAMMember;\nimport com.pulumi.gcp.storage.BucketIAMMemberArgs;\nimport com.pulumi.gcp.pubsub.Subscription;\nimport com.pulumi.gcp.pubsub.SubscriptionArgs;\nimport com.pulumi.gcp.pubsub.inputs.SubscriptionCloudStorageConfigArgs;\nimport com.pulumi.resources.CustomResourceOptions;\nimport java.util.List;\nimport java.util.ArrayList;\nimport java.util.Map;\nimport java.io.File;\nimport java.nio.file.Files;\nimport java.nio.file.Paths;\n\npublic class App {\n public static void main(String[] args) {\n Pulumi.run(App::stack);\n }\n\n public static void stack(Context ctx) {\n var example = new Bucket(\"example\", BucketArgs.builder()\n .name(\"example-bucket\")\n .location(\"US\")\n .uniformBucketLevelAccess(true)\n .build());\n\n var exampleTopic = new Topic(\"exampleTopic\", TopicArgs.builder()\n .name(\"example-topic\")\n .build());\n\n final var project = OrganizationsFunctions.getProject();\n\n var admin = new BucketIAMMember(\"admin\", BucketIAMMemberArgs.builder()\n .bucket(example.name())\n .role(\"roles/storage.admin\")\n .member(String.format(\"serviceAccount:service-%s@gcp-sa-pubsub.iam.gserviceaccount.com\", project.applyValue(getProjectResult -\u003e getProjectResult.number())))\n .build());\n\n var exampleSubscription = new Subscription(\"exampleSubscription\", SubscriptionArgs.builder()\n .name(\"example-subscription\")\n .topic(exampleTopic.id())\n .cloudStorageConfig(SubscriptionCloudStorageConfigArgs.builder()\n .bucket(example.name())\n .filenamePrefix(\"pre-\")\n .filenameSuffix(\"-_2067\")\n .maxBytes(1000)\n .maxDuration(\"300s\")\n .build())\n .build(), CustomResourceOptions.builder()\n .dependsOn( \n example,\n admin)\n .build());\n\n }\n}\n```\n```yaml\nresources:\n example:\n type: gcp:storage:Bucket\n properties:\n name: example-bucket\n location: US\n uniformBucketLevelAccess: true\n exampleTopic:\n type: gcp:pubsub:Topic\n name: example\n properties:\n name: example-topic\n exampleSubscription:\n type: gcp:pubsub:Subscription\n name: example\n properties:\n name: example-subscription\n topic: ${exampleTopic.id}\n cloudStorageConfig:\n bucket: ${example.name}\n filenamePrefix: pre-\n filenameSuffix: -_2067\n maxBytes: 1000\n maxDuration: 300s\n options:\n dependson:\n - ${example}\n - ${admin}\n admin:\n type: gcp:storage:BucketIAMMember\n properties:\n bucket: ${example.name}\n role: roles/storage.admin\n member: serviceAccount:service-${project.number}@gcp-sa-pubsub.iam.gserviceaccount.com\nvariables:\n project:\n fn::invoke:\n Function: gcp:organizations:getProject\n Arguments: {}\n```\n\u003c!--End PulumiCodeChooser --\u003e\n### Pubsub Subscription Push Cloudstorage Avro\n\n\n\u003c!--Start PulumiCodeChooser --\u003e\n```typescript\nimport * as pulumi from \"@pulumi/pulumi\";\nimport * as gcp from \"@pulumi/gcp\";\n\nconst example = new gcp.storage.Bucket(\"example\", {\n name: \"example-bucket\",\n location: \"US\",\n uniformBucketLevelAccess: true,\n});\nconst exampleTopic = new gcp.pubsub.Topic(\"example\", {name: \"example-topic\"});\nconst project = gcp.organizations.getProject({});\nconst admin = new gcp.storage.BucketIAMMember(\"admin\", {\n bucket: example.name,\n role: \"roles/storage.admin\",\n member: project.then(project =\u003e `serviceAccount:service-${project.number}@gcp-sa-pubsub.iam.gserviceaccount.com`),\n});\nconst exampleSubscription = new gcp.pubsub.Subscription(\"example\", {\n name: \"example-subscription\",\n topic: exampleTopic.id,\n cloudStorageConfig: {\n bucket: example.name,\n filenamePrefix: \"pre-\",\n filenameSuffix: \"-_40785\",\n maxBytes: 1000,\n maxDuration: \"300s\",\n avroConfig: {\n writeMetadata: true,\n },\n },\n}, {\n dependsOn: [\n example,\n admin,\n ],\n});\n```\n```python\nimport pulumi\nimport pulumi_gcp as gcp\n\nexample = gcp.storage.Bucket(\"example\",\n name=\"example-bucket\",\n location=\"US\",\n uniform_bucket_level_access=True)\nexample_topic = gcp.pubsub.Topic(\"example\", name=\"example-topic\")\nproject = gcp.organizations.get_project()\nadmin = gcp.storage.BucketIAMMember(\"admin\",\n bucket=example.name,\n role=\"roles/storage.admin\",\n member=f\"serviceAccount:service-{project.number}@gcp-sa-pubsub.iam.gserviceaccount.com\")\nexample_subscription = gcp.pubsub.Subscription(\"example\",\n name=\"example-subscription\",\n topic=example_topic.id,\n cloud_storage_config=gcp.pubsub.SubscriptionCloudStorageConfigArgs(\n bucket=example.name,\n filename_prefix=\"pre-\",\n filename_suffix=\"-_40785\",\n max_bytes=1000,\n max_duration=\"300s\",\n avro_config=gcp.pubsub.SubscriptionCloudStorageConfigAvroConfigArgs(\n write_metadata=True,\n ),\n ),\n opts=pulumi.ResourceOptions(depends_on=[\n example,\n admin,\n ]))\n```\n```csharp\nusing System.Collections.Generic;\nusing System.Linq;\nusing Pulumi;\nusing Gcp = Pulumi.Gcp;\n\nreturn await Deployment.RunAsync(() =\u003e \n{\n var example = new Gcp.Storage.Bucket(\"example\", new()\n {\n Name = \"example-bucket\",\n Location = \"US\",\n UniformBucketLevelAccess = true,\n });\n\n var exampleTopic = new Gcp.PubSub.Topic(\"example\", new()\n {\n Name = \"example-topic\",\n });\n\n var project = Gcp.Organizations.GetProject.Invoke();\n\n var admin = new Gcp.Storage.BucketIAMMember(\"admin\", new()\n {\n Bucket = example.Name,\n Role = \"roles/storage.admin\",\n Member = $\"serviceAccount:service-{project.Apply(getProjectResult =\u003e getProjectResult.Number)}@gcp-sa-pubsub.iam.gserviceaccount.com\",\n });\n\n var exampleSubscription = new Gcp.PubSub.Subscription(\"example\", new()\n {\n Name = \"example-subscription\",\n Topic = exampleTopic.Id,\n CloudStorageConfig = new Gcp.PubSub.Inputs.SubscriptionCloudStorageConfigArgs\n {\n Bucket = example.Name,\n FilenamePrefix = \"pre-\",\n FilenameSuffix = \"-_40785\",\n MaxBytes = 1000,\n MaxDuration = \"300s\",\n AvroConfig = new Gcp.PubSub.Inputs.SubscriptionCloudStorageConfigAvroConfigArgs\n {\n WriteMetadata = true,\n },\n },\n }, new CustomResourceOptions\n {\n DependsOn =\n {\n example,\n admin,\n },\n });\n\n});\n```\n```go\npackage main\n\nimport (\n\t\"fmt\"\n\n\t\"github.com/pulumi/pulumi-gcp/sdk/v7/go/gcp/organizations\"\n\t\"github.com/pulumi/pulumi-gcp/sdk/v7/go/gcp/pubsub\"\n\t\"github.com/pulumi/pulumi-gcp/sdk/v7/go/gcp/storage\"\n\t\"github.com/pulumi/pulumi/sdk/v3/go/pulumi\"\n)\n\nfunc main() {\n\tpulumi.Run(func(ctx *pulumi.Context) error {\n\t\texample, err := storage.NewBucket(ctx, \"example\", \u0026storage.BucketArgs{\n\t\t\tName: pulumi.String(\"example-bucket\"),\n\t\t\tLocation: pulumi.String(\"US\"),\n\t\t\tUniformBucketLevelAccess: pulumi.Bool(true),\n\t\t})\n\t\tif err != nil {\n\t\t\treturn err\n\t\t}\n\t\texampleTopic, err := pubsub.NewTopic(ctx, \"example\", \u0026pubsub.TopicArgs{\n\t\t\tName: pulumi.String(\"example-topic\"),\n\t\t})\n\t\tif err != nil {\n\t\t\treturn err\n\t\t}\n\t\tproject, err := organizations.LookupProject(ctx, nil, nil)\n\t\tif err != nil {\n\t\t\treturn err\n\t\t}\n\t\tadmin, err := storage.NewBucketIAMMember(ctx, \"admin\", \u0026storage.BucketIAMMemberArgs{\n\t\t\tBucket: example.Name,\n\t\t\tRole: pulumi.String(\"roles/storage.admin\"),\n\t\t\tMember: pulumi.String(fmt.Sprintf(\"serviceAccount:service-%v@gcp-sa-pubsub.iam.gserviceaccount.com\", project.Number)),\n\t\t})\n\t\tif err != nil {\n\t\t\treturn err\n\t\t}\n\t\t_, err = pubsub.NewSubscription(ctx, \"example\", \u0026pubsub.SubscriptionArgs{\n\t\t\tName: pulumi.String(\"example-subscription\"),\n\t\t\tTopic: exampleTopic.ID(),\n\t\t\tCloudStorageConfig: \u0026pubsub.SubscriptionCloudStorageConfigArgs{\n\t\t\t\tBucket: example.Name,\n\t\t\t\tFilenamePrefix: pulumi.String(\"pre-\"),\n\t\t\t\tFilenameSuffix: pulumi.String(\"-_40785\"),\n\t\t\t\tMaxBytes: pulumi.Int(1000),\n\t\t\t\tMaxDuration: pulumi.String(\"300s\"),\n\t\t\t\tAvroConfig: \u0026pubsub.SubscriptionCloudStorageConfigAvroConfigArgs{\n\t\t\t\t\tWriteMetadata: pulumi.Bool(true),\n\t\t\t\t},\n\t\t\t},\n\t\t}, pulumi.DependsOn([]pulumi.Resource{\n\t\t\texample,\n\t\t\tadmin,\n\t\t}))\n\t\tif err != nil {\n\t\t\treturn err\n\t\t}\n\t\treturn nil\n\t})\n}\n```\n```java\npackage generated_program;\n\nimport com.pulumi.Context;\nimport com.pulumi.Pulumi;\nimport com.pulumi.core.Output;\nimport com.pulumi.gcp.storage.Bucket;\nimport com.pulumi.gcp.storage.BucketArgs;\nimport com.pulumi.gcp.pubsub.Topic;\nimport com.pulumi.gcp.pubsub.TopicArgs;\nimport com.pulumi.gcp.organizations.OrganizationsFunctions;\nimport com.pulumi.gcp.organizations.inputs.GetProjectArgs;\nimport com.pulumi.gcp.storage.BucketIAMMember;\nimport com.pulumi.gcp.storage.BucketIAMMemberArgs;\nimport com.pulumi.gcp.pubsub.Subscription;\nimport com.pulumi.gcp.pubsub.SubscriptionArgs;\nimport com.pulumi.gcp.pubsub.inputs.SubscriptionCloudStorageConfigArgs;\nimport com.pulumi.gcp.pubsub.inputs.SubscriptionCloudStorageConfigAvroConfigArgs;\nimport com.pulumi.resources.CustomResourceOptions;\nimport java.util.List;\nimport java.util.ArrayList;\nimport java.util.Map;\nimport java.io.File;\nimport java.nio.file.Files;\nimport java.nio.file.Paths;\n\npublic class App {\n public static void main(String[] args) {\n Pulumi.run(App::stack);\n }\n\n public static void stack(Context ctx) {\n var example = new Bucket(\"example\", BucketArgs.builder()\n .name(\"example-bucket\")\n .location(\"US\")\n .uniformBucketLevelAccess(true)\n .build());\n\n var exampleTopic = new Topic(\"exampleTopic\", TopicArgs.builder()\n .name(\"example-topic\")\n .build());\n\n final var project = OrganizationsFunctions.getProject();\n\n var admin = new BucketIAMMember(\"admin\", BucketIAMMemberArgs.builder()\n .bucket(example.name())\n .role(\"roles/storage.admin\")\n .member(String.format(\"serviceAccount:service-%s@gcp-sa-pubsub.iam.gserviceaccount.com\", project.applyValue(getProjectResult -\u003e getProjectResult.number())))\n .build());\n\n var exampleSubscription = new Subscription(\"exampleSubscription\", SubscriptionArgs.builder()\n .name(\"example-subscription\")\n .topic(exampleTopic.id())\n .cloudStorageConfig(SubscriptionCloudStorageConfigArgs.builder()\n .bucket(example.name())\n .filenamePrefix(\"pre-\")\n .filenameSuffix(\"-_40785\")\n .maxBytes(1000)\n .maxDuration(\"300s\")\n .avroConfig(SubscriptionCloudStorageConfigAvroConfigArgs.builder()\n .writeMetadata(true)\n .build())\n .build())\n .build(), CustomResourceOptions.builder()\n .dependsOn( \n example,\n admin)\n .build());\n\n }\n}\n```\n```yaml\nresources:\n example:\n type: gcp:storage:Bucket\n properties:\n name: example-bucket\n location: US\n uniformBucketLevelAccess: true\n exampleTopic:\n type: gcp:pubsub:Topic\n name: example\n properties:\n name: example-topic\n exampleSubscription:\n type: gcp:pubsub:Subscription\n name: example\n properties:\n name: example-subscription\n topic: ${exampleTopic.id}\n cloudStorageConfig:\n bucket: ${example.name}\n filenamePrefix: pre-\n filenameSuffix: -_40785\n maxBytes: 1000\n maxDuration: 300s\n avroConfig:\n writeMetadata: true\n options:\n dependson:\n - ${example}\n - ${admin}\n admin:\n type: gcp:storage:BucketIAMMember\n properties:\n bucket: ${example.name}\n role: roles/storage.admin\n member: serviceAccount:service-${project.number}@gcp-sa-pubsub.iam.gserviceaccount.com\nvariables:\n project:\n fn::invoke:\n Function: gcp:organizations:getProject\n Arguments: {}\n```\n\u003c!--End PulumiCodeChooser --\u003e\n\n## Import\n\nSubscription can be imported using any of these accepted formats:\n\n* `projects/{{project}}/subscriptions/{{name}}`\n\n* `{{project}}/{{name}}`\n\n* `{{name}}`\n\nWhen using the `pulumi import` command, Subscription can be imported using one of the formats above. For example:\n\n```sh\n$ pulumi import gcp:pubsub/subscription:Subscription default projects/{{project}}/subscriptions/{{name}}\n```\n\n```sh\n$ pulumi import gcp:pubsub/subscription:Subscription default {{project}}/{{name}}\n```\n\n```sh\n$ pulumi import gcp:pubsub/subscription:Subscription default {{name}}\n```\n\n", + "description": "A named resource representing the stream of messages from a single,\nspecific topic, to be delivered to the subscribing application.\n\n\nTo get more information about Subscription, see:\n\n* [API documentation](https://cloud.google.com/pubsub/docs/reference/rest/v1/projects.subscriptions)\n* How-to Guides\n * [Managing Subscriptions](https://cloud.google.com/pubsub/docs/admin#managing_subscriptions)\n\n\u003e **Note:** You can retrieve the email of the Google Managed Pub/Sub Service Account used for forwarding\nby using the `gcp.projects.ServiceIdentity` resource.\n\n## Example Usage\n\n### Pubsub Subscription Push\n\n\n\u003c!--Start PulumiCodeChooser --\u003e\n```typescript\nimport * as pulumi from \"@pulumi/pulumi\";\nimport * as gcp from \"@pulumi/gcp\";\n\nconst example = new gcp.pubsub.Topic(\"example\", {name: \"example-topic\"});\nconst exampleSubscription = new gcp.pubsub.Subscription(\"example\", {\n name: \"example-subscription\",\n topic: example.id,\n ackDeadlineSeconds: 20,\n labels: {\n foo: \"bar\",\n },\n pushConfig: {\n pushEndpoint: \"https://example.com/push\",\n attributes: {\n \"x-goog-version\": \"v1\",\n },\n },\n});\n```\n```python\nimport pulumi\nimport pulumi_gcp as gcp\n\nexample = gcp.pubsub.Topic(\"example\", name=\"example-topic\")\nexample_subscription = gcp.pubsub.Subscription(\"example\",\n name=\"example-subscription\",\n topic=example.id,\n ack_deadline_seconds=20,\n labels={\n \"foo\": \"bar\",\n },\n push_config=gcp.pubsub.SubscriptionPushConfigArgs(\n push_endpoint=\"https://example.com/push\",\n attributes={\n \"x-goog-version\": \"v1\",\n },\n ))\n```\n```csharp\nusing System.Collections.Generic;\nusing System.Linq;\nusing Pulumi;\nusing Gcp = Pulumi.Gcp;\n\nreturn await Deployment.RunAsync(() =\u003e \n{\n var example = new Gcp.PubSub.Topic(\"example\", new()\n {\n Name = \"example-topic\",\n });\n\n var exampleSubscription = new Gcp.PubSub.Subscription(\"example\", new()\n {\n Name = \"example-subscription\",\n Topic = example.Id,\n AckDeadlineSeconds = 20,\n Labels = \n {\n { \"foo\", \"bar\" },\n },\n PushConfig = new Gcp.PubSub.Inputs.SubscriptionPushConfigArgs\n {\n PushEndpoint = \"https://example.com/push\",\n Attributes = \n {\n { \"x-goog-version\", \"v1\" },\n },\n },\n });\n\n});\n```\n```go\npackage main\n\nimport (\n\t\"github.com/pulumi/pulumi-gcp/sdk/v7/go/gcp/pubsub\"\n\t\"github.com/pulumi/pulumi/sdk/v3/go/pulumi\"\n)\n\nfunc main() {\n\tpulumi.Run(func(ctx *pulumi.Context) error {\n\t\texample, err := pubsub.NewTopic(ctx, \"example\", \u0026pubsub.TopicArgs{\n\t\t\tName: pulumi.String(\"example-topic\"),\n\t\t})\n\t\tif err != nil {\n\t\t\treturn err\n\t\t}\n\t\t_, err = pubsub.NewSubscription(ctx, \"example\", \u0026pubsub.SubscriptionArgs{\n\t\t\tName: pulumi.String(\"example-subscription\"),\n\t\t\tTopic: example.ID(),\n\t\t\tAckDeadlineSeconds: pulumi.Int(20),\n\t\t\tLabels: pulumi.StringMap{\n\t\t\t\t\"foo\": pulumi.String(\"bar\"),\n\t\t\t},\n\t\t\tPushConfig: \u0026pubsub.SubscriptionPushConfigArgs{\n\t\t\t\tPushEndpoint: pulumi.String(\"https://example.com/push\"),\n\t\t\t\tAttributes: pulumi.StringMap{\n\t\t\t\t\t\"x-goog-version\": pulumi.String(\"v1\"),\n\t\t\t\t},\n\t\t\t},\n\t\t})\n\t\tif err != nil {\n\t\t\treturn err\n\t\t}\n\t\treturn nil\n\t})\n}\n```\n```java\npackage generated_program;\n\nimport com.pulumi.Context;\nimport com.pulumi.Pulumi;\nimport com.pulumi.core.Output;\nimport com.pulumi.gcp.pubsub.Topic;\nimport com.pulumi.gcp.pubsub.TopicArgs;\nimport com.pulumi.gcp.pubsub.Subscription;\nimport com.pulumi.gcp.pubsub.SubscriptionArgs;\nimport com.pulumi.gcp.pubsub.inputs.SubscriptionPushConfigArgs;\nimport java.util.List;\nimport java.util.ArrayList;\nimport java.util.Map;\nimport java.io.File;\nimport java.nio.file.Files;\nimport java.nio.file.Paths;\n\npublic class App {\n public static void main(String[] args) {\n Pulumi.run(App::stack);\n }\n\n public static void stack(Context ctx) {\n var example = new Topic(\"example\", TopicArgs.builder()\n .name(\"example-topic\")\n .build());\n\n var exampleSubscription = new Subscription(\"exampleSubscription\", SubscriptionArgs.builder()\n .name(\"example-subscription\")\n .topic(example.id())\n .ackDeadlineSeconds(20)\n .labels(Map.of(\"foo\", \"bar\"))\n .pushConfig(SubscriptionPushConfigArgs.builder()\n .pushEndpoint(\"https://example.com/push\")\n .attributes(Map.of(\"x-goog-version\", \"v1\"))\n .build())\n .build());\n\n }\n}\n```\n```yaml\nresources:\n example:\n type: gcp:pubsub:Topic\n properties:\n name: example-topic\n exampleSubscription:\n type: gcp:pubsub:Subscription\n name: example\n properties:\n name: example-subscription\n topic: ${example.id}\n ackDeadlineSeconds: 20\n labels:\n foo: bar\n pushConfig:\n pushEndpoint: https://example.com/push\n attributes:\n x-goog-version: v1\n```\n\u003c!--End PulumiCodeChooser --\u003e\n### Pubsub Subscription Pull\n\n\n\u003c!--Start PulumiCodeChooser --\u003e\n```typescript\nimport * as pulumi from \"@pulumi/pulumi\";\nimport * as gcp from \"@pulumi/gcp\";\n\nconst example = new gcp.pubsub.Topic(\"example\", {name: \"example-topic\"});\nconst exampleSubscription = new gcp.pubsub.Subscription(\"example\", {\n name: \"example-subscription\",\n topic: example.id,\n labels: {\n foo: \"bar\",\n },\n messageRetentionDuration: \"1200s\",\n retainAckedMessages: true,\n ackDeadlineSeconds: 20,\n expirationPolicy: {\n ttl: \"300000.5s\",\n },\n retryPolicy: {\n minimumBackoff: \"10s\",\n },\n enableMessageOrdering: false,\n});\n```\n```python\nimport pulumi\nimport pulumi_gcp as gcp\n\nexample = gcp.pubsub.Topic(\"example\", name=\"example-topic\")\nexample_subscription = gcp.pubsub.Subscription(\"example\",\n name=\"example-subscription\",\n topic=example.id,\n labels={\n \"foo\": \"bar\",\n },\n message_retention_duration=\"1200s\",\n retain_acked_messages=True,\n ack_deadline_seconds=20,\n expiration_policy=gcp.pubsub.SubscriptionExpirationPolicyArgs(\n ttl=\"300000.5s\",\n ),\n retry_policy=gcp.pubsub.SubscriptionRetryPolicyArgs(\n minimum_backoff=\"10s\",\n ),\n enable_message_ordering=False)\n```\n```csharp\nusing System.Collections.Generic;\nusing System.Linq;\nusing Pulumi;\nusing Gcp = Pulumi.Gcp;\n\nreturn await Deployment.RunAsync(() =\u003e \n{\n var example = new Gcp.PubSub.Topic(\"example\", new()\n {\n Name = \"example-topic\",\n });\n\n var exampleSubscription = new Gcp.PubSub.Subscription(\"example\", new()\n {\n Name = \"example-subscription\",\n Topic = example.Id,\n Labels = \n {\n { \"foo\", \"bar\" },\n },\n MessageRetentionDuration = \"1200s\",\n RetainAckedMessages = true,\n AckDeadlineSeconds = 20,\n ExpirationPolicy = new Gcp.PubSub.Inputs.SubscriptionExpirationPolicyArgs\n {\n Ttl = \"300000.5s\",\n },\n RetryPolicy = new Gcp.PubSub.Inputs.SubscriptionRetryPolicyArgs\n {\n MinimumBackoff = \"10s\",\n },\n EnableMessageOrdering = false,\n });\n\n});\n```\n```go\npackage main\n\nimport (\n\t\"github.com/pulumi/pulumi-gcp/sdk/v7/go/gcp/pubsub\"\n\t\"github.com/pulumi/pulumi/sdk/v3/go/pulumi\"\n)\n\nfunc main() {\n\tpulumi.Run(func(ctx *pulumi.Context) error {\n\t\texample, err := pubsub.NewTopic(ctx, \"example\", \u0026pubsub.TopicArgs{\n\t\t\tName: pulumi.String(\"example-topic\"),\n\t\t})\n\t\tif err != nil {\n\t\t\treturn err\n\t\t}\n\t\t_, err = pubsub.NewSubscription(ctx, \"example\", \u0026pubsub.SubscriptionArgs{\n\t\t\tName: pulumi.String(\"example-subscription\"),\n\t\t\tTopic: example.ID(),\n\t\t\tLabels: pulumi.StringMap{\n\t\t\t\t\"foo\": pulumi.String(\"bar\"),\n\t\t\t},\n\t\t\tMessageRetentionDuration: pulumi.String(\"1200s\"),\n\t\t\tRetainAckedMessages: pulumi.Bool(true),\n\t\t\tAckDeadlineSeconds: pulumi.Int(20),\n\t\t\tExpirationPolicy: \u0026pubsub.SubscriptionExpirationPolicyArgs{\n\t\t\t\tTtl: pulumi.String(\"300000.5s\"),\n\t\t\t},\n\t\t\tRetryPolicy: \u0026pubsub.SubscriptionRetryPolicyArgs{\n\t\t\t\tMinimumBackoff: pulumi.String(\"10s\"),\n\t\t\t},\n\t\t\tEnableMessageOrdering: pulumi.Bool(false),\n\t\t})\n\t\tif err != nil {\n\t\t\treturn err\n\t\t}\n\t\treturn nil\n\t})\n}\n```\n```java\npackage generated_program;\n\nimport com.pulumi.Context;\nimport com.pulumi.Pulumi;\nimport com.pulumi.core.Output;\nimport com.pulumi.gcp.pubsub.Topic;\nimport com.pulumi.gcp.pubsub.TopicArgs;\nimport com.pulumi.gcp.pubsub.Subscription;\nimport com.pulumi.gcp.pubsub.SubscriptionArgs;\nimport com.pulumi.gcp.pubsub.inputs.SubscriptionExpirationPolicyArgs;\nimport com.pulumi.gcp.pubsub.inputs.SubscriptionRetryPolicyArgs;\nimport java.util.List;\nimport java.util.ArrayList;\nimport java.util.Map;\nimport java.io.File;\nimport java.nio.file.Files;\nimport java.nio.file.Paths;\n\npublic class App {\n public static void main(String[] args) {\n Pulumi.run(App::stack);\n }\n\n public static void stack(Context ctx) {\n var example = new Topic(\"example\", TopicArgs.builder()\n .name(\"example-topic\")\n .build());\n\n var exampleSubscription = new Subscription(\"exampleSubscription\", SubscriptionArgs.builder()\n .name(\"example-subscription\")\n .topic(example.id())\n .labels(Map.of(\"foo\", \"bar\"))\n .messageRetentionDuration(\"1200s\")\n .retainAckedMessages(true)\n .ackDeadlineSeconds(20)\n .expirationPolicy(SubscriptionExpirationPolicyArgs.builder()\n .ttl(\"300000.5s\")\n .build())\n .retryPolicy(SubscriptionRetryPolicyArgs.builder()\n .minimumBackoff(\"10s\")\n .build())\n .enableMessageOrdering(false)\n .build());\n\n }\n}\n```\n```yaml\nresources:\n example:\n type: gcp:pubsub:Topic\n properties:\n name: example-topic\n exampleSubscription:\n type: gcp:pubsub:Subscription\n name: example\n properties:\n name: example-subscription\n topic: ${example.id}\n labels:\n foo: bar\n messageRetentionDuration: 1200s\n retainAckedMessages: true\n ackDeadlineSeconds: 20\n expirationPolicy:\n ttl: 300000.5s\n retryPolicy:\n minimumBackoff: 10s\n enableMessageOrdering: false\n```\n\u003c!--End PulumiCodeChooser --\u003e\n### Pubsub Subscription Dead Letter\n\n\n\u003c!--Start PulumiCodeChooser --\u003e\n```typescript\nimport * as pulumi from \"@pulumi/pulumi\";\nimport * as gcp from \"@pulumi/gcp\";\n\nconst example = new gcp.pubsub.Topic(\"example\", {name: \"example-topic\"});\nconst exampleDeadLetter = new gcp.pubsub.Topic(\"example_dead_letter\", {name: \"example-topic-dead-letter\"});\nconst exampleSubscription = new gcp.pubsub.Subscription(\"example\", {\n name: \"example-subscription\",\n topic: example.id,\n deadLetterPolicy: {\n deadLetterTopic: exampleDeadLetter.id,\n maxDeliveryAttempts: 10,\n },\n});\n```\n```python\nimport pulumi\nimport pulumi_gcp as gcp\n\nexample = gcp.pubsub.Topic(\"example\", name=\"example-topic\")\nexample_dead_letter = gcp.pubsub.Topic(\"example_dead_letter\", name=\"example-topic-dead-letter\")\nexample_subscription = gcp.pubsub.Subscription(\"example\",\n name=\"example-subscription\",\n topic=example.id,\n dead_letter_policy=gcp.pubsub.SubscriptionDeadLetterPolicyArgs(\n dead_letter_topic=example_dead_letter.id,\n max_delivery_attempts=10,\n ))\n```\n```csharp\nusing System.Collections.Generic;\nusing System.Linq;\nusing Pulumi;\nusing Gcp = Pulumi.Gcp;\n\nreturn await Deployment.RunAsync(() =\u003e \n{\n var example = new Gcp.PubSub.Topic(\"example\", new()\n {\n Name = \"example-topic\",\n });\n\n var exampleDeadLetter = new Gcp.PubSub.Topic(\"example_dead_letter\", new()\n {\n Name = \"example-topic-dead-letter\",\n });\n\n var exampleSubscription = new Gcp.PubSub.Subscription(\"example\", new()\n {\n Name = \"example-subscription\",\n Topic = example.Id,\n DeadLetterPolicy = new Gcp.PubSub.Inputs.SubscriptionDeadLetterPolicyArgs\n {\n DeadLetterTopic = exampleDeadLetter.Id,\n MaxDeliveryAttempts = 10,\n },\n });\n\n});\n```\n```go\npackage main\n\nimport (\n\t\"github.com/pulumi/pulumi-gcp/sdk/v7/go/gcp/pubsub\"\n\t\"github.com/pulumi/pulumi/sdk/v3/go/pulumi\"\n)\n\nfunc main() {\n\tpulumi.Run(func(ctx *pulumi.Context) error {\n\t\texample, err := pubsub.NewTopic(ctx, \"example\", \u0026pubsub.TopicArgs{\n\t\t\tName: pulumi.String(\"example-topic\"),\n\t\t})\n\t\tif err != nil {\n\t\t\treturn err\n\t\t}\n\t\texampleDeadLetter, err := pubsub.NewTopic(ctx, \"example_dead_letter\", \u0026pubsub.TopicArgs{\n\t\t\tName: pulumi.String(\"example-topic-dead-letter\"),\n\t\t})\n\t\tif err != nil {\n\t\t\treturn err\n\t\t}\n\t\t_, err = pubsub.NewSubscription(ctx, \"example\", \u0026pubsub.SubscriptionArgs{\n\t\t\tName: pulumi.String(\"example-subscription\"),\n\t\t\tTopic: example.ID(),\n\t\t\tDeadLetterPolicy: \u0026pubsub.SubscriptionDeadLetterPolicyArgs{\n\t\t\t\tDeadLetterTopic: exampleDeadLetter.ID(),\n\t\t\t\tMaxDeliveryAttempts: pulumi.Int(10),\n\t\t\t},\n\t\t})\n\t\tif err != nil {\n\t\t\treturn err\n\t\t}\n\t\treturn nil\n\t})\n}\n```\n```java\npackage generated_program;\n\nimport com.pulumi.Context;\nimport com.pulumi.Pulumi;\nimport com.pulumi.core.Output;\nimport com.pulumi.gcp.pubsub.Topic;\nimport com.pulumi.gcp.pubsub.TopicArgs;\nimport com.pulumi.gcp.pubsub.Subscription;\nimport com.pulumi.gcp.pubsub.SubscriptionArgs;\nimport com.pulumi.gcp.pubsub.inputs.SubscriptionDeadLetterPolicyArgs;\nimport java.util.List;\nimport java.util.ArrayList;\nimport java.util.Map;\nimport java.io.File;\nimport java.nio.file.Files;\nimport java.nio.file.Paths;\n\npublic class App {\n public static void main(String[] args) {\n Pulumi.run(App::stack);\n }\n\n public static void stack(Context ctx) {\n var example = new Topic(\"example\", TopicArgs.builder()\n .name(\"example-topic\")\n .build());\n\n var exampleDeadLetter = new Topic(\"exampleDeadLetter\", TopicArgs.builder()\n .name(\"example-topic-dead-letter\")\n .build());\n\n var exampleSubscription = new Subscription(\"exampleSubscription\", SubscriptionArgs.builder()\n .name(\"example-subscription\")\n .topic(example.id())\n .deadLetterPolicy(SubscriptionDeadLetterPolicyArgs.builder()\n .deadLetterTopic(exampleDeadLetter.id())\n .maxDeliveryAttempts(10)\n .build())\n .build());\n\n }\n}\n```\n```yaml\nresources:\n example:\n type: gcp:pubsub:Topic\n properties:\n name: example-topic\n exampleDeadLetter:\n type: gcp:pubsub:Topic\n name: example_dead_letter\n properties:\n name: example-topic-dead-letter\n exampleSubscription:\n type: gcp:pubsub:Subscription\n name: example\n properties:\n name: example-subscription\n topic: ${example.id}\n deadLetterPolicy:\n deadLetterTopic: ${exampleDeadLetter.id}\n maxDeliveryAttempts: 10\n```\n\u003c!--End PulumiCodeChooser --\u003e\n### Pubsub Subscription Push Bq\n\n\n\u003c!--Start PulumiCodeChooser --\u003e\n```typescript\nimport * as pulumi from \"@pulumi/pulumi\";\nimport * as gcp from \"@pulumi/gcp\";\n\nconst example = new gcp.pubsub.Topic(\"example\", {name: \"example-topic\"});\nconst project = gcp.organizations.getProject({});\nconst viewer = new gcp.projects.IAMMember(\"viewer\", {\n project: project.then(project =\u003e project.projectId),\n role: \"roles/bigquery.metadataViewer\",\n member: project.then(project =\u003e `serviceAccount:service-${project.number}@gcp-sa-pubsub.iam.gserviceaccount.com`),\n});\nconst editor = new gcp.projects.IAMMember(\"editor\", {\n project: project.then(project =\u003e project.projectId),\n role: \"roles/bigquery.dataEditor\",\n member: project.then(project =\u003e `serviceAccount:service-${project.number}@gcp-sa-pubsub.iam.gserviceaccount.com`),\n});\nconst test = new gcp.bigquery.Dataset(\"test\", {datasetId: \"example_dataset\"});\nconst testTable = new gcp.bigquery.Table(\"test\", {\n deletionProtection: false,\n tableId: \"example_table\",\n datasetId: test.datasetId,\n schema: `[\n {\n \"name\": \"data\",\n \"type\": \"STRING\",\n \"mode\": \"NULLABLE\",\n \"description\": \"The data\"\n }\n]\n`,\n});\nconst exampleSubscription = new gcp.pubsub.Subscription(\"example\", {\n name: \"example-subscription\",\n topic: example.id,\n bigqueryConfig: {\n table: pulumi.interpolate`${testTable.project}.${testTable.datasetId}.${testTable.tableId}`,\n },\n}, {\n dependsOn: [\n viewer,\n editor,\n ],\n});\n```\n```python\nimport pulumi\nimport pulumi_gcp as gcp\n\nexample = gcp.pubsub.Topic(\"example\", name=\"example-topic\")\nproject = gcp.organizations.get_project()\nviewer = gcp.projects.IAMMember(\"viewer\",\n project=project.project_id,\n role=\"roles/bigquery.metadataViewer\",\n member=f\"serviceAccount:service-{project.number}@gcp-sa-pubsub.iam.gserviceaccount.com\")\neditor = gcp.projects.IAMMember(\"editor\",\n project=project.project_id,\n role=\"roles/bigquery.dataEditor\",\n member=f\"serviceAccount:service-{project.number}@gcp-sa-pubsub.iam.gserviceaccount.com\")\ntest = gcp.bigquery.Dataset(\"test\", dataset_id=\"example_dataset\")\ntest_table = gcp.bigquery.Table(\"test\",\n deletion_protection=False,\n table_id=\"example_table\",\n dataset_id=test.dataset_id,\n schema=\"\"\"[\n {\n \"name\": \"data\",\n \"type\": \"STRING\",\n \"mode\": \"NULLABLE\",\n \"description\": \"The data\"\n }\n]\n\"\"\")\nexample_subscription = gcp.pubsub.Subscription(\"example\",\n name=\"example-subscription\",\n topic=example.id,\n bigquery_config=gcp.pubsub.SubscriptionBigqueryConfigArgs(\n table=pulumi.Output.all(test_table.project, test_table.dataset_id, test_table.table_id).apply(lambda project, dataset_id, table_id: f\"{project}.{dataset_id}.{table_id}\"),\n ),\n opts=pulumi.ResourceOptions(depends_on=[\n viewer,\n editor,\n ]))\n```\n```csharp\nusing System.Collections.Generic;\nusing System.Linq;\nusing Pulumi;\nusing Gcp = Pulumi.Gcp;\n\nreturn await Deployment.RunAsync(() =\u003e \n{\n var example = new Gcp.PubSub.Topic(\"example\", new()\n {\n Name = \"example-topic\",\n });\n\n var project = Gcp.Organizations.GetProject.Invoke();\n\n var viewer = new Gcp.Projects.IAMMember(\"viewer\", new()\n {\n Project = project.Apply(getProjectResult =\u003e getProjectResult.ProjectId),\n Role = \"roles/bigquery.metadataViewer\",\n Member = $\"serviceAccount:service-{project.Apply(getProjectResult =\u003e getProjectResult.Number)}@gcp-sa-pubsub.iam.gserviceaccount.com\",\n });\n\n var editor = new Gcp.Projects.IAMMember(\"editor\", new()\n {\n Project = project.Apply(getProjectResult =\u003e getProjectResult.ProjectId),\n Role = \"roles/bigquery.dataEditor\",\n Member = $\"serviceAccount:service-{project.Apply(getProjectResult =\u003e getProjectResult.Number)}@gcp-sa-pubsub.iam.gserviceaccount.com\",\n });\n\n var test = new Gcp.BigQuery.Dataset(\"test\", new()\n {\n DatasetId = \"example_dataset\",\n });\n\n var testTable = new Gcp.BigQuery.Table(\"test\", new()\n {\n DeletionProtection = false,\n TableId = \"example_table\",\n DatasetId = test.DatasetId,\n Schema = @\"[\n {\n \"\"name\"\": \"\"data\"\",\n \"\"type\"\": \"\"STRING\"\",\n \"\"mode\"\": \"\"NULLABLE\"\",\n \"\"description\"\": \"\"The data\"\"\n }\n]\n\",\n });\n\n var exampleSubscription = new Gcp.PubSub.Subscription(\"example\", new()\n {\n Name = \"example-subscription\",\n Topic = example.Id,\n BigqueryConfig = new Gcp.PubSub.Inputs.SubscriptionBigqueryConfigArgs\n {\n Table = Output.Tuple(testTable.Project, testTable.DatasetId, testTable.TableId).Apply(values =\u003e\n {\n var project = values.Item1;\n var datasetId = values.Item2;\n var tableId = values.Item3;\n return $\"{project}.{datasetId}.{tableId}\";\n }),\n },\n }, new CustomResourceOptions\n {\n DependsOn =\n {\n viewer,\n editor,\n },\n });\n\n});\n```\n```go\npackage main\n\nimport (\n\t\"fmt\"\n\n\t\"github.com/pulumi/pulumi-gcp/sdk/v7/go/gcp/bigquery\"\n\t\"github.com/pulumi/pulumi-gcp/sdk/v7/go/gcp/organizations\"\n\t\"github.com/pulumi/pulumi-gcp/sdk/v7/go/gcp/projects\"\n\t\"github.com/pulumi/pulumi-gcp/sdk/v7/go/gcp/pubsub\"\n\t\"github.com/pulumi/pulumi/sdk/v3/go/pulumi\"\n)\n\nfunc main() {\n\tpulumi.Run(func(ctx *pulumi.Context) error {\n\t\texample, err := pubsub.NewTopic(ctx, \"example\", \u0026pubsub.TopicArgs{\n\t\t\tName: pulumi.String(\"example-topic\"),\n\t\t})\n\t\tif err != nil {\n\t\t\treturn err\n\t\t}\n\t\tproject, err := organizations.LookupProject(ctx, nil, nil)\n\t\tif err != nil {\n\t\t\treturn err\n\t\t}\n\t\tviewer, err := projects.NewIAMMember(ctx, \"viewer\", \u0026projects.IAMMemberArgs{\n\t\t\tProject: pulumi.String(project.ProjectId),\n\t\t\tRole: pulumi.String(\"roles/bigquery.metadataViewer\"),\n\t\t\tMember: pulumi.String(fmt.Sprintf(\"serviceAccount:service-%v@gcp-sa-pubsub.iam.gserviceaccount.com\", project.Number)),\n\t\t})\n\t\tif err != nil {\n\t\t\treturn err\n\t\t}\n\t\teditor, err := projects.NewIAMMember(ctx, \"editor\", \u0026projects.IAMMemberArgs{\n\t\t\tProject: pulumi.String(project.ProjectId),\n\t\t\tRole: pulumi.String(\"roles/bigquery.dataEditor\"),\n\t\t\tMember: pulumi.String(fmt.Sprintf(\"serviceAccount:service-%v@gcp-sa-pubsub.iam.gserviceaccount.com\", project.Number)),\n\t\t})\n\t\tif err != nil {\n\t\t\treturn err\n\t\t}\n\t\ttest, err := bigquery.NewDataset(ctx, \"test\", \u0026bigquery.DatasetArgs{\n\t\t\tDatasetId: pulumi.String(\"example_dataset\"),\n\t\t})\n\t\tif err != nil {\n\t\t\treturn err\n\t\t}\n\t\ttestTable, err := bigquery.NewTable(ctx, \"test\", \u0026bigquery.TableArgs{\n\t\t\tDeletionProtection: pulumi.Bool(false),\n\t\t\tTableId: pulumi.String(\"example_table\"),\n\t\t\tDatasetId: test.DatasetId,\n\t\t\tSchema: pulumi.String(`[\n {\n \"name\": \"data\",\n \"type\": \"STRING\",\n \"mode\": \"NULLABLE\",\n \"description\": \"The data\"\n }\n]\n`),\n\t\t})\n\t\tif err != nil {\n\t\t\treturn err\n\t\t}\n\t\t_, err = pubsub.NewSubscription(ctx, \"example\", \u0026pubsub.SubscriptionArgs{\n\t\t\tName: pulumi.String(\"example-subscription\"),\n\t\t\tTopic: example.ID(),\n\t\t\tBigqueryConfig: \u0026pubsub.SubscriptionBigqueryConfigArgs{\n\t\t\t\tTable: pulumi.All(testTable.Project, testTable.DatasetId, testTable.TableId).ApplyT(func(_args []interface{}) (string, error) {\n\t\t\t\t\tproject := _args[0].(string)\n\t\t\t\t\tdatasetId := _args[1].(string)\n\t\t\t\t\ttableId := _args[2].(string)\n\t\t\t\t\treturn fmt.Sprintf(\"%v.%v.%v\", project, datasetId, tableId), nil\n\t\t\t\t}).(pulumi.StringOutput),\n\t\t\t},\n\t\t}, pulumi.DependsOn([]pulumi.Resource{\n\t\t\tviewer,\n\t\t\teditor,\n\t\t}))\n\t\tif err != nil {\n\t\t\treturn err\n\t\t}\n\t\treturn nil\n\t})\n}\n```\n```java\npackage generated_program;\n\nimport com.pulumi.Context;\nimport com.pulumi.Pulumi;\nimport com.pulumi.core.Output;\nimport com.pulumi.gcp.pubsub.Topic;\nimport com.pulumi.gcp.pubsub.TopicArgs;\nimport com.pulumi.gcp.organizations.OrganizationsFunctions;\nimport com.pulumi.gcp.organizations.inputs.GetProjectArgs;\nimport com.pulumi.gcp.projects.IAMMember;\nimport com.pulumi.gcp.projects.IAMMemberArgs;\nimport com.pulumi.gcp.bigquery.Dataset;\nimport com.pulumi.gcp.bigquery.DatasetArgs;\nimport com.pulumi.gcp.bigquery.Table;\nimport com.pulumi.gcp.bigquery.TableArgs;\nimport com.pulumi.gcp.pubsub.Subscription;\nimport com.pulumi.gcp.pubsub.SubscriptionArgs;\nimport com.pulumi.gcp.pubsub.inputs.SubscriptionBigqueryConfigArgs;\nimport com.pulumi.resources.CustomResourceOptions;\nimport java.util.List;\nimport java.util.ArrayList;\nimport java.util.Map;\nimport java.io.File;\nimport java.nio.file.Files;\nimport java.nio.file.Paths;\n\npublic class App {\n public static void main(String[] args) {\n Pulumi.run(App::stack);\n }\n\n public static void stack(Context ctx) {\n var example = new Topic(\"example\", TopicArgs.builder()\n .name(\"example-topic\")\n .build());\n\n final var project = OrganizationsFunctions.getProject();\n\n var viewer = new IAMMember(\"viewer\", IAMMemberArgs.builder()\n .project(project.applyValue(getProjectResult -\u003e getProjectResult.projectId()))\n .role(\"roles/bigquery.metadataViewer\")\n .member(String.format(\"serviceAccount:service-%s@gcp-sa-pubsub.iam.gserviceaccount.com\", project.applyValue(getProjectResult -\u003e getProjectResult.number())))\n .build());\n\n var editor = new IAMMember(\"editor\", IAMMemberArgs.builder()\n .project(project.applyValue(getProjectResult -\u003e getProjectResult.projectId()))\n .role(\"roles/bigquery.dataEditor\")\n .member(String.format(\"serviceAccount:service-%s@gcp-sa-pubsub.iam.gserviceaccount.com\", project.applyValue(getProjectResult -\u003e getProjectResult.number())))\n .build());\n\n var test = new Dataset(\"test\", DatasetArgs.builder()\n .datasetId(\"example_dataset\")\n .build());\n\n var testTable = new Table(\"testTable\", TableArgs.builder()\n .deletionProtection(false)\n .tableId(\"example_table\")\n .datasetId(test.datasetId())\n .schema(\"\"\"\n[\n {\n \"name\": \"data\",\n \"type\": \"STRING\",\n \"mode\": \"NULLABLE\",\n \"description\": \"The data\"\n }\n]\n \"\"\")\n .build());\n\n var exampleSubscription = new Subscription(\"exampleSubscription\", SubscriptionArgs.builder()\n .name(\"example-subscription\")\n .topic(example.id())\n .bigqueryConfig(SubscriptionBigqueryConfigArgs.builder()\n .table(Output.tuple(testTable.project(), testTable.datasetId(), testTable.tableId()).applyValue(values -\u003e {\n var project = values.t1;\n var datasetId = values.t2;\n var tableId = values.t3;\n return String.format(\"%s.%s.%s\", project.applyValue(getProjectResult -\u003e getProjectResult),datasetId,tableId);\n }))\n .build())\n .build(), CustomResourceOptions.builder()\n .dependsOn( \n viewer,\n editor)\n .build());\n\n }\n}\n```\n```yaml\nresources:\n example:\n type: gcp:pubsub:Topic\n properties:\n name: example-topic\n exampleSubscription:\n type: gcp:pubsub:Subscription\n name: example\n properties:\n name: example-subscription\n topic: ${example.id}\n bigqueryConfig:\n table: ${testTable.project}.${testTable.datasetId}.${testTable.tableId}\n options:\n dependson:\n - ${viewer}\n - ${editor}\n viewer:\n type: gcp:projects:IAMMember\n properties:\n project: ${project.projectId}\n role: roles/bigquery.metadataViewer\n member: serviceAccount:service-${project.number}@gcp-sa-pubsub.iam.gserviceaccount.com\n editor:\n type: gcp:projects:IAMMember\n properties:\n project: ${project.projectId}\n role: roles/bigquery.dataEditor\n member: serviceAccount:service-${project.number}@gcp-sa-pubsub.iam.gserviceaccount.com\n test:\n type: gcp:bigquery:Dataset\n properties:\n datasetId: example_dataset\n testTable:\n type: gcp:bigquery:Table\n name: test\n properties:\n deletionProtection: false\n tableId: example_table\n datasetId: ${test.datasetId}\n schema: |\n [\n {\n \"name\": \"data\",\n \"type\": \"STRING\",\n \"mode\": \"NULLABLE\",\n \"description\": \"The data\"\n }\n ]\nvariables:\n project:\n fn::invoke:\n Function: gcp:organizations:getProject\n Arguments: {}\n```\n\u003c!--End PulumiCodeChooser --\u003e\n### Pubsub Subscription Push Bq Table Schema\n\n\n\u003c!--Start PulumiCodeChooser --\u003e\n```typescript\nimport * as pulumi from \"@pulumi/pulumi\";\nimport * as gcp from \"@pulumi/gcp\";\n\nconst example = new gcp.pubsub.Topic(\"example\", {name: \"example-topic\"});\nconst project = gcp.organizations.getProject({});\nconst viewer = new gcp.projects.IAMMember(\"viewer\", {\n project: project.then(project =\u003e project.projectId),\n role: \"roles/bigquery.metadataViewer\",\n member: project.then(project =\u003e `serviceAccount:service-${project.number}@gcp-sa-pubsub.iam.gserviceaccount.com`),\n});\nconst editor = new gcp.projects.IAMMember(\"editor\", {\n project: project.then(project =\u003e project.projectId),\n role: \"roles/bigquery.dataEditor\",\n member: project.then(project =\u003e `serviceAccount:service-${project.number}@gcp-sa-pubsub.iam.gserviceaccount.com`),\n});\nconst test = new gcp.bigquery.Dataset(\"test\", {datasetId: \"example_dataset\"});\nconst testTable = new gcp.bigquery.Table(\"test\", {\n deletionProtection: false,\n tableId: \"example_table\",\n datasetId: test.datasetId,\n schema: `[\n {\n \"name\": \"data\",\n \"type\": \"STRING\",\n \"mode\": \"NULLABLE\",\n \"description\": \"The data\"\n }\n]\n`,\n});\nconst exampleSubscription = new gcp.pubsub.Subscription(\"example\", {\n name: \"example-subscription\",\n topic: example.id,\n bigqueryConfig: {\n table: pulumi.interpolate`${testTable.project}.${testTable.datasetId}.${testTable.tableId}`,\n useTableSchema: true,\n },\n}, {\n dependsOn: [\n viewer,\n editor,\n ],\n});\n```\n```python\nimport pulumi\nimport pulumi_gcp as gcp\n\nexample = gcp.pubsub.Topic(\"example\", name=\"example-topic\")\nproject = gcp.organizations.get_project()\nviewer = gcp.projects.IAMMember(\"viewer\",\n project=project.project_id,\n role=\"roles/bigquery.metadataViewer\",\n member=f\"serviceAccount:service-{project.number}@gcp-sa-pubsub.iam.gserviceaccount.com\")\neditor = gcp.projects.IAMMember(\"editor\",\n project=project.project_id,\n role=\"roles/bigquery.dataEditor\",\n member=f\"serviceAccount:service-{project.number}@gcp-sa-pubsub.iam.gserviceaccount.com\")\ntest = gcp.bigquery.Dataset(\"test\", dataset_id=\"example_dataset\")\ntest_table = gcp.bigquery.Table(\"test\",\n deletion_protection=False,\n table_id=\"example_table\",\n dataset_id=test.dataset_id,\n schema=\"\"\"[\n {\n \"name\": \"data\",\n \"type\": \"STRING\",\n \"mode\": \"NULLABLE\",\n \"description\": \"The data\"\n }\n]\n\"\"\")\nexample_subscription = gcp.pubsub.Subscription(\"example\",\n name=\"example-subscription\",\n topic=example.id,\n bigquery_config=gcp.pubsub.SubscriptionBigqueryConfigArgs(\n table=pulumi.Output.all(test_table.project, test_table.dataset_id, test_table.table_id).apply(lambda project, dataset_id, table_id: f\"{project}.{dataset_id}.{table_id}\"),\n use_table_schema=True,\n ),\n opts=pulumi.ResourceOptions(depends_on=[\n viewer,\n editor,\n ]))\n```\n```csharp\nusing System.Collections.Generic;\nusing System.Linq;\nusing Pulumi;\nusing Gcp = Pulumi.Gcp;\n\nreturn await Deployment.RunAsync(() =\u003e \n{\n var example = new Gcp.PubSub.Topic(\"example\", new()\n {\n Name = \"example-topic\",\n });\n\n var project = Gcp.Organizations.GetProject.Invoke();\n\n var viewer = new Gcp.Projects.IAMMember(\"viewer\", new()\n {\n Project = project.Apply(getProjectResult =\u003e getProjectResult.ProjectId),\n Role = \"roles/bigquery.metadataViewer\",\n Member = $\"serviceAccount:service-{project.Apply(getProjectResult =\u003e getProjectResult.Number)}@gcp-sa-pubsub.iam.gserviceaccount.com\",\n });\n\n var editor = new Gcp.Projects.IAMMember(\"editor\", new()\n {\n Project = project.Apply(getProjectResult =\u003e getProjectResult.ProjectId),\n Role = \"roles/bigquery.dataEditor\",\n Member = $\"serviceAccount:service-{project.Apply(getProjectResult =\u003e getProjectResult.Number)}@gcp-sa-pubsub.iam.gserviceaccount.com\",\n });\n\n var test = new Gcp.BigQuery.Dataset(\"test\", new()\n {\n DatasetId = \"example_dataset\",\n });\n\n var testTable = new Gcp.BigQuery.Table(\"test\", new()\n {\n DeletionProtection = false,\n TableId = \"example_table\",\n DatasetId = test.DatasetId,\n Schema = @\"[\n {\n \"\"name\"\": \"\"data\"\",\n \"\"type\"\": \"\"STRING\"\",\n \"\"mode\"\": \"\"NULLABLE\"\",\n \"\"description\"\": \"\"The data\"\"\n }\n]\n\",\n });\n\n var exampleSubscription = new Gcp.PubSub.Subscription(\"example\", new()\n {\n Name = \"example-subscription\",\n Topic = example.Id,\n BigqueryConfig = new Gcp.PubSub.Inputs.SubscriptionBigqueryConfigArgs\n {\n Table = Output.Tuple(testTable.Project, testTable.DatasetId, testTable.TableId).Apply(values =\u003e\n {\n var project = values.Item1;\n var datasetId = values.Item2;\n var tableId = values.Item3;\n return $\"{project}.{datasetId}.{tableId}\";\n }),\n UseTableSchema = true,\n },\n }, new CustomResourceOptions\n {\n DependsOn =\n {\n viewer,\n editor,\n },\n });\n\n});\n```\n```go\npackage main\n\nimport (\n\t\"fmt\"\n\n\t\"github.com/pulumi/pulumi-gcp/sdk/v7/go/gcp/bigquery\"\n\t\"github.com/pulumi/pulumi-gcp/sdk/v7/go/gcp/organizations\"\n\t\"github.com/pulumi/pulumi-gcp/sdk/v7/go/gcp/projects\"\n\t\"github.com/pulumi/pulumi-gcp/sdk/v7/go/gcp/pubsub\"\n\t\"github.com/pulumi/pulumi/sdk/v3/go/pulumi\"\n)\n\nfunc main() {\n\tpulumi.Run(func(ctx *pulumi.Context) error {\n\t\texample, err := pubsub.NewTopic(ctx, \"example\", \u0026pubsub.TopicArgs{\n\t\t\tName: pulumi.String(\"example-topic\"),\n\t\t})\n\t\tif err != nil {\n\t\t\treturn err\n\t\t}\n\t\tproject, err := organizations.LookupProject(ctx, nil, nil)\n\t\tif err != nil {\n\t\t\treturn err\n\t\t}\n\t\tviewer, err := projects.NewIAMMember(ctx, \"viewer\", \u0026projects.IAMMemberArgs{\n\t\t\tProject: pulumi.String(project.ProjectId),\n\t\t\tRole: pulumi.String(\"roles/bigquery.metadataViewer\"),\n\t\t\tMember: pulumi.String(fmt.Sprintf(\"serviceAccount:service-%v@gcp-sa-pubsub.iam.gserviceaccount.com\", project.Number)),\n\t\t})\n\t\tif err != nil {\n\t\t\treturn err\n\t\t}\n\t\teditor, err := projects.NewIAMMember(ctx, \"editor\", \u0026projects.IAMMemberArgs{\n\t\t\tProject: pulumi.String(project.ProjectId),\n\t\t\tRole: pulumi.String(\"roles/bigquery.dataEditor\"),\n\t\t\tMember: pulumi.String(fmt.Sprintf(\"serviceAccount:service-%v@gcp-sa-pubsub.iam.gserviceaccount.com\", project.Number)),\n\t\t})\n\t\tif err != nil {\n\t\t\treturn err\n\t\t}\n\t\ttest, err := bigquery.NewDataset(ctx, \"test\", \u0026bigquery.DatasetArgs{\n\t\t\tDatasetId: pulumi.String(\"example_dataset\"),\n\t\t})\n\t\tif err != nil {\n\t\t\treturn err\n\t\t}\n\t\ttestTable, err := bigquery.NewTable(ctx, \"test\", \u0026bigquery.TableArgs{\n\t\t\tDeletionProtection: pulumi.Bool(false),\n\t\t\tTableId: pulumi.String(\"example_table\"),\n\t\t\tDatasetId: test.DatasetId,\n\t\t\tSchema: pulumi.String(`[\n {\n \"name\": \"data\",\n \"type\": \"STRING\",\n \"mode\": \"NULLABLE\",\n \"description\": \"The data\"\n }\n]\n`),\n\t\t})\n\t\tif err != nil {\n\t\t\treturn err\n\t\t}\n\t\t_, err = pubsub.NewSubscription(ctx, \"example\", \u0026pubsub.SubscriptionArgs{\n\t\t\tName: pulumi.String(\"example-subscription\"),\n\t\t\tTopic: example.ID(),\n\t\t\tBigqueryConfig: \u0026pubsub.SubscriptionBigqueryConfigArgs{\n\t\t\t\tTable: pulumi.All(testTable.Project, testTable.DatasetId, testTable.TableId).ApplyT(func(_args []interface{}) (string, error) {\n\t\t\t\t\tproject := _args[0].(string)\n\t\t\t\t\tdatasetId := _args[1].(string)\n\t\t\t\t\ttableId := _args[2].(string)\n\t\t\t\t\treturn fmt.Sprintf(\"%v.%v.%v\", project, datasetId, tableId), nil\n\t\t\t\t}).(pulumi.StringOutput),\n\t\t\t\tUseTableSchema: pulumi.Bool(true),\n\t\t\t},\n\t\t}, pulumi.DependsOn([]pulumi.Resource{\n\t\t\tviewer,\n\t\t\teditor,\n\t\t}))\n\t\tif err != nil {\n\t\t\treturn err\n\t\t}\n\t\treturn nil\n\t})\n}\n```\n```java\npackage generated_program;\n\nimport com.pulumi.Context;\nimport com.pulumi.Pulumi;\nimport com.pulumi.core.Output;\nimport com.pulumi.gcp.pubsub.Topic;\nimport com.pulumi.gcp.pubsub.TopicArgs;\nimport com.pulumi.gcp.organizations.OrganizationsFunctions;\nimport com.pulumi.gcp.organizations.inputs.GetProjectArgs;\nimport com.pulumi.gcp.projects.IAMMember;\nimport com.pulumi.gcp.projects.IAMMemberArgs;\nimport com.pulumi.gcp.bigquery.Dataset;\nimport com.pulumi.gcp.bigquery.DatasetArgs;\nimport com.pulumi.gcp.bigquery.Table;\nimport com.pulumi.gcp.bigquery.TableArgs;\nimport com.pulumi.gcp.pubsub.Subscription;\nimport com.pulumi.gcp.pubsub.SubscriptionArgs;\nimport com.pulumi.gcp.pubsub.inputs.SubscriptionBigqueryConfigArgs;\nimport com.pulumi.resources.CustomResourceOptions;\nimport java.util.List;\nimport java.util.ArrayList;\nimport java.util.Map;\nimport java.io.File;\nimport java.nio.file.Files;\nimport java.nio.file.Paths;\n\npublic class App {\n public static void main(String[] args) {\n Pulumi.run(App::stack);\n }\n\n public static void stack(Context ctx) {\n var example = new Topic(\"example\", TopicArgs.builder()\n .name(\"example-topic\")\n .build());\n\n final var project = OrganizationsFunctions.getProject();\n\n var viewer = new IAMMember(\"viewer\", IAMMemberArgs.builder()\n .project(project.applyValue(getProjectResult -\u003e getProjectResult.projectId()))\n .role(\"roles/bigquery.metadataViewer\")\n .member(String.format(\"serviceAccount:service-%s@gcp-sa-pubsub.iam.gserviceaccount.com\", project.applyValue(getProjectResult -\u003e getProjectResult.number())))\n .build());\n\n var editor = new IAMMember(\"editor\", IAMMemberArgs.builder()\n .project(project.applyValue(getProjectResult -\u003e getProjectResult.projectId()))\n .role(\"roles/bigquery.dataEditor\")\n .member(String.format(\"serviceAccount:service-%s@gcp-sa-pubsub.iam.gserviceaccount.com\", project.applyValue(getProjectResult -\u003e getProjectResult.number())))\n .build());\n\n var test = new Dataset(\"test\", DatasetArgs.builder()\n .datasetId(\"example_dataset\")\n .build());\n\n var testTable = new Table(\"testTable\", TableArgs.builder()\n .deletionProtection(false)\n .tableId(\"example_table\")\n .datasetId(test.datasetId())\n .schema(\"\"\"\n[\n {\n \"name\": \"data\",\n \"type\": \"STRING\",\n \"mode\": \"NULLABLE\",\n \"description\": \"The data\"\n }\n]\n \"\"\")\n .build());\n\n var exampleSubscription = new Subscription(\"exampleSubscription\", SubscriptionArgs.builder()\n .name(\"example-subscription\")\n .topic(example.id())\n .bigqueryConfig(SubscriptionBigqueryConfigArgs.builder()\n .table(Output.tuple(testTable.project(), testTable.datasetId(), testTable.tableId()).applyValue(values -\u003e {\n var project = values.t1;\n var datasetId = values.t2;\n var tableId = values.t3;\n return String.format(\"%s.%s.%s\", project.applyValue(getProjectResult -\u003e getProjectResult),datasetId,tableId);\n }))\n .useTableSchema(true)\n .build())\n .build(), CustomResourceOptions.builder()\n .dependsOn( \n viewer,\n editor)\n .build());\n\n }\n}\n```\n```yaml\nresources:\n example:\n type: gcp:pubsub:Topic\n properties:\n name: example-topic\n exampleSubscription:\n type: gcp:pubsub:Subscription\n name: example\n properties:\n name: example-subscription\n topic: ${example.id}\n bigqueryConfig:\n table: ${testTable.project}.${testTable.datasetId}.${testTable.tableId}\n useTableSchema: true\n options:\n dependson:\n - ${viewer}\n - ${editor}\n viewer:\n type: gcp:projects:IAMMember\n properties:\n project: ${project.projectId}\n role: roles/bigquery.metadataViewer\n member: serviceAccount:service-${project.number}@gcp-sa-pubsub.iam.gserviceaccount.com\n editor:\n type: gcp:projects:IAMMember\n properties:\n project: ${project.projectId}\n role: roles/bigquery.dataEditor\n member: serviceAccount:service-${project.number}@gcp-sa-pubsub.iam.gserviceaccount.com\n test:\n type: gcp:bigquery:Dataset\n properties:\n datasetId: example_dataset\n testTable:\n type: gcp:bigquery:Table\n name: test\n properties:\n deletionProtection: false\n tableId: example_table\n datasetId: ${test.datasetId}\n schema: |\n [\n {\n \"name\": \"data\",\n \"type\": \"STRING\",\n \"mode\": \"NULLABLE\",\n \"description\": \"The data\"\n }\n ]\nvariables:\n project:\n fn::invoke:\n Function: gcp:organizations:getProject\n Arguments: {}\n```\n\u003c!--End PulumiCodeChooser --\u003e\n### Pubsub Subscription Push Cloudstorage\n\n\n\u003c!--Start PulumiCodeChooser --\u003e\n```typescript\nimport * as pulumi from \"@pulumi/pulumi\";\nimport * as gcp from \"@pulumi/gcp\";\n\nconst example = new gcp.storage.Bucket(\"example\", {\n name: \"example-bucket\",\n location: \"US\",\n uniformBucketLevelAccess: true,\n});\nconst exampleTopic = new gcp.pubsub.Topic(\"example\", {name: \"example-topic\"});\nconst project = gcp.organizations.getProject({});\nconst admin = new gcp.storage.BucketIAMMember(\"admin\", {\n bucket: example.name,\n role: \"roles/storage.admin\",\n member: project.then(project =\u003e `serviceAccount:service-${project.number}@gcp-sa-pubsub.iam.gserviceaccount.com`),\n});\nconst exampleSubscription = new gcp.pubsub.Subscription(\"example\", {\n name: \"example-subscription\",\n topic: exampleTopic.id,\n cloudStorageConfig: {\n bucket: example.name,\n filenamePrefix: \"pre-\",\n filenameSuffix: \"-_40785\",\n filenameDatetimeFormat: \"YYYY-MM-DD/hh_mm_ssZ\",\n maxBytes: 1000,\n maxDuration: \"300s\",\n },\n}, {\n dependsOn: [\n example,\n admin,\n ],\n});\n```\n```python\nimport pulumi\nimport pulumi_gcp as gcp\n\nexample = gcp.storage.Bucket(\"example\",\n name=\"example-bucket\",\n location=\"US\",\n uniform_bucket_level_access=True)\nexample_topic = gcp.pubsub.Topic(\"example\", name=\"example-topic\")\nproject = gcp.organizations.get_project()\nadmin = gcp.storage.BucketIAMMember(\"admin\",\n bucket=example.name,\n role=\"roles/storage.admin\",\n member=f\"serviceAccount:service-{project.number}@gcp-sa-pubsub.iam.gserviceaccount.com\")\nexample_subscription = gcp.pubsub.Subscription(\"example\",\n name=\"example-subscription\",\n topic=example_topic.id,\n cloud_storage_config=gcp.pubsub.SubscriptionCloudStorageConfigArgs(\n bucket=example.name,\n filename_prefix=\"pre-\",\n filename_suffix=\"-_40785\",\n filename_datetime_format=\"YYYY-MM-DD/hh_mm_ssZ\",\n max_bytes=1000,\n max_duration=\"300s\",\n ),\n opts=pulumi.ResourceOptions(depends_on=[\n example,\n admin,\n ]))\n```\n```csharp\nusing System.Collections.Generic;\nusing System.Linq;\nusing Pulumi;\nusing Gcp = Pulumi.Gcp;\n\nreturn await Deployment.RunAsync(() =\u003e \n{\n var example = new Gcp.Storage.Bucket(\"example\", new()\n {\n Name = \"example-bucket\",\n Location = \"US\",\n UniformBucketLevelAccess = true,\n });\n\n var exampleTopic = new Gcp.PubSub.Topic(\"example\", new()\n {\n Name = \"example-topic\",\n });\n\n var project = Gcp.Organizations.GetProject.Invoke();\n\n var admin = new Gcp.Storage.BucketIAMMember(\"admin\", new()\n {\n Bucket = example.Name,\n Role = \"roles/storage.admin\",\n Member = $\"serviceAccount:service-{project.Apply(getProjectResult =\u003e getProjectResult.Number)}@gcp-sa-pubsub.iam.gserviceaccount.com\",\n });\n\n var exampleSubscription = new Gcp.PubSub.Subscription(\"example\", new()\n {\n Name = \"example-subscription\",\n Topic = exampleTopic.Id,\n CloudStorageConfig = new Gcp.PubSub.Inputs.SubscriptionCloudStorageConfigArgs\n {\n Bucket = example.Name,\n FilenamePrefix = \"pre-\",\n FilenameSuffix = \"-_40785\",\n FilenameDatetimeFormat = \"YYYY-MM-DD/hh_mm_ssZ\",\n MaxBytes = 1000,\n MaxDuration = \"300s\",\n },\n }, new CustomResourceOptions\n {\n DependsOn =\n {\n example,\n admin,\n },\n });\n\n});\n```\n```go\npackage main\n\nimport (\n\t\"fmt\"\n\n\t\"github.com/pulumi/pulumi-gcp/sdk/v7/go/gcp/organizations\"\n\t\"github.com/pulumi/pulumi-gcp/sdk/v7/go/gcp/pubsub\"\n\t\"github.com/pulumi/pulumi-gcp/sdk/v7/go/gcp/storage\"\n\t\"github.com/pulumi/pulumi/sdk/v3/go/pulumi\"\n)\n\nfunc main() {\n\tpulumi.Run(func(ctx *pulumi.Context) error {\n\t\texample, err := storage.NewBucket(ctx, \"example\", \u0026storage.BucketArgs{\n\t\t\tName: pulumi.String(\"example-bucket\"),\n\t\t\tLocation: pulumi.String(\"US\"),\n\t\t\tUniformBucketLevelAccess: pulumi.Bool(true),\n\t\t})\n\t\tif err != nil {\n\t\t\treturn err\n\t\t}\n\t\texampleTopic, err := pubsub.NewTopic(ctx, \"example\", \u0026pubsub.TopicArgs{\n\t\t\tName: pulumi.String(\"example-topic\"),\n\t\t})\n\t\tif err != nil {\n\t\t\treturn err\n\t\t}\n\t\tproject, err := organizations.LookupProject(ctx, nil, nil)\n\t\tif err != nil {\n\t\t\treturn err\n\t\t}\n\t\tadmin, err := storage.NewBucketIAMMember(ctx, \"admin\", \u0026storage.BucketIAMMemberArgs{\n\t\t\tBucket: example.Name,\n\t\t\tRole: pulumi.String(\"roles/storage.admin\"),\n\t\t\tMember: pulumi.String(fmt.Sprintf(\"serviceAccount:service-%v@gcp-sa-pubsub.iam.gserviceaccount.com\", project.Number)),\n\t\t})\n\t\tif err != nil {\n\t\t\treturn err\n\t\t}\n\t\t_, err = pubsub.NewSubscription(ctx, \"example\", \u0026pubsub.SubscriptionArgs{\n\t\t\tName: pulumi.String(\"example-subscription\"),\n\t\t\tTopic: exampleTopic.ID(),\n\t\t\tCloudStorageConfig: \u0026pubsub.SubscriptionCloudStorageConfigArgs{\n\t\t\t\tBucket: example.Name,\n\t\t\t\tFilenamePrefix: pulumi.String(\"pre-\"),\n\t\t\t\tFilenameSuffix: pulumi.String(\"-_40785\"),\n\t\t\t\tFilenameDatetimeFormat: pulumi.String(\"YYYY-MM-DD/hh_mm_ssZ\"),\n\t\t\t\tMaxBytes: pulumi.Int(1000),\n\t\t\t\tMaxDuration: pulumi.String(\"300s\"),\n\t\t\t},\n\t\t}, pulumi.DependsOn([]pulumi.Resource{\n\t\t\texample,\n\t\t\tadmin,\n\t\t}))\n\t\tif err != nil {\n\t\t\treturn err\n\t\t}\n\t\treturn nil\n\t})\n}\n```\n```java\npackage generated_program;\n\nimport com.pulumi.Context;\nimport com.pulumi.Pulumi;\nimport com.pulumi.core.Output;\nimport com.pulumi.gcp.storage.Bucket;\nimport com.pulumi.gcp.storage.BucketArgs;\nimport com.pulumi.gcp.pubsub.Topic;\nimport com.pulumi.gcp.pubsub.TopicArgs;\nimport com.pulumi.gcp.organizations.OrganizationsFunctions;\nimport com.pulumi.gcp.organizations.inputs.GetProjectArgs;\nimport com.pulumi.gcp.storage.BucketIAMMember;\nimport com.pulumi.gcp.storage.BucketIAMMemberArgs;\nimport com.pulumi.gcp.pubsub.Subscription;\nimport com.pulumi.gcp.pubsub.SubscriptionArgs;\nimport com.pulumi.gcp.pubsub.inputs.SubscriptionCloudStorageConfigArgs;\nimport com.pulumi.resources.CustomResourceOptions;\nimport java.util.List;\nimport java.util.ArrayList;\nimport java.util.Map;\nimport java.io.File;\nimport java.nio.file.Files;\nimport java.nio.file.Paths;\n\npublic class App {\n public static void main(String[] args) {\n Pulumi.run(App::stack);\n }\n\n public static void stack(Context ctx) {\n var example = new Bucket(\"example\", BucketArgs.builder()\n .name(\"example-bucket\")\n .location(\"US\")\n .uniformBucketLevelAccess(true)\n .build());\n\n var exampleTopic = new Topic(\"exampleTopic\", TopicArgs.builder()\n .name(\"example-topic\")\n .build());\n\n final var project = OrganizationsFunctions.getProject();\n\n var admin = new BucketIAMMember(\"admin\", BucketIAMMemberArgs.builder()\n .bucket(example.name())\n .role(\"roles/storage.admin\")\n .member(String.format(\"serviceAccount:service-%s@gcp-sa-pubsub.iam.gserviceaccount.com\", project.applyValue(getProjectResult -\u003e getProjectResult.number())))\n .build());\n\n var exampleSubscription = new Subscription(\"exampleSubscription\", SubscriptionArgs.builder()\n .name(\"example-subscription\")\n .topic(exampleTopic.id())\n .cloudStorageConfig(SubscriptionCloudStorageConfigArgs.builder()\n .bucket(example.name())\n .filenamePrefix(\"pre-\")\n .filenameSuffix(\"-_40785\")\n .filenameDatetimeFormat(\"YYYY-MM-DD/hh_mm_ssZ\")\n .maxBytes(1000)\n .maxDuration(\"300s\")\n .build())\n .build(), CustomResourceOptions.builder()\n .dependsOn( \n example,\n admin)\n .build());\n\n }\n}\n```\n```yaml\nresources:\n example:\n type: gcp:storage:Bucket\n properties:\n name: example-bucket\n location: US\n uniformBucketLevelAccess: true\n exampleTopic:\n type: gcp:pubsub:Topic\n name: example\n properties:\n name: example-topic\n exampleSubscription:\n type: gcp:pubsub:Subscription\n name: example\n properties:\n name: example-subscription\n topic: ${exampleTopic.id}\n cloudStorageConfig:\n bucket: ${example.name}\n filenamePrefix: pre-\n filenameSuffix: -_40785\n filenameDatetimeFormat: YYYY-MM-DD/hh_mm_ssZ\n maxBytes: 1000\n maxDuration: 300s\n options:\n dependson:\n - ${example}\n - ${admin}\n admin:\n type: gcp:storage:BucketIAMMember\n properties:\n bucket: ${example.name}\n role: roles/storage.admin\n member: serviceAccount:service-${project.number}@gcp-sa-pubsub.iam.gserviceaccount.com\nvariables:\n project:\n fn::invoke:\n Function: gcp:organizations:getProject\n Arguments: {}\n```\n\u003c!--End PulumiCodeChooser --\u003e\n### Pubsub Subscription Push Cloudstorage Avro\n\n\n\u003c!--Start PulumiCodeChooser --\u003e\n```typescript\nimport * as pulumi from \"@pulumi/pulumi\";\nimport * as gcp from \"@pulumi/gcp\";\n\nconst example = new gcp.storage.Bucket(\"example\", {\n name: \"example-bucket\",\n location: \"US\",\n uniformBucketLevelAccess: true,\n});\nconst exampleTopic = new gcp.pubsub.Topic(\"example\", {name: \"example-topic\"});\nconst project = gcp.organizations.getProject({});\nconst admin = new gcp.storage.BucketIAMMember(\"admin\", {\n bucket: example.name,\n role: \"roles/storage.admin\",\n member: project.then(project =\u003e `serviceAccount:service-${project.number}@gcp-sa-pubsub.iam.gserviceaccount.com`),\n});\nconst exampleSubscription = new gcp.pubsub.Subscription(\"example\", {\n name: \"example-subscription\",\n topic: exampleTopic.id,\n cloudStorageConfig: {\n bucket: example.name,\n filenamePrefix: \"pre-\",\n filenameSuffix: \"-_79169\",\n filenameDatetimeFormat: \"YYYY-MM-DD/hh_mm_ssZ\",\n maxBytes: 1000,\n maxDuration: \"300s\",\n avroConfig: {\n writeMetadata: true,\n },\n },\n}, {\n dependsOn: [\n example,\n admin,\n ],\n});\n```\n```python\nimport pulumi\nimport pulumi_gcp as gcp\n\nexample = gcp.storage.Bucket(\"example\",\n name=\"example-bucket\",\n location=\"US\",\n uniform_bucket_level_access=True)\nexample_topic = gcp.pubsub.Topic(\"example\", name=\"example-topic\")\nproject = gcp.organizations.get_project()\nadmin = gcp.storage.BucketIAMMember(\"admin\",\n bucket=example.name,\n role=\"roles/storage.admin\",\n member=f\"serviceAccount:service-{project.number}@gcp-sa-pubsub.iam.gserviceaccount.com\")\nexample_subscription = gcp.pubsub.Subscription(\"example\",\n name=\"example-subscription\",\n topic=example_topic.id,\n cloud_storage_config=gcp.pubsub.SubscriptionCloudStorageConfigArgs(\n bucket=example.name,\n filename_prefix=\"pre-\",\n filename_suffix=\"-_79169\",\n filename_datetime_format=\"YYYY-MM-DD/hh_mm_ssZ\",\n max_bytes=1000,\n max_duration=\"300s\",\n avro_config=gcp.pubsub.SubscriptionCloudStorageConfigAvroConfigArgs(\n write_metadata=True,\n ),\n ),\n opts=pulumi.ResourceOptions(depends_on=[\n example,\n admin,\n ]))\n```\n```csharp\nusing System.Collections.Generic;\nusing System.Linq;\nusing Pulumi;\nusing Gcp = Pulumi.Gcp;\n\nreturn await Deployment.RunAsync(() =\u003e \n{\n var example = new Gcp.Storage.Bucket(\"example\", new()\n {\n Name = \"example-bucket\",\n Location = \"US\",\n UniformBucketLevelAccess = true,\n });\n\n var exampleTopic = new Gcp.PubSub.Topic(\"example\", new()\n {\n Name = \"example-topic\",\n });\n\n var project = Gcp.Organizations.GetProject.Invoke();\n\n var admin = new Gcp.Storage.BucketIAMMember(\"admin\", new()\n {\n Bucket = example.Name,\n Role = \"roles/storage.admin\",\n Member = $\"serviceAccount:service-{project.Apply(getProjectResult =\u003e getProjectResult.Number)}@gcp-sa-pubsub.iam.gserviceaccount.com\",\n });\n\n var exampleSubscription = new Gcp.PubSub.Subscription(\"example\", new()\n {\n Name = \"example-subscription\",\n Topic = exampleTopic.Id,\n CloudStorageConfig = new Gcp.PubSub.Inputs.SubscriptionCloudStorageConfigArgs\n {\n Bucket = example.Name,\n FilenamePrefix = \"pre-\",\n FilenameSuffix = \"-_79169\",\n FilenameDatetimeFormat = \"YYYY-MM-DD/hh_mm_ssZ\",\n MaxBytes = 1000,\n MaxDuration = \"300s\",\n AvroConfig = new Gcp.PubSub.Inputs.SubscriptionCloudStorageConfigAvroConfigArgs\n {\n WriteMetadata = true,\n },\n },\n }, new CustomResourceOptions\n {\n DependsOn =\n {\n example,\n admin,\n },\n });\n\n});\n```\n```go\npackage main\n\nimport (\n\t\"fmt\"\n\n\t\"github.com/pulumi/pulumi-gcp/sdk/v7/go/gcp/organizations\"\n\t\"github.com/pulumi/pulumi-gcp/sdk/v7/go/gcp/pubsub\"\n\t\"github.com/pulumi/pulumi-gcp/sdk/v7/go/gcp/storage\"\n\t\"github.com/pulumi/pulumi/sdk/v3/go/pulumi\"\n)\n\nfunc main() {\n\tpulumi.Run(func(ctx *pulumi.Context) error {\n\t\texample, err := storage.NewBucket(ctx, \"example\", \u0026storage.BucketArgs{\n\t\t\tName: pulumi.String(\"example-bucket\"),\n\t\t\tLocation: pulumi.String(\"US\"),\n\t\t\tUniformBucketLevelAccess: pulumi.Bool(true),\n\t\t})\n\t\tif err != nil {\n\t\t\treturn err\n\t\t}\n\t\texampleTopic, err := pubsub.NewTopic(ctx, \"example\", \u0026pubsub.TopicArgs{\n\t\t\tName: pulumi.String(\"example-topic\"),\n\t\t})\n\t\tif err != nil {\n\t\t\treturn err\n\t\t}\n\t\tproject, err := organizations.LookupProject(ctx, nil, nil)\n\t\tif err != nil {\n\t\t\treturn err\n\t\t}\n\t\tadmin, err := storage.NewBucketIAMMember(ctx, \"admin\", \u0026storage.BucketIAMMemberArgs{\n\t\t\tBucket: example.Name,\n\t\t\tRole: pulumi.String(\"roles/storage.admin\"),\n\t\t\tMember: pulumi.String(fmt.Sprintf(\"serviceAccount:service-%v@gcp-sa-pubsub.iam.gserviceaccount.com\", project.Number)),\n\t\t})\n\t\tif err != nil {\n\t\t\treturn err\n\t\t}\n\t\t_, err = pubsub.NewSubscription(ctx, \"example\", \u0026pubsub.SubscriptionArgs{\n\t\t\tName: pulumi.String(\"example-subscription\"),\n\t\t\tTopic: exampleTopic.ID(),\n\t\t\tCloudStorageConfig: \u0026pubsub.SubscriptionCloudStorageConfigArgs{\n\t\t\t\tBucket: example.Name,\n\t\t\t\tFilenamePrefix: pulumi.String(\"pre-\"),\n\t\t\t\tFilenameSuffix: pulumi.String(\"-_79169\"),\n\t\t\t\tFilenameDatetimeFormat: pulumi.String(\"YYYY-MM-DD/hh_mm_ssZ\"),\n\t\t\t\tMaxBytes: pulumi.Int(1000),\n\t\t\t\tMaxDuration: pulumi.String(\"300s\"),\n\t\t\t\tAvroConfig: \u0026pubsub.SubscriptionCloudStorageConfigAvroConfigArgs{\n\t\t\t\t\tWriteMetadata: pulumi.Bool(true),\n\t\t\t\t},\n\t\t\t},\n\t\t}, pulumi.DependsOn([]pulumi.Resource{\n\t\t\texample,\n\t\t\tadmin,\n\t\t}))\n\t\tif err != nil {\n\t\t\treturn err\n\t\t}\n\t\treturn nil\n\t})\n}\n```\n```java\npackage generated_program;\n\nimport com.pulumi.Context;\nimport com.pulumi.Pulumi;\nimport com.pulumi.core.Output;\nimport com.pulumi.gcp.storage.Bucket;\nimport com.pulumi.gcp.storage.BucketArgs;\nimport com.pulumi.gcp.pubsub.Topic;\nimport com.pulumi.gcp.pubsub.TopicArgs;\nimport com.pulumi.gcp.organizations.OrganizationsFunctions;\nimport com.pulumi.gcp.organizations.inputs.GetProjectArgs;\nimport com.pulumi.gcp.storage.BucketIAMMember;\nimport com.pulumi.gcp.storage.BucketIAMMemberArgs;\nimport com.pulumi.gcp.pubsub.Subscription;\nimport com.pulumi.gcp.pubsub.SubscriptionArgs;\nimport com.pulumi.gcp.pubsub.inputs.SubscriptionCloudStorageConfigArgs;\nimport com.pulumi.gcp.pubsub.inputs.SubscriptionCloudStorageConfigAvroConfigArgs;\nimport com.pulumi.resources.CustomResourceOptions;\nimport java.util.List;\nimport java.util.ArrayList;\nimport java.util.Map;\nimport java.io.File;\nimport java.nio.file.Files;\nimport java.nio.file.Paths;\n\npublic class App {\n public static void main(String[] args) {\n Pulumi.run(App::stack);\n }\n\n public static void stack(Context ctx) {\n var example = new Bucket(\"example\", BucketArgs.builder()\n .name(\"example-bucket\")\n .location(\"US\")\n .uniformBucketLevelAccess(true)\n .build());\n\n var exampleTopic = new Topic(\"exampleTopic\", TopicArgs.builder()\n .name(\"example-topic\")\n .build());\n\n final var project = OrganizationsFunctions.getProject();\n\n var admin = new BucketIAMMember(\"admin\", BucketIAMMemberArgs.builder()\n .bucket(example.name())\n .role(\"roles/storage.admin\")\n .member(String.format(\"serviceAccount:service-%s@gcp-sa-pubsub.iam.gserviceaccount.com\", project.applyValue(getProjectResult -\u003e getProjectResult.number())))\n .build());\n\n var exampleSubscription = new Subscription(\"exampleSubscription\", SubscriptionArgs.builder()\n .name(\"example-subscription\")\n .topic(exampleTopic.id())\n .cloudStorageConfig(SubscriptionCloudStorageConfigArgs.builder()\n .bucket(example.name())\n .filenamePrefix(\"pre-\")\n .filenameSuffix(\"-_79169\")\n .filenameDatetimeFormat(\"YYYY-MM-DD/hh_mm_ssZ\")\n .maxBytes(1000)\n .maxDuration(\"300s\")\n .avroConfig(SubscriptionCloudStorageConfigAvroConfigArgs.builder()\n .writeMetadata(true)\n .build())\n .build())\n .build(), CustomResourceOptions.builder()\n .dependsOn( \n example,\n admin)\n .build());\n\n }\n}\n```\n```yaml\nresources:\n example:\n type: gcp:storage:Bucket\n properties:\n name: example-bucket\n location: US\n uniformBucketLevelAccess: true\n exampleTopic:\n type: gcp:pubsub:Topic\n name: example\n properties:\n name: example-topic\n exampleSubscription:\n type: gcp:pubsub:Subscription\n name: example\n properties:\n name: example-subscription\n topic: ${exampleTopic.id}\n cloudStorageConfig:\n bucket: ${example.name}\n filenamePrefix: pre-\n filenameSuffix: -_79169\n filenameDatetimeFormat: YYYY-MM-DD/hh_mm_ssZ\n maxBytes: 1000\n maxDuration: 300s\n avroConfig:\n writeMetadata: true\n options:\n dependson:\n - ${example}\n - ${admin}\n admin:\n type: gcp:storage:BucketIAMMember\n properties:\n bucket: ${example.name}\n role: roles/storage.admin\n member: serviceAccount:service-${project.number}@gcp-sa-pubsub.iam.gserviceaccount.com\nvariables:\n project:\n fn::invoke:\n Function: gcp:organizations:getProject\n Arguments: {}\n```\n\u003c!--End PulumiCodeChooser --\u003e\n\n## Import\n\nSubscription can be imported using any of these accepted formats:\n\n* `projects/{{project}}/subscriptions/{{name}}`\n\n* `{{project}}/{{name}}`\n\n* `{{name}}`\n\nWhen using the `pulumi import` command, Subscription can be imported using one of the formats above. For example:\n\n```sh\n$ pulumi import gcp:pubsub/subscription:Subscription default projects/{{project}}/subscriptions/{{name}}\n```\n\n```sh\n$ pulumi import gcp:pubsub/subscription:Subscription default {{project}}/{{name}}\n```\n\n```sh\n$ pulumi import gcp:pubsub/subscription:Subscription default {{name}}\n```\n\n", "properties": { "ackDeadlineSeconds": { "type": "integer", @@ -229716,7 +232169,7 @@ } }, "gcp:sql/user:User": { - "description": "Creates a new Google SQL User on a Google SQL User Instance. For more information, see the [official documentation](https://cloud.google.com/sql/), or the [JSON API](https://cloud.google.com/sql/docs/admin-api/v1beta4/users).\n\n\n\n## Example Usage\n\nExample creating a SQL User.\n\n\u003c!--Start PulumiCodeChooser --\u003e\n```typescript\nimport * as pulumi from \"@pulumi/pulumi\";\nimport * as gcp from \"@pulumi/gcp\";\nimport * as random from \"@pulumi/random\";\n\nconst dbNameSuffix = new random.RandomId(\"db_name_suffix\", {byteLength: 4});\nconst main = new gcp.sql.DatabaseInstance(\"main\", {\n name: pulumi.interpolate`main-instance-${dbNameSuffix.hex}`,\n databaseVersion: \"MYSQL_5_7\",\n settings: {\n tier: \"db-f1-micro\",\n },\n});\nconst users = new gcp.sql.User(\"users\", {\n name: \"me\",\n instance: main.name,\n host: \"me.com\",\n password: \"changeme\",\n});\n```\n```python\nimport pulumi\nimport pulumi_gcp as gcp\nimport pulumi_random as random\n\ndb_name_suffix = random.RandomId(\"db_name_suffix\", byte_length=4)\nmain = gcp.sql.DatabaseInstance(\"main\",\n name=db_name_suffix.hex.apply(lambda hex: f\"main-instance-{hex}\"),\n database_version=\"MYSQL_5_7\",\n settings=gcp.sql.DatabaseInstanceSettingsArgs(\n tier=\"db-f1-micro\",\n ))\nusers = gcp.sql.User(\"users\",\n name=\"me\",\n instance=main.name,\n host=\"me.com\",\n password=\"changeme\")\n```\n```csharp\nusing System.Collections.Generic;\nusing System.Linq;\nusing Pulumi;\nusing Gcp = Pulumi.Gcp;\nusing Random = Pulumi.Random;\n\nreturn await Deployment.RunAsync(() =\u003e \n{\n var dbNameSuffix = new Random.RandomId(\"db_name_suffix\", new()\n {\n ByteLength = 4,\n });\n\n var main = new Gcp.Sql.DatabaseInstance(\"main\", new()\n {\n Name = dbNameSuffix.Hex.Apply(hex =\u003e $\"main-instance-{hex}\"),\n DatabaseVersion = \"MYSQL_5_7\",\n Settings = new Gcp.Sql.Inputs.DatabaseInstanceSettingsArgs\n {\n Tier = \"db-f1-micro\",\n },\n });\n\n var users = new Gcp.Sql.User(\"users\", new()\n {\n Name = \"me\",\n Instance = main.Name,\n Host = \"me.com\",\n Password = \"changeme\",\n });\n\n});\n```\n```go\npackage main\n\nimport (\n\t\"fmt\"\n\n\t\"github.com/pulumi/pulumi-gcp/sdk/v7/go/gcp/sql\"\n\t\"github.com/pulumi/pulumi-random/sdk/v4/go/random\"\n\t\"github.com/pulumi/pulumi/sdk/v3/go/pulumi\"\n)\n\nfunc main() {\n\tpulumi.Run(func(ctx *pulumi.Context) error {\n\t\tdbNameSuffix, err := random.NewRandomId(ctx, \"db_name_suffix\", \u0026random.RandomIdArgs{\n\t\t\tByteLength: pulumi.Int(4),\n\t\t})\n\t\tif err != nil {\n\t\t\treturn err\n\t\t}\n\t\tmain, err := sql.NewDatabaseInstance(ctx, \"main\", \u0026sql.DatabaseInstanceArgs{\n\t\t\tName: dbNameSuffix.Hex.ApplyT(func(hex string) (string, error) {\n\t\t\t\treturn fmt.Sprintf(\"main-instance-%v\", hex), nil\n\t\t\t}).(pulumi.StringOutput),\n\t\t\tDatabaseVersion: pulumi.String(\"MYSQL_5_7\"),\n\t\t\tSettings: \u0026sql.DatabaseInstanceSettingsArgs{\n\t\t\t\tTier: pulumi.String(\"db-f1-micro\"),\n\t\t\t},\n\t\t})\n\t\tif err != nil {\n\t\t\treturn err\n\t\t}\n\t\t_, err = sql.NewUser(ctx, \"users\", \u0026sql.UserArgs{\n\t\t\tName: pulumi.String(\"me\"),\n\t\t\tInstance: main.Name,\n\t\t\tHost: pulumi.String(\"me.com\"),\n\t\t\tPassword: pulumi.String(\"changeme\"),\n\t\t})\n\t\tif err != nil {\n\t\t\treturn err\n\t\t}\n\t\treturn nil\n\t})\n}\n```\n```java\npackage generated_program;\n\nimport com.pulumi.Context;\nimport com.pulumi.Pulumi;\nimport com.pulumi.core.Output;\nimport com.pulumi.random.RandomId;\nimport com.pulumi.random.RandomIdArgs;\nimport com.pulumi.gcp.sql.DatabaseInstance;\nimport com.pulumi.gcp.sql.DatabaseInstanceArgs;\nimport com.pulumi.gcp.sql.inputs.DatabaseInstanceSettingsArgs;\nimport com.pulumi.gcp.sql.User;\nimport com.pulumi.gcp.sql.UserArgs;\nimport java.util.List;\nimport java.util.ArrayList;\nimport java.util.Map;\nimport java.io.File;\nimport java.nio.file.Files;\nimport java.nio.file.Paths;\n\npublic class App {\n public static void main(String[] args) {\n Pulumi.run(App::stack);\n }\n\n public static void stack(Context ctx) {\n var dbNameSuffix = new RandomId(\"dbNameSuffix\", RandomIdArgs.builder()\n .byteLength(4)\n .build());\n\n var main = new DatabaseInstance(\"main\", DatabaseInstanceArgs.builder()\n .name(dbNameSuffix.hex().applyValue(hex -\u003e String.format(\"main-instance-%s\", hex)))\n .databaseVersion(\"MYSQL_5_7\")\n .settings(DatabaseInstanceSettingsArgs.builder()\n .tier(\"db-f1-micro\")\n .build())\n .build());\n\n var users = new User(\"users\", UserArgs.builder()\n .name(\"me\")\n .instance(main.name())\n .host(\"me.com\")\n .password(\"changeme\")\n .build());\n\n }\n}\n```\n```yaml\nresources:\n dbNameSuffix:\n type: random:RandomId\n name: db_name_suffix\n properties:\n byteLength: 4\n main:\n type: gcp:sql:DatabaseInstance\n properties:\n name: main-instance-${dbNameSuffix.hex}\n databaseVersion: MYSQL_5_7\n settings:\n tier: db-f1-micro\n users:\n type: gcp:sql:User\n properties:\n name: me\n instance: ${main.name}\n host: me.com\n password: changeme\n```\n\u003c!--End PulumiCodeChooser --\u003e\n\nExample using [Cloud SQL IAM database authentication](https://cloud.google.com/sql/docs/mysql/authentication).\n\n\u003c!--Start PulumiCodeChooser --\u003e\n```typescript\nimport * as pulumi from \"@pulumi/pulumi\";\nimport * as gcp from \"@pulumi/gcp\";\nimport * as random from \"@pulumi/random\";\nimport * as std from \"@pulumi/std\";\n\nconst dbNameSuffix = new random.RandomId(\"db_name_suffix\", {byteLength: 4});\nconst main = new gcp.sql.DatabaseInstance(\"main\", {\n name: pulumi.interpolate`main-instance-${dbNameSuffix.hex}`,\n databaseVersion: \"POSTGRES_15\",\n settings: {\n tier: \"db-f1-micro\",\n databaseFlags: [{\n name: \"cloudsql.iam_authentication\",\n value: \"on\",\n }],\n },\n});\nconst iamUser = new gcp.sql.User(\"iam_user\", {\n name: \"me@example.com\",\n instance: main.name,\n type: \"CLOUD_IAM_USER\",\n});\nconst iamServiceAccountUser = new gcp.sql.User(\"iam_service_account_user\", {\n name: std.trimsuffix({\n input: serviceAccount.email,\n suffix: \".gserviceaccount.com\",\n }).then(invoke =\u003e invoke.result),\n instance: main.name,\n type: \"CLOUD_IAM_SERVICE_ACCOUNT\",\n});\n```\n```python\nimport pulumi\nimport pulumi_gcp as gcp\nimport pulumi_random as random\nimport pulumi_std as std\n\ndb_name_suffix = random.RandomId(\"db_name_suffix\", byte_length=4)\nmain = gcp.sql.DatabaseInstance(\"main\",\n name=db_name_suffix.hex.apply(lambda hex: f\"main-instance-{hex}\"),\n database_version=\"POSTGRES_15\",\n settings=gcp.sql.DatabaseInstanceSettingsArgs(\n tier=\"db-f1-micro\",\n database_flags=[gcp.sql.DatabaseInstanceSettingsDatabaseFlagArgs(\n name=\"cloudsql.iam_authentication\",\n value=\"on\",\n )],\n ))\niam_user = gcp.sql.User(\"iam_user\",\n name=\"me@example.com\",\n instance=main.name,\n type=\"CLOUD_IAM_USER\")\niam_service_account_user = gcp.sql.User(\"iam_service_account_user\",\n name=std.trimsuffix(input=service_account[\"email\"],\n suffix=\".gserviceaccount.com\").result,\n instance=main.name,\n type=\"CLOUD_IAM_SERVICE_ACCOUNT\")\n```\n```csharp\nusing System.Collections.Generic;\nusing System.Linq;\nusing Pulumi;\nusing Gcp = Pulumi.Gcp;\nusing Random = Pulumi.Random;\nusing Std = Pulumi.Std;\n\nreturn await Deployment.RunAsync(() =\u003e \n{\n var dbNameSuffix = new Random.RandomId(\"db_name_suffix\", new()\n {\n ByteLength = 4,\n });\n\n var main = new Gcp.Sql.DatabaseInstance(\"main\", new()\n {\n Name = dbNameSuffix.Hex.Apply(hex =\u003e $\"main-instance-{hex}\"),\n DatabaseVersion = \"POSTGRES_15\",\n Settings = new Gcp.Sql.Inputs.DatabaseInstanceSettingsArgs\n {\n Tier = \"db-f1-micro\",\n DatabaseFlags = new[]\n {\n new Gcp.Sql.Inputs.DatabaseInstanceSettingsDatabaseFlagArgs\n {\n Name = \"cloudsql.iam_authentication\",\n Value = \"on\",\n },\n },\n },\n });\n\n var iamUser = new Gcp.Sql.User(\"iam_user\", new()\n {\n Name = \"me@example.com\",\n Instance = main.Name,\n Type = \"CLOUD_IAM_USER\",\n });\n\n var iamServiceAccountUser = new Gcp.Sql.User(\"iam_service_account_user\", new()\n {\n Name = Std.Trimsuffix.Invoke(new()\n {\n Input = serviceAccount.Email,\n Suffix = \".gserviceaccount.com\",\n }).Apply(invoke =\u003e invoke.Result),\n Instance = main.Name,\n Type = \"CLOUD_IAM_SERVICE_ACCOUNT\",\n });\n\n});\n```\n```go\npackage main\n\nimport (\n\t\"fmt\"\n\n\t\"github.com/pulumi/pulumi-gcp/sdk/v7/go/gcp/sql\"\n\t\"github.com/pulumi/pulumi-random/sdk/v4/go/random\"\n\t\"github.com/pulumi/pulumi-std/sdk/go/std\"\n\t\"github.com/pulumi/pulumi/sdk/v3/go/pulumi\"\n)\n\nfunc main() {\n\tpulumi.Run(func(ctx *pulumi.Context) error {\n\t\tdbNameSuffix, err := random.NewRandomId(ctx, \"db_name_suffix\", \u0026random.RandomIdArgs{\n\t\t\tByteLength: pulumi.Int(4),\n\t\t})\n\t\tif err != nil {\n\t\t\treturn err\n\t\t}\n\t\tmain, err := sql.NewDatabaseInstance(ctx, \"main\", \u0026sql.DatabaseInstanceArgs{\n\t\t\tName: dbNameSuffix.Hex.ApplyT(func(hex string) (string, error) {\n\t\t\t\treturn fmt.Sprintf(\"main-instance-%v\", hex), nil\n\t\t\t}).(pulumi.StringOutput),\n\t\t\tDatabaseVersion: pulumi.String(\"POSTGRES_15\"),\n\t\t\tSettings: \u0026sql.DatabaseInstanceSettingsArgs{\n\t\t\t\tTier: pulumi.String(\"db-f1-micro\"),\n\t\t\t\tDatabaseFlags: sql.DatabaseInstanceSettingsDatabaseFlagArray{\n\t\t\t\t\t\u0026sql.DatabaseInstanceSettingsDatabaseFlagArgs{\n\t\t\t\t\t\tName: pulumi.String(\"cloudsql.iam_authentication\"),\n\t\t\t\t\t\tValue: pulumi.String(\"on\"),\n\t\t\t\t\t},\n\t\t\t\t},\n\t\t\t},\n\t\t})\n\t\tif err != nil {\n\t\t\treturn err\n\t\t}\n\t\t_, err = sql.NewUser(ctx, \"iam_user\", \u0026sql.UserArgs{\n\t\t\tName: pulumi.String(\"me@example.com\"),\n\t\t\tInstance: main.Name,\n\t\t\tType: pulumi.String(\"CLOUD_IAM_USER\"),\n\t\t})\n\t\tif err != nil {\n\t\t\treturn err\n\t\t}\n\t\tinvokeTrimsuffix, err := std.Trimsuffix(ctx, \u0026std.TrimsuffixArgs{\n\t\t\tInput: serviceAccount.Email,\n\t\t\tSuffix: \".gserviceaccount.com\",\n\t\t}, nil)\n\t\tif err != nil {\n\t\t\treturn err\n\t\t}\n\t\t_, err = sql.NewUser(ctx, \"iam_service_account_user\", \u0026sql.UserArgs{\n\t\t\tName: invokeTrimsuffix.Result,\n\t\t\tInstance: main.Name,\n\t\t\tType: pulumi.String(\"CLOUD_IAM_SERVICE_ACCOUNT\"),\n\t\t})\n\t\tif err != nil {\n\t\t\treturn err\n\t\t}\n\t\treturn nil\n\t})\n}\n```\n```java\npackage generated_program;\n\nimport com.pulumi.Context;\nimport com.pulumi.Pulumi;\nimport com.pulumi.core.Output;\nimport com.pulumi.random.RandomId;\nimport com.pulumi.random.RandomIdArgs;\nimport com.pulumi.gcp.sql.DatabaseInstance;\nimport com.pulumi.gcp.sql.DatabaseInstanceArgs;\nimport com.pulumi.gcp.sql.inputs.DatabaseInstanceSettingsArgs;\nimport com.pulumi.gcp.sql.User;\nimport com.pulumi.gcp.sql.UserArgs;\nimport java.util.List;\nimport java.util.ArrayList;\nimport java.util.Map;\nimport java.io.File;\nimport java.nio.file.Files;\nimport java.nio.file.Paths;\n\npublic class App {\n public static void main(String[] args) {\n Pulumi.run(App::stack);\n }\n\n public static void stack(Context ctx) {\n var dbNameSuffix = new RandomId(\"dbNameSuffix\", RandomIdArgs.builder()\n .byteLength(4)\n .build());\n\n var main = new DatabaseInstance(\"main\", DatabaseInstanceArgs.builder()\n .name(dbNameSuffix.hex().applyValue(hex -\u003e String.format(\"main-instance-%s\", hex)))\n .databaseVersion(\"POSTGRES_15\")\n .settings(DatabaseInstanceSettingsArgs.builder()\n .tier(\"db-f1-micro\")\n .databaseFlags(DatabaseInstanceSettingsDatabaseFlagArgs.builder()\n .name(\"cloudsql.iam_authentication\")\n .value(\"on\")\n .build())\n .build())\n .build());\n\n var iamUser = new User(\"iamUser\", UserArgs.builder()\n .name(\"me@example.com\")\n .instance(main.name())\n .type(\"CLOUD_IAM_USER\")\n .build());\n\n var iamServiceAccountUser = new User(\"iamServiceAccountUser\", UserArgs.builder()\n .name(StdFunctions.trimsuffix(TrimsuffixArgs.builder()\n .input(serviceAccount.email())\n .suffix(\".gserviceaccount.com\")\n .build()).result())\n .instance(main.name())\n .type(\"CLOUD_IAM_SERVICE_ACCOUNT\")\n .build());\n\n }\n}\n```\n```yaml\nresources:\n dbNameSuffix:\n type: random:RandomId\n name: db_name_suffix\n properties:\n byteLength: 4\n main:\n type: gcp:sql:DatabaseInstance\n properties:\n name: main-instance-${dbNameSuffix.hex}\n databaseVersion: POSTGRES_15\n settings:\n tier: db-f1-micro\n databaseFlags:\n - name: cloudsql.iam_authentication\n value: on\n iamUser:\n type: gcp:sql:User\n name: iam_user\n properties:\n name: me@example.com\n instance: ${main.name}\n type: CLOUD_IAM_USER\n iamServiceAccountUser:\n type: gcp:sql:User\n name: iam_service_account_user\n properties:\n name:\n fn::invoke:\n Function: std:trimsuffix\n Arguments:\n input: ${serviceAccount.email}\n suffix: .gserviceaccount.com\n Return: result\n instance: ${main.name}\n type: CLOUD_IAM_SERVICE_ACCOUNT\n```\n\u003c!--End PulumiCodeChooser --\u003e\n\nExample using [Cloud SQL IAM Group authentication](https://cloud.google.com/sql/docs/mysql/iam-authentication#iam-group-auth).\n\n\u003c!--Start PulumiCodeChooser --\u003e\n```typescript\nimport * as pulumi from \"@pulumi/pulumi\";\nimport * as gcp from \"@pulumi/gcp\";\nimport * as random from \"@pulumi/random\";\n\nconst dbNameSuffix = new random.RandomId(\"db_name_suffix\", {byteLength: 4});\nconst main = new gcp.sql.DatabaseInstance(\"main\", {\n name: pulumi.interpolate`main-instance-${dbNameSuffix.hex}`,\n databaseVersion: \"MYSQL_8_0\",\n settings: {\n tier: \"db-f1-micro\",\n databaseFlags: [{\n name: \"cloudsql.iam_authentication\",\n value: \"on\",\n }],\n },\n});\nconst iamGroupUser = new gcp.sql.User(\"iam_group_user\", {\n name: \"iam_group@example.com\",\n instance: main.name,\n type: \"CLOUD_IAM_GROUP\",\n});\n```\n```python\nimport pulumi\nimport pulumi_gcp as gcp\nimport pulumi_random as random\n\ndb_name_suffix = random.RandomId(\"db_name_suffix\", byte_length=4)\nmain = gcp.sql.DatabaseInstance(\"main\",\n name=db_name_suffix.hex.apply(lambda hex: f\"main-instance-{hex}\"),\n database_version=\"MYSQL_8_0\",\n settings=gcp.sql.DatabaseInstanceSettingsArgs(\n tier=\"db-f1-micro\",\n database_flags=[gcp.sql.DatabaseInstanceSettingsDatabaseFlagArgs(\n name=\"cloudsql.iam_authentication\",\n value=\"on\",\n )],\n ))\niam_group_user = gcp.sql.User(\"iam_group_user\",\n name=\"iam_group@example.com\",\n instance=main.name,\n type=\"CLOUD_IAM_GROUP\")\n```\n```csharp\nusing System.Collections.Generic;\nusing System.Linq;\nusing Pulumi;\nusing Gcp = Pulumi.Gcp;\nusing Random = Pulumi.Random;\n\nreturn await Deployment.RunAsync(() =\u003e \n{\n var dbNameSuffix = new Random.RandomId(\"db_name_suffix\", new()\n {\n ByteLength = 4,\n });\n\n var main = new Gcp.Sql.DatabaseInstance(\"main\", new()\n {\n Name = dbNameSuffix.Hex.Apply(hex =\u003e $\"main-instance-{hex}\"),\n DatabaseVersion = \"MYSQL_8_0\",\n Settings = new Gcp.Sql.Inputs.DatabaseInstanceSettingsArgs\n {\n Tier = \"db-f1-micro\",\n DatabaseFlags = new[]\n {\n new Gcp.Sql.Inputs.DatabaseInstanceSettingsDatabaseFlagArgs\n {\n Name = \"cloudsql.iam_authentication\",\n Value = \"on\",\n },\n },\n },\n });\n\n var iamGroupUser = new Gcp.Sql.User(\"iam_group_user\", new()\n {\n Name = \"iam_group@example.com\",\n Instance = main.Name,\n Type = \"CLOUD_IAM_GROUP\",\n });\n\n});\n```\n```go\npackage main\n\nimport (\n\t\"fmt\"\n\n\t\"github.com/pulumi/pulumi-gcp/sdk/v7/go/gcp/sql\"\n\t\"github.com/pulumi/pulumi-random/sdk/v4/go/random\"\n\t\"github.com/pulumi/pulumi/sdk/v3/go/pulumi\"\n)\n\nfunc main() {\n\tpulumi.Run(func(ctx *pulumi.Context) error {\n\t\tdbNameSuffix, err := random.NewRandomId(ctx, \"db_name_suffix\", \u0026random.RandomIdArgs{\n\t\t\tByteLength: pulumi.Int(4),\n\t\t})\n\t\tif err != nil {\n\t\t\treturn err\n\t\t}\n\t\tmain, err := sql.NewDatabaseInstance(ctx, \"main\", \u0026sql.DatabaseInstanceArgs{\n\t\t\tName: dbNameSuffix.Hex.ApplyT(func(hex string) (string, error) {\n\t\t\t\treturn fmt.Sprintf(\"main-instance-%v\", hex), nil\n\t\t\t}).(pulumi.StringOutput),\n\t\t\tDatabaseVersion: pulumi.String(\"MYSQL_8_0\"),\n\t\t\tSettings: \u0026sql.DatabaseInstanceSettingsArgs{\n\t\t\t\tTier: pulumi.String(\"db-f1-micro\"),\n\t\t\t\tDatabaseFlags: sql.DatabaseInstanceSettingsDatabaseFlagArray{\n\t\t\t\t\t\u0026sql.DatabaseInstanceSettingsDatabaseFlagArgs{\n\t\t\t\t\t\tName: pulumi.String(\"cloudsql.iam_authentication\"),\n\t\t\t\t\t\tValue: pulumi.String(\"on\"),\n\t\t\t\t\t},\n\t\t\t\t},\n\t\t\t},\n\t\t})\n\t\tif err != nil {\n\t\t\treturn err\n\t\t}\n\t\t_, err = sql.NewUser(ctx, \"iam_group_user\", \u0026sql.UserArgs{\n\t\t\tName: pulumi.String(\"iam_group@example.com\"),\n\t\t\tInstance: main.Name,\n\t\t\tType: pulumi.String(\"CLOUD_IAM_GROUP\"),\n\t\t})\n\t\tif err != nil {\n\t\t\treturn err\n\t\t}\n\t\treturn nil\n\t})\n}\n```\n```java\npackage generated_program;\n\nimport com.pulumi.Context;\nimport com.pulumi.Pulumi;\nimport com.pulumi.core.Output;\nimport com.pulumi.random.RandomId;\nimport com.pulumi.random.RandomIdArgs;\nimport com.pulumi.gcp.sql.DatabaseInstance;\nimport com.pulumi.gcp.sql.DatabaseInstanceArgs;\nimport com.pulumi.gcp.sql.inputs.DatabaseInstanceSettingsArgs;\nimport com.pulumi.gcp.sql.User;\nimport com.pulumi.gcp.sql.UserArgs;\nimport java.util.List;\nimport java.util.ArrayList;\nimport java.util.Map;\nimport java.io.File;\nimport java.nio.file.Files;\nimport java.nio.file.Paths;\n\npublic class App {\n public static void main(String[] args) {\n Pulumi.run(App::stack);\n }\n\n public static void stack(Context ctx) {\n var dbNameSuffix = new RandomId(\"dbNameSuffix\", RandomIdArgs.builder()\n .byteLength(4)\n .build());\n\n var main = new DatabaseInstance(\"main\", DatabaseInstanceArgs.builder()\n .name(dbNameSuffix.hex().applyValue(hex -\u003e String.format(\"main-instance-%s\", hex)))\n .databaseVersion(\"MYSQL_8_0\")\n .settings(DatabaseInstanceSettingsArgs.builder()\n .tier(\"db-f1-micro\")\n .databaseFlags(DatabaseInstanceSettingsDatabaseFlagArgs.builder()\n .name(\"cloudsql.iam_authentication\")\n .value(\"on\")\n .build())\n .build())\n .build());\n\n var iamGroupUser = new User(\"iamGroupUser\", UserArgs.builder()\n .name(\"iam_group@example.com\")\n .instance(main.name())\n .type(\"CLOUD_IAM_GROUP\")\n .build());\n\n }\n}\n```\n```yaml\nresources:\n dbNameSuffix:\n type: random:RandomId\n name: db_name_suffix\n properties:\n byteLength: 4\n main:\n type: gcp:sql:DatabaseInstance\n properties:\n name: main-instance-${dbNameSuffix.hex}\n databaseVersion: MYSQL_8_0\n settings:\n tier: db-f1-micro\n databaseFlags:\n - name: cloudsql.iam_authentication\n value: on\n iamGroupUser:\n type: gcp:sql:User\n name: iam_group_user\n properties:\n name: iam_group@example.com\n instance: ${main.name}\n type: CLOUD_IAM_GROUP\n```\n\u003c!--End PulumiCodeChooser --\u003e\n\n## Import\n\nSQL users for MySQL databases can be imported using the `project`, `instance`, `host` and `name`, e.g.\n\n* `{{project_id}}/{{instance}}/{{host}}/{{name}}`\n\nSQL users for PostgreSQL databases can be imported using the `project`, `instance` and `name`, e.g.\n\n* `{{project_id}}/{{instance}}/{{name}}`\n\nWhen using the `pulumi import` command, NAME_HERE can be imported using one of the formats above. For example:\n\nMySQL database\n\n```sh\n$ pulumi import gcp:sql/user:User default {{project_id}}/{{instance}}/{{host}}/{{name}}\n```\n\nPostgreSQL database\n\n```sh\n$ pulumi import gcp:sql/user:User default {{project_id}}/{{instance}}/{{name}}\n```\n\n", + "description": "Creates a new Google SQL User on a Google SQL User Instance. For more information, see the [official documentation](https://cloud.google.com/sql/), or the [JSON API](https://cloud.google.com/sql/docs/admin-api/v1beta4/users).\n\n\n\n## Example Usage\n\nExample creating a SQL User.\n\n\u003c!--Start PulumiCodeChooser --\u003e\n```typescript\nimport * as pulumi from \"@pulumi/pulumi\";\nimport * as gcp from \"@pulumi/gcp\";\nimport * as random from \"@pulumi/random\";\n\nconst dbNameSuffix = new random.RandomId(\"db_name_suffix\", {byteLength: 4});\nconst main = new gcp.sql.DatabaseInstance(\"main\", {\n name: pulumi.interpolate`main-instance-${dbNameSuffix.hex}`,\n databaseVersion: \"MYSQL_5_7\",\n settings: {\n tier: \"db-f1-micro\",\n },\n});\nconst users = new gcp.sql.User(\"users\", {\n name: \"me\",\n instance: main.name,\n host: \"me.com\",\n password: \"changeme\",\n});\n```\n```python\nimport pulumi\nimport pulumi_gcp as gcp\nimport pulumi_random as random\n\ndb_name_suffix = random.RandomId(\"db_name_suffix\", byte_length=4)\nmain = gcp.sql.DatabaseInstance(\"main\",\n name=db_name_suffix.hex.apply(lambda hex: f\"main-instance-{hex}\"),\n database_version=\"MYSQL_5_7\",\n settings=gcp.sql.DatabaseInstanceSettingsArgs(\n tier=\"db-f1-micro\",\n ))\nusers = gcp.sql.User(\"users\",\n name=\"me\",\n instance=main.name,\n host=\"me.com\",\n password=\"changeme\")\n```\n```csharp\nusing System.Collections.Generic;\nusing System.Linq;\nusing Pulumi;\nusing Gcp = Pulumi.Gcp;\nusing Random = Pulumi.Random;\n\nreturn await Deployment.RunAsync(() =\u003e \n{\n var dbNameSuffix = new Random.RandomId(\"db_name_suffix\", new()\n {\n ByteLength = 4,\n });\n\n var main = new Gcp.Sql.DatabaseInstance(\"main\", new()\n {\n Name = dbNameSuffix.Hex.Apply(hex =\u003e $\"main-instance-{hex}\"),\n DatabaseVersion = \"MYSQL_5_7\",\n Settings = new Gcp.Sql.Inputs.DatabaseInstanceSettingsArgs\n {\n Tier = \"db-f1-micro\",\n },\n });\n\n var users = new Gcp.Sql.User(\"users\", new()\n {\n Name = \"me\",\n Instance = main.Name,\n Host = \"me.com\",\n Password = \"changeme\",\n });\n\n});\n```\n```go\npackage main\n\nimport (\n\t\"fmt\"\n\n\t\"github.com/pulumi/pulumi-gcp/sdk/v7/go/gcp/sql\"\n\t\"github.com/pulumi/pulumi-random/sdk/v4/go/random\"\n\t\"github.com/pulumi/pulumi/sdk/v3/go/pulumi\"\n)\n\nfunc main() {\n\tpulumi.Run(func(ctx *pulumi.Context) error {\n\t\tdbNameSuffix, err := random.NewRandomId(ctx, \"db_name_suffix\", \u0026random.RandomIdArgs{\n\t\t\tByteLength: pulumi.Int(4),\n\t\t})\n\t\tif err != nil {\n\t\t\treturn err\n\t\t}\n\t\tmain, err := sql.NewDatabaseInstance(ctx, \"main\", \u0026sql.DatabaseInstanceArgs{\n\t\t\tName: dbNameSuffix.Hex.ApplyT(func(hex string) (string, error) {\n\t\t\t\treturn fmt.Sprintf(\"main-instance-%v\", hex), nil\n\t\t\t}).(pulumi.StringOutput),\n\t\t\tDatabaseVersion: pulumi.String(\"MYSQL_5_7\"),\n\t\t\tSettings: \u0026sql.DatabaseInstanceSettingsArgs{\n\t\t\t\tTier: pulumi.String(\"db-f1-micro\"),\n\t\t\t},\n\t\t})\n\t\tif err != nil {\n\t\t\treturn err\n\t\t}\n\t\t_, err = sql.NewUser(ctx, \"users\", \u0026sql.UserArgs{\n\t\t\tName: pulumi.String(\"me\"),\n\t\t\tInstance: main.Name,\n\t\t\tHost: pulumi.String(\"me.com\"),\n\t\t\tPassword: pulumi.String(\"changeme\"),\n\t\t})\n\t\tif err != nil {\n\t\t\treturn err\n\t\t}\n\t\treturn nil\n\t})\n}\n```\n```java\npackage generated_program;\n\nimport com.pulumi.Context;\nimport com.pulumi.Pulumi;\nimport com.pulumi.core.Output;\nimport com.pulumi.random.RandomId;\nimport com.pulumi.random.RandomIdArgs;\nimport com.pulumi.gcp.sql.DatabaseInstance;\nimport com.pulumi.gcp.sql.DatabaseInstanceArgs;\nimport com.pulumi.gcp.sql.inputs.DatabaseInstanceSettingsArgs;\nimport com.pulumi.gcp.sql.User;\nimport com.pulumi.gcp.sql.UserArgs;\nimport java.util.List;\nimport java.util.ArrayList;\nimport java.util.Map;\nimport java.io.File;\nimport java.nio.file.Files;\nimport java.nio.file.Paths;\n\npublic class App {\n public static void main(String[] args) {\n Pulumi.run(App::stack);\n }\n\n public static void stack(Context ctx) {\n var dbNameSuffix = new RandomId(\"dbNameSuffix\", RandomIdArgs.builder()\n .byteLength(4)\n .build());\n\n var main = new DatabaseInstance(\"main\", DatabaseInstanceArgs.builder()\n .name(dbNameSuffix.hex().applyValue(hex -\u003e String.format(\"main-instance-%s\", hex)))\n .databaseVersion(\"MYSQL_5_7\")\n .settings(DatabaseInstanceSettingsArgs.builder()\n .tier(\"db-f1-micro\")\n .build())\n .build());\n\n var users = new User(\"users\", UserArgs.builder()\n .name(\"me\")\n .instance(main.name())\n .host(\"me.com\")\n .password(\"changeme\")\n .build());\n\n }\n}\n```\n```yaml\nresources:\n dbNameSuffix:\n type: random:RandomId\n name: db_name_suffix\n properties:\n byteLength: 4\n main:\n type: gcp:sql:DatabaseInstance\n properties:\n name: main-instance-${dbNameSuffix.hex}\n databaseVersion: MYSQL_5_7\n settings:\n tier: db-f1-micro\n users:\n type: gcp:sql:User\n properties:\n name: me\n instance: ${main.name}\n host: me.com\n password: changeme\n```\n\u003c!--End PulumiCodeChooser --\u003e\n\nExample using [Cloud SQL IAM database authentication](https://cloud.google.com/sql/docs/mysql/authentication).\n\n\u003c!--Start PulumiCodeChooser --\u003e\n```typescript\nimport * as pulumi from \"@pulumi/pulumi\";\nimport * as gcp from \"@pulumi/gcp\";\nimport * as random from \"@pulumi/random\";\nimport * as std from \"@pulumi/std\";\n\nconst dbNameSuffix = new random.RandomId(\"db_name_suffix\", {byteLength: 4});\nconst main = new gcp.sql.DatabaseInstance(\"main\", {\n name: pulumi.interpolate`main-instance-${dbNameSuffix.hex}`,\n databaseVersion: \"POSTGRES_15\",\n settings: {\n tier: \"db-f1-micro\",\n databaseFlags: [{\n name: \"cloudsql_iam_authentication\",\n value: \"on\",\n }],\n },\n});\nconst iamUser = new gcp.sql.User(\"iam_user\", {\n name: \"me@example.com\",\n instance: main.name,\n type: \"CLOUD_IAM_USER\",\n});\nconst iamServiceAccountUser = new gcp.sql.User(\"iam_service_account_user\", {\n name: std.trimsuffix({\n input: serviceAccount.email,\n suffix: \".gserviceaccount.com\",\n }).then(invoke =\u003e invoke.result),\n instance: main.name,\n type: \"CLOUD_IAM_SERVICE_ACCOUNT\",\n});\n```\n```python\nimport pulumi\nimport pulumi_gcp as gcp\nimport pulumi_random as random\nimport pulumi_std as std\n\ndb_name_suffix = random.RandomId(\"db_name_suffix\", byte_length=4)\nmain = gcp.sql.DatabaseInstance(\"main\",\n name=db_name_suffix.hex.apply(lambda hex: f\"main-instance-{hex}\"),\n database_version=\"POSTGRES_15\",\n settings=gcp.sql.DatabaseInstanceSettingsArgs(\n tier=\"db-f1-micro\",\n database_flags=[gcp.sql.DatabaseInstanceSettingsDatabaseFlagArgs(\n name=\"cloudsql_iam_authentication\",\n value=\"on\",\n )],\n ))\niam_user = gcp.sql.User(\"iam_user\",\n name=\"me@example.com\",\n instance=main.name,\n type=\"CLOUD_IAM_USER\")\niam_service_account_user = gcp.sql.User(\"iam_service_account_user\",\n name=std.trimsuffix(input=service_account[\"email\"],\n suffix=\".gserviceaccount.com\").result,\n instance=main.name,\n type=\"CLOUD_IAM_SERVICE_ACCOUNT\")\n```\n```csharp\nusing System.Collections.Generic;\nusing System.Linq;\nusing Pulumi;\nusing Gcp = Pulumi.Gcp;\nusing Random = Pulumi.Random;\nusing Std = Pulumi.Std;\n\nreturn await Deployment.RunAsync(() =\u003e \n{\n var dbNameSuffix = new Random.RandomId(\"db_name_suffix\", new()\n {\n ByteLength = 4,\n });\n\n var main = new Gcp.Sql.DatabaseInstance(\"main\", new()\n {\n Name = dbNameSuffix.Hex.Apply(hex =\u003e $\"main-instance-{hex}\"),\n DatabaseVersion = \"POSTGRES_15\",\n Settings = new Gcp.Sql.Inputs.DatabaseInstanceSettingsArgs\n {\n Tier = \"db-f1-micro\",\n DatabaseFlags = new[]\n {\n new Gcp.Sql.Inputs.DatabaseInstanceSettingsDatabaseFlagArgs\n {\n Name = \"cloudsql_iam_authentication\",\n Value = \"on\",\n },\n },\n },\n });\n\n var iamUser = new Gcp.Sql.User(\"iam_user\", new()\n {\n Name = \"me@example.com\",\n Instance = main.Name,\n Type = \"CLOUD_IAM_USER\",\n });\n\n var iamServiceAccountUser = new Gcp.Sql.User(\"iam_service_account_user\", new()\n {\n Name = Std.Trimsuffix.Invoke(new()\n {\n Input = serviceAccount.Email,\n Suffix = \".gserviceaccount.com\",\n }).Apply(invoke =\u003e invoke.Result),\n Instance = main.Name,\n Type = \"CLOUD_IAM_SERVICE_ACCOUNT\",\n });\n\n});\n```\n```go\npackage main\n\nimport (\n\t\"fmt\"\n\n\t\"github.com/pulumi/pulumi-gcp/sdk/v7/go/gcp/sql\"\n\t\"github.com/pulumi/pulumi-random/sdk/v4/go/random\"\n\t\"github.com/pulumi/pulumi-std/sdk/go/std\"\n\t\"github.com/pulumi/pulumi/sdk/v3/go/pulumi\"\n)\n\nfunc main() {\n\tpulumi.Run(func(ctx *pulumi.Context) error {\n\t\tdbNameSuffix, err := random.NewRandomId(ctx, \"db_name_suffix\", \u0026random.RandomIdArgs{\n\t\t\tByteLength: pulumi.Int(4),\n\t\t})\n\t\tif err != nil {\n\t\t\treturn err\n\t\t}\n\t\tmain, err := sql.NewDatabaseInstance(ctx, \"main\", \u0026sql.DatabaseInstanceArgs{\n\t\t\tName: dbNameSuffix.Hex.ApplyT(func(hex string) (string, error) {\n\t\t\t\treturn fmt.Sprintf(\"main-instance-%v\", hex), nil\n\t\t\t}).(pulumi.StringOutput),\n\t\t\tDatabaseVersion: pulumi.String(\"POSTGRES_15\"),\n\t\t\tSettings: \u0026sql.DatabaseInstanceSettingsArgs{\n\t\t\t\tTier: pulumi.String(\"db-f1-micro\"),\n\t\t\t\tDatabaseFlags: sql.DatabaseInstanceSettingsDatabaseFlagArray{\n\t\t\t\t\t\u0026sql.DatabaseInstanceSettingsDatabaseFlagArgs{\n\t\t\t\t\t\tName: pulumi.String(\"cloudsql_iam_authentication\"),\n\t\t\t\t\t\tValue: pulumi.String(\"on\"),\n\t\t\t\t\t},\n\t\t\t\t},\n\t\t\t},\n\t\t})\n\t\tif err != nil {\n\t\t\treturn err\n\t\t}\n\t\t_, err = sql.NewUser(ctx, \"iam_user\", \u0026sql.UserArgs{\n\t\t\tName: pulumi.String(\"me@example.com\"),\n\t\t\tInstance: main.Name,\n\t\t\tType: pulumi.String(\"CLOUD_IAM_USER\"),\n\t\t})\n\t\tif err != nil {\n\t\t\treturn err\n\t\t}\n\t\tinvokeTrimsuffix, err := std.Trimsuffix(ctx, \u0026std.TrimsuffixArgs{\n\t\t\tInput: serviceAccount.Email,\n\t\t\tSuffix: \".gserviceaccount.com\",\n\t\t}, nil)\n\t\tif err != nil {\n\t\t\treturn err\n\t\t}\n\t\t_, err = sql.NewUser(ctx, \"iam_service_account_user\", \u0026sql.UserArgs{\n\t\t\tName: invokeTrimsuffix.Result,\n\t\t\tInstance: main.Name,\n\t\t\tType: pulumi.String(\"CLOUD_IAM_SERVICE_ACCOUNT\"),\n\t\t})\n\t\tif err != nil {\n\t\t\treturn err\n\t\t}\n\t\treturn nil\n\t})\n}\n```\n```java\npackage generated_program;\n\nimport com.pulumi.Context;\nimport com.pulumi.Pulumi;\nimport com.pulumi.core.Output;\nimport com.pulumi.random.RandomId;\nimport com.pulumi.random.RandomIdArgs;\nimport com.pulumi.gcp.sql.DatabaseInstance;\nimport com.pulumi.gcp.sql.DatabaseInstanceArgs;\nimport com.pulumi.gcp.sql.inputs.DatabaseInstanceSettingsArgs;\nimport com.pulumi.gcp.sql.User;\nimport com.pulumi.gcp.sql.UserArgs;\nimport java.util.List;\nimport java.util.ArrayList;\nimport java.util.Map;\nimport java.io.File;\nimport java.nio.file.Files;\nimport java.nio.file.Paths;\n\npublic class App {\n public static void main(String[] args) {\n Pulumi.run(App::stack);\n }\n\n public static void stack(Context ctx) {\n var dbNameSuffix = new RandomId(\"dbNameSuffix\", RandomIdArgs.builder()\n .byteLength(4)\n .build());\n\n var main = new DatabaseInstance(\"main\", DatabaseInstanceArgs.builder()\n .name(dbNameSuffix.hex().applyValue(hex -\u003e String.format(\"main-instance-%s\", hex)))\n .databaseVersion(\"POSTGRES_15\")\n .settings(DatabaseInstanceSettingsArgs.builder()\n .tier(\"db-f1-micro\")\n .databaseFlags(DatabaseInstanceSettingsDatabaseFlagArgs.builder()\n .name(\"cloudsql_iam_authentication\")\n .value(\"on\")\n .build())\n .build())\n .build());\n\n var iamUser = new User(\"iamUser\", UserArgs.builder()\n .name(\"me@example.com\")\n .instance(main.name())\n .type(\"CLOUD_IAM_USER\")\n .build());\n\n var iamServiceAccountUser = new User(\"iamServiceAccountUser\", UserArgs.builder()\n .name(StdFunctions.trimsuffix(TrimsuffixArgs.builder()\n .input(serviceAccount.email())\n .suffix(\".gserviceaccount.com\")\n .build()).result())\n .instance(main.name())\n .type(\"CLOUD_IAM_SERVICE_ACCOUNT\")\n .build());\n\n }\n}\n```\n```yaml\nresources:\n dbNameSuffix:\n type: random:RandomId\n name: db_name_suffix\n properties:\n byteLength: 4\n main:\n type: gcp:sql:DatabaseInstance\n properties:\n name: main-instance-${dbNameSuffix.hex}\n databaseVersion: POSTGRES_15\n settings:\n tier: db-f1-micro\n databaseFlags:\n - name: cloudsql_iam_authentication\n value: on\n iamUser:\n type: gcp:sql:User\n name: iam_user\n properties:\n name: me@example.com\n instance: ${main.name}\n type: CLOUD_IAM_USER\n iamServiceAccountUser:\n type: gcp:sql:User\n name: iam_service_account_user\n properties:\n name:\n fn::invoke:\n Function: std:trimsuffix\n Arguments:\n input: ${serviceAccount.email}\n suffix: .gserviceaccount.com\n Return: result\n instance: ${main.name}\n type: CLOUD_IAM_SERVICE_ACCOUNT\n```\n\u003c!--End PulumiCodeChooser --\u003e\n\nExample using [Cloud SQL IAM Group authentication](https://cloud.google.com/sql/docs/mysql/iam-authentication#iam-group-auth).\n\n\u003c!--Start PulumiCodeChooser --\u003e\n```typescript\nimport * as pulumi from \"@pulumi/pulumi\";\nimport * as gcp from \"@pulumi/gcp\";\nimport * as random from \"@pulumi/random\";\n\nconst dbNameSuffix = new random.RandomId(\"db_name_suffix\", {byteLength: 4});\nconst main = new gcp.sql.DatabaseInstance(\"main\", {\n name: pulumi.interpolate`main-instance-${dbNameSuffix.hex}`,\n databaseVersion: \"MYSQL_8_0\",\n settings: {\n tier: \"db-f1-micro\",\n databaseFlags: [{\n name: \"cloudsql_iam_authentication\",\n value: \"on\",\n }],\n },\n});\nconst iamGroupUser = new gcp.sql.User(\"iam_group_user\", {\n name: \"iam_group@example.com\",\n instance: main.name,\n type: \"CLOUD_IAM_GROUP\",\n});\n```\n```python\nimport pulumi\nimport pulumi_gcp as gcp\nimport pulumi_random as random\n\ndb_name_suffix = random.RandomId(\"db_name_suffix\", byte_length=4)\nmain = gcp.sql.DatabaseInstance(\"main\",\n name=db_name_suffix.hex.apply(lambda hex: f\"main-instance-{hex}\"),\n database_version=\"MYSQL_8_0\",\n settings=gcp.sql.DatabaseInstanceSettingsArgs(\n tier=\"db-f1-micro\",\n database_flags=[gcp.sql.DatabaseInstanceSettingsDatabaseFlagArgs(\n name=\"cloudsql_iam_authentication\",\n value=\"on\",\n )],\n ))\niam_group_user = gcp.sql.User(\"iam_group_user\",\n name=\"iam_group@example.com\",\n instance=main.name,\n type=\"CLOUD_IAM_GROUP\")\n```\n```csharp\nusing System.Collections.Generic;\nusing System.Linq;\nusing Pulumi;\nusing Gcp = Pulumi.Gcp;\nusing Random = Pulumi.Random;\n\nreturn await Deployment.RunAsync(() =\u003e \n{\n var dbNameSuffix = new Random.RandomId(\"db_name_suffix\", new()\n {\n ByteLength = 4,\n });\n\n var main = new Gcp.Sql.DatabaseInstance(\"main\", new()\n {\n Name = dbNameSuffix.Hex.Apply(hex =\u003e $\"main-instance-{hex}\"),\n DatabaseVersion = \"MYSQL_8_0\",\n Settings = new Gcp.Sql.Inputs.DatabaseInstanceSettingsArgs\n {\n Tier = \"db-f1-micro\",\n DatabaseFlags = new[]\n {\n new Gcp.Sql.Inputs.DatabaseInstanceSettingsDatabaseFlagArgs\n {\n Name = \"cloudsql_iam_authentication\",\n Value = \"on\",\n },\n },\n },\n });\n\n var iamGroupUser = new Gcp.Sql.User(\"iam_group_user\", new()\n {\n Name = \"iam_group@example.com\",\n Instance = main.Name,\n Type = \"CLOUD_IAM_GROUP\",\n });\n\n});\n```\n```go\npackage main\n\nimport (\n\t\"fmt\"\n\n\t\"github.com/pulumi/pulumi-gcp/sdk/v7/go/gcp/sql\"\n\t\"github.com/pulumi/pulumi-random/sdk/v4/go/random\"\n\t\"github.com/pulumi/pulumi/sdk/v3/go/pulumi\"\n)\n\nfunc main() {\n\tpulumi.Run(func(ctx *pulumi.Context) error {\n\t\tdbNameSuffix, err := random.NewRandomId(ctx, \"db_name_suffix\", \u0026random.RandomIdArgs{\n\t\t\tByteLength: pulumi.Int(4),\n\t\t})\n\t\tif err != nil {\n\t\t\treturn err\n\t\t}\n\t\tmain, err := sql.NewDatabaseInstance(ctx, \"main\", \u0026sql.DatabaseInstanceArgs{\n\t\t\tName: dbNameSuffix.Hex.ApplyT(func(hex string) (string, error) {\n\t\t\t\treturn fmt.Sprintf(\"main-instance-%v\", hex), nil\n\t\t\t}).(pulumi.StringOutput),\n\t\t\tDatabaseVersion: pulumi.String(\"MYSQL_8_0\"),\n\t\t\tSettings: \u0026sql.DatabaseInstanceSettingsArgs{\n\t\t\t\tTier: pulumi.String(\"db-f1-micro\"),\n\t\t\t\tDatabaseFlags: sql.DatabaseInstanceSettingsDatabaseFlagArray{\n\t\t\t\t\t\u0026sql.DatabaseInstanceSettingsDatabaseFlagArgs{\n\t\t\t\t\t\tName: pulumi.String(\"cloudsql_iam_authentication\"),\n\t\t\t\t\t\tValue: pulumi.String(\"on\"),\n\t\t\t\t\t},\n\t\t\t\t},\n\t\t\t},\n\t\t})\n\t\tif err != nil {\n\t\t\treturn err\n\t\t}\n\t\t_, err = sql.NewUser(ctx, \"iam_group_user\", \u0026sql.UserArgs{\n\t\t\tName: pulumi.String(\"iam_group@example.com\"),\n\t\t\tInstance: main.Name,\n\t\t\tType: pulumi.String(\"CLOUD_IAM_GROUP\"),\n\t\t})\n\t\tif err != nil {\n\t\t\treturn err\n\t\t}\n\t\treturn nil\n\t})\n}\n```\n```java\npackage generated_program;\n\nimport com.pulumi.Context;\nimport com.pulumi.Pulumi;\nimport com.pulumi.core.Output;\nimport com.pulumi.random.RandomId;\nimport com.pulumi.random.RandomIdArgs;\nimport com.pulumi.gcp.sql.DatabaseInstance;\nimport com.pulumi.gcp.sql.DatabaseInstanceArgs;\nimport com.pulumi.gcp.sql.inputs.DatabaseInstanceSettingsArgs;\nimport com.pulumi.gcp.sql.User;\nimport com.pulumi.gcp.sql.UserArgs;\nimport java.util.List;\nimport java.util.ArrayList;\nimport java.util.Map;\nimport java.io.File;\nimport java.nio.file.Files;\nimport java.nio.file.Paths;\n\npublic class App {\n public static void main(String[] args) {\n Pulumi.run(App::stack);\n }\n\n public static void stack(Context ctx) {\n var dbNameSuffix = new RandomId(\"dbNameSuffix\", RandomIdArgs.builder()\n .byteLength(4)\n .build());\n\n var main = new DatabaseInstance(\"main\", DatabaseInstanceArgs.builder()\n .name(dbNameSuffix.hex().applyValue(hex -\u003e String.format(\"main-instance-%s\", hex)))\n .databaseVersion(\"MYSQL_8_0\")\n .settings(DatabaseInstanceSettingsArgs.builder()\n .tier(\"db-f1-micro\")\n .databaseFlags(DatabaseInstanceSettingsDatabaseFlagArgs.builder()\n .name(\"cloudsql_iam_authentication\")\n .value(\"on\")\n .build())\n .build())\n .build());\n\n var iamGroupUser = new User(\"iamGroupUser\", UserArgs.builder()\n .name(\"iam_group@example.com\")\n .instance(main.name())\n .type(\"CLOUD_IAM_GROUP\")\n .build());\n\n }\n}\n```\n```yaml\nresources:\n dbNameSuffix:\n type: random:RandomId\n name: db_name_suffix\n properties:\n byteLength: 4\n main:\n type: gcp:sql:DatabaseInstance\n properties:\n name: main-instance-${dbNameSuffix.hex}\n databaseVersion: MYSQL_8_0\n settings:\n tier: db-f1-micro\n databaseFlags:\n - name: cloudsql_iam_authentication\n value: on\n iamGroupUser:\n type: gcp:sql:User\n name: iam_group_user\n properties:\n name: iam_group@example.com\n instance: ${main.name}\n type: CLOUD_IAM_GROUP\n```\n\u003c!--End PulumiCodeChooser --\u003e\n\n## Import\n\nSQL users for MySQL databases can be imported using the `project`, `instance`, `host` and `name`, e.g.\n\n* `{{project_id}}/{{instance}}/{{host}}/{{name}}`\n\nSQL users for PostgreSQL databases can be imported using the `project`, `instance` and `name`, e.g.\n\n* `{{project_id}}/{{instance}}/{{name}}`\n\nWhen using the `pulumi import` command, NAME_HERE can be imported using one of the formats above. For example:\n\nMySQL database\n\n```sh\n$ pulumi import gcp:sql/user:User default {{project_id}}/{{instance}}/{{host}}/{{name}}\n```\n\nPostgreSQL database\n\n```sh\n$ pulumi import gcp:sql/user:User default {{project_id}}/{{instance}}/{{name}}\n```\n\n", "properties": { "deletionPolicy": { "type": "string", @@ -250386,6 +252839,57 @@ "type": "object" } }, + "gcp:compute/getSubnetworks:getSubnetworks": { + "description": "Get subnetworks within GCE.\nSee [the official documentation](https://cloud.google.com/vpc/docs/subnets)\nand [API](https://cloud.google.com/compute/docs/reference/rest/v1/subnetworks/list).\n\n## Example Usage\n\n\u003c!--Start PulumiCodeChooser --\u003e\n```typescript\nimport * as pulumi from \"@pulumi/pulumi\";\nimport * as gcp from \"@pulumi/gcp\";\n\nconst my-subnetworks = gcp.compute.getSubnetworks({\n filter: \"ipCidrRange eq 192.168.178.0/24\",\n project: \"my-project\",\n region: \"us-east1\",\n});\n```\n```python\nimport pulumi\nimport pulumi_gcp as gcp\n\nmy_subnetworks = gcp.compute.get_subnetworks(filter=\"ipCidrRange eq 192.168.178.0/24\",\n project=\"my-project\",\n region=\"us-east1\")\n```\n```csharp\nusing System.Collections.Generic;\nusing System.Linq;\nusing Pulumi;\nusing Gcp = Pulumi.Gcp;\n\nreturn await Deployment.RunAsync(() =\u003e \n{\n var my_subnetworks = Gcp.Compute.GetSubnetworks.Invoke(new()\n {\n Filter = \"ipCidrRange eq 192.168.178.0/24\",\n Project = \"my-project\",\n Region = \"us-east1\",\n });\n\n});\n```\n```go\npackage main\n\nimport (\n\t\"github.com/pulumi/pulumi-gcp/sdk/v7/go/gcp/compute\"\n\t\"github.com/pulumi/pulumi/sdk/v3/go/pulumi\"\n)\n\nfunc main() {\n\tpulumi.Run(func(ctx *pulumi.Context) error {\n\t\t_, err := compute.GetSubnetworks(ctx, \u0026compute.GetSubnetworksArgs{\n\t\t\tFilter: pulumi.StringRef(\"ipCidrRange eq 192.168.178.0/24\"),\n\t\t\tProject: pulumi.StringRef(\"my-project\"),\n\t\t\tRegion: pulumi.StringRef(\"us-east1\"),\n\t\t}, nil)\n\t\tif err != nil {\n\t\t\treturn err\n\t\t}\n\t\treturn nil\n\t})\n}\n```\n```java\npackage generated_program;\n\nimport com.pulumi.Context;\nimport com.pulumi.Pulumi;\nimport com.pulumi.core.Output;\nimport com.pulumi.gcp.compute.ComputeFunctions;\nimport com.pulumi.gcp.compute.inputs.GetSubnetworksArgs;\nimport java.util.List;\nimport java.util.ArrayList;\nimport java.util.Map;\nimport java.io.File;\nimport java.nio.file.Files;\nimport java.nio.file.Paths;\n\npublic class App {\n public static void main(String[] args) {\n Pulumi.run(App::stack);\n }\n\n public static void stack(Context ctx) {\n final var my-subnetworks = ComputeFunctions.getSubnetworks(GetSubnetworksArgs.builder()\n .filter(\"ipCidrRange eq 192.168.178.0/24\")\n .project(\"my-project\")\n .region(\"us-east1\")\n .build());\n\n }\n}\n```\n```yaml\nvariables:\n my-subnetworks:\n fn::invoke:\n Function: gcp:compute:getSubnetworks\n Arguments:\n filter: ipCidrRange eq 192.168.178.0/24\n project: my-project\n region: us-east1\n```\n\u003c!--End PulumiCodeChooser --\u003e\n", + "inputs": { + "description": "A collection of arguments for invoking getSubnetworks.\n", + "properties": { + "filter": { + "type": "string", + "description": "A string filter as defined in the [REST API](https://cloud.google.com/compute/docs/reference/rest/v1/subnetworks/list#query-parameters).\n" + }, + "project": { + "type": "string", + "description": "The ID of the project in which the resource belongs. If it\nis not provided, the provider project is used.\n" + }, + "region": { + "type": "string", + "description": "The region this subnetwork has been created in. If\nunspecified, this defaults to the region configured in the provider.\n" + } + }, + "type": "object" + }, + "outputs": { + "description": "A collection of values returned by getSubnetworks.\n", + "properties": { + "filter": { + "type": "string" + }, + "id": { + "description": "The provider-assigned unique ID for this managed resource.\n", + "type": "string" + }, + "project": { + "type": "string" + }, + "region": { + "type": "string" + }, + "subnetworks": { + "description": "A list of all retrieved GCE subnetworks. Structure is defined below.\n", + "items": { + "$ref": "#/types/gcp:compute/getSubnetworksSubnetwork:getSubnetworksSubnetwork" + }, + "type": "array" + } + }, + "required": [ + "subnetworks", + "id" + ], + "type": "object" + } + }, "gcp:compute/getVPNGateway:getVPNGateway": { "description": "Get a VPN gateway within GCE from its name.\n\n## Example Usage\n\n```tf\ndata \"google_compute_vpn_gateway\" \"my-vpn-gateway\" {\n name = \"vpn-gateway-us-east1\"\n}\n```\n", "inputs": { @@ -251853,6 +254357,67 @@ "type": "object" } }, + "gcp:dataplex/getAspectTypeIamPolicy:getAspectTypeIamPolicy": { + "description": "Retrieves the current IAM policy data for aspecttype\n\n\n## example\n\n\u003c!--Start PulumiCodeChooser --\u003e\n```typescript\nimport * as pulumi from \"@pulumi/pulumi\";\nimport * as gcp from \"@pulumi/gcp\";\n\nconst policy = gcp.dataplex.getAspectTypeIamPolicy({\n project: testAspectTypeBasic.project,\n location: testAspectTypeBasic.location,\n aspectTypeId: testAspectTypeBasic.aspectTypeId,\n});\n```\n```python\nimport pulumi\nimport pulumi_gcp as gcp\n\npolicy = gcp.dataplex.get_aspect_type_iam_policy(project=test_aspect_type_basic[\"project\"],\n location=test_aspect_type_basic[\"location\"],\n aspect_type_id=test_aspect_type_basic[\"aspectTypeId\"])\n```\n```csharp\nusing System.Collections.Generic;\nusing System.Linq;\nusing Pulumi;\nusing Gcp = Pulumi.Gcp;\n\nreturn await Deployment.RunAsync(() =\u003e \n{\n var policy = Gcp.DataPlex.GetAspectTypeIamPolicy.Invoke(new()\n {\n Project = testAspectTypeBasic.Project,\n Location = testAspectTypeBasic.Location,\n AspectTypeId = testAspectTypeBasic.AspectTypeId,\n });\n\n});\n```\n```go\npackage main\n\nimport (\n\t\"github.com/pulumi/pulumi-gcp/sdk/v7/go/gcp/dataplex\"\n\t\"github.com/pulumi/pulumi/sdk/v3/go/pulumi\"\n)\n\nfunc main() {\n\tpulumi.Run(func(ctx *pulumi.Context) error {\n\t\t_, err := dataplex.LookupAspectTypeIamPolicy(ctx, \u0026dataplex.LookupAspectTypeIamPolicyArgs{\n\t\t\tProject: pulumi.StringRef(testAspectTypeBasic.Project),\n\t\t\tLocation: pulumi.StringRef(testAspectTypeBasic.Location),\n\t\t\tAspectTypeId: testAspectTypeBasic.AspectTypeId,\n\t\t}, nil)\n\t\tif err != nil {\n\t\t\treturn err\n\t\t}\n\t\treturn nil\n\t})\n}\n```\n```java\npackage generated_program;\n\nimport com.pulumi.Context;\nimport com.pulumi.Pulumi;\nimport com.pulumi.core.Output;\nimport com.pulumi.gcp.dataplex.DataplexFunctions;\nimport com.pulumi.gcp.dataplex.inputs.GetAspectTypeIamPolicyArgs;\nimport java.util.List;\nimport java.util.ArrayList;\nimport java.util.Map;\nimport java.io.File;\nimport java.nio.file.Files;\nimport java.nio.file.Paths;\n\npublic class App {\n public static void main(String[] args) {\n Pulumi.run(App::stack);\n }\n\n public static void stack(Context ctx) {\n final var policy = DataplexFunctions.getAspectTypeIamPolicy(GetAspectTypeIamPolicyArgs.builder()\n .project(testAspectTypeBasic.project())\n .location(testAspectTypeBasic.location())\n .aspectTypeId(testAspectTypeBasic.aspectTypeId())\n .build());\n\n }\n}\n```\n```yaml\nvariables:\n policy:\n fn::invoke:\n Function: gcp:dataplex:getAspectTypeIamPolicy\n Arguments:\n project: ${testAspectTypeBasic.project}\n location: ${testAspectTypeBasic.location}\n aspectTypeId: ${testAspectTypeBasic.aspectTypeId}\n```\n\u003c!--End PulumiCodeChooser --\u003e\n", + "inputs": { + "description": "A collection of arguments for invoking getAspectTypeIamPolicy.\n", + "properties": { + "aspectTypeId": { + "type": "string", + "willReplaceOnChanges": true + }, + "location": { + "type": "string", + "description": "The location where aspect type will be created in.\nUsed to find the parent resource to bind the IAM policy to\n", + "willReplaceOnChanges": true + }, + "project": { + "type": "string", + "description": "The ID of the project in which the resource belongs.\nIf it is not provided, the project will be parsed from the identifier of the parent resource. If no project is provided in the parent identifier and no project is specified, the provider project is used.\n", + "willReplaceOnChanges": true + } + }, + "type": "object", + "required": [ + "aspectTypeId" + ] + }, + "outputs": { + "description": "A collection of values returned by getAspectTypeIamPolicy.\n", + "properties": { + "aspectTypeId": { + "type": "string" + }, + "etag": { + "description": "(Computed) The etag of the IAM policy.\n", + "type": "string" + }, + "id": { + "description": "The provider-assigned unique ID for this managed resource.\n", + "type": "string" + }, + "location": { + "type": "string" + }, + "policyData": { + "description": "(Required only by `gcp.dataplex.AspectTypeIamPolicy`) The policy data generated by\na `gcp.organizations.getIAMPolicy` data source.\n", + "type": "string" + }, + "project": { + "type": "string" + } + }, + "required": [ + "aspectTypeId", + "etag", + "location", + "policyData", + "project", + "id" + ], + "type": "object" + } + }, "gcp:dataplex/getAssetIamPolicy:getAssetIamPolicy": { "description": "Retrieves the current IAM policy data for asset\n\n\n## example\n\n\u003c!--Start PulumiCodeChooser --\u003e\n```typescript\nimport * as pulumi from \"@pulumi/pulumi\";\nimport * as gcp from \"@pulumi/gcp\";\n\nconst policy = gcp.dataplex.getAssetIamPolicy({\n project: example.project,\n location: example.location,\n lake: example.lake,\n dataplexZone: example.dataplexZone,\n asset: example.name,\n});\n```\n```python\nimport pulumi\nimport pulumi_gcp as gcp\n\npolicy = gcp.dataplex.get_asset_iam_policy(project=example[\"project\"],\n location=example[\"location\"],\n lake=example[\"lake\"],\n dataplex_zone=example[\"dataplexZone\"],\n asset=example[\"name\"])\n```\n```csharp\nusing System.Collections.Generic;\nusing System.Linq;\nusing Pulumi;\nusing Gcp = Pulumi.Gcp;\n\nreturn await Deployment.RunAsync(() =\u003e \n{\n var policy = Gcp.DataPlex.GetAssetIamPolicy.Invoke(new()\n {\n Project = example.Project,\n Location = example.Location,\n Lake = example.Lake,\n DataplexZone = example.DataplexZone,\n Asset = example.Name,\n });\n\n});\n```\n```go\npackage main\n\nimport (\n\t\"github.com/pulumi/pulumi-gcp/sdk/v7/go/gcp/dataplex\"\n\t\"github.com/pulumi/pulumi/sdk/v3/go/pulumi\"\n)\n\nfunc main() {\n\tpulumi.Run(func(ctx *pulumi.Context) error {\n\t\t_, err := dataplex.LookupAssetIamPolicy(ctx, \u0026dataplex.LookupAssetIamPolicyArgs{\n\t\t\tProject: pulumi.StringRef(example.Project),\n\t\t\tLocation: pulumi.StringRef(example.Location),\n\t\t\tLake: example.Lake,\n\t\t\tDataplexZone: example.DataplexZone,\n\t\t\tAsset: example.Name,\n\t\t}, nil)\n\t\tif err != nil {\n\t\t\treturn err\n\t\t}\n\t\treturn nil\n\t})\n}\n```\n```java\npackage generated_program;\n\nimport com.pulumi.Context;\nimport com.pulumi.Pulumi;\nimport com.pulumi.core.Output;\nimport com.pulumi.gcp.dataplex.DataplexFunctions;\nimport com.pulumi.gcp.dataplex.inputs.GetAssetIamPolicyArgs;\nimport java.util.List;\nimport java.util.ArrayList;\nimport java.util.Map;\nimport java.io.File;\nimport java.nio.file.Files;\nimport java.nio.file.Paths;\n\npublic class App {\n public static void main(String[] args) {\n Pulumi.run(App::stack);\n }\n\n public static void stack(Context ctx) {\n final var policy = DataplexFunctions.getAssetIamPolicy(GetAssetIamPolicyArgs.builder()\n .project(example.project())\n .location(example.location())\n .lake(example.lake())\n .dataplexZone(example.dataplexZone())\n .asset(example.name())\n .build());\n\n }\n}\n```\n```yaml\nvariables:\n policy:\n fn::invoke:\n Function: gcp:dataplex:getAssetIamPolicy\n Arguments:\n project: ${example.project}\n location: ${example.location}\n lake: ${example.lake}\n dataplexZone: ${example.dataplexZone}\n asset: ${example.name}\n```\n\u003c!--End PulumiCodeChooser --\u003e\n", "inputs": { @@ -251993,6 +254558,67 @@ "type": "object" } }, + "gcp:dataplex/getEntryGroupIamPolicy:getEntryGroupIamPolicy": { + "description": "Retrieves the current IAM policy data for entrygroup\n\n\n## example\n\n\u003c!--Start PulumiCodeChooser --\u003e\n```typescript\nimport * as pulumi from \"@pulumi/pulumi\";\nimport * as gcp from \"@pulumi/gcp\";\n\nconst policy = gcp.dataplex.getEntryGroupIamPolicy({\n project: testEntryGroupBasic.project,\n location: testEntryGroupBasic.location,\n entryGroupId: testEntryGroupBasic.entryGroupId,\n});\n```\n```python\nimport pulumi\nimport pulumi_gcp as gcp\n\npolicy = gcp.dataplex.get_entry_group_iam_policy(project=test_entry_group_basic[\"project\"],\n location=test_entry_group_basic[\"location\"],\n entry_group_id=test_entry_group_basic[\"entryGroupId\"])\n```\n```csharp\nusing System.Collections.Generic;\nusing System.Linq;\nusing Pulumi;\nusing Gcp = Pulumi.Gcp;\n\nreturn await Deployment.RunAsync(() =\u003e \n{\n var policy = Gcp.DataPlex.GetEntryGroupIamPolicy.Invoke(new()\n {\n Project = testEntryGroupBasic.Project,\n Location = testEntryGroupBasic.Location,\n EntryGroupId = testEntryGroupBasic.EntryGroupId,\n });\n\n});\n```\n```go\npackage main\n\nimport (\n\t\"github.com/pulumi/pulumi-gcp/sdk/v7/go/gcp/dataplex\"\n\t\"github.com/pulumi/pulumi/sdk/v3/go/pulumi\"\n)\n\nfunc main() {\n\tpulumi.Run(func(ctx *pulumi.Context) error {\n\t\t_, err := dataplex.LookupEntryGroupIamPolicy(ctx, \u0026dataplex.LookupEntryGroupIamPolicyArgs{\n\t\t\tProject: pulumi.StringRef(testEntryGroupBasic.Project),\n\t\t\tLocation: pulumi.StringRef(testEntryGroupBasic.Location),\n\t\t\tEntryGroupId: testEntryGroupBasic.EntryGroupId,\n\t\t}, nil)\n\t\tif err != nil {\n\t\t\treturn err\n\t\t}\n\t\treturn nil\n\t})\n}\n```\n```java\npackage generated_program;\n\nimport com.pulumi.Context;\nimport com.pulumi.Pulumi;\nimport com.pulumi.core.Output;\nimport com.pulumi.gcp.dataplex.DataplexFunctions;\nimport com.pulumi.gcp.dataplex.inputs.GetEntryGroupIamPolicyArgs;\nimport java.util.List;\nimport java.util.ArrayList;\nimport java.util.Map;\nimport java.io.File;\nimport java.nio.file.Files;\nimport java.nio.file.Paths;\n\npublic class App {\n public static void main(String[] args) {\n Pulumi.run(App::stack);\n }\n\n public static void stack(Context ctx) {\n final var policy = DataplexFunctions.getEntryGroupIamPolicy(GetEntryGroupIamPolicyArgs.builder()\n .project(testEntryGroupBasic.project())\n .location(testEntryGroupBasic.location())\n .entryGroupId(testEntryGroupBasic.entryGroupId())\n .build());\n\n }\n}\n```\n```yaml\nvariables:\n policy:\n fn::invoke:\n Function: gcp:dataplex:getEntryGroupIamPolicy\n Arguments:\n project: ${testEntryGroupBasic.project}\n location: ${testEntryGroupBasic.location}\n entryGroupId: ${testEntryGroupBasic.entryGroupId}\n```\n\u003c!--End PulumiCodeChooser --\u003e\n", + "inputs": { + "description": "A collection of arguments for invoking getEntryGroupIamPolicy.\n", + "properties": { + "entryGroupId": { + "type": "string", + "willReplaceOnChanges": true + }, + "location": { + "type": "string", + "description": "The location where entry group will be created in.\nUsed to find the parent resource to bind the IAM policy to\n", + "willReplaceOnChanges": true + }, + "project": { + "type": "string", + "description": "The ID of the project in which the resource belongs.\nIf it is not provided, the project will be parsed from the identifier of the parent resource. If no project is provided in the parent identifier and no project is specified, the provider project is used.\n", + "willReplaceOnChanges": true + } + }, + "type": "object", + "required": [ + "entryGroupId" + ] + }, + "outputs": { + "description": "A collection of values returned by getEntryGroupIamPolicy.\n", + "properties": { + "entryGroupId": { + "type": "string" + }, + "etag": { + "description": "(Computed) The etag of the IAM policy.\n", + "type": "string" + }, + "id": { + "description": "The provider-assigned unique ID for this managed resource.\n", + "type": "string" + }, + "location": { + "type": "string" + }, + "policyData": { + "description": "(Required only by `gcp.dataplex.EntryGroupIamPolicy`) The policy data generated by\na `gcp.organizations.getIAMPolicy` data source.\n", + "type": "string" + }, + "project": { + "type": "string" + } + }, + "required": [ + "entryGroupId", + "etag", + "location", + "policyData", + "project", + "id" + ], + "type": "object" + } + }, "gcp:dataplex/getLakeIamPolicy:getLakeIamPolicy": { "description": "Retrieves the current IAM policy data for lake\n\n\n## example\n\n\u003c!--Start PulumiCodeChooser --\u003e\n```typescript\nimport * as pulumi from \"@pulumi/pulumi\";\nimport * as gcp from \"@pulumi/gcp\";\n\nconst policy = gcp.dataplex.getLakeIamPolicy({\n project: example.project,\n location: example.location,\n lake: example.name,\n});\n```\n```python\nimport pulumi\nimport pulumi_gcp as gcp\n\npolicy = gcp.dataplex.get_lake_iam_policy(project=example[\"project\"],\n location=example[\"location\"],\n lake=example[\"name\"])\n```\n```csharp\nusing System.Collections.Generic;\nusing System.Linq;\nusing Pulumi;\nusing Gcp = Pulumi.Gcp;\n\nreturn await Deployment.RunAsync(() =\u003e \n{\n var policy = Gcp.DataPlex.GetLakeIamPolicy.Invoke(new()\n {\n Project = example.Project,\n Location = example.Location,\n Lake = example.Name,\n });\n\n});\n```\n```go\npackage main\n\nimport (\n\t\"github.com/pulumi/pulumi-gcp/sdk/v7/go/gcp/dataplex\"\n\t\"github.com/pulumi/pulumi/sdk/v3/go/pulumi\"\n)\n\nfunc main() {\n\tpulumi.Run(func(ctx *pulumi.Context) error {\n\t\t_, err := dataplex.LookupLakeIamPolicy(ctx, \u0026dataplex.LookupLakeIamPolicyArgs{\n\t\t\tProject: pulumi.StringRef(example.Project),\n\t\t\tLocation: pulumi.StringRef(example.Location),\n\t\t\tLake: example.Name,\n\t\t}, nil)\n\t\tif err != nil {\n\t\t\treturn err\n\t\t}\n\t\treturn nil\n\t})\n}\n```\n```java\npackage generated_program;\n\nimport com.pulumi.Context;\nimport com.pulumi.Pulumi;\nimport com.pulumi.core.Output;\nimport com.pulumi.gcp.dataplex.DataplexFunctions;\nimport com.pulumi.gcp.dataplex.inputs.GetLakeIamPolicyArgs;\nimport java.util.List;\nimport java.util.ArrayList;\nimport java.util.Map;\nimport java.io.File;\nimport java.nio.file.Files;\nimport java.nio.file.Paths;\n\npublic class App {\n public static void main(String[] args) {\n Pulumi.run(App::stack);\n }\n\n public static void stack(Context ctx) {\n final var policy = DataplexFunctions.getLakeIamPolicy(GetLakeIamPolicyArgs.builder()\n .project(example.project())\n .location(example.location())\n .lake(example.name())\n .build());\n\n }\n}\n```\n```yaml\nvariables:\n policy:\n fn::invoke:\n Function: gcp:dataplex:getLakeIamPolicy\n Arguments:\n project: ${example.project}\n location: ${example.location}\n lake: ${example.name}\n```\n\u003c!--End PulumiCodeChooser --\u003e\n", "inputs": { diff --git a/provider/provider_yaml_test.go b/provider/provider_yaml_test.go index 1df884a82d..f7f79c4e55 100644 --- a/provider/provider_yaml_test.go +++ b/provider/provider_yaml_test.go @@ -392,6 +392,7 @@ func TestNodePoolGpuAcceleratorPanic(t *testing.T) { "nodeConfig": { "advancedMachineFeatures": null, "bootDiskKmsKey": "", + "containerdConfig": null, "confidentialNodes": "04da6b54-80e4-46f7-96ec-b56ff0331ba9", "diskSizeGb": 50, "diskType": "04da6b54-80e4-46f7-96ec-b56ff0331ba9", diff --git a/provider/resources.go b/provider/resources.go index 379e28a02f..24acb19116 100644 --- a/provider/resources.go +++ b/provider/resources.go @@ -3342,6 +3342,30 @@ func Provider() tfbridge.ProviderInfo { Source: "privileged_access_manager_entitlement.html.markdown", }, }, + "google_dataplex_aspect_type_iam_binding": { + Tok: gcpResource(gcpDataPlex, "AspectTypeIamBinding"), + Docs: &tfbridge.DocInfo{Source: "dataplex_aspect_type_iam.html.markdown"}, + }, + "google_dataplex_aspect_type_iam_member": { + Tok: gcpResource(gcpDataPlex, "AspectTypeIamMember"), + Docs: &tfbridge.DocInfo{Source: "dataplex_aspect_type_iam.html.markdown"}, + }, + "google_dataplex_aspect_type_iam_policy": { + Tok: gcpResource(gcpDataPlex, "AspectTypeIamPolicy"), + Docs: &tfbridge.DocInfo{Source: "dataplex_aspect_type_iam.html.markdown"}, + }, + "google_dataplex_entry_group_iam_binding": { + Tok: gcpResource(gcpDataPlex, "EntryGroupIamBinding"), + Docs: &tfbridge.DocInfo{Source: "dataplex_entry_group_iam.html.markdown"}, + }, + "google_dataplex_entry_group_iam_member": { + Tok: gcpResource(gcpDataPlex, "EntryGroupIamMember"), + Docs: &tfbridge.DocInfo{Source: "dataplex_entry_group_iam.html.markdown"}, + }, + "google_dataplex_entry_group_iam_policy": { + Tok: gcpResource(gcpDataPlex, "EntryGroupIamPolicy"), + Docs: &tfbridge.DocInfo{Source: "dataplex_entry_group_iam.html.markdown"}, + }, }, DataSources: map[string]*tfbridge.DataSourceInfo{ // Access Approval diff --git a/sdk/dotnet/AppEngine/DomainMapping.cs b/sdk/dotnet/AppEngine/DomainMapping.cs index 20cc0d443d..f78976a5c7 100644 --- a/sdk/dotnet/AppEngine/DomainMapping.cs +++ b/sdk/dotnet/AppEngine/DomainMapping.cs @@ -113,7 +113,7 @@ public partial class DomainMapping : global::Pulumi.CustomResource /// Structure is documented below. /// [Output("sslSettings")] - public Output SslSettings { get; private set; } = null!; + public Output SslSettings { get; private set; } = null!; /// diff --git a/sdk/dotnet/AppEngine/Inputs/FlexibleAppVersionNetworkArgs.cs b/sdk/dotnet/AppEngine/Inputs/FlexibleAppVersionNetworkArgs.cs index 563bb6f2d1..b82dda154f 100644 --- a/sdk/dotnet/AppEngine/Inputs/FlexibleAppVersionNetworkArgs.cs +++ b/sdk/dotnet/AppEngine/Inputs/FlexibleAppVersionNetworkArgs.cs @@ -24,6 +24,13 @@ public InputList ForwardedPorts set => _forwardedPorts = value; } + /// + /// Prevent instances from receiving an ephemeral external IP address. + /// Possible values are: `EXTERNAL`, `INTERNAL`. + /// + [Input("instanceIpMode")] + public Input? InstanceIpMode { get; set; } + /// /// Tag to apply to the instance during creation. /// diff --git a/sdk/dotnet/AppEngine/Inputs/FlexibleAppVersionNetworkGetArgs.cs b/sdk/dotnet/AppEngine/Inputs/FlexibleAppVersionNetworkGetArgs.cs index 7e8889e9e2..9a66e300ff 100644 --- a/sdk/dotnet/AppEngine/Inputs/FlexibleAppVersionNetworkGetArgs.cs +++ b/sdk/dotnet/AppEngine/Inputs/FlexibleAppVersionNetworkGetArgs.cs @@ -24,6 +24,13 @@ public InputList ForwardedPorts set => _forwardedPorts = value; } + /// + /// Prevent instances from receiving an ephemeral external IP address. + /// Possible values are: `EXTERNAL`, `INTERNAL`. + /// + [Input("instanceIpMode")] + public Input? InstanceIpMode { get; set; } + /// /// Tag to apply to the instance during creation. /// diff --git a/sdk/dotnet/AppEngine/Outputs/FlexibleAppVersionNetwork.cs b/sdk/dotnet/AppEngine/Outputs/FlexibleAppVersionNetwork.cs index 1895eb0d39..b815720122 100644 --- a/sdk/dotnet/AppEngine/Outputs/FlexibleAppVersionNetwork.cs +++ b/sdk/dotnet/AppEngine/Outputs/FlexibleAppVersionNetwork.cs @@ -18,6 +18,11 @@ public sealed class FlexibleAppVersionNetwork /// public readonly ImmutableArray ForwardedPorts; /// + /// Prevent instances from receiving an ephemeral external IP address. + /// Possible values are: `EXTERNAL`, `INTERNAL`. + /// + public readonly string? InstanceIpMode; + /// /// Tag to apply to the instance during creation. /// public readonly string? InstanceTag; @@ -42,6 +47,8 @@ public sealed class FlexibleAppVersionNetwork private FlexibleAppVersionNetwork( ImmutableArray forwardedPorts, + string? instanceIpMode, + string? instanceTag, string name, @@ -51,6 +58,7 @@ private FlexibleAppVersionNetwork( string? subnetwork) { ForwardedPorts = forwardedPorts; + InstanceIpMode = instanceIpMode; InstanceTag = instanceTag; Name = name; SessionAffinity = sessionAffinity; diff --git a/sdk/dotnet/BigQuery/Inputs/TableExternalDataConfigurationArgs.cs b/sdk/dotnet/BigQuery/Inputs/TableExternalDataConfigurationArgs.cs index f000b51bf6..97bdcb746c 100644 --- a/sdk/dotnet/BigQuery/Inputs/TableExternalDataConfigurationArgs.cs +++ b/sdk/dotnet/BigQuery/Inputs/TableExternalDataConfigurationArgs.cs @@ -26,6 +26,13 @@ public sealed class TableExternalDataConfigurationArgs : global::Pulumi.Resource [Input("avroOptions")] public Input? AvroOptions { get; set; } + /// + /// Additional properties to set if + /// `source_format` is set to "BIGTABLE". Structure is documented below. + /// + [Input("bigtableOptions")] + public Input? BigtableOptions { get; set; } + /// /// The compression type of the data source. /// Valid values are "NONE" or "GZIP". diff --git a/sdk/dotnet/BigQuery/Inputs/TableExternalDataConfigurationBigtableOptionsArgs.cs b/sdk/dotnet/BigQuery/Inputs/TableExternalDataConfigurationBigtableOptionsArgs.cs new file mode 100644 index 0000000000..6bcee1fc14 --- /dev/null +++ b/sdk/dotnet/BigQuery/Inputs/TableExternalDataConfigurationBigtableOptionsArgs.cs @@ -0,0 +1,50 @@ +// *** WARNING: this file was generated by the Pulumi Terraform Bridge (tfgen) Tool. *** +// *** Do not edit by hand unless you're certain you know what you are doing! *** + +using System; +using System.Collections.Generic; +using System.Collections.Immutable; +using System.Threading.Tasks; +using Pulumi.Serialization; + +namespace Pulumi.Gcp.BigQuery.Inputs +{ + + public sealed class TableExternalDataConfigurationBigtableOptionsArgs : global::Pulumi.ResourceArgs + { + [Input("columnFamilies")] + private InputList? _columnFamilies; + + /// + /// A list of column families to expose in the table schema along with their types. This list restricts the column families that can be referenced in queries and specifies their value types. You can use this list to do type conversions - see the 'type' field for more details. If you leave this list empty, all column families are present in the table schema and their values are read as BYTES. During a query only the column families referenced in that query are read from Bigtable. Structure is documented below. + /// + public InputList ColumnFamilies + { + get => _columnFamilies ?? (_columnFamilies = new InputList()); + set => _columnFamilies = value; + } + + /// + /// If field is true, then the column families that are not specified in columnFamilies list are not exposed in the table schema. Otherwise, they are read with BYTES type values. The default value is false. + /// + [Input("ignoreUnspecifiedColumnFamilies")] + public Input? IgnoreUnspecifiedColumnFamilies { get; set; } + + /// + /// If field is true, then each column family will be read as a single JSON column. Otherwise they are read as a repeated cell structure containing timestamp/value tuples. The default value is false. + /// + [Input("outputColumnFamiliesAsJson")] + public Input? OutputColumnFamiliesAsJson { get; set; } + + /// + /// If field is true, then the rowkey column families will be read and converted to string. Otherwise they are read with BYTES type values and users need to manually cast them with CAST if necessary. The default value is false. + /// + [Input("readRowkeyAsString")] + public Input? ReadRowkeyAsString { get; set; } + + public TableExternalDataConfigurationBigtableOptionsArgs() + { + } + public static new TableExternalDataConfigurationBigtableOptionsArgs Empty => new TableExternalDataConfigurationBigtableOptionsArgs(); + } +} diff --git a/sdk/dotnet/BigQuery/Inputs/TableExternalDataConfigurationBigtableOptionsColumnFamilyArgs.cs b/sdk/dotnet/BigQuery/Inputs/TableExternalDataConfigurationBigtableOptionsColumnFamilyArgs.cs new file mode 100644 index 0000000000..2b3b147da2 --- /dev/null +++ b/sdk/dotnet/BigQuery/Inputs/TableExternalDataConfigurationBigtableOptionsColumnFamilyArgs.cs @@ -0,0 +1,56 @@ +// *** WARNING: this file was generated by the Pulumi Terraform Bridge (tfgen) Tool. *** +// *** Do not edit by hand unless you're certain you know what you are doing! *** + +using System; +using System.Collections.Generic; +using System.Collections.Immutable; +using System.Threading.Tasks; +using Pulumi.Serialization; + +namespace Pulumi.Gcp.BigQuery.Inputs +{ + + public sealed class TableExternalDataConfigurationBigtableOptionsColumnFamilyArgs : global::Pulumi.ResourceArgs + { + [Input("columns")] + private InputList? _columns; + + /// + /// A List of columns that should be exposed as individual fields as opposed to a list of (column name, value) pairs. All columns whose qualifier matches a qualifier in this list can be accessed as Other columns can be accessed as a list through column field. Structure is documented below. + /// + public InputList Columns + { + get => _columns ?? (_columns = new InputList()); + set => _columns = value; + } + + /// + /// The encoding of the values when the type is not STRING. Acceptable encoding values are: TEXT - indicates values are alphanumeric text strings. BINARY - indicates values are encoded using HBase Bytes.toBytes family of functions. This can be overridden for a specific column by listing that column in 'columns' and specifying an encoding for it. + /// + [Input("encoding")] + public Input? Encoding { get; set; } + + /// + /// Identifier of the column family. + /// + [Input("familyId")] + public Input? FamilyId { get; set; } + + /// + /// If this is set only the latest version of value are exposed for all columns in this column family. This can be overridden for a specific column by listing that column in 'columns' and specifying a different setting for that column. + /// + [Input("onlyReadLatest")] + public Input? OnlyReadLatest { get; set; } + + /// + /// The type to convert the value in cells of this column family. The values are expected to be encoded using HBase Bytes.toBytes function when using the BINARY encoding value. Following BigQuery types are allowed (case-sensitive): "BYTES", "STRING", "INTEGER", "FLOAT", "BOOLEAN", "JSON". Default type is BYTES. This can be overridden for a specific column by listing that column in 'columns' and specifying a type for it. + /// + [Input("type")] + public Input? Type { get; set; } + + public TableExternalDataConfigurationBigtableOptionsColumnFamilyArgs() + { + } + public static new TableExternalDataConfigurationBigtableOptionsColumnFamilyArgs Empty => new TableExternalDataConfigurationBigtableOptionsColumnFamilyArgs(); + } +} diff --git a/sdk/dotnet/BigQuery/Inputs/TableExternalDataConfigurationBigtableOptionsColumnFamilyColumnArgs.cs b/sdk/dotnet/BigQuery/Inputs/TableExternalDataConfigurationBigtableOptionsColumnFamilyColumnArgs.cs new file mode 100644 index 0000000000..2671af5f3d --- /dev/null +++ b/sdk/dotnet/BigQuery/Inputs/TableExternalDataConfigurationBigtableOptionsColumnFamilyColumnArgs.cs @@ -0,0 +1,56 @@ +// *** WARNING: this file was generated by the Pulumi Terraform Bridge (tfgen) Tool. *** +// *** Do not edit by hand unless you're certain you know what you are doing! *** + +using System; +using System.Collections.Generic; +using System.Collections.Immutable; +using System.Threading.Tasks; +using Pulumi.Serialization; + +namespace Pulumi.Gcp.BigQuery.Inputs +{ + + public sealed class TableExternalDataConfigurationBigtableOptionsColumnFamilyColumnArgs : global::Pulumi.ResourceArgs + { + /// + /// The encoding of the values when the type is not STRING. Acceptable encoding values are: TEXT - indicates values are alphanumeric text strings. BINARY - indicates values are encoded using HBase Bytes.toBytes family of functions. 'encoding' can also be set at the column family level. However, the setting at this level takes precedence if 'encoding' is set at both levels. + /// + [Input("encoding")] + public Input? Encoding { get; set; } + + /// + /// If the qualifier is not a valid BigQuery field identifier i.e. does not match [a-zA-Z][a-zA-Z0-9_]*, a valid identifier must be provided as the column field name and is used as field name in queries. + /// + [Input("fieldName")] + public Input? FieldName { get; set; } + + /// + /// If this is set, only the latest version of value in this column are exposed. 'onlyReadLatest' can also be set at the column family level. However, the setting at this level takes precedence if 'onlyReadLatest' is set at both levels. + /// + [Input("onlyReadLatest")] + public Input? OnlyReadLatest { get; set; } + + /// + /// Qualifier of the column. Columns in the parent column family that has this exact qualifier are exposed as . field. If the qualifier is valid UTF-8 string, it can be specified in the qualifierString field. Otherwise, a base-64 encoded value must be set to qualifierEncoded. The column field name is the same as the column qualifier. However, if the qualifier is not a valid BigQuery field identifier i.e. does not match [a-zA-Z][a-zA-Z0-9_]*, a valid identifier must be provided as fieldName. + /// + [Input("qualifierEncoded")] + public Input? QualifierEncoded { get; set; } + + /// + /// Qualifier string. + /// + [Input("qualifierString")] + public Input? QualifierString { get; set; } + + /// + /// The type to convert the value in cells of this column. The values are expected to be encoded using HBase Bytes.toBytes function when using the BINARY encoding value. Following BigQuery types are allowed (case-sensitive): "BYTES", "STRING", "INTEGER", "FLOAT", "BOOLEAN", "JSON", Default type is "BYTES". 'type' can also be set at the column family level. However, the setting at this level takes precedence if 'type' is set at both levels. + /// + [Input("type")] + public Input? Type { get; set; } + + public TableExternalDataConfigurationBigtableOptionsColumnFamilyColumnArgs() + { + } + public static new TableExternalDataConfigurationBigtableOptionsColumnFamilyColumnArgs Empty => new TableExternalDataConfigurationBigtableOptionsColumnFamilyColumnArgs(); + } +} diff --git a/sdk/dotnet/BigQuery/Inputs/TableExternalDataConfigurationBigtableOptionsColumnFamilyColumnGetArgs.cs b/sdk/dotnet/BigQuery/Inputs/TableExternalDataConfigurationBigtableOptionsColumnFamilyColumnGetArgs.cs new file mode 100644 index 0000000000..59c98d67b2 --- /dev/null +++ b/sdk/dotnet/BigQuery/Inputs/TableExternalDataConfigurationBigtableOptionsColumnFamilyColumnGetArgs.cs @@ -0,0 +1,56 @@ +// *** WARNING: this file was generated by the Pulumi Terraform Bridge (tfgen) Tool. *** +// *** Do not edit by hand unless you're certain you know what you are doing! *** + +using System; +using System.Collections.Generic; +using System.Collections.Immutable; +using System.Threading.Tasks; +using Pulumi.Serialization; + +namespace Pulumi.Gcp.BigQuery.Inputs +{ + + public sealed class TableExternalDataConfigurationBigtableOptionsColumnFamilyColumnGetArgs : global::Pulumi.ResourceArgs + { + /// + /// The encoding of the values when the type is not STRING. Acceptable encoding values are: TEXT - indicates values are alphanumeric text strings. BINARY - indicates values are encoded using HBase Bytes.toBytes family of functions. 'encoding' can also be set at the column family level. However, the setting at this level takes precedence if 'encoding' is set at both levels. + /// + [Input("encoding")] + public Input? Encoding { get; set; } + + /// + /// If the qualifier is not a valid BigQuery field identifier i.e. does not match [a-zA-Z][a-zA-Z0-9_]*, a valid identifier must be provided as the column field name and is used as field name in queries. + /// + [Input("fieldName")] + public Input? FieldName { get; set; } + + /// + /// If this is set, only the latest version of value in this column are exposed. 'onlyReadLatest' can also be set at the column family level. However, the setting at this level takes precedence if 'onlyReadLatest' is set at both levels. + /// + [Input("onlyReadLatest")] + public Input? OnlyReadLatest { get; set; } + + /// + /// Qualifier of the column. Columns in the parent column family that has this exact qualifier are exposed as . field. If the qualifier is valid UTF-8 string, it can be specified in the qualifierString field. Otherwise, a base-64 encoded value must be set to qualifierEncoded. The column field name is the same as the column qualifier. However, if the qualifier is not a valid BigQuery field identifier i.e. does not match [a-zA-Z][a-zA-Z0-9_]*, a valid identifier must be provided as fieldName. + /// + [Input("qualifierEncoded")] + public Input? QualifierEncoded { get; set; } + + /// + /// Qualifier string. + /// + [Input("qualifierString")] + public Input? QualifierString { get; set; } + + /// + /// The type to convert the value in cells of this column. The values are expected to be encoded using HBase Bytes.toBytes function when using the BINARY encoding value. Following BigQuery types are allowed (case-sensitive): "BYTES", "STRING", "INTEGER", "FLOAT", "BOOLEAN", "JSON", Default type is "BYTES". 'type' can also be set at the column family level. However, the setting at this level takes precedence if 'type' is set at both levels. + /// + [Input("type")] + public Input? Type { get; set; } + + public TableExternalDataConfigurationBigtableOptionsColumnFamilyColumnGetArgs() + { + } + public static new TableExternalDataConfigurationBigtableOptionsColumnFamilyColumnGetArgs Empty => new TableExternalDataConfigurationBigtableOptionsColumnFamilyColumnGetArgs(); + } +} diff --git a/sdk/dotnet/BigQuery/Inputs/TableExternalDataConfigurationBigtableOptionsColumnFamilyGetArgs.cs b/sdk/dotnet/BigQuery/Inputs/TableExternalDataConfigurationBigtableOptionsColumnFamilyGetArgs.cs new file mode 100644 index 0000000000..b27b59f3ee --- /dev/null +++ b/sdk/dotnet/BigQuery/Inputs/TableExternalDataConfigurationBigtableOptionsColumnFamilyGetArgs.cs @@ -0,0 +1,56 @@ +// *** WARNING: this file was generated by the Pulumi Terraform Bridge (tfgen) Tool. *** +// *** Do not edit by hand unless you're certain you know what you are doing! *** + +using System; +using System.Collections.Generic; +using System.Collections.Immutable; +using System.Threading.Tasks; +using Pulumi.Serialization; + +namespace Pulumi.Gcp.BigQuery.Inputs +{ + + public sealed class TableExternalDataConfigurationBigtableOptionsColumnFamilyGetArgs : global::Pulumi.ResourceArgs + { + [Input("columns")] + private InputList? _columns; + + /// + /// A List of columns that should be exposed as individual fields as opposed to a list of (column name, value) pairs. All columns whose qualifier matches a qualifier in this list can be accessed as Other columns can be accessed as a list through column field. Structure is documented below. + /// + public InputList Columns + { + get => _columns ?? (_columns = new InputList()); + set => _columns = value; + } + + /// + /// The encoding of the values when the type is not STRING. Acceptable encoding values are: TEXT - indicates values are alphanumeric text strings. BINARY - indicates values are encoded using HBase Bytes.toBytes family of functions. This can be overridden for a specific column by listing that column in 'columns' and specifying an encoding for it. + /// + [Input("encoding")] + public Input? Encoding { get; set; } + + /// + /// Identifier of the column family. + /// + [Input("familyId")] + public Input? FamilyId { get; set; } + + /// + /// If this is set only the latest version of value are exposed for all columns in this column family. This can be overridden for a specific column by listing that column in 'columns' and specifying a different setting for that column. + /// + [Input("onlyReadLatest")] + public Input? OnlyReadLatest { get; set; } + + /// + /// The type to convert the value in cells of this column family. The values are expected to be encoded using HBase Bytes.toBytes function when using the BINARY encoding value. Following BigQuery types are allowed (case-sensitive): "BYTES", "STRING", "INTEGER", "FLOAT", "BOOLEAN", "JSON". Default type is BYTES. This can be overridden for a specific column by listing that column in 'columns' and specifying a type for it. + /// + [Input("type")] + public Input? Type { get; set; } + + public TableExternalDataConfigurationBigtableOptionsColumnFamilyGetArgs() + { + } + public static new TableExternalDataConfigurationBigtableOptionsColumnFamilyGetArgs Empty => new TableExternalDataConfigurationBigtableOptionsColumnFamilyGetArgs(); + } +} diff --git a/sdk/dotnet/BigQuery/Inputs/TableExternalDataConfigurationBigtableOptionsGetArgs.cs b/sdk/dotnet/BigQuery/Inputs/TableExternalDataConfigurationBigtableOptionsGetArgs.cs new file mode 100644 index 0000000000..da97c7fae9 --- /dev/null +++ b/sdk/dotnet/BigQuery/Inputs/TableExternalDataConfigurationBigtableOptionsGetArgs.cs @@ -0,0 +1,50 @@ +// *** WARNING: this file was generated by the Pulumi Terraform Bridge (tfgen) Tool. *** +// *** Do not edit by hand unless you're certain you know what you are doing! *** + +using System; +using System.Collections.Generic; +using System.Collections.Immutable; +using System.Threading.Tasks; +using Pulumi.Serialization; + +namespace Pulumi.Gcp.BigQuery.Inputs +{ + + public sealed class TableExternalDataConfigurationBigtableOptionsGetArgs : global::Pulumi.ResourceArgs + { + [Input("columnFamilies")] + private InputList? _columnFamilies; + + /// + /// A list of column families to expose in the table schema along with their types. This list restricts the column families that can be referenced in queries and specifies their value types. You can use this list to do type conversions - see the 'type' field for more details. If you leave this list empty, all column families are present in the table schema and their values are read as BYTES. During a query only the column families referenced in that query are read from Bigtable. Structure is documented below. + /// + public InputList ColumnFamilies + { + get => _columnFamilies ?? (_columnFamilies = new InputList()); + set => _columnFamilies = value; + } + + /// + /// If field is true, then the column families that are not specified in columnFamilies list are not exposed in the table schema. Otherwise, they are read with BYTES type values. The default value is false. + /// + [Input("ignoreUnspecifiedColumnFamilies")] + public Input? IgnoreUnspecifiedColumnFamilies { get; set; } + + /// + /// If field is true, then each column family will be read as a single JSON column. Otherwise they are read as a repeated cell structure containing timestamp/value tuples. The default value is false. + /// + [Input("outputColumnFamiliesAsJson")] + public Input? OutputColumnFamiliesAsJson { get; set; } + + /// + /// If field is true, then the rowkey column families will be read and converted to string. Otherwise they are read with BYTES type values and users need to manually cast them with CAST if necessary. The default value is false. + /// + [Input("readRowkeyAsString")] + public Input? ReadRowkeyAsString { get; set; } + + public TableExternalDataConfigurationBigtableOptionsGetArgs() + { + } + public static new TableExternalDataConfigurationBigtableOptionsGetArgs Empty => new TableExternalDataConfigurationBigtableOptionsGetArgs(); + } +} diff --git a/sdk/dotnet/BigQuery/Inputs/TableExternalDataConfigurationGetArgs.cs b/sdk/dotnet/BigQuery/Inputs/TableExternalDataConfigurationGetArgs.cs index 4175125204..222ec987a5 100644 --- a/sdk/dotnet/BigQuery/Inputs/TableExternalDataConfigurationGetArgs.cs +++ b/sdk/dotnet/BigQuery/Inputs/TableExternalDataConfigurationGetArgs.cs @@ -26,6 +26,13 @@ public sealed class TableExternalDataConfigurationGetArgs : global::Pulumi.Resou [Input("avroOptions")] public Input? AvroOptions { get; set; } + /// + /// Additional properties to set if + /// `source_format` is set to "BIGTABLE". Structure is documented below. + /// + [Input("bigtableOptions")] + public Input? BigtableOptions { get; set; } + /// /// The compression type of the data source. /// Valid values are "NONE" or "GZIP". diff --git a/sdk/dotnet/BigQuery/Inputs/TableTableReplicationInfoArgs.cs b/sdk/dotnet/BigQuery/Inputs/TableTableReplicationInfoArgs.cs index 6e2c70249b..8e9b045e8f 100644 --- a/sdk/dotnet/BigQuery/Inputs/TableTableReplicationInfoArgs.cs +++ b/sdk/dotnet/BigQuery/Inputs/TableTableReplicationInfoArgs.cs @@ -13,7 +13,8 @@ namespace Pulumi.Gcp.BigQuery.Inputs public sealed class TableTableReplicationInfoArgs : global::Pulumi.ResourceArgs { /// - /// The interval at which the source materialized view is polled for updates. The default is 300000. + /// The interval at which the source + /// materialized view is polled for updates. The default is 300000. /// [Input("replicationIntervalMs")] public Input? ReplicationIntervalMs { get; set; } diff --git a/sdk/dotnet/BigQuery/Inputs/TableTableReplicationInfoGetArgs.cs b/sdk/dotnet/BigQuery/Inputs/TableTableReplicationInfoGetArgs.cs index 2309a33c75..a56cf8c99e 100644 --- a/sdk/dotnet/BigQuery/Inputs/TableTableReplicationInfoGetArgs.cs +++ b/sdk/dotnet/BigQuery/Inputs/TableTableReplicationInfoGetArgs.cs @@ -13,7 +13,8 @@ namespace Pulumi.Gcp.BigQuery.Inputs public sealed class TableTableReplicationInfoGetArgs : global::Pulumi.ResourceArgs { /// - /// The interval at which the source materialized view is polled for updates. The default is 300000. + /// The interval at which the source + /// materialized view is polled for updates. The default is 300000. /// [Input("replicationIntervalMs")] public Input? ReplicationIntervalMs { get; set; } diff --git a/sdk/dotnet/BigQuery/Outputs/TableExternalDataConfiguration.cs b/sdk/dotnet/BigQuery/Outputs/TableExternalDataConfiguration.cs index be21bfa439..6247989d5c 100644 --- a/sdk/dotnet/BigQuery/Outputs/TableExternalDataConfiguration.cs +++ b/sdk/dotnet/BigQuery/Outputs/TableExternalDataConfiguration.cs @@ -24,6 +24,11 @@ public sealed class TableExternalDataConfiguration /// public readonly Outputs.TableExternalDataConfigurationAvroOptions? AvroOptions; /// + /// Additional properties to set if + /// `source_format` is set to "BIGTABLE". Structure is documented below. + /// + public readonly Outputs.TableExternalDataConfigurationBigtableOptions? BigtableOptions; + /// /// The compression type of the data source. /// Valid values are "NONE" or "GZIP". /// @@ -140,6 +145,8 @@ private TableExternalDataConfiguration( Outputs.TableExternalDataConfigurationAvroOptions? avroOptions, + Outputs.TableExternalDataConfigurationBigtableOptions? bigtableOptions, + string? compression, string? connectionId, @@ -176,6 +183,7 @@ private TableExternalDataConfiguration( { Autodetect = autodetect; AvroOptions = avroOptions; + BigtableOptions = bigtableOptions; Compression = compression; ConnectionId = connectionId; CsvOptions = csvOptions; diff --git a/sdk/dotnet/BigQuery/Outputs/TableExternalDataConfigurationBigtableOptions.cs b/sdk/dotnet/BigQuery/Outputs/TableExternalDataConfigurationBigtableOptions.cs new file mode 100644 index 0000000000..ac0ce5e6f3 --- /dev/null +++ b/sdk/dotnet/BigQuery/Outputs/TableExternalDataConfigurationBigtableOptions.cs @@ -0,0 +1,49 @@ +// *** WARNING: this file was generated by the Pulumi Terraform Bridge (tfgen) Tool. *** +// *** Do not edit by hand unless you're certain you know what you are doing! *** + +using System; +using System.Collections.Generic; +using System.Collections.Immutable; +using System.Threading.Tasks; +using Pulumi.Serialization; + +namespace Pulumi.Gcp.BigQuery.Outputs +{ + + [OutputType] + public sealed class TableExternalDataConfigurationBigtableOptions + { + /// + /// A list of column families to expose in the table schema along with their types. This list restricts the column families that can be referenced in queries and specifies their value types. You can use this list to do type conversions - see the 'type' field for more details. If you leave this list empty, all column families are present in the table schema and their values are read as BYTES. During a query only the column families referenced in that query are read from Bigtable. Structure is documented below. + /// + public readonly ImmutableArray ColumnFamilies; + /// + /// If field is true, then the column families that are not specified in columnFamilies list are not exposed in the table schema. Otherwise, they are read with BYTES type values. The default value is false. + /// + public readonly bool? IgnoreUnspecifiedColumnFamilies; + /// + /// If field is true, then each column family will be read as a single JSON column. Otherwise they are read as a repeated cell structure containing timestamp/value tuples. The default value is false. + /// + public readonly bool? OutputColumnFamiliesAsJson; + /// + /// If field is true, then the rowkey column families will be read and converted to string. Otherwise they are read with BYTES type values and users need to manually cast them with CAST if necessary. The default value is false. + /// + public readonly bool? ReadRowkeyAsString; + + [OutputConstructor] + private TableExternalDataConfigurationBigtableOptions( + ImmutableArray columnFamilies, + + bool? ignoreUnspecifiedColumnFamilies, + + bool? outputColumnFamiliesAsJson, + + bool? readRowkeyAsString) + { + ColumnFamilies = columnFamilies; + IgnoreUnspecifiedColumnFamilies = ignoreUnspecifiedColumnFamilies; + OutputColumnFamiliesAsJson = outputColumnFamiliesAsJson; + ReadRowkeyAsString = readRowkeyAsString; + } + } +} diff --git a/sdk/dotnet/BigQuery/Outputs/TableExternalDataConfigurationBigtableOptionsColumnFamily.cs b/sdk/dotnet/BigQuery/Outputs/TableExternalDataConfigurationBigtableOptionsColumnFamily.cs new file mode 100644 index 0000000000..24074dcca8 --- /dev/null +++ b/sdk/dotnet/BigQuery/Outputs/TableExternalDataConfigurationBigtableOptionsColumnFamily.cs @@ -0,0 +1,56 @@ +// *** WARNING: this file was generated by the Pulumi Terraform Bridge (tfgen) Tool. *** +// *** Do not edit by hand unless you're certain you know what you are doing! *** + +using System; +using System.Collections.Generic; +using System.Collections.Immutable; +using System.Threading.Tasks; +using Pulumi.Serialization; + +namespace Pulumi.Gcp.BigQuery.Outputs +{ + + [OutputType] + public sealed class TableExternalDataConfigurationBigtableOptionsColumnFamily + { + /// + /// A List of columns that should be exposed as individual fields as opposed to a list of (column name, value) pairs. All columns whose qualifier matches a qualifier in this list can be accessed as Other columns can be accessed as a list through column field. Structure is documented below. + /// + public readonly ImmutableArray Columns; + /// + /// The encoding of the values when the type is not STRING. Acceptable encoding values are: TEXT - indicates values are alphanumeric text strings. BINARY - indicates values are encoded using HBase Bytes.toBytes family of functions. This can be overridden for a specific column by listing that column in 'columns' and specifying an encoding for it. + /// + public readonly string? Encoding; + /// + /// Identifier of the column family. + /// + public readonly string? FamilyId; + /// + /// If this is set only the latest version of value are exposed for all columns in this column family. This can be overridden for a specific column by listing that column in 'columns' and specifying a different setting for that column. + /// + public readonly bool? OnlyReadLatest; + /// + /// The type to convert the value in cells of this column family. The values are expected to be encoded using HBase Bytes.toBytes function when using the BINARY encoding value. Following BigQuery types are allowed (case-sensitive): "BYTES", "STRING", "INTEGER", "FLOAT", "BOOLEAN", "JSON". Default type is BYTES. This can be overridden for a specific column by listing that column in 'columns' and specifying a type for it. + /// + public readonly string? Type; + + [OutputConstructor] + private TableExternalDataConfigurationBigtableOptionsColumnFamily( + ImmutableArray columns, + + string? encoding, + + string? familyId, + + bool? onlyReadLatest, + + string? type) + { + Columns = columns; + Encoding = encoding; + FamilyId = familyId; + OnlyReadLatest = onlyReadLatest; + Type = type; + } + } +} diff --git a/sdk/dotnet/BigQuery/Outputs/TableExternalDataConfigurationBigtableOptionsColumnFamilyColumn.cs b/sdk/dotnet/BigQuery/Outputs/TableExternalDataConfigurationBigtableOptionsColumnFamilyColumn.cs new file mode 100644 index 0000000000..c3e0a6dd8a --- /dev/null +++ b/sdk/dotnet/BigQuery/Outputs/TableExternalDataConfigurationBigtableOptionsColumnFamilyColumn.cs @@ -0,0 +1,63 @@ +// *** WARNING: this file was generated by the Pulumi Terraform Bridge (tfgen) Tool. *** +// *** Do not edit by hand unless you're certain you know what you are doing! *** + +using System; +using System.Collections.Generic; +using System.Collections.Immutable; +using System.Threading.Tasks; +using Pulumi.Serialization; + +namespace Pulumi.Gcp.BigQuery.Outputs +{ + + [OutputType] + public sealed class TableExternalDataConfigurationBigtableOptionsColumnFamilyColumn + { + /// + /// The encoding of the values when the type is not STRING. Acceptable encoding values are: TEXT - indicates values are alphanumeric text strings. BINARY - indicates values are encoded using HBase Bytes.toBytes family of functions. 'encoding' can also be set at the column family level. However, the setting at this level takes precedence if 'encoding' is set at both levels. + /// + public readonly string? Encoding; + /// + /// If the qualifier is not a valid BigQuery field identifier i.e. does not match [a-zA-Z][a-zA-Z0-9_]*, a valid identifier must be provided as the column field name and is used as field name in queries. + /// + public readonly string? FieldName; + /// + /// If this is set, only the latest version of value in this column are exposed. 'onlyReadLatest' can also be set at the column family level. However, the setting at this level takes precedence if 'onlyReadLatest' is set at both levels. + /// + public readonly bool? OnlyReadLatest; + /// + /// Qualifier of the column. Columns in the parent column family that has this exact qualifier are exposed as . field. If the qualifier is valid UTF-8 string, it can be specified in the qualifierString field. Otherwise, a base-64 encoded value must be set to qualifierEncoded. The column field name is the same as the column qualifier. However, if the qualifier is not a valid BigQuery field identifier i.e. does not match [a-zA-Z][a-zA-Z0-9_]*, a valid identifier must be provided as fieldName. + /// + public readonly string? QualifierEncoded; + /// + /// Qualifier string. + /// + public readonly string? QualifierString; + /// + /// The type to convert the value in cells of this column. The values are expected to be encoded using HBase Bytes.toBytes function when using the BINARY encoding value. Following BigQuery types are allowed (case-sensitive): "BYTES", "STRING", "INTEGER", "FLOAT", "BOOLEAN", "JSON", Default type is "BYTES". 'type' can also be set at the column family level. However, the setting at this level takes precedence if 'type' is set at both levels. + /// + public readonly string? Type; + + [OutputConstructor] + private TableExternalDataConfigurationBigtableOptionsColumnFamilyColumn( + string? encoding, + + string? fieldName, + + bool? onlyReadLatest, + + string? qualifierEncoded, + + string? qualifierString, + + string? type) + { + Encoding = encoding; + FieldName = fieldName; + OnlyReadLatest = onlyReadLatest; + QualifierEncoded = qualifierEncoded; + QualifierString = qualifierString; + Type = type; + } + } +} diff --git a/sdk/dotnet/BigQuery/Outputs/TableTableReplicationInfo.cs b/sdk/dotnet/BigQuery/Outputs/TableTableReplicationInfo.cs index 54f92f2706..d05c9d7ce1 100644 --- a/sdk/dotnet/BigQuery/Outputs/TableTableReplicationInfo.cs +++ b/sdk/dotnet/BigQuery/Outputs/TableTableReplicationInfo.cs @@ -14,7 +14,8 @@ namespace Pulumi.Gcp.BigQuery.Outputs public sealed class TableTableReplicationInfo { /// - /// The interval at which the source materialized view is polled for updates. The default is 300000. + /// The interval at which the source + /// materialized view is polled for updates. The default is 300000. /// public readonly int? ReplicationIntervalMs; /// diff --git a/sdk/dotnet/BigQuery/Table.cs b/sdk/dotnet/BigQuery/Table.cs index 5b3652f0a6..7a70ffa9cb 100644 --- a/sdk/dotnet/BigQuery/Table.cs +++ b/sdk/dotnet/BigQuery/Table.cs @@ -120,7 +120,8 @@ namespace Pulumi.Gcp.BigQuery public partial class Table : global::Pulumi.CustomResource { /// - /// Whether or not to allow table deletion when there are still resource tags attached. + /// This field is in beta. If set to true, it allows table deletion when there + /// are still resource tags attached. The default value is false. /// [Output("allowResourceTagsOnDeletion")] public Output AllowResourceTagsOnDeletion { get; private set; } = null!; @@ -302,9 +303,11 @@ public partial class Table : global::Pulumi.CustomResource public Output RequirePartitionFilter { get; private set; } = null!; /// - /// The tags attached to this table. Tag keys are globally unique. Tag key is expected to be in the namespaced format, for - /// example "123456789012/environment" where 123456789012 is the ID of the parent organization or project resource for this - /// tag key. Tag value is expected to be the short name, for example "Production". + /// This field is in beta. The tags attached to this table. Tag keys are + /// globally unique. Tag key is expected to be in the namespaced format, for + /// example "123456789012/environment" where 123456789012 is the ID of the + /// parent organization or project resource for this tag key. Tag value is + /// expected to be the short name, for example "Production". /// [Output("resourceTags")] public Output?> ResourceTags { get; private set; } = null!; @@ -336,7 +339,10 @@ public partial class Table : global::Pulumi.CustomResource public Output TableId { get; private set; } = null!; /// - /// Replication info of a table created using "AS REPLICA" DDL like: "CREATE MATERIALIZED VIEW mv1 AS REPLICA OF src_mv". + /// Replication info of a table created + /// using "AS REPLICA" DDL like: + /// `CREATE MATERIALIZED VIEW mv1 AS REPLICA OF src_mv`. + /// Structure is documented below. /// [Output("tableReplicationInfo")] public Output TableReplicationInfo { get; private set; } = null!; @@ -413,7 +419,8 @@ public static Table Get(string name, Input id, TableState? state = null, public sealed class TableArgs : global::Pulumi.ResourceArgs { /// - /// Whether or not to allow table deletion when there are still resource tags attached. + /// This field is in beta. If set to true, it allows table deletion when there + /// are still resource tags attached. The default value is false. /// [Input("allowResourceTagsOnDeletion")] public Input? AllowResourceTagsOnDeletion { get; set; } @@ -541,9 +548,11 @@ public InputMap Labels private InputMap? _resourceTags; /// - /// The tags attached to this table. Tag keys are globally unique. Tag key is expected to be in the namespaced format, for - /// example "123456789012/environment" where 123456789012 is the ID of the parent organization or project resource for this - /// tag key. Tag value is expected to be the short name, for example "Production". + /// This field is in beta. The tags attached to this table. Tag keys are + /// globally unique. Tag key is expected to be in the namespaced format, for + /// example "123456789012/environment" where 123456789012 is the ID of the + /// parent organization or project resource for this tag key. Tag value is + /// expected to be the short name, for example "Production". /// public InputMap ResourceTags { @@ -572,7 +581,10 @@ public InputMap ResourceTags public Input TableId { get; set; } = null!; /// - /// Replication info of a table created using "AS REPLICA" DDL like: "CREATE MATERIALIZED VIEW mv1 AS REPLICA OF src_mv". + /// Replication info of a table created + /// using "AS REPLICA" DDL like: + /// `CREATE MATERIALIZED VIEW mv1 AS REPLICA OF src_mv`. + /// Structure is documented below. /// [Input("tableReplicationInfo")] public Input? TableReplicationInfo { get; set; } @@ -600,7 +612,8 @@ public TableArgs() public sealed class TableState : global::Pulumi.ResourceArgs { /// - /// Whether or not to allow table deletion when there are still resource tags attached. + /// This field is in beta. If set to true, it allows table deletion when there + /// are still resource tags attached. The default value is false. /// [Input("allowResourceTagsOnDeletion")] public Input? AllowResourceTagsOnDeletion { get; set; } @@ -817,9 +830,11 @@ public InputMap PulumiLabels private InputMap? _resourceTags; /// - /// The tags attached to this table. Tag keys are globally unique. Tag key is expected to be in the namespaced format, for - /// example "123456789012/environment" where 123456789012 is the ID of the parent organization or project resource for this - /// tag key. Tag value is expected to be the short name, for example "Production". + /// This field is in beta. The tags attached to this table. Tag keys are + /// globally unique. Tag key is expected to be in the namespaced format, for + /// example "123456789012/environment" where 123456789012 is the ID of the + /// parent organization or project resource for this tag key. Tag value is + /// expected to be the short name, for example "Production". /// public InputMap ResourceTags { @@ -854,7 +869,10 @@ public InputMap ResourceTags public Input? TableId { get; set; } /// - /// Replication info of a table created using "AS REPLICA" DDL like: "CREATE MATERIALIZED VIEW mv1 AS REPLICA OF src_mv". + /// Replication info of a table created + /// using "AS REPLICA" DDL like: + /// `CREATE MATERIALIZED VIEW mv1 AS REPLICA OF src_mv`. + /// Structure is documented below. /// [Input("tableReplicationInfo")] public Input? TableReplicationInfo { get; set; } diff --git a/sdk/dotnet/CloudFunctionsV2/Function.cs b/sdk/dotnet/CloudFunctionsV2/Function.cs index dcd68250ae..b8de3f7f70 100644 --- a/sdk/dotnet/CloudFunctionsV2/Function.cs +++ b/sdk/dotnet/CloudFunctionsV2/Function.cs @@ -70,10 +70,6 @@ namespace Pulumi.Gcp.CloudFunctionsV2 /// }, /// }); /// - /// return new Dictionary<string, object?> - /// { - /// ["functionUri"] = function.ServiceConfig.Apply(serviceConfig => serviceConfig?.Uri), - /// }; /// }); /// ``` /// ### Cloudfunctions2 Full @@ -661,10 +657,6 @@ namespace Pulumi.Gcp.CloudFunctionsV2 /// }, /// }); /// - /// return new Dictionary<string, object?> - /// { - /// ["functionUri"] = function.ServiceConfig.Apply(serviceConfig => serviceConfig?.Uri), - /// }; /// }); /// ``` /// ### Cloudfunctions2 Secret Env diff --git a/sdk/dotnet/CloudRun/Inputs/ServiceTemplateSpecVolumeArgs.cs b/sdk/dotnet/CloudRun/Inputs/ServiceTemplateSpecVolumeArgs.cs index 1c610de34c..0efe4d6838 100644 --- a/sdk/dotnet/CloudRun/Inputs/ServiceTemplateSpecVolumeArgs.cs +++ b/sdk/dotnet/CloudRun/Inputs/ServiceTemplateSpecVolumeArgs.cs @@ -32,6 +32,15 @@ public sealed class ServiceTemplateSpecVolumeArgs : global::Pulumi.ResourceArgs [Input("name", required: true)] public Input Name { get; set; } = null!; + /// + /// A filesystem backed by a Network File System share. This filesystem requires the + /// run.googleapis.com/execution-environment annotation to be set to "gen2" and + /// run.googleapis.com/launch-stage set to "BETA" or "ALPHA". + /// Structure is documented below. + /// + [Input("nfs")] + public Input? Nfs { get; set; } + /// /// The secret's value will be presented as the content of a file whose /// name is defined in the item path. If no items are defined, the name of diff --git a/sdk/dotnet/CloudRun/Inputs/ServiceTemplateSpecVolumeCsiArgs.cs b/sdk/dotnet/CloudRun/Inputs/ServiceTemplateSpecVolumeCsiArgs.cs index 0a60692792..8ef96163a5 100644 --- a/sdk/dotnet/CloudRun/Inputs/ServiceTemplateSpecVolumeCsiArgs.cs +++ b/sdk/dotnet/CloudRun/Inputs/ServiceTemplateSpecVolumeCsiArgs.cs @@ -34,8 +34,6 @@ public sealed class ServiceTemplateSpecVolumeCsiArgs : global::Pulumi.ResourceAr /// Driver-specific attributes. The following options are supported for available drivers: /// * gcsfuse.run.googleapis.com /// * bucketName: The name of the Cloud Storage Bucket that backs this volume. The Cloud Run Service identity must have access to this bucket. - /// - /// - - - /// public InputMap VolumeAttributes { diff --git a/sdk/dotnet/CloudRun/Inputs/ServiceTemplateSpecVolumeCsiGetArgs.cs b/sdk/dotnet/CloudRun/Inputs/ServiceTemplateSpecVolumeCsiGetArgs.cs index fa1b788b4e..0bd2bc5ec7 100644 --- a/sdk/dotnet/CloudRun/Inputs/ServiceTemplateSpecVolumeCsiGetArgs.cs +++ b/sdk/dotnet/CloudRun/Inputs/ServiceTemplateSpecVolumeCsiGetArgs.cs @@ -34,8 +34,6 @@ public sealed class ServiceTemplateSpecVolumeCsiGetArgs : global::Pulumi.Resourc /// Driver-specific attributes. The following options are supported for available drivers: /// * gcsfuse.run.googleapis.com /// * bucketName: The name of the Cloud Storage Bucket that backs this volume. The Cloud Run Service identity must have access to this bucket. - /// - /// - - - /// public InputMap VolumeAttributes { diff --git a/sdk/dotnet/CloudRun/Inputs/ServiceTemplateSpecVolumeGetArgs.cs b/sdk/dotnet/CloudRun/Inputs/ServiceTemplateSpecVolumeGetArgs.cs index b20300b60b..7f326a66e9 100644 --- a/sdk/dotnet/CloudRun/Inputs/ServiceTemplateSpecVolumeGetArgs.cs +++ b/sdk/dotnet/CloudRun/Inputs/ServiceTemplateSpecVolumeGetArgs.cs @@ -32,6 +32,15 @@ public sealed class ServiceTemplateSpecVolumeGetArgs : global::Pulumi.ResourceAr [Input("name", required: true)] public Input Name { get; set; } = null!; + /// + /// A filesystem backed by a Network File System share. This filesystem requires the + /// run.googleapis.com/execution-environment annotation to be set to "gen2" and + /// run.googleapis.com/launch-stage set to "BETA" or "ALPHA". + /// Structure is documented below. + /// + [Input("nfs")] + public Input? Nfs { get; set; } + /// /// The secret's value will be presented as the content of a file whose /// name is defined in the item path. If no items are defined, the name of diff --git a/sdk/dotnet/CloudRun/Inputs/ServiceTemplateSpecVolumeNfsArgs.cs b/sdk/dotnet/CloudRun/Inputs/ServiceTemplateSpecVolumeNfsArgs.cs new file mode 100644 index 0000000000..b77ed2cdfa --- /dev/null +++ b/sdk/dotnet/CloudRun/Inputs/ServiceTemplateSpecVolumeNfsArgs.cs @@ -0,0 +1,40 @@ +// *** WARNING: this file was generated by the Pulumi Terraform Bridge (tfgen) Tool. *** +// *** Do not edit by hand unless you're certain you know what you are doing! *** + +using System; +using System.Collections.Generic; +using System.Collections.Immutable; +using System.Threading.Tasks; +using Pulumi.Serialization; + +namespace Pulumi.Gcp.CloudRun.Inputs +{ + + public sealed class ServiceTemplateSpecVolumeNfsArgs : global::Pulumi.ResourceArgs + { + /// + /// Path exported by the NFS server + /// + [Input("path", required: true)] + public Input Path { get; set; } = null!; + + /// + /// If true, mount the NFS volume as read only in all mounts. Defaults to false. + /// + /// - - - + /// + [Input("readOnly")] + public Input? ReadOnly { get; set; } + + /// + /// IP address or hostname of the NFS server + /// + [Input("server", required: true)] + public Input Server { get; set; } = null!; + + public ServiceTemplateSpecVolumeNfsArgs() + { + } + public static new ServiceTemplateSpecVolumeNfsArgs Empty => new ServiceTemplateSpecVolumeNfsArgs(); + } +} diff --git a/sdk/dotnet/CloudRun/Inputs/ServiceTemplateSpecVolumeNfsGetArgs.cs b/sdk/dotnet/CloudRun/Inputs/ServiceTemplateSpecVolumeNfsGetArgs.cs new file mode 100644 index 0000000000..faa7daeaba --- /dev/null +++ b/sdk/dotnet/CloudRun/Inputs/ServiceTemplateSpecVolumeNfsGetArgs.cs @@ -0,0 +1,40 @@ +// *** WARNING: this file was generated by the Pulumi Terraform Bridge (tfgen) Tool. *** +// *** Do not edit by hand unless you're certain you know what you are doing! *** + +using System; +using System.Collections.Generic; +using System.Collections.Immutable; +using System.Threading.Tasks; +using Pulumi.Serialization; + +namespace Pulumi.Gcp.CloudRun.Inputs +{ + + public sealed class ServiceTemplateSpecVolumeNfsGetArgs : global::Pulumi.ResourceArgs + { + /// + /// Path exported by the NFS server + /// + [Input("path", required: true)] + public Input Path { get; set; } = null!; + + /// + /// If true, mount the NFS volume as read only in all mounts. Defaults to false. + /// + /// - - - + /// + [Input("readOnly")] + public Input? ReadOnly { get; set; } + + /// + /// IP address or hostname of the NFS server + /// + [Input("server", required: true)] + public Input Server { get; set; } = null!; + + public ServiceTemplateSpecVolumeNfsGetArgs() + { + } + public static new ServiceTemplateSpecVolumeNfsGetArgs Empty => new ServiceTemplateSpecVolumeNfsGetArgs(); + } +} diff --git a/sdk/dotnet/CloudRun/Outputs/GetServiceTemplateSpecVolumeNfResult.cs b/sdk/dotnet/CloudRun/Outputs/GetServiceTemplateSpecVolumeNfResult.cs new file mode 100644 index 0000000000..ba3d2bfc75 --- /dev/null +++ b/sdk/dotnet/CloudRun/Outputs/GetServiceTemplateSpecVolumeNfResult.cs @@ -0,0 +1,42 @@ +// *** WARNING: this file was generated by the Pulumi Terraform Bridge (tfgen) Tool. *** +// *** Do not edit by hand unless you're certain you know what you are doing! *** + +using System; +using System.Collections.Generic; +using System.Collections.Immutable; +using System.Threading.Tasks; +using Pulumi.Serialization; + +namespace Pulumi.Gcp.CloudRun.Outputs +{ + + [OutputType] + public sealed class GetServiceTemplateSpecVolumeNfResult + { + /// + /// Path exported by the NFS server + /// + public readonly string Path; + /// + /// If true, mount the NFS volume as read only in all mounts. Defaults to false. + /// + public readonly bool ReadOnly; + /// + /// IP address or hostname of the NFS server + /// + public readonly string Server; + + [OutputConstructor] + private GetServiceTemplateSpecVolumeNfResult( + string path, + + bool readOnly, + + string server) + { + Path = path; + ReadOnly = readOnly; + Server = server; + } + } +} diff --git a/sdk/dotnet/CloudRun/Outputs/GetServiceTemplateSpecVolumeResult.cs b/sdk/dotnet/CloudRun/Outputs/GetServiceTemplateSpecVolumeResult.cs index 86ae4b3330..7e0529b4f8 100644 --- a/sdk/dotnet/CloudRun/Outputs/GetServiceTemplateSpecVolumeResult.cs +++ b/sdk/dotnet/CloudRun/Outputs/GetServiceTemplateSpecVolumeResult.cs @@ -26,6 +26,12 @@ public sealed class GetServiceTemplateSpecVolumeResult /// public readonly string Name; /// + /// A filesystem backed by a Network File System share. This filesystem requires the + /// run.googleapis.com/execution-environment annotation to be set to "gen2" and + /// run.googleapis.com/launch-stage set to "BETA" or "ALPHA". + /// + public readonly ImmutableArray Nfs; + /// /// The secret's value will be presented as the content of a file whose /// name is defined in the item path. If no items are defined, the name of /// the file is the secret_name. @@ -40,11 +46,14 @@ private GetServiceTemplateSpecVolumeResult( string name, + ImmutableArray nfs, + ImmutableArray secrets) { Csis = csis; EmptyDirs = emptyDirs; Name = name; + Nfs = nfs; Secrets = secrets; } } diff --git a/sdk/dotnet/CloudRun/Outputs/ServiceTemplateSpecVolume.cs b/sdk/dotnet/CloudRun/Outputs/ServiceTemplateSpecVolume.cs index 97362a0c3f..0ed6a0de73 100644 --- a/sdk/dotnet/CloudRun/Outputs/ServiceTemplateSpecVolume.cs +++ b/sdk/dotnet/CloudRun/Outputs/ServiceTemplateSpecVolume.cs @@ -28,6 +28,13 @@ public sealed class ServiceTemplateSpecVolume /// public readonly string Name; /// + /// A filesystem backed by a Network File System share. This filesystem requires the + /// run.googleapis.com/execution-environment annotation to be set to "gen2" and + /// run.googleapis.com/launch-stage set to "BETA" or "ALPHA". + /// Structure is documented below. + /// + public readonly Outputs.ServiceTemplateSpecVolumeNfs? Nfs; + /// /// The secret's value will be presented as the content of a file whose /// name is defined in the item path. If no items are defined, the name of /// the file is the secret_name. @@ -43,11 +50,14 @@ private ServiceTemplateSpecVolume( string name, + Outputs.ServiceTemplateSpecVolumeNfs? nfs, + Outputs.ServiceTemplateSpecVolumeSecret? secret) { Csi = csi; EmptyDir = emptyDir; Name = name; + Nfs = nfs; Secret = secret; } } diff --git a/sdk/dotnet/CloudRun/Outputs/ServiceTemplateSpecVolumeCsi.cs b/sdk/dotnet/CloudRun/Outputs/ServiceTemplateSpecVolumeCsi.cs index f6afb3cd68..1e052f1822 100644 --- a/sdk/dotnet/CloudRun/Outputs/ServiceTemplateSpecVolumeCsi.cs +++ b/sdk/dotnet/CloudRun/Outputs/ServiceTemplateSpecVolumeCsi.cs @@ -28,8 +28,6 @@ public sealed class ServiceTemplateSpecVolumeCsi /// Driver-specific attributes. The following options are supported for available drivers: /// * gcsfuse.run.googleapis.com /// * bucketName: The name of the Cloud Storage Bucket that backs this volume. The Cloud Run Service identity must have access to this bucket. - /// - /// - - - /// public readonly ImmutableDictionary? VolumeAttributes; diff --git a/sdk/dotnet/CloudRun/Outputs/ServiceTemplateSpecVolumeNfs.cs b/sdk/dotnet/CloudRun/Outputs/ServiceTemplateSpecVolumeNfs.cs new file mode 100644 index 0000000000..4fd9852af1 --- /dev/null +++ b/sdk/dotnet/CloudRun/Outputs/ServiceTemplateSpecVolumeNfs.cs @@ -0,0 +1,44 @@ +// *** WARNING: this file was generated by the Pulumi Terraform Bridge (tfgen) Tool. *** +// *** Do not edit by hand unless you're certain you know what you are doing! *** + +using System; +using System.Collections.Generic; +using System.Collections.Immutable; +using System.Threading.Tasks; +using Pulumi.Serialization; + +namespace Pulumi.Gcp.CloudRun.Outputs +{ + + [OutputType] + public sealed class ServiceTemplateSpecVolumeNfs + { + /// + /// Path exported by the NFS server + /// + public readonly string Path; + /// + /// If true, mount the NFS volume as read only in all mounts. Defaults to false. + /// + /// - - - + /// + public readonly bool? ReadOnly; + /// + /// IP address or hostname of the NFS server + /// + public readonly string Server; + + [OutputConstructor] + private ServiceTemplateSpecVolumeNfs( + string path, + + bool? readOnly, + + string server) + { + Path = path; + ReadOnly = readOnly; + Server = server; + } + } +} diff --git a/sdk/dotnet/Composer/UserWorkloadsSecret.cs b/sdk/dotnet/Composer/UserWorkloadsSecret.cs index 27b496940b..40cbe497e7 100644 --- a/sdk/dotnet/Composer/UserWorkloadsSecret.cs +++ b/sdk/dotnet/Composer/UserWorkloadsSecret.cs @@ -65,7 +65,7 @@ namespace Pulumi.Gcp.Composer /// /// * `{{project}}/{{region}}/{{environment}}/{{name}}` /// - /// * `{{name}}` + /// * `{{environment}}/{{name}}` /// /// When using the `pulumi import` command, Environment can be imported using one of the formats above. For example: /// @@ -78,7 +78,7 @@ namespace Pulumi.Gcp.Composer /// ``` /// /// ```sh - /// $ pulumi import gcp:composer/userWorkloadsSecret:UserWorkloadsSecret example {{name}} + /// $ pulumi import gcp:composer/userWorkloadsSecret:UserWorkloadsSecret example {{environment}}/{{name}} /// ``` /// [GcpResourceType("gcp:composer/userWorkloadsSecret:UserWorkloadsSecret")] diff --git a/sdk/dotnet/Compute/GetSubnetworks.cs b/sdk/dotnet/Compute/GetSubnetworks.cs new file mode 100644 index 0000000000..3c37da2b13 --- /dev/null +++ b/sdk/dotnet/Compute/GetSubnetworks.cs @@ -0,0 +1,163 @@ +// *** WARNING: this file was generated by the Pulumi Terraform Bridge (tfgen) Tool. *** +// *** Do not edit by hand unless you're certain you know what you are doing! *** + +using System; +using System.Collections.Generic; +using System.Collections.Immutable; +using System.Threading.Tasks; +using Pulumi.Serialization; + +namespace Pulumi.Gcp.Compute +{ + public static class GetSubnetworks + { + /// + /// Get subnetworks within GCE. + /// See [the official documentation](https://cloud.google.com/vpc/docs/subnets) + /// and [API](https://cloud.google.com/compute/docs/reference/rest/v1/subnetworks/list). + /// + /// ## Example Usage + /// + /// ```csharp + /// using System.Collections.Generic; + /// using System.Linq; + /// using Pulumi; + /// using Gcp = Pulumi.Gcp; + /// + /// return await Deployment.RunAsync(() => + /// { + /// var my_subnetworks = Gcp.Compute.GetSubnetworks.Invoke(new() + /// { + /// Filter = "ipCidrRange eq 192.168.178.0/24", + /// Project = "my-project", + /// Region = "us-east1", + /// }); + /// + /// }); + /// ``` + /// + public static Task InvokeAsync(GetSubnetworksArgs? args = null, InvokeOptions? options = null) + => global::Pulumi.Deployment.Instance.InvokeAsync("gcp:compute/getSubnetworks:getSubnetworks", args ?? new GetSubnetworksArgs(), options.WithDefaults()); + + /// + /// Get subnetworks within GCE. + /// See [the official documentation](https://cloud.google.com/vpc/docs/subnets) + /// and [API](https://cloud.google.com/compute/docs/reference/rest/v1/subnetworks/list). + /// + /// ## Example Usage + /// + /// ```csharp + /// using System.Collections.Generic; + /// using System.Linq; + /// using Pulumi; + /// using Gcp = Pulumi.Gcp; + /// + /// return await Deployment.RunAsync(() => + /// { + /// var my_subnetworks = Gcp.Compute.GetSubnetworks.Invoke(new() + /// { + /// Filter = "ipCidrRange eq 192.168.178.0/24", + /// Project = "my-project", + /// Region = "us-east1", + /// }); + /// + /// }); + /// ``` + /// + public static Output Invoke(GetSubnetworksInvokeArgs? args = null, InvokeOptions? options = null) + => global::Pulumi.Deployment.Instance.Invoke("gcp:compute/getSubnetworks:getSubnetworks", args ?? new GetSubnetworksInvokeArgs(), options.WithDefaults()); + } + + + public sealed class GetSubnetworksArgs : global::Pulumi.InvokeArgs + { + /// + /// A string filter as defined in the [REST API](https://cloud.google.com/compute/docs/reference/rest/v1/subnetworks/list#query-parameters). + /// + [Input("filter")] + public string? Filter { get; set; } + + /// + /// The ID of the project in which the resource belongs. If it + /// is not provided, the provider project is used. + /// + [Input("project")] + public string? Project { get; set; } + + /// + /// The region this subnetwork has been created in. If + /// unspecified, this defaults to the region configured in the provider. + /// + [Input("region")] + public string? Region { get; set; } + + public GetSubnetworksArgs() + { + } + public static new GetSubnetworksArgs Empty => new GetSubnetworksArgs(); + } + + public sealed class GetSubnetworksInvokeArgs : global::Pulumi.InvokeArgs + { + /// + /// A string filter as defined in the [REST API](https://cloud.google.com/compute/docs/reference/rest/v1/subnetworks/list#query-parameters). + /// + [Input("filter")] + public Input? Filter { get; set; } + + /// + /// The ID of the project in which the resource belongs. If it + /// is not provided, the provider project is used. + /// + [Input("project")] + public Input? Project { get; set; } + + /// + /// The region this subnetwork has been created in. If + /// unspecified, this defaults to the region configured in the provider. + /// + [Input("region")] + public Input? Region { get; set; } + + public GetSubnetworksInvokeArgs() + { + } + public static new GetSubnetworksInvokeArgs Empty => new GetSubnetworksInvokeArgs(); + } + + + [OutputType] + public sealed class GetSubnetworksResult + { + public readonly string? Filter; + /// + /// The provider-assigned unique ID for this managed resource. + /// + public readonly string Id; + public readonly string? Project; + public readonly string? Region; + /// + /// A list of all retrieved GCE subnetworks. Structure is defined below. + /// + public readonly ImmutableArray Subnetworks; + + [OutputConstructor] + private GetSubnetworksResult( + string? filter, + + string id, + + string? project, + + string? region, + + ImmutableArray subnetworks) + { + Filter = filter; + Id = id; + Project = project; + Region = region; + Subnetworks = subnetworks; + } + } +} diff --git a/sdk/dotnet/Compute/Inputs/InstanceFromMachineImageSchedulingArgs.cs b/sdk/dotnet/Compute/Inputs/InstanceFromMachineImageSchedulingArgs.cs index 19e7147cb9..9100cfe105 100644 --- a/sdk/dotnet/Compute/Inputs/InstanceFromMachineImageSchedulingArgs.cs +++ b/sdk/dotnet/Compute/Inputs/InstanceFromMachineImageSchedulingArgs.cs @@ -66,6 +66,12 @@ public InputList Node [Input("onHostMaintenance")] public Input? OnHostMaintenance { get; set; } + /// + /// Defines the behaviour for instances with the instance_termination_action. + /// + [Input("onInstanceStopAction")] + public Input? OnInstanceStopAction { get; set; } + /// /// Whether the instance is preemptible. /// diff --git a/sdk/dotnet/Compute/Inputs/InstanceFromMachineImageSchedulingGetArgs.cs b/sdk/dotnet/Compute/Inputs/InstanceFromMachineImageSchedulingGetArgs.cs index c164bda695..856a2736c7 100644 --- a/sdk/dotnet/Compute/Inputs/InstanceFromMachineImageSchedulingGetArgs.cs +++ b/sdk/dotnet/Compute/Inputs/InstanceFromMachineImageSchedulingGetArgs.cs @@ -66,6 +66,12 @@ public InputList N [Input("onHostMaintenance")] public Input? OnHostMaintenance { get; set; } + /// + /// Defines the behaviour for instances with the instance_termination_action. + /// + [Input("onInstanceStopAction")] + public Input? OnInstanceStopAction { get; set; } + /// /// Whether the instance is preemptible. /// diff --git a/sdk/dotnet/Compute/Inputs/InstanceFromMachineImageSchedulingOnInstanceStopActionArgs.cs b/sdk/dotnet/Compute/Inputs/InstanceFromMachineImageSchedulingOnInstanceStopActionArgs.cs new file mode 100644 index 0000000000..790609e9ed --- /dev/null +++ b/sdk/dotnet/Compute/Inputs/InstanceFromMachineImageSchedulingOnInstanceStopActionArgs.cs @@ -0,0 +1,26 @@ +// *** WARNING: this file was generated by the Pulumi Terraform Bridge (tfgen) Tool. *** +// *** Do not edit by hand unless you're certain you know what you are doing! *** + +using System; +using System.Collections.Generic; +using System.Collections.Immutable; +using System.Threading.Tasks; +using Pulumi.Serialization; + +namespace Pulumi.Gcp.Compute.Inputs +{ + + public sealed class InstanceFromMachineImageSchedulingOnInstanceStopActionArgs : global::Pulumi.ResourceArgs + { + /// + /// If true, the contents of any attached Local SSD disks will be discarded. + /// + [Input("discardLocalSsd")] + public Input? DiscardLocalSsd { get; set; } + + public InstanceFromMachineImageSchedulingOnInstanceStopActionArgs() + { + } + public static new InstanceFromMachineImageSchedulingOnInstanceStopActionArgs Empty => new InstanceFromMachineImageSchedulingOnInstanceStopActionArgs(); + } +} diff --git a/sdk/dotnet/Compute/Inputs/InstanceFromMachineImageSchedulingOnInstanceStopActionGetArgs.cs b/sdk/dotnet/Compute/Inputs/InstanceFromMachineImageSchedulingOnInstanceStopActionGetArgs.cs new file mode 100644 index 0000000000..075f05f33d --- /dev/null +++ b/sdk/dotnet/Compute/Inputs/InstanceFromMachineImageSchedulingOnInstanceStopActionGetArgs.cs @@ -0,0 +1,26 @@ +// *** WARNING: this file was generated by the Pulumi Terraform Bridge (tfgen) Tool. *** +// *** Do not edit by hand unless you're certain you know what you are doing! *** + +using System; +using System.Collections.Generic; +using System.Collections.Immutable; +using System.Threading.Tasks; +using Pulumi.Serialization; + +namespace Pulumi.Gcp.Compute.Inputs +{ + + public sealed class InstanceFromMachineImageSchedulingOnInstanceStopActionGetArgs : global::Pulumi.ResourceArgs + { + /// + /// If true, the contents of any attached Local SSD disks will be discarded. + /// + [Input("discardLocalSsd")] + public Input? DiscardLocalSsd { get; set; } + + public InstanceFromMachineImageSchedulingOnInstanceStopActionGetArgs() + { + } + public static new InstanceFromMachineImageSchedulingOnInstanceStopActionGetArgs Empty => new InstanceFromMachineImageSchedulingOnInstanceStopActionGetArgs(); + } +} diff --git a/sdk/dotnet/Compute/Inputs/InstanceFromTemplateSchedulingArgs.cs b/sdk/dotnet/Compute/Inputs/InstanceFromTemplateSchedulingArgs.cs index f64e8e4997..0a3fe17dfb 100644 --- a/sdk/dotnet/Compute/Inputs/InstanceFromTemplateSchedulingArgs.cs +++ b/sdk/dotnet/Compute/Inputs/InstanceFromTemplateSchedulingArgs.cs @@ -66,6 +66,12 @@ public InputList NodeAffi [Input("onHostMaintenance")] public Input? OnHostMaintenance { get; set; } + /// + /// Defines the behaviour for instances with the instance_termination_action. + /// + [Input("onInstanceStopAction")] + public Input? OnInstanceStopAction { get; set; } + /// /// Whether the instance is preemptible. /// diff --git a/sdk/dotnet/Compute/Inputs/InstanceFromTemplateSchedulingGetArgs.cs b/sdk/dotnet/Compute/Inputs/InstanceFromTemplateSchedulingGetArgs.cs index 00b59adad6..0879c81f69 100644 --- a/sdk/dotnet/Compute/Inputs/InstanceFromTemplateSchedulingGetArgs.cs +++ b/sdk/dotnet/Compute/Inputs/InstanceFromTemplateSchedulingGetArgs.cs @@ -66,6 +66,12 @@ public InputList NodeA [Input("onHostMaintenance")] public Input? OnHostMaintenance { get; set; } + /// + /// Defines the behaviour for instances with the instance_termination_action. + /// + [Input("onInstanceStopAction")] + public Input? OnInstanceStopAction { get; set; } + /// /// Whether the instance is preemptible. /// diff --git a/sdk/dotnet/Compute/Inputs/InstanceFromTemplateSchedulingOnInstanceStopActionArgs.cs b/sdk/dotnet/Compute/Inputs/InstanceFromTemplateSchedulingOnInstanceStopActionArgs.cs new file mode 100644 index 0000000000..cefe408921 --- /dev/null +++ b/sdk/dotnet/Compute/Inputs/InstanceFromTemplateSchedulingOnInstanceStopActionArgs.cs @@ -0,0 +1,26 @@ +// *** WARNING: this file was generated by the Pulumi Terraform Bridge (tfgen) Tool. *** +// *** Do not edit by hand unless you're certain you know what you are doing! *** + +using System; +using System.Collections.Generic; +using System.Collections.Immutable; +using System.Threading.Tasks; +using Pulumi.Serialization; + +namespace Pulumi.Gcp.Compute.Inputs +{ + + public sealed class InstanceFromTemplateSchedulingOnInstanceStopActionArgs : global::Pulumi.ResourceArgs + { + /// + /// If true, the contents of any attached Local SSD disks will be discarded. + /// + [Input("discardLocalSsd")] + public Input? DiscardLocalSsd { get; set; } + + public InstanceFromTemplateSchedulingOnInstanceStopActionArgs() + { + } + public static new InstanceFromTemplateSchedulingOnInstanceStopActionArgs Empty => new InstanceFromTemplateSchedulingOnInstanceStopActionArgs(); + } +} diff --git a/sdk/dotnet/Compute/Inputs/InstanceFromTemplateSchedulingOnInstanceStopActionGetArgs.cs b/sdk/dotnet/Compute/Inputs/InstanceFromTemplateSchedulingOnInstanceStopActionGetArgs.cs new file mode 100644 index 0000000000..7a819a4cf8 --- /dev/null +++ b/sdk/dotnet/Compute/Inputs/InstanceFromTemplateSchedulingOnInstanceStopActionGetArgs.cs @@ -0,0 +1,26 @@ +// *** WARNING: this file was generated by the Pulumi Terraform Bridge (tfgen) Tool. *** +// *** Do not edit by hand unless you're certain you know what you are doing! *** + +using System; +using System.Collections.Generic; +using System.Collections.Immutable; +using System.Threading.Tasks; +using Pulumi.Serialization; + +namespace Pulumi.Gcp.Compute.Inputs +{ + + public sealed class InstanceFromTemplateSchedulingOnInstanceStopActionGetArgs : global::Pulumi.ResourceArgs + { + /// + /// If true, the contents of any attached Local SSD disks will be discarded. + /// + [Input("discardLocalSsd")] + public Input? DiscardLocalSsd { get; set; } + + public InstanceFromTemplateSchedulingOnInstanceStopActionGetArgs() + { + } + public static new InstanceFromTemplateSchedulingOnInstanceStopActionGetArgs Empty => new InstanceFromTemplateSchedulingOnInstanceStopActionGetArgs(); + } +} diff --git a/sdk/dotnet/Compute/Inputs/InstanceSchedulingArgs.cs b/sdk/dotnet/Compute/Inputs/InstanceSchedulingArgs.cs index 23ac11fa22..84d6272f6f 100644 --- a/sdk/dotnet/Compute/Inputs/InstanceSchedulingArgs.cs +++ b/sdk/dotnet/Compute/Inputs/InstanceSchedulingArgs.cs @@ -42,8 +42,7 @@ public sealed class InstanceSchedulingArgs : global::Pulumi.ResourceArgs public Input? MaintenanceInterval { get; set; } /// - /// The duration of the instance. Instance will run and be terminated after then, the termination action could be defined in `instance_termination_action`. Only support `DELETE` `instance_termination_action` at this point. Structure is documented below. - /// <a name="nested_max_run_duration"></a>The `max_run_duration` block supports: + /// The duration of the instance. Instance will run and be terminated after then, the termination action could be defined in `instance_termination_action`. Structure is documented below. /// [Input("maxRunDuration")] public Input? MaxRunDuration { get; set; } @@ -78,6 +77,12 @@ public InputList NodeAffinities [Input("onHostMaintenance")] public Input? OnHostMaintenance { get; set; } + /// + /// Specifies the action to be performed when the instance is terminated using `max_run_duration` and `STOP` `instance_termination_action`. Only support `true` `discard_local_ssd` at this point. Structure is documented below. + /// + [Input("onInstanceStopAction")] + public Input? OnInstanceStopAction { get; set; } + /// /// Specifies if the instance is preemptible. /// If this field is set to true, then `automatic_restart` must be diff --git a/sdk/dotnet/Compute/Inputs/InstanceSchedulingGetArgs.cs b/sdk/dotnet/Compute/Inputs/InstanceSchedulingGetArgs.cs index 7789c2f54e..5920e33b24 100644 --- a/sdk/dotnet/Compute/Inputs/InstanceSchedulingGetArgs.cs +++ b/sdk/dotnet/Compute/Inputs/InstanceSchedulingGetArgs.cs @@ -42,8 +42,7 @@ public sealed class InstanceSchedulingGetArgs : global::Pulumi.ResourceArgs public Input? MaintenanceInterval { get; set; } /// - /// The duration of the instance. Instance will run and be terminated after then, the termination action could be defined in `instance_termination_action`. Only support `DELETE` `instance_termination_action` at this point. Structure is documented below. - /// <a name="nested_max_run_duration"></a>The `max_run_duration` block supports: + /// The duration of the instance. Instance will run and be terminated after then, the termination action could be defined in `instance_termination_action`. Structure is documented below. /// [Input("maxRunDuration")] public Input? MaxRunDuration { get; set; } @@ -78,6 +77,12 @@ public InputList NodeAffinities [Input("onHostMaintenance")] public Input? OnHostMaintenance { get; set; } + /// + /// Specifies the action to be performed when the instance is terminated using `max_run_duration` and `STOP` `instance_termination_action`. Only support `true` `discard_local_ssd` at this point. Structure is documented below. + /// + [Input("onInstanceStopAction")] + public Input? OnInstanceStopAction { get; set; } + /// /// Specifies if the instance is preemptible. /// If this field is set to true, then `automatic_restart` must be diff --git a/sdk/dotnet/Compute/Inputs/InstanceSchedulingMaxRunDurationArgs.cs b/sdk/dotnet/Compute/Inputs/InstanceSchedulingMaxRunDurationArgs.cs index 5ffbc611f8..6f4595ad73 100644 --- a/sdk/dotnet/Compute/Inputs/InstanceSchedulingMaxRunDurationArgs.cs +++ b/sdk/dotnet/Compute/Inputs/InstanceSchedulingMaxRunDurationArgs.cs @@ -14,16 +14,17 @@ public sealed class InstanceSchedulingMaxRunDurationArgs : global::Pulumi.Resour { /// /// Span of time that's a fraction of a second at nanosecond - /// resolution. Durations less than one second are represented - /// with a 0 seconds field and a positive nanos field. Must - /// be from 0 to 999,999,999 inclusive. + /// resolution. Durations less than one second are represented with a 0 + /// `seconds` field and a positive `nanos` field. Must be from 0 to + /// 999,999,999 inclusive. /// [Input("nanos")] public Input? Nanos { get; set; } /// - /// Span of time at a resolution of a second. - /// Must be from 0 to 315,576,000,000 inclusive. + /// Span of time at a resolution of a second. Must be from 0 to + /// 315,576,000,000 inclusive. Note: these bounds are computed from: 60 + /// sec/min * 60 min/hr * 24 hr/day * 365.25 days/year * 10000 years. /// [Input("seconds", required: true)] public Input Seconds { get; set; } = null!; diff --git a/sdk/dotnet/Compute/Inputs/InstanceSchedulingMaxRunDurationGetArgs.cs b/sdk/dotnet/Compute/Inputs/InstanceSchedulingMaxRunDurationGetArgs.cs index f3fd18a422..f6aa4c3a9f 100644 --- a/sdk/dotnet/Compute/Inputs/InstanceSchedulingMaxRunDurationGetArgs.cs +++ b/sdk/dotnet/Compute/Inputs/InstanceSchedulingMaxRunDurationGetArgs.cs @@ -14,16 +14,17 @@ public sealed class InstanceSchedulingMaxRunDurationGetArgs : global::Pulumi.Res { /// /// Span of time that's a fraction of a second at nanosecond - /// resolution. Durations less than one second are represented - /// with a 0 seconds field and a positive nanos field. Must - /// be from 0 to 999,999,999 inclusive. + /// resolution. Durations less than one second are represented with a 0 + /// `seconds` field and a positive `nanos` field. Must be from 0 to + /// 999,999,999 inclusive. /// [Input("nanos")] public Input? Nanos { get; set; } /// - /// Span of time at a resolution of a second. - /// Must be from 0 to 315,576,000,000 inclusive. + /// Span of time at a resolution of a second. Must be from 0 to + /// 315,576,000,000 inclusive. Note: these bounds are computed from: 60 + /// sec/min * 60 min/hr * 24 hr/day * 365.25 days/year * 10000 years. /// [Input("seconds", required: true)] public Input Seconds { get; set; } = null!; diff --git a/sdk/dotnet/Compute/Inputs/InstanceSchedulingOnInstanceStopActionArgs.cs b/sdk/dotnet/Compute/Inputs/InstanceSchedulingOnInstanceStopActionArgs.cs new file mode 100644 index 0000000000..bdc71f64da --- /dev/null +++ b/sdk/dotnet/Compute/Inputs/InstanceSchedulingOnInstanceStopActionArgs.cs @@ -0,0 +1,26 @@ +// *** WARNING: this file was generated by the Pulumi Terraform Bridge (tfgen) Tool. *** +// *** Do not edit by hand unless you're certain you know what you are doing! *** + +using System; +using System.Collections.Generic; +using System.Collections.Immutable; +using System.Threading.Tasks; +using Pulumi.Serialization; + +namespace Pulumi.Gcp.Compute.Inputs +{ + + public sealed class InstanceSchedulingOnInstanceStopActionArgs : global::Pulumi.ResourceArgs + { + /// + /// Whether to discard local SSDs attached to the VM while terminating using `max_run_duration`. Only supports `true` at this point. + /// + [Input("discardLocalSsd")] + public Input? DiscardLocalSsd { get; set; } + + public InstanceSchedulingOnInstanceStopActionArgs() + { + } + public static new InstanceSchedulingOnInstanceStopActionArgs Empty => new InstanceSchedulingOnInstanceStopActionArgs(); + } +} diff --git a/sdk/dotnet/Compute/Inputs/InstanceSchedulingOnInstanceStopActionGetArgs.cs b/sdk/dotnet/Compute/Inputs/InstanceSchedulingOnInstanceStopActionGetArgs.cs new file mode 100644 index 0000000000..6ba7569e40 --- /dev/null +++ b/sdk/dotnet/Compute/Inputs/InstanceSchedulingOnInstanceStopActionGetArgs.cs @@ -0,0 +1,26 @@ +// *** WARNING: this file was generated by the Pulumi Terraform Bridge (tfgen) Tool. *** +// *** Do not edit by hand unless you're certain you know what you are doing! *** + +using System; +using System.Collections.Generic; +using System.Collections.Immutable; +using System.Threading.Tasks; +using Pulumi.Serialization; + +namespace Pulumi.Gcp.Compute.Inputs +{ + + public sealed class InstanceSchedulingOnInstanceStopActionGetArgs : global::Pulumi.ResourceArgs + { + /// + /// Whether to discard local SSDs attached to the VM while terminating using `max_run_duration`. Only supports `true` at this point. + /// + [Input("discardLocalSsd")] + public Input? DiscardLocalSsd { get; set; } + + public InstanceSchedulingOnInstanceStopActionGetArgs() + { + } + public static new InstanceSchedulingOnInstanceStopActionGetArgs Empty => new InstanceSchedulingOnInstanceStopActionGetArgs(); + } +} diff --git a/sdk/dotnet/Compute/Inputs/InstanceTemplateSchedulingArgs.cs b/sdk/dotnet/Compute/Inputs/InstanceTemplateSchedulingArgs.cs index 2e178e0589..58861d2a23 100644 --- a/sdk/dotnet/Compute/Inputs/InstanceTemplateSchedulingArgs.cs +++ b/sdk/dotnet/Compute/Inputs/InstanceTemplateSchedulingArgs.cs @@ -48,8 +48,7 @@ public InputList L public Input? MaintenanceInterval { get; set; } /// - /// The duration of the instance. Instance will run and be terminated after then, the termination action could be defined in `instance_termination_action`. Only support `DELETE` `instance_termination_action` at this point. Structure is documented below. - /// <a name="nested_max_run_duration"></a>The `max_run_duration` block supports: + /// The duration of the instance. Instance will run and be terminated after then, the termination action could be defined in `instance_termination_action`. Structure is documented below. /// [Input("maxRunDuration")] public Input? MaxRunDuration { get; set; } @@ -83,6 +82,12 @@ public InputList NodeAffiniti [Input("onHostMaintenance")] public Input? OnHostMaintenance { get; set; } + /// + /// Specifies the action to be performed when the instance is terminated using `max_run_duration` and `STOP` `instance_termination_action`. Only support `true` `discard_local_ssd` at this point. Structure is documented below. + /// + [Input("onInstanceStopAction")] + public Input? OnInstanceStopAction { get; set; } + /// /// Allows instance to be preempted. This defaults to /// false. Read more on this diff --git a/sdk/dotnet/Compute/Inputs/InstanceTemplateSchedulingGetArgs.cs b/sdk/dotnet/Compute/Inputs/InstanceTemplateSchedulingGetArgs.cs index 99d602f2ff..c1fc9a39da 100644 --- a/sdk/dotnet/Compute/Inputs/InstanceTemplateSchedulingGetArgs.cs +++ b/sdk/dotnet/Compute/Inputs/InstanceTemplateSchedulingGetArgs.cs @@ -48,8 +48,7 @@ public InputList? MaintenanceInterval { get; set; } /// - /// The duration of the instance. Instance will run and be terminated after then, the termination action could be defined in `instance_termination_action`. Only support `DELETE` `instance_termination_action` at this point. Structure is documented below. - /// <a name="nested_max_run_duration"></a>The `max_run_duration` block supports: + /// The duration of the instance. Instance will run and be terminated after then, the termination action could be defined in `instance_termination_action`. Structure is documented below. /// [Input("maxRunDuration")] public Input? MaxRunDuration { get; set; } @@ -83,6 +82,12 @@ public InputList NodeAffin [Input("onHostMaintenance")] public Input? OnHostMaintenance { get; set; } + /// + /// Specifies the action to be performed when the instance is terminated using `max_run_duration` and `STOP` `instance_termination_action`. Only support `true` `discard_local_ssd` at this point. Structure is documented below. + /// + [Input("onInstanceStopAction")] + public Input? OnInstanceStopAction { get; set; } + /// /// Allows instance to be preempted. This defaults to /// false. Read more on this diff --git a/sdk/dotnet/Compute/Inputs/InstanceTemplateSchedulingMaxRunDurationArgs.cs b/sdk/dotnet/Compute/Inputs/InstanceTemplateSchedulingMaxRunDurationArgs.cs index 3206b8f0b2..48f4bf338a 100644 --- a/sdk/dotnet/Compute/Inputs/InstanceTemplateSchedulingMaxRunDurationArgs.cs +++ b/sdk/dotnet/Compute/Inputs/InstanceTemplateSchedulingMaxRunDurationArgs.cs @@ -14,16 +14,17 @@ public sealed class InstanceTemplateSchedulingMaxRunDurationArgs : global::Pulum { /// /// Span of time that's a fraction of a second at nanosecond - /// resolution. Durations less than one second are represented - /// with a 0 seconds field and a positive nanos field. Must - /// be from 0 to 999,999,999 inclusive. + /// resolution. Durations less than one second are represented with a 0 + /// `seconds` field and a positive `nanos` field. Must be from 0 to + /// 999,999,999 inclusive. /// [Input("nanos")] public Input? Nanos { get; set; } /// - /// Span of time at a resolution of a second. - /// Must be from 0 to 315,576,000,000 inclusive. + /// Span of time at a resolution of a second. Must be from 0 to + /// 315,576,000,000 inclusive. Note: these bounds are computed from: 60 + /// sec/min * 60 min/hr * 24 hr/day * 365.25 days/year * 10000 years. /// [Input("seconds", required: true)] public Input Seconds { get; set; } = null!; diff --git a/sdk/dotnet/Compute/Inputs/InstanceTemplateSchedulingMaxRunDurationGetArgs.cs b/sdk/dotnet/Compute/Inputs/InstanceTemplateSchedulingMaxRunDurationGetArgs.cs index 375d2b7207..fc1f0a2a46 100644 --- a/sdk/dotnet/Compute/Inputs/InstanceTemplateSchedulingMaxRunDurationGetArgs.cs +++ b/sdk/dotnet/Compute/Inputs/InstanceTemplateSchedulingMaxRunDurationGetArgs.cs @@ -14,16 +14,17 @@ public sealed class InstanceTemplateSchedulingMaxRunDurationGetArgs : global::Pu { /// /// Span of time that's a fraction of a second at nanosecond - /// resolution. Durations less than one second are represented - /// with a 0 seconds field and a positive nanos field. Must - /// be from 0 to 999,999,999 inclusive. + /// resolution. Durations less than one second are represented with a 0 + /// `seconds` field and a positive `nanos` field. Must be from 0 to + /// 999,999,999 inclusive. /// [Input("nanos")] public Input? Nanos { get; set; } /// - /// Span of time at a resolution of a second. - /// Must be from 0 to 315,576,000,000 inclusive. + /// Span of time at a resolution of a second. Must be from 0 to + /// 315,576,000,000 inclusive. Note: these bounds are computed from: 60 + /// sec/min * 60 min/hr * 24 hr/day * 365.25 days/year * 10000 years. /// [Input("seconds", required: true)] public Input Seconds { get; set; } = null!; diff --git a/sdk/dotnet/Compute/Inputs/InstanceTemplateSchedulingOnInstanceStopActionArgs.cs b/sdk/dotnet/Compute/Inputs/InstanceTemplateSchedulingOnInstanceStopActionArgs.cs new file mode 100644 index 0000000000..33c23b6064 --- /dev/null +++ b/sdk/dotnet/Compute/Inputs/InstanceTemplateSchedulingOnInstanceStopActionArgs.cs @@ -0,0 +1,26 @@ +// *** WARNING: this file was generated by the Pulumi Terraform Bridge (tfgen) Tool. *** +// *** Do not edit by hand unless you're certain you know what you are doing! *** + +using System; +using System.Collections.Generic; +using System.Collections.Immutable; +using System.Threading.Tasks; +using Pulumi.Serialization; + +namespace Pulumi.Gcp.Compute.Inputs +{ + + public sealed class InstanceTemplateSchedulingOnInstanceStopActionArgs : global::Pulumi.ResourceArgs + { + /// + /// Whether to discard local SSDs attached to the VM while terminating using `max_run_duration`. Only supports `true` at this point. + /// + [Input("discardLocalSsd")] + public Input? DiscardLocalSsd { get; set; } + + public InstanceTemplateSchedulingOnInstanceStopActionArgs() + { + } + public static new InstanceTemplateSchedulingOnInstanceStopActionArgs Empty => new InstanceTemplateSchedulingOnInstanceStopActionArgs(); + } +} diff --git a/sdk/dotnet/Compute/Inputs/InstanceTemplateSchedulingOnInstanceStopActionGetArgs.cs b/sdk/dotnet/Compute/Inputs/InstanceTemplateSchedulingOnInstanceStopActionGetArgs.cs new file mode 100644 index 0000000000..c5db0e0c76 --- /dev/null +++ b/sdk/dotnet/Compute/Inputs/InstanceTemplateSchedulingOnInstanceStopActionGetArgs.cs @@ -0,0 +1,26 @@ +// *** WARNING: this file was generated by the Pulumi Terraform Bridge (tfgen) Tool. *** +// *** Do not edit by hand unless you're certain you know what you are doing! *** + +using System; +using System.Collections.Generic; +using System.Collections.Immutable; +using System.Threading.Tasks; +using Pulumi.Serialization; + +namespace Pulumi.Gcp.Compute.Inputs +{ + + public sealed class InstanceTemplateSchedulingOnInstanceStopActionGetArgs : global::Pulumi.ResourceArgs + { + /// + /// Whether to discard local SSDs attached to the VM while terminating using `max_run_duration`. Only supports `true` at this point. + /// + [Input("discardLocalSsd")] + public Input? DiscardLocalSsd { get; set; } + + public InstanceTemplateSchedulingOnInstanceStopActionGetArgs() + { + } + public static new InstanceTemplateSchedulingOnInstanceStopActionGetArgs Empty => new InstanceTemplateSchedulingOnInstanceStopActionGetArgs(); + } +} diff --git a/sdk/dotnet/Compute/Inputs/RegionInstanceTemplateSchedulingArgs.cs b/sdk/dotnet/Compute/Inputs/RegionInstanceTemplateSchedulingArgs.cs index 93ca9c5f1e..f45eea4767 100644 --- a/sdk/dotnet/Compute/Inputs/RegionInstanceTemplateSchedulingArgs.cs +++ b/sdk/dotnet/Compute/Inputs/RegionInstanceTemplateSchedulingArgs.cs @@ -82,6 +82,12 @@ public InputList NodeAf [Input("onHostMaintenance")] public Input? OnHostMaintenance { get; set; } + /// + /// Defines the behaviour for instances with the instance_termination_action. + /// + [Input("onInstanceStopAction")] + public Input? OnInstanceStopAction { get; set; } + /// /// Allows instance to be preempted. This defaults to /// false. Read more on this diff --git a/sdk/dotnet/Compute/Inputs/RegionInstanceTemplateSchedulingGetArgs.cs b/sdk/dotnet/Compute/Inputs/RegionInstanceTemplateSchedulingGetArgs.cs index fceec143f7..342b3450d6 100644 --- a/sdk/dotnet/Compute/Inputs/RegionInstanceTemplateSchedulingGetArgs.cs +++ b/sdk/dotnet/Compute/Inputs/RegionInstanceTemplateSchedulingGetArgs.cs @@ -82,6 +82,12 @@ public InputList Nod [Input("onHostMaintenance")] public Input? OnHostMaintenance { get; set; } + /// + /// Defines the behaviour for instances with the instance_termination_action. + /// + [Input("onInstanceStopAction")] + public Input? OnInstanceStopAction { get; set; } + /// /// Allows instance to be preempted. This defaults to /// false. Read more on this diff --git a/sdk/dotnet/Compute/Inputs/RegionInstanceTemplateSchedulingOnInstanceStopActionArgs.cs b/sdk/dotnet/Compute/Inputs/RegionInstanceTemplateSchedulingOnInstanceStopActionArgs.cs new file mode 100644 index 0000000000..6af72de9d3 --- /dev/null +++ b/sdk/dotnet/Compute/Inputs/RegionInstanceTemplateSchedulingOnInstanceStopActionArgs.cs @@ -0,0 +1,26 @@ +// *** WARNING: this file was generated by the Pulumi Terraform Bridge (tfgen) Tool. *** +// *** Do not edit by hand unless you're certain you know what you are doing! *** + +using System; +using System.Collections.Generic; +using System.Collections.Immutable; +using System.Threading.Tasks; +using Pulumi.Serialization; + +namespace Pulumi.Gcp.Compute.Inputs +{ + + public sealed class RegionInstanceTemplateSchedulingOnInstanceStopActionArgs : global::Pulumi.ResourceArgs + { + /// + /// If true, the contents of any attached Local SSD disks will be discarded. + /// + [Input("discardLocalSsd")] + public Input? DiscardLocalSsd { get; set; } + + public RegionInstanceTemplateSchedulingOnInstanceStopActionArgs() + { + } + public static new RegionInstanceTemplateSchedulingOnInstanceStopActionArgs Empty => new RegionInstanceTemplateSchedulingOnInstanceStopActionArgs(); + } +} diff --git a/sdk/dotnet/Compute/Inputs/RegionInstanceTemplateSchedulingOnInstanceStopActionGetArgs.cs b/sdk/dotnet/Compute/Inputs/RegionInstanceTemplateSchedulingOnInstanceStopActionGetArgs.cs new file mode 100644 index 0000000000..7a22936699 --- /dev/null +++ b/sdk/dotnet/Compute/Inputs/RegionInstanceTemplateSchedulingOnInstanceStopActionGetArgs.cs @@ -0,0 +1,26 @@ +// *** WARNING: this file was generated by the Pulumi Terraform Bridge (tfgen) Tool. *** +// *** Do not edit by hand unless you're certain you know what you are doing! *** + +using System; +using System.Collections.Generic; +using System.Collections.Immutable; +using System.Threading.Tasks; +using Pulumi.Serialization; + +namespace Pulumi.Gcp.Compute.Inputs +{ + + public sealed class RegionInstanceTemplateSchedulingOnInstanceStopActionGetArgs : global::Pulumi.ResourceArgs + { + /// + /// If true, the contents of any attached Local SSD disks will be discarded. + /// + [Input("discardLocalSsd")] + public Input? DiscardLocalSsd { get; set; } + + public RegionInstanceTemplateSchedulingOnInstanceStopActionGetArgs() + { + } + public static new RegionInstanceTemplateSchedulingOnInstanceStopActionGetArgs Empty => new RegionInstanceTemplateSchedulingOnInstanceStopActionGetArgs(); + } +} diff --git a/sdk/dotnet/Compute/Inputs/SecurityPolicyAdvancedOptionsConfigArgs.cs b/sdk/dotnet/Compute/Inputs/SecurityPolicyAdvancedOptionsConfigArgs.cs index a37c9656b8..510fdbdb8c 100644 --- a/sdk/dotnet/Compute/Inputs/SecurityPolicyAdvancedOptionsConfigArgs.cs +++ b/sdk/dotnet/Compute/Inputs/SecurityPolicyAdvancedOptionsConfigArgs.cs @@ -23,6 +23,7 @@ public sealed class SecurityPolicyAdvancedOptionsConfigArgs : global::Pulumi.Res /// Whether or not to JSON parse the payload body. Defaults to `DISABLED`. /// * `DISABLED` - Don't parse JSON payloads in POST bodies. /// * `STANDARD` - Parse JSON payloads in POST bodies. + /// * `STANDARD_WITH_GRAPHQL` - Parse JSON and GraphQL payloads in POST bodies. /// [Input("jsonParsing")] public Input? JsonParsing { get; set; } diff --git a/sdk/dotnet/Compute/Inputs/SecurityPolicyAdvancedOptionsConfigGetArgs.cs b/sdk/dotnet/Compute/Inputs/SecurityPolicyAdvancedOptionsConfigGetArgs.cs index b562d512b7..1624b25b05 100644 --- a/sdk/dotnet/Compute/Inputs/SecurityPolicyAdvancedOptionsConfigGetArgs.cs +++ b/sdk/dotnet/Compute/Inputs/SecurityPolicyAdvancedOptionsConfigGetArgs.cs @@ -23,6 +23,7 @@ public sealed class SecurityPolicyAdvancedOptionsConfigGetArgs : global::Pulumi. /// Whether or not to JSON parse the payload body. Defaults to `DISABLED`. /// * `DISABLED` - Don't parse JSON payloads in POST bodies. /// * `STANDARD` - Parse JSON payloads in POST bodies. + /// * `STANDARD_WITH_GRAPHQL` - Parse JSON and GraphQL payloads in POST bodies. /// [Input("jsonParsing")] public Input? JsonParsing { get; set; } diff --git a/sdk/dotnet/Compute/Inputs/SecurityPolicyRuleRateLimitOptionsArgs.cs b/sdk/dotnet/Compute/Inputs/SecurityPolicyRuleRateLimitOptionsArgs.cs index 0700485644..27a1712ab7 100644 --- a/sdk/dotnet/Compute/Inputs/SecurityPolicyRuleRateLimitOptionsArgs.cs +++ b/sdk/dotnet/Compute/Inputs/SecurityPolicyRuleRateLimitOptionsArgs.cs @@ -13,37 +13,40 @@ namespace Pulumi.Gcp.Compute.Inputs public sealed class SecurityPolicyRuleRateLimitOptionsArgs : global::Pulumi.ResourceArgs { /// - /// Can only be specified if the `action` for the rule is `rate_based_ban`. + /// Can only be specified if the action for the rule is "rate_based_ban". /// If specified, determines the time (in seconds) the traffic will continue to be banned by the rate limit after the rate falls below the threshold. /// [Input("banDurationSec")] public Input? BanDurationSec { get; set; } /// - /// Can only be specified if the `action` for the rule is `rate_based_ban`. - /// If specified, the key will be banned for the configured `ban_duration_sec` when the number of requests that exceed the `rate_limit_threshold` also - /// exceed this `ban_threshold`. Structure is documented below. + /// Can only be specified if the action for the rule is "rate_based_ban". + /// If specified, the key will be banned for the configured 'banDurationSec' when the number of requests that exceed the 'rateLimitThreshold' also exceed this 'banThreshold'. + /// Structure is documented below. /// [Input("banThreshold")] public Input? BanThreshold { get; set; } /// - /// Action to take for requests that are under the configured rate limit threshold. Valid option is `allow` only. + /// Action to take for requests that are under the configured rate limit threshold. + /// Valid option is "allow" only. /// - [Input("conformAction", required: true)] - public Input ConformAction { get; set; } = null!; + [Input("conformAction")] + public Input? ConformAction { get; set; } /// - /// Determines the key to enforce the rate_limit_threshold on. If not specified, defaults to `ALL`. - /// - /// * `ALL`: A single rate limit threshold is applied to all the requests matching this rule. - /// * `IP`: The source IP address of the request is the key. Each IP has this limit enforced separately. - /// * `HTTP_HEADER`: The value of the HTTP header whose name is configured under `enforce_on_key_name`. The key value is truncated to the first 128 bytes of the header value. If no such header is present in the request, the key type defaults to `ALL`. - /// * `XFF_IP`: The first IP address (i.e. the originating client IP address) specified in the list of IPs under `X-Forwarded-For` HTTP header. If no such header is present or the value is not a valid IP, the key type defaults to `ALL`. - /// * `HTTP_COOKIE`: The value of the HTTP cookie whose name is configured under `enforce_on_key_name`. The key value is truncated to the first 128 bytes of the cookie value. If no such cookie is present in the request, the key type defaults to `ALL`. - /// * `HTTP_PATH`: The URL path of the HTTP request. The key value is truncated to the first 128 bytes - /// * `SNI`: Server name indication in the TLS session of the HTTPS request. The key value is truncated to the first 128 bytes. The key type defaults to `ALL` on a HTTP session. - /// * `REGION_CODE`: The country/region from which the request originates. + /// Determines the key to enforce the rateLimitThreshold on. Possible values are: + /// * ALL: A single rate limit threshold is applied to all the requests matching this rule. This is the default value if "enforceOnKey" is not configured. + /// * IP: The source IP address of the request is the key. Each IP has this limit enforced separately. + /// * HTTP_HEADER: The value of the HTTP header whose name is configured under "enforceOnKeyName". The key value is truncated to the first 128 bytes of the header value. If no such header is present in the request, the key type defaults to ALL. + /// * XFF_IP: The first IP address (i.e. the originating client IP address) specified in the list of IPs under X-Forwarded-For HTTP header. If no such header is present or the value is not a valid IP, the key defaults to the source IP address of the request i.e. key type IP. + /// * HTTP_COOKIE: The value of the HTTP cookie whose name is configured under "enforceOnKeyName". The key value is truncated to the first 128 bytes of the cookie value. If no such cookie is present in the request, the key type defaults to ALL. + /// * HTTP_PATH: The URL path of the HTTP request. The key value is truncated to the first 128 bytes. + /// * SNI: Server name indication in the TLS session of the HTTPS request. The key value is truncated to the first 128 bytes. The key type defaults to ALL on a HTTP session. + /// * REGION_CODE: The country/region from which the request originates. + /// * TLS_JA3_FINGERPRINT: JA3 TLS/SSL fingerprint if the client connects using HTTPS, HTTP/2 or HTTP/3. If not available, the key type defaults to ALL. + /// * USER_IP: The IP address of the originating client, which is resolved based on "userIpRequestHeaders" configured with the security policy. If there is no "userIpRequestHeaders" configuration or an IP address cannot be resolved from it, the key type defaults to IP. + /// Possible values are: `ALL`, `IP`, `HTTP_HEADER`, `XFF_IP`, `HTTP_COOKIE`, `HTTP_PATH`, `SNI`, `REGION_CODE`, `TLS_JA3_FINGERPRINT`, `USER_IP`. /// [Input("enforceOnKey")] public Input? EnforceOnKey { get; set; } @@ -52,9 +55,10 @@ public sealed class SecurityPolicyRuleRateLimitOptionsArgs : global::Pulumi.Reso private InputList? _enforceOnKeyConfigs; /// - /// If specified, any combination of values of enforce_on_key_type/enforce_on_key_name is treated as the key on which rate limit threshold/action is enforced. You can specify up to 3 enforce_on_key_configs. If `enforce_on_key_configs` is specified, `enforce_on_key` must be set to an empty string. Structure is documented below. - /// - /// **Note:** To avoid the conflict between `enforce_on_key` and `enforce_on_key_configs`, the field `enforce_on_key` needs to be set to an empty string. + /// If specified, any combination of values of enforceOnKeyType/enforceOnKeyName is treated as the key on which ratelimit threshold/action is enforced. + /// You can specify up to 3 enforceOnKeyConfigs. + /// If enforceOnKeyConfigs is specified, enforceOnKey must not be specified. + /// Structure is documented below. /// public InputList EnforceOnKeyConfigs { @@ -64,31 +68,32 @@ public InputList /// Rate limit key name applicable only for the following key types: - /// - /// * `HTTP_HEADER` -- Name of the HTTP header whose value is taken as the key value. - /// * `HTTP_COOKIE` -- Name of the HTTP cookie whose value is taken as the key value. + /// HTTP_HEADER -- Name of the HTTP header whose value is taken as the key value. + /// HTTP_COOKIE -- Name of the HTTP cookie whose value is taken as the key value. /// [Input("enforceOnKeyName")] public Input? EnforceOnKeyName { get; set; } /// - /// When a request is denied, returns the HTTP response code specified. - /// Valid options are `deny()` where valid values for status are 403, 404, 429, and 502. + /// Action to take for requests that are above the configured rate limit threshold, to either deny with a specified HTTP response code, or redirect to a different endpoint. + /// Valid options are deny(STATUS), where valid values for STATUS are 403, 404, 429, and 502. /// - [Input("exceedAction", required: true)] - public Input ExceedAction { get; set; } = null!; + [Input("exceedAction")] + public Input? ExceedAction { get; set; } /// - /// Parameters defining the redirect action that is used as the exceed action. Cannot be specified if the exceed action is not redirect. + /// Parameters defining the redirect action that is used as the exceed action. Cannot be specified if the exceed action is not redirect. This field is only supported in Global Security Policies of type CLOUD_ARMOR. + /// Structure is documented below. /// [Input("exceedRedirectOptions")] public Input? ExceedRedirectOptions { get; set; } /// - /// Threshold at which to begin ratelimiting. Structure is documented below. + /// Threshold at which to begin ratelimiting. + /// Structure is documented below. /// - [Input("rateLimitThreshold", required: true)] - public Input RateLimitThreshold { get; set; } = null!; + [Input("rateLimitThreshold")] + public Input? RateLimitThreshold { get; set; } public SecurityPolicyRuleRateLimitOptionsArgs() { diff --git a/sdk/dotnet/Compute/Inputs/SecurityPolicyRuleRateLimitOptionsBanThresholdArgs.cs b/sdk/dotnet/Compute/Inputs/SecurityPolicyRuleRateLimitOptionsBanThresholdArgs.cs index bf93a4e989..5515275a33 100644 --- a/sdk/dotnet/Compute/Inputs/SecurityPolicyRuleRateLimitOptionsBanThresholdArgs.cs +++ b/sdk/dotnet/Compute/Inputs/SecurityPolicyRuleRateLimitOptionsBanThresholdArgs.cs @@ -15,14 +15,14 @@ public sealed class SecurityPolicyRuleRateLimitOptionsBanThresholdArgs : global: /// /// Number of HTTP(S) requests for calculating the threshold. /// - [Input("count", required: true)] - public Input Count { get; set; } = null!; + [Input("count")] + public Input? Count { get; set; } /// /// Interval over which the threshold is computed. /// - [Input("intervalSec", required: true)] - public Input IntervalSec { get; set; } = null!; + [Input("intervalSec")] + public Input? IntervalSec { get; set; } public SecurityPolicyRuleRateLimitOptionsBanThresholdArgs() { diff --git a/sdk/dotnet/Compute/Inputs/SecurityPolicyRuleRateLimitOptionsBanThresholdGetArgs.cs b/sdk/dotnet/Compute/Inputs/SecurityPolicyRuleRateLimitOptionsBanThresholdGetArgs.cs index 7d5de1b992..66e5ad4246 100644 --- a/sdk/dotnet/Compute/Inputs/SecurityPolicyRuleRateLimitOptionsBanThresholdGetArgs.cs +++ b/sdk/dotnet/Compute/Inputs/SecurityPolicyRuleRateLimitOptionsBanThresholdGetArgs.cs @@ -15,14 +15,14 @@ public sealed class SecurityPolicyRuleRateLimitOptionsBanThresholdGetArgs : glob /// /// Number of HTTP(S) requests for calculating the threshold. /// - [Input("count", required: true)] - public Input Count { get; set; } = null!; + [Input("count")] + public Input? Count { get; set; } /// /// Interval over which the threshold is computed. /// - [Input("intervalSec", required: true)] - public Input IntervalSec { get; set; } = null!; + [Input("intervalSec")] + public Input? IntervalSec { get; set; } public SecurityPolicyRuleRateLimitOptionsBanThresholdGetArgs() { diff --git a/sdk/dotnet/Compute/Inputs/SecurityPolicyRuleRateLimitOptionsEnforceOnKeyConfigArgs.cs b/sdk/dotnet/Compute/Inputs/SecurityPolicyRuleRateLimitOptionsEnforceOnKeyConfigArgs.cs index 990c55ed82..e92a2b66c1 100644 --- a/sdk/dotnet/Compute/Inputs/SecurityPolicyRuleRateLimitOptionsEnforceOnKeyConfigArgs.cs +++ b/sdk/dotnet/Compute/Inputs/SecurityPolicyRuleRateLimitOptionsEnforceOnKeyConfigArgs.cs @@ -14,24 +14,25 @@ public sealed class SecurityPolicyRuleRateLimitOptionsEnforceOnKeyConfigArgs : g { /// /// Rate limit key name applicable only for the following key types: - /// - /// * `HTTP_HEADER` -- Name of the HTTP header whose value is taken as the key value. - /// * `HTTP_COOKIE` -- Name of the HTTP cookie whose value is taken as the key value. + /// HTTP_HEADER -- Name of the HTTP header whose value is taken as the key value. + /// HTTP_COOKIE -- Name of the HTTP cookie whose value is taken as the key value. /// [Input("enforceOnKeyName")] public Input? EnforceOnKeyName { get; set; } /// - /// Determines the key to enforce the `rate_limit_threshold` on. If not specified, defaults to `ALL`. - /// - /// * `ALL`: A single rate limit threshold is applied to all the requests matching this rule. - /// * `IP`: The source IP address of the request is the key. Each IP has this limit enforced separately. - /// * `HTTP_HEADER`: The value of the HTTP header whose name is configured on `enforce_on_key_name`. The key value is truncated to the first 128 bytes of the header value. If no such header is present in the request, the key type defaults to `ALL`. - /// * `XFF_IP`: The first IP address (i.e. the originating client IP address) specified in the list of IPs under X-Forwarded-For HTTP header. If no such header is present or the value is not a valid IP, the key type defaults to `ALL`. - /// * `HTTP_COOKIE`: The value of the HTTP cookie whose name is configured under `enforce_on_key_name`. The key value is truncated to the first 128 bytes of the cookie value. If no such cookie is present in the request, the key type defaults to `ALL`. - /// * `HTTP_PATH`: The URL path of the HTTP request. The key value is truncated to the first 128 bytes - /// * `SNI`: Server name indication in the TLS session of the HTTPS request. The key value is truncated to the first 128 bytes. The key type defaults to `ALL` on a HTTP session. - /// * `REGION_CODE`: The country/region from which the request originates. + /// Determines the key to enforce the rateLimitThreshold on. Possible values are: + /// * ALL: A single rate limit threshold is applied to all the requests matching this rule. This is the default value if "enforceOnKeyConfigs" is not configured. + /// * IP: The source IP address of the request is the key. Each IP has this limit enforced separately. + /// * HTTP_HEADER: The value of the HTTP header whose name is configured under "enforceOnKeyName". The key value is truncated to the first 128 bytes of the header value. If no such header is present in the request, the key type defaults to ALL. + /// * XFF_IP: The first IP address (i.e. the originating client IP address) specified in the list of IPs under X-Forwarded-For HTTP header. If no such header is present or the value is not a valid IP, the key defaults to the source IP address of the request i.e. key type IP. + /// * HTTP_COOKIE: The value of the HTTP cookie whose name is configured under "enforceOnKeyName". The key value is truncated to the first 128 bytes of the cookie value. If no such cookie is present in the request, the key type defaults to ALL. + /// * HTTP_PATH: The URL path of the HTTP request. The key value is truncated to the first 128 bytes. + /// * SNI: Server name indication in the TLS session of the HTTPS request. The key value is truncated to the first 128 bytes. The key type defaults to ALL on a HTTP session. + /// * REGION_CODE: The country/region from which the request originates. + /// * TLS_JA3_FINGERPRINT: JA3 TLS/SSL fingerprint if the client connects using HTTPS, HTTP/2 or HTTP/3. If not available, the key type defaults to ALL. + /// * USER_IP: The IP address of the originating client, which is resolved based on "userIpRequestHeaders" configured with the security policy. If there is no "userIpRequestHeaders" configuration or an IP address cannot be resolved from it, the key type defaults to IP. + /// Possible values are: `ALL`, `IP`, `HTTP_HEADER`, `XFF_IP`, `HTTP_COOKIE`, `HTTP_PATH`, `SNI`, `REGION_CODE`, `TLS_JA3_FINGERPRINT`, `USER_IP`. /// [Input("enforceOnKeyType")] public Input? EnforceOnKeyType { get; set; } diff --git a/sdk/dotnet/Compute/Inputs/SecurityPolicyRuleRateLimitOptionsEnforceOnKeyConfigGetArgs.cs b/sdk/dotnet/Compute/Inputs/SecurityPolicyRuleRateLimitOptionsEnforceOnKeyConfigGetArgs.cs index 8800765b1b..edcc290105 100644 --- a/sdk/dotnet/Compute/Inputs/SecurityPolicyRuleRateLimitOptionsEnforceOnKeyConfigGetArgs.cs +++ b/sdk/dotnet/Compute/Inputs/SecurityPolicyRuleRateLimitOptionsEnforceOnKeyConfigGetArgs.cs @@ -14,24 +14,25 @@ public sealed class SecurityPolicyRuleRateLimitOptionsEnforceOnKeyConfigGetArgs { /// /// Rate limit key name applicable only for the following key types: - /// - /// * `HTTP_HEADER` -- Name of the HTTP header whose value is taken as the key value. - /// * `HTTP_COOKIE` -- Name of the HTTP cookie whose value is taken as the key value. + /// HTTP_HEADER -- Name of the HTTP header whose value is taken as the key value. + /// HTTP_COOKIE -- Name of the HTTP cookie whose value is taken as the key value. /// [Input("enforceOnKeyName")] public Input? EnforceOnKeyName { get; set; } /// - /// Determines the key to enforce the `rate_limit_threshold` on. If not specified, defaults to `ALL`. - /// - /// * `ALL`: A single rate limit threshold is applied to all the requests matching this rule. - /// * `IP`: The source IP address of the request is the key. Each IP has this limit enforced separately. - /// * `HTTP_HEADER`: The value of the HTTP header whose name is configured on `enforce_on_key_name`. The key value is truncated to the first 128 bytes of the header value. If no such header is present in the request, the key type defaults to `ALL`. - /// * `XFF_IP`: The first IP address (i.e. the originating client IP address) specified in the list of IPs under X-Forwarded-For HTTP header. If no such header is present or the value is not a valid IP, the key type defaults to `ALL`. - /// * `HTTP_COOKIE`: The value of the HTTP cookie whose name is configured under `enforce_on_key_name`. The key value is truncated to the first 128 bytes of the cookie value. If no such cookie is present in the request, the key type defaults to `ALL`. - /// * `HTTP_PATH`: The URL path of the HTTP request. The key value is truncated to the first 128 bytes - /// * `SNI`: Server name indication in the TLS session of the HTTPS request. The key value is truncated to the first 128 bytes. The key type defaults to `ALL` on a HTTP session. - /// * `REGION_CODE`: The country/region from which the request originates. + /// Determines the key to enforce the rateLimitThreshold on. Possible values are: + /// * ALL: A single rate limit threshold is applied to all the requests matching this rule. This is the default value if "enforceOnKeyConfigs" is not configured. + /// * IP: The source IP address of the request is the key. Each IP has this limit enforced separately. + /// * HTTP_HEADER: The value of the HTTP header whose name is configured under "enforceOnKeyName". The key value is truncated to the first 128 bytes of the header value. If no such header is present in the request, the key type defaults to ALL. + /// * XFF_IP: The first IP address (i.e. the originating client IP address) specified in the list of IPs under X-Forwarded-For HTTP header. If no such header is present or the value is not a valid IP, the key defaults to the source IP address of the request i.e. key type IP. + /// * HTTP_COOKIE: The value of the HTTP cookie whose name is configured under "enforceOnKeyName". The key value is truncated to the first 128 bytes of the cookie value. If no such cookie is present in the request, the key type defaults to ALL. + /// * HTTP_PATH: The URL path of the HTTP request. The key value is truncated to the first 128 bytes. + /// * SNI: Server name indication in the TLS session of the HTTPS request. The key value is truncated to the first 128 bytes. The key type defaults to ALL on a HTTP session. + /// * REGION_CODE: The country/region from which the request originates. + /// * TLS_JA3_FINGERPRINT: JA3 TLS/SSL fingerprint if the client connects using HTTPS, HTTP/2 or HTTP/3. If not available, the key type defaults to ALL. + /// * USER_IP: The IP address of the originating client, which is resolved based on "userIpRequestHeaders" configured with the security policy. If there is no "userIpRequestHeaders" configuration or an IP address cannot be resolved from it, the key type defaults to IP. + /// Possible values are: `ALL`, `IP`, `HTTP_HEADER`, `XFF_IP`, `HTTP_COOKIE`, `HTTP_PATH`, `SNI`, `REGION_CODE`, `TLS_JA3_FINGERPRINT`, `USER_IP`. /// [Input("enforceOnKeyType")] public Input? EnforceOnKeyType { get; set; } diff --git a/sdk/dotnet/Compute/Inputs/SecurityPolicyRuleRateLimitOptionsExceedRedirectOptionsArgs.cs b/sdk/dotnet/Compute/Inputs/SecurityPolicyRuleRateLimitOptionsExceedRedirectOptionsArgs.cs index 33af49f3d9..6ce36f59c1 100644 --- a/sdk/dotnet/Compute/Inputs/SecurityPolicyRuleRateLimitOptionsExceedRedirectOptionsArgs.cs +++ b/sdk/dotnet/Compute/Inputs/SecurityPolicyRuleRateLimitOptionsExceedRedirectOptionsArgs.cs @@ -13,7 +13,7 @@ namespace Pulumi.Gcp.Compute.Inputs public sealed class SecurityPolicyRuleRateLimitOptionsExceedRedirectOptionsArgs : global::Pulumi.ResourceArgs { /// - /// Target for the redirect action. This is required if the type is `EXTERNAL_302` and cannot be specified for `GOOGLE_RECAPTCHA`. + /// Target for the redirect action. This is required if the type is EXTERNAL_302 and cannot be specified for GOOGLE_RECAPTCHA. /// [Input("target")] public Input? Target { get; set; } @@ -21,8 +21,8 @@ public sealed class SecurityPolicyRuleRateLimitOptionsExceedRedirectOptionsArgs /// /// Type of the redirect action. /// - [Input("type", required: true)] - public Input Type { get; set; } = null!; + [Input("type")] + public Input? Type { get; set; } public SecurityPolicyRuleRateLimitOptionsExceedRedirectOptionsArgs() { diff --git a/sdk/dotnet/Compute/Inputs/SecurityPolicyRuleRateLimitOptionsExceedRedirectOptionsGetArgs.cs b/sdk/dotnet/Compute/Inputs/SecurityPolicyRuleRateLimitOptionsExceedRedirectOptionsGetArgs.cs index 030e64c7a8..ea690efa0c 100644 --- a/sdk/dotnet/Compute/Inputs/SecurityPolicyRuleRateLimitOptionsExceedRedirectOptionsGetArgs.cs +++ b/sdk/dotnet/Compute/Inputs/SecurityPolicyRuleRateLimitOptionsExceedRedirectOptionsGetArgs.cs @@ -13,7 +13,7 @@ namespace Pulumi.Gcp.Compute.Inputs public sealed class SecurityPolicyRuleRateLimitOptionsExceedRedirectOptionsGetArgs : global::Pulumi.ResourceArgs { /// - /// Target for the redirect action. This is required if the type is `EXTERNAL_302` and cannot be specified for `GOOGLE_RECAPTCHA`. + /// Target for the redirect action. This is required if the type is EXTERNAL_302 and cannot be specified for GOOGLE_RECAPTCHA. /// [Input("target")] public Input? Target { get; set; } @@ -21,8 +21,8 @@ public sealed class SecurityPolicyRuleRateLimitOptionsExceedRedirectOptionsGetAr /// /// Type of the redirect action. /// - [Input("type", required: true)] - public Input Type { get; set; } = null!; + [Input("type")] + public Input? Type { get; set; } public SecurityPolicyRuleRateLimitOptionsExceedRedirectOptionsGetArgs() { diff --git a/sdk/dotnet/Compute/Inputs/SecurityPolicyRuleRateLimitOptionsGetArgs.cs b/sdk/dotnet/Compute/Inputs/SecurityPolicyRuleRateLimitOptionsGetArgs.cs index 7b97ec48fb..341edb2d8d 100644 --- a/sdk/dotnet/Compute/Inputs/SecurityPolicyRuleRateLimitOptionsGetArgs.cs +++ b/sdk/dotnet/Compute/Inputs/SecurityPolicyRuleRateLimitOptionsGetArgs.cs @@ -13,37 +13,40 @@ namespace Pulumi.Gcp.Compute.Inputs public sealed class SecurityPolicyRuleRateLimitOptionsGetArgs : global::Pulumi.ResourceArgs { /// - /// Can only be specified if the `action` for the rule is `rate_based_ban`. + /// Can only be specified if the action for the rule is "rate_based_ban". /// If specified, determines the time (in seconds) the traffic will continue to be banned by the rate limit after the rate falls below the threshold. /// [Input("banDurationSec")] public Input? BanDurationSec { get; set; } /// - /// Can only be specified if the `action` for the rule is `rate_based_ban`. - /// If specified, the key will be banned for the configured `ban_duration_sec` when the number of requests that exceed the `rate_limit_threshold` also - /// exceed this `ban_threshold`. Structure is documented below. + /// Can only be specified if the action for the rule is "rate_based_ban". + /// If specified, the key will be banned for the configured 'banDurationSec' when the number of requests that exceed the 'rateLimitThreshold' also exceed this 'banThreshold'. + /// Structure is documented below. /// [Input("banThreshold")] public Input? BanThreshold { get; set; } /// - /// Action to take for requests that are under the configured rate limit threshold. Valid option is `allow` only. + /// Action to take for requests that are under the configured rate limit threshold. + /// Valid option is "allow" only. /// - [Input("conformAction", required: true)] - public Input ConformAction { get; set; } = null!; + [Input("conformAction")] + public Input? ConformAction { get; set; } /// - /// Determines the key to enforce the rate_limit_threshold on. If not specified, defaults to `ALL`. - /// - /// * `ALL`: A single rate limit threshold is applied to all the requests matching this rule. - /// * `IP`: The source IP address of the request is the key. Each IP has this limit enforced separately. - /// * `HTTP_HEADER`: The value of the HTTP header whose name is configured under `enforce_on_key_name`. The key value is truncated to the first 128 bytes of the header value. If no such header is present in the request, the key type defaults to `ALL`. - /// * `XFF_IP`: The first IP address (i.e. the originating client IP address) specified in the list of IPs under `X-Forwarded-For` HTTP header. If no such header is present or the value is not a valid IP, the key type defaults to `ALL`. - /// * `HTTP_COOKIE`: The value of the HTTP cookie whose name is configured under `enforce_on_key_name`. The key value is truncated to the first 128 bytes of the cookie value. If no such cookie is present in the request, the key type defaults to `ALL`. - /// * `HTTP_PATH`: The URL path of the HTTP request. The key value is truncated to the first 128 bytes - /// * `SNI`: Server name indication in the TLS session of the HTTPS request. The key value is truncated to the first 128 bytes. The key type defaults to `ALL` on a HTTP session. - /// * `REGION_CODE`: The country/region from which the request originates. + /// Determines the key to enforce the rateLimitThreshold on. Possible values are: + /// * ALL: A single rate limit threshold is applied to all the requests matching this rule. This is the default value if "enforceOnKey" is not configured. + /// * IP: The source IP address of the request is the key. Each IP has this limit enforced separately. + /// * HTTP_HEADER: The value of the HTTP header whose name is configured under "enforceOnKeyName". The key value is truncated to the first 128 bytes of the header value. If no such header is present in the request, the key type defaults to ALL. + /// * XFF_IP: The first IP address (i.e. the originating client IP address) specified in the list of IPs under X-Forwarded-For HTTP header. If no such header is present or the value is not a valid IP, the key defaults to the source IP address of the request i.e. key type IP. + /// * HTTP_COOKIE: The value of the HTTP cookie whose name is configured under "enforceOnKeyName". The key value is truncated to the first 128 bytes of the cookie value. If no such cookie is present in the request, the key type defaults to ALL. + /// * HTTP_PATH: The URL path of the HTTP request. The key value is truncated to the first 128 bytes. + /// * SNI: Server name indication in the TLS session of the HTTPS request. The key value is truncated to the first 128 bytes. The key type defaults to ALL on a HTTP session. + /// * REGION_CODE: The country/region from which the request originates. + /// * TLS_JA3_FINGERPRINT: JA3 TLS/SSL fingerprint if the client connects using HTTPS, HTTP/2 or HTTP/3. If not available, the key type defaults to ALL. + /// * USER_IP: The IP address of the originating client, which is resolved based on "userIpRequestHeaders" configured with the security policy. If there is no "userIpRequestHeaders" configuration or an IP address cannot be resolved from it, the key type defaults to IP. + /// Possible values are: `ALL`, `IP`, `HTTP_HEADER`, `XFF_IP`, `HTTP_COOKIE`, `HTTP_PATH`, `SNI`, `REGION_CODE`, `TLS_JA3_FINGERPRINT`, `USER_IP`. /// [Input("enforceOnKey")] public Input? EnforceOnKey { get; set; } @@ -52,9 +55,10 @@ public sealed class SecurityPolicyRuleRateLimitOptionsGetArgs : global::Pulumi.R private InputList? _enforceOnKeyConfigs; /// - /// If specified, any combination of values of enforce_on_key_type/enforce_on_key_name is treated as the key on which rate limit threshold/action is enforced. You can specify up to 3 enforce_on_key_configs. If `enforce_on_key_configs` is specified, `enforce_on_key` must be set to an empty string. Structure is documented below. - /// - /// **Note:** To avoid the conflict between `enforce_on_key` and `enforce_on_key_configs`, the field `enforce_on_key` needs to be set to an empty string. + /// If specified, any combination of values of enforceOnKeyType/enforceOnKeyName is treated as the key on which ratelimit threshold/action is enforced. + /// You can specify up to 3 enforceOnKeyConfigs. + /// If enforceOnKeyConfigs is specified, enforceOnKey must not be specified. + /// Structure is documented below. /// public InputList EnforceOnKeyConfigs { @@ -64,31 +68,32 @@ public InputList /// Rate limit key name applicable only for the following key types: - /// - /// * `HTTP_HEADER` -- Name of the HTTP header whose value is taken as the key value. - /// * `HTTP_COOKIE` -- Name of the HTTP cookie whose value is taken as the key value. + /// HTTP_HEADER -- Name of the HTTP header whose value is taken as the key value. + /// HTTP_COOKIE -- Name of the HTTP cookie whose value is taken as the key value. /// [Input("enforceOnKeyName")] public Input? EnforceOnKeyName { get; set; } /// - /// When a request is denied, returns the HTTP response code specified. - /// Valid options are `deny()` where valid values for status are 403, 404, 429, and 502. + /// Action to take for requests that are above the configured rate limit threshold, to either deny with a specified HTTP response code, or redirect to a different endpoint. + /// Valid options are deny(STATUS), where valid values for STATUS are 403, 404, 429, and 502. /// - [Input("exceedAction", required: true)] - public Input ExceedAction { get; set; } = null!; + [Input("exceedAction")] + public Input? ExceedAction { get; set; } /// - /// Parameters defining the redirect action that is used as the exceed action. Cannot be specified if the exceed action is not redirect. + /// Parameters defining the redirect action that is used as the exceed action. Cannot be specified if the exceed action is not redirect. This field is only supported in Global Security Policies of type CLOUD_ARMOR. + /// Structure is documented below. /// [Input("exceedRedirectOptions")] public Input? ExceedRedirectOptions { get; set; } /// - /// Threshold at which to begin ratelimiting. Structure is documented below. + /// Threshold at which to begin ratelimiting. + /// Structure is documented below. /// - [Input("rateLimitThreshold", required: true)] - public Input RateLimitThreshold { get; set; } = null!; + [Input("rateLimitThreshold")] + public Input? RateLimitThreshold { get; set; } public SecurityPolicyRuleRateLimitOptionsGetArgs() { diff --git a/sdk/dotnet/Compute/Inputs/SecurityPolicyRuleRateLimitOptionsRateLimitThresholdArgs.cs b/sdk/dotnet/Compute/Inputs/SecurityPolicyRuleRateLimitOptionsRateLimitThresholdArgs.cs index 7f285aeeec..c9ef959fbb 100644 --- a/sdk/dotnet/Compute/Inputs/SecurityPolicyRuleRateLimitOptionsRateLimitThresholdArgs.cs +++ b/sdk/dotnet/Compute/Inputs/SecurityPolicyRuleRateLimitOptionsRateLimitThresholdArgs.cs @@ -15,14 +15,14 @@ public sealed class SecurityPolicyRuleRateLimitOptionsRateLimitThresholdArgs : g /// /// Number of HTTP(S) requests for calculating the threshold. /// - [Input("count", required: true)] - public Input Count { get; set; } = null!; + [Input("count")] + public Input? Count { get; set; } /// /// Interval over which the threshold is computed. /// - [Input("intervalSec", required: true)] - public Input IntervalSec { get; set; } = null!; + [Input("intervalSec")] + public Input? IntervalSec { get; set; } public SecurityPolicyRuleRateLimitOptionsRateLimitThresholdArgs() { diff --git a/sdk/dotnet/Compute/Inputs/SecurityPolicyRuleRateLimitOptionsRateLimitThresholdGetArgs.cs b/sdk/dotnet/Compute/Inputs/SecurityPolicyRuleRateLimitOptionsRateLimitThresholdGetArgs.cs index a2a1f63eae..0a04ba8383 100644 --- a/sdk/dotnet/Compute/Inputs/SecurityPolicyRuleRateLimitOptionsRateLimitThresholdGetArgs.cs +++ b/sdk/dotnet/Compute/Inputs/SecurityPolicyRuleRateLimitOptionsRateLimitThresholdGetArgs.cs @@ -15,14 +15,14 @@ public sealed class SecurityPolicyRuleRateLimitOptionsRateLimitThresholdGetArgs /// /// Number of HTTP(S) requests for calculating the threshold. /// - [Input("count", required: true)] - public Input Count { get; set; } = null!; + [Input("count")] + public Input? Count { get; set; } /// /// Interval over which the threshold is computed. /// - [Input("intervalSec", required: true)] - public Input IntervalSec { get; set; } = null!; + [Input("intervalSec")] + public Input? IntervalSec { get; set; } public SecurityPolicyRuleRateLimitOptionsRateLimitThresholdGetArgs() { diff --git a/sdk/dotnet/Compute/InstanceGroupMembership.cs b/sdk/dotnet/Compute/InstanceGroupMembership.cs index fc7b1d9b12..202b76c716 100644 --- a/sdk/dotnet/Compute/InstanceGroupMembership.cs +++ b/sdk/dotnet/Compute/InstanceGroupMembership.cs @@ -19,7 +19,7 @@ namespace Pulumi.Gcp.Compute /// > **NOTE** This resource has been added to avoid a situation, where after /// Instance is recreated, it's removed from Instance Group and it's needed to /// perform `apply` twice. To avoid situations like this, please use this resource - /// with the lifecycle `update_triggered_by` method, with the passed Instance's ID. + /// with the lifecycle `replace_triggered_by` method, with the passed Instance's ID. /// /// To get more information about InstanceGroupMembership, see: /// diff --git a/sdk/dotnet/Compute/InterconnectAttachment.cs b/sdk/dotnet/Compute/InterconnectAttachment.cs index b4bb067f25..a2273b96f5 100644 --- a/sdk/dotnet/Compute/InterconnectAttachment.cs +++ b/sdk/dotnet/Compute/InterconnectAttachment.cs @@ -361,6 +361,17 @@ public partial class InterconnectAttachment : global::Pulumi.CustomResource [Output("state")] public Output State { get; private set; } = null!; + /// + /// Length of the IPv4 subnet mask. Allowed values: 29 (default), 30. The default value is 29, + /// except for Cross-Cloud Interconnect connections that use an InterconnectRemoteLocation with a + /// constraints.subnetLengthRange.min equal to 30. For example, connections that use an Azure + /// remote location fall into this category. In these cases, the default value is 30, and + /// requesting 29 returns an error. Where both 29 and 30 are allowed, 29 is preferred, because it + /// gives Google Cloud Support more debugging visibility. + /// + [Output("subnetLength")] + public Output SubnetLength { get; private set; } = null!; + /// /// The type of InterconnectAttachment you wish to create. Defaults to /// DEDICATED. @@ -580,6 +591,17 @@ public InputList IpsecInternalAddresses [Input("stackType")] public Input? StackType { get; set; } + /// + /// Length of the IPv4 subnet mask. Allowed values: 29 (default), 30. The default value is 29, + /// except for Cross-Cloud Interconnect connections that use an InterconnectRemoteLocation with a + /// constraints.subnetLengthRange.min equal to 30. For example, connections that use an Azure + /// remote location fall into this category. In these cases, the default value is 30, and + /// requesting 29 returns an error. Where both 29 and 30 are allowed, 29 is preferred, because it + /// gives Google Cloud Support more debugging visibility. + /// + [Input("subnetLength")] + public Input? SubnetLength { get; set; } + /// /// The type of InterconnectAttachment you wish to create. Defaults to /// DEDICATED. @@ -844,6 +866,17 @@ public InputList Pr [Input("state")] public Input? State { get; set; } + /// + /// Length of the IPv4 subnet mask. Allowed values: 29 (default), 30. The default value is 29, + /// except for Cross-Cloud Interconnect connections that use an InterconnectRemoteLocation with a + /// constraints.subnetLengthRange.min equal to 30. For example, connections that use an Azure + /// remote location fall into this category. In these cases, the default value is 30, and + /// requesting 29 returns an error. Where both 29 and 30 are allowed, 29 is preferred, because it + /// gives Google Cloud Support more debugging visibility. + /// + [Input("subnetLength")] + public Input? SubnetLength { get; set; } + /// /// The type of InterconnectAttachment you wish to create. Defaults to /// DEDICATED. diff --git a/sdk/dotnet/Compute/NetworkEndpoint.cs b/sdk/dotnet/Compute/NetworkEndpoint.cs index 770f67c25d..f546f44ef3 100644 --- a/sdk/dotnet/Compute/NetworkEndpoint.cs +++ b/sdk/dotnet/Compute/NetworkEndpoint.cs @@ -18,7 +18,7 @@ namespace Pulumi.Gcp.Compute /// /// > **NOTE** In case the Endpoint's Instance is recreated, it's needed to /// perform `apply` twice. To avoid situations like this, please use this resource - /// with the lifecycle `update_triggered_by` method, with the passed Instance's ID. + /// with the lifecycle `replace_triggered_by` method, with the passed Instance's ID. /// /// To get more information about NetworkEndpoint, see: /// diff --git a/sdk/dotnet/Compute/NetworkEndpointList.cs b/sdk/dotnet/Compute/NetworkEndpointList.cs index 879a47c17f..fb05ed1b3b 100644 --- a/sdk/dotnet/Compute/NetworkEndpointList.cs +++ b/sdk/dotnet/Compute/NetworkEndpointList.cs @@ -21,7 +21,7 @@ namespace Pulumi.Gcp.Compute /// /// > **NOTE** In case the Endpoint's Instance is recreated, it's needed to /// perform `apply` twice. To avoid situations like this, please use this resource - /// with the lifecycle `update_triggered_by` method, with the passed Instance's ID. + /// with the lifecycle `replace_triggered_by` method, with the passed Instance's ID. /// /// To get more information about NetworkEndpoints, see: /// diff --git a/sdk/dotnet/Compute/Outputs/GetInstanceSchedulingOnInstanceStopActionResult.cs b/sdk/dotnet/Compute/Outputs/GetInstanceSchedulingOnInstanceStopActionResult.cs new file mode 100644 index 0000000000..91afc946c0 --- /dev/null +++ b/sdk/dotnet/Compute/Outputs/GetInstanceSchedulingOnInstanceStopActionResult.cs @@ -0,0 +1,27 @@ +// *** WARNING: this file was generated by the Pulumi Terraform Bridge (tfgen) Tool. *** +// *** Do not edit by hand unless you're certain you know what you are doing! *** + +using System; +using System.Collections.Generic; +using System.Collections.Immutable; +using System.Threading.Tasks; +using Pulumi.Serialization; + +namespace Pulumi.Gcp.Compute.Outputs +{ + + [OutputType] + public sealed class GetInstanceSchedulingOnInstanceStopActionResult + { + /// + /// If true, the contents of any attached Local SSD disks will be discarded. + /// + public readonly bool DiscardLocalSsd; + + [OutputConstructor] + private GetInstanceSchedulingOnInstanceStopActionResult(bool discardLocalSsd) + { + DiscardLocalSsd = discardLocalSsd; + } + } +} diff --git a/sdk/dotnet/Compute/Outputs/GetInstanceSchedulingResult.cs b/sdk/dotnet/Compute/Outputs/GetInstanceSchedulingResult.cs index fa90794080..3646520865 100644 --- a/sdk/dotnet/Compute/Outputs/GetInstanceSchedulingResult.cs +++ b/sdk/dotnet/Compute/Outputs/GetInstanceSchedulingResult.cs @@ -49,6 +49,10 @@ public sealed class GetInstanceSchedulingResult /// public readonly string OnHostMaintenance; /// + /// Defines the behaviour for instances with the instance_termination_action. + /// + public readonly ImmutableArray OnInstanceStopActions; + /// /// Whether the instance is preemptible. /// public readonly bool Preemptible; @@ -75,6 +79,8 @@ private GetInstanceSchedulingResult( string onHostMaintenance, + ImmutableArray onInstanceStopActions, + bool preemptible, string provisioningModel) @@ -87,6 +93,7 @@ private GetInstanceSchedulingResult( MinNodeCpus = minNodeCpus; NodeAffinities = nodeAffinities; OnHostMaintenance = onHostMaintenance; + OnInstanceStopActions = onInstanceStopActions; Preemptible = preemptible; ProvisioningModel = provisioningModel; } diff --git a/sdk/dotnet/Compute/Outputs/GetInstanceTemplateSchedulingOnInstanceStopActionResult.cs b/sdk/dotnet/Compute/Outputs/GetInstanceTemplateSchedulingOnInstanceStopActionResult.cs new file mode 100644 index 0000000000..ea43e3e63b --- /dev/null +++ b/sdk/dotnet/Compute/Outputs/GetInstanceTemplateSchedulingOnInstanceStopActionResult.cs @@ -0,0 +1,27 @@ +// *** WARNING: this file was generated by the Pulumi Terraform Bridge (tfgen) Tool. *** +// *** Do not edit by hand unless you're certain you know what you are doing! *** + +using System; +using System.Collections.Generic; +using System.Collections.Immutable; +using System.Threading.Tasks; +using Pulumi.Serialization; + +namespace Pulumi.Gcp.Compute.Outputs +{ + + [OutputType] + public sealed class GetInstanceTemplateSchedulingOnInstanceStopActionResult + { + /// + /// If true, the contents of any attached Local SSD disks will be discarded. + /// + public readonly bool DiscardLocalSsd; + + [OutputConstructor] + private GetInstanceTemplateSchedulingOnInstanceStopActionResult(bool discardLocalSsd) + { + DiscardLocalSsd = discardLocalSsd; + } + } +} diff --git a/sdk/dotnet/Compute/Outputs/GetInstanceTemplateSchedulingResult.cs b/sdk/dotnet/Compute/Outputs/GetInstanceTemplateSchedulingResult.cs index 24f4618e92..bd39ab29e4 100644 --- a/sdk/dotnet/Compute/Outputs/GetInstanceTemplateSchedulingResult.cs +++ b/sdk/dotnet/Compute/Outputs/GetInstanceTemplateSchedulingResult.cs @@ -56,6 +56,10 @@ public sealed class GetInstanceTemplateSchedulingResult /// public readonly string OnHostMaintenance; /// + /// Defines the behaviour for instances with the instance_termination_action. + /// + public readonly ImmutableArray OnInstanceStopActions; + /// /// Allows instance to be preempted. This defaults to /// false. Read more on this /// [here](https://cloud.google.com/compute/docs/instances/preemptible). @@ -84,6 +88,8 @@ private GetInstanceTemplateSchedulingResult( string onHostMaintenance, + ImmutableArray onInstanceStopActions, + bool preemptible, string provisioningModel) @@ -96,6 +102,7 @@ private GetInstanceTemplateSchedulingResult( MinNodeCpus = minNodeCpus; NodeAffinities = nodeAffinities; OnHostMaintenance = onHostMaintenance; + OnInstanceStopActions = onInstanceStopActions; Preemptible = preemptible; ProvisioningModel = provisioningModel; } diff --git a/sdk/dotnet/Compute/Outputs/GetRegionInstanceTemplateSchedulingOnInstanceStopActionResult.cs b/sdk/dotnet/Compute/Outputs/GetRegionInstanceTemplateSchedulingOnInstanceStopActionResult.cs new file mode 100644 index 0000000000..280d8ccfd7 --- /dev/null +++ b/sdk/dotnet/Compute/Outputs/GetRegionInstanceTemplateSchedulingOnInstanceStopActionResult.cs @@ -0,0 +1,27 @@ +// *** WARNING: this file was generated by the Pulumi Terraform Bridge (tfgen) Tool. *** +// *** Do not edit by hand unless you're certain you know what you are doing! *** + +using System; +using System.Collections.Generic; +using System.Collections.Immutable; +using System.Threading.Tasks; +using Pulumi.Serialization; + +namespace Pulumi.Gcp.Compute.Outputs +{ + + [OutputType] + public sealed class GetRegionInstanceTemplateSchedulingOnInstanceStopActionResult + { + /// + /// If true, the contents of any attached Local SSD disks will be discarded. + /// + public readonly bool DiscardLocalSsd; + + [OutputConstructor] + private GetRegionInstanceTemplateSchedulingOnInstanceStopActionResult(bool discardLocalSsd) + { + DiscardLocalSsd = discardLocalSsd; + } + } +} diff --git a/sdk/dotnet/Compute/Outputs/GetRegionInstanceTemplateSchedulingResult.cs b/sdk/dotnet/Compute/Outputs/GetRegionInstanceTemplateSchedulingResult.cs index efb63a76c1..88906f00c0 100644 --- a/sdk/dotnet/Compute/Outputs/GetRegionInstanceTemplateSchedulingResult.cs +++ b/sdk/dotnet/Compute/Outputs/GetRegionInstanceTemplateSchedulingResult.cs @@ -56,6 +56,10 @@ public sealed class GetRegionInstanceTemplateSchedulingResult /// public readonly string OnHostMaintenance; /// + /// Defines the behaviour for instances with the instance_termination_action. + /// + public readonly ImmutableArray OnInstanceStopActions; + /// /// Allows instance to be preempted. This defaults to /// false. Read more on this /// [here](https://cloud.google.com/compute/docs/instances/preemptible). @@ -84,6 +88,8 @@ private GetRegionInstanceTemplateSchedulingResult( string onHostMaintenance, + ImmutableArray onInstanceStopActions, + bool preemptible, string provisioningModel) @@ -96,6 +102,7 @@ private GetRegionInstanceTemplateSchedulingResult( MinNodeCpus = minNodeCpus; NodeAffinities = nodeAffinities; OnHostMaintenance = onHostMaintenance; + OnInstanceStopActions = onInstanceStopActions; Preemptible = preemptible; ProvisioningModel = provisioningModel; } diff --git a/sdk/dotnet/Compute/Outputs/GetSubnetworksSubnetworkResult.cs b/sdk/dotnet/Compute/Outputs/GetSubnetworksSubnetworkResult.cs new file mode 100644 index 0000000000..e5d7b65fed --- /dev/null +++ b/sdk/dotnet/Compute/Outputs/GetSubnetworksSubnetworkResult.cs @@ -0,0 +1,67 @@ +// *** WARNING: this file was generated by the Pulumi Terraform Bridge (tfgen) Tool. *** +// *** Do not edit by hand unless you're certain you know what you are doing! *** + +using System; +using System.Collections.Generic; +using System.Collections.Immutable; +using System.Threading.Tasks; +using Pulumi.Serialization; + +namespace Pulumi.Gcp.Compute.Outputs +{ + + [OutputType] + public sealed class GetSubnetworksSubnetworkResult + { + /// + /// Description of the subnetwork. + /// + public readonly string Description; + /// + /// The IP address range represented as a CIDR block. + /// + public readonly string IpCidrRange; + /// + /// The name of the subnetwork. + /// + public readonly string Name; + /// + /// The self link of the parent network. + /// + public readonly string Network; + public readonly string NetworkSelfLink; + /// + /// Whether the VMs in the subnet can access Google services without assigned external IP addresses. + /// + public readonly bool PrivateIpGoogleAccess; + /// + /// The self link of the subnetwork. + /// + public readonly string SelfLink; + + [OutputConstructor] + private GetSubnetworksSubnetworkResult( + string description, + + string ipCidrRange, + + string name, + + string network, + + string networkSelfLink, + + bool privateIpGoogleAccess, + + string selfLink) + { + Description = description; + IpCidrRange = ipCidrRange; + Name = name; + Network = network; + NetworkSelfLink = networkSelfLink; + PrivateIpGoogleAccess = privateIpGoogleAccess; + SelfLink = selfLink; + } + } +} diff --git a/sdk/dotnet/Compute/Outputs/InstanceFromMachineImageScheduling.cs b/sdk/dotnet/Compute/Outputs/InstanceFromMachineImageScheduling.cs index a4f3b94aa8..1677ab1fb1 100644 --- a/sdk/dotnet/Compute/Outputs/InstanceFromMachineImageScheduling.cs +++ b/sdk/dotnet/Compute/Outputs/InstanceFromMachineImageScheduling.cs @@ -46,6 +46,10 @@ public sealed class InstanceFromMachineImageScheduling /// public readonly string? OnHostMaintenance; /// + /// Defines the behaviour for instances with the instance_termination_action. + /// + public readonly Outputs.InstanceFromMachineImageSchedulingOnInstanceStopAction? OnInstanceStopAction; + /// /// Whether the instance is preemptible. /// public readonly bool? Preemptible; @@ -72,6 +76,8 @@ private InstanceFromMachineImageScheduling( string? onHostMaintenance, + Outputs.InstanceFromMachineImageSchedulingOnInstanceStopAction? onInstanceStopAction, + bool? preemptible, string? provisioningModel) @@ -84,6 +90,7 @@ private InstanceFromMachineImageScheduling( MinNodeCpus = minNodeCpus; NodeAffinities = nodeAffinities; OnHostMaintenance = onHostMaintenance; + OnInstanceStopAction = onInstanceStopAction; Preemptible = preemptible; ProvisioningModel = provisioningModel; } diff --git a/sdk/dotnet/Compute/Outputs/InstanceFromMachineImageSchedulingOnInstanceStopAction.cs b/sdk/dotnet/Compute/Outputs/InstanceFromMachineImageSchedulingOnInstanceStopAction.cs new file mode 100644 index 0000000000..889d96928c --- /dev/null +++ b/sdk/dotnet/Compute/Outputs/InstanceFromMachineImageSchedulingOnInstanceStopAction.cs @@ -0,0 +1,27 @@ +// *** WARNING: this file was generated by the Pulumi Terraform Bridge (tfgen) Tool. *** +// *** Do not edit by hand unless you're certain you know what you are doing! *** + +using System; +using System.Collections.Generic; +using System.Collections.Immutable; +using System.Threading.Tasks; +using Pulumi.Serialization; + +namespace Pulumi.Gcp.Compute.Outputs +{ + + [OutputType] + public sealed class InstanceFromMachineImageSchedulingOnInstanceStopAction + { + /// + /// If true, the contents of any attached Local SSD disks will be discarded. + /// + public readonly bool? DiscardLocalSsd; + + [OutputConstructor] + private InstanceFromMachineImageSchedulingOnInstanceStopAction(bool? discardLocalSsd) + { + DiscardLocalSsd = discardLocalSsd; + } + } +} diff --git a/sdk/dotnet/Compute/Outputs/InstanceFromTemplateScheduling.cs b/sdk/dotnet/Compute/Outputs/InstanceFromTemplateScheduling.cs index 0c5c664d09..fbc999ed9f 100644 --- a/sdk/dotnet/Compute/Outputs/InstanceFromTemplateScheduling.cs +++ b/sdk/dotnet/Compute/Outputs/InstanceFromTemplateScheduling.cs @@ -46,6 +46,10 @@ public sealed class InstanceFromTemplateScheduling /// public readonly string? OnHostMaintenance; /// + /// Defines the behaviour for instances with the instance_termination_action. + /// + public readonly Outputs.InstanceFromTemplateSchedulingOnInstanceStopAction? OnInstanceStopAction; + /// /// Whether the instance is preemptible. /// public readonly bool? Preemptible; @@ -72,6 +76,8 @@ private InstanceFromTemplateScheduling( string? onHostMaintenance, + Outputs.InstanceFromTemplateSchedulingOnInstanceStopAction? onInstanceStopAction, + bool? preemptible, string? provisioningModel) @@ -84,6 +90,7 @@ private InstanceFromTemplateScheduling( MinNodeCpus = minNodeCpus; NodeAffinities = nodeAffinities; OnHostMaintenance = onHostMaintenance; + OnInstanceStopAction = onInstanceStopAction; Preemptible = preemptible; ProvisioningModel = provisioningModel; } diff --git a/sdk/dotnet/Compute/Outputs/InstanceFromTemplateSchedulingOnInstanceStopAction.cs b/sdk/dotnet/Compute/Outputs/InstanceFromTemplateSchedulingOnInstanceStopAction.cs new file mode 100644 index 0000000000..964fe3e6c7 --- /dev/null +++ b/sdk/dotnet/Compute/Outputs/InstanceFromTemplateSchedulingOnInstanceStopAction.cs @@ -0,0 +1,27 @@ +// *** WARNING: this file was generated by the Pulumi Terraform Bridge (tfgen) Tool. *** +// *** Do not edit by hand unless you're certain you know what you are doing! *** + +using System; +using System.Collections.Generic; +using System.Collections.Immutable; +using System.Threading.Tasks; +using Pulumi.Serialization; + +namespace Pulumi.Gcp.Compute.Outputs +{ + + [OutputType] + public sealed class InstanceFromTemplateSchedulingOnInstanceStopAction + { + /// + /// If true, the contents of any attached Local SSD disks will be discarded. + /// + public readonly bool? DiscardLocalSsd; + + [OutputConstructor] + private InstanceFromTemplateSchedulingOnInstanceStopAction(bool? discardLocalSsd) + { + DiscardLocalSsd = discardLocalSsd; + } + } +} diff --git a/sdk/dotnet/Compute/Outputs/InstanceScheduling.cs b/sdk/dotnet/Compute/Outputs/InstanceScheduling.cs index 23489eb90f..40df7515dd 100644 --- a/sdk/dotnet/Compute/Outputs/InstanceScheduling.cs +++ b/sdk/dotnet/Compute/Outputs/InstanceScheduling.cs @@ -35,8 +35,7 @@ public sealed class InstanceScheduling /// public readonly string? MaintenanceInterval; /// - /// The duration of the instance. Instance will run and be terminated after then, the termination action could be defined in `instance_termination_action`. Only support `DELETE` `instance_termination_action` at this point. Structure is documented below. - /// <a name="nested_max_run_duration"></a>The `max_run_duration` block supports: + /// The duration of the instance. Instance will run and be terminated after then, the termination action could be defined in `instance_termination_action`. Structure is documented below. /// public readonly Outputs.InstanceSchedulingMaxRunDuration? MaxRunDuration; /// @@ -58,6 +57,10 @@ public sealed class InstanceScheduling /// public readonly string? OnHostMaintenance; /// + /// Specifies the action to be performed when the instance is terminated using `max_run_duration` and `STOP` `instance_termination_action`. Only support `true` `discard_local_ssd` at this point. Structure is documented below. + /// + public readonly Outputs.InstanceSchedulingOnInstanceStopAction? OnInstanceStopAction; + /// /// Specifies if the instance is preemptible. /// If this field is set to true, then `automatic_restart` must be /// set to false. Defaults to false. @@ -89,6 +92,8 @@ private InstanceScheduling( string? onHostMaintenance, + Outputs.InstanceSchedulingOnInstanceStopAction? onInstanceStopAction, + bool? preemptible, string? provisioningModel) @@ -101,6 +106,7 @@ private InstanceScheduling( MinNodeCpus = minNodeCpus; NodeAffinities = nodeAffinities; OnHostMaintenance = onHostMaintenance; + OnInstanceStopAction = onInstanceStopAction; Preemptible = preemptible; ProvisioningModel = provisioningModel; } diff --git a/sdk/dotnet/Compute/Outputs/InstanceSchedulingMaxRunDuration.cs b/sdk/dotnet/Compute/Outputs/InstanceSchedulingMaxRunDuration.cs index 61859a0a81..b2610159eb 100644 --- a/sdk/dotnet/Compute/Outputs/InstanceSchedulingMaxRunDuration.cs +++ b/sdk/dotnet/Compute/Outputs/InstanceSchedulingMaxRunDuration.cs @@ -15,14 +15,15 @@ public sealed class InstanceSchedulingMaxRunDuration { /// /// Span of time that's a fraction of a second at nanosecond - /// resolution. Durations less than one second are represented - /// with a 0 seconds field and a positive nanos field. Must - /// be from 0 to 999,999,999 inclusive. + /// resolution. Durations less than one second are represented with a 0 + /// `seconds` field and a positive `nanos` field. Must be from 0 to + /// 999,999,999 inclusive. /// public readonly int? Nanos; /// - /// Span of time at a resolution of a second. - /// Must be from 0 to 315,576,000,000 inclusive. + /// Span of time at a resolution of a second. Must be from 0 to + /// 315,576,000,000 inclusive. Note: these bounds are computed from: 60 + /// sec/min * 60 min/hr * 24 hr/day * 365.25 days/year * 10000 years. /// public readonly int Seconds; diff --git a/sdk/dotnet/Compute/Outputs/InstanceSchedulingOnInstanceStopAction.cs b/sdk/dotnet/Compute/Outputs/InstanceSchedulingOnInstanceStopAction.cs new file mode 100644 index 0000000000..14931aa10b --- /dev/null +++ b/sdk/dotnet/Compute/Outputs/InstanceSchedulingOnInstanceStopAction.cs @@ -0,0 +1,27 @@ +// *** WARNING: this file was generated by the Pulumi Terraform Bridge (tfgen) Tool. *** +// *** Do not edit by hand unless you're certain you know what you are doing! *** + +using System; +using System.Collections.Generic; +using System.Collections.Immutable; +using System.Threading.Tasks; +using Pulumi.Serialization; + +namespace Pulumi.Gcp.Compute.Outputs +{ + + [OutputType] + public sealed class InstanceSchedulingOnInstanceStopAction + { + /// + /// Whether to discard local SSDs attached to the VM while terminating using `max_run_duration`. Only supports `true` at this point. + /// + public readonly bool? DiscardLocalSsd; + + [OutputConstructor] + private InstanceSchedulingOnInstanceStopAction(bool? discardLocalSsd) + { + DiscardLocalSsd = discardLocalSsd; + } + } +} diff --git a/sdk/dotnet/Compute/Outputs/InstanceTemplateScheduling.cs b/sdk/dotnet/Compute/Outputs/InstanceTemplateScheduling.cs index c6aedeb88c..6f2f85afd9 100644 --- a/sdk/dotnet/Compute/Outputs/InstanceTemplateScheduling.cs +++ b/sdk/dotnet/Compute/Outputs/InstanceTemplateScheduling.cs @@ -35,8 +35,7 @@ public sealed class InstanceTemplateScheduling /// public readonly string? MaintenanceInterval; /// - /// The duration of the instance. Instance will run and be terminated after then, the termination action could be defined in `instance_termination_action`. Only support `DELETE` `instance_termination_action` at this point. Structure is documented below. - /// <a name="nested_max_run_duration"></a>The `max_run_duration` block supports: + /// The duration of the instance. Instance will run and be terminated after then, the termination action could be defined in `instance_termination_action`. Structure is documented below. /// public readonly Outputs.InstanceTemplateSchedulingMaxRunDuration? MaxRunDuration; /// @@ -57,6 +56,10 @@ public sealed class InstanceTemplateScheduling /// public readonly string? OnHostMaintenance; /// + /// Specifies the action to be performed when the instance is terminated using `max_run_duration` and `STOP` `instance_termination_action`. Only support `true` `discard_local_ssd` at this point. Structure is documented below. + /// + public readonly Outputs.InstanceTemplateSchedulingOnInstanceStopAction? OnInstanceStopAction; + /// /// Allows instance to be preempted. This defaults to /// false. Read more on this /// [here](https://cloud.google.com/compute/docs/instances/preemptible). @@ -88,6 +91,8 @@ private InstanceTemplateScheduling( string? onHostMaintenance, + Outputs.InstanceTemplateSchedulingOnInstanceStopAction? onInstanceStopAction, + bool? preemptible, string? provisioningModel) @@ -100,6 +105,7 @@ private InstanceTemplateScheduling( MinNodeCpus = minNodeCpus; NodeAffinities = nodeAffinities; OnHostMaintenance = onHostMaintenance; + OnInstanceStopAction = onInstanceStopAction; Preemptible = preemptible; ProvisioningModel = provisioningModel; } diff --git a/sdk/dotnet/Compute/Outputs/InstanceTemplateSchedulingMaxRunDuration.cs b/sdk/dotnet/Compute/Outputs/InstanceTemplateSchedulingMaxRunDuration.cs index 32fb803626..acb538c7a7 100644 --- a/sdk/dotnet/Compute/Outputs/InstanceTemplateSchedulingMaxRunDuration.cs +++ b/sdk/dotnet/Compute/Outputs/InstanceTemplateSchedulingMaxRunDuration.cs @@ -15,14 +15,15 @@ public sealed class InstanceTemplateSchedulingMaxRunDuration { /// /// Span of time that's a fraction of a second at nanosecond - /// resolution. Durations less than one second are represented - /// with a 0 seconds field and a positive nanos field. Must - /// be from 0 to 999,999,999 inclusive. + /// resolution. Durations less than one second are represented with a 0 + /// `seconds` field and a positive `nanos` field. Must be from 0 to + /// 999,999,999 inclusive. /// public readonly int? Nanos; /// - /// Span of time at a resolution of a second. - /// Must be from 0 to 315,576,000,000 inclusive. + /// Span of time at a resolution of a second. Must be from 0 to + /// 315,576,000,000 inclusive. Note: these bounds are computed from: 60 + /// sec/min * 60 min/hr * 24 hr/day * 365.25 days/year * 10000 years. /// public readonly int Seconds; diff --git a/sdk/dotnet/Compute/Outputs/InstanceTemplateSchedulingOnInstanceStopAction.cs b/sdk/dotnet/Compute/Outputs/InstanceTemplateSchedulingOnInstanceStopAction.cs new file mode 100644 index 0000000000..88dae29655 --- /dev/null +++ b/sdk/dotnet/Compute/Outputs/InstanceTemplateSchedulingOnInstanceStopAction.cs @@ -0,0 +1,27 @@ +// *** WARNING: this file was generated by the Pulumi Terraform Bridge (tfgen) Tool. *** +// *** Do not edit by hand unless you're certain you know what you are doing! *** + +using System; +using System.Collections.Generic; +using System.Collections.Immutable; +using System.Threading.Tasks; +using Pulumi.Serialization; + +namespace Pulumi.Gcp.Compute.Outputs +{ + + [OutputType] + public sealed class InstanceTemplateSchedulingOnInstanceStopAction + { + /// + /// Whether to discard local SSDs attached to the VM while terminating using `max_run_duration`. Only supports `true` at this point. + /// + public readonly bool? DiscardLocalSsd; + + [OutputConstructor] + private InstanceTemplateSchedulingOnInstanceStopAction(bool? discardLocalSsd) + { + DiscardLocalSsd = discardLocalSsd; + } + } +} diff --git a/sdk/dotnet/Compute/Outputs/RegionInstanceTemplateScheduling.cs b/sdk/dotnet/Compute/Outputs/RegionInstanceTemplateScheduling.cs index 79235fd953..b76c3fbdaf 100644 --- a/sdk/dotnet/Compute/Outputs/RegionInstanceTemplateScheduling.cs +++ b/sdk/dotnet/Compute/Outputs/RegionInstanceTemplateScheduling.cs @@ -56,6 +56,10 @@ public sealed class RegionInstanceTemplateScheduling /// public readonly string? OnHostMaintenance; /// + /// Defines the behaviour for instances with the instance_termination_action. + /// + public readonly Outputs.RegionInstanceTemplateSchedulingOnInstanceStopAction? OnInstanceStopAction; + /// /// Allows instance to be preempted. This defaults to /// false. Read more on this /// [here](https://cloud.google.com/compute/docs/instances/preemptible). @@ -87,6 +91,8 @@ private RegionInstanceTemplateScheduling( string? onHostMaintenance, + Outputs.RegionInstanceTemplateSchedulingOnInstanceStopAction? onInstanceStopAction, + bool? preemptible, string? provisioningModel) @@ -99,6 +105,7 @@ private RegionInstanceTemplateScheduling( MinNodeCpus = minNodeCpus; NodeAffinities = nodeAffinities; OnHostMaintenance = onHostMaintenance; + OnInstanceStopAction = onInstanceStopAction; Preemptible = preemptible; ProvisioningModel = provisioningModel; } diff --git a/sdk/dotnet/Compute/Outputs/RegionInstanceTemplateSchedulingOnInstanceStopAction.cs b/sdk/dotnet/Compute/Outputs/RegionInstanceTemplateSchedulingOnInstanceStopAction.cs new file mode 100644 index 0000000000..956f1ff939 --- /dev/null +++ b/sdk/dotnet/Compute/Outputs/RegionInstanceTemplateSchedulingOnInstanceStopAction.cs @@ -0,0 +1,27 @@ +// *** WARNING: this file was generated by the Pulumi Terraform Bridge (tfgen) Tool. *** +// *** Do not edit by hand unless you're certain you know what you are doing! *** + +using System; +using System.Collections.Generic; +using System.Collections.Immutable; +using System.Threading.Tasks; +using Pulumi.Serialization; + +namespace Pulumi.Gcp.Compute.Outputs +{ + + [OutputType] + public sealed class RegionInstanceTemplateSchedulingOnInstanceStopAction + { + /// + /// If true, the contents of any attached Local SSD disks will be discarded. + /// + public readonly bool? DiscardLocalSsd; + + [OutputConstructor] + private RegionInstanceTemplateSchedulingOnInstanceStopAction(bool? discardLocalSsd) + { + DiscardLocalSsd = discardLocalSsd; + } + } +} diff --git a/sdk/dotnet/Compute/Outputs/SecurityPolicyAdvancedOptionsConfig.cs b/sdk/dotnet/Compute/Outputs/SecurityPolicyAdvancedOptionsConfig.cs index 7c8bf21592..127eb664eb 100644 --- a/sdk/dotnet/Compute/Outputs/SecurityPolicyAdvancedOptionsConfig.cs +++ b/sdk/dotnet/Compute/Outputs/SecurityPolicyAdvancedOptionsConfig.cs @@ -22,6 +22,7 @@ public sealed class SecurityPolicyAdvancedOptionsConfig /// Whether or not to JSON parse the payload body. Defaults to `DISABLED`. /// * `DISABLED` - Don't parse JSON payloads in POST bodies. /// * `STANDARD` - Parse JSON payloads in POST bodies. + /// * `STANDARD_WITH_GRAPHQL` - Parse JSON and GraphQL payloads in POST bodies. /// public readonly string? JsonParsing; /// diff --git a/sdk/dotnet/Compute/Outputs/SecurityPolicyRuleRateLimitOptions.cs b/sdk/dotnet/Compute/Outputs/SecurityPolicyRuleRateLimitOptions.cs index 5e4063d5c3..a6a85f386e 100644 --- a/sdk/dotnet/Compute/Outputs/SecurityPolicyRuleRateLimitOptions.cs +++ b/sdk/dotnet/Compute/Outputs/SecurityPolicyRuleRateLimitOptions.cs @@ -14,59 +14,64 @@ namespace Pulumi.Gcp.Compute.Outputs public sealed class SecurityPolicyRuleRateLimitOptions { /// - /// Can only be specified if the `action` for the rule is `rate_based_ban`. + /// Can only be specified if the action for the rule is "rate_based_ban". /// If specified, determines the time (in seconds) the traffic will continue to be banned by the rate limit after the rate falls below the threshold. /// public readonly int? BanDurationSec; /// - /// Can only be specified if the `action` for the rule is `rate_based_ban`. - /// If specified, the key will be banned for the configured `ban_duration_sec` when the number of requests that exceed the `rate_limit_threshold` also - /// exceed this `ban_threshold`. Structure is documented below. + /// Can only be specified if the action for the rule is "rate_based_ban". + /// If specified, the key will be banned for the configured 'banDurationSec' when the number of requests that exceed the 'rateLimitThreshold' also exceed this 'banThreshold'. + /// Structure is documented below. /// public readonly Outputs.SecurityPolicyRuleRateLimitOptionsBanThreshold? BanThreshold; /// - /// Action to take for requests that are under the configured rate limit threshold. Valid option is `allow` only. + /// Action to take for requests that are under the configured rate limit threshold. + /// Valid option is "allow" only. /// - public readonly string ConformAction; + public readonly string? ConformAction; /// - /// Determines the key to enforce the rate_limit_threshold on. If not specified, defaults to `ALL`. - /// - /// * `ALL`: A single rate limit threshold is applied to all the requests matching this rule. - /// * `IP`: The source IP address of the request is the key. Each IP has this limit enforced separately. - /// * `HTTP_HEADER`: The value of the HTTP header whose name is configured under `enforce_on_key_name`. The key value is truncated to the first 128 bytes of the header value. If no such header is present in the request, the key type defaults to `ALL`. - /// * `XFF_IP`: The first IP address (i.e. the originating client IP address) specified in the list of IPs under `X-Forwarded-For` HTTP header. If no such header is present or the value is not a valid IP, the key type defaults to `ALL`. - /// * `HTTP_COOKIE`: The value of the HTTP cookie whose name is configured under `enforce_on_key_name`. The key value is truncated to the first 128 bytes of the cookie value. If no such cookie is present in the request, the key type defaults to `ALL`. - /// * `HTTP_PATH`: The URL path of the HTTP request. The key value is truncated to the first 128 bytes - /// * `SNI`: Server name indication in the TLS session of the HTTPS request. The key value is truncated to the first 128 bytes. The key type defaults to `ALL` on a HTTP session. - /// * `REGION_CODE`: The country/region from which the request originates. + /// Determines the key to enforce the rateLimitThreshold on. Possible values are: + /// * ALL: A single rate limit threshold is applied to all the requests matching this rule. This is the default value if "enforceOnKey" is not configured. + /// * IP: The source IP address of the request is the key. Each IP has this limit enforced separately. + /// * HTTP_HEADER: The value of the HTTP header whose name is configured under "enforceOnKeyName". The key value is truncated to the first 128 bytes of the header value. If no such header is present in the request, the key type defaults to ALL. + /// * XFF_IP: The first IP address (i.e. the originating client IP address) specified in the list of IPs under X-Forwarded-For HTTP header. If no such header is present or the value is not a valid IP, the key defaults to the source IP address of the request i.e. key type IP. + /// * HTTP_COOKIE: The value of the HTTP cookie whose name is configured under "enforceOnKeyName". The key value is truncated to the first 128 bytes of the cookie value. If no such cookie is present in the request, the key type defaults to ALL. + /// * HTTP_PATH: The URL path of the HTTP request. The key value is truncated to the first 128 bytes. + /// * SNI: Server name indication in the TLS session of the HTTPS request. The key value is truncated to the first 128 bytes. The key type defaults to ALL on a HTTP session. + /// * REGION_CODE: The country/region from which the request originates. + /// * TLS_JA3_FINGERPRINT: JA3 TLS/SSL fingerprint if the client connects using HTTPS, HTTP/2 or HTTP/3. If not available, the key type defaults to ALL. + /// * USER_IP: The IP address of the originating client, which is resolved based on "userIpRequestHeaders" configured with the security policy. If there is no "userIpRequestHeaders" configuration or an IP address cannot be resolved from it, the key type defaults to IP. + /// Possible values are: `ALL`, `IP`, `HTTP_HEADER`, `XFF_IP`, `HTTP_COOKIE`, `HTTP_PATH`, `SNI`, `REGION_CODE`, `TLS_JA3_FINGERPRINT`, `USER_IP`. /// public readonly string? EnforceOnKey; /// - /// If specified, any combination of values of enforce_on_key_type/enforce_on_key_name is treated as the key on which rate limit threshold/action is enforced. You can specify up to 3 enforce_on_key_configs. If `enforce_on_key_configs` is specified, `enforce_on_key` must be set to an empty string. Structure is documented below. - /// - /// **Note:** To avoid the conflict between `enforce_on_key` and `enforce_on_key_configs`, the field `enforce_on_key` needs to be set to an empty string. + /// If specified, any combination of values of enforceOnKeyType/enforceOnKeyName is treated as the key on which ratelimit threshold/action is enforced. + /// You can specify up to 3 enforceOnKeyConfigs. + /// If enforceOnKeyConfigs is specified, enforceOnKey must not be specified. + /// Structure is documented below. /// public readonly ImmutableArray EnforceOnKeyConfigs; /// /// Rate limit key name applicable only for the following key types: - /// - /// * `HTTP_HEADER` -- Name of the HTTP header whose value is taken as the key value. - /// * `HTTP_COOKIE` -- Name of the HTTP cookie whose value is taken as the key value. + /// HTTP_HEADER -- Name of the HTTP header whose value is taken as the key value. + /// HTTP_COOKIE -- Name of the HTTP cookie whose value is taken as the key value. /// public readonly string? EnforceOnKeyName; /// - /// When a request is denied, returns the HTTP response code specified. - /// Valid options are `deny()` where valid values for status are 403, 404, 429, and 502. + /// Action to take for requests that are above the configured rate limit threshold, to either deny with a specified HTTP response code, or redirect to a different endpoint. + /// Valid options are deny(STATUS), where valid values for STATUS are 403, 404, 429, and 502. /// - public readonly string ExceedAction; + public readonly string? ExceedAction; /// - /// Parameters defining the redirect action that is used as the exceed action. Cannot be specified if the exceed action is not redirect. + /// Parameters defining the redirect action that is used as the exceed action. Cannot be specified if the exceed action is not redirect. This field is only supported in Global Security Policies of type CLOUD_ARMOR. + /// Structure is documented below. /// public readonly Outputs.SecurityPolicyRuleRateLimitOptionsExceedRedirectOptions? ExceedRedirectOptions; /// - /// Threshold at which to begin ratelimiting. Structure is documented below. + /// Threshold at which to begin ratelimiting. + /// Structure is documented below. /// - public readonly Outputs.SecurityPolicyRuleRateLimitOptionsRateLimitThreshold RateLimitThreshold; + public readonly Outputs.SecurityPolicyRuleRateLimitOptionsRateLimitThreshold? RateLimitThreshold; [OutputConstructor] private SecurityPolicyRuleRateLimitOptions( @@ -74,7 +79,7 @@ private SecurityPolicyRuleRateLimitOptions( Outputs.SecurityPolicyRuleRateLimitOptionsBanThreshold? banThreshold, - string conformAction, + string? conformAction, string? enforceOnKey, @@ -82,11 +87,11 @@ private SecurityPolicyRuleRateLimitOptions( string? enforceOnKeyName, - string exceedAction, + string? exceedAction, Outputs.SecurityPolicyRuleRateLimitOptionsExceedRedirectOptions? exceedRedirectOptions, - Outputs.SecurityPolicyRuleRateLimitOptionsRateLimitThreshold rateLimitThreshold) + Outputs.SecurityPolicyRuleRateLimitOptionsRateLimitThreshold? rateLimitThreshold) { BanDurationSec = banDurationSec; BanThreshold = banThreshold; diff --git a/sdk/dotnet/Compute/Outputs/SecurityPolicyRuleRateLimitOptionsBanThreshold.cs b/sdk/dotnet/Compute/Outputs/SecurityPolicyRuleRateLimitOptionsBanThreshold.cs index 24970535bd..3aa9705188 100644 --- a/sdk/dotnet/Compute/Outputs/SecurityPolicyRuleRateLimitOptionsBanThreshold.cs +++ b/sdk/dotnet/Compute/Outputs/SecurityPolicyRuleRateLimitOptionsBanThreshold.cs @@ -16,17 +16,17 @@ public sealed class SecurityPolicyRuleRateLimitOptionsBanThreshold /// /// Number of HTTP(S) requests for calculating the threshold. /// - public readonly int Count; + public readonly int? Count; /// /// Interval over which the threshold is computed. /// - public readonly int IntervalSec; + public readonly int? IntervalSec; [OutputConstructor] private SecurityPolicyRuleRateLimitOptionsBanThreshold( - int count, + int? count, - int intervalSec) + int? intervalSec) { Count = count; IntervalSec = intervalSec; diff --git a/sdk/dotnet/Compute/Outputs/SecurityPolicyRuleRateLimitOptionsEnforceOnKeyConfig.cs b/sdk/dotnet/Compute/Outputs/SecurityPolicyRuleRateLimitOptionsEnforceOnKeyConfig.cs index 9f2d151aae..66afe2c79c 100644 --- a/sdk/dotnet/Compute/Outputs/SecurityPolicyRuleRateLimitOptionsEnforceOnKeyConfig.cs +++ b/sdk/dotnet/Compute/Outputs/SecurityPolicyRuleRateLimitOptionsEnforceOnKeyConfig.cs @@ -15,22 +15,23 @@ public sealed class SecurityPolicyRuleRateLimitOptionsEnforceOnKeyConfig { /// /// Rate limit key name applicable only for the following key types: - /// - /// * `HTTP_HEADER` -- Name of the HTTP header whose value is taken as the key value. - /// * `HTTP_COOKIE` -- Name of the HTTP cookie whose value is taken as the key value. + /// HTTP_HEADER -- Name of the HTTP header whose value is taken as the key value. + /// HTTP_COOKIE -- Name of the HTTP cookie whose value is taken as the key value. /// public readonly string? EnforceOnKeyName; /// - /// Determines the key to enforce the `rate_limit_threshold` on. If not specified, defaults to `ALL`. - /// - /// * `ALL`: A single rate limit threshold is applied to all the requests matching this rule. - /// * `IP`: The source IP address of the request is the key. Each IP has this limit enforced separately. - /// * `HTTP_HEADER`: The value of the HTTP header whose name is configured on `enforce_on_key_name`. The key value is truncated to the first 128 bytes of the header value. If no such header is present in the request, the key type defaults to `ALL`. - /// * `XFF_IP`: The first IP address (i.e. the originating client IP address) specified in the list of IPs under X-Forwarded-For HTTP header. If no such header is present or the value is not a valid IP, the key type defaults to `ALL`. - /// * `HTTP_COOKIE`: The value of the HTTP cookie whose name is configured under `enforce_on_key_name`. The key value is truncated to the first 128 bytes of the cookie value. If no such cookie is present in the request, the key type defaults to `ALL`. - /// * `HTTP_PATH`: The URL path of the HTTP request. The key value is truncated to the first 128 bytes - /// * `SNI`: Server name indication in the TLS session of the HTTPS request. The key value is truncated to the first 128 bytes. The key type defaults to `ALL` on a HTTP session. - /// * `REGION_CODE`: The country/region from which the request originates. + /// Determines the key to enforce the rateLimitThreshold on. Possible values are: + /// * ALL: A single rate limit threshold is applied to all the requests matching this rule. This is the default value if "enforceOnKeyConfigs" is not configured. + /// * IP: The source IP address of the request is the key. Each IP has this limit enforced separately. + /// * HTTP_HEADER: The value of the HTTP header whose name is configured under "enforceOnKeyName". The key value is truncated to the first 128 bytes of the header value. If no such header is present in the request, the key type defaults to ALL. + /// * XFF_IP: The first IP address (i.e. the originating client IP address) specified in the list of IPs under X-Forwarded-For HTTP header. If no such header is present or the value is not a valid IP, the key defaults to the source IP address of the request i.e. key type IP. + /// * HTTP_COOKIE: The value of the HTTP cookie whose name is configured under "enforceOnKeyName". The key value is truncated to the first 128 bytes of the cookie value. If no such cookie is present in the request, the key type defaults to ALL. + /// * HTTP_PATH: The URL path of the HTTP request. The key value is truncated to the first 128 bytes. + /// * SNI: Server name indication in the TLS session of the HTTPS request. The key value is truncated to the first 128 bytes. The key type defaults to ALL on a HTTP session. + /// * REGION_CODE: The country/region from which the request originates. + /// * TLS_JA3_FINGERPRINT: JA3 TLS/SSL fingerprint if the client connects using HTTPS, HTTP/2 or HTTP/3. If not available, the key type defaults to ALL. + /// * USER_IP: The IP address of the originating client, which is resolved based on "userIpRequestHeaders" configured with the security policy. If there is no "userIpRequestHeaders" configuration or an IP address cannot be resolved from it, the key type defaults to IP. + /// Possible values are: `ALL`, `IP`, `HTTP_HEADER`, `XFF_IP`, `HTTP_COOKIE`, `HTTP_PATH`, `SNI`, `REGION_CODE`, `TLS_JA3_FINGERPRINT`, `USER_IP`. /// public readonly string? EnforceOnKeyType; diff --git a/sdk/dotnet/Compute/Outputs/SecurityPolicyRuleRateLimitOptionsExceedRedirectOptions.cs b/sdk/dotnet/Compute/Outputs/SecurityPolicyRuleRateLimitOptionsExceedRedirectOptions.cs index 7ebee4752a..9ccbf3c968 100644 --- a/sdk/dotnet/Compute/Outputs/SecurityPolicyRuleRateLimitOptionsExceedRedirectOptions.cs +++ b/sdk/dotnet/Compute/Outputs/SecurityPolicyRuleRateLimitOptionsExceedRedirectOptions.cs @@ -14,19 +14,19 @@ namespace Pulumi.Gcp.Compute.Outputs public sealed class SecurityPolicyRuleRateLimitOptionsExceedRedirectOptions { /// - /// Target for the redirect action. This is required if the type is `EXTERNAL_302` and cannot be specified for `GOOGLE_RECAPTCHA`. + /// Target for the redirect action. This is required if the type is EXTERNAL_302 and cannot be specified for GOOGLE_RECAPTCHA. /// public readonly string? Target; /// /// Type of the redirect action. /// - public readonly string Type; + public readonly string? Type; [OutputConstructor] private SecurityPolicyRuleRateLimitOptionsExceedRedirectOptions( string? target, - string type) + string? type) { Target = target; Type = type; diff --git a/sdk/dotnet/Compute/Outputs/SecurityPolicyRuleRateLimitOptionsRateLimitThreshold.cs b/sdk/dotnet/Compute/Outputs/SecurityPolicyRuleRateLimitOptionsRateLimitThreshold.cs index f665511060..4f2cfce891 100644 --- a/sdk/dotnet/Compute/Outputs/SecurityPolicyRuleRateLimitOptionsRateLimitThreshold.cs +++ b/sdk/dotnet/Compute/Outputs/SecurityPolicyRuleRateLimitOptionsRateLimitThreshold.cs @@ -16,17 +16,17 @@ public sealed class SecurityPolicyRuleRateLimitOptionsRateLimitThreshold /// /// Number of HTTP(S) requests for calculating the threshold. /// - public readonly int Count; + public readonly int? Count; /// /// Interval over which the threshold is computed. /// - public readonly int IntervalSec; + public readonly int? IntervalSec; [OutputConstructor] private SecurityPolicyRuleRateLimitOptionsRateLimitThreshold( - int count, + int? count, - int intervalSec) + int? intervalSec) { Count = count; IntervalSec = intervalSec; diff --git a/sdk/dotnet/Compute/RegionSslPolicy.cs b/sdk/dotnet/Compute/RegionSslPolicy.cs index 2acd573d71..0ddbf2aeb3 100644 --- a/sdk/dotnet/Compute/RegionSslPolicy.cs +++ b/sdk/dotnet/Compute/RegionSslPolicy.cs @@ -106,6 +106,9 @@ public partial class RegionSslPolicy : global::Pulumi.CustomResource /// first character must be a lowercase letter, and all following /// characters must be a dash, lowercase letter, or digit, except the last /// character, which cannot be a dash. + /// + /// + /// - - - /// [Output("name")] public Output Name { get; private set; } = null!; @@ -133,9 +136,6 @@ public partial class RegionSslPolicy : global::Pulumi.CustomResource /// /// The region where the regional SSL policy resides. - /// - /// - /// - - - /// [Output("region")] public Output Region { get; private set; } = null!; @@ -154,7 +154,7 @@ public partial class RegionSslPolicy : global::Pulumi.CustomResource /// The unique name of the resource /// The arguments used to populate this resource's properties /// A bag of options that control this resource's behavior - public RegionSslPolicy(string name, RegionSslPolicyArgs args, CustomResourceOptions? options = null) + public RegionSslPolicy(string name, RegionSslPolicyArgs? args = null, CustomResourceOptions? options = null) : base("gcp:compute/regionSslPolicy:RegionSslPolicy", name, args ?? new RegionSslPolicyArgs(), MakeResourceOptions(options, "")) { } @@ -233,6 +233,9 @@ public InputList CustomFeatures /// first character must be a lowercase letter, and all following /// characters must be a dash, lowercase letter, or digit, except the last /// character, which cannot be a dash. + /// + /// + /// - - - /// [Input("name")] public Input? Name { get; set; } @@ -260,12 +263,9 @@ public InputList CustomFeatures /// /// The region where the regional SSL policy resides. - /// - /// - /// - - - /// - [Input("region", required: true)] - public Input Region { get; set; } = null!; + [Input("region")] + public Input? Region { get; set; } public RegionSslPolicyArgs() { @@ -341,6 +341,9 @@ public InputList EnabledFeatures /// first character must be a lowercase letter, and all following /// characters must be a dash, lowercase letter, or digit, except the last /// character, which cannot be a dash. + /// + /// + /// - - - /// [Input("name")] public Input? Name { get; set; } @@ -368,9 +371,6 @@ public InputList EnabledFeatures /// /// The region where the regional SSL policy resides. - /// - /// - /// - - - /// [Input("region")] public Input? Region { get; set; } diff --git a/sdk/dotnet/Compute/SecurityPolicyRule.cs b/sdk/dotnet/Compute/SecurityPolicyRule.cs index 1b2d26e6eb..0e607d5ca1 100644 --- a/sdk/dotnet/Compute/SecurityPolicyRule.cs +++ b/sdk/dotnet/Compute/SecurityPolicyRule.cs @@ -264,6 +264,13 @@ public partial class SecurityPolicyRule : global::Pulumi.CustomResource [Output("project")] public Output Project { get; private set; } = null!; + /// + /// Must be specified if the action is "rate_based_ban" or "throttle". Cannot be specified for any other actions. + /// Structure is documented below. + /// + [Output("rateLimitOptions")] + public Output RateLimitOptions { get; private set; } = null!; + /// /// The name of the security policy this rule belongs to. /// @@ -373,6 +380,13 @@ public sealed class SecurityPolicyRuleArgs : global::Pulumi.ResourceArgs [Input("project")] public Input? Project { get; set; } + /// + /// Must be specified if the action is "rate_based_ban" or "throttle". Cannot be specified for any other actions. + /// Structure is documented below. + /// + [Input("rateLimitOptions")] + public Input? RateLimitOptions { get; set; } + /// /// The name of the security policy this rule belongs to. /// @@ -444,6 +458,13 @@ public sealed class SecurityPolicyRuleState : global::Pulumi.ResourceArgs [Input("project")] public Input? Project { get; set; } + /// + /// Must be specified if the action is "rate_based_ban" or "throttle". Cannot be specified for any other actions. + /// Structure is documented below. + /// + [Input("rateLimitOptions")] + public Input? RateLimitOptions { get; set; } + /// /// The name of the security policy this rule belongs to. /// diff --git a/sdk/dotnet/Container/Inputs/ClusterNodeConfigArgs.cs b/sdk/dotnet/Container/Inputs/ClusterNodeConfigArgs.cs index d75121a54e..f664c13c02 100644 --- a/sdk/dotnet/Container/Inputs/ClusterNodeConfigArgs.cs +++ b/sdk/dotnet/Container/Inputs/ClusterNodeConfigArgs.cs @@ -31,6 +31,12 @@ public sealed class ClusterNodeConfigArgs : global::Pulumi.ResourceArgs [Input("confidentialNodes")] public Input? ConfidentialNodes { get; set; } + /// + /// Parameters to customize containerd runtime. Structure is documented below. + /// + [Input("containerdConfig")] + public Input? ContainerdConfig { get; set; } + /// /// Size of the disk attached to each node, specified /// in GB. The smallest allowed disk size is 10GB. Defaults to 100GB. diff --git a/sdk/dotnet/Container/Inputs/ClusterNodeConfigContainerdConfigArgs.cs b/sdk/dotnet/Container/Inputs/ClusterNodeConfigContainerdConfigArgs.cs new file mode 100644 index 0000000000..e202dad5bc --- /dev/null +++ b/sdk/dotnet/Container/Inputs/ClusterNodeConfigContainerdConfigArgs.cs @@ -0,0 +1,26 @@ +// *** WARNING: this file was generated by the Pulumi Terraform Bridge (tfgen) Tool. *** +// *** Do not edit by hand unless you're certain you know what you are doing! *** + +using System; +using System.Collections.Generic; +using System.Collections.Immutable; +using System.Threading.Tasks; +using Pulumi.Serialization; + +namespace Pulumi.Gcp.Container.Inputs +{ + + public sealed class ClusterNodeConfigContainerdConfigArgs : global::Pulumi.ResourceArgs + { + /// + /// Configuration for private container registries. There are two fields in this config: + /// + [Input("privateRegistryAccessConfig")] + public Input? PrivateRegistryAccessConfig { get; set; } + + public ClusterNodeConfigContainerdConfigArgs() + { + } + public static new ClusterNodeConfigContainerdConfigArgs Empty => new ClusterNodeConfigContainerdConfigArgs(); + } +} diff --git a/sdk/dotnet/Container/Inputs/ClusterNodeConfigContainerdConfigGetArgs.cs b/sdk/dotnet/Container/Inputs/ClusterNodeConfigContainerdConfigGetArgs.cs new file mode 100644 index 0000000000..94ccfdc219 --- /dev/null +++ b/sdk/dotnet/Container/Inputs/ClusterNodeConfigContainerdConfigGetArgs.cs @@ -0,0 +1,26 @@ +// *** WARNING: this file was generated by the Pulumi Terraform Bridge (tfgen) Tool. *** +// *** Do not edit by hand unless you're certain you know what you are doing! *** + +using System; +using System.Collections.Generic; +using System.Collections.Immutable; +using System.Threading.Tasks; +using Pulumi.Serialization; + +namespace Pulumi.Gcp.Container.Inputs +{ + + public sealed class ClusterNodeConfigContainerdConfigGetArgs : global::Pulumi.ResourceArgs + { + /// + /// Configuration for private container registries. There are two fields in this config: + /// + [Input("privateRegistryAccessConfig")] + public Input? PrivateRegistryAccessConfig { get; set; } + + public ClusterNodeConfigContainerdConfigGetArgs() + { + } + public static new ClusterNodeConfigContainerdConfigGetArgs Empty => new ClusterNodeConfigContainerdConfigGetArgs(); + } +} diff --git a/sdk/dotnet/Container/Inputs/ClusterNodeConfigContainerdConfigPrivateRegistryAccessConfigArgs.cs b/sdk/dotnet/Container/Inputs/ClusterNodeConfigContainerdConfigPrivateRegistryAccessConfigArgs.cs new file mode 100644 index 0000000000..d54e8554ef --- /dev/null +++ b/sdk/dotnet/Container/Inputs/ClusterNodeConfigContainerdConfigPrivateRegistryAccessConfigArgs.cs @@ -0,0 +1,38 @@ +// *** WARNING: this file was generated by the Pulumi Terraform Bridge (tfgen) Tool. *** +// *** Do not edit by hand unless you're certain you know what you are doing! *** + +using System; +using System.Collections.Generic; +using System.Collections.Immutable; +using System.Threading.Tasks; +using Pulumi.Serialization; + +namespace Pulumi.Gcp.Container.Inputs +{ + + public sealed class ClusterNodeConfigContainerdConfigPrivateRegistryAccessConfigArgs : global::Pulumi.ResourceArgs + { + [Input("certificateAuthorityDomainConfigs")] + private InputList? _certificateAuthorityDomainConfigs; + + /// + /// List of configuration objects for CA and domains. Each object identifies a certificate and its assigned domains. See [how to configure for private container registries](https://cloud.google.com/kubernetes-engine/docs/how-to/access-private-registries-private-certificates) for more detail. Example: + /// + public InputList CertificateAuthorityDomainConfigs + { + get => _certificateAuthorityDomainConfigs ?? (_certificateAuthorityDomainConfigs = new InputList()); + set => _certificateAuthorityDomainConfigs = value; + } + + /// + /// Enables private registry config. If set to false, all other fields in this object must not be set. + /// + [Input("enabled", required: true)] + public Input Enabled { get; set; } = null!; + + public ClusterNodeConfigContainerdConfigPrivateRegistryAccessConfigArgs() + { + } + public static new ClusterNodeConfigContainerdConfigPrivateRegistryAccessConfigArgs Empty => new ClusterNodeConfigContainerdConfigPrivateRegistryAccessConfigArgs(); + } +} diff --git a/sdk/dotnet/Container/Inputs/ClusterNodeConfigContainerdConfigPrivateRegistryAccessConfigCertificateAuthorityDomainConfigArgs.cs b/sdk/dotnet/Container/Inputs/ClusterNodeConfigContainerdConfigPrivateRegistryAccessConfigCertificateAuthorityDomainConfigArgs.cs new file mode 100644 index 0000000000..8883639679 --- /dev/null +++ b/sdk/dotnet/Container/Inputs/ClusterNodeConfigContainerdConfigPrivateRegistryAccessConfigCertificateAuthorityDomainConfigArgs.cs @@ -0,0 +1,38 @@ +// *** WARNING: this file was generated by the Pulumi Terraform Bridge (tfgen) Tool. *** +// *** Do not edit by hand unless you're certain you know what you are doing! *** + +using System; +using System.Collections.Generic; +using System.Collections.Immutable; +using System.Threading.Tasks; +using Pulumi.Serialization; + +namespace Pulumi.Gcp.Container.Inputs +{ + + public sealed class ClusterNodeConfigContainerdConfigPrivateRegistryAccessConfigCertificateAuthorityDomainConfigArgs : global::Pulumi.ResourceArgs + { + [Input("fqdns", required: true)] + private InputList? _fqdns; + + /// + /// List of fully-qualified-domain-names. IPv4s and port specification are supported. + /// + public InputList Fqdns + { + get => _fqdns ?? (_fqdns = new InputList()); + set => _fqdns = value; + } + + /// + /// Parameters for configuring a certificate hosted in GCP SecretManager. + /// + [Input("gcpSecretManagerCertificateConfig", required: true)] + public Input GcpSecretManagerCertificateConfig { get; set; } = null!; + + public ClusterNodeConfigContainerdConfigPrivateRegistryAccessConfigCertificateAuthorityDomainConfigArgs() + { + } + public static new ClusterNodeConfigContainerdConfigPrivateRegistryAccessConfigCertificateAuthorityDomainConfigArgs Empty => new ClusterNodeConfigContainerdConfigPrivateRegistryAccessConfigCertificateAuthorityDomainConfigArgs(); + } +} diff --git a/sdk/dotnet/Container/Inputs/ClusterNodeConfigContainerdConfigPrivateRegistryAccessConfigCertificateAuthorityDomainConfigGcpSecretManagerCertificateConfigArgs.cs b/sdk/dotnet/Container/Inputs/ClusterNodeConfigContainerdConfigPrivateRegistryAccessConfigCertificateAuthorityDomainConfigGcpSecretManagerCertificateConfigArgs.cs new file mode 100644 index 0000000000..9ce8eda8d0 --- /dev/null +++ b/sdk/dotnet/Container/Inputs/ClusterNodeConfigContainerdConfigPrivateRegistryAccessConfigCertificateAuthorityDomainConfigGcpSecretManagerCertificateConfigArgs.cs @@ -0,0 +1,26 @@ +// *** WARNING: this file was generated by the Pulumi Terraform Bridge (tfgen) Tool. *** +// *** Do not edit by hand unless you're certain you know what you are doing! *** + +using System; +using System.Collections.Generic; +using System.Collections.Immutable; +using System.Threading.Tasks; +using Pulumi.Serialization; + +namespace Pulumi.Gcp.Container.Inputs +{ + + public sealed class ClusterNodeConfigContainerdConfigPrivateRegistryAccessConfigCertificateAuthorityDomainConfigGcpSecretManagerCertificateConfigArgs : global::Pulumi.ResourceArgs + { + /// + /// URI for the secret that hosts a certificate. Must be in the format 'projects/PROJECT_NUM/secrets/SECRET_NAME/versions/VERSION_OR_LATEST'. + /// + [Input("secretUri", required: true)] + public Input SecretUri { get; set; } = null!; + + public ClusterNodeConfigContainerdConfigPrivateRegistryAccessConfigCertificateAuthorityDomainConfigGcpSecretManagerCertificateConfigArgs() + { + } + public static new ClusterNodeConfigContainerdConfigPrivateRegistryAccessConfigCertificateAuthorityDomainConfigGcpSecretManagerCertificateConfigArgs Empty => new ClusterNodeConfigContainerdConfigPrivateRegistryAccessConfigCertificateAuthorityDomainConfigGcpSecretManagerCertificateConfigArgs(); + } +} diff --git a/sdk/dotnet/Container/Inputs/ClusterNodeConfigContainerdConfigPrivateRegistryAccessConfigCertificateAuthorityDomainConfigGcpSecretManagerCertificateConfigGetArgs.cs b/sdk/dotnet/Container/Inputs/ClusterNodeConfigContainerdConfigPrivateRegistryAccessConfigCertificateAuthorityDomainConfigGcpSecretManagerCertificateConfigGetArgs.cs new file mode 100644 index 0000000000..dcb6852348 --- /dev/null +++ b/sdk/dotnet/Container/Inputs/ClusterNodeConfigContainerdConfigPrivateRegistryAccessConfigCertificateAuthorityDomainConfigGcpSecretManagerCertificateConfigGetArgs.cs @@ -0,0 +1,26 @@ +// *** WARNING: this file was generated by the Pulumi Terraform Bridge (tfgen) Tool. *** +// *** Do not edit by hand unless you're certain you know what you are doing! *** + +using System; +using System.Collections.Generic; +using System.Collections.Immutable; +using System.Threading.Tasks; +using Pulumi.Serialization; + +namespace Pulumi.Gcp.Container.Inputs +{ + + public sealed class ClusterNodeConfigContainerdConfigPrivateRegistryAccessConfigCertificateAuthorityDomainConfigGcpSecretManagerCertificateConfigGetArgs : global::Pulumi.ResourceArgs + { + /// + /// URI for the secret that hosts a certificate. Must be in the format 'projects/PROJECT_NUM/secrets/SECRET_NAME/versions/VERSION_OR_LATEST'. + /// + [Input("secretUri", required: true)] + public Input SecretUri { get; set; } = null!; + + public ClusterNodeConfigContainerdConfigPrivateRegistryAccessConfigCertificateAuthorityDomainConfigGcpSecretManagerCertificateConfigGetArgs() + { + } + public static new ClusterNodeConfigContainerdConfigPrivateRegistryAccessConfigCertificateAuthorityDomainConfigGcpSecretManagerCertificateConfigGetArgs Empty => new ClusterNodeConfigContainerdConfigPrivateRegistryAccessConfigCertificateAuthorityDomainConfigGcpSecretManagerCertificateConfigGetArgs(); + } +} diff --git a/sdk/dotnet/Container/Inputs/ClusterNodeConfigContainerdConfigPrivateRegistryAccessConfigCertificateAuthorityDomainConfigGetArgs.cs b/sdk/dotnet/Container/Inputs/ClusterNodeConfigContainerdConfigPrivateRegistryAccessConfigCertificateAuthorityDomainConfigGetArgs.cs new file mode 100644 index 0000000000..f8c26245de --- /dev/null +++ b/sdk/dotnet/Container/Inputs/ClusterNodeConfigContainerdConfigPrivateRegistryAccessConfigCertificateAuthorityDomainConfigGetArgs.cs @@ -0,0 +1,38 @@ +// *** WARNING: this file was generated by the Pulumi Terraform Bridge (tfgen) Tool. *** +// *** Do not edit by hand unless you're certain you know what you are doing! *** + +using System; +using System.Collections.Generic; +using System.Collections.Immutable; +using System.Threading.Tasks; +using Pulumi.Serialization; + +namespace Pulumi.Gcp.Container.Inputs +{ + + public sealed class ClusterNodeConfigContainerdConfigPrivateRegistryAccessConfigCertificateAuthorityDomainConfigGetArgs : global::Pulumi.ResourceArgs + { + [Input("fqdns", required: true)] + private InputList? _fqdns; + + /// + /// List of fully-qualified-domain-names. IPv4s and port specification are supported. + /// + public InputList Fqdns + { + get => _fqdns ?? (_fqdns = new InputList()); + set => _fqdns = value; + } + + /// + /// Parameters for configuring a certificate hosted in GCP SecretManager. + /// + [Input("gcpSecretManagerCertificateConfig", required: true)] + public Input GcpSecretManagerCertificateConfig { get; set; } = null!; + + public ClusterNodeConfigContainerdConfigPrivateRegistryAccessConfigCertificateAuthorityDomainConfigGetArgs() + { + } + public static new ClusterNodeConfigContainerdConfigPrivateRegistryAccessConfigCertificateAuthorityDomainConfigGetArgs Empty => new ClusterNodeConfigContainerdConfigPrivateRegistryAccessConfigCertificateAuthorityDomainConfigGetArgs(); + } +} diff --git a/sdk/dotnet/Container/Inputs/ClusterNodeConfigContainerdConfigPrivateRegistryAccessConfigGetArgs.cs b/sdk/dotnet/Container/Inputs/ClusterNodeConfigContainerdConfigPrivateRegistryAccessConfigGetArgs.cs new file mode 100644 index 0000000000..487aa20692 --- /dev/null +++ b/sdk/dotnet/Container/Inputs/ClusterNodeConfigContainerdConfigPrivateRegistryAccessConfigGetArgs.cs @@ -0,0 +1,38 @@ +// *** WARNING: this file was generated by the Pulumi Terraform Bridge (tfgen) Tool. *** +// *** Do not edit by hand unless you're certain you know what you are doing! *** + +using System; +using System.Collections.Generic; +using System.Collections.Immutable; +using System.Threading.Tasks; +using Pulumi.Serialization; + +namespace Pulumi.Gcp.Container.Inputs +{ + + public sealed class ClusterNodeConfigContainerdConfigPrivateRegistryAccessConfigGetArgs : global::Pulumi.ResourceArgs + { + [Input("certificateAuthorityDomainConfigs")] + private InputList? _certificateAuthorityDomainConfigs; + + /// + /// List of configuration objects for CA and domains. Each object identifies a certificate and its assigned domains. See [how to configure for private container registries](https://cloud.google.com/kubernetes-engine/docs/how-to/access-private-registries-private-certificates) for more detail. Example: + /// + public InputList CertificateAuthorityDomainConfigs + { + get => _certificateAuthorityDomainConfigs ?? (_certificateAuthorityDomainConfigs = new InputList()); + set => _certificateAuthorityDomainConfigs = value; + } + + /// + /// Enables private registry config. If set to false, all other fields in this object must not be set. + /// + [Input("enabled", required: true)] + public Input Enabled { get; set; } = null!; + + public ClusterNodeConfigContainerdConfigPrivateRegistryAccessConfigGetArgs() + { + } + public static new ClusterNodeConfigContainerdConfigPrivateRegistryAccessConfigGetArgs Empty => new ClusterNodeConfigContainerdConfigPrivateRegistryAccessConfigGetArgs(); + } +} diff --git a/sdk/dotnet/Container/Inputs/ClusterNodeConfigGetArgs.cs b/sdk/dotnet/Container/Inputs/ClusterNodeConfigGetArgs.cs index 0b02b75aaf..d6e8abaf81 100644 --- a/sdk/dotnet/Container/Inputs/ClusterNodeConfigGetArgs.cs +++ b/sdk/dotnet/Container/Inputs/ClusterNodeConfigGetArgs.cs @@ -31,6 +31,12 @@ public sealed class ClusterNodeConfigGetArgs : global::Pulumi.ResourceArgs [Input("confidentialNodes")] public Input? ConfidentialNodes { get; set; } + /// + /// Parameters to customize containerd runtime. Structure is documented below. + /// + [Input("containerdConfig")] + public Input? ContainerdConfig { get; set; } + /// /// Size of the disk attached to each node, specified /// in GB. The smallest allowed disk size is 10GB. Defaults to 100GB. diff --git a/sdk/dotnet/Container/Inputs/ClusterNodePoolDefaultsNodeConfigDefaultsArgs.cs b/sdk/dotnet/Container/Inputs/ClusterNodePoolDefaultsNodeConfigDefaultsArgs.cs index 5a4cc709f3..62500408d5 100644 --- a/sdk/dotnet/Container/Inputs/ClusterNodePoolDefaultsNodeConfigDefaultsArgs.cs +++ b/sdk/dotnet/Container/Inputs/ClusterNodePoolDefaultsNodeConfigDefaultsArgs.cs @@ -12,6 +12,12 @@ namespace Pulumi.Gcp.Container.Inputs public sealed class ClusterNodePoolDefaultsNodeConfigDefaultsArgs : global::Pulumi.ResourceArgs { + /// + /// Parameters for containerd configuration. + /// + [Input("containerdConfig")] + public Input? ContainerdConfig { get; set; } + /// /// The default Google Container Filesystem (GCFS) configuration at the cluster level. e.g. enable [image streaming](https://cloud.google.com/kubernetes-engine/docs/how-to/image-streaming) across all the node pools within the cluster. Structure is documented below. /// diff --git a/sdk/dotnet/Container/Inputs/ClusterNodePoolDefaultsNodeConfigDefaultsContainerdConfigArgs.cs b/sdk/dotnet/Container/Inputs/ClusterNodePoolDefaultsNodeConfigDefaultsContainerdConfigArgs.cs new file mode 100644 index 0000000000..3a292d079e --- /dev/null +++ b/sdk/dotnet/Container/Inputs/ClusterNodePoolDefaultsNodeConfigDefaultsContainerdConfigArgs.cs @@ -0,0 +1,26 @@ +// *** WARNING: this file was generated by the Pulumi Terraform Bridge (tfgen) Tool. *** +// *** Do not edit by hand unless you're certain you know what you are doing! *** + +using System; +using System.Collections.Generic; +using System.Collections.Immutable; +using System.Threading.Tasks; +using Pulumi.Serialization; + +namespace Pulumi.Gcp.Container.Inputs +{ + + public sealed class ClusterNodePoolDefaultsNodeConfigDefaultsContainerdConfigArgs : global::Pulumi.ResourceArgs + { + /// + /// Configuration for private container registries. There are two fields in this config: + /// + [Input("privateRegistryAccessConfig")] + public Input? PrivateRegistryAccessConfig { get; set; } + + public ClusterNodePoolDefaultsNodeConfigDefaultsContainerdConfigArgs() + { + } + public static new ClusterNodePoolDefaultsNodeConfigDefaultsContainerdConfigArgs Empty => new ClusterNodePoolDefaultsNodeConfigDefaultsContainerdConfigArgs(); + } +} diff --git a/sdk/dotnet/Container/Inputs/ClusterNodePoolDefaultsNodeConfigDefaultsContainerdConfigGetArgs.cs b/sdk/dotnet/Container/Inputs/ClusterNodePoolDefaultsNodeConfigDefaultsContainerdConfigGetArgs.cs new file mode 100644 index 0000000000..b30a730b11 --- /dev/null +++ b/sdk/dotnet/Container/Inputs/ClusterNodePoolDefaultsNodeConfigDefaultsContainerdConfigGetArgs.cs @@ -0,0 +1,26 @@ +// *** WARNING: this file was generated by the Pulumi Terraform Bridge (tfgen) Tool. *** +// *** Do not edit by hand unless you're certain you know what you are doing! *** + +using System; +using System.Collections.Generic; +using System.Collections.Immutable; +using System.Threading.Tasks; +using Pulumi.Serialization; + +namespace Pulumi.Gcp.Container.Inputs +{ + + public sealed class ClusterNodePoolDefaultsNodeConfigDefaultsContainerdConfigGetArgs : global::Pulumi.ResourceArgs + { + /// + /// Configuration for private container registries. There are two fields in this config: + /// + [Input("privateRegistryAccessConfig")] + public Input? PrivateRegistryAccessConfig { get; set; } + + public ClusterNodePoolDefaultsNodeConfigDefaultsContainerdConfigGetArgs() + { + } + public static new ClusterNodePoolDefaultsNodeConfigDefaultsContainerdConfigGetArgs Empty => new ClusterNodePoolDefaultsNodeConfigDefaultsContainerdConfigGetArgs(); + } +} diff --git a/sdk/dotnet/Container/Inputs/ClusterNodePoolDefaultsNodeConfigDefaultsContainerdConfigPrivateRegistryAccessConfigArgs.cs b/sdk/dotnet/Container/Inputs/ClusterNodePoolDefaultsNodeConfigDefaultsContainerdConfigPrivateRegistryAccessConfigArgs.cs new file mode 100644 index 0000000000..09a591bf13 --- /dev/null +++ b/sdk/dotnet/Container/Inputs/ClusterNodePoolDefaultsNodeConfigDefaultsContainerdConfigPrivateRegistryAccessConfigArgs.cs @@ -0,0 +1,38 @@ +// *** WARNING: this file was generated by the Pulumi Terraform Bridge (tfgen) Tool. *** +// *** Do not edit by hand unless you're certain you know what you are doing! *** + +using System; +using System.Collections.Generic; +using System.Collections.Immutable; +using System.Threading.Tasks; +using Pulumi.Serialization; + +namespace Pulumi.Gcp.Container.Inputs +{ + + public sealed class ClusterNodePoolDefaultsNodeConfigDefaultsContainerdConfigPrivateRegistryAccessConfigArgs : global::Pulumi.ResourceArgs + { + [Input("certificateAuthorityDomainConfigs")] + private InputList? _certificateAuthorityDomainConfigs; + + /// + /// List of configuration objects for CA and domains. Each object identifies a certificate and its assigned domains. See [how to configure for private container registries](https://cloud.google.com/kubernetes-engine/docs/how-to/access-private-registries-private-certificates) for more detail. Example: + /// + public InputList CertificateAuthorityDomainConfigs + { + get => _certificateAuthorityDomainConfigs ?? (_certificateAuthorityDomainConfigs = new InputList()); + set => _certificateAuthorityDomainConfigs = value; + } + + /// + /// Enables private registry config. If set to false, all other fields in this object must not be set. + /// + [Input("enabled", required: true)] + public Input Enabled { get; set; } = null!; + + public ClusterNodePoolDefaultsNodeConfigDefaultsContainerdConfigPrivateRegistryAccessConfigArgs() + { + } + public static new ClusterNodePoolDefaultsNodeConfigDefaultsContainerdConfigPrivateRegistryAccessConfigArgs Empty => new ClusterNodePoolDefaultsNodeConfigDefaultsContainerdConfigPrivateRegistryAccessConfigArgs(); + } +} diff --git a/sdk/dotnet/Container/Inputs/ClusterNodePoolDefaultsNodeConfigDefaultsContainerdConfigPrivateRegistryAccessConfigCertificateAuthorityDomainConfigArgs.cs b/sdk/dotnet/Container/Inputs/ClusterNodePoolDefaultsNodeConfigDefaultsContainerdConfigPrivateRegistryAccessConfigCertificateAuthorityDomainConfigArgs.cs new file mode 100644 index 0000000000..0471b0dceb --- /dev/null +++ b/sdk/dotnet/Container/Inputs/ClusterNodePoolDefaultsNodeConfigDefaultsContainerdConfigPrivateRegistryAccessConfigCertificateAuthorityDomainConfigArgs.cs @@ -0,0 +1,38 @@ +// *** WARNING: this file was generated by the Pulumi Terraform Bridge (tfgen) Tool. *** +// *** Do not edit by hand unless you're certain you know what you are doing! *** + +using System; +using System.Collections.Generic; +using System.Collections.Immutable; +using System.Threading.Tasks; +using Pulumi.Serialization; + +namespace Pulumi.Gcp.Container.Inputs +{ + + public sealed class ClusterNodePoolDefaultsNodeConfigDefaultsContainerdConfigPrivateRegistryAccessConfigCertificateAuthorityDomainConfigArgs : global::Pulumi.ResourceArgs + { + [Input("fqdns", required: true)] + private InputList? _fqdns; + + /// + /// List of fully-qualified-domain-names. IPv4s and port specification are supported. + /// + public InputList Fqdns + { + get => _fqdns ?? (_fqdns = new InputList()); + set => _fqdns = value; + } + + /// + /// Parameters for configuring a certificate hosted in GCP SecretManager. + /// + [Input("gcpSecretManagerCertificateConfig", required: true)] + public Input GcpSecretManagerCertificateConfig { get; set; } = null!; + + public ClusterNodePoolDefaultsNodeConfigDefaultsContainerdConfigPrivateRegistryAccessConfigCertificateAuthorityDomainConfigArgs() + { + } + public static new ClusterNodePoolDefaultsNodeConfigDefaultsContainerdConfigPrivateRegistryAccessConfigCertificateAuthorityDomainConfigArgs Empty => new ClusterNodePoolDefaultsNodeConfigDefaultsContainerdConfigPrivateRegistryAccessConfigCertificateAuthorityDomainConfigArgs(); + } +} diff --git a/sdk/dotnet/Container/Inputs/ClusterNodePoolDefaultsNodeConfigDefaultsContainerdConfigPrivateRegistryAccessConfigCertificateAuthorityDomainConfigGcpSecretManagerCertificateConfigArgs.cs b/sdk/dotnet/Container/Inputs/ClusterNodePoolDefaultsNodeConfigDefaultsContainerdConfigPrivateRegistryAccessConfigCertificateAuthorityDomainConfigGcpSecretManagerCertificateConfigArgs.cs new file mode 100644 index 0000000000..91362d09cf --- /dev/null +++ b/sdk/dotnet/Container/Inputs/ClusterNodePoolDefaultsNodeConfigDefaultsContainerdConfigPrivateRegistryAccessConfigCertificateAuthorityDomainConfigGcpSecretManagerCertificateConfigArgs.cs @@ -0,0 +1,26 @@ +// *** WARNING: this file was generated by the Pulumi Terraform Bridge (tfgen) Tool. *** +// *** Do not edit by hand unless you're certain you know what you are doing! *** + +using System; +using System.Collections.Generic; +using System.Collections.Immutable; +using System.Threading.Tasks; +using Pulumi.Serialization; + +namespace Pulumi.Gcp.Container.Inputs +{ + + public sealed class ClusterNodePoolDefaultsNodeConfigDefaultsContainerdConfigPrivateRegistryAccessConfigCertificateAuthorityDomainConfigGcpSecretManagerCertificateConfigArgs : global::Pulumi.ResourceArgs + { + /// + /// URI for the secret that hosts a certificate. Must be in the format 'projects/PROJECT_NUM/secrets/SECRET_NAME/versions/VERSION_OR_LATEST'. + /// + [Input("secretUri", required: true)] + public Input SecretUri { get; set; } = null!; + + public ClusterNodePoolDefaultsNodeConfigDefaultsContainerdConfigPrivateRegistryAccessConfigCertificateAuthorityDomainConfigGcpSecretManagerCertificateConfigArgs() + { + } + public static new ClusterNodePoolDefaultsNodeConfigDefaultsContainerdConfigPrivateRegistryAccessConfigCertificateAuthorityDomainConfigGcpSecretManagerCertificateConfigArgs Empty => new ClusterNodePoolDefaultsNodeConfigDefaultsContainerdConfigPrivateRegistryAccessConfigCertificateAuthorityDomainConfigGcpSecretManagerCertificateConfigArgs(); + } +} diff --git a/sdk/dotnet/Container/Inputs/ClusterNodePoolDefaultsNodeConfigDefaultsContainerdConfigPrivateRegistryAccessConfigCertificateAuthorityDomainConfigGcpSecretManagerCertificateConfigGetArgs.cs b/sdk/dotnet/Container/Inputs/ClusterNodePoolDefaultsNodeConfigDefaultsContainerdConfigPrivateRegistryAccessConfigCertificateAuthorityDomainConfigGcpSecretManagerCertificateConfigGetArgs.cs new file mode 100644 index 0000000000..c03fd3a0aa --- /dev/null +++ b/sdk/dotnet/Container/Inputs/ClusterNodePoolDefaultsNodeConfigDefaultsContainerdConfigPrivateRegistryAccessConfigCertificateAuthorityDomainConfigGcpSecretManagerCertificateConfigGetArgs.cs @@ -0,0 +1,26 @@ +// *** WARNING: this file was generated by the Pulumi Terraform Bridge (tfgen) Tool. *** +// *** Do not edit by hand unless you're certain you know what you are doing! *** + +using System; +using System.Collections.Generic; +using System.Collections.Immutable; +using System.Threading.Tasks; +using Pulumi.Serialization; + +namespace Pulumi.Gcp.Container.Inputs +{ + + public sealed class ClusterNodePoolDefaultsNodeConfigDefaultsContainerdConfigPrivateRegistryAccessConfigCertificateAuthorityDomainConfigGcpSecretManagerCertificateConfigGetArgs : global::Pulumi.ResourceArgs + { + /// + /// URI for the secret that hosts a certificate. Must be in the format 'projects/PROJECT_NUM/secrets/SECRET_NAME/versions/VERSION_OR_LATEST'. + /// + [Input("secretUri", required: true)] + public Input SecretUri { get; set; } = null!; + + public ClusterNodePoolDefaultsNodeConfigDefaultsContainerdConfigPrivateRegistryAccessConfigCertificateAuthorityDomainConfigGcpSecretManagerCertificateConfigGetArgs() + { + } + public static new ClusterNodePoolDefaultsNodeConfigDefaultsContainerdConfigPrivateRegistryAccessConfigCertificateAuthorityDomainConfigGcpSecretManagerCertificateConfigGetArgs Empty => new ClusterNodePoolDefaultsNodeConfigDefaultsContainerdConfigPrivateRegistryAccessConfigCertificateAuthorityDomainConfigGcpSecretManagerCertificateConfigGetArgs(); + } +} diff --git a/sdk/dotnet/Container/Inputs/ClusterNodePoolDefaultsNodeConfigDefaultsContainerdConfigPrivateRegistryAccessConfigCertificateAuthorityDomainConfigGetArgs.cs b/sdk/dotnet/Container/Inputs/ClusterNodePoolDefaultsNodeConfigDefaultsContainerdConfigPrivateRegistryAccessConfigCertificateAuthorityDomainConfigGetArgs.cs new file mode 100644 index 0000000000..b14901ee48 --- /dev/null +++ b/sdk/dotnet/Container/Inputs/ClusterNodePoolDefaultsNodeConfigDefaultsContainerdConfigPrivateRegistryAccessConfigCertificateAuthorityDomainConfigGetArgs.cs @@ -0,0 +1,38 @@ +// *** WARNING: this file was generated by the Pulumi Terraform Bridge (tfgen) Tool. *** +// *** Do not edit by hand unless you're certain you know what you are doing! *** + +using System; +using System.Collections.Generic; +using System.Collections.Immutable; +using System.Threading.Tasks; +using Pulumi.Serialization; + +namespace Pulumi.Gcp.Container.Inputs +{ + + public sealed class ClusterNodePoolDefaultsNodeConfigDefaultsContainerdConfigPrivateRegistryAccessConfigCertificateAuthorityDomainConfigGetArgs : global::Pulumi.ResourceArgs + { + [Input("fqdns", required: true)] + private InputList? _fqdns; + + /// + /// List of fully-qualified-domain-names. IPv4s and port specification are supported. + /// + public InputList Fqdns + { + get => _fqdns ?? (_fqdns = new InputList()); + set => _fqdns = value; + } + + /// + /// Parameters for configuring a certificate hosted in GCP SecretManager. + /// + [Input("gcpSecretManagerCertificateConfig", required: true)] + public Input GcpSecretManagerCertificateConfig { get; set; } = null!; + + public ClusterNodePoolDefaultsNodeConfigDefaultsContainerdConfigPrivateRegistryAccessConfigCertificateAuthorityDomainConfigGetArgs() + { + } + public static new ClusterNodePoolDefaultsNodeConfigDefaultsContainerdConfigPrivateRegistryAccessConfigCertificateAuthorityDomainConfigGetArgs Empty => new ClusterNodePoolDefaultsNodeConfigDefaultsContainerdConfigPrivateRegistryAccessConfigCertificateAuthorityDomainConfigGetArgs(); + } +} diff --git a/sdk/dotnet/Container/Inputs/ClusterNodePoolDefaultsNodeConfigDefaultsContainerdConfigPrivateRegistryAccessConfigGetArgs.cs b/sdk/dotnet/Container/Inputs/ClusterNodePoolDefaultsNodeConfigDefaultsContainerdConfigPrivateRegistryAccessConfigGetArgs.cs new file mode 100644 index 0000000000..b807e42d16 --- /dev/null +++ b/sdk/dotnet/Container/Inputs/ClusterNodePoolDefaultsNodeConfigDefaultsContainerdConfigPrivateRegistryAccessConfigGetArgs.cs @@ -0,0 +1,38 @@ +// *** WARNING: this file was generated by the Pulumi Terraform Bridge (tfgen) Tool. *** +// *** Do not edit by hand unless you're certain you know what you are doing! *** + +using System; +using System.Collections.Generic; +using System.Collections.Immutable; +using System.Threading.Tasks; +using Pulumi.Serialization; + +namespace Pulumi.Gcp.Container.Inputs +{ + + public sealed class ClusterNodePoolDefaultsNodeConfigDefaultsContainerdConfigPrivateRegistryAccessConfigGetArgs : global::Pulumi.ResourceArgs + { + [Input("certificateAuthorityDomainConfigs")] + private InputList? _certificateAuthorityDomainConfigs; + + /// + /// List of configuration objects for CA and domains. Each object identifies a certificate and its assigned domains. See [how to configure for private container registries](https://cloud.google.com/kubernetes-engine/docs/how-to/access-private-registries-private-certificates) for more detail. Example: + /// + public InputList CertificateAuthorityDomainConfigs + { + get => _certificateAuthorityDomainConfigs ?? (_certificateAuthorityDomainConfigs = new InputList()); + set => _certificateAuthorityDomainConfigs = value; + } + + /// + /// Enables private registry config. If set to false, all other fields in this object must not be set. + /// + [Input("enabled", required: true)] + public Input Enabled { get; set; } = null!; + + public ClusterNodePoolDefaultsNodeConfigDefaultsContainerdConfigPrivateRegistryAccessConfigGetArgs() + { + } + public static new ClusterNodePoolDefaultsNodeConfigDefaultsContainerdConfigPrivateRegistryAccessConfigGetArgs Empty => new ClusterNodePoolDefaultsNodeConfigDefaultsContainerdConfigPrivateRegistryAccessConfigGetArgs(); + } +} diff --git a/sdk/dotnet/Container/Inputs/ClusterNodePoolDefaultsNodeConfigDefaultsGetArgs.cs b/sdk/dotnet/Container/Inputs/ClusterNodePoolDefaultsNodeConfigDefaultsGetArgs.cs index 5b5fd4e05b..410cdf06f7 100644 --- a/sdk/dotnet/Container/Inputs/ClusterNodePoolDefaultsNodeConfigDefaultsGetArgs.cs +++ b/sdk/dotnet/Container/Inputs/ClusterNodePoolDefaultsNodeConfigDefaultsGetArgs.cs @@ -12,6 +12,12 @@ namespace Pulumi.Gcp.Container.Inputs public sealed class ClusterNodePoolDefaultsNodeConfigDefaultsGetArgs : global::Pulumi.ResourceArgs { + /// + /// Parameters for containerd configuration. + /// + [Input("containerdConfig")] + public Input? ContainerdConfig { get; set; } + /// /// The default Google Container Filesystem (GCFS) configuration at the cluster level. e.g. enable [image streaming](https://cloud.google.com/kubernetes-engine/docs/how-to/image-streaming) across all the node pools within the cluster. Structure is documented below. /// diff --git a/sdk/dotnet/Container/Inputs/ClusterNodePoolNodeConfigArgs.cs b/sdk/dotnet/Container/Inputs/ClusterNodePoolNodeConfigArgs.cs index df4660905b..e70648fed4 100644 --- a/sdk/dotnet/Container/Inputs/ClusterNodePoolNodeConfigArgs.cs +++ b/sdk/dotnet/Container/Inputs/ClusterNodePoolNodeConfigArgs.cs @@ -31,6 +31,12 @@ public sealed class ClusterNodePoolNodeConfigArgs : global::Pulumi.ResourceArgs [Input("confidentialNodes")] public Input? ConfidentialNodes { get; set; } + /// + /// Parameters to customize containerd runtime. Structure is documented below. + /// + [Input("containerdConfig")] + public Input? ContainerdConfig { get; set; } + /// /// Size of the disk attached to each node, specified /// in GB. The smallest allowed disk size is 10GB. Defaults to 100GB. diff --git a/sdk/dotnet/Container/Inputs/ClusterNodePoolNodeConfigContainerdConfigArgs.cs b/sdk/dotnet/Container/Inputs/ClusterNodePoolNodeConfigContainerdConfigArgs.cs new file mode 100644 index 0000000000..cad7abc8e3 --- /dev/null +++ b/sdk/dotnet/Container/Inputs/ClusterNodePoolNodeConfigContainerdConfigArgs.cs @@ -0,0 +1,26 @@ +// *** WARNING: this file was generated by the Pulumi Terraform Bridge (tfgen) Tool. *** +// *** Do not edit by hand unless you're certain you know what you are doing! *** + +using System; +using System.Collections.Generic; +using System.Collections.Immutable; +using System.Threading.Tasks; +using Pulumi.Serialization; + +namespace Pulumi.Gcp.Container.Inputs +{ + + public sealed class ClusterNodePoolNodeConfigContainerdConfigArgs : global::Pulumi.ResourceArgs + { + /// + /// Configuration for private container registries. There are two fields in this config: + /// + [Input("privateRegistryAccessConfig")] + public Input? PrivateRegistryAccessConfig { get; set; } + + public ClusterNodePoolNodeConfigContainerdConfigArgs() + { + } + public static new ClusterNodePoolNodeConfigContainerdConfigArgs Empty => new ClusterNodePoolNodeConfigContainerdConfigArgs(); + } +} diff --git a/sdk/dotnet/Container/Inputs/ClusterNodePoolNodeConfigContainerdConfigGetArgs.cs b/sdk/dotnet/Container/Inputs/ClusterNodePoolNodeConfigContainerdConfigGetArgs.cs new file mode 100644 index 0000000000..162bde5a6d --- /dev/null +++ b/sdk/dotnet/Container/Inputs/ClusterNodePoolNodeConfigContainerdConfigGetArgs.cs @@ -0,0 +1,26 @@ +// *** WARNING: this file was generated by the Pulumi Terraform Bridge (tfgen) Tool. *** +// *** Do not edit by hand unless you're certain you know what you are doing! *** + +using System; +using System.Collections.Generic; +using System.Collections.Immutable; +using System.Threading.Tasks; +using Pulumi.Serialization; + +namespace Pulumi.Gcp.Container.Inputs +{ + + public sealed class ClusterNodePoolNodeConfigContainerdConfigGetArgs : global::Pulumi.ResourceArgs + { + /// + /// Configuration for private container registries. There are two fields in this config: + /// + [Input("privateRegistryAccessConfig")] + public Input? PrivateRegistryAccessConfig { get; set; } + + public ClusterNodePoolNodeConfigContainerdConfigGetArgs() + { + } + public static new ClusterNodePoolNodeConfigContainerdConfigGetArgs Empty => new ClusterNodePoolNodeConfigContainerdConfigGetArgs(); + } +} diff --git a/sdk/dotnet/Container/Inputs/ClusterNodePoolNodeConfigContainerdConfigPrivateRegistryAccessConfigArgs.cs b/sdk/dotnet/Container/Inputs/ClusterNodePoolNodeConfigContainerdConfigPrivateRegistryAccessConfigArgs.cs new file mode 100644 index 0000000000..f79efdb992 --- /dev/null +++ b/sdk/dotnet/Container/Inputs/ClusterNodePoolNodeConfigContainerdConfigPrivateRegistryAccessConfigArgs.cs @@ -0,0 +1,38 @@ +// *** WARNING: this file was generated by the Pulumi Terraform Bridge (tfgen) Tool. *** +// *** Do not edit by hand unless you're certain you know what you are doing! *** + +using System; +using System.Collections.Generic; +using System.Collections.Immutable; +using System.Threading.Tasks; +using Pulumi.Serialization; + +namespace Pulumi.Gcp.Container.Inputs +{ + + public sealed class ClusterNodePoolNodeConfigContainerdConfigPrivateRegistryAccessConfigArgs : global::Pulumi.ResourceArgs + { + [Input("certificateAuthorityDomainConfigs")] + private InputList? _certificateAuthorityDomainConfigs; + + /// + /// List of configuration objects for CA and domains. Each object identifies a certificate and its assigned domains. See [how to configure for private container registries](https://cloud.google.com/kubernetes-engine/docs/how-to/access-private-registries-private-certificates) for more detail. Example: + /// + public InputList CertificateAuthorityDomainConfigs + { + get => _certificateAuthorityDomainConfigs ?? (_certificateAuthorityDomainConfigs = new InputList()); + set => _certificateAuthorityDomainConfigs = value; + } + + /// + /// Enables private registry config. If set to false, all other fields in this object must not be set. + /// + [Input("enabled", required: true)] + public Input Enabled { get; set; } = null!; + + public ClusterNodePoolNodeConfigContainerdConfigPrivateRegistryAccessConfigArgs() + { + } + public static new ClusterNodePoolNodeConfigContainerdConfigPrivateRegistryAccessConfigArgs Empty => new ClusterNodePoolNodeConfigContainerdConfigPrivateRegistryAccessConfigArgs(); + } +} diff --git a/sdk/dotnet/Container/Inputs/ClusterNodePoolNodeConfigContainerdConfigPrivateRegistryAccessConfigCertificateAuthorityDomainConfigArgs.cs b/sdk/dotnet/Container/Inputs/ClusterNodePoolNodeConfigContainerdConfigPrivateRegistryAccessConfigCertificateAuthorityDomainConfigArgs.cs new file mode 100644 index 0000000000..10d4149e9e --- /dev/null +++ b/sdk/dotnet/Container/Inputs/ClusterNodePoolNodeConfigContainerdConfigPrivateRegistryAccessConfigCertificateAuthorityDomainConfigArgs.cs @@ -0,0 +1,38 @@ +// *** WARNING: this file was generated by the Pulumi Terraform Bridge (tfgen) Tool. *** +// *** Do not edit by hand unless you're certain you know what you are doing! *** + +using System; +using System.Collections.Generic; +using System.Collections.Immutable; +using System.Threading.Tasks; +using Pulumi.Serialization; + +namespace Pulumi.Gcp.Container.Inputs +{ + + public sealed class ClusterNodePoolNodeConfigContainerdConfigPrivateRegistryAccessConfigCertificateAuthorityDomainConfigArgs : global::Pulumi.ResourceArgs + { + [Input("fqdns", required: true)] + private InputList? _fqdns; + + /// + /// List of fully-qualified-domain-names. IPv4s and port specification are supported. + /// + public InputList Fqdns + { + get => _fqdns ?? (_fqdns = new InputList()); + set => _fqdns = value; + } + + /// + /// Parameters for configuring a certificate hosted in GCP SecretManager. + /// + [Input("gcpSecretManagerCertificateConfig", required: true)] + public Input GcpSecretManagerCertificateConfig { get; set; } = null!; + + public ClusterNodePoolNodeConfigContainerdConfigPrivateRegistryAccessConfigCertificateAuthorityDomainConfigArgs() + { + } + public static new ClusterNodePoolNodeConfigContainerdConfigPrivateRegistryAccessConfigCertificateAuthorityDomainConfigArgs Empty => new ClusterNodePoolNodeConfigContainerdConfigPrivateRegistryAccessConfigCertificateAuthorityDomainConfigArgs(); + } +} diff --git a/sdk/dotnet/Container/Inputs/ClusterNodePoolNodeConfigContainerdConfigPrivateRegistryAccessConfigCertificateAuthorityDomainConfigGcpSecretManagerCertificateConfigArgs.cs b/sdk/dotnet/Container/Inputs/ClusterNodePoolNodeConfigContainerdConfigPrivateRegistryAccessConfigCertificateAuthorityDomainConfigGcpSecretManagerCertificateConfigArgs.cs new file mode 100644 index 0000000000..910b0aead4 --- /dev/null +++ b/sdk/dotnet/Container/Inputs/ClusterNodePoolNodeConfigContainerdConfigPrivateRegistryAccessConfigCertificateAuthorityDomainConfigGcpSecretManagerCertificateConfigArgs.cs @@ -0,0 +1,26 @@ +// *** WARNING: this file was generated by the Pulumi Terraform Bridge (tfgen) Tool. *** +// *** Do not edit by hand unless you're certain you know what you are doing! *** + +using System; +using System.Collections.Generic; +using System.Collections.Immutable; +using System.Threading.Tasks; +using Pulumi.Serialization; + +namespace Pulumi.Gcp.Container.Inputs +{ + + public sealed class ClusterNodePoolNodeConfigContainerdConfigPrivateRegistryAccessConfigCertificateAuthorityDomainConfigGcpSecretManagerCertificateConfigArgs : global::Pulumi.ResourceArgs + { + /// + /// URI for the secret that hosts a certificate. Must be in the format 'projects/PROJECT_NUM/secrets/SECRET_NAME/versions/VERSION_OR_LATEST'. + /// + [Input("secretUri", required: true)] + public Input SecretUri { get; set; } = null!; + + public ClusterNodePoolNodeConfigContainerdConfigPrivateRegistryAccessConfigCertificateAuthorityDomainConfigGcpSecretManagerCertificateConfigArgs() + { + } + public static new ClusterNodePoolNodeConfigContainerdConfigPrivateRegistryAccessConfigCertificateAuthorityDomainConfigGcpSecretManagerCertificateConfigArgs Empty => new ClusterNodePoolNodeConfigContainerdConfigPrivateRegistryAccessConfigCertificateAuthorityDomainConfigGcpSecretManagerCertificateConfigArgs(); + } +} diff --git a/sdk/dotnet/Container/Inputs/ClusterNodePoolNodeConfigContainerdConfigPrivateRegistryAccessConfigCertificateAuthorityDomainConfigGcpSecretManagerCertificateConfigGetArgs.cs b/sdk/dotnet/Container/Inputs/ClusterNodePoolNodeConfigContainerdConfigPrivateRegistryAccessConfigCertificateAuthorityDomainConfigGcpSecretManagerCertificateConfigGetArgs.cs new file mode 100644 index 0000000000..03d4a63c52 --- /dev/null +++ b/sdk/dotnet/Container/Inputs/ClusterNodePoolNodeConfigContainerdConfigPrivateRegistryAccessConfigCertificateAuthorityDomainConfigGcpSecretManagerCertificateConfigGetArgs.cs @@ -0,0 +1,26 @@ +// *** WARNING: this file was generated by the Pulumi Terraform Bridge (tfgen) Tool. *** +// *** Do not edit by hand unless you're certain you know what you are doing! *** + +using System; +using System.Collections.Generic; +using System.Collections.Immutable; +using System.Threading.Tasks; +using Pulumi.Serialization; + +namespace Pulumi.Gcp.Container.Inputs +{ + + public sealed class ClusterNodePoolNodeConfigContainerdConfigPrivateRegistryAccessConfigCertificateAuthorityDomainConfigGcpSecretManagerCertificateConfigGetArgs : global::Pulumi.ResourceArgs + { + /// + /// URI for the secret that hosts a certificate. Must be in the format 'projects/PROJECT_NUM/secrets/SECRET_NAME/versions/VERSION_OR_LATEST'. + /// + [Input("secretUri", required: true)] + public Input SecretUri { get; set; } = null!; + + public ClusterNodePoolNodeConfigContainerdConfigPrivateRegistryAccessConfigCertificateAuthorityDomainConfigGcpSecretManagerCertificateConfigGetArgs() + { + } + public static new ClusterNodePoolNodeConfigContainerdConfigPrivateRegistryAccessConfigCertificateAuthorityDomainConfigGcpSecretManagerCertificateConfigGetArgs Empty => new ClusterNodePoolNodeConfigContainerdConfigPrivateRegistryAccessConfigCertificateAuthorityDomainConfigGcpSecretManagerCertificateConfigGetArgs(); + } +} diff --git a/sdk/dotnet/Container/Inputs/ClusterNodePoolNodeConfigContainerdConfigPrivateRegistryAccessConfigCertificateAuthorityDomainConfigGetArgs.cs b/sdk/dotnet/Container/Inputs/ClusterNodePoolNodeConfigContainerdConfigPrivateRegistryAccessConfigCertificateAuthorityDomainConfigGetArgs.cs new file mode 100644 index 0000000000..3d4411910c --- /dev/null +++ b/sdk/dotnet/Container/Inputs/ClusterNodePoolNodeConfigContainerdConfigPrivateRegistryAccessConfigCertificateAuthorityDomainConfigGetArgs.cs @@ -0,0 +1,38 @@ +// *** WARNING: this file was generated by the Pulumi Terraform Bridge (tfgen) Tool. *** +// *** Do not edit by hand unless you're certain you know what you are doing! *** + +using System; +using System.Collections.Generic; +using System.Collections.Immutable; +using System.Threading.Tasks; +using Pulumi.Serialization; + +namespace Pulumi.Gcp.Container.Inputs +{ + + public sealed class ClusterNodePoolNodeConfigContainerdConfigPrivateRegistryAccessConfigCertificateAuthorityDomainConfigGetArgs : global::Pulumi.ResourceArgs + { + [Input("fqdns", required: true)] + private InputList? _fqdns; + + /// + /// List of fully-qualified-domain-names. IPv4s and port specification are supported. + /// + public InputList Fqdns + { + get => _fqdns ?? (_fqdns = new InputList()); + set => _fqdns = value; + } + + /// + /// Parameters for configuring a certificate hosted in GCP SecretManager. + /// + [Input("gcpSecretManagerCertificateConfig", required: true)] + public Input GcpSecretManagerCertificateConfig { get; set; } = null!; + + public ClusterNodePoolNodeConfigContainerdConfigPrivateRegistryAccessConfigCertificateAuthorityDomainConfigGetArgs() + { + } + public static new ClusterNodePoolNodeConfigContainerdConfigPrivateRegistryAccessConfigCertificateAuthorityDomainConfigGetArgs Empty => new ClusterNodePoolNodeConfigContainerdConfigPrivateRegistryAccessConfigCertificateAuthorityDomainConfigGetArgs(); + } +} diff --git a/sdk/dotnet/Container/Inputs/ClusterNodePoolNodeConfigContainerdConfigPrivateRegistryAccessConfigGetArgs.cs b/sdk/dotnet/Container/Inputs/ClusterNodePoolNodeConfigContainerdConfigPrivateRegistryAccessConfigGetArgs.cs new file mode 100644 index 0000000000..01aae408ba --- /dev/null +++ b/sdk/dotnet/Container/Inputs/ClusterNodePoolNodeConfigContainerdConfigPrivateRegistryAccessConfigGetArgs.cs @@ -0,0 +1,38 @@ +// *** WARNING: this file was generated by the Pulumi Terraform Bridge (tfgen) Tool. *** +// *** Do not edit by hand unless you're certain you know what you are doing! *** + +using System; +using System.Collections.Generic; +using System.Collections.Immutable; +using System.Threading.Tasks; +using Pulumi.Serialization; + +namespace Pulumi.Gcp.Container.Inputs +{ + + public sealed class ClusterNodePoolNodeConfigContainerdConfigPrivateRegistryAccessConfigGetArgs : global::Pulumi.ResourceArgs + { + [Input("certificateAuthorityDomainConfigs")] + private InputList? _certificateAuthorityDomainConfigs; + + /// + /// List of configuration objects for CA and domains. Each object identifies a certificate and its assigned domains. See [how to configure for private container registries](https://cloud.google.com/kubernetes-engine/docs/how-to/access-private-registries-private-certificates) for more detail. Example: + /// + public InputList CertificateAuthorityDomainConfigs + { + get => _certificateAuthorityDomainConfigs ?? (_certificateAuthorityDomainConfigs = new InputList()); + set => _certificateAuthorityDomainConfigs = value; + } + + /// + /// Enables private registry config. If set to false, all other fields in this object must not be set. + /// + [Input("enabled", required: true)] + public Input Enabled { get; set; } = null!; + + public ClusterNodePoolNodeConfigContainerdConfigPrivateRegistryAccessConfigGetArgs() + { + } + public static new ClusterNodePoolNodeConfigContainerdConfigPrivateRegistryAccessConfigGetArgs Empty => new ClusterNodePoolNodeConfigContainerdConfigPrivateRegistryAccessConfigGetArgs(); + } +} diff --git a/sdk/dotnet/Container/Inputs/ClusterNodePoolNodeConfigGetArgs.cs b/sdk/dotnet/Container/Inputs/ClusterNodePoolNodeConfigGetArgs.cs index 1752ff027a..9247589b2f 100644 --- a/sdk/dotnet/Container/Inputs/ClusterNodePoolNodeConfigGetArgs.cs +++ b/sdk/dotnet/Container/Inputs/ClusterNodePoolNodeConfigGetArgs.cs @@ -31,6 +31,12 @@ public sealed class ClusterNodePoolNodeConfigGetArgs : global::Pulumi.ResourceAr [Input("confidentialNodes")] public Input? ConfidentialNodes { get; set; } + /// + /// Parameters to customize containerd runtime. Structure is documented below. + /// + [Input("containerdConfig")] + public Input? ContainerdConfig { get; set; } + /// /// Size of the disk attached to each node, specified /// in GB. The smallest allowed disk size is 10GB. Defaults to 100GB. diff --git a/sdk/dotnet/Container/Inputs/NodePoolNodeConfigArgs.cs b/sdk/dotnet/Container/Inputs/NodePoolNodeConfigArgs.cs index 015aa35803..4970ae3ca6 100644 --- a/sdk/dotnet/Container/Inputs/NodePoolNodeConfigArgs.cs +++ b/sdk/dotnet/Container/Inputs/NodePoolNodeConfigArgs.cs @@ -30,6 +30,12 @@ public sealed class NodePoolNodeConfigArgs : global::Pulumi.ResourceArgs [Input("confidentialNodes")] public Input? ConfidentialNodes { get; set; } + /// + /// Parameters for containerd configuration. + /// + [Input("containerdConfig")] + public Input? ContainerdConfig { get; set; } + /// /// Size of the disk attached to each node, specified in GB. The smallest allowed disk size is 10GB. /// diff --git a/sdk/dotnet/Container/Inputs/NodePoolNodeConfigContainerdConfigArgs.cs b/sdk/dotnet/Container/Inputs/NodePoolNodeConfigContainerdConfigArgs.cs new file mode 100644 index 0000000000..25489428fd --- /dev/null +++ b/sdk/dotnet/Container/Inputs/NodePoolNodeConfigContainerdConfigArgs.cs @@ -0,0 +1,26 @@ +// *** WARNING: this file was generated by the Pulumi Terraform Bridge (tfgen) Tool. *** +// *** Do not edit by hand unless you're certain you know what you are doing! *** + +using System; +using System.Collections.Generic; +using System.Collections.Immutable; +using System.Threading.Tasks; +using Pulumi.Serialization; + +namespace Pulumi.Gcp.Container.Inputs +{ + + public sealed class NodePoolNodeConfigContainerdConfigArgs : global::Pulumi.ResourceArgs + { + /// + /// Parameters for private container registries configuration. + /// + [Input("privateRegistryAccessConfig")] + public Input? PrivateRegistryAccessConfig { get; set; } + + public NodePoolNodeConfigContainerdConfigArgs() + { + } + public static new NodePoolNodeConfigContainerdConfigArgs Empty => new NodePoolNodeConfigContainerdConfigArgs(); + } +} diff --git a/sdk/dotnet/Container/Inputs/NodePoolNodeConfigContainerdConfigGetArgs.cs b/sdk/dotnet/Container/Inputs/NodePoolNodeConfigContainerdConfigGetArgs.cs new file mode 100644 index 0000000000..cf2fd6d644 --- /dev/null +++ b/sdk/dotnet/Container/Inputs/NodePoolNodeConfigContainerdConfigGetArgs.cs @@ -0,0 +1,26 @@ +// *** WARNING: this file was generated by the Pulumi Terraform Bridge (tfgen) Tool. *** +// *** Do not edit by hand unless you're certain you know what you are doing! *** + +using System; +using System.Collections.Generic; +using System.Collections.Immutable; +using System.Threading.Tasks; +using Pulumi.Serialization; + +namespace Pulumi.Gcp.Container.Inputs +{ + + public sealed class NodePoolNodeConfigContainerdConfigGetArgs : global::Pulumi.ResourceArgs + { + /// + /// Parameters for private container registries configuration. + /// + [Input("privateRegistryAccessConfig")] + public Input? PrivateRegistryAccessConfig { get; set; } + + public NodePoolNodeConfigContainerdConfigGetArgs() + { + } + public static new NodePoolNodeConfigContainerdConfigGetArgs Empty => new NodePoolNodeConfigContainerdConfigGetArgs(); + } +} diff --git a/sdk/dotnet/Container/Inputs/NodePoolNodeConfigContainerdConfigPrivateRegistryAccessConfigArgs.cs b/sdk/dotnet/Container/Inputs/NodePoolNodeConfigContainerdConfigPrivateRegistryAccessConfigArgs.cs new file mode 100644 index 0000000000..4d446362be --- /dev/null +++ b/sdk/dotnet/Container/Inputs/NodePoolNodeConfigContainerdConfigPrivateRegistryAccessConfigArgs.cs @@ -0,0 +1,38 @@ +// *** WARNING: this file was generated by the Pulumi Terraform Bridge (tfgen) Tool. *** +// *** Do not edit by hand unless you're certain you know what you are doing! *** + +using System; +using System.Collections.Generic; +using System.Collections.Immutable; +using System.Threading.Tasks; +using Pulumi.Serialization; + +namespace Pulumi.Gcp.Container.Inputs +{ + + public sealed class NodePoolNodeConfigContainerdConfigPrivateRegistryAccessConfigArgs : global::Pulumi.ResourceArgs + { + [Input("certificateAuthorityDomainConfigs")] + private InputList? _certificateAuthorityDomainConfigs; + + /// + /// Parameters for configuring CA certificate and domains. + /// + public InputList CertificateAuthorityDomainConfigs + { + get => _certificateAuthorityDomainConfigs ?? (_certificateAuthorityDomainConfigs = new InputList()); + set => _certificateAuthorityDomainConfigs = value; + } + + /// + /// Whether or not private registries are configured. + /// + [Input("enabled", required: true)] + public Input Enabled { get; set; } = null!; + + public NodePoolNodeConfigContainerdConfigPrivateRegistryAccessConfigArgs() + { + } + public static new NodePoolNodeConfigContainerdConfigPrivateRegistryAccessConfigArgs Empty => new NodePoolNodeConfigContainerdConfigPrivateRegistryAccessConfigArgs(); + } +} diff --git a/sdk/dotnet/Container/Inputs/NodePoolNodeConfigContainerdConfigPrivateRegistryAccessConfigCertificateAuthorityDomainConfigArgs.cs b/sdk/dotnet/Container/Inputs/NodePoolNodeConfigContainerdConfigPrivateRegistryAccessConfigCertificateAuthorityDomainConfigArgs.cs new file mode 100644 index 0000000000..b46e1255e5 --- /dev/null +++ b/sdk/dotnet/Container/Inputs/NodePoolNodeConfigContainerdConfigPrivateRegistryAccessConfigCertificateAuthorityDomainConfigArgs.cs @@ -0,0 +1,38 @@ +// *** WARNING: this file was generated by the Pulumi Terraform Bridge (tfgen) Tool. *** +// *** Do not edit by hand unless you're certain you know what you are doing! *** + +using System; +using System.Collections.Generic; +using System.Collections.Immutable; +using System.Threading.Tasks; +using Pulumi.Serialization; + +namespace Pulumi.Gcp.Container.Inputs +{ + + public sealed class NodePoolNodeConfigContainerdConfigPrivateRegistryAccessConfigCertificateAuthorityDomainConfigArgs : global::Pulumi.ResourceArgs + { + [Input("fqdns", required: true)] + private InputList? _fqdns; + + /// + /// List of fully-qualified-domain-names. IPv4s and port specification are supported. + /// + public InputList Fqdns + { + get => _fqdns ?? (_fqdns = new InputList()); + set => _fqdns = value; + } + + /// + /// Parameters for configuring a certificate hosted in GCP SecretManager. + /// + [Input("gcpSecretManagerCertificateConfig", required: true)] + public Input GcpSecretManagerCertificateConfig { get; set; } = null!; + + public NodePoolNodeConfigContainerdConfigPrivateRegistryAccessConfigCertificateAuthorityDomainConfigArgs() + { + } + public static new NodePoolNodeConfigContainerdConfigPrivateRegistryAccessConfigCertificateAuthorityDomainConfigArgs Empty => new NodePoolNodeConfigContainerdConfigPrivateRegistryAccessConfigCertificateAuthorityDomainConfigArgs(); + } +} diff --git a/sdk/dotnet/Container/Inputs/NodePoolNodeConfigContainerdConfigPrivateRegistryAccessConfigCertificateAuthorityDomainConfigGcpSecretManagerCertificateConfigArgs.cs b/sdk/dotnet/Container/Inputs/NodePoolNodeConfigContainerdConfigPrivateRegistryAccessConfigCertificateAuthorityDomainConfigGcpSecretManagerCertificateConfigArgs.cs new file mode 100644 index 0000000000..c217371fe4 --- /dev/null +++ b/sdk/dotnet/Container/Inputs/NodePoolNodeConfigContainerdConfigPrivateRegistryAccessConfigCertificateAuthorityDomainConfigGcpSecretManagerCertificateConfigArgs.cs @@ -0,0 +1,26 @@ +// *** WARNING: this file was generated by the Pulumi Terraform Bridge (tfgen) Tool. *** +// *** Do not edit by hand unless you're certain you know what you are doing! *** + +using System; +using System.Collections.Generic; +using System.Collections.Immutable; +using System.Threading.Tasks; +using Pulumi.Serialization; + +namespace Pulumi.Gcp.Container.Inputs +{ + + public sealed class NodePoolNodeConfigContainerdConfigPrivateRegistryAccessConfigCertificateAuthorityDomainConfigGcpSecretManagerCertificateConfigArgs : global::Pulumi.ResourceArgs + { + /// + /// URI for the secret that hosts a certificate. Must be in the format 'projects/PROJECT_NUM/secrets/SECRET_NAME/versions/VERSION_OR_LATEST'. + /// + [Input("secretUri", required: true)] + public Input SecretUri { get; set; } = null!; + + public NodePoolNodeConfigContainerdConfigPrivateRegistryAccessConfigCertificateAuthorityDomainConfigGcpSecretManagerCertificateConfigArgs() + { + } + public static new NodePoolNodeConfigContainerdConfigPrivateRegistryAccessConfigCertificateAuthorityDomainConfigGcpSecretManagerCertificateConfigArgs Empty => new NodePoolNodeConfigContainerdConfigPrivateRegistryAccessConfigCertificateAuthorityDomainConfigGcpSecretManagerCertificateConfigArgs(); + } +} diff --git a/sdk/dotnet/Container/Inputs/NodePoolNodeConfigContainerdConfigPrivateRegistryAccessConfigCertificateAuthorityDomainConfigGcpSecretManagerCertificateConfigGetArgs.cs b/sdk/dotnet/Container/Inputs/NodePoolNodeConfigContainerdConfigPrivateRegistryAccessConfigCertificateAuthorityDomainConfigGcpSecretManagerCertificateConfigGetArgs.cs new file mode 100644 index 0000000000..11b1ca8a8b --- /dev/null +++ b/sdk/dotnet/Container/Inputs/NodePoolNodeConfigContainerdConfigPrivateRegistryAccessConfigCertificateAuthorityDomainConfigGcpSecretManagerCertificateConfigGetArgs.cs @@ -0,0 +1,26 @@ +// *** WARNING: this file was generated by the Pulumi Terraform Bridge (tfgen) Tool. *** +// *** Do not edit by hand unless you're certain you know what you are doing! *** + +using System; +using System.Collections.Generic; +using System.Collections.Immutable; +using System.Threading.Tasks; +using Pulumi.Serialization; + +namespace Pulumi.Gcp.Container.Inputs +{ + + public sealed class NodePoolNodeConfigContainerdConfigPrivateRegistryAccessConfigCertificateAuthorityDomainConfigGcpSecretManagerCertificateConfigGetArgs : global::Pulumi.ResourceArgs + { + /// + /// URI for the secret that hosts a certificate. Must be in the format 'projects/PROJECT_NUM/secrets/SECRET_NAME/versions/VERSION_OR_LATEST'. + /// + [Input("secretUri", required: true)] + public Input SecretUri { get; set; } = null!; + + public NodePoolNodeConfigContainerdConfigPrivateRegistryAccessConfigCertificateAuthorityDomainConfigGcpSecretManagerCertificateConfigGetArgs() + { + } + public static new NodePoolNodeConfigContainerdConfigPrivateRegistryAccessConfigCertificateAuthorityDomainConfigGcpSecretManagerCertificateConfigGetArgs Empty => new NodePoolNodeConfigContainerdConfigPrivateRegistryAccessConfigCertificateAuthorityDomainConfigGcpSecretManagerCertificateConfigGetArgs(); + } +} diff --git a/sdk/dotnet/Container/Inputs/NodePoolNodeConfigContainerdConfigPrivateRegistryAccessConfigCertificateAuthorityDomainConfigGetArgs.cs b/sdk/dotnet/Container/Inputs/NodePoolNodeConfigContainerdConfigPrivateRegistryAccessConfigCertificateAuthorityDomainConfigGetArgs.cs new file mode 100644 index 0000000000..ffca07bb4a --- /dev/null +++ b/sdk/dotnet/Container/Inputs/NodePoolNodeConfigContainerdConfigPrivateRegistryAccessConfigCertificateAuthorityDomainConfigGetArgs.cs @@ -0,0 +1,38 @@ +// *** WARNING: this file was generated by the Pulumi Terraform Bridge (tfgen) Tool. *** +// *** Do not edit by hand unless you're certain you know what you are doing! *** + +using System; +using System.Collections.Generic; +using System.Collections.Immutable; +using System.Threading.Tasks; +using Pulumi.Serialization; + +namespace Pulumi.Gcp.Container.Inputs +{ + + public sealed class NodePoolNodeConfigContainerdConfigPrivateRegistryAccessConfigCertificateAuthorityDomainConfigGetArgs : global::Pulumi.ResourceArgs + { + [Input("fqdns", required: true)] + private InputList? _fqdns; + + /// + /// List of fully-qualified-domain-names. IPv4s and port specification are supported. + /// + public InputList Fqdns + { + get => _fqdns ?? (_fqdns = new InputList()); + set => _fqdns = value; + } + + /// + /// Parameters for configuring a certificate hosted in GCP SecretManager. + /// + [Input("gcpSecretManagerCertificateConfig", required: true)] + public Input GcpSecretManagerCertificateConfig { get; set; } = null!; + + public NodePoolNodeConfigContainerdConfigPrivateRegistryAccessConfigCertificateAuthorityDomainConfigGetArgs() + { + } + public static new NodePoolNodeConfigContainerdConfigPrivateRegistryAccessConfigCertificateAuthorityDomainConfigGetArgs Empty => new NodePoolNodeConfigContainerdConfigPrivateRegistryAccessConfigCertificateAuthorityDomainConfigGetArgs(); + } +} diff --git a/sdk/dotnet/Container/Inputs/NodePoolNodeConfigContainerdConfigPrivateRegistryAccessConfigGetArgs.cs b/sdk/dotnet/Container/Inputs/NodePoolNodeConfigContainerdConfigPrivateRegistryAccessConfigGetArgs.cs new file mode 100644 index 0000000000..a9b50ef46d --- /dev/null +++ b/sdk/dotnet/Container/Inputs/NodePoolNodeConfigContainerdConfigPrivateRegistryAccessConfigGetArgs.cs @@ -0,0 +1,38 @@ +// *** WARNING: this file was generated by the Pulumi Terraform Bridge (tfgen) Tool. *** +// *** Do not edit by hand unless you're certain you know what you are doing! *** + +using System; +using System.Collections.Generic; +using System.Collections.Immutable; +using System.Threading.Tasks; +using Pulumi.Serialization; + +namespace Pulumi.Gcp.Container.Inputs +{ + + public sealed class NodePoolNodeConfigContainerdConfigPrivateRegistryAccessConfigGetArgs : global::Pulumi.ResourceArgs + { + [Input("certificateAuthorityDomainConfigs")] + private InputList? _certificateAuthorityDomainConfigs; + + /// + /// Parameters for configuring CA certificate and domains. + /// + public InputList CertificateAuthorityDomainConfigs + { + get => _certificateAuthorityDomainConfigs ?? (_certificateAuthorityDomainConfigs = new InputList()); + set => _certificateAuthorityDomainConfigs = value; + } + + /// + /// Whether or not private registries are configured. + /// + [Input("enabled", required: true)] + public Input Enabled { get; set; } = null!; + + public NodePoolNodeConfigContainerdConfigPrivateRegistryAccessConfigGetArgs() + { + } + public static new NodePoolNodeConfigContainerdConfigPrivateRegistryAccessConfigGetArgs Empty => new NodePoolNodeConfigContainerdConfigPrivateRegistryAccessConfigGetArgs(); + } +} diff --git a/sdk/dotnet/Container/Inputs/NodePoolNodeConfigGetArgs.cs b/sdk/dotnet/Container/Inputs/NodePoolNodeConfigGetArgs.cs index 20308aee5e..d99e726a71 100644 --- a/sdk/dotnet/Container/Inputs/NodePoolNodeConfigGetArgs.cs +++ b/sdk/dotnet/Container/Inputs/NodePoolNodeConfigGetArgs.cs @@ -30,6 +30,12 @@ public sealed class NodePoolNodeConfigGetArgs : global::Pulumi.ResourceArgs [Input("confidentialNodes")] public Input? ConfidentialNodes { get; set; } + /// + /// Parameters for containerd configuration. + /// + [Input("containerdConfig")] + public Input? ContainerdConfig { get; set; } + /// /// Size of the disk attached to each node, specified in GB. The smallest allowed disk size is 10GB. /// diff --git a/sdk/dotnet/Container/Outputs/ClusterNodeConfig.cs b/sdk/dotnet/Container/Outputs/ClusterNodeConfig.cs index 89de9d85bb..9d68623802 100644 --- a/sdk/dotnet/Container/Outputs/ClusterNodeConfig.cs +++ b/sdk/dotnet/Container/Outputs/ClusterNodeConfig.cs @@ -27,6 +27,10 @@ public sealed class ClusterNodeConfig /// public readonly Outputs.ClusterNodeConfigConfidentialNodes? ConfidentialNodes; /// + /// Parameters to customize containerd runtime. Structure is documented below. + /// + public readonly Outputs.ClusterNodeConfigContainerdConfig? ContainerdConfig; + /// /// Size of the disk attached to each node, specified /// in GB. The smallest allowed disk size is 10GB. Defaults to 100GB. /// @@ -236,6 +240,8 @@ private ClusterNodeConfig( Outputs.ClusterNodeConfigConfidentialNodes? confidentialNodes, + Outputs.ClusterNodeConfigContainerdConfig? containerdConfig, + int? diskSizeGb, string? diskType, @@ -311,6 +317,7 @@ private ClusterNodeConfig( AdvancedMachineFeatures = advancedMachineFeatures; BootDiskKmsKey = bootDiskKmsKey; ConfidentialNodes = confidentialNodes; + ContainerdConfig = containerdConfig; DiskSizeGb = diskSizeGb; DiskType = diskType; EffectiveTaints = effectiveTaints; diff --git a/sdk/dotnet/Container/Outputs/ClusterNodeConfigContainerdConfig.cs b/sdk/dotnet/Container/Outputs/ClusterNodeConfigContainerdConfig.cs new file mode 100644 index 0000000000..0c4ec1ec42 --- /dev/null +++ b/sdk/dotnet/Container/Outputs/ClusterNodeConfigContainerdConfig.cs @@ -0,0 +1,27 @@ +// *** WARNING: this file was generated by the Pulumi Terraform Bridge (tfgen) Tool. *** +// *** Do not edit by hand unless you're certain you know what you are doing! *** + +using System; +using System.Collections.Generic; +using System.Collections.Immutable; +using System.Threading.Tasks; +using Pulumi.Serialization; + +namespace Pulumi.Gcp.Container.Outputs +{ + + [OutputType] + public sealed class ClusterNodeConfigContainerdConfig + { + /// + /// Configuration for private container registries. There are two fields in this config: + /// + public readonly Outputs.ClusterNodeConfigContainerdConfigPrivateRegistryAccessConfig? PrivateRegistryAccessConfig; + + [OutputConstructor] + private ClusterNodeConfigContainerdConfig(Outputs.ClusterNodeConfigContainerdConfigPrivateRegistryAccessConfig? privateRegistryAccessConfig) + { + PrivateRegistryAccessConfig = privateRegistryAccessConfig; + } + } +} diff --git a/sdk/dotnet/Container/Outputs/ClusterNodeConfigContainerdConfigPrivateRegistryAccessConfig.cs b/sdk/dotnet/Container/Outputs/ClusterNodeConfigContainerdConfigPrivateRegistryAccessConfig.cs new file mode 100644 index 0000000000..515cafda8d --- /dev/null +++ b/sdk/dotnet/Container/Outputs/ClusterNodeConfigContainerdConfigPrivateRegistryAccessConfig.cs @@ -0,0 +1,35 @@ +// *** WARNING: this file was generated by the Pulumi Terraform Bridge (tfgen) Tool. *** +// *** Do not edit by hand unless you're certain you know what you are doing! *** + +using System; +using System.Collections.Generic; +using System.Collections.Immutable; +using System.Threading.Tasks; +using Pulumi.Serialization; + +namespace Pulumi.Gcp.Container.Outputs +{ + + [OutputType] + public sealed class ClusterNodeConfigContainerdConfigPrivateRegistryAccessConfig + { + /// + /// List of configuration objects for CA and domains. Each object identifies a certificate and its assigned domains. See [how to configure for private container registries](https://cloud.google.com/kubernetes-engine/docs/how-to/access-private-registries-private-certificates) for more detail. Example: + /// + public readonly ImmutableArray CertificateAuthorityDomainConfigs; + /// + /// Enables private registry config. If set to false, all other fields in this object must not be set. + /// + public readonly bool Enabled; + + [OutputConstructor] + private ClusterNodeConfigContainerdConfigPrivateRegistryAccessConfig( + ImmutableArray certificateAuthorityDomainConfigs, + + bool enabled) + { + CertificateAuthorityDomainConfigs = certificateAuthorityDomainConfigs; + Enabled = enabled; + } + } +} diff --git a/sdk/dotnet/Container/Outputs/ClusterNodeConfigContainerdConfigPrivateRegistryAccessConfigCertificateAuthorityDomainConfig.cs b/sdk/dotnet/Container/Outputs/ClusterNodeConfigContainerdConfigPrivateRegistryAccessConfigCertificateAuthorityDomainConfig.cs new file mode 100644 index 0000000000..bddf3ceb7b --- /dev/null +++ b/sdk/dotnet/Container/Outputs/ClusterNodeConfigContainerdConfigPrivateRegistryAccessConfigCertificateAuthorityDomainConfig.cs @@ -0,0 +1,35 @@ +// *** WARNING: this file was generated by the Pulumi Terraform Bridge (tfgen) Tool. *** +// *** Do not edit by hand unless you're certain you know what you are doing! *** + +using System; +using System.Collections.Generic; +using System.Collections.Immutable; +using System.Threading.Tasks; +using Pulumi.Serialization; + +namespace Pulumi.Gcp.Container.Outputs +{ + + [OutputType] + public sealed class ClusterNodeConfigContainerdConfigPrivateRegistryAccessConfigCertificateAuthorityDomainConfig + { + /// + /// List of fully-qualified-domain-names. IPv4s and port specification are supported. + /// + public readonly ImmutableArray Fqdns; + /// + /// Parameters for configuring a certificate hosted in GCP SecretManager. + /// + public readonly Outputs.ClusterNodeConfigContainerdConfigPrivateRegistryAccessConfigCertificateAuthorityDomainConfigGcpSecretManagerCertificateConfig GcpSecretManagerCertificateConfig; + + [OutputConstructor] + private ClusterNodeConfigContainerdConfigPrivateRegistryAccessConfigCertificateAuthorityDomainConfig( + ImmutableArray fqdns, + + Outputs.ClusterNodeConfigContainerdConfigPrivateRegistryAccessConfigCertificateAuthorityDomainConfigGcpSecretManagerCertificateConfig gcpSecretManagerCertificateConfig) + { + Fqdns = fqdns; + GcpSecretManagerCertificateConfig = gcpSecretManagerCertificateConfig; + } + } +} diff --git a/sdk/dotnet/Container/Outputs/ClusterNodeConfigContainerdConfigPrivateRegistryAccessConfigCertificateAuthorityDomainConfigGcpSecretManagerCertificateConfig.cs b/sdk/dotnet/Container/Outputs/ClusterNodeConfigContainerdConfigPrivateRegistryAccessConfigCertificateAuthorityDomainConfigGcpSecretManagerCertificateConfig.cs new file mode 100644 index 0000000000..215eb970c6 --- /dev/null +++ b/sdk/dotnet/Container/Outputs/ClusterNodeConfigContainerdConfigPrivateRegistryAccessConfigCertificateAuthorityDomainConfigGcpSecretManagerCertificateConfig.cs @@ -0,0 +1,27 @@ +// *** WARNING: this file was generated by the Pulumi Terraform Bridge (tfgen) Tool. *** +// *** Do not edit by hand unless you're certain you know what you are doing! *** + +using System; +using System.Collections.Generic; +using System.Collections.Immutable; +using System.Threading.Tasks; +using Pulumi.Serialization; + +namespace Pulumi.Gcp.Container.Outputs +{ + + [OutputType] + public sealed class ClusterNodeConfigContainerdConfigPrivateRegistryAccessConfigCertificateAuthorityDomainConfigGcpSecretManagerCertificateConfig + { + /// + /// URI for the secret that hosts a certificate. Must be in the format 'projects/PROJECT_NUM/secrets/SECRET_NAME/versions/VERSION_OR_LATEST'. + /// + public readonly string SecretUri; + + [OutputConstructor] + private ClusterNodeConfigContainerdConfigPrivateRegistryAccessConfigCertificateAuthorityDomainConfigGcpSecretManagerCertificateConfig(string secretUri) + { + SecretUri = secretUri; + } + } +} diff --git a/sdk/dotnet/Container/Outputs/ClusterNodePoolDefaultsNodeConfigDefaults.cs b/sdk/dotnet/Container/Outputs/ClusterNodePoolDefaultsNodeConfigDefaults.cs index 79a1b08bfb..e2285e3aeb 100644 --- a/sdk/dotnet/Container/Outputs/ClusterNodePoolDefaultsNodeConfigDefaults.cs +++ b/sdk/dotnet/Container/Outputs/ClusterNodePoolDefaultsNodeConfigDefaults.cs @@ -13,6 +13,10 @@ namespace Pulumi.Gcp.Container.Outputs [OutputType] public sealed class ClusterNodePoolDefaultsNodeConfigDefaults { + /// + /// Parameters for containerd configuration. + /// + public readonly Outputs.ClusterNodePoolDefaultsNodeConfigDefaultsContainerdConfig? ContainerdConfig; /// /// The default Google Container Filesystem (GCFS) configuration at the cluster level. e.g. enable [image streaming](https://cloud.google.com/kubernetes-engine/docs/how-to/image-streaming) across all the node pools within the cluster. Structure is documented below. /// @@ -24,10 +28,13 @@ public sealed class ClusterNodePoolDefaultsNodeConfigDefaults [OutputConstructor] private ClusterNodePoolDefaultsNodeConfigDefaults( + Outputs.ClusterNodePoolDefaultsNodeConfigDefaultsContainerdConfig? containerdConfig, + Outputs.ClusterNodePoolDefaultsNodeConfigDefaultsGcfsConfig? gcfsConfig, string? loggingVariant) { + ContainerdConfig = containerdConfig; GcfsConfig = gcfsConfig; LoggingVariant = loggingVariant; } diff --git a/sdk/dotnet/Container/Outputs/ClusterNodePoolDefaultsNodeConfigDefaultsContainerdConfig.cs b/sdk/dotnet/Container/Outputs/ClusterNodePoolDefaultsNodeConfigDefaultsContainerdConfig.cs new file mode 100644 index 0000000000..9787f56e2e --- /dev/null +++ b/sdk/dotnet/Container/Outputs/ClusterNodePoolDefaultsNodeConfigDefaultsContainerdConfig.cs @@ -0,0 +1,27 @@ +// *** WARNING: this file was generated by the Pulumi Terraform Bridge (tfgen) Tool. *** +// *** Do not edit by hand unless you're certain you know what you are doing! *** + +using System; +using System.Collections.Generic; +using System.Collections.Immutable; +using System.Threading.Tasks; +using Pulumi.Serialization; + +namespace Pulumi.Gcp.Container.Outputs +{ + + [OutputType] + public sealed class ClusterNodePoolDefaultsNodeConfigDefaultsContainerdConfig + { + /// + /// Configuration for private container registries. There are two fields in this config: + /// + public readonly Outputs.ClusterNodePoolDefaultsNodeConfigDefaultsContainerdConfigPrivateRegistryAccessConfig? PrivateRegistryAccessConfig; + + [OutputConstructor] + private ClusterNodePoolDefaultsNodeConfigDefaultsContainerdConfig(Outputs.ClusterNodePoolDefaultsNodeConfigDefaultsContainerdConfigPrivateRegistryAccessConfig? privateRegistryAccessConfig) + { + PrivateRegistryAccessConfig = privateRegistryAccessConfig; + } + } +} diff --git a/sdk/dotnet/Container/Outputs/ClusterNodePoolDefaultsNodeConfigDefaultsContainerdConfigPrivateRegistryAccessConfig.cs b/sdk/dotnet/Container/Outputs/ClusterNodePoolDefaultsNodeConfigDefaultsContainerdConfigPrivateRegistryAccessConfig.cs new file mode 100644 index 0000000000..197c841cf6 --- /dev/null +++ b/sdk/dotnet/Container/Outputs/ClusterNodePoolDefaultsNodeConfigDefaultsContainerdConfigPrivateRegistryAccessConfig.cs @@ -0,0 +1,35 @@ +// *** WARNING: this file was generated by the Pulumi Terraform Bridge (tfgen) Tool. *** +// *** Do not edit by hand unless you're certain you know what you are doing! *** + +using System; +using System.Collections.Generic; +using System.Collections.Immutable; +using System.Threading.Tasks; +using Pulumi.Serialization; + +namespace Pulumi.Gcp.Container.Outputs +{ + + [OutputType] + public sealed class ClusterNodePoolDefaultsNodeConfigDefaultsContainerdConfigPrivateRegistryAccessConfig + { + /// + /// List of configuration objects for CA and domains. Each object identifies a certificate and its assigned domains. See [how to configure for private container registries](https://cloud.google.com/kubernetes-engine/docs/how-to/access-private-registries-private-certificates) for more detail. Example: + /// + public readonly ImmutableArray CertificateAuthorityDomainConfigs; + /// + /// Enables private registry config. If set to false, all other fields in this object must not be set. + /// + public readonly bool Enabled; + + [OutputConstructor] + private ClusterNodePoolDefaultsNodeConfigDefaultsContainerdConfigPrivateRegistryAccessConfig( + ImmutableArray certificateAuthorityDomainConfigs, + + bool enabled) + { + CertificateAuthorityDomainConfigs = certificateAuthorityDomainConfigs; + Enabled = enabled; + } + } +} diff --git a/sdk/dotnet/Container/Outputs/ClusterNodePoolDefaultsNodeConfigDefaultsContainerdConfigPrivateRegistryAccessConfigCertificateAuthorityDomainConfig.cs b/sdk/dotnet/Container/Outputs/ClusterNodePoolDefaultsNodeConfigDefaultsContainerdConfigPrivateRegistryAccessConfigCertificateAuthorityDomainConfig.cs new file mode 100644 index 0000000000..e9dd8c7a4d --- /dev/null +++ b/sdk/dotnet/Container/Outputs/ClusterNodePoolDefaultsNodeConfigDefaultsContainerdConfigPrivateRegistryAccessConfigCertificateAuthorityDomainConfig.cs @@ -0,0 +1,35 @@ +// *** WARNING: this file was generated by the Pulumi Terraform Bridge (tfgen) Tool. *** +// *** Do not edit by hand unless you're certain you know what you are doing! *** + +using System; +using System.Collections.Generic; +using System.Collections.Immutable; +using System.Threading.Tasks; +using Pulumi.Serialization; + +namespace Pulumi.Gcp.Container.Outputs +{ + + [OutputType] + public sealed class ClusterNodePoolDefaultsNodeConfigDefaultsContainerdConfigPrivateRegistryAccessConfigCertificateAuthorityDomainConfig + { + /// + /// List of fully-qualified-domain-names. IPv4s and port specification are supported. + /// + public readonly ImmutableArray Fqdns; + /// + /// Parameters for configuring a certificate hosted in GCP SecretManager. + /// + public readonly Outputs.ClusterNodePoolDefaultsNodeConfigDefaultsContainerdConfigPrivateRegistryAccessConfigCertificateAuthorityDomainConfigGcpSecretManagerCertificateConfig GcpSecretManagerCertificateConfig; + + [OutputConstructor] + private ClusterNodePoolDefaultsNodeConfigDefaultsContainerdConfigPrivateRegistryAccessConfigCertificateAuthorityDomainConfig( + ImmutableArray fqdns, + + Outputs.ClusterNodePoolDefaultsNodeConfigDefaultsContainerdConfigPrivateRegistryAccessConfigCertificateAuthorityDomainConfigGcpSecretManagerCertificateConfig gcpSecretManagerCertificateConfig) + { + Fqdns = fqdns; + GcpSecretManagerCertificateConfig = gcpSecretManagerCertificateConfig; + } + } +} diff --git a/sdk/dotnet/Container/Outputs/ClusterNodePoolDefaultsNodeConfigDefaultsContainerdConfigPrivateRegistryAccessConfigCertificateAuthorityDomainConfigGcpSecretManagerCertificateConfig.cs b/sdk/dotnet/Container/Outputs/ClusterNodePoolDefaultsNodeConfigDefaultsContainerdConfigPrivateRegistryAccessConfigCertificateAuthorityDomainConfigGcpSecretManagerCertificateConfig.cs new file mode 100644 index 0000000000..b5bb5ad074 --- /dev/null +++ b/sdk/dotnet/Container/Outputs/ClusterNodePoolDefaultsNodeConfigDefaultsContainerdConfigPrivateRegistryAccessConfigCertificateAuthorityDomainConfigGcpSecretManagerCertificateConfig.cs @@ -0,0 +1,27 @@ +// *** WARNING: this file was generated by the Pulumi Terraform Bridge (tfgen) Tool. *** +// *** Do not edit by hand unless you're certain you know what you are doing! *** + +using System; +using System.Collections.Generic; +using System.Collections.Immutable; +using System.Threading.Tasks; +using Pulumi.Serialization; + +namespace Pulumi.Gcp.Container.Outputs +{ + + [OutputType] + public sealed class ClusterNodePoolDefaultsNodeConfigDefaultsContainerdConfigPrivateRegistryAccessConfigCertificateAuthorityDomainConfigGcpSecretManagerCertificateConfig + { + /// + /// URI for the secret that hosts a certificate. Must be in the format 'projects/PROJECT_NUM/secrets/SECRET_NAME/versions/VERSION_OR_LATEST'. + /// + public readonly string SecretUri; + + [OutputConstructor] + private ClusterNodePoolDefaultsNodeConfigDefaultsContainerdConfigPrivateRegistryAccessConfigCertificateAuthorityDomainConfigGcpSecretManagerCertificateConfig(string secretUri) + { + SecretUri = secretUri; + } + } +} diff --git a/sdk/dotnet/Container/Outputs/ClusterNodePoolNodeConfig.cs b/sdk/dotnet/Container/Outputs/ClusterNodePoolNodeConfig.cs index eac9f143ab..db5ea28b26 100644 --- a/sdk/dotnet/Container/Outputs/ClusterNodePoolNodeConfig.cs +++ b/sdk/dotnet/Container/Outputs/ClusterNodePoolNodeConfig.cs @@ -27,6 +27,10 @@ public sealed class ClusterNodePoolNodeConfig /// public readonly Outputs.ClusterNodePoolNodeConfigConfidentialNodes? ConfidentialNodes; /// + /// Parameters to customize containerd runtime. Structure is documented below. + /// + public readonly Outputs.ClusterNodePoolNodeConfigContainerdConfig? ContainerdConfig; + /// /// Size of the disk attached to each node, specified /// in GB. The smallest allowed disk size is 10GB. Defaults to 100GB. /// @@ -236,6 +240,8 @@ private ClusterNodePoolNodeConfig( Outputs.ClusterNodePoolNodeConfigConfidentialNodes? confidentialNodes, + Outputs.ClusterNodePoolNodeConfigContainerdConfig? containerdConfig, + int? diskSizeGb, string? diskType, @@ -311,6 +317,7 @@ private ClusterNodePoolNodeConfig( AdvancedMachineFeatures = advancedMachineFeatures; BootDiskKmsKey = bootDiskKmsKey; ConfidentialNodes = confidentialNodes; + ContainerdConfig = containerdConfig; DiskSizeGb = diskSizeGb; DiskType = diskType; EffectiveTaints = effectiveTaints; diff --git a/sdk/dotnet/Container/Outputs/ClusterNodePoolNodeConfigContainerdConfig.cs b/sdk/dotnet/Container/Outputs/ClusterNodePoolNodeConfigContainerdConfig.cs new file mode 100644 index 0000000000..ae2b3b8b66 --- /dev/null +++ b/sdk/dotnet/Container/Outputs/ClusterNodePoolNodeConfigContainerdConfig.cs @@ -0,0 +1,27 @@ +// *** WARNING: this file was generated by the Pulumi Terraform Bridge (tfgen) Tool. *** +// *** Do not edit by hand unless you're certain you know what you are doing! *** + +using System; +using System.Collections.Generic; +using System.Collections.Immutable; +using System.Threading.Tasks; +using Pulumi.Serialization; + +namespace Pulumi.Gcp.Container.Outputs +{ + + [OutputType] + public sealed class ClusterNodePoolNodeConfigContainerdConfig + { + /// + /// Configuration for private container registries. There are two fields in this config: + /// + public readonly Outputs.ClusterNodePoolNodeConfigContainerdConfigPrivateRegistryAccessConfig? PrivateRegistryAccessConfig; + + [OutputConstructor] + private ClusterNodePoolNodeConfigContainerdConfig(Outputs.ClusterNodePoolNodeConfigContainerdConfigPrivateRegistryAccessConfig? privateRegistryAccessConfig) + { + PrivateRegistryAccessConfig = privateRegistryAccessConfig; + } + } +} diff --git a/sdk/dotnet/Container/Outputs/ClusterNodePoolNodeConfigContainerdConfigPrivateRegistryAccessConfig.cs b/sdk/dotnet/Container/Outputs/ClusterNodePoolNodeConfigContainerdConfigPrivateRegistryAccessConfig.cs new file mode 100644 index 0000000000..219b1cf4a8 --- /dev/null +++ b/sdk/dotnet/Container/Outputs/ClusterNodePoolNodeConfigContainerdConfigPrivateRegistryAccessConfig.cs @@ -0,0 +1,35 @@ +// *** WARNING: this file was generated by the Pulumi Terraform Bridge (tfgen) Tool. *** +// *** Do not edit by hand unless you're certain you know what you are doing! *** + +using System; +using System.Collections.Generic; +using System.Collections.Immutable; +using System.Threading.Tasks; +using Pulumi.Serialization; + +namespace Pulumi.Gcp.Container.Outputs +{ + + [OutputType] + public sealed class ClusterNodePoolNodeConfigContainerdConfigPrivateRegistryAccessConfig + { + /// + /// List of configuration objects for CA and domains. Each object identifies a certificate and its assigned domains. See [how to configure for private container registries](https://cloud.google.com/kubernetes-engine/docs/how-to/access-private-registries-private-certificates) for more detail. Example: + /// + public readonly ImmutableArray CertificateAuthorityDomainConfigs; + /// + /// Enables private registry config. If set to false, all other fields in this object must not be set. + /// + public readonly bool Enabled; + + [OutputConstructor] + private ClusterNodePoolNodeConfigContainerdConfigPrivateRegistryAccessConfig( + ImmutableArray certificateAuthorityDomainConfigs, + + bool enabled) + { + CertificateAuthorityDomainConfigs = certificateAuthorityDomainConfigs; + Enabled = enabled; + } + } +} diff --git a/sdk/dotnet/Container/Outputs/ClusterNodePoolNodeConfigContainerdConfigPrivateRegistryAccessConfigCertificateAuthorityDomainConfig.cs b/sdk/dotnet/Container/Outputs/ClusterNodePoolNodeConfigContainerdConfigPrivateRegistryAccessConfigCertificateAuthorityDomainConfig.cs new file mode 100644 index 0000000000..c37435d9c0 --- /dev/null +++ b/sdk/dotnet/Container/Outputs/ClusterNodePoolNodeConfigContainerdConfigPrivateRegistryAccessConfigCertificateAuthorityDomainConfig.cs @@ -0,0 +1,35 @@ +// *** WARNING: this file was generated by the Pulumi Terraform Bridge (tfgen) Tool. *** +// *** Do not edit by hand unless you're certain you know what you are doing! *** + +using System; +using System.Collections.Generic; +using System.Collections.Immutable; +using System.Threading.Tasks; +using Pulumi.Serialization; + +namespace Pulumi.Gcp.Container.Outputs +{ + + [OutputType] + public sealed class ClusterNodePoolNodeConfigContainerdConfigPrivateRegistryAccessConfigCertificateAuthorityDomainConfig + { + /// + /// List of fully-qualified-domain-names. IPv4s and port specification are supported. + /// + public readonly ImmutableArray Fqdns; + /// + /// Parameters for configuring a certificate hosted in GCP SecretManager. + /// + public readonly Outputs.ClusterNodePoolNodeConfigContainerdConfigPrivateRegistryAccessConfigCertificateAuthorityDomainConfigGcpSecretManagerCertificateConfig GcpSecretManagerCertificateConfig; + + [OutputConstructor] + private ClusterNodePoolNodeConfigContainerdConfigPrivateRegistryAccessConfigCertificateAuthorityDomainConfig( + ImmutableArray fqdns, + + Outputs.ClusterNodePoolNodeConfigContainerdConfigPrivateRegistryAccessConfigCertificateAuthorityDomainConfigGcpSecretManagerCertificateConfig gcpSecretManagerCertificateConfig) + { + Fqdns = fqdns; + GcpSecretManagerCertificateConfig = gcpSecretManagerCertificateConfig; + } + } +} diff --git a/sdk/dotnet/Container/Outputs/ClusterNodePoolNodeConfigContainerdConfigPrivateRegistryAccessConfigCertificateAuthorityDomainConfigGcpSecretManagerCertificateConfig.cs b/sdk/dotnet/Container/Outputs/ClusterNodePoolNodeConfigContainerdConfigPrivateRegistryAccessConfigCertificateAuthorityDomainConfigGcpSecretManagerCertificateConfig.cs new file mode 100644 index 0000000000..241bb4dda3 --- /dev/null +++ b/sdk/dotnet/Container/Outputs/ClusterNodePoolNodeConfigContainerdConfigPrivateRegistryAccessConfigCertificateAuthorityDomainConfigGcpSecretManagerCertificateConfig.cs @@ -0,0 +1,27 @@ +// *** WARNING: this file was generated by the Pulumi Terraform Bridge (tfgen) Tool. *** +// *** Do not edit by hand unless you're certain you know what you are doing! *** + +using System; +using System.Collections.Generic; +using System.Collections.Immutable; +using System.Threading.Tasks; +using Pulumi.Serialization; + +namespace Pulumi.Gcp.Container.Outputs +{ + + [OutputType] + public sealed class ClusterNodePoolNodeConfigContainerdConfigPrivateRegistryAccessConfigCertificateAuthorityDomainConfigGcpSecretManagerCertificateConfig + { + /// + /// URI for the secret that hosts a certificate. Must be in the format 'projects/PROJECT_NUM/secrets/SECRET_NAME/versions/VERSION_OR_LATEST'. + /// + public readonly string SecretUri; + + [OutputConstructor] + private ClusterNodePoolNodeConfigContainerdConfigPrivateRegistryAccessConfigCertificateAuthorityDomainConfigGcpSecretManagerCertificateConfig(string secretUri) + { + SecretUri = secretUri; + } + } +} diff --git a/sdk/dotnet/Container/Outputs/GetClusterNodeConfigContainerdConfigPrivateRegistryAccessConfigCertificateAuthorityDomainConfigGcpSecretManagerCertificateConfigResult.cs b/sdk/dotnet/Container/Outputs/GetClusterNodeConfigContainerdConfigPrivateRegistryAccessConfigCertificateAuthorityDomainConfigGcpSecretManagerCertificateConfigResult.cs new file mode 100644 index 0000000000..8476da9fcf --- /dev/null +++ b/sdk/dotnet/Container/Outputs/GetClusterNodeConfigContainerdConfigPrivateRegistryAccessConfigCertificateAuthorityDomainConfigGcpSecretManagerCertificateConfigResult.cs @@ -0,0 +1,27 @@ +// *** WARNING: this file was generated by the Pulumi Terraform Bridge (tfgen) Tool. *** +// *** Do not edit by hand unless you're certain you know what you are doing! *** + +using System; +using System.Collections.Generic; +using System.Collections.Immutable; +using System.Threading.Tasks; +using Pulumi.Serialization; + +namespace Pulumi.Gcp.Container.Outputs +{ + + [OutputType] + public sealed class GetClusterNodeConfigContainerdConfigPrivateRegistryAccessConfigCertificateAuthorityDomainConfigGcpSecretManagerCertificateConfigResult + { + /// + /// URI for the secret that hosts a certificate. Must be in the format 'projects/PROJECT_NUM/secrets/SECRET_NAME/versions/VERSION_OR_LATEST'. + /// + public readonly string SecretUri; + + [OutputConstructor] + private GetClusterNodeConfigContainerdConfigPrivateRegistryAccessConfigCertificateAuthorityDomainConfigGcpSecretManagerCertificateConfigResult(string secretUri) + { + SecretUri = secretUri; + } + } +} diff --git a/sdk/dotnet/Container/Outputs/GetClusterNodeConfigContainerdConfigPrivateRegistryAccessConfigCertificateAuthorityDomainConfigResult.cs b/sdk/dotnet/Container/Outputs/GetClusterNodeConfigContainerdConfigPrivateRegistryAccessConfigCertificateAuthorityDomainConfigResult.cs new file mode 100644 index 0000000000..2da534c9b6 --- /dev/null +++ b/sdk/dotnet/Container/Outputs/GetClusterNodeConfigContainerdConfigPrivateRegistryAccessConfigCertificateAuthorityDomainConfigResult.cs @@ -0,0 +1,35 @@ +// *** WARNING: this file was generated by the Pulumi Terraform Bridge (tfgen) Tool. *** +// *** Do not edit by hand unless you're certain you know what you are doing! *** + +using System; +using System.Collections.Generic; +using System.Collections.Immutable; +using System.Threading.Tasks; +using Pulumi.Serialization; + +namespace Pulumi.Gcp.Container.Outputs +{ + + [OutputType] + public sealed class GetClusterNodeConfigContainerdConfigPrivateRegistryAccessConfigCertificateAuthorityDomainConfigResult + { + /// + /// List of fully-qualified-domain-names. IPv4s and port specification are supported. + /// + public readonly ImmutableArray Fqdns; + /// + /// Parameters for configuring a certificate hosted in GCP SecretManager. + /// + public readonly ImmutableArray GcpSecretManagerCertificateConfigs; + + [OutputConstructor] + private GetClusterNodeConfigContainerdConfigPrivateRegistryAccessConfigCertificateAuthorityDomainConfigResult( + ImmutableArray fqdns, + + ImmutableArray gcpSecretManagerCertificateConfigs) + { + Fqdns = fqdns; + GcpSecretManagerCertificateConfigs = gcpSecretManagerCertificateConfigs; + } + } +} diff --git a/sdk/dotnet/Container/Outputs/GetClusterNodeConfigContainerdConfigPrivateRegistryAccessConfigResult.cs b/sdk/dotnet/Container/Outputs/GetClusterNodeConfigContainerdConfigPrivateRegistryAccessConfigResult.cs new file mode 100644 index 0000000000..0e64520588 --- /dev/null +++ b/sdk/dotnet/Container/Outputs/GetClusterNodeConfigContainerdConfigPrivateRegistryAccessConfigResult.cs @@ -0,0 +1,35 @@ +// *** WARNING: this file was generated by the Pulumi Terraform Bridge (tfgen) Tool. *** +// *** Do not edit by hand unless you're certain you know what you are doing! *** + +using System; +using System.Collections.Generic; +using System.Collections.Immutable; +using System.Threading.Tasks; +using Pulumi.Serialization; + +namespace Pulumi.Gcp.Container.Outputs +{ + + [OutputType] + public sealed class GetClusterNodeConfigContainerdConfigPrivateRegistryAccessConfigResult + { + /// + /// Parameters for configuring CA certificate and domains. + /// + public readonly ImmutableArray CertificateAuthorityDomainConfigs; + /// + /// Whether or not private registries are configured. + /// + public readonly bool Enabled; + + [OutputConstructor] + private GetClusterNodeConfigContainerdConfigPrivateRegistryAccessConfigResult( + ImmutableArray certificateAuthorityDomainConfigs, + + bool enabled) + { + CertificateAuthorityDomainConfigs = certificateAuthorityDomainConfigs; + Enabled = enabled; + } + } +} diff --git a/sdk/dotnet/Container/Outputs/GetClusterNodeConfigContainerdConfigResult.cs b/sdk/dotnet/Container/Outputs/GetClusterNodeConfigContainerdConfigResult.cs new file mode 100644 index 0000000000..00cac5f231 --- /dev/null +++ b/sdk/dotnet/Container/Outputs/GetClusterNodeConfigContainerdConfigResult.cs @@ -0,0 +1,27 @@ +// *** WARNING: this file was generated by the Pulumi Terraform Bridge (tfgen) Tool. *** +// *** Do not edit by hand unless you're certain you know what you are doing! *** + +using System; +using System.Collections.Generic; +using System.Collections.Immutable; +using System.Threading.Tasks; +using Pulumi.Serialization; + +namespace Pulumi.Gcp.Container.Outputs +{ + + [OutputType] + public sealed class GetClusterNodeConfigContainerdConfigResult + { + /// + /// Parameters for private container registries configuration. + /// + public readonly ImmutableArray PrivateRegistryAccessConfigs; + + [OutputConstructor] + private GetClusterNodeConfigContainerdConfigResult(ImmutableArray privateRegistryAccessConfigs) + { + PrivateRegistryAccessConfigs = privateRegistryAccessConfigs; + } + } +} diff --git a/sdk/dotnet/Container/Outputs/GetClusterNodeConfigResult.cs b/sdk/dotnet/Container/Outputs/GetClusterNodeConfigResult.cs index 896db4353a..aa63498fce 100644 --- a/sdk/dotnet/Container/Outputs/GetClusterNodeConfigResult.cs +++ b/sdk/dotnet/Container/Outputs/GetClusterNodeConfigResult.cs @@ -26,6 +26,10 @@ public sealed class GetClusterNodeConfigResult /// public readonly ImmutableArray ConfidentialNodes; /// + /// Parameters for containerd configuration. + /// + public readonly ImmutableArray ContainerdConfigs; + /// /// Size of the disk attached to each node, specified in GB. The smallest allowed disk size is 10GB. /// public readonly int DiskSizeGb; @@ -178,6 +182,8 @@ private GetClusterNodeConfigResult( ImmutableArray confidentialNodes, + ImmutableArray containerdConfigs, + int diskSizeGb, string diskType, @@ -253,6 +259,7 @@ private GetClusterNodeConfigResult( AdvancedMachineFeatures = advancedMachineFeatures; BootDiskKmsKey = bootDiskKmsKey; ConfidentialNodes = confidentialNodes; + ContainerdConfigs = containerdConfigs; DiskSizeGb = diskSizeGb; DiskType = diskType; EffectiveTaints = effectiveTaints; diff --git a/sdk/dotnet/Container/Outputs/GetClusterNodePoolDefaultNodeConfigDefaultContainerdConfigPrivateRegistryAccessConfigCertificateAuthorityDomainConfigGcpSecretManagerCertificateConfigResult.cs b/sdk/dotnet/Container/Outputs/GetClusterNodePoolDefaultNodeConfigDefaultContainerdConfigPrivateRegistryAccessConfigCertificateAuthorityDomainConfigGcpSecretManagerCertificateConfigResult.cs new file mode 100644 index 0000000000..59196f91ff --- /dev/null +++ b/sdk/dotnet/Container/Outputs/GetClusterNodePoolDefaultNodeConfigDefaultContainerdConfigPrivateRegistryAccessConfigCertificateAuthorityDomainConfigGcpSecretManagerCertificateConfigResult.cs @@ -0,0 +1,27 @@ +// *** WARNING: this file was generated by the Pulumi Terraform Bridge (tfgen) Tool. *** +// *** Do not edit by hand unless you're certain you know what you are doing! *** + +using System; +using System.Collections.Generic; +using System.Collections.Immutable; +using System.Threading.Tasks; +using Pulumi.Serialization; + +namespace Pulumi.Gcp.Container.Outputs +{ + + [OutputType] + public sealed class GetClusterNodePoolDefaultNodeConfigDefaultContainerdConfigPrivateRegistryAccessConfigCertificateAuthorityDomainConfigGcpSecretManagerCertificateConfigResult + { + /// + /// URI for the secret that hosts a certificate. Must be in the format 'projects/PROJECT_NUM/secrets/SECRET_NAME/versions/VERSION_OR_LATEST'. + /// + public readonly string SecretUri; + + [OutputConstructor] + private GetClusterNodePoolDefaultNodeConfigDefaultContainerdConfigPrivateRegistryAccessConfigCertificateAuthorityDomainConfigGcpSecretManagerCertificateConfigResult(string secretUri) + { + SecretUri = secretUri; + } + } +} diff --git a/sdk/dotnet/Container/Outputs/GetClusterNodePoolDefaultNodeConfigDefaultContainerdConfigPrivateRegistryAccessConfigCertificateAuthorityDomainConfigResult.cs b/sdk/dotnet/Container/Outputs/GetClusterNodePoolDefaultNodeConfigDefaultContainerdConfigPrivateRegistryAccessConfigCertificateAuthorityDomainConfigResult.cs new file mode 100644 index 0000000000..9b53eb7c08 --- /dev/null +++ b/sdk/dotnet/Container/Outputs/GetClusterNodePoolDefaultNodeConfigDefaultContainerdConfigPrivateRegistryAccessConfigCertificateAuthorityDomainConfigResult.cs @@ -0,0 +1,35 @@ +// *** WARNING: this file was generated by the Pulumi Terraform Bridge (tfgen) Tool. *** +// *** Do not edit by hand unless you're certain you know what you are doing! *** + +using System; +using System.Collections.Generic; +using System.Collections.Immutable; +using System.Threading.Tasks; +using Pulumi.Serialization; + +namespace Pulumi.Gcp.Container.Outputs +{ + + [OutputType] + public sealed class GetClusterNodePoolDefaultNodeConfigDefaultContainerdConfigPrivateRegistryAccessConfigCertificateAuthorityDomainConfigResult + { + /// + /// List of fully-qualified-domain-names. IPv4s and port specification are supported. + /// + public readonly ImmutableArray Fqdns; + /// + /// Parameters for configuring a certificate hosted in GCP SecretManager. + /// + public readonly ImmutableArray GcpSecretManagerCertificateConfigs; + + [OutputConstructor] + private GetClusterNodePoolDefaultNodeConfigDefaultContainerdConfigPrivateRegistryAccessConfigCertificateAuthorityDomainConfigResult( + ImmutableArray fqdns, + + ImmutableArray gcpSecretManagerCertificateConfigs) + { + Fqdns = fqdns; + GcpSecretManagerCertificateConfigs = gcpSecretManagerCertificateConfigs; + } + } +} diff --git a/sdk/dotnet/Container/Outputs/GetClusterNodePoolDefaultNodeConfigDefaultContainerdConfigPrivateRegistryAccessConfigResult.cs b/sdk/dotnet/Container/Outputs/GetClusterNodePoolDefaultNodeConfigDefaultContainerdConfigPrivateRegistryAccessConfigResult.cs new file mode 100644 index 0000000000..818e96294a --- /dev/null +++ b/sdk/dotnet/Container/Outputs/GetClusterNodePoolDefaultNodeConfigDefaultContainerdConfigPrivateRegistryAccessConfigResult.cs @@ -0,0 +1,35 @@ +// *** WARNING: this file was generated by the Pulumi Terraform Bridge (tfgen) Tool. *** +// *** Do not edit by hand unless you're certain you know what you are doing! *** + +using System; +using System.Collections.Generic; +using System.Collections.Immutable; +using System.Threading.Tasks; +using Pulumi.Serialization; + +namespace Pulumi.Gcp.Container.Outputs +{ + + [OutputType] + public sealed class GetClusterNodePoolDefaultNodeConfigDefaultContainerdConfigPrivateRegistryAccessConfigResult + { + /// + /// Parameters for configuring CA certificate and domains. + /// + public readonly ImmutableArray CertificateAuthorityDomainConfigs; + /// + /// Whether or not private registries are configured. + /// + public readonly bool Enabled; + + [OutputConstructor] + private GetClusterNodePoolDefaultNodeConfigDefaultContainerdConfigPrivateRegistryAccessConfigResult( + ImmutableArray certificateAuthorityDomainConfigs, + + bool enabled) + { + CertificateAuthorityDomainConfigs = certificateAuthorityDomainConfigs; + Enabled = enabled; + } + } +} diff --git a/sdk/dotnet/Container/Outputs/GetClusterNodePoolDefaultNodeConfigDefaultContainerdConfigResult.cs b/sdk/dotnet/Container/Outputs/GetClusterNodePoolDefaultNodeConfigDefaultContainerdConfigResult.cs new file mode 100644 index 0000000000..827588e373 --- /dev/null +++ b/sdk/dotnet/Container/Outputs/GetClusterNodePoolDefaultNodeConfigDefaultContainerdConfigResult.cs @@ -0,0 +1,27 @@ +// *** WARNING: this file was generated by the Pulumi Terraform Bridge (tfgen) Tool. *** +// *** Do not edit by hand unless you're certain you know what you are doing! *** + +using System; +using System.Collections.Generic; +using System.Collections.Immutable; +using System.Threading.Tasks; +using Pulumi.Serialization; + +namespace Pulumi.Gcp.Container.Outputs +{ + + [OutputType] + public sealed class GetClusterNodePoolDefaultNodeConfigDefaultContainerdConfigResult + { + /// + /// Parameters for private container registries configuration. + /// + public readonly ImmutableArray PrivateRegistryAccessConfigs; + + [OutputConstructor] + private GetClusterNodePoolDefaultNodeConfigDefaultContainerdConfigResult(ImmutableArray privateRegistryAccessConfigs) + { + PrivateRegistryAccessConfigs = privateRegistryAccessConfigs; + } + } +} diff --git a/sdk/dotnet/Container/Outputs/GetClusterNodePoolDefaultNodeConfigDefaultResult.cs b/sdk/dotnet/Container/Outputs/GetClusterNodePoolDefaultNodeConfigDefaultResult.cs index a5bcab2a6e..f8be8d15dc 100644 --- a/sdk/dotnet/Container/Outputs/GetClusterNodePoolDefaultNodeConfigDefaultResult.cs +++ b/sdk/dotnet/Container/Outputs/GetClusterNodePoolDefaultNodeConfigDefaultResult.cs @@ -13,6 +13,10 @@ namespace Pulumi.Gcp.Container.Outputs [OutputType] public sealed class GetClusterNodePoolDefaultNodeConfigDefaultResult { + /// + /// Parameters for containerd configuration. + /// + public readonly ImmutableArray ContainerdConfigs; /// /// GCFS configuration for this node. /// @@ -24,10 +28,13 @@ public sealed class GetClusterNodePoolDefaultNodeConfigDefaultResult [OutputConstructor] private GetClusterNodePoolDefaultNodeConfigDefaultResult( + ImmutableArray containerdConfigs, + ImmutableArray gcfsConfigs, string loggingVariant) { + ContainerdConfigs = containerdConfigs; GcfsConfigs = gcfsConfigs; LoggingVariant = loggingVariant; } diff --git a/sdk/dotnet/Container/Outputs/GetClusterNodePoolNodeConfigContainerdConfigPrivateRegistryAccessConfigCertificateAuthorityDomainConfigGcpSecretManagerCertificateConfigResult.cs b/sdk/dotnet/Container/Outputs/GetClusterNodePoolNodeConfigContainerdConfigPrivateRegistryAccessConfigCertificateAuthorityDomainConfigGcpSecretManagerCertificateConfigResult.cs new file mode 100644 index 0000000000..8c5153d998 --- /dev/null +++ b/sdk/dotnet/Container/Outputs/GetClusterNodePoolNodeConfigContainerdConfigPrivateRegistryAccessConfigCertificateAuthorityDomainConfigGcpSecretManagerCertificateConfigResult.cs @@ -0,0 +1,27 @@ +// *** WARNING: this file was generated by the Pulumi Terraform Bridge (tfgen) Tool. *** +// *** Do not edit by hand unless you're certain you know what you are doing! *** + +using System; +using System.Collections.Generic; +using System.Collections.Immutable; +using System.Threading.Tasks; +using Pulumi.Serialization; + +namespace Pulumi.Gcp.Container.Outputs +{ + + [OutputType] + public sealed class GetClusterNodePoolNodeConfigContainerdConfigPrivateRegistryAccessConfigCertificateAuthorityDomainConfigGcpSecretManagerCertificateConfigResult + { + /// + /// URI for the secret that hosts a certificate. Must be in the format 'projects/PROJECT_NUM/secrets/SECRET_NAME/versions/VERSION_OR_LATEST'. + /// + public readonly string SecretUri; + + [OutputConstructor] + private GetClusterNodePoolNodeConfigContainerdConfigPrivateRegistryAccessConfigCertificateAuthorityDomainConfigGcpSecretManagerCertificateConfigResult(string secretUri) + { + SecretUri = secretUri; + } + } +} diff --git a/sdk/dotnet/Container/Outputs/GetClusterNodePoolNodeConfigContainerdConfigPrivateRegistryAccessConfigCertificateAuthorityDomainConfigResult.cs b/sdk/dotnet/Container/Outputs/GetClusterNodePoolNodeConfigContainerdConfigPrivateRegistryAccessConfigCertificateAuthorityDomainConfigResult.cs new file mode 100644 index 0000000000..bb9660db44 --- /dev/null +++ b/sdk/dotnet/Container/Outputs/GetClusterNodePoolNodeConfigContainerdConfigPrivateRegistryAccessConfigCertificateAuthorityDomainConfigResult.cs @@ -0,0 +1,35 @@ +// *** WARNING: this file was generated by the Pulumi Terraform Bridge (tfgen) Tool. *** +// *** Do not edit by hand unless you're certain you know what you are doing! *** + +using System; +using System.Collections.Generic; +using System.Collections.Immutable; +using System.Threading.Tasks; +using Pulumi.Serialization; + +namespace Pulumi.Gcp.Container.Outputs +{ + + [OutputType] + public sealed class GetClusterNodePoolNodeConfigContainerdConfigPrivateRegistryAccessConfigCertificateAuthorityDomainConfigResult + { + /// + /// List of fully-qualified-domain-names. IPv4s and port specification are supported. + /// + public readonly ImmutableArray Fqdns; + /// + /// Parameters for configuring a certificate hosted in GCP SecretManager. + /// + public readonly ImmutableArray GcpSecretManagerCertificateConfigs; + + [OutputConstructor] + private GetClusterNodePoolNodeConfigContainerdConfigPrivateRegistryAccessConfigCertificateAuthorityDomainConfigResult( + ImmutableArray fqdns, + + ImmutableArray gcpSecretManagerCertificateConfigs) + { + Fqdns = fqdns; + GcpSecretManagerCertificateConfigs = gcpSecretManagerCertificateConfigs; + } + } +} diff --git a/sdk/dotnet/Container/Outputs/GetClusterNodePoolNodeConfigContainerdConfigPrivateRegistryAccessConfigResult.cs b/sdk/dotnet/Container/Outputs/GetClusterNodePoolNodeConfigContainerdConfigPrivateRegistryAccessConfigResult.cs new file mode 100644 index 0000000000..5186be40dc --- /dev/null +++ b/sdk/dotnet/Container/Outputs/GetClusterNodePoolNodeConfigContainerdConfigPrivateRegistryAccessConfigResult.cs @@ -0,0 +1,35 @@ +// *** WARNING: this file was generated by the Pulumi Terraform Bridge (tfgen) Tool. *** +// *** Do not edit by hand unless you're certain you know what you are doing! *** + +using System; +using System.Collections.Generic; +using System.Collections.Immutable; +using System.Threading.Tasks; +using Pulumi.Serialization; + +namespace Pulumi.Gcp.Container.Outputs +{ + + [OutputType] + public sealed class GetClusterNodePoolNodeConfigContainerdConfigPrivateRegistryAccessConfigResult + { + /// + /// Parameters for configuring CA certificate and domains. + /// + public readonly ImmutableArray CertificateAuthorityDomainConfigs; + /// + /// Whether or not private registries are configured. + /// + public readonly bool Enabled; + + [OutputConstructor] + private GetClusterNodePoolNodeConfigContainerdConfigPrivateRegistryAccessConfigResult( + ImmutableArray certificateAuthorityDomainConfigs, + + bool enabled) + { + CertificateAuthorityDomainConfigs = certificateAuthorityDomainConfigs; + Enabled = enabled; + } + } +} diff --git a/sdk/dotnet/Container/Outputs/GetClusterNodePoolNodeConfigContainerdConfigResult.cs b/sdk/dotnet/Container/Outputs/GetClusterNodePoolNodeConfigContainerdConfigResult.cs new file mode 100644 index 0000000000..924315825b --- /dev/null +++ b/sdk/dotnet/Container/Outputs/GetClusterNodePoolNodeConfigContainerdConfigResult.cs @@ -0,0 +1,27 @@ +// *** WARNING: this file was generated by the Pulumi Terraform Bridge (tfgen) Tool. *** +// *** Do not edit by hand unless you're certain you know what you are doing! *** + +using System; +using System.Collections.Generic; +using System.Collections.Immutable; +using System.Threading.Tasks; +using Pulumi.Serialization; + +namespace Pulumi.Gcp.Container.Outputs +{ + + [OutputType] + public sealed class GetClusterNodePoolNodeConfigContainerdConfigResult + { + /// + /// Parameters for private container registries configuration. + /// + public readonly ImmutableArray PrivateRegistryAccessConfigs; + + [OutputConstructor] + private GetClusterNodePoolNodeConfigContainerdConfigResult(ImmutableArray privateRegistryAccessConfigs) + { + PrivateRegistryAccessConfigs = privateRegistryAccessConfigs; + } + } +} diff --git a/sdk/dotnet/Container/Outputs/GetClusterNodePoolNodeConfigResult.cs b/sdk/dotnet/Container/Outputs/GetClusterNodePoolNodeConfigResult.cs index b54f78bec7..5de72813f1 100644 --- a/sdk/dotnet/Container/Outputs/GetClusterNodePoolNodeConfigResult.cs +++ b/sdk/dotnet/Container/Outputs/GetClusterNodePoolNodeConfigResult.cs @@ -26,6 +26,10 @@ public sealed class GetClusterNodePoolNodeConfigResult /// public readonly ImmutableArray ConfidentialNodes; /// + /// Parameters for containerd configuration. + /// + public readonly ImmutableArray ContainerdConfigs; + /// /// Size of the disk attached to each node, specified in GB. The smallest allowed disk size is 10GB. /// public readonly int DiskSizeGb; @@ -178,6 +182,8 @@ private GetClusterNodePoolNodeConfigResult( ImmutableArray confidentialNodes, + ImmutableArray containerdConfigs, + int diskSizeGb, string diskType, @@ -253,6 +259,7 @@ private GetClusterNodePoolNodeConfigResult( AdvancedMachineFeatures = advancedMachineFeatures; BootDiskKmsKey = bootDiskKmsKey; ConfidentialNodes = confidentialNodes; + ContainerdConfigs = containerdConfigs; DiskSizeGb = diskSizeGb; DiskType = diskType; EffectiveTaints = effectiveTaints; diff --git a/sdk/dotnet/Container/Outputs/NodePoolNodeConfig.cs b/sdk/dotnet/Container/Outputs/NodePoolNodeConfig.cs index d2cab3f28a..8e3d42bc54 100644 --- a/sdk/dotnet/Container/Outputs/NodePoolNodeConfig.cs +++ b/sdk/dotnet/Container/Outputs/NodePoolNodeConfig.cs @@ -26,6 +26,10 @@ public sealed class NodePoolNodeConfig /// public readonly Outputs.NodePoolNodeConfigConfidentialNodes? ConfidentialNodes; /// + /// Parameters for containerd configuration. + /// + public readonly Outputs.NodePoolNodeConfigContainerdConfig? ContainerdConfig; + /// /// Size of the disk attached to each node, specified in GB. The smallest allowed disk size is 10GB. /// public readonly int? DiskSizeGb; @@ -178,6 +182,8 @@ private NodePoolNodeConfig( Outputs.NodePoolNodeConfigConfidentialNodes? confidentialNodes, + Outputs.NodePoolNodeConfigContainerdConfig? containerdConfig, + int? diskSizeGb, string? diskType, @@ -253,6 +259,7 @@ private NodePoolNodeConfig( AdvancedMachineFeatures = advancedMachineFeatures; BootDiskKmsKey = bootDiskKmsKey; ConfidentialNodes = confidentialNodes; + ContainerdConfig = containerdConfig; DiskSizeGb = diskSizeGb; DiskType = diskType; EffectiveTaints = effectiveTaints; diff --git a/sdk/dotnet/Container/Outputs/NodePoolNodeConfigContainerdConfig.cs b/sdk/dotnet/Container/Outputs/NodePoolNodeConfigContainerdConfig.cs new file mode 100644 index 0000000000..c8e6ecb888 --- /dev/null +++ b/sdk/dotnet/Container/Outputs/NodePoolNodeConfigContainerdConfig.cs @@ -0,0 +1,27 @@ +// *** WARNING: this file was generated by the Pulumi Terraform Bridge (tfgen) Tool. *** +// *** Do not edit by hand unless you're certain you know what you are doing! *** + +using System; +using System.Collections.Generic; +using System.Collections.Immutable; +using System.Threading.Tasks; +using Pulumi.Serialization; + +namespace Pulumi.Gcp.Container.Outputs +{ + + [OutputType] + public sealed class NodePoolNodeConfigContainerdConfig + { + /// + /// Parameters for private container registries configuration. + /// + public readonly Outputs.NodePoolNodeConfigContainerdConfigPrivateRegistryAccessConfig? PrivateRegistryAccessConfig; + + [OutputConstructor] + private NodePoolNodeConfigContainerdConfig(Outputs.NodePoolNodeConfigContainerdConfigPrivateRegistryAccessConfig? privateRegistryAccessConfig) + { + PrivateRegistryAccessConfig = privateRegistryAccessConfig; + } + } +} diff --git a/sdk/dotnet/Container/Outputs/NodePoolNodeConfigContainerdConfigPrivateRegistryAccessConfig.cs b/sdk/dotnet/Container/Outputs/NodePoolNodeConfigContainerdConfigPrivateRegistryAccessConfig.cs new file mode 100644 index 0000000000..a10ede14b7 --- /dev/null +++ b/sdk/dotnet/Container/Outputs/NodePoolNodeConfigContainerdConfigPrivateRegistryAccessConfig.cs @@ -0,0 +1,35 @@ +// *** WARNING: this file was generated by the Pulumi Terraform Bridge (tfgen) Tool. *** +// *** Do not edit by hand unless you're certain you know what you are doing! *** + +using System; +using System.Collections.Generic; +using System.Collections.Immutable; +using System.Threading.Tasks; +using Pulumi.Serialization; + +namespace Pulumi.Gcp.Container.Outputs +{ + + [OutputType] + public sealed class NodePoolNodeConfigContainerdConfigPrivateRegistryAccessConfig + { + /// + /// Parameters for configuring CA certificate and domains. + /// + public readonly ImmutableArray CertificateAuthorityDomainConfigs; + /// + /// Whether or not private registries are configured. + /// + public readonly bool Enabled; + + [OutputConstructor] + private NodePoolNodeConfigContainerdConfigPrivateRegistryAccessConfig( + ImmutableArray certificateAuthorityDomainConfigs, + + bool enabled) + { + CertificateAuthorityDomainConfigs = certificateAuthorityDomainConfigs; + Enabled = enabled; + } + } +} diff --git a/sdk/dotnet/Container/Outputs/NodePoolNodeConfigContainerdConfigPrivateRegistryAccessConfigCertificateAuthorityDomainConfig.cs b/sdk/dotnet/Container/Outputs/NodePoolNodeConfigContainerdConfigPrivateRegistryAccessConfigCertificateAuthorityDomainConfig.cs new file mode 100644 index 0000000000..763791d3a4 --- /dev/null +++ b/sdk/dotnet/Container/Outputs/NodePoolNodeConfigContainerdConfigPrivateRegistryAccessConfigCertificateAuthorityDomainConfig.cs @@ -0,0 +1,35 @@ +// *** WARNING: this file was generated by the Pulumi Terraform Bridge (tfgen) Tool. *** +// *** Do not edit by hand unless you're certain you know what you are doing! *** + +using System; +using System.Collections.Generic; +using System.Collections.Immutable; +using System.Threading.Tasks; +using Pulumi.Serialization; + +namespace Pulumi.Gcp.Container.Outputs +{ + + [OutputType] + public sealed class NodePoolNodeConfigContainerdConfigPrivateRegistryAccessConfigCertificateAuthorityDomainConfig + { + /// + /// List of fully-qualified-domain-names. IPv4s and port specification are supported. + /// + public readonly ImmutableArray Fqdns; + /// + /// Parameters for configuring a certificate hosted in GCP SecretManager. + /// + public readonly Outputs.NodePoolNodeConfigContainerdConfigPrivateRegistryAccessConfigCertificateAuthorityDomainConfigGcpSecretManagerCertificateConfig GcpSecretManagerCertificateConfig; + + [OutputConstructor] + private NodePoolNodeConfigContainerdConfigPrivateRegistryAccessConfigCertificateAuthorityDomainConfig( + ImmutableArray fqdns, + + Outputs.NodePoolNodeConfigContainerdConfigPrivateRegistryAccessConfigCertificateAuthorityDomainConfigGcpSecretManagerCertificateConfig gcpSecretManagerCertificateConfig) + { + Fqdns = fqdns; + GcpSecretManagerCertificateConfig = gcpSecretManagerCertificateConfig; + } + } +} diff --git a/sdk/dotnet/Container/Outputs/NodePoolNodeConfigContainerdConfigPrivateRegistryAccessConfigCertificateAuthorityDomainConfigGcpSecretManagerCertificateConfig.cs b/sdk/dotnet/Container/Outputs/NodePoolNodeConfigContainerdConfigPrivateRegistryAccessConfigCertificateAuthorityDomainConfigGcpSecretManagerCertificateConfig.cs new file mode 100644 index 0000000000..58f1d04b2f --- /dev/null +++ b/sdk/dotnet/Container/Outputs/NodePoolNodeConfigContainerdConfigPrivateRegistryAccessConfigCertificateAuthorityDomainConfigGcpSecretManagerCertificateConfig.cs @@ -0,0 +1,27 @@ +// *** WARNING: this file was generated by the Pulumi Terraform Bridge (tfgen) Tool. *** +// *** Do not edit by hand unless you're certain you know what you are doing! *** + +using System; +using System.Collections.Generic; +using System.Collections.Immutable; +using System.Threading.Tasks; +using Pulumi.Serialization; + +namespace Pulumi.Gcp.Container.Outputs +{ + + [OutputType] + public sealed class NodePoolNodeConfigContainerdConfigPrivateRegistryAccessConfigCertificateAuthorityDomainConfigGcpSecretManagerCertificateConfig + { + /// + /// URI for the secret that hosts a certificate. Must be in the format 'projects/PROJECT_NUM/secrets/SECRET_NAME/versions/VERSION_OR_LATEST'. + /// + public readonly string SecretUri; + + [OutputConstructor] + private NodePoolNodeConfigContainerdConfigPrivateRegistryAccessConfigCertificateAuthorityDomainConfigGcpSecretManagerCertificateConfig(string secretUri) + { + SecretUri = secretUri; + } + } +} diff --git a/sdk/dotnet/DataPlex/AspectType.cs b/sdk/dotnet/DataPlex/AspectType.cs new file mode 100644 index 0000000000..280e02cac0 --- /dev/null +++ b/sdk/dotnet/DataPlex/AspectType.cs @@ -0,0 +1,565 @@ +// *** WARNING: this file was generated by the Pulumi Terraform Bridge (tfgen) Tool. *** +// *** Do not edit by hand unless you're certain you know what you are doing! *** + +using System; +using System.Collections.Generic; +using System.Collections.Immutable; +using System.Threading.Tasks; +using Pulumi.Serialization; + +namespace Pulumi.Gcp.DataPlex +{ + /// + /// An Aspect Type is a template for creating Aspects. + /// + /// ## Example Usage + /// + /// ### Dataplex Aspect Type Basic + /// + /// ```csharp + /// using System.Collections.Generic; + /// using System.Linq; + /// using Pulumi; + /// using Gcp = Pulumi.Gcp; + /// + /// return await Deployment.RunAsync(() => + /// { + /// var testAspectTypeBasic = new Gcp.DataPlex.AspectType("test_aspect_type_basic", new() + /// { + /// AspectTypeId = "aspect-type-basic", + /// Project = "my-project-name", + /// Location = "us-central1", + /// MetadataTemplate = @"{ + /// ""name"": ""tf-test-template"", + /// ""type"": ""record"", + /// ""recordFields"": [ + /// { + /// ""name"": ""type"", + /// ""type"": ""enum"", + /// ""annotations"": { + /// ""displayName"": ""Type"", + /// ""description"": ""Specifies the type of view represented by the entry."" + /// }, + /// ""index"": 1, + /// ""constraints"": { + /// ""required"": true + /// }, + /// ""enumValues"": [ + /// { + /// ""name"": ""VIEW"", + /// ""index"": 1 + /// } + /// ] + /// } + /// ] + /// } + /// ", + /// }); + /// + /// }); + /// ``` + /// ### Dataplex Aspect Type Full + /// + /// ```csharp + /// using System.Collections.Generic; + /// using System.Linq; + /// using Pulumi; + /// using Gcp = Pulumi.Gcp; + /// + /// return await Deployment.RunAsync(() => + /// { + /// var testAspectTypeFull = new Gcp.DataPlex.AspectType("test_aspect_type_full", new() + /// { + /// AspectTypeId = "aspect-type-full", + /// Project = "my-project-name", + /// Location = "us-central1", + /// Labels = + /// { + /// { "tag", "test-tf" }, + /// }, + /// DisplayName = "terraform aspect type", + /// Description = "aspect type created by Terraform", + /// MetadataTemplate = @"{ + /// ""type"": ""record"", + /// ""name"": ""Schema"", + /// ""recordFields"": [ + /// { + /// ""name"": ""fields"", + /// ""type"": ""array"", + /// ""index"": 1, + /// ""arrayItems"": { + /// ""name"": ""field"", + /// ""type"": ""record"", + /// ""typeId"": ""field"", + /// ""recordFields"": [ + /// { + /// ""name"": ""name"", + /// ""type"": ""string"", + /// ""index"": 1, + /// ""constraints"": { + /// ""required"": true + /// } + /// }, + /// { + /// ""name"": ""description"", + /// ""type"": ""string"", + /// ""index"": 2 + /// }, + /// { + /// ""name"": ""dataType"", + /// ""type"": ""string"", + /// ""index"": 3, + /// ""constraints"": { + /// ""required"": true + /// } + /// }, + /// { + /// ""name"": ""metadataType"", + /// ""type"": ""enum"", + /// ""index"": 4, + /// ""constraints"": { + /// ""required"": true + /// }, + /// ""enumValues"": [ + /// { + /// ""name"": ""BOOLEAN"", + /// ""index"": 1 + /// }, + /// { + /// ""name"": ""NUMBER"", + /// ""index"": 2 + /// }, + /// { + /// ""name"": ""STRING"", + /// ""index"": 3 + /// }, + /// { + /// ""name"": ""BYTES"", + /// ""index"": 4 + /// }, + /// { + /// ""name"": ""DATETIME"", + /// ""index"": 5 + /// }, + /// { + /// ""name"": ""TIMESTAMP"", + /// ""index"": 6 + /// }, + /// { + /// ""name"": ""GEOSPATIAL"", + /// ""index"": 7 + /// }, + /// { + /// ""name"": ""STRUCT"", + /// ""index"": 8 + /// }, + /// { + /// ""name"": ""OTHER"", + /// ""index"": 100 + /// } + /// ] + /// }, + /// { + /// ""name"": ""mode"", + /// ""type"": ""enum"", + /// ""index"": 5, + /// ""enumValues"": [ + /// { + /// ""name"": ""NULLABLE"", + /// ""index"": 1 + /// }, + /// { + /// ""name"": ""REPEATED"", + /// ""index"": 2 + /// }, + /// { + /// ""name"": ""REQUIRED"", + /// ""index"": 3 + /// } + /// ] + /// }, + /// { + /// ""name"": ""defaultValue"", + /// ""type"": ""string"", + /// ""index"": 6 + /// }, + /// { + /// ""name"": ""annotations"", + /// ""type"": ""map"", + /// ""index"": 7, + /// ""mapItems"": { + /// ""name"": ""label"", + /// ""type"": ""string"" + /// } + /// }, + /// { + /// ""name"": ""fields"", + /// ""type"": ""array"", + /// ""index"": 20, + /// ""arrayItems"": { + /// ""name"": ""field"", + /// ""type"": ""record"", + /// ""typeRef"": ""field"" + /// } + /// } + /// ] + /// } + /// } + /// ] + /// } + /// ", + /// }); + /// + /// }); + /// ``` + /// + /// ## Import + /// + /// AspectType can be imported using any of these accepted formats: + /// + /// * `projects/{{project}}/locations/{{location}}/aspectTypes/{{aspect_type_id}}` + /// + /// * `{{project}}/{{location}}/{{aspect_type_id}}` + /// + /// * `{{location}}/{{aspect_type_id}}` + /// + /// When using the `pulumi import` command, AspectType can be imported using one of the formats above. For example: + /// + /// ```sh + /// $ pulumi import gcp:dataplex/aspectType:AspectType default projects/{{project}}/locations/{{location}}/aspectTypes/{{aspect_type_id}} + /// ``` + /// + /// ```sh + /// $ pulumi import gcp:dataplex/aspectType:AspectType default {{project}}/{{location}}/{{aspect_type_id}} + /// ``` + /// + /// ```sh + /// $ pulumi import gcp:dataplex/aspectType:AspectType default {{location}}/{{aspect_type_id}} + /// ``` + /// + [GcpResourceType("gcp:dataplex/aspectType:AspectType")] + public partial class AspectType : global::Pulumi.CustomResource + { + /// + /// The aspect type id of the aspect type. + /// + [Output("aspectTypeId")] + public Output AspectTypeId { get; private set; } = null!; + + /// + /// The time when the AspectType was created. + /// + [Output("createTime")] + public Output CreateTime { get; private set; } = null!; + + /// + /// Description of the AspectType. + /// + [Output("description")] + public Output Description { get; private set; } = null!; + + /// + /// User friendly display name. + /// + [Output("displayName")] + public Output DisplayName { get; private set; } = null!; + + /// + /// All of labels (key/value pairs) present on the resource in GCP, including the labels configured through Pulumi, other clients and services. + /// + [Output("effectiveLabels")] + public Output> EffectiveLabels { get; private set; } = null!; + + /// + /// User-defined labels for the AspectType. + /// + /// **Note**: This field is non-authoritative, and will only manage the labels present in your configuration. + /// Please refer to the field `effective_labels` for all of the labels present on the resource. + /// + [Output("labels")] + public Output?> Labels { get; private set; } = null!; + + /// + /// The location where aspect type will be created in. + /// + [Output("location")] + public Output Location { get; private set; } = null!; + + /// + /// MetadataTemplate of the Aspect. + /// + [Output("metadataTemplate")] + public Output MetadataTemplate { get; private set; } = null!; + + /// + /// The relative resource name of the AspectType, of the form: projects/{project_number}/locations/{location_id}/aspectTypes/{aspect_type_id} + /// + [Output("name")] + public Output Name { get; private set; } = null!; + + /// + /// The ID of the project in which the resource belongs. + /// If it is not provided, the provider project is used. + /// + [Output("project")] + public Output Project { get; private set; } = null!; + + /// + /// The combination of labels configured directly on the resource + /// and default labels configured on the provider. + /// + [Output("pulumiLabels")] + public Output> PulumiLabels { get; private set; } = null!; + + /// + /// Denotes the transfer status of the Aspect Type. It is unspecified + /// for Aspect Type created from Dataplex API. + /// + [Output("transferStatus")] + public Output TransferStatus { get; private set; } = null!; + + /// + /// System generated globally unique ID for the AspectType. This ID will be different if the AspectType is deleted and re-created with the same name. + /// + [Output("uid")] + public Output Uid { get; private set; } = null!; + + /// + /// The time when the AspectType was last updated. + /// + [Output("updateTime")] + public Output UpdateTime { get; private set; } = null!; + + + /// + /// Create a AspectType resource with the given unique name, arguments, and options. + /// + /// + /// The unique name of the resource + /// The arguments used to populate this resource's properties + /// A bag of options that control this resource's behavior + public AspectType(string name, AspectTypeArgs? args = null, CustomResourceOptions? options = null) + : base("gcp:dataplex/aspectType:AspectType", name, args ?? new AspectTypeArgs(), MakeResourceOptions(options, "")) + { + } + + private AspectType(string name, Input id, AspectTypeState? state = null, CustomResourceOptions? options = null) + : base("gcp:dataplex/aspectType:AspectType", name, state, MakeResourceOptions(options, id)) + { + } + + private static CustomResourceOptions MakeResourceOptions(CustomResourceOptions? options, Input? id) + { + var defaultOptions = new CustomResourceOptions + { + Version = Utilities.Version, + AdditionalSecretOutputs = + { + "effectiveLabels", + "pulumiLabels", + }, + }; + var merged = CustomResourceOptions.Merge(defaultOptions, options); + // Override the ID if one was specified for consistency with other language SDKs. + merged.Id = id ?? merged.Id; + return merged; + } + /// + /// Get an existing AspectType resource's state with the given name, ID, and optional extra + /// properties used to qualify the lookup. + /// + /// + /// The unique name of the resulting resource. + /// The unique provider ID of the resource to lookup. + /// Any extra arguments used during the lookup. + /// A bag of options that control this resource's behavior + public static AspectType Get(string name, Input id, AspectTypeState? state = null, CustomResourceOptions? options = null) + { + return new AspectType(name, id, state, options); + } + } + + public sealed class AspectTypeArgs : global::Pulumi.ResourceArgs + { + /// + /// The aspect type id of the aspect type. + /// + [Input("aspectTypeId")] + public Input? AspectTypeId { get; set; } + + /// + /// Description of the AspectType. + /// + [Input("description")] + public Input? Description { get; set; } + + /// + /// User friendly display name. + /// + [Input("displayName")] + public Input? DisplayName { get; set; } + + [Input("labels")] + private InputMap? _labels; + + /// + /// User-defined labels for the AspectType. + /// + /// **Note**: This field is non-authoritative, and will only manage the labels present in your configuration. + /// Please refer to the field `effective_labels` for all of the labels present on the resource. + /// + public InputMap Labels + { + get => _labels ?? (_labels = new InputMap()); + set => _labels = value; + } + + /// + /// The location where aspect type will be created in. + /// + [Input("location")] + public Input? Location { get; set; } + + /// + /// MetadataTemplate of the Aspect. + /// + [Input("metadataTemplate")] + public Input? MetadataTemplate { get; set; } + + /// + /// The ID of the project in which the resource belongs. + /// If it is not provided, the provider project is used. + /// + [Input("project")] + public Input? Project { get; set; } + + public AspectTypeArgs() + { + } + public static new AspectTypeArgs Empty => new AspectTypeArgs(); + } + + public sealed class AspectTypeState : global::Pulumi.ResourceArgs + { + /// + /// The aspect type id of the aspect type. + /// + [Input("aspectTypeId")] + public Input? AspectTypeId { get; set; } + + /// + /// The time when the AspectType was created. + /// + [Input("createTime")] + public Input? CreateTime { get; set; } + + /// + /// Description of the AspectType. + /// + [Input("description")] + public Input? Description { get; set; } + + /// + /// User friendly display name. + /// + [Input("displayName")] + public Input? DisplayName { get; set; } + + [Input("effectiveLabels")] + private InputMap? _effectiveLabels; + + /// + /// All of labels (key/value pairs) present on the resource in GCP, including the labels configured through Pulumi, other clients and services. + /// + public InputMap EffectiveLabels + { + get => _effectiveLabels ?? (_effectiveLabels = new InputMap()); + set + { + var emptySecret = Output.CreateSecret(ImmutableDictionary.Create()); + _effectiveLabels = Output.All(value, emptySecret).Apply(v => v[0]); + } + } + + [Input("labels")] + private InputMap? _labels; + + /// + /// User-defined labels for the AspectType. + /// + /// **Note**: This field is non-authoritative, and will only manage the labels present in your configuration. + /// Please refer to the field `effective_labels` for all of the labels present on the resource. + /// + public InputMap Labels + { + get => _labels ?? (_labels = new InputMap()); + set => _labels = value; + } + + /// + /// The location where aspect type will be created in. + /// + [Input("location")] + public Input? Location { get; set; } + + /// + /// MetadataTemplate of the Aspect. + /// + [Input("metadataTemplate")] + public Input? MetadataTemplate { get; set; } + + /// + /// The relative resource name of the AspectType, of the form: projects/{project_number}/locations/{location_id}/aspectTypes/{aspect_type_id} + /// + [Input("name")] + public Input? Name { get; set; } + + /// + /// The ID of the project in which the resource belongs. + /// If it is not provided, the provider project is used. + /// + [Input("project")] + public Input? Project { get; set; } + + [Input("pulumiLabels")] + private InputMap? _pulumiLabels; + + /// + /// The combination of labels configured directly on the resource + /// and default labels configured on the provider. + /// + public InputMap PulumiLabels + { + get => _pulumiLabels ?? (_pulumiLabels = new InputMap()); + set + { + var emptySecret = Output.CreateSecret(ImmutableDictionary.Create()); + _pulumiLabels = Output.All(value, emptySecret).Apply(v => v[0]); + } + } + + /// + /// Denotes the transfer status of the Aspect Type. It is unspecified + /// for Aspect Type created from Dataplex API. + /// + [Input("transferStatus")] + public Input? TransferStatus { get; set; } + + /// + /// System generated globally unique ID for the AspectType. This ID will be different if the AspectType is deleted and re-created with the same name. + /// + [Input("uid")] + public Input? Uid { get; set; } + + /// + /// The time when the AspectType was last updated. + /// + [Input("updateTime")] + public Input? UpdateTime { get; set; } + + public AspectTypeState() + { + } + public static new AspectTypeState Empty => new AspectTypeState(); + } +} diff --git a/sdk/dotnet/DataPlex/AspectTypeIamBinding.cs b/sdk/dotnet/DataPlex/AspectTypeIamBinding.cs new file mode 100644 index 0000000000..55b1c956ee --- /dev/null +++ b/sdk/dotnet/DataPlex/AspectTypeIamBinding.cs @@ -0,0 +1,449 @@ +// *** WARNING: this file was generated by the Pulumi Terraform Bridge (tfgen) Tool. *** +// *** Do not edit by hand unless you're certain you know what you are doing! *** + +using System; +using System.Collections.Generic; +using System.Collections.Immutable; +using System.Threading.Tasks; +using Pulumi.Serialization; + +namespace Pulumi.Gcp.DataPlex +{ + /// + /// Three different resources help you manage your IAM policy for Dataplex AspectType. Each of these resources serves a different use case: + /// + /// * `gcp.dataplex.AspectTypeIamPolicy`: Authoritative. Sets the IAM policy for the aspecttype and replaces any existing policy already attached. + /// * `gcp.dataplex.AspectTypeIamBinding`: Authoritative for a given role. Updates the IAM policy to grant a role to a list of members. Other roles within the IAM policy for the aspecttype are preserved. + /// * `gcp.dataplex.AspectTypeIamMember`: Non-authoritative. Updates the IAM policy to grant a role to a new member. Other members for the role for the aspecttype are preserved. + /// + /// A data source can be used to retrieve policy data in advent you do not need creation + /// + /// * `gcp.dataplex.AspectTypeIamPolicy`: Retrieves the IAM policy for the aspecttype + /// + /// > **Note:** `gcp.dataplex.AspectTypeIamPolicy` **cannot** be used in conjunction with `gcp.dataplex.AspectTypeIamBinding` and `gcp.dataplex.AspectTypeIamMember` or they will fight over what your policy should be. + /// + /// > **Note:** `gcp.dataplex.AspectTypeIamBinding` resources **can be** used in conjunction with `gcp.dataplex.AspectTypeIamMember` resources **only if** they do not grant privilege to the same role. + /// + /// ## gcp.dataplex.AspectTypeIamPolicy + /// + /// ```csharp + /// using System.Collections.Generic; + /// using System.Linq; + /// using Pulumi; + /// using Gcp = Pulumi.Gcp; + /// + /// return await Deployment.RunAsync(() => + /// { + /// var admin = Gcp.Organizations.GetIAMPolicy.Invoke(new() + /// { + /// Bindings = new[] + /// { + /// new Gcp.Organizations.Inputs.GetIAMPolicyBindingInputArgs + /// { + /// Role = "roles/viewer", + /// Members = new[] + /// { + /// "user:jane@example.com", + /// }, + /// }, + /// }, + /// }); + /// + /// var policy = new Gcp.DataPlex.AspectTypeIamPolicy("policy", new() + /// { + /// Project = testAspectTypeBasic.Project, + /// Location = testAspectTypeBasic.Location, + /// AspectTypeId = testAspectTypeBasic.AspectTypeId, + /// PolicyData = admin.Apply(getIAMPolicyResult => getIAMPolicyResult.PolicyData), + /// }); + /// + /// }); + /// ``` + /// + /// ## gcp.dataplex.AspectTypeIamBinding + /// + /// ```csharp + /// using System.Collections.Generic; + /// using System.Linq; + /// using Pulumi; + /// using Gcp = Pulumi.Gcp; + /// + /// return await Deployment.RunAsync(() => + /// { + /// var binding = new Gcp.DataPlex.AspectTypeIamBinding("binding", new() + /// { + /// Project = testAspectTypeBasic.Project, + /// Location = testAspectTypeBasic.Location, + /// AspectTypeId = testAspectTypeBasic.AspectTypeId, + /// Role = "roles/viewer", + /// Members = new[] + /// { + /// "user:jane@example.com", + /// }, + /// }); + /// + /// }); + /// ``` + /// + /// ## gcp.dataplex.AspectTypeIamMember + /// + /// ```csharp + /// using System.Collections.Generic; + /// using System.Linq; + /// using Pulumi; + /// using Gcp = Pulumi.Gcp; + /// + /// return await Deployment.RunAsync(() => + /// { + /// var member = new Gcp.DataPlex.AspectTypeIamMember("member", new() + /// { + /// Project = testAspectTypeBasic.Project, + /// Location = testAspectTypeBasic.Location, + /// AspectTypeId = testAspectTypeBasic.AspectTypeId, + /// Role = "roles/viewer", + /// Member = "user:jane@example.com", + /// }); + /// + /// }); + /// ``` + /// + /// ## gcp.dataplex.AspectTypeIamPolicy + /// + /// ```csharp + /// using System.Collections.Generic; + /// using System.Linq; + /// using Pulumi; + /// using Gcp = Pulumi.Gcp; + /// + /// return await Deployment.RunAsync(() => + /// { + /// var admin = Gcp.Organizations.GetIAMPolicy.Invoke(new() + /// { + /// Bindings = new[] + /// { + /// new Gcp.Organizations.Inputs.GetIAMPolicyBindingInputArgs + /// { + /// Role = "roles/viewer", + /// Members = new[] + /// { + /// "user:jane@example.com", + /// }, + /// }, + /// }, + /// }); + /// + /// var policy = new Gcp.DataPlex.AspectTypeIamPolicy("policy", new() + /// { + /// Project = testAspectTypeBasic.Project, + /// Location = testAspectTypeBasic.Location, + /// AspectTypeId = testAspectTypeBasic.AspectTypeId, + /// PolicyData = admin.Apply(getIAMPolicyResult => getIAMPolicyResult.PolicyData), + /// }); + /// + /// }); + /// ``` + /// + /// ## gcp.dataplex.AspectTypeIamBinding + /// + /// ```csharp + /// using System.Collections.Generic; + /// using System.Linq; + /// using Pulumi; + /// using Gcp = Pulumi.Gcp; + /// + /// return await Deployment.RunAsync(() => + /// { + /// var binding = new Gcp.DataPlex.AspectTypeIamBinding("binding", new() + /// { + /// Project = testAspectTypeBasic.Project, + /// Location = testAspectTypeBasic.Location, + /// AspectTypeId = testAspectTypeBasic.AspectTypeId, + /// Role = "roles/viewer", + /// Members = new[] + /// { + /// "user:jane@example.com", + /// }, + /// }); + /// + /// }); + /// ``` + /// + /// ## gcp.dataplex.AspectTypeIamMember + /// + /// ```csharp + /// using System.Collections.Generic; + /// using System.Linq; + /// using Pulumi; + /// using Gcp = Pulumi.Gcp; + /// + /// return await Deployment.RunAsync(() => + /// { + /// var member = new Gcp.DataPlex.AspectTypeIamMember("member", new() + /// { + /// Project = testAspectTypeBasic.Project, + /// Location = testAspectTypeBasic.Location, + /// AspectTypeId = testAspectTypeBasic.AspectTypeId, + /// Role = "roles/viewer", + /// Member = "user:jane@example.com", + /// }); + /// + /// }); + /// ``` + /// + /// ## Import + /// + /// For all import syntaxes, the "resource in question" can take any of the following forms: + /// + /// * projects/{{project}}/locations/{{location}}/aspectTypes/{{aspect_type_id}} + /// + /// * {{project}}/{{location}}/{{aspect_type_id}} + /// + /// * {{location}}/{{aspect_type_id}} + /// + /// * {{aspect_type_id}} + /// + /// Any variables not passed in the import command will be taken from the provider configuration. + /// + /// Dataplex aspecttype IAM resources can be imported using the resource identifiers, role, and member. + /// + /// IAM member imports use space-delimited identifiers: the resource in question, the role, and the member identity, e.g. + /// + /// ```sh + /// $ pulumi import gcp:dataplex/aspectTypeIamBinding:AspectTypeIamBinding editor "projects/{{project}}/locations/{{location}}/aspectTypes/{{aspect_type_id}} roles/viewer user:jane@example.com" + /// ``` + /// + /// IAM binding imports use space-delimited identifiers: the resource in question and the role, e.g. + /// + /// ```sh + /// $ pulumi import gcp:dataplex/aspectTypeIamBinding:AspectTypeIamBinding editor "projects/{{project}}/locations/{{location}}/aspectTypes/{{aspect_type_id}} roles/viewer" + /// ``` + /// + /// IAM policy imports use the identifier of the resource in question, e.g. + /// + /// ```sh + /// $ pulumi import gcp:dataplex/aspectTypeIamBinding:AspectTypeIamBinding editor projects/{{project}}/locations/{{location}}/aspectTypes/{{aspect_type_id}} + /// ``` + /// + /// -> **Custom Roles**: If you're importing a IAM resource with a custom role, make sure to use the + /// + /// full name of the custom role, e.g. `[projects/my-project|organizations/my-org]/roles/my-custom-role`. + /// + [GcpResourceType("gcp:dataplex/aspectTypeIamBinding:AspectTypeIamBinding")] + public partial class AspectTypeIamBinding : global::Pulumi.CustomResource + { + [Output("aspectTypeId")] + public Output AspectTypeId { get; private set; } = null!; + + [Output("condition")] + public Output Condition { get; private set; } = null!; + + /// + /// (Computed) The etag of the IAM policy. + /// + [Output("etag")] + public Output Etag { get; private set; } = null!; + + /// + /// The location where aspect type will be created in. + /// Used to find the parent resource to bind the IAM policy to + /// + [Output("location")] + public Output Location { get; private set; } = null!; + + /// + /// Identities that will be granted the privilege in `role`. + /// Each entry can have one of the following values: + /// * **allUsers**: A special identifier that represents anyone who is on the internet; with or without a Google account. + /// * **allAuthenticatedUsers**: A special identifier that represents anyone who is authenticated with a Google account or a service account. + /// * **user:{emailid}**: An email address that represents a specific Google account. For example, alice@gmail.com or joe@example.com. + /// * **serviceAccount:{emailid}**: An email address that represents a service account. For example, my-other-app@appspot.gserviceaccount.com. + /// * **group:{emailid}**: An email address that represents a Google group. For example, admins@example.com. + /// * **domain:{domain}**: A G Suite domain (primary, instead of alias) name that represents all the users of that domain. For example, google.com or example.com. + /// * **projectOwner:projectid**: Owners of the given project. For example, "projectOwner:my-example-project" + /// * **projectEditor:projectid**: Editors of the given project. For example, "projectEditor:my-example-project" + /// * **projectViewer:projectid**: Viewers of the given project. For example, "projectViewer:my-example-project" + /// + [Output("members")] + public Output> Members { get; private set; } = null!; + + /// + /// The ID of the project in which the resource belongs. + /// If it is not provided, the project will be parsed from the identifier of the parent resource. If no project is provided in the parent identifier and no project is specified, the provider project is used. + /// + [Output("project")] + public Output Project { get; private set; } = null!; + + /// + /// The role that should be applied. Only one + /// `gcp.dataplex.AspectTypeIamBinding` can be used per role. Note that custom roles must be of the format + /// `[projects|organizations]/{parent-name}/roles/{role-name}`. + /// + [Output("role")] + public Output Role { get; private set; } = null!; + + + /// + /// Create a AspectTypeIamBinding resource with the given unique name, arguments, and options. + /// + /// + /// The unique name of the resource + /// The arguments used to populate this resource's properties + /// A bag of options that control this resource's behavior + public AspectTypeIamBinding(string name, AspectTypeIamBindingArgs args, CustomResourceOptions? options = null) + : base("gcp:dataplex/aspectTypeIamBinding:AspectTypeIamBinding", name, args ?? new AspectTypeIamBindingArgs(), MakeResourceOptions(options, "")) + { + } + + private AspectTypeIamBinding(string name, Input id, AspectTypeIamBindingState? state = null, CustomResourceOptions? options = null) + : base("gcp:dataplex/aspectTypeIamBinding:AspectTypeIamBinding", name, state, MakeResourceOptions(options, id)) + { + } + + private static CustomResourceOptions MakeResourceOptions(CustomResourceOptions? options, Input? id) + { + var defaultOptions = new CustomResourceOptions + { + Version = Utilities.Version, + }; + var merged = CustomResourceOptions.Merge(defaultOptions, options); + // Override the ID if one was specified for consistency with other language SDKs. + merged.Id = id ?? merged.Id; + return merged; + } + /// + /// Get an existing AspectTypeIamBinding resource's state with the given name, ID, and optional extra + /// properties used to qualify the lookup. + /// + /// + /// The unique name of the resulting resource. + /// The unique provider ID of the resource to lookup. + /// Any extra arguments used during the lookup. + /// A bag of options that control this resource's behavior + public static AspectTypeIamBinding Get(string name, Input id, AspectTypeIamBindingState? state = null, CustomResourceOptions? options = null) + { + return new AspectTypeIamBinding(name, id, state, options); + } + } + + public sealed class AspectTypeIamBindingArgs : global::Pulumi.ResourceArgs + { + [Input("aspectTypeId", required: true)] + public Input AspectTypeId { get; set; } = null!; + + [Input("condition")] + public Input? Condition { get; set; } + + /// + /// The location where aspect type will be created in. + /// Used to find the parent resource to bind the IAM policy to + /// + [Input("location")] + public Input? Location { get; set; } + + [Input("members", required: true)] + private InputList? _members; + + /// + /// Identities that will be granted the privilege in `role`. + /// Each entry can have one of the following values: + /// * **allUsers**: A special identifier that represents anyone who is on the internet; with or without a Google account. + /// * **allAuthenticatedUsers**: A special identifier that represents anyone who is authenticated with a Google account or a service account. + /// * **user:{emailid}**: An email address that represents a specific Google account. For example, alice@gmail.com or joe@example.com. + /// * **serviceAccount:{emailid}**: An email address that represents a service account. For example, my-other-app@appspot.gserviceaccount.com. + /// * **group:{emailid}**: An email address that represents a Google group. For example, admins@example.com. + /// * **domain:{domain}**: A G Suite domain (primary, instead of alias) name that represents all the users of that domain. For example, google.com or example.com. + /// * **projectOwner:projectid**: Owners of the given project. For example, "projectOwner:my-example-project" + /// * **projectEditor:projectid**: Editors of the given project. For example, "projectEditor:my-example-project" + /// * **projectViewer:projectid**: Viewers of the given project. For example, "projectViewer:my-example-project" + /// + public InputList Members + { + get => _members ?? (_members = new InputList()); + set => _members = value; + } + + /// + /// The ID of the project in which the resource belongs. + /// If it is not provided, the project will be parsed from the identifier of the parent resource. If no project is provided in the parent identifier and no project is specified, the provider project is used. + /// + [Input("project")] + public Input? Project { get; set; } + + /// + /// The role that should be applied. Only one + /// `gcp.dataplex.AspectTypeIamBinding` can be used per role. Note that custom roles must be of the format + /// `[projects|organizations]/{parent-name}/roles/{role-name}`. + /// + [Input("role", required: true)] + public Input Role { get; set; } = null!; + + public AspectTypeIamBindingArgs() + { + } + public static new AspectTypeIamBindingArgs Empty => new AspectTypeIamBindingArgs(); + } + + public sealed class AspectTypeIamBindingState : global::Pulumi.ResourceArgs + { + [Input("aspectTypeId")] + public Input? AspectTypeId { get; set; } + + [Input("condition")] + public Input? Condition { get; set; } + + /// + /// (Computed) The etag of the IAM policy. + /// + [Input("etag")] + public Input? Etag { get; set; } + + /// + /// The location where aspect type will be created in. + /// Used to find the parent resource to bind the IAM policy to + /// + [Input("location")] + public Input? Location { get; set; } + + [Input("members")] + private InputList? _members; + + /// + /// Identities that will be granted the privilege in `role`. + /// Each entry can have one of the following values: + /// * **allUsers**: A special identifier that represents anyone who is on the internet; with or without a Google account. + /// * **allAuthenticatedUsers**: A special identifier that represents anyone who is authenticated with a Google account or a service account. + /// * **user:{emailid}**: An email address that represents a specific Google account. For example, alice@gmail.com or joe@example.com. + /// * **serviceAccount:{emailid}**: An email address that represents a service account. For example, my-other-app@appspot.gserviceaccount.com. + /// * **group:{emailid}**: An email address that represents a Google group. For example, admins@example.com. + /// * **domain:{domain}**: A G Suite domain (primary, instead of alias) name that represents all the users of that domain. For example, google.com or example.com. + /// * **projectOwner:projectid**: Owners of the given project. For example, "projectOwner:my-example-project" + /// * **projectEditor:projectid**: Editors of the given project. For example, "projectEditor:my-example-project" + /// * **projectViewer:projectid**: Viewers of the given project. For example, "projectViewer:my-example-project" + /// + public InputList Members + { + get => _members ?? (_members = new InputList()); + set => _members = value; + } + + /// + /// The ID of the project in which the resource belongs. + /// If it is not provided, the project will be parsed from the identifier of the parent resource. If no project is provided in the parent identifier and no project is specified, the provider project is used. + /// + [Input("project")] + public Input? Project { get; set; } + + /// + /// The role that should be applied. Only one + /// `gcp.dataplex.AspectTypeIamBinding` can be used per role. Note that custom roles must be of the format + /// `[projects|organizations]/{parent-name}/roles/{role-name}`. + /// + [Input("role")] + public Input? Role { get; set; } + + public AspectTypeIamBindingState() + { + } + public static new AspectTypeIamBindingState Empty => new AspectTypeIamBindingState(); + } +} diff --git a/sdk/dotnet/DataPlex/AspectTypeIamMember.cs b/sdk/dotnet/DataPlex/AspectTypeIamMember.cs new file mode 100644 index 0000000000..586f262426 --- /dev/null +++ b/sdk/dotnet/DataPlex/AspectTypeIamMember.cs @@ -0,0 +1,437 @@ +// *** WARNING: this file was generated by the Pulumi Terraform Bridge (tfgen) Tool. *** +// *** Do not edit by hand unless you're certain you know what you are doing! *** + +using System; +using System.Collections.Generic; +using System.Collections.Immutable; +using System.Threading.Tasks; +using Pulumi.Serialization; + +namespace Pulumi.Gcp.DataPlex +{ + /// + /// Three different resources help you manage your IAM policy for Dataplex AspectType. Each of these resources serves a different use case: + /// + /// * `gcp.dataplex.AspectTypeIamPolicy`: Authoritative. Sets the IAM policy for the aspecttype and replaces any existing policy already attached. + /// * `gcp.dataplex.AspectTypeIamBinding`: Authoritative for a given role. Updates the IAM policy to grant a role to a list of members. Other roles within the IAM policy for the aspecttype are preserved. + /// * `gcp.dataplex.AspectTypeIamMember`: Non-authoritative. Updates the IAM policy to grant a role to a new member. Other members for the role for the aspecttype are preserved. + /// + /// A data source can be used to retrieve policy data in advent you do not need creation + /// + /// * `gcp.dataplex.AspectTypeIamPolicy`: Retrieves the IAM policy for the aspecttype + /// + /// > **Note:** `gcp.dataplex.AspectTypeIamPolicy` **cannot** be used in conjunction with `gcp.dataplex.AspectTypeIamBinding` and `gcp.dataplex.AspectTypeIamMember` or they will fight over what your policy should be. + /// + /// > **Note:** `gcp.dataplex.AspectTypeIamBinding` resources **can be** used in conjunction with `gcp.dataplex.AspectTypeIamMember` resources **only if** they do not grant privilege to the same role. + /// + /// ## gcp.dataplex.AspectTypeIamPolicy + /// + /// ```csharp + /// using System.Collections.Generic; + /// using System.Linq; + /// using Pulumi; + /// using Gcp = Pulumi.Gcp; + /// + /// return await Deployment.RunAsync(() => + /// { + /// var admin = Gcp.Organizations.GetIAMPolicy.Invoke(new() + /// { + /// Bindings = new[] + /// { + /// new Gcp.Organizations.Inputs.GetIAMPolicyBindingInputArgs + /// { + /// Role = "roles/viewer", + /// Members = new[] + /// { + /// "user:jane@example.com", + /// }, + /// }, + /// }, + /// }); + /// + /// var policy = new Gcp.DataPlex.AspectTypeIamPolicy("policy", new() + /// { + /// Project = testAspectTypeBasic.Project, + /// Location = testAspectTypeBasic.Location, + /// AspectTypeId = testAspectTypeBasic.AspectTypeId, + /// PolicyData = admin.Apply(getIAMPolicyResult => getIAMPolicyResult.PolicyData), + /// }); + /// + /// }); + /// ``` + /// + /// ## gcp.dataplex.AspectTypeIamBinding + /// + /// ```csharp + /// using System.Collections.Generic; + /// using System.Linq; + /// using Pulumi; + /// using Gcp = Pulumi.Gcp; + /// + /// return await Deployment.RunAsync(() => + /// { + /// var binding = new Gcp.DataPlex.AspectTypeIamBinding("binding", new() + /// { + /// Project = testAspectTypeBasic.Project, + /// Location = testAspectTypeBasic.Location, + /// AspectTypeId = testAspectTypeBasic.AspectTypeId, + /// Role = "roles/viewer", + /// Members = new[] + /// { + /// "user:jane@example.com", + /// }, + /// }); + /// + /// }); + /// ``` + /// + /// ## gcp.dataplex.AspectTypeIamMember + /// + /// ```csharp + /// using System.Collections.Generic; + /// using System.Linq; + /// using Pulumi; + /// using Gcp = Pulumi.Gcp; + /// + /// return await Deployment.RunAsync(() => + /// { + /// var member = new Gcp.DataPlex.AspectTypeIamMember("member", new() + /// { + /// Project = testAspectTypeBasic.Project, + /// Location = testAspectTypeBasic.Location, + /// AspectTypeId = testAspectTypeBasic.AspectTypeId, + /// Role = "roles/viewer", + /// Member = "user:jane@example.com", + /// }); + /// + /// }); + /// ``` + /// + /// ## gcp.dataplex.AspectTypeIamPolicy + /// + /// ```csharp + /// using System.Collections.Generic; + /// using System.Linq; + /// using Pulumi; + /// using Gcp = Pulumi.Gcp; + /// + /// return await Deployment.RunAsync(() => + /// { + /// var admin = Gcp.Organizations.GetIAMPolicy.Invoke(new() + /// { + /// Bindings = new[] + /// { + /// new Gcp.Organizations.Inputs.GetIAMPolicyBindingInputArgs + /// { + /// Role = "roles/viewer", + /// Members = new[] + /// { + /// "user:jane@example.com", + /// }, + /// }, + /// }, + /// }); + /// + /// var policy = new Gcp.DataPlex.AspectTypeIamPolicy("policy", new() + /// { + /// Project = testAspectTypeBasic.Project, + /// Location = testAspectTypeBasic.Location, + /// AspectTypeId = testAspectTypeBasic.AspectTypeId, + /// PolicyData = admin.Apply(getIAMPolicyResult => getIAMPolicyResult.PolicyData), + /// }); + /// + /// }); + /// ``` + /// + /// ## gcp.dataplex.AspectTypeIamBinding + /// + /// ```csharp + /// using System.Collections.Generic; + /// using System.Linq; + /// using Pulumi; + /// using Gcp = Pulumi.Gcp; + /// + /// return await Deployment.RunAsync(() => + /// { + /// var binding = new Gcp.DataPlex.AspectTypeIamBinding("binding", new() + /// { + /// Project = testAspectTypeBasic.Project, + /// Location = testAspectTypeBasic.Location, + /// AspectTypeId = testAspectTypeBasic.AspectTypeId, + /// Role = "roles/viewer", + /// Members = new[] + /// { + /// "user:jane@example.com", + /// }, + /// }); + /// + /// }); + /// ``` + /// + /// ## gcp.dataplex.AspectTypeIamMember + /// + /// ```csharp + /// using System.Collections.Generic; + /// using System.Linq; + /// using Pulumi; + /// using Gcp = Pulumi.Gcp; + /// + /// return await Deployment.RunAsync(() => + /// { + /// var member = new Gcp.DataPlex.AspectTypeIamMember("member", new() + /// { + /// Project = testAspectTypeBasic.Project, + /// Location = testAspectTypeBasic.Location, + /// AspectTypeId = testAspectTypeBasic.AspectTypeId, + /// Role = "roles/viewer", + /// Member = "user:jane@example.com", + /// }); + /// + /// }); + /// ``` + /// + /// ## Import + /// + /// For all import syntaxes, the "resource in question" can take any of the following forms: + /// + /// * projects/{{project}}/locations/{{location}}/aspectTypes/{{aspect_type_id}} + /// + /// * {{project}}/{{location}}/{{aspect_type_id}} + /// + /// * {{location}}/{{aspect_type_id}} + /// + /// * {{aspect_type_id}} + /// + /// Any variables not passed in the import command will be taken from the provider configuration. + /// + /// Dataplex aspecttype IAM resources can be imported using the resource identifiers, role, and member. + /// + /// IAM member imports use space-delimited identifiers: the resource in question, the role, and the member identity, e.g. + /// + /// ```sh + /// $ pulumi import gcp:dataplex/aspectTypeIamMember:AspectTypeIamMember editor "projects/{{project}}/locations/{{location}}/aspectTypes/{{aspect_type_id}} roles/viewer user:jane@example.com" + /// ``` + /// + /// IAM binding imports use space-delimited identifiers: the resource in question and the role, e.g. + /// + /// ```sh + /// $ pulumi import gcp:dataplex/aspectTypeIamMember:AspectTypeIamMember editor "projects/{{project}}/locations/{{location}}/aspectTypes/{{aspect_type_id}} roles/viewer" + /// ``` + /// + /// IAM policy imports use the identifier of the resource in question, e.g. + /// + /// ```sh + /// $ pulumi import gcp:dataplex/aspectTypeIamMember:AspectTypeIamMember editor projects/{{project}}/locations/{{location}}/aspectTypes/{{aspect_type_id}} + /// ``` + /// + /// -> **Custom Roles**: If you're importing a IAM resource with a custom role, make sure to use the + /// + /// full name of the custom role, e.g. `[projects/my-project|organizations/my-org]/roles/my-custom-role`. + /// + [GcpResourceType("gcp:dataplex/aspectTypeIamMember:AspectTypeIamMember")] + public partial class AspectTypeIamMember : global::Pulumi.CustomResource + { + [Output("aspectTypeId")] + public Output AspectTypeId { get; private set; } = null!; + + [Output("condition")] + public Output Condition { get; private set; } = null!; + + /// + /// (Computed) The etag of the IAM policy. + /// + [Output("etag")] + public Output Etag { get; private set; } = null!; + + /// + /// The location where aspect type will be created in. + /// Used to find the parent resource to bind the IAM policy to + /// + [Output("location")] + public Output Location { get; private set; } = null!; + + /// + /// Identities that will be granted the privilege in `role`. + /// Each entry can have one of the following values: + /// * **allUsers**: A special identifier that represents anyone who is on the internet; with or without a Google account. + /// * **allAuthenticatedUsers**: A special identifier that represents anyone who is authenticated with a Google account or a service account. + /// * **user:{emailid}**: An email address that represents a specific Google account. For example, alice@gmail.com or joe@example.com. + /// * **serviceAccount:{emailid}**: An email address that represents a service account. For example, my-other-app@appspot.gserviceaccount.com. + /// * **group:{emailid}**: An email address that represents a Google group. For example, admins@example.com. + /// * **domain:{domain}**: A G Suite domain (primary, instead of alias) name that represents all the users of that domain. For example, google.com or example.com. + /// * **projectOwner:projectid**: Owners of the given project. For example, "projectOwner:my-example-project" + /// * **projectEditor:projectid**: Editors of the given project. For example, "projectEditor:my-example-project" + /// * **projectViewer:projectid**: Viewers of the given project. For example, "projectViewer:my-example-project" + /// + [Output("member")] + public Output Member { get; private set; } = null!; + + /// + /// The ID of the project in which the resource belongs. + /// If it is not provided, the project will be parsed from the identifier of the parent resource. If no project is provided in the parent identifier and no project is specified, the provider project is used. + /// + [Output("project")] + public Output Project { get; private set; } = null!; + + /// + /// The role that should be applied. Only one + /// `gcp.dataplex.AspectTypeIamBinding` can be used per role. Note that custom roles must be of the format + /// `[projects|organizations]/{parent-name}/roles/{role-name}`. + /// + [Output("role")] + public Output Role { get; private set; } = null!; + + + /// + /// Create a AspectTypeIamMember resource with the given unique name, arguments, and options. + /// + /// + /// The unique name of the resource + /// The arguments used to populate this resource's properties + /// A bag of options that control this resource's behavior + public AspectTypeIamMember(string name, AspectTypeIamMemberArgs args, CustomResourceOptions? options = null) + : base("gcp:dataplex/aspectTypeIamMember:AspectTypeIamMember", name, args ?? new AspectTypeIamMemberArgs(), MakeResourceOptions(options, "")) + { + } + + private AspectTypeIamMember(string name, Input id, AspectTypeIamMemberState? state = null, CustomResourceOptions? options = null) + : base("gcp:dataplex/aspectTypeIamMember:AspectTypeIamMember", name, state, MakeResourceOptions(options, id)) + { + } + + private static CustomResourceOptions MakeResourceOptions(CustomResourceOptions? options, Input? id) + { + var defaultOptions = new CustomResourceOptions + { + Version = Utilities.Version, + }; + var merged = CustomResourceOptions.Merge(defaultOptions, options); + // Override the ID if one was specified for consistency with other language SDKs. + merged.Id = id ?? merged.Id; + return merged; + } + /// + /// Get an existing AspectTypeIamMember resource's state with the given name, ID, and optional extra + /// properties used to qualify the lookup. + /// + /// + /// The unique name of the resulting resource. + /// The unique provider ID of the resource to lookup. + /// Any extra arguments used during the lookup. + /// A bag of options that control this resource's behavior + public static AspectTypeIamMember Get(string name, Input id, AspectTypeIamMemberState? state = null, CustomResourceOptions? options = null) + { + return new AspectTypeIamMember(name, id, state, options); + } + } + + public sealed class AspectTypeIamMemberArgs : global::Pulumi.ResourceArgs + { + [Input("aspectTypeId", required: true)] + public Input AspectTypeId { get; set; } = null!; + + [Input("condition")] + public Input? Condition { get; set; } + + /// + /// The location where aspect type will be created in. + /// Used to find the parent resource to bind the IAM policy to + /// + [Input("location")] + public Input? Location { get; set; } + + /// + /// Identities that will be granted the privilege in `role`. + /// Each entry can have one of the following values: + /// * **allUsers**: A special identifier that represents anyone who is on the internet; with or without a Google account. + /// * **allAuthenticatedUsers**: A special identifier that represents anyone who is authenticated with a Google account or a service account. + /// * **user:{emailid}**: An email address that represents a specific Google account. For example, alice@gmail.com or joe@example.com. + /// * **serviceAccount:{emailid}**: An email address that represents a service account. For example, my-other-app@appspot.gserviceaccount.com. + /// * **group:{emailid}**: An email address that represents a Google group. For example, admins@example.com. + /// * **domain:{domain}**: A G Suite domain (primary, instead of alias) name that represents all the users of that domain. For example, google.com or example.com. + /// * **projectOwner:projectid**: Owners of the given project. For example, "projectOwner:my-example-project" + /// * **projectEditor:projectid**: Editors of the given project. For example, "projectEditor:my-example-project" + /// * **projectViewer:projectid**: Viewers of the given project. For example, "projectViewer:my-example-project" + /// + [Input("member", required: true)] + public Input Member { get; set; } = null!; + + /// + /// The ID of the project in which the resource belongs. + /// If it is not provided, the project will be parsed from the identifier of the parent resource. If no project is provided in the parent identifier and no project is specified, the provider project is used. + /// + [Input("project")] + public Input? Project { get; set; } + + /// + /// The role that should be applied. Only one + /// `gcp.dataplex.AspectTypeIamBinding` can be used per role. Note that custom roles must be of the format + /// `[projects|organizations]/{parent-name}/roles/{role-name}`. + /// + [Input("role", required: true)] + public Input Role { get; set; } = null!; + + public AspectTypeIamMemberArgs() + { + } + public static new AspectTypeIamMemberArgs Empty => new AspectTypeIamMemberArgs(); + } + + public sealed class AspectTypeIamMemberState : global::Pulumi.ResourceArgs + { + [Input("aspectTypeId")] + public Input? AspectTypeId { get; set; } + + [Input("condition")] + public Input? Condition { get; set; } + + /// + /// (Computed) The etag of the IAM policy. + /// + [Input("etag")] + public Input? Etag { get; set; } + + /// + /// The location where aspect type will be created in. + /// Used to find the parent resource to bind the IAM policy to + /// + [Input("location")] + public Input? Location { get; set; } + + /// + /// Identities that will be granted the privilege in `role`. + /// Each entry can have one of the following values: + /// * **allUsers**: A special identifier that represents anyone who is on the internet; with or without a Google account. + /// * **allAuthenticatedUsers**: A special identifier that represents anyone who is authenticated with a Google account or a service account. + /// * **user:{emailid}**: An email address that represents a specific Google account. For example, alice@gmail.com or joe@example.com. + /// * **serviceAccount:{emailid}**: An email address that represents a service account. For example, my-other-app@appspot.gserviceaccount.com. + /// * **group:{emailid}**: An email address that represents a Google group. For example, admins@example.com. + /// * **domain:{domain}**: A G Suite domain (primary, instead of alias) name that represents all the users of that domain. For example, google.com or example.com. + /// * **projectOwner:projectid**: Owners of the given project. For example, "projectOwner:my-example-project" + /// * **projectEditor:projectid**: Editors of the given project. For example, "projectEditor:my-example-project" + /// * **projectViewer:projectid**: Viewers of the given project. For example, "projectViewer:my-example-project" + /// + [Input("member")] + public Input? Member { get; set; } + + /// + /// The ID of the project in which the resource belongs. + /// If it is not provided, the project will be parsed from the identifier of the parent resource. If no project is provided in the parent identifier and no project is specified, the provider project is used. + /// + [Input("project")] + public Input? Project { get; set; } + + /// + /// The role that should be applied. Only one + /// `gcp.dataplex.AspectTypeIamBinding` can be used per role. Note that custom roles must be of the format + /// `[projects|organizations]/{parent-name}/roles/{role-name}`. + /// + [Input("role")] + public Input? Role { get; set; } + + public AspectTypeIamMemberState() + { + } + public static new AspectTypeIamMemberState Empty => new AspectTypeIamMemberState(); + } +} diff --git a/sdk/dotnet/DataPlex/AspectTypeIamPolicy.cs b/sdk/dotnet/DataPlex/AspectTypeIamPolicy.cs new file mode 100644 index 0000000000..83b6fe25b9 --- /dev/null +++ b/sdk/dotnet/DataPlex/AspectTypeIamPolicy.cs @@ -0,0 +1,377 @@ +// *** WARNING: this file was generated by the Pulumi Terraform Bridge (tfgen) Tool. *** +// *** Do not edit by hand unless you're certain you know what you are doing! *** + +using System; +using System.Collections.Generic; +using System.Collections.Immutable; +using System.Threading.Tasks; +using Pulumi.Serialization; + +namespace Pulumi.Gcp.DataPlex +{ + /// + /// Three different resources help you manage your IAM policy for Dataplex AspectType. Each of these resources serves a different use case: + /// + /// * `gcp.dataplex.AspectTypeIamPolicy`: Authoritative. Sets the IAM policy for the aspecttype and replaces any existing policy already attached. + /// * `gcp.dataplex.AspectTypeIamBinding`: Authoritative for a given role. Updates the IAM policy to grant a role to a list of members. Other roles within the IAM policy for the aspecttype are preserved. + /// * `gcp.dataplex.AspectTypeIamMember`: Non-authoritative. Updates the IAM policy to grant a role to a new member. Other members for the role for the aspecttype are preserved. + /// + /// A data source can be used to retrieve policy data in advent you do not need creation + /// + /// * `gcp.dataplex.AspectTypeIamPolicy`: Retrieves the IAM policy for the aspecttype + /// + /// > **Note:** `gcp.dataplex.AspectTypeIamPolicy` **cannot** be used in conjunction with `gcp.dataplex.AspectTypeIamBinding` and `gcp.dataplex.AspectTypeIamMember` or they will fight over what your policy should be. + /// + /// > **Note:** `gcp.dataplex.AspectTypeIamBinding` resources **can be** used in conjunction with `gcp.dataplex.AspectTypeIamMember` resources **only if** they do not grant privilege to the same role. + /// + /// ## gcp.dataplex.AspectTypeIamPolicy + /// + /// ```csharp + /// using System.Collections.Generic; + /// using System.Linq; + /// using Pulumi; + /// using Gcp = Pulumi.Gcp; + /// + /// return await Deployment.RunAsync(() => + /// { + /// var admin = Gcp.Organizations.GetIAMPolicy.Invoke(new() + /// { + /// Bindings = new[] + /// { + /// new Gcp.Organizations.Inputs.GetIAMPolicyBindingInputArgs + /// { + /// Role = "roles/viewer", + /// Members = new[] + /// { + /// "user:jane@example.com", + /// }, + /// }, + /// }, + /// }); + /// + /// var policy = new Gcp.DataPlex.AspectTypeIamPolicy("policy", new() + /// { + /// Project = testAspectTypeBasic.Project, + /// Location = testAspectTypeBasic.Location, + /// AspectTypeId = testAspectTypeBasic.AspectTypeId, + /// PolicyData = admin.Apply(getIAMPolicyResult => getIAMPolicyResult.PolicyData), + /// }); + /// + /// }); + /// ``` + /// + /// ## gcp.dataplex.AspectTypeIamBinding + /// + /// ```csharp + /// using System.Collections.Generic; + /// using System.Linq; + /// using Pulumi; + /// using Gcp = Pulumi.Gcp; + /// + /// return await Deployment.RunAsync(() => + /// { + /// var binding = new Gcp.DataPlex.AspectTypeIamBinding("binding", new() + /// { + /// Project = testAspectTypeBasic.Project, + /// Location = testAspectTypeBasic.Location, + /// AspectTypeId = testAspectTypeBasic.AspectTypeId, + /// Role = "roles/viewer", + /// Members = new[] + /// { + /// "user:jane@example.com", + /// }, + /// }); + /// + /// }); + /// ``` + /// + /// ## gcp.dataplex.AspectTypeIamMember + /// + /// ```csharp + /// using System.Collections.Generic; + /// using System.Linq; + /// using Pulumi; + /// using Gcp = Pulumi.Gcp; + /// + /// return await Deployment.RunAsync(() => + /// { + /// var member = new Gcp.DataPlex.AspectTypeIamMember("member", new() + /// { + /// Project = testAspectTypeBasic.Project, + /// Location = testAspectTypeBasic.Location, + /// AspectTypeId = testAspectTypeBasic.AspectTypeId, + /// Role = "roles/viewer", + /// Member = "user:jane@example.com", + /// }); + /// + /// }); + /// ``` + /// + /// ## gcp.dataplex.AspectTypeIamPolicy + /// + /// ```csharp + /// using System.Collections.Generic; + /// using System.Linq; + /// using Pulumi; + /// using Gcp = Pulumi.Gcp; + /// + /// return await Deployment.RunAsync(() => + /// { + /// var admin = Gcp.Organizations.GetIAMPolicy.Invoke(new() + /// { + /// Bindings = new[] + /// { + /// new Gcp.Organizations.Inputs.GetIAMPolicyBindingInputArgs + /// { + /// Role = "roles/viewer", + /// Members = new[] + /// { + /// "user:jane@example.com", + /// }, + /// }, + /// }, + /// }); + /// + /// var policy = new Gcp.DataPlex.AspectTypeIamPolicy("policy", new() + /// { + /// Project = testAspectTypeBasic.Project, + /// Location = testAspectTypeBasic.Location, + /// AspectTypeId = testAspectTypeBasic.AspectTypeId, + /// PolicyData = admin.Apply(getIAMPolicyResult => getIAMPolicyResult.PolicyData), + /// }); + /// + /// }); + /// ``` + /// + /// ## gcp.dataplex.AspectTypeIamBinding + /// + /// ```csharp + /// using System.Collections.Generic; + /// using System.Linq; + /// using Pulumi; + /// using Gcp = Pulumi.Gcp; + /// + /// return await Deployment.RunAsync(() => + /// { + /// var binding = new Gcp.DataPlex.AspectTypeIamBinding("binding", new() + /// { + /// Project = testAspectTypeBasic.Project, + /// Location = testAspectTypeBasic.Location, + /// AspectTypeId = testAspectTypeBasic.AspectTypeId, + /// Role = "roles/viewer", + /// Members = new[] + /// { + /// "user:jane@example.com", + /// }, + /// }); + /// + /// }); + /// ``` + /// + /// ## gcp.dataplex.AspectTypeIamMember + /// + /// ```csharp + /// using System.Collections.Generic; + /// using System.Linq; + /// using Pulumi; + /// using Gcp = Pulumi.Gcp; + /// + /// return await Deployment.RunAsync(() => + /// { + /// var member = new Gcp.DataPlex.AspectTypeIamMember("member", new() + /// { + /// Project = testAspectTypeBasic.Project, + /// Location = testAspectTypeBasic.Location, + /// AspectTypeId = testAspectTypeBasic.AspectTypeId, + /// Role = "roles/viewer", + /// Member = "user:jane@example.com", + /// }); + /// + /// }); + /// ``` + /// + /// ## Import + /// + /// For all import syntaxes, the "resource in question" can take any of the following forms: + /// + /// * projects/{{project}}/locations/{{location}}/aspectTypes/{{aspect_type_id}} + /// + /// * {{project}}/{{location}}/{{aspect_type_id}} + /// + /// * {{location}}/{{aspect_type_id}} + /// + /// * {{aspect_type_id}} + /// + /// Any variables not passed in the import command will be taken from the provider configuration. + /// + /// Dataplex aspecttype IAM resources can be imported using the resource identifiers, role, and member. + /// + /// IAM member imports use space-delimited identifiers: the resource in question, the role, and the member identity, e.g. + /// + /// ```sh + /// $ pulumi import gcp:dataplex/aspectTypeIamPolicy:AspectTypeIamPolicy editor "projects/{{project}}/locations/{{location}}/aspectTypes/{{aspect_type_id}} roles/viewer user:jane@example.com" + /// ``` + /// + /// IAM binding imports use space-delimited identifiers: the resource in question and the role, e.g. + /// + /// ```sh + /// $ pulumi import gcp:dataplex/aspectTypeIamPolicy:AspectTypeIamPolicy editor "projects/{{project}}/locations/{{location}}/aspectTypes/{{aspect_type_id}} roles/viewer" + /// ``` + /// + /// IAM policy imports use the identifier of the resource in question, e.g. + /// + /// ```sh + /// $ pulumi import gcp:dataplex/aspectTypeIamPolicy:AspectTypeIamPolicy editor projects/{{project}}/locations/{{location}}/aspectTypes/{{aspect_type_id}} + /// ``` + /// + /// -> **Custom Roles**: If you're importing a IAM resource with a custom role, make sure to use the + /// + /// full name of the custom role, e.g. `[projects/my-project|organizations/my-org]/roles/my-custom-role`. + /// + [GcpResourceType("gcp:dataplex/aspectTypeIamPolicy:AspectTypeIamPolicy")] + public partial class AspectTypeIamPolicy : global::Pulumi.CustomResource + { + [Output("aspectTypeId")] + public Output AspectTypeId { get; private set; } = null!; + + /// + /// (Computed) The etag of the IAM policy. + /// + [Output("etag")] + public Output Etag { get; private set; } = null!; + + /// + /// The location where aspect type will be created in. + /// Used to find the parent resource to bind the IAM policy to + /// + [Output("location")] + public Output Location { get; private set; } = null!; + + /// + /// The policy data generated by + /// a `gcp.organizations.getIAMPolicy` data source. + /// + [Output("policyData")] + public Output PolicyData { get; private set; } = null!; + + /// + /// The ID of the project in which the resource belongs. + /// If it is not provided, the project will be parsed from the identifier of the parent resource. If no project is provided in the parent identifier and no project is specified, the provider project is used. + /// + [Output("project")] + public Output Project { get; private set; } = null!; + + + /// + /// Create a AspectTypeIamPolicy resource with the given unique name, arguments, and options. + /// + /// + /// The unique name of the resource + /// The arguments used to populate this resource's properties + /// A bag of options that control this resource's behavior + public AspectTypeIamPolicy(string name, AspectTypeIamPolicyArgs args, CustomResourceOptions? options = null) + : base("gcp:dataplex/aspectTypeIamPolicy:AspectTypeIamPolicy", name, args ?? new AspectTypeIamPolicyArgs(), MakeResourceOptions(options, "")) + { + } + + private AspectTypeIamPolicy(string name, Input id, AspectTypeIamPolicyState? state = null, CustomResourceOptions? options = null) + : base("gcp:dataplex/aspectTypeIamPolicy:AspectTypeIamPolicy", name, state, MakeResourceOptions(options, id)) + { + } + + private static CustomResourceOptions MakeResourceOptions(CustomResourceOptions? options, Input? id) + { + var defaultOptions = new CustomResourceOptions + { + Version = Utilities.Version, + }; + var merged = CustomResourceOptions.Merge(defaultOptions, options); + // Override the ID if one was specified for consistency with other language SDKs. + merged.Id = id ?? merged.Id; + return merged; + } + /// + /// Get an existing AspectTypeIamPolicy resource's state with the given name, ID, and optional extra + /// properties used to qualify the lookup. + /// + /// + /// The unique name of the resulting resource. + /// The unique provider ID of the resource to lookup. + /// Any extra arguments used during the lookup. + /// A bag of options that control this resource's behavior + public static AspectTypeIamPolicy Get(string name, Input id, AspectTypeIamPolicyState? state = null, CustomResourceOptions? options = null) + { + return new AspectTypeIamPolicy(name, id, state, options); + } + } + + public sealed class AspectTypeIamPolicyArgs : global::Pulumi.ResourceArgs + { + [Input("aspectTypeId", required: true)] + public Input AspectTypeId { get; set; } = null!; + + /// + /// The location where aspect type will be created in. + /// Used to find the parent resource to bind the IAM policy to + /// + [Input("location")] + public Input? Location { get; set; } + + /// + /// The policy data generated by + /// a `gcp.organizations.getIAMPolicy` data source. + /// + [Input("policyData", required: true)] + public Input PolicyData { get; set; } = null!; + + /// + /// The ID of the project in which the resource belongs. + /// If it is not provided, the project will be parsed from the identifier of the parent resource. If no project is provided in the parent identifier and no project is specified, the provider project is used. + /// + [Input("project")] + public Input? Project { get; set; } + + public AspectTypeIamPolicyArgs() + { + } + public static new AspectTypeIamPolicyArgs Empty => new AspectTypeIamPolicyArgs(); + } + + public sealed class AspectTypeIamPolicyState : global::Pulumi.ResourceArgs + { + [Input("aspectTypeId")] + public Input? AspectTypeId { get; set; } + + /// + /// (Computed) The etag of the IAM policy. + /// + [Input("etag")] + public Input? Etag { get; set; } + + /// + /// The location where aspect type will be created in. + /// Used to find the parent resource to bind the IAM policy to + /// + [Input("location")] + public Input? Location { get; set; } + + /// + /// The policy data generated by + /// a `gcp.organizations.getIAMPolicy` data source. + /// + [Input("policyData")] + public Input? PolicyData { get; set; } + + /// + /// The ID of the project in which the resource belongs. + /// If it is not provided, the project will be parsed from the identifier of the parent resource. If no project is provided in the parent identifier and no project is specified, the provider project is used. + /// + [Input("project")] + public Input? Project { get; set; } + + public AspectTypeIamPolicyState() + { + } + public static new AspectTypeIamPolicyState Empty => new AspectTypeIamPolicyState(); + } +} diff --git a/sdk/dotnet/DataPlex/EntryGroup.cs b/sdk/dotnet/DataPlex/EntryGroup.cs new file mode 100644 index 0000000000..1c142ca0fa --- /dev/null +++ b/sdk/dotnet/DataPlex/EntryGroup.cs @@ -0,0 +1,393 @@ +// *** WARNING: this file was generated by the Pulumi Terraform Bridge (tfgen) Tool. *** +// *** Do not edit by hand unless you're certain you know what you are doing! *** + +using System; +using System.Collections.Generic; +using System.Collections.Immutable; +using System.Threading.Tasks; +using Pulumi.Serialization; + +namespace Pulumi.Gcp.DataPlex +{ + /// + /// An Entry Group represents a logical grouping of one or more Entries. + /// + /// ## Example Usage + /// + /// ### Dataplex Entry Group Basic + /// + /// ```csharp + /// using System.Collections.Generic; + /// using System.Linq; + /// using Pulumi; + /// using Gcp = Pulumi.Gcp; + /// + /// return await Deployment.RunAsync(() => + /// { + /// var testEntryGroupBasic = new Gcp.DataPlex.EntryGroup("test_entry_group_basic", new() + /// { + /// EntryGroupId = "entry-group-basic", + /// Project = "my-project-name", + /// Location = "us-central1", + /// }); + /// + /// }); + /// ``` + /// ### Dataplex Entry Group Full + /// + /// ```csharp + /// using System.Collections.Generic; + /// using System.Linq; + /// using Pulumi; + /// using Gcp = Pulumi.Gcp; + /// + /// return await Deployment.RunAsync(() => + /// { + /// var testEntryGroupFull = new Gcp.DataPlex.EntryGroup("test_entry_group_full", new() + /// { + /// EntryGroupId = "entry-group-full", + /// Project = "my-project-name", + /// Location = "us-central1", + /// Labels = + /// { + /// { "tag", "test-tf" }, + /// }, + /// DisplayName = "terraform entry group", + /// Description = "entry group created by Terraform", + /// }); + /// + /// }); + /// ``` + /// + /// ## Import + /// + /// EntryGroup can be imported using any of these accepted formats: + /// + /// * `projects/{{project}}/locations/{{location}}/entryGroups/{{entry_group_id}}` + /// + /// * `{{project}}/{{location}}/{{entry_group_id}}` + /// + /// * `{{location}}/{{entry_group_id}}` + /// + /// When using the `pulumi import` command, EntryGroup can be imported using one of the formats above. For example: + /// + /// ```sh + /// $ pulumi import gcp:dataplex/entryGroup:EntryGroup default projects/{{project}}/locations/{{location}}/entryGroups/{{entry_group_id}} + /// ``` + /// + /// ```sh + /// $ pulumi import gcp:dataplex/entryGroup:EntryGroup default {{project}}/{{location}}/{{entry_group_id}} + /// ``` + /// + /// ```sh + /// $ pulumi import gcp:dataplex/entryGroup:EntryGroup default {{location}}/{{entry_group_id}} + /// ``` + /// + [GcpResourceType("gcp:dataplex/entryGroup:EntryGroup")] + public partial class EntryGroup : global::Pulumi.CustomResource + { + /// + /// The time when the EntryGroup was created. + /// + [Output("createTime")] + public Output CreateTime { get; private set; } = null!; + + /// + /// Description of the EntryGroup. + /// + [Output("description")] + public Output Description { get; private set; } = null!; + + /// + /// User friendly display name. + /// + [Output("displayName")] + public Output DisplayName { get; private set; } = null!; + + /// + /// All of labels (key/value pairs) present on the resource in GCP, including the labels configured through Pulumi, other clients and services. + /// + [Output("effectiveLabels")] + public Output> EffectiveLabels { get; private set; } = null!; + + /// + /// The entry group id of the entry group. + /// + [Output("entryGroupId")] + public Output EntryGroupId { get; private set; } = null!; + + /// + /// User-defined labels for the EntryGroup. + /// + /// **Note**: This field is non-authoritative, and will only manage the labels present in your configuration. + /// Please refer to the field `effective_labels` for all of the labels present on the resource. + /// + [Output("labels")] + public Output?> Labels { get; private set; } = null!; + + /// + /// The location where entry group will be created in. + /// + [Output("location")] + public Output Location { get; private set; } = null!; + + /// + /// The relative resource name of the EntryGroup, of the form: projects/{project_number}/locations/{location_id}/entryGroups/{entry_group_id} + /// + [Output("name")] + public Output Name { get; private set; } = null!; + + /// + /// The ID of the project in which the resource belongs. + /// If it is not provided, the provider project is used. + /// + [Output("project")] + public Output Project { get; private set; } = null!; + + /// + /// The combination of labels configured directly on the resource + /// and default labels configured on the provider. + /// + [Output("pulumiLabels")] + public Output> PulumiLabels { get; private set; } = null!; + + /// + /// Denotes the transfer status of the Entry Group. It is unspecified + /// for Entry Group created from Dataplex API. + /// + [Output("transferStatus")] + public Output TransferStatus { get; private set; } = null!; + + /// + /// System generated globally unique ID for the EntryGroup. This ID will be different if the EntryGroup is deleted and re-created with the same name. + /// + [Output("uid")] + public Output Uid { get; private set; } = null!; + + /// + /// The time when the EntryGroup was last updated. + /// + [Output("updateTime")] + public Output UpdateTime { get; private set; } = null!; + + + /// + /// Create a EntryGroup resource with the given unique name, arguments, and options. + /// + /// + /// The unique name of the resource + /// The arguments used to populate this resource's properties + /// A bag of options that control this resource's behavior + public EntryGroup(string name, EntryGroupArgs? args = null, CustomResourceOptions? options = null) + : base("gcp:dataplex/entryGroup:EntryGroup", name, args ?? new EntryGroupArgs(), MakeResourceOptions(options, "")) + { + } + + private EntryGroup(string name, Input id, EntryGroupState? state = null, CustomResourceOptions? options = null) + : base("gcp:dataplex/entryGroup:EntryGroup", name, state, MakeResourceOptions(options, id)) + { + } + + private static CustomResourceOptions MakeResourceOptions(CustomResourceOptions? options, Input? id) + { + var defaultOptions = new CustomResourceOptions + { + Version = Utilities.Version, + AdditionalSecretOutputs = + { + "effectiveLabels", + "pulumiLabels", + }, + }; + var merged = CustomResourceOptions.Merge(defaultOptions, options); + // Override the ID if one was specified for consistency with other language SDKs. + merged.Id = id ?? merged.Id; + return merged; + } + /// + /// Get an existing EntryGroup resource's state with the given name, ID, and optional extra + /// properties used to qualify the lookup. + /// + /// + /// The unique name of the resulting resource. + /// The unique provider ID of the resource to lookup. + /// Any extra arguments used during the lookup. + /// A bag of options that control this resource's behavior + public static EntryGroup Get(string name, Input id, EntryGroupState? state = null, CustomResourceOptions? options = null) + { + return new EntryGroup(name, id, state, options); + } + } + + public sealed class EntryGroupArgs : global::Pulumi.ResourceArgs + { + /// + /// Description of the EntryGroup. + /// + [Input("description")] + public Input? Description { get; set; } + + /// + /// User friendly display name. + /// + [Input("displayName")] + public Input? DisplayName { get; set; } + + /// + /// The entry group id of the entry group. + /// + [Input("entryGroupId")] + public Input? EntryGroupId { get; set; } + + [Input("labels")] + private InputMap? _labels; + + /// + /// User-defined labels for the EntryGroup. + /// + /// **Note**: This field is non-authoritative, and will only manage the labels present in your configuration. + /// Please refer to the field `effective_labels` for all of the labels present on the resource. + /// + public InputMap Labels + { + get => _labels ?? (_labels = new InputMap()); + set => _labels = value; + } + + /// + /// The location where entry group will be created in. + /// + [Input("location")] + public Input? Location { get; set; } + + /// + /// The ID of the project in which the resource belongs. + /// If it is not provided, the provider project is used. + /// + [Input("project")] + public Input? Project { get; set; } + + public EntryGroupArgs() + { + } + public static new EntryGroupArgs Empty => new EntryGroupArgs(); + } + + public sealed class EntryGroupState : global::Pulumi.ResourceArgs + { + /// + /// The time when the EntryGroup was created. + /// + [Input("createTime")] + public Input? CreateTime { get; set; } + + /// + /// Description of the EntryGroup. + /// + [Input("description")] + public Input? Description { get; set; } + + /// + /// User friendly display name. + /// + [Input("displayName")] + public Input? DisplayName { get; set; } + + [Input("effectiveLabels")] + private InputMap? _effectiveLabels; + + /// + /// All of labels (key/value pairs) present on the resource in GCP, including the labels configured through Pulumi, other clients and services. + /// + public InputMap EffectiveLabels + { + get => _effectiveLabels ?? (_effectiveLabels = new InputMap()); + set + { + var emptySecret = Output.CreateSecret(ImmutableDictionary.Create()); + _effectiveLabels = Output.All(value, emptySecret).Apply(v => v[0]); + } + } + + /// + /// The entry group id of the entry group. + /// + [Input("entryGroupId")] + public Input? EntryGroupId { get; set; } + + [Input("labels")] + private InputMap? _labels; + + /// + /// User-defined labels for the EntryGroup. + /// + /// **Note**: This field is non-authoritative, and will only manage the labels present in your configuration. + /// Please refer to the field `effective_labels` for all of the labels present on the resource. + /// + public InputMap Labels + { + get => _labels ?? (_labels = new InputMap()); + set => _labels = value; + } + + /// + /// The location where entry group will be created in. + /// + [Input("location")] + public Input? Location { get; set; } + + /// + /// The relative resource name of the EntryGroup, of the form: projects/{project_number}/locations/{location_id}/entryGroups/{entry_group_id} + /// + [Input("name")] + public Input? Name { get; set; } + + /// + /// The ID of the project in which the resource belongs. + /// If it is not provided, the provider project is used. + /// + [Input("project")] + public Input? Project { get; set; } + + [Input("pulumiLabels")] + private InputMap? _pulumiLabels; + + /// + /// The combination of labels configured directly on the resource + /// and default labels configured on the provider. + /// + public InputMap PulumiLabels + { + get => _pulumiLabels ?? (_pulumiLabels = new InputMap()); + set + { + var emptySecret = Output.CreateSecret(ImmutableDictionary.Create()); + _pulumiLabels = Output.All(value, emptySecret).Apply(v => v[0]); + } + } + + /// + /// Denotes the transfer status of the Entry Group. It is unspecified + /// for Entry Group created from Dataplex API. + /// + [Input("transferStatus")] + public Input? TransferStatus { get; set; } + + /// + /// System generated globally unique ID for the EntryGroup. This ID will be different if the EntryGroup is deleted and re-created with the same name. + /// + [Input("uid")] + public Input? Uid { get; set; } + + /// + /// The time when the EntryGroup was last updated. + /// + [Input("updateTime")] + public Input? UpdateTime { get; set; } + + public EntryGroupState() + { + } + public static new EntryGroupState Empty => new EntryGroupState(); + } +} diff --git a/sdk/dotnet/DataPlex/EntryGroupIamBinding.cs b/sdk/dotnet/DataPlex/EntryGroupIamBinding.cs new file mode 100644 index 0000000000..cb3fbb6f49 --- /dev/null +++ b/sdk/dotnet/DataPlex/EntryGroupIamBinding.cs @@ -0,0 +1,449 @@ +// *** WARNING: this file was generated by the Pulumi Terraform Bridge (tfgen) Tool. *** +// *** Do not edit by hand unless you're certain you know what you are doing! *** + +using System; +using System.Collections.Generic; +using System.Collections.Immutable; +using System.Threading.Tasks; +using Pulumi.Serialization; + +namespace Pulumi.Gcp.DataPlex +{ + /// + /// Three different resources help you manage your IAM policy for Dataplex EntryGroup. Each of these resources serves a different use case: + /// + /// * `gcp.dataplex.EntryGroupIamPolicy`: Authoritative. Sets the IAM policy for the entrygroup and replaces any existing policy already attached. + /// * `gcp.dataplex.EntryGroupIamBinding`: Authoritative for a given role. Updates the IAM policy to grant a role to a list of members. Other roles within the IAM policy for the entrygroup are preserved. + /// * `gcp.dataplex.EntryGroupIamMember`: Non-authoritative. Updates the IAM policy to grant a role to a new member. Other members for the role for the entrygroup are preserved. + /// + /// A data source can be used to retrieve policy data in advent you do not need creation + /// + /// * `gcp.dataplex.EntryGroupIamPolicy`: Retrieves the IAM policy for the entrygroup + /// + /// > **Note:** `gcp.dataplex.EntryGroupIamPolicy` **cannot** be used in conjunction with `gcp.dataplex.EntryGroupIamBinding` and `gcp.dataplex.EntryGroupIamMember` or they will fight over what your policy should be. + /// + /// > **Note:** `gcp.dataplex.EntryGroupIamBinding` resources **can be** used in conjunction with `gcp.dataplex.EntryGroupIamMember` resources **only if** they do not grant privilege to the same role. + /// + /// ## gcp.dataplex.EntryGroupIamPolicy + /// + /// ```csharp + /// using System.Collections.Generic; + /// using System.Linq; + /// using Pulumi; + /// using Gcp = Pulumi.Gcp; + /// + /// return await Deployment.RunAsync(() => + /// { + /// var admin = Gcp.Organizations.GetIAMPolicy.Invoke(new() + /// { + /// Bindings = new[] + /// { + /// new Gcp.Organizations.Inputs.GetIAMPolicyBindingInputArgs + /// { + /// Role = "roles/viewer", + /// Members = new[] + /// { + /// "user:jane@example.com", + /// }, + /// }, + /// }, + /// }); + /// + /// var policy = new Gcp.DataPlex.EntryGroupIamPolicy("policy", new() + /// { + /// Project = testEntryGroupBasic.Project, + /// Location = testEntryGroupBasic.Location, + /// EntryGroupId = testEntryGroupBasic.EntryGroupId, + /// PolicyData = admin.Apply(getIAMPolicyResult => getIAMPolicyResult.PolicyData), + /// }); + /// + /// }); + /// ``` + /// + /// ## gcp.dataplex.EntryGroupIamBinding + /// + /// ```csharp + /// using System.Collections.Generic; + /// using System.Linq; + /// using Pulumi; + /// using Gcp = Pulumi.Gcp; + /// + /// return await Deployment.RunAsync(() => + /// { + /// var binding = new Gcp.DataPlex.EntryGroupIamBinding("binding", new() + /// { + /// Project = testEntryGroupBasic.Project, + /// Location = testEntryGroupBasic.Location, + /// EntryGroupId = testEntryGroupBasic.EntryGroupId, + /// Role = "roles/viewer", + /// Members = new[] + /// { + /// "user:jane@example.com", + /// }, + /// }); + /// + /// }); + /// ``` + /// + /// ## gcp.dataplex.EntryGroupIamMember + /// + /// ```csharp + /// using System.Collections.Generic; + /// using System.Linq; + /// using Pulumi; + /// using Gcp = Pulumi.Gcp; + /// + /// return await Deployment.RunAsync(() => + /// { + /// var member = new Gcp.DataPlex.EntryGroupIamMember("member", new() + /// { + /// Project = testEntryGroupBasic.Project, + /// Location = testEntryGroupBasic.Location, + /// EntryGroupId = testEntryGroupBasic.EntryGroupId, + /// Role = "roles/viewer", + /// Member = "user:jane@example.com", + /// }); + /// + /// }); + /// ``` + /// + /// ## gcp.dataplex.EntryGroupIamPolicy + /// + /// ```csharp + /// using System.Collections.Generic; + /// using System.Linq; + /// using Pulumi; + /// using Gcp = Pulumi.Gcp; + /// + /// return await Deployment.RunAsync(() => + /// { + /// var admin = Gcp.Organizations.GetIAMPolicy.Invoke(new() + /// { + /// Bindings = new[] + /// { + /// new Gcp.Organizations.Inputs.GetIAMPolicyBindingInputArgs + /// { + /// Role = "roles/viewer", + /// Members = new[] + /// { + /// "user:jane@example.com", + /// }, + /// }, + /// }, + /// }); + /// + /// var policy = new Gcp.DataPlex.EntryGroupIamPolicy("policy", new() + /// { + /// Project = testEntryGroupBasic.Project, + /// Location = testEntryGroupBasic.Location, + /// EntryGroupId = testEntryGroupBasic.EntryGroupId, + /// PolicyData = admin.Apply(getIAMPolicyResult => getIAMPolicyResult.PolicyData), + /// }); + /// + /// }); + /// ``` + /// + /// ## gcp.dataplex.EntryGroupIamBinding + /// + /// ```csharp + /// using System.Collections.Generic; + /// using System.Linq; + /// using Pulumi; + /// using Gcp = Pulumi.Gcp; + /// + /// return await Deployment.RunAsync(() => + /// { + /// var binding = new Gcp.DataPlex.EntryGroupIamBinding("binding", new() + /// { + /// Project = testEntryGroupBasic.Project, + /// Location = testEntryGroupBasic.Location, + /// EntryGroupId = testEntryGroupBasic.EntryGroupId, + /// Role = "roles/viewer", + /// Members = new[] + /// { + /// "user:jane@example.com", + /// }, + /// }); + /// + /// }); + /// ``` + /// + /// ## gcp.dataplex.EntryGroupIamMember + /// + /// ```csharp + /// using System.Collections.Generic; + /// using System.Linq; + /// using Pulumi; + /// using Gcp = Pulumi.Gcp; + /// + /// return await Deployment.RunAsync(() => + /// { + /// var member = new Gcp.DataPlex.EntryGroupIamMember("member", new() + /// { + /// Project = testEntryGroupBasic.Project, + /// Location = testEntryGroupBasic.Location, + /// EntryGroupId = testEntryGroupBasic.EntryGroupId, + /// Role = "roles/viewer", + /// Member = "user:jane@example.com", + /// }); + /// + /// }); + /// ``` + /// + /// ## Import + /// + /// For all import syntaxes, the "resource in question" can take any of the following forms: + /// + /// * projects/{{project}}/locations/{{location}}/entryGroups/{{entry_group_id}} + /// + /// * {{project}}/{{location}}/{{entry_group_id}} + /// + /// * {{location}}/{{entry_group_id}} + /// + /// * {{entry_group_id}} + /// + /// Any variables not passed in the import command will be taken from the provider configuration. + /// + /// Dataplex entrygroup IAM resources can be imported using the resource identifiers, role, and member. + /// + /// IAM member imports use space-delimited identifiers: the resource in question, the role, and the member identity, e.g. + /// + /// ```sh + /// $ pulumi import gcp:dataplex/entryGroupIamBinding:EntryGroupIamBinding editor "projects/{{project}}/locations/{{location}}/entryGroups/{{entry_group_id}} roles/viewer user:jane@example.com" + /// ``` + /// + /// IAM binding imports use space-delimited identifiers: the resource in question and the role, e.g. + /// + /// ```sh + /// $ pulumi import gcp:dataplex/entryGroupIamBinding:EntryGroupIamBinding editor "projects/{{project}}/locations/{{location}}/entryGroups/{{entry_group_id}} roles/viewer" + /// ``` + /// + /// IAM policy imports use the identifier of the resource in question, e.g. + /// + /// ```sh + /// $ pulumi import gcp:dataplex/entryGroupIamBinding:EntryGroupIamBinding editor projects/{{project}}/locations/{{location}}/entryGroups/{{entry_group_id}} + /// ``` + /// + /// -> **Custom Roles**: If you're importing a IAM resource with a custom role, make sure to use the + /// + /// full name of the custom role, e.g. `[projects/my-project|organizations/my-org]/roles/my-custom-role`. + /// + [GcpResourceType("gcp:dataplex/entryGroupIamBinding:EntryGroupIamBinding")] + public partial class EntryGroupIamBinding : global::Pulumi.CustomResource + { + [Output("condition")] + public Output Condition { get; private set; } = null!; + + [Output("entryGroupId")] + public Output EntryGroupId { get; private set; } = null!; + + /// + /// (Computed) The etag of the IAM policy. + /// + [Output("etag")] + public Output Etag { get; private set; } = null!; + + /// + /// The location where entry group will be created in. + /// Used to find the parent resource to bind the IAM policy to + /// + [Output("location")] + public Output Location { get; private set; } = null!; + + /// + /// Identities that will be granted the privilege in `role`. + /// Each entry can have one of the following values: + /// * **allUsers**: A special identifier that represents anyone who is on the internet; with or without a Google account. + /// * **allAuthenticatedUsers**: A special identifier that represents anyone who is authenticated with a Google account or a service account. + /// * **user:{emailid}**: An email address that represents a specific Google account. For example, alice@gmail.com or joe@example.com. + /// * **serviceAccount:{emailid}**: An email address that represents a service account. For example, my-other-app@appspot.gserviceaccount.com. + /// * **group:{emailid}**: An email address that represents a Google group. For example, admins@example.com. + /// * **domain:{domain}**: A G Suite domain (primary, instead of alias) name that represents all the users of that domain. For example, google.com or example.com. + /// * **projectOwner:projectid**: Owners of the given project. For example, "projectOwner:my-example-project" + /// * **projectEditor:projectid**: Editors of the given project. For example, "projectEditor:my-example-project" + /// * **projectViewer:projectid**: Viewers of the given project. For example, "projectViewer:my-example-project" + /// + [Output("members")] + public Output> Members { get; private set; } = null!; + + /// + /// The ID of the project in which the resource belongs. + /// If it is not provided, the project will be parsed from the identifier of the parent resource. If no project is provided in the parent identifier and no project is specified, the provider project is used. + /// + [Output("project")] + public Output Project { get; private set; } = null!; + + /// + /// The role that should be applied. Only one + /// `gcp.dataplex.EntryGroupIamBinding` can be used per role. Note that custom roles must be of the format + /// `[projects|organizations]/{parent-name}/roles/{role-name}`. + /// + [Output("role")] + public Output Role { get; private set; } = null!; + + + /// + /// Create a EntryGroupIamBinding resource with the given unique name, arguments, and options. + /// + /// + /// The unique name of the resource + /// The arguments used to populate this resource's properties + /// A bag of options that control this resource's behavior + public EntryGroupIamBinding(string name, EntryGroupIamBindingArgs args, CustomResourceOptions? options = null) + : base("gcp:dataplex/entryGroupIamBinding:EntryGroupIamBinding", name, args ?? new EntryGroupIamBindingArgs(), MakeResourceOptions(options, "")) + { + } + + private EntryGroupIamBinding(string name, Input id, EntryGroupIamBindingState? state = null, CustomResourceOptions? options = null) + : base("gcp:dataplex/entryGroupIamBinding:EntryGroupIamBinding", name, state, MakeResourceOptions(options, id)) + { + } + + private static CustomResourceOptions MakeResourceOptions(CustomResourceOptions? options, Input? id) + { + var defaultOptions = new CustomResourceOptions + { + Version = Utilities.Version, + }; + var merged = CustomResourceOptions.Merge(defaultOptions, options); + // Override the ID if one was specified for consistency with other language SDKs. + merged.Id = id ?? merged.Id; + return merged; + } + /// + /// Get an existing EntryGroupIamBinding resource's state with the given name, ID, and optional extra + /// properties used to qualify the lookup. + /// + /// + /// The unique name of the resulting resource. + /// The unique provider ID of the resource to lookup. + /// Any extra arguments used during the lookup. + /// A bag of options that control this resource's behavior + public static EntryGroupIamBinding Get(string name, Input id, EntryGroupIamBindingState? state = null, CustomResourceOptions? options = null) + { + return new EntryGroupIamBinding(name, id, state, options); + } + } + + public sealed class EntryGroupIamBindingArgs : global::Pulumi.ResourceArgs + { + [Input("condition")] + public Input? Condition { get; set; } + + [Input("entryGroupId", required: true)] + public Input EntryGroupId { get; set; } = null!; + + /// + /// The location where entry group will be created in. + /// Used to find the parent resource to bind the IAM policy to + /// + [Input("location")] + public Input? Location { get; set; } + + [Input("members", required: true)] + private InputList? _members; + + /// + /// Identities that will be granted the privilege in `role`. + /// Each entry can have one of the following values: + /// * **allUsers**: A special identifier that represents anyone who is on the internet; with or without a Google account. + /// * **allAuthenticatedUsers**: A special identifier that represents anyone who is authenticated with a Google account or a service account. + /// * **user:{emailid}**: An email address that represents a specific Google account. For example, alice@gmail.com or joe@example.com. + /// * **serviceAccount:{emailid}**: An email address that represents a service account. For example, my-other-app@appspot.gserviceaccount.com. + /// * **group:{emailid}**: An email address that represents a Google group. For example, admins@example.com. + /// * **domain:{domain}**: A G Suite domain (primary, instead of alias) name that represents all the users of that domain. For example, google.com or example.com. + /// * **projectOwner:projectid**: Owners of the given project. For example, "projectOwner:my-example-project" + /// * **projectEditor:projectid**: Editors of the given project. For example, "projectEditor:my-example-project" + /// * **projectViewer:projectid**: Viewers of the given project. For example, "projectViewer:my-example-project" + /// + public InputList Members + { + get => _members ?? (_members = new InputList()); + set => _members = value; + } + + /// + /// The ID of the project in which the resource belongs. + /// If it is not provided, the project will be parsed from the identifier of the parent resource. If no project is provided in the parent identifier and no project is specified, the provider project is used. + /// + [Input("project")] + public Input? Project { get; set; } + + /// + /// The role that should be applied. Only one + /// `gcp.dataplex.EntryGroupIamBinding` can be used per role. Note that custom roles must be of the format + /// `[projects|organizations]/{parent-name}/roles/{role-name}`. + /// + [Input("role", required: true)] + public Input Role { get; set; } = null!; + + public EntryGroupIamBindingArgs() + { + } + public static new EntryGroupIamBindingArgs Empty => new EntryGroupIamBindingArgs(); + } + + public sealed class EntryGroupIamBindingState : global::Pulumi.ResourceArgs + { + [Input("condition")] + public Input? Condition { get; set; } + + [Input("entryGroupId")] + public Input? EntryGroupId { get; set; } + + /// + /// (Computed) The etag of the IAM policy. + /// + [Input("etag")] + public Input? Etag { get; set; } + + /// + /// The location where entry group will be created in. + /// Used to find the parent resource to bind the IAM policy to + /// + [Input("location")] + public Input? Location { get; set; } + + [Input("members")] + private InputList? _members; + + /// + /// Identities that will be granted the privilege in `role`. + /// Each entry can have one of the following values: + /// * **allUsers**: A special identifier that represents anyone who is on the internet; with or without a Google account. + /// * **allAuthenticatedUsers**: A special identifier that represents anyone who is authenticated with a Google account or a service account. + /// * **user:{emailid}**: An email address that represents a specific Google account. For example, alice@gmail.com or joe@example.com. + /// * **serviceAccount:{emailid}**: An email address that represents a service account. For example, my-other-app@appspot.gserviceaccount.com. + /// * **group:{emailid}**: An email address that represents a Google group. For example, admins@example.com. + /// * **domain:{domain}**: A G Suite domain (primary, instead of alias) name that represents all the users of that domain. For example, google.com or example.com. + /// * **projectOwner:projectid**: Owners of the given project. For example, "projectOwner:my-example-project" + /// * **projectEditor:projectid**: Editors of the given project. For example, "projectEditor:my-example-project" + /// * **projectViewer:projectid**: Viewers of the given project. For example, "projectViewer:my-example-project" + /// + public InputList Members + { + get => _members ?? (_members = new InputList()); + set => _members = value; + } + + /// + /// The ID of the project in which the resource belongs. + /// If it is not provided, the project will be parsed from the identifier of the parent resource. If no project is provided in the parent identifier and no project is specified, the provider project is used. + /// + [Input("project")] + public Input? Project { get; set; } + + /// + /// The role that should be applied. Only one + /// `gcp.dataplex.EntryGroupIamBinding` can be used per role. Note that custom roles must be of the format + /// `[projects|organizations]/{parent-name}/roles/{role-name}`. + /// + [Input("role")] + public Input? Role { get; set; } + + public EntryGroupIamBindingState() + { + } + public static new EntryGroupIamBindingState Empty => new EntryGroupIamBindingState(); + } +} diff --git a/sdk/dotnet/DataPlex/EntryGroupIamMember.cs b/sdk/dotnet/DataPlex/EntryGroupIamMember.cs new file mode 100644 index 0000000000..a75498c000 --- /dev/null +++ b/sdk/dotnet/DataPlex/EntryGroupIamMember.cs @@ -0,0 +1,437 @@ +// *** WARNING: this file was generated by the Pulumi Terraform Bridge (tfgen) Tool. *** +// *** Do not edit by hand unless you're certain you know what you are doing! *** + +using System; +using System.Collections.Generic; +using System.Collections.Immutable; +using System.Threading.Tasks; +using Pulumi.Serialization; + +namespace Pulumi.Gcp.DataPlex +{ + /// + /// Three different resources help you manage your IAM policy for Dataplex EntryGroup. Each of these resources serves a different use case: + /// + /// * `gcp.dataplex.EntryGroupIamPolicy`: Authoritative. Sets the IAM policy for the entrygroup and replaces any existing policy already attached. + /// * `gcp.dataplex.EntryGroupIamBinding`: Authoritative for a given role. Updates the IAM policy to grant a role to a list of members. Other roles within the IAM policy for the entrygroup are preserved. + /// * `gcp.dataplex.EntryGroupIamMember`: Non-authoritative. Updates the IAM policy to grant a role to a new member. Other members for the role for the entrygroup are preserved. + /// + /// A data source can be used to retrieve policy data in advent you do not need creation + /// + /// * `gcp.dataplex.EntryGroupIamPolicy`: Retrieves the IAM policy for the entrygroup + /// + /// > **Note:** `gcp.dataplex.EntryGroupIamPolicy` **cannot** be used in conjunction with `gcp.dataplex.EntryGroupIamBinding` and `gcp.dataplex.EntryGroupIamMember` or they will fight over what your policy should be. + /// + /// > **Note:** `gcp.dataplex.EntryGroupIamBinding` resources **can be** used in conjunction with `gcp.dataplex.EntryGroupIamMember` resources **only if** they do not grant privilege to the same role. + /// + /// ## gcp.dataplex.EntryGroupIamPolicy + /// + /// ```csharp + /// using System.Collections.Generic; + /// using System.Linq; + /// using Pulumi; + /// using Gcp = Pulumi.Gcp; + /// + /// return await Deployment.RunAsync(() => + /// { + /// var admin = Gcp.Organizations.GetIAMPolicy.Invoke(new() + /// { + /// Bindings = new[] + /// { + /// new Gcp.Organizations.Inputs.GetIAMPolicyBindingInputArgs + /// { + /// Role = "roles/viewer", + /// Members = new[] + /// { + /// "user:jane@example.com", + /// }, + /// }, + /// }, + /// }); + /// + /// var policy = new Gcp.DataPlex.EntryGroupIamPolicy("policy", new() + /// { + /// Project = testEntryGroupBasic.Project, + /// Location = testEntryGroupBasic.Location, + /// EntryGroupId = testEntryGroupBasic.EntryGroupId, + /// PolicyData = admin.Apply(getIAMPolicyResult => getIAMPolicyResult.PolicyData), + /// }); + /// + /// }); + /// ``` + /// + /// ## gcp.dataplex.EntryGroupIamBinding + /// + /// ```csharp + /// using System.Collections.Generic; + /// using System.Linq; + /// using Pulumi; + /// using Gcp = Pulumi.Gcp; + /// + /// return await Deployment.RunAsync(() => + /// { + /// var binding = new Gcp.DataPlex.EntryGroupIamBinding("binding", new() + /// { + /// Project = testEntryGroupBasic.Project, + /// Location = testEntryGroupBasic.Location, + /// EntryGroupId = testEntryGroupBasic.EntryGroupId, + /// Role = "roles/viewer", + /// Members = new[] + /// { + /// "user:jane@example.com", + /// }, + /// }); + /// + /// }); + /// ``` + /// + /// ## gcp.dataplex.EntryGroupIamMember + /// + /// ```csharp + /// using System.Collections.Generic; + /// using System.Linq; + /// using Pulumi; + /// using Gcp = Pulumi.Gcp; + /// + /// return await Deployment.RunAsync(() => + /// { + /// var member = new Gcp.DataPlex.EntryGroupIamMember("member", new() + /// { + /// Project = testEntryGroupBasic.Project, + /// Location = testEntryGroupBasic.Location, + /// EntryGroupId = testEntryGroupBasic.EntryGroupId, + /// Role = "roles/viewer", + /// Member = "user:jane@example.com", + /// }); + /// + /// }); + /// ``` + /// + /// ## gcp.dataplex.EntryGroupIamPolicy + /// + /// ```csharp + /// using System.Collections.Generic; + /// using System.Linq; + /// using Pulumi; + /// using Gcp = Pulumi.Gcp; + /// + /// return await Deployment.RunAsync(() => + /// { + /// var admin = Gcp.Organizations.GetIAMPolicy.Invoke(new() + /// { + /// Bindings = new[] + /// { + /// new Gcp.Organizations.Inputs.GetIAMPolicyBindingInputArgs + /// { + /// Role = "roles/viewer", + /// Members = new[] + /// { + /// "user:jane@example.com", + /// }, + /// }, + /// }, + /// }); + /// + /// var policy = new Gcp.DataPlex.EntryGroupIamPolicy("policy", new() + /// { + /// Project = testEntryGroupBasic.Project, + /// Location = testEntryGroupBasic.Location, + /// EntryGroupId = testEntryGroupBasic.EntryGroupId, + /// PolicyData = admin.Apply(getIAMPolicyResult => getIAMPolicyResult.PolicyData), + /// }); + /// + /// }); + /// ``` + /// + /// ## gcp.dataplex.EntryGroupIamBinding + /// + /// ```csharp + /// using System.Collections.Generic; + /// using System.Linq; + /// using Pulumi; + /// using Gcp = Pulumi.Gcp; + /// + /// return await Deployment.RunAsync(() => + /// { + /// var binding = new Gcp.DataPlex.EntryGroupIamBinding("binding", new() + /// { + /// Project = testEntryGroupBasic.Project, + /// Location = testEntryGroupBasic.Location, + /// EntryGroupId = testEntryGroupBasic.EntryGroupId, + /// Role = "roles/viewer", + /// Members = new[] + /// { + /// "user:jane@example.com", + /// }, + /// }); + /// + /// }); + /// ``` + /// + /// ## gcp.dataplex.EntryGroupIamMember + /// + /// ```csharp + /// using System.Collections.Generic; + /// using System.Linq; + /// using Pulumi; + /// using Gcp = Pulumi.Gcp; + /// + /// return await Deployment.RunAsync(() => + /// { + /// var member = new Gcp.DataPlex.EntryGroupIamMember("member", new() + /// { + /// Project = testEntryGroupBasic.Project, + /// Location = testEntryGroupBasic.Location, + /// EntryGroupId = testEntryGroupBasic.EntryGroupId, + /// Role = "roles/viewer", + /// Member = "user:jane@example.com", + /// }); + /// + /// }); + /// ``` + /// + /// ## Import + /// + /// For all import syntaxes, the "resource in question" can take any of the following forms: + /// + /// * projects/{{project}}/locations/{{location}}/entryGroups/{{entry_group_id}} + /// + /// * {{project}}/{{location}}/{{entry_group_id}} + /// + /// * {{location}}/{{entry_group_id}} + /// + /// * {{entry_group_id}} + /// + /// Any variables not passed in the import command will be taken from the provider configuration. + /// + /// Dataplex entrygroup IAM resources can be imported using the resource identifiers, role, and member. + /// + /// IAM member imports use space-delimited identifiers: the resource in question, the role, and the member identity, e.g. + /// + /// ```sh + /// $ pulumi import gcp:dataplex/entryGroupIamMember:EntryGroupIamMember editor "projects/{{project}}/locations/{{location}}/entryGroups/{{entry_group_id}} roles/viewer user:jane@example.com" + /// ``` + /// + /// IAM binding imports use space-delimited identifiers: the resource in question and the role, e.g. + /// + /// ```sh + /// $ pulumi import gcp:dataplex/entryGroupIamMember:EntryGroupIamMember editor "projects/{{project}}/locations/{{location}}/entryGroups/{{entry_group_id}} roles/viewer" + /// ``` + /// + /// IAM policy imports use the identifier of the resource in question, e.g. + /// + /// ```sh + /// $ pulumi import gcp:dataplex/entryGroupIamMember:EntryGroupIamMember editor projects/{{project}}/locations/{{location}}/entryGroups/{{entry_group_id}} + /// ``` + /// + /// -> **Custom Roles**: If you're importing a IAM resource with a custom role, make sure to use the + /// + /// full name of the custom role, e.g. `[projects/my-project|organizations/my-org]/roles/my-custom-role`. + /// + [GcpResourceType("gcp:dataplex/entryGroupIamMember:EntryGroupIamMember")] + public partial class EntryGroupIamMember : global::Pulumi.CustomResource + { + [Output("condition")] + public Output Condition { get; private set; } = null!; + + [Output("entryGroupId")] + public Output EntryGroupId { get; private set; } = null!; + + /// + /// (Computed) The etag of the IAM policy. + /// + [Output("etag")] + public Output Etag { get; private set; } = null!; + + /// + /// The location where entry group will be created in. + /// Used to find the parent resource to bind the IAM policy to + /// + [Output("location")] + public Output Location { get; private set; } = null!; + + /// + /// Identities that will be granted the privilege in `role`. + /// Each entry can have one of the following values: + /// * **allUsers**: A special identifier that represents anyone who is on the internet; with or without a Google account. + /// * **allAuthenticatedUsers**: A special identifier that represents anyone who is authenticated with a Google account or a service account. + /// * **user:{emailid}**: An email address that represents a specific Google account. For example, alice@gmail.com or joe@example.com. + /// * **serviceAccount:{emailid}**: An email address that represents a service account. For example, my-other-app@appspot.gserviceaccount.com. + /// * **group:{emailid}**: An email address that represents a Google group. For example, admins@example.com. + /// * **domain:{domain}**: A G Suite domain (primary, instead of alias) name that represents all the users of that domain. For example, google.com or example.com. + /// * **projectOwner:projectid**: Owners of the given project. For example, "projectOwner:my-example-project" + /// * **projectEditor:projectid**: Editors of the given project. For example, "projectEditor:my-example-project" + /// * **projectViewer:projectid**: Viewers of the given project. For example, "projectViewer:my-example-project" + /// + [Output("member")] + public Output Member { get; private set; } = null!; + + /// + /// The ID of the project in which the resource belongs. + /// If it is not provided, the project will be parsed from the identifier of the parent resource. If no project is provided in the parent identifier and no project is specified, the provider project is used. + /// + [Output("project")] + public Output Project { get; private set; } = null!; + + /// + /// The role that should be applied. Only one + /// `gcp.dataplex.EntryGroupIamBinding` can be used per role. Note that custom roles must be of the format + /// `[projects|organizations]/{parent-name}/roles/{role-name}`. + /// + [Output("role")] + public Output Role { get; private set; } = null!; + + + /// + /// Create a EntryGroupIamMember resource with the given unique name, arguments, and options. + /// + /// + /// The unique name of the resource + /// The arguments used to populate this resource's properties + /// A bag of options that control this resource's behavior + public EntryGroupIamMember(string name, EntryGroupIamMemberArgs args, CustomResourceOptions? options = null) + : base("gcp:dataplex/entryGroupIamMember:EntryGroupIamMember", name, args ?? new EntryGroupIamMemberArgs(), MakeResourceOptions(options, "")) + { + } + + private EntryGroupIamMember(string name, Input id, EntryGroupIamMemberState? state = null, CustomResourceOptions? options = null) + : base("gcp:dataplex/entryGroupIamMember:EntryGroupIamMember", name, state, MakeResourceOptions(options, id)) + { + } + + private static CustomResourceOptions MakeResourceOptions(CustomResourceOptions? options, Input? id) + { + var defaultOptions = new CustomResourceOptions + { + Version = Utilities.Version, + }; + var merged = CustomResourceOptions.Merge(defaultOptions, options); + // Override the ID if one was specified for consistency with other language SDKs. + merged.Id = id ?? merged.Id; + return merged; + } + /// + /// Get an existing EntryGroupIamMember resource's state with the given name, ID, and optional extra + /// properties used to qualify the lookup. + /// + /// + /// The unique name of the resulting resource. + /// The unique provider ID of the resource to lookup. + /// Any extra arguments used during the lookup. + /// A bag of options that control this resource's behavior + public static EntryGroupIamMember Get(string name, Input id, EntryGroupIamMemberState? state = null, CustomResourceOptions? options = null) + { + return new EntryGroupIamMember(name, id, state, options); + } + } + + public sealed class EntryGroupIamMemberArgs : global::Pulumi.ResourceArgs + { + [Input("condition")] + public Input? Condition { get; set; } + + [Input("entryGroupId", required: true)] + public Input EntryGroupId { get; set; } = null!; + + /// + /// The location where entry group will be created in. + /// Used to find the parent resource to bind the IAM policy to + /// + [Input("location")] + public Input? Location { get; set; } + + /// + /// Identities that will be granted the privilege in `role`. + /// Each entry can have one of the following values: + /// * **allUsers**: A special identifier that represents anyone who is on the internet; with or without a Google account. + /// * **allAuthenticatedUsers**: A special identifier that represents anyone who is authenticated with a Google account or a service account. + /// * **user:{emailid}**: An email address that represents a specific Google account. For example, alice@gmail.com or joe@example.com. + /// * **serviceAccount:{emailid}**: An email address that represents a service account. For example, my-other-app@appspot.gserviceaccount.com. + /// * **group:{emailid}**: An email address that represents a Google group. For example, admins@example.com. + /// * **domain:{domain}**: A G Suite domain (primary, instead of alias) name that represents all the users of that domain. For example, google.com or example.com. + /// * **projectOwner:projectid**: Owners of the given project. For example, "projectOwner:my-example-project" + /// * **projectEditor:projectid**: Editors of the given project. For example, "projectEditor:my-example-project" + /// * **projectViewer:projectid**: Viewers of the given project. For example, "projectViewer:my-example-project" + /// + [Input("member", required: true)] + public Input Member { get; set; } = null!; + + /// + /// The ID of the project in which the resource belongs. + /// If it is not provided, the project will be parsed from the identifier of the parent resource. If no project is provided in the parent identifier and no project is specified, the provider project is used. + /// + [Input("project")] + public Input? Project { get; set; } + + /// + /// The role that should be applied. Only one + /// `gcp.dataplex.EntryGroupIamBinding` can be used per role. Note that custom roles must be of the format + /// `[projects|organizations]/{parent-name}/roles/{role-name}`. + /// + [Input("role", required: true)] + public Input Role { get; set; } = null!; + + public EntryGroupIamMemberArgs() + { + } + public static new EntryGroupIamMemberArgs Empty => new EntryGroupIamMemberArgs(); + } + + public sealed class EntryGroupIamMemberState : global::Pulumi.ResourceArgs + { + [Input("condition")] + public Input? Condition { get; set; } + + [Input("entryGroupId")] + public Input? EntryGroupId { get; set; } + + /// + /// (Computed) The etag of the IAM policy. + /// + [Input("etag")] + public Input? Etag { get; set; } + + /// + /// The location where entry group will be created in. + /// Used to find the parent resource to bind the IAM policy to + /// + [Input("location")] + public Input? Location { get; set; } + + /// + /// Identities that will be granted the privilege in `role`. + /// Each entry can have one of the following values: + /// * **allUsers**: A special identifier that represents anyone who is on the internet; with or without a Google account. + /// * **allAuthenticatedUsers**: A special identifier that represents anyone who is authenticated with a Google account or a service account. + /// * **user:{emailid}**: An email address that represents a specific Google account. For example, alice@gmail.com or joe@example.com. + /// * **serviceAccount:{emailid}**: An email address that represents a service account. For example, my-other-app@appspot.gserviceaccount.com. + /// * **group:{emailid}**: An email address that represents a Google group. For example, admins@example.com. + /// * **domain:{domain}**: A G Suite domain (primary, instead of alias) name that represents all the users of that domain. For example, google.com or example.com. + /// * **projectOwner:projectid**: Owners of the given project. For example, "projectOwner:my-example-project" + /// * **projectEditor:projectid**: Editors of the given project. For example, "projectEditor:my-example-project" + /// * **projectViewer:projectid**: Viewers of the given project. For example, "projectViewer:my-example-project" + /// + [Input("member")] + public Input? Member { get; set; } + + /// + /// The ID of the project in which the resource belongs. + /// If it is not provided, the project will be parsed from the identifier of the parent resource. If no project is provided in the parent identifier and no project is specified, the provider project is used. + /// + [Input("project")] + public Input? Project { get; set; } + + /// + /// The role that should be applied. Only one + /// `gcp.dataplex.EntryGroupIamBinding` can be used per role. Note that custom roles must be of the format + /// `[projects|organizations]/{parent-name}/roles/{role-name}`. + /// + [Input("role")] + public Input? Role { get; set; } + + public EntryGroupIamMemberState() + { + } + public static new EntryGroupIamMemberState Empty => new EntryGroupIamMemberState(); + } +} diff --git a/sdk/dotnet/DataPlex/EntryGroupIamPolicy.cs b/sdk/dotnet/DataPlex/EntryGroupIamPolicy.cs new file mode 100644 index 0000000000..46b6cb2834 --- /dev/null +++ b/sdk/dotnet/DataPlex/EntryGroupIamPolicy.cs @@ -0,0 +1,377 @@ +// *** WARNING: this file was generated by the Pulumi Terraform Bridge (tfgen) Tool. *** +// *** Do not edit by hand unless you're certain you know what you are doing! *** + +using System; +using System.Collections.Generic; +using System.Collections.Immutable; +using System.Threading.Tasks; +using Pulumi.Serialization; + +namespace Pulumi.Gcp.DataPlex +{ + /// + /// Three different resources help you manage your IAM policy for Dataplex EntryGroup. Each of these resources serves a different use case: + /// + /// * `gcp.dataplex.EntryGroupIamPolicy`: Authoritative. Sets the IAM policy for the entrygroup and replaces any existing policy already attached. + /// * `gcp.dataplex.EntryGroupIamBinding`: Authoritative for a given role. Updates the IAM policy to grant a role to a list of members. Other roles within the IAM policy for the entrygroup are preserved. + /// * `gcp.dataplex.EntryGroupIamMember`: Non-authoritative. Updates the IAM policy to grant a role to a new member. Other members for the role for the entrygroup are preserved. + /// + /// A data source can be used to retrieve policy data in advent you do not need creation + /// + /// * `gcp.dataplex.EntryGroupIamPolicy`: Retrieves the IAM policy for the entrygroup + /// + /// > **Note:** `gcp.dataplex.EntryGroupIamPolicy` **cannot** be used in conjunction with `gcp.dataplex.EntryGroupIamBinding` and `gcp.dataplex.EntryGroupIamMember` or they will fight over what your policy should be. + /// + /// > **Note:** `gcp.dataplex.EntryGroupIamBinding` resources **can be** used in conjunction with `gcp.dataplex.EntryGroupIamMember` resources **only if** they do not grant privilege to the same role. + /// + /// ## gcp.dataplex.EntryGroupIamPolicy + /// + /// ```csharp + /// using System.Collections.Generic; + /// using System.Linq; + /// using Pulumi; + /// using Gcp = Pulumi.Gcp; + /// + /// return await Deployment.RunAsync(() => + /// { + /// var admin = Gcp.Organizations.GetIAMPolicy.Invoke(new() + /// { + /// Bindings = new[] + /// { + /// new Gcp.Organizations.Inputs.GetIAMPolicyBindingInputArgs + /// { + /// Role = "roles/viewer", + /// Members = new[] + /// { + /// "user:jane@example.com", + /// }, + /// }, + /// }, + /// }); + /// + /// var policy = new Gcp.DataPlex.EntryGroupIamPolicy("policy", new() + /// { + /// Project = testEntryGroupBasic.Project, + /// Location = testEntryGroupBasic.Location, + /// EntryGroupId = testEntryGroupBasic.EntryGroupId, + /// PolicyData = admin.Apply(getIAMPolicyResult => getIAMPolicyResult.PolicyData), + /// }); + /// + /// }); + /// ``` + /// + /// ## gcp.dataplex.EntryGroupIamBinding + /// + /// ```csharp + /// using System.Collections.Generic; + /// using System.Linq; + /// using Pulumi; + /// using Gcp = Pulumi.Gcp; + /// + /// return await Deployment.RunAsync(() => + /// { + /// var binding = new Gcp.DataPlex.EntryGroupIamBinding("binding", new() + /// { + /// Project = testEntryGroupBasic.Project, + /// Location = testEntryGroupBasic.Location, + /// EntryGroupId = testEntryGroupBasic.EntryGroupId, + /// Role = "roles/viewer", + /// Members = new[] + /// { + /// "user:jane@example.com", + /// }, + /// }); + /// + /// }); + /// ``` + /// + /// ## gcp.dataplex.EntryGroupIamMember + /// + /// ```csharp + /// using System.Collections.Generic; + /// using System.Linq; + /// using Pulumi; + /// using Gcp = Pulumi.Gcp; + /// + /// return await Deployment.RunAsync(() => + /// { + /// var member = new Gcp.DataPlex.EntryGroupIamMember("member", new() + /// { + /// Project = testEntryGroupBasic.Project, + /// Location = testEntryGroupBasic.Location, + /// EntryGroupId = testEntryGroupBasic.EntryGroupId, + /// Role = "roles/viewer", + /// Member = "user:jane@example.com", + /// }); + /// + /// }); + /// ``` + /// + /// ## gcp.dataplex.EntryGroupIamPolicy + /// + /// ```csharp + /// using System.Collections.Generic; + /// using System.Linq; + /// using Pulumi; + /// using Gcp = Pulumi.Gcp; + /// + /// return await Deployment.RunAsync(() => + /// { + /// var admin = Gcp.Organizations.GetIAMPolicy.Invoke(new() + /// { + /// Bindings = new[] + /// { + /// new Gcp.Organizations.Inputs.GetIAMPolicyBindingInputArgs + /// { + /// Role = "roles/viewer", + /// Members = new[] + /// { + /// "user:jane@example.com", + /// }, + /// }, + /// }, + /// }); + /// + /// var policy = new Gcp.DataPlex.EntryGroupIamPolicy("policy", new() + /// { + /// Project = testEntryGroupBasic.Project, + /// Location = testEntryGroupBasic.Location, + /// EntryGroupId = testEntryGroupBasic.EntryGroupId, + /// PolicyData = admin.Apply(getIAMPolicyResult => getIAMPolicyResult.PolicyData), + /// }); + /// + /// }); + /// ``` + /// + /// ## gcp.dataplex.EntryGroupIamBinding + /// + /// ```csharp + /// using System.Collections.Generic; + /// using System.Linq; + /// using Pulumi; + /// using Gcp = Pulumi.Gcp; + /// + /// return await Deployment.RunAsync(() => + /// { + /// var binding = new Gcp.DataPlex.EntryGroupIamBinding("binding", new() + /// { + /// Project = testEntryGroupBasic.Project, + /// Location = testEntryGroupBasic.Location, + /// EntryGroupId = testEntryGroupBasic.EntryGroupId, + /// Role = "roles/viewer", + /// Members = new[] + /// { + /// "user:jane@example.com", + /// }, + /// }); + /// + /// }); + /// ``` + /// + /// ## gcp.dataplex.EntryGroupIamMember + /// + /// ```csharp + /// using System.Collections.Generic; + /// using System.Linq; + /// using Pulumi; + /// using Gcp = Pulumi.Gcp; + /// + /// return await Deployment.RunAsync(() => + /// { + /// var member = new Gcp.DataPlex.EntryGroupIamMember("member", new() + /// { + /// Project = testEntryGroupBasic.Project, + /// Location = testEntryGroupBasic.Location, + /// EntryGroupId = testEntryGroupBasic.EntryGroupId, + /// Role = "roles/viewer", + /// Member = "user:jane@example.com", + /// }); + /// + /// }); + /// ``` + /// + /// ## Import + /// + /// For all import syntaxes, the "resource in question" can take any of the following forms: + /// + /// * projects/{{project}}/locations/{{location}}/entryGroups/{{entry_group_id}} + /// + /// * {{project}}/{{location}}/{{entry_group_id}} + /// + /// * {{location}}/{{entry_group_id}} + /// + /// * {{entry_group_id}} + /// + /// Any variables not passed in the import command will be taken from the provider configuration. + /// + /// Dataplex entrygroup IAM resources can be imported using the resource identifiers, role, and member. + /// + /// IAM member imports use space-delimited identifiers: the resource in question, the role, and the member identity, e.g. + /// + /// ```sh + /// $ pulumi import gcp:dataplex/entryGroupIamPolicy:EntryGroupIamPolicy editor "projects/{{project}}/locations/{{location}}/entryGroups/{{entry_group_id}} roles/viewer user:jane@example.com" + /// ``` + /// + /// IAM binding imports use space-delimited identifiers: the resource in question and the role, e.g. + /// + /// ```sh + /// $ pulumi import gcp:dataplex/entryGroupIamPolicy:EntryGroupIamPolicy editor "projects/{{project}}/locations/{{location}}/entryGroups/{{entry_group_id}} roles/viewer" + /// ``` + /// + /// IAM policy imports use the identifier of the resource in question, e.g. + /// + /// ```sh + /// $ pulumi import gcp:dataplex/entryGroupIamPolicy:EntryGroupIamPolicy editor projects/{{project}}/locations/{{location}}/entryGroups/{{entry_group_id}} + /// ``` + /// + /// -> **Custom Roles**: If you're importing a IAM resource with a custom role, make sure to use the + /// + /// full name of the custom role, e.g. `[projects/my-project|organizations/my-org]/roles/my-custom-role`. + /// + [GcpResourceType("gcp:dataplex/entryGroupIamPolicy:EntryGroupIamPolicy")] + public partial class EntryGroupIamPolicy : global::Pulumi.CustomResource + { + [Output("entryGroupId")] + public Output EntryGroupId { get; private set; } = null!; + + /// + /// (Computed) The etag of the IAM policy. + /// + [Output("etag")] + public Output Etag { get; private set; } = null!; + + /// + /// The location where entry group will be created in. + /// Used to find the parent resource to bind the IAM policy to + /// + [Output("location")] + public Output Location { get; private set; } = null!; + + /// + /// The policy data generated by + /// a `gcp.organizations.getIAMPolicy` data source. + /// + [Output("policyData")] + public Output PolicyData { get; private set; } = null!; + + /// + /// The ID of the project in which the resource belongs. + /// If it is not provided, the project will be parsed from the identifier of the parent resource. If no project is provided in the parent identifier and no project is specified, the provider project is used. + /// + [Output("project")] + public Output Project { get; private set; } = null!; + + + /// + /// Create a EntryGroupIamPolicy resource with the given unique name, arguments, and options. + /// + /// + /// The unique name of the resource + /// The arguments used to populate this resource's properties + /// A bag of options that control this resource's behavior + public EntryGroupIamPolicy(string name, EntryGroupIamPolicyArgs args, CustomResourceOptions? options = null) + : base("gcp:dataplex/entryGroupIamPolicy:EntryGroupIamPolicy", name, args ?? new EntryGroupIamPolicyArgs(), MakeResourceOptions(options, "")) + { + } + + private EntryGroupIamPolicy(string name, Input id, EntryGroupIamPolicyState? state = null, CustomResourceOptions? options = null) + : base("gcp:dataplex/entryGroupIamPolicy:EntryGroupIamPolicy", name, state, MakeResourceOptions(options, id)) + { + } + + private static CustomResourceOptions MakeResourceOptions(CustomResourceOptions? options, Input? id) + { + var defaultOptions = new CustomResourceOptions + { + Version = Utilities.Version, + }; + var merged = CustomResourceOptions.Merge(defaultOptions, options); + // Override the ID if one was specified for consistency with other language SDKs. + merged.Id = id ?? merged.Id; + return merged; + } + /// + /// Get an existing EntryGroupIamPolicy resource's state with the given name, ID, and optional extra + /// properties used to qualify the lookup. + /// + /// + /// The unique name of the resulting resource. + /// The unique provider ID of the resource to lookup. + /// Any extra arguments used during the lookup. + /// A bag of options that control this resource's behavior + public static EntryGroupIamPolicy Get(string name, Input id, EntryGroupIamPolicyState? state = null, CustomResourceOptions? options = null) + { + return new EntryGroupIamPolicy(name, id, state, options); + } + } + + public sealed class EntryGroupIamPolicyArgs : global::Pulumi.ResourceArgs + { + [Input("entryGroupId", required: true)] + public Input EntryGroupId { get; set; } = null!; + + /// + /// The location where entry group will be created in. + /// Used to find the parent resource to bind the IAM policy to + /// + [Input("location")] + public Input? Location { get; set; } + + /// + /// The policy data generated by + /// a `gcp.organizations.getIAMPolicy` data source. + /// + [Input("policyData", required: true)] + public Input PolicyData { get; set; } = null!; + + /// + /// The ID of the project in which the resource belongs. + /// If it is not provided, the project will be parsed from the identifier of the parent resource. If no project is provided in the parent identifier and no project is specified, the provider project is used. + /// + [Input("project")] + public Input? Project { get; set; } + + public EntryGroupIamPolicyArgs() + { + } + public static new EntryGroupIamPolicyArgs Empty => new EntryGroupIamPolicyArgs(); + } + + public sealed class EntryGroupIamPolicyState : global::Pulumi.ResourceArgs + { + [Input("entryGroupId")] + public Input? EntryGroupId { get; set; } + + /// + /// (Computed) The etag of the IAM policy. + /// + [Input("etag")] + public Input? Etag { get; set; } + + /// + /// The location where entry group will be created in. + /// Used to find the parent resource to bind the IAM policy to + /// + [Input("location")] + public Input? Location { get; set; } + + /// + /// The policy data generated by + /// a `gcp.organizations.getIAMPolicy` data source. + /// + [Input("policyData")] + public Input? PolicyData { get; set; } + + /// + /// The ID of the project in which the resource belongs. + /// If it is not provided, the project will be parsed from the identifier of the parent resource. If no project is provided in the parent identifier and no project is specified, the provider project is used. + /// + [Input("project")] + public Input? Project { get; set; } + + public EntryGroupIamPolicyState() + { + } + public static new EntryGroupIamPolicyState Empty => new EntryGroupIamPolicyState(); + } +} diff --git a/sdk/dotnet/DataPlex/GetAspectTypeIamPolicy.cs b/sdk/dotnet/DataPlex/GetAspectTypeIamPolicy.cs new file mode 100644 index 0000000000..63ff675cc9 --- /dev/null +++ b/sdk/dotnet/DataPlex/GetAspectTypeIamPolicy.cs @@ -0,0 +1,163 @@ +// *** WARNING: this file was generated by the Pulumi Terraform Bridge (tfgen) Tool. *** +// *** Do not edit by hand unless you're certain you know what you are doing! *** + +using System; +using System.Collections.Generic; +using System.Collections.Immutable; +using System.Threading.Tasks; +using Pulumi.Serialization; + +namespace Pulumi.Gcp.DataPlex +{ + public static class GetAspectTypeIamPolicy + { + /// + /// Retrieves the current IAM policy data for aspecttype + /// + /// + /// ## example + /// + /// ```csharp + /// using System.Collections.Generic; + /// using System.Linq; + /// using Pulumi; + /// using Gcp = Pulumi.Gcp; + /// + /// return await Deployment.RunAsync(() => + /// { + /// var policy = Gcp.DataPlex.GetAspectTypeIamPolicy.Invoke(new() + /// { + /// Project = testAspectTypeBasic.Project, + /// Location = testAspectTypeBasic.Location, + /// AspectTypeId = testAspectTypeBasic.AspectTypeId, + /// }); + /// + /// }); + /// ``` + /// + public static Task InvokeAsync(GetAspectTypeIamPolicyArgs args, InvokeOptions? options = null) + => global::Pulumi.Deployment.Instance.InvokeAsync("gcp:dataplex/getAspectTypeIamPolicy:getAspectTypeIamPolicy", args ?? new GetAspectTypeIamPolicyArgs(), options.WithDefaults()); + + /// + /// Retrieves the current IAM policy data for aspecttype + /// + /// + /// ## example + /// + /// ```csharp + /// using System.Collections.Generic; + /// using System.Linq; + /// using Pulumi; + /// using Gcp = Pulumi.Gcp; + /// + /// return await Deployment.RunAsync(() => + /// { + /// var policy = Gcp.DataPlex.GetAspectTypeIamPolicy.Invoke(new() + /// { + /// Project = testAspectTypeBasic.Project, + /// Location = testAspectTypeBasic.Location, + /// AspectTypeId = testAspectTypeBasic.AspectTypeId, + /// }); + /// + /// }); + /// ``` + /// + public static Output Invoke(GetAspectTypeIamPolicyInvokeArgs args, InvokeOptions? options = null) + => global::Pulumi.Deployment.Instance.Invoke("gcp:dataplex/getAspectTypeIamPolicy:getAspectTypeIamPolicy", args ?? new GetAspectTypeIamPolicyInvokeArgs(), options.WithDefaults()); + } + + + public sealed class GetAspectTypeIamPolicyArgs : global::Pulumi.InvokeArgs + { + [Input("aspectTypeId", required: true)] + public string AspectTypeId { get; set; } = null!; + + /// + /// The location where aspect type will be created in. + /// Used to find the parent resource to bind the IAM policy to + /// + [Input("location")] + public string? Location { get; set; } + + /// + /// The ID of the project in which the resource belongs. + /// If it is not provided, the project will be parsed from the identifier of the parent resource. If no project is provided in the parent identifier and no project is specified, the provider project is used. + /// + [Input("project")] + public string? Project { get; set; } + + public GetAspectTypeIamPolicyArgs() + { + } + public static new GetAspectTypeIamPolicyArgs Empty => new GetAspectTypeIamPolicyArgs(); + } + + public sealed class GetAspectTypeIamPolicyInvokeArgs : global::Pulumi.InvokeArgs + { + [Input("aspectTypeId", required: true)] + public Input AspectTypeId { get; set; } = null!; + + /// + /// The location where aspect type will be created in. + /// Used to find the parent resource to bind the IAM policy to + /// + [Input("location")] + public Input? Location { get; set; } + + /// + /// The ID of the project in which the resource belongs. + /// If it is not provided, the project will be parsed from the identifier of the parent resource. If no project is provided in the parent identifier and no project is specified, the provider project is used. + /// + [Input("project")] + public Input? Project { get; set; } + + public GetAspectTypeIamPolicyInvokeArgs() + { + } + public static new GetAspectTypeIamPolicyInvokeArgs Empty => new GetAspectTypeIamPolicyInvokeArgs(); + } + + + [OutputType] + public sealed class GetAspectTypeIamPolicyResult + { + public readonly string AspectTypeId; + /// + /// (Computed) The etag of the IAM policy. + /// + public readonly string Etag; + /// + /// The provider-assigned unique ID for this managed resource. + /// + public readonly string Id; + public readonly string Location; + /// + /// (Required only by `gcp.dataplex.AspectTypeIamPolicy`) The policy data generated by + /// a `gcp.organizations.getIAMPolicy` data source. + /// + public readonly string PolicyData; + public readonly string Project; + + [OutputConstructor] + private GetAspectTypeIamPolicyResult( + string aspectTypeId, + + string etag, + + string id, + + string location, + + string policyData, + + string project) + { + AspectTypeId = aspectTypeId; + Etag = etag; + Id = id; + Location = location; + PolicyData = policyData; + Project = project; + } + } +} diff --git a/sdk/dotnet/DataPlex/GetEntryGroupIamPolicy.cs b/sdk/dotnet/DataPlex/GetEntryGroupIamPolicy.cs new file mode 100644 index 0000000000..f88e2944fb --- /dev/null +++ b/sdk/dotnet/DataPlex/GetEntryGroupIamPolicy.cs @@ -0,0 +1,163 @@ +// *** WARNING: this file was generated by the Pulumi Terraform Bridge (tfgen) Tool. *** +// *** Do not edit by hand unless you're certain you know what you are doing! *** + +using System; +using System.Collections.Generic; +using System.Collections.Immutable; +using System.Threading.Tasks; +using Pulumi.Serialization; + +namespace Pulumi.Gcp.DataPlex +{ + public static class GetEntryGroupIamPolicy + { + /// + /// Retrieves the current IAM policy data for entrygroup + /// + /// + /// ## example + /// + /// ```csharp + /// using System.Collections.Generic; + /// using System.Linq; + /// using Pulumi; + /// using Gcp = Pulumi.Gcp; + /// + /// return await Deployment.RunAsync(() => + /// { + /// var policy = Gcp.DataPlex.GetEntryGroupIamPolicy.Invoke(new() + /// { + /// Project = testEntryGroupBasic.Project, + /// Location = testEntryGroupBasic.Location, + /// EntryGroupId = testEntryGroupBasic.EntryGroupId, + /// }); + /// + /// }); + /// ``` + /// + public static Task InvokeAsync(GetEntryGroupIamPolicyArgs args, InvokeOptions? options = null) + => global::Pulumi.Deployment.Instance.InvokeAsync("gcp:dataplex/getEntryGroupIamPolicy:getEntryGroupIamPolicy", args ?? new GetEntryGroupIamPolicyArgs(), options.WithDefaults()); + + /// + /// Retrieves the current IAM policy data for entrygroup + /// + /// + /// ## example + /// + /// ```csharp + /// using System.Collections.Generic; + /// using System.Linq; + /// using Pulumi; + /// using Gcp = Pulumi.Gcp; + /// + /// return await Deployment.RunAsync(() => + /// { + /// var policy = Gcp.DataPlex.GetEntryGroupIamPolicy.Invoke(new() + /// { + /// Project = testEntryGroupBasic.Project, + /// Location = testEntryGroupBasic.Location, + /// EntryGroupId = testEntryGroupBasic.EntryGroupId, + /// }); + /// + /// }); + /// ``` + /// + public static Output Invoke(GetEntryGroupIamPolicyInvokeArgs args, InvokeOptions? options = null) + => global::Pulumi.Deployment.Instance.Invoke("gcp:dataplex/getEntryGroupIamPolicy:getEntryGroupIamPolicy", args ?? new GetEntryGroupIamPolicyInvokeArgs(), options.WithDefaults()); + } + + + public sealed class GetEntryGroupIamPolicyArgs : global::Pulumi.InvokeArgs + { + [Input("entryGroupId", required: true)] + public string EntryGroupId { get; set; } = null!; + + /// + /// The location where entry group will be created in. + /// Used to find the parent resource to bind the IAM policy to + /// + [Input("location")] + public string? Location { get; set; } + + /// + /// The ID of the project in which the resource belongs. + /// If it is not provided, the project will be parsed from the identifier of the parent resource. If no project is provided in the parent identifier and no project is specified, the provider project is used. + /// + [Input("project")] + public string? Project { get; set; } + + public GetEntryGroupIamPolicyArgs() + { + } + public static new GetEntryGroupIamPolicyArgs Empty => new GetEntryGroupIamPolicyArgs(); + } + + public sealed class GetEntryGroupIamPolicyInvokeArgs : global::Pulumi.InvokeArgs + { + [Input("entryGroupId", required: true)] + public Input EntryGroupId { get; set; } = null!; + + /// + /// The location where entry group will be created in. + /// Used to find the parent resource to bind the IAM policy to + /// + [Input("location")] + public Input? Location { get; set; } + + /// + /// The ID of the project in which the resource belongs. + /// If it is not provided, the project will be parsed from the identifier of the parent resource. If no project is provided in the parent identifier and no project is specified, the provider project is used. + /// + [Input("project")] + public Input? Project { get; set; } + + public GetEntryGroupIamPolicyInvokeArgs() + { + } + public static new GetEntryGroupIamPolicyInvokeArgs Empty => new GetEntryGroupIamPolicyInvokeArgs(); + } + + + [OutputType] + public sealed class GetEntryGroupIamPolicyResult + { + public readonly string EntryGroupId; + /// + /// (Computed) The etag of the IAM policy. + /// + public readonly string Etag; + /// + /// The provider-assigned unique ID for this managed resource. + /// + public readonly string Id; + public readonly string Location; + /// + /// (Required only by `gcp.dataplex.EntryGroupIamPolicy`) The policy data generated by + /// a `gcp.organizations.getIAMPolicy` data source. + /// + public readonly string PolicyData; + public readonly string Project; + + [OutputConstructor] + private GetEntryGroupIamPolicyResult( + string entryGroupId, + + string etag, + + string id, + + string location, + + string policyData, + + string project) + { + EntryGroupId = entryGroupId; + Etag = etag; + Id = id; + Location = location; + PolicyData = policyData; + Project = project; + } + } +} diff --git a/sdk/dotnet/DataPlex/Inputs/AspectTypeIamBindingConditionArgs.cs b/sdk/dotnet/DataPlex/Inputs/AspectTypeIamBindingConditionArgs.cs new file mode 100644 index 0000000000..b8610e9740 --- /dev/null +++ b/sdk/dotnet/DataPlex/Inputs/AspectTypeIamBindingConditionArgs.cs @@ -0,0 +1,29 @@ +// *** WARNING: this file was generated by the Pulumi Terraform Bridge (tfgen) Tool. *** +// *** Do not edit by hand unless you're certain you know what you are doing! *** + +using System; +using System.Collections.Generic; +using System.Collections.Immutable; +using System.Threading.Tasks; +using Pulumi.Serialization; + +namespace Pulumi.Gcp.DataPlex.Inputs +{ + + public sealed class AspectTypeIamBindingConditionArgs : global::Pulumi.ResourceArgs + { + [Input("description")] + public Input? Description { get; set; } + + [Input("expression", required: true)] + public Input Expression { get; set; } = null!; + + [Input("title", required: true)] + public Input Title { get; set; } = null!; + + public AspectTypeIamBindingConditionArgs() + { + } + public static new AspectTypeIamBindingConditionArgs Empty => new AspectTypeIamBindingConditionArgs(); + } +} diff --git a/sdk/dotnet/DataPlex/Inputs/AspectTypeIamBindingConditionGetArgs.cs b/sdk/dotnet/DataPlex/Inputs/AspectTypeIamBindingConditionGetArgs.cs new file mode 100644 index 0000000000..5bdb63f8a9 --- /dev/null +++ b/sdk/dotnet/DataPlex/Inputs/AspectTypeIamBindingConditionGetArgs.cs @@ -0,0 +1,29 @@ +// *** WARNING: this file was generated by the Pulumi Terraform Bridge (tfgen) Tool. *** +// *** Do not edit by hand unless you're certain you know what you are doing! *** + +using System; +using System.Collections.Generic; +using System.Collections.Immutable; +using System.Threading.Tasks; +using Pulumi.Serialization; + +namespace Pulumi.Gcp.DataPlex.Inputs +{ + + public sealed class AspectTypeIamBindingConditionGetArgs : global::Pulumi.ResourceArgs + { + [Input("description")] + public Input? Description { get; set; } + + [Input("expression", required: true)] + public Input Expression { get; set; } = null!; + + [Input("title", required: true)] + public Input Title { get; set; } = null!; + + public AspectTypeIamBindingConditionGetArgs() + { + } + public static new AspectTypeIamBindingConditionGetArgs Empty => new AspectTypeIamBindingConditionGetArgs(); + } +} diff --git a/sdk/dotnet/DataPlex/Inputs/AspectTypeIamMemberConditionArgs.cs b/sdk/dotnet/DataPlex/Inputs/AspectTypeIamMemberConditionArgs.cs new file mode 100644 index 0000000000..b98c3be215 --- /dev/null +++ b/sdk/dotnet/DataPlex/Inputs/AspectTypeIamMemberConditionArgs.cs @@ -0,0 +1,29 @@ +// *** WARNING: this file was generated by the Pulumi Terraform Bridge (tfgen) Tool. *** +// *** Do not edit by hand unless you're certain you know what you are doing! *** + +using System; +using System.Collections.Generic; +using System.Collections.Immutable; +using System.Threading.Tasks; +using Pulumi.Serialization; + +namespace Pulumi.Gcp.DataPlex.Inputs +{ + + public sealed class AspectTypeIamMemberConditionArgs : global::Pulumi.ResourceArgs + { + [Input("description")] + public Input? Description { get; set; } + + [Input("expression", required: true)] + public Input Expression { get; set; } = null!; + + [Input("title", required: true)] + public Input Title { get; set; } = null!; + + public AspectTypeIamMemberConditionArgs() + { + } + public static new AspectTypeIamMemberConditionArgs Empty => new AspectTypeIamMemberConditionArgs(); + } +} diff --git a/sdk/dotnet/DataPlex/Inputs/AspectTypeIamMemberConditionGetArgs.cs b/sdk/dotnet/DataPlex/Inputs/AspectTypeIamMemberConditionGetArgs.cs new file mode 100644 index 0000000000..d3a8be1d81 --- /dev/null +++ b/sdk/dotnet/DataPlex/Inputs/AspectTypeIamMemberConditionGetArgs.cs @@ -0,0 +1,29 @@ +// *** WARNING: this file was generated by the Pulumi Terraform Bridge (tfgen) Tool. *** +// *** Do not edit by hand unless you're certain you know what you are doing! *** + +using System; +using System.Collections.Generic; +using System.Collections.Immutable; +using System.Threading.Tasks; +using Pulumi.Serialization; + +namespace Pulumi.Gcp.DataPlex.Inputs +{ + + public sealed class AspectTypeIamMemberConditionGetArgs : global::Pulumi.ResourceArgs + { + [Input("description")] + public Input? Description { get; set; } + + [Input("expression", required: true)] + public Input Expression { get; set; } = null!; + + [Input("title", required: true)] + public Input Title { get; set; } = null!; + + public AspectTypeIamMemberConditionGetArgs() + { + } + public static new AspectTypeIamMemberConditionGetArgs Empty => new AspectTypeIamMemberConditionGetArgs(); + } +} diff --git a/sdk/dotnet/DataPlex/Inputs/EntryGroupIamBindingConditionArgs.cs b/sdk/dotnet/DataPlex/Inputs/EntryGroupIamBindingConditionArgs.cs new file mode 100644 index 0000000000..a9d1fc7079 --- /dev/null +++ b/sdk/dotnet/DataPlex/Inputs/EntryGroupIamBindingConditionArgs.cs @@ -0,0 +1,29 @@ +// *** WARNING: this file was generated by the Pulumi Terraform Bridge (tfgen) Tool. *** +// *** Do not edit by hand unless you're certain you know what you are doing! *** + +using System; +using System.Collections.Generic; +using System.Collections.Immutable; +using System.Threading.Tasks; +using Pulumi.Serialization; + +namespace Pulumi.Gcp.DataPlex.Inputs +{ + + public sealed class EntryGroupIamBindingConditionArgs : global::Pulumi.ResourceArgs + { + [Input("description")] + public Input? Description { get; set; } + + [Input("expression", required: true)] + public Input Expression { get; set; } = null!; + + [Input("title", required: true)] + public Input Title { get; set; } = null!; + + public EntryGroupIamBindingConditionArgs() + { + } + public static new EntryGroupIamBindingConditionArgs Empty => new EntryGroupIamBindingConditionArgs(); + } +} diff --git a/sdk/dotnet/DataPlex/Inputs/EntryGroupIamBindingConditionGetArgs.cs b/sdk/dotnet/DataPlex/Inputs/EntryGroupIamBindingConditionGetArgs.cs new file mode 100644 index 0000000000..bc56bb093b --- /dev/null +++ b/sdk/dotnet/DataPlex/Inputs/EntryGroupIamBindingConditionGetArgs.cs @@ -0,0 +1,29 @@ +// *** WARNING: this file was generated by the Pulumi Terraform Bridge (tfgen) Tool. *** +// *** Do not edit by hand unless you're certain you know what you are doing! *** + +using System; +using System.Collections.Generic; +using System.Collections.Immutable; +using System.Threading.Tasks; +using Pulumi.Serialization; + +namespace Pulumi.Gcp.DataPlex.Inputs +{ + + public sealed class EntryGroupIamBindingConditionGetArgs : global::Pulumi.ResourceArgs + { + [Input("description")] + public Input? Description { get; set; } + + [Input("expression", required: true)] + public Input Expression { get; set; } = null!; + + [Input("title", required: true)] + public Input Title { get; set; } = null!; + + public EntryGroupIamBindingConditionGetArgs() + { + } + public static new EntryGroupIamBindingConditionGetArgs Empty => new EntryGroupIamBindingConditionGetArgs(); + } +} diff --git a/sdk/dotnet/DataPlex/Inputs/EntryGroupIamMemberConditionArgs.cs b/sdk/dotnet/DataPlex/Inputs/EntryGroupIamMemberConditionArgs.cs new file mode 100644 index 0000000000..b14834f3ae --- /dev/null +++ b/sdk/dotnet/DataPlex/Inputs/EntryGroupIamMemberConditionArgs.cs @@ -0,0 +1,29 @@ +// *** WARNING: this file was generated by the Pulumi Terraform Bridge (tfgen) Tool. *** +// *** Do not edit by hand unless you're certain you know what you are doing! *** + +using System; +using System.Collections.Generic; +using System.Collections.Immutable; +using System.Threading.Tasks; +using Pulumi.Serialization; + +namespace Pulumi.Gcp.DataPlex.Inputs +{ + + public sealed class EntryGroupIamMemberConditionArgs : global::Pulumi.ResourceArgs + { + [Input("description")] + public Input? Description { get; set; } + + [Input("expression", required: true)] + public Input Expression { get; set; } = null!; + + [Input("title", required: true)] + public Input Title { get; set; } = null!; + + public EntryGroupIamMemberConditionArgs() + { + } + public static new EntryGroupIamMemberConditionArgs Empty => new EntryGroupIamMemberConditionArgs(); + } +} diff --git a/sdk/dotnet/DataPlex/Inputs/EntryGroupIamMemberConditionGetArgs.cs b/sdk/dotnet/DataPlex/Inputs/EntryGroupIamMemberConditionGetArgs.cs new file mode 100644 index 0000000000..b9faeb6813 --- /dev/null +++ b/sdk/dotnet/DataPlex/Inputs/EntryGroupIamMemberConditionGetArgs.cs @@ -0,0 +1,29 @@ +// *** WARNING: this file was generated by the Pulumi Terraform Bridge (tfgen) Tool. *** +// *** Do not edit by hand unless you're certain you know what you are doing! *** + +using System; +using System.Collections.Generic; +using System.Collections.Immutable; +using System.Threading.Tasks; +using Pulumi.Serialization; + +namespace Pulumi.Gcp.DataPlex.Inputs +{ + + public sealed class EntryGroupIamMemberConditionGetArgs : global::Pulumi.ResourceArgs + { + [Input("description")] + public Input? Description { get; set; } + + [Input("expression", required: true)] + public Input Expression { get; set; } = null!; + + [Input("title", required: true)] + public Input Title { get; set; } = null!; + + public EntryGroupIamMemberConditionGetArgs() + { + } + public static new EntryGroupIamMemberConditionGetArgs Empty => new EntryGroupIamMemberConditionGetArgs(); + } +} diff --git a/sdk/dotnet/DataPlex/Outputs/AspectTypeIamBindingCondition.cs b/sdk/dotnet/DataPlex/Outputs/AspectTypeIamBindingCondition.cs new file mode 100644 index 0000000000..9b8f2b5e6e --- /dev/null +++ b/sdk/dotnet/DataPlex/Outputs/AspectTypeIamBindingCondition.cs @@ -0,0 +1,33 @@ +// *** WARNING: this file was generated by the Pulumi Terraform Bridge (tfgen) Tool. *** +// *** Do not edit by hand unless you're certain you know what you are doing! *** + +using System; +using System.Collections.Generic; +using System.Collections.Immutable; +using System.Threading.Tasks; +using Pulumi.Serialization; + +namespace Pulumi.Gcp.DataPlex.Outputs +{ + + [OutputType] + public sealed class AspectTypeIamBindingCondition + { + public readonly string? Description; + public readonly string Expression; + public readonly string Title; + + [OutputConstructor] + private AspectTypeIamBindingCondition( + string? description, + + string expression, + + string title) + { + Description = description; + Expression = expression; + Title = title; + } + } +} diff --git a/sdk/dotnet/DataPlex/Outputs/AspectTypeIamMemberCondition.cs b/sdk/dotnet/DataPlex/Outputs/AspectTypeIamMemberCondition.cs new file mode 100644 index 0000000000..2085f74d18 --- /dev/null +++ b/sdk/dotnet/DataPlex/Outputs/AspectTypeIamMemberCondition.cs @@ -0,0 +1,33 @@ +// *** WARNING: this file was generated by the Pulumi Terraform Bridge (tfgen) Tool. *** +// *** Do not edit by hand unless you're certain you know what you are doing! *** + +using System; +using System.Collections.Generic; +using System.Collections.Immutable; +using System.Threading.Tasks; +using Pulumi.Serialization; + +namespace Pulumi.Gcp.DataPlex.Outputs +{ + + [OutputType] + public sealed class AspectTypeIamMemberCondition + { + public readonly string? Description; + public readonly string Expression; + public readonly string Title; + + [OutputConstructor] + private AspectTypeIamMemberCondition( + string? description, + + string expression, + + string title) + { + Description = description; + Expression = expression; + Title = title; + } + } +} diff --git a/sdk/dotnet/DataPlex/Outputs/EntryGroupIamBindingCondition.cs b/sdk/dotnet/DataPlex/Outputs/EntryGroupIamBindingCondition.cs new file mode 100644 index 0000000000..7aa1ee8f14 --- /dev/null +++ b/sdk/dotnet/DataPlex/Outputs/EntryGroupIamBindingCondition.cs @@ -0,0 +1,33 @@ +// *** WARNING: this file was generated by the Pulumi Terraform Bridge (tfgen) Tool. *** +// *** Do not edit by hand unless you're certain you know what you are doing! *** + +using System; +using System.Collections.Generic; +using System.Collections.Immutable; +using System.Threading.Tasks; +using Pulumi.Serialization; + +namespace Pulumi.Gcp.DataPlex.Outputs +{ + + [OutputType] + public sealed class EntryGroupIamBindingCondition + { + public readonly string? Description; + public readonly string Expression; + public readonly string Title; + + [OutputConstructor] + private EntryGroupIamBindingCondition( + string? description, + + string expression, + + string title) + { + Description = description; + Expression = expression; + Title = title; + } + } +} diff --git a/sdk/dotnet/DataPlex/Outputs/EntryGroupIamMemberCondition.cs b/sdk/dotnet/DataPlex/Outputs/EntryGroupIamMemberCondition.cs new file mode 100644 index 0000000000..ad2de876f7 --- /dev/null +++ b/sdk/dotnet/DataPlex/Outputs/EntryGroupIamMemberCondition.cs @@ -0,0 +1,33 @@ +// *** WARNING: this file was generated by the Pulumi Terraform Bridge (tfgen) Tool. *** +// *** Do not edit by hand unless you're certain you know what you are doing! *** + +using System; +using System.Collections.Generic; +using System.Collections.Immutable; +using System.Threading.Tasks; +using Pulumi.Serialization; + +namespace Pulumi.Gcp.DataPlex.Outputs +{ + + [OutputType] + public sealed class EntryGroupIamMemberCondition + { + public readonly string? Description; + public readonly string Expression; + public readonly string Title; + + [OutputConstructor] + private EntryGroupIamMemberCondition( + string? description, + + string expression, + + string title) + { + Description = description; + Expression = expression; + Title = title; + } + } +} diff --git a/sdk/dotnet/Datastream/ConnectionProfile.cs b/sdk/dotnet/Datastream/ConnectionProfile.cs index 418b65fbee..87a0f3e0a2 100644 --- a/sdk/dotnet/Datastream/ConnectionProfile.cs +++ b/sdk/dotnet/Datastream/ConnectionProfile.cs @@ -391,6 +391,12 @@ public partial class ConnectionProfile : global::Pulumi.CustomResource [Output("connectionProfileId")] public Output ConnectionProfileId { get; private set; } = null!; + /// + /// Create the connection profile without validating it. + /// + [Output("createWithoutValidation")] + public Output CreateWithoutValidation { get; private set; } = null!; + /// /// Display name. /// @@ -552,6 +558,12 @@ public sealed class ConnectionProfileArgs : global::Pulumi.ResourceArgs [Input("connectionProfileId", required: true)] public Input ConnectionProfileId { get; set; } = null!; + /// + /// Create the connection profile without validating it. + /// + [Input("createWithoutValidation")] + public Input? CreateWithoutValidation { get; set; } + /// /// Display name. /// @@ -657,6 +669,12 @@ public sealed class ConnectionProfileState : global::Pulumi.ResourceArgs [Input("connectionProfileId")] public Input? ConnectionProfileId { get; set; } + /// + /// Create the connection profile without validating it. + /// + [Input("createWithoutValidation")] + public Input? CreateWithoutValidation { get; set; } + /// /// Display name. /// diff --git a/sdk/dotnet/Datastream/PrivateConnection.cs b/sdk/dotnet/Datastream/PrivateConnection.cs index f6242646ab..d965759d5d 100644 --- a/sdk/dotnet/Datastream/PrivateConnection.cs +++ b/sdk/dotnet/Datastream/PrivateConnection.cs @@ -81,6 +81,12 @@ namespace Pulumi.Gcp.Datastream [GcpResourceType("gcp:datastream/privateConnection:PrivateConnection")] public partial class PrivateConnection : global::Pulumi.CustomResource { + /// + /// If set to true, will skip validations. + /// + [Output("createWithoutValidation")] + public Output CreateWithoutValidation { get; private set; } = null!; + /// /// Display name. /// @@ -200,6 +206,12 @@ public static PrivateConnection Get(string name, Input id, PrivateConnec public sealed class PrivateConnectionArgs : global::Pulumi.ResourceArgs { + /// + /// If set to true, will skip validations. + /// + [Input("createWithoutValidation")] + public Input? CreateWithoutValidation { get; set; } + /// /// Display name. /// @@ -250,6 +262,12 @@ public PrivateConnectionArgs() public sealed class PrivateConnectionState : global::Pulumi.ResourceArgs { + /// + /// If set to true, will skip validations. + /// + [Input("createWithoutValidation")] + public Input? CreateWithoutValidation { get; set; } + /// /// Display name. /// diff --git a/sdk/dotnet/Datastream/Stream.cs b/sdk/dotnet/Datastream/Stream.cs index ed83a86212..0c6eb63acd 100644 --- a/sdk/dotnet/Datastream/Stream.cs +++ b/sdk/dotnet/Datastream/Stream.cs @@ -1032,6 +1032,12 @@ public partial class Stream : global::Pulumi.CustomResource [Output("backfillNone")] public Output BackfillNone { get; private set; } = null!; + /// + /// Create the stream without validating it. + /// + [Output("createWithoutValidation")] + public Output CreateWithoutValidation { get; private set; } = null!; + /// /// A reference to a KMS encryption key. If provided, it will be used to encrypt the data. If left blank, data will be /// encrypted using an internal Stream-specific encryption key provisioned through KMS. @@ -1175,6 +1181,12 @@ public sealed class StreamArgs : global::Pulumi.ResourceArgs [Input("backfillNone")] public Input? BackfillNone { get; set; } + /// + /// Create the stream without validating it. + /// + [Input("createWithoutValidation")] + public Input? CreateWithoutValidation { get; set; } + /// /// A reference to a KMS encryption key. If provided, it will be used to encrypt the data. If left blank, data will be /// encrypted using an internal Stream-specific encryption key provisioned through KMS. @@ -1256,6 +1268,12 @@ public sealed class StreamState : global::Pulumi.ResourceArgs [Input("backfillNone")] public Input? BackfillNone { get; set; } + /// + /// Create the stream without validating it. + /// + [Input("createWithoutValidation")] + public Input? CreateWithoutValidation { get; set; } + /// /// A reference to a KMS encryption key. If provided, it will be used to encrypt the data. If left blank, data will be /// encrypted using an internal Stream-specific encryption key provisioned through KMS. diff --git a/sdk/dotnet/Kms/AutokeyConfig.cs b/sdk/dotnet/Kms/AutokeyConfig.cs new file mode 100644 index 0000000000..8b9823f281 --- /dev/null +++ b/sdk/dotnet/Kms/AutokeyConfig.cs @@ -0,0 +1,272 @@ +// *** WARNING: this file was generated by the Pulumi Terraform Bridge (tfgen) Tool. *** +// *** Do not edit by hand unless you're certain you know what you are doing! *** + +using System; +using System.Collections.Generic; +using System.Collections.Immutable; +using System.Threading.Tasks; +using Pulumi.Serialization; + +namespace Pulumi.Gcp.Kms +{ + /// + /// ## Example Usage + /// + /// ### Kms Autokey Config All + /// + /// ```csharp + /// using System.Collections.Generic; + /// using System.Linq; + /// using Pulumi; + /// using Gcp = Pulumi.Gcp; + /// using Time = Pulumi.Time; + /// + /// return await Deployment.RunAsync(() => + /// { + /// // Create Folder in GCP Organization + /// var autokmsFolder = new Gcp.Organizations.Folder("autokms_folder", new() + /// { + /// DisplayName = "my-folder", + /// Parent = "organizations/123456789", + /// }); + /// + /// // Create the key project + /// var keyProject = new Gcp.Organizations.Project("key_project", new() + /// { + /// ProjectId = "key-proj", + /// Name = "key-proj", + /// FolderId = autokmsFolder.FolderId, + /// BillingAccount = "000000-0000000-0000000-000000", + /// }, new CustomResourceOptions + /// { + /// DependsOn = + /// { + /// autokmsFolder, + /// }, + /// }); + /// + /// // Enable the Cloud KMS API + /// var kmsApiService = new Gcp.Projects.Service("kms_api_service", new() + /// { + /// ServiceName = "cloudkms.googleapis.com", + /// Project = keyProject.ProjectId, + /// DisableOnDestroy = false, + /// DisableDependentServices = true, + /// }, new CustomResourceOptions + /// { + /// DependsOn = + /// { + /// keyProject, + /// }, + /// }); + /// + /// // Wait delay after enabling APIs + /// var waitEnableServiceApi = new Time.Index.Sleep("wait_enable_service_api", new() + /// { + /// CreateDuration = "30s", + /// }, new CustomResourceOptions + /// { + /// DependsOn = + /// { + /// kmsApiService, + /// }, + /// }); + /// + /// //Create KMS Service Agent + /// var kmsServiceAgent = new Gcp.Projects.ServiceIdentity("kms_service_agent", new() + /// { + /// Service = "cloudkms.googleapis.com", + /// Project = keyProject.Number, + /// }, new CustomResourceOptions + /// { + /// DependsOn = + /// { + /// waitEnableServiceApi, + /// }, + /// }); + /// + /// // Wait delay after creating service agent. + /// var waitServiceAgent = new Time.Index.Sleep("wait_service_agent", new() + /// { + /// CreateDuration = "10s", + /// }, new CustomResourceOptions + /// { + /// DependsOn = + /// { + /// kmsServiceAgent, + /// }, + /// }); + /// + /// //Grant the KMS Service Agent the Cloud KMS Admin role + /// var autokeyProjectAdmin = new Gcp.Projects.IAMMember("autokey_project_admin", new() + /// { + /// Project = keyProject.ProjectId, + /// Role = "roles/cloudkms.admin", + /// Member = keyProject.Number.Apply(number => $"serviceAccount:service-{number}@gcp-sa-cloudkms.iam.gserviceaccount.com"), + /// }, new CustomResourceOptions + /// { + /// DependsOn = + /// { + /// waitServiceAgent, + /// }, + /// }); + /// + /// // Wait delay after granting IAM permissions + /// var waitSrvAccPermissions = new Time.Index.Sleep("wait_srv_acc_permissions", new() + /// { + /// CreateDuration = "10s", + /// }, new CustomResourceOptions + /// { + /// DependsOn = + /// { + /// autokeyProjectAdmin, + /// }, + /// }); + /// + /// var example_autokeyconfig = new Gcp.Kms.AutokeyConfig("example-autokeyconfig", new() + /// { + /// Folder = autokmsFolder.FolderId, + /// KeyProject = keyProject.ProjectId.Apply(projectId => $"projects/{projectId}"), + /// }, new CustomResourceOptions + /// { + /// DependsOn = + /// { + /// waitSrvAccPermissions, + /// }, + /// }); + /// + /// }); + /// ``` + /// + /// ## Import + /// + /// AutokeyConfig can be imported using any of these accepted formats: + /// + /// * `folders/{{folder}}/autokeyConfig` + /// + /// * `{{folder}}` + /// + /// When using the `pulumi import` command, AutokeyConfig can be imported using one of the formats above. For example: + /// + /// ```sh + /// $ pulumi import gcp:kms/autokeyConfig:AutokeyConfig default folders/{{folder}}/autokeyConfig + /// ``` + /// + /// ```sh + /// $ pulumi import gcp:kms/autokeyConfig:AutokeyConfig default {{folder}} + /// ``` + /// + [GcpResourceType("gcp:kms/autokeyConfig:AutokeyConfig")] + public partial class AutokeyConfig : global::Pulumi.CustomResource + { + /// + /// The folder for which to retrieve config. + /// + /// + /// - - - + /// + [Output("folder")] + public Output Folder { get; private set; } = null!; + + /// + /// The target key project for a given folder where KMS Autokey will provision a + /// CryptoKey for any new KeyHandle the Developer creates. Should have the form + /// `projects/<project_id_or_number>`. + /// + [Output("keyProject")] + public Output KeyProject { get; private set; } = null!; + + + /// + /// Create a AutokeyConfig resource with the given unique name, arguments, and options. + /// + /// + /// The unique name of the resource + /// The arguments used to populate this resource's properties + /// A bag of options that control this resource's behavior + public AutokeyConfig(string name, AutokeyConfigArgs args, CustomResourceOptions? options = null) + : base("gcp:kms/autokeyConfig:AutokeyConfig", name, args ?? new AutokeyConfigArgs(), MakeResourceOptions(options, "")) + { + } + + private AutokeyConfig(string name, Input id, AutokeyConfigState? state = null, CustomResourceOptions? options = null) + : base("gcp:kms/autokeyConfig:AutokeyConfig", name, state, MakeResourceOptions(options, id)) + { + } + + private static CustomResourceOptions MakeResourceOptions(CustomResourceOptions? options, Input? id) + { + var defaultOptions = new CustomResourceOptions + { + Version = Utilities.Version, + }; + var merged = CustomResourceOptions.Merge(defaultOptions, options); + // Override the ID if one was specified for consistency with other language SDKs. + merged.Id = id ?? merged.Id; + return merged; + } + /// + /// Get an existing AutokeyConfig resource's state with the given name, ID, and optional extra + /// properties used to qualify the lookup. + /// + /// + /// The unique name of the resulting resource. + /// The unique provider ID of the resource to lookup. + /// Any extra arguments used during the lookup. + /// A bag of options that control this resource's behavior + public static AutokeyConfig Get(string name, Input id, AutokeyConfigState? state = null, CustomResourceOptions? options = null) + { + return new AutokeyConfig(name, id, state, options); + } + } + + public sealed class AutokeyConfigArgs : global::Pulumi.ResourceArgs + { + /// + /// The folder for which to retrieve config. + /// + /// + /// - - - + /// + [Input("folder", required: true)] + public Input Folder { get; set; } = null!; + + /// + /// The target key project for a given folder where KMS Autokey will provision a + /// CryptoKey for any new KeyHandle the Developer creates. Should have the form + /// `projects/<project_id_or_number>`. + /// + [Input("keyProject")] + public Input? KeyProject { get; set; } + + public AutokeyConfigArgs() + { + } + public static new AutokeyConfigArgs Empty => new AutokeyConfigArgs(); + } + + public sealed class AutokeyConfigState : global::Pulumi.ResourceArgs + { + /// + /// The folder for which to retrieve config. + /// + /// + /// - - - + /// + [Input("folder")] + public Input? Folder { get; set; } + + /// + /// The target key project for a given folder where KMS Autokey will provision a + /// CryptoKey for any new KeyHandle the Developer creates. Should have the form + /// `projects/<project_id_or_number>`. + /// + [Input("keyProject")] + public Input? KeyProject { get; set; } + + public AutokeyConfigState() + { + } + public static new AutokeyConfigState Empty => new AutokeyConfigState(); + } +} diff --git a/sdk/dotnet/Kms/KeyHandle.cs b/sdk/dotnet/Kms/KeyHandle.cs new file mode 100644 index 0000000000..73907bca9c --- /dev/null +++ b/sdk/dotnet/Kms/KeyHandle.cs @@ -0,0 +1,374 @@ +// *** WARNING: this file was generated by the Pulumi Terraform Bridge (tfgen) Tool. *** +// *** Do not edit by hand unless you're certain you know what you are doing! *** + +using System; +using System.Collections.Generic; +using System.Collections.Immutable; +using System.Threading.Tasks; +using Pulumi.Serialization; + +namespace Pulumi.Gcp.Kms +{ + /// + /// ## Example Usage + /// + /// ### Kms Key Handle Basic + /// + /// ```csharp + /// using System.Collections.Generic; + /// using System.Linq; + /// using Pulumi; + /// using Gcp = Pulumi.Gcp; + /// using Time = Pulumi.Time; + /// + /// return await Deployment.RunAsync(() => + /// { + /// // Create Folder in GCP Organization + /// var autokmsFolder = new Gcp.Organizations.Folder("autokms_folder", new() + /// { + /// DisplayName = "folder-example", + /// Parent = "organizations/123456789", + /// }); + /// + /// // Create the key project + /// var keyProject = new Gcp.Organizations.Project("key_project", new() + /// { + /// ProjectId = "key-proj", + /// Name = "key-proj", + /// FolderId = autokmsFolder.FolderId, + /// BillingAccount = "000000-0000000-0000000-000000", + /// }, new CustomResourceOptions + /// { + /// DependsOn = + /// { + /// autokmsFolder, + /// }, + /// }); + /// + /// // Create the resource project + /// var resourceProject = new Gcp.Organizations.Project("resource_project", new() + /// { + /// ProjectId = "resources", + /// Name = "resources", + /// FolderId = autokmsFolder.FolderId, + /// BillingAccount = "000000-0000000-0000000-000000", + /// }, new CustomResourceOptions + /// { + /// DependsOn = + /// { + /// autokmsFolder, + /// }, + /// }); + /// + /// // Enable the Cloud KMS API + /// var kmsApiService = new Gcp.Projects.Service("kms_api_service", new() + /// { + /// ServiceName = "cloudkms.googleapis.com", + /// Project = keyProject.ProjectId, + /// DisableOnDestroy = false, + /// DisableDependentServices = true, + /// }, new CustomResourceOptions + /// { + /// DependsOn = + /// { + /// keyProject, + /// }, + /// }); + /// + /// // Wait delay after enabling APIs + /// var waitEnableServiceApi = new Time.Index.Sleep("wait_enable_service_api", new() + /// { + /// CreateDuration = "30s", + /// }, new CustomResourceOptions + /// { + /// DependsOn = + /// { + /// kmsApiService, + /// }, + /// }); + /// + /// //Create KMS Service Agent + /// var kmsServiceAgent = new Gcp.Projects.ServiceIdentity("kms_service_agent", new() + /// { + /// Service = "cloudkms.googleapis.com", + /// Project = keyProject.Number, + /// }, new CustomResourceOptions + /// { + /// DependsOn = + /// { + /// waitEnableServiceApi, + /// }, + /// }); + /// + /// // Wait delay after creating service agent. + /// var waitServiceAgent = new Time.Index.Sleep("wait_service_agent", new() + /// { + /// CreateDuration = "10s", + /// }, new CustomResourceOptions + /// { + /// DependsOn = + /// { + /// kmsServiceAgent, + /// }, + /// }); + /// + /// //Grant the KMS Service Agent the Cloud KMS Admin role + /// var autokeyProjectAdmin = new Gcp.Projects.IAMMember("autokey_project_admin", new() + /// { + /// Project = keyProject.ProjectId, + /// Role = "roles/cloudkms.admin", + /// Member = keyProject.Number.Apply(number => $"serviceAccount:service-{number}@gcp-sa-cloudkms.iam.gserviceaccount.com"), + /// }, new CustomResourceOptions + /// { + /// DependsOn = + /// { + /// waitServiceAgent, + /// }, + /// }); + /// + /// // Wait delay after granting IAM permissions + /// var waitSrvAccPermissions = new Time.Index.Sleep("wait_srv_acc_permissions", new() + /// { + /// CreateDuration = "10s", + /// }, new CustomResourceOptions + /// { + /// DependsOn = + /// { + /// autokeyProjectAdmin, + /// }, + /// }); + /// + /// var autokeyConfig = new Gcp.Kms.AutokeyConfig("autokey_config", new() + /// { + /// Folder = autokmsFolder.FolderId, + /// KeyProject = keyProject.ProjectId.Apply(projectId => $"projects/{projectId}"), + /// }, new CustomResourceOptions + /// { + /// DependsOn = + /// { + /// waitSrvAccPermissions, + /// }, + /// }); + /// + /// // Wait delay for autokey config to take effect + /// var waitAutokeyConfig = new Time.Index.Sleep("wait_autokey_config", new() + /// { + /// CreateDuration = "10s", + /// }, new CustomResourceOptions + /// { + /// DependsOn = + /// { + /// autokeyConfig, + /// }, + /// }); + /// + /// var example_keyhandle = new Gcp.Kms.KeyHandle("example-keyhandle", new() + /// { + /// Project = resourceProject.ProjectId, + /// Name = "example-key-handle", + /// Location = "global", + /// ResourceTypeSelector = "storage.googleapis.com/Bucket", + /// }, new CustomResourceOptions + /// { + /// DependsOn = + /// { + /// waitAutokeyConfig, + /// }, + /// }); + /// + /// }); + /// ``` + /// + /// ## Import + /// + /// KeyHandle can be imported using any of these accepted formats: + /// + /// * `projects/{{project}}/locations/{{location}}/keyHandles/{{name}}` + /// + /// * `{{project}}/{{location}}/{{name}}` + /// + /// * `{{location}}/{{name}}` + /// + /// When using the `pulumi import` command, KeyHandle can be imported using one of the formats above. For example: + /// + /// ```sh + /// $ pulumi import gcp:kms/keyHandle:KeyHandle default projects/{{project}}/locations/{{location}}/keyHandles/{{name}} + /// ``` + /// + /// ```sh + /// $ pulumi import gcp:kms/keyHandle:KeyHandle default {{project}}/{{location}}/{{name}} + /// ``` + /// + /// ```sh + /// $ pulumi import gcp:kms/keyHandle:KeyHandle default {{location}}/{{name}} + /// ``` + /// + [GcpResourceType("gcp:kms/keyHandle:KeyHandle")] + public partial class KeyHandle : global::Pulumi.CustomResource + { + /// + /// A reference to a Cloud KMS CryptoKey that can be used for CMEK in the requested + /// product/project/location, for example + /// `projects/1/locations/us-east1/keyRings/foo/cryptoKeys/bar-ffffff` + /// + [Output("kmsKey")] + public Output KmsKey { get; private set; } = null!; + + /// + /// The location for the KeyHandle. + /// A full list of valid locations can be found by running `gcloud kms locations list`. + /// + /// + /// - - - + /// + [Output("location")] + public Output Location { get; private set; } = null!; + + /// + /// The resource name for the KeyHandle. + /// + [Output("name")] + public Output Name { get; private set; } = null!; + + /// + /// The ID of the project in which the resource belongs. + /// If it is not provided, the provider project is used. + /// + [Output("project")] + public Output Project { get; private set; } = null!; + + /// + /// Selector of the resource type where we want to protect resources. + /// For example, `storage.googleapis.com/Bucket OR compute.googleapis.com/*` + /// + [Output("resourceTypeSelector")] + public Output ResourceTypeSelector { get; private set; } = null!; + + + /// + /// Create a KeyHandle resource with the given unique name, arguments, and options. + /// + /// + /// The unique name of the resource + /// The arguments used to populate this resource's properties + /// A bag of options that control this resource's behavior + public KeyHandle(string name, KeyHandleArgs args, CustomResourceOptions? options = null) + : base("gcp:kms/keyHandle:KeyHandle", name, args ?? new KeyHandleArgs(), MakeResourceOptions(options, "")) + { + } + + private KeyHandle(string name, Input id, KeyHandleState? state = null, CustomResourceOptions? options = null) + : base("gcp:kms/keyHandle:KeyHandle", name, state, MakeResourceOptions(options, id)) + { + } + + private static CustomResourceOptions MakeResourceOptions(CustomResourceOptions? options, Input? id) + { + var defaultOptions = new CustomResourceOptions + { + Version = Utilities.Version, + }; + var merged = CustomResourceOptions.Merge(defaultOptions, options); + // Override the ID if one was specified for consistency with other language SDKs. + merged.Id = id ?? merged.Id; + return merged; + } + /// + /// Get an existing KeyHandle resource's state with the given name, ID, and optional extra + /// properties used to qualify the lookup. + /// + /// + /// The unique name of the resulting resource. + /// The unique provider ID of the resource to lookup. + /// Any extra arguments used during the lookup. + /// A bag of options that control this resource's behavior + public static KeyHandle Get(string name, Input id, KeyHandleState? state = null, CustomResourceOptions? options = null) + { + return new KeyHandle(name, id, state, options); + } + } + + public sealed class KeyHandleArgs : global::Pulumi.ResourceArgs + { + /// + /// The location for the KeyHandle. + /// A full list of valid locations can be found by running `gcloud kms locations list`. + /// + /// + /// - - - + /// + [Input("location", required: true)] + public Input Location { get; set; } = null!; + + /// + /// The resource name for the KeyHandle. + /// + [Input("name")] + public Input? Name { get; set; } + + /// + /// The ID of the project in which the resource belongs. + /// If it is not provided, the provider project is used. + /// + [Input("project")] + public Input? Project { get; set; } + + /// + /// Selector of the resource type where we want to protect resources. + /// For example, `storage.googleapis.com/Bucket OR compute.googleapis.com/*` + /// + [Input("resourceTypeSelector", required: true)] + public Input ResourceTypeSelector { get; set; } = null!; + + public KeyHandleArgs() + { + } + public static new KeyHandleArgs Empty => new KeyHandleArgs(); + } + + public sealed class KeyHandleState : global::Pulumi.ResourceArgs + { + /// + /// A reference to a Cloud KMS CryptoKey that can be used for CMEK in the requested + /// product/project/location, for example + /// `projects/1/locations/us-east1/keyRings/foo/cryptoKeys/bar-ffffff` + /// + [Input("kmsKey")] + public Input? KmsKey { get; set; } + + /// + /// The location for the KeyHandle. + /// A full list of valid locations can be found by running `gcloud kms locations list`. + /// + /// + /// - - - + /// + [Input("location")] + public Input? Location { get; set; } + + /// + /// The resource name for the KeyHandle. + /// + [Input("name")] + public Input? Name { get; set; } + + /// + /// The ID of the project in which the resource belongs. + /// If it is not provided, the provider project is used. + /// + [Input("project")] + public Input? Project { get; set; } + + /// + /// Selector of the resource type where we want to protect resources. + /// For example, `storage.googleapis.com/Bucket OR compute.googleapis.com/*` + /// + [Input("resourceTypeSelector")] + public Input? ResourceTypeSelector { get; set; } + + public KeyHandleState() + { + } + public static new KeyHandleState Empty => new KeyHandleState(); + } +} diff --git a/sdk/dotnet/NetworkServices/Inputs/LbRouteExtensionExtensionChainArgs.cs b/sdk/dotnet/NetworkServices/Inputs/LbRouteExtensionExtensionChainArgs.cs new file mode 100644 index 0000000000..5b4fac2e58 --- /dev/null +++ b/sdk/dotnet/NetworkServices/Inputs/LbRouteExtensionExtensionChainArgs.cs @@ -0,0 +1,51 @@ +// *** WARNING: this file was generated by the Pulumi Terraform Bridge (tfgen) Tool. *** +// *** Do not edit by hand unless you're certain you know what you are doing! *** + +using System; +using System.Collections.Generic; +using System.Collections.Immutable; +using System.Threading.Tasks; +using Pulumi.Serialization; + +namespace Pulumi.Gcp.NetworkServices.Inputs +{ + + public sealed class LbRouteExtensionExtensionChainArgs : global::Pulumi.ResourceArgs + { + [Input("extensions", required: true)] + private InputList? _extensions; + + /// + /// A set of extensions to execute for the matching request. + /// At least one extension is required. Up to 3 extensions can be defined for each extension chain for + /// LbTrafficExtension resource. LbRouteExtension chains are limited to 1 extension per extension chain. + /// Structure is documented below. + /// + public InputList Extensions + { + get => _extensions ?? (_extensions = new InputList()); + set => _extensions = value; + } + + /// + /// Conditions under which this chain is invoked for a request. + /// Structure is documented below. + /// + [Input("matchCondition", required: true)] + public Input MatchCondition { get; set; } = null!; + + /// + /// The name for this extension chain. The name is logged as part of the HTTP request logs. + /// The name must conform with RFC-1034, is restricted to lower-cased letters, numbers and hyphens, + /// and can have a maximum length of 63 characters. Additionally, the first character must be a letter + /// and the last character must be a letter or a number. + /// + [Input("name", required: true)] + public Input Name { get; set; } = null!; + + public LbRouteExtensionExtensionChainArgs() + { + } + public static new LbRouteExtensionExtensionChainArgs Empty => new LbRouteExtensionExtensionChainArgs(); + } +} diff --git a/sdk/dotnet/NetworkServices/Inputs/LbRouteExtensionExtensionChainExtensionArgs.cs b/sdk/dotnet/NetworkServices/Inputs/LbRouteExtensionExtensionChainExtensionArgs.cs new file mode 100644 index 0000000000..035fdec0e6 --- /dev/null +++ b/sdk/dotnet/NetworkServices/Inputs/LbRouteExtensionExtensionChainExtensionArgs.cs @@ -0,0 +1,74 @@ +// *** WARNING: this file was generated by the Pulumi Terraform Bridge (tfgen) Tool. *** +// *** Do not edit by hand unless you're certain you know what you are doing! *** + +using System; +using System.Collections.Generic; +using System.Collections.Immutable; +using System.Threading.Tasks; +using Pulumi.Serialization; + +namespace Pulumi.Gcp.NetworkServices.Inputs +{ + + public sealed class LbRouteExtensionExtensionChainExtensionArgs : global::Pulumi.ResourceArgs + { + /// + /// The :authority header in the gRPC request sent from Envoy to the extension service. + /// + [Input("authority")] + public Input? Authority { get; set; } + + /// + /// Determines how the proxy behaves if the call to the extension fails or times out. + /// When set to TRUE, request or response processing continues without error. + /// Any subsequent extensions in the extension chain are also executed. + /// When set to FALSE: * If response headers have not been delivered to the downstream client, + /// a generic 500 error is returned to the client. The error response can be tailored by + /// configuring a custom error response in the load balancer. + /// + [Input("failOpen")] + public Input? FailOpen { get; set; } + + [Input("forwardHeaders")] + private InputList? _forwardHeaders; + + /// + /// List of the HTTP headers to forward to the extension (from the client or backend). + /// If omitted, all headers are sent. Each element is a string indicating the header name. + /// + /// - - - + /// + public InputList ForwardHeaders + { + get => _forwardHeaders ?? (_forwardHeaders = new InputList()); + set => _forwardHeaders = value; + } + + /// + /// The name for this extension. The name is logged as part of the HTTP request logs. + /// The name must conform with RFC-1034, is restricted to lower-cased letters, numbers and hyphens, + /// and can have a maximum length of 63 characters. Additionally, the first character must be a letter + /// and the last a letter or a number. + /// + [Input("name", required: true)] + public Input Name { get; set; } = null!; + + /// + /// The reference to the service that runs the extension. Must be a reference to a backend service + /// + [Input("service", required: true)] + public Input Service { get; set; } = null!; + + /// + /// Specifies the timeout for each individual message on the stream. The timeout must be between 10-1000 milliseconds. + /// A duration in seconds with up to nine fractional digits, ending with 's'. Example: "3.5s". + /// + [Input("timeout")] + public Input? Timeout { get; set; } + + public LbRouteExtensionExtensionChainExtensionArgs() + { + } + public static new LbRouteExtensionExtensionChainExtensionArgs Empty => new LbRouteExtensionExtensionChainExtensionArgs(); + } +} diff --git a/sdk/dotnet/NetworkServices/Inputs/LbRouteExtensionExtensionChainExtensionGetArgs.cs b/sdk/dotnet/NetworkServices/Inputs/LbRouteExtensionExtensionChainExtensionGetArgs.cs new file mode 100644 index 0000000000..4a4d832231 --- /dev/null +++ b/sdk/dotnet/NetworkServices/Inputs/LbRouteExtensionExtensionChainExtensionGetArgs.cs @@ -0,0 +1,74 @@ +// *** WARNING: this file was generated by the Pulumi Terraform Bridge (tfgen) Tool. *** +// *** Do not edit by hand unless you're certain you know what you are doing! *** + +using System; +using System.Collections.Generic; +using System.Collections.Immutable; +using System.Threading.Tasks; +using Pulumi.Serialization; + +namespace Pulumi.Gcp.NetworkServices.Inputs +{ + + public sealed class LbRouteExtensionExtensionChainExtensionGetArgs : global::Pulumi.ResourceArgs + { + /// + /// The :authority header in the gRPC request sent from Envoy to the extension service. + /// + [Input("authority")] + public Input? Authority { get; set; } + + /// + /// Determines how the proxy behaves if the call to the extension fails or times out. + /// When set to TRUE, request or response processing continues without error. + /// Any subsequent extensions in the extension chain are also executed. + /// When set to FALSE: * If response headers have not been delivered to the downstream client, + /// a generic 500 error is returned to the client. The error response can be tailored by + /// configuring a custom error response in the load balancer. + /// + [Input("failOpen")] + public Input? FailOpen { get; set; } + + [Input("forwardHeaders")] + private InputList? _forwardHeaders; + + /// + /// List of the HTTP headers to forward to the extension (from the client or backend). + /// If omitted, all headers are sent. Each element is a string indicating the header name. + /// + /// - - - + /// + public InputList ForwardHeaders + { + get => _forwardHeaders ?? (_forwardHeaders = new InputList()); + set => _forwardHeaders = value; + } + + /// + /// The name for this extension. The name is logged as part of the HTTP request logs. + /// The name must conform with RFC-1034, is restricted to lower-cased letters, numbers and hyphens, + /// and can have a maximum length of 63 characters. Additionally, the first character must be a letter + /// and the last a letter or a number. + /// + [Input("name", required: true)] + public Input Name { get; set; } = null!; + + /// + /// The reference to the service that runs the extension. Must be a reference to a backend service + /// + [Input("service", required: true)] + public Input Service { get; set; } = null!; + + /// + /// Specifies the timeout for each individual message on the stream. The timeout must be between 10-1000 milliseconds. + /// A duration in seconds with up to nine fractional digits, ending with 's'. Example: "3.5s". + /// + [Input("timeout")] + public Input? Timeout { get; set; } + + public LbRouteExtensionExtensionChainExtensionGetArgs() + { + } + public static new LbRouteExtensionExtensionChainExtensionGetArgs Empty => new LbRouteExtensionExtensionChainExtensionGetArgs(); + } +} diff --git a/sdk/dotnet/NetworkServices/Inputs/LbRouteExtensionExtensionChainGetArgs.cs b/sdk/dotnet/NetworkServices/Inputs/LbRouteExtensionExtensionChainGetArgs.cs new file mode 100644 index 0000000000..ff25dae859 --- /dev/null +++ b/sdk/dotnet/NetworkServices/Inputs/LbRouteExtensionExtensionChainGetArgs.cs @@ -0,0 +1,51 @@ +// *** WARNING: this file was generated by the Pulumi Terraform Bridge (tfgen) Tool. *** +// *** Do not edit by hand unless you're certain you know what you are doing! *** + +using System; +using System.Collections.Generic; +using System.Collections.Immutable; +using System.Threading.Tasks; +using Pulumi.Serialization; + +namespace Pulumi.Gcp.NetworkServices.Inputs +{ + + public sealed class LbRouteExtensionExtensionChainGetArgs : global::Pulumi.ResourceArgs + { + [Input("extensions", required: true)] + private InputList? _extensions; + + /// + /// A set of extensions to execute for the matching request. + /// At least one extension is required. Up to 3 extensions can be defined for each extension chain for + /// LbTrafficExtension resource. LbRouteExtension chains are limited to 1 extension per extension chain. + /// Structure is documented below. + /// + public InputList Extensions + { + get => _extensions ?? (_extensions = new InputList()); + set => _extensions = value; + } + + /// + /// Conditions under which this chain is invoked for a request. + /// Structure is documented below. + /// + [Input("matchCondition", required: true)] + public Input MatchCondition { get; set; } = null!; + + /// + /// The name for this extension chain. The name is logged as part of the HTTP request logs. + /// The name must conform with RFC-1034, is restricted to lower-cased letters, numbers and hyphens, + /// and can have a maximum length of 63 characters. Additionally, the first character must be a letter + /// and the last character must be a letter or a number. + /// + [Input("name", required: true)] + public Input Name { get; set; } = null!; + + public LbRouteExtensionExtensionChainGetArgs() + { + } + public static new LbRouteExtensionExtensionChainGetArgs Empty => new LbRouteExtensionExtensionChainGetArgs(); + } +} diff --git a/sdk/dotnet/NetworkServices/Inputs/LbRouteExtensionExtensionChainMatchConditionArgs.cs b/sdk/dotnet/NetworkServices/Inputs/LbRouteExtensionExtensionChainMatchConditionArgs.cs new file mode 100644 index 0000000000..819af44f83 --- /dev/null +++ b/sdk/dotnet/NetworkServices/Inputs/LbRouteExtensionExtensionChainMatchConditionArgs.cs @@ -0,0 +1,26 @@ +// *** WARNING: this file was generated by the Pulumi Terraform Bridge (tfgen) Tool. *** +// *** Do not edit by hand unless you're certain you know what you are doing! *** + +using System; +using System.Collections.Generic; +using System.Collections.Immutable; +using System.Threading.Tasks; +using Pulumi.Serialization; + +namespace Pulumi.Gcp.NetworkServices.Inputs +{ + + public sealed class LbRouteExtensionExtensionChainMatchConditionArgs : global::Pulumi.ResourceArgs + { + /// + /// A Common Expression Language (CEL) expression that is used to match requests for which the extension chain is executed. + /// + [Input("celExpression", required: true)] + public Input CelExpression { get; set; } = null!; + + public LbRouteExtensionExtensionChainMatchConditionArgs() + { + } + public static new LbRouteExtensionExtensionChainMatchConditionArgs Empty => new LbRouteExtensionExtensionChainMatchConditionArgs(); + } +} diff --git a/sdk/dotnet/NetworkServices/Inputs/LbRouteExtensionExtensionChainMatchConditionGetArgs.cs b/sdk/dotnet/NetworkServices/Inputs/LbRouteExtensionExtensionChainMatchConditionGetArgs.cs new file mode 100644 index 0000000000..cfaa9cebb4 --- /dev/null +++ b/sdk/dotnet/NetworkServices/Inputs/LbRouteExtensionExtensionChainMatchConditionGetArgs.cs @@ -0,0 +1,26 @@ +// *** WARNING: this file was generated by the Pulumi Terraform Bridge (tfgen) Tool. *** +// *** Do not edit by hand unless you're certain you know what you are doing! *** + +using System; +using System.Collections.Generic; +using System.Collections.Immutable; +using System.Threading.Tasks; +using Pulumi.Serialization; + +namespace Pulumi.Gcp.NetworkServices.Inputs +{ + + public sealed class LbRouteExtensionExtensionChainMatchConditionGetArgs : global::Pulumi.ResourceArgs + { + /// + /// A Common Expression Language (CEL) expression that is used to match requests for which the extension chain is executed. + /// + [Input("celExpression", required: true)] + public Input CelExpression { get; set; } = null!; + + public LbRouteExtensionExtensionChainMatchConditionGetArgs() + { + } + public static new LbRouteExtensionExtensionChainMatchConditionGetArgs Empty => new LbRouteExtensionExtensionChainMatchConditionGetArgs(); + } +} diff --git a/sdk/dotnet/NetworkServices/Inputs/LbTrafficExtensionExtensionChainExtensionArgs.cs b/sdk/dotnet/NetworkServices/Inputs/LbTrafficExtensionExtensionChainExtensionArgs.cs index 003c902424..ff03e3138c 100644 --- a/sdk/dotnet/NetworkServices/Inputs/LbTrafficExtensionExtensionChainExtensionArgs.cs +++ b/sdk/dotnet/NetworkServices/Inputs/LbTrafficExtensionExtensionChainExtensionArgs.cs @@ -15,8 +15,8 @@ public sealed class LbTrafficExtensionExtensionChainExtensionArgs : global::Pulu /// /// The :authority header in the gRPC request sent from Envoy to the extension service. /// - [Input("authority", required: true)] - public Input Authority { get; set; } = null!; + [Input("authority")] + public Input? Authority { get; set; } /// /// Determines how the proxy behaves if the call to the extension fails or times out. @@ -78,8 +78,8 @@ public InputList SupportedEvents /// Specifies the timeout for each individual message on the stream. The timeout must be between 10-1000 milliseconds. /// A duration in seconds with up to nine fractional digits, ending with 's'. Example: "3.5s". /// - [Input("timeout", required: true)] - public Input Timeout { get; set; } = null!; + [Input("timeout")] + public Input? Timeout { get; set; } public LbTrafficExtensionExtensionChainExtensionArgs() { diff --git a/sdk/dotnet/NetworkServices/Inputs/LbTrafficExtensionExtensionChainExtensionGetArgs.cs b/sdk/dotnet/NetworkServices/Inputs/LbTrafficExtensionExtensionChainExtensionGetArgs.cs index fcf828ee73..1ddba60a1c 100644 --- a/sdk/dotnet/NetworkServices/Inputs/LbTrafficExtensionExtensionChainExtensionGetArgs.cs +++ b/sdk/dotnet/NetworkServices/Inputs/LbTrafficExtensionExtensionChainExtensionGetArgs.cs @@ -15,8 +15,8 @@ public sealed class LbTrafficExtensionExtensionChainExtensionGetArgs : global::P /// /// The :authority header in the gRPC request sent from Envoy to the extension service. /// - [Input("authority", required: true)] - public Input Authority { get; set; } = null!; + [Input("authority")] + public Input? Authority { get; set; } /// /// Determines how the proxy behaves if the call to the extension fails or times out. @@ -78,8 +78,8 @@ public InputList SupportedEvents /// Specifies the timeout for each individual message on the stream. The timeout must be between 10-1000 milliseconds. /// A duration in seconds with up to nine fractional digits, ending with 's'. Example: "3.5s". /// - [Input("timeout", required: true)] - public Input Timeout { get; set; } = null!; + [Input("timeout")] + public Input? Timeout { get; set; } public LbTrafficExtensionExtensionChainExtensionGetArgs() { diff --git a/sdk/dotnet/NetworkServices/LbRouteExtension.cs b/sdk/dotnet/NetworkServices/LbRouteExtension.cs new file mode 100644 index 0000000000..11671b14f6 --- /dev/null +++ b/sdk/dotnet/NetworkServices/LbRouteExtension.cs @@ -0,0 +1,361 @@ +// *** WARNING: this file was generated by the Pulumi Terraform Bridge (tfgen) Tool. *** +// *** Do not edit by hand unless you're certain you know what you are doing! *** + +using System; +using System.Collections.Generic; +using System.Collections.Immutable; +using System.Threading.Tasks; +using Pulumi.Serialization; + +namespace Pulumi.Gcp.NetworkServices +{ + /// + /// LbRouteExtension is a resource that lets you control where traffic is routed to for a given request. + /// + /// To get more information about LbRouteExtension, see: + /// + /// * [API documentation](https://cloud.google.com/service-extensions/docs/reference/rest/v1beta1/projects.locations.lbRouteExtensions) + /// * How-to Guides + /// * [Configure a route extension](https://cloud.google.com/service-extensions/docs/configure-callout#configure_a_route_extension) + /// + /// ## Example Usage + /// + /// ## Import + /// + /// LbRouteExtension can be imported using any of these accepted formats: + /// + /// * `projects/{{project}}/locations/{{location}}/lbRouteExtensions/{{name}}` + /// + /// * `{{project}}/{{location}}/{{name}}` + /// + /// * `{{location}}/{{name}}` + /// + /// When using the `pulumi import` command, LbRouteExtension can be imported using one of the formats above. For example: + /// + /// ```sh + /// $ pulumi import gcp:networkservices/lbRouteExtension:LbRouteExtension default projects/{{project}}/locations/{{location}}/lbRouteExtensions/{{name}} + /// ``` + /// + /// ```sh + /// $ pulumi import gcp:networkservices/lbRouteExtension:LbRouteExtension default {{project}}/{{location}}/{{name}} + /// ``` + /// + /// ```sh + /// $ pulumi import gcp:networkservices/lbRouteExtension:LbRouteExtension default {{location}}/{{name}} + /// ``` + /// + [GcpResourceType("gcp:networkservices/lbRouteExtension:LbRouteExtension")] + public partial class LbRouteExtension : global::Pulumi.CustomResource + { + /// + /// A human-readable description of the resource. + /// + [Output("description")] + public Output Description { get; private set; } = null!; + + /// + /// All of labels (key/value pairs) present on the resource in GCP, including the labels configured through Pulumi, other clients and services. + /// + [Output("effectiveLabels")] + public Output> EffectiveLabels { get; private set; } = null!; + + /// + /// A set of ordered extension chains that contain the match conditions and extensions to execute. + /// Match conditions for each extension chain are evaluated in sequence for a given request. + /// The first extension chain that has a condition that matches the request is executed. + /// Any subsequent extension chains do not execute. Limited to 5 extension chains per resource. + /// Structure is documented below. + /// + [Output("extensionChains")] + public Output> ExtensionChains { get; private set; } = null!; + + /// + /// A list of references to the forwarding rules to which this service extension is attached to. + /// At least one forwarding rule is required. There can be only one LbRouteExtension resource per forwarding rule. + /// + [Output("forwardingRules")] + public Output> ForwardingRules { get; private set; } = null!; + + /// + /// Set of labels associated with the LbRouteExtension resource. **Note**: This field is non-authoritative, and will only + /// manage the labels present in your configuration. Please refer to the field 'effective_labels' for all of the labels + /// present on the resource. + /// + [Output("labels")] + public Output?> Labels { get; private set; } = null!; + + /// + /// All backend services and forwarding rules referenced by this extension must share the same load balancing scheme. + /// For more information, refer to [Choosing a load balancer](https://cloud.google.com/load-balancing/docs/backend-service) and + /// [Supported application load balancers](https://cloud.google.com/service-extensions/docs/callouts-overview#supported-lbs). + /// Possible values are: `INTERNAL_MANAGED`, `EXTERNAL_MANAGED`. + /// + [Output("loadBalancingScheme")] + public Output LoadBalancingScheme { get; private set; } = null!; + + /// + /// The location of the route extension + /// + [Output("location")] + public Output Location { get; private set; } = null!; + + /// + /// Name of the LbRouteExtension resource in the following format: projects/{project}/locations/{location}/lbRouteExtensions/{lbRouteExtension} + /// + [Output("name")] + public Output Name { get; private set; } = null!; + + [Output("project")] + public Output Project { get; private set; } = null!; + + /// + /// The combination of labels configured directly on the resource + /// and default labels configured on the provider. + /// + [Output("pulumiLabels")] + public Output> PulumiLabels { get; private set; } = null!; + + + /// + /// Create a LbRouteExtension resource with the given unique name, arguments, and options. + /// + /// + /// The unique name of the resource + /// The arguments used to populate this resource's properties + /// A bag of options that control this resource's behavior + public LbRouteExtension(string name, LbRouteExtensionArgs args, CustomResourceOptions? options = null) + : base("gcp:networkservices/lbRouteExtension:LbRouteExtension", name, args ?? new LbRouteExtensionArgs(), MakeResourceOptions(options, "")) + { + } + + private LbRouteExtension(string name, Input id, LbRouteExtensionState? state = null, CustomResourceOptions? options = null) + : base("gcp:networkservices/lbRouteExtension:LbRouteExtension", name, state, MakeResourceOptions(options, id)) + { + } + + private static CustomResourceOptions MakeResourceOptions(CustomResourceOptions? options, Input? id) + { + var defaultOptions = new CustomResourceOptions + { + Version = Utilities.Version, + AdditionalSecretOutputs = + { + "effectiveLabels", + "pulumiLabels", + }, + }; + var merged = CustomResourceOptions.Merge(defaultOptions, options); + // Override the ID if one was specified for consistency with other language SDKs. + merged.Id = id ?? merged.Id; + return merged; + } + /// + /// Get an existing LbRouteExtension resource's state with the given name, ID, and optional extra + /// properties used to qualify the lookup. + /// + /// + /// The unique name of the resulting resource. + /// The unique provider ID of the resource to lookup. + /// Any extra arguments used during the lookup. + /// A bag of options that control this resource's behavior + public static LbRouteExtension Get(string name, Input id, LbRouteExtensionState? state = null, CustomResourceOptions? options = null) + { + return new LbRouteExtension(name, id, state, options); + } + } + + public sealed class LbRouteExtensionArgs : global::Pulumi.ResourceArgs + { + /// + /// A human-readable description of the resource. + /// + [Input("description")] + public Input? Description { get; set; } + + [Input("extensionChains", required: true)] + private InputList? _extensionChains; + + /// + /// A set of ordered extension chains that contain the match conditions and extensions to execute. + /// Match conditions for each extension chain are evaluated in sequence for a given request. + /// The first extension chain that has a condition that matches the request is executed. + /// Any subsequent extension chains do not execute. Limited to 5 extension chains per resource. + /// Structure is documented below. + /// + public InputList ExtensionChains + { + get => _extensionChains ?? (_extensionChains = new InputList()); + set => _extensionChains = value; + } + + [Input("forwardingRules", required: true)] + private InputList? _forwardingRules; + + /// + /// A list of references to the forwarding rules to which this service extension is attached to. + /// At least one forwarding rule is required. There can be only one LbRouteExtension resource per forwarding rule. + /// + public InputList ForwardingRules + { + get => _forwardingRules ?? (_forwardingRules = new InputList()); + set => _forwardingRules = value; + } + + [Input("labels")] + private InputMap? _labels; + + /// + /// Set of labels associated with the LbRouteExtension resource. **Note**: This field is non-authoritative, and will only + /// manage the labels present in your configuration. Please refer to the field 'effective_labels' for all of the labels + /// present on the resource. + /// + public InputMap Labels + { + get => _labels ?? (_labels = new InputMap()); + set => _labels = value; + } + + /// + /// All backend services and forwarding rules referenced by this extension must share the same load balancing scheme. + /// For more information, refer to [Choosing a load balancer](https://cloud.google.com/load-balancing/docs/backend-service) and + /// [Supported application load balancers](https://cloud.google.com/service-extensions/docs/callouts-overview#supported-lbs). + /// Possible values are: `INTERNAL_MANAGED`, `EXTERNAL_MANAGED`. + /// + [Input("loadBalancingScheme", required: true)] + public Input LoadBalancingScheme { get; set; } = null!; + + /// + /// The location of the route extension + /// + [Input("location", required: true)] + public Input Location { get; set; } = null!; + + /// + /// Name of the LbRouteExtension resource in the following format: projects/{project}/locations/{location}/lbRouteExtensions/{lbRouteExtension} + /// + [Input("name")] + public Input? Name { get; set; } + + [Input("project")] + public Input? Project { get; set; } + + public LbRouteExtensionArgs() + { + } + public static new LbRouteExtensionArgs Empty => new LbRouteExtensionArgs(); + } + + public sealed class LbRouteExtensionState : global::Pulumi.ResourceArgs + { + /// + /// A human-readable description of the resource. + /// + [Input("description")] + public Input? Description { get; set; } + + [Input("effectiveLabels")] + private InputMap? _effectiveLabels; + + /// + /// All of labels (key/value pairs) present on the resource in GCP, including the labels configured through Pulumi, other clients and services. + /// + public InputMap EffectiveLabels + { + get => _effectiveLabels ?? (_effectiveLabels = new InputMap()); + set + { + var emptySecret = Output.CreateSecret(ImmutableDictionary.Create()); + _effectiveLabels = Output.All(value, emptySecret).Apply(v => v[0]); + } + } + + [Input("extensionChains")] + private InputList? _extensionChains; + + /// + /// A set of ordered extension chains that contain the match conditions and extensions to execute. + /// Match conditions for each extension chain are evaluated in sequence for a given request. + /// The first extension chain that has a condition that matches the request is executed. + /// Any subsequent extension chains do not execute. Limited to 5 extension chains per resource. + /// Structure is documented below. + /// + public InputList ExtensionChains + { + get => _extensionChains ?? (_extensionChains = new InputList()); + set => _extensionChains = value; + } + + [Input("forwardingRules")] + private InputList? _forwardingRules; + + /// + /// A list of references to the forwarding rules to which this service extension is attached to. + /// At least one forwarding rule is required. There can be only one LbRouteExtension resource per forwarding rule. + /// + public InputList ForwardingRules + { + get => _forwardingRules ?? (_forwardingRules = new InputList()); + set => _forwardingRules = value; + } + + [Input("labels")] + private InputMap? _labels; + + /// + /// Set of labels associated with the LbRouteExtension resource. **Note**: This field is non-authoritative, and will only + /// manage the labels present in your configuration. Please refer to the field 'effective_labels' for all of the labels + /// present on the resource. + /// + public InputMap Labels + { + get => _labels ?? (_labels = new InputMap()); + set => _labels = value; + } + + /// + /// All backend services and forwarding rules referenced by this extension must share the same load balancing scheme. + /// For more information, refer to [Choosing a load balancer](https://cloud.google.com/load-balancing/docs/backend-service) and + /// [Supported application load balancers](https://cloud.google.com/service-extensions/docs/callouts-overview#supported-lbs). + /// Possible values are: `INTERNAL_MANAGED`, `EXTERNAL_MANAGED`. + /// + [Input("loadBalancingScheme")] + public Input? LoadBalancingScheme { get; set; } + + /// + /// The location of the route extension + /// + [Input("location")] + public Input? Location { get; set; } + + /// + /// Name of the LbRouteExtension resource in the following format: projects/{project}/locations/{location}/lbRouteExtensions/{lbRouteExtension} + /// + [Input("name")] + public Input? Name { get; set; } + + [Input("project")] + public Input? Project { get; set; } + + [Input("pulumiLabels")] + private InputMap? _pulumiLabels; + + /// + /// The combination of labels configured directly on the resource + /// and default labels configured on the provider. + /// + public InputMap PulumiLabels + { + get => _pulumiLabels ?? (_pulumiLabels = new InputMap()); + set + { + var emptySecret = Output.CreateSecret(ImmutableDictionary.Create()); + _pulumiLabels = Output.All(value, emptySecret).Apply(v => v[0]); + } + } + + public LbRouteExtensionState() + { + } + public static new LbRouteExtensionState Empty => new LbRouteExtensionState(); + } +} diff --git a/sdk/dotnet/NetworkServices/LbTrafficExtension.cs b/sdk/dotnet/NetworkServices/LbTrafficExtension.cs index 9b7583ea6e..79cf635c94 100644 --- a/sdk/dotnet/NetworkServices/LbTrafficExtension.cs +++ b/sdk/dotnet/NetworkServices/LbTrafficExtension.cs @@ -86,8 +86,10 @@ public partial class LbTrafficExtension : global::Pulumi.CustomResource /// /// All backend services and forwarding rules referenced by this extension must share the same load balancing scheme. For - /// more information, refer to Choosing a load balancer. Possible values: ["LOAD_BALANCING_SCHEME_UNSPECIFIED", - /// "INTERNAL_MANAGED", "EXTERNAL_MANAGED"] + /// more information, refer to [Choosing a load balancer](https://cloud.google.com/load-balancing/docs/backend-service) and + /// [Supported application load + /// balancers](https://cloud.google.com/service-extensions/docs/callouts-overview#supported-lbs). Possible values: + /// ["INTERNAL_MANAGED", "EXTERNAL_MANAGED"] /// [Output("loadBalancingScheme")] public Output LoadBalancingScheme { get; private set; } = null!; @@ -216,8 +218,10 @@ public InputMap Labels /// /// All backend services and forwarding rules referenced by this extension must share the same load balancing scheme. For - /// more information, refer to Choosing a load balancer. Possible values: ["LOAD_BALANCING_SCHEME_UNSPECIFIED", - /// "INTERNAL_MANAGED", "EXTERNAL_MANAGED"] + /// more information, refer to [Choosing a load balancer](https://cloud.google.com/load-balancing/docs/backend-service) and + /// [Supported application load + /// balancers](https://cloud.google.com/service-extensions/docs/callouts-overview#supported-lbs). Possible values: + /// ["INTERNAL_MANAGED", "EXTERNAL_MANAGED"] /// [Input("loadBalancingScheme")] public Input? LoadBalancingScheme { get; set; } @@ -312,8 +316,10 @@ public InputMap Labels /// /// All backend services and forwarding rules referenced by this extension must share the same load balancing scheme. For - /// more information, refer to Choosing a load balancer. Possible values: ["LOAD_BALANCING_SCHEME_UNSPECIFIED", - /// "INTERNAL_MANAGED", "EXTERNAL_MANAGED"] + /// more information, refer to [Choosing a load balancer](https://cloud.google.com/load-balancing/docs/backend-service) and + /// [Supported application load + /// balancers](https://cloud.google.com/service-extensions/docs/callouts-overview#supported-lbs). Possible values: + /// ["INTERNAL_MANAGED", "EXTERNAL_MANAGED"] /// [Input("loadBalancingScheme")] public Input? LoadBalancingScheme { get; set; } diff --git a/sdk/dotnet/NetworkServices/Outputs/LbRouteExtensionExtensionChain.cs b/sdk/dotnet/NetworkServices/Outputs/LbRouteExtensionExtensionChain.cs new file mode 100644 index 0000000000..0582360879 --- /dev/null +++ b/sdk/dotnet/NetworkServices/Outputs/LbRouteExtensionExtensionChain.cs @@ -0,0 +1,49 @@ +// *** WARNING: this file was generated by the Pulumi Terraform Bridge (tfgen) Tool. *** +// *** Do not edit by hand unless you're certain you know what you are doing! *** + +using System; +using System.Collections.Generic; +using System.Collections.Immutable; +using System.Threading.Tasks; +using Pulumi.Serialization; + +namespace Pulumi.Gcp.NetworkServices.Outputs +{ + + [OutputType] + public sealed class LbRouteExtensionExtensionChain + { + /// + /// A set of extensions to execute for the matching request. + /// At least one extension is required. Up to 3 extensions can be defined for each extension chain for + /// LbTrafficExtension resource. LbRouteExtension chains are limited to 1 extension per extension chain. + /// Structure is documented below. + /// + public readonly ImmutableArray Extensions; + /// + /// Conditions under which this chain is invoked for a request. + /// Structure is documented below. + /// + public readonly Outputs.LbRouteExtensionExtensionChainMatchCondition MatchCondition; + /// + /// The name for this extension chain. The name is logged as part of the HTTP request logs. + /// The name must conform with RFC-1034, is restricted to lower-cased letters, numbers and hyphens, + /// and can have a maximum length of 63 characters. Additionally, the first character must be a letter + /// and the last character must be a letter or a number. + /// + public readonly string Name; + + [OutputConstructor] + private LbRouteExtensionExtensionChain( + ImmutableArray extensions, + + Outputs.LbRouteExtensionExtensionChainMatchCondition matchCondition, + + string name) + { + Extensions = extensions; + MatchCondition = matchCondition; + Name = name; + } + } +} diff --git a/sdk/dotnet/NetworkServices/Outputs/LbRouteExtensionExtensionChainExtension.cs b/sdk/dotnet/NetworkServices/Outputs/LbRouteExtensionExtensionChainExtension.cs new file mode 100644 index 0000000000..ecedcf79e3 --- /dev/null +++ b/sdk/dotnet/NetworkServices/Outputs/LbRouteExtensionExtensionChainExtension.cs @@ -0,0 +1,75 @@ +// *** WARNING: this file was generated by the Pulumi Terraform Bridge (tfgen) Tool. *** +// *** Do not edit by hand unless you're certain you know what you are doing! *** + +using System; +using System.Collections.Generic; +using System.Collections.Immutable; +using System.Threading.Tasks; +using Pulumi.Serialization; + +namespace Pulumi.Gcp.NetworkServices.Outputs +{ + + [OutputType] + public sealed class LbRouteExtensionExtensionChainExtension + { + /// + /// The :authority header in the gRPC request sent from Envoy to the extension service. + /// + public readonly string? Authority; + /// + /// Determines how the proxy behaves if the call to the extension fails or times out. + /// When set to TRUE, request or response processing continues without error. + /// Any subsequent extensions in the extension chain are also executed. + /// When set to FALSE: * If response headers have not been delivered to the downstream client, + /// a generic 500 error is returned to the client. The error response can be tailored by + /// configuring a custom error response in the load balancer. + /// + public readonly bool? FailOpen; + /// + /// List of the HTTP headers to forward to the extension (from the client or backend). + /// If omitted, all headers are sent. Each element is a string indicating the header name. + /// + /// - - - + /// + public readonly ImmutableArray ForwardHeaders; + /// + /// The name for this extension. The name is logged as part of the HTTP request logs. + /// The name must conform with RFC-1034, is restricted to lower-cased letters, numbers and hyphens, + /// and can have a maximum length of 63 characters. Additionally, the first character must be a letter + /// and the last a letter or a number. + /// + public readonly string Name; + /// + /// The reference to the service that runs the extension. Must be a reference to a backend service + /// + public readonly string Service; + /// + /// Specifies the timeout for each individual message on the stream. The timeout must be between 10-1000 milliseconds. + /// A duration in seconds with up to nine fractional digits, ending with 's'. Example: "3.5s". + /// + public readonly string? Timeout; + + [OutputConstructor] + private LbRouteExtensionExtensionChainExtension( + string? authority, + + bool? failOpen, + + ImmutableArray forwardHeaders, + + string name, + + string service, + + string? timeout) + { + Authority = authority; + FailOpen = failOpen; + ForwardHeaders = forwardHeaders; + Name = name; + Service = service; + Timeout = timeout; + } + } +} diff --git a/sdk/dotnet/NetworkServices/Outputs/LbRouteExtensionExtensionChainMatchCondition.cs b/sdk/dotnet/NetworkServices/Outputs/LbRouteExtensionExtensionChainMatchCondition.cs new file mode 100644 index 0000000000..82bb4649d9 --- /dev/null +++ b/sdk/dotnet/NetworkServices/Outputs/LbRouteExtensionExtensionChainMatchCondition.cs @@ -0,0 +1,27 @@ +// *** WARNING: this file was generated by the Pulumi Terraform Bridge (tfgen) Tool. *** +// *** Do not edit by hand unless you're certain you know what you are doing! *** + +using System; +using System.Collections.Generic; +using System.Collections.Immutable; +using System.Threading.Tasks; +using Pulumi.Serialization; + +namespace Pulumi.Gcp.NetworkServices.Outputs +{ + + [OutputType] + public sealed class LbRouteExtensionExtensionChainMatchCondition + { + /// + /// A Common Expression Language (CEL) expression that is used to match requests for which the extension chain is executed. + /// + public readonly string CelExpression; + + [OutputConstructor] + private LbRouteExtensionExtensionChainMatchCondition(string celExpression) + { + CelExpression = celExpression; + } + } +} diff --git a/sdk/dotnet/NetworkServices/Outputs/LbTrafficExtensionExtensionChainExtension.cs b/sdk/dotnet/NetworkServices/Outputs/LbTrafficExtensionExtensionChainExtension.cs index 940c72cd4e..292ffeac82 100644 --- a/sdk/dotnet/NetworkServices/Outputs/LbTrafficExtensionExtensionChainExtension.cs +++ b/sdk/dotnet/NetworkServices/Outputs/LbTrafficExtensionExtensionChainExtension.cs @@ -16,7 +16,7 @@ public sealed class LbTrafficExtensionExtensionChainExtension /// /// The :authority header in the gRPC request sent from Envoy to the extension service. /// - public readonly string Authority; + public readonly string? Authority; /// /// Determines how the proxy behaves if the call to the extension fails or times out. /// When set to TRUE, request or response processing continues without error. @@ -55,11 +55,11 @@ public sealed class LbTrafficExtensionExtensionChainExtension /// Specifies the timeout for each individual message on the stream. The timeout must be between 10-1000 milliseconds. /// A duration in seconds with up to nine fractional digits, ending with 's'. Example: "3.5s". /// - public readonly string Timeout; + public readonly string? Timeout; [OutputConstructor] private LbTrafficExtensionExtensionChainExtension( - string authority, + string? authority, bool? failOpen, @@ -71,7 +71,7 @@ private LbTrafficExtensionExtensionChainExtension( ImmutableArray supportedEvents, - string timeout) + string? timeout) { Authority = authority; FailOpen = failOpen; diff --git a/sdk/dotnet/OrgPolicy/Policy.cs b/sdk/dotnet/OrgPolicy/Policy.cs index 1ac1b181b1..0aa222ab8f 100644 --- a/sdk/dotnet/OrgPolicy/Policy.cs +++ b/sdk/dotnet/OrgPolicy/Policy.cs @@ -177,7 +177,7 @@ namespace Pulumi.Gcp.OrgPolicy /// { /// var constraint = new Gcp.OrgPolicy.CustomConstraint("constraint", new() /// { - /// Name = "custom.disableGkeAutoUpgrade_87786", + /// Name = "custom.disableGkeAutoUpgrade_2067", /// Parent = "organizations/123456789", /// DisplayName = "Disable GKE auto upgrade", /// Description = "Only allow GKE NodePool resource to be created or updated if AutoUpgrade is not enabled where this custom constraint is enforced.", diff --git a/sdk/dotnet/PubSub/Inputs/SubscriptionCloudStorageConfigArgs.cs b/sdk/dotnet/PubSub/Inputs/SubscriptionCloudStorageConfigArgs.cs index 1cfd9038db..ad01844aa8 100644 --- a/sdk/dotnet/PubSub/Inputs/SubscriptionCloudStorageConfigArgs.cs +++ b/sdk/dotnet/PubSub/Inputs/SubscriptionCloudStorageConfigArgs.cs @@ -25,6 +25,12 @@ public sealed class SubscriptionCloudStorageConfigArgs : global::Pulumi.Resource [Input("bucket", required: true)] public Input Bucket { get; set; } = null!; + /// + /// User-provided format string specifying how to represent datetimes in Cloud Storage filenames. + /// + [Input("filenameDatetimeFormat")] + public Input? FilenameDatetimeFormat { get; set; } + /// /// User-provided prefix for Cloud Storage filename. /// diff --git a/sdk/dotnet/PubSub/Inputs/SubscriptionCloudStorageConfigGetArgs.cs b/sdk/dotnet/PubSub/Inputs/SubscriptionCloudStorageConfigGetArgs.cs index 4a4bbf6638..2948cd95d8 100644 --- a/sdk/dotnet/PubSub/Inputs/SubscriptionCloudStorageConfigGetArgs.cs +++ b/sdk/dotnet/PubSub/Inputs/SubscriptionCloudStorageConfigGetArgs.cs @@ -25,6 +25,12 @@ public sealed class SubscriptionCloudStorageConfigGetArgs : global::Pulumi.Resou [Input("bucket", required: true)] public Input Bucket { get; set; } = null!; + /// + /// User-provided format string specifying how to represent datetimes in Cloud Storage filenames. + /// + [Input("filenameDatetimeFormat")] + public Input? FilenameDatetimeFormat { get; set; } + /// /// User-provided prefix for Cloud Storage filename. /// diff --git a/sdk/dotnet/PubSub/Outputs/GetSubscriptionCloudStorageConfigResult.cs b/sdk/dotnet/PubSub/Outputs/GetSubscriptionCloudStorageConfigResult.cs index 367760b516..389dbe34fa 100644 --- a/sdk/dotnet/PubSub/Outputs/GetSubscriptionCloudStorageConfigResult.cs +++ b/sdk/dotnet/PubSub/Outputs/GetSubscriptionCloudStorageConfigResult.cs @@ -22,6 +22,10 @@ public sealed class GetSubscriptionCloudStorageConfigResult /// public readonly string Bucket; /// + /// User-provided format string specifying how to represent datetimes in Cloud Storage filenames. + /// + public readonly string FilenameDatetimeFormat; + /// /// User-provided prefix for Cloud Storage filename. /// public readonly string FilenamePrefix; @@ -51,6 +55,8 @@ private GetSubscriptionCloudStorageConfigResult( string bucket, + string filenameDatetimeFormat, + string filenamePrefix, string filenameSuffix, @@ -63,6 +69,7 @@ private GetSubscriptionCloudStorageConfigResult( { AvroConfigs = avroConfigs; Bucket = bucket; + FilenameDatetimeFormat = filenameDatetimeFormat; FilenamePrefix = filenamePrefix; FilenameSuffix = filenameSuffix; MaxBytes = maxBytes; diff --git a/sdk/dotnet/PubSub/Outputs/SubscriptionCloudStorageConfig.cs b/sdk/dotnet/PubSub/Outputs/SubscriptionCloudStorageConfig.cs index b9be55d109..26fbfdbf5c 100644 --- a/sdk/dotnet/PubSub/Outputs/SubscriptionCloudStorageConfig.cs +++ b/sdk/dotnet/PubSub/Outputs/SubscriptionCloudStorageConfig.cs @@ -23,6 +23,10 @@ public sealed class SubscriptionCloudStorageConfig /// public readonly string Bucket; /// + /// User-provided format string specifying how to represent datetimes in Cloud Storage filenames. + /// + public readonly string? FilenameDatetimeFormat; + /// /// User-provided prefix for Cloud Storage filename. /// public readonly string? FilenamePrefix; @@ -53,6 +57,8 @@ private SubscriptionCloudStorageConfig( string bucket, + string? filenameDatetimeFormat, + string? filenamePrefix, string? filenameSuffix, @@ -65,6 +71,7 @@ private SubscriptionCloudStorageConfig( { AvroConfig = avroConfig; Bucket = bucket; + FilenameDatetimeFormat = filenameDatetimeFormat; FilenamePrefix = filenamePrefix; FilenameSuffix = filenameSuffix; MaxBytes = maxBytes; diff --git a/sdk/dotnet/PubSub/Subscription.cs b/sdk/dotnet/PubSub/Subscription.cs index 6e65c806f0..8041b41052 100644 --- a/sdk/dotnet/PubSub/Subscription.cs +++ b/sdk/dotnet/PubSub/Subscription.cs @@ -326,7 +326,8 @@ namespace Pulumi.Gcp.PubSub /// { /// Bucket = example.Name, /// FilenamePrefix = "pre-", - /// FilenameSuffix = "-_2067", + /// FilenameSuffix = "-_40785", + /// FilenameDatetimeFormat = "YYYY-MM-DD/hh_mm_ssZ", /// MaxBytes = 1000, /// MaxDuration = "300s", /// }, @@ -380,7 +381,8 @@ namespace Pulumi.Gcp.PubSub /// { /// Bucket = example.Name, /// FilenamePrefix = "pre-", - /// FilenameSuffix = "-_40785", + /// FilenameSuffix = "-_79169", + /// FilenameDatetimeFormat = "YYYY-MM-DD/hh_mm_ssZ", /// MaxBytes = 1000, /// MaxDuration = "300s", /// AvroConfig = new Gcp.PubSub.Inputs.SubscriptionCloudStorageConfigAvroConfigArgs diff --git a/sdk/dotnet/Sql/User.cs b/sdk/dotnet/Sql/User.cs index df8000acc0..4727e58e41 100644 --- a/sdk/dotnet/Sql/User.cs +++ b/sdk/dotnet/Sql/User.cs @@ -79,7 +79,7 @@ namespace Pulumi.Gcp.Sql /// { /// new Gcp.Sql.Inputs.DatabaseInstanceSettingsDatabaseFlagArgs /// { - /// Name = "cloudsql.iam_authentication", + /// Name = "cloudsql_iam_authentication", /// Value = "on", /// }, /// }, @@ -134,7 +134,7 @@ namespace Pulumi.Gcp.Sql /// { /// new Gcp.Sql.Inputs.DatabaseInstanceSettingsDatabaseFlagArgs /// { - /// Name = "cloudsql.iam_authentication", + /// Name = "cloudsql_iam_authentication", /// Value = "on", /// }, /// }, diff --git a/sdk/dotnet/Tpu/Inputs/V2VmAcceleratorConfigArgs.cs b/sdk/dotnet/Tpu/Inputs/V2VmAcceleratorConfigArgs.cs index 3c73645855..80ac389156 100644 --- a/sdk/dotnet/Tpu/Inputs/V2VmAcceleratorConfigArgs.cs +++ b/sdk/dotnet/Tpu/Inputs/V2VmAcceleratorConfigArgs.cs @@ -20,7 +20,7 @@ public sealed class V2VmAcceleratorConfigArgs : global::Pulumi.ResourceArgs /// /// Type of TPU. - /// Possible values are: `V2`, `V3`, `V4`. + /// Possible values are: `V2`, `V3`, `V4`, `V5P`. /// [Input("type", required: true)] public Input Type { get; set; } = null!; diff --git a/sdk/dotnet/Tpu/Inputs/V2VmAcceleratorConfigGetArgs.cs b/sdk/dotnet/Tpu/Inputs/V2VmAcceleratorConfigGetArgs.cs index 09773827fc..60e2ae7615 100644 --- a/sdk/dotnet/Tpu/Inputs/V2VmAcceleratorConfigGetArgs.cs +++ b/sdk/dotnet/Tpu/Inputs/V2VmAcceleratorConfigGetArgs.cs @@ -20,7 +20,7 @@ public sealed class V2VmAcceleratorConfigGetArgs : global::Pulumi.ResourceArgs /// /// Type of TPU. - /// Possible values are: `V2`, `V3`, `V4`. + /// Possible values are: `V2`, `V3`, `V4`, `V5P`. /// [Input("type", required: true)] public Input Type { get; set; } = null!; diff --git a/sdk/dotnet/Tpu/Outputs/V2VmAcceleratorConfig.cs b/sdk/dotnet/Tpu/Outputs/V2VmAcceleratorConfig.cs index 952462e80d..1648e062ab 100644 --- a/sdk/dotnet/Tpu/Outputs/V2VmAcceleratorConfig.cs +++ b/sdk/dotnet/Tpu/Outputs/V2VmAcceleratorConfig.cs @@ -19,7 +19,7 @@ public sealed class V2VmAcceleratorConfig public readonly string Topology; /// /// Type of TPU. - /// Possible values are: `V2`, `V3`, `V4`. + /// Possible values are: `V2`, `V3`, `V4`, `V5P`. /// public readonly string Type; diff --git a/sdk/go/gcp/appengine/domainMapping.go b/sdk/go/gcp/appengine/domainMapping.go index 379f2322d6..07a0f18ade 100644 --- a/sdk/go/gcp/appengine/domainMapping.go +++ b/sdk/go/gcp/appengine/domainMapping.go @@ -97,7 +97,7 @@ type DomainMapping struct { ResourceRecords DomainMappingResourceRecordArrayOutput `pulumi:"resourceRecords"` // SSL configuration for this domain. If unconfigured, this domain will not serve with SSL. // Structure is documented below. - SslSettings DomainMappingSslSettingsPtrOutput `pulumi:"sslSettings"` + SslSettings DomainMappingSslSettingsOutput `pulumi:"sslSettings"` } // NewDomainMapping registers a new resource with the given unique name, arguments, and options. @@ -343,8 +343,8 @@ func (o DomainMappingOutput) ResourceRecords() DomainMappingResourceRecordArrayO // SSL configuration for this domain. If unconfigured, this domain will not serve with SSL. // Structure is documented below. -func (o DomainMappingOutput) SslSettings() DomainMappingSslSettingsPtrOutput { - return o.ApplyT(func(v *DomainMapping) DomainMappingSslSettingsPtrOutput { return v.SslSettings }).(DomainMappingSslSettingsPtrOutput) +func (o DomainMappingOutput) SslSettings() DomainMappingSslSettingsOutput { + return o.ApplyT(func(v *DomainMapping) DomainMappingSslSettingsOutput { return v.SslSettings }).(DomainMappingSslSettingsOutput) } type DomainMappingArrayOutput struct{ *pulumi.OutputState } diff --git a/sdk/go/gcp/appengine/pulumiTypes.go b/sdk/go/gcp/appengine/pulumiTypes.go index f1c2379319..51df8304e6 100644 --- a/sdk/go/gcp/appengine/pulumiTypes.go +++ b/sdk/go/gcp/appengine/pulumiTypes.go @@ -4576,6 +4576,9 @@ func (o FlexibleAppVersionManualScalingPtrOutput) Instances() pulumi.IntPtrOutpu type FlexibleAppVersionNetwork struct { // List of ports, or port pairs, to forward from the virtual machine to the application container. ForwardedPorts []string `pulumi:"forwardedPorts"` + // Prevent instances from receiving an ephemeral external IP address. + // Possible values are: `EXTERNAL`, `INTERNAL`. + InstanceIpMode *string `pulumi:"instanceIpMode"` // Tag to apply to the instance during creation. InstanceTag *string `pulumi:"instanceTag"` // Google Compute Engine network where the virtual machines are created. Specify the short name, not the resource path. @@ -4604,6 +4607,9 @@ type FlexibleAppVersionNetworkInput interface { type FlexibleAppVersionNetworkArgs struct { // List of ports, or port pairs, to forward from the virtual machine to the application container. ForwardedPorts pulumi.StringArrayInput `pulumi:"forwardedPorts"` + // Prevent instances from receiving an ephemeral external IP address. + // Possible values are: `EXTERNAL`, `INTERNAL`. + InstanceIpMode pulumi.StringPtrInput `pulumi:"instanceIpMode"` // Tag to apply to the instance during creation. InstanceTag pulumi.StringPtrInput `pulumi:"instanceTag"` // Google Compute Engine network where the virtual machines are created. Specify the short name, not the resource path. @@ -4700,6 +4706,12 @@ func (o FlexibleAppVersionNetworkOutput) ForwardedPorts() pulumi.StringArrayOutp return o.ApplyT(func(v FlexibleAppVersionNetwork) []string { return v.ForwardedPorts }).(pulumi.StringArrayOutput) } +// Prevent instances from receiving an ephemeral external IP address. +// Possible values are: `EXTERNAL`, `INTERNAL`. +func (o FlexibleAppVersionNetworkOutput) InstanceIpMode() pulumi.StringPtrOutput { + return o.ApplyT(func(v FlexibleAppVersionNetwork) *string { return v.InstanceIpMode }).(pulumi.StringPtrOutput) +} + // Tag to apply to the instance during creation. func (o FlexibleAppVersionNetworkOutput) InstanceTag() pulumi.StringPtrOutput { return o.ApplyT(func(v FlexibleAppVersionNetwork) *string { return v.InstanceTag }).(pulumi.StringPtrOutput) @@ -4758,6 +4770,17 @@ func (o FlexibleAppVersionNetworkPtrOutput) ForwardedPorts() pulumi.StringArrayO }).(pulumi.StringArrayOutput) } +// Prevent instances from receiving an ephemeral external IP address. +// Possible values are: `EXTERNAL`, `INTERNAL`. +func (o FlexibleAppVersionNetworkPtrOutput) InstanceIpMode() pulumi.StringPtrOutput { + return o.ApplyT(func(v *FlexibleAppVersionNetwork) *string { + if v == nil { + return nil + } + return v.InstanceIpMode + }).(pulumi.StringPtrOutput) +} + // Tag to apply to the instance during creation. func (o FlexibleAppVersionNetworkPtrOutput) InstanceTag() pulumi.StringPtrOutput { return o.ApplyT(func(v *FlexibleAppVersionNetwork) *string { diff --git a/sdk/go/gcp/bigquery/pulumiTypes.go b/sdk/go/gcp/bigquery/pulumiTypes.go index 261f657143..2d8259cb44 100644 --- a/sdk/go/gcp/bigquery/pulumiTypes.go +++ b/sdk/go/gcp/bigquery/pulumiTypes.go @@ -10970,6 +10970,9 @@ type TableExternalDataConfiguration struct { // Additional options if `sourceFormat` is set to // "AVRO". Structure is documented below. AvroOptions *TableExternalDataConfigurationAvroOptions `pulumi:"avroOptions"` + // Additional properties to set if + // `sourceFormat` is set to "BIGTABLE". Structure is documented below. + BigtableOptions *TableExternalDataConfigurationBigtableOptions `pulumi:"bigtableOptions"` // The compression type of the data source. // Valid values are "NONE" or "GZIP". Compression *string `pulumi:"compression"` @@ -11066,6 +11069,9 @@ type TableExternalDataConfigurationArgs struct { // Additional options if `sourceFormat` is set to // "AVRO". Structure is documented below. AvroOptions TableExternalDataConfigurationAvroOptionsPtrInput `pulumi:"avroOptions"` + // Additional properties to set if + // `sourceFormat` is set to "BIGTABLE". Structure is documented below. + BigtableOptions TableExternalDataConfigurationBigtableOptionsPtrInput `pulumi:"bigtableOptions"` // The compression type of the data source. // Valid values are "NONE" or "GZIP". Compression pulumi.StringPtrInput `pulumi:"compression"` @@ -11235,6 +11241,14 @@ func (o TableExternalDataConfigurationOutput) AvroOptions() TableExternalDataCon }).(TableExternalDataConfigurationAvroOptionsPtrOutput) } +// Additional properties to set if +// `sourceFormat` is set to "BIGTABLE". Structure is documented below. +func (o TableExternalDataConfigurationOutput) BigtableOptions() TableExternalDataConfigurationBigtableOptionsPtrOutput { + return o.ApplyT(func(v TableExternalDataConfiguration) *TableExternalDataConfigurationBigtableOptions { + return v.BigtableOptions + }).(TableExternalDataConfigurationBigtableOptionsPtrOutput) +} + // The compression type of the data source. // Valid values are "NONE" or "GZIP". func (o TableExternalDataConfigurationOutput) Compression() pulumi.StringPtrOutput { @@ -11416,6 +11430,17 @@ func (o TableExternalDataConfigurationPtrOutput) AvroOptions() TableExternalData }).(TableExternalDataConfigurationAvroOptionsPtrOutput) } +// Additional properties to set if +// `sourceFormat` is set to "BIGTABLE". Structure is documented below. +func (o TableExternalDataConfigurationPtrOutput) BigtableOptions() TableExternalDataConfigurationBigtableOptionsPtrOutput { + return o.ApplyT(func(v *TableExternalDataConfiguration) *TableExternalDataConfigurationBigtableOptions { + if v == nil { + return nil + } + return v.BigtableOptions + }).(TableExternalDataConfigurationBigtableOptionsPtrOutput) +} + // The compression type of the data source. // Valid values are "NONE" or "GZIP". func (o TableExternalDataConfigurationPtrOutput) Compression() pulumi.StringPtrOutput { @@ -11773,6 +11798,483 @@ func (o TableExternalDataConfigurationAvroOptionsPtrOutput) UseAvroLogicalTypes( }).(pulumi.BoolPtrOutput) } +type TableExternalDataConfigurationBigtableOptions struct { + // A list of column families to expose in the table schema along with their types. This list restricts the column families that can be referenced in queries and specifies their value types. You can use this list to do type conversions - see the 'type' field for more details. If you leave this list empty, all column families are present in the table schema and their values are read as BYTES. During a query only the column families referenced in that query are read from Bigtable. Structure is documented below. + ColumnFamilies []TableExternalDataConfigurationBigtableOptionsColumnFamily `pulumi:"columnFamilies"` + // If field is true, then the column families that are not specified in columnFamilies list are not exposed in the table schema. Otherwise, they are read with BYTES type values. The default value is false. + IgnoreUnspecifiedColumnFamilies *bool `pulumi:"ignoreUnspecifiedColumnFamilies"` + // If field is true, then each column family will be read as a single JSON column. Otherwise they are read as a repeated cell structure containing timestamp/value tuples. The default value is false. + OutputColumnFamiliesAsJson *bool `pulumi:"outputColumnFamiliesAsJson"` + // If field is true, then the rowkey column families will be read and converted to string. Otherwise they are read with BYTES type values and users need to manually cast them with CAST if necessary. The default value is false. + ReadRowkeyAsString *bool `pulumi:"readRowkeyAsString"` +} + +// TableExternalDataConfigurationBigtableOptionsInput is an input type that accepts TableExternalDataConfigurationBigtableOptionsArgs and TableExternalDataConfigurationBigtableOptionsOutput values. +// You can construct a concrete instance of `TableExternalDataConfigurationBigtableOptionsInput` via: +// +// TableExternalDataConfigurationBigtableOptionsArgs{...} +type TableExternalDataConfigurationBigtableOptionsInput interface { + pulumi.Input + + ToTableExternalDataConfigurationBigtableOptionsOutput() TableExternalDataConfigurationBigtableOptionsOutput + ToTableExternalDataConfigurationBigtableOptionsOutputWithContext(context.Context) TableExternalDataConfigurationBigtableOptionsOutput +} + +type TableExternalDataConfigurationBigtableOptionsArgs struct { + // A list of column families to expose in the table schema along with their types. This list restricts the column families that can be referenced in queries and specifies their value types. You can use this list to do type conversions - see the 'type' field for more details. If you leave this list empty, all column families are present in the table schema and their values are read as BYTES. During a query only the column families referenced in that query are read from Bigtable. Structure is documented below. + ColumnFamilies TableExternalDataConfigurationBigtableOptionsColumnFamilyArrayInput `pulumi:"columnFamilies"` + // If field is true, then the column families that are not specified in columnFamilies list are not exposed in the table schema. Otherwise, they are read with BYTES type values. The default value is false. + IgnoreUnspecifiedColumnFamilies pulumi.BoolPtrInput `pulumi:"ignoreUnspecifiedColumnFamilies"` + // If field is true, then each column family will be read as a single JSON column. Otherwise they are read as a repeated cell structure containing timestamp/value tuples. The default value is false. + OutputColumnFamiliesAsJson pulumi.BoolPtrInput `pulumi:"outputColumnFamiliesAsJson"` + // If field is true, then the rowkey column families will be read and converted to string. Otherwise they are read with BYTES type values and users need to manually cast them with CAST if necessary. The default value is false. + ReadRowkeyAsString pulumi.BoolPtrInput `pulumi:"readRowkeyAsString"` +} + +func (TableExternalDataConfigurationBigtableOptionsArgs) ElementType() reflect.Type { + return reflect.TypeOf((*TableExternalDataConfigurationBigtableOptions)(nil)).Elem() +} + +func (i TableExternalDataConfigurationBigtableOptionsArgs) ToTableExternalDataConfigurationBigtableOptionsOutput() TableExternalDataConfigurationBigtableOptionsOutput { + return i.ToTableExternalDataConfigurationBigtableOptionsOutputWithContext(context.Background()) +} + +func (i TableExternalDataConfigurationBigtableOptionsArgs) ToTableExternalDataConfigurationBigtableOptionsOutputWithContext(ctx context.Context) TableExternalDataConfigurationBigtableOptionsOutput { + return pulumi.ToOutputWithContext(ctx, i).(TableExternalDataConfigurationBigtableOptionsOutput) +} + +func (i TableExternalDataConfigurationBigtableOptionsArgs) ToTableExternalDataConfigurationBigtableOptionsPtrOutput() TableExternalDataConfigurationBigtableOptionsPtrOutput { + return i.ToTableExternalDataConfigurationBigtableOptionsPtrOutputWithContext(context.Background()) +} + +func (i TableExternalDataConfigurationBigtableOptionsArgs) ToTableExternalDataConfigurationBigtableOptionsPtrOutputWithContext(ctx context.Context) TableExternalDataConfigurationBigtableOptionsPtrOutput { + return pulumi.ToOutputWithContext(ctx, i).(TableExternalDataConfigurationBigtableOptionsOutput).ToTableExternalDataConfigurationBigtableOptionsPtrOutputWithContext(ctx) +} + +// TableExternalDataConfigurationBigtableOptionsPtrInput is an input type that accepts TableExternalDataConfigurationBigtableOptionsArgs, TableExternalDataConfigurationBigtableOptionsPtr and TableExternalDataConfigurationBigtableOptionsPtrOutput values. +// You can construct a concrete instance of `TableExternalDataConfigurationBigtableOptionsPtrInput` via: +// +// TableExternalDataConfigurationBigtableOptionsArgs{...} +// +// or: +// +// nil +type TableExternalDataConfigurationBigtableOptionsPtrInput interface { + pulumi.Input + + ToTableExternalDataConfigurationBigtableOptionsPtrOutput() TableExternalDataConfigurationBigtableOptionsPtrOutput + ToTableExternalDataConfigurationBigtableOptionsPtrOutputWithContext(context.Context) TableExternalDataConfigurationBigtableOptionsPtrOutput +} + +type tableExternalDataConfigurationBigtableOptionsPtrType TableExternalDataConfigurationBigtableOptionsArgs + +func TableExternalDataConfigurationBigtableOptionsPtr(v *TableExternalDataConfigurationBigtableOptionsArgs) TableExternalDataConfigurationBigtableOptionsPtrInput { + return (*tableExternalDataConfigurationBigtableOptionsPtrType)(v) +} + +func (*tableExternalDataConfigurationBigtableOptionsPtrType) ElementType() reflect.Type { + return reflect.TypeOf((**TableExternalDataConfigurationBigtableOptions)(nil)).Elem() +} + +func (i *tableExternalDataConfigurationBigtableOptionsPtrType) ToTableExternalDataConfigurationBigtableOptionsPtrOutput() TableExternalDataConfigurationBigtableOptionsPtrOutput { + return i.ToTableExternalDataConfigurationBigtableOptionsPtrOutputWithContext(context.Background()) +} + +func (i *tableExternalDataConfigurationBigtableOptionsPtrType) ToTableExternalDataConfigurationBigtableOptionsPtrOutputWithContext(ctx context.Context) TableExternalDataConfigurationBigtableOptionsPtrOutput { + return pulumi.ToOutputWithContext(ctx, i).(TableExternalDataConfigurationBigtableOptionsPtrOutput) +} + +type TableExternalDataConfigurationBigtableOptionsOutput struct{ *pulumi.OutputState } + +func (TableExternalDataConfigurationBigtableOptionsOutput) ElementType() reflect.Type { + return reflect.TypeOf((*TableExternalDataConfigurationBigtableOptions)(nil)).Elem() +} + +func (o TableExternalDataConfigurationBigtableOptionsOutput) ToTableExternalDataConfigurationBigtableOptionsOutput() TableExternalDataConfigurationBigtableOptionsOutput { + return o +} + +func (o TableExternalDataConfigurationBigtableOptionsOutput) ToTableExternalDataConfigurationBigtableOptionsOutputWithContext(ctx context.Context) TableExternalDataConfigurationBigtableOptionsOutput { + return o +} + +func (o TableExternalDataConfigurationBigtableOptionsOutput) ToTableExternalDataConfigurationBigtableOptionsPtrOutput() TableExternalDataConfigurationBigtableOptionsPtrOutput { + return o.ToTableExternalDataConfigurationBigtableOptionsPtrOutputWithContext(context.Background()) +} + +func (o TableExternalDataConfigurationBigtableOptionsOutput) ToTableExternalDataConfigurationBigtableOptionsPtrOutputWithContext(ctx context.Context) TableExternalDataConfigurationBigtableOptionsPtrOutput { + return o.ApplyTWithContext(ctx, func(_ context.Context, v TableExternalDataConfigurationBigtableOptions) *TableExternalDataConfigurationBigtableOptions { + return &v + }).(TableExternalDataConfigurationBigtableOptionsPtrOutput) +} + +// A list of column families to expose in the table schema along with their types. This list restricts the column families that can be referenced in queries and specifies their value types. You can use this list to do type conversions - see the 'type' field for more details. If you leave this list empty, all column families are present in the table schema and their values are read as BYTES. During a query only the column families referenced in that query are read from Bigtable. Structure is documented below. +func (o TableExternalDataConfigurationBigtableOptionsOutput) ColumnFamilies() TableExternalDataConfigurationBigtableOptionsColumnFamilyArrayOutput { + return o.ApplyT(func(v TableExternalDataConfigurationBigtableOptions) []TableExternalDataConfigurationBigtableOptionsColumnFamily { + return v.ColumnFamilies + }).(TableExternalDataConfigurationBigtableOptionsColumnFamilyArrayOutput) +} + +// If field is true, then the column families that are not specified in columnFamilies list are not exposed in the table schema. Otherwise, they are read with BYTES type values. The default value is false. +func (o TableExternalDataConfigurationBigtableOptionsOutput) IgnoreUnspecifiedColumnFamilies() pulumi.BoolPtrOutput { + return o.ApplyT(func(v TableExternalDataConfigurationBigtableOptions) *bool { return v.IgnoreUnspecifiedColumnFamilies }).(pulumi.BoolPtrOutput) +} + +// If field is true, then each column family will be read as a single JSON column. Otherwise they are read as a repeated cell structure containing timestamp/value tuples. The default value is false. +func (o TableExternalDataConfigurationBigtableOptionsOutput) OutputColumnFamiliesAsJson() pulumi.BoolPtrOutput { + return o.ApplyT(func(v TableExternalDataConfigurationBigtableOptions) *bool { return v.OutputColumnFamiliesAsJson }).(pulumi.BoolPtrOutput) +} + +// If field is true, then the rowkey column families will be read and converted to string. Otherwise they are read with BYTES type values and users need to manually cast them with CAST if necessary. The default value is false. +func (o TableExternalDataConfigurationBigtableOptionsOutput) ReadRowkeyAsString() pulumi.BoolPtrOutput { + return o.ApplyT(func(v TableExternalDataConfigurationBigtableOptions) *bool { return v.ReadRowkeyAsString }).(pulumi.BoolPtrOutput) +} + +type TableExternalDataConfigurationBigtableOptionsPtrOutput struct{ *pulumi.OutputState } + +func (TableExternalDataConfigurationBigtableOptionsPtrOutput) ElementType() reflect.Type { + return reflect.TypeOf((**TableExternalDataConfigurationBigtableOptions)(nil)).Elem() +} + +func (o TableExternalDataConfigurationBigtableOptionsPtrOutput) ToTableExternalDataConfigurationBigtableOptionsPtrOutput() TableExternalDataConfigurationBigtableOptionsPtrOutput { + return o +} + +func (o TableExternalDataConfigurationBigtableOptionsPtrOutput) ToTableExternalDataConfigurationBigtableOptionsPtrOutputWithContext(ctx context.Context) TableExternalDataConfigurationBigtableOptionsPtrOutput { + return o +} + +func (o TableExternalDataConfigurationBigtableOptionsPtrOutput) Elem() TableExternalDataConfigurationBigtableOptionsOutput { + return o.ApplyT(func(v *TableExternalDataConfigurationBigtableOptions) TableExternalDataConfigurationBigtableOptions { + if v != nil { + return *v + } + var ret TableExternalDataConfigurationBigtableOptions + return ret + }).(TableExternalDataConfigurationBigtableOptionsOutput) +} + +// A list of column families to expose in the table schema along with their types. This list restricts the column families that can be referenced in queries and specifies their value types. You can use this list to do type conversions - see the 'type' field for more details. If you leave this list empty, all column families are present in the table schema and their values are read as BYTES. During a query only the column families referenced in that query are read from Bigtable. Structure is documented below. +func (o TableExternalDataConfigurationBigtableOptionsPtrOutput) ColumnFamilies() TableExternalDataConfigurationBigtableOptionsColumnFamilyArrayOutput { + return o.ApplyT(func(v *TableExternalDataConfigurationBigtableOptions) []TableExternalDataConfigurationBigtableOptionsColumnFamily { + if v == nil { + return nil + } + return v.ColumnFamilies + }).(TableExternalDataConfigurationBigtableOptionsColumnFamilyArrayOutput) +} + +// If field is true, then the column families that are not specified in columnFamilies list are not exposed in the table schema. Otherwise, they are read with BYTES type values. The default value is false. +func (o TableExternalDataConfigurationBigtableOptionsPtrOutput) IgnoreUnspecifiedColumnFamilies() pulumi.BoolPtrOutput { + return o.ApplyT(func(v *TableExternalDataConfigurationBigtableOptions) *bool { + if v == nil { + return nil + } + return v.IgnoreUnspecifiedColumnFamilies + }).(pulumi.BoolPtrOutput) +} + +// If field is true, then each column family will be read as a single JSON column. Otherwise they are read as a repeated cell structure containing timestamp/value tuples. The default value is false. +func (o TableExternalDataConfigurationBigtableOptionsPtrOutput) OutputColumnFamiliesAsJson() pulumi.BoolPtrOutput { + return o.ApplyT(func(v *TableExternalDataConfigurationBigtableOptions) *bool { + if v == nil { + return nil + } + return v.OutputColumnFamiliesAsJson + }).(pulumi.BoolPtrOutput) +} + +// If field is true, then the rowkey column families will be read and converted to string. Otherwise they are read with BYTES type values and users need to manually cast them with CAST if necessary. The default value is false. +func (o TableExternalDataConfigurationBigtableOptionsPtrOutput) ReadRowkeyAsString() pulumi.BoolPtrOutput { + return o.ApplyT(func(v *TableExternalDataConfigurationBigtableOptions) *bool { + if v == nil { + return nil + } + return v.ReadRowkeyAsString + }).(pulumi.BoolPtrOutput) +} + +type TableExternalDataConfigurationBigtableOptionsColumnFamily struct { + // A List of columns that should be exposed as individual fields as opposed to a list of (column name, value) pairs. All columns whose qualifier matches a qualifier in this list can be accessed as Other columns can be accessed as a list through column field. Structure is documented below. + Columns []TableExternalDataConfigurationBigtableOptionsColumnFamilyColumn `pulumi:"columns"` + // The encoding of the values when the type is not STRING. Acceptable encoding values are: TEXT - indicates values are alphanumeric text strings. BINARY - indicates values are encoded using HBase Bytes.toBytes family of functions. This can be overridden for a specific column by listing that column in 'columns' and specifying an encoding for it. + Encoding *string `pulumi:"encoding"` + // Identifier of the column family. + FamilyId *string `pulumi:"familyId"` + // If this is set only the latest version of value are exposed for all columns in this column family. This can be overridden for a specific column by listing that column in 'columns' and specifying a different setting for that column. + OnlyReadLatest *bool `pulumi:"onlyReadLatest"` + // The type to convert the value in cells of this column family. The values are expected to be encoded using HBase Bytes.toBytes function when using the BINARY encoding value. Following BigQuery types are allowed (case-sensitive): "BYTES", "STRING", "INTEGER", "FLOAT", "BOOLEAN", "JSON". Default type is BYTES. This can be overridden for a specific column by listing that column in 'columns' and specifying a type for it. + Type *string `pulumi:"type"` +} + +// TableExternalDataConfigurationBigtableOptionsColumnFamilyInput is an input type that accepts TableExternalDataConfigurationBigtableOptionsColumnFamilyArgs and TableExternalDataConfigurationBigtableOptionsColumnFamilyOutput values. +// You can construct a concrete instance of `TableExternalDataConfigurationBigtableOptionsColumnFamilyInput` via: +// +// TableExternalDataConfigurationBigtableOptionsColumnFamilyArgs{...} +type TableExternalDataConfigurationBigtableOptionsColumnFamilyInput interface { + pulumi.Input + + ToTableExternalDataConfigurationBigtableOptionsColumnFamilyOutput() TableExternalDataConfigurationBigtableOptionsColumnFamilyOutput + ToTableExternalDataConfigurationBigtableOptionsColumnFamilyOutputWithContext(context.Context) TableExternalDataConfigurationBigtableOptionsColumnFamilyOutput +} + +type TableExternalDataConfigurationBigtableOptionsColumnFamilyArgs struct { + // A List of columns that should be exposed as individual fields as opposed to a list of (column name, value) pairs. All columns whose qualifier matches a qualifier in this list can be accessed as Other columns can be accessed as a list through column field. Structure is documented below. + Columns TableExternalDataConfigurationBigtableOptionsColumnFamilyColumnArrayInput `pulumi:"columns"` + // The encoding of the values when the type is not STRING. Acceptable encoding values are: TEXT - indicates values are alphanumeric text strings. BINARY - indicates values are encoded using HBase Bytes.toBytes family of functions. This can be overridden for a specific column by listing that column in 'columns' and specifying an encoding for it. + Encoding pulumi.StringPtrInput `pulumi:"encoding"` + // Identifier of the column family. + FamilyId pulumi.StringPtrInput `pulumi:"familyId"` + // If this is set only the latest version of value are exposed for all columns in this column family. This can be overridden for a specific column by listing that column in 'columns' and specifying a different setting for that column. + OnlyReadLatest pulumi.BoolPtrInput `pulumi:"onlyReadLatest"` + // The type to convert the value in cells of this column family. The values are expected to be encoded using HBase Bytes.toBytes function when using the BINARY encoding value. Following BigQuery types are allowed (case-sensitive): "BYTES", "STRING", "INTEGER", "FLOAT", "BOOLEAN", "JSON". Default type is BYTES. This can be overridden for a specific column by listing that column in 'columns' and specifying a type for it. + Type pulumi.StringPtrInput `pulumi:"type"` +} + +func (TableExternalDataConfigurationBigtableOptionsColumnFamilyArgs) ElementType() reflect.Type { + return reflect.TypeOf((*TableExternalDataConfigurationBigtableOptionsColumnFamily)(nil)).Elem() +} + +func (i TableExternalDataConfigurationBigtableOptionsColumnFamilyArgs) ToTableExternalDataConfigurationBigtableOptionsColumnFamilyOutput() TableExternalDataConfigurationBigtableOptionsColumnFamilyOutput { + return i.ToTableExternalDataConfigurationBigtableOptionsColumnFamilyOutputWithContext(context.Background()) +} + +func (i TableExternalDataConfigurationBigtableOptionsColumnFamilyArgs) ToTableExternalDataConfigurationBigtableOptionsColumnFamilyOutputWithContext(ctx context.Context) TableExternalDataConfigurationBigtableOptionsColumnFamilyOutput { + return pulumi.ToOutputWithContext(ctx, i).(TableExternalDataConfigurationBigtableOptionsColumnFamilyOutput) +} + +// TableExternalDataConfigurationBigtableOptionsColumnFamilyArrayInput is an input type that accepts TableExternalDataConfigurationBigtableOptionsColumnFamilyArray and TableExternalDataConfigurationBigtableOptionsColumnFamilyArrayOutput values. +// You can construct a concrete instance of `TableExternalDataConfigurationBigtableOptionsColumnFamilyArrayInput` via: +// +// TableExternalDataConfigurationBigtableOptionsColumnFamilyArray{ TableExternalDataConfigurationBigtableOptionsColumnFamilyArgs{...} } +type TableExternalDataConfigurationBigtableOptionsColumnFamilyArrayInput interface { + pulumi.Input + + ToTableExternalDataConfigurationBigtableOptionsColumnFamilyArrayOutput() TableExternalDataConfigurationBigtableOptionsColumnFamilyArrayOutput + ToTableExternalDataConfigurationBigtableOptionsColumnFamilyArrayOutputWithContext(context.Context) TableExternalDataConfigurationBigtableOptionsColumnFamilyArrayOutput +} + +type TableExternalDataConfigurationBigtableOptionsColumnFamilyArray []TableExternalDataConfigurationBigtableOptionsColumnFamilyInput + +func (TableExternalDataConfigurationBigtableOptionsColumnFamilyArray) ElementType() reflect.Type { + return reflect.TypeOf((*[]TableExternalDataConfigurationBigtableOptionsColumnFamily)(nil)).Elem() +} + +func (i TableExternalDataConfigurationBigtableOptionsColumnFamilyArray) ToTableExternalDataConfigurationBigtableOptionsColumnFamilyArrayOutput() TableExternalDataConfigurationBigtableOptionsColumnFamilyArrayOutput { + return i.ToTableExternalDataConfigurationBigtableOptionsColumnFamilyArrayOutputWithContext(context.Background()) +} + +func (i TableExternalDataConfigurationBigtableOptionsColumnFamilyArray) ToTableExternalDataConfigurationBigtableOptionsColumnFamilyArrayOutputWithContext(ctx context.Context) TableExternalDataConfigurationBigtableOptionsColumnFamilyArrayOutput { + return pulumi.ToOutputWithContext(ctx, i).(TableExternalDataConfigurationBigtableOptionsColumnFamilyArrayOutput) +} + +type TableExternalDataConfigurationBigtableOptionsColumnFamilyOutput struct{ *pulumi.OutputState } + +func (TableExternalDataConfigurationBigtableOptionsColumnFamilyOutput) ElementType() reflect.Type { + return reflect.TypeOf((*TableExternalDataConfigurationBigtableOptionsColumnFamily)(nil)).Elem() +} + +func (o TableExternalDataConfigurationBigtableOptionsColumnFamilyOutput) ToTableExternalDataConfigurationBigtableOptionsColumnFamilyOutput() TableExternalDataConfigurationBigtableOptionsColumnFamilyOutput { + return o +} + +func (o TableExternalDataConfigurationBigtableOptionsColumnFamilyOutput) ToTableExternalDataConfigurationBigtableOptionsColumnFamilyOutputWithContext(ctx context.Context) TableExternalDataConfigurationBigtableOptionsColumnFamilyOutput { + return o +} + +// A List of columns that should be exposed as individual fields as opposed to a list of (column name, value) pairs. All columns whose qualifier matches a qualifier in this list can be accessed as Other columns can be accessed as a list through column field. Structure is documented below. +func (o TableExternalDataConfigurationBigtableOptionsColumnFamilyOutput) Columns() TableExternalDataConfigurationBigtableOptionsColumnFamilyColumnArrayOutput { + return o.ApplyT(func(v TableExternalDataConfigurationBigtableOptionsColumnFamily) []TableExternalDataConfigurationBigtableOptionsColumnFamilyColumn { + return v.Columns + }).(TableExternalDataConfigurationBigtableOptionsColumnFamilyColumnArrayOutput) +} + +// The encoding of the values when the type is not STRING. Acceptable encoding values are: TEXT - indicates values are alphanumeric text strings. BINARY - indicates values are encoded using HBase Bytes.toBytes family of functions. This can be overridden for a specific column by listing that column in 'columns' and specifying an encoding for it. +func (o TableExternalDataConfigurationBigtableOptionsColumnFamilyOutput) Encoding() pulumi.StringPtrOutput { + return o.ApplyT(func(v TableExternalDataConfigurationBigtableOptionsColumnFamily) *string { return v.Encoding }).(pulumi.StringPtrOutput) +} + +// Identifier of the column family. +func (o TableExternalDataConfigurationBigtableOptionsColumnFamilyOutput) FamilyId() pulumi.StringPtrOutput { + return o.ApplyT(func(v TableExternalDataConfigurationBigtableOptionsColumnFamily) *string { return v.FamilyId }).(pulumi.StringPtrOutput) +} + +// If this is set only the latest version of value are exposed for all columns in this column family. This can be overridden for a specific column by listing that column in 'columns' and specifying a different setting for that column. +func (o TableExternalDataConfigurationBigtableOptionsColumnFamilyOutput) OnlyReadLatest() pulumi.BoolPtrOutput { + return o.ApplyT(func(v TableExternalDataConfigurationBigtableOptionsColumnFamily) *bool { return v.OnlyReadLatest }).(pulumi.BoolPtrOutput) +} + +// The type to convert the value in cells of this column family. The values are expected to be encoded using HBase Bytes.toBytes function when using the BINARY encoding value. Following BigQuery types are allowed (case-sensitive): "BYTES", "STRING", "INTEGER", "FLOAT", "BOOLEAN", "JSON". Default type is BYTES. This can be overridden for a specific column by listing that column in 'columns' and specifying a type for it. +func (o TableExternalDataConfigurationBigtableOptionsColumnFamilyOutput) Type() pulumi.StringPtrOutput { + return o.ApplyT(func(v TableExternalDataConfigurationBigtableOptionsColumnFamily) *string { return v.Type }).(pulumi.StringPtrOutput) +} + +type TableExternalDataConfigurationBigtableOptionsColumnFamilyArrayOutput struct{ *pulumi.OutputState } + +func (TableExternalDataConfigurationBigtableOptionsColumnFamilyArrayOutput) ElementType() reflect.Type { + return reflect.TypeOf((*[]TableExternalDataConfigurationBigtableOptionsColumnFamily)(nil)).Elem() +} + +func (o TableExternalDataConfigurationBigtableOptionsColumnFamilyArrayOutput) ToTableExternalDataConfigurationBigtableOptionsColumnFamilyArrayOutput() TableExternalDataConfigurationBigtableOptionsColumnFamilyArrayOutput { + return o +} + +func (o TableExternalDataConfigurationBigtableOptionsColumnFamilyArrayOutput) ToTableExternalDataConfigurationBigtableOptionsColumnFamilyArrayOutputWithContext(ctx context.Context) TableExternalDataConfigurationBigtableOptionsColumnFamilyArrayOutput { + return o +} + +func (o TableExternalDataConfigurationBigtableOptionsColumnFamilyArrayOutput) Index(i pulumi.IntInput) TableExternalDataConfigurationBigtableOptionsColumnFamilyOutput { + return pulumi.All(o, i).ApplyT(func(vs []interface{}) TableExternalDataConfigurationBigtableOptionsColumnFamily { + return vs[0].([]TableExternalDataConfigurationBigtableOptionsColumnFamily)[vs[1].(int)] + }).(TableExternalDataConfigurationBigtableOptionsColumnFamilyOutput) +} + +type TableExternalDataConfigurationBigtableOptionsColumnFamilyColumn struct { + // The encoding of the values when the type is not STRING. Acceptable encoding values are: TEXT - indicates values are alphanumeric text strings. BINARY - indicates values are encoded using HBase Bytes.toBytes family of functions. 'encoding' can also be set at the column family level. However, the setting at this level takes precedence if 'encoding' is set at both levels. + Encoding *string `pulumi:"encoding"` + // If the qualifier is not a valid BigQuery field identifier i.e. does not match [a-zA-Z][a-zA-Z0-9_]*, a valid identifier must be provided as the column field name and is used as field name in queries. + FieldName *string `pulumi:"fieldName"` + // If this is set, only the latest version of value in this column are exposed. 'onlyReadLatest' can also be set at the column family level. However, the setting at this level takes precedence if 'onlyReadLatest' is set at both levels. + OnlyReadLatest *bool `pulumi:"onlyReadLatest"` + // Qualifier of the column. Columns in the parent column family that has this exact qualifier are exposed as . field. If the qualifier is valid UTF-8 string, it can be specified in the qualifierString field. Otherwise, a base-64 encoded value must be set to qualifierEncoded. The column field name is the same as the column qualifier. However, if the qualifier is not a valid BigQuery field identifier i.e. does not match [a-zA-Z][a-zA-Z0-9_]*, a valid identifier must be provided as fieldName. + QualifierEncoded *string `pulumi:"qualifierEncoded"` + // Qualifier string. + QualifierString *string `pulumi:"qualifierString"` + // The type to convert the value in cells of this column. The values are expected to be encoded using HBase Bytes.toBytes function when using the BINARY encoding value. Following BigQuery types are allowed (case-sensitive): "BYTES", "STRING", "INTEGER", "FLOAT", "BOOLEAN", "JSON", Default type is "BYTES". 'type' can also be set at the column family level. However, the setting at this level takes precedence if 'type' is set at both levels. + Type *string `pulumi:"type"` +} + +// TableExternalDataConfigurationBigtableOptionsColumnFamilyColumnInput is an input type that accepts TableExternalDataConfigurationBigtableOptionsColumnFamilyColumnArgs and TableExternalDataConfigurationBigtableOptionsColumnFamilyColumnOutput values. +// You can construct a concrete instance of `TableExternalDataConfigurationBigtableOptionsColumnFamilyColumnInput` via: +// +// TableExternalDataConfigurationBigtableOptionsColumnFamilyColumnArgs{...} +type TableExternalDataConfigurationBigtableOptionsColumnFamilyColumnInput interface { + pulumi.Input + + ToTableExternalDataConfigurationBigtableOptionsColumnFamilyColumnOutput() TableExternalDataConfigurationBigtableOptionsColumnFamilyColumnOutput + ToTableExternalDataConfigurationBigtableOptionsColumnFamilyColumnOutputWithContext(context.Context) TableExternalDataConfigurationBigtableOptionsColumnFamilyColumnOutput +} + +type TableExternalDataConfigurationBigtableOptionsColumnFamilyColumnArgs struct { + // The encoding of the values when the type is not STRING. Acceptable encoding values are: TEXT - indicates values are alphanumeric text strings. BINARY - indicates values are encoded using HBase Bytes.toBytes family of functions. 'encoding' can also be set at the column family level. However, the setting at this level takes precedence if 'encoding' is set at both levels. + Encoding pulumi.StringPtrInput `pulumi:"encoding"` + // If the qualifier is not a valid BigQuery field identifier i.e. does not match [a-zA-Z][a-zA-Z0-9_]*, a valid identifier must be provided as the column field name and is used as field name in queries. + FieldName pulumi.StringPtrInput `pulumi:"fieldName"` + // If this is set, only the latest version of value in this column are exposed. 'onlyReadLatest' can also be set at the column family level. However, the setting at this level takes precedence if 'onlyReadLatest' is set at both levels. + OnlyReadLatest pulumi.BoolPtrInput `pulumi:"onlyReadLatest"` + // Qualifier of the column. Columns in the parent column family that has this exact qualifier are exposed as . field. If the qualifier is valid UTF-8 string, it can be specified in the qualifierString field. Otherwise, a base-64 encoded value must be set to qualifierEncoded. The column field name is the same as the column qualifier. However, if the qualifier is not a valid BigQuery field identifier i.e. does not match [a-zA-Z][a-zA-Z0-9_]*, a valid identifier must be provided as fieldName. + QualifierEncoded pulumi.StringPtrInput `pulumi:"qualifierEncoded"` + // Qualifier string. + QualifierString pulumi.StringPtrInput `pulumi:"qualifierString"` + // The type to convert the value in cells of this column. The values are expected to be encoded using HBase Bytes.toBytes function when using the BINARY encoding value. Following BigQuery types are allowed (case-sensitive): "BYTES", "STRING", "INTEGER", "FLOAT", "BOOLEAN", "JSON", Default type is "BYTES". 'type' can also be set at the column family level. However, the setting at this level takes precedence if 'type' is set at both levels. + Type pulumi.StringPtrInput `pulumi:"type"` +} + +func (TableExternalDataConfigurationBigtableOptionsColumnFamilyColumnArgs) ElementType() reflect.Type { + return reflect.TypeOf((*TableExternalDataConfigurationBigtableOptionsColumnFamilyColumn)(nil)).Elem() +} + +func (i TableExternalDataConfigurationBigtableOptionsColumnFamilyColumnArgs) ToTableExternalDataConfigurationBigtableOptionsColumnFamilyColumnOutput() TableExternalDataConfigurationBigtableOptionsColumnFamilyColumnOutput { + return i.ToTableExternalDataConfigurationBigtableOptionsColumnFamilyColumnOutputWithContext(context.Background()) +} + +func (i TableExternalDataConfigurationBigtableOptionsColumnFamilyColumnArgs) ToTableExternalDataConfigurationBigtableOptionsColumnFamilyColumnOutputWithContext(ctx context.Context) TableExternalDataConfigurationBigtableOptionsColumnFamilyColumnOutput { + return pulumi.ToOutputWithContext(ctx, i).(TableExternalDataConfigurationBigtableOptionsColumnFamilyColumnOutput) +} + +// TableExternalDataConfigurationBigtableOptionsColumnFamilyColumnArrayInput is an input type that accepts TableExternalDataConfigurationBigtableOptionsColumnFamilyColumnArray and TableExternalDataConfigurationBigtableOptionsColumnFamilyColumnArrayOutput values. +// You can construct a concrete instance of `TableExternalDataConfigurationBigtableOptionsColumnFamilyColumnArrayInput` via: +// +// TableExternalDataConfigurationBigtableOptionsColumnFamilyColumnArray{ TableExternalDataConfigurationBigtableOptionsColumnFamilyColumnArgs{...} } +type TableExternalDataConfigurationBigtableOptionsColumnFamilyColumnArrayInput interface { + pulumi.Input + + ToTableExternalDataConfigurationBigtableOptionsColumnFamilyColumnArrayOutput() TableExternalDataConfigurationBigtableOptionsColumnFamilyColumnArrayOutput + ToTableExternalDataConfigurationBigtableOptionsColumnFamilyColumnArrayOutputWithContext(context.Context) TableExternalDataConfigurationBigtableOptionsColumnFamilyColumnArrayOutput +} + +type TableExternalDataConfigurationBigtableOptionsColumnFamilyColumnArray []TableExternalDataConfigurationBigtableOptionsColumnFamilyColumnInput + +func (TableExternalDataConfigurationBigtableOptionsColumnFamilyColumnArray) ElementType() reflect.Type { + return reflect.TypeOf((*[]TableExternalDataConfigurationBigtableOptionsColumnFamilyColumn)(nil)).Elem() +} + +func (i TableExternalDataConfigurationBigtableOptionsColumnFamilyColumnArray) ToTableExternalDataConfigurationBigtableOptionsColumnFamilyColumnArrayOutput() TableExternalDataConfigurationBigtableOptionsColumnFamilyColumnArrayOutput { + return i.ToTableExternalDataConfigurationBigtableOptionsColumnFamilyColumnArrayOutputWithContext(context.Background()) +} + +func (i TableExternalDataConfigurationBigtableOptionsColumnFamilyColumnArray) ToTableExternalDataConfigurationBigtableOptionsColumnFamilyColumnArrayOutputWithContext(ctx context.Context) TableExternalDataConfigurationBigtableOptionsColumnFamilyColumnArrayOutput { + return pulumi.ToOutputWithContext(ctx, i).(TableExternalDataConfigurationBigtableOptionsColumnFamilyColumnArrayOutput) +} + +type TableExternalDataConfigurationBigtableOptionsColumnFamilyColumnOutput struct{ *pulumi.OutputState } + +func (TableExternalDataConfigurationBigtableOptionsColumnFamilyColumnOutput) ElementType() reflect.Type { + return reflect.TypeOf((*TableExternalDataConfigurationBigtableOptionsColumnFamilyColumn)(nil)).Elem() +} + +func (o TableExternalDataConfigurationBigtableOptionsColumnFamilyColumnOutput) ToTableExternalDataConfigurationBigtableOptionsColumnFamilyColumnOutput() TableExternalDataConfigurationBigtableOptionsColumnFamilyColumnOutput { + return o +} + +func (o TableExternalDataConfigurationBigtableOptionsColumnFamilyColumnOutput) ToTableExternalDataConfigurationBigtableOptionsColumnFamilyColumnOutputWithContext(ctx context.Context) TableExternalDataConfigurationBigtableOptionsColumnFamilyColumnOutput { + return o +} + +// The encoding of the values when the type is not STRING. Acceptable encoding values are: TEXT - indicates values are alphanumeric text strings. BINARY - indicates values are encoded using HBase Bytes.toBytes family of functions. 'encoding' can also be set at the column family level. However, the setting at this level takes precedence if 'encoding' is set at both levels. +func (o TableExternalDataConfigurationBigtableOptionsColumnFamilyColumnOutput) Encoding() pulumi.StringPtrOutput { + return o.ApplyT(func(v TableExternalDataConfigurationBigtableOptionsColumnFamilyColumn) *string { return v.Encoding }).(pulumi.StringPtrOutput) +} + +// If the qualifier is not a valid BigQuery field identifier i.e. does not match [a-zA-Z][a-zA-Z0-9_]*, a valid identifier must be provided as the column field name and is used as field name in queries. +func (o TableExternalDataConfigurationBigtableOptionsColumnFamilyColumnOutput) FieldName() pulumi.StringPtrOutput { + return o.ApplyT(func(v TableExternalDataConfigurationBigtableOptionsColumnFamilyColumn) *string { return v.FieldName }).(pulumi.StringPtrOutput) +} + +// If this is set, only the latest version of value in this column are exposed. 'onlyReadLatest' can also be set at the column family level. However, the setting at this level takes precedence if 'onlyReadLatest' is set at both levels. +func (o TableExternalDataConfigurationBigtableOptionsColumnFamilyColumnOutput) OnlyReadLatest() pulumi.BoolPtrOutput { + return o.ApplyT(func(v TableExternalDataConfigurationBigtableOptionsColumnFamilyColumn) *bool { return v.OnlyReadLatest }).(pulumi.BoolPtrOutput) +} + +// Qualifier of the column. Columns in the parent column family that has this exact qualifier are exposed as . field. If the qualifier is valid UTF-8 string, it can be specified in the qualifierString field. Otherwise, a base-64 encoded value must be set to qualifierEncoded. The column field name is the same as the column qualifier. However, if the qualifier is not a valid BigQuery field identifier i.e. does not match [a-zA-Z][a-zA-Z0-9_]*, a valid identifier must be provided as fieldName. +func (o TableExternalDataConfigurationBigtableOptionsColumnFamilyColumnOutput) QualifierEncoded() pulumi.StringPtrOutput { + return o.ApplyT(func(v TableExternalDataConfigurationBigtableOptionsColumnFamilyColumn) *string { + return v.QualifierEncoded + }).(pulumi.StringPtrOutput) +} + +// Qualifier string. +func (o TableExternalDataConfigurationBigtableOptionsColumnFamilyColumnOutput) QualifierString() pulumi.StringPtrOutput { + return o.ApplyT(func(v TableExternalDataConfigurationBigtableOptionsColumnFamilyColumn) *string { + return v.QualifierString + }).(pulumi.StringPtrOutput) +} + +// The type to convert the value in cells of this column. The values are expected to be encoded using HBase Bytes.toBytes function when using the BINARY encoding value. Following BigQuery types are allowed (case-sensitive): "BYTES", "STRING", "INTEGER", "FLOAT", "BOOLEAN", "JSON", Default type is "BYTES". 'type' can also be set at the column family level. However, the setting at this level takes precedence if 'type' is set at both levels. +func (o TableExternalDataConfigurationBigtableOptionsColumnFamilyColumnOutput) Type() pulumi.StringPtrOutput { + return o.ApplyT(func(v TableExternalDataConfigurationBigtableOptionsColumnFamilyColumn) *string { return v.Type }).(pulumi.StringPtrOutput) +} + +type TableExternalDataConfigurationBigtableOptionsColumnFamilyColumnArrayOutput struct{ *pulumi.OutputState } + +func (TableExternalDataConfigurationBigtableOptionsColumnFamilyColumnArrayOutput) ElementType() reflect.Type { + return reflect.TypeOf((*[]TableExternalDataConfigurationBigtableOptionsColumnFamilyColumn)(nil)).Elem() +} + +func (o TableExternalDataConfigurationBigtableOptionsColumnFamilyColumnArrayOutput) ToTableExternalDataConfigurationBigtableOptionsColumnFamilyColumnArrayOutput() TableExternalDataConfigurationBigtableOptionsColumnFamilyColumnArrayOutput { + return o +} + +func (o TableExternalDataConfigurationBigtableOptionsColumnFamilyColumnArrayOutput) ToTableExternalDataConfigurationBigtableOptionsColumnFamilyColumnArrayOutputWithContext(ctx context.Context) TableExternalDataConfigurationBigtableOptionsColumnFamilyColumnArrayOutput { + return o +} + +func (o TableExternalDataConfigurationBigtableOptionsColumnFamilyColumnArrayOutput) Index(i pulumi.IntInput) TableExternalDataConfigurationBigtableOptionsColumnFamilyColumnOutput { + return pulumi.All(o, i).ApplyT(func(vs []interface{}) TableExternalDataConfigurationBigtableOptionsColumnFamilyColumn { + return vs[0].([]TableExternalDataConfigurationBigtableOptionsColumnFamilyColumn)[vs[1].(int)] + }).(TableExternalDataConfigurationBigtableOptionsColumnFamilyColumnOutput) +} + type TableExternalDataConfigurationCsvOptions struct { // Indicates if BigQuery should accept rows // that are missing trailing optional columns. @@ -13890,7 +14392,8 @@ func (o TableTableConstraintsPrimaryKeyPtrOutput) Columns() pulumi.StringArrayOu } type TableTableReplicationInfo struct { - // The interval at which the source materialized view is polled for updates. The default is 300000. + // The interval at which the source + // materialized view is polled for updates. The default is 300000. ReplicationIntervalMs *int `pulumi:"replicationIntervalMs"` // The ID of the source dataset. SourceDatasetId string `pulumi:"sourceDatasetId"` @@ -13912,7 +14415,8 @@ type TableTableReplicationInfoInput interface { } type TableTableReplicationInfoArgs struct { - // The interval at which the source materialized view is polled for updates. The default is 300000. + // The interval at which the source + // materialized view is polled for updates. The default is 300000. ReplicationIntervalMs pulumi.IntPtrInput `pulumi:"replicationIntervalMs"` // The ID of the source dataset. SourceDatasetId pulumi.StringInput `pulumi:"sourceDatasetId"` @@ -13999,7 +14503,8 @@ func (o TableTableReplicationInfoOutput) ToTableTableReplicationInfoPtrOutputWit }).(TableTableReplicationInfoPtrOutput) } -// The interval at which the source materialized view is polled for updates. The default is 300000. +// The interval at which the source +// materialized view is polled for updates. The default is 300000. func (o TableTableReplicationInfoOutput) ReplicationIntervalMs() pulumi.IntPtrOutput { return o.ApplyT(func(v TableTableReplicationInfo) *int { return v.ReplicationIntervalMs }).(pulumi.IntPtrOutput) } @@ -14043,7 +14548,8 @@ func (o TableTableReplicationInfoPtrOutput) Elem() TableTableReplicationInfoOutp }).(TableTableReplicationInfoOutput) } -// The interval at which the source materialized view is polled for updates. The default is 300000. +// The interval at which the source +// materialized view is polled for updates. The default is 300000. func (o TableTableReplicationInfoPtrOutput) ReplicationIntervalMs() pulumi.IntPtrOutput { return o.ApplyT(func(v *TableTableReplicationInfo) *int { if v == nil { @@ -15499,6 +16005,12 @@ func init() { pulumi.RegisterInputType(reflect.TypeOf((*TableExternalDataConfigurationPtrInput)(nil)).Elem(), TableExternalDataConfigurationArgs{}) pulumi.RegisterInputType(reflect.TypeOf((*TableExternalDataConfigurationAvroOptionsInput)(nil)).Elem(), TableExternalDataConfigurationAvroOptionsArgs{}) pulumi.RegisterInputType(reflect.TypeOf((*TableExternalDataConfigurationAvroOptionsPtrInput)(nil)).Elem(), TableExternalDataConfigurationAvroOptionsArgs{}) + pulumi.RegisterInputType(reflect.TypeOf((*TableExternalDataConfigurationBigtableOptionsInput)(nil)).Elem(), TableExternalDataConfigurationBigtableOptionsArgs{}) + pulumi.RegisterInputType(reflect.TypeOf((*TableExternalDataConfigurationBigtableOptionsPtrInput)(nil)).Elem(), TableExternalDataConfigurationBigtableOptionsArgs{}) + pulumi.RegisterInputType(reflect.TypeOf((*TableExternalDataConfigurationBigtableOptionsColumnFamilyInput)(nil)).Elem(), TableExternalDataConfigurationBigtableOptionsColumnFamilyArgs{}) + pulumi.RegisterInputType(reflect.TypeOf((*TableExternalDataConfigurationBigtableOptionsColumnFamilyArrayInput)(nil)).Elem(), TableExternalDataConfigurationBigtableOptionsColumnFamilyArray{}) + pulumi.RegisterInputType(reflect.TypeOf((*TableExternalDataConfigurationBigtableOptionsColumnFamilyColumnInput)(nil)).Elem(), TableExternalDataConfigurationBigtableOptionsColumnFamilyColumnArgs{}) + pulumi.RegisterInputType(reflect.TypeOf((*TableExternalDataConfigurationBigtableOptionsColumnFamilyColumnArrayInput)(nil)).Elem(), TableExternalDataConfigurationBigtableOptionsColumnFamilyColumnArray{}) pulumi.RegisterInputType(reflect.TypeOf((*TableExternalDataConfigurationCsvOptionsInput)(nil)).Elem(), TableExternalDataConfigurationCsvOptionsArgs{}) pulumi.RegisterInputType(reflect.TypeOf((*TableExternalDataConfigurationCsvOptionsPtrInput)(nil)).Elem(), TableExternalDataConfigurationCsvOptionsArgs{}) pulumi.RegisterInputType(reflect.TypeOf((*TableExternalDataConfigurationGoogleSheetsOptionsInput)(nil)).Elem(), TableExternalDataConfigurationGoogleSheetsOptionsArgs{}) @@ -15661,6 +16173,12 @@ func init() { pulumi.RegisterOutputType(TableExternalDataConfigurationPtrOutput{}) pulumi.RegisterOutputType(TableExternalDataConfigurationAvroOptionsOutput{}) pulumi.RegisterOutputType(TableExternalDataConfigurationAvroOptionsPtrOutput{}) + pulumi.RegisterOutputType(TableExternalDataConfigurationBigtableOptionsOutput{}) + pulumi.RegisterOutputType(TableExternalDataConfigurationBigtableOptionsPtrOutput{}) + pulumi.RegisterOutputType(TableExternalDataConfigurationBigtableOptionsColumnFamilyOutput{}) + pulumi.RegisterOutputType(TableExternalDataConfigurationBigtableOptionsColumnFamilyArrayOutput{}) + pulumi.RegisterOutputType(TableExternalDataConfigurationBigtableOptionsColumnFamilyColumnOutput{}) + pulumi.RegisterOutputType(TableExternalDataConfigurationBigtableOptionsColumnFamilyColumnArrayOutput{}) pulumi.RegisterOutputType(TableExternalDataConfigurationCsvOptionsOutput{}) pulumi.RegisterOutputType(TableExternalDataConfigurationCsvOptionsPtrOutput{}) pulumi.RegisterOutputType(TableExternalDataConfigurationGoogleSheetsOptionsOutput{}) diff --git a/sdk/go/gcp/bigquery/table.go b/sdk/go/gcp/bigquery/table.go index 4f400ee56c..3ae14f8ac4 100644 --- a/sdk/go/gcp/bigquery/table.go +++ b/sdk/go/gcp/bigquery/table.go @@ -126,7 +126,8 @@ import ( type Table struct { pulumi.CustomResourceState - // Whether or not to allow table deletion when there are still resource tags attached. + // This field is in beta. If set to true, it allows table deletion when there + // are still resource tags attached. The default value is false. AllowResourceTagsOnDeletion pulumi.BoolPtrOutput `pulumi:"allowResourceTagsOnDeletion"` // Specifies column names to use for data clustering. // Up to four top-level columns are allowed, and should be specified in @@ -212,9 +213,11 @@ type Table struct { // require a partition filter that can be used for partition elimination to be // specified. RequirePartitionFilter pulumi.BoolPtrOutput `pulumi:"requirePartitionFilter"` - // The tags attached to this table. Tag keys are globally unique. Tag key is expected to be in the namespaced format, for - // example "123456789012/environment" where 123456789012 is the ID of the parent organization or project resource for this - // tag key. Tag value is expected to be the short name, for example "Production". + // This field is in beta. The tags attached to this table. Tag keys are + // globally unique. Tag key is expected to be in the namespaced format, for + // example "123456789012/environment" where 123456789012 is the ID of the + // parent organization or project resource for this tag key. Tag value is + // expected to be the short name, for example "Production". ResourceTags pulumi.StringMapOutput `pulumi:"resourceTags"` // A JSON schema for the table. Schema pulumi.StringOutput `pulumi:"schema"` @@ -226,7 +229,10 @@ type Table struct { // A unique ID for the resource. // Changing this forces a new resource to be created. TableId pulumi.StringOutput `pulumi:"tableId"` - // Replication info of a table created using "AS REPLICA" DDL like: "CREATE MATERIALIZED VIEW mv1 AS REPLICA OF srcMv". + // Replication info of a table created + // using "AS REPLICA" DDL like: + // `CREATE MATERIALIZED VIEW mv1 AS REPLICA OF srcMv`. + // Structure is documented below. TableReplicationInfo TableTableReplicationInfoPtrOutput `pulumi:"tableReplicationInfo"` // If specified, configures time-based // partitioning for this table. Structure is documented below. @@ -279,7 +285,8 @@ func GetTable(ctx *pulumi.Context, // Input properties used for looking up and filtering Table resources. type tableState struct { - // Whether or not to allow table deletion when there are still resource tags attached. + // This field is in beta. If set to true, it allows table deletion when there + // are still resource tags attached. The default value is false. AllowResourceTagsOnDeletion *bool `pulumi:"allowResourceTagsOnDeletion"` // Specifies column names to use for data clustering. // Up to four top-level columns are allowed, and should be specified in @@ -365,9 +372,11 @@ type tableState struct { // require a partition filter that can be used for partition elimination to be // specified. RequirePartitionFilter *bool `pulumi:"requirePartitionFilter"` - // The tags attached to this table. Tag keys are globally unique. Tag key is expected to be in the namespaced format, for - // example "123456789012/environment" where 123456789012 is the ID of the parent organization or project resource for this - // tag key. Tag value is expected to be the short name, for example "Production". + // This field is in beta. The tags attached to this table. Tag keys are + // globally unique. Tag key is expected to be in the namespaced format, for + // example "123456789012/environment" where 123456789012 is the ID of the + // parent organization or project resource for this tag key. Tag value is + // expected to be the short name, for example "Production". ResourceTags map[string]string `pulumi:"resourceTags"` // A JSON schema for the table. Schema *string `pulumi:"schema"` @@ -379,7 +388,10 @@ type tableState struct { // A unique ID for the resource. // Changing this forces a new resource to be created. TableId *string `pulumi:"tableId"` - // Replication info of a table created using "AS REPLICA" DDL like: "CREATE MATERIALIZED VIEW mv1 AS REPLICA OF srcMv". + // Replication info of a table created + // using "AS REPLICA" DDL like: + // `CREATE MATERIALIZED VIEW mv1 AS REPLICA OF srcMv`. + // Structure is documented below. TableReplicationInfo *TableTableReplicationInfo `pulumi:"tableReplicationInfo"` // If specified, configures time-based // partitioning for this table. Structure is documented below. @@ -392,7 +404,8 @@ type tableState struct { } type TableState struct { - // Whether or not to allow table deletion when there are still resource tags attached. + // This field is in beta. If set to true, it allows table deletion when there + // are still resource tags attached. The default value is false. AllowResourceTagsOnDeletion pulumi.BoolPtrInput // Specifies column names to use for data clustering. // Up to four top-level columns are allowed, and should be specified in @@ -478,9 +491,11 @@ type TableState struct { // require a partition filter that can be used for partition elimination to be // specified. RequirePartitionFilter pulumi.BoolPtrInput - // The tags attached to this table. Tag keys are globally unique. Tag key is expected to be in the namespaced format, for - // example "123456789012/environment" where 123456789012 is the ID of the parent organization or project resource for this - // tag key. Tag value is expected to be the short name, for example "Production". + // This field is in beta. The tags attached to this table. Tag keys are + // globally unique. Tag key is expected to be in the namespaced format, for + // example "123456789012/environment" where 123456789012 is the ID of the + // parent organization or project resource for this tag key. Tag value is + // expected to be the short name, for example "Production". ResourceTags pulumi.StringMapInput // A JSON schema for the table. Schema pulumi.StringPtrInput @@ -492,7 +507,10 @@ type TableState struct { // A unique ID for the resource. // Changing this forces a new resource to be created. TableId pulumi.StringPtrInput - // Replication info of a table created using "AS REPLICA" DDL like: "CREATE MATERIALIZED VIEW mv1 AS REPLICA OF srcMv". + // Replication info of a table created + // using "AS REPLICA" DDL like: + // `CREATE MATERIALIZED VIEW mv1 AS REPLICA OF srcMv`. + // Structure is documented below. TableReplicationInfo TableTableReplicationInfoPtrInput // If specified, configures time-based // partitioning for this table. Structure is documented below. @@ -509,7 +527,8 @@ func (TableState) ElementType() reflect.Type { } type tableArgs struct { - // Whether or not to allow table deletion when there are still resource tags attached. + // This field is in beta. If set to true, it allows table deletion when there + // are still resource tags attached. The default value is false. AllowResourceTagsOnDeletion *bool `pulumi:"allowResourceTagsOnDeletion"` // Specifies column names to use for data clustering. // Up to four top-level columns are allowed, and should be specified in @@ -562,9 +581,11 @@ type tableArgs struct { // require a partition filter that can be used for partition elimination to be // specified. RequirePartitionFilter *bool `pulumi:"requirePartitionFilter"` - // The tags attached to this table. Tag keys are globally unique. Tag key is expected to be in the namespaced format, for - // example "123456789012/environment" where 123456789012 is the ID of the parent organization or project resource for this - // tag key. Tag value is expected to be the short name, for example "Production". + // This field is in beta. The tags attached to this table. Tag keys are + // globally unique. Tag key is expected to be in the namespaced format, for + // example "123456789012/environment" where 123456789012 is the ID of the + // parent organization or project resource for this tag key. Tag value is + // expected to be the short name, for example "Production". ResourceTags map[string]string `pulumi:"resourceTags"` // A JSON schema for the table. Schema *string `pulumi:"schema"` @@ -574,7 +595,10 @@ type tableArgs struct { // A unique ID for the resource. // Changing this forces a new resource to be created. TableId string `pulumi:"tableId"` - // Replication info of a table created using "AS REPLICA" DDL like: "CREATE MATERIALIZED VIEW mv1 AS REPLICA OF srcMv". + // Replication info of a table created + // using "AS REPLICA" DDL like: + // `CREATE MATERIALIZED VIEW mv1 AS REPLICA OF srcMv`. + // Structure is documented below. TableReplicationInfo *TableTableReplicationInfo `pulumi:"tableReplicationInfo"` // If specified, configures time-based // partitioning for this table. Structure is documented below. @@ -586,7 +610,8 @@ type tableArgs struct { // The set of arguments for constructing a Table resource. type TableArgs struct { - // Whether or not to allow table deletion when there are still resource tags attached. + // This field is in beta. If set to true, it allows table deletion when there + // are still resource tags attached. The default value is false. AllowResourceTagsOnDeletion pulumi.BoolPtrInput // Specifies column names to use for data clustering. // Up to four top-level columns are allowed, and should be specified in @@ -639,9 +664,11 @@ type TableArgs struct { // require a partition filter that can be used for partition elimination to be // specified. RequirePartitionFilter pulumi.BoolPtrInput - // The tags attached to this table. Tag keys are globally unique. Tag key is expected to be in the namespaced format, for - // example "123456789012/environment" where 123456789012 is the ID of the parent organization or project resource for this - // tag key. Tag value is expected to be the short name, for example "Production". + // This field is in beta. The tags attached to this table. Tag keys are + // globally unique. Tag key is expected to be in the namespaced format, for + // example "123456789012/environment" where 123456789012 is the ID of the + // parent organization or project resource for this tag key. Tag value is + // expected to be the short name, for example "Production". ResourceTags pulumi.StringMapInput // A JSON schema for the table. Schema pulumi.StringPtrInput @@ -651,7 +678,10 @@ type TableArgs struct { // A unique ID for the resource. // Changing this forces a new resource to be created. TableId pulumi.StringInput - // Replication info of a table created using "AS REPLICA" DDL like: "CREATE MATERIALIZED VIEW mv1 AS REPLICA OF srcMv". + // Replication info of a table created + // using "AS REPLICA" DDL like: + // `CREATE MATERIALIZED VIEW mv1 AS REPLICA OF srcMv`. + // Structure is documented below. TableReplicationInfo TableTableReplicationInfoPtrInput // If specified, configures time-based // partitioning for this table. Structure is documented below. @@ -748,7 +778,8 @@ func (o TableOutput) ToTableOutputWithContext(ctx context.Context) TableOutput { return o } -// Whether or not to allow table deletion when there are still resource tags attached. +// This field is in beta. If set to true, it allows table deletion when there +// are still resource tags attached. The default value is false. func (o TableOutput) AllowResourceTagsOnDeletion() pulumi.BoolPtrOutput { return o.ApplyT(func(v *Table) pulumi.BoolPtrOutput { return v.AllowResourceTagsOnDeletion }).(pulumi.BoolPtrOutput) } @@ -906,9 +937,11 @@ func (o TableOutput) RequirePartitionFilter() pulumi.BoolPtrOutput { return o.ApplyT(func(v *Table) pulumi.BoolPtrOutput { return v.RequirePartitionFilter }).(pulumi.BoolPtrOutput) } -// The tags attached to this table. Tag keys are globally unique. Tag key is expected to be in the namespaced format, for -// example "123456789012/environment" where 123456789012 is the ID of the parent organization or project resource for this -// tag key. Tag value is expected to be the short name, for example "Production". +// This field is in beta. The tags attached to this table. Tag keys are +// globally unique. Tag key is expected to be in the namespaced format, for +// example "123456789012/environment" where 123456789012 is the ID of the +// parent organization or project resource for this tag key. Tag value is +// expected to be the short name, for example "Production". func (o TableOutput) ResourceTags() pulumi.StringMapOutput { return o.ApplyT(func(v *Table) pulumi.StringMapOutput { return v.ResourceTags }).(pulumi.StringMapOutput) } @@ -935,7 +968,10 @@ func (o TableOutput) TableId() pulumi.StringOutput { return o.ApplyT(func(v *Table) pulumi.StringOutput { return v.TableId }).(pulumi.StringOutput) } -// Replication info of a table created using "AS REPLICA" DDL like: "CREATE MATERIALIZED VIEW mv1 AS REPLICA OF srcMv". +// Replication info of a table created +// using "AS REPLICA" DDL like: +// `CREATE MATERIALIZED VIEW mv1 AS REPLICA OF srcMv`. +// Structure is documented below. func (o TableOutput) TableReplicationInfo() TableTableReplicationInfoPtrOutput { return o.ApplyT(func(v *Table) TableTableReplicationInfoPtrOutput { return v.TableReplicationInfo }).(TableTableReplicationInfoPtrOutput) } diff --git a/sdk/go/gcp/cloudfunctionsv2/function.go b/sdk/go/gcp/cloudfunctionsv2/function.go index d32689a519..a5433c70b7 100644 --- a/sdk/go/gcp/cloudfunctionsv2/function.go +++ b/sdk/go/gcp/cloudfunctionsv2/function.go @@ -54,7 +54,7 @@ import ( // if err != nil { // return err // } -// function, err := cloudfunctionsv2.NewFunction(ctx, "function", &cloudfunctionsv2.FunctionArgs{ +// _, err = cloudfunctionsv2.NewFunction(ctx, "function", &cloudfunctionsv2.FunctionArgs{ // Name: pulumi.String("function-v2"), // Location: pulumi.String("us-central1"), // Description: pulumi.String("a new function"), @@ -77,9 +77,6 @@ import ( // if err != nil { // return err // } -// ctx.Export("functionUri", function.ServiceConfig.ApplyT(func(serviceConfig cloudfunctionsv2.FunctionServiceConfig) (*string, error) { -// return &serviceConfig.Uri, nil -// }).(pulumi.StringPtrOutput)) // return nil // }) // } @@ -693,7 +690,7 @@ import ( // if err != nil { // return err // } -// function, err := cloudfunctionsv2.NewFunction(ctx, "function", &cloudfunctionsv2.FunctionArgs{ +// _, err = cloudfunctionsv2.NewFunction(ctx, "function", &cloudfunctionsv2.FunctionArgs{ // Name: pulumi.String("function-v2"), // Location: pulumi.String("us-central1"), // Description: pulumi.String("a new function"), @@ -719,9 +716,6 @@ import ( // if err != nil { // return err // } -// ctx.Export("functionUri", function.ServiceConfig.ApplyT(func(serviceConfig cloudfunctionsv2.FunctionServiceConfig) (*string, error) { -// return &serviceConfig.Uri, nil -// }).(pulumi.StringPtrOutput)) // return nil // }) // } diff --git a/sdk/go/gcp/cloudrun/pulumiTypes.go b/sdk/go/gcp/cloudrun/pulumiTypes.go index 84e2af84fa..ddb551ff01 100644 --- a/sdk/go/gcp/cloudrun/pulumiTypes.go +++ b/sdk/go/gcp/cloudrun/pulumiTypes.go @@ -6671,6 +6671,11 @@ type ServiceTemplateSpecVolume struct { EmptyDir *ServiceTemplateSpecVolumeEmptyDir `pulumi:"emptyDir"` // Volume's name. Name string `pulumi:"name"` + // A filesystem backed by a Network File System share. This filesystem requires the + // run.googleapis.com/execution-environment annotation to be set to "gen2" and + // run.googleapis.com/launch-stage set to "BETA" or "ALPHA". + // Structure is documented below. + Nfs *ServiceTemplateSpecVolumeNfs `pulumi:"nfs"` // The secret's value will be presented as the content of a file whose // name is defined in the item path. If no items are defined, the name of // the file is the secret_name. @@ -6698,6 +6703,11 @@ type ServiceTemplateSpecVolumeArgs struct { EmptyDir ServiceTemplateSpecVolumeEmptyDirPtrInput `pulumi:"emptyDir"` // Volume's name. Name pulumi.StringInput `pulumi:"name"` + // A filesystem backed by a Network File System share. This filesystem requires the + // run.googleapis.com/execution-environment annotation to be set to "gen2" and + // run.googleapis.com/launch-stage set to "BETA" or "ALPHA". + // Structure is documented below. + Nfs ServiceTemplateSpecVolumeNfsPtrInput `pulumi:"nfs"` // The secret's value will be presented as the content of a file whose // name is defined in the item path. If no items are defined, the name of // the file is the secret_name. @@ -6773,6 +6783,14 @@ func (o ServiceTemplateSpecVolumeOutput) Name() pulumi.StringOutput { return o.ApplyT(func(v ServiceTemplateSpecVolume) string { return v.Name }).(pulumi.StringOutput) } +// A filesystem backed by a Network File System share. This filesystem requires the +// run.googleapis.com/execution-environment annotation to be set to "gen2" and +// run.googleapis.com/launch-stage set to "BETA" or "ALPHA". +// Structure is documented below. +func (o ServiceTemplateSpecVolumeOutput) Nfs() ServiceTemplateSpecVolumeNfsPtrOutput { + return o.ApplyT(func(v ServiceTemplateSpecVolume) *ServiceTemplateSpecVolumeNfs { return v.Nfs }).(ServiceTemplateSpecVolumeNfsPtrOutput) +} + // The secret's value will be presented as the content of a file whose // name is defined in the item path. If no items are defined, the name of // the file is the secret_name. @@ -6812,8 +6830,6 @@ type ServiceTemplateSpecVolumeCsi struct { // Driver-specific attributes. The following options are supported for available drivers: // * gcsfuse.run.googleapis.com // * bucketName: The name of the Cloud Storage Bucket that backs this volume. The Cloud Run Service identity must have access to this bucket. - // - // *** VolumeAttributes map[string]string `pulumi:"volumeAttributes"` } @@ -6839,8 +6855,6 @@ type ServiceTemplateSpecVolumeCsiArgs struct { // Driver-specific attributes. The following options are supported for available drivers: // * gcsfuse.run.googleapis.com // * bucketName: The name of the Cloud Storage Bucket that backs this volume. The Cloud Run Service identity must have access to this bucket. - // - // *** VolumeAttributes pulumi.StringMapInput `pulumi:"volumeAttributes"` } @@ -6937,8 +6951,6 @@ func (o ServiceTemplateSpecVolumeCsiOutput) ReadOnly() pulumi.BoolPtrOutput { // Driver-specific attributes. The following options are supported for available drivers: // * gcsfuse.run.googleapis.com // * bucketName: The name of the Cloud Storage Bucket that backs this volume. The Cloud Run Service identity must have access to this bucket. -// -// *** func (o ServiceTemplateSpecVolumeCsiOutput) VolumeAttributes() pulumi.StringMapOutput { return o.ApplyT(func(v ServiceTemplateSpecVolumeCsi) map[string]string { return v.VolumeAttributes }).(pulumi.StringMapOutput) } @@ -6993,8 +7005,6 @@ func (o ServiceTemplateSpecVolumeCsiPtrOutput) ReadOnly() pulumi.BoolPtrOutput { // Driver-specific attributes. The following options are supported for available drivers: // * gcsfuse.run.googleapis.com // * bucketName: The name of the Cloud Storage Bucket that backs this volume. The Cloud Run Service identity must have access to this bucket. -// -// *** func (o ServiceTemplateSpecVolumeCsiPtrOutput) VolumeAttributes() pulumi.StringMapOutput { return o.ApplyT(func(v *ServiceTemplateSpecVolumeCsi) map[string]string { if v == nil { @@ -7160,6 +7170,189 @@ func (o ServiceTemplateSpecVolumeEmptyDirPtrOutput) SizeLimit() pulumi.StringPtr }).(pulumi.StringPtrOutput) } +type ServiceTemplateSpecVolumeNfs struct { + // Path exported by the NFS server + Path string `pulumi:"path"` + // If true, mount the NFS volume as read only in all mounts. Defaults to false. + // + // *** + ReadOnly *bool `pulumi:"readOnly"` + // IP address or hostname of the NFS server + Server string `pulumi:"server"` +} + +// ServiceTemplateSpecVolumeNfsInput is an input type that accepts ServiceTemplateSpecVolumeNfsArgs and ServiceTemplateSpecVolumeNfsOutput values. +// You can construct a concrete instance of `ServiceTemplateSpecVolumeNfsInput` via: +// +// ServiceTemplateSpecVolumeNfsArgs{...} +type ServiceTemplateSpecVolumeNfsInput interface { + pulumi.Input + + ToServiceTemplateSpecVolumeNfsOutput() ServiceTemplateSpecVolumeNfsOutput + ToServiceTemplateSpecVolumeNfsOutputWithContext(context.Context) ServiceTemplateSpecVolumeNfsOutput +} + +type ServiceTemplateSpecVolumeNfsArgs struct { + // Path exported by the NFS server + Path pulumi.StringInput `pulumi:"path"` + // If true, mount the NFS volume as read only in all mounts. Defaults to false. + // + // *** + ReadOnly pulumi.BoolPtrInput `pulumi:"readOnly"` + // IP address or hostname of the NFS server + Server pulumi.StringInput `pulumi:"server"` +} + +func (ServiceTemplateSpecVolumeNfsArgs) ElementType() reflect.Type { + return reflect.TypeOf((*ServiceTemplateSpecVolumeNfs)(nil)).Elem() +} + +func (i ServiceTemplateSpecVolumeNfsArgs) ToServiceTemplateSpecVolumeNfsOutput() ServiceTemplateSpecVolumeNfsOutput { + return i.ToServiceTemplateSpecVolumeNfsOutputWithContext(context.Background()) +} + +func (i ServiceTemplateSpecVolumeNfsArgs) ToServiceTemplateSpecVolumeNfsOutputWithContext(ctx context.Context) ServiceTemplateSpecVolumeNfsOutput { + return pulumi.ToOutputWithContext(ctx, i).(ServiceTemplateSpecVolumeNfsOutput) +} + +func (i ServiceTemplateSpecVolumeNfsArgs) ToServiceTemplateSpecVolumeNfsPtrOutput() ServiceTemplateSpecVolumeNfsPtrOutput { + return i.ToServiceTemplateSpecVolumeNfsPtrOutputWithContext(context.Background()) +} + +func (i ServiceTemplateSpecVolumeNfsArgs) ToServiceTemplateSpecVolumeNfsPtrOutputWithContext(ctx context.Context) ServiceTemplateSpecVolumeNfsPtrOutput { + return pulumi.ToOutputWithContext(ctx, i).(ServiceTemplateSpecVolumeNfsOutput).ToServiceTemplateSpecVolumeNfsPtrOutputWithContext(ctx) +} + +// ServiceTemplateSpecVolumeNfsPtrInput is an input type that accepts ServiceTemplateSpecVolumeNfsArgs, ServiceTemplateSpecVolumeNfsPtr and ServiceTemplateSpecVolumeNfsPtrOutput values. +// You can construct a concrete instance of `ServiceTemplateSpecVolumeNfsPtrInput` via: +// +// ServiceTemplateSpecVolumeNfsArgs{...} +// +// or: +// +// nil +type ServiceTemplateSpecVolumeNfsPtrInput interface { + pulumi.Input + + ToServiceTemplateSpecVolumeNfsPtrOutput() ServiceTemplateSpecVolumeNfsPtrOutput + ToServiceTemplateSpecVolumeNfsPtrOutputWithContext(context.Context) ServiceTemplateSpecVolumeNfsPtrOutput +} + +type serviceTemplateSpecVolumeNfsPtrType ServiceTemplateSpecVolumeNfsArgs + +func ServiceTemplateSpecVolumeNfsPtr(v *ServiceTemplateSpecVolumeNfsArgs) ServiceTemplateSpecVolumeNfsPtrInput { + return (*serviceTemplateSpecVolumeNfsPtrType)(v) +} + +func (*serviceTemplateSpecVolumeNfsPtrType) ElementType() reflect.Type { + return reflect.TypeOf((**ServiceTemplateSpecVolumeNfs)(nil)).Elem() +} + +func (i *serviceTemplateSpecVolumeNfsPtrType) ToServiceTemplateSpecVolumeNfsPtrOutput() ServiceTemplateSpecVolumeNfsPtrOutput { + return i.ToServiceTemplateSpecVolumeNfsPtrOutputWithContext(context.Background()) +} + +func (i *serviceTemplateSpecVolumeNfsPtrType) ToServiceTemplateSpecVolumeNfsPtrOutputWithContext(ctx context.Context) ServiceTemplateSpecVolumeNfsPtrOutput { + return pulumi.ToOutputWithContext(ctx, i).(ServiceTemplateSpecVolumeNfsPtrOutput) +} + +type ServiceTemplateSpecVolumeNfsOutput struct{ *pulumi.OutputState } + +func (ServiceTemplateSpecVolumeNfsOutput) ElementType() reflect.Type { + return reflect.TypeOf((*ServiceTemplateSpecVolumeNfs)(nil)).Elem() +} + +func (o ServiceTemplateSpecVolumeNfsOutput) ToServiceTemplateSpecVolumeNfsOutput() ServiceTemplateSpecVolumeNfsOutput { + return o +} + +func (o ServiceTemplateSpecVolumeNfsOutput) ToServiceTemplateSpecVolumeNfsOutputWithContext(ctx context.Context) ServiceTemplateSpecVolumeNfsOutput { + return o +} + +func (o ServiceTemplateSpecVolumeNfsOutput) ToServiceTemplateSpecVolumeNfsPtrOutput() ServiceTemplateSpecVolumeNfsPtrOutput { + return o.ToServiceTemplateSpecVolumeNfsPtrOutputWithContext(context.Background()) +} + +func (o ServiceTemplateSpecVolumeNfsOutput) ToServiceTemplateSpecVolumeNfsPtrOutputWithContext(ctx context.Context) ServiceTemplateSpecVolumeNfsPtrOutput { + return o.ApplyTWithContext(ctx, func(_ context.Context, v ServiceTemplateSpecVolumeNfs) *ServiceTemplateSpecVolumeNfs { + return &v + }).(ServiceTemplateSpecVolumeNfsPtrOutput) +} + +// Path exported by the NFS server +func (o ServiceTemplateSpecVolumeNfsOutput) Path() pulumi.StringOutput { + return o.ApplyT(func(v ServiceTemplateSpecVolumeNfs) string { return v.Path }).(pulumi.StringOutput) +} + +// If true, mount the NFS volume as read only in all mounts. Defaults to false. +// +// *** +func (o ServiceTemplateSpecVolumeNfsOutput) ReadOnly() pulumi.BoolPtrOutput { + return o.ApplyT(func(v ServiceTemplateSpecVolumeNfs) *bool { return v.ReadOnly }).(pulumi.BoolPtrOutput) +} + +// IP address or hostname of the NFS server +func (o ServiceTemplateSpecVolumeNfsOutput) Server() pulumi.StringOutput { + return o.ApplyT(func(v ServiceTemplateSpecVolumeNfs) string { return v.Server }).(pulumi.StringOutput) +} + +type ServiceTemplateSpecVolumeNfsPtrOutput struct{ *pulumi.OutputState } + +func (ServiceTemplateSpecVolumeNfsPtrOutput) ElementType() reflect.Type { + return reflect.TypeOf((**ServiceTemplateSpecVolumeNfs)(nil)).Elem() +} + +func (o ServiceTemplateSpecVolumeNfsPtrOutput) ToServiceTemplateSpecVolumeNfsPtrOutput() ServiceTemplateSpecVolumeNfsPtrOutput { + return o +} + +func (o ServiceTemplateSpecVolumeNfsPtrOutput) ToServiceTemplateSpecVolumeNfsPtrOutputWithContext(ctx context.Context) ServiceTemplateSpecVolumeNfsPtrOutput { + return o +} + +func (o ServiceTemplateSpecVolumeNfsPtrOutput) Elem() ServiceTemplateSpecVolumeNfsOutput { + return o.ApplyT(func(v *ServiceTemplateSpecVolumeNfs) ServiceTemplateSpecVolumeNfs { + if v != nil { + return *v + } + var ret ServiceTemplateSpecVolumeNfs + return ret + }).(ServiceTemplateSpecVolumeNfsOutput) +} + +// Path exported by the NFS server +func (o ServiceTemplateSpecVolumeNfsPtrOutput) Path() pulumi.StringPtrOutput { + return o.ApplyT(func(v *ServiceTemplateSpecVolumeNfs) *string { + if v == nil { + return nil + } + return &v.Path + }).(pulumi.StringPtrOutput) +} + +// If true, mount the NFS volume as read only in all mounts. Defaults to false. +// +// *** +func (o ServiceTemplateSpecVolumeNfsPtrOutput) ReadOnly() pulumi.BoolPtrOutput { + return o.ApplyT(func(v *ServiceTemplateSpecVolumeNfs) *bool { + if v == nil { + return nil + } + return v.ReadOnly + }).(pulumi.BoolPtrOutput) +} + +// IP address or hostname of the NFS server +func (o ServiceTemplateSpecVolumeNfsPtrOutput) Server() pulumi.StringPtrOutput { + return o.ApplyT(func(v *ServiceTemplateSpecVolumeNfs) *string { + if v == nil { + return nil + } + return &v.Server + }).(pulumi.StringPtrOutput) +} + type ServiceTemplateSpecVolumeSecret struct { // Mode bits to use on created files by default. Must be a value between 0000 // and 0777. Defaults to 0644. Directories within the path are not affected by @@ -11384,6 +11577,10 @@ type GetServiceTemplateSpecVolume struct { EmptyDirs []GetServiceTemplateSpecVolumeEmptyDir `pulumi:"emptyDirs"` // The name of the Cloud Run Service. Name string `pulumi:"name"` + // A filesystem backed by a Network File System share. This filesystem requires the + // run.googleapis.com/execution-environment annotation to be set to "gen2" and + // run.googleapis.com/launch-stage set to "BETA" or "ALPHA". + Nfs []GetServiceTemplateSpecVolumeNf `pulumi:"nfs"` // The secret's value will be presented as the content of a file whose // name is defined in the item path. If no items are defined, the name of // the file is the secret_name. @@ -11408,6 +11605,10 @@ type GetServiceTemplateSpecVolumeArgs struct { EmptyDirs GetServiceTemplateSpecVolumeEmptyDirArrayInput `pulumi:"emptyDirs"` // The name of the Cloud Run Service. Name pulumi.StringInput `pulumi:"name"` + // A filesystem backed by a Network File System share. This filesystem requires the + // run.googleapis.com/execution-environment annotation to be set to "gen2" and + // run.googleapis.com/launch-stage set to "BETA" or "ALPHA". + Nfs GetServiceTemplateSpecVolumeNfArrayInput `pulumi:"nfs"` // The secret's value will be presented as the content of a file whose // name is defined in the item path. If no items are defined, the name of // the file is the secret_name. @@ -11480,6 +11681,13 @@ func (o GetServiceTemplateSpecVolumeOutput) Name() pulumi.StringOutput { return o.ApplyT(func(v GetServiceTemplateSpecVolume) string { return v.Name }).(pulumi.StringOutput) } +// A filesystem backed by a Network File System share. This filesystem requires the +// run.googleapis.com/execution-environment annotation to be set to "gen2" and +// run.googleapis.com/launch-stage set to "BETA" or "ALPHA". +func (o GetServiceTemplateSpecVolumeOutput) Nfs() GetServiceTemplateSpecVolumeNfArrayOutput { + return o.ApplyT(func(v GetServiceTemplateSpecVolume) []GetServiceTemplateSpecVolumeNf { return v.Nfs }).(GetServiceTemplateSpecVolumeNfArrayOutput) +} + // The secret's value will be presented as the content of a file whose // name is defined in the item path. If no items are defined, the name of // the file is the secret_name. @@ -11743,6 +11951,121 @@ func (o GetServiceTemplateSpecVolumeEmptyDirArrayOutput) Index(i pulumi.IntInput }).(GetServiceTemplateSpecVolumeEmptyDirOutput) } +type GetServiceTemplateSpecVolumeNf struct { + // Path exported by the NFS server + Path string `pulumi:"path"` + // If true, mount the NFS volume as read only in all mounts. Defaults to false. + ReadOnly bool `pulumi:"readOnly"` + // IP address or hostname of the NFS server + Server string `pulumi:"server"` +} + +// GetServiceTemplateSpecVolumeNfInput is an input type that accepts GetServiceTemplateSpecVolumeNfArgs and GetServiceTemplateSpecVolumeNfOutput values. +// You can construct a concrete instance of `GetServiceTemplateSpecVolumeNfInput` via: +// +// GetServiceTemplateSpecVolumeNfArgs{...} +type GetServiceTemplateSpecVolumeNfInput interface { + pulumi.Input + + ToGetServiceTemplateSpecVolumeNfOutput() GetServiceTemplateSpecVolumeNfOutput + ToGetServiceTemplateSpecVolumeNfOutputWithContext(context.Context) GetServiceTemplateSpecVolumeNfOutput +} + +type GetServiceTemplateSpecVolumeNfArgs struct { + // Path exported by the NFS server + Path pulumi.StringInput `pulumi:"path"` + // If true, mount the NFS volume as read only in all mounts. Defaults to false. + ReadOnly pulumi.BoolInput `pulumi:"readOnly"` + // IP address or hostname of the NFS server + Server pulumi.StringInput `pulumi:"server"` +} + +func (GetServiceTemplateSpecVolumeNfArgs) ElementType() reflect.Type { + return reflect.TypeOf((*GetServiceTemplateSpecVolumeNf)(nil)).Elem() +} + +func (i GetServiceTemplateSpecVolumeNfArgs) ToGetServiceTemplateSpecVolumeNfOutput() GetServiceTemplateSpecVolumeNfOutput { + return i.ToGetServiceTemplateSpecVolumeNfOutputWithContext(context.Background()) +} + +func (i GetServiceTemplateSpecVolumeNfArgs) ToGetServiceTemplateSpecVolumeNfOutputWithContext(ctx context.Context) GetServiceTemplateSpecVolumeNfOutput { + return pulumi.ToOutputWithContext(ctx, i).(GetServiceTemplateSpecVolumeNfOutput) +} + +// GetServiceTemplateSpecVolumeNfArrayInput is an input type that accepts GetServiceTemplateSpecVolumeNfArray and GetServiceTemplateSpecVolumeNfArrayOutput values. +// You can construct a concrete instance of `GetServiceTemplateSpecVolumeNfArrayInput` via: +// +// GetServiceTemplateSpecVolumeNfArray{ GetServiceTemplateSpecVolumeNfArgs{...} } +type GetServiceTemplateSpecVolumeNfArrayInput interface { + pulumi.Input + + ToGetServiceTemplateSpecVolumeNfArrayOutput() GetServiceTemplateSpecVolumeNfArrayOutput + ToGetServiceTemplateSpecVolumeNfArrayOutputWithContext(context.Context) GetServiceTemplateSpecVolumeNfArrayOutput +} + +type GetServiceTemplateSpecVolumeNfArray []GetServiceTemplateSpecVolumeNfInput + +func (GetServiceTemplateSpecVolumeNfArray) ElementType() reflect.Type { + return reflect.TypeOf((*[]GetServiceTemplateSpecVolumeNf)(nil)).Elem() +} + +func (i GetServiceTemplateSpecVolumeNfArray) ToGetServiceTemplateSpecVolumeNfArrayOutput() GetServiceTemplateSpecVolumeNfArrayOutput { + return i.ToGetServiceTemplateSpecVolumeNfArrayOutputWithContext(context.Background()) +} + +func (i GetServiceTemplateSpecVolumeNfArray) ToGetServiceTemplateSpecVolumeNfArrayOutputWithContext(ctx context.Context) GetServiceTemplateSpecVolumeNfArrayOutput { + return pulumi.ToOutputWithContext(ctx, i).(GetServiceTemplateSpecVolumeNfArrayOutput) +} + +type GetServiceTemplateSpecVolumeNfOutput struct{ *pulumi.OutputState } + +func (GetServiceTemplateSpecVolumeNfOutput) ElementType() reflect.Type { + return reflect.TypeOf((*GetServiceTemplateSpecVolumeNf)(nil)).Elem() +} + +func (o GetServiceTemplateSpecVolumeNfOutput) ToGetServiceTemplateSpecVolumeNfOutput() GetServiceTemplateSpecVolumeNfOutput { + return o +} + +func (o GetServiceTemplateSpecVolumeNfOutput) ToGetServiceTemplateSpecVolumeNfOutputWithContext(ctx context.Context) GetServiceTemplateSpecVolumeNfOutput { + return o +} + +// Path exported by the NFS server +func (o GetServiceTemplateSpecVolumeNfOutput) Path() pulumi.StringOutput { + return o.ApplyT(func(v GetServiceTemplateSpecVolumeNf) string { return v.Path }).(pulumi.StringOutput) +} + +// If true, mount the NFS volume as read only in all mounts. Defaults to false. +func (o GetServiceTemplateSpecVolumeNfOutput) ReadOnly() pulumi.BoolOutput { + return o.ApplyT(func(v GetServiceTemplateSpecVolumeNf) bool { return v.ReadOnly }).(pulumi.BoolOutput) +} + +// IP address or hostname of the NFS server +func (o GetServiceTemplateSpecVolumeNfOutput) Server() pulumi.StringOutput { + return o.ApplyT(func(v GetServiceTemplateSpecVolumeNf) string { return v.Server }).(pulumi.StringOutput) +} + +type GetServiceTemplateSpecVolumeNfArrayOutput struct{ *pulumi.OutputState } + +func (GetServiceTemplateSpecVolumeNfArrayOutput) ElementType() reflect.Type { + return reflect.TypeOf((*[]GetServiceTemplateSpecVolumeNf)(nil)).Elem() +} + +func (o GetServiceTemplateSpecVolumeNfArrayOutput) ToGetServiceTemplateSpecVolumeNfArrayOutput() GetServiceTemplateSpecVolumeNfArrayOutput { + return o +} + +func (o GetServiceTemplateSpecVolumeNfArrayOutput) ToGetServiceTemplateSpecVolumeNfArrayOutputWithContext(ctx context.Context) GetServiceTemplateSpecVolumeNfArrayOutput { + return o +} + +func (o GetServiceTemplateSpecVolumeNfArrayOutput) Index(i pulumi.IntInput) GetServiceTemplateSpecVolumeNfOutput { + return pulumi.All(o, i).ApplyT(func(vs []interface{}) GetServiceTemplateSpecVolumeNf { + return vs[0].([]GetServiceTemplateSpecVolumeNf)[vs[1].(int)] + }).(GetServiceTemplateSpecVolumeNfOutput) +} + type GetServiceTemplateSpecVolumeSecret struct { // Mode bits to use on created files by default. Must be a value between 0000 // and 0777. Defaults to 0644. Directories within the path are not affected by @@ -12264,6 +12587,8 @@ func init() { pulumi.RegisterInputType(reflect.TypeOf((*ServiceTemplateSpecVolumeCsiPtrInput)(nil)).Elem(), ServiceTemplateSpecVolumeCsiArgs{}) pulumi.RegisterInputType(reflect.TypeOf((*ServiceTemplateSpecVolumeEmptyDirInput)(nil)).Elem(), ServiceTemplateSpecVolumeEmptyDirArgs{}) pulumi.RegisterInputType(reflect.TypeOf((*ServiceTemplateSpecVolumeEmptyDirPtrInput)(nil)).Elem(), ServiceTemplateSpecVolumeEmptyDirArgs{}) + pulumi.RegisterInputType(reflect.TypeOf((*ServiceTemplateSpecVolumeNfsInput)(nil)).Elem(), ServiceTemplateSpecVolumeNfsArgs{}) + pulumi.RegisterInputType(reflect.TypeOf((*ServiceTemplateSpecVolumeNfsPtrInput)(nil)).Elem(), ServiceTemplateSpecVolumeNfsArgs{}) pulumi.RegisterInputType(reflect.TypeOf((*ServiceTemplateSpecVolumeSecretInput)(nil)).Elem(), ServiceTemplateSpecVolumeSecretArgs{}) pulumi.RegisterInputType(reflect.TypeOf((*ServiceTemplateSpecVolumeSecretPtrInput)(nil)).Elem(), ServiceTemplateSpecVolumeSecretArgs{}) pulumi.RegisterInputType(reflect.TypeOf((*ServiceTemplateSpecVolumeSecretItemInput)(nil)).Elem(), ServiceTemplateSpecVolumeSecretItemArgs{}) @@ -12332,6 +12657,8 @@ func init() { pulumi.RegisterInputType(reflect.TypeOf((*GetServiceTemplateSpecVolumeCsiArrayInput)(nil)).Elem(), GetServiceTemplateSpecVolumeCsiArray{}) pulumi.RegisterInputType(reflect.TypeOf((*GetServiceTemplateSpecVolumeEmptyDirInput)(nil)).Elem(), GetServiceTemplateSpecVolumeEmptyDirArgs{}) pulumi.RegisterInputType(reflect.TypeOf((*GetServiceTemplateSpecVolumeEmptyDirArrayInput)(nil)).Elem(), GetServiceTemplateSpecVolumeEmptyDirArray{}) + pulumi.RegisterInputType(reflect.TypeOf((*GetServiceTemplateSpecVolumeNfInput)(nil)).Elem(), GetServiceTemplateSpecVolumeNfArgs{}) + pulumi.RegisterInputType(reflect.TypeOf((*GetServiceTemplateSpecVolumeNfArrayInput)(nil)).Elem(), GetServiceTemplateSpecVolumeNfArray{}) pulumi.RegisterInputType(reflect.TypeOf((*GetServiceTemplateSpecVolumeSecretInput)(nil)).Elem(), GetServiceTemplateSpecVolumeSecretArgs{}) pulumi.RegisterInputType(reflect.TypeOf((*GetServiceTemplateSpecVolumeSecretArrayInput)(nil)).Elem(), GetServiceTemplateSpecVolumeSecretArray{}) pulumi.RegisterInputType(reflect.TypeOf((*GetServiceTemplateSpecVolumeSecretItemInput)(nil)).Elem(), GetServiceTemplateSpecVolumeSecretItemArgs{}) @@ -12414,6 +12741,8 @@ func init() { pulumi.RegisterOutputType(ServiceTemplateSpecVolumeCsiPtrOutput{}) pulumi.RegisterOutputType(ServiceTemplateSpecVolumeEmptyDirOutput{}) pulumi.RegisterOutputType(ServiceTemplateSpecVolumeEmptyDirPtrOutput{}) + pulumi.RegisterOutputType(ServiceTemplateSpecVolumeNfsOutput{}) + pulumi.RegisterOutputType(ServiceTemplateSpecVolumeNfsPtrOutput{}) pulumi.RegisterOutputType(ServiceTemplateSpecVolumeSecretOutput{}) pulumi.RegisterOutputType(ServiceTemplateSpecVolumeSecretPtrOutput{}) pulumi.RegisterOutputType(ServiceTemplateSpecVolumeSecretItemOutput{}) @@ -12482,6 +12811,8 @@ func init() { pulumi.RegisterOutputType(GetServiceTemplateSpecVolumeCsiArrayOutput{}) pulumi.RegisterOutputType(GetServiceTemplateSpecVolumeEmptyDirOutput{}) pulumi.RegisterOutputType(GetServiceTemplateSpecVolumeEmptyDirArrayOutput{}) + pulumi.RegisterOutputType(GetServiceTemplateSpecVolumeNfOutput{}) + pulumi.RegisterOutputType(GetServiceTemplateSpecVolumeNfArrayOutput{}) pulumi.RegisterOutputType(GetServiceTemplateSpecVolumeSecretOutput{}) pulumi.RegisterOutputType(GetServiceTemplateSpecVolumeSecretArrayOutput{}) pulumi.RegisterOutputType(GetServiceTemplateSpecVolumeSecretItemOutput{}) diff --git a/sdk/go/gcp/composer/userWorkloadsSecret.go b/sdk/go/gcp/composer/userWorkloadsSecret.go index f6b3346aae..4a1beac40e 100644 --- a/sdk/go/gcp/composer/userWorkloadsSecret.go +++ b/sdk/go/gcp/composer/userWorkloadsSecret.go @@ -79,7 +79,7 @@ import ( // // * `{{project}}/{{region}}/{{environment}}/{{name}}` // -// * `{{name}}` +// * `{{environment}}/{{name}}` // // When using the `pulumi import` command, Environment can be imported using one of the formats above. For example: // @@ -92,7 +92,7 @@ import ( // ``` // // ```sh -// $ pulumi import gcp:composer/userWorkloadsSecret:UserWorkloadsSecret example {{name}} +// $ pulumi import gcp:composer/userWorkloadsSecret:UserWorkloadsSecret example {{environment}}/{{name}} // ``` type UserWorkloadsSecret struct { pulumi.CustomResourceState diff --git a/sdk/go/gcp/compute/getSubnetworks.go b/sdk/go/gcp/compute/getSubnetworks.go new file mode 100644 index 0000000000..c66de146db --- /dev/null +++ b/sdk/go/gcp/compute/getSubnetworks.go @@ -0,0 +1,146 @@ +// Code generated by the Pulumi Terraform Bridge (tfgen) Tool DO NOT EDIT. +// *** WARNING: Do not edit by hand unless you're certain you know what you are doing! *** + +package compute + +import ( + "context" + "reflect" + + "github.com/pulumi/pulumi-gcp/sdk/v7/go/gcp/internal" + "github.com/pulumi/pulumi/sdk/v3/go/pulumi" +) + +// Get subnetworks within GCE. +// See [the official documentation](https://cloud.google.com/vpc/docs/subnets) +// and [API](https://cloud.google.com/compute/docs/reference/rest/v1/subnetworks/list). +// +// ## Example Usage +// +// ```go +// package main +// +// import ( +// +// "github.com/pulumi/pulumi-gcp/sdk/v7/go/gcp/compute" +// "github.com/pulumi/pulumi/sdk/v3/go/pulumi" +// +// ) +// +// func main() { +// pulumi.Run(func(ctx *pulumi.Context) error { +// _, err := compute.GetSubnetworks(ctx, &compute.GetSubnetworksArgs{ +// Filter: pulumi.StringRef("ipCidrRange eq 192.168.178.0/24"), +// Project: pulumi.StringRef("my-project"), +// Region: pulumi.StringRef("us-east1"), +// }, nil) +// if err != nil { +// return err +// } +// return nil +// }) +// } +// +// ``` +func GetSubnetworks(ctx *pulumi.Context, args *GetSubnetworksArgs, opts ...pulumi.InvokeOption) (*GetSubnetworksResult, error) { + opts = internal.PkgInvokeDefaultOpts(opts) + var rv GetSubnetworksResult + err := ctx.Invoke("gcp:compute/getSubnetworks:getSubnetworks", args, &rv, opts...) + if err != nil { + return nil, err + } + return &rv, nil +} + +// A collection of arguments for invoking getSubnetworks. +type GetSubnetworksArgs struct { + // A string filter as defined in the [REST API](https://cloud.google.com/compute/docs/reference/rest/v1/subnetworks/list#query-parameters). + Filter *string `pulumi:"filter"` + // The ID of the project in which the resource belongs. If it + // is not provided, the provider project is used. + Project *string `pulumi:"project"` + // The region this subnetwork has been created in. If + // unspecified, this defaults to the region configured in the provider. + Region *string `pulumi:"region"` +} + +// A collection of values returned by getSubnetworks. +type GetSubnetworksResult struct { + Filter *string `pulumi:"filter"` + // The provider-assigned unique ID for this managed resource. + Id string `pulumi:"id"` + Project *string `pulumi:"project"` + Region *string `pulumi:"region"` + // A list of all retrieved GCE subnetworks. Structure is defined below. + Subnetworks []GetSubnetworksSubnetwork `pulumi:"subnetworks"` +} + +func GetSubnetworksOutput(ctx *pulumi.Context, args GetSubnetworksOutputArgs, opts ...pulumi.InvokeOption) GetSubnetworksResultOutput { + return pulumi.ToOutputWithContext(context.Background(), args). + ApplyT(func(v interface{}) (GetSubnetworksResult, error) { + args := v.(GetSubnetworksArgs) + r, err := GetSubnetworks(ctx, &args, opts...) + var s GetSubnetworksResult + if r != nil { + s = *r + } + return s, err + }).(GetSubnetworksResultOutput) +} + +// A collection of arguments for invoking getSubnetworks. +type GetSubnetworksOutputArgs struct { + // A string filter as defined in the [REST API](https://cloud.google.com/compute/docs/reference/rest/v1/subnetworks/list#query-parameters). + Filter pulumi.StringPtrInput `pulumi:"filter"` + // The ID of the project in which the resource belongs. If it + // is not provided, the provider project is used. + Project pulumi.StringPtrInput `pulumi:"project"` + // The region this subnetwork has been created in. If + // unspecified, this defaults to the region configured in the provider. + Region pulumi.StringPtrInput `pulumi:"region"` +} + +func (GetSubnetworksOutputArgs) ElementType() reflect.Type { + return reflect.TypeOf((*GetSubnetworksArgs)(nil)).Elem() +} + +// A collection of values returned by getSubnetworks. +type GetSubnetworksResultOutput struct{ *pulumi.OutputState } + +func (GetSubnetworksResultOutput) ElementType() reflect.Type { + return reflect.TypeOf((*GetSubnetworksResult)(nil)).Elem() +} + +func (o GetSubnetworksResultOutput) ToGetSubnetworksResultOutput() GetSubnetworksResultOutput { + return o +} + +func (o GetSubnetworksResultOutput) ToGetSubnetworksResultOutputWithContext(ctx context.Context) GetSubnetworksResultOutput { + return o +} + +func (o GetSubnetworksResultOutput) Filter() pulumi.StringPtrOutput { + return o.ApplyT(func(v GetSubnetworksResult) *string { return v.Filter }).(pulumi.StringPtrOutput) +} + +// The provider-assigned unique ID for this managed resource. +func (o GetSubnetworksResultOutput) Id() pulumi.StringOutput { + return o.ApplyT(func(v GetSubnetworksResult) string { return v.Id }).(pulumi.StringOutput) +} + +func (o GetSubnetworksResultOutput) Project() pulumi.StringPtrOutput { + return o.ApplyT(func(v GetSubnetworksResult) *string { return v.Project }).(pulumi.StringPtrOutput) +} + +func (o GetSubnetworksResultOutput) Region() pulumi.StringPtrOutput { + return o.ApplyT(func(v GetSubnetworksResult) *string { return v.Region }).(pulumi.StringPtrOutput) +} + +// A list of all retrieved GCE subnetworks. Structure is defined below. +func (o GetSubnetworksResultOutput) Subnetworks() GetSubnetworksSubnetworkArrayOutput { + return o.ApplyT(func(v GetSubnetworksResult) []GetSubnetworksSubnetwork { return v.Subnetworks }).(GetSubnetworksSubnetworkArrayOutput) +} + +func init() { + pulumi.RegisterOutputType(GetSubnetworksResultOutput{}) +} diff --git a/sdk/go/gcp/compute/instanceGroupMembership.go b/sdk/go/gcp/compute/instanceGroupMembership.go index 24461b68f8..afe9cfd6b8 100644 --- a/sdk/go/gcp/compute/instanceGroupMembership.go +++ b/sdk/go/gcp/compute/instanceGroupMembership.go @@ -21,7 +21,7 @@ import ( // > **NOTE** This resource has been added to avoid a situation, where after // Instance is recreated, it's removed from Instance Group and it's needed to // perform `apply` twice. To avoid situations like this, please use this resource -// with the lifecycle `updateTriggeredBy` method, with the passed Instance's ID. +// with the lifecycle `replaceTriggeredBy` method, with the passed Instance's ID. // // To get more information about InstanceGroupMembership, see: // diff --git a/sdk/go/gcp/compute/interconnectAttachment.go b/sdk/go/gcp/compute/interconnectAttachment.go index cc7f725c82..4d30d15299 100644 --- a/sdk/go/gcp/compute/interconnectAttachment.go +++ b/sdk/go/gcp/compute/interconnectAttachment.go @@ -279,6 +279,13 @@ type InterconnectAttachment struct { StackType pulumi.StringOutput `pulumi:"stackType"` // [Output Only] The current state of this attachment's functionality. State pulumi.StringOutput `pulumi:"state"` + // Length of the IPv4 subnet mask. Allowed values: 29 (default), 30. The default value is 29, + // except for Cross-Cloud Interconnect connections that use an InterconnectRemoteLocation with a + // constraints.subnetLengthRange.min equal to 30. For example, connections that use an Azure + // remote location fall into this category. In these cases, the default value is 30, and + // requesting 29 returns an error. Where both 29 and 30 are allowed, 29 is preferred, because it + // gives Google Cloud Support more debugging visibility. + SubnetLength pulumi.IntPtrOutput `pulumi:"subnetLength"` // The type of InterconnectAttachment you wish to create. Defaults to // DEDICATED. // Possible values are: `DEDICATED`, `PARTNER`, `PARTNER_PROVIDER`. @@ -443,6 +450,13 @@ type interconnectAttachmentState struct { StackType *string `pulumi:"stackType"` // [Output Only] The current state of this attachment's functionality. State *string `pulumi:"state"` + // Length of the IPv4 subnet mask. Allowed values: 29 (default), 30. The default value is 29, + // except for Cross-Cloud Interconnect connections that use an InterconnectRemoteLocation with a + // constraints.subnetLengthRange.min equal to 30. For example, connections that use an Azure + // remote location fall into this category. In these cases, the default value is 30, and + // requesting 29 returns an error. Where both 29 and 30 are allowed, 29 is preferred, because it + // gives Google Cloud Support more debugging visibility. + SubnetLength *int `pulumi:"subnetLength"` // The type of InterconnectAttachment you wish to create. Defaults to // DEDICATED. // Possible values are: `DEDICATED`, `PARTNER`, `PARTNER_PROVIDER`. @@ -575,6 +589,13 @@ type InterconnectAttachmentState struct { StackType pulumi.StringPtrInput // [Output Only] The current state of this attachment's functionality. State pulumi.StringPtrInput + // Length of the IPv4 subnet mask. Allowed values: 29 (default), 30. The default value is 29, + // except for Cross-Cloud Interconnect connections that use an InterconnectRemoteLocation with a + // constraints.subnetLengthRange.min equal to 30. For example, connections that use an Azure + // remote location fall into this category. In these cases, the default value is 30, and + // requesting 29 returns an error. Where both 29 and 30 are allowed, 29 is preferred, because it + // gives Google Cloud Support more debugging visibility. + SubnetLength pulumi.IntPtrInput // The type of InterconnectAttachment you wish to create. Defaults to // DEDICATED. // Possible values are: `DEDICATED`, `PARTNER`, `PARTNER_PROVIDER`. @@ -678,6 +699,13 @@ type interconnectAttachmentArgs struct { // interconnect attachment operations. // Possible values are: `IPV4_IPV6`, `IPV4_ONLY`. StackType *string `pulumi:"stackType"` + // Length of the IPv4 subnet mask. Allowed values: 29 (default), 30. The default value is 29, + // except for Cross-Cloud Interconnect connections that use an InterconnectRemoteLocation with a + // constraints.subnetLengthRange.min equal to 30. For example, connections that use an Azure + // remote location fall into this category. In these cases, the default value is 30, and + // requesting 29 returns an error. Where both 29 and 30 are allowed, 29 is preferred, because it + // gives Google Cloud Support more debugging visibility. + SubnetLength *int `pulumi:"subnetLength"` // The type of InterconnectAttachment you wish to create. Defaults to // DEDICATED. // Possible values are: `DEDICATED`, `PARTNER`, `PARTNER_PROVIDER`. @@ -778,6 +806,13 @@ type InterconnectAttachmentArgs struct { // interconnect attachment operations. // Possible values are: `IPV4_IPV6`, `IPV4_ONLY`. StackType pulumi.StringPtrInput + // Length of the IPv4 subnet mask. Allowed values: 29 (default), 30. The default value is 29, + // except for Cross-Cloud Interconnect connections that use an InterconnectRemoteLocation with a + // constraints.subnetLengthRange.min equal to 30. For example, connections that use an Azure + // remote location fall into this category. In these cases, the default value is 30, and + // requesting 29 returns an error. Where both 29 and 30 are allowed, 29 is preferred, because it + // gives Google Cloud Support more debugging visibility. + SubnetLength pulumi.IntPtrInput // The type of InterconnectAttachment you wish to create. Defaults to // DEDICATED. // Possible values are: `DEDICATED`, `PARTNER`, `PARTNER_PROVIDER`. @@ -1073,6 +1108,16 @@ func (o InterconnectAttachmentOutput) State() pulumi.StringOutput { return o.ApplyT(func(v *InterconnectAttachment) pulumi.StringOutput { return v.State }).(pulumi.StringOutput) } +// Length of the IPv4 subnet mask. Allowed values: 29 (default), 30. The default value is 29, +// except for Cross-Cloud Interconnect connections that use an InterconnectRemoteLocation with a +// constraints.subnetLengthRange.min equal to 30. For example, connections that use an Azure +// remote location fall into this category. In these cases, the default value is 30, and +// requesting 29 returns an error. Where both 29 and 30 are allowed, 29 is preferred, because it +// gives Google Cloud Support more debugging visibility. +func (o InterconnectAttachmentOutput) SubnetLength() pulumi.IntPtrOutput { + return o.ApplyT(func(v *InterconnectAttachment) pulumi.IntPtrOutput { return v.SubnetLength }).(pulumi.IntPtrOutput) +} + // The type of InterconnectAttachment you wish to create. Defaults to // DEDICATED. // Possible values are: `DEDICATED`, `PARTNER`, `PARTNER_PROVIDER`. diff --git a/sdk/go/gcp/compute/networkEndpoint.go b/sdk/go/gcp/compute/networkEndpoint.go index c99b4cc4f5..a1b74599a6 100644 --- a/sdk/go/gcp/compute/networkEndpoint.go +++ b/sdk/go/gcp/compute/networkEndpoint.go @@ -20,7 +20,7 @@ import ( // // > **NOTE** In case the Endpoint's Instance is recreated, it's needed to // perform `apply` twice. To avoid situations like this, please use this resource -// with the lifecycle `updateTriggeredBy` method, with the passed Instance's ID. +// with the lifecycle `replaceTriggeredBy` method, with the passed Instance's ID. // // To get more information about NetworkEndpoint, see: // diff --git a/sdk/go/gcp/compute/networkEndpointList.go b/sdk/go/gcp/compute/networkEndpointList.go index 94599b6a77..17eb55066e 100644 --- a/sdk/go/gcp/compute/networkEndpointList.go +++ b/sdk/go/gcp/compute/networkEndpointList.go @@ -23,7 +23,7 @@ import ( // // > **NOTE** In case the Endpoint's Instance is recreated, it's needed to // perform `apply` twice. To avoid situations like this, please use this resource -// with the lifecycle `updateTriggeredBy` method, with the passed Instance's ID. +// with the lifecycle `replaceTriggeredBy` method, with the passed Instance's ID. // // To get more information about NetworkEndpoints, see: // diff --git a/sdk/go/gcp/compute/pulumiTypes.go b/sdk/go/gcp/compute/pulumiTypes.go index 8fae176a72..7524c2ba84 100644 --- a/sdk/go/gcp/compute/pulumiTypes.go +++ b/sdk/go/gcp/compute/pulumiTypes.go @@ -16826,6 +16826,8 @@ type InstanceFromMachineImageScheduling struct { NodeAffinities []InstanceFromMachineImageSchedulingNodeAffinity `pulumi:"nodeAffinities"` // Describes maintenance behavior for the instance. One of MIGRATE or TERMINATE, OnHostMaintenance *string `pulumi:"onHostMaintenance"` + // Defines the behaviour for instances with the instance_termination_action. + OnInstanceStopAction *InstanceFromMachineImageSchedulingOnInstanceStopAction `pulumi:"onInstanceStopAction"` // Whether the instance is preemptible. Preemptible *bool `pulumi:"preemptible"` // Whether the instance is spot. If this is set as SPOT. @@ -16862,6 +16864,8 @@ type InstanceFromMachineImageSchedulingArgs struct { NodeAffinities InstanceFromMachineImageSchedulingNodeAffinityArrayInput `pulumi:"nodeAffinities"` // Describes maintenance behavior for the instance. One of MIGRATE or TERMINATE, OnHostMaintenance pulumi.StringPtrInput `pulumi:"onHostMaintenance"` + // Defines the behaviour for instances with the instance_termination_action. + OnInstanceStopAction InstanceFromMachineImageSchedulingOnInstanceStopActionPtrInput `pulumi:"onInstanceStopAction"` // Whether the instance is preemptible. Preemptible pulumi.BoolPtrInput `pulumi:"preemptible"` // Whether the instance is spot. If this is set as SPOT. @@ -16994,6 +16998,13 @@ func (o InstanceFromMachineImageSchedulingOutput) OnHostMaintenance() pulumi.Str return o.ApplyT(func(v InstanceFromMachineImageScheduling) *string { return v.OnHostMaintenance }).(pulumi.StringPtrOutput) } +// Defines the behaviour for instances with the instance_termination_action. +func (o InstanceFromMachineImageSchedulingOutput) OnInstanceStopAction() InstanceFromMachineImageSchedulingOnInstanceStopActionPtrOutput { + return o.ApplyT(func(v InstanceFromMachineImageScheduling) *InstanceFromMachineImageSchedulingOnInstanceStopAction { + return v.OnInstanceStopAction + }).(InstanceFromMachineImageSchedulingOnInstanceStopActionPtrOutput) +} + // Whether the instance is preemptible. func (o InstanceFromMachineImageSchedulingOutput) Preemptible() pulumi.BoolPtrOutput { return o.ApplyT(func(v InstanceFromMachineImageScheduling) *bool { return v.Preemptible }).(pulumi.BoolPtrOutput) @@ -17111,6 +17122,16 @@ func (o InstanceFromMachineImageSchedulingPtrOutput) OnHostMaintenance() pulumi. }).(pulumi.StringPtrOutput) } +// Defines the behaviour for instances with the instance_termination_action. +func (o InstanceFromMachineImageSchedulingPtrOutput) OnInstanceStopAction() InstanceFromMachineImageSchedulingOnInstanceStopActionPtrOutput { + return o.ApplyT(func(v *InstanceFromMachineImageScheduling) *InstanceFromMachineImageSchedulingOnInstanceStopAction { + if v == nil { + return nil + } + return v.OnInstanceStopAction + }).(InstanceFromMachineImageSchedulingOnInstanceStopActionPtrOutput) +} + // Whether the instance is preemptible. func (o InstanceFromMachineImageSchedulingPtrOutput) Preemptible() pulumi.BoolPtrOutput { return o.ApplyT(func(v *InstanceFromMachineImageScheduling) *bool { @@ -17581,6 +17602,143 @@ func (o InstanceFromMachineImageSchedulingNodeAffinityArrayOutput) Index(i pulum }).(InstanceFromMachineImageSchedulingNodeAffinityOutput) } +type InstanceFromMachineImageSchedulingOnInstanceStopAction struct { + // If true, the contents of any attached Local SSD disks will be discarded. + DiscardLocalSsd *bool `pulumi:"discardLocalSsd"` +} + +// InstanceFromMachineImageSchedulingOnInstanceStopActionInput is an input type that accepts InstanceFromMachineImageSchedulingOnInstanceStopActionArgs and InstanceFromMachineImageSchedulingOnInstanceStopActionOutput values. +// You can construct a concrete instance of `InstanceFromMachineImageSchedulingOnInstanceStopActionInput` via: +// +// InstanceFromMachineImageSchedulingOnInstanceStopActionArgs{...} +type InstanceFromMachineImageSchedulingOnInstanceStopActionInput interface { + pulumi.Input + + ToInstanceFromMachineImageSchedulingOnInstanceStopActionOutput() InstanceFromMachineImageSchedulingOnInstanceStopActionOutput + ToInstanceFromMachineImageSchedulingOnInstanceStopActionOutputWithContext(context.Context) InstanceFromMachineImageSchedulingOnInstanceStopActionOutput +} + +type InstanceFromMachineImageSchedulingOnInstanceStopActionArgs struct { + // If true, the contents of any attached Local SSD disks will be discarded. + DiscardLocalSsd pulumi.BoolPtrInput `pulumi:"discardLocalSsd"` +} + +func (InstanceFromMachineImageSchedulingOnInstanceStopActionArgs) ElementType() reflect.Type { + return reflect.TypeOf((*InstanceFromMachineImageSchedulingOnInstanceStopAction)(nil)).Elem() +} + +func (i InstanceFromMachineImageSchedulingOnInstanceStopActionArgs) ToInstanceFromMachineImageSchedulingOnInstanceStopActionOutput() InstanceFromMachineImageSchedulingOnInstanceStopActionOutput { + return i.ToInstanceFromMachineImageSchedulingOnInstanceStopActionOutputWithContext(context.Background()) +} + +func (i InstanceFromMachineImageSchedulingOnInstanceStopActionArgs) ToInstanceFromMachineImageSchedulingOnInstanceStopActionOutputWithContext(ctx context.Context) InstanceFromMachineImageSchedulingOnInstanceStopActionOutput { + return pulumi.ToOutputWithContext(ctx, i).(InstanceFromMachineImageSchedulingOnInstanceStopActionOutput) +} + +func (i InstanceFromMachineImageSchedulingOnInstanceStopActionArgs) ToInstanceFromMachineImageSchedulingOnInstanceStopActionPtrOutput() InstanceFromMachineImageSchedulingOnInstanceStopActionPtrOutput { + return i.ToInstanceFromMachineImageSchedulingOnInstanceStopActionPtrOutputWithContext(context.Background()) +} + +func (i InstanceFromMachineImageSchedulingOnInstanceStopActionArgs) ToInstanceFromMachineImageSchedulingOnInstanceStopActionPtrOutputWithContext(ctx context.Context) InstanceFromMachineImageSchedulingOnInstanceStopActionPtrOutput { + return pulumi.ToOutputWithContext(ctx, i).(InstanceFromMachineImageSchedulingOnInstanceStopActionOutput).ToInstanceFromMachineImageSchedulingOnInstanceStopActionPtrOutputWithContext(ctx) +} + +// InstanceFromMachineImageSchedulingOnInstanceStopActionPtrInput is an input type that accepts InstanceFromMachineImageSchedulingOnInstanceStopActionArgs, InstanceFromMachineImageSchedulingOnInstanceStopActionPtr and InstanceFromMachineImageSchedulingOnInstanceStopActionPtrOutput values. +// You can construct a concrete instance of `InstanceFromMachineImageSchedulingOnInstanceStopActionPtrInput` via: +// +// InstanceFromMachineImageSchedulingOnInstanceStopActionArgs{...} +// +// or: +// +// nil +type InstanceFromMachineImageSchedulingOnInstanceStopActionPtrInput interface { + pulumi.Input + + ToInstanceFromMachineImageSchedulingOnInstanceStopActionPtrOutput() InstanceFromMachineImageSchedulingOnInstanceStopActionPtrOutput + ToInstanceFromMachineImageSchedulingOnInstanceStopActionPtrOutputWithContext(context.Context) InstanceFromMachineImageSchedulingOnInstanceStopActionPtrOutput +} + +type instanceFromMachineImageSchedulingOnInstanceStopActionPtrType InstanceFromMachineImageSchedulingOnInstanceStopActionArgs + +func InstanceFromMachineImageSchedulingOnInstanceStopActionPtr(v *InstanceFromMachineImageSchedulingOnInstanceStopActionArgs) InstanceFromMachineImageSchedulingOnInstanceStopActionPtrInput { + return (*instanceFromMachineImageSchedulingOnInstanceStopActionPtrType)(v) +} + +func (*instanceFromMachineImageSchedulingOnInstanceStopActionPtrType) ElementType() reflect.Type { + return reflect.TypeOf((**InstanceFromMachineImageSchedulingOnInstanceStopAction)(nil)).Elem() +} + +func (i *instanceFromMachineImageSchedulingOnInstanceStopActionPtrType) ToInstanceFromMachineImageSchedulingOnInstanceStopActionPtrOutput() InstanceFromMachineImageSchedulingOnInstanceStopActionPtrOutput { + return i.ToInstanceFromMachineImageSchedulingOnInstanceStopActionPtrOutputWithContext(context.Background()) +} + +func (i *instanceFromMachineImageSchedulingOnInstanceStopActionPtrType) ToInstanceFromMachineImageSchedulingOnInstanceStopActionPtrOutputWithContext(ctx context.Context) InstanceFromMachineImageSchedulingOnInstanceStopActionPtrOutput { + return pulumi.ToOutputWithContext(ctx, i).(InstanceFromMachineImageSchedulingOnInstanceStopActionPtrOutput) +} + +type InstanceFromMachineImageSchedulingOnInstanceStopActionOutput struct{ *pulumi.OutputState } + +func (InstanceFromMachineImageSchedulingOnInstanceStopActionOutput) ElementType() reflect.Type { + return reflect.TypeOf((*InstanceFromMachineImageSchedulingOnInstanceStopAction)(nil)).Elem() +} + +func (o InstanceFromMachineImageSchedulingOnInstanceStopActionOutput) ToInstanceFromMachineImageSchedulingOnInstanceStopActionOutput() InstanceFromMachineImageSchedulingOnInstanceStopActionOutput { + return o +} + +func (o InstanceFromMachineImageSchedulingOnInstanceStopActionOutput) ToInstanceFromMachineImageSchedulingOnInstanceStopActionOutputWithContext(ctx context.Context) InstanceFromMachineImageSchedulingOnInstanceStopActionOutput { + return o +} + +func (o InstanceFromMachineImageSchedulingOnInstanceStopActionOutput) ToInstanceFromMachineImageSchedulingOnInstanceStopActionPtrOutput() InstanceFromMachineImageSchedulingOnInstanceStopActionPtrOutput { + return o.ToInstanceFromMachineImageSchedulingOnInstanceStopActionPtrOutputWithContext(context.Background()) +} + +func (o InstanceFromMachineImageSchedulingOnInstanceStopActionOutput) ToInstanceFromMachineImageSchedulingOnInstanceStopActionPtrOutputWithContext(ctx context.Context) InstanceFromMachineImageSchedulingOnInstanceStopActionPtrOutput { + return o.ApplyTWithContext(ctx, func(_ context.Context, v InstanceFromMachineImageSchedulingOnInstanceStopAction) *InstanceFromMachineImageSchedulingOnInstanceStopAction { + return &v + }).(InstanceFromMachineImageSchedulingOnInstanceStopActionPtrOutput) +} + +// If true, the contents of any attached Local SSD disks will be discarded. +func (o InstanceFromMachineImageSchedulingOnInstanceStopActionOutput) DiscardLocalSsd() pulumi.BoolPtrOutput { + return o.ApplyT(func(v InstanceFromMachineImageSchedulingOnInstanceStopAction) *bool { return v.DiscardLocalSsd }).(pulumi.BoolPtrOutput) +} + +type InstanceFromMachineImageSchedulingOnInstanceStopActionPtrOutput struct{ *pulumi.OutputState } + +func (InstanceFromMachineImageSchedulingOnInstanceStopActionPtrOutput) ElementType() reflect.Type { + return reflect.TypeOf((**InstanceFromMachineImageSchedulingOnInstanceStopAction)(nil)).Elem() +} + +func (o InstanceFromMachineImageSchedulingOnInstanceStopActionPtrOutput) ToInstanceFromMachineImageSchedulingOnInstanceStopActionPtrOutput() InstanceFromMachineImageSchedulingOnInstanceStopActionPtrOutput { + return o +} + +func (o InstanceFromMachineImageSchedulingOnInstanceStopActionPtrOutput) ToInstanceFromMachineImageSchedulingOnInstanceStopActionPtrOutputWithContext(ctx context.Context) InstanceFromMachineImageSchedulingOnInstanceStopActionPtrOutput { + return o +} + +func (o InstanceFromMachineImageSchedulingOnInstanceStopActionPtrOutput) Elem() InstanceFromMachineImageSchedulingOnInstanceStopActionOutput { + return o.ApplyT(func(v *InstanceFromMachineImageSchedulingOnInstanceStopAction) InstanceFromMachineImageSchedulingOnInstanceStopAction { + if v != nil { + return *v + } + var ret InstanceFromMachineImageSchedulingOnInstanceStopAction + return ret + }).(InstanceFromMachineImageSchedulingOnInstanceStopActionOutput) +} + +// If true, the contents of any attached Local SSD disks will be discarded. +func (o InstanceFromMachineImageSchedulingOnInstanceStopActionPtrOutput) DiscardLocalSsd() pulumi.BoolPtrOutput { + return o.ApplyT(func(v *InstanceFromMachineImageSchedulingOnInstanceStopAction) *bool { + if v == nil { + return nil + } + return v.DiscardLocalSsd + }).(pulumi.BoolPtrOutput) +} + type InstanceFromMachineImageScratchDisk struct { // Name with which the attached disk is accessible under /dev/disk/by-id/ DeviceName *string `pulumi:"deviceName"` @@ -20385,6 +20543,8 @@ type InstanceFromTemplateScheduling struct { NodeAffinities []InstanceFromTemplateSchedulingNodeAffinity `pulumi:"nodeAffinities"` // Describes maintenance behavior for the instance. One of MIGRATE or TERMINATE, OnHostMaintenance *string `pulumi:"onHostMaintenance"` + // Defines the behaviour for instances with the instance_termination_action. + OnInstanceStopAction *InstanceFromTemplateSchedulingOnInstanceStopAction `pulumi:"onInstanceStopAction"` // Whether the instance is preemptible. Preemptible *bool `pulumi:"preemptible"` // Whether the instance is spot. If this is set as SPOT. @@ -20421,6 +20581,8 @@ type InstanceFromTemplateSchedulingArgs struct { NodeAffinities InstanceFromTemplateSchedulingNodeAffinityArrayInput `pulumi:"nodeAffinities"` // Describes maintenance behavior for the instance. One of MIGRATE or TERMINATE, OnHostMaintenance pulumi.StringPtrInput `pulumi:"onHostMaintenance"` + // Defines the behaviour for instances with the instance_termination_action. + OnInstanceStopAction InstanceFromTemplateSchedulingOnInstanceStopActionPtrInput `pulumi:"onInstanceStopAction"` // Whether the instance is preemptible. Preemptible pulumi.BoolPtrInput `pulumi:"preemptible"` // Whether the instance is spot. If this is set as SPOT. @@ -20553,6 +20715,13 @@ func (o InstanceFromTemplateSchedulingOutput) OnHostMaintenance() pulumi.StringP return o.ApplyT(func(v InstanceFromTemplateScheduling) *string { return v.OnHostMaintenance }).(pulumi.StringPtrOutput) } +// Defines the behaviour for instances with the instance_termination_action. +func (o InstanceFromTemplateSchedulingOutput) OnInstanceStopAction() InstanceFromTemplateSchedulingOnInstanceStopActionPtrOutput { + return o.ApplyT(func(v InstanceFromTemplateScheduling) *InstanceFromTemplateSchedulingOnInstanceStopAction { + return v.OnInstanceStopAction + }).(InstanceFromTemplateSchedulingOnInstanceStopActionPtrOutput) +} + // Whether the instance is preemptible. func (o InstanceFromTemplateSchedulingOutput) Preemptible() pulumi.BoolPtrOutput { return o.ApplyT(func(v InstanceFromTemplateScheduling) *bool { return v.Preemptible }).(pulumi.BoolPtrOutput) @@ -20670,6 +20839,16 @@ func (o InstanceFromTemplateSchedulingPtrOutput) OnHostMaintenance() pulumi.Stri }).(pulumi.StringPtrOutput) } +// Defines the behaviour for instances with the instance_termination_action. +func (o InstanceFromTemplateSchedulingPtrOutput) OnInstanceStopAction() InstanceFromTemplateSchedulingOnInstanceStopActionPtrOutput { + return o.ApplyT(func(v *InstanceFromTemplateScheduling) *InstanceFromTemplateSchedulingOnInstanceStopAction { + if v == nil { + return nil + } + return v.OnInstanceStopAction + }).(InstanceFromTemplateSchedulingOnInstanceStopActionPtrOutput) +} + // Whether the instance is preemptible. func (o InstanceFromTemplateSchedulingPtrOutput) Preemptible() pulumi.BoolPtrOutput { return o.ApplyT(func(v *InstanceFromTemplateScheduling) *bool { @@ -21140,6 +21319,143 @@ func (o InstanceFromTemplateSchedulingNodeAffinityArrayOutput) Index(i pulumi.In }).(InstanceFromTemplateSchedulingNodeAffinityOutput) } +type InstanceFromTemplateSchedulingOnInstanceStopAction struct { + // If true, the contents of any attached Local SSD disks will be discarded. + DiscardLocalSsd *bool `pulumi:"discardLocalSsd"` +} + +// InstanceFromTemplateSchedulingOnInstanceStopActionInput is an input type that accepts InstanceFromTemplateSchedulingOnInstanceStopActionArgs and InstanceFromTemplateSchedulingOnInstanceStopActionOutput values. +// You can construct a concrete instance of `InstanceFromTemplateSchedulingOnInstanceStopActionInput` via: +// +// InstanceFromTemplateSchedulingOnInstanceStopActionArgs{...} +type InstanceFromTemplateSchedulingOnInstanceStopActionInput interface { + pulumi.Input + + ToInstanceFromTemplateSchedulingOnInstanceStopActionOutput() InstanceFromTemplateSchedulingOnInstanceStopActionOutput + ToInstanceFromTemplateSchedulingOnInstanceStopActionOutputWithContext(context.Context) InstanceFromTemplateSchedulingOnInstanceStopActionOutput +} + +type InstanceFromTemplateSchedulingOnInstanceStopActionArgs struct { + // If true, the contents of any attached Local SSD disks will be discarded. + DiscardLocalSsd pulumi.BoolPtrInput `pulumi:"discardLocalSsd"` +} + +func (InstanceFromTemplateSchedulingOnInstanceStopActionArgs) ElementType() reflect.Type { + return reflect.TypeOf((*InstanceFromTemplateSchedulingOnInstanceStopAction)(nil)).Elem() +} + +func (i InstanceFromTemplateSchedulingOnInstanceStopActionArgs) ToInstanceFromTemplateSchedulingOnInstanceStopActionOutput() InstanceFromTemplateSchedulingOnInstanceStopActionOutput { + return i.ToInstanceFromTemplateSchedulingOnInstanceStopActionOutputWithContext(context.Background()) +} + +func (i InstanceFromTemplateSchedulingOnInstanceStopActionArgs) ToInstanceFromTemplateSchedulingOnInstanceStopActionOutputWithContext(ctx context.Context) InstanceFromTemplateSchedulingOnInstanceStopActionOutput { + return pulumi.ToOutputWithContext(ctx, i).(InstanceFromTemplateSchedulingOnInstanceStopActionOutput) +} + +func (i InstanceFromTemplateSchedulingOnInstanceStopActionArgs) ToInstanceFromTemplateSchedulingOnInstanceStopActionPtrOutput() InstanceFromTemplateSchedulingOnInstanceStopActionPtrOutput { + return i.ToInstanceFromTemplateSchedulingOnInstanceStopActionPtrOutputWithContext(context.Background()) +} + +func (i InstanceFromTemplateSchedulingOnInstanceStopActionArgs) ToInstanceFromTemplateSchedulingOnInstanceStopActionPtrOutputWithContext(ctx context.Context) InstanceFromTemplateSchedulingOnInstanceStopActionPtrOutput { + return pulumi.ToOutputWithContext(ctx, i).(InstanceFromTemplateSchedulingOnInstanceStopActionOutput).ToInstanceFromTemplateSchedulingOnInstanceStopActionPtrOutputWithContext(ctx) +} + +// InstanceFromTemplateSchedulingOnInstanceStopActionPtrInput is an input type that accepts InstanceFromTemplateSchedulingOnInstanceStopActionArgs, InstanceFromTemplateSchedulingOnInstanceStopActionPtr and InstanceFromTemplateSchedulingOnInstanceStopActionPtrOutput values. +// You can construct a concrete instance of `InstanceFromTemplateSchedulingOnInstanceStopActionPtrInput` via: +// +// InstanceFromTemplateSchedulingOnInstanceStopActionArgs{...} +// +// or: +// +// nil +type InstanceFromTemplateSchedulingOnInstanceStopActionPtrInput interface { + pulumi.Input + + ToInstanceFromTemplateSchedulingOnInstanceStopActionPtrOutput() InstanceFromTemplateSchedulingOnInstanceStopActionPtrOutput + ToInstanceFromTemplateSchedulingOnInstanceStopActionPtrOutputWithContext(context.Context) InstanceFromTemplateSchedulingOnInstanceStopActionPtrOutput +} + +type instanceFromTemplateSchedulingOnInstanceStopActionPtrType InstanceFromTemplateSchedulingOnInstanceStopActionArgs + +func InstanceFromTemplateSchedulingOnInstanceStopActionPtr(v *InstanceFromTemplateSchedulingOnInstanceStopActionArgs) InstanceFromTemplateSchedulingOnInstanceStopActionPtrInput { + return (*instanceFromTemplateSchedulingOnInstanceStopActionPtrType)(v) +} + +func (*instanceFromTemplateSchedulingOnInstanceStopActionPtrType) ElementType() reflect.Type { + return reflect.TypeOf((**InstanceFromTemplateSchedulingOnInstanceStopAction)(nil)).Elem() +} + +func (i *instanceFromTemplateSchedulingOnInstanceStopActionPtrType) ToInstanceFromTemplateSchedulingOnInstanceStopActionPtrOutput() InstanceFromTemplateSchedulingOnInstanceStopActionPtrOutput { + return i.ToInstanceFromTemplateSchedulingOnInstanceStopActionPtrOutputWithContext(context.Background()) +} + +func (i *instanceFromTemplateSchedulingOnInstanceStopActionPtrType) ToInstanceFromTemplateSchedulingOnInstanceStopActionPtrOutputWithContext(ctx context.Context) InstanceFromTemplateSchedulingOnInstanceStopActionPtrOutput { + return pulumi.ToOutputWithContext(ctx, i).(InstanceFromTemplateSchedulingOnInstanceStopActionPtrOutput) +} + +type InstanceFromTemplateSchedulingOnInstanceStopActionOutput struct{ *pulumi.OutputState } + +func (InstanceFromTemplateSchedulingOnInstanceStopActionOutput) ElementType() reflect.Type { + return reflect.TypeOf((*InstanceFromTemplateSchedulingOnInstanceStopAction)(nil)).Elem() +} + +func (o InstanceFromTemplateSchedulingOnInstanceStopActionOutput) ToInstanceFromTemplateSchedulingOnInstanceStopActionOutput() InstanceFromTemplateSchedulingOnInstanceStopActionOutput { + return o +} + +func (o InstanceFromTemplateSchedulingOnInstanceStopActionOutput) ToInstanceFromTemplateSchedulingOnInstanceStopActionOutputWithContext(ctx context.Context) InstanceFromTemplateSchedulingOnInstanceStopActionOutput { + return o +} + +func (o InstanceFromTemplateSchedulingOnInstanceStopActionOutput) ToInstanceFromTemplateSchedulingOnInstanceStopActionPtrOutput() InstanceFromTemplateSchedulingOnInstanceStopActionPtrOutput { + return o.ToInstanceFromTemplateSchedulingOnInstanceStopActionPtrOutputWithContext(context.Background()) +} + +func (o InstanceFromTemplateSchedulingOnInstanceStopActionOutput) ToInstanceFromTemplateSchedulingOnInstanceStopActionPtrOutputWithContext(ctx context.Context) InstanceFromTemplateSchedulingOnInstanceStopActionPtrOutput { + return o.ApplyTWithContext(ctx, func(_ context.Context, v InstanceFromTemplateSchedulingOnInstanceStopAction) *InstanceFromTemplateSchedulingOnInstanceStopAction { + return &v + }).(InstanceFromTemplateSchedulingOnInstanceStopActionPtrOutput) +} + +// If true, the contents of any attached Local SSD disks will be discarded. +func (o InstanceFromTemplateSchedulingOnInstanceStopActionOutput) DiscardLocalSsd() pulumi.BoolPtrOutput { + return o.ApplyT(func(v InstanceFromTemplateSchedulingOnInstanceStopAction) *bool { return v.DiscardLocalSsd }).(pulumi.BoolPtrOutput) +} + +type InstanceFromTemplateSchedulingOnInstanceStopActionPtrOutput struct{ *pulumi.OutputState } + +func (InstanceFromTemplateSchedulingOnInstanceStopActionPtrOutput) ElementType() reflect.Type { + return reflect.TypeOf((**InstanceFromTemplateSchedulingOnInstanceStopAction)(nil)).Elem() +} + +func (o InstanceFromTemplateSchedulingOnInstanceStopActionPtrOutput) ToInstanceFromTemplateSchedulingOnInstanceStopActionPtrOutput() InstanceFromTemplateSchedulingOnInstanceStopActionPtrOutput { + return o +} + +func (o InstanceFromTemplateSchedulingOnInstanceStopActionPtrOutput) ToInstanceFromTemplateSchedulingOnInstanceStopActionPtrOutputWithContext(ctx context.Context) InstanceFromTemplateSchedulingOnInstanceStopActionPtrOutput { + return o +} + +func (o InstanceFromTemplateSchedulingOnInstanceStopActionPtrOutput) Elem() InstanceFromTemplateSchedulingOnInstanceStopActionOutput { + return o.ApplyT(func(v *InstanceFromTemplateSchedulingOnInstanceStopAction) InstanceFromTemplateSchedulingOnInstanceStopAction { + if v != nil { + return *v + } + var ret InstanceFromTemplateSchedulingOnInstanceStopAction + return ret + }).(InstanceFromTemplateSchedulingOnInstanceStopActionOutput) +} + +// If true, the contents of any attached Local SSD disks will be discarded. +func (o InstanceFromTemplateSchedulingOnInstanceStopActionPtrOutput) DiscardLocalSsd() pulumi.BoolPtrOutput { + return o.ApplyT(func(v *InstanceFromTemplateSchedulingOnInstanceStopAction) *bool { + if v == nil { + return nil + } + return v.DiscardLocalSsd + }).(pulumi.BoolPtrOutput) +} + type InstanceFromTemplateScratchDisk struct { // Name with which the attached disk is accessible under /dev/disk/by-id/ DeviceName *string `pulumi:"deviceName"` @@ -25646,8 +25962,7 @@ type InstanceScheduling struct { LocalSsdRecoveryTimeout *InstanceSchedulingLocalSsdRecoveryTimeout `pulumi:"localSsdRecoveryTimeout"` // Specifies the frequency of planned maintenance events. The accepted values are: `PERIODIC`. MaintenanceInterval *string `pulumi:"maintenanceInterval"` - // The duration of the instance. Instance will run and be terminated after then, the termination action could be defined in `instanceTerminationAction`. Only support `DELETE` `instanceTerminationAction` at this point. Structure is documented below. - // The `maxRunDuration` block supports: + // The duration of the instance. Instance will run and be terminated after then, the termination action could be defined in `instanceTerminationAction`. Structure is documented below. MaxRunDuration *InstanceSchedulingMaxRunDuration `pulumi:"maxRunDuration"` // The minimum number of virtual CPUs this instance will consume when running on a sole-tenant node. MinNodeCpus *int `pulumi:"minNodeCpus"` @@ -25661,6 +25976,8 @@ type InstanceScheduling struct { // instance. Can be MIGRATE or TERMINATE, for more info, read // [here](https://cloud.google.com/compute/docs/instances/setting-instance-scheduling-options). OnHostMaintenance *string `pulumi:"onHostMaintenance"` + // Specifies the action to be performed when the instance is terminated using `maxRunDuration` and `STOP` `instanceTerminationAction`. Only support `true` `discardLocalSsd` at this point. Structure is documented below. + OnInstanceStopAction *InstanceSchedulingOnInstanceStopAction `pulumi:"onInstanceStopAction"` // Specifies if the instance is preemptible. // If this field is set to true, then `automaticRestart` must be // set to false. Defaults to false. @@ -25697,8 +26014,7 @@ type InstanceSchedulingArgs struct { LocalSsdRecoveryTimeout InstanceSchedulingLocalSsdRecoveryTimeoutPtrInput `pulumi:"localSsdRecoveryTimeout"` // Specifies the frequency of planned maintenance events. The accepted values are: `PERIODIC`. MaintenanceInterval pulumi.StringPtrInput `pulumi:"maintenanceInterval"` - // The duration of the instance. Instance will run and be terminated after then, the termination action could be defined in `instanceTerminationAction`. Only support `DELETE` `instanceTerminationAction` at this point. Structure is documented below. - // The `maxRunDuration` block supports: + // The duration of the instance. Instance will run and be terminated after then, the termination action could be defined in `instanceTerminationAction`. Structure is documented below. MaxRunDuration InstanceSchedulingMaxRunDurationPtrInput `pulumi:"maxRunDuration"` // The minimum number of virtual CPUs this instance will consume when running on a sole-tenant node. MinNodeCpus pulumi.IntPtrInput `pulumi:"minNodeCpus"` @@ -25712,6 +26028,8 @@ type InstanceSchedulingArgs struct { // instance. Can be MIGRATE or TERMINATE, for more info, read // [here](https://cloud.google.com/compute/docs/instances/setting-instance-scheduling-options). OnHostMaintenance pulumi.StringPtrInput `pulumi:"onHostMaintenance"` + // Specifies the action to be performed when the instance is terminated using `maxRunDuration` and `STOP` `instanceTerminationAction`. Only support `true` `discardLocalSsd` at this point. Structure is documented below. + OnInstanceStopAction InstanceSchedulingOnInstanceStopActionPtrInput `pulumi:"onInstanceStopAction"` // Specifies if the instance is preemptible. // If this field is set to true, then `automaticRestart` must be // set to false. Defaults to false. @@ -25828,8 +26146,7 @@ func (o InstanceSchedulingOutput) MaintenanceInterval() pulumi.StringPtrOutput { return o.ApplyT(func(v InstanceScheduling) *string { return v.MaintenanceInterval }).(pulumi.StringPtrOutput) } -// The duration of the instance. Instance will run and be terminated after then, the termination action could be defined in `instanceTerminationAction`. Only support `DELETE` `instanceTerminationAction` at this point. Structure is documented below. -// The `maxRunDuration` block supports: +// The duration of the instance. Instance will run and be terminated after then, the termination action could be defined in `instanceTerminationAction`. Structure is documented below. func (o InstanceSchedulingOutput) MaxRunDuration() InstanceSchedulingMaxRunDurationPtrOutput { return o.ApplyT(func(v InstanceScheduling) *InstanceSchedulingMaxRunDuration { return v.MaxRunDuration }).(InstanceSchedulingMaxRunDurationPtrOutput) } @@ -25855,6 +26172,11 @@ func (o InstanceSchedulingOutput) OnHostMaintenance() pulumi.StringPtrOutput { return o.ApplyT(func(v InstanceScheduling) *string { return v.OnHostMaintenance }).(pulumi.StringPtrOutput) } +// Specifies the action to be performed when the instance is terminated using `maxRunDuration` and `STOP` `instanceTerminationAction`. Only support `true` `discardLocalSsd` at this point. Structure is documented below. +func (o InstanceSchedulingOutput) OnInstanceStopAction() InstanceSchedulingOnInstanceStopActionPtrOutput { + return o.ApplyT(func(v InstanceScheduling) *InstanceSchedulingOnInstanceStopAction { return v.OnInstanceStopAction }).(InstanceSchedulingOnInstanceStopActionPtrOutput) +} + // Specifies if the instance is preemptible. // If this field is set to true, then `automaticRestart` must be // set to false. Defaults to false. @@ -25940,8 +26262,7 @@ func (o InstanceSchedulingPtrOutput) MaintenanceInterval() pulumi.StringPtrOutpu }).(pulumi.StringPtrOutput) } -// The duration of the instance. Instance will run and be terminated after then, the termination action could be defined in `instanceTerminationAction`. Only support `DELETE` `instanceTerminationAction` at this point. Structure is documented below. -// The `maxRunDuration` block supports: +// The duration of the instance. Instance will run and be terminated after then, the termination action could be defined in `instanceTerminationAction`. Structure is documented below. func (o InstanceSchedulingPtrOutput) MaxRunDuration() InstanceSchedulingMaxRunDurationPtrOutput { return o.ApplyT(func(v *InstanceScheduling) *InstanceSchedulingMaxRunDuration { if v == nil { @@ -25987,6 +26308,16 @@ func (o InstanceSchedulingPtrOutput) OnHostMaintenance() pulumi.StringPtrOutput }).(pulumi.StringPtrOutput) } +// Specifies the action to be performed when the instance is terminated using `maxRunDuration` and `STOP` `instanceTerminationAction`. Only support `true` `discardLocalSsd` at this point. Structure is documented below. +func (o InstanceSchedulingPtrOutput) OnInstanceStopAction() InstanceSchedulingOnInstanceStopActionPtrOutput { + return o.ApplyT(func(v *InstanceScheduling) *InstanceSchedulingOnInstanceStopAction { + if v == nil { + return nil + } + return v.OnInstanceStopAction + }).(InstanceSchedulingOnInstanceStopActionPtrOutput) +} + // Specifies if the instance is preemptible. // If this field is set to true, then `automaticRestart` must be // set to false. Defaults to false. @@ -26186,12 +26517,13 @@ func (o InstanceSchedulingLocalSsdRecoveryTimeoutPtrOutput) Seconds() pulumi.Int type InstanceSchedulingMaxRunDuration struct { // Span of time that's a fraction of a second at nanosecond - // resolution. Durations less than one second are represented - // with a 0 seconds field and a positive nanos field. Must - // be from 0 to 999,999,999 inclusive. + // resolution. Durations less than one second are represented with a 0 + // `seconds` field and a positive `nanos` field. Must be from 0 to + // 999,999,999 inclusive. Nanos *int `pulumi:"nanos"` - // Span of time at a resolution of a second. - // Must be from 0 to 315,576,000,000 inclusive. + // Span of time at a resolution of a second. Must be from 0 to + // 315,576,000,000 inclusive. Note: these bounds are computed from: 60 + // sec/min * 60 min/hr * 24 hr/day * 365.25 days/year * 10000 years. Seconds int `pulumi:"seconds"` } @@ -26208,12 +26540,13 @@ type InstanceSchedulingMaxRunDurationInput interface { type InstanceSchedulingMaxRunDurationArgs struct { // Span of time that's a fraction of a second at nanosecond - // resolution. Durations less than one second are represented - // with a 0 seconds field and a positive nanos field. Must - // be from 0 to 999,999,999 inclusive. + // resolution. Durations less than one second are represented with a 0 + // `seconds` field and a positive `nanos` field. Must be from 0 to + // 999,999,999 inclusive. Nanos pulumi.IntPtrInput `pulumi:"nanos"` - // Span of time at a resolution of a second. - // Must be from 0 to 315,576,000,000 inclusive. + // Span of time at a resolution of a second. Must be from 0 to + // 315,576,000,000 inclusive. Note: these bounds are computed from: 60 + // sec/min * 60 min/hr * 24 hr/day * 365.25 days/year * 10000 years. Seconds pulumi.IntInput `pulumi:"seconds"` } @@ -26295,15 +26628,16 @@ func (o InstanceSchedulingMaxRunDurationOutput) ToInstanceSchedulingMaxRunDurati } // Span of time that's a fraction of a second at nanosecond -// resolution. Durations less than one second are represented -// with a 0 seconds field and a positive nanos field. Must -// be from 0 to 999,999,999 inclusive. +// resolution. Durations less than one second are represented with a 0 +// `seconds` field and a positive `nanos` field. Must be from 0 to +// 999,999,999 inclusive. func (o InstanceSchedulingMaxRunDurationOutput) Nanos() pulumi.IntPtrOutput { return o.ApplyT(func(v InstanceSchedulingMaxRunDuration) *int { return v.Nanos }).(pulumi.IntPtrOutput) } -// Span of time at a resolution of a second. -// Must be from 0 to 315,576,000,000 inclusive. +// Span of time at a resolution of a second. Must be from 0 to +// 315,576,000,000 inclusive. Note: these bounds are computed from: 60 +// sec/min * 60 min/hr * 24 hr/day * 365.25 days/year * 10000 years. func (o InstanceSchedulingMaxRunDurationOutput) Seconds() pulumi.IntOutput { return o.ApplyT(func(v InstanceSchedulingMaxRunDuration) int { return v.Seconds }).(pulumi.IntOutput) } @@ -26333,9 +26667,9 @@ func (o InstanceSchedulingMaxRunDurationPtrOutput) Elem() InstanceSchedulingMaxR } // Span of time that's a fraction of a second at nanosecond -// resolution. Durations less than one second are represented -// with a 0 seconds field and a positive nanos field. Must -// be from 0 to 999,999,999 inclusive. +// resolution. Durations less than one second are represented with a 0 +// `seconds` field and a positive `nanos` field. Must be from 0 to +// 999,999,999 inclusive. func (o InstanceSchedulingMaxRunDurationPtrOutput) Nanos() pulumi.IntPtrOutput { return o.ApplyT(func(v *InstanceSchedulingMaxRunDuration) *int { if v == nil { @@ -26345,8 +26679,9 @@ func (o InstanceSchedulingMaxRunDurationPtrOutput) Nanos() pulumi.IntPtrOutput { }).(pulumi.IntPtrOutput) } -// Span of time at a resolution of a second. -// Must be from 0 to 315,576,000,000 inclusive. +// Span of time at a resolution of a second. Must be from 0 to +// 315,576,000,000 inclusive. Note: these bounds are computed from: 60 +// sec/min * 60 min/hr * 24 hr/day * 365.25 days/year * 10000 years. func (o InstanceSchedulingMaxRunDurationPtrOutput) Seconds() pulumi.IntPtrOutput { return o.ApplyT(func(v *InstanceSchedulingMaxRunDuration) *int { if v == nil { @@ -26474,6 +26809,143 @@ func (o InstanceSchedulingNodeAffinityArrayOutput) Index(i pulumi.IntInput) Inst }).(InstanceSchedulingNodeAffinityOutput) } +type InstanceSchedulingOnInstanceStopAction struct { + // Whether to discard local SSDs attached to the VM while terminating using `maxRunDuration`. Only supports `true` at this point. + DiscardLocalSsd *bool `pulumi:"discardLocalSsd"` +} + +// InstanceSchedulingOnInstanceStopActionInput is an input type that accepts InstanceSchedulingOnInstanceStopActionArgs and InstanceSchedulingOnInstanceStopActionOutput values. +// You can construct a concrete instance of `InstanceSchedulingOnInstanceStopActionInput` via: +// +// InstanceSchedulingOnInstanceStopActionArgs{...} +type InstanceSchedulingOnInstanceStopActionInput interface { + pulumi.Input + + ToInstanceSchedulingOnInstanceStopActionOutput() InstanceSchedulingOnInstanceStopActionOutput + ToInstanceSchedulingOnInstanceStopActionOutputWithContext(context.Context) InstanceSchedulingOnInstanceStopActionOutput +} + +type InstanceSchedulingOnInstanceStopActionArgs struct { + // Whether to discard local SSDs attached to the VM while terminating using `maxRunDuration`. Only supports `true` at this point. + DiscardLocalSsd pulumi.BoolPtrInput `pulumi:"discardLocalSsd"` +} + +func (InstanceSchedulingOnInstanceStopActionArgs) ElementType() reflect.Type { + return reflect.TypeOf((*InstanceSchedulingOnInstanceStopAction)(nil)).Elem() +} + +func (i InstanceSchedulingOnInstanceStopActionArgs) ToInstanceSchedulingOnInstanceStopActionOutput() InstanceSchedulingOnInstanceStopActionOutput { + return i.ToInstanceSchedulingOnInstanceStopActionOutputWithContext(context.Background()) +} + +func (i InstanceSchedulingOnInstanceStopActionArgs) ToInstanceSchedulingOnInstanceStopActionOutputWithContext(ctx context.Context) InstanceSchedulingOnInstanceStopActionOutput { + return pulumi.ToOutputWithContext(ctx, i).(InstanceSchedulingOnInstanceStopActionOutput) +} + +func (i InstanceSchedulingOnInstanceStopActionArgs) ToInstanceSchedulingOnInstanceStopActionPtrOutput() InstanceSchedulingOnInstanceStopActionPtrOutput { + return i.ToInstanceSchedulingOnInstanceStopActionPtrOutputWithContext(context.Background()) +} + +func (i InstanceSchedulingOnInstanceStopActionArgs) ToInstanceSchedulingOnInstanceStopActionPtrOutputWithContext(ctx context.Context) InstanceSchedulingOnInstanceStopActionPtrOutput { + return pulumi.ToOutputWithContext(ctx, i).(InstanceSchedulingOnInstanceStopActionOutput).ToInstanceSchedulingOnInstanceStopActionPtrOutputWithContext(ctx) +} + +// InstanceSchedulingOnInstanceStopActionPtrInput is an input type that accepts InstanceSchedulingOnInstanceStopActionArgs, InstanceSchedulingOnInstanceStopActionPtr and InstanceSchedulingOnInstanceStopActionPtrOutput values. +// You can construct a concrete instance of `InstanceSchedulingOnInstanceStopActionPtrInput` via: +// +// InstanceSchedulingOnInstanceStopActionArgs{...} +// +// or: +// +// nil +type InstanceSchedulingOnInstanceStopActionPtrInput interface { + pulumi.Input + + ToInstanceSchedulingOnInstanceStopActionPtrOutput() InstanceSchedulingOnInstanceStopActionPtrOutput + ToInstanceSchedulingOnInstanceStopActionPtrOutputWithContext(context.Context) InstanceSchedulingOnInstanceStopActionPtrOutput +} + +type instanceSchedulingOnInstanceStopActionPtrType InstanceSchedulingOnInstanceStopActionArgs + +func InstanceSchedulingOnInstanceStopActionPtr(v *InstanceSchedulingOnInstanceStopActionArgs) InstanceSchedulingOnInstanceStopActionPtrInput { + return (*instanceSchedulingOnInstanceStopActionPtrType)(v) +} + +func (*instanceSchedulingOnInstanceStopActionPtrType) ElementType() reflect.Type { + return reflect.TypeOf((**InstanceSchedulingOnInstanceStopAction)(nil)).Elem() +} + +func (i *instanceSchedulingOnInstanceStopActionPtrType) ToInstanceSchedulingOnInstanceStopActionPtrOutput() InstanceSchedulingOnInstanceStopActionPtrOutput { + return i.ToInstanceSchedulingOnInstanceStopActionPtrOutputWithContext(context.Background()) +} + +func (i *instanceSchedulingOnInstanceStopActionPtrType) ToInstanceSchedulingOnInstanceStopActionPtrOutputWithContext(ctx context.Context) InstanceSchedulingOnInstanceStopActionPtrOutput { + return pulumi.ToOutputWithContext(ctx, i).(InstanceSchedulingOnInstanceStopActionPtrOutput) +} + +type InstanceSchedulingOnInstanceStopActionOutput struct{ *pulumi.OutputState } + +func (InstanceSchedulingOnInstanceStopActionOutput) ElementType() reflect.Type { + return reflect.TypeOf((*InstanceSchedulingOnInstanceStopAction)(nil)).Elem() +} + +func (o InstanceSchedulingOnInstanceStopActionOutput) ToInstanceSchedulingOnInstanceStopActionOutput() InstanceSchedulingOnInstanceStopActionOutput { + return o +} + +func (o InstanceSchedulingOnInstanceStopActionOutput) ToInstanceSchedulingOnInstanceStopActionOutputWithContext(ctx context.Context) InstanceSchedulingOnInstanceStopActionOutput { + return o +} + +func (o InstanceSchedulingOnInstanceStopActionOutput) ToInstanceSchedulingOnInstanceStopActionPtrOutput() InstanceSchedulingOnInstanceStopActionPtrOutput { + return o.ToInstanceSchedulingOnInstanceStopActionPtrOutputWithContext(context.Background()) +} + +func (o InstanceSchedulingOnInstanceStopActionOutput) ToInstanceSchedulingOnInstanceStopActionPtrOutputWithContext(ctx context.Context) InstanceSchedulingOnInstanceStopActionPtrOutput { + return o.ApplyTWithContext(ctx, func(_ context.Context, v InstanceSchedulingOnInstanceStopAction) *InstanceSchedulingOnInstanceStopAction { + return &v + }).(InstanceSchedulingOnInstanceStopActionPtrOutput) +} + +// Whether to discard local SSDs attached to the VM while terminating using `maxRunDuration`. Only supports `true` at this point. +func (o InstanceSchedulingOnInstanceStopActionOutput) DiscardLocalSsd() pulumi.BoolPtrOutput { + return o.ApplyT(func(v InstanceSchedulingOnInstanceStopAction) *bool { return v.DiscardLocalSsd }).(pulumi.BoolPtrOutput) +} + +type InstanceSchedulingOnInstanceStopActionPtrOutput struct{ *pulumi.OutputState } + +func (InstanceSchedulingOnInstanceStopActionPtrOutput) ElementType() reflect.Type { + return reflect.TypeOf((**InstanceSchedulingOnInstanceStopAction)(nil)).Elem() +} + +func (o InstanceSchedulingOnInstanceStopActionPtrOutput) ToInstanceSchedulingOnInstanceStopActionPtrOutput() InstanceSchedulingOnInstanceStopActionPtrOutput { + return o +} + +func (o InstanceSchedulingOnInstanceStopActionPtrOutput) ToInstanceSchedulingOnInstanceStopActionPtrOutputWithContext(ctx context.Context) InstanceSchedulingOnInstanceStopActionPtrOutput { + return o +} + +func (o InstanceSchedulingOnInstanceStopActionPtrOutput) Elem() InstanceSchedulingOnInstanceStopActionOutput { + return o.ApplyT(func(v *InstanceSchedulingOnInstanceStopAction) InstanceSchedulingOnInstanceStopAction { + if v != nil { + return *v + } + var ret InstanceSchedulingOnInstanceStopAction + return ret + }).(InstanceSchedulingOnInstanceStopActionOutput) +} + +// Whether to discard local SSDs attached to the VM while terminating using `maxRunDuration`. Only supports `true` at this point. +func (o InstanceSchedulingOnInstanceStopActionPtrOutput) DiscardLocalSsd() pulumi.BoolPtrOutput { + return o.ApplyT(func(v *InstanceSchedulingOnInstanceStopAction) *bool { + if v == nil { + return nil + } + return v.DiscardLocalSsd + }).(pulumi.BoolPtrOutput) +} + type InstanceScratchDisk struct { // Name with which the attached disk is accessible under /dev/disk/by-id/ DeviceName *string `pulumi:"deviceName"` @@ -29514,8 +29986,7 @@ type InstanceTemplateScheduling struct { LocalSsdRecoveryTimeouts []InstanceTemplateSchedulingLocalSsdRecoveryTimeout `pulumi:"localSsdRecoveryTimeouts"` // Specifies the frequency of planned maintenance events. The accepted values are: `PERIODIC`. MaintenanceInterval *string `pulumi:"maintenanceInterval"` - // The duration of the instance. Instance will run and be terminated after then, the termination action could be defined in `instanceTerminationAction`. Only support `DELETE` `instanceTerminationAction` at this point. Structure is documented below. - // The `maxRunDuration` block supports: + // The duration of the instance. Instance will run and be terminated after then, the termination action could be defined in `instanceTerminationAction`. Structure is documented below. MaxRunDuration *InstanceTemplateSchedulingMaxRunDuration `pulumi:"maxRunDuration"` // Minimum number of cpus for the instance. MinNodeCpus *int `pulumi:"minNodeCpus"` @@ -29528,6 +29999,8 @@ type InstanceTemplateScheduling struct { // Defines the maintenance behavior for this // instance. OnHostMaintenance *string `pulumi:"onHostMaintenance"` + // Specifies the action to be performed when the instance is terminated using `maxRunDuration` and `STOP` `instanceTerminationAction`. Only support `true` `discardLocalSsd` at this point. Structure is documented below. + OnInstanceStopAction *InstanceTemplateSchedulingOnInstanceStopAction `pulumi:"onInstanceStopAction"` // Allows instance to be preempted. This defaults to // false. Read more on this // [here](https://cloud.google.com/compute/docs/instances/preemptible). @@ -29564,8 +30037,7 @@ type InstanceTemplateSchedulingArgs struct { LocalSsdRecoveryTimeouts InstanceTemplateSchedulingLocalSsdRecoveryTimeoutArrayInput `pulumi:"localSsdRecoveryTimeouts"` // Specifies the frequency of planned maintenance events. The accepted values are: `PERIODIC`. MaintenanceInterval pulumi.StringPtrInput `pulumi:"maintenanceInterval"` - // The duration of the instance. Instance will run and be terminated after then, the termination action could be defined in `instanceTerminationAction`. Only support `DELETE` `instanceTerminationAction` at this point. Structure is documented below. - // The `maxRunDuration` block supports: + // The duration of the instance. Instance will run and be terminated after then, the termination action could be defined in `instanceTerminationAction`. Structure is documented below. MaxRunDuration InstanceTemplateSchedulingMaxRunDurationPtrInput `pulumi:"maxRunDuration"` // Minimum number of cpus for the instance. MinNodeCpus pulumi.IntPtrInput `pulumi:"minNodeCpus"` @@ -29578,6 +30050,8 @@ type InstanceTemplateSchedulingArgs struct { // Defines the maintenance behavior for this // instance. OnHostMaintenance pulumi.StringPtrInput `pulumi:"onHostMaintenance"` + // Specifies the action to be performed when the instance is terminated using `maxRunDuration` and `STOP` `instanceTerminationAction`. Only support `true` `discardLocalSsd` at this point. Structure is documented below. + OnInstanceStopAction InstanceTemplateSchedulingOnInstanceStopActionPtrInput `pulumi:"onInstanceStopAction"` // Allows instance to be preempted. This defaults to // false. Read more on this // [here](https://cloud.google.com/compute/docs/instances/preemptible). @@ -29694,8 +30168,7 @@ func (o InstanceTemplateSchedulingOutput) MaintenanceInterval() pulumi.StringPtr return o.ApplyT(func(v InstanceTemplateScheduling) *string { return v.MaintenanceInterval }).(pulumi.StringPtrOutput) } -// The duration of the instance. Instance will run and be terminated after then, the termination action could be defined in `instanceTerminationAction`. Only support `DELETE` `instanceTerminationAction` at this point. Structure is documented below. -// The `maxRunDuration` block supports: +// The duration of the instance. Instance will run and be terminated after then, the termination action could be defined in `instanceTerminationAction`. Structure is documented below. func (o InstanceTemplateSchedulingOutput) MaxRunDuration() InstanceTemplateSchedulingMaxRunDurationPtrOutput { return o.ApplyT(func(v InstanceTemplateScheduling) *InstanceTemplateSchedulingMaxRunDuration { return v.MaxRunDuration }).(InstanceTemplateSchedulingMaxRunDurationPtrOutput) } @@ -29720,6 +30193,13 @@ func (o InstanceTemplateSchedulingOutput) OnHostMaintenance() pulumi.StringPtrOu return o.ApplyT(func(v InstanceTemplateScheduling) *string { return v.OnHostMaintenance }).(pulumi.StringPtrOutput) } +// Specifies the action to be performed when the instance is terminated using `maxRunDuration` and `STOP` `instanceTerminationAction`. Only support `true` `discardLocalSsd` at this point. Structure is documented below. +func (o InstanceTemplateSchedulingOutput) OnInstanceStopAction() InstanceTemplateSchedulingOnInstanceStopActionPtrOutput { + return o.ApplyT(func(v InstanceTemplateScheduling) *InstanceTemplateSchedulingOnInstanceStopAction { + return v.OnInstanceStopAction + }).(InstanceTemplateSchedulingOnInstanceStopActionPtrOutput) +} + // Allows instance to be preempted. This defaults to // false. Read more on this // [here](https://cloud.google.com/compute/docs/instances/preemptible). @@ -29805,8 +30285,7 @@ func (o InstanceTemplateSchedulingPtrOutput) MaintenanceInterval() pulumi.String }).(pulumi.StringPtrOutput) } -// The duration of the instance. Instance will run and be terminated after then, the termination action could be defined in `instanceTerminationAction`. Only support `DELETE` `instanceTerminationAction` at this point. Structure is documented below. -// The `maxRunDuration` block supports: +// The duration of the instance. Instance will run and be terminated after then, the termination action could be defined in `instanceTerminationAction`. Structure is documented below. func (o InstanceTemplateSchedulingPtrOutput) MaxRunDuration() InstanceTemplateSchedulingMaxRunDurationPtrOutput { return o.ApplyT(func(v *InstanceTemplateScheduling) *InstanceTemplateSchedulingMaxRunDuration { if v == nil { @@ -29851,6 +30330,16 @@ func (o InstanceTemplateSchedulingPtrOutput) OnHostMaintenance() pulumi.StringPt }).(pulumi.StringPtrOutput) } +// Specifies the action to be performed when the instance is terminated using `maxRunDuration` and `STOP` `instanceTerminationAction`. Only support `true` `discardLocalSsd` at this point. Structure is documented below. +func (o InstanceTemplateSchedulingPtrOutput) OnInstanceStopAction() InstanceTemplateSchedulingOnInstanceStopActionPtrOutput { + return o.ApplyT(func(v *InstanceTemplateScheduling) *InstanceTemplateSchedulingOnInstanceStopAction { + if v == nil { + return nil + } + return v.OnInstanceStopAction + }).(InstanceTemplateSchedulingOnInstanceStopActionPtrOutput) +} + // Allows instance to be preempted. This defaults to // false. Read more on this // [here](https://cloud.google.com/compute/docs/instances/preemptible). @@ -29996,12 +30485,13 @@ func (o InstanceTemplateSchedulingLocalSsdRecoveryTimeoutArrayOutput) Index(i pu type InstanceTemplateSchedulingMaxRunDuration struct { // Span of time that's a fraction of a second at nanosecond - // resolution. Durations less than one second are represented - // with a 0 seconds field and a positive nanos field. Must - // be from 0 to 999,999,999 inclusive. + // resolution. Durations less than one second are represented with a 0 + // `seconds` field and a positive `nanos` field. Must be from 0 to + // 999,999,999 inclusive. Nanos *int `pulumi:"nanos"` - // Span of time at a resolution of a second. - // Must be from 0 to 315,576,000,000 inclusive. + // Span of time at a resolution of a second. Must be from 0 to + // 315,576,000,000 inclusive. Note: these bounds are computed from: 60 + // sec/min * 60 min/hr * 24 hr/day * 365.25 days/year * 10000 years. Seconds int `pulumi:"seconds"` } @@ -30018,12 +30508,13 @@ type InstanceTemplateSchedulingMaxRunDurationInput interface { type InstanceTemplateSchedulingMaxRunDurationArgs struct { // Span of time that's a fraction of a second at nanosecond - // resolution. Durations less than one second are represented - // with a 0 seconds field and a positive nanos field. Must - // be from 0 to 999,999,999 inclusive. + // resolution. Durations less than one second are represented with a 0 + // `seconds` field and a positive `nanos` field. Must be from 0 to + // 999,999,999 inclusive. Nanos pulumi.IntPtrInput `pulumi:"nanos"` - // Span of time at a resolution of a second. - // Must be from 0 to 315,576,000,000 inclusive. + // Span of time at a resolution of a second. Must be from 0 to + // 315,576,000,000 inclusive. Note: these bounds are computed from: 60 + // sec/min * 60 min/hr * 24 hr/day * 365.25 days/year * 10000 years. Seconds pulumi.IntInput `pulumi:"seconds"` } @@ -30105,15 +30596,16 @@ func (o InstanceTemplateSchedulingMaxRunDurationOutput) ToInstanceTemplateSchedu } // Span of time that's a fraction of a second at nanosecond -// resolution. Durations less than one second are represented -// with a 0 seconds field and a positive nanos field. Must -// be from 0 to 999,999,999 inclusive. +// resolution. Durations less than one second are represented with a 0 +// `seconds` field and a positive `nanos` field. Must be from 0 to +// 999,999,999 inclusive. func (o InstanceTemplateSchedulingMaxRunDurationOutput) Nanos() pulumi.IntPtrOutput { return o.ApplyT(func(v InstanceTemplateSchedulingMaxRunDuration) *int { return v.Nanos }).(pulumi.IntPtrOutput) } -// Span of time at a resolution of a second. -// Must be from 0 to 315,576,000,000 inclusive. +// Span of time at a resolution of a second. Must be from 0 to +// 315,576,000,000 inclusive. Note: these bounds are computed from: 60 +// sec/min * 60 min/hr * 24 hr/day * 365.25 days/year * 10000 years. func (o InstanceTemplateSchedulingMaxRunDurationOutput) Seconds() pulumi.IntOutput { return o.ApplyT(func(v InstanceTemplateSchedulingMaxRunDuration) int { return v.Seconds }).(pulumi.IntOutput) } @@ -30143,9 +30635,9 @@ func (o InstanceTemplateSchedulingMaxRunDurationPtrOutput) Elem() InstanceTempla } // Span of time that's a fraction of a second at nanosecond -// resolution. Durations less than one second are represented -// with a 0 seconds field and a positive nanos field. Must -// be from 0 to 999,999,999 inclusive. +// resolution. Durations less than one second are represented with a 0 +// `seconds` field and a positive `nanos` field. Must be from 0 to +// 999,999,999 inclusive. func (o InstanceTemplateSchedulingMaxRunDurationPtrOutput) Nanos() pulumi.IntPtrOutput { return o.ApplyT(func(v *InstanceTemplateSchedulingMaxRunDuration) *int { if v == nil { @@ -30155,8 +30647,9 @@ func (o InstanceTemplateSchedulingMaxRunDurationPtrOutput) Nanos() pulumi.IntPtr }).(pulumi.IntPtrOutput) } -// Span of time at a resolution of a second. -// Must be from 0 to 315,576,000,000 inclusive. +// Span of time at a resolution of a second. Must be from 0 to +// 315,576,000,000 inclusive. Note: these bounds are computed from: 60 +// sec/min * 60 min/hr * 24 hr/day * 365.25 days/year * 10000 years. func (o InstanceTemplateSchedulingMaxRunDurationPtrOutput) Seconds() pulumi.IntPtrOutput { return o.ApplyT(func(v *InstanceTemplateSchedulingMaxRunDuration) *int { if v == nil { @@ -30281,6 +30774,143 @@ func (o InstanceTemplateSchedulingNodeAffinityArrayOutput) Index(i pulumi.IntInp }).(InstanceTemplateSchedulingNodeAffinityOutput) } +type InstanceTemplateSchedulingOnInstanceStopAction struct { + // Whether to discard local SSDs attached to the VM while terminating using `maxRunDuration`. Only supports `true` at this point. + DiscardLocalSsd *bool `pulumi:"discardLocalSsd"` +} + +// InstanceTemplateSchedulingOnInstanceStopActionInput is an input type that accepts InstanceTemplateSchedulingOnInstanceStopActionArgs and InstanceTemplateSchedulingOnInstanceStopActionOutput values. +// You can construct a concrete instance of `InstanceTemplateSchedulingOnInstanceStopActionInput` via: +// +// InstanceTemplateSchedulingOnInstanceStopActionArgs{...} +type InstanceTemplateSchedulingOnInstanceStopActionInput interface { + pulumi.Input + + ToInstanceTemplateSchedulingOnInstanceStopActionOutput() InstanceTemplateSchedulingOnInstanceStopActionOutput + ToInstanceTemplateSchedulingOnInstanceStopActionOutputWithContext(context.Context) InstanceTemplateSchedulingOnInstanceStopActionOutput +} + +type InstanceTemplateSchedulingOnInstanceStopActionArgs struct { + // Whether to discard local SSDs attached to the VM while terminating using `maxRunDuration`. Only supports `true` at this point. + DiscardLocalSsd pulumi.BoolPtrInput `pulumi:"discardLocalSsd"` +} + +func (InstanceTemplateSchedulingOnInstanceStopActionArgs) ElementType() reflect.Type { + return reflect.TypeOf((*InstanceTemplateSchedulingOnInstanceStopAction)(nil)).Elem() +} + +func (i InstanceTemplateSchedulingOnInstanceStopActionArgs) ToInstanceTemplateSchedulingOnInstanceStopActionOutput() InstanceTemplateSchedulingOnInstanceStopActionOutput { + return i.ToInstanceTemplateSchedulingOnInstanceStopActionOutputWithContext(context.Background()) +} + +func (i InstanceTemplateSchedulingOnInstanceStopActionArgs) ToInstanceTemplateSchedulingOnInstanceStopActionOutputWithContext(ctx context.Context) InstanceTemplateSchedulingOnInstanceStopActionOutput { + return pulumi.ToOutputWithContext(ctx, i).(InstanceTemplateSchedulingOnInstanceStopActionOutput) +} + +func (i InstanceTemplateSchedulingOnInstanceStopActionArgs) ToInstanceTemplateSchedulingOnInstanceStopActionPtrOutput() InstanceTemplateSchedulingOnInstanceStopActionPtrOutput { + return i.ToInstanceTemplateSchedulingOnInstanceStopActionPtrOutputWithContext(context.Background()) +} + +func (i InstanceTemplateSchedulingOnInstanceStopActionArgs) ToInstanceTemplateSchedulingOnInstanceStopActionPtrOutputWithContext(ctx context.Context) InstanceTemplateSchedulingOnInstanceStopActionPtrOutput { + return pulumi.ToOutputWithContext(ctx, i).(InstanceTemplateSchedulingOnInstanceStopActionOutput).ToInstanceTemplateSchedulingOnInstanceStopActionPtrOutputWithContext(ctx) +} + +// InstanceTemplateSchedulingOnInstanceStopActionPtrInput is an input type that accepts InstanceTemplateSchedulingOnInstanceStopActionArgs, InstanceTemplateSchedulingOnInstanceStopActionPtr and InstanceTemplateSchedulingOnInstanceStopActionPtrOutput values. +// You can construct a concrete instance of `InstanceTemplateSchedulingOnInstanceStopActionPtrInput` via: +// +// InstanceTemplateSchedulingOnInstanceStopActionArgs{...} +// +// or: +// +// nil +type InstanceTemplateSchedulingOnInstanceStopActionPtrInput interface { + pulumi.Input + + ToInstanceTemplateSchedulingOnInstanceStopActionPtrOutput() InstanceTemplateSchedulingOnInstanceStopActionPtrOutput + ToInstanceTemplateSchedulingOnInstanceStopActionPtrOutputWithContext(context.Context) InstanceTemplateSchedulingOnInstanceStopActionPtrOutput +} + +type instanceTemplateSchedulingOnInstanceStopActionPtrType InstanceTemplateSchedulingOnInstanceStopActionArgs + +func InstanceTemplateSchedulingOnInstanceStopActionPtr(v *InstanceTemplateSchedulingOnInstanceStopActionArgs) InstanceTemplateSchedulingOnInstanceStopActionPtrInput { + return (*instanceTemplateSchedulingOnInstanceStopActionPtrType)(v) +} + +func (*instanceTemplateSchedulingOnInstanceStopActionPtrType) ElementType() reflect.Type { + return reflect.TypeOf((**InstanceTemplateSchedulingOnInstanceStopAction)(nil)).Elem() +} + +func (i *instanceTemplateSchedulingOnInstanceStopActionPtrType) ToInstanceTemplateSchedulingOnInstanceStopActionPtrOutput() InstanceTemplateSchedulingOnInstanceStopActionPtrOutput { + return i.ToInstanceTemplateSchedulingOnInstanceStopActionPtrOutputWithContext(context.Background()) +} + +func (i *instanceTemplateSchedulingOnInstanceStopActionPtrType) ToInstanceTemplateSchedulingOnInstanceStopActionPtrOutputWithContext(ctx context.Context) InstanceTemplateSchedulingOnInstanceStopActionPtrOutput { + return pulumi.ToOutputWithContext(ctx, i).(InstanceTemplateSchedulingOnInstanceStopActionPtrOutput) +} + +type InstanceTemplateSchedulingOnInstanceStopActionOutput struct{ *pulumi.OutputState } + +func (InstanceTemplateSchedulingOnInstanceStopActionOutput) ElementType() reflect.Type { + return reflect.TypeOf((*InstanceTemplateSchedulingOnInstanceStopAction)(nil)).Elem() +} + +func (o InstanceTemplateSchedulingOnInstanceStopActionOutput) ToInstanceTemplateSchedulingOnInstanceStopActionOutput() InstanceTemplateSchedulingOnInstanceStopActionOutput { + return o +} + +func (o InstanceTemplateSchedulingOnInstanceStopActionOutput) ToInstanceTemplateSchedulingOnInstanceStopActionOutputWithContext(ctx context.Context) InstanceTemplateSchedulingOnInstanceStopActionOutput { + return o +} + +func (o InstanceTemplateSchedulingOnInstanceStopActionOutput) ToInstanceTemplateSchedulingOnInstanceStopActionPtrOutput() InstanceTemplateSchedulingOnInstanceStopActionPtrOutput { + return o.ToInstanceTemplateSchedulingOnInstanceStopActionPtrOutputWithContext(context.Background()) +} + +func (o InstanceTemplateSchedulingOnInstanceStopActionOutput) ToInstanceTemplateSchedulingOnInstanceStopActionPtrOutputWithContext(ctx context.Context) InstanceTemplateSchedulingOnInstanceStopActionPtrOutput { + return o.ApplyTWithContext(ctx, func(_ context.Context, v InstanceTemplateSchedulingOnInstanceStopAction) *InstanceTemplateSchedulingOnInstanceStopAction { + return &v + }).(InstanceTemplateSchedulingOnInstanceStopActionPtrOutput) +} + +// Whether to discard local SSDs attached to the VM while terminating using `maxRunDuration`. Only supports `true` at this point. +func (o InstanceTemplateSchedulingOnInstanceStopActionOutput) DiscardLocalSsd() pulumi.BoolPtrOutput { + return o.ApplyT(func(v InstanceTemplateSchedulingOnInstanceStopAction) *bool { return v.DiscardLocalSsd }).(pulumi.BoolPtrOutput) +} + +type InstanceTemplateSchedulingOnInstanceStopActionPtrOutput struct{ *pulumi.OutputState } + +func (InstanceTemplateSchedulingOnInstanceStopActionPtrOutput) ElementType() reflect.Type { + return reflect.TypeOf((**InstanceTemplateSchedulingOnInstanceStopAction)(nil)).Elem() +} + +func (o InstanceTemplateSchedulingOnInstanceStopActionPtrOutput) ToInstanceTemplateSchedulingOnInstanceStopActionPtrOutput() InstanceTemplateSchedulingOnInstanceStopActionPtrOutput { + return o +} + +func (o InstanceTemplateSchedulingOnInstanceStopActionPtrOutput) ToInstanceTemplateSchedulingOnInstanceStopActionPtrOutputWithContext(ctx context.Context) InstanceTemplateSchedulingOnInstanceStopActionPtrOutput { + return o +} + +func (o InstanceTemplateSchedulingOnInstanceStopActionPtrOutput) Elem() InstanceTemplateSchedulingOnInstanceStopActionOutput { + return o.ApplyT(func(v *InstanceTemplateSchedulingOnInstanceStopAction) InstanceTemplateSchedulingOnInstanceStopAction { + if v != nil { + return *v + } + var ret InstanceTemplateSchedulingOnInstanceStopAction + return ret + }).(InstanceTemplateSchedulingOnInstanceStopActionOutput) +} + +// Whether to discard local SSDs attached to the VM while terminating using `maxRunDuration`. Only supports `true` at this point. +func (o InstanceTemplateSchedulingOnInstanceStopActionPtrOutput) DiscardLocalSsd() pulumi.BoolPtrOutput { + return o.ApplyT(func(v *InstanceTemplateSchedulingOnInstanceStopAction) *bool { + if v == nil { + return nil + } + return v.DiscardLocalSsd + }).(pulumi.BoolPtrOutput) +} + type InstanceTemplateServiceAccount struct { // The service account e-mail address. If not given, the // default Google Compute Engine service account is used. @@ -50465,6 +51095,8 @@ type RegionInstanceTemplateScheduling struct { // Defines the maintenance behavior for this // instance. OnHostMaintenance *string `pulumi:"onHostMaintenance"` + // Defines the behaviour for instances with the instance_termination_action. + OnInstanceStopAction *RegionInstanceTemplateSchedulingOnInstanceStopAction `pulumi:"onInstanceStopAction"` // Allows instance to be preempted. This defaults to // false. Read more on this // [here](https://cloud.google.com/compute/docs/instances/preemptible). @@ -50514,6 +51146,8 @@ type RegionInstanceTemplateSchedulingArgs struct { // Defines the maintenance behavior for this // instance. OnHostMaintenance pulumi.StringPtrInput `pulumi:"onHostMaintenance"` + // Defines the behaviour for instances with the instance_termination_action. + OnInstanceStopAction RegionInstanceTemplateSchedulingOnInstanceStopActionPtrInput `pulumi:"onInstanceStopAction"` // Allows instance to be preempted. This defaults to // false. Read more on this // [here](https://cloud.google.com/compute/docs/instances/preemptible). @@ -50659,6 +51293,13 @@ func (o RegionInstanceTemplateSchedulingOutput) OnHostMaintenance() pulumi.Strin return o.ApplyT(func(v RegionInstanceTemplateScheduling) *string { return v.OnHostMaintenance }).(pulumi.StringPtrOutput) } +// Defines the behaviour for instances with the instance_termination_action. +func (o RegionInstanceTemplateSchedulingOutput) OnInstanceStopAction() RegionInstanceTemplateSchedulingOnInstanceStopActionPtrOutput { + return o.ApplyT(func(v RegionInstanceTemplateScheduling) *RegionInstanceTemplateSchedulingOnInstanceStopAction { + return v.OnInstanceStopAction + }).(RegionInstanceTemplateSchedulingOnInstanceStopActionPtrOutput) +} + // Allows instance to be preempted. This defaults to // false. Read more on this // [here](https://cloud.google.com/compute/docs/instances/preemptible). @@ -50789,6 +51430,16 @@ func (o RegionInstanceTemplateSchedulingPtrOutput) OnHostMaintenance() pulumi.St }).(pulumi.StringPtrOutput) } +// Defines the behaviour for instances with the instance_termination_action. +func (o RegionInstanceTemplateSchedulingPtrOutput) OnInstanceStopAction() RegionInstanceTemplateSchedulingOnInstanceStopActionPtrOutput { + return o.ApplyT(func(v *RegionInstanceTemplateScheduling) *RegionInstanceTemplateSchedulingOnInstanceStopAction { + if v == nil { + return nil + } + return v.OnInstanceStopAction + }).(RegionInstanceTemplateSchedulingOnInstanceStopActionPtrOutput) +} + // Allows instance to be preempted. This defaults to // false. Read more on this // [here](https://cloud.google.com/compute/docs/instances/preemptible). @@ -51223,6 +51874,143 @@ func (o RegionInstanceTemplateSchedulingNodeAffinityArrayOutput) Index(i pulumi. }).(RegionInstanceTemplateSchedulingNodeAffinityOutput) } +type RegionInstanceTemplateSchedulingOnInstanceStopAction struct { + // If true, the contents of any attached Local SSD disks will be discarded. + DiscardLocalSsd *bool `pulumi:"discardLocalSsd"` +} + +// RegionInstanceTemplateSchedulingOnInstanceStopActionInput is an input type that accepts RegionInstanceTemplateSchedulingOnInstanceStopActionArgs and RegionInstanceTemplateSchedulingOnInstanceStopActionOutput values. +// You can construct a concrete instance of `RegionInstanceTemplateSchedulingOnInstanceStopActionInput` via: +// +// RegionInstanceTemplateSchedulingOnInstanceStopActionArgs{...} +type RegionInstanceTemplateSchedulingOnInstanceStopActionInput interface { + pulumi.Input + + ToRegionInstanceTemplateSchedulingOnInstanceStopActionOutput() RegionInstanceTemplateSchedulingOnInstanceStopActionOutput + ToRegionInstanceTemplateSchedulingOnInstanceStopActionOutputWithContext(context.Context) RegionInstanceTemplateSchedulingOnInstanceStopActionOutput +} + +type RegionInstanceTemplateSchedulingOnInstanceStopActionArgs struct { + // If true, the contents of any attached Local SSD disks will be discarded. + DiscardLocalSsd pulumi.BoolPtrInput `pulumi:"discardLocalSsd"` +} + +func (RegionInstanceTemplateSchedulingOnInstanceStopActionArgs) ElementType() reflect.Type { + return reflect.TypeOf((*RegionInstanceTemplateSchedulingOnInstanceStopAction)(nil)).Elem() +} + +func (i RegionInstanceTemplateSchedulingOnInstanceStopActionArgs) ToRegionInstanceTemplateSchedulingOnInstanceStopActionOutput() RegionInstanceTemplateSchedulingOnInstanceStopActionOutput { + return i.ToRegionInstanceTemplateSchedulingOnInstanceStopActionOutputWithContext(context.Background()) +} + +func (i RegionInstanceTemplateSchedulingOnInstanceStopActionArgs) ToRegionInstanceTemplateSchedulingOnInstanceStopActionOutputWithContext(ctx context.Context) RegionInstanceTemplateSchedulingOnInstanceStopActionOutput { + return pulumi.ToOutputWithContext(ctx, i).(RegionInstanceTemplateSchedulingOnInstanceStopActionOutput) +} + +func (i RegionInstanceTemplateSchedulingOnInstanceStopActionArgs) ToRegionInstanceTemplateSchedulingOnInstanceStopActionPtrOutput() RegionInstanceTemplateSchedulingOnInstanceStopActionPtrOutput { + return i.ToRegionInstanceTemplateSchedulingOnInstanceStopActionPtrOutputWithContext(context.Background()) +} + +func (i RegionInstanceTemplateSchedulingOnInstanceStopActionArgs) ToRegionInstanceTemplateSchedulingOnInstanceStopActionPtrOutputWithContext(ctx context.Context) RegionInstanceTemplateSchedulingOnInstanceStopActionPtrOutput { + return pulumi.ToOutputWithContext(ctx, i).(RegionInstanceTemplateSchedulingOnInstanceStopActionOutput).ToRegionInstanceTemplateSchedulingOnInstanceStopActionPtrOutputWithContext(ctx) +} + +// RegionInstanceTemplateSchedulingOnInstanceStopActionPtrInput is an input type that accepts RegionInstanceTemplateSchedulingOnInstanceStopActionArgs, RegionInstanceTemplateSchedulingOnInstanceStopActionPtr and RegionInstanceTemplateSchedulingOnInstanceStopActionPtrOutput values. +// You can construct a concrete instance of `RegionInstanceTemplateSchedulingOnInstanceStopActionPtrInput` via: +// +// RegionInstanceTemplateSchedulingOnInstanceStopActionArgs{...} +// +// or: +// +// nil +type RegionInstanceTemplateSchedulingOnInstanceStopActionPtrInput interface { + pulumi.Input + + ToRegionInstanceTemplateSchedulingOnInstanceStopActionPtrOutput() RegionInstanceTemplateSchedulingOnInstanceStopActionPtrOutput + ToRegionInstanceTemplateSchedulingOnInstanceStopActionPtrOutputWithContext(context.Context) RegionInstanceTemplateSchedulingOnInstanceStopActionPtrOutput +} + +type regionInstanceTemplateSchedulingOnInstanceStopActionPtrType RegionInstanceTemplateSchedulingOnInstanceStopActionArgs + +func RegionInstanceTemplateSchedulingOnInstanceStopActionPtr(v *RegionInstanceTemplateSchedulingOnInstanceStopActionArgs) RegionInstanceTemplateSchedulingOnInstanceStopActionPtrInput { + return (*regionInstanceTemplateSchedulingOnInstanceStopActionPtrType)(v) +} + +func (*regionInstanceTemplateSchedulingOnInstanceStopActionPtrType) ElementType() reflect.Type { + return reflect.TypeOf((**RegionInstanceTemplateSchedulingOnInstanceStopAction)(nil)).Elem() +} + +func (i *regionInstanceTemplateSchedulingOnInstanceStopActionPtrType) ToRegionInstanceTemplateSchedulingOnInstanceStopActionPtrOutput() RegionInstanceTemplateSchedulingOnInstanceStopActionPtrOutput { + return i.ToRegionInstanceTemplateSchedulingOnInstanceStopActionPtrOutputWithContext(context.Background()) +} + +func (i *regionInstanceTemplateSchedulingOnInstanceStopActionPtrType) ToRegionInstanceTemplateSchedulingOnInstanceStopActionPtrOutputWithContext(ctx context.Context) RegionInstanceTemplateSchedulingOnInstanceStopActionPtrOutput { + return pulumi.ToOutputWithContext(ctx, i).(RegionInstanceTemplateSchedulingOnInstanceStopActionPtrOutput) +} + +type RegionInstanceTemplateSchedulingOnInstanceStopActionOutput struct{ *pulumi.OutputState } + +func (RegionInstanceTemplateSchedulingOnInstanceStopActionOutput) ElementType() reflect.Type { + return reflect.TypeOf((*RegionInstanceTemplateSchedulingOnInstanceStopAction)(nil)).Elem() +} + +func (o RegionInstanceTemplateSchedulingOnInstanceStopActionOutput) ToRegionInstanceTemplateSchedulingOnInstanceStopActionOutput() RegionInstanceTemplateSchedulingOnInstanceStopActionOutput { + return o +} + +func (o RegionInstanceTemplateSchedulingOnInstanceStopActionOutput) ToRegionInstanceTemplateSchedulingOnInstanceStopActionOutputWithContext(ctx context.Context) RegionInstanceTemplateSchedulingOnInstanceStopActionOutput { + return o +} + +func (o RegionInstanceTemplateSchedulingOnInstanceStopActionOutput) ToRegionInstanceTemplateSchedulingOnInstanceStopActionPtrOutput() RegionInstanceTemplateSchedulingOnInstanceStopActionPtrOutput { + return o.ToRegionInstanceTemplateSchedulingOnInstanceStopActionPtrOutputWithContext(context.Background()) +} + +func (o RegionInstanceTemplateSchedulingOnInstanceStopActionOutput) ToRegionInstanceTemplateSchedulingOnInstanceStopActionPtrOutputWithContext(ctx context.Context) RegionInstanceTemplateSchedulingOnInstanceStopActionPtrOutput { + return o.ApplyTWithContext(ctx, func(_ context.Context, v RegionInstanceTemplateSchedulingOnInstanceStopAction) *RegionInstanceTemplateSchedulingOnInstanceStopAction { + return &v + }).(RegionInstanceTemplateSchedulingOnInstanceStopActionPtrOutput) +} + +// If true, the contents of any attached Local SSD disks will be discarded. +func (o RegionInstanceTemplateSchedulingOnInstanceStopActionOutput) DiscardLocalSsd() pulumi.BoolPtrOutput { + return o.ApplyT(func(v RegionInstanceTemplateSchedulingOnInstanceStopAction) *bool { return v.DiscardLocalSsd }).(pulumi.BoolPtrOutput) +} + +type RegionInstanceTemplateSchedulingOnInstanceStopActionPtrOutput struct{ *pulumi.OutputState } + +func (RegionInstanceTemplateSchedulingOnInstanceStopActionPtrOutput) ElementType() reflect.Type { + return reflect.TypeOf((**RegionInstanceTemplateSchedulingOnInstanceStopAction)(nil)).Elem() +} + +func (o RegionInstanceTemplateSchedulingOnInstanceStopActionPtrOutput) ToRegionInstanceTemplateSchedulingOnInstanceStopActionPtrOutput() RegionInstanceTemplateSchedulingOnInstanceStopActionPtrOutput { + return o +} + +func (o RegionInstanceTemplateSchedulingOnInstanceStopActionPtrOutput) ToRegionInstanceTemplateSchedulingOnInstanceStopActionPtrOutputWithContext(ctx context.Context) RegionInstanceTemplateSchedulingOnInstanceStopActionPtrOutput { + return o +} + +func (o RegionInstanceTemplateSchedulingOnInstanceStopActionPtrOutput) Elem() RegionInstanceTemplateSchedulingOnInstanceStopActionOutput { + return o.ApplyT(func(v *RegionInstanceTemplateSchedulingOnInstanceStopAction) RegionInstanceTemplateSchedulingOnInstanceStopAction { + if v != nil { + return *v + } + var ret RegionInstanceTemplateSchedulingOnInstanceStopAction + return ret + }).(RegionInstanceTemplateSchedulingOnInstanceStopActionOutput) +} + +// If true, the contents of any attached Local SSD disks will be discarded. +func (o RegionInstanceTemplateSchedulingOnInstanceStopActionPtrOutput) DiscardLocalSsd() pulumi.BoolPtrOutput { + return o.ApplyT(func(v *RegionInstanceTemplateSchedulingOnInstanceStopAction) *bool { + if v == nil { + return nil + } + return v.DiscardLocalSsd + }).(pulumi.BoolPtrOutput) +} + type RegionInstanceTemplateServiceAccount struct { // The service account e-mail address. If not given, the // default Google Compute Engine service account is used. @@ -74863,6 +75651,7 @@ type SecurityPolicyAdvancedOptionsConfig struct { // Whether or not to JSON parse the payload body. Defaults to `DISABLED`. // * `DISABLED` - Don't parse JSON payloads in POST bodies. // * `STANDARD` - Parse JSON payloads in POST bodies. + // * `STANDARD_WITH_GRAPHQL` - Parse JSON and GraphQL payloads in POST bodies. JsonParsing *string `pulumi:"jsonParsing"` // Log level to use. Defaults to `NORMAL`. // * `NORMAL` - Normal log level. @@ -74890,6 +75679,7 @@ type SecurityPolicyAdvancedOptionsConfigArgs struct { // Whether or not to JSON parse the payload body. Defaults to `DISABLED`. // * `DISABLED` - Don't parse JSON payloads in POST bodies. // * `STANDARD` - Parse JSON payloads in POST bodies. + // * `STANDARD_WITH_GRAPHQL` - Parse JSON and GraphQL payloads in POST bodies. JsonParsing pulumi.StringPtrInput `pulumi:"jsonParsing"` // Log level to use. Defaults to `NORMAL`. // * `NORMAL` - Normal log level. @@ -74987,6 +75777,7 @@ func (o SecurityPolicyAdvancedOptionsConfigOutput) JsonCustomConfig() SecurityPo // Whether or not to JSON parse the payload body. Defaults to `DISABLED`. // * `DISABLED` - Don't parse JSON payloads in POST bodies. // * `STANDARD` - Parse JSON payloads in POST bodies. +// * `STANDARD_WITH_GRAPHQL` - Parse JSON and GraphQL payloads in POST bodies. func (o SecurityPolicyAdvancedOptionsConfigOutput) JsonParsing() pulumi.StringPtrOutput { return o.ApplyT(func(v SecurityPolicyAdvancedOptionsConfig) *string { return v.JsonParsing }).(pulumi.StringPtrOutput) } @@ -75041,6 +75832,7 @@ func (o SecurityPolicyAdvancedOptionsConfigPtrOutput) JsonCustomConfig() Securit // Whether or not to JSON parse the payload body. Defaults to `DISABLED`. // * `DISABLED` - Don't parse JSON payloads in POST bodies. // * `STANDARD` - Parse JSON payloads in POST bodies. +// * `STANDARD_WITH_GRAPHQL` - Parse JSON and GraphQL payloads in POST bodies. func (o SecurityPolicyAdvancedOptionsConfigPtrOutput) JsonParsing() pulumi.StringPtrOutput { return o.ApplyT(func(v *SecurityPolicyAdvancedOptionsConfig) *string { if v == nil { @@ -77075,42 +77867,47 @@ func (o SecurityPolicyRulePreconfiguredWafConfigExclusionRequestUriArrayOutput) } type SecurityPolicyRuleRateLimitOptions struct { - // Can only be specified if the `action` for the rule is `rateBasedBan`. + // Can only be specified if the action for the rule is "rateBasedBan". // If specified, determines the time (in seconds) the traffic will continue to be banned by the rate limit after the rate falls below the threshold. BanDurationSec *int `pulumi:"banDurationSec"` - // Can only be specified if the `action` for the rule is `rateBasedBan`. - // If specified, the key will be banned for the configured `banDurationSec` when the number of requests that exceed the `rateLimitThreshold` also - // exceed this `banThreshold`. Structure is documented below. + // Can only be specified if the action for the rule is "rateBasedBan". + // If specified, the key will be banned for the configured 'banDurationSec' when the number of requests that exceed the 'rateLimitThreshold' also exceed this 'banThreshold'. + // Structure is documented below. BanThreshold *SecurityPolicyRuleRateLimitOptionsBanThreshold `pulumi:"banThreshold"` - // Action to take for requests that are under the configured rate limit threshold. Valid option is `allow` only. - ConformAction string `pulumi:"conformAction"` - // Determines the key to enforce the rateLimitThreshold on. If not specified, defaults to `ALL`. - // - // * `ALL`: A single rate limit threshold is applied to all the requests matching this rule. - // * `IP`: The source IP address of the request is the key. Each IP has this limit enforced separately. - // * `HTTP_HEADER`: The value of the HTTP header whose name is configured under `enforceOnKeyName`. The key value is truncated to the first 128 bytes of the header value. If no such header is present in the request, the key type defaults to `ALL`. - // * `XFF_IP`: The first IP address (i.e. the originating client IP address) specified in the list of IPs under `X-Forwarded-For` HTTP header. If no such header is present or the value is not a valid IP, the key type defaults to `ALL`. - // * `HTTP_COOKIE`: The value of the HTTP cookie whose name is configured under `enforceOnKeyName`. The key value is truncated to the first 128 bytes of the cookie value. If no such cookie is present in the request, the key type defaults to `ALL`. - // * `HTTP_PATH`: The URL path of the HTTP request. The key value is truncated to the first 128 bytes - // * `SNI`: Server name indication in the TLS session of the HTTPS request. The key value is truncated to the first 128 bytes. The key type defaults to `ALL` on a HTTP session. - // * `REGION_CODE`: The country/region from which the request originates. + // Action to take for requests that are under the configured rate limit threshold. + // Valid option is "allow" only. + ConformAction *string `pulumi:"conformAction"` + // Determines the key to enforce the rateLimitThreshold on. Possible values are: + // * ALL: A single rate limit threshold is applied to all the requests matching this rule. This is the default value if "enforceOnKey" is not configured. + // * IP: The source IP address of the request is the key. Each IP has this limit enforced separately. + // * HTTP_HEADER: The value of the HTTP header whose name is configured under "enforceOnKeyName". The key value is truncated to the first 128 bytes of the header value. If no such header is present in the request, the key type defaults to ALL. + // * XFF_IP: The first IP address (i.e. the originating client IP address) specified in the list of IPs under X-Forwarded-For HTTP header. If no such header is present or the value is not a valid IP, the key defaults to the source IP address of the request i.e. key type IP. + // * HTTP_COOKIE: The value of the HTTP cookie whose name is configured under "enforceOnKeyName". The key value is truncated to the first 128 bytes of the cookie value. If no such cookie is present in the request, the key type defaults to ALL. + // * HTTP_PATH: The URL path of the HTTP request. The key value is truncated to the first 128 bytes. + // * SNI: Server name indication in the TLS session of the HTTPS request. The key value is truncated to the first 128 bytes. The key type defaults to ALL on a HTTP session. + // * REGION_CODE: The country/region from which the request originates. + // * TLS_JA3_FINGERPRINT: JA3 TLS/SSL fingerprint if the client connects using HTTPS, HTTP/2 or HTTP/3. If not available, the key type defaults to ALL. + // * USER_IP: The IP address of the originating client, which is resolved based on "userIpRequestHeaders" configured with the security policy. If there is no "userIpRequestHeaders" configuration or an IP address cannot be resolved from it, the key type defaults to IP. + // Possible values are: `ALL`, `IP`, `HTTP_HEADER`, `XFF_IP`, `HTTP_COOKIE`, `HTTP_PATH`, `SNI`, `REGION_CODE`, `TLS_JA3_FINGERPRINT`, `USER_IP`. EnforceOnKey *string `pulumi:"enforceOnKey"` - // If specified, any combination of values of enforce_on_key_type/enforce_on_key_name is treated as the key on which rate limit threshold/action is enforced. You can specify up to 3 enforce_on_key_configs. If `enforceOnKeyConfigs` is specified, `enforceOnKey` must be set to an empty string. Structure is documented below. - // - // **Note:** To avoid the conflict between `enforceOnKey` and `enforceOnKeyConfigs`, the field `enforceOnKey` needs to be set to an empty string. + // If specified, any combination of values of enforceOnKeyType/enforceOnKeyName is treated as the key on which ratelimit threshold/action is enforced. + // You can specify up to 3 enforceOnKeyConfigs. + // If enforceOnKeyConfigs is specified, enforceOnKey must not be specified. + // Structure is documented below. EnforceOnKeyConfigs []SecurityPolicyRuleRateLimitOptionsEnforceOnKeyConfig `pulumi:"enforceOnKeyConfigs"` // Rate limit key name applicable only for the following key types: - // - // * `HTTP_HEADER` -- Name of the HTTP header whose value is taken as the key value. - // * `HTTP_COOKIE` -- Name of the HTTP cookie whose value is taken as the key value. + // HTTP_HEADER -- Name of the HTTP header whose value is taken as the key value. + // HTTP_COOKIE -- Name of the HTTP cookie whose value is taken as the key value. EnforceOnKeyName *string `pulumi:"enforceOnKeyName"` - // When a request is denied, returns the HTTP response code specified. - // Valid options are `deny()` where valid values for status are 403, 404, 429, and 502. - ExceedAction string `pulumi:"exceedAction"` - // Parameters defining the redirect action that is used as the exceed action. Cannot be specified if the exceed action is not redirect. + // Action to take for requests that are above the configured rate limit threshold, to either deny with a specified HTTP response code, or redirect to a different endpoint. + // Valid options are deny(STATUS), where valid values for STATUS are 403, 404, 429, and 502. + ExceedAction *string `pulumi:"exceedAction"` + // Parameters defining the redirect action that is used as the exceed action. Cannot be specified if the exceed action is not redirect. This field is only supported in Global Security Policies of type CLOUD_ARMOR. + // Structure is documented below. ExceedRedirectOptions *SecurityPolicyRuleRateLimitOptionsExceedRedirectOptions `pulumi:"exceedRedirectOptions"` - // Threshold at which to begin ratelimiting. Structure is documented below. - RateLimitThreshold SecurityPolicyRuleRateLimitOptionsRateLimitThreshold `pulumi:"rateLimitThreshold"` + // Threshold at which to begin ratelimiting. + // Structure is documented below. + RateLimitThreshold *SecurityPolicyRuleRateLimitOptionsRateLimitThreshold `pulumi:"rateLimitThreshold"` } // SecurityPolicyRuleRateLimitOptionsInput is an input type that accepts SecurityPolicyRuleRateLimitOptionsArgs and SecurityPolicyRuleRateLimitOptionsOutput values. @@ -77125,42 +77922,47 @@ type SecurityPolicyRuleRateLimitOptionsInput interface { } type SecurityPolicyRuleRateLimitOptionsArgs struct { - // Can only be specified if the `action` for the rule is `rateBasedBan`. + // Can only be specified if the action for the rule is "rateBasedBan". // If specified, determines the time (in seconds) the traffic will continue to be banned by the rate limit after the rate falls below the threshold. BanDurationSec pulumi.IntPtrInput `pulumi:"banDurationSec"` - // Can only be specified if the `action` for the rule is `rateBasedBan`. - // If specified, the key will be banned for the configured `banDurationSec` when the number of requests that exceed the `rateLimitThreshold` also - // exceed this `banThreshold`. Structure is documented below. + // Can only be specified if the action for the rule is "rateBasedBan". + // If specified, the key will be banned for the configured 'banDurationSec' when the number of requests that exceed the 'rateLimitThreshold' also exceed this 'banThreshold'. + // Structure is documented below. BanThreshold SecurityPolicyRuleRateLimitOptionsBanThresholdPtrInput `pulumi:"banThreshold"` - // Action to take for requests that are under the configured rate limit threshold. Valid option is `allow` only. - ConformAction pulumi.StringInput `pulumi:"conformAction"` - // Determines the key to enforce the rateLimitThreshold on. If not specified, defaults to `ALL`. - // - // * `ALL`: A single rate limit threshold is applied to all the requests matching this rule. - // * `IP`: The source IP address of the request is the key. Each IP has this limit enforced separately. - // * `HTTP_HEADER`: The value of the HTTP header whose name is configured under `enforceOnKeyName`. The key value is truncated to the first 128 bytes of the header value. If no such header is present in the request, the key type defaults to `ALL`. - // * `XFF_IP`: The first IP address (i.e. the originating client IP address) specified in the list of IPs under `X-Forwarded-For` HTTP header. If no such header is present or the value is not a valid IP, the key type defaults to `ALL`. - // * `HTTP_COOKIE`: The value of the HTTP cookie whose name is configured under `enforceOnKeyName`. The key value is truncated to the first 128 bytes of the cookie value. If no such cookie is present in the request, the key type defaults to `ALL`. - // * `HTTP_PATH`: The URL path of the HTTP request. The key value is truncated to the first 128 bytes - // * `SNI`: Server name indication in the TLS session of the HTTPS request. The key value is truncated to the first 128 bytes. The key type defaults to `ALL` on a HTTP session. - // * `REGION_CODE`: The country/region from which the request originates. + // Action to take for requests that are under the configured rate limit threshold. + // Valid option is "allow" only. + ConformAction pulumi.StringPtrInput `pulumi:"conformAction"` + // Determines the key to enforce the rateLimitThreshold on. Possible values are: + // * ALL: A single rate limit threshold is applied to all the requests matching this rule. This is the default value if "enforceOnKey" is not configured. + // * IP: The source IP address of the request is the key. Each IP has this limit enforced separately. + // * HTTP_HEADER: The value of the HTTP header whose name is configured under "enforceOnKeyName". The key value is truncated to the first 128 bytes of the header value. If no such header is present in the request, the key type defaults to ALL. + // * XFF_IP: The first IP address (i.e. the originating client IP address) specified in the list of IPs under X-Forwarded-For HTTP header. If no such header is present or the value is not a valid IP, the key defaults to the source IP address of the request i.e. key type IP. + // * HTTP_COOKIE: The value of the HTTP cookie whose name is configured under "enforceOnKeyName". The key value is truncated to the first 128 bytes of the cookie value. If no such cookie is present in the request, the key type defaults to ALL. + // * HTTP_PATH: The URL path of the HTTP request. The key value is truncated to the first 128 bytes. + // * SNI: Server name indication in the TLS session of the HTTPS request. The key value is truncated to the first 128 bytes. The key type defaults to ALL on a HTTP session. + // * REGION_CODE: The country/region from which the request originates. + // * TLS_JA3_FINGERPRINT: JA3 TLS/SSL fingerprint if the client connects using HTTPS, HTTP/2 or HTTP/3. If not available, the key type defaults to ALL. + // * USER_IP: The IP address of the originating client, which is resolved based on "userIpRequestHeaders" configured with the security policy. If there is no "userIpRequestHeaders" configuration or an IP address cannot be resolved from it, the key type defaults to IP. + // Possible values are: `ALL`, `IP`, `HTTP_HEADER`, `XFF_IP`, `HTTP_COOKIE`, `HTTP_PATH`, `SNI`, `REGION_CODE`, `TLS_JA3_FINGERPRINT`, `USER_IP`. EnforceOnKey pulumi.StringPtrInput `pulumi:"enforceOnKey"` - // If specified, any combination of values of enforce_on_key_type/enforce_on_key_name is treated as the key on which rate limit threshold/action is enforced. You can specify up to 3 enforce_on_key_configs. If `enforceOnKeyConfigs` is specified, `enforceOnKey` must be set to an empty string. Structure is documented below. - // - // **Note:** To avoid the conflict between `enforceOnKey` and `enforceOnKeyConfigs`, the field `enforceOnKey` needs to be set to an empty string. + // If specified, any combination of values of enforceOnKeyType/enforceOnKeyName is treated as the key on which ratelimit threshold/action is enforced. + // You can specify up to 3 enforceOnKeyConfigs. + // If enforceOnKeyConfigs is specified, enforceOnKey must not be specified. + // Structure is documented below. EnforceOnKeyConfigs SecurityPolicyRuleRateLimitOptionsEnforceOnKeyConfigArrayInput `pulumi:"enforceOnKeyConfigs"` // Rate limit key name applicable only for the following key types: - // - // * `HTTP_HEADER` -- Name of the HTTP header whose value is taken as the key value. - // * `HTTP_COOKIE` -- Name of the HTTP cookie whose value is taken as the key value. + // HTTP_HEADER -- Name of the HTTP header whose value is taken as the key value. + // HTTP_COOKIE -- Name of the HTTP cookie whose value is taken as the key value. EnforceOnKeyName pulumi.StringPtrInput `pulumi:"enforceOnKeyName"` - // When a request is denied, returns the HTTP response code specified. - // Valid options are `deny()` where valid values for status are 403, 404, 429, and 502. - ExceedAction pulumi.StringInput `pulumi:"exceedAction"` - // Parameters defining the redirect action that is used as the exceed action. Cannot be specified if the exceed action is not redirect. + // Action to take for requests that are above the configured rate limit threshold, to either deny with a specified HTTP response code, or redirect to a different endpoint. + // Valid options are deny(STATUS), where valid values for STATUS are 403, 404, 429, and 502. + ExceedAction pulumi.StringPtrInput `pulumi:"exceedAction"` + // Parameters defining the redirect action that is used as the exceed action. Cannot be specified if the exceed action is not redirect. This field is only supported in Global Security Policies of type CLOUD_ARMOR. + // Structure is documented below. ExceedRedirectOptions SecurityPolicyRuleRateLimitOptionsExceedRedirectOptionsPtrInput `pulumi:"exceedRedirectOptions"` - // Threshold at which to begin ratelimiting. Structure is documented below. - RateLimitThreshold SecurityPolicyRuleRateLimitOptionsRateLimitThresholdInput `pulumi:"rateLimitThreshold"` + // Threshold at which to begin ratelimiting. + // Structure is documented below. + RateLimitThreshold SecurityPolicyRuleRateLimitOptionsRateLimitThresholdPtrInput `pulumi:"rateLimitThreshold"` } func (SecurityPolicyRuleRateLimitOptionsArgs) ElementType() reflect.Type { @@ -77240,43 +78042,47 @@ func (o SecurityPolicyRuleRateLimitOptionsOutput) ToSecurityPolicyRuleRateLimitO }).(SecurityPolicyRuleRateLimitOptionsPtrOutput) } -// Can only be specified if the `action` for the rule is `rateBasedBan`. +// Can only be specified if the action for the rule is "rateBasedBan". // If specified, determines the time (in seconds) the traffic will continue to be banned by the rate limit after the rate falls below the threshold. func (o SecurityPolicyRuleRateLimitOptionsOutput) BanDurationSec() pulumi.IntPtrOutput { return o.ApplyT(func(v SecurityPolicyRuleRateLimitOptions) *int { return v.BanDurationSec }).(pulumi.IntPtrOutput) } -// Can only be specified if the `action` for the rule is `rateBasedBan`. -// If specified, the key will be banned for the configured `banDurationSec` when the number of requests that exceed the `rateLimitThreshold` also -// exceed this `banThreshold`. Structure is documented below. +// Can only be specified if the action for the rule is "rateBasedBan". +// If specified, the key will be banned for the configured 'banDurationSec' when the number of requests that exceed the 'rateLimitThreshold' also exceed this 'banThreshold'. +// Structure is documented below. func (o SecurityPolicyRuleRateLimitOptionsOutput) BanThreshold() SecurityPolicyRuleRateLimitOptionsBanThresholdPtrOutput { return o.ApplyT(func(v SecurityPolicyRuleRateLimitOptions) *SecurityPolicyRuleRateLimitOptionsBanThreshold { return v.BanThreshold }).(SecurityPolicyRuleRateLimitOptionsBanThresholdPtrOutput) } -// Action to take for requests that are under the configured rate limit threshold. Valid option is `allow` only. -func (o SecurityPolicyRuleRateLimitOptionsOutput) ConformAction() pulumi.StringOutput { - return o.ApplyT(func(v SecurityPolicyRuleRateLimitOptions) string { return v.ConformAction }).(pulumi.StringOutput) +// Action to take for requests that are under the configured rate limit threshold. +// Valid option is "allow" only. +func (o SecurityPolicyRuleRateLimitOptionsOutput) ConformAction() pulumi.StringPtrOutput { + return o.ApplyT(func(v SecurityPolicyRuleRateLimitOptions) *string { return v.ConformAction }).(pulumi.StringPtrOutput) } -// Determines the key to enforce the rateLimitThreshold on. If not specified, defaults to `ALL`. -// -// * `ALL`: A single rate limit threshold is applied to all the requests matching this rule. -// * `IP`: The source IP address of the request is the key. Each IP has this limit enforced separately. -// * `HTTP_HEADER`: The value of the HTTP header whose name is configured under `enforceOnKeyName`. The key value is truncated to the first 128 bytes of the header value. If no such header is present in the request, the key type defaults to `ALL`. -// * `XFF_IP`: The first IP address (i.e. the originating client IP address) specified in the list of IPs under `X-Forwarded-For` HTTP header. If no such header is present or the value is not a valid IP, the key type defaults to `ALL`. -// * `HTTP_COOKIE`: The value of the HTTP cookie whose name is configured under `enforceOnKeyName`. The key value is truncated to the first 128 bytes of the cookie value. If no such cookie is present in the request, the key type defaults to `ALL`. -// * `HTTP_PATH`: The URL path of the HTTP request. The key value is truncated to the first 128 bytes -// * `SNI`: Server name indication in the TLS session of the HTTPS request. The key value is truncated to the first 128 bytes. The key type defaults to `ALL` on a HTTP session. -// * `REGION_CODE`: The country/region from which the request originates. +// Determines the key to enforce the rateLimitThreshold on. Possible values are: +// - ALL: A single rate limit threshold is applied to all the requests matching this rule. This is the default value if "enforceOnKey" is not configured. +// - IP: The source IP address of the request is the key. Each IP has this limit enforced separately. +// - HTTP_HEADER: The value of the HTTP header whose name is configured under "enforceOnKeyName". The key value is truncated to the first 128 bytes of the header value. If no such header is present in the request, the key type defaults to ALL. +// - XFF_IP: The first IP address (i.e. the originating client IP address) specified in the list of IPs under X-Forwarded-For HTTP header. If no such header is present or the value is not a valid IP, the key defaults to the source IP address of the request i.e. key type IP. +// - HTTP_COOKIE: The value of the HTTP cookie whose name is configured under "enforceOnKeyName". The key value is truncated to the first 128 bytes of the cookie value. If no such cookie is present in the request, the key type defaults to ALL. +// - HTTP_PATH: The URL path of the HTTP request. The key value is truncated to the first 128 bytes. +// - SNI: Server name indication in the TLS session of the HTTPS request. The key value is truncated to the first 128 bytes. The key type defaults to ALL on a HTTP session. +// - REGION_CODE: The country/region from which the request originates. +// - TLS_JA3_FINGERPRINT: JA3 TLS/SSL fingerprint if the client connects using HTTPS, HTTP/2 or HTTP/3. If not available, the key type defaults to ALL. +// - USER_IP: The IP address of the originating client, which is resolved based on "userIpRequestHeaders" configured with the security policy. If there is no "userIpRequestHeaders" configuration or an IP address cannot be resolved from it, the key type defaults to IP. +// Possible values are: `ALL`, `IP`, `HTTP_HEADER`, `XFF_IP`, `HTTP_COOKIE`, `HTTP_PATH`, `SNI`, `REGION_CODE`, `TLS_JA3_FINGERPRINT`, `USER_IP`. func (o SecurityPolicyRuleRateLimitOptionsOutput) EnforceOnKey() pulumi.StringPtrOutput { return o.ApplyT(func(v SecurityPolicyRuleRateLimitOptions) *string { return v.EnforceOnKey }).(pulumi.StringPtrOutput) } -// If specified, any combination of values of enforce_on_key_type/enforce_on_key_name is treated as the key on which rate limit threshold/action is enforced. You can specify up to 3 enforce_on_key_configs. If `enforceOnKeyConfigs` is specified, `enforceOnKey` must be set to an empty string. Structure is documented below. -// -// **Note:** To avoid the conflict between `enforceOnKey` and `enforceOnKeyConfigs`, the field `enforceOnKey` needs to be set to an empty string. +// If specified, any combination of values of enforceOnKeyType/enforceOnKeyName is treated as the key on which ratelimit threshold/action is enforced. +// You can specify up to 3 enforceOnKeyConfigs. +// If enforceOnKeyConfigs is specified, enforceOnKey must not be specified. +// Structure is documented below. func (o SecurityPolicyRuleRateLimitOptionsOutput) EnforceOnKeyConfigs() SecurityPolicyRuleRateLimitOptionsEnforceOnKeyConfigArrayOutput { return o.ApplyT(func(v SecurityPolicyRuleRateLimitOptions) []SecurityPolicyRuleRateLimitOptionsEnforceOnKeyConfig { return v.EnforceOnKeyConfigs @@ -77284,31 +78090,32 @@ func (o SecurityPolicyRuleRateLimitOptionsOutput) EnforceOnKeyConfigs() Security } // Rate limit key name applicable only for the following key types: -// -// * `HTTP_HEADER` -- Name of the HTTP header whose value is taken as the key value. -// * `HTTP_COOKIE` -- Name of the HTTP cookie whose value is taken as the key value. +// HTTP_HEADER -- Name of the HTTP header whose value is taken as the key value. +// HTTP_COOKIE -- Name of the HTTP cookie whose value is taken as the key value. func (o SecurityPolicyRuleRateLimitOptionsOutput) EnforceOnKeyName() pulumi.StringPtrOutput { return o.ApplyT(func(v SecurityPolicyRuleRateLimitOptions) *string { return v.EnforceOnKeyName }).(pulumi.StringPtrOutput) } -// When a request is denied, returns the HTTP response code specified. -// Valid options are `deny()` where valid values for status are 403, 404, 429, and 502. -func (o SecurityPolicyRuleRateLimitOptionsOutput) ExceedAction() pulumi.StringOutput { - return o.ApplyT(func(v SecurityPolicyRuleRateLimitOptions) string { return v.ExceedAction }).(pulumi.StringOutput) +// Action to take for requests that are above the configured rate limit threshold, to either deny with a specified HTTP response code, or redirect to a different endpoint. +// Valid options are deny(STATUS), where valid values for STATUS are 403, 404, 429, and 502. +func (o SecurityPolicyRuleRateLimitOptionsOutput) ExceedAction() pulumi.StringPtrOutput { + return o.ApplyT(func(v SecurityPolicyRuleRateLimitOptions) *string { return v.ExceedAction }).(pulumi.StringPtrOutput) } -// Parameters defining the redirect action that is used as the exceed action. Cannot be specified if the exceed action is not redirect. +// Parameters defining the redirect action that is used as the exceed action. Cannot be specified if the exceed action is not redirect. This field is only supported in Global Security Policies of type CLOUD_ARMOR. +// Structure is documented below. func (o SecurityPolicyRuleRateLimitOptionsOutput) ExceedRedirectOptions() SecurityPolicyRuleRateLimitOptionsExceedRedirectOptionsPtrOutput { return o.ApplyT(func(v SecurityPolicyRuleRateLimitOptions) *SecurityPolicyRuleRateLimitOptionsExceedRedirectOptions { return v.ExceedRedirectOptions }).(SecurityPolicyRuleRateLimitOptionsExceedRedirectOptionsPtrOutput) } -// Threshold at which to begin ratelimiting. Structure is documented below. -func (o SecurityPolicyRuleRateLimitOptionsOutput) RateLimitThreshold() SecurityPolicyRuleRateLimitOptionsRateLimitThresholdOutput { - return o.ApplyT(func(v SecurityPolicyRuleRateLimitOptions) SecurityPolicyRuleRateLimitOptionsRateLimitThreshold { +// Threshold at which to begin ratelimiting. +// Structure is documented below. +func (o SecurityPolicyRuleRateLimitOptionsOutput) RateLimitThreshold() SecurityPolicyRuleRateLimitOptionsRateLimitThresholdPtrOutput { + return o.ApplyT(func(v SecurityPolicyRuleRateLimitOptions) *SecurityPolicyRuleRateLimitOptionsRateLimitThreshold { return v.RateLimitThreshold - }).(SecurityPolicyRuleRateLimitOptionsRateLimitThresholdOutput) + }).(SecurityPolicyRuleRateLimitOptionsRateLimitThresholdPtrOutput) } type SecurityPolicyRuleRateLimitOptionsPtrOutput struct{ *pulumi.OutputState } @@ -77335,7 +78142,7 @@ func (o SecurityPolicyRuleRateLimitOptionsPtrOutput) Elem() SecurityPolicyRuleRa }).(SecurityPolicyRuleRateLimitOptionsOutput) } -// Can only be specified if the `action` for the rule is `rateBasedBan`. +// Can only be specified if the action for the rule is "rateBasedBan". // If specified, determines the time (in seconds) the traffic will continue to be banned by the rate limit after the rate falls below the threshold. func (o SecurityPolicyRuleRateLimitOptionsPtrOutput) BanDurationSec() pulumi.IntPtrOutput { return o.ApplyT(func(v *SecurityPolicyRuleRateLimitOptions) *int { @@ -77346,9 +78153,9 @@ func (o SecurityPolicyRuleRateLimitOptionsPtrOutput) BanDurationSec() pulumi.Int }).(pulumi.IntPtrOutput) } -// Can only be specified if the `action` for the rule is `rateBasedBan`. -// If specified, the key will be banned for the configured `banDurationSec` when the number of requests that exceed the `rateLimitThreshold` also -// exceed this `banThreshold`. Structure is documented below. +// Can only be specified if the action for the rule is "rateBasedBan". +// If specified, the key will be banned for the configured 'banDurationSec' when the number of requests that exceed the 'rateLimitThreshold' also exceed this 'banThreshold'. +// Structure is documented below. func (o SecurityPolicyRuleRateLimitOptionsPtrOutput) BanThreshold() SecurityPolicyRuleRateLimitOptionsBanThresholdPtrOutput { return o.ApplyT(func(v *SecurityPolicyRuleRateLimitOptions) *SecurityPolicyRuleRateLimitOptionsBanThreshold { if v == nil { @@ -77358,26 +78165,29 @@ func (o SecurityPolicyRuleRateLimitOptionsPtrOutput) BanThreshold() SecurityPoli }).(SecurityPolicyRuleRateLimitOptionsBanThresholdPtrOutput) } -// Action to take for requests that are under the configured rate limit threshold. Valid option is `allow` only. +// Action to take for requests that are under the configured rate limit threshold. +// Valid option is "allow" only. func (o SecurityPolicyRuleRateLimitOptionsPtrOutput) ConformAction() pulumi.StringPtrOutput { return o.ApplyT(func(v *SecurityPolicyRuleRateLimitOptions) *string { if v == nil { return nil } - return &v.ConformAction + return v.ConformAction }).(pulumi.StringPtrOutput) } -// Determines the key to enforce the rateLimitThreshold on. If not specified, defaults to `ALL`. -// -// * `ALL`: A single rate limit threshold is applied to all the requests matching this rule. -// * `IP`: The source IP address of the request is the key. Each IP has this limit enforced separately. -// * `HTTP_HEADER`: The value of the HTTP header whose name is configured under `enforceOnKeyName`. The key value is truncated to the first 128 bytes of the header value. If no such header is present in the request, the key type defaults to `ALL`. -// * `XFF_IP`: The first IP address (i.e. the originating client IP address) specified in the list of IPs under `X-Forwarded-For` HTTP header. If no such header is present or the value is not a valid IP, the key type defaults to `ALL`. -// * `HTTP_COOKIE`: The value of the HTTP cookie whose name is configured under `enforceOnKeyName`. The key value is truncated to the first 128 bytes of the cookie value. If no such cookie is present in the request, the key type defaults to `ALL`. -// * `HTTP_PATH`: The URL path of the HTTP request. The key value is truncated to the first 128 bytes -// * `SNI`: Server name indication in the TLS session of the HTTPS request. The key value is truncated to the first 128 bytes. The key type defaults to `ALL` on a HTTP session. -// * `REGION_CODE`: The country/region from which the request originates. +// Determines the key to enforce the rateLimitThreshold on. Possible values are: +// - ALL: A single rate limit threshold is applied to all the requests matching this rule. This is the default value if "enforceOnKey" is not configured. +// - IP: The source IP address of the request is the key. Each IP has this limit enforced separately. +// - HTTP_HEADER: The value of the HTTP header whose name is configured under "enforceOnKeyName". The key value is truncated to the first 128 bytes of the header value. If no such header is present in the request, the key type defaults to ALL. +// - XFF_IP: The first IP address (i.e. the originating client IP address) specified in the list of IPs under X-Forwarded-For HTTP header. If no such header is present or the value is not a valid IP, the key defaults to the source IP address of the request i.e. key type IP. +// - HTTP_COOKIE: The value of the HTTP cookie whose name is configured under "enforceOnKeyName". The key value is truncated to the first 128 bytes of the cookie value. If no such cookie is present in the request, the key type defaults to ALL. +// - HTTP_PATH: The URL path of the HTTP request. The key value is truncated to the first 128 bytes. +// - SNI: Server name indication in the TLS session of the HTTPS request. The key value is truncated to the first 128 bytes. The key type defaults to ALL on a HTTP session. +// - REGION_CODE: The country/region from which the request originates. +// - TLS_JA3_FINGERPRINT: JA3 TLS/SSL fingerprint if the client connects using HTTPS, HTTP/2 or HTTP/3. If not available, the key type defaults to ALL. +// - USER_IP: The IP address of the originating client, which is resolved based on "userIpRequestHeaders" configured with the security policy. If there is no "userIpRequestHeaders" configuration or an IP address cannot be resolved from it, the key type defaults to IP. +// Possible values are: `ALL`, `IP`, `HTTP_HEADER`, `XFF_IP`, `HTTP_COOKIE`, `HTTP_PATH`, `SNI`, `REGION_CODE`, `TLS_JA3_FINGERPRINT`, `USER_IP`. func (o SecurityPolicyRuleRateLimitOptionsPtrOutput) EnforceOnKey() pulumi.StringPtrOutput { return o.ApplyT(func(v *SecurityPolicyRuleRateLimitOptions) *string { if v == nil { @@ -77387,9 +78197,10 @@ func (o SecurityPolicyRuleRateLimitOptionsPtrOutput) EnforceOnKey() pulumi.Strin }).(pulumi.StringPtrOutput) } -// If specified, any combination of values of enforce_on_key_type/enforce_on_key_name is treated as the key on which rate limit threshold/action is enforced. You can specify up to 3 enforce_on_key_configs. If `enforceOnKeyConfigs` is specified, `enforceOnKey` must be set to an empty string. Structure is documented below. -// -// **Note:** To avoid the conflict between `enforceOnKey` and `enforceOnKeyConfigs`, the field `enforceOnKey` needs to be set to an empty string. +// If specified, any combination of values of enforceOnKeyType/enforceOnKeyName is treated as the key on which ratelimit threshold/action is enforced. +// You can specify up to 3 enforceOnKeyConfigs. +// If enforceOnKeyConfigs is specified, enforceOnKey must not be specified. +// Structure is documented below. func (o SecurityPolicyRuleRateLimitOptionsPtrOutput) EnforceOnKeyConfigs() SecurityPolicyRuleRateLimitOptionsEnforceOnKeyConfigArrayOutput { return o.ApplyT(func(v *SecurityPolicyRuleRateLimitOptions) []SecurityPolicyRuleRateLimitOptionsEnforceOnKeyConfig { if v == nil { @@ -77400,9 +78211,8 @@ func (o SecurityPolicyRuleRateLimitOptionsPtrOutput) EnforceOnKeyConfigs() Secur } // Rate limit key name applicable only for the following key types: -// -// * `HTTP_HEADER` -- Name of the HTTP header whose value is taken as the key value. -// * `HTTP_COOKIE` -- Name of the HTTP cookie whose value is taken as the key value. +// HTTP_HEADER -- Name of the HTTP header whose value is taken as the key value. +// HTTP_COOKIE -- Name of the HTTP cookie whose value is taken as the key value. func (o SecurityPolicyRuleRateLimitOptionsPtrOutput) EnforceOnKeyName() pulumi.StringPtrOutput { return o.ApplyT(func(v *SecurityPolicyRuleRateLimitOptions) *string { if v == nil { @@ -77412,18 +78222,19 @@ func (o SecurityPolicyRuleRateLimitOptionsPtrOutput) EnforceOnKeyName() pulumi.S }).(pulumi.StringPtrOutput) } -// When a request is denied, returns the HTTP response code specified. -// Valid options are `deny()` where valid values for status are 403, 404, 429, and 502. +// Action to take for requests that are above the configured rate limit threshold, to either deny with a specified HTTP response code, or redirect to a different endpoint. +// Valid options are deny(STATUS), where valid values for STATUS are 403, 404, 429, and 502. func (o SecurityPolicyRuleRateLimitOptionsPtrOutput) ExceedAction() pulumi.StringPtrOutput { return o.ApplyT(func(v *SecurityPolicyRuleRateLimitOptions) *string { if v == nil { return nil } - return &v.ExceedAction + return v.ExceedAction }).(pulumi.StringPtrOutput) } -// Parameters defining the redirect action that is used as the exceed action. Cannot be specified if the exceed action is not redirect. +// Parameters defining the redirect action that is used as the exceed action. Cannot be specified if the exceed action is not redirect. This field is only supported in Global Security Policies of type CLOUD_ARMOR. +// Structure is documented below. func (o SecurityPolicyRuleRateLimitOptionsPtrOutput) ExceedRedirectOptions() SecurityPolicyRuleRateLimitOptionsExceedRedirectOptionsPtrOutput { return o.ApplyT(func(v *SecurityPolicyRuleRateLimitOptions) *SecurityPolicyRuleRateLimitOptionsExceedRedirectOptions { if v == nil { @@ -77433,21 +78244,22 @@ func (o SecurityPolicyRuleRateLimitOptionsPtrOutput) ExceedRedirectOptions() Sec }).(SecurityPolicyRuleRateLimitOptionsExceedRedirectOptionsPtrOutput) } -// Threshold at which to begin ratelimiting. Structure is documented below. +// Threshold at which to begin ratelimiting. +// Structure is documented below. func (o SecurityPolicyRuleRateLimitOptionsPtrOutput) RateLimitThreshold() SecurityPolicyRuleRateLimitOptionsRateLimitThresholdPtrOutput { return o.ApplyT(func(v *SecurityPolicyRuleRateLimitOptions) *SecurityPolicyRuleRateLimitOptionsRateLimitThreshold { if v == nil { return nil } - return &v.RateLimitThreshold + return v.RateLimitThreshold }).(SecurityPolicyRuleRateLimitOptionsRateLimitThresholdPtrOutput) } type SecurityPolicyRuleRateLimitOptionsBanThreshold struct { // Number of HTTP(S) requests for calculating the threshold. - Count int `pulumi:"count"` + Count *int `pulumi:"count"` // Interval over which the threshold is computed. - IntervalSec int `pulumi:"intervalSec"` + IntervalSec *int `pulumi:"intervalSec"` } // SecurityPolicyRuleRateLimitOptionsBanThresholdInput is an input type that accepts SecurityPolicyRuleRateLimitOptionsBanThresholdArgs and SecurityPolicyRuleRateLimitOptionsBanThresholdOutput values. @@ -77463,9 +78275,9 @@ type SecurityPolicyRuleRateLimitOptionsBanThresholdInput interface { type SecurityPolicyRuleRateLimitOptionsBanThresholdArgs struct { // Number of HTTP(S) requests for calculating the threshold. - Count pulumi.IntInput `pulumi:"count"` + Count pulumi.IntPtrInput `pulumi:"count"` // Interval over which the threshold is computed. - IntervalSec pulumi.IntInput `pulumi:"intervalSec"` + IntervalSec pulumi.IntPtrInput `pulumi:"intervalSec"` } func (SecurityPolicyRuleRateLimitOptionsBanThresholdArgs) ElementType() reflect.Type { @@ -77546,13 +78358,13 @@ func (o SecurityPolicyRuleRateLimitOptionsBanThresholdOutput) ToSecurityPolicyRu } // Number of HTTP(S) requests for calculating the threshold. -func (o SecurityPolicyRuleRateLimitOptionsBanThresholdOutput) Count() pulumi.IntOutput { - return o.ApplyT(func(v SecurityPolicyRuleRateLimitOptionsBanThreshold) int { return v.Count }).(pulumi.IntOutput) +func (o SecurityPolicyRuleRateLimitOptionsBanThresholdOutput) Count() pulumi.IntPtrOutput { + return o.ApplyT(func(v SecurityPolicyRuleRateLimitOptionsBanThreshold) *int { return v.Count }).(pulumi.IntPtrOutput) } // Interval over which the threshold is computed. -func (o SecurityPolicyRuleRateLimitOptionsBanThresholdOutput) IntervalSec() pulumi.IntOutput { - return o.ApplyT(func(v SecurityPolicyRuleRateLimitOptionsBanThreshold) int { return v.IntervalSec }).(pulumi.IntOutput) +func (o SecurityPolicyRuleRateLimitOptionsBanThresholdOutput) IntervalSec() pulumi.IntPtrOutput { + return o.ApplyT(func(v SecurityPolicyRuleRateLimitOptionsBanThreshold) *int { return v.IntervalSec }).(pulumi.IntPtrOutput) } type SecurityPolicyRuleRateLimitOptionsBanThresholdPtrOutput struct{ *pulumi.OutputState } @@ -77585,7 +78397,7 @@ func (o SecurityPolicyRuleRateLimitOptionsBanThresholdPtrOutput) Count() pulumi. if v == nil { return nil } - return &v.Count + return v.Count }).(pulumi.IntPtrOutput) } @@ -77595,26 +78407,27 @@ func (o SecurityPolicyRuleRateLimitOptionsBanThresholdPtrOutput) IntervalSec() p if v == nil { return nil } - return &v.IntervalSec + return v.IntervalSec }).(pulumi.IntPtrOutput) } type SecurityPolicyRuleRateLimitOptionsEnforceOnKeyConfig struct { // Rate limit key name applicable only for the following key types: - // - // * `HTTP_HEADER` -- Name of the HTTP header whose value is taken as the key value. - // * `HTTP_COOKIE` -- Name of the HTTP cookie whose value is taken as the key value. + // HTTP_HEADER -- Name of the HTTP header whose value is taken as the key value. + // HTTP_COOKIE -- Name of the HTTP cookie whose value is taken as the key value. EnforceOnKeyName *string `pulumi:"enforceOnKeyName"` - // Determines the key to enforce the `rateLimitThreshold` on. If not specified, defaults to `ALL`. - // - // * `ALL`: A single rate limit threshold is applied to all the requests matching this rule. - // * `IP`: The source IP address of the request is the key. Each IP has this limit enforced separately. - // * `HTTP_HEADER`: The value of the HTTP header whose name is configured on `enforceOnKeyName`. The key value is truncated to the first 128 bytes of the header value. If no such header is present in the request, the key type defaults to `ALL`. - // * `XFF_IP`: The first IP address (i.e. the originating client IP address) specified in the list of IPs under X-Forwarded-For HTTP header. If no such header is present or the value is not a valid IP, the key type defaults to `ALL`. - // * `HTTP_COOKIE`: The value of the HTTP cookie whose name is configured under `enforceOnKeyName`. The key value is truncated to the first 128 bytes of the cookie value. If no such cookie is present in the request, the key type defaults to `ALL`. - // * `HTTP_PATH`: The URL path of the HTTP request. The key value is truncated to the first 128 bytes - // * `SNI`: Server name indication in the TLS session of the HTTPS request. The key value is truncated to the first 128 bytes. The key type defaults to `ALL` on a HTTP session. - // * `REGION_CODE`: The country/region from which the request originates. + // Determines the key to enforce the rateLimitThreshold on. Possible values are: + // * ALL: A single rate limit threshold is applied to all the requests matching this rule. This is the default value if "enforceOnKeyConfigs" is not configured. + // * IP: The source IP address of the request is the key. Each IP has this limit enforced separately. + // * HTTP_HEADER: The value of the HTTP header whose name is configured under "enforceOnKeyName". The key value is truncated to the first 128 bytes of the header value. If no such header is present in the request, the key type defaults to ALL. + // * XFF_IP: The first IP address (i.e. the originating client IP address) specified in the list of IPs under X-Forwarded-For HTTP header. If no such header is present or the value is not a valid IP, the key defaults to the source IP address of the request i.e. key type IP. + // * HTTP_COOKIE: The value of the HTTP cookie whose name is configured under "enforceOnKeyName". The key value is truncated to the first 128 bytes of the cookie value. If no such cookie is present in the request, the key type defaults to ALL. + // * HTTP_PATH: The URL path of the HTTP request. The key value is truncated to the first 128 bytes. + // * SNI: Server name indication in the TLS session of the HTTPS request. The key value is truncated to the first 128 bytes. The key type defaults to ALL on a HTTP session. + // * REGION_CODE: The country/region from which the request originates. + // * TLS_JA3_FINGERPRINT: JA3 TLS/SSL fingerprint if the client connects using HTTPS, HTTP/2 or HTTP/3. If not available, the key type defaults to ALL. + // * USER_IP: The IP address of the originating client, which is resolved based on "userIpRequestHeaders" configured with the security policy. If there is no "userIpRequestHeaders" configuration or an IP address cannot be resolved from it, the key type defaults to IP. + // Possible values are: `ALL`, `IP`, `HTTP_HEADER`, `XFF_IP`, `HTTP_COOKIE`, `HTTP_PATH`, `SNI`, `REGION_CODE`, `TLS_JA3_FINGERPRINT`, `USER_IP`. EnforceOnKeyType *string `pulumi:"enforceOnKeyType"` } @@ -77631,20 +78444,21 @@ type SecurityPolicyRuleRateLimitOptionsEnforceOnKeyConfigInput interface { type SecurityPolicyRuleRateLimitOptionsEnforceOnKeyConfigArgs struct { // Rate limit key name applicable only for the following key types: - // - // * `HTTP_HEADER` -- Name of the HTTP header whose value is taken as the key value. - // * `HTTP_COOKIE` -- Name of the HTTP cookie whose value is taken as the key value. + // HTTP_HEADER -- Name of the HTTP header whose value is taken as the key value. + // HTTP_COOKIE -- Name of the HTTP cookie whose value is taken as the key value. EnforceOnKeyName pulumi.StringPtrInput `pulumi:"enforceOnKeyName"` - // Determines the key to enforce the `rateLimitThreshold` on. If not specified, defaults to `ALL`. - // - // * `ALL`: A single rate limit threshold is applied to all the requests matching this rule. - // * `IP`: The source IP address of the request is the key. Each IP has this limit enforced separately. - // * `HTTP_HEADER`: The value of the HTTP header whose name is configured on `enforceOnKeyName`. The key value is truncated to the first 128 bytes of the header value. If no such header is present in the request, the key type defaults to `ALL`. - // * `XFF_IP`: The first IP address (i.e. the originating client IP address) specified in the list of IPs under X-Forwarded-For HTTP header. If no such header is present or the value is not a valid IP, the key type defaults to `ALL`. - // * `HTTP_COOKIE`: The value of the HTTP cookie whose name is configured under `enforceOnKeyName`. The key value is truncated to the first 128 bytes of the cookie value. If no such cookie is present in the request, the key type defaults to `ALL`. - // * `HTTP_PATH`: The URL path of the HTTP request. The key value is truncated to the first 128 bytes - // * `SNI`: Server name indication in the TLS session of the HTTPS request. The key value is truncated to the first 128 bytes. The key type defaults to `ALL` on a HTTP session. - // * `REGION_CODE`: The country/region from which the request originates. + // Determines the key to enforce the rateLimitThreshold on. Possible values are: + // * ALL: A single rate limit threshold is applied to all the requests matching this rule. This is the default value if "enforceOnKeyConfigs" is not configured. + // * IP: The source IP address of the request is the key. Each IP has this limit enforced separately. + // * HTTP_HEADER: The value of the HTTP header whose name is configured under "enforceOnKeyName". The key value is truncated to the first 128 bytes of the header value. If no such header is present in the request, the key type defaults to ALL. + // * XFF_IP: The first IP address (i.e. the originating client IP address) specified in the list of IPs under X-Forwarded-For HTTP header. If no such header is present or the value is not a valid IP, the key defaults to the source IP address of the request i.e. key type IP. + // * HTTP_COOKIE: The value of the HTTP cookie whose name is configured under "enforceOnKeyName". The key value is truncated to the first 128 bytes of the cookie value. If no such cookie is present in the request, the key type defaults to ALL. + // * HTTP_PATH: The URL path of the HTTP request. The key value is truncated to the first 128 bytes. + // * SNI: Server name indication in the TLS session of the HTTPS request. The key value is truncated to the first 128 bytes. The key type defaults to ALL on a HTTP session. + // * REGION_CODE: The country/region from which the request originates. + // * TLS_JA3_FINGERPRINT: JA3 TLS/SSL fingerprint if the client connects using HTTPS, HTTP/2 or HTTP/3. If not available, the key type defaults to ALL. + // * USER_IP: The IP address of the originating client, which is resolved based on "userIpRequestHeaders" configured with the security policy. If there is no "userIpRequestHeaders" configuration or an IP address cannot be resolved from it, the key type defaults to IP. + // Possible values are: `ALL`, `IP`, `HTTP_HEADER`, `XFF_IP`, `HTTP_COOKIE`, `HTTP_PATH`, `SNI`, `REGION_CODE`, `TLS_JA3_FINGERPRINT`, `USER_IP`. EnforceOnKeyType pulumi.StringPtrInput `pulumi:"enforceOnKeyType"` } @@ -77700,23 +78514,24 @@ func (o SecurityPolicyRuleRateLimitOptionsEnforceOnKeyConfigOutput) ToSecurityPo } // Rate limit key name applicable only for the following key types: -// -// * `HTTP_HEADER` -- Name of the HTTP header whose value is taken as the key value. -// * `HTTP_COOKIE` -- Name of the HTTP cookie whose value is taken as the key value. +// HTTP_HEADER -- Name of the HTTP header whose value is taken as the key value. +// HTTP_COOKIE -- Name of the HTTP cookie whose value is taken as the key value. func (o SecurityPolicyRuleRateLimitOptionsEnforceOnKeyConfigOutput) EnforceOnKeyName() pulumi.StringPtrOutput { return o.ApplyT(func(v SecurityPolicyRuleRateLimitOptionsEnforceOnKeyConfig) *string { return v.EnforceOnKeyName }).(pulumi.StringPtrOutput) } -// Determines the key to enforce the `rateLimitThreshold` on. If not specified, defaults to `ALL`. -// -// * `ALL`: A single rate limit threshold is applied to all the requests matching this rule. -// * `IP`: The source IP address of the request is the key. Each IP has this limit enforced separately. -// * `HTTP_HEADER`: The value of the HTTP header whose name is configured on `enforceOnKeyName`. The key value is truncated to the first 128 bytes of the header value. If no such header is present in the request, the key type defaults to `ALL`. -// * `XFF_IP`: The first IP address (i.e. the originating client IP address) specified in the list of IPs under X-Forwarded-For HTTP header. If no such header is present or the value is not a valid IP, the key type defaults to `ALL`. -// * `HTTP_COOKIE`: The value of the HTTP cookie whose name is configured under `enforceOnKeyName`. The key value is truncated to the first 128 bytes of the cookie value. If no such cookie is present in the request, the key type defaults to `ALL`. -// * `HTTP_PATH`: The URL path of the HTTP request. The key value is truncated to the first 128 bytes -// * `SNI`: Server name indication in the TLS session of the HTTPS request. The key value is truncated to the first 128 bytes. The key type defaults to `ALL` on a HTTP session. -// * `REGION_CODE`: The country/region from which the request originates. +// Determines the key to enforce the rateLimitThreshold on. Possible values are: +// - ALL: A single rate limit threshold is applied to all the requests matching this rule. This is the default value if "enforceOnKeyConfigs" is not configured. +// - IP: The source IP address of the request is the key. Each IP has this limit enforced separately. +// - HTTP_HEADER: The value of the HTTP header whose name is configured under "enforceOnKeyName". The key value is truncated to the first 128 bytes of the header value. If no such header is present in the request, the key type defaults to ALL. +// - XFF_IP: The first IP address (i.e. the originating client IP address) specified in the list of IPs under X-Forwarded-For HTTP header. If no such header is present or the value is not a valid IP, the key defaults to the source IP address of the request i.e. key type IP. +// - HTTP_COOKIE: The value of the HTTP cookie whose name is configured under "enforceOnKeyName". The key value is truncated to the first 128 bytes of the cookie value. If no such cookie is present in the request, the key type defaults to ALL. +// - HTTP_PATH: The URL path of the HTTP request. The key value is truncated to the first 128 bytes. +// - SNI: Server name indication in the TLS session of the HTTPS request. The key value is truncated to the first 128 bytes. The key type defaults to ALL on a HTTP session. +// - REGION_CODE: The country/region from which the request originates. +// - TLS_JA3_FINGERPRINT: JA3 TLS/SSL fingerprint if the client connects using HTTPS, HTTP/2 or HTTP/3. If not available, the key type defaults to ALL. +// - USER_IP: The IP address of the originating client, which is resolved based on "userIpRequestHeaders" configured with the security policy. If there is no "userIpRequestHeaders" configuration or an IP address cannot be resolved from it, the key type defaults to IP. +// Possible values are: `ALL`, `IP`, `HTTP_HEADER`, `XFF_IP`, `HTTP_COOKIE`, `HTTP_PATH`, `SNI`, `REGION_CODE`, `TLS_JA3_FINGERPRINT`, `USER_IP`. func (o SecurityPolicyRuleRateLimitOptionsEnforceOnKeyConfigOutput) EnforceOnKeyType() pulumi.StringPtrOutput { return o.ApplyT(func(v SecurityPolicyRuleRateLimitOptionsEnforceOnKeyConfig) *string { return v.EnforceOnKeyType }).(pulumi.StringPtrOutput) } @@ -77742,10 +78557,10 @@ func (o SecurityPolicyRuleRateLimitOptionsEnforceOnKeyConfigArrayOutput) Index(i } type SecurityPolicyRuleRateLimitOptionsExceedRedirectOptions struct { - // Target for the redirect action. This is required if the type is `EXTERNAL_302` and cannot be specified for `GOOGLE_RECAPTCHA`. + // Target for the redirect action. This is required if the type is EXTERNAL_302 and cannot be specified for GOOGLE_RECAPTCHA. Target *string `pulumi:"target"` // Type of the redirect action. - Type string `pulumi:"type"` + Type *string `pulumi:"type"` } // SecurityPolicyRuleRateLimitOptionsExceedRedirectOptionsInput is an input type that accepts SecurityPolicyRuleRateLimitOptionsExceedRedirectOptionsArgs and SecurityPolicyRuleRateLimitOptionsExceedRedirectOptionsOutput values. @@ -77760,10 +78575,10 @@ type SecurityPolicyRuleRateLimitOptionsExceedRedirectOptionsInput interface { } type SecurityPolicyRuleRateLimitOptionsExceedRedirectOptionsArgs struct { - // Target for the redirect action. This is required if the type is `EXTERNAL_302` and cannot be specified for `GOOGLE_RECAPTCHA`. + // Target for the redirect action. This is required if the type is EXTERNAL_302 and cannot be specified for GOOGLE_RECAPTCHA. Target pulumi.StringPtrInput `pulumi:"target"` // Type of the redirect action. - Type pulumi.StringInput `pulumi:"type"` + Type pulumi.StringPtrInput `pulumi:"type"` } func (SecurityPolicyRuleRateLimitOptionsExceedRedirectOptionsArgs) ElementType() reflect.Type { @@ -77843,14 +78658,14 @@ func (o SecurityPolicyRuleRateLimitOptionsExceedRedirectOptionsOutput) ToSecurit }).(SecurityPolicyRuleRateLimitOptionsExceedRedirectOptionsPtrOutput) } -// Target for the redirect action. This is required if the type is `EXTERNAL_302` and cannot be specified for `GOOGLE_RECAPTCHA`. +// Target for the redirect action. This is required if the type is EXTERNAL_302 and cannot be specified for GOOGLE_RECAPTCHA. func (o SecurityPolicyRuleRateLimitOptionsExceedRedirectOptionsOutput) Target() pulumi.StringPtrOutput { return o.ApplyT(func(v SecurityPolicyRuleRateLimitOptionsExceedRedirectOptions) *string { return v.Target }).(pulumi.StringPtrOutput) } // Type of the redirect action. -func (o SecurityPolicyRuleRateLimitOptionsExceedRedirectOptionsOutput) Type() pulumi.StringOutput { - return o.ApplyT(func(v SecurityPolicyRuleRateLimitOptionsExceedRedirectOptions) string { return v.Type }).(pulumi.StringOutput) +func (o SecurityPolicyRuleRateLimitOptionsExceedRedirectOptionsOutput) Type() pulumi.StringPtrOutput { + return o.ApplyT(func(v SecurityPolicyRuleRateLimitOptionsExceedRedirectOptions) *string { return v.Type }).(pulumi.StringPtrOutput) } type SecurityPolicyRuleRateLimitOptionsExceedRedirectOptionsPtrOutput struct{ *pulumi.OutputState } @@ -77877,7 +78692,7 @@ func (o SecurityPolicyRuleRateLimitOptionsExceedRedirectOptionsPtrOutput) Elem() }).(SecurityPolicyRuleRateLimitOptionsExceedRedirectOptionsOutput) } -// Target for the redirect action. This is required if the type is `EXTERNAL_302` and cannot be specified for `GOOGLE_RECAPTCHA`. +// Target for the redirect action. This is required if the type is EXTERNAL_302 and cannot be specified for GOOGLE_RECAPTCHA. func (o SecurityPolicyRuleRateLimitOptionsExceedRedirectOptionsPtrOutput) Target() pulumi.StringPtrOutput { return o.ApplyT(func(v *SecurityPolicyRuleRateLimitOptionsExceedRedirectOptions) *string { if v == nil { @@ -77893,15 +78708,15 @@ func (o SecurityPolicyRuleRateLimitOptionsExceedRedirectOptionsPtrOutput) Type() if v == nil { return nil } - return &v.Type + return v.Type }).(pulumi.StringPtrOutput) } type SecurityPolicyRuleRateLimitOptionsRateLimitThreshold struct { // Number of HTTP(S) requests for calculating the threshold. - Count int `pulumi:"count"` + Count *int `pulumi:"count"` // Interval over which the threshold is computed. - IntervalSec int `pulumi:"intervalSec"` + IntervalSec *int `pulumi:"intervalSec"` } // SecurityPolicyRuleRateLimitOptionsRateLimitThresholdInput is an input type that accepts SecurityPolicyRuleRateLimitOptionsRateLimitThresholdArgs and SecurityPolicyRuleRateLimitOptionsRateLimitThresholdOutput values. @@ -77917,9 +78732,9 @@ type SecurityPolicyRuleRateLimitOptionsRateLimitThresholdInput interface { type SecurityPolicyRuleRateLimitOptionsRateLimitThresholdArgs struct { // Number of HTTP(S) requests for calculating the threshold. - Count pulumi.IntInput `pulumi:"count"` + Count pulumi.IntPtrInput `pulumi:"count"` // Interval over which the threshold is computed. - IntervalSec pulumi.IntInput `pulumi:"intervalSec"` + IntervalSec pulumi.IntPtrInput `pulumi:"intervalSec"` } func (SecurityPolicyRuleRateLimitOptionsRateLimitThresholdArgs) ElementType() reflect.Type { @@ -78000,13 +78815,13 @@ func (o SecurityPolicyRuleRateLimitOptionsRateLimitThresholdOutput) ToSecurityPo } // Number of HTTP(S) requests for calculating the threshold. -func (o SecurityPolicyRuleRateLimitOptionsRateLimitThresholdOutput) Count() pulumi.IntOutput { - return o.ApplyT(func(v SecurityPolicyRuleRateLimitOptionsRateLimitThreshold) int { return v.Count }).(pulumi.IntOutput) +func (o SecurityPolicyRuleRateLimitOptionsRateLimitThresholdOutput) Count() pulumi.IntPtrOutput { + return o.ApplyT(func(v SecurityPolicyRuleRateLimitOptionsRateLimitThreshold) *int { return v.Count }).(pulumi.IntPtrOutput) } // Interval over which the threshold is computed. -func (o SecurityPolicyRuleRateLimitOptionsRateLimitThresholdOutput) IntervalSec() pulumi.IntOutput { - return o.ApplyT(func(v SecurityPolicyRuleRateLimitOptionsRateLimitThreshold) int { return v.IntervalSec }).(pulumi.IntOutput) +func (o SecurityPolicyRuleRateLimitOptionsRateLimitThresholdOutput) IntervalSec() pulumi.IntPtrOutput { + return o.ApplyT(func(v SecurityPolicyRuleRateLimitOptionsRateLimitThreshold) *int { return v.IntervalSec }).(pulumi.IntPtrOutput) } type SecurityPolicyRuleRateLimitOptionsRateLimitThresholdPtrOutput struct{ *pulumi.OutputState } @@ -78039,7 +78854,7 @@ func (o SecurityPolicyRuleRateLimitOptionsRateLimitThresholdPtrOutput) Count() p if v == nil { return nil } - return &v.Count + return v.Count }).(pulumi.IntPtrOutput) } @@ -78049,7 +78864,7 @@ func (o SecurityPolicyRuleRateLimitOptionsRateLimitThresholdPtrOutput) IntervalS if v == nil { return nil } - return &v.IntervalSec + return v.IntervalSec }).(pulumi.IntPtrOutput) } @@ -89616,888 +90431,6 @@ func (o URLMapPathMatcherPathRuleRouteActionFaultInjectionPolicyDelayFixedDelayP }).(pulumi.StringPtrOutput) } -type URLMapPathMatcherPathRuleRouteActionRequestMirrorPolicy struct { - // The full or partial URL to the BackendService resource being mirrored to. - BackendService string `pulumi:"backendService"` -} - -// URLMapPathMatcherPathRuleRouteActionRequestMirrorPolicyInput is an input type that accepts URLMapPathMatcherPathRuleRouteActionRequestMirrorPolicyArgs and URLMapPathMatcherPathRuleRouteActionRequestMirrorPolicyOutput values. -// You can construct a concrete instance of `URLMapPathMatcherPathRuleRouteActionRequestMirrorPolicyInput` via: -// -// URLMapPathMatcherPathRuleRouteActionRequestMirrorPolicyArgs{...} -type URLMapPathMatcherPathRuleRouteActionRequestMirrorPolicyInput interface { - pulumi.Input - - ToURLMapPathMatcherPathRuleRouteActionRequestMirrorPolicyOutput() URLMapPathMatcherPathRuleRouteActionRequestMirrorPolicyOutput - ToURLMapPathMatcherPathRuleRouteActionRequestMirrorPolicyOutputWithContext(context.Context) URLMapPathMatcherPathRuleRouteActionRequestMirrorPolicyOutput -} - -type URLMapPathMatcherPathRuleRouteActionRequestMirrorPolicyArgs struct { - // The full or partial URL to the BackendService resource being mirrored to. - BackendService pulumi.StringInput `pulumi:"backendService"` -} - -func (URLMapPathMatcherPathRuleRouteActionRequestMirrorPolicyArgs) ElementType() reflect.Type { - return reflect.TypeOf((*URLMapPathMatcherPathRuleRouteActionRequestMirrorPolicy)(nil)).Elem() -} - -func (i URLMapPathMatcherPathRuleRouteActionRequestMirrorPolicyArgs) ToURLMapPathMatcherPathRuleRouteActionRequestMirrorPolicyOutput() URLMapPathMatcherPathRuleRouteActionRequestMirrorPolicyOutput { - return i.ToURLMapPathMatcherPathRuleRouteActionRequestMirrorPolicyOutputWithContext(context.Background()) -} - -func (i URLMapPathMatcherPathRuleRouteActionRequestMirrorPolicyArgs) ToURLMapPathMatcherPathRuleRouteActionRequestMirrorPolicyOutputWithContext(ctx context.Context) URLMapPathMatcherPathRuleRouteActionRequestMirrorPolicyOutput { - return pulumi.ToOutputWithContext(ctx, i).(URLMapPathMatcherPathRuleRouteActionRequestMirrorPolicyOutput) -} - -func (i URLMapPathMatcherPathRuleRouteActionRequestMirrorPolicyArgs) ToURLMapPathMatcherPathRuleRouteActionRequestMirrorPolicyPtrOutput() URLMapPathMatcherPathRuleRouteActionRequestMirrorPolicyPtrOutput { - return i.ToURLMapPathMatcherPathRuleRouteActionRequestMirrorPolicyPtrOutputWithContext(context.Background()) -} - -func (i URLMapPathMatcherPathRuleRouteActionRequestMirrorPolicyArgs) ToURLMapPathMatcherPathRuleRouteActionRequestMirrorPolicyPtrOutputWithContext(ctx context.Context) URLMapPathMatcherPathRuleRouteActionRequestMirrorPolicyPtrOutput { - return pulumi.ToOutputWithContext(ctx, i).(URLMapPathMatcherPathRuleRouteActionRequestMirrorPolicyOutput).ToURLMapPathMatcherPathRuleRouteActionRequestMirrorPolicyPtrOutputWithContext(ctx) -} - -// URLMapPathMatcherPathRuleRouteActionRequestMirrorPolicyPtrInput is an input type that accepts URLMapPathMatcherPathRuleRouteActionRequestMirrorPolicyArgs, URLMapPathMatcherPathRuleRouteActionRequestMirrorPolicyPtr and URLMapPathMatcherPathRuleRouteActionRequestMirrorPolicyPtrOutput values. -// You can construct a concrete instance of `URLMapPathMatcherPathRuleRouteActionRequestMirrorPolicyPtrInput` via: -// -// URLMapPathMatcherPathRuleRouteActionRequestMirrorPolicyArgs{...} -// -// or: -// -// nil -type URLMapPathMatcherPathRuleRouteActionRequestMirrorPolicyPtrInput interface { - pulumi.Input - - ToURLMapPathMatcherPathRuleRouteActionRequestMirrorPolicyPtrOutput() URLMapPathMatcherPathRuleRouteActionRequestMirrorPolicyPtrOutput - ToURLMapPathMatcherPathRuleRouteActionRequestMirrorPolicyPtrOutputWithContext(context.Context) URLMapPathMatcherPathRuleRouteActionRequestMirrorPolicyPtrOutput -} - -type urlmapPathMatcherPathRuleRouteActionRequestMirrorPolicyPtrType URLMapPathMatcherPathRuleRouteActionRequestMirrorPolicyArgs - -func URLMapPathMatcherPathRuleRouteActionRequestMirrorPolicyPtr(v *URLMapPathMatcherPathRuleRouteActionRequestMirrorPolicyArgs) URLMapPathMatcherPathRuleRouteActionRequestMirrorPolicyPtrInput { - return (*urlmapPathMatcherPathRuleRouteActionRequestMirrorPolicyPtrType)(v) -} - -func (*urlmapPathMatcherPathRuleRouteActionRequestMirrorPolicyPtrType) ElementType() reflect.Type { - return reflect.TypeOf((**URLMapPathMatcherPathRuleRouteActionRequestMirrorPolicy)(nil)).Elem() -} - -func (i *urlmapPathMatcherPathRuleRouteActionRequestMirrorPolicyPtrType) ToURLMapPathMatcherPathRuleRouteActionRequestMirrorPolicyPtrOutput() URLMapPathMatcherPathRuleRouteActionRequestMirrorPolicyPtrOutput { - return i.ToURLMapPathMatcherPathRuleRouteActionRequestMirrorPolicyPtrOutputWithContext(context.Background()) -} - -func (i *urlmapPathMatcherPathRuleRouteActionRequestMirrorPolicyPtrType) ToURLMapPathMatcherPathRuleRouteActionRequestMirrorPolicyPtrOutputWithContext(ctx context.Context) URLMapPathMatcherPathRuleRouteActionRequestMirrorPolicyPtrOutput { - return pulumi.ToOutputWithContext(ctx, i).(URLMapPathMatcherPathRuleRouteActionRequestMirrorPolicyPtrOutput) -} - -type URLMapPathMatcherPathRuleRouteActionRequestMirrorPolicyOutput struct{ *pulumi.OutputState } - -func (URLMapPathMatcherPathRuleRouteActionRequestMirrorPolicyOutput) ElementType() reflect.Type { - return reflect.TypeOf((*URLMapPathMatcherPathRuleRouteActionRequestMirrorPolicy)(nil)).Elem() -} - -func (o URLMapPathMatcherPathRuleRouteActionRequestMirrorPolicyOutput) ToURLMapPathMatcherPathRuleRouteActionRequestMirrorPolicyOutput() URLMapPathMatcherPathRuleRouteActionRequestMirrorPolicyOutput { - return o -} - -func (o URLMapPathMatcherPathRuleRouteActionRequestMirrorPolicyOutput) ToURLMapPathMatcherPathRuleRouteActionRequestMirrorPolicyOutputWithContext(ctx context.Context) URLMapPathMatcherPathRuleRouteActionRequestMirrorPolicyOutput { - return o -} - -func (o URLMapPathMatcherPathRuleRouteActionRequestMirrorPolicyOutput) ToURLMapPathMatcherPathRuleRouteActionRequestMirrorPolicyPtrOutput() URLMapPathMatcherPathRuleRouteActionRequestMirrorPolicyPtrOutput { - return o.ToURLMapPathMatcherPathRuleRouteActionRequestMirrorPolicyPtrOutputWithContext(context.Background()) -} - -func (o URLMapPathMatcherPathRuleRouteActionRequestMirrorPolicyOutput) ToURLMapPathMatcherPathRuleRouteActionRequestMirrorPolicyPtrOutputWithContext(ctx context.Context) URLMapPathMatcherPathRuleRouteActionRequestMirrorPolicyPtrOutput { - return o.ApplyTWithContext(ctx, func(_ context.Context, v URLMapPathMatcherPathRuleRouteActionRequestMirrorPolicy) *URLMapPathMatcherPathRuleRouteActionRequestMirrorPolicy { - return &v - }).(URLMapPathMatcherPathRuleRouteActionRequestMirrorPolicyPtrOutput) -} - -// The full or partial URL to the BackendService resource being mirrored to. -func (o URLMapPathMatcherPathRuleRouteActionRequestMirrorPolicyOutput) BackendService() pulumi.StringOutput { - return o.ApplyT(func(v URLMapPathMatcherPathRuleRouteActionRequestMirrorPolicy) string { return v.BackendService }).(pulumi.StringOutput) -} - -type URLMapPathMatcherPathRuleRouteActionRequestMirrorPolicyPtrOutput struct{ *pulumi.OutputState } - -func (URLMapPathMatcherPathRuleRouteActionRequestMirrorPolicyPtrOutput) ElementType() reflect.Type { - return reflect.TypeOf((**URLMapPathMatcherPathRuleRouteActionRequestMirrorPolicy)(nil)).Elem() -} - -func (o URLMapPathMatcherPathRuleRouteActionRequestMirrorPolicyPtrOutput) ToURLMapPathMatcherPathRuleRouteActionRequestMirrorPolicyPtrOutput() URLMapPathMatcherPathRuleRouteActionRequestMirrorPolicyPtrOutput { - return o -} - -func (o URLMapPathMatcherPathRuleRouteActionRequestMirrorPolicyPtrOutput) ToURLMapPathMatcherPathRuleRouteActionRequestMirrorPolicyPtrOutputWithContext(ctx context.Context) URLMapPathMatcherPathRuleRouteActionRequestMirrorPolicyPtrOutput { - return o -} - -func (o URLMapPathMatcherPathRuleRouteActionRequestMirrorPolicyPtrOutput) Elem() URLMapPathMatcherPathRuleRouteActionRequestMirrorPolicyOutput { - return o.ApplyT(func(v *URLMapPathMatcherPathRuleRouteActionRequestMirrorPolicy) URLMapPathMatcherPathRuleRouteActionRequestMirrorPolicy { - if v != nil { - return *v - } - var ret URLMapPathMatcherPathRuleRouteActionRequestMirrorPolicy - return ret - }).(URLMapPathMatcherPathRuleRouteActionRequestMirrorPolicyOutput) -} - -// The full or partial URL to the BackendService resource being mirrored to. -func (o URLMapPathMatcherPathRuleRouteActionRequestMirrorPolicyPtrOutput) BackendService() pulumi.StringPtrOutput { - return o.ApplyT(func(v *URLMapPathMatcherPathRuleRouteActionRequestMirrorPolicy) *string { - if v == nil { - return nil - } - return &v.BackendService - }).(pulumi.StringPtrOutput) -} - -type URLMapPathMatcherPathRuleRouteActionRetryPolicy struct { - // Specifies the allowed number retries. This number must be > 0. If not specified, defaults to 1. - NumRetries *int `pulumi:"numRetries"` - // Specifies a non-zero timeout per retry attempt. - // If not specified, will use the timeout set in HttpRouteAction. If timeout in HttpRouteAction is not set, - // will use the largest timeout among all backend services associated with the route. - // Structure is documented below. - PerTryTimeout *URLMapPathMatcherPathRuleRouteActionRetryPolicyPerTryTimeout `pulumi:"perTryTimeout"` - // Specfies one or more conditions when this retry rule applies. Valid values are: - // * 5xx: Loadbalancer will attempt a retry if the backend service responds with any 5xx response code, - // or if the backend service does not respond at all, example: disconnects, reset, read timeout, - // * connection failure, and refused streams. - // * gateway-error: Similar to 5xx, but only applies to response codes 502, 503 or 504. - // * connect-failure: Loadbalancer will retry on failures connecting to backend services, - // for example due to connection timeouts. - // * retriable-4xx: Loadbalancer will retry for retriable 4xx response codes. - // Currently the only retriable error supported is 409. - // * refused-stream:Loadbalancer will retry if the backend service resets the stream with a REFUSED_STREAM error code. - // This reset type indicates that it is safe to retry. - // * cancelled: Loadbalancer will retry if the gRPC status code in the response header is set to cancelled - // * deadline-exceeded: Loadbalancer will retry if the gRPC status code in the response header is set to deadline-exceeded - // * resource-exhausted: Loadbalancer will retry if the gRPC status code in the response header is set to resource-exhausted - // * unavailable: Loadbalancer will retry if the gRPC status code in the response header is set to unavailable - RetryConditions []string `pulumi:"retryConditions"` -} - -// URLMapPathMatcherPathRuleRouteActionRetryPolicyInput is an input type that accepts URLMapPathMatcherPathRuleRouteActionRetryPolicyArgs and URLMapPathMatcherPathRuleRouteActionRetryPolicyOutput values. -// You can construct a concrete instance of `URLMapPathMatcherPathRuleRouteActionRetryPolicyInput` via: -// -// URLMapPathMatcherPathRuleRouteActionRetryPolicyArgs{...} -type URLMapPathMatcherPathRuleRouteActionRetryPolicyInput interface { - pulumi.Input - - ToURLMapPathMatcherPathRuleRouteActionRetryPolicyOutput() URLMapPathMatcherPathRuleRouteActionRetryPolicyOutput - ToURLMapPathMatcherPathRuleRouteActionRetryPolicyOutputWithContext(context.Context) URLMapPathMatcherPathRuleRouteActionRetryPolicyOutput -} - -type URLMapPathMatcherPathRuleRouteActionRetryPolicyArgs struct { - // Specifies the allowed number retries. This number must be > 0. If not specified, defaults to 1. - NumRetries pulumi.IntPtrInput `pulumi:"numRetries"` - // Specifies a non-zero timeout per retry attempt. - // If not specified, will use the timeout set in HttpRouteAction. If timeout in HttpRouteAction is not set, - // will use the largest timeout among all backend services associated with the route. - // Structure is documented below. - PerTryTimeout URLMapPathMatcherPathRuleRouteActionRetryPolicyPerTryTimeoutPtrInput `pulumi:"perTryTimeout"` - // Specfies one or more conditions when this retry rule applies. Valid values are: - // * 5xx: Loadbalancer will attempt a retry if the backend service responds with any 5xx response code, - // or if the backend service does not respond at all, example: disconnects, reset, read timeout, - // * connection failure, and refused streams. - // * gateway-error: Similar to 5xx, but only applies to response codes 502, 503 or 504. - // * connect-failure: Loadbalancer will retry on failures connecting to backend services, - // for example due to connection timeouts. - // * retriable-4xx: Loadbalancer will retry for retriable 4xx response codes. - // Currently the only retriable error supported is 409. - // * refused-stream:Loadbalancer will retry if the backend service resets the stream with a REFUSED_STREAM error code. - // This reset type indicates that it is safe to retry. - // * cancelled: Loadbalancer will retry if the gRPC status code in the response header is set to cancelled - // * deadline-exceeded: Loadbalancer will retry if the gRPC status code in the response header is set to deadline-exceeded - // * resource-exhausted: Loadbalancer will retry if the gRPC status code in the response header is set to resource-exhausted - // * unavailable: Loadbalancer will retry if the gRPC status code in the response header is set to unavailable - RetryConditions pulumi.StringArrayInput `pulumi:"retryConditions"` -} - -func (URLMapPathMatcherPathRuleRouteActionRetryPolicyArgs) ElementType() reflect.Type { - return reflect.TypeOf((*URLMapPathMatcherPathRuleRouteActionRetryPolicy)(nil)).Elem() -} - -func (i URLMapPathMatcherPathRuleRouteActionRetryPolicyArgs) ToURLMapPathMatcherPathRuleRouteActionRetryPolicyOutput() URLMapPathMatcherPathRuleRouteActionRetryPolicyOutput { - return i.ToURLMapPathMatcherPathRuleRouteActionRetryPolicyOutputWithContext(context.Background()) -} - -func (i URLMapPathMatcherPathRuleRouteActionRetryPolicyArgs) ToURLMapPathMatcherPathRuleRouteActionRetryPolicyOutputWithContext(ctx context.Context) URLMapPathMatcherPathRuleRouteActionRetryPolicyOutput { - return pulumi.ToOutputWithContext(ctx, i).(URLMapPathMatcherPathRuleRouteActionRetryPolicyOutput) -} - -func (i URLMapPathMatcherPathRuleRouteActionRetryPolicyArgs) ToURLMapPathMatcherPathRuleRouteActionRetryPolicyPtrOutput() URLMapPathMatcherPathRuleRouteActionRetryPolicyPtrOutput { - return i.ToURLMapPathMatcherPathRuleRouteActionRetryPolicyPtrOutputWithContext(context.Background()) -} - -func (i URLMapPathMatcherPathRuleRouteActionRetryPolicyArgs) ToURLMapPathMatcherPathRuleRouteActionRetryPolicyPtrOutputWithContext(ctx context.Context) URLMapPathMatcherPathRuleRouteActionRetryPolicyPtrOutput { - return pulumi.ToOutputWithContext(ctx, i).(URLMapPathMatcherPathRuleRouteActionRetryPolicyOutput).ToURLMapPathMatcherPathRuleRouteActionRetryPolicyPtrOutputWithContext(ctx) -} - -// URLMapPathMatcherPathRuleRouteActionRetryPolicyPtrInput is an input type that accepts URLMapPathMatcherPathRuleRouteActionRetryPolicyArgs, URLMapPathMatcherPathRuleRouteActionRetryPolicyPtr and URLMapPathMatcherPathRuleRouteActionRetryPolicyPtrOutput values. -// You can construct a concrete instance of `URLMapPathMatcherPathRuleRouteActionRetryPolicyPtrInput` via: -// -// URLMapPathMatcherPathRuleRouteActionRetryPolicyArgs{...} -// -// or: -// -// nil -type URLMapPathMatcherPathRuleRouteActionRetryPolicyPtrInput interface { - pulumi.Input - - ToURLMapPathMatcherPathRuleRouteActionRetryPolicyPtrOutput() URLMapPathMatcherPathRuleRouteActionRetryPolicyPtrOutput - ToURLMapPathMatcherPathRuleRouteActionRetryPolicyPtrOutputWithContext(context.Context) URLMapPathMatcherPathRuleRouteActionRetryPolicyPtrOutput -} - -type urlmapPathMatcherPathRuleRouteActionRetryPolicyPtrType URLMapPathMatcherPathRuleRouteActionRetryPolicyArgs - -func URLMapPathMatcherPathRuleRouteActionRetryPolicyPtr(v *URLMapPathMatcherPathRuleRouteActionRetryPolicyArgs) URLMapPathMatcherPathRuleRouteActionRetryPolicyPtrInput { - return (*urlmapPathMatcherPathRuleRouteActionRetryPolicyPtrType)(v) -} - -func (*urlmapPathMatcherPathRuleRouteActionRetryPolicyPtrType) ElementType() reflect.Type { - return reflect.TypeOf((**URLMapPathMatcherPathRuleRouteActionRetryPolicy)(nil)).Elem() -} - -func (i *urlmapPathMatcherPathRuleRouteActionRetryPolicyPtrType) ToURLMapPathMatcherPathRuleRouteActionRetryPolicyPtrOutput() URLMapPathMatcherPathRuleRouteActionRetryPolicyPtrOutput { - return i.ToURLMapPathMatcherPathRuleRouteActionRetryPolicyPtrOutputWithContext(context.Background()) -} - -func (i *urlmapPathMatcherPathRuleRouteActionRetryPolicyPtrType) ToURLMapPathMatcherPathRuleRouteActionRetryPolicyPtrOutputWithContext(ctx context.Context) URLMapPathMatcherPathRuleRouteActionRetryPolicyPtrOutput { - return pulumi.ToOutputWithContext(ctx, i).(URLMapPathMatcherPathRuleRouteActionRetryPolicyPtrOutput) -} - -type URLMapPathMatcherPathRuleRouteActionRetryPolicyOutput struct{ *pulumi.OutputState } - -func (URLMapPathMatcherPathRuleRouteActionRetryPolicyOutput) ElementType() reflect.Type { - return reflect.TypeOf((*URLMapPathMatcherPathRuleRouteActionRetryPolicy)(nil)).Elem() -} - -func (o URLMapPathMatcherPathRuleRouteActionRetryPolicyOutput) ToURLMapPathMatcherPathRuleRouteActionRetryPolicyOutput() URLMapPathMatcherPathRuleRouteActionRetryPolicyOutput { - return o -} - -func (o URLMapPathMatcherPathRuleRouteActionRetryPolicyOutput) ToURLMapPathMatcherPathRuleRouteActionRetryPolicyOutputWithContext(ctx context.Context) URLMapPathMatcherPathRuleRouteActionRetryPolicyOutput { - return o -} - -func (o URLMapPathMatcherPathRuleRouteActionRetryPolicyOutput) ToURLMapPathMatcherPathRuleRouteActionRetryPolicyPtrOutput() URLMapPathMatcherPathRuleRouteActionRetryPolicyPtrOutput { - return o.ToURLMapPathMatcherPathRuleRouteActionRetryPolicyPtrOutputWithContext(context.Background()) -} - -func (o URLMapPathMatcherPathRuleRouteActionRetryPolicyOutput) ToURLMapPathMatcherPathRuleRouteActionRetryPolicyPtrOutputWithContext(ctx context.Context) URLMapPathMatcherPathRuleRouteActionRetryPolicyPtrOutput { - return o.ApplyTWithContext(ctx, func(_ context.Context, v URLMapPathMatcherPathRuleRouteActionRetryPolicy) *URLMapPathMatcherPathRuleRouteActionRetryPolicy { - return &v - }).(URLMapPathMatcherPathRuleRouteActionRetryPolicyPtrOutput) -} - -// Specifies the allowed number retries. This number must be > 0. If not specified, defaults to 1. -func (o URLMapPathMatcherPathRuleRouteActionRetryPolicyOutput) NumRetries() pulumi.IntPtrOutput { - return o.ApplyT(func(v URLMapPathMatcherPathRuleRouteActionRetryPolicy) *int { return v.NumRetries }).(pulumi.IntPtrOutput) -} - -// Specifies a non-zero timeout per retry attempt. -// If not specified, will use the timeout set in HttpRouteAction. If timeout in HttpRouteAction is not set, -// will use the largest timeout among all backend services associated with the route. -// Structure is documented below. -func (o URLMapPathMatcherPathRuleRouteActionRetryPolicyOutput) PerTryTimeout() URLMapPathMatcherPathRuleRouteActionRetryPolicyPerTryTimeoutPtrOutput { - return o.ApplyT(func(v URLMapPathMatcherPathRuleRouteActionRetryPolicy) *URLMapPathMatcherPathRuleRouteActionRetryPolicyPerTryTimeout { - return v.PerTryTimeout - }).(URLMapPathMatcherPathRuleRouteActionRetryPolicyPerTryTimeoutPtrOutput) -} - -// Specfies one or more conditions when this retry rule applies. Valid values are: -// - 5xx: Loadbalancer will attempt a retry if the backend service responds with any 5xx response code, -// or if the backend service does not respond at all, example: disconnects, reset, read timeout, -// - connection failure, and refused streams. -// - gateway-error: Similar to 5xx, but only applies to response codes 502, 503 or 504. -// - connect-failure: Loadbalancer will retry on failures connecting to backend services, -// for example due to connection timeouts. -// - retriable-4xx: Loadbalancer will retry for retriable 4xx response codes. -// Currently the only retriable error supported is 409. -// - refused-stream:Loadbalancer will retry if the backend service resets the stream with a REFUSED_STREAM error code. -// This reset type indicates that it is safe to retry. -// - cancelled: Loadbalancer will retry if the gRPC status code in the response header is set to cancelled -// - deadline-exceeded: Loadbalancer will retry if the gRPC status code in the response header is set to deadline-exceeded -// - resource-exhausted: Loadbalancer will retry if the gRPC status code in the response header is set to resource-exhausted -// - unavailable: Loadbalancer will retry if the gRPC status code in the response header is set to unavailable -func (o URLMapPathMatcherPathRuleRouteActionRetryPolicyOutput) RetryConditions() pulumi.StringArrayOutput { - return o.ApplyT(func(v URLMapPathMatcherPathRuleRouteActionRetryPolicy) []string { return v.RetryConditions }).(pulumi.StringArrayOutput) -} - -type URLMapPathMatcherPathRuleRouteActionRetryPolicyPtrOutput struct{ *pulumi.OutputState } - -func (URLMapPathMatcherPathRuleRouteActionRetryPolicyPtrOutput) ElementType() reflect.Type { - return reflect.TypeOf((**URLMapPathMatcherPathRuleRouteActionRetryPolicy)(nil)).Elem() -} - -func (o URLMapPathMatcherPathRuleRouteActionRetryPolicyPtrOutput) ToURLMapPathMatcherPathRuleRouteActionRetryPolicyPtrOutput() URLMapPathMatcherPathRuleRouteActionRetryPolicyPtrOutput { - return o -} - -func (o URLMapPathMatcherPathRuleRouteActionRetryPolicyPtrOutput) ToURLMapPathMatcherPathRuleRouteActionRetryPolicyPtrOutputWithContext(ctx context.Context) URLMapPathMatcherPathRuleRouteActionRetryPolicyPtrOutput { - return o -} - -func (o URLMapPathMatcherPathRuleRouteActionRetryPolicyPtrOutput) Elem() URLMapPathMatcherPathRuleRouteActionRetryPolicyOutput { - return o.ApplyT(func(v *URLMapPathMatcherPathRuleRouteActionRetryPolicy) URLMapPathMatcherPathRuleRouteActionRetryPolicy { - if v != nil { - return *v - } - var ret URLMapPathMatcherPathRuleRouteActionRetryPolicy - return ret - }).(URLMapPathMatcherPathRuleRouteActionRetryPolicyOutput) -} - -// Specifies the allowed number retries. This number must be > 0. If not specified, defaults to 1. -func (o URLMapPathMatcherPathRuleRouteActionRetryPolicyPtrOutput) NumRetries() pulumi.IntPtrOutput { - return o.ApplyT(func(v *URLMapPathMatcherPathRuleRouteActionRetryPolicy) *int { - if v == nil { - return nil - } - return v.NumRetries - }).(pulumi.IntPtrOutput) -} - -// Specifies a non-zero timeout per retry attempt. -// If not specified, will use the timeout set in HttpRouteAction. If timeout in HttpRouteAction is not set, -// will use the largest timeout among all backend services associated with the route. -// Structure is documented below. -func (o URLMapPathMatcherPathRuleRouteActionRetryPolicyPtrOutput) PerTryTimeout() URLMapPathMatcherPathRuleRouteActionRetryPolicyPerTryTimeoutPtrOutput { - return o.ApplyT(func(v *URLMapPathMatcherPathRuleRouteActionRetryPolicy) *URLMapPathMatcherPathRuleRouteActionRetryPolicyPerTryTimeout { - if v == nil { - return nil - } - return v.PerTryTimeout - }).(URLMapPathMatcherPathRuleRouteActionRetryPolicyPerTryTimeoutPtrOutput) -} - -// Specfies one or more conditions when this retry rule applies. Valid values are: -// - 5xx: Loadbalancer will attempt a retry if the backend service responds with any 5xx response code, -// or if the backend service does not respond at all, example: disconnects, reset, read timeout, -// - connection failure, and refused streams. -// - gateway-error: Similar to 5xx, but only applies to response codes 502, 503 or 504. -// - connect-failure: Loadbalancer will retry on failures connecting to backend services, -// for example due to connection timeouts. -// - retriable-4xx: Loadbalancer will retry for retriable 4xx response codes. -// Currently the only retriable error supported is 409. -// - refused-stream:Loadbalancer will retry if the backend service resets the stream with a REFUSED_STREAM error code. -// This reset type indicates that it is safe to retry. -// - cancelled: Loadbalancer will retry if the gRPC status code in the response header is set to cancelled -// - deadline-exceeded: Loadbalancer will retry if the gRPC status code in the response header is set to deadline-exceeded -// - resource-exhausted: Loadbalancer will retry if the gRPC status code in the response header is set to resource-exhausted -// - unavailable: Loadbalancer will retry if the gRPC status code in the response header is set to unavailable -func (o URLMapPathMatcherPathRuleRouteActionRetryPolicyPtrOutput) RetryConditions() pulumi.StringArrayOutput { - return o.ApplyT(func(v *URLMapPathMatcherPathRuleRouteActionRetryPolicy) []string { - if v == nil { - return nil - } - return v.RetryConditions - }).(pulumi.StringArrayOutput) -} - -type URLMapPathMatcherPathRuleRouteActionRetryPolicyPerTryTimeout struct { - // Span of time that's a fraction of a second at nanosecond resolution. Durations less than one second are - // represented with a 0 seconds field and a positive nanos field. Must be from 0 to 999,999,999 inclusive. - Nanos *int `pulumi:"nanos"` - // Span of time at a resolution of a second. Must be from 0 to 315,576,000,000 inclusive. - // Note: these bounds are computed from: 60 sec/min * 60 min/hr * 24 hr/day * 365.25 days/year * 10000 years - Seconds string `pulumi:"seconds"` -} - -// URLMapPathMatcherPathRuleRouteActionRetryPolicyPerTryTimeoutInput is an input type that accepts URLMapPathMatcherPathRuleRouteActionRetryPolicyPerTryTimeoutArgs and URLMapPathMatcherPathRuleRouteActionRetryPolicyPerTryTimeoutOutput values. -// You can construct a concrete instance of `URLMapPathMatcherPathRuleRouteActionRetryPolicyPerTryTimeoutInput` via: -// -// URLMapPathMatcherPathRuleRouteActionRetryPolicyPerTryTimeoutArgs{...} -type URLMapPathMatcherPathRuleRouteActionRetryPolicyPerTryTimeoutInput interface { - pulumi.Input - - ToURLMapPathMatcherPathRuleRouteActionRetryPolicyPerTryTimeoutOutput() URLMapPathMatcherPathRuleRouteActionRetryPolicyPerTryTimeoutOutput - ToURLMapPathMatcherPathRuleRouteActionRetryPolicyPerTryTimeoutOutputWithContext(context.Context) URLMapPathMatcherPathRuleRouteActionRetryPolicyPerTryTimeoutOutput -} - -type URLMapPathMatcherPathRuleRouteActionRetryPolicyPerTryTimeoutArgs struct { - // Span of time that's a fraction of a second at nanosecond resolution. Durations less than one second are - // represented with a 0 seconds field and a positive nanos field. Must be from 0 to 999,999,999 inclusive. - Nanos pulumi.IntPtrInput `pulumi:"nanos"` - // Span of time at a resolution of a second. Must be from 0 to 315,576,000,000 inclusive. - // Note: these bounds are computed from: 60 sec/min * 60 min/hr * 24 hr/day * 365.25 days/year * 10000 years - Seconds pulumi.StringInput `pulumi:"seconds"` -} - -func (URLMapPathMatcherPathRuleRouteActionRetryPolicyPerTryTimeoutArgs) ElementType() reflect.Type { - return reflect.TypeOf((*URLMapPathMatcherPathRuleRouteActionRetryPolicyPerTryTimeout)(nil)).Elem() -} - -func (i URLMapPathMatcherPathRuleRouteActionRetryPolicyPerTryTimeoutArgs) ToURLMapPathMatcherPathRuleRouteActionRetryPolicyPerTryTimeoutOutput() URLMapPathMatcherPathRuleRouteActionRetryPolicyPerTryTimeoutOutput { - return i.ToURLMapPathMatcherPathRuleRouteActionRetryPolicyPerTryTimeoutOutputWithContext(context.Background()) -} - -func (i URLMapPathMatcherPathRuleRouteActionRetryPolicyPerTryTimeoutArgs) ToURLMapPathMatcherPathRuleRouteActionRetryPolicyPerTryTimeoutOutputWithContext(ctx context.Context) URLMapPathMatcherPathRuleRouteActionRetryPolicyPerTryTimeoutOutput { - return pulumi.ToOutputWithContext(ctx, i).(URLMapPathMatcherPathRuleRouteActionRetryPolicyPerTryTimeoutOutput) -} - -func (i URLMapPathMatcherPathRuleRouteActionRetryPolicyPerTryTimeoutArgs) ToURLMapPathMatcherPathRuleRouteActionRetryPolicyPerTryTimeoutPtrOutput() URLMapPathMatcherPathRuleRouteActionRetryPolicyPerTryTimeoutPtrOutput { - return i.ToURLMapPathMatcherPathRuleRouteActionRetryPolicyPerTryTimeoutPtrOutputWithContext(context.Background()) -} - -func (i URLMapPathMatcherPathRuleRouteActionRetryPolicyPerTryTimeoutArgs) ToURLMapPathMatcherPathRuleRouteActionRetryPolicyPerTryTimeoutPtrOutputWithContext(ctx context.Context) URLMapPathMatcherPathRuleRouteActionRetryPolicyPerTryTimeoutPtrOutput { - return pulumi.ToOutputWithContext(ctx, i).(URLMapPathMatcherPathRuleRouteActionRetryPolicyPerTryTimeoutOutput).ToURLMapPathMatcherPathRuleRouteActionRetryPolicyPerTryTimeoutPtrOutputWithContext(ctx) -} - -// URLMapPathMatcherPathRuleRouteActionRetryPolicyPerTryTimeoutPtrInput is an input type that accepts URLMapPathMatcherPathRuleRouteActionRetryPolicyPerTryTimeoutArgs, URLMapPathMatcherPathRuleRouteActionRetryPolicyPerTryTimeoutPtr and URLMapPathMatcherPathRuleRouteActionRetryPolicyPerTryTimeoutPtrOutput values. -// You can construct a concrete instance of `URLMapPathMatcherPathRuleRouteActionRetryPolicyPerTryTimeoutPtrInput` via: -// -// URLMapPathMatcherPathRuleRouteActionRetryPolicyPerTryTimeoutArgs{...} -// -// or: -// -// nil -type URLMapPathMatcherPathRuleRouteActionRetryPolicyPerTryTimeoutPtrInput interface { - pulumi.Input - - ToURLMapPathMatcherPathRuleRouteActionRetryPolicyPerTryTimeoutPtrOutput() URLMapPathMatcherPathRuleRouteActionRetryPolicyPerTryTimeoutPtrOutput - ToURLMapPathMatcherPathRuleRouteActionRetryPolicyPerTryTimeoutPtrOutputWithContext(context.Context) URLMapPathMatcherPathRuleRouteActionRetryPolicyPerTryTimeoutPtrOutput -} - -type urlmapPathMatcherPathRuleRouteActionRetryPolicyPerTryTimeoutPtrType URLMapPathMatcherPathRuleRouteActionRetryPolicyPerTryTimeoutArgs - -func URLMapPathMatcherPathRuleRouteActionRetryPolicyPerTryTimeoutPtr(v *URLMapPathMatcherPathRuleRouteActionRetryPolicyPerTryTimeoutArgs) URLMapPathMatcherPathRuleRouteActionRetryPolicyPerTryTimeoutPtrInput { - return (*urlmapPathMatcherPathRuleRouteActionRetryPolicyPerTryTimeoutPtrType)(v) -} - -func (*urlmapPathMatcherPathRuleRouteActionRetryPolicyPerTryTimeoutPtrType) ElementType() reflect.Type { - return reflect.TypeOf((**URLMapPathMatcherPathRuleRouteActionRetryPolicyPerTryTimeout)(nil)).Elem() -} - -func (i *urlmapPathMatcherPathRuleRouteActionRetryPolicyPerTryTimeoutPtrType) ToURLMapPathMatcherPathRuleRouteActionRetryPolicyPerTryTimeoutPtrOutput() URLMapPathMatcherPathRuleRouteActionRetryPolicyPerTryTimeoutPtrOutput { - return i.ToURLMapPathMatcherPathRuleRouteActionRetryPolicyPerTryTimeoutPtrOutputWithContext(context.Background()) -} - -func (i *urlmapPathMatcherPathRuleRouteActionRetryPolicyPerTryTimeoutPtrType) ToURLMapPathMatcherPathRuleRouteActionRetryPolicyPerTryTimeoutPtrOutputWithContext(ctx context.Context) URLMapPathMatcherPathRuleRouteActionRetryPolicyPerTryTimeoutPtrOutput { - return pulumi.ToOutputWithContext(ctx, i).(URLMapPathMatcherPathRuleRouteActionRetryPolicyPerTryTimeoutPtrOutput) -} - -type URLMapPathMatcherPathRuleRouteActionRetryPolicyPerTryTimeoutOutput struct{ *pulumi.OutputState } - -func (URLMapPathMatcherPathRuleRouteActionRetryPolicyPerTryTimeoutOutput) ElementType() reflect.Type { - return reflect.TypeOf((*URLMapPathMatcherPathRuleRouteActionRetryPolicyPerTryTimeout)(nil)).Elem() -} - -func (o URLMapPathMatcherPathRuleRouteActionRetryPolicyPerTryTimeoutOutput) ToURLMapPathMatcherPathRuleRouteActionRetryPolicyPerTryTimeoutOutput() URLMapPathMatcherPathRuleRouteActionRetryPolicyPerTryTimeoutOutput { - return o -} - -func (o URLMapPathMatcherPathRuleRouteActionRetryPolicyPerTryTimeoutOutput) ToURLMapPathMatcherPathRuleRouteActionRetryPolicyPerTryTimeoutOutputWithContext(ctx context.Context) URLMapPathMatcherPathRuleRouteActionRetryPolicyPerTryTimeoutOutput { - return o -} - -func (o URLMapPathMatcherPathRuleRouteActionRetryPolicyPerTryTimeoutOutput) ToURLMapPathMatcherPathRuleRouteActionRetryPolicyPerTryTimeoutPtrOutput() URLMapPathMatcherPathRuleRouteActionRetryPolicyPerTryTimeoutPtrOutput { - return o.ToURLMapPathMatcherPathRuleRouteActionRetryPolicyPerTryTimeoutPtrOutputWithContext(context.Background()) -} - -func (o URLMapPathMatcherPathRuleRouteActionRetryPolicyPerTryTimeoutOutput) ToURLMapPathMatcherPathRuleRouteActionRetryPolicyPerTryTimeoutPtrOutputWithContext(ctx context.Context) URLMapPathMatcherPathRuleRouteActionRetryPolicyPerTryTimeoutPtrOutput { - return o.ApplyTWithContext(ctx, func(_ context.Context, v URLMapPathMatcherPathRuleRouteActionRetryPolicyPerTryTimeout) *URLMapPathMatcherPathRuleRouteActionRetryPolicyPerTryTimeout { - return &v - }).(URLMapPathMatcherPathRuleRouteActionRetryPolicyPerTryTimeoutPtrOutput) -} - -// Span of time that's a fraction of a second at nanosecond resolution. Durations less than one second are -// represented with a 0 seconds field and a positive nanos field. Must be from 0 to 999,999,999 inclusive. -func (o URLMapPathMatcherPathRuleRouteActionRetryPolicyPerTryTimeoutOutput) Nanos() pulumi.IntPtrOutput { - return o.ApplyT(func(v URLMapPathMatcherPathRuleRouteActionRetryPolicyPerTryTimeout) *int { return v.Nanos }).(pulumi.IntPtrOutput) -} - -// Span of time at a resolution of a second. Must be from 0 to 315,576,000,000 inclusive. -// Note: these bounds are computed from: 60 sec/min * 60 min/hr * 24 hr/day * 365.25 days/year * 10000 years -func (o URLMapPathMatcherPathRuleRouteActionRetryPolicyPerTryTimeoutOutput) Seconds() pulumi.StringOutput { - return o.ApplyT(func(v URLMapPathMatcherPathRuleRouteActionRetryPolicyPerTryTimeout) string { return v.Seconds }).(pulumi.StringOutput) -} - -type URLMapPathMatcherPathRuleRouteActionRetryPolicyPerTryTimeoutPtrOutput struct{ *pulumi.OutputState } - -func (URLMapPathMatcherPathRuleRouteActionRetryPolicyPerTryTimeoutPtrOutput) ElementType() reflect.Type { - return reflect.TypeOf((**URLMapPathMatcherPathRuleRouteActionRetryPolicyPerTryTimeout)(nil)).Elem() -} - -func (o URLMapPathMatcherPathRuleRouteActionRetryPolicyPerTryTimeoutPtrOutput) ToURLMapPathMatcherPathRuleRouteActionRetryPolicyPerTryTimeoutPtrOutput() URLMapPathMatcherPathRuleRouteActionRetryPolicyPerTryTimeoutPtrOutput { - return o -} - -func (o URLMapPathMatcherPathRuleRouteActionRetryPolicyPerTryTimeoutPtrOutput) ToURLMapPathMatcherPathRuleRouteActionRetryPolicyPerTryTimeoutPtrOutputWithContext(ctx context.Context) URLMapPathMatcherPathRuleRouteActionRetryPolicyPerTryTimeoutPtrOutput { - return o -} - -func (o URLMapPathMatcherPathRuleRouteActionRetryPolicyPerTryTimeoutPtrOutput) Elem() URLMapPathMatcherPathRuleRouteActionRetryPolicyPerTryTimeoutOutput { - return o.ApplyT(func(v *URLMapPathMatcherPathRuleRouteActionRetryPolicyPerTryTimeout) URLMapPathMatcherPathRuleRouteActionRetryPolicyPerTryTimeout { - if v != nil { - return *v - } - var ret URLMapPathMatcherPathRuleRouteActionRetryPolicyPerTryTimeout - return ret - }).(URLMapPathMatcherPathRuleRouteActionRetryPolicyPerTryTimeoutOutput) -} - -// Span of time that's a fraction of a second at nanosecond resolution. Durations less than one second are -// represented with a 0 seconds field and a positive nanos field. Must be from 0 to 999,999,999 inclusive. -func (o URLMapPathMatcherPathRuleRouteActionRetryPolicyPerTryTimeoutPtrOutput) Nanos() pulumi.IntPtrOutput { - return o.ApplyT(func(v *URLMapPathMatcherPathRuleRouteActionRetryPolicyPerTryTimeout) *int { - if v == nil { - return nil - } - return v.Nanos - }).(pulumi.IntPtrOutput) -} - -// Span of time at a resolution of a second. Must be from 0 to 315,576,000,000 inclusive. -// Note: these bounds are computed from: 60 sec/min * 60 min/hr * 24 hr/day * 365.25 days/year * 10000 years -func (o URLMapPathMatcherPathRuleRouteActionRetryPolicyPerTryTimeoutPtrOutput) Seconds() pulumi.StringPtrOutput { - return o.ApplyT(func(v *URLMapPathMatcherPathRuleRouteActionRetryPolicyPerTryTimeout) *string { - if v == nil { - return nil - } - return &v.Seconds - }).(pulumi.StringPtrOutput) -} - -type URLMapPathMatcherPathRuleRouteActionTimeout struct { - // Span of time that's a fraction of a second at nanosecond resolution. Durations less than one second are represented - // with a 0 seconds field and a positive nanos field. Must be from 0 to 999,999,999 inclusive. - Nanos *int `pulumi:"nanos"` - // Span of time at a resolution of a second. Must be from 0 to 315,576,000,000 inclusive. - // Note: these bounds are computed from: 60 sec/min * 60 min/hr * 24 hr/day * 365.25 days/year * 10000 years - Seconds string `pulumi:"seconds"` -} - -// URLMapPathMatcherPathRuleRouteActionTimeoutInput is an input type that accepts URLMapPathMatcherPathRuleRouteActionTimeoutArgs and URLMapPathMatcherPathRuleRouteActionTimeoutOutput values. -// You can construct a concrete instance of `URLMapPathMatcherPathRuleRouteActionTimeoutInput` via: -// -// URLMapPathMatcherPathRuleRouteActionTimeoutArgs{...} -type URLMapPathMatcherPathRuleRouteActionTimeoutInput interface { - pulumi.Input - - ToURLMapPathMatcherPathRuleRouteActionTimeoutOutput() URLMapPathMatcherPathRuleRouteActionTimeoutOutput - ToURLMapPathMatcherPathRuleRouteActionTimeoutOutputWithContext(context.Context) URLMapPathMatcherPathRuleRouteActionTimeoutOutput -} - -type URLMapPathMatcherPathRuleRouteActionTimeoutArgs struct { - // Span of time that's a fraction of a second at nanosecond resolution. Durations less than one second are represented - // with a 0 seconds field and a positive nanos field. Must be from 0 to 999,999,999 inclusive. - Nanos pulumi.IntPtrInput `pulumi:"nanos"` - // Span of time at a resolution of a second. Must be from 0 to 315,576,000,000 inclusive. - // Note: these bounds are computed from: 60 sec/min * 60 min/hr * 24 hr/day * 365.25 days/year * 10000 years - Seconds pulumi.StringInput `pulumi:"seconds"` -} - -func (URLMapPathMatcherPathRuleRouteActionTimeoutArgs) ElementType() reflect.Type { - return reflect.TypeOf((*URLMapPathMatcherPathRuleRouteActionTimeout)(nil)).Elem() -} - -func (i URLMapPathMatcherPathRuleRouteActionTimeoutArgs) ToURLMapPathMatcherPathRuleRouteActionTimeoutOutput() URLMapPathMatcherPathRuleRouteActionTimeoutOutput { - return i.ToURLMapPathMatcherPathRuleRouteActionTimeoutOutputWithContext(context.Background()) -} - -func (i URLMapPathMatcherPathRuleRouteActionTimeoutArgs) ToURLMapPathMatcherPathRuleRouteActionTimeoutOutputWithContext(ctx context.Context) URLMapPathMatcherPathRuleRouteActionTimeoutOutput { - return pulumi.ToOutputWithContext(ctx, i).(URLMapPathMatcherPathRuleRouteActionTimeoutOutput) -} - -func (i URLMapPathMatcherPathRuleRouteActionTimeoutArgs) ToURLMapPathMatcherPathRuleRouteActionTimeoutPtrOutput() URLMapPathMatcherPathRuleRouteActionTimeoutPtrOutput { - return i.ToURLMapPathMatcherPathRuleRouteActionTimeoutPtrOutputWithContext(context.Background()) -} - -func (i URLMapPathMatcherPathRuleRouteActionTimeoutArgs) ToURLMapPathMatcherPathRuleRouteActionTimeoutPtrOutputWithContext(ctx context.Context) URLMapPathMatcherPathRuleRouteActionTimeoutPtrOutput { - return pulumi.ToOutputWithContext(ctx, i).(URLMapPathMatcherPathRuleRouteActionTimeoutOutput).ToURLMapPathMatcherPathRuleRouteActionTimeoutPtrOutputWithContext(ctx) -} - -// URLMapPathMatcherPathRuleRouteActionTimeoutPtrInput is an input type that accepts URLMapPathMatcherPathRuleRouteActionTimeoutArgs, URLMapPathMatcherPathRuleRouteActionTimeoutPtr and URLMapPathMatcherPathRuleRouteActionTimeoutPtrOutput values. -// You can construct a concrete instance of `URLMapPathMatcherPathRuleRouteActionTimeoutPtrInput` via: -// -// URLMapPathMatcherPathRuleRouteActionTimeoutArgs{...} -// -// or: -// -// nil -type URLMapPathMatcherPathRuleRouteActionTimeoutPtrInput interface { - pulumi.Input - - ToURLMapPathMatcherPathRuleRouteActionTimeoutPtrOutput() URLMapPathMatcherPathRuleRouteActionTimeoutPtrOutput - ToURLMapPathMatcherPathRuleRouteActionTimeoutPtrOutputWithContext(context.Context) URLMapPathMatcherPathRuleRouteActionTimeoutPtrOutput -} - -type urlmapPathMatcherPathRuleRouteActionTimeoutPtrType URLMapPathMatcherPathRuleRouteActionTimeoutArgs - -func URLMapPathMatcherPathRuleRouteActionTimeoutPtr(v *URLMapPathMatcherPathRuleRouteActionTimeoutArgs) URLMapPathMatcherPathRuleRouteActionTimeoutPtrInput { - return (*urlmapPathMatcherPathRuleRouteActionTimeoutPtrType)(v) -} - -func (*urlmapPathMatcherPathRuleRouteActionTimeoutPtrType) ElementType() reflect.Type { - return reflect.TypeOf((**URLMapPathMatcherPathRuleRouteActionTimeout)(nil)).Elem() -} - -func (i *urlmapPathMatcherPathRuleRouteActionTimeoutPtrType) ToURLMapPathMatcherPathRuleRouteActionTimeoutPtrOutput() URLMapPathMatcherPathRuleRouteActionTimeoutPtrOutput { - return i.ToURLMapPathMatcherPathRuleRouteActionTimeoutPtrOutputWithContext(context.Background()) -} - -func (i *urlmapPathMatcherPathRuleRouteActionTimeoutPtrType) ToURLMapPathMatcherPathRuleRouteActionTimeoutPtrOutputWithContext(ctx context.Context) URLMapPathMatcherPathRuleRouteActionTimeoutPtrOutput { - return pulumi.ToOutputWithContext(ctx, i).(URLMapPathMatcherPathRuleRouteActionTimeoutPtrOutput) -} - -type URLMapPathMatcherPathRuleRouteActionTimeoutOutput struct{ *pulumi.OutputState } - -func (URLMapPathMatcherPathRuleRouteActionTimeoutOutput) ElementType() reflect.Type { - return reflect.TypeOf((*URLMapPathMatcherPathRuleRouteActionTimeout)(nil)).Elem() -} - -func (o URLMapPathMatcherPathRuleRouteActionTimeoutOutput) ToURLMapPathMatcherPathRuleRouteActionTimeoutOutput() URLMapPathMatcherPathRuleRouteActionTimeoutOutput { - return o -} - -func (o URLMapPathMatcherPathRuleRouteActionTimeoutOutput) ToURLMapPathMatcherPathRuleRouteActionTimeoutOutputWithContext(ctx context.Context) URLMapPathMatcherPathRuleRouteActionTimeoutOutput { - return o -} - -func (o URLMapPathMatcherPathRuleRouteActionTimeoutOutput) ToURLMapPathMatcherPathRuleRouteActionTimeoutPtrOutput() URLMapPathMatcherPathRuleRouteActionTimeoutPtrOutput { - return o.ToURLMapPathMatcherPathRuleRouteActionTimeoutPtrOutputWithContext(context.Background()) -} - -func (o URLMapPathMatcherPathRuleRouteActionTimeoutOutput) ToURLMapPathMatcherPathRuleRouteActionTimeoutPtrOutputWithContext(ctx context.Context) URLMapPathMatcherPathRuleRouteActionTimeoutPtrOutput { - return o.ApplyTWithContext(ctx, func(_ context.Context, v URLMapPathMatcherPathRuleRouteActionTimeout) *URLMapPathMatcherPathRuleRouteActionTimeout { - return &v - }).(URLMapPathMatcherPathRuleRouteActionTimeoutPtrOutput) -} - -// Span of time that's a fraction of a second at nanosecond resolution. Durations less than one second are represented -// with a 0 seconds field and a positive nanos field. Must be from 0 to 999,999,999 inclusive. -func (o URLMapPathMatcherPathRuleRouteActionTimeoutOutput) Nanos() pulumi.IntPtrOutput { - return o.ApplyT(func(v URLMapPathMatcherPathRuleRouteActionTimeout) *int { return v.Nanos }).(pulumi.IntPtrOutput) -} - -// Span of time at a resolution of a second. Must be from 0 to 315,576,000,000 inclusive. -// Note: these bounds are computed from: 60 sec/min * 60 min/hr * 24 hr/day * 365.25 days/year * 10000 years -func (o URLMapPathMatcherPathRuleRouteActionTimeoutOutput) Seconds() pulumi.StringOutput { - return o.ApplyT(func(v URLMapPathMatcherPathRuleRouteActionTimeout) string { return v.Seconds }).(pulumi.StringOutput) -} - -type URLMapPathMatcherPathRuleRouteActionTimeoutPtrOutput struct{ *pulumi.OutputState } - -func (URLMapPathMatcherPathRuleRouteActionTimeoutPtrOutput) ElementType() reflect.Type { - return reflect.TypeOf((**URLMapPathMatcherPathRuleRouteActionTimeout)(nil)).Elem() -} - -func (o URLMapPathMatcherPathRuleRouteActionTimeoutPtrOutput) ToURLMapPathMatcherPathRuleRouteActionTimeoutPtrOutput() URLMapPathMatcherPathRuleRouteActionTimeoutPtrOutput { - return o -} - -func (o URLMapPathMatcherPathRuleRouteActionTimeoutPtrOutput) ToURLMapPathMatcherPathRuleRouteActionTimeoutPtrOutputWithContext(ctx context.Context) URLMapPathMatcherPathRuleRouteActionTimeoutPtrOutput { - return o -} - -func (o URLMapPathMatcherPathRuleRouteActionTimeoutPtrOutput) Elem() URLMapPathMatcherPathRuleRouteActionTimeoutOutput { - return o.ApplyT(func(v *URLMapPathMatcherPathRuleRouteActionTimeout) URLMapPathMatcherPathRuleRouteActionTimeout { - if v != nil { - return *v - } - var ret URLMapPathMatcherPathRuleRouteActionTimeout - return ret - }).(URLMapPathMatcherPathRuleRouteActionTimeoutOutput) -} - -// Span of time that's a fraction of a second at nanosecond resolution. Durations less than one second are represented -// with a 0 seconds field and a positive nanos field. Must be from 0 to 999,999,999 inclusive. -func (o URLMapPathMatcherPathRuleRouteActionTimeoutPtrOutput) Nanos() pulumi.IntPtrOutput { - return o.ApplyT(func(v *URLMapPathMatcherPathRuleRouteActionTimeout) *int { - if v == nil { - return nil - } - return v.Nanos - }).(pulumi.IntPtrOutput) -} - -// Span of time at a resolution of a second. Must be from 0 to 315,576,000,000 inclusive. -// Note: these bounds are computed from: 60 sec/min * 60 min/hr * 24 hr/day * 365.25 days/year * 10000 years -func (o URLMapPathMatcherPathRuleRouteActionTimeoutPtrOutput) Seconds() pulumi.StringPtrOutput { - return o.ApplyT(func(v *URLMapPathMatcherPathRuleRouteActionTimeout) *string { - if v == nil { - return nil - } - return &v.Seconds - }).(pulumi.StringPtrOutput) -} - -type URLMapPathMatcherPathRuleRouteActionUrlRewrite struct { - // Prior to forwarding the request to the selected service, the request's host header is replaced - // with contents of hostRewrite. - // The value must be between 1 and 255 characters. - HostRewrite *string `pulumi:"hostRewrite"` - // Prior to forwarding the request to the selected backend service, the matching portion of the - // request's path is replaced by pathPrefixRewrite. - // The value must be between 1 and 1024 characters. - PathPrefixRewrite *string `pulumi:"pathPrefixRewrite"` -} - -// URLMapPathMatcherPathRuleRouteActionUrlRewriteInput is an input type that accepts URLMapPathMatcherPathRuleRouteActionUrlRewriteArgs and URLMapPathMatcherPathRuleRouteActionUrlRewriteOutput values. -// You can construct a concrete instance of `URLMapPathMatcherPathRuleRouteActionUrlRewriteInput` via: -// -// URLMapPathMatcherPathRuleRouteActionUrlRewriteArgs{...} -type URLMapPathMatcherPathRuleRouteActionUrlRewriteInput interface { - pulumi.Input - - ToURLMapPathMatcherPathRuleRouteActionUrlRewriteOutput() URLMapPathMatcherPathRuleRouteActionUrlRewriteOutput - ToURLMapPathMatcherPathRuleRouteActionUrlRewriteOutputWithContext(context.Context) URLMapPathMatcherPathRuleRouteActionUrlRewriteOutput -} - -type URLMapPathMatcherPathRuleRouteActionUrlRewriteArgs struct { - // Prior to forwarding the request to the selected service, the request's host header is replaced - // with contents of hostRewrite. - // The value must be between 1 and 255 characters. - HostRewrite pulumi.StringPtrInput `pulumi:"hostRewrite"` - // Prior to forwarding the request to the selected backend service, the matching portion of the - // request's path is replaced by pathPrefixRewrite. - // The value must be between 1 and 1024 characters. - PathPrefixRewrite pulumi.StringPtrInput `pulumi:"pathPrefixRewrite"` -} - -func (URLMapPathMatcherPathRuleRouteActionUrlRewriteArgs) ElementType() reflect.Type { - return reflect.TypeOf((*URLMapPathMatcherPathRuleRouteActionUrlRewrite)(nil)).Elem() -} - -func (i URLMapPathMatcherPathRuleRouteActionUrlRewriteArgs) ToURLMapPathMatcherPathRuleRouteActionUrlRewriteOutput() URLMapPathMatcherPathRuleRouteActionUrlRewriteOutput { - return i.ToURLMapPathMatcherPathRuleRouteActionUrlRewriteOutputWithContext(context.Background()) -} - -func (i URLMapPathMatcherPathRuleRouteActionUrlRewriteArgs) ToURLMapPathMatcherPathRuleRouteActionUrlRewriteOutputWithContext(ctx context.Context) URLMapPathMatcherPathRuleRouteActionUrlRewriteOutput { - return pulumi.ToOutputWithContext(ctx, i).(URLMapPathMatcherPathRuleRouteActionUrlRewriteOutput) -} - -func (i URLMapPathMatcherPathRuleRouteActionUrlRewriteArgs) ToURLMapPathMatcherPathRuleRouteActionUrlRewritePtrOutput() URLMapPathMatcherPathRuleRouteActionUrlRewritePtrOutput { - return i.ToURLMapPathMatcherPathRuleRouteActionUrlRewritePtrOutputWithContext(context.Background()) -} - -func (i URLMapPathMatcherPathRuleRouteActionUrlRewriteArgs) ToURLMapPathMatcherPathRuleRouteActionUrlRewritePtrOutputWithContext(ctx context.Context) URLMapPathMatcherPathRuleRouteActionUrlRewritePtrOutput { - return pulumi.ToOutputWithContext(ctx, i).(URLMapPathMatcherPathRuleRouteActionUrlRewriteOutput).ToURLMapPathMatcherPathRuleRouteActionUrlRewritePtrOutputWithContext(ctx) -} - -// URLMapPathMatcherPathRuleRouteActionUrlRewritePtrInput is an input type that accepts URLMapPathMatcherPathRuleRouteActionUrlRewriteArgs, URLMapPathMatcherPathRuleRouteActionUrlRewritePtr and URLMapPathMatcherPathRuleRouteActionUrlRewritePtrOutput values. -// You can construct a concrete instance of `URLMapPathMatcherPathRuleRouteActionUrlRewritePtrInput` via: -// -// URLMapPathMatcherPathRuleRouteActionUrlRewriteArgs{...} -// -// or: -// -// nil -type URLMapPathMatcherPathRuleRouteActionUrlRewritePtrInput interface { - pulumi.Input - - ToURLMapPathMatcherPathRuleRouteActionUrlRewritePtrOutput() URLMapPathMatcherPathRuleRouteActionUrlRewritePtrOutput - ToURLMapPathMatcherPathRuleRouteActionUrlRewritePtrOutputWithContext(context.Context) URLMapPathMatcherPathRuleRouteActionUrlRewritePtrOutput -} - -type urlmapPathMatcherPathRuleRouteActionUrlRewritePtrType URLMapPathMatcherPathRuleRouteActionUrlRewriteArgs - -func URLMapPathMatcherPathRuleRouteActionUrlRewritePtr(v *URLMapPathMatcherPathRuleRouteActionUrlRewriteArgs) URLMapPathMatcherPathRuleRouteActionUrlRewritePtrInput { - return (*urlmapPathMatcherPathRuleRouteActionUrlRewritePtrType)(v) -} - -func (*urlmapPathMatcherPathRuleRouteActionUrlRewritePtrType) ElementType() reflect.Type { - return reflect.TypeOf((**URLMapPathMatcherPathRuleRouteActionUrlRewrite)(nil)).Elem() -} - -func (i *urlmapPathMatcherPathRuleRouteActionUrlRewritePtrType) ToURLMapPathMatcherPathRuleRouteActionUrlRewritePtrOutput() URLMapPathMatcherPathRuleRouteActionUrlRewritePtrOutput { - return i.ToURLMapPathMatcherPathRuleRouteActionUrlRewritePtrOutputWithContext(context.Background()) -} - -func (i *urlmapPathMatcherPathRuleRouteActionUrlRewritePtrType) ToURLMapPathMatcherPathRuleRouteActionUrlRewritePtrOutputWithContext(ctx context.Context) URLMapPathMatcherPathRuleRouteActionUrlRewritePtrOutput { - return pulumi.ToOutputWithContext(ctx, i).(URLMapPathMatcherPathRuleRouteActionUrlRewritePtrOutput) -} - -type URLMapPathMatcherPathRuleRouteActionUrlRewriteOutput struct{ *pulumi.OutputState } - -func (URLMapPathMatcherPathRuleRouteActionUrlRewriteOutput) ElementType() reflect.Type { - return reflect.TypeOf((*URLMapPathMatcherPathRuleRouteActionUrlRewrite)(nil)).Elem() -} - -func (o URLMapPathMatcherPathRuleRouteActionUrlRewriteOutput) ToURLMapPathMatcherPathRuleRouteActionUrlRewriteOutput() URLMapPathMatcherPathRuleRouteActionUrlRewriteOutput { - return o -} - -func (o URLMapPathMatcherPathRuleRouteActionUrlRewriteOutput) ToURLMapPathMatcherPathRuleRouteActionUrlRewriteOutputWithContext(ctx context.Context) URLMapPathMatcherPathRuleRouteActionUrlRewriteOutput { - return o -} - -func (o URLMapPathMatcherPathRuleRouteActionUrlRewriteOutput) ToURLMapPathMatcherPathRuleRouteActionUrlRewritePtrOutput() URLMapPathMatcherPathRuleRouteActionUrlRewritePtrOutput { - return o.ToURLMapPathMatcherPathRuleRouteActionUrlRewritePtrOutputWithContext(context.Background()) -} - -func (o URLMapPathMatcherPathRuleRouteActionUrlRewriteOutput) ToURLMapPathMatcherPathRuleRouteActionUrlRewritePtrOutputWithContext(ctx context.Context) URLMapPathMatcherPathRuleRouteActionUrlRewritePtrOutput { - return o.ApplyTWithContext(ctx, func(_ context.Context, v URLMapPathMatcherPathRuleRouteActionUrlRewrite) *URLMapPathMatcherPathRuleRouteActionUrlRewrite { - return &v - }).(URLMapPathMatcherPathRuleRouteActionUrlRewritePtrOutput) -} - -// Prior to forwarding the request to the selected service, the request's host header is replaced -// with contents of hostRewrite. -// The value must be between 1 and 255 characters. -func (o URLMapPathMatcherPathRuleRouteActionUrlRewriteOutput) HostRewrite() pulumi.StringPtrOutput { - return o.ApplyT(func(v URLMapPathMatcherPathRuleRouteActionUrlRewrite) *string { return v.HostRewrite }).(pulumi.StringPtrOutput) -} - -// Prior to forwarding the request to the selected backend service, the matching portion of the -// request's path is replaced by pathPrefixRewrite. -// The value must be between 1 and 1024 characters. -func (o URLMapPathMatcherPathRuleRouteActionUrlRewriteOutput) PathPrefixRewrite() pulumi.StringPtrOutput { - return o.ApplyT(func(v URLMapPathMatcherPathRuleRouteActionUrlRewrite) *string { return v.PathPrefixRewrite }).(pulumi.StringPtrOutput) -} - -type URLMapPathMatcherPathRuleRouteActionUrlRewritePtrOutput struct{ *pulumi.OutputState } - -func (URLMapPathMatcherPathRuleRouteActionUrlRewritePtrOutput) ElementType() reflect.Type { - return reflect.TypeOf((**URLMapPathMatcherPathRuleRouteActionUrlRewrite)(nil)).Elem() -} - -func (o URLMapPathMatcherPathRuleRouteActionUrlRewritePtrOutput) ToURLMapPathMatcherPathRuleRouteActionUrlRewritePtrOutput() URLMapPathMatcherPathRuleRouteActionUrlRewritePtrOutput { - return o -} - -func (o URLMapPathMatcherPathRuleRouteActionUrlRewritePtrOutput) ToURLMapPathMatcherPathRuleRouteActionUrlRewritePtrOutputWithContext(ctx context.Context) URLMapPathMatcherPathRuleRouteActionUrlRewritePtrOutput { - return o -} - -func (o URLMapPathMatcherPathRuleRouteActionUrlRewritePtrOutput) Elem() URLMapPathMatcherPathRuleRouteActionUrlRewriteOutput { - return o.ApplyT(func(v *URLMapPathMatcherPathRuleRouteActionUrlRewrite) URLMapPathMatcherPathRuleRouteActionUrlRewrite { - if v != nil { - return *v - } - var ret URLMapPathMatcherPathRuleRouteActionUrlRewrite - return ret - }).(URLMapPathMatcherPathRuleRouteActionUrlRewriteOutput) -} - -// Prior to forwarding the request to the selected service, the request's host header is replaced -// with contents of hostRewrite. -// The value must be between 1 and 255 characters. -func (o URLMapPathMatcherPathRuleRouteActionUrlRewritePtrOutput) HostRewrite() pulumi.StringPtrOutput { - return o.ApplyT(func(v *URLMapPathMatcherPathRuleRouteActionUrlRewrite) *string { - if v == nil { - return nil - } - return v.HostRewrite - }).(pulumi.StringPtrOutput) -} - -// Prior to forwarding the request to the selected backend service, the matching portion of the -// request's path is replaced by pathPrefixRewrite. -// The value must be between 1 and 1024 characters. -func (o URLMapPathMatcherPathRuleRouteActionUrlRewritePtrOutput) PathPrefixRewrite() pulumi.StringPtrOutput { - return o.ApplyT(func(v *URLMapPathMatcherPathRuleRouteActionUrlRewrite) *string { - if v == nil { - return nil - } - return v.PathPrefixRewrite - }).(pulumi.StringPtrOutput) -} - func init() { pulumi.RegisterInputType(reflect.TypeOf((*AutoscalerAutoscalingPolicyInput)(nil)).Elem(), AutoscalerAutoscalingPolicyArgs{}) pulumi.RegisterInputType(reflect.TypeOf((*AutoscalerAutoscalingPolicyPtrInput)(nil)).Elem(), AutoscalerAutoscalingPolicyArgs{}) @@ -90679,6 +90612,8 @@ func init() { pulumi.RegisterInputType(reflect.TypeOf((*InstanceFromMachineImageSchedulingMaxRunDurationPtrInput)(nil)).Elem(), InstanceFromMachineImageSchedulingMaxRunDurationArgs{}) pulumi.RegisterInputType(reflect.TypeOf((*InstanceFromMachineImageSchedulingNodeAffinityInput)(nil)).Elem(), InstanceFromMachineImageSchedulingNodeAffinityArgs{}) pulumi.RegisterInputType(reflect.TypeOf((*InstanceFromMachineImageSchedulingNodeAffinityArrayInput)(nil)).Elem(), InstanceFromMachineImageSchedulingNodeAffinityArray{}) + pulumi.RegisterInputType(reflect.TypeOf((*InstanceFromMachineImageSchedulingOnInstanceStopActionInput)(nil)).Elem(), InstanceFromMachineImageSchedulingOnInstanceStopActionArgs{}) + pulumi.RegisterInputType(reflect.TypeOf((*InstanceFromMachineImageSchedulingOnInstanceStopActionPtrInput)(nil)).Elem(), InstanceFromMachineImageSchedulingOnInstanceStopActionArgs{}) pulumi.RegisterInputType(reflect.TypeOf((*InstanceFromMachineImageScratchDiskInput)(nil)).Elem(), InstanceFromMachineImageScratchDiskArgs{}) pulumi.RegisterInputType(reflect.TypeOf((*InstanceFromMachineImageScratchDiskArrayInput)(nil)).Elem(), InstanceFromMachineImageScratchDiskArray{}) pulumi.RegisterInputType(reflect.TypeOf((*InstanceFromMachineImageServiceAccountInput)(nil)).Elem(), InstanceFromMachineImageServiceAccountArgs{}) @@ -90721,6 +90656,8 @@ func init() { pulumi.RegisterInputType(reflect.TypeOf((*InstanceFromTemplateSchedulingMaxRunDurationPtrInput)(nil)).Elem(), InstanceFromTemplateSchedulingMaxRunDurationArgs{}) pulumi.RegisterInputType(reflect.TypeOf((*InstanceFromTemplateSchedulingNodeAffinityInput)(nil)).Elem(), InstanceFromTemplateSchedulingNodeAffinityArgs{}) pulumi.RegisterInputType(reflect.TypeOf((*InstanceFromTemplateSchedulingNodeAffinityArrayInput)(nil)).Elem(), InstanceFromTemplateSchedulingNodeAffinityArray{}) + pulumi.RegisterInputType(reflect.TypeOf((*InstanceFromTemplateSchedulingOnInstanceStopActionInput)(nil)).Elem(), InstanceFromTemplateSchedulingOnInstanceStopActionArgs{}) + pulumi.RegisterInputType(reflect.TypeOf((*InstanceFromTemplateSchedulingOnInstanceStopActionPtrInput)(nil)).Elem(), InstanceFromTemplateSchedulingOnInstanceStopActionArgs{}) pulumi.RegisterInputType(reflect.TypeOf((*InstanceFromTemplateScratchDiskInput)(nil)).Elem(), InstanceFromTemplateScratchDiskArgs{}) pulumi.RegisterInputType(reflect.TypeOf((*InstanceFromTemplateScratchDiskArrayInput)(nil)).Elem(), InstanceFromTemplateScratchDiskArray{}) pulumi.RegisterInputType(reflect.TypeOf((*InstanceFromTemplateServiceAccountInput)(nil)).Elem(), InstanceFromTemplateServiceAccountArgs{}) @@ -90791,6 +90728,8 @@ func init() { pulumi.RegisterInputType(reflect.TypeOf((*InstanceSchedulingMaxRunDurationPtrInput)(nil)).Elem(), InstanceSchedulingMaxRunDurationArgs{}) pulumi.RegisterInputType(reflect.TypeOf((*InstanceSchedulingNodeAffinityInput)(nil)).Elem(), InstanceSchedulingNodeAffinityArgs{}) pulumi.RegisterInputType(reflect.TypeOf((*InstanceSchedulingNodeAffinityArrayInput)(nil)).Elem(), InstanceSchedulingNodeAffinityArray{}) + pulumi.RegisterInputType(reflect.TypeOf((*InstanceSchedulingOnInstanceStopActionInput)(nil)).Elem(), InstanceSchedulingOnInstanceStopActionArgs{}) + pulumi.RegisterInputType(reflect.TypeOf((*InstanceSchedulingOnInstanceStopActionPtrInput)(nil)).Elem(), InstanceSchedulingOnInstanceStopActionArgs{}) pulumi.RegisterInputType(reflect.TypeOf((*InstanceScratchDiskInput)(nil)).Elem(), InstanceScratchDiskArgs{}) pulumi.RegisterInputType(reflect.TypeOf((*InstanceScratchDiskArrayInput)(nil)).Elem(), InstanceScratchDiskArray{}) pulumi.RegisterInputType(reflect.TypeOf((*InstanceServiceAccountInput)(nil)).Elem(), InstanceServiceAccountArgs{}) @@ -90835,6 +90774,8 @@ func init() { pulumi.RegisterInputType(reflect.TypeOf((*InstanceTemplateSchedulingMaxRunDurationPtrInput)(nil)).Elem(), InstanceTemplateSchedulingMaxRunDurationArgs{}) pulumi.RegisterInputType(reflect.TypeOf((*InstanceTemplateSchedulingNodeAffinityInput)(nil)).Elem(), InstanceTemplateSchedulingNodeAffinityArgs{}) pulumi.RegisterInputType(reflect.TypeOf((*InstanceTemplateSchedulingNodeAffinityArrayInput)(nil)).Elem(), InstanceTemplateSchedulingNodeAffinityArray{}) + pulumi.RegisterInputType(reflect.TypeOf((*InstanceTemplateSchedulingOnInstanceStopActionInput)(nil)).Elem(), InstanceTemplateSchedulingOnInstanceStopActionArgs{}) + pulumi.RegisterInputType(reflect.TypeOf((*InstanceTemplateSchedulingOnInstanceStopActionPtrInput)(nil)).Elem(), InstanceTemplateSchedulingOnInstanceStopActionArgs{}) pulumi.RegisterInputType(reflect.TypeOf((*InstanceTemplateServiceAccountInput)(nil)).Elem(), InstanceTemplateServiceAccountArgs{}) pulumi.RegisterInputType(reflect.TypeOf((*InstanceTemplateServiceAccountPtrInput)(nil)).Elem(), InstanceTemplateServiceAccountArgs{}) pulumi.RegisterInputType(reflect.TypeOf((*InstanceTemplateShieldedInstanceConfigInput)(nil)).Elem(), InstanceTemplateShieldedInstanceConfigArgs{}) @@ -91067,6 +91008,8 @@ func init() { pulumi.RegisterInputType(reflect.TypeOf((*RegionInstanceTemplateSchedulingMaxRunDurationPtrInput)(nil)).Elem(), RegionInstanceTemplateSchedulingMaxRunDurationArgs{}) pulumi.RegisterInputType(reflect.TypeOf((*RegionInstanceTemplateSchedulingNodeAffinityInput)(nil)).Elem(), RegionInstanceTemplateSchedulingNodeAffinityArgs{}) pulumi.RegisterInputType(reflect.TypeOf((*RegionInstanceTemplateSchedulingNodeAffinityArrayInput)(nil)).Elem(), RegionInstanceTemplateSchedulingNodeAffinityArray{}) + pulumi.RegisterInputType(reflect.TypeOf((*RegionInstanceTemplateSchedulingOnInstanceStopActionInput)(nil)).Elem(), RegionInstanceTemplateSchedulingOnInstanceStopActionArgs{}) + pulumi.RegisterInputType(reflect.TypeOf((*RegionInstanceTemplateSchedulingOnInstanceStopActionPtrInput)(nil)).Elem(), RegionInstanceTemplateSchedulingOnInstanceStopActionArgs{}) pulumi.RegisterInputType(reflect.TypeOf((*RegionInstanceTemplateServiceAccountInput)(nil)).Elem(), RegionInstanceTemplateServiceAccountArgs{}) pulumi.RegisterInputType(reflect.TypeOf((*RegionInstanceTemplateServiceAccountPtrInput)(nil)).Elem(), RegionInstanceTemplateServiceAccountArgs{}) pulumi.RegisterInputType(reflect.TypeOf((*RegionInstanceTemplateShieldedInstanceConfigInput)(nil)).Elem(), RegionInstanceTemplateShieldedInstanceConfigArgs{}) @@ -91489,16 +91432,6 @@ func init() { pulumi.RegisterInputType(reflect.TypeOf((*URLMapPathMatcherPathRuleRouteActionFaultInjectionPolicyDelayPtrInput)(nil)).Elem(), URLMapPathMatcherPathRuleRouteActionFaultInjectionPolicyDelayArgs{}) pulumi.RegisterInputType(reflect.TypeOf((*URLMapPathMatcherPathRuleRouteActionFaultInjectionPolicyDelayFixedDelayInput)(nil)).Elem(), URLMapPathMatcherPathRuleRouteActionFaultInjectionPolicyDelayFixedDelayArgs{}) pulumi.RegisterInputType(reflect.TypeOf((*URLMapPathMatcherPathRuleRouteActionFaultInjectionPolicyDelayFixedDelayPtrInput)(nil)).Elem(), URLMapPathMatcherPathRuleRouteActionFaultInjectionPolicyDelayFixedDelayArgs{}) - pulumi.RegisterInputType(reflect.TypeOf((*URLMapPathMatcherPathRuleRouteActionRequestMirrorPolicyInput)(nil)).Elem(), URLMapPathMatcherPathRuleRouteActionRequestMirrorPolicyArgs{}) - pulumi.RegisterInputType(reflect.TypeOf((*URLMapPathMatcherPathRuleRouteActionRequestMirrorPolicyPtrInput)(nil)).Elem(), URLMapPathMatcherPathRuleRouteActionRequestMirrorPolicyArgs{}) - pulumi.RegisterInputType(reflect.TypeOf((*URLMapPathMatcherPathRuleRouteActionRetryPolicyInput)(nil)).Elem(), URLMapPathMatcherPathRuleRouteActionRetryPolicyArgs{}) - pulumi.RegisterInputType(reflect.TypeOf((*URLMapPathMatcherPathRuleRouteActionRetryPolicyPtrInput)(nil)).Elem(), URLMapPathMatcherPathRuleRouteActionRetryPolicyArgs{}) - pulumi.RegisterInputType(reflect.TypeOf((*URLMapPathMatcherPathRuleRouteActionRetryPolicyPerTryTimeoutInput)(nil)).Elem(), URLMapPathMatcherPathRuleRouteActionRetryPolicyPerTryTimeoutArgs{}) - pulumi.RegisterInputType(reflect.TypeOf((*URLMapPathMatcherPathRuleRouteActionRetryPolicyPerTryTimeoutPtrInput)(nil)).Elem(), URLMapPathMatcherPathRuleRouteActionRetryPolicyPerTryTimeoutArgs{}) - pulumi.RegisterInputType(reflect.TypeOf((*URLMapPathMatcherPathRuleRouteActionTimeoutInput)(nil)).Elem(), URLMapPathMatcherPathRuleRouteActionTimeoutArgs{}) - pulumi.RegisterInputType(reflect.TypeOf((*URLMapPathMatcherPathRuleRouteActionTimeoutPtrInput)(nil)).Elem(), URLMapPathMatcherPathRuleRouteActionTimeoutArgs{}) - pulumi.RegisterInputType(reflect.TypeOf((*URLMapPathMatcherPathRuleRouteActionUrlRewriteInput)(nil)).Elem(), URLMapPathMatcherPathRuleRouteActionUrlRewriteArgs{}) - pulumi.RegisterInputType(reflect.TypeOf((*URLMapPathMatcherPathRuleRouteActionUrlRewritePtrInput)(nil)).Elem(), URLMapPathMatcherPathRuleRouteActionUrlRewriteArgs{}) pulumi.RegisterOutputType(AutoscalerAutoscalingPolicyOutput{}) pulumi.RegisterOutputType(AutoscalerAutoscalingPolicyPtrOutput{}) pulumi.RegisterOutputType(AutoscalerAutoscalingPolicyCpuUtilizationOutput{}) @@ -91679,6 +91612,8 @@ func init() { pulumi.RegisterOutputType(InstanceFromMachineImageSchedulingMaxRunDurationPtrOutput{}) pulumi.RegisterOutputType(InstanceFromMachineImageSchedulingNodeAffinityOutput{}) pulumi.RegisterOutputType(InstanceFromMachineImageSchedulingNodeAffinityArrayOutput{}) + pulumi.RegisterOutputType(InstanceFromMachineImageSchedulingOnInstanceStopActionOutput{}) + pulumi.RegisterOutputType(InstanceFromMachineImageSchedulingOnInstanceStopActionPtrOutput{}) pulumi.RegisterOutputType(InstanceFromMachineImageScratchDiskOutput{}) pulumi.RegisterOutputType(InstanceFromMachineImageScratchDiskArrayOutput{}) pulumi.RegisterOutputType(InstanceFromMachineImageServiceAccountOutput{}) @@ -91721,6 +91656,8 @@ func init() { pulumi.RegisterOutputType(InstanceFromTemplateSchedulingMaxRunDurationPtrOutput{}) pulumi.RegisterOutputType(InstanceFromTemplateSchedulingNodeAffinityOutput{}) pulumi.RegisterOutputType(InstanceFromTemplateSchedulingNodeAffinityArrayOutput{}) + pulumi.RegisterOutputType(InstanceFromTemplateSchedulingOnInstanceStopActionOutput{}) + pulumi.RegisterOutputType(InstanceFromTemplateSchedulingOnInstanceStopActionPtrOutput{}) pulumi.RegisterOutputType(InstanceFromTemplateScratchDiskOutput{}) pulumi.RegisterOutputType(InstanceFromTemplateScratchDiskArrayOutput{}) pulumi.RegisterOutputType(InstanceFromTemplateServiceAccountOutput{}) @@ -91791,6 +91728,8 @@ func init() { pulumi.RegisterOutputType(InstanceSchedulingMaxRunDurationPtrOutput{}) pulumi.RegisterOutputType(InstanceSchedulingNodeAffinityOutput{}) pulumi.RegisterOutputType(InstanceSchedulingNodeAffinityArrayOutput{}) + pulumi.RegisterOutputType(InstanceSchedulingOnInstanceStopActionOutput{}) + pulumi.RegisterOutputType(InstanceSchedulingOnInstanceStopActionPtrOutput{}) pulumi.RegisterOutputType(InstanceScratchDiskOutput{}) pulumi.RegisterOutputType(InstanceScratchDiskArrayOutput{}) pulumi.RegisterOutputType(InstanceServiceAccountOutput{}) @@ -91835,6 +91774,8 @@ func init() { pulumi.RegisterOutputType(InstanceTemplateSchedulingMaxRunDurationPtrOutput{}) pulumi.RegisterOutputType(InstanceTemplateSchedulingNodeAffinityOutput{}) pulumi.RegisterOutputType(InstanceTemplateSchedulingNodeAffinityArrayOutput{}) + pulumi.RegisterOutputType(InstanceTemplateSchedulingOnInstanceStopActionOutput{}) + pulumi.RegisterOutputType(InstanceTemplateSchedulingOnInstanceStopActionPtrOutput{}) pulumi.RegisterOutputType(InstanceTemplateServiceAccountOutput{}) pulumi.RegisterOutputType(InstanceTemplateServiceAccountPtrOutput{}) pulumi.RegisterOutputType(InstanceTemplateShieldedInstanceConfigOutput{}) @@ -92067,6 +92008,8 @@ func init() { pulumi.RegisterOutputType(RegionInstanceTemplateSchedulingMaxRunDurationPtrOutput{}) pulumi.RegisterOutputType(RegionInstanceTemplateSchedulingNodeAffinityOutput{}) pulumi.RegisterOutputType(RegionInstanceTemplateSchedulingNodeAffinityArrayOutput{}) + pulumi.RegisterOutputType(RegionInstanceTemplateSchedulingOnInstanceStopActionOutput{}) + pulumi.RegisterOutputType(RegionInstanceTemplateSchedulingOnInstanceStopActionPtrOutput{}) pulumi.RegisterOutputType(RegionInstanceTemplateServiceAccountOutput{}) pulumi.RegisterOutputType(RegionInstanceTemplateServiceAccountPtrOutput{}) pulumi.RegisterOutputType(RegionInstanceTemplateShieldedInstanceConfigOutput{}) @@ -92489,14 +92432,4 @@ func init() { pulumi.RegisterOutputType(URLMapPathMatcherPathRuleRouteActionFaultInjectionPolicyDelayPtrOutput{}) pulumi.RegisterOutputType(URLMapPathMatcherPathRuleRouteActionFaultInjectionPolicyDelayFixedDelayOutput{}) pulumi.RegisterOutputType(URLMapPathMatcherPathRuleRouteActionFaultInjectionPolicyDelayFixedDelayPtrOutput{}) - pulumi.RegisterOutputType(URLMapPathMatcherPathRuleRouteActionRequestMirrorPolicyOutput{}) - pulumi.RegisterOutputType(URLMapPathMatcherPathRuleRouteActionRequestMirrorPolicyPtrOutput{}) - pulumi.RegisterOutputType(URLMapPathMatcherPathRuleRouteActionRetryPolicyOutput{}) - pulumi.RegisterOutputType(URLMapPathMatcherPathRuleRouteActionRetryPolicyPtrOutput{}) - pulumi.RegisterOutputType(URLMapPathMatcherPathRuleRouteActionRetryPolicyPerTryTimeoutOutput{}) - pulumi.RegisterOutputType(URLMapPathMatcherPathRuleRouteActionRetryPolicyPerTryTimeoutPtrOutput{}) - pulumi.RegisterOutputType(URLMapPathMatcherPathRuleRouteActionTimeoutOutput{}) - pulumi.RegisterOutputType(URLMapPathMatcherPathRuleRouteActionTimeoutPtrOutput{}) - pulumi.RegisterOutputType(URLMapPathMatcherPathRuleRouteActionUrlRewriteOutput{}) - pulumi.RegisterOutputType(URLMapPathMatcherPathRuleRouteActionUrlRewritePtrOutput{}) } diff --git a/sdk/go/gcp/compute/pulumiTypes1.go b/sdk/go/gcp/compute/pulumiTypes1.go index 5ef8434cdf..b9e71b01cb 100644 --- a/sdk/go/gcp/compute/pulumiTypes1.go +++ b/sdk/go/gcp/compute/pulumiTypes1.go @@ -13,6 +13,888 @@ import ( var _ = internal.GetEnvOrDefault +type URLMapPathMatcherPathRuleRouteActionRequestMirrorPolicy struct { + // The full or partial URL to the BackendService resource being mirrored to. + BackendService string `pulumi:"backendService"` +} + +// URLMapPathMatcherPathRuleRouteActionRequestMirrorPolicyInput is an input type that accepts URLMapPathMatcherPathRuleRouteActionRequestMirrorPolicyArgs and URLMapPathMatcherPathRuleRouteActionRequestMirrorPolicyOutput values. +// You can construct a concrete instance of `URLMapPathMatcherPathRuleRouteActionRequestMirrorPolicyInput` via: +// +// URLMapPathMatcherPathRuleRouteActionRequestMirrorPolicyArgs{...} +type URLMapPathMatcherPathRuleRouteActionRequestMirrorPolicyInput interface { + pulumi.Input + + ToURLMapPathMatcherPathRuleRouteActionRequestMirrorPolicyOutput() URLMapPathMatcherPathRuleRouteActionRequestMirrorPolicyOutput + ToURLMapPathMatcherPathRuleRouteActionRequestMirrorPolicyOutputWithContext(context.Context) URLMapPathMatcherPathRuleRouteActionRequestMirrorPolicyOutput +} + +type URLMapPathMatcherPathRuleRouteActionRequestMirrorPolicyArgs struct { + // The full or partial URL to the BackendService resource being mirrored to. + BackendService pulumi.StringInput `pulumi:"backendService"` +} + +func (URLMapPathMatcherPathRuleRouteActionRequestMirrorPolicyArgs) ElementType() reflect.Type { + return reflect.TypeOf((*URLMapPathMatcherPathRuleRouteActionRequestMirrorPolicy)(nil)).Elem() +} + +func (i URLMapPathMatcherPathRuleRouteActionRequestMirrorPolicyArgs) ToURLMapPathMatcherPathRuleRouteActionRequestMirrorPolicyOutput() URLMapPathMatcherPathRuleRouteActionRequestMirrorPolicyOutput { + return i.ToURLMapPathMatcherPathRuleRouteActionRequestMirrorPolicyOutputWithContext(context.Background()) +} + +func (i URLMapPathMatcherPathRuleRouteActionRequestMirrorPolicyArgs) ToURLMapPathMatcherPathRuleRouteActionRequestMirrorPolicyOutputWithContext(ctx context.Context) URLMapPathMatcherPathRuleRouteActionRequestMirrorPolicyOutput { + return pulumi.ToOutputWithContext(ctx, i).(URLMapPathMatcherPathRuleRouteActionRequestMirrorPolicyOutput) +} + +func (i URLMapPathMatcherPathRuleRouteActionRequestMirrorPolicyArgs) ToURLMapPathMatcherPathRuleRouteActionRequestMirrorPolicyPtrOutput() URLMapPathMatcherPathRuleRouteActionRequestMirrorPolicyPtrOutput { + return i.ToURLMapPathMatcherPathRuleRouteActionRequestMirrorPolicyPtrOutputWithContext(context.Background()) +} + +func (i URLMapPathMatcherPathRuleRouteActionRequestMirrorPolicyArgs) ToURLMapPathMatcherPathRuleRouteActionRequestMirrorPolicyPtrOutputWithContext(ctx context.Context) URLMapPathMatcherPathRuleRouteActionRequestMirrorPolicyPtrOutput { + return pulumi.ToOutputWithContext(ctx, i).(URLMapPathMatcherPathRuleRouteActionRequestMirrorPolicyOutput).ToURLMapPathMatcherPathRuleRouteActionRequestMirrorPolicyPtrOutputWithContext(ctx) +} + +// URLMapPathMatcherPathRuleRouteActionRequestMirrorPolicyPtrInput is an input type that accepts URLMapPathMatcherPathRuleRouteActionRequestMirrorPolicyArgs, URLMapPathMatcherPathRuleRouteActionRequestMirrorPolicyPtr and URLMapPathMatcherPathRuleRouteActionRequestMirrorPolicyPtrOutput values. +// You can construct a concrete instance of `URLMapPathMatcherPathRuleRouteActionRequestMirrorPolicyPtrInput` via: +// +// URLMapPathMatcherPathRuleRouteActionRequestMirrorPolicyArgs{...} +// +// or: +// +// nil +type URLMapPathMatcherPathRuleRouteActionRequestMirrorPolicyPtrInput interface { + pulumi.Input + + ToURLMapPathMatcherPathRuleRouteActionRequestMirrorPolicyPtrOutput() URLMapPathMatcherPathRuleRouteActionRequestMirrorPolicyPtrOutput + ToURLMapPathMatcherPathRuleRouteActionRequestMirrorPolicyPtrOutputWithContext(context.Context) URLMapPathMatcherPathRuleRouteActionRequestMirrorPolicyPtrOutput +} + +type urlmapPathMatcherPathRuleRouteActionRequestMirrorPolicyPtrType URLMapPathMatcherPathRuleRouteActionRequestMirrorPolicyArgs + +func URLMapPathMatcherPathRuleRouteActionRequestMirrorPolicyPtr(v *URLMapPathMatcherPathRuleRouteActionRequestMirrorPolicyArgs) URLMapPathMatcherPathRuleRouteActionRequestMirrorPolicyPtrInput { + return (*urlmapPathMatcherPathRuleRouteActionRequestMirrorPolicyPtrType)(v) +} + +func (*urlmapPathMatcherPathRuleRouteActionRequestMirrorPolicyPtrType) ElementType() reflect.Type { + return reflect.TypeOf((**URLMapPathMatcherPathRuleRouteActionRequestMirrorPolicy)(nil)).Elem() +} + +func (i *urlmapPathMatcherPathRuleRouteActionRequestMirrorPolicyPtrType) ToURLMapPathMatcherPathRuleRouteActionRequestMirrorPolicyPtrOutput() URLMapPathMatcherPathRuleRouteActionRequestMirrorPolicyPtrOutput { + return i.ToURLMapPathMatcherPathRuleRouteActionRequestMirrorPolicyPtrOutputWithContext(context.Background()) +} + +func (i *urlmapPathMatcherPathRuleRouteActionRequestMirrorPolicyPtrType) ToURLMapPathMatcherPathRuleRouteActionRequestMirrorPolicyPtrOutputWithContext(ctx context.Context) URLMapPathMatcherPathRuleRouteActionRequestMirrorPolicyPtrOutput { + return pulumi.ToOutputWithContext(ctx, i).(URLMapPathMatcherPathRuleRouteActionRequestMirrorPolicyPtrOutput) +} + +type URLMapPathMatcherPathRuleRouteActionRequestMirrorPolicyOutput struct{ *pulumi.OutputState } + +func (URLMapPathMatcherPathRuleRouteActionRequestMirrorPolicyOutput) ElementType() reflect.Type { + return reflect.TypeOf((*URLMapPathMatcherPathRuleRouteActionRequestMirrorPolicy)(nil)).Elem() +} + +func (o URLMapPathMatcherPathRuleRouteActionRequestMirrorPolicyOutput) ToURLMapPathMatcherPathRuleRouteActionRequestMirrorPolicyOutput() URLMapPathMatcherPathRuleRouteActionRequestMirrorPolicyOutput { + return o +} + +func (o URLMapPathMatcherPathRuleRouteActionRequestMirrorPolicyOutput) ToURLMapPathMatcherPathRuleRouteActionRequestMirrorPolicyOutputWithContext(ctx context.Context) URLMapPathMatcherPathRuleRouteActionRequestMirrorPolicyOutput { + return o +} + +func (o URLMapPathMatcherPathRuleRouteActionRequestMirrorPolicyOutput) ToURLMapPathMatcherPathRuleRouteActionRequestMirrorPolicyPtrOutput() URLMapPathMatcherPathRuleRouteActionRequestMirrorPolicyPtrOutput { + return o.ToURLMapPathMatcherPathRuleRouteActionRequestMirrorPolicyPtrOutputWithContext(context.Background()) +} + +func (o URLMapPathMatcherPathRuleRouteActionRequestMirrorPolicyOutput) ToURLMapPathMatcherPathRuleRouteActionRequestMirrorPolicyPtrOutputWithContext(ctx context.Context) URLMapPathMatcherPathRuleRouteActionRequestMirrorPolicyPtrOutput { + return o.ApplyTWithContext(ctx, func(_ context.Context, v URLMapPathMatcherPathRuleRouteActionRequestMirrorPolicy) *URLMapPathMatcherPathRuleRouteActionRequestMirrorPolicy { + return &v + }).(URLMapPathMatcherPathRuleRouteActionRequestMirrorPolicyPtrOutput) +} + +// The full or partial URL to the BackendService resource being mirrored to. +func (o URLMapPathMatcherPathRuleRouteActionRequestMirrorPolicyOutput) BackendService() pulumi.StringOutput { + return o.ApplyT(func(v URLMapPathMatcherPathRuleRouteActionRequestMirrorPolicy) string { return v.BackendService }).(pulumi.StringOutput) +} + +type URLMapPathMatcherPathRuleRouteActionRequestMirrorPolicyPtrOutput struct{ *pulumi.OutputState } + +func (URLMapPathMatcherPathRuleRouteActionRequestMirrorPolicyPtrOutput) ElementType() reflect.Type { + return reflect.TypeOf((**URLMapPathMatcherPathRuleRouteActionRequestMirrorPolicy)(nil)).Elem() +} + +func (o URLMapPathMatcherPathRuleRouteActionRequestMirrorPolicyPtrOutput) ToURLMapPathMatcherPathRuleRouteActionRequestMirrorPolicyPtrOutput() URLMapPathMatcherPathRuleRouteActionRequestMirrorPolicyPtrOutput { + return o +} + +func (o URLMapPathMatcherPathRuleRouteActionRequestMirrorPolicyPtrOutput) ToURLMapPathMatcherPathRuleRouteActionRequestMirrorPolicyPtrOutputWithContext(ctx context.Context) URLMapPathMatcherPathRuleRouteActionRequestMirrorPolicyPtrOutput { + return o +} + +func (o URLMapPathMatcherPathRuleRouteActionRequestMirrorPolicyPtrOutput) Elem() URLMapPathMatcherPathRuleRouteActionRequestMirrorPolicyOutput { + return o.ApplyT(func(v *URLMapPathMatcherPathRuleRouteActionRequestMirrorPolicy) URLMapPathMatcherPathRuleRouteActionRequestMirrorPolicy { + if v != nil { + return *v + } + var ret URLMapPathMatcherPathRuleRouteActionRequestMirrorPolicy + return ret + }).(URLMapPathMatcherPathRuleRouteActionRequestMirrorPolicyOutput) +} + +// The full or partial URL to the BackendService resource being mirrored to. +func (o URLMapPathMatcherPathRuleRouteActionRequestMirrorPolicyPtrOutput) BackendService() pulumi.StringPtrOutput { + return o.ApplyT(func(v *URLMapPathMatcherPathRuleRouteActionRequestMirrorPolicy) *string { + if v == nil { + return nil + } + return &v.BackendService + }).(pulumi.StringPtrOutput) +} + +type URLMapPathMatcherPathRuleRouteActionRetryPolicy struct { + // Specifies the allowed number retries. This number must be > 0. If not specified, defaults to 1. + NumRetries *int `pulumi:"numRetries"` + // Specifies a non-zero timeout per retry attempt. + // If not specified, will use the timeout set in HttpRouteAction. If timeout in HttpRouteAction is not set, + // will use the largest timeout among all backend services associated with the route. + // Structure is documented below. + PerTryTimeout *URLMapPathMatcherPathRuleRouteActionRetryPolicyPerTryTimeout `pulumi:"perTryTimeout"` + // Specfies one or more conditions when this retry rule applies. Valid values are: + // * 5xx: Loadbalancer will attempt a retry if the backend service responds with any 5xx response code, + // or if the backend service does not respond at all, example: disconnects, reset, read timeout, + // * connection failure, and refused streams. + // * gateway-error: Similar to 5xx, but only applies to response codes 502, 503 or 504. + // * connect-failure: Loadbalancer will retry on failures connecting to backend services, + // for example due to connection timeouts. + // * retriable-4xx: Loadbalancer will retry for retriable 4xx response codes. + // Currently the only retriable error supported is 409. + // * refused-stream:Loadbalancer will retry if the backend service resets the stream with a REFUSED_STREAM error code. + // This reset type indicates that it is safe to retry. + // * cancelled: Loadbalancer will retry if the gRPC status code in the response header is set to cancelled + // * deadline-exceeded: Loadbalancer will retry if the gRPC status code in the response header is set to deadline-exceeded + // * resource-exhausted: Loadbalancer will retry if the gRPC status code in the response header is set to resource-exhausted + // * unavailable: Loadbalancer will retry if the gRPC status code in the response header is set to unavailable + RetryConditions []string `pulumi:"retryConditions"` +} + +// URLMapPathMatcherPathRuleRouteActionRetryPolicyInput is an input type that accepts URLMapPathMatcherPathRuleRouteActionRetryPolicyArgs and URLMapPathMatcherPathRuleRouteActionRetryPolicyOutput values. +// You can construct a concrete instance of `URLMapPathMatcherPathRuleRouteActionRetryPolicyInput` via: +// +// URLMapPathMatcherPathRuleRouteActionRetryPolicyArgs{...} +type URLMapPathMatcherPathRuleRouteActionRetryPolicyInput interface { + pulumi.Input + + ToURLMapPathMatcherPathRuleRouteActionRetryPolicyOutput() URLMapPathMatcherPathRuleRouteActionRetryPolicyOutput + ToURLMapPathMatcherPathRuleRouteActionRetryPolicyOutputWithContext(context.Context) URLMapPathMatcherPathRuleRouteActionRetryPolicyOutput +} + +type URLMapPathMatcherPathRuleRouteActionRetryPolicyArgs struct { + // Specifies the allowed number retries. This number must be > 0. If not specified, defaults to 1. + NumRetries pulumi.IntPtrInput `pulumi:"numRetries"` + // Specifies a non-zero timeout per retry attempt. + // If not specified, will use the timeout set in HttpRouteAction. If timeout in HttpRouteAction is not set, + // will use the largest timeout among all backend services associated with the route. + // Structure is documented below. + PerTryTimeout URLMapPathMatcherPathRuleRouteActionRetryPolicyPerTryTimeoutPtrInput `pulumi:"perTryTimeout"` + // Specfies one or more conditions when this retry rule applies. Valid values are: + // * 5xx: Loadbalancer will attempt a retry if the backend service responds with any 5xx response code, + // or if the backend service does not respond at all, example: disconnects, reset, read timeout, + // * connection failure, and refused streams. + // * gateway-error: Similar to 5xx, but only applies to response codes 502, 503 or 504. + // * connect-failure: Loadbalancer will retry on failures connecting to backend services, + // for example due to connection timeouts. + // * retriable-4xx: Loadbalancer will retry for retriable 4xx response codes. + // Currently the only retriable error supported is 409. + // * refused-stream:Loadbalancer will retry if the backend service resets the stream with a REFUSED_STREAM error code. + // This reset type indicates that it is safe to retry. + // * cancelled: Loadbalancer will retry if the gRPC status code in the response header is set to cancelled + // * deadline-exceeded: Loadbalancer will retry if the gRPC status code in the response header is set to deadline-exceeded + // * resource-exhausted: Loadbalancer will retry if the gRPC status code in the response header is set to resource-exhausted + // * unavailable: Loadbalancer will retry if the gRPC status code in the response header is set to unavailable + RetryConditions pulumi.StringArrayInput `pulumi:"retryConditions"` +} + +func (URLMapPathMatcherPathRuleRouteActionRetryPolicyArgs) ElementType() reflect.Type { + return reflect.TypeOf((*URLMapPathMatcherPathRuleRouteActionRetryPolicy)(nil)).Elem() +} + +func (i URLMapPathMatcherPathRuleRouteActionRetryPolicyArgs) ToURLMapPathMatcherPathRuleRouteActionRetryPolicyOutput() URLMapPathMatcherPathRuleRouteActionRetryPolicyOutput { + return i.ToURLMapPathMatcherPathRuleRouteActionRetryPolicyOutputWithContext(context.Background()) +} + +func (i URLMapPathMatcherPathRuleRouteActionRetryPolicyArgs) ToURLMapPathMatcherPathRuleRouteActionRetryPolicyOutputWithContext(ctx context.Context) URLMapPathMatcherPathRuleRouteActionRetryPolicyOutput { + return pulumi.ToOutputWithContext(ctx, i).(URLMapPathMatcherPathRuleRouteActionRetryPolicyOutput) +} + +func (i URLMapPathMatcherPathRuleRouteActionRetryPolicyArgs) ToURLMapPathMatcherPathRuleRouteActionRetryPolicyPtrOutput() URLMapPathMatcherPathRuleRouteActionRetryPolicyPtrOutput { + return i.ToURLMapPathMatcherPathRuleRouteActionRetryPolicyPtrOutputWithContext(context.Background()) +} + +func (i URLMapPathMatcherPathRuleRouteActionRetryPolicyArgs) ToURLMapPathMatcherPathRuleRouteActionRetryPolicyPtrOutputWithContext(ctx context.Context) URLMapPathMatcherPathRuleRouteActionRetryPolicyPtrOutput { + return pulumi.ToOutputWithContext(ctx, i).(URLMapPathMatcherPathRuleRouteActionRetryPolicyOutput).ToURLMapPathMatcherPathRuleRouteActionRetryPolicyPtrOutputWithContext(ctx) +} + +// URLMapPathMatcherPathRuleRouteActionRetryPolicyPtrInput is an input type that accepts URLMapPathMatcherPathRuleRouteActionRetryPolicyArgs, URLMapPathMatcherPathRuleRouteActionRetryPolicyPtr and URLMapPathMatcherPathRuleRouteActionRetryPolicyPtrOutput values. +// You can construct a concrete instance of `URLMapPathMatcherPathRuleRouteActionRetryPolicyPtrInput` via: +// +// URLMapPathMatcherPathRuleRouteActionRetryPolicyArgs{...} +// +// or: +// +// nil +type URLMapPathMatcherPathRuleRouteActionRetryPolicyPtrInput interface { + pulumi.Input + + ToURLMapPathMatcherPathRuleRouteActionRetryPolicyPtrOutput() URLMapPathMatcherPathRuleRouteActionRetryPolicyPtrOutput + ToURLMapPathMatcherPathRuleRouteActionRetryPolicyPtrOutputWithContext(context.Context) URLMapPathMatcherPathRuleRouteActionRetryPolicyPtrOutput +} + +type urlmapPathMatcherPathRuleRouteActionRetryPolicyPtrType URLMapPathMatcherPathRuleRouteActionRetryPolicyArgs + +func URLMapPathMatcherPathRuleRouteActionRetryPolicyPtr(v *URLMapPathMatcherPathRuleRouteActionRetryPolicyArgs) URLMapPathMatcherPathRuleRouteActionRetryPolicyPtrInput { + return (*urlmapPathMatcherPathRuleRouteActionRetryPolicyPtrType)(v) +} + +func (*urlmapPathMatcherPathRuleRouteActionRetryPolicyPtrType) ElementType() reflect.Type { + return reflect.TypeOf((**URLMapPathMatcherPathRuleRouteActionRetryPolicy)(nil)).Elem() +} + +func (i *urlmapPathMatcherPathRuleRouteActionRetryPolicyPtrType) ToURLMapPathMatcherPathRuleRouteActionRetryPolicyPtrOutput() URLMapPathMatcherPathRuleRouteActionRetryPolicyPtrOutput { + return i.ToURLMapPathMatcherPathRuleRouteActionRetryPolicyPtrOutputWithContext(context.Background()) +} + +func (i *urlmapPathMatcherPathRuleRouteActionRetryPolicyPtrType) ToURLMapPathMatcherPathRuleRouteActionRetryPolicyPtrOutputWithContext(ctx context.Context) URLMapPathMatcherPathRuleRouteActionRetryPolicyPtrOutput { + return pulumi.ToOutputWithContext(ctx, i).(URLMapPathMatcherPathRuleRouteActionRetryPolicyPtrOutput) +} + +type URLMapPathMatcherPathRuleRouteActionRetryPolicyOutput struct{ *pulumi.OutputState } + +func (URLMapPathMatcherPathRuleRouteActionRetryPolicyOutput) ElementType() reflect.Type { + return reflect.TypeOf((*URLMapPathMatcherPathRuleRouteActionRetryPolicy)(nil)).Elem() +} + +func (o URLMapPathMatcherPathRuleRouteActionRetryPolicyOutput) ToURLMapPathMatcherPathRuleRouteActionRetryPolicyOutput() URLMapPathMatcherPathRuleRouteActionRetryPolicyOutput { + return o +} + +func (o URLMapPathMatcherPathRuleRouteActionRetryPolicyOutput) ToURLMapPathMatcherPathRuleRouteActionRetryPolicyOutputWithContext(ctx context.Context) URLMapPathMatcherPathRuleRouteActionRetryPolicyOutput { + return o +} + +func (o URLMapPathMatcherPathRuleRouteActionRetryPolicyOutput) ToURLMapPathMatcherPathRuleRouteActionRetryPolicyPtrOutput() URLMapPathMatcherPathRuleRouteActionRetryPolicyPtrOutput { + return o.ToURLMapPathMatcherPathRuleRouteActionRetryPolicyPtrOutputWithContext(context.Background()) +} + +func (o URLMapPathMatcherPathRuleRouteActionRetryPolicyOutput) ToURLMapPathMatcherPathRuleRouteActionRetryPolicyPtrOutputWithContext(ctx context.Context) URLMapPathMatcherPathRuleRouteActionRetryPolicyPtrOutput { + return o.ApplyTWithContext(ctx, func(_ context.Context, v URLMapPathMatcherPathRuleRouteActionRetryPolicy) *URLMapPathMatcherPathRuleRouteActionRetryPolicy { + return &v + }).(URLMapPathMatcherPathRuleRouteActionRetryPolicyPtrOutput) +} + +// Specifies the allowed number retries. This number must be > 0. If not specified, defaults to 1. +func (o URLMapPathMatcherPathRuleRouteActionRetryPolicyOutput) NumRetries() pulumi.IntPtrOutput { + return o.ApplyT(func(v URLMapPathMatcherPathRuleRouteActionRetryPolicy) *int { return v.NumRetries }).(pulumi.IntPtrOutput) +} + +// Specifies a non-zero timeout per retry attempt. +// If not specified, will use the timeout set in HttpRouteAction. If timeout in HttpRouteAction is not set, +// will use the largest timeout among all backend services associated with the route. +// Structure is documented below. +func (o URLMapPathMatcherPathRuleRouteActionRetryPolicyOutput) PerTryTimeout() URLMapPathMatcherPathRuleRouteActionRetryPolicyPerTryTimeoutPtrOutput { + return o.ApplyT(func(v URLMapPathMatcherPathRuleRouteActionRetryPolicy) *URLMapPathMatcherPathRuleRouteActionRetryPolicyPerTryTimeout { + return v.PerTryTimeout + }).(URLMapPathMatcherPathRuleRouteActionRetryPolicyPerTryTimeoutPtrOutput) +} + +// Specfies one or more conditions when this retry rule applies. Valid values are: +// - 5xx: Loadbalancer will attempt a retry if the backend service responds with any 5xx response code, +// or if the backend service does not respond at all, example: disconnects, reset, read timeout, +// - connection failure, and refused streams. +// - gateway-error: Similar to 5xx, but only applies to response codes 502, 503 or 504. +// - connect-failure: Loadbalancer will retry on failures connecting to backend services, +// for example due to connection timeouts. +// - retriable-4xx: Loadbalancer will retry for retriable 4xx response codes. +// Currently the only retriable error supported is 409. +// - refused-stream:Loadbalancer will retry if the backend service resets the stream with a REFUSED_STREAM error code. +// This reset type indicates that it is safe to retry. +// - cancelled: Loadbalancer will retry if the gRPC status code in the response header is set to cancelled +// - deadline-exceeded: Loadbalancer will retry if the gRPC status code in the response header is set to deadline-exceeded +// - resource-exhausted: Loadbalancer will retry if the gRPC status code in the response header is set to resource-exhausted +// - unavailable: Loadbalancer will retry if the gRPC status code in the response header is set to unavailable +func (o URLMapPathMatcherPathRuleRouteActionRetryPolicyOutput) RetryConditions() pulumi.StringArrayOutput { + return o.ApplyT(func(v URLMapPathMatcherPathRuleRouteActionRetryPolicy) []string { return v.RetryConditions }).(pulumi.StringArrayOutput) +} + +type URLMapPathMatcherPathRuleRouteActionRetryPolicyPtrOutput struct{ *pulumi.OutputState } + +func (URLMapPathMatcherPathRuleRouteActionRetryPolicyPtrOutput) ElementType() reflect.Type { + return reflect.TypeOf((**URLMapPathMatcherPathRuleRouteActionRetryPolicy)(nil)).Elem() +} + +func (o URLMapPathMatcherPathRuleRouteActionRetryPolicyPtrOutput) ToURLMapPathMatcherPathRuleRouteActionRetryPolicyPtrOutput() URLMapPathMatcherPathRuleRouteActionRetryPolicyPtrOutput { + return o +} + +func (o URLMapPathMatcherPathRuleRouteActionRetryPolicyPtrOutput) ToURLMapPathMatcherPathRuleRouteActionRetryPolicyPtrOutputWithContext(ctx context.Context) URLMapPathMatcherPathRuleRouteActionRetryPolicyPtrOutput { + return o +} + +func (o URLMapPathMatcherPathRuleRouteActionRetryPolicyPtrOutput) Elem() URLMapPathMatcherPathRuleRouteActionRetryPolicyOutput { + return o.ApplyT(func(v *URLMapPathMatcherPathRuleRouteActionRetryPolicy) URLMapPathMatcherPathRuleRouteActionRetryPolicy { + if v != nil { + return *v + } + var ret URLMapPathMatcherPathRuleRouteActionRetryPolicy + return ret + }).(URLMapPathMatcherPathRuleRouteActionRetryPolicyOutput) +} + +// Specifies the allowed number retries. This number must be > 0. If not specified, defaults to 1. +func (o URLMapPathMatcherPathRuleRouteActionRetryPolicyPtrOutput) NumRetries() pulumi.IntPtrOutput { + return o.ApplyT(func(v *URLMapPathMatcherPathRuleRouteActionRetryPolicy) *int { + if v == nil { + return nil + } + return v.NumRetries + }).(pulumi.IntPtrOutput) +} + +// Specifies a non-zero timeout per retry attempt. +// If not specified, will use the timeout set in HttpRouteAction. If timeout in HttpRouteAction is not set, +// will use the largest timeout among all backend services associated with the route. +// Structure is documented below. +func (o URLMapPathMatcherPathRuleRouteActionRetryPolicyPtrOutput) PerTryTimeout() URLMapPathMatcherPathRuleRouteActionRetryPolicyPerTryTimeoutPtrOutput { + return o.ApplyT(func(v *URLMapPathMatcherPathRuleRouteActionRetryPolicy) *URLMapPathMatcherPathRuleRouteActionRetryPolicyPerTryTimeout { + if v == nil { + return nil + } + return v.PerTryTimeout + }).(URLMapPathMatcherPathRuleRouteActionRetryPolicyPerTryTimeoutPtrOutput) +} + +// Specfies one or more conditions when this retry rule applies. Valid values are: +// - 5xx: Loadbalancer will attempt a retry if the backend service responds with any 5xx response code, +// or if the backend service does not respond at all, example: disconnects, reset, read timeout, +// - connection failure, and refused streams. +// - gateway-error: Similar to 5xx, but only applies to response codes 502, 503 or 504. +// - connect-failure: Loadbalancer will retry on failures connecting to backend services, +// for example due to connection timeouts. +// - retriable-4xx: Loadbalancer will retry for retriable 4xx response codes. +// Currently the only retriable error supported is 409. +// - refused-stream:Loadbalancer will retry if the backend service resets the stream with a REFUSED_STREAM error code. +// This reset type indicates that it is safe to retry. +// - cancelled: Loadbalancer will retry if the gRPC status code in the response header is set to cancelled +// - deadline-exceeded: Loadbalancer will retry if the gRPC status code in the response header is set to deadline-exceeded +// - resource-exhausted: Loadbalancer will retry if the gRPC status code in the response header is set to resource-exhausted +// - unavailable: Loadbalancer will retry if the gRPC status code in the response header is set to unavailable +func (o URLMapPathMatcherPathRuleRouteActionRetryPolicyPtrOutput) RetryConditions() pulumi.StringArrayOutput { + return o.ApplyT(func(v *URLMapPathMatcherPathRuleRouteActionRetryPolicy) []string { + if v == nil { + return nil + } + return v.RetryConditions + }).(pulumi.StringArrayOutput) +} + +type URLMapPathMatcherPathRuleRouteActionRetryPolicyPerTryTimeout struct { + // Span of time that's a fraction of a second at nanosecond resolution. Durations less than one second are + // represented with a 0 seconds field and a positive nanos field. Must be from 0 to 999,999,999 inclusive. + Nanos *int `pulumi:"nanos"` + // Span of time at a resolution of a second. Must be from 0 to 315,576,000,000 inclusive. + // Note: these bounds are computed from: 60 sec/min * 60 min/hr * 24 hr/day * 365.25 days/year * 10000 years + Seconds string `pulumi:"seconds"` +} + +// URLMapPathMatcherPathRuleRouteActionRetryPolicyPerTryTimeoutInput is an input type that accepts URLMapPathMatcherPathRuleRouteActionRetryPolicyPerTryTimeoutArgs and URLMapPathMatcherPathRuleRouteActionRetryPolicyPerTryTimeoutOutput values. +// You can construct a concrete instance of `URLMapPathMatcherPathRuleRouteActionRetryPolicyPerTryTimeoutInput` via: +// +// URLMapPathMatcherPathRuleRouteActionRetryPolicyPerTryTimeoutArgs{...} +type URLMapPathMatcherPathRuleRouteActionRetryPolicyPerTryTimeoutInput interface { + pulumi.Input + + ToURLMapPathMatcherPathRuleRouteActionRetryPolicyPerTryTimeoutOutput() URLMapPathMatcherPathRuleRouteActionRetryPolicyPerTryTimeoutOutput + ToURLMapPathMatcherPathRuleRouteActionRetryPolicyPerTryTimeoutOutputWithContext(context.Context) URLMapPathMatcherPathRuleRouteActionRetryPolicyPerTryTimeoutOutput +} + +type URLMapPathMatcherPathRuleRouteActionRetryPolicyPerTryTimeoutArgs struct { + // Span of time that's a fraction of a second at nanosecond resolution. Durations less than one second are + // represented with a 0 seconds field and a positive nanos field. Must be from 0 to 999,999,999 inclusive. + Nanos pulumi.IntPtrInput `pulumi:"nanos"` + // Span of time at a resolution of a second. Must be from 0 to 315,576,000,000 inclusive. + // Note: these bounds are computed from: 60 sec/min * 60 min/hr * 24 hr/day * 365.25 days/year * 10000 years + Seconds pulumi.StringInput `pulumi:"seconds"` +} + +func (URLMapPathMatcherPathRuleRouteActionRetryPolicyPerTryTimeoutArgs) ElementType() reflect.Type { + return reflect.TypeOf((*URLMapPathMatcherPathRuleRouteActionRetryPolicyPerTryTimeout)(nil)).Elem() +} + +func (i URLMapPathMatcherPathRuleRouteActionRetryPolicyPerTryTimeoutArgs) ToURLMapPathMatcherPathRuleRouteActionRetryPolicyPerTryTimeoutOutput() URLMapPathMatcherPathRuleRouteActionRetryPolicyPerTryTimeoutOutput { + return i.ToURLMapPathMatcherPathRuleRouteActionRetryPolicyPerTryTimeoutOutputWithContext(context.Background()) +} + +func (i URLMapPathMatcherPathRuleRouteActionRetryPolicyPerTryTimeoutArgs) ToURLMapPathMatcherPathRuleRouteActionRetryPolicyPerTryTimeoutOutputWithContext(ctx context.Context) URLMapPathMatcherPathRuleRouteActionRetryPolicyPerTryTimeoutOutput { + return pulumi.ToOutputWithContext(ctx, i).(URLMapPathMatcherPathRuleRouteActionRetryPolicyPerTryTimeoutOutput) +} + +func (i URLMapPathMatcherPathRuleRouteActionRetryPolicyPerTryTimeoutArgs) ToURLMapPathMatcherPathRuleRouteActionRetryPolicyPerTryTimeoutPtrOutput() URLMapPathMatcherPathRuleRouteActionRetryPolicyPerTryTimeoutPtrOutput { + return i.ToURLMapPathMatcherPathRuleRouteActionRetryPolicyPerTryTimeoutPtrOutputWithContext(context.Background()) +} + +func (i URLMapPathMatcherPathRuleRouteActionRetryPolicyPerTryTimeoutArgs) ToURLMapPathMatcherPathRuleRouteActionRetryPolicyPerTryTimeoutPtrOutputWithContext(ctx context.Context) URLMapPathMatcherPathRuleRouteActionRetryPolicyPerTryTimeoutPtrOutput { + return pulumi.ToOutputWithContext(ctx, i).(URLMapPathMatcherPathRuleRouteActionRetryPolicyPerTryTimeoutOutput).ToURLMapPathMatcherPathRuleRouteActionRetryPolicyPerTryTimeoutPtrOutputWithContext(ctx) +} + +// URLMapPathMatcherPathRuleRouteActionRetryPolicyPerTryTimeoutPtrInput is an input type that accepts URLMapPathMatcherPathRuleRouteActionRetryPolicyPerTryTimeoutArgs, URLMapPathMatcherPathRuleRouteActionRetryPolicyPerTryTimeoutPtr and URLMapPathMatcherPathRuleRouteActionRetryPolicyPerTryTimeoutPtrOutput values. +// You can construct a concrete instance of `URLMapPathMatcherPathRuleRouteActionRetryPolicyPerTryTimeoutPtrInput` via: +// +// URLMapPathMatcherPathRuleRouteActionRetryPolicyPerTryTimeoutArgs{...} +// +// or: +// +// nil +type URLMapPathMatcherPathRuleRouteActionRetryPolicyPerTryTimeoutPtrInput interface { + pulumi.Input + + ToURLMapPathMatcherPathRuleRouteActionRetryPolicyPerTryTimeoutPtrOutput() URLMapPathMatcherPathRuleRouteActionRetryPolicyPerTryTimeoutPtrOutput + ToURLMapPathMatcherPathRuleRouteActionRetryPolicyPerTryTimeoutPtrOutputWithContext(context.Context) URLMapPathMatcherPathRuleRouteActionRetryPolicyPerTryTimeoutPtrOutput +} + +type urlmapPathMatcherPathRuleRouteActionRetryPolicyPerTryTimeoutPtrType URLMapPathMatcherPathRuleRouteActionRetryPolicyPerTryTimeoutArgs + +func URLMapPathMatcherPathRuleRouteActionRetryPolicyPerTryTimeoutPtr(v *URLMapPathMatcherPathRuleRouteActionRetryPolicyPerTryTimeoutArgs) URLMapPathMatcherPathRuleRouteActionRetryPolicyPerTryTimeoutPtrInput { + return (*urlmapPathMatcherPathRuleRouteActionRetryPolicyPerTryTimeoutPtrType)(v) +} + +func (*urlmapPathMatcherPathRuleRouteActionRetryPolicyPerTryTimeoutPtrType) ElementType() reflect.Type { + return reflect.TypeOf((**URLMapPathMatcherPathRuleRouteActionRetryPolicyPerTryTimeout)(nil)).Elem() +} + +func (i *urlmapPathMatcherPathRuleRouteActionRetryPolicyPerTryTimeoutPtrType) ToURLMapPathMatcherPathRuleRouteActionRetryPolicyPerTryTimeoutPtrOutput() URLMapPathMatcherPathRuleRouteActionRetryPolicyPerTryTimeoutPtrOutput { + return i.ToURLMapPathMatcherPathRuleRouteActionRetryPolicyPerTryTimeoutPtrOutputWithContext(context.Background()) +} + +func (i *urlmapPathMatcherPathRuleRouteActionRetryPolicyPerTryTimeoutPtrType) ToURLMapPathMatcherPathRuleRouteActionRetryPolicyPerTryTimeoutPtrOutputWithContext(ctx context.Context) URLMapPathMatcherPathRuleRouteActionRetryPolicyPerTryTimeoutPtrOutput { + return pulumi.ToOutputWithContext(ctx, i).(URLMapPathMatcherPathRuleRouteActionRetryPolicyPerTryTimeoutPtrOutput) +} + +type URLMapPathMatcherPathRuleRouteActionRetryPolicyPerTryTimeoutOutput struct{ *pulumi.OutputState } + +func (URLMapPathMatcherPathRuleRouteActionRetryPolicyPerTryTimeoutOutput) ElementType() reflect.Type { + return reflect.TypeOf((*URLMapPathMatcherPathRuleRouteActionRetryPolicyPerTryTimeout)(nil)).Elem() +} + +func (o URLMapPathMatcherPathRuleRouteActionRetryPolicyPerTryTimeoutOutput) ToURLMapPathMatcherPathRuleRouteActionRetryPolicyPerTryTimeoutOutput() URLMapPathMatcherPathRuleRouteActionRetryPolicyPerTryTimeoutOutput { + return o +} + +func (o URLMapPathMatcherPathRuleRouteActionRetryPolicyPerTryTimeoutOutput) ToURLMapPathMatcherPathRuleRouteActionRetryPolicyPerTryTimeoutOutputWithContext(ctx context.Context) URLMapPathMatcherPathRuleRouteActionRetryPolicyPerTryTimeoutOutput { + return o +} + +func (o URLMapPathMatcherPathRuleRouteActionRetryPolicyPerTryTimeoutOutput) ToURLMapPathMatcherPathRuleRouteActionRetryPolicyPerTryTimeoutPtrOutput() URLMapPathMatcherPathRuleRouteActionRetryPolicyPerTryTimeoutPtrOutput { + return o.ToURLMapPathMatcherPathRuleRouteActionRetryPolicyPerTryTimeoutPtrOutputWithContext(context.Background()) +} + +func (o URLMapPathMatcherPathRuleRouteActionRetryPolicyPerTryTimeoutOutput) ToURLMapPathMatcherPathRuleRouteActionRetryPolicyPerTryTimeoutPtrOutputWithContext(ctx context.Context) URLMapPathMatcherPathRuleRouteActionRetryPolicyPerTryTimeoutPtrOutput { + return o.ApplyTWithContext(ctx, func(_ context.Context, v URLMapPathMatcherPathRuleRouteActionRetryPolicyPerTryTimeout) *URLMapPathMatcherPathRuleRouteActionRetryPolicyPerTryTimeout { + return &v + }).(URLMapPathMatcherPathRuleRouteActionRetryPolicyPerTryTimeoutPtrOutput) +} + +// Span of time that's a fraction of a second at nanosecond resolution. Durations less than one second are +// represented with a 0 seconds field and a positive nanos field. Must be from 0 to 999,999,999 inclusive. +func (o URLMapPathMatcherPathRuleRouteActionRetryPolicyPerTryTimeoutOutput) Nanos() pulumi.IntPtrOutput { + return o.ApplyT(func(v URLMapPathMatcherPathRuleRouteActionRetryPolicyPerTryTimeout) *int { return v.Nanos }).(pulumi.IntPtrOutput) +} + +// Span of time at a resolution of a second. Must be from 0 to 315,576,000,000 inclusive. +// Note: these bounds are computed from: 60 sec/min * 60 min/hr * 24 hr/day * 365.25 days/year * 10000 years +func (o URLMapPathMatcherPathRuleRouteActionRetryPolicyPerTryTimeoutOutput) Seconds() pulumi.StringOutput { + return o.ApplyT(func(v URLMapPathMatcherPathRuleRouteActionRetryPolicyPerTryTimeout) string { return v.Seconds }).(pulumi.StringOutput) +} + +type URLMapPathMatcherPathRuleRouteActionRetryPolicyPerTryTimeoutPtrOutput struct{ *pulumi.OutputState } + +func (URLMapPathMatcherPathRuleRouteActionRetryPolicyPerTryTimeoutPtrOutput) ElementType() reflect.Type { + return reflect.TypeOf((**URLMapPathMatcherPathRuleRouteActionRetryPolicyPerTryTimeout)(nil)).Elem() +} + +func (o URLMapPathMatcherPathRuleRouteActionRetryPolicyPerTryTimeoutPtrOutput) ToURLMapPathMatcherPathRuleRouteActionRetryPolicyPerTryTimeoutPtrOutput() URLMapPathMatcherPathRuleRouteActionRetryPolicyPerTryTimeoutPtrOutput { + return o +} + +func (o URLMapPathMatcherPathRuleRouteActionRetryPolicyPerTryTimeoutPtrOutput) ToURLMapPathMatcherPathRuleRouteActionRetryPolicyPerTryTimeoutPtrOutputWithContext(ctx context.Context) URLMapPathMatcherPathRuleRouteActionRetryPolicyPerTryTimeoutPtrOutput { + return o +} + +func (o URLMapPathMatcherPathRuleRouteActionRetryPolicyPerTryTimeoutPtrOutput) Elem() URLMapPathMatcherPathRuleRouteActionRetryPolicyPerTryTimeoutOutput { + return o.ApplyT(func(v *URLMapPathMatcherPathRuleRouteActionRetryPolicyPerTryTimeout) URLMapPathMatcherPathRuleRouteActionRetryPolicyPerTryTimeout { + if v != nil { + return *v + } + var ret URLMapPathMatcherPathRuleRouteActionRetryPolicyPerTryTimeout + return ret + }).(URLMapPathMatcherPathRuleRouteActionRetryPolicyPerTryTimeoutOutput) +} + +// Span of time that's a fraction of a second at nanosecond resolution. Durations less than one second are +// represented with a 0 seconds field and a positive nanos field. Must be from 0 to 999,999,999 inclusive. +func (o URLMapPathMatcherPathRuleRouteActionRetryPolicyPerTryTimeoutPtrOutput) Nanos() pulumi.IntPtrOutput { + return o.ApplyT(func(v *URLMapPathMatcherPathRuleRouteActionRetryPolicyPerTryTimeout) *int { + if v == nil { + return nil + } + return v.Nanos + }).(pulumi.IntPtrOutput) +} + +// Span of time at a resolution of a second. Must be from 0 to 315,576,000,000 inclusive. +// Note: these bounds are computed from: 60 sec/min * 60 min/hr * 24 hr/day * 365.25 days/year * 10000 years +func (o URLMapPathMatcherPathRuleRouteActionRetryPolicyPerTryTimeoutPtrOutput) Seconds() pulumi.StringPtrOutput { + return o.ApplyT(func(v *URLMapPathMatcherPathRuleRouteActionRetryPolicyPerTryTimeout) *string { + if v == nil { + return nil + } + return &v.Seconds + }).(pulumi.StringPtrOutput) +} + +type URLMapPathMatcherPathRuleRouteActionTimeout struct { + // Span of time that's a fraction of a second at nanosecond resolution. Durations less than one second are represented + // with a 0 seconds field and a positive nanos field. Must be from 0 to 999,999,999 inclusive. + Nanos *int `pulumi:"nanos"` + // Span of time at a resolution of a second. Must be from 0 to 315,576,000,000 inclusive. + // Note: these bounds are computed from: 60 sec/min * 60 min/hr * 24 hr/day * 365.25 days/year * 10000 years + Seconds string `pulumi:"seconds"` +} + +// URLMapPathMatcherPathRuleRouteActionTimeoutInput is an input type that accepts URLMapPathMatcherPathRuleRouteActionTimeoutArgs and URLMapPathMatcherPathRuleRouteActionTimeoutOutput values. +// You can construct a concrete instance of `URLMapPathMatcherPathRuleRouteActionTimeoutInput` via: +// +// URLMapPathMatcherPathRuleRouteActionTimeoutArgs{...} +type URLMapPathMatcherPathRuleRouteActionTimeoutInput interface { + pulumi.Input + + ToURLMapPathMatcherPathRuleRouteActionTimeoutOutput() URLMapPathMatcherPathRuleRouteActionTimeoutOutput + ToURLMapPathMatcherPathRuleRouteActionTimeoutOutputWithContext(context.Context) URLMapPathMatcherPathRuleRouteActionTimeoutOutput +} + +type URLMapPathMatcherPathRuleRouteActionTimeoutArgs struct { + // Span of time that's a fraction of a second at nanosecond resolution. Durations less than one second are represented + // with a 0 seconds field and a positive nanos field. Must be from 0 to 999,999,999 inclusive. + Nanos pulumi.IntPtrInput `pulumi:"nanos"` + // Span of time at a resolution of a second. Must be from 0 to 315,576,000,000 inclusive. + // Note: these bounds are computed from: 60 sec/min * 60 min/hr * 24 hr/day * 365.25 days/year * 10000 years + Seconds pulumi.StringInput `pulumi:"seconds"` +} + +func (URLMapPathMatcherPathRuleRouteActionTimeoutArgs) ElementType() reflect.Type { + return reflect.TypeOf((*URLMapPathMatcherPathRuleRouteActionTimeout)(nil)).Elem() +} + +func (i URLMapPathMatcherPathRuleRouteActionTimeoutArgs) ToURLMapPathMatcherPathRuleRouteActionTimeoutOutput() URLMapPathMatcherPathRuleRouteActionTimeoutOutput { + return i.ToURLMapPathMatcherPathRuleRouteActionTimeoutOutputWithContext(context.Background()) +} + +func (i URLMapPathMatcherPathRuleRouteActionTimeoutArgs) ToURLMapPathMatcherPathRuleRouteActionTimeoutOutputWithContext(ctx context.Context) URLMapPathMatcherPathRuleRouteActionTimeoutOutput { + return pulumi.ToOutputWithContext(ctx, i).(URLMapPathMatcherPathRuleRouteActionTimeoutOutput) +} + +func (i URLMapPathMatcherPathRuleRouteActionTimeoutArgs) ToURLMapPathMatcherPathRuleRouteActionTimeoutPtrOutput() URLMapPathMatcherPathRuleRouteActionTimeoutPtrOutput { + return i.ToURLMapPathMatcherPathRuleRouteActionTimeoutPtrOutputWithContext(context.Background()) +} + +func (i URLMapPathMatcherPathRuleRouteActionTimeoutArgs) ToURLMapPathMatcherPathRuleRouteActionTimeoutPtrOutputWithContext(ctx context.Context) URLMapPathMatcherPathRuleRouteActionTimeoutPtrOutput { + return pulumi.ToOutputWithContext(ctx, i).(URLMapPathMatcherPathRuleRouteActionTimeoutOutput).ToURLMapPathMatcherPathRuleRouteActionTimeoutPtrOutputWithContext(ctx) +} + +// URLMapPathMatcherPathRuleRouteActionTimeoutPtrInput is an input type that accepts URLMapPathMatcherPathRuleRouteActionTimeoutArgs, URLMapPathMatcherPathRuleRouteActionTimeoutPtr and URLMapPathMatcherPathRuleRouteActionTimeoutPtrOutput values. +// You can construct a concrete instance of `URLMapPathMatcherPathRuleRouteActionTimeoutPtrInput` via: +// +// URLMapPathMatcherPathRuleRouteActionTimeoutArgs{...} +// +// or: +// +// nil +type URLMapPathMatcherPathRuleRouteActionTimeoutPtrInput interface { + pulumi.Input + + ToURLMapPathMatcherPathRuleRouteActionTimeoutPtrOutput() URLMapPathMatcherPathRuleRouteActionTimeoutPtrOutput + ToURLMapPathMatcherPathRuleRouteActionTimeoutPtrOutputWithContext(context.Context) URLMapPathMatcherPathRuleRouteActionTimeoutPtrOutput +} + +type urlmapPathMatcherPathRuleRouteActionTimeoutPtrType URLMapPathMatcherPathRuleRouteActionTimeoutArgs + +func URLMapPathMatcherPathRuleRouteActionTimeoutPtr(v *URLMapPathMatcherPathRuleRouteActionTimeoutArgs) URLMapPathMatcherPathRuleRouteActionTimeoutPtrInput { + return (*urlmapPathMatcherPathRuleRouteActionTimeoutPtrType)(v) +} + +func (*urlmapPathMatcherPathRuleRouteActionTimeoutPtrType) ElementType() reflect.Type { + return reflect.TypeOf((**URLMapPathMatcherPathRuleRouteActionTimeout)(nil)).Elem() +} + +func (i *urlmapPathMatcherPathRuleRouteActionTimeoutPtrType) ToURLMapPathMatcherPathRuleRouteActionTimeoutPtrOutput() URLMapPathMatcherPathRuleRouteActionTimeoutPtrOutput { + return i.ToURLMapPathMatcherPathRuleRouteActionTimeoutPtrOutputWithContext(context.Background()) +} + +func (i *urlmapPathMatcherPathRuleRouteActionTimeoutPtrType) ToURLMapPathMatcherPathRuleRouteActionTimeoutPtrOutputWithContext(ctx context.Context) URLMapPathMatcherPathRuleRouteActionTimeoutPtrOutput { + return pulumi.ToOutputWithContext(ctx, i).(URLMapPathMatcherPathRuleRouteActionTimeoutPtrOutput) +} + +type URLMapPathMatcherPathRuleRouteActionTimeoutOutput struct{ *pulumi.OutputState } + +func (URLMapPathMatcherPathRuleRouteActionTimeoutOutput) ElementType() reflect.Type { + return reflect.TypeOf((*URLMapPathMatcherPathRuleRouteActionTimeout)(nil)).Elem() +} + +func (o URLMapPathMatcherPathRuleRouteActionTimeoutOutput) ToURLMapPathMatcherPathRuleRouteActionTimeoutOutput() URLMapPathMatcherPathRuleRouteActionTimeoutOutput { + return o +} + +func (o URLMapPathMatcherPathRuleRouteActionTimeoutOutput) ToURLMapPathMatcherPathRuleRouteActionTimeoutOutputWithContext(ctx context.Context) URLMapPathMatcherPathRuleRouteActionTimeoutOutput { + return o +} + +func (o URLMapPathMatcherPathRuleRouteActionTimeoutOutput) ToURLMapPathMatcherPathRuleRouteActionTimeoutPtrOutput() URLMapPathMatcherPathRuleRouteActionTimeoutPtrOutput { + return o.ToURLMapPathMatcherPathRuleRouteActionTimeoutPtrOutputWithContext(context.Background()) +} + +func (o URLMapPathMatcherPathRuleRouteActionTimeoutOutput) ToURLMapPathMatcherPathRuleRouteActionTimeoutPtrOutputWithContext(ctx context.Context) URLMapPathMatcherPathRuleRouteActionTimeoutPtrOutput { + return o.ApplyTWithContext(ctx, func(_ context.Context, v URLMapPathMatcherPathRuleRouteActionTimeout) *URLMapPathMatcherPathRuleRouteActionTimeout { + return &v + }).(URLMapPathMatcherPathRuleRouteActionTimeoutPtrOutput) +} + +// Span of time that's a fraction of a second at nanosecond resolution. Durations less than one second are represented +// with a 0 seconds field and a positive nanos field. Must be from 0 to 999,999,999 inclusive. +func (o URLMapPathMatcherPathRuleRouteActionTimeoutOutput) Nanos() pulumi.IntPtrOutput { + return o.ApplyT(func(v URLMapPathMatcherPathRuleRouteActionTimeout) *int { return v.Nanos }).(pulumi.IntPtrOutput) +} + +// Span of time at a resolution of a second. Must be from 0 to 315,576,000,000 inclusive. +// Note: these bounds are computed from: 60 sec/min * 60 min/hr * 24 hr/day * 365.25 days/year * 10000 years +func (o URLMapPathMatcherPathRuleRouteActionTimeoutOutput) Seconds() pulumi.StringOutput { + return o.ApplyT(func(v URLMapPathMatcherPathRuleRouteActionTimeout) string { return v.Seconds }).(pulumi.StringOutput) +} + +type URLMapPathMatcherPathRuleRouteActionTimeoutPtrOutput struct{ *pulumi.OutputState } + +func (URLMapPathMatcherPathRuleRouteActionTimeoutPtrOutput) ElementType() reflect.Type { + return reflect.TypeOf((**URLMapPathMatcherPathRuleRouteActionTimeout)(nil)).Elem() +} + +func (o URLMapPathMatcherPathRuleRouteActionTimeoutPtrOutput) ToURLMapPathMatcherPathRuleRouteActionTimeoutPtrOutput() URLMapPathMatcherPathRuleRouteActionTimeoutPtrOutput { + return o +} + +func (o URLMapPathMatcherPathRuleRouteActionTimeoutPtrOutput) ToURLMapPathMatcherPathRuleRouteActionTimeoutPtrOutputWithContext(ctx context.Context) URLMapPathMatcherPathRuleRouteActionTimeoutPtrOutput { + return o +} + +func (o URLMapPathMatcherPathRuleRouteActionTimeoutPtrOutput) Elem() URLMapPathMatcherPathRuleRouteActionTimeoutOutput { + return o.ApplyT(func(v *URLMapPathMatcherPathRuleRouteActionTimeout) URLMapPathMatcherPathRuleRouteActionTimeout { + if v != nil { + return *v + } + var ret URLMapPathMatcherPathRuleRouteActionTimeout + return ret + }).(URLMapPathMatcherPathRuleRouteActionTimeoutOutput) +} + +// Span of time that's a fraction of a second at nanosecond resolution. Durations less than one second are represented +// with a 0 seconds field and a positive nanos field. Must be from 0 to 999,999,999 inclusive. +func (o URLMapPathMatcherPathRuleRouteActionTimeoutPtrOutput) Nanos() pulumi.IntPtrOutput { + return o.ApplyT(func(v *URLMapPathMatcherPathRuleRouteActionTimeout) *int { + if v == nil { + return nil + } + return v.Nanos + }).(pulumi.IntPtrOutput) +} + +// Span of time at a resolution of a second. Must be from 0 to 315,576,000,000 inclusive. +// Note: these bounds are computed from: 60 sec/min * 60 min/hr * 24 hr/day * 365.25 days/year * 10000 years +func (o URLMapPathMatcherPathRuleRouteActionTimeoutPtrOutput) Seconds() pulumi.StringPtrOutput { + return o.ApplyT(func(v *URLMapPathMatcherPathRuleRouteActionTimeout) *string { + if v == nil { + return nil + } + return &v.Seconds + }).(pulumi.StringPtrOutput) +} + +type URLMapPathMatcherPathRuleRouteActionUrlRewrite struct { + // Prior to forwarding the request to the selected service, the request's host header is replaced + // with contents of hostRewrite. + // The value must be between 1 and 255 characters. + HostRewrite *string `pulumi:"hostRewrite"` + // Prior to forwarding the request to the selected backend service, the matching portion of the + // request's path is replaced by pathPrefixRewrite. + // The value must be between 1 and 1024 characters. + PathPrefixRewrite *string `pulumi:"pathPrefixRewrite"` +} + +// URLMapPathMatcherPathRuleRouteActionUrlRewriteInput is an input type that accepts URLMapPathMatcherPathRuleRouteActionUrlRewriteArgs and URLMapPathMatcherPathRuleRouteActionUrlRewriteOutput values. +// You can construct a concrete instance of `URLMapPathMatcherPathRuleRouteActionUrlRewriteInput` via: +// +// URLMapPathMatcherPathRuleRouteActionUrlRewriteArgs{...} +type URLMapPathMatcherPathRuleRouteActionUrlRewriteInput interface { + pulumi.Input + + ToURLMapPathMatcherPathRuleRouteActionUrlRewriteOutput() URLMapPathMatcherPathRuleRouteActionUrlRewriteOutput + ToURLMapPathMatcherPathRuleRouteActionUrlRewriteOutputWithContext(context.Context) URLMapPathMatcherPathRuleRouteActionUrlRewriteOutput +} + +type URLMapPathMatcherPathRuleRouteActionUrlRewriteArgs struct { + // Prior to forwarding the request to the selected service, the request's host header is replaced + // with contents of hostRewrite. + // The value must be between 1 and 255 characters. + HostRewrite pulumi.StringPtrInput `pulumi:"hostRewrite"` + // Prior to forwarding the request to the selected backend service, the matching portion of the + // request's path is replaced by pathPrefixRewrite. + // The value must be between 1 and 1024 characters. + PathPrefixRewrite pulumi.StringPtrInput `pulumi:"pathPrefixRewrite"` +} + +func (URLMapPathMatcherPathRuleRouteActionUrlRewriteArgs) ElementType() reflect.Type { + return reflect.TypeOf((*URLMapPathMatcherPathRuleRouteActionUrlRewrite)(nil)).Elem() +} + +func (i URLMapPathMatcherPathRuleRouteActionUrlRewriteArgs) ToURLMapPathMatcherPathRuleRouteActionUrlRewriteOutput() URLMapPathMatcherPathRuleRouteActionUrlRewriteOutput { + return i.ToURLMapPathMatcherPathRuleRouteActionUrlRewriteOutputWithContext(context.Background()) +} + +func (i URLMapPathMatcherPathRuleRouteActionUrlRewriteArgs) ToURLMapPathMatcherPathRuleRouteActionUrlRewriteOutputWithContext(ctx context.Context) URLMapPathMatcherPathRuleRouteActionUrlRewriteOutput { + return pulumi.ToOutputWithContext(ctx, i).(URLMapPathMatcherPathRuleRouteActionUrlRewriteOutput) +} + +func (i URLMapPathMatcherPathRuleRouteActionUrlRewriteArgs) ToURLMapPathMatcherPathRuleRouteActionUrlRewritePtrOutput() URLMapPathMatcherPathRuleRouteActionUrlRewritePtrOutput { + return i.ToURLMapPathMatcherPathRuleRouteActionUrlRewritePtrOutputWithContext(context.Background()) +} + +func (i URLMapPathMatcherPathRuleRouteActionUrlRewriteArgs) ToURLMapPathMatcherPathRuleRouteActionUrlRewritePtrOutputWithContext(ctx context.Context) URLMapPathMatcherPathRuleRouteActionUrlRewritePtrOutput { + return pulumi.ToOutputWithContext(ctx, i).(URLMapPathMatcherPathRuleRouteActionUrlRewriteOutput).ToURLMapPathMatcherPathRuleRouteActionUrlRewritePtrOutputWithContext(ctx) +} + +// URLMapPathMatcherPathRuleRouteActionUrlRewritePtrInput is an input type that accepts URLMapPathMatcherPathRuleRouteActionUrlRewriteArgs, URLMapPathMatcherPathRuleRouteActionUrlRewritePtr and URLMapPathMatcherPathRuleRouteActionUrlRewritePtrOutput values. +// You can construct a concrete instance of `URLMapPathMatcherPathRuleRouteActionUrlRewritePtrInput` via: +// +// URLMapPathMatcherPathRuleRouteActionUrlRewriteArgs{...} +// +// or: +// +// nil +type URLMapPathMatcherPathRuleRouteActionUrlRewritePtrInput interface { + pulumi.Input + + ToURLMapPathMatcherPathRuleRouteActionUrlRewritePtrOutput() URLMapPathMatcherPathRuleRouteActionUrlRewritePtrOutput + ToURLMapPathMatcherPathRuleRouteActionUrlRewritePtrOutputWithContext(context.Context) URLMapPathMatcherPathRuleRouteActionUrlRewritePtrOutput +} + +type urlmapPathMatcherPathRuleRouteActionUrlRewritePtrType URLMapPathMatcherPathRuleRouteActionUrlRewriteArgs + +func URLMapPathMatcherPathRuleRouteActionUrlRewritePtr(v *URLMapPathMatcherPathRuleRouteActionUrlRewriteArgs) URLMapPathMatcherPathRuleRouteActionUrlRewritePtrInput { + return (*urlmapPathMatcherPathRuleRouteActionUrlRewritePtrType)(v) +} + +func (*urlmapPathMatcherPathRuleRouteActionUrlRewritePtrType) ElementType() reflect.Type { + return reflect.TypeOf((**URLMapPathMatcherPathRuleRouteActionUrlRewrite)(nil)).Elem() +} + +func (i *urlmapPathMatcherPathRuleRouteActionUrlRewritePtrType) ToURLMapPathMatcherPathRuleRouteActionUrlRewritePtrOutput() URLMapPathMatcherPathRuleRouteActionUrlRewritePtrOutput { + return i.ToURLMapPathMatcherPathRuleRouteActionUrlRewritePtrOutputWithContext(context.Background()) +} + +func (i *urlmapPathMatcherPathRuleRouteActionUrlRewritePtrType) ToURLMapPathMatcherPathRuleRouteActionUrlRewritePtrOutputWithContext(ctx context.Context) URLMapPathMatcherPathRuleRouteActionUrlRewritePtrOutput { + return pulumi.ToOutputWithContext(ctx, i).(URLMapPathMatcherPathRuleRouteActionUrlRewritePtrOutput) +} + +type URLMapPathMatcherPathRuleRouteActionUrlRewriteOutput struct{ *pulumi.OutputState } + +func (URLMapPathMatcherPathRuleRouteActionUrlRewriteOutput) ElementType() reflect.Type { + return reflect.TypeOf((*URLMapPathMatcherPathRuleRouteActionUrlRewrite)(nil)).Elem() +} + +func (o URLMapPathMatcherPathRuleRouteActionUrlRewriteOutput) ToURLMapPathMatcherPathRuleRouteActionUrlRewriteOutput() URLMapPathMatcherPathRuleRouteActionUrlRewriteOutput { + return o +} + +func (o URLMapPathMatcherPathRuleRouteActionUrlRewriteOutput) ToURLMapPathMatcherPathRuleRouteActionUrlRewriteOutputWithContext(ctx context.Context) URLMapPathMatcherPathRuleRouteActionUrlRewriteOutput { + return o +} + +func (o URLMapPathMatcherPathRuleRouteActionUrlRewriteOutput) ToURLMapPathMatcherPathRuleRouteActionUrlRewritePtrOutput() URLMapPathMatcherPathRuleRouteActionUrlRewritePtrOutput { + return o.ToURLMapPathMatcherPathRuleRouteActionUrlRewritePtrOutputWithContext(context.Background()) +} + +func (o URLMapPathMatcherPathRuleRouteActionUrlRewriteOutput) ToURLMapPathMatcherPathRuleRouteActionUrlRewritePtrOutputWithContext(ctx context.Context) URLMapPathMatcherPathRuleRouteActionUrlRewritePtrOutput { + return o.ApplyTWithContext(ctx, func(_ context.Context, v URLMapPathMatcherPathRuleRouteActionUrlRewrite) *URLMapPathMatcherPathRuleRouteActionUrlRewrite { + return &v + }).(URLMapPathMatcherPathRuleRouteActionUrlRewritePtrOutput) +} + +// Prior to forwarding the request to the selected service, the request's host header is replaced +// with contents of hostRewrite. +// The value must be between 1 and 255 characters. +func (o URLMapPathMatcherPathRuleRouteActionUrlRewriteOutput) HostRewrite() pulumi.StringPtrOutput { + return o.ApplyT(func(v URLMapPathMatcherPathRuleRouteActionUrlRewrite) *string { return v.HostRewrite }).(pulumi.StringPtrOutput) +} + +// Prior to forwarding the request to the selected backend service, the matching portion of the +// request's path is replaced by pathPrefixRewrite. +// The value must be between 1 and 1024 characters. +func (o URLMapPathMatcherPathRuleRouteActionUrlRewriteOutput) PathPrefixRewrite() pulumi.StringPtrOutput { + return o.ApplyT(func(v URLMapPathMatcherPathRuleRouteActionUrlRewrite) *string { return v.PathPrefixRewrite }).(pulumi.StringPtrOutput) +} + +type URLMapPathMatcherPathRuleRouteActionUrlRewritePtrOutput struct{ *pulumi.OutputState } + +func (URLMapPathMatcherPathRuleRouteActionUrlRewritePtrOutput) ElementType() reflect.Type { + return reflect.TypeOf((**URLMapPathMatcherPathRuleRouteActionUrlRewrite)(nil)).Elem() +} + +func (o URLMapPathMatcherPathRuleRouteActionUrlRewritePtrOutput) ToURLMapPathMatcherPathRuleRouteActionUrlRewritePtrOutput() URLMapPathMatcherPathRuleRouteActionUrlRewritePtrOutput { + return o +} + +func (o URLMapPathMatcherPathRuleRouteActionUrlRewritePtrOutput) ToURLMapPathMatcherPathRuleRouteActionUrlRewritePtrOutputWithContext(ctx context.Context) URLMapPathMatcherPathRuleRouteActionUrlRewritePtrOutput { + return o +} + +func (o URLMapPathMatcherPathRuleRouteActionUrlRewritePtrOutput) Elem() URLMapPathMatcherPathRuleRouteActionUrlRewriteOutput { + return o.ApplyT(func(v *URLMapPathMatcherPathRuleRouteActionUrlRewrite) URLMapPathMatcherPathRuleRouteActionUrlRewrite { + if v != nil { + return *v + } + var ret URLMapPathMatcherPathRuleRouteActionUrlRewrite + return ret + }).(URLMapPathMatcherPathRuleRouteActionUrlRewriteOutput) +} + +// Prior to forwarding the request to the selected service, the request's host header is replaced +// with contents of hostRewrite. +// The value must be between 1 and 255 characters. +func (o URLMapPathMatcherPathRuleRouteActionUrlRewritePtrOutput) HostRewrite() pulumi.StringPtrOutput { + return o.ApplyT(func(v *URLMapPathMatcherPathRuleRouteActionUrlRewrite) *string { + if v == nil { + return nil + } + return v.HostRewrite + }).(pulumi.StringPtrOutput) +} + +// Prior to forwarding the request to the selected backend service, the matching portion of the +// request's path is replaced by pathPrefixRewrite. +// The value must be between 1 and 1024 characters. +func (o URLMapPathMatcherPathRuleRouteActionUrlRewritePtrOutput) PathPrefixRewrite() pulumi.StringPtrOutput { + return o.ApplyT(func(v *URLMapPathMatcherPathRuleRouteActionUrlRewrite) *string { + if v == nil { + return nil + } + return v.PathPrefixRewrite + }).(pulumi.StringPtrOutput) +} + type URLMapPathMatcherPathRuleRouteActionWeightedBackendService struct { // The full or partial URL to the default BackendService resource. Before forwarding the // request to backendService, the loadbalancer applies any relevant headerActions @@ -16924,6 +17806,8 @@ type GetInstanceScheduling struct { // instance. One of `MIGRATE` or `TERMINATE`, for more info, read // [here](https://cloud.google.com/compute/docs/instances/setting-instance-scheduling-options) OnHostMaintenance string `pulumi:"onHostMaintenance"` + // Defines the behaviour for instances with the instance_termination_action. + OnInstanceStopActions []GetInstanceSchedulingOnInstanceStopAction `pulumi:"onInstanceStopActions"` // Whether the instance is preemptible. Preemptible bool `pulumi:"preemptible"` // Describe the type of preemptible VM. @@ -16963,6 +17847,8 @@ type GetInstanceSchedulingArgs struct { // instance. One of `MIGRATE` or `TERMINATE`, for more info, read // [here](https://cloud.google.com/compute/docs/instances/setting-instance-scheduling-options) OnHostMaintenance pulumi.StringInput `pulumi:"onHostMaintenance"` + // Defines the behaviour for instances with the instance_termination_action. + OnInstanceStopActions GetInstanceSchedulingOnInstanceStopActionArrayInput `pulumi:"onInstanceStopActions"` // Whether the instance is preemptible. Preemptible pulumi.BoolInput `pulumi:"preemptible"` // Describe the type of preemptible VM. @@ -17068,6 +17954,13 @@ func (o GetInstanceSchedulingOutput) OnHostMaintenance() pulumi.StringOutput { return o.ApplyT(func(v GetInstanceScheduling) string { return v.OnHostMaintenance }).(pulumi.StringOutput) } +// Defines the behaviour for instances with the instance_termination_action. +func (o GetInstanceSchedulingOutput) OnInstanceStopActions() GetInstanceSchedulingOnInstanceStopActionArrayOutput { + return o.ApplyT(func(v GetInstanceScheduling) []GetInstanceSchedulingOnInstanceStopAction { + return v.OnInstanceStopActions + }).(GetInstanceSchedulingOnInstanceStopActionArrayOutput) +} + // Whether the instance is preemptible. func (o GetInstanceSchedulingOutput) Preemptible() pulumi.BoolOutput { return o.ApplyT(func(v GetInstanceScheduling) bool { return v.Preemptible }).(pulumi.BoolOutput) @@ -17440,6 +18333,103 @@ func (o GetInstanceSchedulingNodeAffinityArrayOutput) Index(i pulumi.IntInput) G }).(GetInstanceSchedulingNodeAffinityOutput) } +type GetInstanceSchedulingOnInstanceStopAction struct { + // If true, the contents of any attached Local SSD disks will be discarded. + DiscardLocalSsd bool `pulumi:"discardLocalSsd"` +} + +// GetInstanceSchedulingOnInstanceStopActionInput is an input type that accepts GetInstanceSchedulingOnInstanceStopActionArgs and GetInstanceSchedulingOnInstanceStopActionOutput values. +// You can construct a concrete instance of `GetInstanceSchedulingOnInstanceStopActionInput` via: +// +// GetInstanceSchedulingOnInstanceStopActionArgs{...} +type GetInstanceSchedulingOnInstanceStopActionInput interface { + pulumi.Input + + ToGetInstanceSchedulingOnInstanceStopActionOutput() GetInstanceSchedulingOnInstanceStopActionOutput + ToGetInstanceSchedulingOnInstanceStopActionOutputWithContext(context.Context) GetInstanceSchedulingOnInstanceStopActionOutput +} + +type GetInstanceSchedulingOnInstanceStopActionArgs struct { + // If true, the contents of any attached Local SSD disks will be discarded. + DiscardLocalSsd pulumi.BoolInput `pulumi:"discardLocalSsd"` +} + +func (GetInstanceSchedulingOnInstanceStopActionArgs) ElementType() reflect.Type { + return reflect.TypeOf((*GetInstanceSchedulingOnInstanceStopAction)(nil)).Elem() +} + +func (i GetInstanceSchedulingOnInstanceStopActionArgs) ToGetInstanceSchedulingOnInstanceStopActionOutput() GetInstanceSchedulingOnInstanceStopActionOutput { + return i.ToGetInstanceSchedulingOnInstanceStopActionOutputWithContext(context.Background()) +} + +func (i GetInstanceSchedulingOnInstanceStopActionArgs) ToGetInstanceSchedulingOnInstanceStopActionOutputWithContext(ctx context.Context) GetInstanceSchedulingOnInstanceStopActionOutput { + return pulumi.ToOutputWithContext(ctx, i).(GetInstanceSchedulingOnInstanceStopActionOutput) +} + +// GetInstanceSchedulingOnInstanceStopActionArrayInput is an input type that accepts GetInstanceSchedulingOnInstanceStopActionArray and GetInstanceSchedulingOnInstanceStopActionArrayOutput values. +// You can construct a concrete instance of `GetInstanceSchedulingOnInstanceStopActionArrayInput` via: +// +// GetInstanceSchedulingOnInstanceStopActionArray{ GetInstanceSchedulingOnInstanceStopActionArgs{...} } +type GetInstanceSchedulingOnInstanceStopActionArrayInput interface { + pulumi.Input + + ToGetInstanceSchedulingOnInstanceStopActionArrayOutput() GetInstanceSchedulingOnInstanceStopActionArrayOutput + ToGetInstanceSchedulingOnInstanceStopActionArrayOutputWithContext(context.Context) GetInstanceSchedulingOnInstanceStopActionArrayOutput +} + +type GetInstanceSchedulingOnInstanceStopActionArray []GetInstanceSchedulingOnInstanceStopActionInput + +func (GetInstanceSchedulingOnInstanceStopActionArray) ElementType() reflect.Type { + return reflect.TypeOf((*[]GetInstanceSchedulingOnInstanceStopAction)(nil)).Elem() +} + +func (i GetInstanceSchedulingOnInstanceStopActionArray) ToGetInstanceSchedulingOnInstanceStopActionArrayOutput() GetInstanceSchedulingOnInstanceStopActionArrayOutput { + return i.ToGetInstanceSchedulingOnInstanceStopActionArrayOutputWithContext(context.Background()) +} + +func (i GetInstanceSchedulingOnInstanceStopActionArray) ToGetInstanceSchedulingOnInstanceStopActionArrayOutputWithContext(ctx context.Context) GetInstanceSchedulingOnInstanceStopActionArrayOutput { + return pulumi.ToOutputWithContext(ctx, i).(GetInstanceSchedulingOnInstanceStopActionArrayOutput) +} + +type GetInstanceSchedulingOnInstanceStopActionOutput struct{ *pulumi.OutputState } + +func (GetInstanceSchedulingOnInstanceStopActionOutput) ElementType() reflect.Type { + return reflect.TypeOf((*GetInstanceSchedulingOnInstanceStopAction)(nil)).Elem() +} + +func (o GetInstanceSchedulingOnInstanceStopActionOutput) ToGetInstanceSchedulingOnInstanceStopActionOutput() GetInstanceSchedulingOnInstanceStopActionOutput { + return o +} + +func (o GetInstanceSchedulingOnInstanceStopActionOutput) ToGetInstanceSchedulingOnInstanceStopActionOutputWithContext(ctx context.Context) GetInstanceSchedulingOnInstanceStopActionOutput { + return o +} + +// If true, the contents of any attached Local SSD disks will be discarded. +func (o GetInstanceSchedulingOnInstanceStopActionOutput) DiscardLocalSsd() pulumi.BoolOutput { + return o.ApplyT(func(v GetInstanceSchedulingOnInstanceStopAction) bool { return v.DiscardLocalSsd }).(pulumi.BoolOutput) +} + +type GetInstanceSchedulingOnInstanceStopActionArrayOutput struct{ *pulumi.OutputState } + +func (GetInstanceSchedulingOnInstanceStopActionArrayOutput) ElementType() reflect.Type { + return reflect.TypeOf((*[]GetInstanceSchedulingOnInstanceStopAction)(nil)).Elem() +} + +func (o GetInstanceSchedulingOnInstanceStopActionArrayOutput) ToGetInstanceSchedulingOnInstanceStopActionArrayOutput() GetInstanceSchedulingOnInstanceStopActionArrayOutput { + return o +} + +func (o GetInstanceSchedulingOnInstanceStopActionArrayOutput) ToGetInstanceSchedulingOnInstanceStopActionArrayOutputWithContext(ctx context.Context) GetInstanceSchedulingOnInstanceStopActionArrayOutput { + return o +} + +func (o GetInstanceSchedulingOnInstanceStopActionArrayOutput) Index(i pulumi.IntInput) GetInstanceSchedulingOnInstanceStopActionOutput { + return pulumi.All(o, i).ApplyT(func(vs []interface{}) GetInstanceSchedulingOnInstanceStopAction { + return vs[0].([]GetInstanceSchedulingOnInstanceStopAction)[vs[1].(int)] + }).(GetInstanceSchedulingOnInstanceStopActionOutput) +} + type GetInstanceScratchDisk struct { // Name with which the attached disk is accessible // under `/dev/disk/by-id/` @@ -19794,6 +20784,8 @@ type GetInstanceTemplateScheduling struct { // Defines the maintenance behavior for this // instance. OnHostMaintenance string `pulumi:"onHostMaintenance"` + // Defines the behaviour for instances with the instance_termination_action. + OnInstanceStopActions []GetInstanceTemplateSchedulingOnInstanceStopAction `pulumi:"onInstanceStopActions"` // Allows instance to be preempted. This defaults to // false. Read more on this // [here](https://cloud.google.com/compute/docs/instances/preemptible). @@ -19840,6 +20832,8 @@ type GetInstanceTemplateSchedulingArgs struct { // Defines the maintenance behavior for this // instance. OnHostMaintenance pulumi.StringInput `pulumi:"onHostMaintenance"` + // Defines the behaviour for instances with the instance_termination_action. + OnInstanceStopActions GetInstanceTemplateSchedulingOnInstanceStopActionArrayInput `pulumi:"onInstanceStopActions"` // Allows instance to be preempted. This defaults to // false. Read more on this // [here](https://cloud.google.com/compute/docs/instances/preemptible). @@ -19956,6 +20950,13 @@ func (o GetInstanceTemplateSchedulingOutput) OnHostMaintenance() pulumi.StringOu return o.ApplyT(func(v GetInstanceTemplateScheduling) string { return v.OnHostMaintenance }).(pulumi.StringOutput) } +// Defines the behaviour for instances with the instance_termination_action. +func (o GetInstanceTemplateSchedulingOutput) OnInstanceStopActions() GetInstanceTemplateSchedulingOnInstanceStopActionArrayOutput { + return o.ApplyT(func(v GetInstanceTemplateScheduling) []GetInstanceTemplateSchedulingOnInstanceStopAction { + return v.OnInstanceStopActions + }).(GetInstanceTemplateSchedulingOnInstanceStopActionArrayOutput) +} + // Allows instance to be preempted. This defaults to // false. Read more on this // [here](https://cloud.google.com/compute/docs/instances/preemptible). @@ -20339,6 +21340,103 @@ func (o GetInstanceTemplateSchedulingNodeAffinityArrayOutput) Index(i pulumi.Int }).(GetInstanceTemplateSchedulingNodeAffinityOutput) } +type GetInstanceTemplateSchedulingOnInstanceStopAction struct { + // If true, the contents of any attached Local SSD disks will be discarded. + DiscardLocalSsd bool `pulumi:"discardLocalSsd"` +} + +// GetInstanceTemplateSchedulingOnInstanceStopActionInput is an input type that accepts GetInstanceTemplateSchedulingOnInstanceStopActionArgs and GetInstanceTemplateSchedulingOnInstanceStopActionOutput values. +// You can construct a concrete instance of `GetInstanceTemplateSchedulingOnInstanceStopActionInput` via: +// +// GetInstanceTemplateSchedulingOnInstanceStopActionArgs{...} +type GetInstanceTemplateSchedulingOnInstanceStopActionInput interface { + pulumi.Input + + ToGetInstanceTemplateSchedulingOnInstanceStopActionOutput() GetInstanceTemplateSchedulingOnInstanceStopActionOutput + ToGetInstanceTemplateSchedulingOnInstanceStopActionOutputWithContext(context.Context) GetInstanceTemplateSchedulingOnInstanceStopActionOutput +} + +type GetInstanceTemplateSchedulingOnInstanceStopActionArgs struct { + // If true, the contents of any attached Local SSD disks will be discarded. + DiscardLocalSsd pulumi.BoolInput `pulumi:"discardLocalSsd"` +} + +func (GetInstanceTemplateSchedulingOnInstanceStopActionArgs) ElementType() reflect.Type { + return reflect.TypeOf((*GetInstanceTemplateSchedulingOnInstanceStopAction)(nil)).Elem() +} + +func (i GetInstanceTemplateSchedulingOnInstanceStopActionArgs) ToGetInstanceTemplateSchedulingOnInstanceStopActionOutput() GetInstanceTemplateSchedulingOnInstanceStopActionOutput { + return i.ToGetInstanceTemplateSchedulingOnInstanceStopActionOutputWithContext(context.Background()) +} + +func (i GetInstanceTemplateSchedulingOnInstanceStopActionArgs) ToGetInstanceTemplateSchedulingOnInstanceStopActionOutputWithContext(ctx context.Context) GetInstanceTemplateSchedulingOnInstanceStopActionOutput { + return pulumi.ToOutputWithContext(ctx, i).(GetInstanceTemplateSchedulingOnInstanceStopActionOutput) +} + +// GetInstanceTemplateSchedulingOnInstanceStopActionArrayInput is an input type that accepts GetInstanceTemplateSchedulingOnInstanceStopActionArray and GetInstanceTemplateSchedulingOnInstanceStopActionArrayOutput values. +// You can construct a concrete instance of `GetInstanceTemplateSchedulingOnInstanceStopActionArrayInput` via: +// +// GetInstanceTemplateSchedulingOnInstanceStopActionArray{ GetInstanceTemplateSchedulingOnInstanceStopActionArgs{...} } +type GetInstanceTemplateSchedulingOnInstanceStopActionArrayInput interface { + pulumi.Input + + ToGetInstanceTemplateSchedulingOnInstanceStopActionArrayOutput() GetInstanceTemplateSchedulingOnInstanceStopActionArrayOutput + ToGetInstanceTemplateSchedulingOnInstanceStopActionArrayOutputWithContext(context.Context) GetInstanceTemplateSchedulingOnInstanceStopActionArrayOutput +} + +type GetInstanceTemplateSchedulingOnInstanceStopActionArray []GetInstanceTemplateSchedulingOnInstanceStopActionInput + +func (GetInstanceTemplateSchedulingOnInstanceStopActionArray) ElementType() reflect.Type { + return reflect.TypeOf((*[]GetInstanceTemplateSchedulingOnInstanceStopAction)(nil)).Elem() +} + +func (i GetInstanceTemplateSchedulingOnInstanceStopActionArray) ToGetInstanceTemplateSchedulingOnInstanceStopActionArrayOutput() GetInstanceTemplateSchedulingOnInstanceStopActionArrayOutput { + return i.ToGetInstanceTemplateSchedulingOnInstanceStopActionArrayOutputWithContext(context.Background()) +} + +func (i GetInstanceTemplateSchedulingOnInstanceStopActionArray) ToGetInstanceTemplateSchedulingOnInstanceStopActionArrayOutputWithContext(ctx context.Context) GetInstanceTemplateSchedulingOnInstanceStopActionArrayOutput { + return pulumi.ToOutputWithContext(ctx, i).(GetInstanceTemplateSchedulingOnInstanceStopActionArrayOutput) +} + +type GetInstanceTemplateSchedulingOnInstanceStopActionOutput struct{ *pulumi.OutputState } + +func (GetInstanceTemplateSchedulingOnInstanceStopActionOutput) ElementType() reflect.Type { + return reflect.TypeOf((*GetInstanceTemplateSchedulingOnInstanceStopAction)(nil)).Elem() +} + +func (o GetInstanceTemplateSchedulingOnInstanceStopActionOutput) ToGetInstanceTemplateSchedulingOnInstanceStopActionOutput() GetInstanceTemplateSchedulingOnInstanceStopActionOutput { + return o +} + +func (o GetInstanceTemplateSchedulingOnInstanceStopActionOutput) ToGetInstanceTemplateSchedulingOnInstanceStopActionOutputWithContext(ctx context.Context) GetInstanceTemplateSchedulingOnInstanceStopActionOutput { + return o +} + +// If true, the contents of any attached Local SSD disks will be discarded. +func (o GetInstanceTemplateSchedulingOnInstanceStopActionOutput) DiscardLocalSsd() pulumi.BoolOutput { + return o.ApplyT(func(v GetInstanceTemplateSchedulingOnInstanceStopAction) bool { return v.DiscardLocalSsd }).(pulumi.BoolOutput) +} + +type GetInstanceTemplateSchedulingOnInstanceStopActionArrayOutput struct{ *pulumi.OutputState } + +func (GetInstanceTemplateSchedulingOnInstanceStopActionArrayOutput) ElementType() reflect.Type { + return reflect.TypeOf((*[]GetInstanceTemplateSchedulingOnInstanceStopAction)(nil)).Elem() +} + +func (o GetInstanceTemplateSchedulingOnInstanceStopActionArrayOutput) ToGetInstanceTemplateSchedulingOnInstanceStopActionArrayOutput() GetInstanceTemplateSchedulingOnInstanceStopActionArrayOutput { + return o +} + +func (o GetInstanceTemplateSchedulingOnInstanceStopActionArrayOutput) ToGetInstanceTemplateSchedulingOnInstanceStopActionArrayOutputWithContext(ctx context.Context) GetInstanceTemplateSchedulingOnInstanceStopActionArrayOutput { + return o +} + +func (o GetInstanceTemplateSchedulingOnInstanceStopActionArrayOutput) Index(i pulumi.IntInput) GetInstanceTemplateSchedulingOnInstanceStopActionOutput { + return pulumi.All(o, i).ApplyT(func(vs []interface{}) GetInstanceTemplateSchedulingOnInstanceStopAction { + return vs[0].([]GetInstanceTemplateSchedulingOnInstanceStopAction)[vs[1].(int)] + }).(GetInstanceTemplateSchedulingOnInstanceStopActionOutput) +} + type GetInstanceTemplateServiceAccount struct { // The service account e-mail address. If not given, the // default Google Compute Engine service account is used. @@ -23723,6 +24821,8 @@ type GetRegionInstanceTemplateScheduling struct { // Defines the maintenance behavior for this // instance. OnHostMaintenance string `pulumi:"onHostMaintenance"` + // Defines the behaviour for instances with the instance_termination_action. + OnInstanceStopActions []GetRegionInstanceTemplateSchedulingOnInstanceStopAction `pulumi:"onInstanceStopActions"` // Allows instance to be preempted. This defaults to // false. Read more on this // [here](https://cloud.google.com/compute/docs/instances/preemptible). @@ -23769,6 +24869,8 @@ type GetRegionInstanceTemplateSchedulingArgs struct { // Defines the maintenance behavior for this // instance. OnHostMaintenance pulumi.StringInput `pulumi:"onHostMaintenance"` + // Defines the behaviour for instances with the instance_termination_action. + OnInstanceStopActions GetRegionInstanceTemplateSchedulingOnInstanceStopActionArrayInput `pulumi:"onInstanceStopActions"` // Allows instance to be preempted. This defaults to // false. Read more on this // [here](https://cloud.google.com/compute/docs/instances/preemptible). @@ -23885,6 +24987,13 @@ func (o GetRegionInstanceTemplateSchedulingOutput) OnHostMaintenance() pulumi.St return o.ApplyT(func(v GetRegionInstanceTemplateScheduling) string { return v.OnHostMaintenance }).(pulumi.StringOutput) } +// Defines the behaviour for instances with the instance_termination_action. +func (o GetRegionInstanceTemplateSchedulingOutput) OnInstanceStopActions() GetRegionInstanceTemplateSchedulingOnInstanceStopActionArrayOutput { + return o.ApplyT(func(v GetRegionInstanceTemplateScheduling) []GetRegionInstanceTemplateSchedulingOnInstanceStopAction { + return v.OnInstanceStopActions + }).(GetRegionInstanceTemplateSchedulingOnInstanceStopActionArrayOutput) +} + // Allows instance to be preempted. This defaults to // false. Read more on this // [here](https://cloud.google.com/compute/docs/instances/preemptible). @@ -24268,6 +25377,103 @@ func (o GetRegionInstanceTemplateSchedulingNodeAffinityArrayOutput) Index(i pulu }).(GetRegionInstanceTemplateSchedulingNodeAffinityOutput) } +type GetRegionInstanceTemplateSchedulingOnInstanceStopAction struct { + // If true, the contents of any attached Local SSD disks will be discarded. + DiscardLocalSsd bool `pulumi:"discardLocalSsd"` +} + +// GetRegionInstanceTemplateSchedulingOnInstanceStopActionInput is an input type that accepts GetRegionInstanceTemplateSchedulingOnInstanceStopActionArgs and GetRegionInstanceTemplateSchedulingOnInstanceStopActionOutput values. +// You can construct a concrete instance of `GetRegionInstanceTemplateSchedulingOnInstanceStopActionInput` via: +// +// GetRegionInstanceTemplateSchedulingOnInstanceStopActionArgs{...} +type GetRegionInstanceTemplateSchedulingOnInstanceStopActionInput interface { + pulumi.Input + + ToGetRegionInstanceTemplateSchedulingOnInstanceStopActionOutput() GetRegionInstanceTemplateSchedulingOnInstanceStopActionOutput + ToGetRegionInstanceTemplateSchedulingOnInstanceStopActionOutputWithContext(context.Context) GetRegionInstanceTemplateSchedulingOnInstanceStopActionOutput +} + +type GetRegionInstanceTemplateSchedulingOnInstanceStopActionArgs struct { + // If true, the contents of any attached Local SSD disks will be discarded. + DiscardLocalSsd pulumi.BoolInput `pulumi:"discardLocalSsd"` +} + +func (GetRegionInstanceTemplateSchedulingOnInstanceStopActionArgs) ElementType() reflect.Type { + return reflect.TypeOf((*GetRegionInstanceTemplateSchedulingOnInstanceStopAction)(nil)).Elem() +} + +func (i GetRegionInstanceTemplateSchedulingOnInstanceStopActionArgs) ToGetRegionInstanceTemplateSchedulingOnInstanceStopActionOutput() GetRegionInstanceTemplateSchedulingOnInstanceStopActionOutput { + return i.ToGetRegionInstanceTemplateSchedulingOnInstanceStopActionOutputWithContext(context.Background()) +} + +func (i GetRegionInstanceTemplateSchedulingOnInstanceStopActionArgs) ToGetRegionInstanceTemplateSchedulingOnInstanceStopActionOutputWithContext(ctx context.Context) GetRegionInstanceTemplateSchedulingOnInstanceStopActionOutput { + return pulumi.ToOutputWithContext(ctx, i).(GetRegionInstanceTemplateSchedulingOnInstanceStopActionOutput) +} + +// GetRegionInstanceTemplateSchedulingOnInstanceStopActionArrayInput is an input type that accepts GetRegionInstanceTemplateSchedulingOnInstanceStopActionArray and GetRegionInstanceTemplateSchedulingOnInstanceStopActionArrayOutput values. +// You can construct a concrete instance of `GetRegionInstanceTemplateSchedulingOnInstanceStopActionArrayInput` via: +// +// GetRegionInstanceTemplateSchedulingOnInstanceStopActionArray{ GetRegionInstanceTemplateSchedulingOnInstanceStopActionArgs{...} } +type GetRegionInstanceTemplateSchedulingOnInstanceStopActionArrayInput interface { + pulumi.Input + + ToGetRegionInstanceTemplateSchedulingOnInstanceStopActionArrayOutput() GetRegionInstanceTemplateSchedulingOnInstanceStopActionArrayOutput + ToGetRegionInstanceTemplateSchedulingOnInstanceStopActionArrayOutputWithContext(context.Context) GetRegionInstanceTemplateSchedulingOnInstanceStopActionArrayOutput +} + +type GetRegionInstanceTemplateSchedulingOnInstanceStopActionArray []GetRegionInstanceTemplateSchedulingOnInstanceStopActionInput + +func (GetRegionInstanceTemplateSchedulingOnInstanceStopActionArray) ElementType() reflect.Type { + return reflect.TypeOf((*[]GetRegionInstanceTemplateSchedulingOnInstanceStopAction)(nil)).Elem() +} + +func (i GetRegionInstanceTemplateSchedulingOnInstanceStopActionArray) ToGetRegionInstanceTemplateSchedulingOnInstanceStopActionArrayOutput() GetRegionInstanceTemplateSchedulingOnInstanceStopActionArrayOutput { + return i.ToGetRegionInstanceTemplateSchedulingOnInstanceStopActionArrayOutputWithContext(context.Background()) +} + +func (i GetRegionInstanceTemplateSchedulingOnInstanceStopActionArray) ToGetRegionInstanceTemplateSchedulingOnInstanceStopActionArrayOutputWithContext(ctx context.Context) GetRegionInstanceTemplateSchedulingOnInstanceStopActionArrayOutput { + return pulumi.ToOutputWithContext(ctx, i).(GetRegionInstanceTemplateSchedulingOnInstanceStopActionArrayOutput) +} + +type GetRegionInstanceTemplateSchedulingOnInstanceStopActionOutput struct{ *pulumi.OutputState } + +func (GetRegionInstanceTemplateSchedulingOnInstanceStopActionOutput) ElementType() reflect.Type { + return reflect.TypeOf((*GetRegionInstanceTemplateSchedulingOnInstanceStopAction)(nil)).Elem() +} + +func (o GetRegionInstanceTemplateSchedulingOnInstanceStopActionOutput) ToGetRegionInstanceTemplateSchedulingOnInstanceStopActionOutput() GetRegionInstanceTemplateSchedulingOnInstanceStopActionOutput { + return o +} + +func (o GetRegionInstanceTemplateSchedulingOnInstanceStopActionOutput) ToGetRegionInstanceTemplateSchedulingOnInstanceStopActionOutputWithContext(ctx context.Context) GetRegionInstanceTemplateSchedulingOnInstanceStopActionOutput { + return o +} + +// If true, the contents of any attached Local SSD disks will be discarded. +func (o GetRegionInstanceTemplateSchedulingOnInstanceStopActionOutput) DiscardLocalSsd() pulumi.BoolOutput { + return o.ApplyT(func(v GetRegionInstanceTemplateSchedulingOnInstanceStopAction) bool { return v.DiscardLocalSsd }).(pulumi.BoolOutput) +} + +type GetRegionInstanceTemplateSchedulingOnInstanceStopActionArrayOutput struct{ *pulumi.OutputState } + +func (GetRegionInstanceTemplateSchedulingOnInstanceStopActionArrayOutput) ElementType() reflect.Type { + return reflect.TypeOf((*[]GetRegionInstanceTemplateSchedulingOnInstanceStopAction)(nil)).Elem() +} + +func (o GetRegionInstanceTemplateSchedulingOnInstanceStopActionArrayOutput) ToGetRegionInstanceTemplateSchedulingOnInstanceStopActionArrayOutput() GetRegionInstanceTemplateSchedulingOnInstanceStopActionArrayOutput { + return o +} + +func (o GetRegionInstanceTemplateSchedulingOnInstanceStopActionArrayOutput) ToGetRegionInstanceTemplateSchedulingOnInstanceStopActionArrayOutputWithContext(ctx context.Context) GetRegionInstanceTemplateSchedulingOnInstanceStopActionArrayOutput { + return o +} + +func (o GetRegionInstanceTemplateSchedulingOnInstanceStopActionArrayOutput) Index(i pulumi.IntInput) GetRegionInstanceTemplateSchedulingOnInstanceStopActionOutput { + return pulumi.All(o, i).ApplyT(func(vs []interface{}) GetRegionInstanceTemplateSchedulingOnInstanceStopAction { + return vs[0].([]GetRegionInstanceTemplateSchedulingOnInstanceStopAction)[vs[1].(int)] + }).(GetRegionInstanceTemplateSchedulingOnInstanceStopActionOutput) +} + type GetRegionInstanceTemplateServiceAccount struct { // The service account e-mail address. If not given, the // default Google Compute Engine service account is used. @@ -29158,7 +30364,165 @@ func (o GetSubnetworkSecondaryIpRangeArrayOutput) Index(i pulumi.IntInput) GetSu }).(GetSubnetworkSecondaryIpRangeOutput) } +type GetSubnetworksSubnetwork struct { + // Description of the subnetwork. + Description string `pulumi:"description"` + // The IP address range represented as a CIDR block. + IpCidrRange string `pulumi:"ipCidrRange"` + // The name of the subnetwork. + Name string `pulumi:"name"` + // The self link of the parent network. + Network string `pulumi:"network"` + NetworkSelfLink string `pulumi:"networkSelfLink"` + // Whether the VMs in the subnet can access Google services without assigned external IP addresses. + PrivateIpGoogleAccess bool `pulumi:"privateIpGoogleAccess"` + // The self link of the subnetwork. + SelfLink string `pulumi:"selfLink"` +} + +// GetSubnetworksSubnetworkInput is an input type that accepts GetSubnetworksSubnetworkArgs and GetSubnetworksSubnetworkOutput values. +// You can construct a concrete instance of `GetSubnetworksSubnetworkInput` via: +// +// GetSubnetworksSubnetworkArgs{...} +type GetSubnetworksSubnetworkInput interface { + pulumi.Input + + ToGetSubnetworksSubnetworkOutput() GetSubnetworksSubnetworkOutput + ToGetSubnetworksSubnetworkOutputWithContext(context.Context) GetSubnetworksSubnetworkOutput +} + +type GetSubnetworksSubnetworkArgs struct { + // Description of the subnetwork. + Description pulumi.StringInput `pulumi:"description"` + // The IP address range represented as a CIDR block. + IpCidrRange pulumi.StringInput `pulumi:"ipCidrRange"` + // The name of the subnetwork. + Name pulumi.StringInput `pulumi:"name"` + // The self link of the parent network. + Network pulumi.StringInput `pulumi:"network"` + NetworkSelfLink pulumi.StringInput `pulumi:"networkSelfLink"` + // Whether the VMs in the subnet can access Google services without assigned external IP addresses. + PrivateIpGoogleAccess pulumi.BoolInput `pulumi:"privateIpGoogleAccess"` + // The self link of the subnetwork. + SelfLink pulumi.StringInput `pulumi:"selfLink"` +} + +func (GetSubnetworksSubnetworkArgs) ElementType() reflect.Type { + return reflect.TypeOf((*GetSubnetworksSubnetwork)(nil)).Elem() +} + +func (i GetSubnetworksSubnetworkArgs) ToGetSubnetworksSubnetworkOutput() GetSubnetworksSubnetworkOutput { + return i.ToGetSubnetworksSubnetworkOutputWithContext(context.Background()) +} + +func (i GetSubnetworksSubnetworkArgs) ToGetSubnetworksSubnetworkOutputWithContext(ctx context.Context) GetSubnetworksSubnetworkOutput { + return pulumi.ToOutputWithContext(ctx, i).(GetSubnetworksSubnetworkOutput) +} + +// GetSubnetworksSubnetworkArrayInput is an input type that accepts GetSubnetworksSubnetworkArray and GetSubnetworksSubnetworkArrayOutput values. +// You can construct a concrete instance of `GetSubnetworksSubnetworkArrayInput` via: +// +// GetSubnetworksSubnetworkArray{ GetSubnetworksSubnetworkArgs{...} } +type GetSubnetworksSubnetworkArrayInput interface { + pulumi.Input + + ToGetSubnetworksSubnetworkArrayOutput() GetSubnetworksSubnetworkArrayOutput + ToGetSubnetworksSubnetworkArrayOutputWithContext(context.Context) GetSubnetworksSubnetworkArrayOutput +} + +type GetSubnetworksSubnetworkArray []GetSubnetworksSubnetworkInput + +func (GetSubnetworksSubnetworkArray) ElementType() reflect.Type { + return reflect.TypeOf((*[]GetSubnetworksSubnetwork)(nil)).Elem() +} + +func (i GetSubnetworksSubnetworkArray) ToGetSubnetworksSubnetworkArrayOutput() GetSubnetworksSubnetworkArrayOutput { + return i.ToGetSubnetworksSubnetworkArrayOutputWithContext(context.Background()) +} + +func (i GetSubnetworksSubnetworkArray) ToGetSubnetworksSubnetworkArrayOutputWithContext(ctx context.Context) GetSubnetworksSubnetworkArrayOutput { + return pulumi.ToOutputWithContext(ctx, i).(GetSubnetworksSubnetworkArrayOutput) +} + +type GetSubnetworksSubnetworkOutput struct{ *pulumi.OutputState } + +func (GetSubnetworksSubnetworkOutput) ElementType() reflect.Type { + return reflect.TypeOf((*GetSubnetworksSubnetwork)(nil)).Elem() +} + +func (o GetSubnetworksSubnetworkOutput) ToGetSubnetworksSubnetworkOutput() GetSubnetworksSubnetworkOutput { + return o +} + +func (o GetSubnetworksSubnetworkOutput) ToGetSubnetworksSubnetworkOutputWithContext(ctx context.Context) GetSubnetworksSubnetworkOutput { + return o +} + +// Description of the subnetwork. +func (o GetSubnetworksSubnetworkOutput) Description() pulumi.StringOutput { + return o.ApplyT(func(v GetSubnetworksSubnetwork) string { return v.Description }).(pulumi.StringOutput) +} + +// The IP address range represented as a CIDR block. +func (o GetSubnetworksSubnetworkOutput) IpCidrRange() pulumi.StringOutput { + return o.ApplyT(func(v GetSubnetworksSubnetwork) string { return v.IpCidrRange }).(pulumi.StringOutput) +} + +// The name of the subnetwork. +func (o GetSubnetworksSubnetworkOutput) Name() pulumi.StringOutput { + return o.ApplyT(func(v GetSubnetworksSubnetwork) string { return v.Name }).(pulumi.StringOutput) +} + +// The self link of the parent network. +func (o GetSubnetworksSubnetworkOutput) Network() pulumi.StringOutput { + return o.ApplyT(func(v GetSubnetworksSubnetwork) string { return v.Network }).(pulumi.StringOutput) +} + +func (o GetSubnetworksSubnetworkOutput) NetworkSelfLink() pulumi.StringOutput { + return o.ApplyT(func(v GetSubnetworksSubnetwork) string { return v.NetworkSelfLink }).(pulumi.StringOutput) +} + +// Whether the VMs in the subnet can access Google services without assigned external IP addresses. +func (o GetSubnetworksSubnetworkOutput) PrivateIpGoogleAccess() pulumi.BoolOutput { + return o.ApplyT(func(v GetSubnetworksSubnetwork) bool { return v.PrivateIpGoogleAccess }).(pulumi.BoolOutput) +} + +// The self link of the subnetwork. +func (o GetSubnetworksSubnetworkOutput) SelfLink() pulumi.StringOutput { + return o.ApplyT(func(v GetSubnetworksSubnetwork) string { return v.SelfLink }).(pulumi.StringOutput) +} + +type GetSubnetworksSubnetworkArrayOutput struct{ *pulumi.OutputState } + +func (GetSubnetworksSubnetworkArrayOutput) ElementType() reflect.Type { + return reflect.TypeOf((*[]GetSubnetworksSubnetwork)(nil)).Elem() +} + +func (o GetSubnetworksSubnetworkArrayOutput) ToGetSubnetworksSubnetworkArrayOutput() GetSubnetworksSubnetworkArrayOutput { + return o +} + +func (o GetSubnetworksSubnetworkArrayOutput) ToGetSubnetworksSubnetworkArrayOutputWithContext(ctx context.Context) GetSubnetworksSubnetworkArrayOutput { + return o +} + +func (o GetSubnetworksSubnetworkArrayOutput) Index(i pulumi.IntInput) GetSubnetworksSubnetworkOutput { + return pulumi.All(o, i).ApplyT(func(vs []interface{}) GetSubnetworksSubnetwork { + return vs[0].([]GetSubnetworksSubnetwork)[vs[1].(int)] + }).(GetSubnetworksSubnetworkOutput) +} + func init() { + pulumi.RegisterInputType(reflect.TypeOf((*URLMapPathMatcherPathRuleRouteActionRequestMirrorPolicyInput)(nil)).Elem(), URLMapPathMatcherPathRuleRouteActionRequestMirrorPolicyArgs{}) + pulumi.RegisterInputType(reflect.TypeOf((*URLMapPathMatcherPathRuleRouteActionRequestMirrorPolicyPtrInput)(nil)).Elem(), URLMapPathMatcherPathRuleRouteActionRequestMirrorPolicyArgs{}) + pulumi.RegisterInputType(reflect.TypeOf((*URLMapPathMatcherPathRuleRouteActionRetryPolicyInput)(nil)).Elem(), URLMapPathMatcherPathRuleRouteActionRetryPolicyArgs{}) + pulumi.RegisterInputType(reflect.TypeOf((*URLMapPathMatcherPathRuleRouteActionRetryPolicyPtrInput)(nil)).Elem(), URLMapPathMatcherPathRuleRouteActionRetryPolicyArgs{}) + pulumi.RegisterInputType(reflect.TypeOf((*URLMapPathMatcherPathRuleRouteActionRetryPolicyPerTryTimeoutInput)(nil)).Elem(), URLMapPathMatcherPathRuleRouteActionRetryPolicyPerTryTimeoutArgs{}) + pulumi.RegisterInputType(reflect.TypeOf((*URLMapPathMatcherPathRuleRouteActionRetryPolicyPerTryTimeoutPtrInput)(nil)).Elem(), URLMapPathMatcherPathRuleRouteActionRetryPolicyPerTryTimeoutArgs{}) + pulumi.RegisterInputType(reflect.TypeOf((*URLMapPathMatcherPathRuleRouteActionTimeoutInput)(nil)).Elem(), URLMapPathMatcherPathRuleRouteActionTimeoutArgs{}) + pulumi.RegisterInputType(reflect.TypeOf((*URLMapPathMatcherPathRuleRouteActionTimeoutPtrInput)(nil)).Elem(), URLMapPathMatcherPathRuleRouteActionTimeoutArgs{}) + pulumi.RegisterInputType(reflect.TypeOf((*URLMapPathMatcherPathRuleRouteActionUrlRewriteInput)(nil)).Elem(), URLMapPathMatcherPathRuleRouteActionUrlRewriteArgs{}) + pulumi.RegisterInputType(reflect.TypeOf((*URLMapPathMatcherPathRuleRouteActionUrlRewritePtrInput)(nil)).Elem(), URLMapPathMatcherPathRuleRouteActionUrlRewriteArgs{}) pulumi.RegisterInputType(reflect.TypeOf((*URLMapPathMatcherPathRuleRouteActionWeightedBackendServiceInput)(nil)).Elem(), URLMapPathMatcherPathRuleRouteActionWeightedBackendServiceArgs{}) pulumi.RegisterInputType(reflect.TypeOf((*URLMapPathMatcherPathRuleRouteActionWeightedBackendServiceArrayInput)(nil)).Elem(), URLMapPathMatcherPathRuleRouteActionWeightedBackendServiceArray{}) pulumi.RegisterInputType(reflect.TypeOf((*URLMapPathMatcherPathRuleRouteActionWeightedBackendServiceHeaderActionInput)(nil)).Elem(), URLMapPathMatcherPathRuleRouteActionWeightedBackendServiceHeaderActionArgs{}) @@ -29379,6 +30743,8 @@ func init() { pulumi.RegisterInputType(reflect.TypeOf((*GetInstanceSchedulingMaxRunDurationArrayInput)(nil)).Elem(), GetInstanceSchedulingMaxRunDurationArray{}) pulumi.RegisterInputType(reflect.TypeOf((*GetInstanceSchedulingNodeAffinityInput)(nil)).Elem(), GetInstanceSchedulingNodeAffinityArgs{}) pulumi.RegisterInputType(reflect.TypeOf((*GetInstanceSchedulingNodeAffinityArrayInput)(nil)).Elem(), GetInstanceSchedulingNodeAffinityArray{}) + pulumi.RegisterInputType(reflect.TypeOf((*GetInstanceSchedulingOnInstanceStopActionInput)(nil)).Elem(), GetInstanceSchedulingOnInstanceStopActionArgs{}) + pulumi.RegisterInputType(reflect.TypeOf((*GetInstanceSchedulingOnInstanceStopActionArrayInput)(nil)).Elem(), GetInstanceSchedulingOnInstanceStopActionArray{}) pulumi.RegisterInputType(reflect.TypeOf((*GetInstanceScratchDiskInput)(nil)).Elem(), GetInstanceScratchDiskArgs{}) pulumi.RegisterInputType(reflect.TypeOf((*GetInstanceScratchDiskArrayInput)(nil)).Elem(), GetInstanceScratchDiskArray{}) pulumi.RegisterInputType(reflect.TypeOf((*GetInstanceServiceAccountInput)(nil)).Elem(), GetInstanceServiceAccountArgs{}) @@ -29421,6 +30787,8 @@ func init() { pulumi.RegisterInputType(reflect.TypeOf((*GetInstanceTemplateSchedulingMaxRunDurationArrayInput)(nil)).Elem(), GetInstanceTemplateSchedulingMaxRunDurationArray{}) pulumi.RegisterInputType(reflect.TypeOf((*GetInstanceTemplateSchedulingNodeAffinityInput)(nil)).Elem(), GetInstanceTemplateSchedulingNodeAffinityArgs{}) pulumi.RegisterInputType(reflect.TypeOf((*GetInstanceTemplateSchedulingNodeAffinityArrayInput)(nil)).Elem(), GetInstanceTemplateSchedulingNodeAffinityArray{}) + pulumi.RegisterInputType(reflect.TypeOf((*GetInstanceTemplateSchedulingOnInstanceStopActionInput)(nil)).Elem(), GetInstanceTemplateSchedulingOnInstanceStopActionArgs{}) + pulumi.RegisterInputType(reflect.TypeOf((*GetInstanceTemplateSchedulingOnInstanceStopActionArrayInput)(nil)).Elem(), GetInstanceTemplateSchedulingOnInstanceStopActionArray{}) pulumi.RegisterInputType(reflect.TypeOf((*GetInstanceTemplateServiceAccountInput)(nil)).Elem(), GetInstanceTemplateServiceAccountArgs{}) pulumi.RegisterInputType(reflect.TypeOf((*GetInstanceTemplateServiceAccountArrayInput)(nil)).Elem(), GetInstanceTemplateServiceAccountArray{}) pulumi.RegisterInputType(reflect.TypeOf((*GetInstanceTemplateShieldedInstanceConfigInput)(nil)).Elem(), GetInstanceTemplateShieldedInstanceConfigArgs{}) @@ -29481,6 +30849,8 @@ func init() { pulumi.RegisterInputType(reflect.TypeOf((*GetRegionInstanceTemplateSchedulingMaxRunDurationArrayInput)(nil)).Elem(), GetRegionInstanceTemplateSchedulingMaxRunDurationArray{}) pulumi.RegisterInputType(reflect.TypeOf((*GetRegionInstanceTemplateSchedulingNodeAffinityInput)(nil)).Elem(), GetRegionInstanceTemplateSchedulingNodeAffinityArgs{}) pulumi.RegisterInputType(reflect.TypeOf((*GetRegionInstanceTemplateSchedulingNodeAffinityArrayInput)(nil)).Elem(), GetRegionInstanceTemplateSchedulingNodeAffinityArray{}) + pulumi.RegisterInputType(reflect.TypeOf((*GetRegionInstanceTemplateSchedulingOnInstanceStopActionInput)(nil)).Elem(), GetRegionInstanceTemplateSchedulingOnInstanceStopActionArgs{}) + pulumi.RegisterInputType(reflect.TypeOf((*GetRegionInstanceTemplateSchedulingOnInstanceStopActionArrayInput)(nil)).Elem(), GetRegionInstanceTemplateSchedulingOnInstanceStopActionArray{}) pulumi.RegisterInputType(reflect.TypeOf((*GetRegionInstanceTemplateServiceAccountInput)(nil)).Elem(), GetRegionInstanceTemplateServiceAccountArgs{}) pulumi.RegisterInputType(reflect.TypeOf((*GetRegionInstanceTemplateServiceAccountArrayInput)(nil)).Elem(), GetRegionInstanceTemplateServiceAccountArray{}) pulumi.RegisterInputType(reflect.TypeOf((*GetRegionInstanceTemplateShieldedInstanceConfigInput)(nil)).Elem(), GetRegionInstanceTemplateShieldedInstanceConfigArgs{}) @@ -29553,6 +30923,18 @@ func init() { pulumi.RegisterInputType(reflect.TypeOf((*GetSnapshotSourceDiskEncryptionKeyArrayInput)(nil)).Elem(), GetSnapshotSourceDiskEncryptionKeyArray{}) pulumi.RegisterInputType(reflect.TypeOf((*GetSubnetworkSecondaryIpRangeInput)(nil)).Elem(), GetSubnetworkSecondaryIpRangeArgs{}) pulumi.RegisterInputType(reflect.TypeOf((*GetSubnetworkSecondaryIpRangeArrayInput)(nil)).Elem(), GetSubnetworkSecondaryIpRangeArray{}) + pulumi.RegisterInputType(reflect.TypeOf((*GetSubnetworksSubnetworkInput)(nil)).Elem(), GetSubnetworksSubnetworkArgs{}) + pulumi.RegisterInputType(reflect.TypeOf((*GetSubnetworksSubnetworkArrayInput)(nil)).Elem(), GetSubnetworksSubnetworkArray{}) + pulumi.RegisterOutputType(URLMapPathMatcherPathRuleRouteActionRequestMirrorPolicyOutput{}) + pulumi.RegisterOutputType(URLMapPathMatcherPathRuleRouteActionRequestMirrorPolicyPtrOutput{}) + pulumi.RegisterOutputType(URLMapPathMatcherPathRuleRouteActionRetryPolicyOutput{}) + pulumi.RegisterOutputType(URLMapPathMatcherPathRuleRouteActionRetryPolicyPtrOutput{}) + pulumi.RegisterOutputType(URLMapPathMatcherPathRuleRouteActionRetryPolicyPerTryTimeoutOutput{}) + pulumi.RegisterOutputType(URLMapPathMatcherPathRuleRouteActionRetryPolicyPerTryTimeoutPtrOutput{}) + pulumi.RegisterOutputType(URLMapPathMatcherPathRuleRouteActionTimeoutOutput{}) + pulumi.RegisterOutputType(URLMapPathMatcherPathRuleRouteActionTimeoutPtrOutput{}) + pulumi.RegisterOutputType(URLMapPathMatcherPathRuleRouteActionUrlRewriteOutput{}) + pulumi.RegisterOutputType(URLMapPathMatcherPathRuleRouteActionUrlRewritePtrOutput{}) pulumi.RegisterOutputType(URLMapPathMatcherPathRuleRouteActionWeightedBackendServiceOutput{}) pulumi.RegisterOutputType(URLMapPathMatcherPathRuleRouteActionWeightedBackendServiceArrayOutput{}) pulumi.RegisterOutputType(URLMapPathMatcherPathRuleRouteActionWeightedBackendServiceHeaderActionOutput{}) @@ -29773,6 +31155,8 @@ func init() { pulumi.RegisterOutputType(GetInstanceSchedulingMaxRunDurationArrayOutput{}) pulumi.RegisterOutputType(GetInstanceSchedulingNodeAffinityOutput{}) pulumi.RegisterOutputType(GetInstanceSchedulingNodeAffinityArrayOutput{}) + pulumi.RegisterOutputType(GetInstanceSchedulingOnInstanceStopActionOutput{}) + pulumi.RegisterOutputType(GetInstanceSchedulingOnInstanceStopActionArrayOutput{}) pulumi.RegisterOutputType(GetInstanceScratchDiskOutput{}) pulumi.RegisterOutputType(GetInstanceScratchDiskArrayOutput{}) pulumi.RegisterOutputType(GetInstanceServiceAccountOutput{}) @@ -29815,6 +31199,8 @@ func init() { pulumi.RegisterOutputType(GetInstanceTemplateSchedulingMaxRunDurationArrayOutput{}) pulumi.RegisterOutputType(GetInstanceTemplateSchedulingNodeAffinityOutput{}) pulumi.RegisterOutputType(GetInstanceTemplateSchedulingNodeAffinityArrayOutput{}) + pulumi.RegisterOutputType(GetInstanceTemplateSchedulingOnInstanceStopActionOutput{}) + pulumi.RegisterOutputType(GetInstanceTemplateSchedulingOnInstanceStopActionArrayOutput{}) pulumi.RegisterOutputType(GetInstanceTemplateServiceAccountOutput{}) pulumi.RegisterOutputType(GetInstanceTemplateServiceAccountArrayOutput{}) pulumi.RegisterOutputType(GetInstanceTemplateShieldedInstanceConfigOutput{}) @@ -29875,6 +31261,8 @@ func init() { pulumi.RegisterOutputType(GetRegionInstanceTemplateSchedulingMaxRunDurationArrayOutput{}) pulumi.RegisterOutputType(GetRegionInstanceTemplateSchedulingNodeAffinityOutput{}) pulumi.RegisterOutputType(GetRegionInstanceTemplateSchedulingNodeAffinityArrayOutput{}) + pulumi.RegisterOutputType(GetRegionInstanceTemplateSchedulingOnInstanceStopActionOutput{}) + pulumi.RegisterOutputType(GetRegionInstanceTemplateSchedulingOnInstanceStopActionArrayOutput{}) pulumi.RegisterOutputType(GetRegionInstanceTemplateServiceAccountOutput{}) pulumi.RegisterOutputType(GetRegionInstanceTemplateServiceAccountArrayOutput{}) pulumi.RegisterOutputType(GetRegionInstanceTemplateShieldedInstanceConfigOutput{}) @@ -29947,4 +31335,6 @@ func init() { pulumi.RegisterOutputType(GetSnapshotSourceDiskEncryptionKeyArrayOutput{}) pulumi.RegisterOutputType(GetSubnetworkSecondaryIpRangeOutput{}) pulumi.RegisterOutputType(GetSubnetworkSecondaryIpRangeArrayOutput{}) + pulumi.RegisterOutputType(GetSubnetworksSubnetworkOutput{}) + pulumi.RegisterOutputType(GetSubnetworksSubnetworkArrayOutput{}) } diff --git a/sdk/go/gcp/compute/regionSslPolicy.go b/sdk/go/gcp/compute/regionSslPolicy.go index 6e01654170..8b558b33b4 100644 --- a/sdk/go/gcp/compute/regionSslPolicy.go +++ b/sdk/go/gcp/compute/regionSslPolicy.go @@ -7,7 +7,6 @@ import ( "context" "reflect" - "errors" "github.com/pulumi/pulumi-gcp/sdk/v7/go/gcp/internal" "github.com/pulumi/pulumi/sdk/v3/go/pulumi" ) @@ -82,6 +81,8 @@ type RegionSslPolicy struct { // first character must be a lowercase letter, and all following // characters must be a dash, lowercase letter, or digit, except the last // character, which cannot be a dash. + // + // *** Name pulumi.StringOutput `pulumi:"name"` // Profile specifies the set of SSL features that can be used by the // load balancer when negotiating SSL with clients. If using `CUSTOM`, @@ -97,8 +98,6 @@ type RegionSslPolicy struct { // If it is not provided, the provider project is used. Project pulumi.StringOutput `pulumi:"project"` // The region where the regional SSL policy resides. - // - // *** Region pulumi.StringOutput `pulumi:"region"` // The URI of the created resource. SelfLink pulumi.StringOutput `pulumi:"selfLink"` @@ -108,12 +107,9 @@ type RegionSslPolicy struct { func NewRegionSslPolicy(ctx *pulumi.Context, name string, args *RegionSslPolicyArgs, opts ...pulumi.ResourceOption) (*RegionSslPolicy, error) { if args == nil { - return nil, errors.New("missing one or more required arguments") + args = &RegionSslPolicyArgs{} } - if args.Region == nil { - return nil, errors.New("invalid value for required argument 'Region'") - } opts = internal.PkgResourceDefaultOpts(opts) var resource RegionSslPolicy err := ctx.RegisterResource("gcp:compute/regionSslPolicy:RegionSslPolicy", name, args, &resource, opts...) @@ -166,6 +162,8 @@ type regionSslPolicyState struct { // first character must be a lowercase letter, and all following // characters must be a dash, lowercase letter, or digit, except the last // character, which cannot be a dash. + // + // *** Name *string `pulumi:"name"` // Profile specifies the set of SSL features that can be used by the // load balancer when negotiating SSL with clients. If using `CUSTOM`, @@ -181,8 +179,6 @@ type regionSslPolicyState struct { // If it is not provided, the provider project is used. Project *string `pulumi:"project"` // The region where the regional SSL policy resides. - // - // *** Region *string `pulumi:"region"` // The URI of the created resource. SelfLink *string `pulumi:"selfLink"` @@ -218,6 +214,8 @@ type RegionSslPolicyState struct { // first character must be a lowercase letter, and all following // characters must be a dash, lowercase letter, or digit, except the last // character, which cannot be a dash. + // + // *** Name pulumi.StringPtrInput // Profile specifies the set of SSL features that can be used by the // load balancer when negotiating SSL with clients. If using `CUSTOM`, @@ -233,8 +231,6 @@ type RegionSslPolicyState struct { // If it is not provided, the provider project is used. Project pulumi.StringPtrInput // The region where the regional SSL policy resides. - // - // *** Region pulumi.StringPtrInput // The URI of the created resource. SelfLink pulumi.StringPtrInput @@ -267,6 +263,8 @@ type regionSslPolicyArgs struct { // first character must be a lowercase letter, and all following // characters must be a dash, lowercase letter, or digit, except the last // character, which cannot be a dash. + // + // *** Name *string `pulumi:"name"` // Profile specifies the set of SSL features that can be used by the // load balancer when negotiating SSL with clients. If using `CUSTOM`, @@ -282,9 +280,7 @@ type regionSslPolicyArgs struct { // If it is not provided, the provider project is used. Project *string `pulumi:"project"` // The region where the regional SSL policy resides. - // - // *** - Region string `pulumi:"region"` + Region *string `pulumi:"region"` } // The set of arguments for constructing a RegionSslPolicy resource. @@ -311,6 +307,8 @@ type RegionSslPolicyArgs struct { // first character must be a lowercase letter, and all following // characters must be a dash, lowercase letter, or digit, except the last // character, which cannot be a dash. + // + // *** Name pulumi.StringPtrInput // Profile specifies the set of SSL features that can be used by the // load balancer when negotiating SSL with clients. If using `CUSTOM`, @@ -326,9 +324,7 @@ type RegionSslPolicyArgs struct { // If it is not provided, the provider project is used. Project pulumi.StringPtrInput // The region where the regional SSL policy resides. - // - // *** - Region pulumi.StringInput + Region pulumi.StringPtrInput } func (RegionSslPolicyArgs) ElementType() reflect.Type { @@ -465,6 +461,8 @@ func (o RegionSslPolicyOutput) MinTlsVersion() pulumi.StringPtrOutput { // first character must be a lowercase letter, and all following // characters must be a dash, lowercase letter, or digit, except the last // character, which cannot be a dash. +// +// *** func (o RegionSslPolicyOutput) Name() pulumi.StringOutput { return o.ApplyT(func(v *RegionSslPolicy) pulumi.StringOutput { return v.Name }).(pulumi.StringOutput) } @@ -489,8 +487,6 @@ func (o RegionSslPolicyOutput) Project() pulumi.StringOutput { } // The region where the regional SSL policy resides. -// -// *** func (o RegionSslPolicyOutput) Region() pulumi.StringOutput { return o.ApplyT(func(v *RegionSslPolicy) pulumi.StringOutput { return v.Region }).(pulumi.StringOutput) } diff --git a/sdk/go/gcp/compute/securityPolicyRule.go b/sdk/go/gcp/compute/securityPolicyRule.go index c28c978bf8..49fbfa5bfb 100644 --- a/sdk/go/gcp/compute/securityPolicyRule.go +++ b/sdk/go/gcp/compute/securityPolicyRule.go @@ -252,6 +252,9 @@ type SecurityPolicyRule struct { // The ID of the project in which the resource belongs. // If it is not provided, the provider project is used. Project pulumi.StringOutput `pulumi:"project"` + // Must be specified if the action is "rateBasedBan" or "throttle". Cannot be specified for any other actions. + // Structure is documented below. + RateLimitOptions SecurityPolicyRuleRateLimitOptionsPtrOutput `pulumi:"rateLimitOptions"` // The name of the security policy this rule belongs to. // // *** @@ -323,6 +326,9 @@ type securityPolicyRuleState struct { // The ID of the project in which the resource belongs. // If it is not provided, the provider project is used. Project *string `pulumi:"project"` + // Must be specified if the action is "rateBasedBan" or "throttle". Cannot be specified for any other actions. + // Structure is documented below. + RateLimitOptions *SecurityPolicyRuleRateLimitOptions `pulumi:"rateLimitOptions"` // The name of the security policy this rule belongs to. // // *** @@ -356,6 +362,9 @@ type SecurityPolicyRuleState struct { // The ID of the project in which the resource belongs. // If it is not provided, the provider project is used. Project pulumi.StringPtrInput + // Must be specified if the action is "rateBasedBan" or "throttle". Cannot be specified for any other actions. + // Structure is documented below. + RateLimitOptions SecurityPolicyRuleRateLimitOptionsPtrInput // The name of the security policy this rule belongs to. // // *** @@ -393,6 +402,9 @@ type securityPolicyRuleArgs struct { // The ID of the project in which the resource belongs. // If it is not provided, the provider project is used. Project *string `pulumi:"project"` + // Must be specified if the action is "rateBasedBan" or "throttle". Cannot be specified for any other actions. + // Structure is documented below. + RateLimitOptions *SecurityPolicyRuleRateLimitOptions `pulumi:"rateLimitOptions"` // The name of the security policy this rule belongs to. // // *** @@ -427,6 +439,9 @@ type SecurityPolicyRuleArgs struct { // The ID of the project in which the resource belongs. // If it is not provided, the provider project is used. Project pulumi.StringPtrInput + // Must be specified if the action is "rateBasedBan" or "throttle". Cannot be specified for any other actions. + // Structure is documented below. + RateLimitOptions SecurityPolicyRuleRateLimitOptionsPtrInput // The name of the security policy this rule belongs to. // // *** @@ -569,6 +584,12 @@ func (o SecurityPolicyRuleOutput) Project() pulumi.StringOutput { return o.ApplyT(func(v *SecurityPolicyRule) pulumi.StringOutput { return v.Project }).(pulumi.StringOutput) } +// Must be specified if the action is "rateBasedBan" or "throttle". Cannot be specified for any other actions. +// Structure is documented below. +func (o SecurityPolicyRuleOutput) RateLimitOptions() SecurityPolicyRuleRateLimitOptionsPtrOutput { + return o.ApplyT(func(v *SecurityPolicyRule) SecurityPolicyRuleRateLimitOptionsPtrOutput { return v.RateLimitOptions }).(SecurityPolicyRuleRateLimitOptionsPtrOutput) +} + // The name of the security policy this rule belongs to. // // *** diff --git a/sdk/go/gcp/container/pulumiTypes.go b/sdk/go/gcp/container/pulumiTypes.go index 9d65f4cb53..709176facc 100644 --- a/sdk/go/gcp/container/pulumiTypes.go +++ b/sdk/go/gcp/container/pulumiTypes.go @@ -19224,6 +19224,8 @@ type ClusterNodeConfig struct { BootDiskKmsKey *string `pulumi:"bootDiskKmsKey"` // Configuration for [Confidential Nodes](https://cloud.google.com/kubernetes-engine/docs/how-to/confidential-gke-nodes) feature. Structure is documented below documented below. ConfidentialNodes *ClusterNodeConfigConfidentialNodes `pulumi:"confidentialNodes"` + // Parameters to customize containerd runtime. Structure is documented below. + ContainerdConfig *ClusterNodeConfigContainerdConfig `pulumi:"containerdConfig"` // Size of the disk attached to each node, specified // in GB. The smallest allowed disk size is 10GB. Defaults to 100GB. DiskSizeGb *int `pulumi:"diskSizeGb"` @@ -19365,6 +19367,8 @@ type ClusterNodeConfigArgs struct { BootDiskKmsKey pulumi.StringPtrInput `pulumi:"bootDiskKmsKey"` // Configuration for [Confidential Nodes](https://cloud.google.com/kubernetes-engine/docs/how-to/confidential-gke-nodes) feature. Structure is documented below documented below. ConfidentialNodes ClusterNodeConfigConfidentialNodesPtrInput `pulumi:"confidentialNodes"` + // Parameters to customize containerd runtime. Structure is documented below. + ContainerdConfig ClusterNodeConfigContainerdConfigPtrInput `pulumi:"containerdConfig"` // Size of the disk attached to each node, specified // in GB. The smallest allowed disk size is 10GB. Defaults to 100GB. DiskSizeGb pulumi.IntPtrInput `pulumi:"diskSizeGb"` @@ -19580,6 +19584,11 @@ func (o ClusterNodeConfigOutput) ConfidentialNodes() ClusterNodeConfigConfidenti return o.ApplyT(func(v ClusterNodeConfig) *ClusterNodeConfigConfidentialNodes { return v.ConfidentialNodes }).(ClusterNodeConfigConfidentialNodesPtrOutput) } +// Parameters to customize containerd runtime. Structure is documented below. +func (o ClusterNodeConfigOutput) ContainerdConfig() ClusterNodeConfigContainerdConfigPtrOutput { + return o.ApplyT(func(v ClusterNodeConfig) *ClusterNodeConfigContainerdConfig { return v.ContainerdConfig }).(ClusterNodeConfigContainerdConfigPtrOutput) +} + // Size of the disk attached to each node, specified // in GB. The smallest allowed disk size is 10GB. Defaults to 100GB. func (o ClusterNodeConfigOutput) DiskSizeGb() pulumi.IntPtrOutput { @@ -19865,6 +19874,16 @@ func (o ClusterNodeConfigPtrOutput) ConfidentialNodes() ClusterNodeConfigConfide }).(ClusterNodeConfigConfidentialNodesPtrOutput) } +// Parameters to customize containerd runtime. Structure is documented below. +func (o ClusterNodeConfigPtrOutput) ContainerdConfig() ClusterNodeConfigContainerdConfigPtrOutput { + return o.ApplyT(func(v *ClusterNodeConfig) *ClusterNodeConfigContainerdConfig { + if v == nil { + return nil + } + return v.ContainerdConfig + }).(ClusterNodeConfigContainerdConfigPtrOutput) +} + // Size of the disk attached to each node, specified // in GB. The smallest allowed disk size is 10GB. Defaults to 100GB. func (o ClusterNodeConfigPtrOutput) DiskSizeGb() pulumi.IntPtrOutput { @@ -20570,6 +20589,467 @@ func (o ClusterNodeConfigConfidentialNodesPtrOutput) Enabled() pulumi.BoolPtrOut }).(pulumi.BoolPtrOutput) } +type ClusterNodeConfigContainerdConfig struct { + // Configuration for private container registries. There are two fields in this config: + PrivateRegistryAccessConfig *ClusterNodeConfigContainerdConfigPrivateRegistryAccessConfig `pulumi:"privateRegistryAccessConfig"` +} + +// ClusterNodeConfigContainerdConfigInput is an input type that accepts ClusterNodeConfigContainerdConfigArgs and ClusterNodeConfigContainerdConfigOutput values. +// You can construct a concrete instance of `ClusterNodeConfigContainerdConfigInput` via: +// +// ClusterNodeConfigContainerdConfigArgs{...} +type ClusterNodeConfigContainerdConfigInput interface { + pulumi.Input + + ToClusterNodeConfigContainerdConfigOutput() ClusterNodeConfigContainerdConfigOutput + ToClusterNodeConfigContainerdConfigOutputWithContext(context.Context) ClusterNodeConfigContainerdConfigOutput +} + +type ClusterNodeConfigContainerdConfigArgs struct { + // Configuration for private container registries. There are two fields in this config: + PrivateRegistryAccessConfig ClusterNodeConfigContainerdConfigPrivateRegistryAccessConfigPtrInput `pulumi:"privateRegistryAccessConfig"` +} + +func (ClusterNodeConfigContainerdConfigArgs) ElementType() reflect.Type { + return reflect.TypeOf((*ClusterNodeConfigContainerdConfig)(nil)).Elem() +} + +func (i ClusterNodeConfigContainerdConfigArgs) ToClusterNodeConfigContainerdConfigOutput() ClusterNodeConfigContainerdConfigOutput { + return i.ToClusterNodeConfigContainerdConfigOutputWithContext(context.Background()) +} + +func (i ClusterNodeConfigContainerdConfigArgs) ToClusterNodeConfigContainerdConfigOutputWithContext(ctx context.Context) ClusterNodeConfigContainerdConfigOutput { + return pulumi.ToOutputWithContext(ctx, i).(ClusterNodeConfigContainerdConfigOutput) +} + +func (i ClusterNodeConfigContainerdConfigArgs) ToClusterNodeConfigContainerdConfigPtrOutput() ClusterNodeConfigContainerdConfigPtrOutput { + return i.ToClusterNodeConfigContainerdConfigPtrOutputWithContext(context.Background()) +} + +func (i ClusterNodeConfigContainerdConfigArgs) ToClusterNodeConfigContainerdConfigPtrOutputWithContext(ctx context.Context) ClusterNodeConfigContainerdConfigPtrOutput { + return pulumi.ToOutputWithContext(ctx, i).(ClusterNodeConfigContainerdConfigOutput).ToClusterNodeConfigContainerdConfigPtrOutputWithContext(ctx) +} + +// ClusterNodeConfigContainerdConfigPtrInput is an input type that accepts ClusterNodeConfigContainerdConfigArgs, ClusterNodeConfigContainerdConfigPtr and ClusterNodeConfigContainerdConfigPtrOutput values. +// You can construct a concrete instance of `ClusterNodeConfigContainerdConfigPtrInput` via: +// +// ClusterNodeConfigContainerdConfigArgs{...} +// +// or: +// +// nil +type ClusterNodeConfigContainerdConfigPtrInput interface { + pulumi.Input + + ToClusterNodeConfigContainerdConfigPtrOutput() ClusterNodeConfigContainerdConfigPtrOutput + ToClusterNodeConfigContainerdConfigPtrOutputWithContext(context.Context) ClusterNodeConfigContainerdConfigPtrOutput +} + +type clusterNodeConfigContainerdConfigPtrType ClusterNodeConfigContainerdConfigArgs + +func ClusterNodeConfigContainerdConfigPtr(v *ClusterNodeConfigContainerdConfigArgs) ClusterNodeConfigContainerdConfigPtrInput { + return (*clusterNodeConfigContainerdConfigPtrType)(v) +} + +func (*clusterNodeConfigContainerdConfigPtrType) ElementType() reflect.Type { + return reflect.TypeOf((**ClusterNodeConfigContainerdConfig)(nil)).Elem() +} + +func (i *clusterNodeConfigContainerdConfigPtrType) ToClusterNodeConfigContainerdConfigPtrOutput() ClusterNodeConfigContainerdConfigPtrOutput { + return i.ToClusterNodeConfigContainerdConfigPtrOutputWithContext(context.Background()) +} + +func (i *clusterNodeConfigContainerdConfigPtrType) ToClusterNodeConfigContainerdConfigPtrOutputWithContext(ctx context.Context) ClusterNodeConfigContainerdConfigPtrOutput { + return pulumi.ToOutputWithContext(ctx, i).(ClusterNodeConfigContainerdConfigPtrOutput) +} + +type ClusterNodeConfigContainerdConfigOutput struct{ *pulumi.OutputState } + +func (ClusterNodeConfigContainerdConfigOutput) ElementType() reflect.Type { + return reflect.TypeOf((*ClusterNodeConfigContainerdConfig)(nil)).Elem() +} + +func (o ClusterNodeConfigContainerdConfigOutput) ToClusterNodeConfigContainerdConfigOutput() ClusterNodeConfigContainerdConfigOutput { + return o +} + +func (o ClusterNodeConfigContainerdConfigOutput) ToClusterNodeConfigContainerdConfigOutputWithContext(ctx context.Context) ClusterNodeConfigContainerdConfigOutput { + return o +} + +func (o ClusterNodeConfigContainerdConfigOutput) ToClusterNodeConfigContainerdConfigPtrOutput() ClusterNodeConfigContainerdConfigPtrOutput { + return o.ToClusterNodeConfigContainerdConfigPtrOutputWithContext(context.Background()) +} + +func (o ClusterNodeConfigContainerdConfigOutput) ToClusterNodeConfigContainerdConfigPtrOutputWithContext(ctx context.Context) ClusterNodeConfigContainerdConfigPtrOutput { + return o.ApplyTWithContext(ctx, func(_ context.Context, v ClusterNodeConfigContainerdConfig) *ClusterNodeConfigContainerdConfig { + return &v + }).(ClusterNodeConfigContainerdConfigPtrOutput) +} + +// Configuration for private container registries. There are two fields in this config: +func (o ClusterNodeConfigContainerdConfigOutput) PrivateRegistryAccessConfig() ClusterNodeConfigContainerdConfigPrivateRegistryAccessConfigPtrOutput { + return o.ApplyT(func(v ClusterNodeConfigContainerdConfig) *ClusterNodeConfigContainerdConfigPrivateRegistryAccessConfig { + return v.PrivateRegistryAccessConfig + }).(ClusterNodeConfigContainerdConfigPrivateRegistryAccessConfigPtrOutput) +} + +type ClusterNodeConfigContainerdConfigPtrOutput struct{ *pulumi.OutputState } + +func (ClusterNodeConfigContainerdConfigPtrOutput) ElementType() reflect.Type { + return reflect.TypeOf((**ClusterNodeConfigContainerdConfig)(nil)).Elem() +} + +func (o ClusterNodeConfigContainerdConfigPtrOutput) ToClusterNodeConfigContainerdConfigPtrOutput() ClusterNodeConfigContainerdConfigPtrOutput { + return o +} + +func (o ClusterNodeConfigContainerdConfigPtrOutput) ToClusterNodeConfigContainerdConfigPtrOutputWithContext(ctx context.Context) ClusterNodeConfigContainerdConfigPtrOutput { + return o +} + +func (o ClusterNodeConfigContainerdConfigPtrOutput) Elem() ClusterNodeConfigContainerdConfigOutput { + return o.ApplyT(func(v *ClusterNodeConfigContainerdConfig) ClusterNodeConfigContainerdConfig { + if v != nil { + return *v + } + var ret ClusterNodeConfigContainerdConfig + return ret + }).(ClusterNodeConfigContainerdConfigOutput) +} + +// Configuration for private container registries. There are two fields in this config: +func (o ClusterNodeConfigContainerdConfigPtrOutput) PrivateRegistryAccessConfig() ClusterNodeConfigContainerdConfigPrivateRegistryAccessConfigPtrOutput { + return o.ApplyT(func(v *ClusterNodeConfigContainerdConfig) *ClusterNodeConfigContainerdConfigPrivateRegistryAccessConfig { + if v == nil { + return nil + } + return v.PrivateRegistryAccessConfig + }).(ClusterNodeConfigContainerdConfigPrivateRegistryAccessConfigPtrOutput) +} + +type ClusterNodeConfigContainerdConfigPrivateRegistryAccessConfig struct { + // List of configuration objects for CA and domains. Each object identifies a certificate and its assigned domains. See [how to configure for private container registries](https://cloud.google.com/kubernetes-engine/docs/how-to/access-private-registries-private-certificates) for more detail. Example: + CertificateAuthorityDomainConfigs []ClusterNodeConfigContainerdConfigPrivateRegistryAccessConfigCertificateAuthorityDomainConfig `pulumi:"certificateAuthorityDomainConfigs"` + // Enables private registry config. If set to false, all other fields in this object must not be set. + Enabled bool `pulumi:"enabled"` +} + +// ClusterNodeConfigContainerdConfigPrivateRegistryAccessConfigInput is an input type that accepts ClusterNodeConfigContainerdConfigPrivateRegistryAccessConfigArgs and ClusterNodeConfigContainerdConfigPrivateRegistryAccessConfigOutput values. +// You can construct a concrete instance of `ClusterNodeConfigContainerdConfigPrivateRegistryAccessConfigInput` via: +// +// ClusterNodeConfigContainerdConfigPrivateRegistryAccessConfigArgs{...} +type ClusterNodeConfigContainerdConfigPrivateRegistryAccessConfigInput interface { + pulumi.Input + + ToClusterNodeConfigContainerdConfigPrivateRegistryAccessConfigOutput() ClusterNodeConfigContainerdConfigPrivateRegistryAccessConfigOutput + ToClusterNodeConfigContainerdConfigPrivateRegistryAccessConfigOutputWithContext(context.Context) ClusterNodeConfigContainerdConfigPrivateRegistryAccessConfigOutput +} + +type ClusterNodeConfigContainerdConfigPrivateRegistryAccessConfigArgs struct { + // List of configuration objects for CA and domains. Each object identifies a certificate and its assigned domains. See [how to configure for private container registries](https://cloud.google.com/kubernetes-engine/docs/how-to/access-private-registries-private-certificates) for more detail. Example: + CertificateAuthorityDomainConfigs ClusterNodeConfigContainerdConfigPrivateRegistryAccessConfigCertificateAuthorityDomainConfigArrayInput `pulumi:"certificateAuthorityDomainConfigs"` + // Enables private registry config. If set to false, all other fields in this object must not be set. + Enabled pulumi.BoolInput `pulumi:"enabled"` +} + +func (ClusterNodeConfigContainerdConfigPrivateRegistryAccessConfigArgs) ElementType() reflect.Type { + return reflect.TypeOf((*ClusterNodeConfigContainerdConfigPrivateRegistryAccessConfig)(nil)).Elem() +} + +func (i ClusterNodeConfigContainerdConfigPrivateRegistryAccessConfigArgs) ToClusterNodeConfigContainerdConfigPrivateRegistryAccessConfigOutput() ClusterNodeConfigContainerdConfigPrivateRegistryAccessConfigOutput { + return i.ToClusterNodeConfigContainerdConfigPrivateRegistryAccessConfigOutputWithContext(context.Background()) +} + +func (i ClusterNodeConfigContainerdConfigPrivateRegistryAccessConfigArgs) ToClusterNodeConfigContainerdConfigPrivateRegistryAccessConfigOutputWithContext(ctx context.Context) ClusterNodeConfigContainerdConfigPrivateRegistryAccessConfigOutput { + return pulumi.ToOutputWithContext(ctx, i).(ClusterNodeConfigContainerdConfigPrivateRegistryAccessConfigOutput) +} + +func (i ClusterNodeConfigContainerdConfigPrivateRegistryAccessConfigArgs) ToClusterNodeConfigContainerdConfigPrivateRegistryAccessConfigPtrOutput() ClusterNodeConfigContainerdConfigPrivateRegistryAccessConfigPtrOutput { + return i.ToClusterNodeConfigContainerdConfigPrivateRegistryAccessConfigPtrOutputWithContext(context.Background()) +} + +func (i ClusterNodeConfigContainerdConfigPrivateRegistryAccessConfigArgs) ToClusterNodeConfigContainerdConfigPrivateRegistryAccessConfigPtrOutputWithContext(ctx context.Context) ClusterNodeConfigContainerdConfigPrivateRegistryAccessConfigPtrOutput { + return pulumi.ToOutputWithContext(ctx, i).(ClusterNodeConfigContainerdConfigPrivateRegistryAccessConfigOutput).ToClusterNodeConfigContainerdConfigPrivateRegistryAccessConfigPtrOutputWithContext(ctx) +} + +// ClusterNodeConfigContainerdConfigPrivateRegistryAccessConfigPtrInput is an input type that accepts ClusterNodeConfigContainerdConfigPrivateRegistryAccessConfigArgs, ClusterNodeConfigContainerdConfigPrivateRegistryAccessConfigPtr and ClusterNodeConfigContainerdConfigPrivateRegistryAccessConfigPtrOutput values. +// You can construct a concrete instance of `ClusterNodeConfigContainerdConfigPrivateRegistryAccessConfigPtrInput` via: +// +// ClusterNodeConfigContainerdConfigPrivateRegistryAccessConfigArgs{...} +// +// or: +// +// nil +type ClusterNodeConfigContainerdConfigPrivateRegistryAccessConfigPtrInput interface { + pulumi.Input + + ToClusterNodeConfigContainerdConfigPrivateRegistryAccessConfigPtrOutput() ClusterNodeConfigContainerdConfigPrivateRegistryAccessConfigPtrOutput + ToClusterNodeConfigContainerdConfigPrivateRegistryAccessConfigPtrOutputWithContext(context.Context) ClusterNodeConfigContainerdConfigPrivateRegistryAccessConfigPtrOutput +} + +type clusterNodeConfigContainerdConfigPrivateRegistryAccessConfigPtrType ClusterNodeConfigContainerdConfigPrivateRegistryAccessConfigArgs + +func ClusterNodeConfigContainerdConfigPrivateRegistryAccessConfigPtr(v *ClusterNodeConfigContainerdConfigPrivateRegistryAccessConfigArgs) ClusterNodeConfigContainerdConfigPrivateRegistryAccessConfigPtrInput { + return (*clusterNodeConfigContainerdConfigPrivateRegistryAccessConfigPtrType)(v) +} + +func (*clusterNodeConfigContainerdConfigPrivateRegistryAccessConfigPtrType) ElementType() reflect.Type { + return reflect.TypeOf((**ClusterNodeConfigContainerdConfigPrivateRegistryAccessConfig)(nil)).Elem() +} + +func (i *clusterNodeConfigContainerdConfigPrivateRegistryAccessConfigPtrType) ToClusterNodeConfigContainerdConfigPrivateRegistryAccessConfigPtrOutput() ClusterNodeConfigContainerdConfigPrivateRegistryAccessConfigPtrOutput { + return i.ToClusterNodeConfigContainerdConfigPrivateRegistryAccessConfigPtrOutputWithContext(context.Background()) +} + +func (i *clusterNodeConfigContainerdConfigPrivateRegistryAccessConfigPtrType) ToClusterNodeConfigContainerdConfigPrivateRegistryAccessConfigPtrOutputWithContext(ctx context.Context) ClusterNodeConfigContainerdConfigPrivateRegistryAccessConfigPtrOutput { + return pulumi.ToOutputWithContext(ctx, i).(ClusterNodeConfigContainerdConfigPrivateRegistryAccessConfigPtrOutput) +} + +type ClusterNodeConfigContainerdConfigPrivateRegistryAccessConfigOutput struct{ *pulumi.OutputState } + +func (ClusterNodeConfigContainerdConfigPrivateRegistryAccessConfigOutput) ElementType() reflect.Type { + return reflect.TypeOf((*ClusterNodeConfigContainerdConfigPrivateRegistryAccessConfig)(nil)).Elem() +} + +func (o ClusterNodeConfigContainerdConfigPrivateRegistryAccessConfigOutput) ToClusterNodeConfigContainerdConfigPrivateRegistryAccessConfigOutput() ClusterNodeConfigContainerdConfigPrivateRegistryAccessConfigOutput { + return o +} + +func (o ClusterNodeConfigContainerdConfigPrivateRegistryAccessConfigOutput) ToClusterNodeConfigContainerdConfigPrivateRegistryAccessConfigOutputWithContext(ctx context.Context) ClusterNodeConfigContainerdConfigPrivateRegistryAccessConfigOutput { + return o +} + +func (o ClusterNodeConfigContainerdConfigPrivateRegistryAccessConfigOutput) ToClusterNodeConfigContainerdConfigPrivateRegistryAccessConfigPtrOutput() ClusterNodeConfigContainerdConfigPrivateRegistryAccessConfigPtrOutput { + return o.ToClusterNodeConfigContainerdConfigPrivateRegistryAccessConfigPtrOutputWithContext(context.Background()) +} + +func (o ClusterNodeConfigContainerdConfigPrivateRegistryAccessConfigOutput) ToClusterNodeConfigContainerdConfigPrivateRegistryAccessConfigPtrOutputWithContext(ctx context.Context) ClusterNodeConfigContainerdConfigPrivateRegistryAccessConfigPtrOutput { + return o.ApplyTWithContext(ctx, func(_ context.Context, v ClusterNodeConfigContainerdConfigPrivateRegistryAccessConfig) *ClusterNodeConfigContainerdConfigPrivateRegistryAccessConfig { + return &v + }).(ClusterNodeConfigContainerdConfigPrivateRegistryAccessConfigPtrOutput) +} + +// List of configuration objects for CA and domains. Each object identifies a certificate and its assigned domains. See [how to configure for private container registries](https://cloud.google.com/kubernetes-engine/docs/how-to/access-private-registries-private-certificates) for more detail. Example: +func (o ClusterNodeConfigContainerdConfigPrivateRegistryAccessConfigOutput) CertificateAuthorityDomainConfigs() ClusterNodeConfigContainerdConfigPrivateRegistryAccessConfigCertificateAuthorityDomainConfigArrayOutput { + return o.ApplyT(func(v ClusterNodeConfigContainerdConfigPrivateRegistryAccessConfig) []ClusterNodeConfigContainerdConfigPrivateRegistryAccessConfigCertificateAuthorityDomainConfig { + return v.CertificateAuthorityDomainConfigs + }).(ClusterNodeConfigContainerdConfigPrivateRegistryAccessConfigCertificateAuthorityDomainConfigArrayOutput) +} + +// Enables private registry config. If set to false, all other fields in this object must not be set. +func (o ClusterNodeConfigContainerdConfigPrivateRegistryAccessConfigOutput) Enabled() pulumi.BoolOutput { + return o.ApplyT(func(v ClusterNodeConfigContainerdConfigPrivateRegistryAccessConfig) bool { return v.Enabled }).(pulumi.BoolOutput) +} + +type ClusterNodeConfigContainerdConfigPrivateRegistryAccessConfigPtrOutput struct{ *pulumi.OutputState } + +func (ClusterNodeConfigContainerdConfigPrivateRegistryAccessConfigPtrOutput) ElementType() reflect.Type { + return reflect.TypeOf((**ClusterNodeConfigContainerdConfigPrivateRegistryAccessConfig)(nil)).Elem() +} + +func (o ClusterNodeConfigContainerdConfigPrivateRegistryAccessConfigPtrOutput) ToClusterNodeConfigContainerdConfigPrivateRegistryAccessConfigPtrOutput() ClusterNodeConfigContainerdConfigPrivateRegistryAccessConfigPtrOutput { + return o +} + +func (o ClusterNodeConfigContainerdConfigPrivateRegistryAccessConfigPtrOutput) ToClusterNodeConfigContainerdConfigPrivateRegistryAccessConfigPtrOutputWithContext(ctx context.Context) ClusterNodeConfigContainerdConfigPrivateRegistryAccessConfigPtrOutput { + return o +} + +func (o ClusterNodeConfigContainerdConfigPrivateRegistryAccessConfigPtrOutput) Elem() ClusterNodeConfigContainerdConfigPrivateRegistryAccessConfigOutput { + return o.ApplyT(func(v *ClusterNodeConfigContainerdConfigPrivateRegistryAccessConfig) ClusterNodeConfigContainerdConfigPrivateRegistryAccessConfig { + if v != nil { + return *v + } + var ret ClusterNodeConfigContainerdConfigPrivateRegistryAccessConfig + return ret + }).(ClusterNodeConfigContainerdConfigPrivateRegistryAccessConfigOutput) +} + +// List of configuration objects for CA and domains. Each object identifies a certificate and its assigned domains. See [how to configure for private container registries](https://cloud.google.com/kubernetes-engine/docs/how-to/access-private-registries-private-certificates) for more detail. Example: +func (o ClusterNodeConfigContainerdConfigPrivateRegistryAccessConfigPtrOutput) CertificateAuthorityDomainConfigs() ClusterNodeConfigContainerdConfigPrivateRegistryAccessConfigCertificateAuthorityDomainConfigArrayOutput { + return o.ApplyT(func(v *ClusterNodeConfigContainerdConfigPrivateRegistryAccessConfig) []ClusterNodeConfigContainerdConfigPrivateRegistryAccessConfigCertificateAuthorityDomainConfig { + if v == nil { + return nil + } + return v.CertificateAuthorityDomainConfigs + }).(ClusterNodeConfigContainerdConfigPrivateRegistryAccessConfigCertificateAuthorityDomainConfigArrayOutput) +} + +// Enables private registry config. If set to false, all other fields in this object must not be set. +func (o ClusterNodeConfigContainerdConfigPrivateRegistryAccessConfigPtrOutput) Enabled() pulumi.BoolPtrOutput { + return o.ApplyT(func(v *ClusterNodeConfigContainerdConfigPrivateRegistryAccessConfig) *bool { + if v == nil { + return nil + } + return &v.Enabled + }).(pulumi.BoolPtrOutput) +} + +type ClusterNodeConfigContainerdConfigPrivateRegistryAccessConfigCertificateAuthorityDomainConfig struct { + // List of fully-qualified-domain-names. IPv4s and port specification are supported. + Fqdns []string `pulumi:"fqdns"` + // Parameters for configuring a certificate hosted in GCP SecretManager. + GcpSecretManagerCertificateConfig ClusterNodeConfigContainerdConfigPrivateRegistryAccessConfigCertificateAuthorityDomainConfigGcpSecretManagerCertificateConfig `pulumi:"gcpSecretManagerCertificateConfig"` +} + +// ClusterNodeConfigContainerdConfigPrivateRegistryAccessConfigCertificateAuthorityDomainConfigInput is an input type that accepts ClusterNodeConfigContainerdConfigPrivateRegistryAccessConfigCertificateAuthorityDomainConfigArgs and ClusterNodeConfigContainerdConfigPrivateRegistryAccessConfigCertificateAuthorityDomainConfigOutput values. +// You can construct a concrete instance of `ClusterNodeConfigContainerdConfigPrivateRegistryAccessConfigCertificateAuthorityDomainConfigInput` via: +// +// ClusterNodeConfigContainerdConfigPrivateRegistryAccessConfigCertificateAuthorityDomainConfigArgs{...} +type ClusterNodeConfigContainerdConfigPrivateRegistryAccessConfigCertificateAuthorityDomainConfigInput interface { + pulumi.Input + + ToClusterNodeConfigContainerdConfigPrivateRegistryAccessConfigCertificateAuthorityDomainConfigOutput() ClusterNodeConfigContainerdConfigPrivateRegistryAccessConfigCertificateAuthorityDomainConfigOutput + ToClusterNodeConfigContainerdConfigPrivateRegistryAccessConfigCertificateAuthorityDomainConfigOutputWithContext(context.Context) ClusterNodeConfigContainerdConfigPrivateRegistryAccessConfigCertificateAuthorityDomainConfigOutput +} + +type ClusterNodeConfigContainerdConfigPrivateRegistryAccessConfigCertificateAuthorityDomainConfigArgs struct { + // List of fully-qualified-domain-names. IPv4s and port specification are supported. + Fqdns pulumi.StringArrayInput `pulumi:"fqdns"` + // Parameters for configuring a certificate hosted in GCP SecretManager. + GcpSecretManagerCertificateConfig ClusterNodeConfigContainerdConfigPrivateRegistryAccessConfigCertificateAuthorityDomainConfigGcpSecretManagerCertificateConfigInput `pulumi:"gcpSecretManagerCertificateConfig"` +} + +func (ClusterNodeConfigContainerdConfigPrivateRegistryAccessConfigCertificateAuthorityDomainConfigArgs) ElementType() reflect.Type { + return reflect.TypeOf((*ClusterNodeConfigContainerdConfigPrivateRegistryAccessConfigCertificateAuthorityDomainConfig)(nil)).Elem() +} + +func (i ClusterNodeConfigContainerdConfigPrivateRegistryAccessConfigCertificateAuthorityDomainConfigArgs) ToClusterNodeConfigContainerdConfigPrivateRegistryAccessConfigCertificateAuthorityDomainConfigOutput() ClusterNodeConfigContainerdConfigPrivateRegistryAccessConfigCertificateAuthorityDomainConfigOutput { + return i.ToClusterNodeConfigContainerdConfigPrivateRegistryAccessConfigCertificateAuthorityDomainConfigOutputWithContext(context.Background()) +} + +func (i ClusterNodeConfigContainerdConfigPrivateRegistryAccessConfigCertificateAuthorityDomainConfigArgs) ToClusterNodeConfigContainerdConfigPrivateRegistryAccessConfigCertificateAuthorityDomainConfigOutputWithContext(ctx context.Context) ClusterNodeConfigContainerdConfigPrivateRegistryAccessConfigCertificateAuthorityDomainConfigOutput { + return pulumi.ToOutputWithContext(ctx, i).(ClusterNodeConfigContainerdConfigPrivateRegistryAccessConfigCertificateAuthorityDomainConfigOutput) +} + +// ClusterNodeConfigContainerdConfigPrivateRegistryAccessConfigCertificateAuthorityDomainConfigArrayInput is an input type that accepts ClusterNodeConfigContainerdConfigPrivateRegistryAccessConfigCertificateAuthorityDomainConfigArray and ClusterNodeConfigContainerdConfigPrivateRegistryAccessConfigCertificateAuthorityDomainConfigArrayOutput values. +// You can construct a concrete instance of `ClusterNodeConfigContainerdConfigPrivateRegistryAccessConfigCertificateAuthorityDomainConfigArrayInput` via: +// +// ClusterNodeConfigContainerdConfigPrivateRegistryAccessConfigCertificateAuthorityDomainConfigArray{ ClusterNodeConfigContainerdConfigPrivateRegistryAccessConfigCertificateAuthorityDomainConfigArgs{...} } +type ClusterNodeConfigContainerdConfigPrivateRegistryAccessConfigCertificateAuthorityDomainConfigArrayInput interface { + pulumi.Input + + ToClusterNodeConfigContainerdConfigPrivateRegistryAccessConfigCertificateAuthorityDomainConfigArrayOutput() ClusterNodeConfigContainerdConfigPrivateRegistryAccessConfigCertificateAuthorityDomainConfigArrayOutput + ToClusterNodeConfigContainerdConfigPrivateRegistryAccessConfigCertificateAuthorityDomainConfigArrayOutputWithContext(context.Context) ClusterNodeConfigContainerdConfigPrivateRegistryAccessConfigCertificateAuthorityDomainConfigArrayOutput +} + +type ClusterNodeConfigContainerdConfigPrivateRegistryAccessConfigCertificateAuthorityDomainConfigArray []ClusterNodeConfigContainerdConfigPrivateRegistryAccessConfigCertificateAuthorityDomainConfigInput + +func (ClusterNodeConfigContainerdConfigPrivateRegistryAccessConfigCertificateAuthorityDomainConfigArray) ElementType() reflect.Type { + return reflect.TypeOf((*[]ClusterNodeConfigContainerdConfigPrivateRegistryAccessConfigCertificateAuthorityDomainConfig)(nil)).Elem() +} + +func (i ClusterNodeConfigContainerdConfigPrivateRegistryAccessConfigCertificateAuthorityDomainConfigArray) ToClusterNodeConfigContainerdConfigPrivateRegistryAccessConfigCertificateAuthorityDomainConfigArrayOutput() ClusterNodeConfigContainerdConfigPrivateRegistryAccessConfigCertificateAuthorityDomainConfigArrayOutput { + return i.ToClusterNodeConfigContainerdConfigPrivateRegistryAccessConfigCertificateAuthorityDomainConfigArrayOutputWithContext(context.Background()) +} + +func (i ClusterNodeConfigContainerdConfigPrivateRegistryAccessConfigCertificateAuthorityDomainConfigArray) ToClusterNodeConfigContainerdConfigPrivateRegistryAccessConfigCertificateAuthorityDomainConfigArrayOutputWithContext(ctx context.Context) ClusterNodeConfigContainerdConfigPrivateRegistryAccessConfigCertificateAuthorityDomainConfigArrayOutput { + return pulumi.ToOutputWithContext(ctx, i).(ClusterNodeConfigContainerdConfigPrivateRegistryAccessConfigCertificateAuthorityDomainConfigArrayOutput) +} + +type ClusterNodeConfigContainerdConfigPrivateRegistryAccessConfigCertificateAuthorityDomainConfigOutput struct{ *pulumi.OutputState } + +func (ClusterNodeConfigContainerdConfigPrivateRegistryAccessConfigCertificateAuthorityDomainConfigOutput) ElementType() reflect.Type { + return reflect.TypeOf((*ClusterNodeConfigContainerdConfigPrivateRegistryAccessConfigCertificateAuthorityDomainConfig)(nil)).Elem() +} + +func (o ClusterNodeConfigContainerdConfigPrivateRegistryAccessConfigCertificateAuthorityDomainConfigOutput) ToClusterNodeConfigContainerdConfigPrivateRegistryAccessConfigCertificateAuthorityDomainConfigOutput() ClusterNodeConfigContainerdConfigPrivateRegistryAccessConfigCertificateAuthorityDomainConfigOutput { + return o +} + +func (o ClusterNodeConfigContainerdConfigPrivateRegistryAccessConfigCertificateAuthorityDomainConfigOutput) ToClusterNodeConfigContainerdConfigPrivateRegistryAccessConfigCertificateAuthorityDomainConfigOutputWithContext(ctx context.Context) ClusterNodeConfigContainerdConfigPrivateRegistryAccessConfigCertificateAuthorityDomainConfigOutput { + return o +} + +// List of fully-qualified-domain-names. IPv4s and port specification are supported. +func (o ClusterNodeConfigContainerdConfigPrivateRegistryAccessConfigCertificateAuthorityDomainConfigOutput) Fqdns() pulumi.StringArrayOutput { + return o.ApplyT(func(v ClusterNodeConfigContainerdConfigPrivateRegistryAccessConfigCertificateAuthorityDomainConfig) []string { + return v.Fqdns + }).(pulumi.StringArrayOutput) +} + +// Parameters for configuring a certificate hosted in GCP SecretManager. +func (o ClusterNodeConfigContainerdConfigPrivateRegistryAccessConfigCertificateAuthorityDomainConfigOutput) GcpSecretManagerCertificateConfig() ClusterNodeConfigContainerdConfigPrivateRegistryAccessConfigCertificateAuthorityDomainConfigGcpSecretManagerCertificateConfigOutput { + return o.ApplyT(func(v ClusterNodeConfigContainerdConfigPrivateRegistryAccessConfigCertificateAuthorityDomainConfig) ClusterNodeConfigContainerdConfigPrivateRegistryAccessConfigCertificateAuthorityDomainConfigGcpSecretManagerCertificateConfig { + return v.GcpSecretManagerCertificateConfig + }).(ClusterNodeConfigContainerdConfigPrivateRegistryAccessConfigCertificateAuthorityDomainConfigGcpSecretManagerCertificateConfigOutput) +} + +type ClusterNodeConfigContainerdConfigPrivateRegistryAccessConfigCertificateAuthorityDomainConfigArrayOutput struct{ *pulumi.OutputState } + +func (ClusterNodeConfigContainerdConfigPrivateRegistryAccessConfigCertificateAuthorityDomainConfigArrayOutput) ElementType() reflect.Type { + return reflect.TypeOf((*[]ClusterNodeConfigContainerdConfigPrivateRegistryAccessConfigCertificateAuthorityDomainConfig)(nil)).Elem() +} + +func (o ClusterNodeConfigContainerdConfigPrivateRegistryAccessConfigCertificateAuthorityDomainConfigArrayOutput) ToClusterNodeConfigContainerdConfigPrivateRegistryAccessConfigCertificateAuthorityDomainConfigArrayOutput() ClusterNodeConfigContainerdConfigPrivateRegistryAccessConfigCertificateAuthorityDomainConfigArrayOutput { + return o +} + +func (o ClusterNodeConfigContainerdConfigPrivateRegistryAccessConfigCertificateAuthorityDomainConfigArrayOutput) ToClusterNodeConfigContainerdConfigPrivateRegistryAccessConfigCertificateAuthorityDomainConfigArrayOutputWithContext(ctx context.Context) ClusterNodeConfigContainerdConfigPrivateRegistryAccessConfigCertificateAuthorityDomainConfigArrayOutput { + return o +} + +func (o ClusterNodeConfigContainerdConfigPrivateRegistryAccessConfigCertificateAuthorityDomainConfigArrayOutput) Index(i pulumi.IntInput) ClusterNodeConfigContainerdConfigPrivateRegistryAccessConfigCertificateAuthorityDomainConfigOutput { + return pulumi.All(o, i).ApplyT(func(vs []interface{}) ClusterNodeConfigContainerdConfigPrivateRegistryAccessConfigCertificateAuthorityDomainConfig { + return vs[0].([]ClusterNodeConfigContainerdConfigPrivateRegistryAccessConfigCertificateAuthorityDomainConfig)[vs[1].(int)] + }).(ClusterNodeConfigContainerdConfigPrivateRegistryAccessConfigCertificateAuthorityDomainConfigOutput) +} + +type ClusterNodeConfigContainerdConfigPrivateRegistryAccessConfigCertificateAuthorityDomainConfigGcpSecretManagerCertificateConfig struct { + // URI for the secret that hosts a certificate. Must be in the format 'projects/PROJECT_NUM/secrets/SECRET_NAME/versions/VERSION_OR_LATEST'. + SecretUri string `pulumi:"secretUri"` +} + +// ClusterNodeConfigContainerdConfigPrivateRegistryAccessConfigCertificateAuthorityDomainConfigGcpSecretManagerCertificateConfigInput is an input type that accepts ClusterNodeConfigContainerdConfigPrivateRegistryAccessConfigCertificateAuthorityDomainConfigGcpSecretManagerCertificateConfigArgs and ClusterNodeConfigContainerdConfigPrivateRegistryAccessConfigCertificateAuthorityDomainConfigGcpSecretManagerCertificateConfigOutput values. +// You can construct a concrete instance of `ClusterNodeConfigContainerdConfigPrivateRegistryAccessConfigCertificateAuthorityDomainConfigGcpSecretManagerCertificateConfigInput` via: +// +// ClusterNodeConfigContainerdConfigPrivateRegistryAccessConfigCertificateAuthorityDomainConfigGcpSecretManagerCertificateConfigArgs{...} +type ClusterNodeConfigContainerdConfigPrivateRegistryAccessConfigCertificateAuthorityDomainConfigGcpSecretManagerCertificateConfigInput interface { + pulumi.Input + + ToClusterNodeConfigContainerdConfigPrivateRegistryAccessConfigCertificateAuthorityDomainConfigGcpSecretManagerCertificateConfigOutput() ClusterNodeConfigContainerdConfigPrivateRegistryAccessConfigCertificateAuthorityDomainConfigGcpSecretManagerCertificateConfigOutput + ToClusterNodeConfigContainerdConfigPrivateRegistryAccessConfigCertificateAuthorityDomainConfigGcpSecretManagerCertificateConfigOutputWithContext(context.Context) ClusterNodeConfigContainerdConfigPrivateRegistryAccessConfigCertificateAuthorityDomainConfigGcpSecretManagerCertificateConfigOutput +} + +type ClusterNodeConfigContainerdConfigPrivateRegistryAccessConfigCertificateAuthorityDomainConfigGcpSecretManagerCertificateConfigArgs struct { + // URI for the secret that hosts a certificate. Must be in the format 'projects/PROJECT_NUM/secrets/SECRET_NAME/versions/VERSION_OR_LATEST'. + SecretUri pulumi.StringInput `pulumi:"secretUri"` +} + +func (ClusterNodeConfigContainerdConfigPrivateRegistryAccessConfigCertificateAuthorityDomainConfigGcpSecretManagerCertificateConfigArgs) ElementType() reflect.Type { + return reflect.TypeOf((*ClusterNodeConfigContainerdConfigPrivateRegistryAccessConfigCertificateAuthorityDomainConfigGcpSecretManagerCertificateConfig)(nil)).Elem() +} + +func (i ClusterNodeConfigContainerdConfigPrivateRegistryAccessConfigCertificateAuthorityDomainConfigGcpSecretManagerCertificateConfigArgs) ToClusterNodeConfigContainerdConfigPrivateRegistryAccessConfigCertificateAuthorityDomainConfigGcpSecretManagerCertificateConfigOutput() ClusterNodeConfigContainerdConfigPrivateRegistryAccessConfigCertificateAuthorityDomainConfigGcpSecretManagerCertificateConfigOutput { + return i.ToClusterNodeConfigContainerdConfigPrivateRegistryAccessConfigCertificateAuthorityDomainConfigGcpSecretManagerCertificateConfigOutputWithContext(context.Background()) +} + +func (i ClusterNodeConfigContainerdConfigPrivateRegistryAccessConfigCertificateAuthorityDomainConfigGcpSecretManagerCertificateConfigArgs) ToClusterNodeConfigContainerdConfigPrivateRegistryAccessConfigCertificateAuthorityDomainConfigGcpSecretManagerCertificateConfigOutputWithContext(ctx context.Context) ClusterNodeConfigContainerdConfigPrivateRegistryAccessConfigCertificateAuthorityDomainConfigGcpSecretManagerCertificateConfigOutput { + return pulumi.ToOutputWithContext(ctx, i).(ClusterNodeConfigContainerdConfigPrivateRegistryAccessConfigCertificateAuthorityDomainConfigGcpSecretManagerCertificateConfigOutput) +} + +type ClusterNodeConfigContainerdConfigPrivateRegistryAccessConfigCertificateAuthorityDomainConfigGcpSecretManagerCertificateConfigOutput struct{ *pulumi.OutputState } + +func (ClusterNodeConfigContainerdConfigPrivateRegistryAccessConfigCertificateAuthorityDomainConfigGcpSecretManagerCertificateConfigOutput) ElementType() reflect.Type { + return reflect.TypeOf((*ClusterNodeConfigContainerdConfigPrivateRegistryAccessConfigCertificateAuthorityDomainConfigGcpSecretManagerCertificateConfig)(nil)).Elem() +} + +func (o ClusterNodeConfigContainerdConfigPrivateRegistryAccessConfigCertificateAuthorityDomainConfigGcpSecretManagerCertificateConfigOutput) ToClusterNodeConfigContainerdConfigPrivateRegistryAccessConfigCertificateAuthorityDomainConfigGcpSecretManagerCertificateConfigOutput() ClusterNodeConfigContainerdConfigPrivateRegistryAccessConfigCertificateAuthorityDomainConfigGcpSecretManagerCertificateConfigOutput { + return o +} + +func (o ClusterNodeConfigContainerdConfigPrivateRegistryAccessConfigCertificateAuthorityDomainConfigGcpSecretManagerCertificateConfigOutput) ToClusterNodeConfigContainerdConfigPrivateRegistryAccessConfigCertificateAuthorityDomainConfigGcpSecretManagerCertificateConfigOutputWithContext(ctx context.Context) ClusterNodeConfigContainerdConfigPrivateRegistryAccessConfigCertificateAuthorityDomainConfigGcpSecretManagerCertificateConfigOutput { + return o +} + +// URI for the secret that hosts a certificate. Must be in the format 'projects/PROJECT_NUM/secrets/SECRET_NAME/versions/VERSION_OR_LATEST'. +func (o ClusterNodeConfigContainerdConfigPrivateRegistryAccessConfigCertificateAuthorityDomainConfigGcpSecretManagerCertificateConfigOutput) SecretUri() pulumi.StringOutput { + return o.ApplyT(func(v ClusterNodeConfigContainerdConfigPrivateRegistryAccessConfigCertificateAuthorityDomainConfigGcpSecretManagerCertificateConfig) string { + return v.SecretUri + }).(pulumi.StringOutput) +} + type ClusterNodeConfigEffectiveTaint struct { // Effect for taint. Effect *string `pulumi:"effect"` @@ -24624,6 +25104,8 @@ func (o ClusterNodePoolDefaultsPtrOutput) NodeConfigDefaults() ClusterNodePoolDe } type ClusterNodePoolDefaultsNodeConfigDefaults struct { + // Parameters for containerd configuration. + ContainerdConfig *ClusterNodePoolDefaultsNodeConfigDefaultsContainerdConfig `pulumi:"containerdConfig"` // The default Google Container Filesystem (GCFS) configuration at the cluster level. e.g. enable [image streaming](https://cloud.google.com/kubernetes-engine/docs/how-to/image-streaming) across all the node pools within the cluster. Structure is documented below. GcfsConfig *ClusterNodePoolDefaultsNodeConfigDefaultsGcfsConfig `pulumi:"gcfsConfig"` // The type of logging agent that is deployed by default for newly created node pools in the cluster. Valid values include DEFAULT and MAX_THROUGHPUT. See [Increasing logging agent throughput](https://cloud.google.com/stackdriver/docs/solutions/gke/managing-logs#throughput) for more information. @@ -24642,6 +25124,8 @@ type ClusterNodePoolDefaultsNodeConfigDefaultsInput interface { } type ClusterNodePoolDefaultsNodeConfigDefaultsArgs struct { + // Parameters for containerd configuration. + ContainerdConfig ClusterNodePoolDefaultsNodeConfigDefaultsContainerdConfigPtrInput `pulumi:"containerdConfig"` // The default Google Container Filesystem (GCFS) configuration at the cluster level. e.g. enable [image streaming](https://cloud.google.com/kubernetes-engine/docs/how-to/image-streaming) across all the node pools within the cluster. Structure is documented below. GcfsConfig ClusterNodePoolDefaultsNodeConfigDefaultsGcfsConfigPtrInput `pulumi:"gcfsConfig"` // The type of logging agent that is deployed by default for newly created node pools in the cluster. Valid values include DEFAULT and MAX_THROUGHPUT. See [Increasing logging agent throughput](https://cloud.google.com/stackdriver/docs/solutions/gke/managing-logs#throughput) for more information. @@ -24725,6 +25209,13 @@ func (o ClusterNodePoolDefaultsNodeConfigDefaultsOutput) ToClusterNodePoolDefaul }).(ClusterNodePoolDefaultsNodeConfigDefaultsPtrOutput) } +// Parameters for containerd configuration. +func (o ClusterNodePoolDefaultsNodeConfigDefaultsOutput) ContainerdConfig() ClusterNodePoolDefaultsNodeConfigDefaultsContainerdConfigPtrOutput { + return o.ApplyT(func(v ClusterNodePoolDefaultsNodeConfigDefaults) *ClusterNodePoolDefaultsNodeConfigDefaultsContainerdConfig { + return v.ContainerdConfig + }).(ClusterNodePoolDefaultsNodeConfigDefaultsContainerdConfigPtrOutput) +} + // The default Google Container Filesystem (GCFS) configuration at the cluster level. e.g. enable [image streaming](https://cloud.google.com/kubernetes-engine/docs/how-to/image-streaming) across all the node pools within the cluster. Structure is documented below. func (o ClusterNodePoolDefaultsNodeConfigDefaultsOutput) GcfsConfig() ClusterNodePoolDefaultsNodeConfigDefaultsGcfsConfigPtrOutput { return o.ApplyT(func(v ClusterNodePoolDefaultsNodeConfigDefaults) *ClusterNodePoolDefaultsNodeConfigDefaultsGcfsConfig { @@ -24761,6 +25252,16 @@ func (o ClusterNodePoolDefaultsNodeConfigDefaultsPtrOutput) Elem() ClusterNodePo }).(ClusterNodePoolDefaultsNodeConfigDefaultsOutput) } +// Parameters for containerd configuration. +func (o ClusterNodePoolDefaultsNodeConfigDefaultsPtrOutput) ContainerdConfig() ClusterNodePoolDefaultsNodeConfigDefaultsContainerdConfigPtrOutput { + return o.ApplyT(func(v *ClusterNodePoolDefaultsNodeConfigDefaults) *ClusterNodePoolDefaultsNodeConfigDefaultsContainerdConfig { + if v == nil { + return nil + } + return v.ContainerdConfig + }).(ClusterNodePoolDefaultsNodeConfigDefaultsContainerdConfigPtrOutput) +} + // The default Google Container Filesystem (GCFS) configuration at the cluster level. e.g. enable [image streaming](https://cloud.google.com/kubernetes-engine/docs/how-to/image-streaming) across all the node pools within the cluster. Structure is documented below. func (o ClusterNodePoolDefaultsNodeConfigDefaultsPtrOutput) GcfsConfig() ClusterNodePoolDefaultsNodeConfigDefaultsGcfsConfigPtrOutput { return o.ApplyT(func(v *ClusterNodePoolDefaultsNodeConfigDefaults) *ClusterNodePoolDefaultsNodeConfigDefaultsGcfsConfig { @@ -24781,6 +25282,469 @@ func (o ClusterNodePoolDefaultsNodeConfigDefaultsPtrOutput) LoggingVariant() pul }).(pulumi.StringPtrOutput) } +type ClusterNodePoolDefaultsNodeConfigDefaultsContainerdConfig struct { + // Configuration for private container registries. There are two fields in this config: + PrivateRegistryAccessConfig *ClusterNodePoolDefaultsNodeConfigDefaultsContainerdConfigPrivateRegistryAccessConfig `pulumi:"privateRegistryAccessConfig"` +} + +// ClusterNodePoolDefaultsNodeConfigDefaultsContainerdConfigInput is an input type that accepts ClusterNodePoolDefaultsNodeConfigDefaultsContainerdConfigArgs and ClusterNodePoolDefaultsNodeConfigDefaultsContainerdConfigOutput values. +// You can construct a concrete instance of `ClusterNodePoolDefaultsNodeConfigDefaultsContainerdConfigInput` via: +// +// ClusterNodePoolDefaultsNodeConfigDefaultsContainerdConfigArgs{...} +type ClusterNodePoolDefaultsNodeConfigDefaultsContainerdConfigInput interface { + pulumi.Input + + ToClusterNodePoolDefaultsNodeConfigDefaultsContainerdConfigOutput() ClusterNodePoolDefaultsNodeConfigDefaultsContainerdConfigOutput + ToClusterNodePoolDefaultsNodeConfigDefaultsContainerdConfigOutputWithContext(context.Context) ClusterNodePoolDefaultsNodeConfigDefaultsContainerdConfigOutput +} + +type ClusterNodePoolDefaultsNodeConfigDefaultsContainerdConfigArgs struct { + // Configuration for private container registries. There are two fields in this config: + PrivateRegistryAccessConfig ClusterNodePoolDefaultsNodeConfigDefaultsContainerdConfigPrivateRegistryAccessConfigPtrInput `pulumi:"privateRegistryAccessConfig"` +} + +func (ClusterNodePoolDefaultsNodeConfigDefaultsContainerdConfigArgs) ElementType() reflect.Type { + return reflect.TypeOf((*ClusterNodePoolDefaultsNodeConfigDefaultsContainerdConfig)(nil)).Elem() +} + +func (i ClusterNodePoolDefaultsNodeConfigDefaultsContainerdConfigArgs) ToClusterNodePoolDefaultsNodeConfigDefaultsContainerdConfigOutput() ClusterNodePoolDefaultsNodeConfigDefaultsContainerdConfigOutput { + return i.ToClusterNodePoolDefaultsNodeConfigDefaultsContainerdConfigOutputWithContext(context.Background()) +} + +func (i ClusterNodePoolDefaultsNodeConfigDefaultsContainerdConfigArgs) ToClusterNodePoolDefaultsNodeConfigDefaultsContainerdConfigOutputWithContext(ctx context.Context) ClusterNodePoolDefaultsNodeConfigDefaultsContainerdConfigOutput { + return pulumi.ToOutputWithContext(ctx, i).(ClusterNodePoolDefaultsNodeConfigDefaultsContainerdConfigOutput) +} + +func (i ClusterNodePoolDefaultsNodeConfigDefaultsContainerdConfigArgs) ToClusterNodePoolDefaultsNodeConfigDefaultsContainerdConfigPtrOutput() ClusterNodePoolDefaultsNodeConfigDefaultsContainerdConfigPtrOutput { + return i.ToClusterNodePoolDefaultsNodeConfigDefaultsContainerdConfigPtrOutputWithContext(context.Background()) +} + +func (i ClusterNodePoolDefaultsNodeConfigDefaultsContainerdConfigArgs) ToClusterNodePoolDefaultsNodeConfigDefaultsContainerdConfigPtrOutputWithContext(ctx context.Context) ClusterNodePoolDefaultsNodeConfigDefaultsContainerdConfigPtrOutput { + return pulumi.ToOutputWithContext(ctx, i).(ClusterNodePoolDefaultsNodeConfigDefaultsContainerdConfigOutput).ToClusterNodePoolDefaultsNodeConfigDefaultsContainerdConfigPtrOutputWithContext(ctx) +} + +// ClusterNodePoolDefaultsNodeConfigDefaultsContainerdConfigPtrInput is an input type that accepts ClusterNodePoolDefaultsNodeConfigDefaultsContainerdConfigArgs, ClusterNodePoolDefaultsNodeConfigDefaultsContainerdConfigPtr and ClusterNodePoolDefaultsNodeConfigDefaultsContainerdConfigPtrOutput values. +// You can construct a concrete instance of `ClusterNodePoolDefaultsNodeConfigDefaultsContainerdConfigPtrInput` via: +// +// ClusterNodePoolDefaultsNodeConfigDefaultsContainerdConfigArgs{...} +// +// or: +// +// nil +type ClusterNodePoolDefaultsNodeConfigDefaultsContainerdConfigPtrInput interface { + pulumi.Input + + ToClusterNodePoolDefaultsNodeConfigDefaultsContainerdConfigPtrOutput() ClusterNodePoolDefaultsNodeConfigDefaultsContainerdConfigPtrOutput + ToClusterNodePoolDefaultsNodeConfigDefaultsContainerdConfigPtrOutputWithContext(context.Context) ClusterNodePoolDefaultsNodeConfigDefaultsContainerdConfigPtrOutput +} + +type clusterNodePoolDefaultsNodeConfigDefaultsContainerdConfigPtrType ClusterNodePoolDefaultsNodeConfigDefaultsContainerdConfigArgs + +func ClusterNodePoolDefaultsNodeConfigDefaultsContainerdConfigPtr(v *ClusterNodePoolDefaultsNodeConfigDefaultsContainerdConfigArgs) ClusterNodePoolDefaultsNodeConfigDefaultsContainerdConfigPtrInput { + return (*clusterNodePoolDefaultsNodeConfigDefaultsContainerdConfigPtrType)(v) +} + +func (*clusterNodePoolDefaultsNodeConfigDefaultsContainerdConfigPtrType) ElementType() reflect.Type { + return reflect.TypeOf((**ClusterNodePoolDefaultsNodeConfigDefaultsContainerdConfig)(nil)).Elem() +} + +func (i *clusterNodePoolDefaultsNodeConfigDefaultsContainerdConfigPtrType) ToClusterNodePoolDefaultsNodeConfigDefaultsContainerdConfigPtrOutput() ClusterNodePoolDefaultsNodeConfigDefaultsContainerdConfigPtrOutput { + return i.ToClusterNodePoolDefaultsNodeConfigDefaultsContainerdConfigPtrOutputWithContext(context.Background()) +} + +func (i *clusterNodePoolDefaultsNodeConfigDefaultsContainerdConfigPtrType) ToClusterNodePoolDefaultsNodeConfigDefaultsContainerdConfigPtrOutputWithContext(ctx context.Context) ClusterNodePoolDefaultsNodeConfigDefaultsContainerdConfigPtrOutput { + return pulumi.ToOutputWithContext(ctx, i).(ClusterNodePoolDefaultsNodeConfigDefaultsContainerdConfigPtrOutput) +} + +type ClusterNodePoolDefaultsNodeConfigDefaultsContainerdConfigOutput struct{ *pulumi.OutputState } + +func (ClusterNodePoolDefaultsNodeConfigDefaultsContainerdConfigOutput) ElementType() reflect.Type { + return reflect.TypeOf((*ClusterNodePoolDefaultsNodeConfigDefaultsContainerdConfig)(nil)).Elem() +} + +func (o ClusterNodePoolDefaultsNodeConfigDefaultsContainerdConfigOutput) ToClusterNodePoolDefaultsNodeConfigDefaultsContainerdConfigOutput() ClusterNodePoolDefaultsNodeConfigDefaultsContainerdConfigOutput { + return o +} + +func (o ClusterNodePoolDefaultsNodeConfigDefaultsContainerdConfigOutput) ToClusterNodePoolDefaultsNodeConfigDefaultsContainerdConfigOutputWithContext(ctx context.Context) ClusterNodePoolDefaultsNodeConfigDefaultsContainerdConfigOutput { + return o +} + +func (o ClusterNodePoolDefaultsNodeConfigDefaultsContainerdConfigOutput) ToClusterNodePoolDefaultsNodeConfigDefaultsContainerdConfigPtrOutput() ClusterNodePoolDefaultsNodeConfigDefaultsContainerdConfigPtrOutput { + return o.ToClusterNodePoolDefaultsNodeConfigDefaultsContainerdConfigPtrOutputWithContext(context.Background()) +} + +func (o ClusterNodePoolDefaultsNodeConfigDefaultsContainerdConfigOutput) ToClusterNodePoolDefaultsNodeConfigDefaultsContainerdConfigPtrOutputWithContext(ctx context.Context) ClusterNodePoolDefaultsNodeConfigDefaultsContainerdConfigPtrOutput { + return o.ApplyTWithContext(ctx, func(_ context.Context, v ClusterNodePoolDefaultsNodeConfigDefaultsContainerdConfig) *ClusterNodePoolDefaultsNodeConfigDefaultsContainerdConfig { + return &v + }).(ClusterNodePoolDefaultsNodeConfigDefaultsContainerdConfigPtrOutput) +} + +// Configuration for private container registries. There are two fields in this config: +func (o ClusterNodePoolDefaultsNodeConfigDefaultsContainerdConfigOutput) PrivateRegistryAccessConfig() ClusterNodePoolDefaultsNodeConfigDefaultsContainerdConfigPrivateRegistryAccessConfigPtrOutput { + return o.ApplyT(func(v ClusterNodePoolDefaultsNodeConfigDefaultsContainerdConfig) *ClusterNodePoolDefaultsNodeConfigDefaultsContainerdConfigPrivateRegistryAccessConfig { + return v.PrivateRegistryAccessConfig + }).(ClusterNodePoolDefaultsNodeConfigDefaultsContainerdConfigPrivateRegistryAccessConfigPtrOutput) +} + +type ClusterNodePoolDefaultsNodeConfigDefaultsContainerdConfigPtrOutput struct{ *pulumi.OutputState } + +func (ClusterNodePoolDefaultsNodeConfigDefaultsContainerdConfigPtrOutput) ElementType() reflect.Type { + return reflect.TypeOf((**ClusterNodePoolDefaultsNodeConfigDefaultsContainerdConfig)(nil)).Elem() +} + +func (o ClusterNodePoolDefaultsNodeConfigDefaultsContainerdConfigPtrOutput) ToClusterNodePoolDefaultsNodeConfigDefaultsContainerdConfigPtrOutput() ClusterNodePoolDefaultsNodeConfigDefaultsContainerdConfigPtrOutput { + return o +} + +func (o ClusterNodePoolDefaultsNodeConfigDefaultsContainerdConfigPtrOutput) ToClusterNodePoolDefaultsNodeConfigDefaultsContainerdConfigPtrOutputWithContext(ctx context.Context) ClusterNodePoolDefaultsNodeConfigDefaultsContainerdConfigPtrOutput { + return o +} + +func (o ClusterNodePoolDefaultsNodeConfigDefaultsContainerdConfigPtrOutput) Elem() ClusterNodePoolDefaultsNodeConfigDefaultsContainerdConfigOutput { + return o.ApplyT(func(v *ClusterNodePoolDefaultsNodeConfigDefaultsContainerdConfig) ClusterNodePoolDefaultsNodeConfigDefaultsContainerdConfig { + if v != nil { + return *v + } + var ret ClusterNodePoolDefaultsNodeConfigDefaultsContainerdConfig + return ret + }).(ClusterNodePoolDefaultsNodeConfigDefaultsContainerdConfigOutput) +} + +// Configuration for private container registries. There are two fields in this config: +func (o ClusterNodePoolDefaultsNodeConfigDefaultsContainerdConfigPtrOutput) PrivateRegistryAccessConfig() ClusterNodePoolDefaultsNodeConfigDefaultsContainerdConfigPrivateRegistryAccessConfigPtrOutput { + return o.ApplyT(func(v *ClusterNodePoolDefaultsNodeConfigDefaultsContainerdConfig) *ClusterNodePoolDefaultsNodeConfigDefaultsContainerdConfigPrivateRegistryAccessConfig { + if v == nil { + return nil + } + return v.PrivateRegistryAccessConfig + }).(ClusterNodePoolDefaultsNodeConfigDefaultsContainerdConfigPrivateRegistryAccessConfigPtrOutput) +} + +type ClusterNodePoolDefaultsNodeConfigDefaultsContainerdConfigPrivateRegistryAccessConfig struct { + // List of configuration objects for CA and domains. Each object identifies a certificate and its assigned domains. See [how to configure for private container registries](https://cloud.google.com/kubernetes-engine/docs/how-to/access-private-registries-private-certificates) for more detail. Example: + CertificateAuthorityDomainConfigs []ClusterNodePoolDefaultsNodeConfigDefaultsContainerdConfigPrivateRegistryAccessConfigCertificateAuthorityDomainConfig `pulumi:"certificateAuthorityDomainConfigs"` + // Enables private registry config. If set to false, all other fields in this object must not be set. + Enabled bool `pulumi:"enabled"` +} + +// ClusterNodePoolDefaultsNodeConfigDefaultsContainerdConfigPrivateRegistryAccessConfigInput is an input type that accepts ClusterNodePoolDefaultsNodeConfigDefaultsContainerdConfigPrivateRegistryAccessConfigArgs and ClusterNodePoolDefaultsNodeConfigDefaultsContainerdConfigPrivateRegistryAccessConfigOutput values. +// You can construct a concrete instance of `ClusterNodePoolDefaultsNodeConfigDefaultsContainerdConfigPrivateRegistryAccessConfigInput` via: +// +// ClusterNodePoolDefaultsNodeConfigDefaultsContainerdConfigPrivateRegistryAccessConfigArgs{...} +type ClusterNodePoolDefaultsNodeConfigDefaultsContainerdConfigPrivateRegistryAccessConfigInput interface { + pulumi.Input + + ToClusterNodePoolDefaultsNodeConfigDefaultsContainerdConfigPrivateRegistryAccessConfigOutput() ClusterNodePoolDefaultsNodeConfigDefaultsContainerdConfigPrivateRegistryAccessConfigOutput + ToClusterNodePoolDefaultsNodeConfigDefaultsContainerdConfigPrivateRegistryAccessConfigOutputWithContext(context.Context) ClusterNodePoolDefaultsNodeConfigDefaultsContainerdConfigPrivateRegistryAccessConfigOutput +} + +type ClusterNodePoolDefaultsNodeConfigDefaultsContainerdConfigPrivateRegistryAccessConfigArgs struct { + // List of configuration objects for CA and domains. Each object identifies a certificate and its assigned domains. See [how to configure for private container registries](https://cloud.google.com/kubernetes-engine/docs/how-to/access-private-registries-private-certificates) for more detail. Example: + CertificateAuthorityDomainConfigs ClusterNodePoolDefaultsNodeConfigDefaultsContainerdConfigPrivateRegistryAccessConfigCertificateAuthorityDomainConfigArrayInput `pulumi:"certificateAuthorityDomainConfigs"` + // Enables private registry config. If set to false, all other fields in this object must not be set. + Enabled pulumi.BoolInput `pulumi:"enabled"` +} + +func (ClusterNodePoolDefaultsNodeConfigDefaultsContainerdConfigPrivateRegistryAccessConfigArgs) ElementType() reflect.Type { + return reflect.TypeOf((*ClusterNodePoolDefaultsNodeConfigDefaultsContainerdConfigPrivateRegistryAccessConfig)(nil)).Elem() +} + +func (i ClusterNodePoolDefaultsNodeConfigDefaultsContainerdConfigPrivateRegistryAccessConfigArgs) ToClusterNodePoolDefaultsNodeConfigDefaultsContainerdConfigPrivateRegistryAccessConfigOutput() ClusterNodePoolDefaultsNodeConfigDefaultsContainerdConfigPrivateRegistryAccessConfigOutput { + return i.ToClusterNodePoolDefaultsNodeConfigDefaultsContainerdConfigPrivateRegistryAccessConfigOutputWithContext(context.Background()) +} + +func (i ClusterNodePoolDefaultsNodeConfigDefaultsContainerdConfigPrivateRegistryAccessConfigArgs) ToClusterNodePoolDefaultsNodeConfigDefaultsContainerdConfigPrivateRegistryAccessConfigOutputWithContext(ctx context.Context) ClusterNodePoolDefaultsNodeConfigDefaultsContainerdConfigPrivateRegistryAccessConfigOutput { + return pulumi.ToOutputWithContext(ctx, i).(ClusterNodePoolDefaultsNodeConfigDefaultsContainerdConfigPrivateRegistryAccessConfigOutput) +} + +func (i ClusterNodePoolDefaultsNodeConfigDefaultsContainerdConfigPrivateRegistryAccessConfigArgs) ToClusterNodePoolDefaultsNodeConfigDefaultsContainerdConfigPrivateRegistryAccessConfigPtrOutput() ClusterNodePoolDefaultsNodeConfigDefaultsContainerdConfigPrivateRegistryAccessConfigPtrOutput { + return i.ToClusterNodePoolDefaultsNodeConfigDefaultsContainerdConfigPrivateRegistryAccessConfigPtrOutputWithContext(context.Background()) +} + +func (i ClusterNodePoolDefaultsNodeConfigDefaultsContainerdConfigPrivateRegistryAccessConfigArgs) ToClusterNodePoolDefaultsNodeConfigDefaultsContainerdConfigPrivateRegistryAccessConfigPtrOutputWithContext(ctx context.Context) ClusterNodePoolDefaultsNodeConfigDefaultsContainerdConfigPrivateRegistryAccessConfigPtrOutput { + return pulumi.ToOutputWithContext(ctx, i).(ClusterNodePoolDefaultsNodeConfigDefaultsContainerdConfigPrivateRegistryAccessConfigOutput).ToClusterNodePoolDefaultsNodeConfigDefaultsContainerdConfigPrivateRegistryAccessConfigPtrOutputWithContext(ctx) +} + +// ClusterNodePoolDefaultsNodeConfigDefaultsContainerdConfigPrivateRegistryAccessConfigPtrInput is an input type that accepts ClusterNodePoolDefaultsNodeConfigDefaultsContainerdConfigPrivateRegistryAccessConfigArgs, ClusterNodePoolDefaultsNodeConfigDefaultsContainerdConfigPrivateRegistryAccessConfigPtr and ClusterNodePoolDefaultsNodeConfigDefaultsContainerdConfigPrivateRegistryAccessConfigPtrOutput values. +// You can construct a concrete instance of `ClusterNodePoolDefaultsNodeConfigDefaultsContainerdConfigPrivateRegistryAccessConfigPtrInput` via: +// +// ClusterNodePoolDefaultsNodeConfigDefaultsContainerdConfigPrivateRegistryAccessConfigArgs{...} +// +// or: +// +// nil +type ClusterNodePoolDefaultsNodeConfigDefaultsContainerdConfigPrivateRegistryAccessConfigPtrInput interface { + pulumi.Input + + ToClusterNodePoolDefaultsNodeConfigDefaultsContainerdConfigPrivateRegistryAccessConfigPtrOutput() ClusterNodePoolDefaultsNodeConfigDefaultsContainerdConfigPrivateRegistryAccessConfigPtrOutput + ToClusterNodePoolDefaultsNodeConfigDefaultsContainerdConfigPrivateRegistryAccessConfigPtrOutputWithContext(context.Context) ClusterNodePoolDefaultsNodeConfigDefaultsContainerdConfigPrivateRegistryAccessConfigPtrOutput +} + +type clusterNodePoolDefaultsNodeConfigDefaultsContainerdConfigPrivateRegistryAccessConfigPtrType ClusterNodePoolDefaultsNodeConfigDefaultsContainerdConfigPrivateRegistryAccessConfigArgs + +func ClusterNodePoolDefaultsNodeConfigDefaultsContainerdConfigPrivateRegistryAccessConfigPtr(v *ClusterNodePoolDefaultsNodeConfigDefaultsContainerdConfigPrivateRegistryAccessConfigArgs) ClusterNodePoolDefaultsNodeConfigDefaultsContainerdConfigPrivateRegistryAccessConfigPtrInput { + return (*clusterNodePoolDefaultsNodeConfigDefaultsContainerdConfigPrivateRegistryAccessConfigPtrType)(v) +} + +func (*clusterNodePoolDefaultsNodeConfigDefaultsContainerdConfigPrivateRegistryAccessConfigPtrType) ElementType() reflect.Type { + return reflect.TypeOf((**ClusterNodePoolDefaultsNodeConfigDefaultsContainerdConfigPrivateRegistryAccessConfig)(nil)).Elem() +} + +func (i *clusterNodePoolDefaultsNodeConfigDefaultsContainerdConfigPrivateRegistryAccessConfigPtrType) ToClusterNodePoolDefaultsNodeConfigDefaultsContainerdConfigPrivateRegistryAccessConfigPtrOutput() ClusterNodePoolDefaultsNodeConfigDefaultsContainerdConfigPrivateRegistryAccessConfigPtrOutput { + return i.ToClusterNodePoolDefaultsNodeConfigDefaultsContainerdConfigPrivateRegistryAccessConfigPtrOutputWithContext(context.Background()) +} + +func (i *clusterNodePoolDefaultsNodeConfigDefaultsContainerdConfigPrivateRegistryAccessConfigPtrType) ToClusterNodePoolDefaultsNodeConfigDefaultsContainerdConfigPrivateRegistryAccessConfigPtrOutputWithContext(ctx context.Context) ClusterNodePoolDefaultsNodeConfigDefaultsContainerdConfigPrivateRegistryAccessConfigPtrOutput { + return pulumi.ToOutputWithContext(ctx, i).(ClusterNodePoolDefaultsNodeConfigDefaultsContainerdConfigPrivateRegistryAccessConfigPtrOutput) +} + +type ClusterNodePoolDefaultsNodeConfigDefaultsContainerdConfigPrivateRegistryAccessConfigOutput struct{ *pulumi.OutputState } + +func (ClusterNodePoolDefaultsNodeConfigDefaultsContainerdConfigPrivateRegistryAccessConfigOutput) ElementType() reflect.Type { + return reflect.TypeOf((*ClusterNodePoolDefaultsNodeConfigDefaultsContainerdConfigPrivateRegistryAccessConfig)(nil)).Elem() +} + +func (o ClusterNodePoolDefaultsNodeConfigDefaultsContainerdConfigPrivateRegistryAccessConfigOutput) ToClusterNodePoolDefaultsNodeConfigDefaultsContainerdConfigPrivateRegistryAccessConfigOutput() ClusterNodePoolDefaultsNodeConfigDefaultsContainerdConfigPrivateRegistryAccessConfigOutput { + return o +} + +func (o ClusterNodePoolDefaultsNodeConfigDefaultsContainerdConfigPrivateRegistryAccessConfigOutput) ToClusterNodePoolDefaultsNodeConfigDefaultsContainerdConfigPrivateRegistryAccessConfigOutputWithContext(ctx context.Context) ClusterNodePoolDefaultsNodeConfigDefaultsContainerdConfigPrivateRegistryAccessConfigOutput { + return o +} + +func (o ClusterNodePoolDefaultsNodeConfigDefaultsContainerdConfigPrivateRegistryAccessConfigOutput) ToClusterNodePoolDefaultsNodeConfigDefaultsContainerdConfigPrivateRegistryAccessConfigPtrOutput() ClusterNodePoolDefaultsNodeConfigDefaultsContainerdConfigPrivateRegistryAccessConfigPtrOutput { + return o.ToClusterNodePoolDefaultsNodeConfigDefaultsContainerdConfigPrivateRegistryAccessConfigPtrOutputWithContext(context.Background()) +} + +func (o ClusterNodePoolDefaultsNodeConfigDefaultsContainerdConfigPrivateRegistryAccessConfigOutput) ToClusterNodePoolDefaultsNodeConfigDefaultsContainerdConfigPrivateRegistryAccessConfigPtrOutputWithContext(ctx context.Context) ClusterNodePoolDefaultsNodeConfigDefaultsContainerdConfigPrivateRegistryAccessConfigPtrOutput { + return o.ApplyTWithContext(ctx, func(_ context.Context, v ClusterNodePoolDefaultsNodeConfigDefaultsContainerdConfigPrivateRegistryAccessConfig) *ClusterNodePoolDefaultsNodeConfigDefaultsContainerdConfigPrivateRegistryAccessConfig { + return &v + }).(ClusterNodePoolDefaultsNodeConfigDefaultsContainerdConfigPrivateRegistryAccessConfigPtrOutput) +} + +// List of configuration objects for CA and domains. Each object identifies a certificate and its assigned domains. See [how to configure for private container registries](https://cloud.google.com/kubernetes-engine/docs/how-to/access-private-registries-private-certificates) for more detail. Example: +func (o ClusterNodePoolDefaultsNodeConfigDefaultsContainerdConfigPrivateRegistryAccessConfigOutput) CertificateAuthorityDomainConfigs() ClusterNodePoolDefaultsNodeConfigDefaultsContainerdConfigPrivateRegistryAccessConfigCertificateAuthorityDomainConfigArrayOutput { + return o.ApplyT(func(v ClusterNodePoolDefaultsNodeConfigDefaultsContainerdConfigPrivateRegistryAccessConfig) []ClusterNodePoolDefaultsNodeConfigDefaultsContainerdConfigPrivateRegistryAccessConfigCertificateAuthorityDomainConfig { + return v.CertificateAuthorityDomainConfigs + }).(ClusterNodePoolDefaultsNodeConfigDefaultsContainerdConfigPrivateRegistryAccessConfigCertificateAuthorityDomainConfigArrayOutput) +} + +// Enables private registry config. If set to false, all other fields in this object must not be set. +func (o ClusterNodePoolDefaultsNodeConfigDefaultsContainerdConfigPrivateRegistryAccessConfigOutput) Enabled() pulumi.BoolOutput { + return o.ApplyT(func(v ClusterNodePoolDefaultsNodeConfigDefaultsContainerdConfigPrivateRegistryAccessConfig) bool { + return v.Enabled + }).(pulumi.BoolOutput) +} + +type ClusterNodePoolDefaultsNodeConfigDefaultsContainerdConfigPrivateRegistryAccessConfigPtrOutput struct{ *pulumi.OutputState } + +func (ClusterNodePoolDefaultsNodeConfigDefaultsContainerdConfigPrivateRegistryAccessConfigPtrOutput) ElementType() reflect.Type { + return reflect.TypeOf((**ClusterNodePoolDefaultsNodeConfigDefaultsContainerdConfigPrivateRegistryAccessConfig)(nil)).Elem() +} + +func (o ClusterNodePoolDefaultsNodeConfigDefaultsContainerdConfigPrivateRegistryAccessConfigPtrOutput) ToClusterNodePoolDefaultsNodeConfigDefaultsContainerdConfigPrivateRegistryAccessConfigPtrOutput() ClusterNodePoolDefaultsNodeConfigDefaultsContainerdConfigPrivateRegistryAccessConfigPtrOutput { + return o +} + +func (o ClusterNodePoolDefaultsNodeConfigDefaultsContainerdConfigPrivateRegistryAccessConfigPtrOutput) ToClusterNodePoolDefaultsNodeConfigDefaultsContainerdConfigPrivateRegistryAccessConfigPtrOutputWithContext(ctx context.Context) ClusterNodePoolDefaultsNodeConfigDefaultsContainerdConfigPrivateRegistryAccessConfigPtrOutput { + return o +} + +func (o ClusterNodePoolDefaultsNodeConfigDefaultsContainerdConfigPrivateRegistryAccessConfigPtrOutput) Elem() ClusterNodePoolDefaultsNodeConfigDefaultsContainerdConfigPrivateRegistryAccessConfigOutput { + return o.ApplyT(func(v *ClusterNodePoolDefaultsNodeConfigDefaultsContainerdConfigPrivateRegistryAccessConfig) ClusterNodePoolDefaultsNodeConfigDefaultsContainerdConfigPrivateRegistryAccessConfig { + if v != nil { + return *v + } + var ret ClusterNodePoolDefaultsNodeConfigDefaultsContainerdConfigPrivateRegistryAccessConfig + return ret + }).(ClusterNodePoolDefaultsNodeConfigDefaultsContainerdConfigPrivateRegistryAccessConfigOutput) +} + +// List of configuration objects for CA and domains. Each object identifies a certificate and its assigned domains. See [how to configure for private container registries](https://cloud.google.com/kubernetes-engine/docs/how-to/access-private-registries-private-certificates) for more detail. Example: +func (o ClusterNodePoolDefaultsNodeConfigDefaultsContainerdConfigPrivateRegistryAccessConfigPtrOutput) CertificateAuthorityDomainConfigs() ClusterNodePoolDefaultsNodeConfigDefaultsContainerdConfigPrivateRegistryAccessConfigCertificateAuthorityDomainConfigArrayOutput { + return o.ApplyT(func(v *ClusterNodePoolDefaultsNodeConfigDefaultsContainerdConfigPrivateRegistryAccessConfig) []ClusterNodePoolDefaultsNodeConfigDefaultsContainerdConfigPrivateRegistryAccessConfigCertificateAuthorityDomainConfig { + if v == nil { + return nil + } + return v.CertificateAuthorityDomainConfigs + }).(ClusterNodePoolDefaultsNodeConfigDefaultsContainerdConfigPrivateRegistryAccessConfigCertificateAuthorityDomainConfigArrayOutput) +} + +// Enables private registry config. If set to false, all other fields in this object must not be set. +func (o ClusterNodePoolDefaultsNodeConfigDefaultsContainerdConfigPrivateRegistryAccessConfigPtrOutput) Enabled() pulumi.BoolPtrOutput { + return o.ApplyT(func(v *ClusterNodePoolDefaultsNodeConfigDefaultsContainerdConfigPrivateRegistryAccessConfig) *bool { + if v == nil { + return nil + } + return &v.Enabled + }).(pulumi.BoolPtrOutput) +} + +type ClusterNodePoolDefaultsNodeConfigDefaultsContainerdConfigPrivateRegistryAccessConfigCertificateAuthorityDomainConfig struct { + // List of fully-qualified-domain-names. IPv4s and port specification are supported. + Fqdns []string `pulumi:"fqdns"` + // Parameters for configuring a certificate hosted in GCP SecretManager. + GcpSecretManagerCertificateConfig ClusterNodePoolDefaultsNodeConfigDefaultsContainerdConfigPrivateRegistryAccessConfigCertificateAuthorityDomainConfigGcpSecretManagerCertificateConfig `pulumi:"gcpSecretManagerCertificateConfig"` +} + +// ClusterNodePoolDefaultsNodeConfigDefaultsContainerdConfigPrivateRegistryAccessConfigCertificateAuthorityDomainConfigInput is an input type that accepts ClusterNodePoolDefaultsNodeConfigDefaultsContainerdConfigPrivateRegistryAccessConfigCertificateAuthorityDomainConfigArgs and ClusterNodePoolDefaultsNodeConfigDefaultsContainerdConfigPrivateRegistryAccessConfigCertificateAuthorityDomainConfigOutput values. +// You can construct a concrete instance of `ClusterNodePoolDefaultsNodeConfigDefaultsContainerdConfigPrivateRegistryAccessConfigCertificateAuthorityDomainConfigInput` via: +// +// ClusterNodePoolDefaultsNodeConfigDefaultsContainerdConfigPrivateRegistryAccessConfigCertificateAuthorityDomainConfigArgs{...} +type ClusterNodePoolDefaultsNodeConfigDefaultsContainerdConfigPrivateRegistryAccessConfigCertificateAuthorityDomainConfigInput interface { + pulumi.Input + + ToClusterNodePoolDefaultsNodeConfigDefaultsContainerdConfigPrivateRegistryAccessConfigCertificateAuthorityDomainConfigOutput() ClusterNodePoolDefaultsNodeConfigDefaultsContainerdConfigPrivateRegistryAccessConfigCertificateAuthorityDomainConfigOutput + ToClusterNodePoolDefaultsNodeConfigDefaultsContainerdConfigPrivateRegistryAccessConfigCertificateAuthorityDomainConfigOutputWithContext(context.Context) ClusterNodePoolDefaultsNodeConfigDefaultsContainerdConfigPrivateRegistryAccessConfigCertificateAuthorityDomainConfigOutput +} + +type ClusterNodePoolDefaultsNodeConfigDefaultsContainerdConfigPrivateRegistryAccessConfigCertificateAuthorityDomainConfigArgs struct { + // List of fully-qualified-domain-names. IPv4s and port specification are supported. + Fqdns pulumi.StringArrayInput `pulumi:"fqdns"` + // Parameters for configuring a certificate hosted in GCP SecretManager. + GcpSecretManagerCertificateConfig ClusterNodePoolDefaultsNodeConfigDefaultsContainerdConfigPrivateRegistryAccessConfigCertificateAuthorityDomainConfigGcpSecretManagerCertificateConfigInput `pulumi:"gcpSecretManagerCertificateConfig"` +} + +func (ClusterNodePoolDefaultsNodeConfigDefaultsContainerdConfigPrivateRegistryAccessConfigCertificateAuthorityDomainConfigArgs) ElementType() reflect.Type { + return reflect.TypeOf((*ClusterNodePoolDefaultsNodeConfigDefaultsContainerdConfigPrivateRegistryAccessConfigCertificateAuthorityDomainConfig)(nil)).Elem() +} + +func (i ClusterNodePoolDefaultsNodeConfigDefaultsContainerdConfigPrivateRegistryAccessConfigCertificateAuthorityDomainConfigArgs) ToClusterNodePoolDefaultsNodeConfigDefaultsContainerdConfigPrivateRegistryAccessConfigCertificateAuthorityDomainConfigOutput() ClusterNodePoolDefaultsNodeConfigDefaultsContainerdConfigPrivateRegistryAccessConfigCertificateAuthorityDomainConfigOutput { + return i.ToClusterNodePoolDefaultsNodeConfigDefaultsContainerdConfigPrivateRegistryAccessConfigCertificateAuthorityDomainConfigOutputWithContext(context.Background()) +} + +func (i ClusterNodePoolDefaultsNodeConfigDefaultsContainerdConfigPrivateRegistryAccessConfigCertificateAuthorityDomainConfigArgs) ToClusterNodePoolDefaultsNodeConfigDefaultsContainerdConfigPrivateRegistryAccessConfigCertificateAuthorityDomainConfigOutputWithContext(ctx context.Context) ClusterNodePoolDefaultsNodeConfigDefaultsContainerdConfigPrivateRegistryAccessConfigCertificateAuthorityDomainConfigOutput { + return pulumi.ToOutputWithContext(ctx, i).(ClusterNodePoolDefaultsNodeConfigDefaultsContainerdConfigPrivateRegistryAccessConfigCertificateAuthorityDomainConfigOutput) +} + +// ClusterNodePoolDefaultsNodeConfigDefaultsContainerdConfigPrivateRegistryAccessConfigCertificateAuthorityDomainConfigArrayInput is an input type that accepts ClusterNodePoolDefaultsNodeConfigDefaultsContainerdConfigPrivateRegistryAccessConfigCertificateAuthorityDomainConfigArray and ClusterNodePoolDefaultsNodeConfigDefaultsContainerdConfigPrivateRegistryAccessConfigCertificateAuthorityDomainConfigArrayOutput values. +// You can construct a concrete instance of `ClusterNodePoolDefaultsNodeConfigDefaultsContainerdConfigPrivateRegistryAccessConfigCertificateAuthorityDomainConfigArrayInput` via: +// +// ClusterNodePoolDefaultsNodeConfigDefaultsContainerdConfigPrivateRegistryAccessConfigCertificateAuthorityDomainConfigArray{ ClusterNodePoolDefaultsNodeConfigDefaultsContainerdConfigPrivateRegistryAccessConfigCertificateAuthorityDomainConfigArgs{...} } +type ClusterNodePoolDefaultsNodeConfigDefaultsContainerdConfigPrivateRegistryAccessConfigCertificateAuthorityDomainConfigArrayInput interface { + pulumi.Input + + ToClusterNodePoolDefaultsNodeConfigDefaultsContainerdConfigPrivateRegistryAccessConfigCertificateAuthorityDomainConfigArrayOutput() ClusterNodePoolDefaultsNodeConfigDefaultsContainerdConfigPrivateRegistryAccessConfigCertificateAuthorityDomainConfigArrayOutput + ToClusterNodePoolDefaultsNodeConfigDefaultsContainerdConfigPrivateRegistryAccessConfigCertificateAuthorityDomainConfigArrayOutputWithContext(context.Context) ClusterNodePoolDefaultsNodeConfigDefaultsContainerdConfigPrivateRegistryAccessConfigCertificateAuthorityDomainConfigArrayOutput +} + +type ClusterNodePoolDefaultsNodeConfigDefaultsContainerdConfigPrivateRegistryAccessConfigCertificateAuthorityDomainConfigArray []ClusterNodePoolDefaultsNodeConfigDefaultsContainerdConfigPrivateRegistryAccessConfigCertificateAuthorityDomainConfigInput + +func (ClusterNodePoolDefaultsNodeConfigDefaultsContainerdConfigPrivateRegistryAccessConfigCertificateAuthorityDomainConfigArray) ElementType() reflect.Type { + return reflect.TypeOf((*[]ClusterNodePoolDefaultsNodeConfigDefaultsContainerdConfigPrivateRegistryAccessConfigCertificateAuthorityDomainConfig)(nil)).Elem() +} + +func (i ClusterNodePoolDefaultsNodeConfigDefaultsContainerdConfigPrivateRegistryAccessConfigCertificateAuthorityDomainConfigArray) ToClusterNodePoolDefaultsNodeConfigDefaultsContainerdConfigPrivateRegistryAccessConfigCertificateAuthorityDomainConfigArrayOutput() ClusterNodePoolDefaultsNodeConfigDefaultsContainerdConfigPrivateRegistryAccessConfigCertificateAuthorityDomainConfigArrayOutput { + return i.ToClusterNodePoolDefaultsNodeConfigDefaultsContainerdConfigPrivateRegistryAccessConfigCertificateAuthorityDomainConfigArrayOutputWithContext(context.Background()) +} + +func (i ClusterNodePoolDefaultsNodeConfigDefaultsContainerdConfigPrivateRegistryAccessConfigCertificateAuthorityDomainConfigArray) ToClusterNodePoolDefaultsNodeConfigDefaultsContainerdConfigPrivateRegistryAccessConfigCertificateAuthorityDomainConfigArrayOutputWithContext(ctx context.Context) ClusterNodePoolDefaultsNodeConfigDefaultsContainerdConfigPrivateRegistryAccessConfigCertificateAuthorityDomainConfigArrayOutput { + return pulumi.ToOutputWithContext(ctx, i).(ClusterNodePoolDefaultsNodeConfigDefaultsContainerdConfigPrivateRegistryAccessConfigCertificateAuthorityDomainConfigArrayOutput) +} + +type ClusterNodePoolDefaultsNodeConfigDefaultsContainerdConfigPrivateRegistryAccessConfigCertificateAuthorityDomainConfigOutput struct{ *pulumi.OutputState } + +func (ClusterNodePoolDefaultsNodeConfigDefaultsContainerdConfigPrivateRegistryAccessConfigCertificateAuthorityDomainConfigOutput) ElementType() reflect.Type { + return reflect.TypeOf((*ClusterNodePoolDefaultsNodeConfigDefaultsContainerdConfigPrivateRegistryAccessConfigCertificateAuthorityDomainConfig)(nil)).Elem() +} + +func (o ClusterNodePoolDefaultsNodeConfigDefaultsContainerdConfigPrivateRegistryAccessConfigCertificateAuthorityDomainConfigOutput) ToClusterNodePoolDefaultsNodeConfigDefaultsContainerdConfigPrivateRegistryAccessConfigCertificateAuthorityDomainConfigOutput() ClusterNodePoolDefaultsNodeConfigDefaultsContainerdConfigPrivateRegistryAccessConfigCertificateAuthorityDomainConfigOutput { + return o +} + +func (o ClusterNodePoolDefaultsNodeConfigDefaultsContainerdConfigPrivateRegistryAccessConfigCertificateAuthorityDomainConfigOutput) ToClusterNodePoolDefaultsNodeConfigDefaultsContainerdConfigPrivateRegistryAccessConfigCertificateAuthorityDomainConfigOutputWithContext(ctx context.Context) ClusterNodePoolDefaultsNodeConfigDefaultsContainerdConfigPrivateRegistryAccessConfigCertificateAuthorityDomainConfigOutput { + return o +} + +// List of fully-qualified-domain-names. IPv4s and port specification are supported. +func (o ClusterNodePoolDefaultsNodeConfigDefaultsContainerdConfigPrivateRegistryAccessConfigCertificateAuthorityDomainConfigOutput) Fqdns() pulumi.StringArrayOutput { + return o.ApplyT(func(v ClusterNodePoolDefaultsNodeConfigDefaultsContainerdConfigPrivateRegistryAccessConfigCertificateAuthorityDomainConfig) []string { + return v.Fqdns + }).(pulumi.StringArrayOutput) +} + +// Parameters for configuring a certificate hosted in GCP SecretManager. +func (o ClusterNodePoolDefaultsNodeConfigDefaultsContainerdConfigPrivateRegistryAccessConfigCertificateAuthorityDomainConfigOutput) GcpSecretManagerCertificateConfig() ClusterNodePoolDefaultsNodeConfigDefaultsContainerdConfigPrivateRegistryAccessConfigCertificateAuthorityDomainConfigGcpSecretManagerCertificateConfigOutput { + return o.ApplyT(func(v ClusterNodePoolDefaultsNodeConfigDefaultsContainerdConfigPrivateRegistryAccessConfigCertificateAuthorityDomainConfig) ClusterNodePoolDefaultsNodeConfigDefaultsContainerdConfigPrivateRegistryAccessConfigCertificateAuthorityDomainConfigGcpSecretManagerCertificateConfig { + return v.GcpSecretManagerCertificateConfig + }).(ClusterNodePoolDefaultsNodeConfigDefaultsContainerdConfigPrivateRegistryAccessConfigCertificateAuthorityDomainConfigGcpSecretManagerCertificateConfigOutput) +} + +type ClusterNodePoolDefaultsNodeConfigDefaultsContainerdConfigPrivateRegistryAccessConfigCertificateAuthorityDomainConfigArrayOutput struct{ *pulumi.OutputState } + +func (ClusterNodePoolDefaultsNodeConfigDefaultsContainerdConfigPrivateRegistryAccessConfigCertificateAuthorityDomainConfigArrayOutput) ElementType() reflect.Type { + return reflect.TypeOf((*[]ClusterNodePoolDefaultsNodeConfigDefaultsContainerdConfigPrivateRegistryAccessConfigCertificateAuthorityDomainConfig)(nil)).Elem() +} + +func (o ClusterNodePoolDefaultsNodeConfigDefaultsContainerdConfigPrivateRegistryAccessConfigCertificateAuthorityDomainConfigArrayOutput) ToClusterNodePoolDefaultsNodeConfigDefaultsContainerdConfigPrivateRegistryAccessConfigCertificateAuthorityDomainConfigArrayOutput() ClusterNodePoolDefaultsNodeConfigDefaultsContainerdConfigPrivateRegistryAccessConfigCertificateAuthorityDomainConfigArrayOutput { + return o +} + +func (o ClusterNodePoolDefaultsNodeConfigDefaultsContainerdConfigPrivateRegistryAccessConfigCertificateAuthorityDomainConfigArrayOutput) ToClusterNodePoolDefaultsNodeConfigDefaultsContainerdConfigPrivateRegistryAccessConfigCertificateAuthorityDomainConfigArrayOutputWithContext(ctx context.Context) ClusterNodePoolDefaultsNodeConfigDefaultsContainerdConfigPrivateRegistryAccessConfigCertificateAuthorityDomainConfigArrayOutput { + return o +} + +func (o ClusterNodePoolDefaultsNodeConfigDefaultsContainerdConfigPrivateRegistryAccessConfigCertificateAuthorityDomainConfigArrayOutput) Index(i pulumi.IntInput) ClusterNodePoolDefaultsNodeConfigDefaultsContainerdConfigPrivateRegistryAccessConfigCertificateAuthorityDomainConfigOutput { + return pulumi.All(o, i).ApplyT(func(vs []interface{}) ClusterNodePoolDefaultsNodeConfigDefaultsContainerdConfigPrivateRegistryAccessConfigCertificateAuthorityDomainConfig { + return vs[0].([]ClusterNodePoolDefaultsNodeConfigDefaultsContainerdConfigPrivateRegistryAccessConfigCertificateAuthorityDomainConfig)[vs[1].(int)] + }).(ClusterNodePoolDefaultsNodeConfigDefaultsContainerdConfigPrivateRegistryAccessConfigCertificateAuthorityDomainConfigOutput) +} + +type ClusterNodePoolDefaultsNodeConfigDefaultsContainerdConfigPrivateRegistryAccessConfigCertificateAuthorityDomainConfigGcpSecretManagerCertificateConfig struct { + // URI for the secret that hosts a certificate. Must be in the format 'projects/PROJECT_NUM/secrets/SECRET_NAME/versions/VERSION_OR_LATEST'. + SecretUri string `pulumi:"secretUri"` +} + +// ClusterNodePoolDefaultsNodeConfigDefaultsContainerdConfigPrivateRegistryAccessConfigCertificateAuthorityDomainConfigGcpSecretManagerCertificateConfigInput is an input type that accepts ClusterNodePoolDefaultsNodeConfigDefaultsContainerdConfigPrivateRegistryAccessConfigCertificateAuthorityDomainConfigGcpSecretManagerCertificateConfigArgs and ClusterNodePoolDefaultsNodeConfigDefaultsContainerdConfigPrivateRegistryAccessConfigCertificateAuthorityDomainConfigGcpSecretManagerCertificateConfigOutput values. +// You can construct a concrete instance of `ClusterNodePoolDefaultsNodeConfigDefaultsContainerdConfigPrivateRegistryAccessConfigCertificateAuthorityDomainConfigGcpSecretManagerCertificateConfigInput` via: +// +// ClusterNodePoolDefaultsNodeConfigDefaultsContainerdConfigPrivateRegistryAccessConfigCertificateAuthorityDomainConfigGcpSecretManagerCertificateConfigArgs{...} +type ClusterNodePoolDefaultsNodeConfigDefaultsContainerdConfigPrivateRegistryAccessConfigCertificateAuthorityDomainConfigGcpSecretManagerCertificateConfigInput interface { + pulumi.Input + + ToClusterNodePoolDefaultsNodeConfigDefaultsContainerdConfigPrivateRegistryAccessConfigCertificateAuthorityDomainConfigGcpSecretManagerCertificateConfigOutput() ClusterNodePoolDefaultsNodeConfigDefaultsContainerdConfigPrivateRegistryAccessConfigCertificateAuthorityDomainConfigGcpSecretManagerCertificateConfigOutput + ToClusterNodePoolDefaultsNodeConfigDefaultsContainerdConfigPrivateRegistryAccessConfigCertificateAuthorityDomainConfigGcpSecretManagerCertificateConfigOutputWithContext(context.Context) ClusterNodePoolDefaultsNodeConfigDefaultsContainerdConfigPrivateRegistryAccessConfigCertificateAuthorityDomainConfigGcpSecretManagerCertificateConfigOutput +} + +type ClusterNodePoolDefaultsNodeConfigDefaultsContainerdConfigPrivateRegistryAccessConfigCertificateAuthorityDomainConfigGcpSecretManagerCertificateConfigArgs struct { + // URI for the secret that hosts a certificate. Must be in the format 'projects/PROJECT_NUM/secrets/SECRET_NAME/versions/VERSION_OR_LATEST'. + SecretUri pulumi.StringInput `pulumi:"secretUri"` +} + +func (ClusterNodePoolDefaultsNodeConfigDefaultsContainerdConfigPrivateRegistryAccessConfigCertificateAuthorityDomainConfigGcpSecretManagerCertificateConfigArgs) ElementType() reflect.Type { + return reflect.TypeOf((*ClusterNodePoolDefaultsNodeConfigDefaultsContainerdConfigPrivateRegistryAccessConfigCertificateAuthorityDomainConfigGcpSecretManagerCertificateConfig)(nil)).Elem() +} + +func (i ClusterNodePoolDefaultsNodeConfigDefaultsContainerdConfigPrivateRegistryAccessConfigCertificateAuthorityDomainConfigGcpSecretManagerCertificateConfigArgs) ToClusterNodePoolDefaultsNodeConfigDefaultsContainerdConfigPrivateRegistryAccessConfigCertificateAuthorityDomainConfigGcpSecretManagerCertificateConfigOutput() ClusterNodePoolDefaultsNodeConfigDefaultsContainerdConfigPrivateRegistryAccessConfigCertificateAuthorityDomainConfigGcpSecretManagerCertificateConfigOutput { + return i.ToClusterNodePoolDefaultsNodeConfigDefaultsContainerdConfigPrivateRegistryAccessConfigCertificateAuthorityDomainConfigGcpSecretManagerCertificateConfigOutputWithContext(context.Background()) +} + +func (i ClusterNodePoolDefaultsNodeConfigDefaultsContainerdConfigPrivateRegistryAccessConfigCertificateAuthorityDomainConfigGcpSecretManagerCertificateConfigArgs) ToClusterNodePoolDefaultsNodeConfigDefaultsContainerdConfigPrivateRegistryAccessConfigCertificateAuthorityDomainConfigGcpSecretManagerCertificateConfigOutputWithContext(ctx context.Context) ClusterNodePoolDefaultsNodeConfigDefaultsContainerdConfigPrivateRegistryAccessConfigCertificateAuthorityDomainConfigGcpSecretManagerCertificateConfigOutput { + return pulumi.ToOutputWithContext(ctx, i).(ClusterNodePoolDefaultsNodeConfigDefaultsContainerdConfigPrivateRegistryAccessConfigCertificateAuthorityDomainConfigGcpSecretManagerCertificateConfigOutput) +} + +type ClusterNodePoolDefaultsNodeConfigDefaultsContainerdConfigPrivateRegistryAccessConfigCertificateAuthorityDomainConfigGcpSecretManagerCertificateConfigOutput struct{ *pulumi.OutputState } + +func (ClusterNodePoolDefaultsNodeConfigDefaultsContainerdConfigPrivateRegistryAccessConfigCertificateAuthorityDomainConfigGcpSecretManagerCertificateConfigOutput) ElementType() reflect.Type { + return reflect.TypeOf((*ClusterNodePoolDefaultsNodeConfigDefaultsContainerdConfigPrivateRegistryAccessConfigCertificateAuthorityDomainConfigGcpSecretManagerCertificateConfig)(nil)).Elem() +} + +func (o ClusterNodePoolDefaultsNodeConfigDefaultsContainerdConfigPrivateRegistryAccessConfigCertificateAuthorityDomainConfigGcpSecretManagerCertificateConfigOutput) ToClusterNodePoolDefaultsNodeConfigDefaultsContainerdConfigPrivateRegistryAccessConfigCertificateAuthorityDomainConfigGcpSecretManagerCertificateConfigOutput() ClusterNodePoolDefaultsNodeConfigDefaultsContainerdConfigPrivateRegistryAccessConfigCertificateAuthorityDomainConfigGcpSecretManagerCertificateConfigOutput { + return o +} + +func (o ClusterNodePoolDefaultsNodeConfigDefaultsContainerdConfigPrivateRegistryAccessConfigCertificateAuthorityDomainConfigGcpSecretManagerCertificateConfigOutput) ToClusterNodePoolDefaultsNodeConfigDefaultsContainerdConfigPrivateRegistryAccessConfigCertificateAuthorityDomainConfigGcpSecretManagerCertificateConfigOutputWithContext(ctx context.Context) ClusterNodePoolDefaultsNodeConfigDefaultsContainerdConfigPrivateRegistryAccessConfigCertificateAuthorityDomainConfigGcpSecretManagerCertificateConfigOutput { + return o +} + +// URI for the secret that hosts a certificate. Must be in the format 'projects/PROJECT_NUM/secrets/SECRET_NAME/versions/VERSION_OR_LATEST'. +func (o ClusterNodePoolDefaultsNodeConfigDefaultsContainerdConfigPrivateRegistryAccessConfigCertificateAuthorityDomainConfigGcpSecretManagerCertificateConfigOutput) SecretUri() pulumi.StringOutput { + return o.ApplyT(func(v ClusterNodePoolDefaultsNodeConfigDefaultsContainerdConfigPrivateRegistryAccessConfigCertificateAuthorityDomainConfigGcpSecretManagerCertificateConfig) string { + return v.SecretUri + }).(pulumi.StringOutput) +} + type ClusterNodePoolDefaultsNodeConfigDefaultsGcfsConfig struct { // Whether or not the Google Container Filesystem (GCFS) is enabled Enabled bool `pulumi:"enabled"` @@ -25883,6 +26847,8 @@ type ClusterNodePoolNodeConfig struct { BootDiskKmsKey *string `pulumi:"bootDiskKmsKey"` // Configuration for [Confidential Nodes](https://cloud.google.com/kubernetes-engine/docs/how-to/confidential-gke-nodes) feature. Structure is documented below documented below. ConfidentialNodes *ClusterNodePoolNodeConfigConfidentialNodes `pulumi:"confidentialNodes"` + // Parameters to customize containerd runtime. Structure is documented below. + ContainerdConfig *ClusterNodePoolNodeConfigContainerdConfig `pulumi:"containerdConfig"` // Size of the disk attached to each node, specified // in GB. The smallest allowed disk size is 10GB. Defaults to 100GB. DiskSizeGb *int `pulumi:"diskSizeGb"` @@ -26024,6 +26990,8 @@ type ClusterNodePoolNodeConfigArgs struct { BootDiskKmsKey pulumi.StringPtrInput `pulumi:"bootDiskKmsKey"` // Configuration for [Confidential Nodes](https://cloud.google.com/kubernetes-engine/docs/how-to/confidential-gke-nodes) feature. Structure is documented below documented below. ConfidentialNodes ClusterNodePoolNodeConfigConfidentialNodesPtrInput `pulumi:"confidentialNodes"` + // Parameters to customize containerd runtime. Structure is documented below. + ContainerdConfig ClusterNodePoolNodeConfigContainerdConfigPtrInput `pulumi:"containerdConfig"` // Size of the disk attached to each node, specified // in GB. The smallest allowed disk size is 10GB. Defaults to 100GB. DiskSizeGb pulumi.IntPtrInput `pulumi:"diskSizeGb"` @@ -26243,6 +27211,13 @@ func (o ClusterNodePoolNodeConfigOutput) ConfidentialNodes() ClusterNodePoolNode }).(ClusterNodePoolNodeConfigConfidentialNodesPtrOutput) } +// Parameters to customize containerd runtime. Structure is documented below. +func (o ClusterNodePoolNodeConfigOutput) ContainerdConfig() ClusterNodePoolNodeConfigContainerdConfigPtrOutput { + return o.ApplyT(func(v ClusterNodePoolNodeConfig) *ClusterNodePoolNodeConfigContainerdConfig { + return v.ContainerdConfig + }).(ClusterNodePoolNodeConfigContainerdConfigPtrOutput) +} + // Size of the disk attached to each node, specified // in GB. The smallest allowed disk size is 10GB. Defaults to 100GB. func (o ClusterNodePoolNodeConfigOutput) DiskSizeGb() pulumi.IntPtrOutput { @@ -26546,6 +27521,16 @@ func (o ClusterNodePoolNodeConfigPtrOutput) ConfidentialNodes() ClusterNodePoolN }).(ClusterNodePoolNodeConfigConfidentialNodesPtrOutput) } +// Parameters to customize containerd runtime. Structure is documented below. +func (o ClusterNodePoolNodeConfigPtrOutput) ContainerdConfig() ClusterNodePoolNodeConfigContainerdConfigPtrOutput { + return o.ApplyT(func(v *ClusterNodePoolNodeConfig) *ClusterNodePoolNodeConfigContainerdConfig { + if v == nil { + return nil + } + return v.ContainerdConfig + }).(ClusterNodePoolNodeConfigContainerdConfigPtrOutput) +} + // Size of the disk attached to each node, specified // in GB. The smallest allowed disk size is 10GB. Defaults to 100GB. func (o ClusterNodePoolNodeConfigPtrOutput) DiskSizeGb() pulumi.IntPtrOutput { @@ -27251,6 +28236,467 @@ func (o ClusterNodePoolNodeConfigConfidentialNodesPtrOutput) Enabled() pulumi.Bo }).(pulumi.BoolPtrOutput) } +type ClusterNodePoolNodeConfigContainerdConfig struct { + // Configuration for private container registries. There are two fields in this config: + PrivateRegistryAccessConfig *ClusterNodePoolNodeConfigContainerdConfigPrivateRegistryAccessConfig `pulumi:"privateRegistryAccessConfig"` +} + +// ClusterNodePoolNodeConfigContainerdConfigInput is an input type that accepts ClusterNodePoolNodeConfigContainerdConfigArgs and ClusterNodePoolNodeConfigContainerdConfigOutput values. +// You can construct a concrete instance of `ClusterNodePoolNodeConfigContainerdConfigInput` via: +// +// ClusterNodePoolNodeConfigContainerdConfigArgs{...} +type ClusterNodePoolNodeConfigContainerdConfigInput interface { + pulumi.Input + + ToClusterNodePoolNodeConfigContainerdConfigOutput() ClusterNodePoolNodeConfigContainerdConfigOutput + ToClusterNodePoolNodeConfigContainerdConfigOutputWithContext(context.Context) ClusterNodePoolNodeConfigContainerdConfigOutput +} + +type ClusterNodePoolNodeConfigContainerdConfigArgs struct { + // Configuration for private container registries. There are two fields in this config: + PrivateRegistryAccessConfig ClusterNodePoolNodeConfigContainerdConfigPrivateRegistryAccessConfigPtrInput `pulumi:"privateRegistryAccessConfig"` +} + +func (ClusterNodePoolNodeConfigContainerdConfigArgs) ElementType() reflect.Type { + return reflect.TypeOf((*ClusterNodePoolNodeConfigContainerdConfig)(nil)).Elem() +} + +func (i ClusterNodePoolNodeConfigContainerdConfigArgs) ToClusterNodePoolNodeConfigContainerdConfigOutput() ClusterNodePoolNodeConfigContainerdConfigOutput { + return i.ToClusterNodePoolNodeConfigContainerdConfigOutputWithContext(context.Background()) +} + +func (i ClusterNodePoolNodeConfigContainerdConfigArgs) ToClusterNodePoolNodeConfigContainerdConfigOutputWithContext(ctx context.Context) ClusterNodePoolNodeConfigContainerdConfigOutput { + return pulumi.ToOutputWithContext(ctx, i).(ClusterNodePoolNodeConfigContainerdConfigOutput) +} + +func (i ClusterNodePoolNodeConfigContainerdConfigArgs) ToClusterNodePoolNodeConfigContainerdConfigPtrOutput() ClusterNodePoolNodeConfigContainerdConfigPtrOutput { + return i.ToClusterNodePoolNodeConfigContainerdConfigPtrOutputWithContext(context.Background()) +} + +func (i ClusterNodePoolNodeConfigContainerdConfigArgs) ToClusterNodePoolNodeConfigContainerdConfigPtrOutputWithContext(ctx context.Context) ClusterNodePoolNodeConfigContainerdConfigPtrOutput { + return pulumi.ToOutputWithContext(ctx, i).(ClusterNodePoolNodeConfigContainerdConfigOutput).ToClusterNodePoolNodeConfigContainerdConfigPtrOutputWithContext(ctx) +} + +// ClusterNodePoolNodeConfigContainerdConfigPtrInput is an input type that accepts ClusterNodePoolNodeConfigContainerdConfigArgs, ClusterNodePoolNodeConfigContainerdConfigPtr and ClusterNodePoolNodeConfigContainerdConfigPtrOutput values. +// You can construct a concrete instance of `ClusterNodePoolNodeConfigContainerdConfigPtrInput` via: +// +// ClusterNodePoolNodeConfigContainerdConfigArgs{...} +// +// or: +// +// nil +type ClusterNodePoolNodeConfigContainerdConfigPtrInput interface { + pulumi.Input + + ToClusterNodePoolNodeConfigContainerdConfigPtrOutput() ClusterNodePoolNodeConfigContainerdConfigPtrOutput + ToClusterNodePoolNodeConfigContainerdConfigPtrOutputWithContext(context.Context) ClusterNodePoolNodeConfigContainerdConfigPtrOutput +} + +type clusterNodePoolNodeConfigContainerdConfigPtrType ClusterNodePoolNodeConfigContainerdConfigArgs + +func ClusterNodePoolNodeConfigContainerdConfigPtr(v *ClusterNodePoolNodeConfigContainerdConfigArgs) ClusterNodePoolNodeConfigContainerdConfigPtrInput { + return (*clusterNodePoolNodeConfigContainerdConfigPtrType)(v) +} + +func (*clusterNodePoolNodeConfigContainerdConfigPtrType) ElementType() reflect.Type { + return reflect.TypeOf((**ClusterNodePoolNodeConfigContainerdConfig)(nil)).Elem() +} + +func (i *clusterNodePoolNodeConfigContainerdConfigPtrType) ToClusterNodePoolNodeConfigContainerdConfigPtrOutput() ClusterNodePoolNodeConfigContainerdConfigPtrOutput { + return i.ToClusterNodePoolNodeConfigContainerdConfigPtrOutputWithContext(context.Background()) +} + +func (i *clusterNodePoolNodeConfigContainerdConfigPtrType) ToClusterNodePoolNodeConfigContainerdConfigPtrOutputWithContext(ctx context.Context) ClusterNodePoolNodeConfigContainerdConfigPtrOutput { + return pulumi.ToOutputWithContext(ctx, i).(ClusterNodePoolNodeConfigContainerdConfigPtrOutput) +} + +type ClusterNodePoolNodeConfigContainerdConfigOutput struct{ *pulumi.OutputState } + +func (ClusterNodePoolNodeConfigContainerdConfigOutput) ElementType() reflect.Type { + return reflect.TypeOf((*ClusterNodePoolNodeConfigContainerdConfig)(nil)).Elem() +} + +func (o ClusterNodePoolNodeConfigContainerdConfigOutput) ToClusterNodePoolNodeConfigContainerdConfigOutput() ClusterNodePoolNodeConfigContainerdConfigOutput { + return o +} + +func (o ClusterNodePoolNodeConfigContainerdConfigOutput) ToClusterNodePoolNodeConfigContainerdConfigOutputWithContext(ctx context.Context) ClusterNodePoolNodeConfigContainerdConfigOutput { + return o +} + +func (o ClusterNodePoolNodeConfigContainerdConfigOutput) ToClusterNodePoolNodeConfigContainerdConfigPtrOutput() ClusterNodePoolNodeConfigContainerdConfigPtrOutput { + return o.ToClusterNodePoolNodeConfigContainerdConfigPtrOutputWithContext(context.Background()) +} + +func (o ClusterNodePoolNodeConfigContainerdConfigOutput) ToClusterNodePoolNodeConfigContainerdConfigPtrOutputWithContext(ctx context.Context) ClusterNodePoolNodeConfigContainerdConfigPtrOutput { + return o.ApplyTWithContext(ctx, func(_ context.Context, v ClusterNodePoolNodeConfigContainerdConfig) *ClusterNodePoolNodeConfigContainerdConfig { + return &v + }).(ClusterNodePoolNodeConfigContainerdConfigPtrOutput) +} + +// Configuration for private container registries. There are two fields in this config: +func (o ClusterNodePoolNodeConfigContainerdConfigOutput) PrivateRegistryAccessConfig() ClusterNodePoolNodeConfigContainerdConfigPrivateRegistryAccessConfigPtrOutput { + return o.ApplyT(func(v ClusterNodePoolNodeConfigContainerdConfig) *ClusterNodePoolNodeConfigContainerdConfigPrivateRegistryAccessConfig { + return v.PrivateRegistryAccessConfig + }).(ClusterNodePoolNodeConfigContainerdConfigPrivateRegistryAccessConfigPtrOutput) +} + +type ClusterNodePoolNodeConfigContainerdConfigPtrOutput struct{ *pulumi.OutputState } + +func (ClusterNodePoolNodeConfigContainerdConfigPtrOutput) ElementType() reflect.Type { + return reflect.TypeOf((**ClusterNodePoolNodeConfigContainerdConfig)(nil)).Elem() +} + +func (o ClusterNodePoolNodeConfigContainerdConfigPtrOutput) ToClusterNodePoolNodeConfigContainerdConfigPtrOutput() ClusterNodePoolNodeConfigContainerdConfigPtrOutput { + return o +} + +func (o ClusterNodePoolNodeConfigContainerdConfigPtrOutput) ToClusterNodePoolNodeConfigContainerdConfigPtrOutputWithContext(ctx context.Context) ClusterNodePoolNodeConfigContainerdConfigPtrOutput { + return o +} + +func (o ClusterNodePoolNodeConfigContainerdConfigPtrOutput) Elem() ClusterNodePoolNodeConfigContainerdConfigOutput { + return o.ApplyT(func(v *ClusterNodePoolNodeConfigContainerdConfig) ClusterNodePoolNodeConfigContainerdConfig { + if v != nil { + return *v + } + var ret ClusterNodePoolNodeConfigContainerdConfig + return ret + }).(ClusterNodePoolNodeConfigContainerdConfigOutput) +} + +// Configuration for private container registries. There are two fields in this config: +func (o ClusterNodePoolNodeConfigContainerdConfigPtrOutput) PrivateRegistryAccessConfig() ClusterNodePoolNodeConfigContainerdConfigPrivateRegistryAccessConfigPtrOutput { + return o.ApplyT(func(v *ClusterNodePoolNodeConfigContainerdConfig) *ClusterNodePoolNodeConfigContainerdConfigPrivateRegistryAccessConfig { + if v == nil { + return nil + } + return v.PrivateRegistryAccessConfig + }).(ClusterNodePoolNodeConfigContainerdConfigPrivateRegistryAccessConfigPtrOutput) +} + +type ClusterNodePoolNodeConfigContainerdConfigPrivateRegistryAccessConfig struct { + // List of configuration objects for CA and domains. Each object identifies a certificate and its assigned domains. See [how to configure for private container registries](https://cloud.google.com/kubernetes-engine/docs/how-to/access-private-registries-private-certificates) for more detail. Example: + CertificateAuthorityDomainConfigs []ClusterNodePoolNodeConfigContainerdConfigPrivateRegistryAccessConfigCertificateAuthorityDomainConfig `pulumi:"certificateAuthorityDomainConfigs"` + // Enables private registry config. If set to false, all other fields in this object must not be set. + Enabled bool `pulumi:"enabled"` +} + +// ClusterNodePoolNodeConfigContainerdConfigPrivateRegistryAccessConfigInput is an input type that accepts ClusterNodePoolNodeConfigContainerdConfigPrivateRegistryAccessConfigArgs and ClusterNodePoolNodeConfigContainerdConfigPrivateRegistryAccessConfigOutput values. +// You can construct a concrete instance of `ClusterNodePoolNodeConfigContainerdConfigPrivateRegistryAccessConfigInput` via: +// +// ClusterNodePoolNodeConfigContainerdConfigPrivateRegistryAccessConfigArgs{...} +type ClusterNodePoolNodeConfigContainerdConfigPrivateRegistryAccessConfigInput interface { + pulumi.Input + + ToClusterNodePoolNodeConfigContainerdConfigPrivateRegistryAccessConfigOutput() ClusterNodePoolNodeConfigContainerdConfigPrivateRegistryAccessConfigOutput + ToClusterNodePoolNodeConfigContainerdConfigPrivateRegistryAccessConfigOutputWithContext(context.Context) ClusterNodePoolNodeConfigContainerdConfigPrivateRegistryAccessConfigOutput +} + +type ClusterNodePoolNodeConfigContainerdConfigPrivateRegistryAccessConfigArgs struct { + // List of configuration objects for CA and domains. Each object identifies a certificate and its assigned domains. See [how to configure for private container registries](https://cloud.google.com/kubernetes-engine/docs/how-to/access-private-registries-private-certificates) for more detail. Example: + CertificateAuthorityDomainConfigs ClusterNodePoolNodeConfigContainerdConfigPrivateRegistryAccessConfigCertificateAuthorityDomainConfigArrayInput `pulumi:"certificateAuthorityDomainConfigs"` + // Enables private registry config. If set to false, all other fields in this object must not be set. + Enabled pulumi.BoolInput `pulumi:"enabled"` +} + +func (ClusterNodePoolNodeConfigContainerdConfigPrivateRegistryAccessConfigArgs) ElementType() reflect.Type { + return reflect.TypeOf((*ClusterNodePoolNodeConfigContainerdConfigPrivateRegistryAccessConfig)(nil)).Elem() +} + +func (i ClusterNodePoolNodeConfigContainerdConfigPrivateRegistryAccessConfigArgs) ToClusterNodePoolNodeConfigContainerdConfigPrivateRegistryAccessConfigOutput() ClusterNodePoolNodeConfigContainerdConfigPrivateRegistryAccessConfigOutput { + return i.ToClusterNodePoolNodeConfigContainerdConfigPrivateRegistryAccessConfigOutputWithContext(context.Background()) +} + +func (i ClusterNodePoolNodeConfigContainerdConfigPrivateRegistryAccessConfigArgs) ToClusterNodePoolNodeConfigContainerdConfigPrivateRegistryAccessConfigOutputWithContext(ctx context.Context) ClusterNodePoolNodeConfigContainerdConfigPrivateRegistryAccessConfigOutput { + return pulumi.ToOutputWithContext(ctx, i).(ClusterNodePoolNodeConfigContainerdConfigPrivateRegistryAccessConfigOutput) +} + +func (i ClusterNodePoolNodeConfigContainerdConfigPrivateRegistryAccessConfigArgs) ToClusterNodePoolNodeConfigContainerdConfigPrivateRegistryAccessConfigPtrOutput() ClusterNodePoolNodeConfigContainerdConfigPrivateRegistryAccessConfigPtrOutput { + return i.ToClusterNodePoolNodeConfigContainerdConfigPrivateRegistryAccessConfigPtrOutputWithContext(context.Background()) +} + +func (i ClusterNodePoolNodeConfigContainerdConfigPrivateRegistryAccessConfigArgs) ToClusterNodePoolNodeConfigContainerdConfigPrivateRegistryAccessConfigPtrOutputWithContext(ctx context.Context) ClusterNodePoolNodeConfigContainerdConfigPrivateRegistryAccessConfigPtrOutput { + return pulumi.ToOutputWithContext(ctx, i).(ClusterNodePoolNodeConfigContainerdConfigPrivateRegistryAccessConfigOutput).ToClusterNodePoolNodeConfigContainerdConfigPrivateRegistryAccessConfigPtrOutputWithContext(ctx) +} + +// ClusterNodePoolNodeConfigContainerdConfigPrivateRegistryAccessConfigPtrInput is an input type that accepts ClusterNodePoolNodeConfigContainerdConfigPrivateRegistryAccessConfigArgs, ClusterNodePoolNodeConfigContainerdConfigPrivateRegistryAccessConfigPtr and ClusterNodePoolNodeConfigContainerdConfigPrivateRegistryAccessConfigPtrOutput values. +// You can construct a concrete instance of `ClusterNodePoolNodeConfigContainerdConfigPrivateRegistryAccessConfigPtrInput` via: +// +// ClusterNodePoolNodeConfigContainerdConfigPrivateRegistryAccessConfigArgs{...} +// +// or: +// +// nil +type ClusterNodePoolNodeConfigContainerdConfigPrivateRegistryAccessConfigPtrInput interface { + pulumi.Input + + ToClusterNodePoolNodeConfigContainerdConfigPrivateRegistryAccessConfigPtrOutput() ClusterNodePoolNodeConfigContainerdConfigPrivateRegistryAccessConfigPtrOutput + ToClusterNodePoolNodeConfigContainerdConfigPrivateRegistryAccessConfigPtrOutputWithContext(context.Context) ClusterNodePoolNodeConfigContainerdConfigPrivateRegistryAccessConfigPtrOutput +} + +type clusterNodePoolNodeConfigContainerdConfigPrivateRegistryAccessConfigPtrType ClusterNodePoolNodeConfigContainerdConfigPrivateRegistryAccessConfigArgs + +func ClusterNodePoolNodeConfigContainerdConfigPrivateRegistryAccessConfigPtr(v *ClusterNodePoolNodeConfigContainerdConfigPrivateRegistryAccessConfigArgs) ClusterNodePoolNodeConfigContainerdConfigPrivateRegistryAccessConfigPtrInput { + return (*clusterNodePoolNodeConfigContainerdConfigPrivateRegistryAccessConfigPtrType)(v) +} + +func (*clusterNodePoolNodeConfigContainerdConfigPrivateRegistryAccessConfigPtrType) ElementType() reflect.Type { + return reflect.TypeOf((**ClusterNodePoolNodeConfigContainerdConfigPrivateRegistryAccessConfig)(nil)).Elem() +} + +func (i *clusterNodePoolNodeConfigContainerdConfigPrivateRegistryAccessConfigPtrType) ToClusterNodePoolNodeConfigContainerdConfigPrivateRegistryAccessConfigPtrOutput() ClusterNodePoolNodeConfigContainerdConfigPrivateRegistryAccessConfigPtrOutput { + return i.ToClusterNodePoolNodeConfigContainerdConfigPrivateRegistryAccessConfigPtrOutputWithContext(context.Background()) +} + +func (i *clusterNodePoolNodeConfigContainerdConfigPrivateRegistryAccessConfigPtrType) ToClusterNodePoolNodeConfigContainerdConfigPrivateRegistryAccessConfigPtrOutputWithContext(ctx context.Context) ClusterNodePoolNodeConfigContainerdConfigPrivateRegistryAccessConfigPtrOutput { + return pulumi.ToOutputWithContext(ctx, i).(ClusterNodePoolNodeConfigContainerdConfigPrivateRegistryAccessConfigPtrOutput) +} + +type ClusterNodePoolNodeConfigContainerdConfigPrivateRegistryAccessConfigOutput struct{ *pulumi.OutputState } + +func (ClusterNodePoolNodeConfigContainerdConfigPrivateRegistryAccessConfigOutput) ElementType() reflect.Type { + return reflect.TypeOf((*ClusterNodePoolNodeConfigContainerdConfigPrivateRegistryAccessConfig)(nil)).Elem() +} + +func (o ClusterNodePoolNodeConfigContainerdConfigPrivateRegistryAccessConfigOutput) ToClusterNodePoolNodeConfigContainerdConfigPrivateRegistryAccessConfigOutput() ClusterNodePoolNodeConfigContainerdConfigPrivateRegistryAccessConfigOutput { + return o +} + +func (o ClusterNodePoolNodeConfigContainerdConfigPrivateRegistryAccessConfigOutput) ToClusterNodePoolNodeConfigContainerdConfigPrivateRegistryAccessConfigOutputWithContext(ctx context.Context) ClusterNodePoolNodeConfigContainerdConfigPrivateRegistryAccessConfigOutput { + return o +} + +func (o ClusterNodePoolNodeConfigContainerdConfigPrivateRegistryAccessConfigOutput) ToClusterNodePoolNodeConfigContainerdConfigPrivateRegistryAccessConfigPtrOutput() ClusterNodePoolNodeConfigContainerdConfigPrivateRegistryAccessConfigPtrOutput { + return o.ToClusterNodePoolNodeConfigContainerdConfigPrivateRegistryAccessConfigPtrOutputWithContext(context.Background()) +} + +func (o ClusterNodePoolNodeConfigContainerdConfigPrivateRegistryAccessConfigOutput) ToClusterNodePoolNodeConfigContainerdConfigPrivateRegistryAccessConfigPtrOutputWithContext(ctx context.Context) ClusterNodePoolNodeConfigContainerdConfigPrivateRegistryAccessConfigPtrOutput { + return o.ApplyTWithContext(ctx, func(_ context.Context, v ClusterNodePoolNodeConfigContainerdConfigPrivateRegistryAccessConfig) *ClusterNodePoolNodeConfigContainerdConfigPrivateRegistryAccessConfig { + return &v + }).(ClusterNodePoolNodeConfigContainerdConfigPrivateRegistryAccessConfigPtrOutput) +} + +// List of configuration objects for CA and domains. Each object identifies a certificate and its assigned domains. See [how to configure for private container registries](https://cloud.google.com/kubernetes-engine/docs/how-to/access-private-registries-private-certificates) for more detail. Example: +func (o ClusterNodePoolNodeConfigContainerdConfigPrivateRegistryAccessConfigOutput) CertificateAuthorityDomainConfigs() ClusterNodePoolNodeConfigContainerdConfigPrivateRegistryAccessConfigCertificateAuthorityDomainConfigArrayOutput { + return o.ApplyT(func(v ClusterNodePoolNodeConfigContainerdConfigPrivateRegistryAccessConfig) []ClusterNodePoolNodeConfigContainerdConfigPrivateRegistryAccessConfigCertificateAuthorityDomainConfig { + return v.CertificateAuthorityDomainConfigs + }).(ClusterNodePoolNodeConfigContainerdConfigPrivateRegistryAccessConfigCertificateAuthorityDomainConfigArrayOutput) +} + +// Enables private registry config. If set to false, all other fields in this object must not be set. +func (o ClusterNodePoolNodeConfigContainerdConfigPrivateRegistryAccessConfigOutput) Enabled() pulumi.BoolOutput { + return o.ApplyT(func(v ClusterNodePoolNodeConfigContainerdConfigPrivateRegistryAccessConfig) bool { return v.Enabled }).(pulumi.BoolOutput) +} + +type ClusterNodePoolNodeConfigContainerdConfigPrivateRegistryAccessConfigPtrOutput struct{ *pulumi.OutputState } + +func (ClusterNodePoolNodeConfigContainerdConfigPrivateRegistryAccessConfigPtrOutput) ElementType() reflect.Type { + return reflect.TypeOf((**ClusterNodePoolNodeConfigContainerdConfigPrivateRegistryAccessConfig)(nil)).Elem() +} + +func (o ClusterNodePoolNodeConfigContainerdConfigPrivateRegistryAccessConfigPtrOutput) ToClusterNodePoolNodeConfigContainerdConfigPrivateRegistryAccessConfigPtrOutput() ClusterNodePoolNodeConfigContainerdConfigPrivateRegistryAccessConfigPtrOutput { + return o +} + +func (o ClusterNodePoolNodeConfigContainerdConfigPrivateRegistryAccessConfigPtrOutput) ToClusterNodePoolNodeConfigContainerdConfigPrivateRegistryAccessConfigPtrOutputWithContext(ctx context.Context) ClusterNodePoolNodeConfigContainerdConfigPrivateRegistryAccessConfigPtrOutput { + return o +} + +func (o ClusterNodePoolNodeConfigContainerdConfigPrivateRegistryAccessConfigPtrOutput) Elem() ClusterNodePoolNodeConfigContainerdConfigPrivateRegistryAccessConfigOutput { + return o.ApplyT(func(v *ClusterNodePoolNodeConfigContainerdConfigPrivateRegistryAccessConfig) ClusterNodePoolNodeConfigContainerdConfigPrivateRegistryAccessConfig { + if v != nil { + return *v + } + var ret ClusterNodePoolNodeConfigContainerdConfigPrivateRegistryAccessConfig + return ret + }).(ClusterNodePoolNodeConfigContainerdConfigPrivateRegistryAccessConfigOutput) +} + +// List of configuration objects for CA and domains. Each object identifies a certificate and its assigned domains. See [how to configure for private container registries](https://cloud.google.com/kubernetes-engine/docs/how-to/access-private-registries-private-certificates) for more detail. Example: +func (o ClusterNodePoolNodeConfigContainerdConfigPrivateRegistryAccessConfigPtrOutput) CertificateAuthorityDomainConfigs() ClusterNodePoolNodeConfigContainerdConfigPrivateRegistryAccessConfigCertificateAuthorityDomainConfigArrayOutput { + return o.ApplyT(func(v *ClusterNodePoolNodeConfigContainerdConfigPrivateRegistryAccessConfig) []ClusterNodePoolNodeConfigContainerdConfigPrivateRegistryAccessConfigCertificateAuthorityDomainConfig { + if v == nil { + return nil + } + return v.CertificateAuthorityDomainConfigs + }).(ClusterNodePoolNodeConfigContainerdConfigPrivateRegistryAccessConfigCertificateAuthorityDomainConfigArrayOutput) +} + +// Enables private registry config. If set to false, all other fields in this object must not be set. +func (o ClusterNodePoolNodeConfigContainerdConfigPrivateRegistryAccessConfigPtrOutput) Enabled() pulumi.BoolPtrOutput { + return o.ApplyT(func(v *ClusterNodePoolNodeConfigContainerdConfigPrivateRegistryAccessConfig) *bool { + if v == nil { + return nil + } + return &v.Enabled + }).(pulumi.BoolPtrOutput) +} + +type ClusterNodePoolNodeConfigContainerdConfigPrivateRegistryAccessConfigCertificateAuthorityDomainConfig struct { + // List of fully-qualified-domain-names. IPv4s and port specification are supported. + Fqdns []string `pulumi:"fqdns"` + // Parameters for configuring a certificate hosted in GCP SecretManager. + GcpSecretManagerCertificateConfig ClusterNodePoolNodeConfigContainerdConfigPrivateRegistryAccessConfigCertificateAuthorityDomainConfigGcpSecretManagerCertificateConfig `pulumi:"gcpSecretManagerCertificateConfig"` +} + +// ClusterNodePoolNodeConfigContainerdConfigPrivateRegistryAccessConfigCertificateAuthorityDomainConfigInput is an input type that accepts ClusterNodePoolNodeConfigContainerdConfigPrivateRegistryAccessConfigCertificateAuthorityDomainConfigArgs and ClusterNodePoolNodeConfigContainerdConfigPrivateRegistryAccessConfigCertificateAuthorityDomainConfigOutput values. +// You can construct a concrete instance of `ClusterNodePoolNodeConfigContainerdConfigPrivateRegistryAccessConfigCertificateAuthorityDomainConfigInput` via: +// +// ClusterNodePoolNodeConfigContainerdConfigPrivateRegistryAccessConfigCertificateAuthorityDomainConfigArgs{...} +type ClusterNodePoolNodeConfigContainerdConfigPrivateRegistryAccessConfigCertificateAuthorityDomainConfigInput interface { + pulumi.Input + + ToClusterNodePoolNodeConfigContainerdConfigPrivateRegistryAccessConfigCertificateAuthorityDomainConfigOutput() ClusterNodePoolNodeConfigContainerdConfigPrivateRegistryAccessConfigCertificateAuthorityDomainConfigOutput + ToClusterNodePoolNodeConfigContainerdConfigPrivateRegistryAccessConfigCertificateAuthorityDomainConfigOutputWithContext(context.Context) ClusterNodePoolNodeConfigContainerdConfigPrivateRegistryAccessConfigCertificateAuthorityDomainConfigOutput +} + +type ClusterNodePoolNodeConfigContainerdConfigPrivateRegistryAccessConfigCertificateAuthorityDomainConfigArgs struct { + // List of fully-qualified-domain-names. IPv4s and port specification are supported. + Fqdns pulumi.StringArrayInput `pulumi:"fqdns"` + // Parameters for configuring a certificate hosted in GCP SecretManager. + GcpSecretManagerCertificateConfig ClusterNodePoolNodeConfigContainerdConfigPrivateRegistryAccessConfigCertificateAuthorityDomainConfigGcpSecretManagerCertificateConfigInput `pulumi:"gcpSecretManagerCertificateConfig"` +} + +func (ClusterNodePoolNodeConfigContainerdConfigPrivateRegistryAccessConfigCertificateAuthorityDomainConfigArgs) ElementType() reflect.Type { + return reflect.TypeOf((*ClusterNodePoolNodeConfigContainerdConfigPrivateRegistryAccessConfigCertificateAuthorityDomainConfig)(nil)).Elem() +} + +func (i ClusterNodePoolNodeConfigContainerdConfigPrivateRegistryAccessConfigCertificateAuthorityDomainConfigArgs) ToClusterNodePoolNodeConfigContainerdConfigPrivateRegistryAccessConfigCertificateAuthorityDomainConfigOutput() ClusterNodePoolNodeConfigContainerdConfigPrivateRegistryAccessConfigCertificateAuthorityDomainConfigOutput { + return i.ToClusterNodePoolNodeConfigContainerdConfigPrivateRegistryAccessConfigCertificateAuthorityDomainConfigOutputWithContext(context.Background()) +} + +func (i ClusterNodePoolNodeConfigContainerdConfigPrivateRegistryAccessConfigCertificateAuthorityDomainConfigArgs) ToClusterNodePoolNodeConfigContainerdConfigPrivateRegistryAccessConfigCertificateAuthorityDomainConfigOutputWithContext(ctx context.Context) ClusterNodePoolNodeConfigContainerdConfigPrivateRegistryAccessConfigCertificateAuthorityDomainConfigOutput { + return pulumi.ToOutputWithContext(ctx, i).(ClusterNodePoolNodeConfigContainerdConfigPrivateRegistryAccessConfigCertificateAuthorityDomainConfigOutput) +} + +// ClusterNodePoolNodeConfigContainerdConfigPrivateRegistryAccessConfigCertificateAuthorityDomainConfigArrayInput is an input type that accepts ClusterNodePoolNodeConfigContainerdConfigPrivateRegistryAccessConfigCertificateAuthorityDomainConfigArray and ClusterNodePoolNodeConfigContainerdConfigPrivateRegistryAccessConfigCertificateAuthorityDomainConfigArrayOutput values. +// You can construct a concrete instance of `ClusterNodePoolNodeConfigContainerdConfigPrivateRegistryAccessConfigCertificateAuthorityDomainConfigArrayInput` via: +// +// ClusterNodePoolNodeConfigContainerdConfigPrivateRegistryAccessConfigCertificateAuthorityDomainConfigArray{ ClusterNodePoolNodeConfigContainerdConfigPrivateRegistryAccessConfigCertificateAuthorityDomainConfigArgs{...} } +type ClusterNodePoolNodeConfigContainerdConfigPrivateRegistryAccessConfigCertificateAuthorityDomainConfigArrayInput interface { + pulumi.Input + + ToClusterNodePoolNodeConfigContainerdConfigPrivateRegistryAccessConfigCertificateAuthorityDomainConfigArrayOutput() ClusterNodePoolNodeConfigContainerdConfigPrivateRegistryAccessConfigCertificateAuthorityDomainConfigArrayOutput + ToClusterNodePoolNodeConfigContainerdConfigPrivateRegistryAccessConfigCertificateAuthorityDomainConfigArrayOutputWithContext(context.Context) ClusterNodePoolNodeConfigContainerdConfigPrivateRegistryAccessConfigCertificateAuthorityDomainConfigArrayOutput +} + +type ClusterNodePoolNodeConfigContainerdConfigPrivateRegistryAccessConfigCertificateAuthorityDomainConfigArray []ClusterNodePoolNodeConfigContainerdConfigPrivateRegistryAccessConfigCertificateAuthorityDomainConfigInput + +func (ClusterNodePoolNodeConfigContainerdConfigPrivateRegistryAccessConfigCertificateAuthorityDomainConfigArray) ElementType() reflect.Type { + return reflect.TypeOf((*[]ClusterNodePoolNodeConfigContainerdConfigPrivateRegistryAccessConfigCertificateAuthorityDomainConfig)(nil)).Elem() +} + +func (i ClusterNodePoolNodeConfigContainerdConfigPrivateRegistryAccessConfigCertificateAuthorityDomainConfigArray) ToClusterNodePoolNodeConfigContainerdConfigPrivateRegistryAccessConfigCertificateAuthorityDomainConfigArrayOutput() ClusterNodePoolNodeConfigContainerdConfigPrivateRegistryAccessConfigCertificateAuthorityDomainConfigArrayOutput { + return i.ToClusterNodePoolNodeConfigContainerdConfigPrivateRegistryAccessConfigCertificateAuthorityDomainConfigArrayOutputWithContext(context.Background()) +} + +func (i ClusterNodePoolNodeConfigContainerdConfigPrivateRegistryAccessConfigCertificateAuthorityDomainConfigArray) ToClusterNodePoolNodeConfigContainerdConfigPrivateRegistryAccessConfigCertificateAuthorityDomainConfigArrayOutputWithContext(ctx context.Context) ClusterNodePoolNodeConfigContainerdConfigPrivateRegistryAccessConfigCertificateAuthorityDomainConfigArrayOutput { + return pulumi.ToOutputWithContext(ctx, i).(ClusterNodePoolNodeConfigContainerdConfigPrivateRegistryAccessConfigCertificateAuthorityDomainConfigArrayOutput) +} + +type ClusterNodePoolNodeConfigContainerdConfigPrivateRegistryAccessConfigCertificateAuthorityDomainConfigOutput struct{ *pulumi.OutputState } + +func (ClusterNodePoolNodeConfigContainerdConfigPrivateRegistryAccessConfigCertificateAuthorityDomainConfigOutput) ElementType() reflect.Type { + return reflect.TypeOf((*ClusterNodePoolNodeConfigContainerdConfigPrivateRegistryAccessConfigCertificateAuthorityDomainConfig)(nil)).Elem() +} + +func (o ClusterNodePoolNodeConfigContainerdConfigPrivateRegistryAccessConfigCertificateAuthorityDomainConfigOutput) ToClusterNodePoolNodeConfigContainerdConfigPrivateRegistryAccessConfigCertificateAuthorityDomainConfigOutput() ClusterNodePoolNodeConfigContainerdConfigPrivateRegistryAccessConfigCertificateAuthorityDomainConfigOutput { + return o +} + +func (o ClusterNodePoolNodeConfigContainerdConfigPrivateRegistryAccessConfigCertificateAuthorityDomainConfigOutput) ToClusterNodePoolNodeConfigContainerdConfigPrivateRegistryAccessConfigCertificateAuthorityDomainConfigOutputWithContext(ctx context.Context) ClusterNodePoolNodeConfigContainerdConfigPrivateRegistryAccessConfigCertificateAuthorityDomainConfigOutput { + return o +} + +// List of fully-qualified-domain-names. IPv4s and port specification are supported. +func (o ClusterNodePoolNodeConfigContainerdConfigPrivateRegistryAccessConfigCertificateAuthorityDomainConfigOutput) Fqdns() pulumi.StringArrayOutput { + return o.ApplyT(func(v ClusterNodePoolNodeConfigContainerdConfigPrivateRegistryAccessConfigCertificateAuthorityDomainConfig) []string { + return v.Fqdns + }).(pulumi.StringArrayOutput) +} + +// Parameters for configuring a certificate hosted in GCP SecretManager. +func (o ClusterNodePoolNodeConfigContainerdConfigPrivateRegistryAccessConfigCertificateAuthorityDomainConfigOutput) GcpSecretManagerCertificateConfig() ClusterNodePoolNodeConfigContainerdConfigPrivateRegistryAccessConfigCertificateAuthorityDomainConfigGcpSecretManagerCertificateConfigOutput { + return o.ApplyT(func(v ClusterNodePoolNodeConfigContainerdConfigPrivateRegistryAccessConfigCertificateAuthorityDomainConfig) ClusterNodePoolNodeConfigContainerdConfigPrivateRegistryAccessConfigCertificateAuthorityDomainConfigGcpSecretManagerCertificateConfig { + return v.GcpSecretManagerCertificateConfig + }).(ClusterNodePoolNodeConfigContainerdConfigPrivateRegistryAccessConfigCertificateAuthorityDomainConfigGcpSecretManagerCertificateConfigOutput) +} + +type ClusterNodePoolNodeConfigContainerdConfigPrivateRegistryAccessConfigCertificateAuthorityDomainConfigArrayOutput struct{ *pulumi.OutputState } + +func (ClusterNodePoolNodeConfigContainerdConfigPrivateRegistryAccessConfigCertificateAuthorityDomainConfigArrayOutput) ElementType() reflect.Type { + return reflect.TypeOf((*[]ClusterNodePoolNodeConfigContainerdConfigPrivateRegistryAccessConfigCertificateAuthorityDomainConfig)(nil)).Elem() +} + +func (o ClusterNodePoolNodeConfigContainerdConfigPrivateRegistryAccessConfigCertificateAuthorityDomainConfigArrayOutput) ToClusterNodePoolNodeConfigContainerdConfigPrivateRegistryAccessConfigCertificateAuthorityDomainConfigArrayOutput() ClusterNodePoolNodeConfigContainerdConfigPrivateRegistryAccessConfigCertificateAuthorityDomainConfigArrayOutput { + return o +} + +func (o ClusterNodePoolNodeConfigContainerdConfigPrivateRegistryAccessConfigCertificateAuthorityDomainConfigArrayOutput) ToClusterNodePoolNodeConfigContainerdConfigPrivateRegistryAccessConfigCertificateAuthorityDomainConfigArrayOutputWithContext(ctx context.Context) ClusterNodePoolNodeConfigContainerdConfigPrivateRegistryAccessConfigCertificateAuthorityDomainConfigArrayOutput { + return o +} + +func (o ClusterNodePoolNodeConfigContainerdConfigPrivateRegistryAccessConfigCertificateAuthorityDomainConfigArrayOutput) Index(i pulumi.IntInput) ClusterNodePoolNodeConfigContainerdConfigPrivateRegistryAccessConfigCertificateAuthorityDomainConfigOutput { + return pulumi.All(o, i).ApplyT(func(vs []interface{}) ClusterNodePoolNodeConfigContainerdConfigPrivateRegistryAccessConfigCertificateAuthorityDomainConfig { + return vs[0].([]ClusterNodePoolNodeConfigContainerdConfigPrivateRegistryAccessConfigCertificateAuthorityDomainConfig)[vs[1].(int)] + }).(ClusterNodePoolNodeConfigContainerdConfigPrivateRegistryAccessConfigCertificateAuthorityDomainConfigOutput) +} + +type ClusterNodePoolNodeConfigContainerdConfigPrivateRegistryAccessConfigCertificateAuthorityDomainConfigGcpSecretManagerCertificateConfig struct { + // URI for the secret that hosts a certificate. Must be in the format 'projects/PROJECT_NUM/secrets/SECRET_NAME/versions/VERSION_OR_LATEST'. + SecretUri string `pulumi:"secretUri"` +} + +// ClusterNodePoolNodeConfigContainerdConfigPrivateRegistryAccessConfigCertificateAuthorityDomainConfigGcpSecretManagerCertificateConfigInput is an input type that accepts ClusterNodePoolNodeConfigContainerdConfigPrivateRegistryAccessConfigCertificateAuthorityDomainConfigGcpSecretManagerCertificateConfigArgs and ClusterNodePoolNodeConfigContainerdConfigPrivateRegistryAccessConfigCertificateAuthorityDomainConfigGcpSecretManagerCertificateConfigOutput values. +// You can construct a concrete instance of `ClusterNodePoolNodeConfigContainerdConfigPrivateRegistryAccessConfigCertificateAuthorityDomainConfigGcpSecretManagerCertificateConfigInput` via: +// +// ClusterNodePoolNodeConfigContainerdConfigPrivateRegistryAccessConfigCertificateAuthorityDomainConfigGcpSecretManagerCertificateConfigArgs{...} +type ClusterNodePoolNodeConfigContainerdConfigPrivateRegistryAccessConfigCertificateAuthorityDomainConfigGcpSecretManagerCertificateConfigInput interface { + pulumi.Input + + ToClusterNodePoolNodeConfigContainerdConfigPrivateRegistryAccessConfigCertificateAuthorityDomainConfigGcpSecretManagerCertificateConfigOutput() ClusterNodePoolNodeConfigContainerdConfigPrivateRegistryAccessConfigCertificateAuthorityDomainConfigGcpSecretManagerCertificateConfigOutput + ToClusterNodePoolNodeConfigContainerdConfigPrivateRegistryAccessConfigCertificateAuthorityDomainConfigGcpSecretManagerCertificateConfigOutputWithContext(context.Context) ClusterNodePoolNodeConfigContainerdConfigPrivateRegistryAccessConfigCertificateAuthorityDomainConfigGcpSecretManagerCertificateConfigOutput +} + +type ClusterNodePoolNodeConfigContainerdConfigPrivateRegistryAccessConfigCertificateAuthorityDomainConfigGcpSecretManagerCertificateConfigArgs struct { + // URI for the secret that hosts a certificate. Must be in the format 'projects/PROJECT_NUM/secrets/SECRET_NAME/versions/VERSION_OR_LATEST'. + SecretUri pulumi.StringInput `pulumi:"secretUri"` +} + +func (ClusterNodePoolNodeConfigContainerdConfigPrivateRegistryAccessConfigCertificateAuthorityDomainConfigGcpSecretManagerCertificateConfigArgs) ElementType() reflect.Type { + return reflect.TypeOf((*ClusterNodePoolNodeConfigContainerdConfigPrivateRegistryAccessConfigCertificateAuthorityDomainConfigGcpSecretManagerCertificateConfig)(nil)).Elem() +} + +func (i ClusterNodePoolNodeConfigContainerdConfigPrivateRegistryAccessConfigCertificateAuthorityDomainConfigGcpSecretManagerCertificateConfigArgs) ToClusterNodePoolNodeConfigContainerdConfigPrivateRegistryAccessConfigCertificateAuthorityDomainConfigGcpSecretManagerCertificateConfigOutput() ClusterNodePoolNodeConfigContainerdConfigPrivateRegistryAccessConfigCertificateAuthorityDomainConfigGcpSecretManagerCertificateConfigOutput { + return i.ToClusterNodePoolNodeConfigContainerdConfigPrivateRegistryAccessConfigCertificateAuthorityDomainConfigGcpSecretManagerCertificateConfigOutputWithContext(context.Background()) +} + +func (i ClusterNodePoolNodeConfigContainerdConfigPrivateRegistryAccessConfigCertificateAuthorityDomainConfigGcpSecretManagerCertificateConfigArgs) ToClusterNodePoolNodeConfigContainerdConfigPrivateRegistryAccessConfigCertificateAuthorityDomainConfigGcpSecretManagerCertificateConfigOutputWithContext(ctx context.Context) ClusterNodePoolNodeConfigContainerdConfigPrivateRegistryAccessConfigCertificateAuthorityDomainConfigGcpSecretManagerCertificateConfigOutput { + return pulumi.ToOutputWithContext(ctx, i).(ClusterNodePoolNodeConfigContainerdConfigPrivateRegistryAccessConfigCertificateAuthorityDomainConfigGcpSecretManagerCertificateConfigOutput) +} + +type ClusterNodePoolNodeConfigContainerdConfigPrivateRegistryAccessConfigCertificateAuthorityDomainConfigGcpSecretManagerCertificateConfigOutput struct{ *pulumi.OutputState } + +func (ClusterNodePoolNodeConfigContainerdConfigPrivateRegistryAccessConfigCertificateAuthorityDomainConfigGcpSecretManagerCertificateConfigOutput) ElementType() reflect.Type { + return reflect.TypeOf((*ClusterNodePoolNodeConfigContainerdConfigPrivateRegistryAccessConfigCertificateAuthorityDomainConfigGcpSecretManagerCertificateConfig)(nil)).Elem() +} + +func (o ClusterNodePoolNodeConfigContainerdConfigPrivateRegistryAccessConfigCertificateAuthorityDomainConfigGcpSecretManagerCertificateConfigOutput) ToClusterNodePoolNodeConfigContainerdConfigPrivateRegistryAccessConfigCertificateAuthorityDomainConfigGcpSecretManagerCertificateConfigOutput() ClusterNodePoolNodeConfigContainerdConfigPrivateRegistryAccessConfigCertificateAuthorityDomainConfigGcpSecretManagerCertificateConfigOutput { + return o +} + +func (o ClusterNodePoolNodeConfigContainerdConfigPrivateRegistryAccessConfigCertificateAuthorityDomainConfigGcpSecretManagerCertificateConfigOutput) ToClusterNodePoolNodeConfigContainerdConfigPrivateRegistryAccessConfigCertificateAuthorityDomainConfigGcpSecretManagerCertificateConfigOutputWithContext(ctx context.Context) ClusterNodePoolNodeConfigContainerdConfigPrivateRegistryAccessConfigCertificateAuthorityDomainConfigGcpSecretManagerCertificateConfigOutput { + return o +} + +// URI for the secret that hosts a certificate. Must be in the format 'projects/PROJECT_NUM/secrets/SECRET_NAME/versions/VERSION_OR_LATEST'. +func (o ClusterNodePoolNodeConfigContainerdConfigPrivateRegistryAccessConfigCertificateAuthorityDomainConfigGcpSecretManagerCertificateConfigOutput) SecretUri() pulumi.StringOutput { + return o.ApplyT(func(v ClusterNodePoolNodeConfigContainerdConfigPrivateRegistryAccessConfigCertificateAuthorityDomainConfigGcpSecretManagerCertificateConfig) string { + return v.SecretUri + }).(pulumi.StringOutput) +} + type ClusterNodePoolNodeConfigEffectiveTaint struct { // Effect for taint. Effect *string `pulumi:"effect"` @@ -35153,6 +36599,8 @@ type NodePoolNodeConfig struct { BootDiskKmsKey *string `pulumi:"bootDiskKmsKey"` // Configuration for Confidential Nodes feature. Structure is documented below. ConfidentialNodes *NodePoolNodeConfigConfidentialNodes `pulumi:"confidentialNodes"` + // Parameters for containerd configuration. + ContainerdConfig *NodePoolNodeConfigContainerdConfig `pulumi:"containerdConfig"` // Size of the disk attached to each node, specified in GB. The smallest allowed disk size is 10GB. DiskSizeGb *int `pulumi:"diskSizeGb"` // Type of the disk attached to each node. Such as pd-standard, pd-balanced or pd-ssd @@ -35245,6 +36693,8 @@ type NodePoolNodeConfigArgs struct { BootDiskKmsKey pulumi.StringPtrInput `pulumi:"bootDiskKmsKey"` // Configuration for Confidential Nodes feature. Structure is documented below. ConfidentialNodes NodePoolNodeConfigConfidentialNodesPtrInput `pulumi:"confidentialNodes"` + // Parameters for containerd configuration. + ContainerdConfig NodePoolNodeConfigContainerdConfigPtrInput `pulumi:"containerdConfig"` // Size of the disk attached to each node, specified in GB. The smallest allowed disk size is 10GB. DiskSizeGb pulumi.IntPtrInput `pulumi:"diskSizeGb"` // Type of the disk attached to each node. Such as pd-standard, pd-balanced or pd-ssd @@ -35413,6 +36863,11 @@ func (o NodePoolNodeConfigOutput) ConfidentialNodes() NodePoolNodeConfigConfiden return o.ApplyT(func(v NodePoolNodeConfig) *NodePoolNodeConfigConfidentialNodes { return v.ConfidentialNodes }).(NodePoolNodeConfigConfidentialNodesPtrOutput) } +// Parameters for containerd configuration. +func (o NodePoolNodeConfigOutput) ContainerdConfig() NodePoolNodeConfigContainerdConfigPtrOutput { + return o.ApplyT(func(v NodePoolNodeConfig) *NodePoolNodeConfigContainerdConfig { return v.ContainerdConfig }).(NodePoolNodeConfigContainerdConfigPtrOutput) +} + // Size of the disk attached to each node, specified in GB. The smallest allowed disk size is 10GB. func (o NodePoolNodeConfigOutput) DiskSizeGb() pulumi.IntPtrOutput { return o.ApplyT(func(v NodePoolNodeConfig) *int { return v.DiskSizeGb }).(pulumi.IntPtrOutput) @@ -35651,6 +37106,16 @@ func (o NodePoolNodeConfigPtrOutput) ConfidentialNodes() NodePoolNodeConfigConfi }).(NodePoolNodeConfigConfidentialNodesPtrOutput) } +// Parameters for containerd configuration. +func (o NodePoolNodeConfigPtrOutput) ContainerdConfig() NodePoolNodeConfigContainerdConfigPtrOutput { + return o.ApplyT(func(v *NodePoolNodeConfig) *NodePoolNodeConfigContainerdConfig { + if v == nil { + return nil + } + return v.ContainerdConfig + }).(NodePoolNodeConfigContainerdConfigPtrOutput) +} + // Size of the disk attached to each node, specified in GB. The smallest allowed disk size is 10GB. func (o NodePoolNodeConfigPtrOutput) DiskSizeGb() pulumi.IntPtrOutput { return o.ApplyT(func(v *NodePoolNodeConfig) *int { @@ -36308,6 +37773,467 @@ func (o NodePoolNodeConfigConfidentialNodesPtrOutput) Enabled() pulumi.BoolPtrOu }).(pulumi.BoolPtrOutput) } +type NodePoolNodeConfigContainerdConfig struct { + // Parameters for private container registries configuration. + PrivateRegistryAccessConfig *NodePoolNodeConfigContainerdConfigPrivateRegistryAccessConfig `pulumi:"privateRegistryAccessConfig"` +} + +// NodePoolNodeConfigContainerdConfigInput is an input type that accepts NodePoolNodeConfigContainerdConfigArgs and NodePoolNodeConfigContainerdConfigOutput values. +// You can construct a concrete instance of `NodePoolNodeConfigContainerdConfigInput` via: +// +// NodePoolNodeConfigContainerdConfigArgs{...} +type NodePoolNodeConfigContainerdConfigInput interface { + pulumi.Input + + ToNodePoolNodeConfigContainerdConfigOutput() NodePoolNodeConfigContainerdConfigOutput + ToNodePoolNodeConfigContainerdConfigOutputWithContext(context.Context) NodePoolNodeConfigContainerdConfigOutput +} + +type NodePoolNodeConfigContainerdConfigArgs struct { + // Parameters for private container registries configuration. + PrivateRegistryAccessConfig NodePoolNodeConfigContainerdConfigPrivateRegistryAccessConfigPtrInput `pulumi:"privateRegistryAccessConfig"` +} + +func (NodePoolNodeConfigContainerdConfigArgs) ElementType() reflect.Type { + return reflect.TypeOf((*NodePoolNodeConfigContainerdConfig)(nil)).Elem() +} + +func (i NodePoolNodeConfigContainerdConfigArgs) ToNodePoolNodeConfigContainerdConfigOutput() NodePoolNodeConfigContainerdConfigOutput { + return i.ToNodePoolNodeConfigContainerdConfigOutputWithContext(context.Background()) +} + +func (i NodePoolNodeConfigContainerdConfigArgs) ToNodePoolNodeConfigContainerdConfigOutputWithContext(ctx context.Context) NodePoolNodeConfigContainerdConfigOutput { + return pulumi.ToOutputWithContext(ctx, i).(NodePoolNodeConfigContainerdConfigOutput) +} + +func (i NodePoolNodeConfigContainerdConfigArgs) ToNodePoolNodeConfigContainerdConfigPtrOutput() NodePoolNodeConfigContainerdConfigPtrOutput { + return i.ToNodePoolNodeConfigContainerdConfigPtrOutputWithContext(context.Background()) +} + +func (i NodePoolNodeConfigContainerdConfigArgs) ToNodePoolNodeConfigContainerdConfigPtrOutputWithContext(ctx context.Context) NodePoolNodeConfigContainerdConfigPtrOutput { + return pulumi.ToOutputWithContext(ctx, i).(NodePoolNodeConfigContainerdConfigOutput).ToNodePoolNodeConfigContainerdConfigPtrOutputWithContext(ctx) +} + +// NodePoolNodeConfigContainerdConfigPtrInput is an input type that accepts NodePoolNodeConfigContainerdConfigArgs, NodePoolNodeConfigContainerdConfigPtr and NodePoolNodeConfigContainerdConfigPtrOutput values. +// You can construct a concrete instance of `NodePoolNodeConfigContainerdConfigPtrInput` via: +// +// NodePoolNodeConfigContainerdConfigArgs{...} +// +// or: +// +// nil +type NodePoolNodeConfigContainerdConfigPtrInput interface { + pulumi.Input + + ToNodePoolNodeConfigContainerdConfigPtrOutput() NodePoolNodeConfigContainerdConfigPtrOutput + ToNodePoolNodeConfigContainerdConfigPtrOutputWithContext(context.Context) NodePoolNodeConfigContainerdConfigPtrOutput +} + +type nodePoolNodeConfigContainerdConfigPtrType NodePoolNodeConfigContainerdConfigArgs + +func NodePoolNodeConfigContainerdConfigPtr(v *NodePoolNodeConfigContainerdConfigArgs) NodePoolNodeConfigContainerdConfigPtrInput { + return (*nodePoolNodeConfigContainerdConfigPtrType)(v) +} + +func (*nodePoolNodeConfigContainerdConfigPtrType) ElementType() reflect.Type { + return reflect.TypeOf((**NodePoolNodeConfigContainerdConfig)(nil)).Elem() +} + +func (i *nodePoolNodeConfigContainerdConfigPtrType) ToNodePoolNodeConfigContainerdConfigPtrOutput() NodePoolNodeConfigContainerdConfigPtrOutput { + return i.ToNodePoolNodeConfigContainerdConfigPtrOutputWithContext(context.Background()) +} + +func (i *nodePoolNodeConfigContainerdConfigPtrType) ToNodePoolNodeConfigContainerdConfigPtrOutputWithContext(ctx context.Context) NodePoolNodeConfigContainerdConfigPtrOutput { + return pulumi.ToOutputWithContext(ctx, i).(NodePoolNodeConfigContainerdConfigPtrOutput) +} + +type NodePoolNodeConfigContainerdConfigOutput struct{ *pulumi.OutputState } + +func (NodePoolNodeConfigContainerdConfigOutput) ElementType() reflect.Type { + return reflect.TypeOf((*NodePoolNodeConfigContainerdConfig)(nil)).Elem() +} + +func (o NodePoolNodeConfigContainerdConfigOutput) ToNodePoolNodeConfigContainerdConfigOutput() NodePoolNodeConfigContainerdConfigOutput { + return o +} + +func (o NodePoolNodeConfigContainerdConfigOutput) ToNodePoolNodeConfigContainerdConfigOutputWithContext(ctx context.Context) NodePoolNodeConfigContainerdConfigOutput { + return o +} + +func (o NodePoolNodeConfigContainerdConfigOutput) ToNodePoolNodeConfigContainerdConfigPtrOutput() NodePoolNodeConfigContainerdConfigPtrOutput { + return o.ToNodePoolNodeConfigContainerdConfigPtrOutputWithContext(context.Background()) +} + +func (o NodePoolNodeConfigContainerdConfigOutput) ToNodePoolNodeConfigContainerdConfigPtrOutputWithContext(ctx context.Context) NodePoolNodeConfigContainerdConfigPtrOutput { + return o.ApplyTWithContext(ctx, func(_ context.Context, v NodePoolNodeConfigContainerdConfig) *NodePoolNodeConfigContainerdConfig { + return &v + }).(NodePoolNodeConfigContainerdConfigPtrOutput) +} + +// Parameters for private container registries configuration. +func (o NodePoolNodeConfigContainerdConfigOutput) PrivateRegistryAccessConfig() NodePoolNodeConfigContainerdConfigPrivateRegistryAccessConfigPtrOutput { + return o.ApplyT(func(v NodePoolNodeConfigContainerdConfig) *NodePoolNodeConfigContainerdConfigPrivateRegistryAccessConfig { + return v.PrivateRegistryAccessConfig + }).(NodePoolNodeConfigContainerdConfigPrivateRegistryAccessConfigPtrOutput) +} + +type NodePoolNodeConfigContainerdConfigPtrOutput struct{ *pulumi.OutputState } + +func (NodePoolNodeConfigContainerdConfigPtrOutput) ElementType() reflect.Type { + return reflect.TypeOf((**NodePoolNodeConfigContainerdConfig)(nil)).Elem() +} + +func (o NodePoolNodeConfigContainerdConfigPtrOutput) ToNodePoolNodeConfigContainerdConfigPtrOutput() NodePoolNodeConfigContainerdConfigPtrOutput { + return o +} + +func (o NodePoolNodeConfigContainerdConfigPtrOutput) ToNodePoolNodeConfigContainerdConfigPtrOutputWithContext(ctx context.Context) NodePoolNodeConfigContainerdConfigPtrOutput { + return o +} + +func (o NodePoolNodeConfigContainerdConfigPtrOutput) Elem() NodePoolNodeConfigContainerdConfigOutput { + return o.ApplyT(func(v *NodePoolNodeConfigContainerdConfig) NodePoolNodeConfigContainerdConfig { + if v != nil { + return *v + } + var ret NodePoolNodeConfigContainerdConfig + return ret + }).(NodePoolNodeConfigContainerdConfigOutput) +} + +// Parameters for private container registries configuration. +func (o NodePoolNodeConfigContainerdConfigPtrOutput) PrivateRegistryAccessConfig() NodePoolNodeConfigContainerdConfigPrivateRegistryAccessConfigPtrOutput { + return o.ApplyT(func(v *NodePoolNodeConfigContainerdConfig) *NodePoolNodeConfigContainerdConfigPrivateRegistryAccessConfig { + if v == nil { + return nil + } + return v.PrivateRegistryAccessConfig + }).(NodePoolNodeConfigContainerdConfigPrivateRegistryAccessConfigPtrOutput) +} + +type NodePoolNodeConfigContainerdConfigPrivateRegistryAccessConfig struct { + // Parameters for configuring CA certificate and domains. + CertificateAuthorityDomainConfigs []NodePoolNodeConfigContainerdConfigPrivateRegistryAccessConfigCertificateAuthorityDomainConfig `pulumi:"certificateAuthorityDomainConfigs"` + // Whether or not private registries are configured. + Enabled bool `pulumi:"enabled"` +} + +// NodePoolNodeConfigContainerdConfigPrivateRegistryAccessConfigInput is an input type that accepts NodePoolNodeConfigContainerdConfigPrivateRegistryAccessConfigArgs and NodePoolNodeConfigContainerdConfigPrivateRegistryAccessConfigOutput values. +// You can construct a concrete instance of `NodePoolNodeConfigContainerdConfigPrivateRegistryAccessConfigInput` via: +// +// NodePoolNodeConfigContainerdConfigPrivateRegistryAccessConfigArgs{...} +type NodePoolNodeConfigContainerdConfigPrivateRegistryAccessConfigInput interface { + pulumi.Input + + ToNodePoolNodeConfigContainerdConfigPrivateRegistryAccessConfigOutput() NodePoolNodeConfigContainerdConfigPrivateRegistryAccessConfigOutput + ToNodePoolNodeConfigContainerdConfigPrivateRegistryAccessConfigOutputWithContext(context.Context) NodePoolNodeConfigContainerdConfigPrivateRegistryAccessConfigOutput +} + +type NodePoolNodeConfigContainerdConfigPrivateRegistryAccessConfigArgs struct { + // Parameters for configuring CA certificate and domains. + CertificateAuthorityDomainConfigs NodePoolNodeConfigContainerdConfigPrivateRegistryAccessConfigCertificateAuthorityDomainConfigArrayInput `pulumi:"certificateAuthorityDomainConfigs"` + // Whether or not private registries are configured. + Enabled pulumi.BoolInput `pulumi:"enabled"` +} + +func (NodePoolNodeConfigContainerdConfigPrivateRegistryAccessConfigArgs) ElementType() reflect.Type { + return reflect.TypeOf((*NodePoolNodeConfigContainerdConfigPrivateRegistryAccessConfig)(nil)).Elem() +} + +func (i NodePoolNodeConfigContainerdConfigPrivateRegistryAccessConfigArgs) ToNodePoolNodeConfigContainerdConfigPrivateRegistryAccessConfigOutput() NodePoolNodeConfigContainerdConfigPrivateRegistryAccessConfigOutput { + return i.ToNodePoolNodeConfigContainerdConfigPrivateRegistryAccessConfigOutputWithContext(context.Background()) +} + +func (i NodePoolNodeConfigContainerdConfigPrivateRegistryAccessConfigArgs) ToNodePoolNodeConfigContainerdConfigPrivateRegistryAccessConfigOutputWithContext(ctx context.Context) NodePoolNodeConfigContainerdConfigPrivateRegistryAccessConfigOutput { + return pulumi.ToOutputWithContext(ctx, i).(NodePoolNodeConfigContainerdConfigPrivateRegistryAccessConfigOutput) +} + +func (i NodePoolNodeConfigContainerdConfigPrivateRegistryAccessConfigArgs) ToNodePoolNodeConfigContainerdConfigPrivateRegistryAccessConfigPtrOutput() NodePoolNodeConfigContainerdConfigPrivateRegistryAccessConfigPtrOutput { + return i.ToNodePoolNodeConfigContainerdConfigPrivateRegistryAccessConfigPtrOutputWithContext(context.Background()) +} + +func (i NodePoolNodeConfigContainerdConfigPrivateRegistryAccessConfigArgs) ToNodePoolNodeConfigContainerdConfigPrivateRegistryAccessConfigPtrOutputWithContext(ctx context.Context) NodePoolNodeConfigContainerdConfigPrivateRegistryAccessConfigPtrOutput { + return pulumi.ToOutputWithContext(ctx, i).(NodePoolNodeConfigContainerdConfigPrivateRegistryAccessConfigOutput).ToNodePoolNodeConfigContainerdConfigPrivateRegistryAccessConfigPtrOutputWithContext(ctx) +} + +// NodePoolNodeConfigContainerdConfigPrivateRegistryAccessConfigPtrInput is an input type that accepts NodePoolNodeConfigContainerdConfigPrivateRegistryAccessConfigArgs, NodePoolNodeConfigContainerdConfigPrivateRegistryAccessConfigPtr and NodePoolNodeConfigContainerdConfigPrivateRegistryAccessConfigPtrOutput values. +// You can construct a concrete instance of `NodePoolNodeConfigContainerdConfigPrivateRegistryAccessConfigPtrInput` via: +// +// NodePoolNodeConfigContainerdConfigPrivateRegistryAccessConfigArgs{...} +// +// or: +// +// nil +type NodePoolNodeConfigContainerdConfigPrivateRegistryAccessConfigPtrInput interface { + pulumi.Input + + ToNodePoolNodeConfigContainerdConfigPrivateRegistryAccessConfigPtrOutput() NodePoolNodeConfigContainerdConfigPrivateRegistryAccessConfigPtrOutput + ToNodePoolNodeConfigContainerdConfigPrivateRegistryAccessConfigPtrOutputWithContext(context.Context) NodePoolNodeConfigContainerdConfigPrivateRegistryAccessConfigPtrOutput +} + +type nodePoolNodeConfigContainerdConfigPrivateRegistryAccessConfigPtrType NodePoolNodeConfigContainerdConfigPrivateRegistryAccessConfigArgs + +func NodePoolNodeConfigContainerdConfigPrivateRegistryAccessConfigPtr(v *NodePoolNodeConfigContainerdConfigPrivateRegistryAccessConfigArgs) NodePoolNodeConfigContainerdConfigPrivateRegistryAccessConfigPtrInput { + return (*nodePoolNodeConfigContainerdConfigPrivateRegistryAccessConfigPtrType)(v) +} + +func (*nodePoolNodeConfigContainerdConfigPrivateRegistryAccessConfigPtrType) ElementType() reflect.Type { + return reflect.TypeOf((**NodePoolNodeConfigContainerdConfigPrivateRegistryAccessConfig)(nil)).Elem() +} + +func (i *nodePoolNodeConfigContainerdConfigPrivateRegistryAccessConfigPtrType) ToNodePoolNodeConfigContainerdConfigPrivateRegistryAccessConfigPtrOutput() NodePoolNodeConfigContainerdConfigPrivateRegistryAccessConfigPtrOutput { + return i.ToNodePoolNodeConfigContainerdConfigPrivateRegistryAccessConfigPtrOutputWithContext(context.Background()) +} + +func (i *nodePoolNodeConfigContainerdConfigPrivateRegistryAccessConfigPtrType) ToNodePoolNodeConfigContainerdConfigPrivateRegistryAccessConfigPtrOutputWithContext(ctx context.Context) NodePoolNodeConfigContainerdConfigPrivateRegistryAccessConfigPtrOutput { + return pulumi.ToOutputWithContext(ctx, i).(NodePoolNodeConfigContainerdConfigPrivateRegistryAccessConfigPtrOutput) +} + +type NodePoolNodeConfigContainerdConfigPrivateRegistryAccessConfigOutput struct{ *pulumi.OutputState } + +func (NodePoolNodeConfigContainerdConfigPrivateRegistryAccessConfigOutput) ElementType() reflect.Type { + return reflect.TypeOf((*NodePoolNodeConfigContainerdConfigPrivateRegistryAccessConfig)(nil)).Elem() +} + +func (o NodePoolNodeConfigContainerdConfigPrivateRegistryAccessConfigOutput) ToNodePoolNodeConfigContainerdConfigPrivateRegistryAccessConfigOutput() NodePoolNodeConfigContainerdConfigPrivateRegistryAccessConfigOutput { + return o +} + +func (o NodePoolNodeConfigContainerdConfigPrivateRegistryAccessConfigOutput) ToNodePoolNodeConfigContainerdConfigPrivateRegistryAccessConfigOutputWithContext(ctx context.Context) NodePoolNodeConfigContainerdConfigPrivateRegistryAccessConfigOutput { + return o +} + +func (o NodePoolNodeConfigContainerdConfigPrivateRegistryAccessConfigOutput) ToNodePoolNodeConfigContainerdConfigPrivateRegistryAccessConfigPtrOutput() NodePoolNodeConfigContainerdConfigPrivateRegistryAccessConfigPtrOutput { + return o.ToNodePoolNodeConfigContainerdConfigPrivateRegistryAccessConfigPtrOutputWithContext(context.Background()) +} + +func (o NodePoolNodeConfigContainerdConfigPrivateRegistryAccessConfigOutput) ToNodePoolNodeConfigContainerdConfigPrivateRegistryAccessConfigPtrOutputWithContext(ctx context.Context) NodePoolNodeConfigContainerdConfigPrivateRegistryAccessConfigPtrOutput { + return o.ApplyTWithContext(ctx, func(_ context.Context, v NodePoolNodeConfigContainerdConfigPrivateRegistryAccessConfig) *NodePoolNodeConfigContainerdConfigPrivateRegistryAccessConfig { + return &v + }).(NodePoolNodeConfigContainerdConfigPrivateRegistryAccessConfigPtrOutput) +} + +// Parameters for configuring CA certificate and domains. +func (o NodePoolNodeConfigContainerdConfigPrivateRegistryAccessConfigOutput) CertificateAuthorityDomainConfigs() NodePoolNodeConfigContainerdConfigPrivateRegistryAccessConfigCertificateAuthorityDomainConfigArrayOutput { + return o.ApplyT(func(v NodePoolNodeConfigContainerdConfigPrivateRegistryAccessConfig) []NodePoolNodeConfigContainerdConfigPrivateRegistryAccessConfigCertificateAuthorityDomainConfig { + return v.CertificateAuthorityDomainConfigs + }).(NodePoolNodeConfigContainerdConfigPrivateRegistryAccessConfigCertificateAuthorityDomainConfigArrayOutput) +} + +// Whether or not private registries are configured. +func (o NodePoolNodeConfigContainerdConfigPrivateRegistryAccessConfigOutput) Enabled() pulumi.BoolOutput { + return o.ApplyT(func(v NodePoolNodeConfigContainerdConfigPrivateRegistryAccessConfig) bool { return v.Enabled }).(pulumi.BoolOutput) +} + +type NodePoolNodeConfigContainerdConfigPrivateRegistryAccessConfigPtrOutput struct{ *pulumi.OutputState } + +func (NodePoolNodeConfigContainerdConfigPrivateRegistryAccessConfigPtrOutput) ElementType() reflect.Type { + return reflect.TypeOf((**NodePoolNodeConfigContainerdConfigPrivateRegistryAccessConfig)(nil)).Elem() +} + +func (o NodePoolNodeConfigContainerdConfigPrivateRegistryAccessConfigPtrOutput) ToNodePoolNodeConfigContainerdConfigPrivateRegistryAccessConfigPtrOutput() NodePoolNodeConfigContainerdConfigPrivateRegistryAccessConfigPtrOutput { + return o +} + +func (o NodePoolNodeConfigContainerdConfigPrivateRegistryAccessConfigPtrOutput) ToNodePoolNodeConfigContainerdConfigPrivateRegistryAccessConfigPtrOutputWithContext(ctx context.Context) NodePoolNodeConfigContainerdConfigPrivateRegistryAccessConfigPtrOutput { + return o +} + +func (o NodePoolNodeConfigContainerdConfigPrivateRegistryAccessConfigPtrOutput) Elem() NodePoolNodeConfigContainerdConfigPrivateRegistryAccessConfigOutput { + return o.ApplyT(func(v *NodePoolNodeConfigContainerdConfigPrivateRegistryAccessConfig) NodePoolNodeConfigContainerdConfigPrivateRegistryAccessConfig { + if v != nil { + return *v + } + var ret NodePoolNodeConfigContainerdConfigPrivateRegistryAccessConfig + return ret + }).(NodePoolNodeConfigContainerdConfigPrivateRegistryAccessConfigOutput) +} + +// Parameters for configuring CA certificate and domains. +func (o NodePoolNodeConfigContainerdConfigPrivateRegistryAccessConfigPtrOutput) CertificateAuthorityDomainConfigs() NodePoolNodeConfigContainerdConfigPrivateRegistryAccessConfigCertificateAuthorityDomainConfigArrayOutput { + return o.ApplyT(func(v *NodePoolNodeConfigContainerdConfigPrivateRegistryAccessConfig) []NodePoolNodeConfigContainerdConfigPrivateRegistryAccessConfigCertificateAuthorityDomainConfig { + if v == nil { + return nil + } + return v.CertificateAuthorityDomainConfigs + }).(NodePoolNodeConfigContainerdConfigPrivateRegistryAccessConfigCertificateAuthorityDomainConfigArrayOutput) +} + +// Whether or not private registries are configured. +func (o NodePoolNodeConfigContainerdConfigPrivateRegistryAccessConfigPtrOutput) Enabled() pulumi.BoolPtrOutput { + return o.ApplyT(func(v *NodePoolNodeConfigContainerdConfigPrivateRegistryAccessConfig) *bool { + if v == nil { + return nil + } + return &v.Enabled + }).(pulumi.BoolPtrOutput) +} + +type NodePoolNodeConfigContainerdConfigPrivateRegistryAccessConfigCertificateAuthorityDomainConfig struct { + // List of fully-qualified-domain-names. IPv4s and port specification are supported. + Fqdns []string `pulumi:"fqdns"` + // Parameters for configuring a certificate hosted in GCP SecretManager. + GcpSecretManagerCertificateConfig NodePoolNodeConfigContainerdConfigPrivateRegistryAccessConfigCertificateAuthorityDomainConfigGcpSecretManagerCertificateConfig `pulumi:"gcpSecretManagerCertificateConfig"` +} + +// NodePoolNodeConfigContainerdConfigPrivateRegistryAccessConfigCertificateAuthorityDomainConfigInput is an input type that accepts NodePoolNodeConfigContainerdConfigPrivateRegistryAccessConfigCertificateAuthorityDomainConfigArgs and NodePoolNodeConfigContainerdConfigPrivateRegistryAccessConfigCertificateAuthorityDomainConfigOutput values. +// You can construct a concrete instance of `NodePoolNodeConfigContainerdConfigPrivateRegistryAccessConfigCertificateAuthorityDomainConfigInput` via: +// +// NodePoolNodeConfigContainerdConfigPrivateRegistryAccessConfigCertificateAuthorityDomainConfigArgs{...} +type NodePoolNodeConfigContainerdConfigPrivateRegistryAccessConfigCertificateAuthorityDomainConfigInput interface { + pulumi.Input + + ToNodePoolNodeConfigContainerdConfigPrivateRegistryAccessConfigCertificateAuthorityDomainConfigOutput() NodePoolNodeConfigContainerdConfigPrivateRegistryAccessConfigCertificateAuthorityDomainConfigOutput + ToNodePoolNodeConfigContainerdConfigPrivateRegistryAccessConfigCertificateAuthorityDomainConfigOutputWithContext(context.Context) NodePoolNodeConfigContainerdConfigPrivateRegistryAccessConfigCertificateAuthorityDomainConfigOutput +} + +type NodePoolNodeConfigContainerdConfigPrivateRegistryAccessConfigCertificateAuthorityDomainConfigArgs struct { + // List of fully-qualified-domain-names. IPv4s and port specification are supported. + Fqdns pulumi.StringArrayInput `pulumi:"fqdns"` + // Parameters for configuring a certificate hosted in GCP SecretManager. + GcpSecretManagerCertificateConfig NodePoolNodeConfigContainerdConfigPrivateRegistryAccessConfigCertificateAuthorityDomainConfigGcpSecretManagerCertificateConfigInput `pulumi:"gcpSecretManagerCertificateConfig"` +} + +func (NodePoolNodeConfigContainerdConfigPrivateRegistryAccessConfigCertificateAuthorityDomainConfigArgs) ElementType() reflect.Type { + return reflect.TypeOf((*NodePoolNodeConfigContainerdConfigPrivateRegistryAccessConfigCertificateAuthorityDomainConfig)(nil)).Elem() +} + +func (i NodePoolNodeConfigContainerdConfigPrivateRegistryAccessConfigCertificateAuthorityDomainConfigArgs) ToNodePoolNodeConfigContainerdConfigPrivateRegistryAccessConfigCertificateAuthorityDomainConfigOutput() NodePoolNodeConfigContainerdConfigPrivateRegistryAccessConfigCertificateAuthorityDomainConfigOutput { + return i.ToNodePoolNodeConfigContainerdConfigPrivateRegistryAccessConfigCertificateAuthorityDomainConfigOutputWithContext(context.Background()) +} + +func (i NodePoolNodeConfigContainerdConfigPrivateRegistryAccessConfigCertificateAuthorityDomainConfigArgs) ToNodePoolNodeConfigContainerdConfigPrivateRegistryAccessConfigCertificateAuthorityDomainConfigOutputWithContext(ctx context.Context) NodePoolNodeConfigContainerdConfigPrivateRegistryAccessConfigCertificateAuthorityDomainConfigOutput { + return pulumi.ToOutputWithContext(ctx, i).(NodePoolNodeConfigContainerdConfigPrivateRegistryAccessConfigCertificateAuthorityDomainConfigOutput) +} + +// NodePoolNodeConfigContainerdConfigPrivateRegistryAccessConfigCertificateAuthorityDomainConfigArrayInput is an input type that accepts NodePoolNodeConfigContainerdConfigPrivateRegistryAccessConfigCertificateAuthorityDomainConfigArray and NodePoolNodeConfigContainerdConfigPrivateRegistryAccessConfigCertificateAuthorityDomainConfigArrayOutput values. +// You can construct a concrete instance of `NodePoolNodeConfigContainerdConfigPrivateRegistryAccessConfigCertificateAuthorityDomainConfigArrayInput` via: +// +// NodePoolNodeConfigContainerdConfigPrivateRegistryAccessConfigCertificateAuthorityDomainConfigArray{ NodePoolNodeConfigContainerdConfigPrivateRegistryAccessConfigCertificateAuthorityDomainConfigArgs{...} } +type NodePoolNodeConfigContainerdConfigPrivateRegistryAccessConfigCertificateAuthorityDomainConfigArrayInput interface { + pulumi.Input + + ToNodePoolNodeConfigContainerdConfigPrivateRegistryAccessConfigCertificateAuthorityDomainConfigArrayOutput() NodePoolNodeConfigContainerdConfigPrivateRegistryAccessConfigCertificateAuthorityDomainConfigArrayOutput + ToNodePoolNodeConfigContainerdConfigPrivateRegistryAccessConfigCertificateAuthorityDomainConfigArrayOutputWithContext(context.Context) NodePoolNodeConfigContainerdConfigPrivateRegistryAccessConfigCertificateAuthorityDomainConfigArrayOutput +} + +type NodePoolNodeConfigContainerdConfigPrivateRegistryAccessConfigCertificateAuthorityDomainConfigArray []NodePoolNodeConfigContainerdConfigPrivateRegistryAccessConfigCertificateAuthorityDomainConfigInput + +func (NodePoolNodeConfigContainerdConfigPrivateRegistryAccessConfigCertificateAuthorityDomainConfigArray) ElementType() reflect.Type { + return reflect.TypeOf((*[]NodePoolNodeConfigContainerdConfigPrivateRegistryAccessConfigCertificateAuthorityDomainConfig)(nil)).Elem() +} + +func (i NodePoolNodeConfigContainerdConfigPrivateRegistryAccessConfigCertificateAuthorityDomainConfigArray) ToNodePoolNodeConfigContainerdConfigPrivateRegistryAccessConfigCertificateAuthorityDomainConfigArrayOutput() NodePoolNodeConfigContainerdConfigPrivateRegistryAccessConfigCertificateAuthorityDomainConfigArrayOutput { + return i.ToNodePoolNodeConfigContainerdConfigPrivateRegistryAccessConfigCertificateAuthorityDomainConfigArrayOutputWithContext(context.Background()) +} + +func (i NodePoolNodeConfigContainerdConfigPrivateRegistryAccessConfigCertificateAuthorityDomainConfigArray) ToNodePoolNodeConfigContainerdConfigPrivateRegistryAccessConfigCertificateAuthorityDomainConfigArrayOutputWithContext(ctx context.Context) NodePoolNodeConfigContainerdConfigPrivateRegistryAccessConfigCertificateAuthorityDomainConfigArrayOutput { + return pulumi.ToOutputWithContext(ctx, i).(NodePoolNodeConfigContainerdConfigPrivateRegistryAccessConfigCertificateAuthorityDomainConfigArrayOutput) +} + +type NodePoolNodeConfigContainerdConfigPrivateRegistryAccessConfigCertificateAuthorityDomainConfigOutput struct{ *pulumi.OutputState } + +func (NodePoolNodeConfigContainerdConfigPrivateRegistryAccessConfigCertificateAuthorityDomainConfigOutput) ElementType() reflect.Type { + return reflect.TypeOf((*NodePoolNodeConfigContainerdConfigPrivateRegistryAccessConfigCertificateAuthorityDomainConfig)(nil)).Elem() +} + +func (o NodePoolNodeConfigContainerdConfigPrivateRegistryAccessConfigCertificateAuthorityDomainConfigOutput) ToNodePoolNodeConfigContainerdConfigPrivateRegistryAccessConfigCertificateAuthorityDomainConfigOutput() NodePoolNodeConfigContainerdConfigPrivateRegistryAccessConfigCertificateAuthorityDomainConfigOutput { + return o +} + +func (o NodePoolNodeConfigContainerdConfigPrivateRegistryAccessConfigCertificateAuthorityDomainConfigOutput) ToNodePoolNodeConfigContainerdConfigPrivateRegistryAccessConfigCertificateAuthorityDomainConfigOutputWithContext(ctx context.Context) NodePoolNodeConfigContainerdConfigPrivateRegistryAccessConfigCertificateAuthorityDomainConfigOutput { + return o +} + +// List of fully-qualified-domain-names. IPv4s and port specification are supported. +func (o NodePoolNodeConfigContainerdConfigPrivateRegistryAccessConfigCertificateAuthorityDomainConfigOutput) Fqdns() pulumi.StringArrayOutput { + return o.ApplyT(func(v NodePoolNodeConfigContainerdConfigPrivateRegistryAccessConfigCertificateAuthorityDomainConfig) []string { + return v.Fqdns + }).(pulumi.StringArrayOutput) +} + +// Parameters for configuring a certificate hosted in GCP SecretManager. +func (o NodePoolNodeConfigContainerdConfigPrivateRegistryAccessConfigCertificateAuthorityDomainConfigOutput) GcpSecretManagerCertificateConfig() NodePoolNodeConfigContainerdConfigPrivateRegistryAccessConfigCertificateAuthorityDomainConfigGcpSecretManagerCertificateConfigOutput { + return o.ApplyT(func(v NodePoolNodeConfigContainerdConfigPrivateRegistryAccessConfigCertificateAuthorityDomainConfig) NodePoolNodeConfigContainerdConfigPrivateRegistryAccessConfigCertificateAuthorityDomainConfigGcpSecretManagerCertificateConfig { + return v.GcpSecretManagerCertificateConfig + }).(NodePoolNodeConfigContainerdConfigPrivateRegistryAccessConfigCertificateAuthorityDomainConfigGcpSecretManagerCertificateConfigOutput) +} + +type NodePoolNodeConfigContainerdConfigPrivateRegistryAccessConfigCertificateAuthorityDomainConfigArrayOutput struct{ *pulumi.OutputState } + +func (NodePoolNodeConfigContainerdConfigPrivateRegistryAccessConfigCertificateAuthorityDomainConfigArrayOutput) ElementType() reflect.Type { + return reflect.TypeOf((*[]NodePoolNodeConfigContainerdConfigPrivateRegistryAccessConfigCertificateAuthorityDomainConfig)(nil)).Elem() +} + +func (o NodePoolNodeConfigContainerdConfigPrivateRegistryAccessConfigCertificateAuthorityDomainConfigArrayOutput) ToNodePoolNodeConfigContainerdConfigPrivateRegistryAccessConfigCertificateAuthorityDomainConfigArrayOutput() NodePoolNodeConfigContainerdConfigPrivateRegistryAccessConfigCertificateAuthorityDomainConfigArrayOutput { + return o +} + +func (o NodePoolNodeConfigContainerdConfigPrivateRegistryAccessConfigCertificateAuthorityDomainConfigArrayOutput) ToNodePoolNodeConfigContainerdConfigPrivateRegistryAccessConfigCertificateAuthorityDomainConfigArrayOutputWithContext(ctx context.Context) NodePoolNodeConfigContainerdConfigPrivateRegistryAccessConfigCertificateAuthorityDomainConfigArrayOutput { + return o +} + +func (o NodePoolNodeConfigContainerdConfigPrivateRegistryAccessConfigCertificateAuthorityDomainConfigArrayOutput) Index(i pulumi.IntInput) NodePoolNodeConfigContainerdConfigPrivateRegistryAccessConfigCertificateAuthorityDomainConfigOutput { + return pulumi.All(o, i).ApplyT(func(vs []interface{}) NodePoolNodeConfigContainerdConfigPrivateRegistryAccessConfigCertificateAuthorityDomainConfig { + return vs[0].([]NodePoolNodeConfigContainerdConfigPrivateRegistryAccessConfigCertificateAuthorityDomainConfig)[vs[1].(int)] + }).(NodePoolNodeConfigContainerdConfigPrivateRegistryAccessConfigCertificateAuthorityDomainConfigOutput) +} + +type NodePoolNodeConfigContainerdConfigPrivateRegistryAccessConfigCertificateAuthorityDomainConfigGcpSecretManagerCertificateConfig struct { + // URI for the secret that hosts a certificate. Must be in the format 'projects/PROJECT_NUM/secrets/SECRET_NAME/versions/VERSION_OR_LATEST'. + SecretUri string `pulumi:"secretUri"` +} + +// NodePoolNodeConfigContainerdConfigPrivateRegistryAccessConfigCertificateAuthorityDomainConfigGcpSecretManagerCertificateConfigInput is an input type that accepts NodePoolNodeConfigContainerdConfigPrivateRegistryAccessConfigCertificateAuthorityDomainConfigGcpSecretManagerCertificateConfigArgs and NodePoolNodeConfigContainerdConfigPrivateRegistryAccessConfigCertificateAuthorityDomainConfigGcpSecretManagerCertificateConfigOutput values. +// You can construct a concrete instance of `NodePoolNodeConfigContainerdConfigPrivateRegistryAccessConfigCertificateAuthorityDomainConfigGcpSecretManagerCertificateConfigInput` via: +// +// NodePoolNodeConfigContainerdConfigPrivateRegistryAccessConfigCertificateAuthorityDomainConfigGcpSecretManagerCertificateConfigArgs{...} +type NodePoolNodeConfigContainerdConfigPrivateRegistryAccessConfigCertificateAuthorityDomainConfigGcpSecretManagerCertificateConfigInput interface { + pulumi.Input + + ToNodePoolNodeConfigContainerdConfigPrivateRegistryAccessConfigCertificateAuthorityDomainConfigGcpSecretManagerCertificateConfigOutput() NodePoolNodeConfigContainerdConfigPrivateRegistryAccessConfigCertificateAuthorityDomainConfigGcpSecretManagerCertificateConfigOutput + ToNodePoolNodeConfigContainerdConfigPrivateRegistryAccessConfigCertificateAuthorityDomainConfigGcpSecretManagerCertificateConfigOutputWithContext(context.Context) NodePoolNodeConfigContainerdConfigPrivateRegistryAccessConfigCertificateAuthorityDomainConfigGcpSecretManagerCertificateConfigOutput +} + +type NodePoolNodeConfigContainerdConfigPrivateRegistryAccessConfigCertificateAuthorityDomainConfigGcpSecretManagerCertificateConfigArgs struct { + // URI for the secret that hosts a certificate. Must be in the format 'projects/PROJECT_NUM/secrets/SECRET_NAME/versions/VERSION_OR_LATEST'. + SecretUri pulumi.StringInput `pulumi:"secretUri"` +} + +func (NodePoolNodeConfigContainerdConfigPrivateRegistryAccessConfigCertificateAuthorityDomainConfigGcpSecretManagerCertificateConfigArgs) ElementType() reflect.Type { + return reflect.TypeOf((*NodePoolNodeConfigContainerdConfigPrivateRegistryAccessConfigCertificateAuthorityDomainConfigGcpSecretManagerCertificateConfig)(nil)).Elem() +} + +func (i NodePoolNodeConfigContainerdConfigPrivateRegistryAccessConfigCertificateAuthorityDomainConfigGcpSecretManagerCertificateConfigArgs) ToNodePoolNodeConfigContainerdConfigPrivateRegistryAccessConfigCertificateAuthorityDomainConfigGcpSecretManagerCertificateConfigOutput() NodePoolNodeConfigContainerdConfigPrivateRegistryAccessConfigCertificateAuthorityDomainConfigGcpSecretManagerCertificateConfigOutput { + return i.ToNodePoolNodeConfigContainerdConfigPrivateRegistryAccessConfigCertificateAuthorityDomainConfigGcpSecretManagerCertificateConfigOutputWithContext(context.Background()) +} + +func (i NodePoolNodeConfigContainerdConfigPrivateRegistryAccessConfigCertificateAuthorityDomainConfigGcpSecretManagerCertificateConfigArgs) ToNodePoolNodeConfigContainerdConfigPrivateRegistryAccessConfigCertificateAuthorityDomainConfigGcpSecretManagerCertificateConfigOutputWithContext(ctx context.Context) NodePoolNodeConfigContainerdConfigPrivateRegistryAccessConfigCertificateAuthorityDomainConfigGcpSecretManagerCertificateConfigOutput { + return pulumi.ToOutputWithContext(ctx, i).(NodePoolNodeConfigContainerdConfigPrivateRegistryAccessConfigCertificateAuthorityDomainConfigGcpSecretManagerCertificateConfigOutput) +} + +type NodePoolNodeConfigContainerdConfigPrivateRegistryAccessConfigCertificateAuthorityDomainConfigGcpSecretManagerCertificateConfigOutput struct{ *pulumi.OutputState } + +func (NodePoolNodeConfigContainerdConfigPrivateRegistryAccessConfigCertificateAuthorityDomainConfigGcpSecretManagerCertificateConfigOutput) ElementType() reflect.Type { + return reflect.TypeOf((*NodePoolNodeConfigContainerdConfigPrivateRegistryAccessConfigCertificateAuthorityDomainConfigGcpSecretManagerCertificateConfig)(nil)).Elem() +} + +func (o NodePoolNodeConfigContainerdConfigPrivateRegistryAccessConfigCertificateAuthorityDomainConfigGcpSecretManagerCertificateConfigOutput) ToNodePoolNodeConfigContainerdConfigPrivateRegistryAccessConfigCertificateAuthorityDomainConfigGcpSecretManagerCertificateConfigOutput() NodePoolNodeConfigContainerdConfigPrivateRegistryAccessConfigCertificateAuthorityDomainConfigGcpSecretManagerCertificateConfigOutput { + return o +} + +func (o NodePoolNodeConfigContainerdConfigPrivateRegistryAccessConfigCertificateAuthorityDomainConfigGcpSecretManagerCertificateConfigOutput) ToNodePoolNodeConfigContainerdConfigPrivateRegistryAccessConfigCertificateAuthorityDomainConfigGcpSecretManagerCertificateConfigOutputWithContext(ctx context.Context) NodePoolNodeConfigContainerdConfigPrivateRegistryAccessConfigCertificateAuthorityDomainConfigGcpSecretManagerCertificateConfigOutput { + return o +} + +// URI for the secret that hosts a certificate. Must be in the format 'projects/PROJECT_NUM/secrets/SECRET_NAME/versions/VERSION_OR_LATEST'. +func (o NodePoolNodeConfigContainerdConfigPrivateRegistryAccessConfigCertificateAuthorityDomainConfigGcpSecretManagerCertificateConfigOutput) SecretUri() pulumi.StringOutput { + return o.ApplyT(func(v NodePoolNodeConfigContainerdConfigPrivateRegistryAccessConfigCertificateAuthorityDomainConfigGcpSecretManagerCertificateConfig) string { + return v.SecretUri + }).(pulumi.StringOutput) +} + type NodePoolNodeConfigEffectiveTaint struct { // Effect for taint. Effect *string `pulumi:"effect"` @@ -45937,6 +47863,8 @@ type GetClusterNodeConfig struct { BootDiskKmsKey string `pulumi:"bootDiskKmsKey"` // Configuration for the confidential nodes feature, which makes nodes run on confidential VMs. Warning: This configuration can't be changed (or added/removed) after pool creation without deleting and recreating the entire pool. ConfidentialNodes []GetClusterNodeConfigConfidentialNode `pulumi:"confidentialNodes"` + // Parameters for containerd configuration. + ContainerdConfigs []GetClusterNodeConfigContainerdConfig `pulumi:"containerdConfigs"` // Size of the disk attached to each node, specified in GB. The smallest allowed disk size is 10GB. DiskSizeGb int `pulumi:"diskSizeGb"` // Type of the disk attached to each node. Such as pd-standard, pd-balanced or pd-ssd @@ -46029,6 +47957,8 @@ type GetClusterNodeConfigArgs struct { BootDiskKmsKey pulumi.StringInput `pulumi:"bootDiskKmsKey"` // Configuration for the confidential nodes feature, which makes nodes run on confidential VMs. Warning: This configuration can't be changed (or added/removed) after pool creation without deleting and recreating the entire pool. ConfidentialNodes GetClusterNodeConfigConfidentialNodeArrayInput `pulumi:"confidentialNodes"` + // Parameters for containerd configuration. + ContainerdConfigs GetClusterNodeConfigContainerdConfigArrayInput `pulumi:"containerdConfigs"` // Size of the disk attached to each node, specified in GB. The smallest allowed disk size is 10GB. DiskSizeGb pulumi.IntInput `pulumi:"diskSizeGb"` // Type of the disk attached to each node. Such as pd-standard, pd-balanced or pd-ssd @@ -46171,6 +48101,11 @@ func (o GetClusterNodeConfigOutput) ConfidentialNodes() GetClusterNodeConfigConf return o.ApplyT(func(v GetClusterNodeConfig) []GetClusterNodeConfigConfidentialNode { return v.ConfidentialNodes }).(GetClusterNodeConfigConfidentialNodeArrayOutput) } +// Parameters for containerd configuration. +func (o GetClusterNodeConfigOutput) ContainerdConfigs() GetClusterNodeConfigContainerdConfigArrayOutput { + return o.ApplyT(func(v GetClusterNodeConfig) []GetClusterNodeConfigContainerdConfig { return v.ContainerdConfigs }).(GetClusterNodeConfigContainerdConfigArrayOutput) +} + // Size of the disk attached to each node, specified in GB. The smallest allowed disk size is 10GB. func (o GetClusterNodeConfigOutput) DiskSizeGb() pulumi.IntOutput { return o.ApplyT(func(v GetClusterNodeConfig) int { return v.DiskSizeGb }).(pulumi.IntOutput) @@ -46586,6 +48521,422 @@ func (o GetClusterNodeConfigConfidentialNodeArrayOutput) Index(i pulumi.IntInput }).(GetClusterNodeConfigConfidentialNodeOutput) } +type GetClusterNodeConfigContainerdConfig struct { + // Parameters for private container registries configuration. + PrivateRegistryAccessConfigs []GetClusterNodeConfigContainerdConfigPrivateRegistryAccessConfig `pulumi:"privateRegistryAccessConfigs"` +} + +// GetClusterNodeConfigContainerdConfigInput is an input type that accepts GetClusterNodeConfigContainerdConfigArgs and GetClusterNodeConfigContainerdConfigOutput values. +// You can construct a concrete instance of `GetClusterNodeConfigContainerdConfigInput` via: +// +// GetClusterNodeConfigContainerdConfigArgs{...} +type GetClusterNodeConfigContainerdConfigInput interface { + pulumi.Input + + ToGetClusterNodeConfigContainerdConfigOutput() GetClusterNodeConfigContainerdConfigOutput + ToGetClusterNodeConfigContainerdConfigOutputWithContext(context.Context) GetClusterNodeConfigContainerdConfigOutput +} + +type GetClusterNodeConfigContainerdConfigArgs struct { + // Parameters for private container registries configuration. + PrivateRegistryAccessConfigs GetClusterNodeConfigContainerdConfigPrivateRegistryAccessConfigArrayInput `pulumi:"privateRegistryAccessConfigs"` +} + +func (GetClusterNodeConfigContainerdConfigArgs) ElementType() reflect.Type { + return reflect.TypeOf((*GetClusterNodeConfigContainerdConfig)(nil)).Elem() +} + +func (i GetClusterNodeConfigContainerdConfigArgs) ToGetClusterNodeConfigContainerdConfigOutput() GetClusterNodeConfigContainerdConfigOutput { + return i.ToGetClusterNodeConfigContainerdConfigOutputWithContext(context.Background()) +} + +func (i GetClusterNodeConfigContainerdConfigArgs) ToGetClusterNodeConfigContainerdConfigOutputWithContext(ctx context.Context) GetClusterNodeConfigContainerdConfigOutput { + return pulumi.ToOutputWithContext(ctx, i).(GetClusterNodeConfigContainerdConfigOutput) +} + +// GetClusterNodeConfigContainerdConfigArrayInput is an input type that accepts GetClusterNodeConfigContainerdConfigArray and GetClusterNodeConfigContainerdConfigArrayOutput values. +// You can construct a concrete instance of `GetClusterNodeConfigContainerdConfigArrayInput` via: +// +// GetClusterNodeConfigContainerdConfigArray{ GetClusterNodeConfigContainerdConfigArgs{...} } +type GetClusterNodeConfigContainerdConfigArrayInput interface { + pulumi.Input + + ToGetClusterNodeConfigContainerdConfigArrayOutput() GetClusterNodeConfigContainerdConfigArrayOutput + ToGetClusterNodeConfigContainerdConfigArrayOutputWithContext(context.Context) GetClusterNodeConfigContainerdConfigArrayOutput +} + +type GetClusterNodeConfigContainerdConfigArray []GetClusterNodeConfigContainerdConfigInput + +func (GetClusterNodeConfigContainerdConfigArray) ElementType() reflect.Type { + return reflect.TypeOf((*[]GetClusterNodeConfigContainerdConfig)(nil)).Elem() +} + +func (i GetClusterNodeConfigContainerdConfigArray) ToGetClusterNodeConfigContainerdConfigArrayOutput() GetClusterNodeConfigContainerdConfigArrayOutput { + return i.ToGetClusterNodeConfigContainerdConfigArrayOutputWithContext(context.Background()) +} + +func (i GetClusterNodeConfigContainerdConfigArray) ToGetClusterNodeConfigContainerdConfigArrayOutputWithContext(ctx context.Context) GetClusterNodeConfigContainerdConfigArrayOutput { + return pulumi.ToOutputWithContext(ctx, i).(GetClusterNodeConfigContainerdConfigArrayOutput) +} + +type GetClusterNodeConfigContainerdConfigOutput struct{ *pulumi.OutputState } + +func (GetClusterNodeConfigContainerdConfigOutput) ElementType() reflect.Type { + return reflect.TypeOf((*GetClusterNodeConfigContainerdConfig)(nil)).Elem() +} + +func (o GetClusterNodeConfigContainerdConfigOutput) ToGetClusterNodeConfigContainerdConfigOutput() GetClusterNodeConfigContainerdConfigOutput { + return o +} + +func (o GetClusterNodeConfigContainerdConfigOutput) ToGetClusterNodeConfigContainerdConfigOutputWithContext(ctx context.Context) GetClusterNodeConfigContainerdConfigOutput { + return o +} + +// Parameters for private container registries configuration. +func (o GetClusterNodeConfigContainerdConfigOutput) PrivateRegistryAccessConfigs() GetClusterNodeConfigContainerdConfigPrivateRegistryAccessConfigArrayOutput { + return o.ApplyT(func(v GetClusterNodeConfigContainerdConfig) []GetClusterNodeConfigContainerdConfigPrivateRegistryAccessConfig { + return v.PrivateRegistryAccessConfigs + }).(GetClusterNodeConfigContainerdConfigPrivateRegistryAccessConfigArrayOutput) +} + +type GetClusterNodeConfigContainerdConfigArrayOutput struct{ *pulumi.OutputState } + +func (GetClusterNodeConfigContainerdConfigArrayOutput) ElementType() reflect.Type { + return reflect.TypeOf((*[]GetClusterNodeConfigContainerdConfig)(nil)).Elem() +} + +func (o GetClusterNodeConfigContainerdConfigArrayOutput) ToGetClusterNodeConfigContainerdConfigArrayOutput() GetClusterNodeConfigContainerdConfigArrayOutput { + return o +} + +func (o GetClusterNodeConfigContainerdConfigArrayOutput) ToGetClusterNodeConfigContainerdConfigArrayOutputWithContext(ctx context.Context) GetClusterNodeConfigContainerdConfigArrayOutput { + return o +} + +func (o GetClusterNodeConfigContainerdConfigArrayOutput) Index(i pulumi.IntInput) GetClusterNodeConfigContainerdConfigOutput { + return pulumi.All(o, i).ApplyT(func(vs []interface{}) GetClusterNodeConfigContainerdConfig { + return vs[0].([]GetClusterNodeConfigContainerdConfig)[vs[1].(int)] + }).(GetClusterNodeConfigContainerdConfigOutput) +} + +type GetClusterNodeConfigContainerdConfigPrivateRegistryAccessConfig struct { + // Parameters for configuring CA certificate and domains. + CertificateAuthorityDomainConfigs []GetClusterNodeConfigContainerdConfigPrivateRegistryAccessConfigCertificateAuthorityDomainConfig `pulumi:"certificateAuthorityDomainConfigs"` + // Whether or not private registries are configured. + Enabled bool `pulumi:"enabled"` +} + +// GetClusterNodeConfigContainerdConfigPrivateRegistryAccessConfigInput is an input type that accepts GetClusterNodeConfigContainerdConfigPrivateRegistryAccessConfigArgs and GetClusterNodeConfigContainerdConfigPrivateRegistryAccessConfigOutput values. +// You can construct a concrete instance of `GetClusterNodeConfigContainerdConfigPrivateRegistryAccessConfigInput` via: +// +// GetClusterNodeConfigContainerdConfigPrivateRegistryAccessConfigArgs{...} +type GetClusterNodeConfigContainerdConfigPrivateRegistryAccessConfigInput interface { + pulumi.Input + + ToGetClusterNodeConfigContainerdConfigPrivateRegistryAccessConfigOutput() GetClusterNodeConfigContainerdConfigPrivateRegistryAccessConfigOutput + ToGetClusterNodeConfigContainerdConfigPrivateRegistryAccessConfigOutputWithContext(context.Context) GetClusterNodeConfigContainerdConfigPrivateRegistryAccessConfigOutput +} + +type GetClusterNodeConfigContainerdConfigPrivateRegistryAccessConfigArgs struct { + // Parameters for configuring CA certificate and domains. + CertificateAuthorityDomainConfigs GetClusterNodeConfigContainerdConfigPrivateRegistryAccessConfigCertificateAuthorityDomainConfigArrayInput `pulumi:"certificateAuthorityDomainConfigs"` + // Whether or not private registries are configured. + Enabled pulumi.BoolInput `pulumi:"enabled"` +} + +func (GetClusterNodeConfigContainerdConfigPrivateRegistryAccessConfigArgs) ElementType() reflect.Type { + return reflect.TypeOf((*GetClusterNodeConfigContainerdConfigPrivateRegistryAccessConfig)(nil)).Elem() +} + +func (i GetClusterNodeConfigContainerdConfigPrivateRegistryAccessConfigArgs) ToGetClusterNodeConfigContainerdConfigPrivateRegistryAccessConfigOutput() GetClusterNodeConfigContainerdConfigPrivateRegistryAccessConfigOutput { + return i.ToGetClusterNodeConfigContainerdConfigPrivateRegistryAccessConfigOutputWithContext(context.Background()) +} + +func (i GetClusterNodeConfigContainerdConfigPrivateRegistryAccessConfigArgs) ToGetClusterNodeConfigContainerdConfigPrivateRegistryAccessConfigOutputWithContext(ctx context.Context) GetClusterNodeConfigContainerdConfigPrivateRegistryAccessConfigOutput { + return pulumi.ToOutputWithContext(ctx, i).(GetClusterNodeConfigContainerdConfigPrivateRegistryAccessConfigOutput) +} + +// GetClusterNodeConfigContainerdConfigPrivateRegistryAccessConfigArrayInput is an input type that accepts GetClusterNodeConfigContainerdConfigPrivateRegistryAccessConfigArray and GetClusterNodeConfigContainerdConfigPrivateRegistryAccessConfigArrayOutput values. +// You can construct a concrete instance of `GetClusterNodeConfigContainerdConfigPrivateRegistryAccessConfigArrayInput` via: +// +// GetClusterNodeConfigContainerdConfigPrivateRegistryAccessConfigArray{ GetClusterNodeConfigContainerdConfigPrivateRegistryAccessConfigArgs{...} } +type GetClusterNodeConfigContainerdConfigPrivateRegistryAccessConfigArrayInput interface { + pulumi.Input + + ToGetClusterNodeConfigContainerdConfigPrivateRegistryAccessConfigArrayOutput() GetClusterNodeConfigContainerdConfigPrivateRegistryAccessConfigArrayOutput + ToGetClusterNodeConfigContainerdConfigPrivateRegistryAccessConfigArrayOutputWithContext(context.Context) GetClusterNodeConfigContainerdConfigPrivateRegistryAccessConfigArrayOutput +} + +type GetClusterNodeConfigContainerdConfigPrivateRegistryAccessConfigArray []GetClusterNodeConfigContainerdConfigPrivateRegistryAccessConfigInput + +func (GetClusterNodeConfigContainerdConfigPrivateRegistryAccessConfigArray) ElementType() reflect.Type { + return reflect.TypeOf((*[]GetClusterNodeConfigContainerdConfigPrivateRegistryAccessConfig)(nil)).Elem() +} + +func (i GetClusterNodeConfigContainerdConfigPrivateRegistryAccessConfigArray) ToGetClusterNodeConfigContainerdConfigPrivateRegistryAccessConfigArrayOutput() GetClusterNodeConfigContainerdConfigPrivateRegistryAccessConfigArrayOutput { + return i.ToGetClusterNodeConfigContainerdConfigPrivateRegistryAccessConfigArrayOutputWithContext(context.Background()) +} + +func (i GetClusterNodeConfigContainerdConfigPrivateRegistryAccessConfigArray) ToGetClusterNodeConfigContainerdConfigPrivateRegistryAccessConfigArrayOutputWithContext(ctx context.Context) GetClusterNodeConfigContainerdConfigPrivateRegistryAccessConfigArrayOutput { + return pulumi.ToOutputWithContext(ctx, i).(GetClusterNodeConfigContainerdConfigPrivateRegistryAccessConfigArrayOutput) +} + +type GetClusterNodeConfigContainerdConfigPrivateRegistryAccessConfigOutput struct{ *pulumi.OutputState } + +func (GetClusterNodeConfigContainerdConfigPrivateRegistryAccessConfigOutput) ElementType() reflect.Type { + return reflect.TypeOf((*GetClusterNodeConfigContainerdConfigPrivateRegistryAccessConfig)(nil)).Elem() +} + +func (o GetClusterNodeConfigContainerdConfigPrivateRegistryAccessConfigOutput) ToGetClusterNodeConfigContainerdConfigPrivateRegistryAccessConfigOutput() GetClusterNodeConfigContainerdConfigPrivateRegistryAccessConfigOutput { + return o +} + +func (o GetClusterNodeConfigContainerdConfigPrivateRegistryAccessConfigOutput) ToGetClusterNodeConfigContainerdConfigPrivateRegistryAccessConfigOutputWithContext(ctx context.Context) GetClusterNodeConfigContainerdConfigPrivateRegistryAccessConfigOutput { + return o +} + +// Parameters for configuring CA certificate and domains. +func (o GetClusterNodeConfigContainerdConfigPrivateRegistryAccessConfigOutput) CertificateAuthorityDomainConfigs() GetClusterNodeConfigContainerdConfigPrivateRegistryAccessConfigCertificateAuthorityDomainConfigArrayOutput { + return o.ApplyT(func(v GetClusterNodeConfigContainerdConfigPrivateRegistryAccessConfig) []GetClusterNodeConfigContainerdConfigPrivateRegistryAccessConfigCertificateAuthorityDomainConfig { + return v.CertificateAuthorityDomainConfigs + }).(GetClusterNodeConfigContainerdConfigPrivateRegistryAccessConfigCertificateAuthorityDomainConfigArrayOutput) +} + +// Whether or not private registries are configured. +func (o GetClusterNodeConfigContainerdConfigPrivateRegistryAccessConfigOutput) Enabled() pulumi.BoolOutput { + return o.ApplyT(func(v GetClusterNodeConfigContainerdConfigPrivateRegistryAccessConfig) bool { return v.Enabled }).(pulumi.BoolOutput) +} + +type GetClusterNodeConfigContainerdConfigPrivateRegistryAccessConfigArrayOutput struct{ *pulumi.OutputState } + +func (GetClusterNodeConfigContainerdConfigPrivateRegistryAccessConfigArrayOutput) ElementType() reflect.Type { + return reflect.TypeOf((*[]GetClusterNodeConfigContainerdConfigPrivateRegistryAccessConfig)(nil)).Elem() +} + +func (o GetClusterNodeConfigContainerdConfigPrivateRegistryAccessConfigArrayOutput) ToGetClusterNodeConfigContainerdConfigPrivateRegistryAccessConfigArrayOutput() GetClusterNodeConfigContainerdConfigPrivateRegistryAccessConfigArrayOutput { + return o +} + +func (o GetClusterNodeConfigContainerdConfigPrivateRegistryAccessConfigArrayOutput) ToGetClusterNodeConfigContainerdConfigPrivateRegistryAccessConfigArrayOutputWithContext(ctx context.Context) GetClusterNodeConfigContainerdConfigPrivateRegistryAccessConfigArrayOutput { + return o +} + +func (o GetClusterNodeConfigContainerdConfigPrivateRegistryAccessConfigArrayOutput) Index(i pulumi.IntInput) GetClusterNodeConfigContainerdConfigPrivateRegistryAccessConfigOutput { + return pulumi.All(o, i).ApplyT(func(vs []interface{}) GetClusterNodeConfigContainerdConfigPrivateRegistryAccessConfig { + return vs[0].([]GetClusterNodeConfigContainerdConfigPrivateRegistryAccessConfig)[vs[1].(int)] + }).(GetClusterNodeConfigContainerdConfigPrivateRegistryAccessConfigOutput) +} + +type GetClusterNodeConfigContainerdConfigPrivateRegistryAccessConfigCertificateAuthorityDomainConfig struct { + // List of fully-qualified-domain-names. IPv4s and port specification are supported. + Fqdns []string `pulumi:"fqdns"` + // Parameters for configuring a certificate hosted in GCP SecretManager. + GcpSecretManagerCertificateConfigs []GetClusterNodeConfigContainerdConfigPrivateRegistryAccessConfigCertificateAuthorityDomainConfigGcpSecretManagerCertificateConfig `pulumi:"gcpSecretManagerCertificateConfigs"` +} + +// GetClusterNodeConfigContainerdConfigPrivateRegistryAccessConfigCertificateAuthorityDomainConfigInput is an input type that accepts GetClusterNodeConfigContainerdConfigPrivateRegistryAccessConfigCertificateAuthorityDomainConfigArgs and GetClusterNodeConfigContainerdConfigPrivateRegistryAccessConfigCertificateAuthorityDomainConfigOutput values. +// You can construct a concrete instance of `GetClusterNodeConfigContainerdConfigPrivateRegistryAccessConfigCertificateAuthorityDomainConfigInput` via: +// +// GetClusterNodeConfigContainerdConfigPrivateRegistryAccessConfigCertificateAuthorityDomainConfigArgs{...} +type GetClusterNodeConfigContainerdConfigPrivateRegistryAccessConfigCertificateAuthorityDomainConfigInput interface { + pulumi.Input + + ToGetClusterNodeConfigContainerdConfigPrivateRegistryAccessConfigCertificateAuthorityDomainConfigOutput() GetClusterNodeConfigContainerdConfigPrivateRegistryAccessConfigCertificateAuthorityDomainConfigOutput + ToGetClusterNodeConfigContainerdConfigPrivateRegistryAccessConfigCertificateAuthorityDomainConfigOutputWithContext(context.Context) GetClusterNodeConfigContainerdConfigPrivateRegistryAccessConfigCertificateAuthorityDomainConfigOutput +} + +type GetClusterNodeConfigContainerdConfigPrivateRegistryAccessConfigCertificateAuthorityDomainConfigArgs struct { + // List of fully-qualified-domain-names. IPv4s and port specification are supported. + Fqdns pulumi.StringArrayInput `pulumi:"fqdns"` + // Parameters for configuring a certificate hosted in GCP SecretManager. + GcpSecretManagerCertificateConfigs GetClusterNodeConfigContainerdConfigPrivateRegistryAccessConfigCertificateAuthorityDomainConfigGcpSecretManagerCertificateConfigArrayInput `pulumi:"gcpSecretManagerCertificateConfigs"` +} + +func (GetClusterNodeConfigContainerdConfigPrivateRegistryAccessConfigCertificateAuthorityDomainConfigArgs) ElementType() reflect.Type { + return reflect.TypeOf((*GetClusterNodeConfigContainerdConfigPrivateRegistryAccessConfigCertificateAuthorityDomainConfig)(nil)).Elem() +} + +func (i GetClusterNodeConfigContainerdConfigPrivateRegistryAccessConfigCertificateAuthorityDomainConfigArgs) ToGetClusterNodeConfigContainerdConfigPrivateRegistryAccessConfigCertificateAuthorityDomainConfigOutput() GetClusterNodeConfigContainerdConfigPrivateRegistryAccessConfigCertificateAuthorityDomainConfigOutput { + return i.ToGetClusterNodeConfigContainerdConfigPrivateRegistryAccessConfigCertificateAuthorityDomainConfigOutputWithContext(context.Background()) +} + +func (i GetClusterNodeConfigContainerdConfigPrivateRegistryAccessConfigCertificateAuthorityDomainConfigArgs) ToGetClusterNodeConfigContainerdConfigPrivateRegistryAccessConfigCertificateAuthorityDomainConfigOutputWithContext(ctx context.Context) GetClusterNodeConfigContainerdConfigPrivateRegistryAccessConfigCertificateAuthorityDomainConfigOutput { + return pulumi.ToOutputWithContext(ctx, i).(GetClusterNodeConfigContainerdConfigPrivateRegistryAccessConfigCertificateAuthorityDomainConfigOutput) +} + +// GetClusterNodeConfigContainerdConfigPrivateRegistryAccessConfigCertificateAuthorityDomainConfigArrayInput is an input type that accepts GetClusterNodeConfigContainerdConfigPrivateRegistryAccessConfigCertificateAuthorityDomainConfigArray and GetClusterNodeConfigContainerdConfigPrivateRegistryAccessConfigCertificateAuthorityDomainConfigArrayOutput values. +// You can construct a concrete instance of `GetClusterNodeConfigContainerdConfigPrivateRegistryAccessConfigCertificateAuthorityDomainConfigArrayInput` via: +// +// GetClusterNodeConfigContainerdConfigPrivateRegistryAccessConfigCertificateAuthorityDomainConfigArray{ GetClusterNodeConfigContainerdConfigPrivateRegistryAccessConfigCertificateAuthorityDomainConfigArgs{...} } +type GetClusterNodeConfigContainerdConfigPrivateRegistryAccessConfigCertificateAuthorityDomainConfigArrayInput interface { + pulumi.Input + + ToGetClusterNodeConfigContainerdConfigPrivateRegistryAccessConfigCertificateAuthorityDomainConfigArrayOutput() GetClusterNodeConfigContainerdConfigPrivateRegistryAccessConfigCertificateAuthorityDomainConfigArrayOutput + ToGetClusterNodeConfigContainerdConfigPrivateRegistryAccessConfigCertificateAuthorityDomainConfigArrayOutputWithContext(context.Context) GetClusterNodeConfigContainerdConfigPrivateRegistryAccessConfigCertificateAuthorityDomainConfigArrayOutput +} + +type GetClusterNodeConfigContainerdConfigPrivateRegistryAccessConfigCertificateAuthorityDomainConfigArray []GetClusterNodeConfigContainerdConfigPrivateRegistryAccessConfigCertificateAuthorityDomainConfigInput + +func (GetClusterNodeConfigContainerdConfigPrivateRegistryAccessConfigCertificateAuthorityDomainConfigArray) ElementType() reflect.Type { + return reflect.TypeOf((*[]GetClusterNodeConfigContainerdConfigPrivateRegistryAccessConfigCertificateAuthorityDomainConfig)(nil)).Elem() +} + +func (i GetClusterNodeConfigContainerdConfigPrivateRegistryAccessConfigCertificateAuthorityDomainConfigArray) ToGetClusterNodeConfigContainerdConfigPrivateRegistryAccessConfigCertificateAuthorityDomainConfigArrayOutput() GetClusterNodeConfigContainerdConfigPrivateRegistryAccessConfigCertificateAuthorityDomainConfigArrayOutput { + return i.ToGetClusterNodeConfigContainerdConfigPrivateRegistryAccessConfigCertificateAuthorityDomainConfigArrayOutputWithContext(context.Background()) +} + +func (i GetClusterNodeConfigContainerdConfigPrivateRegistryAccessConfigCertificateAuthorityDomainConfigArray) ToGetClusterNodeConfigContainerdConfigPrivateRegistryAccessConfigCertificateAuthorityDomainConfigArrayOutputWithContext(ctx context.Context) GetClusterNodeConfigContainerdConfigPrivateRegistryAccessConfigCertificateAuthorityDomainConfigArrayOutput { + return pulumi.ToOutputWithContext(ctx, i).(GetClusterNodeConfigContainerdConfigPrivateRegistryAccessConfigCertificateAuthorityDomainConfigArrayOutput) +} + +type GetClusterNodeConfigContainerdConfigPrivateRegistryAccessConfigCertificateAuthorityDomainConfigOutput struct{ *pulumi.OutputState } + +func (GetClusterNodeConfigContainerdConfigPrivateRegistryAccessConfigCertificateAuthorityDomainConfigOutput) ElementType() reflect.Type { + return reflect.TypeOf((*GetClusterNodeConfigContainerdConfigPrivateRegistryAccessConfigCertificateAuthorityDomainConfig)(nil)).Elem() +} + +func (o GetClusterNodeConfigContainerdConfigPrivateRegistryAccessConfigCertificateAuthorityDomainConfigOutput) ToGetClusterNodeConfigContainerdConfigPrivateRegistryAccessConfigCertificateAuthorityDomainConfigOutput() GetClusterNodeConfigContainerdConfigPrivateRegistryAccessConfigCertificateAuthorityDomainConfigOutput { + return o +} + +func (o GetClusterNodeConfigContainerdConfigPrivateRegistryAccessConfigCertificateAuthorityDomainConfigOutput) ToGetClusterNodeConfigContainerdConfigPrivateRegistryAccessConfigCertificateAuthorityDomainConfigOutputWithContext(ctx context.Context) GetClusterNodeConfigContainerdConfigPrivateRegistryAccessConfigCertificateAuthorityDomainConfigOutput { + return o +} + +// List of fully-qualified-domain-names. IPv4s and port specification are supported. +func (o GetClusterNodeConfigContainerdConfigPrivateRegistryAccessConfigCertificateAuthorityDomainConfigOutput) Fqdns() pulumi.StringArrayOutput { + return o.ApplyT(func(v GetClusterNodeConfigContainerdConfigPrivateRegistryAccessConfigCertificateAuthorityDomainConfig) []string { + return v.Fqdns + }).(pulumi.StringArrayOutput) +} + +// Parameters for configuring a certificate hosted in GCP SecretManager. +func (o GetClusterNodeConfigContainerdConfigPrivateRegistryAccessConfigCertificateAuthorityDomainConfigOutput) GcpSecretManagerCertificateConfigs() GetClusterNodeConfigContainerdConfigPrivateRegistryAccessConfigCertificateAuthorityDomainConfigGcpSecretManagerCertificateConfigArrayOutput { + return o.ApplyT(func(v GetClusterNodeConfigContainerdConfigPrivateRegistryAccessConfigCertificateAuthorityDomainConfig) []GetClusterNodeConfigContainerdConfigPrivateRegistryAccessConfigCertificateAuthorityDomainConfigGcpSecretManagerCertificateConfig { + return v.GcpSecretManagerCertificateConfigs + }).(GetClusterNodeConfigContainerdConfigPrivateRegistryAccessConfigCertificateAuthorityDomainConfigGcpSecretManagerCertificateConfigArrayOutput) +} + +type GetClusterNodeConfigContainerdConfigPrivateRegistryAccessConfigCertificateAuthorityDomainConfigArrayOutput struct{ *pulumi.OutputState } + +func (GetClusterNodeConfigContainerdConfigPrivateRegistryAccessConfigCertificateAuthorityDomainConfigArrayOutput) ElementType() reflect.Type { + return reflect.TypeOf((*[]GetClusterNodeConfigContainerdConfigPrivateRegistryAccessConfigCertificateAuthorityDomainConfig)(nil)).Elem() +} + +func (o GetClusterNodeConfigContainerdConfigPrivateRegistryAccessConfigCertificateAuthorityDomainConfigArrayOutput) ToGetClusterNodeConfigContainerdConfigPrivateRegistryAccessConfigCertificateAuthorityDomainConfigArrayOutput() GetClusterNodeConfigContainerdConfigPrivateRegistryAccessConfigCertificateAuthorityDomainConfigArrayOutput { + return o +} + +func (o GetClusterNodeConfigContainerdConfigPrivateRegistryAccessConfigCertificateAuthorityDomainConfigArrayOutput) ToGetClusterNodeConfigContainerdConfigPrivateRegistryAccessConfigCertificateAuthorityDomainConfigArrayOutputWithContext(ctx context.Context) GetClusterNodeConfigContainerdConfigPrivateRegistryAccessConfigCertificateAuthorityDomainConfigArrayOutput { + return o +} + +func (o GetClusterNodeConfigContainerdConfigPrivateRegistryAccessConfigCertificateAuthorityDomainConfigArrayOutput) Index(i pulumi.IntInput) GetClusterNodeConfigContainerdConfigPrivateRegistryAccessConfigCertificateAuthorityDomainConfigOutput { + return pulumi.All(o, i).ApplyT(func(vs []interface{}) GetClusterNodeConfigContainerdConfigPrivateRegistryAccessConfigCertificateAuthorityDomainConfig { + return vs[0].([]GetClusterNodeConfigContainerdConfigPrivateRegistryAccessConfigCertificateAuthorityDomainConfig)[vs[1].(int)] + }).(GetClusterNodeConfigContainerdConfigPrivateRegistryAccessConfigCertificateAuthorityDomainConfigOutput) +} + +type GetClusterNodeConfigContainerdConfigPrivateRegistryAccessConfigCertificateAuthorityDomainConfigGcpSecretManagerCertificateConfig struct { + // URI for the secret that hosts a certificate. Must be in the format 'projects/PROJECT_NUM/secrets/SECRET_NAME/versions/VERSION_OR_LATEST'. + SecretUri string `pulumi:"secretUri"` +} + +// GetClusterNodeConfigContainerdConfigPrivateRegistryAccessConfigCertificateAuthorityDomainConfigGcpSecretManagerCertificateConfigInput is an input type that accepts GetClusterNodeConfigContainerdConfigPrivateRegistryAccessConfigCertificateAuthorityDomainConfigGcpSecretManagerCertificateConfigArgs and GetClusterNodeConfigContainerdConfigPrivateRegistryAccessConfigCertificateAuthorityDomainConfigGcpSecretManagerCertificateConfigOutput values. +// You can construct a concrete instance of `GetClusterNodeConfigContainerdConfigPrivateRegistryAccessConfigCertificateAuthorityDomainConfigGcpSecretManagerCertificateConfigInput` via: +// +// GetClusterNodeConfigContainerdConfigPrivateRegistryAccessConfigCertificateAuthorityDomainConfigGcpSecretManagerCertificateConfigArgs{...} +type GetClusterNodeConfigContainerdConfigPrivateRegistryAccessConfigCertificateAuthorityDomainConfigGcpSecretManagerCertificateConfigInput interface { + pulumi.Input + + ToGetClusterNodeConfigContainerdConfigPrivateRegistryAccessConfigCertificateAuthorityDomainConfigGcpSecretManagerCertificateConfigOutput() GetClusterNodeConfigContainerdConfigPrivateRegistryAccessConfigCertificateAuthorityDomainConfigGcpSecretManagerCertificateConfigOutput + ToGetClusterNodeConfigContainerdConfigPrivateRegistryAccessConfigCertificateAuthorityDomainConfigGcpSecretManagerCertificateConfigOutputWithContext(context.Context) GetClusterNodeConfigContainerdConfigPrivateRegistryAccessConfigCertificateAuthorityDomainConfigGcpSecretManagerCertificateConfigOutput +} + +type GetClusterNodeConfigContainerdConfigPrivateRegistryAccessConfigCertificateAuthorityDomainConfigGcpSecretManagerCertificateConfigArgs struct { + // URI for the secret that hosts a certificate. Must be in the format 'projects/PROJECT_NUM/secrets/SECRET_NAME/versions/VERSION_OR_LATEST'. + SecretUri pulumi.StringInput `pulumi:"secretUri"` +} + +func (GetClusterNodeConfigContainerdConfigPrivateRegistryAccessConfigCertificateAuthorityDomainConfigGcpSecretManagerCertificateConfigArgs) ElementType() reflect.Type { + return reflect.TypeOf((*GetClusterNodeConfigContainerdConfigPrivateRegistryAccessConfigCertificateAuthorityDomainConfigGcpSecretManagerCertificateConfig)(nil)).Elem() +} + +func (i GetClusterNodeConfigContainerdConfigPrivateRegistryAccessConfigCertificateAuthorityDomainConfigGcpSecretManagerCertificateConfigArgs) ToGetClusterNodeConfigContainerdConfigPrivateRegistryAccessConfigCertificateAuthorityDomainConfigGcpSecretManagerCertificateConfigOutput() GetClusterNodeConfigContainerdConfigPrivateRegistryAccessConfigCertificateAuthorityDomainConfigGcpSecretManagerCertificateConfigOutput { + return i.ToGetClusterNodeConfigContainerdConfigPrivateRegistryAccessConfigCertificateAuthorityDomainConfigGcpSecretManagerCertificateConfigOutputWithContext(context.Background()) +} + +func (i GetClusterNodeConfigContainerdConfigPrivateRegistryAccessConfigCertificateAuthorityDomainConfigGcpSecretManagerCertificateConfigArgs) ToGetClusterNodeConfigContainerdConfigPrivateRegistryAccessConfigCertificateAuthorityDomainConfigGcpSecretManagerCertificateConfigOutputWithContext(ctx context.Context) GetClusterNodeConfigContainerdConfigPrivateRegistryAccessConfigCertificateAuthorityDomainConfigGcpSecretManagerCertificateConfigOutput { + return pulumi.ToOutputWithContext(ctx, i).(GetClusterNodeConfigContainerdConfigPrivateRegistryAccessConfigCertificateAuthorityDomainConfigGcpSecretManagerCertificateConfigOutput) +} + +// GetClusterNodeConfigContainerdConfigPrivateRegistryAccessConfigCertificateAuthorityDomainConfigGcpSecretManagerCertificateConfigArrayInput is an input type that accepts GetClusterNodeConfigContainerdConfigPrivateRegistryAccessConfigCertificateAuthorityDomainConfigGcpSecretManagerCertificateConfigArray and GetClusterNodeConfigContainerdConfigPrivateRegistryAccessConfigCertificateAuthorityDomainConfigGcpSecretManagerCertificateConfigArrayOutput values. +// You can construct a concrete instance of `GetClusterNodeConfigContainerdConfigPrivateRegistryAccessConfigCertificateAuthorityDomainConfigGcpSecretManagerCertificateConfigArrayInput` via: +// +// GetClusterNodeConfigContainerdConfigPrivateRegistryAccessConfigCertificateAuthorityDomainConfigGcpSecretManagerCertificateConfigArray{ GetClusterNodeConfigContainerdConfigPrivateRegistryAccessConfigCertificateAuthorityDomainConfigGcpSecretManagerCertificateConfigArgs{...} } +type GetClusterNodeConfigContainerdConfigPrivateRegistryAccessConfigCertificateAuthorityDomainConfigGcpSecretManagerCertificateConfigArrayInput interface { + pulumi.Input + + ToGetClusterNodeConfigContainerdConfigPrivateRegistryAccessConfigCertificateAuthorityDomainConfigGcpSecretManagerCertificateConfigArrayOutput() GetClusterNodeConfigContainerdConfigPrivateRegistryAccessConfigCertificateAuthorityDomainConfigGcpSecretManagerCertificateConfigArrayOutput + ToGetClusterNodeConfigContainerdConfigPrivateRegistryAccessConfigCertificateAuthorityDomainConfigGcpSecretManagerCertificateConfigArrayOutputWithContext(context.Context) GetClusterNodeConfigContainerdConfigPrivateRegistryAccessConfigCertificateAuthorityDomainConfigGcpSecretManagerCertificateConfigArrayOutput +} + +type GetClusterNodeConfigContainerdConfigPrivateRegistryAccessConfigCertificateAuthorityDomainConfigGcpSecretManagerCertificateConfigArray []GetClusterNodeConfigContainerdConfigPrivateRegistryAccessConfigCertificateAuthorityDomainConfigGcpSecretManagerCertificateConfigInput + +func (GetClusterNodeConfigContainerdConfigPrivateRegistryAccessConfigCertificateAuthorityDomainConfigGcpSecretManagerCertificateConfigArray) ElementType() reflect.Type { + return reflect.TypeOf((*[]GetClusterNodeConfigContainerdConfigPrivateRegistryAccessConfigCertificateAuthorityDomainConfigGcpSecretManagerCertificateConfig)(nil)).Elem() +} + +func (i GetClusterNodeConfigContainerdConfigPrivateRegistryAccessConfigCertificateAuthorityDomainConfigGcpSecretManagerCertificateConfigArray) ToGetClusterNodeConfigContainerdConfigPrivateRegistryAccessConfigCertificateAuthorityDomainConfigGcpSecretManagerCertificateConfigArrayOutput() GetClusterNodeConfigContainerdConfigPrivateRegistryAccessConfigCertificateAuthorityDomainConfigGcpSecretManagerCertificateConfigArrayOutput { + return i.ToGetClusterNodeConfigContainerdConfigPrivateRegistryAccessConfigCertificateAuthorityDomainConfigGcpSecretManagerCertificateConfigArrayOutputWithContext(context.Background()) +} + +func (i GetClusterNodeConfigContainerdConfigPrivateRegistryAccessConfigCertificateAuthorityDomainConfigGcpSecretManagerCertificateConfigArray) ToGetClusterNodeConfigContainerdConfigPrivateRegistryAccessConfigCertificateAuthorityDomainConfigGcpSecretManagerCertificateConfigArrayOutputWithContext(ctx context.Context) GetClusterNodeConfigContainerdConfigPrivateRegistryAccessConfigCertificateAuthorityDomainConfigGcpSecretManagerCertificateConfigArrayOutput { + return pulumi.ToOutputWithContext(ctx, i).(GetClusterNodeConfigContainerdConfigPrivateRegistryAccessConfigCertificateAuthorityDomainConfigGcpSecretManagerCertificateConfigArrayOutput) +} + +type GetClusterNodeConfigContainerdConfigPrivateRegistryAccessConfigCertificateAuthorityDomainConfigGcpSecretManagerCertificateConfigOutput struct{ *pulumi.OutputState } + +func (GetClusterNodeConfigContainerdConfigPrivateRegistryAccessConfigCertificateAuthorityDomainConfigGcpSecretManagerCertificateConfigOutput) ElementType() reflect.Type { + return reflect.TypeOf((*GetClusterNodeConfigContainerdConfigPrivateRegistryAccessConfigCertificateAuthorityDomainConfigGcpSecretManagerCertificateConfig)(nil)).Elem() +} + +func (o GetClusterNodeConfigContainerdConfigPrivateRegistryAccessConfigCertificateAuthorityDomainConfigGcpSecretManagerCertificateConfigOutput) ToGetClusterNodeConfigContainerdConfigPrivateRegistryAccessConfigCertificateAuthorityDomainConfigGcpSecretManagerCertificateConfigOutput() GetClusterNodeConfigContainerdConfigPrivateRegistryAccessConfigCertificateAuthorityDomainConfigGcpSecretManagerCertificateConfigOutput { + return o +} + +func (o GetClusterNodeConfigContainerdConfigPrivateRegistryAccessConfigCertificateAuthorityDomainConfigGcpSecretManagerCertificateConfigOutput) ToGetClusterNodeConfigContainerdConfigPrivateRegistryAccessConfigCertificateAuthorityDomainConfigGcpSecretManagerCertificateConfigOutputWithContext(ctx context.Context) GetClusterNodeConfigContainerdConfigPrivateRegistryAccessConfigCertificateAuthorityDomainConfigGcpSecretManagerCertificateConfigOutput { + return o +} + +// URI for the secret that hosts a certificate. Must be in the format 'projects/PROJECT_NUM/secrets/SECRET_NAME/versions/VERSION_OR_LATEST'. +func (o GetClusterNodeConfigContainerdConfigPrivateRegistryAccessConfigCertificateAuthorityDomainConfigGcpSecretManagerCertificateConfigOutput) SecretUri() pulumi.StringOutput { + return o.ApplyT(func(v GetClusterNodeConfigContainerdConfigPrivateRegistryAccessConfigCertificateAuthorityDomainConfigGcpSecretManagerCertificateConfig) string { + return v.SecretUri + }).(pulumi.StringOutput) +} + +type GetClusterNodeConfigContainerdConfigPrivateRegistryAccessConfigCertificateAuthorityDomainConfigGcpSecretManagerCertificateConfigArrayOutput struct{ *pulumi.OutputState } + +func (GetClusterNodeConfigContainerdConfigPrivateRegistryAccessConfigCertificateAuthorityDomainConfigGcpSecretManagerCertificateConfigArrayOutput) ElementType() reflect.Type { + return reflect.TypeOf((*[]GetClusterNodeConfigContainerdConfigPrivateRegistryAccessConfigCertificateAuthorityDomainConfigGcpSecretManagerCertificateConfig)(nil)).Elem() +} + +func (o GetClusterNodeConfigContainerdConfigPrivateRegistryAccessConfigCertificateAuthorityDomainConfigGcpSecretManagerCertificateConfigArrayOutput) ToGetClusterNodeConfigContainerdConfigPrivateRegistryAccessConfigCertificateAuthorityDomainConfigGcpSecretManagerCertificateConfigArrayOutput() GetClusterNodeConfigContainerdConfigPrivateRegistryAccessConfigCertificateAuthorityDomainConfigGcpSecretManagerCertificateConfigArrayOutput { + return o +} + +func (o GetClusterNodeConfigContainerdConfigPrivateRegistryAccessConfigCertificateAuthorityDomainConfigGcpSecretManagerCertificateConfigArrayOutput) ToGetClusterNodeConfigContainerdConfigPrivateRegistryAccessConfigCertificateAuthorityDomainConfigGcpSecretManagerCertificateConfigArrayOutputWithContext(ctx context.Context) GetClusterNodeConfigContainerdConfigPrivateRegistryAccessConfigCertificateAuthorityDomainConfigGcpSecretManagerCertificateConfigArrayOutput { + return o +} + +func (o GetClusterNodeConfigContainerdConfigPrivateRegistryAccessConfigCertificateAuthorityDomainConfigGcpSecretManagerCertificateConfigArrayOutput) Index(i pulumi.IntInput) GetClusterNodeConfigContainerdConfigPrivateRegistryAccessConfigCertificateAuthorityDomainConfigGcpSecretManagerCertificateConfigOutput { + return pulumi.All(o, i).ApplyT(func(vs []interface{}) GetClusterNodeConfigContainerdConfigPrivateRegistryAccessConfigCertificateAuthorityDomainConfigGcpSecretManagerCertificateConfig { + return vs[0].([]GetClusterNodeConfigContainerdConfigPrivateRegistryAccessConfigCertificateAuthorityDomainConfigGcpSecretManagerCertificateConfig)[vs[1].(int)] + }).(GetClusterNodeConfigContainerdConfigPrivateRegistryAccessConfigCertificateAuthorityDomainConfigGcpSecretManagerCertificateConfigOutput) +} + type GetClusterNodeConfigEffectiveTaint struct { // Effect for taint. Effect string `pulumi:"effect"` @@ -49467,6 +51818,8 @@ func (o GetClusterNodePoolDefaultArrayOutput) Index(i pulumi.IntInput) GetCluste } type GetClusterNodePoolDefaultNodeConfigDefault struct { + // Parameters for containerd configuration. + ContainerdConfigs []GetClusterNodePoolDefaultNodeConfigDefaultContainerdConfig `pulumi:"containerdConfigs"` // GCFS configuration for this node. GcfsConfigs []GetClusterNodePoolDefaultNodeConfigDefaultGcfsConfig `pulumi:"gcfsConfigs"` // Type of logging agent that is used as the default value for node pools in the cluster. Valid values include DEFAULT and MAX_THROUGHPUT. @@ -49485,6 +51838,8 @@ type GetClusterNodePoolDefaultNodeConfigDefaultInput interface { } type GetClusterNodePoolDefaultNodeConfigDefaultArgs struct { + // Parameters for containerd configuration. + ContainerdConfigs GetClusterNodePoolDefaultNodeConfigDefaultContainerdConfigArrayInput `pulumi:"containerdConfigs"` // GCFS configuration for this node. GcfsConfigs GetClusterNodePoolDefaultNodeConfigDefaultGcfsConfigArrayInput `pulumi:"gcfsConfigs"` // Type of logging agent that is used as the default value for node pools in the cluster. Valid values include DEFAULT and MAX_THROUGHPUT. @@ -49542,6 +51897,13 @@ func (o GetClusterNodePoolDefaultNodeConfigDefaultOutput) ToGetClusterNodePoolDe return o } +// Parameters for containerd configuration. +func (o GetClusterNodePoolDefaultNodeConfigDefaultOutput) ContainerdConfigs() GetClusterNodePoolDefaultNodeConfigDefaultContainerdConfigArrayOutput { + return o.ApplyT(func(v GetClusterNodePoolDefaultNodeConfigDefault) []GetClusterNodePoolDefaultNodeConfigDefaultContainerdConfig { + return v.ContainerdConfigs + }).(GetClusterNodePoolDefaultNodeConfigDefaultContainerdConfigArrayOutput) +} + // GCFS configuration for this node. func (o GetClusterNodePoolDefaultNodeConfigDefaultOutput) GcfsConfigs() GetClusterNodePoolDefaultNodeConfigDefaultGcfsConfigArrayOutput { return o.ApplyT(func(v GetClusterNodePoolDefaultNodeConfigDefault) []GetClusterNodePoolDefaultNodeConfigDefaultGcfsConfig { @@ -49574,6 +51936,424 @@ func (o GetClusterNodePoolDefaultNodeConfigDefaultArrayOutput) Index(i pulumi.In }).(GetClusterNodePoolDefaultNodeConfigDefaultOutput) } +type GetClusterNodePoolDefaultNodeConfigDefaultContainerdConfig struct { + // Parameters for private container registries configuration. + PrivateRegistryAccessConfigs []GetClusterNodePoolDefaultNodeConfigDefaultContainerdConfigPrivateRegistryAccessConfig `pulumi:"privateRegistryAccessConfigs"` +} + +// GetClusterNodePoolDefaultNodeConfigDefaultContainerdConfigInput is an input type that accepts GetClusterNodePoolDefaultNodeConfigDefaultContainerdConfigArgs and GetClusterNodePoolDefaultNodeConfigDefaultContainerdConfigOutput values. +// You can construct a concrete instance of `GetClusterNodePoolDefaultNodeConfigDefaultContainerdConfigInput` via: +// +// GetClusterNodePoolDefaultNodeConfigDefaultContainerdConfigArgs{...} +type GetClusterNodePoolDefaultNodeConfigDefaultContainerdConfigInput interface { + pulumi.Input + + ToGetClusterNodePoolDefaultNodeConfigDefaultContainerdConfigOutput() GetClusterNodePoolDefaultNodeConfigDefaultContainerdConfigOutput + ToGetClusterNodePoolDefaultNodeConfigDefaultContainerdConfigOutputWithContext(context.Context) GetClusterNodePoolDefaultNodeConfigDefaultContainerdConfigOutput +} + +type GetClusterNodePoolDefaultNodeConfigDefaultContainerdConfigArgs struct { + // Parameters for private container registries configuration. + PrivateRegistryAccessConfigs GetClusterNodePoolDefaultNodeConfigDefaultContainerdConfigPrivateRegistryAccessConfigArrayInput `pulumi:"privateRegistryAccessConfigs"` +} + +func (GetClusterNodePoolDefaultNodeConfigDefaultContainerdConfigArgs) ElementType() reflect.Type { + return reflect.TypeOf((*GetClusterNodePoolDefaultNodeConfigDefaultContainerdConfig)(nil)).Elem() +} + +func (i GetClusterNodePoolDefaultNodeConfigDefaultContainerdConfigArgs) ToGetClusterNodePoolDefaultNodeConfigDefaultContainerdConfigOutput() GetClusterNodePoolDefaultNodeConfigDefaultContainerdConfigOutput { + return i.ToGetClusterNodePoolDefaultNodeConfigDefaultContainerdConfigOutputWithContext(context.Background()) +} + +func (i GetClusterNodePoolDefaultNodeConfigDefaultContainerdConfigArgs) ToGetClusterNodePoolDefaultNodeConfigDefaultContainerdConfigOutputWithContext(ctx context.Context) GetClusterNodePoolDefaultNodeConfigDefaultContainerdConfigOutput { + return pulumi.ToOutputWithContext(ctx, i).(GetClusterNodePoolDefaultNodeConfigDefaultContainerdConfigOutput) +} + +// GetClusterNodePoolDefaultNodeConfigDefaultContainerdConfigArrayInput is an input type that accepts GetClusterNodePoolDefaultNodeConfigDefaultContainerdConfigArray and GetClusterNodePoolDefaultNodeConfigDefaultContainerdConfigArrayOutput values. +// You can construct a concrete instance of `GetClusterNodePoolDefaultNodeConfigDefaultContainerdConfigArrayInput` via: +// +// GetClusterNodePoolDefaultNodeConfigDefaultContainerdConfigArray{ GetClusterNodePoolDefaultNodeConfigDefaultContainerdConfigArgs{...} } +type GetClusterNodePoolDefaultNodeConfigDefaultContainerdConfigArrayInput interface { + pulumi.Input + + ToGetClusterNodePoolDefaultNodeConfigDefaultContainerdConfigArrayOutput() GetClusterNodePoolDefaultNodeConfigDefaultContainerdConfigArrayOutput + ToGetClusterNodePoolDefaultNodeConfigDefaultContainerdConfigArrayOutputWithContext(context.Context) GetClusterNodePoolDefaultNodeConfigDefaultContainerdConfigArrayOutput +} + +type GetClusterNodePoolDefaultNodeConfigDefaultContainerdConfigArray []GetClusterNodePoolDefaultNodeConfigDefaultContainerdConfigInput + +func (GetClusterNodePoolDefaultNodeConfigDefaultContainerdConfigArray) ElementType() reflect.Type { + return reflect.TypeOf((*[]GetClusterNodePoolDefaultNodeConfigDefaultContainerdConfig)(nil)).Elem() +} + +func (i GetClusterNodePoolDefaultNodeConfigDefaultContainerdConfigArray) ToGetClusterNodePoolDefaultNodeConfigDefaultContainerdConfigArrayOutput() GetClusterNodePoolDefaultNodeConfigDefaultContainerdConfigArrayOutput { + return i.ToGetClusterNodePoolDefaultNodeConfigDefaultContainerdConfigArrayOutputWithContext(context.Background()) +} + +func (i GetClusterNodePoolDefaultNodeConfigDefaultContainerdConfigArray) ToGetClusterNodePoolDefaultNodeConfigDefaultContainerdConfigArrayOutputWithContext(ctx context.Context) GetClusterNodePoolDefaultNodeConfigDefaultContainerdConfigArrayOutput { + return pulumi.ToOutputWithContext(ctx, i).(GetClusterNodePoolDefaultNodeConfigDefaultContainerdConfigArrayOutput) +} + +type GetClusterNodePoolDefaultNodeConfigDefaultContainerdConfigOutput struct{ *pulumi.OutputState } + +func (GetClusterNodePoolDefaultNodeConfigDefaultContainerdConfigOutput) ElementType() reflect.Type { + return reflect.TypeOf((*GetClusterNodePoolDefaultNodeConfigDefaultContainerdConfig)(nil)).Elem() +} + +func (o GetClusterNodePoolDefaultNodeConfigDefaultContainerdConfigOutput) ToGetClusterNodePoolDefaultNodeConfigDefaultContainerdConfigOutput() GetClusterNodePoolDefaultNodeConfigDefaultContainerdConfigOutput { + return o +} + +func (o GetClusterNodePoolDefaultNodeConfigDefaultContainerdConfigOutput) ToGetClusterNodePoolDefaultNodeConfigDefaultContainerdConfigOutputWithContext(ctx context.Context) GetClusterNodePoolDefaultNodeConfigDefaultContainerdConfigOutput { + return o +} + +// Parameters for private container registries configuration. +func (o GetClusterNodePoolDefaultNodeConfigDefaultContainerdConfigOutput) PrivateRegistryAccessConfigs() GetClusterNodePoolDefaultNodeConfigDefaultContainerdConfigPrivateRegistryAccessConfigArrayOutput { + return o.ApplyT(func(v GetClusterNodePoolDefaultNodeConfigDefaultContainerdConfig) []GetClusterNodePoolDefaultNodeConfigDefaultContainerdConfigPrivateRegistryAccessConfig { + return v.PrivateRegistryAccessConfigs + }).(GetClusterNodePoolDefaultNodeConfigDefaultContainerdConfigPrivateRegistryAccessConfigArrayOutput) +} + +type GetClusterNodePoolDefaultNodeConfigDefaultContainerdConfigArrayOutput struct{ *pulumi.OutputState } + +func (GetClusterNodePoolDefaultNodeConfigDefaultContainerdConfigArrayOutput) ElementType() reflect.Type { + return reflect.TypeOf((*[]GetClusterNodePoolDefaultNodeConfigDefaultContainerdConfig)(nil)).Elem() +} + +func (o GetClusterNodePoolDefaultNodeConfigDefaultContainerdConfigArrayOutput) ToGetClusterNodePoolDefaultNodeConfigDefaultContainerdConfigArrayOutput() GetClusterNodePoolDefaultNodeConfigDefaultContainerdConfigArrayOutput { + return o +} + +func (o GetClusterNodePoolDefaultNodeConfigDefaultContainerdConfigArrayOutput) ToGetClusterNodePoolDefaultNodeConfigDefaultContainerdConfigArrayOutputWithContext(ctx context.Context) GetClusterNodePoolDefaultNodeConfigDefaultContainerdConfigArrayOutput { + return o +} + +func (o GetClusterNodePoolDefaultNodeConfigDefaultContainerdConfigArrayOutput) Index(i pulumi.IntInput) GetClusterNodePoolDefaultNodeConfigDefaultContainerdConfigOutput { + return pulumi.All(o, i).ApplyT(func(vs []interface{}) GetClusterNodePoolDefaultNodeConfigDefaultContainerdConfig { + return vs[0].([]GetClusterNodePoolDefaultNodeConfigDefaultContainerdConfig)[vs[1].(int)] + }).(GetClusterNodePoolDefaultNodeConfigDefaultContainerdConfigOutput) +} + +type GetClusterNodePoolDefaultNodeConfigDefaultContainerdConfigPrivateRegistryAccessConfig struct { + // Parameters for configuring CA certificate and domains. + CertificateAuthorityDomainConfigs []GetClusterNodePoolDefaultNodeConfigDefaultContainerdConfigPrivateRegistryAccessConfigCertificateAuthorityDomainConfig `pulumi:"certificateAuthorityDomainConfigs"` + // Whether or not private registries are configured. + Enabled bool `pulumi:"enabled"` +} + +// GetClusterNodePoolDefaultNodeConfigDefaultContainerdConfigPrivateRegistryAccessConfigInput is an input type that accepts GetClusterNodePoolDefaultNodeConfigDefaultContainerdConfigPrivateRegistryAccessConfigArgs and GetClusterNodePoolDefaultNodeConfigDefaultContainerdConfigPrivateRegistryAccessConfigOutput values. +// You can construct a concrete instance of `GetClusterNodePoolDefaultNodeConfigDefaultContainerdConfigPrivateRegistryAccessConfigInput` via: +// +// GetClusterNodePoolDefaultNodeConfigDefaultContainerdConfigPrivateRegistryAccessConfigArgs{...} +type GetClusterNodePoolDefaultNodeConfigDefaultContainerdConfigPrivateRegistryAccessConfigInput interface { + pulumi.Input + + ToGetClusterNodePoolDefaultNodeConfigDefaultContainerdConfigPrivateRegistryAccessConfigOutput() GetClusterNodePoolDefaultNodeConfigDefaultContainerdConfigPrivateRegistryAccessConfigOutput + ToGetClusterNodePoolDefaultNodeConfigDefaultContainerdConfigPrivateRegistryAccessConfigOutputWithContext(context.Context) GetClusterNodePoolDefaultNodeConfigDefaultContainerdConfigPrivateRegistryAccessConfigOutput +} + +type GetClusterNodePoolDefaultNodeConfigDefaultContainerdConfigPrivateRegistryAccessConfigArgs struct { + // Parameters for configuring CA certificate and domains. + CertificateAuthorityDomainConfigs GetClusterNodePoolDefaultNodeConfigDefaultContainerdConfigPrivateRegistryAccessConfigCertificateAuthorityDomainConfigArrayInput `pulumi:"certificateAuthorityDomainConfigs"` + // Whether or not private registries are configured. + Enabled pulumi.BoolInput `pulumi:"enabled"` +} + +func (GetClusterNodePoolDefaultNodeConfigDefaultContainerdConfigPrivateRegistryAccessConfigArgs) ElementType() reflect.Type { + return reflect.TypeOf((*GetClusterNodePoolDefaultNodeConfigDefaultContainerdConfigPrivateRegistryAccessConfig)(nil)).Elem() +} + +func (i GetClusterNodePoolDefaultNodeConfigDefaultContainerdConfigPrivateRegistryAccessConfigArgs) ToGetClusterNodePoolDefaultNodeConfigDefaultContainerdConfigPrivateRegistryAccessConfigOutput() GetClusterNodePoolDefaultNodeConfigDefaultContainerdConfigPrivateRegistryAccessConfigOutput { + return i.ToGetClusterNodePoolDefaultNodeConfigDefaultContainerdConfigPrivateRegistryAccessConfigOutputWithContext(context.Background()) +} + +func (i GetClusterNodePoolDefaultNodeConfigDefaultContainerdConfigPrivateRegistryAccessConfigArgs) ToGetClusterNodePoolDefaultNodeConfigDefaultContainerdConfigPrivateRegistryAccessConfigOutputWithContext(ctx context.Context) GetClusterNodePoolDefaultNodeConfigDefaultContainerdConfigPrivateRegistryAccessConfigOutput { + return pulumi.ToOutputWithContext(ctx, i).(GetClusterNodePoolDefaultNodeConfigDefaultContainerdConfigPrivateRegistryAccessConfigOutput) +} + +// GetClusterNodePoolDefaultNodeConfigDefaultContainerdConfigPrivateRegistryAccessConfigArrayInput is an input type that accepts GetClusterNodePoolDefaultNodeConfigDefaultContainerdConfigPrivateRegistryAccessConfigArray and GetClusterNodePoolDefaultNodeConfigDefaultContainerdConfigPrivateRegistryAccessConfigArrayOutput values. +// You can construct a concrete instance of `GetClusterNodePoolDefaultNodeConfigDefaultContainerdConfigPrivateRegistryAccessConfigArrayInput` via: +// +// GetClusterNodePoolDefaultNodeConfigDefaultContainerdConfigPrivateRegistryAccessConfigArray{ GetClusterNodePoolDefaultNodeConfigDefaultContainerdConfigPrivateRegistryAccessConfigArgs{...} } +type GetClusterNodePoolDefaultNodeConfigDefaultContainerdConfigPrivateRegistryAccessConfigArrayInput interface { + pulumi.Input + + ToGetClusterNodePoolDefaultNodeConfigDefaultContainerdConfigPrivateRegistryAccessConfigArrayOutput() GetClusterNodePoolDefaultNodeConfigDefaultContainerdConfigPrivateRegistryAccessConfigArrayOutput + ToGetClusterNodePoolDefaultNodeConfigDefaultContainerdConfigPrivateRegistryAccessConfigArrayOutputWithContext(context.Context) GetClusterNodePoolDefaultNodeConfigDefaultContainerdConfigPrivateRegistryAccessConfigArrayOutput +} + +type GetClusterNodePoolDefaultNodeConfigDefaultContainerdConfigPrivateRegistryAccessConfigArray []GetClusterNodePoolDefaultNodeConfigDefaultContainerdConfigPrivateRegistryAccessConfigInput + +func (GetClusterNodePoolDefaultNodeConfigDefaultContainerdConfigPrivateRegistryAccessConfigArray) ElementType() reflect.Type { + return reflect.TypeOf((*[]GetClusterNodePoolDefaultNodeConfigDefaultContainerdConfigPrivateRegistryAccessConfig)(nil)).Elem() +} + +func (i GetClusterNodePoolDefaultNodeConfigDefaultContainerdConfigPrivateRegistryAccessConfigArray) ToGetClusterNodePoolDefaultNodeConfigDefaultContainerdConfigPrivateRegistryAccessConfigArrayOutput() GetClusterNodePoolDefaultNodeConfigDefaultContainerdConfigPrivateRegistryAccessConfigArrayOutput { + return i.ToGetClusterNodePoolDefaultNodeConfigDefaultContainerdConfigPrivateRegistryAccessConfigArrayOutputWithContext(context.Background()) +} + +func (i GetClusterNodePoolDefaultNodeConfigDefaultContainerdConfigPrivateRegistryAccessConfigArray) ToGetClusterNodePoolDefaultNodeConfigDefaultContainerdConfigPrivateRegistryAccessConfigArrayOutputWithContext(ctx context.Context) GetClusterNodePoolDefaultNodeConfigDefaultContainerdConfigPrivateRegistryAccessConfigArrayOutput { + return pulumi.ToOutputWithContext(ctx, i).(GetClusterNodePoolDefaultNodeConfigDefaultContainerdConfigPrivateRegistryAccessConfigArrayOutput) +} + +type GetClusterNodePoolDefaultNodeConfigDefaultContainerdConfigPrivateRegistryAccessConfigOutput struct{ *pulumi.OutputState } + +func (GetClusterNodePoolDefaultNodeConfigDefaultContainerdConfigPrivateRegistryAccessConfigOutput) ElementType() reflect.Type { + return reflect.TypeOf((*GetClusterNodePoolDefaultNodeConfigDefaultContainerdConfigPrivateRegistryAccessConfig)(nil)).Elem() +} + +func (o GetClusterNodePoolDefaultNodeConfigDefaultContainerdConfigPrivateRegistryAccessConfigOutput) ToGetClusterNodePoolDefaultNodeConfigDefaultContainerdConfigPrivateRegistryAccessConfigOutput() GetClusterNodePoolDefaultNodeConfigDefaultContainerdConfigPrivateRegistryAccessConfigOutput { + return o +} + +func (o GetClusterNodePoolDefaultNodeConfigDefaultContainerdConfigPrivateRegistryAccessConfigOutput) ToGetClusterNodePoolDefaultNodeConfigDefaultContainerdConfigPrivateRegistryAccessConfigOutputWithContext(ctx context.Context) GetClusterNodePoolDefaultNodeConfigDefaultContainerdConfigPrivateRegistryAccessConfigOutput { + return o +} + +// Parameters for configuring CA certificate and domains. +func (o GetClusterNodePoolDefaultNodeConfigDefaultContainerdConfigPrivateRegistryAccessConfigOutput) CertificateAuthorityDomainConfigs() GetClusterNodePoolDefaultNodeConfigDefaultContainerdConfigPrivateRegistryAccessConfigCertificateAuthorityDomainConfigArrayOutput { + return o.ApplyT(func(v GetClusterNodePoolDefaultNodeConfigDefaultContainerdConfigPrivateRegistryAccessConfig) []GetClusterNodePoolDefaultNodeConfigDefaultContainerdConfigPrivateRegistryAccessConfigCertificateAuthorityDomainConfig { + return v.CertificateAuthorityDomainConfigs + }).(GetClusterNodePoolDefaultNodeConfigDefaultContainerdConfigPrivateRegistryAccessConfigCertificateAuthorityDomainConfigArrayOutput) +} + +// Whether or not private registries are configured. +func (o GetClusterNodePoolDefaultNodeConfigDefaultContainerdConfigPrivateRegistryAccessConfigOutput) Enabled() pulumi.BoolOutput { + return o.ApplyT(func(v GetClusterNodePoolDefaultNodeConfigDefaultContainerdConfigPrivateRegistryAccessConfig) bool { + return v.Enabled + }).(pulumi.BoolOutput) +} + +type GetClusterNodePoolDefaultNodeConfigDefaultContainerdConfigPrivateRegistryAccessConfigArrayOutput struct{ *pulumi.OutputState } + +func (GetClusterNodePoolDefaultNodeConfigDefaultContainerdConfigPrivateRegistryAccessConfigArrayOutput) ElementType() reflect.Type { + return reflect.TypeOf((*[]GetClusterNodePoolDefaultNodeConfigDefaultContainerdConfigPrivateRegistryAccessConfig)(nil)).Elem() +} + +func (o GetClusterNodePoolDefaultNodeConfigDefaultContainerdConfigPrivateRegistryAccessConfigArrayOutput) ToGetClusterNodePoolDefaultNodeConfigDefaultContainerdConfigPrivateRegistryAccessConfigArrayOutput() GetClusterNodePoolDefaultNodeConfigDefaultContainerdConfigPrivateRegistryAccessConfigArrayOutput { + return o +} + +func (o GetClusterNodePoolDefaultNodeConfigDefaultContainerdConfigPrivateRegistryAccessConfigArrayOutput) ToGetClusterNodePoolDefaultNodeConfigDefaultContainerdConfigPrivateRegistryAccessConfigArrayOutputWithContext(ctx context.Context) GetClusterNodePoolDefaultNodeConfigDefaultContainerdConfigPrivateRegistryAccessConfigArrayOutput { + return o +} + +func (o GetClusterNodePoolDefaultNodeConfigDefaultContainerdConfigPrivateRegistryAccessConfigArrayOutput) Index(i pulumi.IntInput) GetClusterNodePoolDefaultNodeConfigDefaultContainerdConfigPrivateRegistryAccessConfigOutput { + return pulumi.All(o, i).ApplyT(func(vs []interface{}) GetClusterNodePoolDefaultNodeConfigDefaultContainerdConfigPrivateRegistryAccessConfig { + return vs[0].([]GetClusterNodePoolDefaultNodeConfigDefaultContainerdConfigPrivateRegistryAccessConfig)[vs[1].(int)] + }).(GetClusterNodePoolDefaultNodeConfigDefaultContainerdConfigPrivateRegistryAccessConfigOutput) +} + +type GetClusterNodePoolDefaultNodeConfigDefaultContainerdConfigPrivateRegistryAccessConfigCertificateAuthorityDomainConfig struct { + // List of fully-qualified-domain-names. IPv4s and port specification are supported. + Fqdns []string `pulumi:"fqdns"` + // Parameters for configuring a certificate hosted in GCP SecretManager. + GcpSecretManagerCertificateConfigs []GetClusterNodePoolDefaultNodeConfigDefaultContainerdConfigPrivateRegistryAccessConfigCertificateAuthorityDomainConfigGcpSecretManagerCertificateConfig `pulumi:"gcpSecretManagerCertificateConfigs"` +} + +// GetClusterNodePoolDefaultNodeConfigDefaultContainerdConfigPrivateRegistryAccessConfigCertificateAuthorityDomainConfigInput is an input type that accepts GetClusterNodePoolDefaultNodeConfigDefaultContainerdConfigPrivateRegistryAccessConfigCertificateAuthorityDomainConfigArgs and GetClusterNodePoolDefaultNodeConfigDefaultContainerdConfigPrivateRegistryAccessConfigCertificateAuthorityDomainConfigOutput values. +// You can construct a concrete instance of `GetClusterNodePoolDefaultNodeConfigDefaultContainerdConfigPrivateRegistryAccessConfigCertificateAuthorityDomainConfigInput` via: +// +// GetClusterNodePoolDefaultNodeConfigDefaultContainerdConfigPrivateRegistryAccessConfigCertificateAuthorityDomainConfigArgs{...} +type GetClusterNodePoolDefaultNodeConfigDefaultContainerdConfigPrivateRegistryAccessConfigCertificateAuthorityDomainConfigInput interface { + pulumi.Input + + ToGetClusterNodePoolDefaultNodeConfigDefaultContainerdConfigPrivateRegistryAccessConfigCertificateAuthorityDomainConfigOutput() GetClusterNodePoolDefaultNodeConfigDefaultContainerdConfigPrivateRegistryAccessConfigCertificateAuthorityDomainConfigOutput + ToGetClusterNodePoolDefaultNodeConfigDefaultContainerdConfigPrivateRegistryAccessConfigCertificateAuthorityDomainConfigOutputWithContext(context.Context) GetClusterNodePoolDefaultNodeConfigDefaultContainerdConfigPrivateRegistryAccessConfigCertificateAuthorityDomainConfigOutput +} + +type GetClusterNodePoolDefaultNodeConfigDefaultContainerdConfigPrivateRegistryAccessConfigCertificateAuthorityDomainConfigArgs struct { + // List of fully-qualified-domain-names. IPv4s and port specification are supported. + Fqdns pulumi.StringArrayInput `pulumi:"fqdns"` + // Parameters for configuring a certificate hosted in GCP SecretManager. + GcpSecretManagerCertificateConfigs GetClusterNodePoolDefaultNodeConfigDefaultContainerdConfigPrivateRegistryAccessConfigCertificateAuthorityDomainConfigGcpSecretManagerCertificateConfigArrayInput `pulumi:"gcpSecretManagerCertificateConfigs"` +} + +func (GetClusterNodePoolDefaultNodeConfigDefaultContainerdConfigPrivateRegistryAccessConfigCertificateAuthorityDomainConfigArgs) ElementType() reflect.Type { + return reflect.TypeOf((*GetClusterNodePoolDefaultNodeConfigDefaultContainerdConfigPrivateRegistryAccessConfigCertificateAuthorityDomainConfig)(nil)).Elem() +} + +func (i GetClusterNodePoolDefaultNodeConfigDefaultContainerdConfigPrivateRegistryAccessConfigCertificateAuthorityDomainConfigArgs) ToGetClusterNodePoolDefaultNodeConfigDefaultContainerdConfigPrivateRegistryAccessConfigCertificateAuthorityDomainConfigOutput() GetClusterNodePoolDefaultNodeConfigDefaultContainerdConfigPrivateRegistryAccessConfigCertificateAuthorityDomainConfigOutput { + return i.ToGetClusterNodePoolDefaultNodeConfigDefaultContainerdConfigPrivateRegistryAccessConfigCertificateAuthorityDomainConfigOutputWithContext(context.Background()) +} + +func (i GetClusterNodePoolDefaultNodeConfigDefaultContainerdConfigPrivateRegistryAccessConfigCertificateAuthorityDomainConfigArgs) ToGetClusterNodePoolDefaultNodeConfigDefaultContainerdConfigPrivateRegistryAccessConfigCertificateAuthorityDomainConfigOutputWithContext(ctx context.Context) GetClusterNodePoolDefaultNodeConfigDefaultContainerdConfigPrivateRegistryAccessConfigCertificateAuthorityDomainConfigOutput { + return pulumi.ToOutputWithContext(ctx, i).(GetClusterNodePoolDefaultNodeConfigDefaultContainerdConfigPrivateRegistryAccessConfigCertificateAuthorityDomainConfigOutput) +} + +// GetClusterNodePoolDefaultNodeConfigDefaultContainerdConfigPrivateRegistryAccessConfigCertificateAuthorityDomainConfigArrayInput is an input type that accepts GetClusterNodePoolDefaultNodeConfigDefaultContainerdConfigPrivateRegistryAccessConfigCertificateAuthorityDomainConfigArray and GetClusterNodePoolDefaultNodeConfigDefaultContainerdConfigPrivateRegistryAccessConfigCertificateAuthorityDomainConfigArrayOutput values. +// You can construct a concrete instance of `GetClusterNodePoolDefaultNodeConfigDefaultContainerdConfigPrivateRegistryAccessConfigCertificateAuthorityDomainConfigArrayInput` via: +// +// GetClusterNodePoolDefaultNodeConfigDefaultContainerdConfigPrivateRegistryAccessConfigCertificateAuthorityDomainConfigArray{ GetClusterNodePoolDefaultNodeConfigDefaultContainerdConfigPrivateRegistryAccessConfigCertificateAuthorityDomainConfigArgs{...} } +type GetClusterNodePoolDefaultNodeConfigDefaultContainerdConfigPrivateRegistryAccessConfigCertificateAuthorityDomainConfigArrayInput interface { + pulumi.Input + + ToGetClusterNodePoolDefaultNodeConfigDefaultContainerdConfigPrivateRegistryAccessConfigCertificateAuthorityDomainConfigArrayOutput() GetClusterNodePoolDefaultNodeConfigDefaultContainerdConfigPrivateRegistryAccessConfigCertificateAuthorityDomainConfigArrayOutput + ToGetClusterNodePoolDefaultNodeConfigDefaultContainerdConfigPrivateRegistryAccessConfigCertificateAuthorityDomainConfigArrayOutputWithContext(context.Context) GetClusterNodePoolDefaultNodeConfigDefaultContainerdConfigPrivateRegistryAccessConfigCertificateAuthorityDomainConfigArrayOutput +} + +type GetClusterNodePoolDefaultNodeConfigDefaultContainerdConfigPrivateRegistryAccessConfigCertificateAuthorityDomainConfigArray []GetClusterNodePoolDefaultNodeConfigDefaultContainerdConfigPrivateRegistryAccessConfigCertificateAuthorityDomainConfigInput + +func (GetClusterNodePoolDefaultNodeConfigDefaultContainerdConfigPrivateRegistryAccessConfigCertificateAuthorityDomainConfigArray) ElementType() reflect.Type { + return reflect.TypeOf((*[]GetClusterNodePoolDefaultNodeConfigDefaultContainerdConfigPrivateRegistryAccessConfigCertificateAuthorityDomainConfig)(nil)).Elem() +} + +func (i GetClusterNodePoolDefaultNodeConfigDefaultContainerdConfigPrivateRegistryAccessConfigCertificateAuthorityDomainConfigArray) ToGetClusterNodePoolDefaultNodeConfigDefaultContainerdConfigPrivateRegistryAccessConfigCertificateAuthorityDomainConfigArrayOutput() GetClusterNodePoolDefaultNodeConfigDefaultContainerdConfigPrivateRegistryAccessConfigCertificateAuthorityDomainConfigArrayOutput { + return i.ToGetClusterNodePoolDefaultNodeConfigDefaultContainerdConfigPrivateRegistryAccessConfigCertificateAuthorityDomainConfigArrayOutputWithContext(context.Background()) +} + +func (i GetClusterNodePoolDefaultNodeConfigDefaultContainerdConfigPrivateRegistryAccessConfigCertificateAuthorityDomainConfigArray) ToGetClusterNodePoolDefaultNodeConfigDefaultContainerdConfigPrivateRegistryAccessConfigCertificateAuthorityDomainConfigArrayOutputWithContext(ctx context.Context) GetClusterNodePoolDefaultNodeConfigDefaultContainerdConfigPrivateRegistryAccessConfigCertificateAuthorityDomainConfigArrayOutput { + return pulumi.ToOutputWithContext(ctx, i).(GetClusterNodePoolDefaultNodeConfigDefaultContainerdConfigPrivateRegistryAccessConfigCertificateAuthorityDomainConfigArrayOutput) +} + +type GetClusterNodePoolDefaultNodeConfigDefaultContainerdConfigPrivateRegistryAccessConfigCertificateAuthorityDomainConfigOutput struct{ *pulumi.OutputState } + +func (GetClusterNodePoolDefaultNodeConfigDefaultContainerdConfigPrivateRegistryAccessConfigCertificateAuthorityDomainConfigOutput) ElementType() reflect.Type { + return reflect.TypeOf((*GetClusterNodePoolDefaultNodeConfigDefaultContainerdConfigPrivateRegistryAccessConfigCertificateAuthorityDomainConfig)(nil)).Elem() +} + +func (o GetClusterNodePoolDefaultNodeConfigDefaultContainerdConfigPrivateRegistryAccessConfigCertificateAuthorityDomainConfigOutput) ToGetClusterNodePoolDefaultNodeConfigDefaultContainerdConfigPrivateRegistryAccessConfigCertificateAuthorityDomainConfigOutput() GetClusterNodePoolDefaultNodeConfigDefaultContainerdConfigPrivateRegistryAccessConfigCertificateAuthorityDomainConfigOutput { + return o +} + +func (o GetClusterNodePoolDefaultNodeConfigDefaultContainerdConfigPrivateRegistryAccessConfigCertificateAuthorityDomainConfigOutput) ToGetClusterNodePoolDefaultNodeConfigDefaultContainerdConfigPrivateRegistryAccessConfigCertificateAuthorityDomainConfigOutputWithContext(ctx context.Context) GetClusterNodePoolDefaultNodeConfigDefaultContainerdConfigPrivateRegistryAccessConfigCertificateAuthorityDomainConfigOutput { + return o +} + +// List of fully-qualified-domain-names. IPv4s and port specification are supported. +func (o GetClusterNodePoolDefaultNodeConfigDefaultContainerdConfigPrivateRegistryAccessConfigCertificateAuthorityDomainConfigOutput) Fqdns() pulumi.StringArrayOutput { + return o.ApplyT(func(v GetClusterNodePoolDefaultNodeConfigDefaultContainerdConfigPrivateRegistryAccessConfigCertificateAuthorityDomainConfig) []string { + return v.Fqdns + }).(pulumi.StringArrayOutput) +} + +// Parameters for configuring a certificate hosted in GCP SecretManager. +func (o GetClusterNodePoolDefaultNodeConfigDefaultContainerdConfigPrivateRegistryAccessConfigCertificateAuthorityDomainConfigOutput) GcpSecretManagerCertificateConfigs() GetClusterNodePoolDefaultNodeConfigDefaultContainerdConfigPrivateRegistryAccessConfigCertificateAuthorityDomainConfigGcpSecretManagerCertificateConfigArrayOutput { + return o.ApplyT(func(v GetClusterNodePoolDefaultNodeConfigDefaultContainerdConfigPrivateRegistryAccessConfigCertificateAuthorityDomainConfig) []GetClusterNodePoolDefaultNodeConfigDefaultContainerdConfigPrivateRegistryAccessConfigCertificateAuthorityDomainConfigGcpSecretManagerCertificateConfig { + return v.GcpSecretManagerCertificateConfigs + }).(GetClusterNodePoolDefaultNodeConfigDefaultContainerdConfigPrivateRegistryAccessConfigCertificateAuthorityDomainConfigGcpSecretManagerCertificateConfigArrayOutput) +} + +type GetClusterNodePoolDefaultNodeConfigDefaultContainerdConfigPrivateRegistryAccessConfigCertificateAuthorityDomainConfigArrayOutput struct{ *pulumi.OutputState } + +func (GetClusterNodePoolDefaultNodeConfigDefaultContainerdConfigPrivateRegistryAccessConfigCertificateAuthorityDomainConfigArrayOutput) ElementType() reflect.Type { + return reflect.TypeOf((*[]GetClusterNodePoolDefaultNodeConfigDefaultContainerdConfigPrivateRegistryAccessConfigCertificateAuthorityDomainConfig)(nil)).Elem() +} + +func (o GetClusterNodePoolDefaultNodeConfigDefaultContainerdConfigPrivateRegistryAccessConfigCertificateAuthorityDomainConfigArrayOutput) ToGetClusterNodePoolDefaultNodeConfigDefaultContainerdConfigPrivateRegistryAccessConfigCertificateAuthorityDomainConfigArrayOutput() GetClusterNodePoolDefaultNodeConfigDefaultContainerdConfigPrivateRegistryAccessConfigCertificateAuthorityDomainConfigArrayOutput { + return o +} + +func (o GetClusterNodePoolDefaultNodeConfigDefaultContainerdConfigPrivateRegistryAccessConfigCertificateAuthorityDomainConfigArrayOutput) ToGetClusterNodePoolDefaultNodeConfigDefaultContainerdConfigPrivateRegistryAccessConfigCertificateAuthorityDomainConfigArrayOutputWithContext(ctx context.Context) GetClusterNodePoolDefaultNodeConfigDefaultContainerdConfigPrivateRegistryAccessConfigCertificateAuthorityDomainConfigArrayOutput { + return o +} + +func (o GetClusterNodePoolDefaultNodeConfigDefaultContainerdConfigPrivateRegistryAccessConfigCertificateAuthorityDomainConfigArrayOutput) Index(i pulumi.IntInput) GetClusterNodePoolDefaultNodeConfigDefaultContainerdConfigPrivateRegistryAccessConfigCertificateAuthorityDomainConfigOutput { + return pulumi.All(o, i).ApplyT(func(vs []interface{}) GetClusterNodePoolDefaultNodeConfigDefaultContainerdConfigPrivateRegistryAccessConfigCertificateAuthorityDomainConfig { + return vs[0].([]GetClusterNodePoolDefaultNodeConfigDefaultContainerdConfigPrivateRegistryAccessConfigCertificateAuthorityDomainConfig)[vs[1].(int)] + }).(GetClusterNodePoolDefaultNodeConfigDefaultContainerdConfigPrivateRegistryAccessConfigCertificateAuthorityDomainConfigOutput) +} + +type GetClusterNodePoolDefaultNodeConfigDefaultContainerdConfigPrivateRegistryAccessConfigCertificateAuthorityDomainConfigGcpSecretManagerCertificateConfig struct { + // URI for the secret that hosts a certificate. Must be in the format 'projects/PROJECT_NUM/secrets/SECRET_NAME/versions/VERSION_OR_LATEST'. + SecretUri string `pulumi:"secretUri"` +} + +// GetClusterNodePoolDefaultNodeConfigDefaultContainerdConfigPrivateRegistryAccessConfigCertificateAuthorityDomainConfigGcpSecretManagerCertificateConfigInput is an input type that accepts GetClusterNodePoolDefaultNodeConfigDefaultContainerdConfigPrivateRegistryAccessConfigCertificateAuthorityDomainConfigGcpSecretManagerCertificateConfigArgs and GetClusterNodePoolDefaultNodeConfigDefaultContainerdConfigPrivateRegistryAccessConfigCertificateAuthorityDomainConfigGcpSecretManagerCertificateConfigOutput values. +// You can construct a concrete instance of `GetClusterNodePoolDefaultNodeConfigDefaultContainerdConfigPrivateRegistryAccessConfigCertificateAuthorityDomainConfigGcpSecretManagerCertificateConfigInput` via: +// +// GetClusterNodePoolDefaultNodeConfigDefaultContainerdConfigPrivateRegistryAccessConfigCertificateAuthorityDomainConfigGcpSecretManagerCertificateConfigArgs{...} +type GetClusterNodePoolDefaultNodeConfigDefaultContainerdConfigPrivateRegistryAccessConfigCertificateAuthorityDomainConfigGcpSecretManagerCertificateConfigInput interface { + pulumi.Input + + ToGetClusterNodePoolDefaultNodeConfigDefaultContainerdConfigPrivateRegistryAccessConfigCertificateAuthorityDomainConfigGcpSecretManagerCertificateConfigOutput() GetClusterNodePoolDefaultNodeConfigDefaultContainerdConfigPrivateRegistryAccessConfigCertificateAuthorityDomainConfigGcpSecretManagerCertificateConfigOutput + ToGetClusterNodePoolDefaultNodeConfigDefaultContainerdConfigPrivateRegistryAccessConfigCertificateAuthorityDomainConfigGcpSecretManagerCertificateConfigOutputWithContext(context.Context) GetClusterNodePoolDefaultNodeConfigDefaultContainerdConfigPrivateRegistryAccessConfigCertificateAuthorityDomainConfigGcpSecretManagerCertificateConfigOutput +} + +type GetClusterNodePoolDefaultNodeConfigDefaultContainerdConfigPrivateRegistryAccessConfigCertificateAuthorityDomainConfigGcpSecretManagerCertificateConfigArgs struct { + // URI for the secret that hosts a certificate. Must be in the format 'projects/PROJECT_NUM/secrets/SECRET_NAME/versions/VERSION_OR_LATEST'. + SecretUri pulumi.StringInput `pulumi:"secretUri"` +} + +func (GetClusterNodePoolDefaultNodeConfigDefaultContainerdConfigPrivateRegistryAccessConfigCertificateAuthorityDomainConfigGcpSecretManagerCertificateConfigArgs) ElementType() reflect.Type { + return reflect.TypeOf((*GetClusterNodePoolDefaultNodeConfigDefaultContainerdConfigPrivateRegistryAccessConfigCertificateAuthorityDomainConfigGcpSecretManagerCertificateConfig)(nil)).Elem() +} + +func (i GetClusterNodePoolDefaultNodeConfigDefaultContainerdConfigPrivateRegistryAccessConfigCertificateAuthorityDomainConfigGcpSecretManagerCertificateConfigArgs) ToGetClusterNodePoolDefaultNodeConfigDefaultContainerdConfigPrivateRegistryAccessConfigCertificateAuthorityDomainConfigGcpSecretManagerCertificateConfigOutput() GetClusterNodePoolDefaultNodeConfigDefaultContainerdConfigPrivateRegistryAccessConfigCertificateAuthorityDomainConfigGcpSecretManagerCertificateConfigOutput { + return i.ToGetClusterNodePoolDefaultNodeConfigDefaultContainerdConfigPrivateRegistryAccessConfigCertificateAuthorityDomainConfigGcpSecretManagerCertificateConfigOutputWithContext(context.Background()) +} + +func (i GetClusterNodePoolDefaultNodeConfigDefaultContainerdConfigPrivateRegistryAccessConfigCertificateAuthorityDomainConfigGcpSecretManagerCertificateConfigArgs) ToGetClusterNodePoolDefaultNodeConfigDefaultContainerdConfigPrivateRegistryAccessConfigCertificateAuthorityDomainConfigGcpSecretManagerCertificateConfigOutputWithContext(ctx context.Context) GetClusterNodePoolDefaultNodeConfigDefaultContainerdConfigPrivateRegistryAccessConfigCertificateAuthorityDomainConfigGcpSecretManagerCertificateConfigOutput { + return pulumi.ToOutputWithContext(ctx, i).(GetClusterNodePoolDefaultNodeConfigDefaultContainerdConfigPrivateRegistryAccessConfigCertificateAuthorityDomainConfigGcpSecretManagerCertificateConfigOutput) +} + +// GetClusterNodePoolDefaultNodeConfigDefaultContainerdConfigPrivateRegistryAccessConfigCertificateAuthorityDomainConfigGcpSecretManagerCertificateConfigArrayInput is an input type that accepts GetClusterNodePoolDefaultNodeConfigDefaultContainerdConfigPrivateRegistryAccessConfigCertificateAuthorityDomainConfigGcpSecretManagerCertificateConfigArray and GetClusterNodePoolDefaultNodeConfigDefaultContainerdConfigPrivateRegistryAccessConfigCertificateAuthorityDomainConfigGcpSecretManagerCertificateConfigArrayOutput values. +// You can construct a concrete instance of `GetClusterNodePoolDefaultNodeConfigDefaultContainerdConfigPrivateRegistryAccessConfigCertificateAuthorityDomainConfigGcpSecretManagerCertificateConfigArrayInput` via: +// +// GetClusterNodePoolDefaultNodeConfigDefaultContainerdConfigPrivateRegistryAccessConfigCertificateAuthorityDomainConfigGcpSecretManagerCertificateConfigArray{ GetClusterNodePoolDefaultNodeConfigDefaultContainerdConfigPrivateRegistryAccessConfigCertificateAuthorityDomainConfigGcpSecretManagerCertificateConfigArgs{...} } +type GetClusterNodePoolDefaultNodeConfigDefaultContainerdConfigPrivateRegistryAccessConfigCertificateAuthorityDomainConfigGcpSecretManagerCertificateConfigArrayInput interface { + pulumi.Input + + ToGetClusterNodePoolDefaultNodeConfigDefaultContainerdConfigPrivateRegistryAccessConfigCertificateAuthorityDomainConfigGcpSecretManagerCertificateConfigArrayOutput() GetClusterNodePoolDefaultNodeConfigDefaultContainerdConfigPrivateRegistryAccessConfigCertificateAuthorityDomainConfigGcpSecretManagerCertificateConfigArrayOutput + ToGetClusterNodePoolDefaultNodeConfigDefaultContainerdConfigPrivateRegistryAccessConfigCertificateAuthorityDomainConfigGcpSecretManagerCertificateConfigArrayOutputWithContext(context.Context) GetClusterNodePoolDefaultNodeConfigDefaultContainerdConfigPrivateRegistryAccessConfigCertificateAuthorityDomainConfigGcpSecretManagerCertificateConfigArrayOutput +} + +type GetClusterNodePoolDefaultNodeConfigDefaultContainerdConfigPrivateRegistryAccessConfigCertificateAuthorityDomainConfigGcpSecretManagerCertificateConfigArray []GetClusterNodePoolDefaultNodeConfigDefaultContainerdConfigPrivateRegistryAccessConfigCertificateAuthorityDomainConfigGcpSecretManagerCertificateConfigInput + +func (GetClusterNodePoolDefaultNodeConfigDefaultContainerdConfigPrivateRegistryAccessConfigCertificateAuthorityDomainConfigGcpSecretManagerCertificateConfigArray) ElementType() reflect.Type { + return reflect.TypeOf((*[]GetClusterNodePoolDefaultNodeConfigDefaultContainerdConfigPrivateRegistryAccessConfigCertificateAuthorityDomainConfigGcpSecretManagerCertificateConfig)(nil)).Elem() +} + +func (i GetClusterNodePoolDefaultNodeConfigDefaultContainerdConfigPrivateRegistryAccessConfigCertificateAuthorityDomainConfigGcpSecretManagerCertificateConfigArray) ToGetClusterNodePoolDefaultNodeConfigDefaultContainerdConfigPrivateRegistryAccessConfigCertificateAuthorityDomainConfigGcpSecretManagerCertificateConfigArrayOutput() GetClusterNodePoolDefaultNodeConfigDefaultContainerdConfigPrivateRegistryAccessConfigCertificateAuthorityDomainConfigGcpSecretManagerCertificateConfigArrayOutput { + return i.ToGetClusterNodePoolDefaultNodeConfigDefaultContainerdConfigPrivateRegistryAccessConfigCertificateAuthorityDomainConfigGcpSecretManagerCertificateConfigArrayOutputWithContext(context.Background()) +} + +func (i GetClusterNodePoolDefaultNodeConfigDefaultContainerdConfigPrivateRegistryAccessConfigCertificateAuthorityDomainConfigGcpSecretManagerCertificateConfigArray) ToGetClusterNodePoolDefaultNodeConfigDefaultContainerdConfigPrivateRegistryAccessConfigCertificateAuthorityDomainConfigGcpSecretManagerCertificateConfigArrayOutputWithContext(ctx context.Context) GetClusterNodePoolDefaultNodeConfigDefaultContainerdConfigPrivateRegistryAccessConfigCertificateAuthorityDomainConfigGcpSecretManagerCertificateConfigArrayOutput { + return pulumi.ToOutputWithContext(ctx, i).(GetClusterNodePoolDefaultNodeConfigDefaultContainerdConfigPrivateRegistryAccessConfigCertificateAuthorityDomainConfigGcpSecretManagerCertificateConfigArrayOutput) +} + +type GetClusterNodePoolDefaultNodeConfigDefaultContainerdConfigPrivateRegistryAccessConfigCertificateAuthorityDomainConfigGcpSecretManagerCertificateConfigOutput struct{ *pulumi.OutputState } + +func (GetClusterNodePoolDefaultNodeConfigDefaultContainerdConfigPrivateRegistryAccessConfigCertificateAuthorityDomainConfigGcpSecretManagerCertificateConfigOutput) ElementType() reflect.Type { + return reflect.TypeOf((*GetClusterNodePoolDefaultNodeConfigDefaultContainerdConfigPrivateRegistryAccessConfigCertificateAuthorityDomainConfigGcpSecretManagerCertificateConfig)(nil)).Elem() +} + +func (o GetClusterNodePoolDefaultNodeConfigDefaultContainerdConfigPrivateRegistryAccessConfigCertificateAuthorityDomainConfigGcpSecretManagerCertificateConfigOutput) ToGetClusterNodePoolDefaultNodeConfigDefaultContainerdConfigPrivateRegistryAccessConfigCertificateAuthorityDomainConfigGcpSecretManagerCertificateConfigOutput() GetClusterNodePoolDefaultNodeConfigDefaultContainerdConfigPrivateRegistryAccessConfigCertificateAuthorityDomainConfigGcpSecretManagerCertificateConfigOutput { + return o +} + +func (o GetClusterNodePoolDefaultNodeConfigDefaultContainerdConfigPrivateRegistryAccessConfigCertificateAuthorityDomainConfigGcpSecretManagerCertificateConfigOutput) ToGetClusterNodePoolDefaultNodeConfigDefaultContainerdConfigPrivateRegistryAccessConfigCertificateAuthorityDomainConfigGcpSecretManagerCertificateConfigOutputWithContext(ctx context.Context) GetClusterNodePoolDefaultNodeConfigDefaultContainerdConfigPrivateRegistryAccessConfigCertificateAuthorityDomainConfigGcpSecretManagerCertificateConfigOutput { + return o +} + +// URI for the secret that hosts a certificate. Must be in the format 'projects/PROJECT_NUM/secrets/SECRET_NAME/versions/VERSION_OR_LATEST'. +func (o GetClusterNodePoolDefaultNodeConfigDefaultContainerdConfigPrivateRegistryAccessConfigCertificateAuthorityDomainConfigGcpSecretManagerCertificateConfigOutput) SecretUri() pulumi.StringOutput { + return o.ApplyT(func(v GetClusterNodePoolDefaultNodeConfigDefaultContainerdConfigPrivateRegistryAccessConfigCertificateAuthorityDomainConfigGcpSecretManagerCertificateConfig) string { + return v.SecretUri + }).(pulumi.StringOutput) +} + +type GetClusterNodePoolDefaultNodeConfigDefaultContainerdConfigPrivateRegistryAccessConfigCertificateAuthorityDomainConfigGcpSecretManagerCertificateConfigArrayOutput struct{ *pulumi.OutputState } + +func (GetClusterNodePoolDefaultNodeConfigDefaultContainerdConfigPrivateRegistryAccessConfigCertificateAuthorityDomainConfigGcpSecretManagerCertificateConfigArrayOutput) ElementType() reflect.Type { + return reflect.TypeOf((*[]GetClusterNodePoolDefaultNodeConfigDefaultContainerdConfigPrivateRegistryAccessConfigCertificateAuthorityDomainConfigGcpSecretManagerCertificateConfig)(nil)).Elem() +} + +func (o GetClusterNodePoolDefaultNodeConfigDefaultContainerdConfigPrivateRegistryAccessConfigCertificateAuthorityDomainConfigGcpSecretManagerCertificateConfigArrayOutput) ToGetClusterNodePoolDefaultNodeConfigDefaultContainerdConfigPrivateRegistryAccessConfigCertificateAuthorityDomainConfigGcpSecretManagerCertificateConfigArrayOutput() GetClusterNodePoolDefaultNodeConfigDefaultContainerdConfigPrivateRegistryAccessConfigCertificateAuthorityDomainConfigGcpSecretManagerCertificateConfigArrayOutput { + return o +} + +func (o GetClusterNodePoolDefaultNodeConfigDefaultContainerdConfigPrivateRegistryAccessConfigCertificateAuthorityDomainConfigGcpSecretManagerCertificateConfigArrayOutput) ToGetClusterNodePoolDefaultNodeConfigDefaultContainerdConfigPrivateRegistryAccessConfigCertificateAuthorityDomainConfigGcpSecretManagerCertificateConfigArrayOutputWithContext(ctx context.Context) GetClusterNodePoolDefaultNodeConfigDefaultContainerdConfigPrivateRegistryAccessConfigCertificateAuthorityDomainConfigGcpSecretManagerCertificateConfigArrayOutput { + return o +} + +func (o GetClusterNodePoolDefaultNodeConfigDefaultContainerdConfigPrivateRegistryAccessConfigCertificateAuthorityDomainConfigGcpSecretManagerCertificateConfigArrayOutput) Index(i pulumi.IntInput) GetClusterNodePoolDefaultNodeConfigDefaultContainerdConfigPrivateRegistryAccessConfigCertificateAuthorityDomainConfigGcpSecretManagerCertificateConfigOutput { + return pulumi.All(o, i).ApplyT(func(vs []interface{}) GetClusterNodePoolDefaultNodeConfigDefaultContainerdConfigPrivateRegistryAccessConfigCertificateAuthorityDomainConfigGcpSecretManagerCertificateConfig { + return vs[0].([]GetClusterNodePoolDefaultNodeConfigDefaultContainerdConfigPrivateRegistryAccessConfigCertificateAuthorityDomainConfigGcpSecretManagerCertificateConfig)[vs[1].(int)] + }).(GetClusterNodePoolDefaultNodeConfigDefaultContainerdConfigPrivateRegistryAccessConfigCertificateAuthorityDomainConfigGcpSecretManagerCertificateConfigOutput) +} + type GetClusterNodePoolDefaultNodeConfigDefaultGcfsConfig struct { // Whether or not GCFS is enabled Enabled bool `pulumi:"enabled"` @@ -50366,6 +53146,8 @@ type GetClusterNodePoolNodeConfig struct { BootDiskKmsKey string `pulumi:"bootDiskKmsKey"` // Configuration for the confidential nodes feature, which makes nodes run on confidential VMs. Warning: This configuration can't be changed (or added/removed) after pool creation without deleting and recreating the entire pool. ConfidentialNodes []GetClusterNodePoolNodeConfigConfidentialNode `pulumi:"confidentialNodes"` + // Parameters for containerd configuration. + ContainerdConfigs []GetClusterNodePoolNodeConfigContainerdConfig `pulumi:"containerdConfigs"` // Size of the disk attached to each node, specified in GB. The smallest allowed disk size is 10GB. DiskSizeGb int `pulumi:"diskSizeGb"` // Type of the disk attached to each node. Such as pd-standard, pd-balanced or pd-ssd @@ -50458,6 +53240,8 @@ type GetClusterNodePoolNodeConfigArgs struct { BootDiskKmsKey pulumi.StringInput `pulumi:"bootDiskKmsKey"` // Configuration for the confidential nodes feature, which makes nodes run on confidential VMs. Warning: This configuration can't be changed (or added/removed) after pool creation without deleting and recreating the entire pool. ConfidentialNodes GetClusterNodePoolNodeConfigConfidentialNodeArrayInput `pulumi:"confidentialNodes"` + // Parameters for containerd configuration. + ContainerdConfigs GetClusterNodePoolNodeConfigContainerdConfigArrayInput `pulumi:"containerdConfigs"` // Size of the disk attached to each node, specified in GB. The smallest allowed disk size is 10GB. DiskSizeGb pulumi.IntInput `pulumi:"diskSizeGb"` // Type of the disk attached to each node. Such as pd-standard, pd-balanced or pd-ssd @@ -50602,6 +53386,13 @@ func (o GetClusterNodePoolNodeConfigOutput) ConfidentialNodes() GetClusterNodePo }).(GetClusterNodePoolNodeConfigConfidentialNodeArrayOutput) } +// Parameters for containerd configuration. +func (o GetClusterNodePoolNodeConfigOutput) ContainerdConfigs() GetClusterNodePoolNodeConfigContainerdConfigArrayOutput { + return o.ApplyT(func(v GetClusterNodePoolNodeConfig) []GetClusterNodePoolNodeConfigContainerdConfig { + return v.ContainerdConfigs + }).(GetClusterNodePoolNodeConfigContainerdConfigArrayOutput) +} + // Size of the disk attached to each node, specified in GB. The smallest allowed disk size is 10GB. func (o GetClusterNodePoolNodeConfigOutput) DiskSizeGb() pulumi.IntOutput { return o.ApplyT(func(v GetClusterNodePoolNodeConfig) int { return v.DiskSizeGb }).(pulumi.IntOutput) @@ -51033,6 +53824,422 @@ func (o GetClusterNodePoolNodeConfigConfidentialNodeArrayOutput) Index(i pulumi. }).(GetClusterNodePoolNodeConfigConfidentialNodeOutput) } +type GetClusterNodePoolNodeConfigContainerdConfig struct { + // Parameters for private container registries configuration. + PrivateRegistryAccessConfigs []GetClusterNodePoolNodeConfigContainerdConfigPrivateRegistryAccessConfig `pulumi:"privateRegistryAccessConfigs"` +} + +// GetClusterNodePoolNodeConfigContainerdConfigInput is an input type that accepts GetClusterNodePoolNodeConfigContainerdConfigArgs and GetClusterNodePoolNodeConfigContainerdConfigOutput values. +// You can construct a concrete instance of `GetClusterNodePoolNodeConfigContainerdConfigInput` via: +// +// GetClusterNodePoolNodeConfigContainerdConfigArgs{...} +type GetClusterNodePoolNodeConfigContainerdConfigInput interface { + pulumi.Input + + ToGetClusterNodePoolNodeConfigContainerdConfigOutput() GetClusterNodePoolNodeConfigContainerdConfigOutput + ToGetClusterNodePoolNodeConfigContainerdConfigOutputWithContext(context.Context) GetClusterNodePoolNodeConfigContainerdConfigOutput +} + +type GetClusterNodePoolNodeConfigContainerdConfigArgs struct { + // Parameters for private container registries configuration. + PrivateRegistryAccessConfigs GetClusterNodePoolNodeConfigContainerdConfigPrivateRegistryAccessConfigArrayInput `pulumi:"privateRegistryAccessConfigs"` +} + +func (GetClusterNodePoolNodeConfigContainerdConfigArgs) ElementType() reflect.Type { + return reflect.TypeOf((*GetClusterNodePoolNodeConfigContainerdConfig)(nil)).Elem() +} + +func (i GetClusterNodePoolNodeConfigContainerdConfigArgs) ToGetClusterNodePoolNodeConfigContainerdConfigOutput() GetClusterNodePoolNodeConfigContainerdConfigOutput { + return i.ToGetClusterNodePoolNodeConfigContainerdConfigOutputWithContext(context.Background()) +} + +func (i GetClusterNodePoolNodeConfigContainerdConfigArgs) ToGetClusterNodePoolNodeConfigContainerdConfigOutputWithContext(ctx context.Context) GetClusterNodePoolNodeConfigContainerdConfigOutput { + return pulumi.ToOutputWithContext(ctx, i).(GetClusterNodePoolNodeConfigContainerdConfigOutput) +} + +// GetClusterNodePoolNodeConfigContainerdConfigArrayInput is an input type that accepts GetClusterNodePoolNodeConfigContainerdConfigArray and GetClusterNodePoolNodeConfigContainerdConfigArrayOutput values. +// You can construct a concrete instance of `GetClusterNodePoolNodeConfigContainerdConfigArrayInput` via: +// +// GetClusterNodePoolNodeConfigContainerdConfigArray{ GetClusterNodePoolNodeConfigContainerdConfigArgs{...} } +type GetClusterNodePoolNodeConfigContainerdConfigArrayInput interface { + pulumi.Input + + ToGetClusterNodePoolNodeConfigContainerdConfigArrayOutput() GetClusterNodePoolNodeConfigContainerdConfigArrayOutput + ToGetClusterNodePoolNodeConfigContainerdConfigArrayOutputWithContext(context.Context) GetClusterNodePoolNodeConfigContainerdConfigArrayOutput +} + +type GetClusterNodePoolNodeConfigContainerdConfigArray []GetClusterNodePoolNodeConfigContainerdConfigInput + +func (GetClusterNodePoolNodeConfigContainerdConfigArray) ElementType() reflect.Type { + return reflect.TypeOf((*[]GetClusterNodePoolNodeConfigContainerdConfig)(nil)).Elem() +} + +func (i GetClusterNodePoolNodeConfigContainerdConfigArray) ToGetClusterNodePoolNodeConfigContainerdConfigArrayOutput() GetClusterNodePoolNodeConfigContainerdConfigArrayOutput { + return i.ToGetClusterNodePoolNodeConfigContainerdConfigArrayOutputWithContext(context.Background()) +} + +func (i GetClusterNodePoolNodeConfigContainerdConfigArray) ToGetClusterNodePoolNodeConfigContainerdConfigArrayOutputWithContext(ctx context.Context) GetClusterNodePoolNodeConfigContainerdConfigArrayOutput { + return pulumi.ToOutputWithContext(ctx, i).(GetClusterNodePoolNodeConfigContainerdConfigArrayOutput) +} + +type GetClusterNodePoolNodeConfigContainerdConfigOutput struct{ *pulumi.OutputState } + +func (GetClusterNodePoolNodeConfigContainerdConfigOutput) ElementType() reflect.Type { + return reflect.TypeOf((*GetClusterNodePoolNodeConfigContainerdConfig)(nil)).Elem() +} + +func (o GetClusterNodePoolNodeConfigContainerdConfigOutput) ToGetClusterNodePoolNodeConfigContainerdConfigOutput() GetClusterNodePoolNodeConfigContainerdConfigOutput { + return o +} + +func (o GetClusterNodePoolNodeConfigContainerdConfigOutput) ToGetClusterNodePoolNodeConfigContainerdConfigOutputWithContext(ctx context.Context) GetClusterNodePoolNodeConfigContainerdConfigOutput { + return o +} + +// Parameters for private container registries configuration. +func (o GetClusterNodePoolNodeConfigContainerdConfigOutput) PrivateRegistryAccessConfigs() GetClusterNodePoolNodeConfigContainerdConfigPrivateRegistryAccessConfigArrayOutput { + return o.ApplyT(func(v GetClusterNodePoolNodeConfigContainerdConfig) []GetClusterNodePoolNodeConfigContainerdConfigPrivateRegistryAccessConfig { + return v.PrivateRegistryAccessConfigs + }).(GetClusterNodePoolNodeConfigContainerdConfigPrivateRegistryAccessConfigArrayOutput) +} + +type GetClusterNodePoolNodeConfigContainerdConfigArrayOutput struct{ *pulumi.OutputState } + +func (GetClusterNodePoolNodeConfigContainerdConfigArrayOutput) ElementType() reflect.Type { + return reflect.TypeOf((*[]GetClusterNodePoolNodeConfigContainerdConfig)(nil)).Elem() +} + +func (o GetClusterNodePoolNodeConfigContainerdConfigArrayOutput) ToGetClusterNodePoolNodeConfigContainerdConfigArrayOutput() GetClusterNodePoolNodeConfigContainerdConfigArrayOutput { + return o +} + +func (o GetClusterNodePoolNodeConfigContainerdConfigArrayOutput) ToGetClusterNodePoolNodeConfigContainerdConfigArrayOutputWithContext(ctx context.Context) GetClusterNodePoolNodeConfigContainerdConfigArrayOutput { + return o +} + +func (o GetClusterNodePoolNodeConfigContainerdConfigArrayOutput) Index(i pulumi.IntInput) GetClusterNodePoolNodeConfigContainerdConfigOutput { + return pulumi.All(o, i).ApplyT(func(vs []interface{}) GetClusterNodePoolNodeConfigContainerdConfig { + return vs[0].([]GetClusterNodePoolNodeConfigContainerdConfig)[vs[1].(int)] + }).(GetClusterNodePoolNodeConfigContainerdConfigOutput) +} + +type GetClusterNodePoolNodeConfigContainerdConfigPrivateRegistryAccessConfig struct { + // Parameters for configuring CA certificate and domains. + CertificateAuthorityDomainConfigs []GetClusterNodePoolNodeConfigContainerdConfigPrivateRegistryAccessConfigCertificateAuthorityDomainConfig `pulumi:"certificateAuthorityDomainConfigs"` + // Whether or not private registries are configured. + Enabled bool `pulumi:"enabled"` +} + +// GetClusterNodePoolNodeConfigContainerdConfigPrivateRegistryAccessConfigInput is an input type that accepts GetClusterNodePoolNodeConfigContainerdConfigPrivateRegistryAccessConfigArgs and GetClusterNodePoolNodeConfigContainerdConfigPrivateRegistryAccessConfigOutput values. +// You can construct a concrete instance of `GetClusterNodePoolNodeConfigContainerdConfigPrivateRegistryAccessConfigInput` via: +// +// GetClusterNodePoolNodeConfigContainerdConfigPrivateRegistryAccessConfigArgs{...} +type GetClusterNodePoolNodeConfigContainerdConfigPrivateRegistryAccessConfigInput interface { + pulumi.Input + + ToGetClusterNodePoolNodeConfigContainerdConfigPrivateRegistryAccessConfigOutput() GetClusterNodePoolNodeConfigContainerdConfigPrivateRegistryAccessConfigOutput + ToGetClusterNodePoolNodeConfigContainerdConfigPrivateRegistryAccessConfigOutputWithContext(context.Context) GetClusterNodePoolNodeConfigContainerdConfigPrivateRegistryAccessConfigOutput +} + +type GetClusterNodePoolNodeConfigContainerdConfigPrivateRegistryAccessConfigArgs struct { + // Parameters for configuring CA certificate and domains. + CertificateAuthorityDomainConfigs GetClusterNodePoolNodeConfigContainerdConfigPrivateRegistryAccessConfigCertificateAuthorityDomainConfigArrayInput `pulumi:"certificateAuthorityDomainConfigs"` + // Whether or not private registries are configured. + Enabled pulumi.BoolInput `pulumi:"enabled"` +} + +func (GetClusterNodePoolNodeConfigContainerdConfigPrivateRegistryAccessConfigArgs) ElementType() reflect.Type { + return reflect.TypeOf((*GetClusterNodePoolNodeConfigContainerdConfigPrivateRegistryAccessConfig)(nil)).Elem() +} + +func (i GetClusterNodePoolNodeConfigContainerdConfigPrivateRegistryAccessConfigArgs) ToGetClusterNodePoolNodeConfigContainerdConfigPrivateRegistryAccessConfigOutput() GetClusterNodePoolNodeConfigContainerdConfigPrivateRegistryAccessConfigOutput { + return i.ToGetClusterNodePoolNodeConfigContainerdConfigPrivateRegistryAccessConfigOutputWithContext(context.Background()) +} + +func (i GetClusterNodePoolNodeConfigContainerdConfigPrivateRegistryAccessConfigArgs) ToGetClusterNodePoolNodeConfigContainerdConfigPrivateRegistryAccessConfigOutputWithContext(ctx context.Context) GetClusterNodePoolNodeConfigContainerdConfigPrivateRegistryAccessConfigOutput { + return pulumi.ToOutputWithContext(ctx, i).(GetClusterNodePoolNodeConfigContainerdConfigPrivateRegistryAccessConfigOutput) +} + +// GetClusterNodePoolNodeConfigContainerdConfigPrivateRegistryAccessConfigArrayInput is an input type that accepts GetClusterNodePoolNodeConfigContainerdConfigPrivateRegistryAccessConfigArray and GetClusterNodePoolNodeConfigContainerdConfigPrivateRegistryAccessConfigArrayOutput values. +// You can construct a concrete instance of `GetClusterNodePoolNodeConfigContainerdConfigPrivateRegistryAccessConfigArrayInput` via: +// +// GetClusterNodePoolNodeConfigContainerdConfigPrivateRegistryAccessConfigArray{ GetClusterNodePoolNodeConfigContainerdConfigPrivateRegistryAccessConfigArgs{...} } +type GetClusterNodePoolNodeConfigContainerdConfigPrivateRegistryAccessConfigArrayInput interface { + pulumi.Input + + ToGetClusterNodePoolNodeConfigContainerdConfigPrivateRegistryAccessConfigArrayOutput() GetClusterNodePoolNodeConfigContainerdConfigPrivateRegistryAccessConfigArrayOutput + ToGetClusterNodePoolNodeConfigContainerdConfigPrivateRegistryAccessConfigArrayOutputWithContext(context.Context) GetClusterNodePoolNodeConfigContainerdConfigPrivateRegistryAccessConfigArrayOutput +} + +type GetClusterNodePoolNodeConfigContainerdConfigPrivateRegistryAccessConfigArray []GetClusterNodePoolNodeConfigContainerdConfigPrivateRegistryAccessConfigInput + +func (GetClusterNodePoolNodeConfigContainerdConfigPrivateRegistryAccessConfigArray) ElementType() reflect.Type { + return reflect.TypeOf((*[]GetClusterNodePoolNodeConfigContainerdConfigPrivateRegistryAccessConfig)(nil)).Elem() +} + +func (i GetClusterNodePoolNodeConfigContainerdConfigPrivateRegistryAccessConfigArray) ToGetClusterNodePoolNodeConfigContainerdConfigPrivateRegistryAccessConfigArrayOutput() GetClusterNodePoolNodeConfigContainerdConfigPrivateRegistryAccessConfigArrayOutput { + return i.ToGetClusterNodePoolNodeConfigContainerdConfigPrivateRegistryAccessConfigArrayOutputWithContext(context.Background()) +} + +func (i GetClusterNodePoolNodeConfigContainerdConfigPrivateRegistryAccessConfigArray) ToGetClusterNodePoolNodeConfigContainerdConfigPrivateRegistryAccessConfigArrayOutputWithContext(ctx context.Context) GetClusterNodePoolNodeConfigContainerdConfigPrivateRegistryAccessConfigArrayOutput { + return pulumi.ToOutputWithContext(ctx, i).(GetClusterNodePoolNodeConfigContainerdConfigPrivateRegistryAccessConfigArrayOutput) +} + +type GetClusterNodePoolNodeConfigContainerdConfigPrivateRegistryAccessConfigOutput struct{ *pulumi.OutputState } + +func (GetClusterNodePoolNodeConfigContainerdConfigPrivateRegistryAccessConfigOutput) ElementType() reflect.Type { + return reflect.TypeOf((*GetClusterNodePoolNodeConfigContainerdConfigPrivateRegistryAccessConfig)(nil)).Elem() +} + +func (o GetClusterNodePoolNodeConfigContainerdConfigPrivateRegistryAccessConfigOutput) ToGetClusterNodePoolNodeConfigContainerdConfigPrivateRegistryAccessConfigOutput() GetClusterNodePoolNodeConfigContainerdConfigPrivateRegistryAccessConfigOutput { + return o +} + +func (o GetClusterNodePoolNodeConfigContainerdConfigPrivateRegistryAccessConfigOutput) ToGetClusterNodePoolNodeConfigContainerdConfigPrivateRegistryAccessConfigOutputWithContext(ctx context.Context) GetClusterNodePoolNodeConfigContainerdConfigPrivateRegistryAccessConfigOutput { + return o +} + +// Parameters for configuring CA certificate and domains. +func (o GetClusterNodePoolNodeConfigContainerdConfigPrivateRegistryAccessConfigOutput) CertificateAuthorityDomainConfigs() GetClusterNodePoolNodeConfigContainerdConfigPrivateRegistryAccessConfigCertificateAuthorityDomainConfigArrayOutput { + return o.ApplyT(func(v GetClusterNodePoolNodeConfigContainerdConfigPrivateRegistryAccessConfig) []GetClusterNodePoolNodeConfigContainerdConfigPrivateRegistryAccessConfigCertificateAuthorityDomainConfig { + return v.CertificateAuthorityDomainConfigs + }).(GetClusterNodePoolNodeConfigContainerdConfigPrivateRegistryAccessConfigCertificateAuthorityDomainConfigArrayOutput) +} + +// Whether or not private registries are configured. +func (o GetClusterNodePoolNodeConfigContainerdConfigPrivateRegistryAccessConfigOutput) Enabled() pulumi.BoolOutput { + return o.ApplyT(func(v GetClusterNodePoolNodeConfigContainerdConfigPrivateRegistryAccessConfig) bool { return v.Enabled }).(pulumi.BoolOutput) +} + +type GetClusterNodePoolNodeConfigContainerdConfigPrivateRegistryAccessConfigArrayOutput struct{ *pulumi.OutputState } + +func (GetClusterNodePoolNodeConfigContainerdConfigPrivateRegistryAccessConfigArrayOutput) ElementType() reflect.Type { + return reflect.TypeOf((*[]GetClusterNodePoolNodeConfigContainerdConfigPrivateRegistryAccessConfig)(nil)).Elem() +} + +func (o GetClusterNodePoolNodeConfigContainerdConfigPrivateRegistryAccessConfigArrayOutput) ToGetClusterNodePoolNodeConfigContainerdConfigPrivateRegistryAccessConfigArrayOutput() GetClusterNodePoolNodeConfigContainerdConfigPrivateRegistryAccessConfigArrayOutput { + return o +} + +func (o GetClusterNodePoolNodeConfigContainerdConfigPrivateRegistryAccessConfigArrayOutput) ToGetClusterNodePoolNodeConfigContainerdConfigPrivateRegistryAccessConfigArrayOutputWithContext(ctx context.Context) GetClusterNodePoolNodeConfigContainerdConfigPrivateRegistryAccessConfigArrayOutput { + return o +} + +func (o GetClusterNodePoolNodeConfigContainerdConfigPrivateRegistryAccessConfigArrayOutput) Index(i pulumi.IntInput) GetClusterNodePoolNodeConfigContainerdConfigPrivateRegistryAccessConfigOutput { + return pulumi.All(o, i).ApplyT(func(vs []interface{}) GetClusterNodePoolNodeConfigContainerdConfigPrivateRegistryAccessConfig { + return vs[0].([]GetClusterNodePoolNodeConfigContainerdConfigPrivateRegistryAccessConfig)[vs[1].(int)] + }).(GetClusterNodePoolNodeConfigContainerdConfigPrivateRegistryAccessConfigOutput) +} + +type GetClusterNodePoolNodeConfigContainerdConfigPrivateRegistryAccessConfigCertificateAuthorityDomainConfig struct { + // List of fully-qualified-domain-names. IPv4s and port specification are supported. + Fqdns []string `pulumi:"fqdns"` + // Parameters for configuring a certificate hosted in GCP SecretManager. + GcpSecretManagerCertificateConfigs []GetClusterNodePoolNodeConfigContainerdConfigPrivateRegistryAccessConfigCertificateAuthorityDomainConfigGcpSecretManagerCertificateConfig `pulumi:"gcpSecretManagerCertificateConfigs"` +} + +// GetClusterNodePoolNodeConfigContainerdConfigPrivateRegistryAccessConfigCertificateAuthorityDomainConfigInput is an input type that accepts GetClusterNodePoolNodeConfigContainerdConfigPrivateRegistryAccessConfigCertificateAuthorityDomainConfigArgs and GetClusterNodePoolNodeConfigContainerdConfigPrivateRegistryAccessConfigCertificateAuthorityDomainConfigOutput values. +// You can construct a concrete instance of `GetClusterNodePoolNodeConfigContainerdConfigPrivateRegistryAccessConfigCertificateAuthorityDomainConfigInput` via: +// +// GetClusterNodePoolNodeConfigContainerdConfigPrivateRegistryAccessConfigCertificateAuthorityDomainConfigArgs{...} +type GetClusterNodePoolNodeConfigContainerdConfigPrivateRegistryAccessConfigCertificateAuthorityDomainConfigInput interface { + pulumi.Input + + ToGetClusterNodePoolNodeConfigContainerdConfigPrivateRegistryAccessConfigCertificateAuthorityDomainConfigOutput() GetClusterNodePoolNodeConfigContainerdConfigPrivateRegistryAccessConfigCertificateAuthorityDomainConfigOutput + ToGetClusterNodePoolNodeConfigContainerdConfigPrivateRegistryAccessConfigCertificateAuthorityDomainConfigOutputWithContext(context.Context) GetClusterNodePoolNodeConfigContainerdConfigPrivateRegistryAccessConfigCertificateAuthorityDomainConfigOutput +} + +type GetClusterNodePoolNodeConfigContainerdConfigPrivateRegistryAccessConfigCertificateAuthorityDomainConfigArgs struct { + // List of fully-qualified-domain-names. IPv4s and port specification are supported. + Fqdns pulumi.StringArrayInput `pulumi:"fqdns"` + // Parameters for configuring a certificate hosted in GCP SecretManager. + GcpSecretManagerCertificateConfigs GetClusterNodePoolNodeConfigContainerdConfigPrivateRegistryAccessConfigCertificateAuthorityDomainConfigGcpSecretManagerCertificateConfigArrayInput `pulumi:"gcpSecretManagerCertificateConfigs"` +} + +func (GetClusterNodePoolNodeConfigContainerdConfigPrivateRegistryAccessConfigCertificateAuthorityDomainConfigArgs) ElementType() reflect.Type { + return reflect.TypeOf((*GetClusterNodePoolNodeConfigContainerdConfigPrivateRegistryAccessConfigCertificateAuthorityDomainConfig)(nil)).Elem() +} + +func (i GetClusterNodePoolNodeConfigContainerdConfigPrivateRegistryAccessConfigCertificateAuthorityDomainConfigArgs) ToGetClusterNodePoolNodeConfigContainerdConfigPrivateRegistryAccessConfigCertificateAuthorityDomainConfigOutput() GetClusterNodePoolNodeConfigContainerdConfigPrivateRegistryAccessConfigCertificateAuthorityDomainConfigOutput { + return i.ToGetClusterNodePoolNodeConfigContainerdConfigPrivateRegistryAccessConfigCertificateAuthorityDomainConfigOutputWithContext(context.Background()) +} + +func (i GetClusterNodePoolNodeConfigContainerdConfigPrivateRegistryAccessConfigCertificateAuthorityDomainConfigArgs) ToGetClusterNodePoolNodeConfigContainerdConfigPrivateRegistryAccessConfigCertificateAuthorityDomainConfigOutputWithContext(ctx context.Context) GetClusterNodePoolNodeConfigContainerdConfigPrivateRegistryAccessConfigCertificateAuthorityDomainConfigOutput { + return pulumi.ToOutputWithContext(ctx, i).(GetClusterNodePoolNodeConfigContainerdConfigPrivateRegistryAccessConfigCertificateAuthorityDomainConfigOutput) +} + +// GetClusterNodePoolNodeConfigContainerdConfigPrivateRegistryAccessConfigCertificateAuthorityDomainConfigArrayInput is an input type that accepts GetClusterNodePoolNodeConfigContainerdConfigPrivateRegistryAccessConfigCertificateAuthorityDomainConfigArray and GetClusterNodePoolNodeConfigContainerdConfigPrivateRegistryAccessConfigCertificateAuthorityDomainConfigArrayOutput values. +// You can construct a concrete instance of `GetClusterNodePoolNodeConfigContainerdConfigPrivateRegistryAccessConfigCertificateAuthorityDomainConfigArrayInput` via: +// +// GetClusterNodePoolNodeConfigContainerdConfigPrivateRegistryAccessConfigCertificateAuthorityDomainConfigArray{ GetClusterNodePoolNodeConfigContainerdConfigPrivateRegistryAccessConfigCertificateAuthorityDomainConfigArgs{...} } +type GetClusterNodePoolNodeConfigContainerdConfigPrivateRegistryAccessConfigCertificateAuthorityDomainConfigArrayInput interface { + pulumi.Input + + ToGetClusterNodePoolNodeConfigContainerdConfigPrivateRegistryAccessConfigCertificateAuthorityDomainConfigArrayOutput() GetClusterNodePoolNodeConfigContainerdConfigPrivateRegistryAccessConfigCertificateAuthorityDomainConfigArrayOutput + ToGetClusterNodePoolNodeConfigContainerdConfigPrivateRegistryAccessConfigCertificateAuthorityDomainConfigArrayOutputWithContext(context.Context) GetClusterNodePoolNodeConfigContainerdConfigPrivateRegistryAccessConfigCertificateAuthorityDomainConfigArrayOutput +} + +type GetClusterNodePoolNodeConfigContainerdConfigPrivateRegistryAccessConfigCertificateAuthorityDomainConfigArray []GetClusterNodePoolNodeConfigContainerdConfigPrivateRegistryAccessConfigCertificateAuthorityDomainConfigInput + +func (GetClusterNodePoolNodeConfigContainerdConfigPrivateRegistryAccessConfigCertificateAuthorityDomainConfigArray) ElementType() reflect.Type { + return reflect.TypeOf((*[]GetClusterNodePoolNodeConfigContainerdConfigPrivateRegistryAccessConfigCertificateAuthorityDomainConfig)(nil)).Elem() +} + +func (i GetClusterNodePoolNodeConfigContainerdConfigPrivateRegistryAccessConfigCertificateAuthorityDomainConfigArray) ToGetClusterNodePoolNodeConfigContainerdConfigPrivateRegistryAccessConfigCertificateAuthorityDomainConfigArrayOutput() GetClusterNodePoolNodeConfigContainerdConfigPrivateRegistryAccessConfigCertificateAuthorityDomainConfigArrayOutput { + return i.ToGetClusterNodePoolNodeConfigContainerdConfigPrivateRegistryAccessConfigCertificateAuthorityDomainConfigArrayOutputWithContext(context.Background()) +} + +func (i GetClusterNodePoolNodeConfigContainerdConfigPrivateRegistryAccessConfigCertificateAuthorityDomainConfigArray) ToGetClusterNodePoolNodeConfigContainerdConfigPrivateRegistryAccessConfigCertificateAuthorityDomainConfigArrayOutputWithContext(ctx context.Context) GetClusterNodePoolNodeConfigContainerdConfigPrivateRegistryAccessConfigCertificateAuthorityDomainConfigArrayOutput { + return pulumi.ToOutputWithContext(ctx, i).(GetClusterNodePoolNodeConfigContainerdConfigPrivateRegistryAccessConfigCertificateAuthorityDomainConfigArrayOutput) +} + +type GetClusterNodePoolNodeConfigContainerdConfigPrivateRegistryAccessConfigCertificateAuthorityDomainConfigOutput struct{ *pulumi.OutputState } + +func (GetClusterNodePoolNodeConfigContainerdConfigPrivateRegistryAccessConfigCertificateAuthorityDomainConfigOutput) ElementType() reflect.Type { + return reflect.TypeOf((*GetClusterNodePoolNodeConfigContainerdConfigPrivateRegistryAccessConfigCertificateAuthorityDomainConfig)(nil)).Elem() +} + +func (o GetClusterNodePoolNodeConfigContainerdConfigPrivateRegistryAccessConfigCertificateAuthorityDomainConfigOutput) ToGetClusterNodePoolNodeConfigContainerdConfigPrivateRegistryAccessConfigCertificateAuthorityDomainConfigOutput() GetClusterNodePoolNodeConfigContainerdConfigPrivateRegistryAccessConfigCertificateAuthorityDomainConfigOutput { + return o +} + +func (o GetClusterNodePoolNodeConfigContainerdConfigPrivateRegistryAccessConfigCertificateAuthorityDomainConfigOutput) ToGetClusterNodePoolNodeConfigContainerdConfigPrivateRegistryAccessConfigCertificateAuthorityDomainConfigOutputWithContext(ctx context.Context) GetClusterNodePoolNodeConfigContainerdConfigPrivateRegistryAccessConfigCertificateAuthorityDomainConfigOutput { + return o +} + +// List of fully-qualified-domain-names. IPv4s and port specification are supported. +func (o GetClusterNodePoolNodeConfigContainerdConfigPrivateRegistryAccessConfigCertificateAuthorityDomainConfigOutput) Fqdns() pulumi.StringArrayOutput { + return o.ApplyT(func(v GetClusterNodePoolNodeConfigContainerdConfigPrivateRegistryAccessConfigCertificateAuthorityDomainConfig) []string { + return v.Fqdns + }).(pulumi.StringArrayOutput) +} + +// Parameters for configuring a certificate hosted in GCP SecretManager. +func (o GetClusterNodePoolNodeConfigContainerdConfigPrivateRegistryAccessConfigCertificateAuthorityDomainConfigOutput) GcpSecretManagerCertificateConfigs() GetClusterNodePoolNodeConfigContainerdConfigPrivateRegistryAccessConfigCertificateAuthorityDomainConfigGcpSecretManagerCertificateConfigArrayOutput { + return o.ApplyT(func(v GetClusterNodePoolNodeConfigContainerdConfigPrivateRegistryAccessConfigCertificateAuthorityDomainConfig) []GetClusterNodePoolNodeConfigContainerdConfigPrivateRegistryAccessConfigCertificateAuthorityDomainConfigGcpSecretManagerCertificateConfig { + return v.GcpSecretManagerCertificateConfigs + }).(GetClusterNodePoolNodeConfigContainerdConfigPrivateRegistryAccessConfigCertificateAuthorityDomainConfigGcpSecretManagerCertificateConfigArrayOutput) +} + +type GetClusterNodePoolNodeConfigContainerdConfigPrivateRegistryAccessConfigCertificateAuthorityDomainConfigArrayOutput struct{ *pulumi.OutputState } + +func (GetClusterNodePoolNodeConfigContainerdConfigPrivateRegistryAccessConfigCertificateAuthorityDomainConfigArrayOutput) ElementType() reflect.Type { + return reflect.TypeOf((*[]GetClusterNodePoolNodeConfigContainerdConfigPrivateRegistryAccessConfigCertificateAuthorityDomainConfig)(nil)).Elem() +} + +func (o GetClusterNodePoolNodeConfigContainerdConfigPrivateRegistryAccessConfigCertificateAuthorityDomainConfigArrayOutput) ToGetClusterNodePoolNodeConfigContainerdConfigPrivateRegistryAccessConfigCertificateAuthorityDomainConfigArrayOutput() GetClusterNodePoolNodeConfigContainerdConfigPrivateRegistryAccessConfigCertificateAuthorityDomainConfigArrayOutput { + return o +} + +func (o GetClusterNodePoolNodeConfigContainerdConfigPrivateRegistryAccessConfigCertificateAuthorityDomainConfigArrayOutput) ToGetClusterNodePoolNodeConfigContainerdConfigPrivateRegistryAccessConfigCertificateAuthorityDomainConfigArrayOutputWithContext(ctx context.Context) GetClusterNodePoolNodeConfigContainerdConfigPrivateRegistryAccessConfigCertificateAuthorityDomainConfigArrayOutput { + return o +} + +func (o GetClusterNodePoolNodeConfigContainerdConfigPrivateRegistryAccessConfigCertificateAuthorityDomainConfigArrayOutput) Index(i pulumi.IntInput) GetClusterNodePoolNodeConfigContainerdConfigPrivateRegistryAccessConfigCertificateAuthorityDomainConfigOutput { + return pulumi.All(o, i).ApplyT(func(vs []interface{}) GetClusterNodePoolNodeConfigContainerdConfigPrivateRegistryAccessConfigCertificateAuthorityDomainConfig { + return vs[0].([]GetClusterNodePoolNodeConfigContainerdConfigPrivateRegistryAccessConfigCertificateAuthorityDomainConfig)[vs[1].(int)] + }).(GetClusterNodePoolNodeConfigContainerdConfigPrivateRegistryAccessConfigCertificateAuthorityDomainConfigOutput) +} + +type GetClusterNodePoolNodeConfigContainerdConfigPrivateRegistryAccessConfigCertificateAuthorityDomainConfigGcpSecretManagerCertificateConfig struct { + // URI for the secret that hosts a certificate. Must be in the format 'projects/PROJECT_NUM/secrets/SECRET_NAME/versions/VERSION_OR_LATEST'. + SecretUri string `pulumi:"secretUri"` +} + +// GetClusterNodePoolNodeConfigContainerdConfigPrivateRegistryAccessConfigCertificateAuthorityDomainConfigGcpSecretManagerCertificateConfigInput is an input type that accepts GetClusterNodePoolNodeConfigContainerdConfigPrivateRegistryAccessConfigCertificateAuthorityDomainConfigGcpSecretManagerCertificateConfigArgs and GetClusterNodePoolNodeConfigContainerdConfigPrivateRegistryAccessConfigCertificateAuthorityDomainConfigGcpSecretManagerCertificateConfigOutput values. +// You can construct a concrete instance of `GetClusterNodePoolNodeConfigContainerdConfigPrivateRegistryAccessConfigCertificateAuthorityDomainConfigGcpSecretManagerCertificateConfigInput` via: +// +// GetClusterNodePoolNodeConfigContainerdConfigPrivateRegistryAccessConfigCertificateAuthorityDomainConfigGcpSecretManagerCertificateConfigArgs{...} +type GetClusterNodePoolNodeConfigContainerdConfigPrivateRegistryAccessConfigCertificateAuthorityDomainConfigGcpSecretManagerCertificateConfigInput interface { + pulumi.Input + + ToGetClusterNodePoolNodeConfigContainerdConfigPrivateRegistryAccessConfigCertificateAuthorityDomainConfigGcpSecretManagerCertificateConfigOutput() GetClusterNodePoolNodeConfigContainerdConfigPrivateRegistryAccessConfigCertificateAuthorityDomainConfigGcpSecretManagerCertificateConfigOutput + ToGetClusterNodePoolNodeConfigContainerdConfigPrivateRegistryAccessConfigCertificateAuthorityDomainConfigGcpSecretManagerCertificateConfigOutputWithContext(context.Context) GetClusterNodePoolNodeConfigContainerdConfigPrivateRegistryAccessConfigCertificateAuthorityDomainConfigGcpSecretManagerCertificateConfigOutput +} + +type GetClusterNodePoolNodeConfigContainerdConfigPrivateRegistryAccessConfigCertificateAuthorityDomainConfigGcpSecretManagerCertificateConfigArgs struct { + // URI for the secret that hosts a certificate. Must be in the format 'projects/PROJECT_NUM/secrets/SECRET_NAME/versions/VERSION_OR_LATEST'. + SecretUri pulumi.StringInput `pulumi:"secretUri"` +} + +func (GetClusterNodePoolNodeConfigContainerdConfigPrivateRegistryAccessConfigCertificateAuthorityDomainConfigGcpSecretManagerCertificateConfigArgs) ElementType() reflect.Type { + return reflect.TypeOf((*GetClusterNodePoolNodeConfigContainerdConfigPrivateRegistryAccessConfigCertificateAuthorityDomainConfigGcpSecretManagerCertificateConfig)(nil)).Elem() +} + +func (i GetClusterNodePoolNodeConfigContainerdConfigPrivateRegistryAccessConfigCertificateAuthorityDomainConfigGcpSecretManagerCertificateConfigArgs) ToGetClusterNodePoolNodeConfigContainerdConfigPrivateRegistryAccessConfigCertificateAuthorityDomainConfigGcpSecretManagerCertificateConfigOutput() GetClusterNodePoolNodeConfigContainerdConfigPrivateRegistryAccessConfigCertificateAuthorityDomainConfigGcpSecretManagerCertificateConfigOutput { + return i.ToGetClusterNodePoolNodeConfigContainerdConfigPrivateRegistryAccessConfigCertificateAuthorityDomainConfigGcpSecretManagerCertificateConfigOutputWithContext(context.Background()) +} + +func (i GetClusterNodePoolNodeConfigContainerdConfigPrivateRegistryAccessConfigCertificateAuthorityDomainConfigGcpSecretManagerCertificateConfigArgs) ToGetClusterNodePoolNodeConfigContainerdConfigPrivateRegistryAccessConfigCertificateAuthorityDomainConfigGcpSecretManagerCertificateConfigOutputWithContext(ctx context.Context) GetClusterNodePoolNodeConfigContainerdConfigPrivateRegistryAccessConfigCertificateAuthorityDomainConfigGcpSecretManagerCertificateConfigOutput { + return pulumi.ToOutputWithContext(ctx, i).(GetClusterNodePoolNodeConfigContainerdConfigPrivateRegistryAccessConfigCertificateAuthorityDomainConfigGcpSecretManagerCertificateConfigOutput) +} + +// GetClusterNodePoolNodeConfigContainerdConfigPrivateRegistryAccessConfigCertificateAuthorityDomainConfigGcpSecretManagerCertificateConfigArrayInput is an input type that accepts GetClusterNodePoolNodeConfigContainerdConfigPrivateRegistryAccessConfigCertificateAuthorityDomainConfigGcpSecretManagerCertificateConfigArray and GetClusterNodePoolNodeConfigContainerdConfigPrivateRegistryAccessConfigCertificateAuthorityDomainConfigGcpSecretManagerCertificateConfigArrayOutput values. +// You can construct a concrete instance of `GetClusterNodePoolNodeConfigContainerdConfigPrivateRegistryAccessConfigCertificateAuthorityDomainConfigGcpSecretManagerCertificateConfigArrayInput` via: +// +// GetClusterNodePoolNodeConfigContainerdConfigPrivateRegistryAccessConfigCertificateAuthorityDomainConfigGcpSecretManagerCertificateConfigArray{ GetClusterNodePoolNodeConfigContainerdConfigPrivateRegistryAccessConfigCertificateAuthorityDomainConfigGcpSecretManagerCertificateConfigArgs{...} } +type GetClusterNodePoolNodeConfigContainerdConfigPrivateRegistryAccessConfigCertificateAuthorityDomainConfigGcpSecretManagerCertificateConfigArrayInput interface { + pulumi.Input + + ToGetClusterNodePoolNodeConfigContainerdConfigPrivateRegistryAccessConfigCertificateAuthorityDomainConfigGcpSecretManagerCertificateConfigArrayOutput() GetClusterNodePoolNodeConfigContainerdConfigPrivateRegistryAccessConfigCertificateAuthorityDomainConfigGcpSecretManagerCertificateConfigArrayOutput + ToGetClusterNodePoolNodeConfigContainerdConfigPrivateRegistryAccessConfigCertificateAuthorityDomainConfigGcpSecretManagerCertificateConfigArrayOutputWithContext(context.Context) GetClusterNodePoolNodeConfigContainerdConfigPrivateRegistryAccessConfigCertificateAuthorityDomainConfigGcpSecretManagerCertificateConfigArrayOutput +} + +type GetClusterNodePoolNodeConfigContainerdConfigPrivateRegistryAccessConfigCertificateAuthorityDomainConfigGcpSecretManagerCertificateConfigArray []GetClusterNodePoolNodeConfigContainerdConfigPrivateRegistryAccessConfigCertificateAuthorityDomainConfigGcpSecretManagerCertificateConfigInput + +func (GetClusterNodePoolNodeConfigContainerdConfigPrivateRegistryAccessConfigCertificateAuthorityDomainConfigGcpSecretManagerCertificateConfigArray) ElementType() reflect.Type { + return reflect.TypeOf((*[]GetClusterNodePoolNodeConfigContainerdConfigPrivateRegistryAccessConfigCertificateAuthorityDomainConfigGcpSecretManagerCertificateConfig)(nil)).Elem() +} + +func (i GetClusterNodePoolNodeConfigContainerdConfigPrivateRegistryAccessConfigCertificateAuthorityDomainConfigGcpSecretManagerCertificateConfigArray) ToGetClusterNodePoolNodeConfigContainerdConfigPrivateRegistryAccessConfigCertificateAuthorityDomainConfigGcpSecretManagerCertificateConfigArrayOutput() GetClusterNodePoolNodeConfigContainerdConfigPrivateRegistryAccessConfigCertificateAuthorityDomainConfigGcpSecretManagerCertificateConfigArrayOutput { + return i.ToGetClusterNodePoolNodeConfigContainerdConfigPrivateRegistryAccessConfigCertificateAuthorityDomainConfigGcpSecretManagerCertificateConfigArrayOutputWithContext(context.Background()) +} + +func (i GetClusterNodePoolNodeConfigContainerdConfigPrivateRegistryAccessConfigCertificateAuthorityDomainConfigGcpSecretManagerCertificateConfigArray) ToGetClusterNodePoolNodeConfigContainerdConfigPrivateRegistryAccessConfigCertificateAuthorityDomainConfigGcpSecretManagerCertificateConfigArrayOutputWithContext(ctx context.Context) GetClusterNodePoolNodeConfigContainerdConfigPrivateRegistryAccessConfigCertificateAuthorityDomainConfigGcpSecretManagerCertificateConfigArrayOutput { + return pulumi.ToOutputWithContext(ctx, i).(GetClusterNodePoolNodeConfigContainerdConfigPrivateRegistryAccessConfigCertificateAuthorityDomainConfigGcpSecretManagerCertificateConfigArrayOutput) +} + +type GetClusterNodePoolNodeConfigContainerdConfigPrivateRegistryAccessConfigCertificateAuthorityDomainConfigGcpSecretManagerCertificateConfigOutput struct{ *pulumi.OutputState } + +func (GetClusterNodePoolNodeConfigContainerdConfigPrivateRegistryAccessConfigCertificateAuthorityDomainConfigGcpSecretManagerCertificateConfigOutput) ElementType() reflect.Type { + return reflect.TypeOf((*GetClusterNodePoolNodeConfigContainerdConfigPrivateRegistryAccessConfigCertificateAuthorityDomainConfigGcpSecretManagerCertificateConfig)(nil)).Elem() +} + +func (o GetClusterNodePoolNodeConfigContainerdConfigPrivateRegistryAccessConfigCertificateAuthorityDomainConfigGcpSecretManagerCertificateConfigOutput) ToGetClusterNodePoolNodeConfigContainerdConfigPrivateRegistryAccessConfigCertificateAuthorityDomainConfigGcpSecretManagerCertificateConfigOutput() GetClusterNodePoolNodeConfigContainerdConfigPrivateRegistryAccessConfigCertificateAuthorityDomainConfigGcpSecretManagerCertificateConfigOutput { + return o +} + +func (o GetClusterNodePoolNodeConfigContainerdConfigPrivateRegistryAccessConfigCertificateAuthorityDomainConfigGcpSecretManagerCertificateConfigOutput) ToGetClusterNodePoolNodeConfigContainerdConfigPrivateRegistryAccessConfigCertificateAuthorityDomainConfigGcpSecretManagerCertificateConfigOutputWithContext(ctx context.Context) GetClusterNodePoolNodeConfigContainerdConfigPrivateRegistryAccessConfigCertificateAuthorityDomainConfigGcpSecretManagerCertificateConfigOutput { + return o +} + +// URI for the secret that hosts a certificate. Must be in the format 'projects/PROJECT_NUM/secrets/SECRET_NAME/versions/VERSION_OR_LATEST'. +func (o GetClusterNodePoolNodeConfigContainerdConfigPrivateRegistryAccessConfigCertificateAuthorityDomainConfigGcpSecretManagerCertificateConfigOutput) SecretUri() pulumi.StringOutput { + return o.ApplyT(func(v GetClusterNodePoolNodeConfigContainerdConfigPrivateRegistryAccessConfigCertificateAuthorityDomainConfigGcpSecretManagerCertificateConfig) string { + return v.SecretUri + }).(pulumi.StringOutput) +} + +type GetClusterNodePoolNodeConfigContainerdConfigPrivateRegistryAccessConfigCertificateAuthorityDomainConfigGcpSecretManagerCertificateConfigArrayOutput struct{ *pulumi.OutputState } + +func (GetClusterNodePoolNodeConfigContainerdConfigPrivateRegistryAccessConfigCertificateAuthorityDomainConfigGcpSecretManagerCertificateConfigArrayOutput) ElementType() reflect.Type { + return reflect.TypeOf((*[]GetClusterNodePoolNodeConfigContainerdConfigPrivateRegistryAccessConfigCertificateAuthorityDomainConfigGcpSecretManagerCertificateConfig)(nil)).Elem() +} + +func (o GetClusterNodePoolNodeConfigContainerdConfigPrivateRegistryAccessConfigCertificateAuthorityDomainConfigGcpSecretManagerCertificateConfigArrayOutput) ToGetClusterNodePoolNodeConfigContainerdConfigPrivateRegistryAccessConfigCertificateAuthorityDomainConfigGcpSecretManagerCertificateConfigArrayOutput() GetClusterNodePoolNodeConfigContainerdConfigPrivateRegistryAccessConfigCertificateAuthorityDomainConfigGcpSecretManagerCertificateConfigArrayOutput { + return o +} + +func (o GetClusterNodePoolNodeConfigContainerdConfigPrivateRegistryAccessConfigCertificateAuthorityDomainConfigGcpSecretManagerCertificateConfigArrayOutput) ToGetClusterNodePoolNodeConfigContainerdConfigPrivateRegistryAccessConfigCertificateAuthorityDomainConfigGcpSecretManagerCertificateConfigArrayOutputWithContext(ctx context.Context) GetClusterNodePoolNodeConfigContainerdConfigPrivateRegistryAccessConfigCertificateAuthorityDomainConfigGcpSecretManagerCertificateConfigArrayOutput { + return o +} + +func (o GetClusterNodePoolNodeConfigContainerdConfigPrivateRegistryAccessConfigCertificateAuthorityDomainConfigGcpSecretManagerCertificateConfigArrayOutput) Index(i pulumi.IntInput) GetClusterNodePoolNodeConfigContainerdConfigPrivateRegistryAccessConfigCertificateAuthorityDomainConfigGcpSecretManagerCertificateConfigOutput { + return pulumi.All(o, i).ApplyT(func(vs []interface{}) GetClusterNodePoolNodeConfigContainerdConfigPrivateRegistryAccessConfigCertificateAuthorityDomainConfigGcpSecretManagerCertificateConfig { + return vs[0].([]GetClusterNodePoolNodeConfigContainerdConfigPrivateRegistryAccessConfigCertificateAuthorityDomainConfigGcpSecretManagerCertificateConfig)[vs[1].(int)] + }).(GetClusterNodePoolNodeConfigContainerdConfigPrivateRegistryAccessConfigCertificateAuthorityDomainConfigGcpSecretManagerCertificateConfigOutput) +} + type GetClusterNodePoolNodeConfigEffectiveTaint struct { // Effect for taint. Effect string `pulumi:"effect"` @@ -55869,6 +59076,13 @@ func init() { pulumi.RegisterInputType(reflect.TypeOf((*ClusterNodeConfigAdvancedMachineFeaturesPtrInput)(nil)).Elem(), ClusterNodeConfigAdvancedMachineFeaturesArgs{}) pulumi.RegisterInputType(reflect.TypeOf((*ClusterNodeConfigConfidentialNodesInput)(nil)).Elem(), ClusterNodeConfigConfidentialNodesArgs{}) pulumi.RegisterInputType(reflect.TypeOf((*ClusterNodeConfigConfidentialNodesPtrInput)(nil)).Elem(), ClusterNodeConfigConfidentialNodesArgs{}) + pulumi.RegisterInputType(reflect.TypeOf((*ClusterNodeConfigContainerdConfigInput)(nil)).Elem(), ClusterNodeConfigContainerdConfigArgs{}) + pulumi.RegisterInputType(reflect.TypeOf((*ClusterNodeConfigContainerdConfigPtrInput)(nil)).Elem(), ClusterNodeConfigContainerdConfigArgs{}) + pulumi.RegisterInputType(reflect.TypeOf((*ClusterNodeConfigContainerdConfigPrivateRegistryAccessConfigInput)(nil)).Elem(), ClusterNodeConfigContainerdConfigPrivateRegistryAccessConfigArgs{}) + pulumi.RegisterInputType(reflect.TypeOf((*ClusterNodeConfigContainerdConfigPrivateRegistryAccessConfigPtrInput)(nil)).Elem(), ClusterNodeConfigContainerdConfigPrivateRegistryAccessConfigArgs{}) + pulumi.RegisterInputType(reflect.TypeOf((*ClusterNodeConfigContainerdConfigPrivateRegistryAccessConfigCertificateAuthorityDomainConfigInput)(nil)).Elem(), ClusterNodeConfigContainerdConfigPrivateRegistryAccessConfigCertificateAuthorityDomainConfigArgs{}) + pulumi.RegisterInputType(reflect.TypeOf((*ClusterNodeConfigContainerdConfigPrivateRegistryAccessConfigCertificateAuthorityDomainConfigArrayInput)(nil)).Elem(), ClusterNodeConfigContainerdConfigPrivateRegistryAccessConfigCertificateAuthorityDomainConfigArray{}) + pulumi.RegisterInputType(reflect.TypeOf((*ClusterNodeConfigContainerdConfigPrivateRegistryAccessConfigCertificateAuthorityDomainConfigGcpSecretManagerCertificateConfigInput)(nil)).Elem(), ClusterNodeConfigContainerdConfigPrivateRegistryAccessConfigCertificateAuthorityDomainConfigGcpSecretManagerCertificateConfigArgs{}) pulumi.RegisterInputType(reflect.TypeOf((*ClusterNodeConfigEffectiveTaintInput)(nil)).Elem(), ClusterNodeConfigEffectiveTaintArgs{}) pulumi.RegisterInputType(reflect.TypeOf((*ClusterNodeConfigEffectiveTaintArrayInput)(nil)).Elem(), ClusterNodeConfigEffectiveTaintArray{}) pulumi.RegisterInputType(reflect.TypeOf((*ClusterNodeConfigEphemeralStorageConfigInput)(nil)).Elem(), ClusterNodeConfigEphemeralStorageConfigArgs{}) @@ -55923,6 +59137,13 @@ func init() { pulumi.RegisterInputType(reflect.TypeOf((*ClusterNodePoolDefaultsPtrInput)(nil)).Elem(), ClusterNodePoolDefaultsArgs{}) pulumi.RegisterInputType(reflect.TypeOf((*ClusterNodePoolDefaultsNodeConfigDefaultsInput)(nil)).Elem(), ClusterNodePoolDefaultsNodeConfigDefaultsArgs{}) pulumi.RegisterInputType(reflect.TypeOf((*ClusterNodePoolDefaultsNodeConfigDefaultsPtrInput)(nil)).Elem(), ClusterNodePoolDefaultsNodeConfigDefaultsArgs{}) + pulumi.RegisterInputType(reflect.TypeOf((*ClusterNodePoolDefaultsNodeConfigDefaultsContainerdConfigInput)(nil)).Elem(), ClusterNodePoolDefaultsNodeConfigDefaultsContainerdConfigArgs{}) + pulumi.RegisterInputType(reflect.TypeOf((*ClusterNodePoolDefaultsNodeConfigDefaultsContainerdConfigPtrInput)(nil)).Elem(), ClusterNodePoolDefaultsNodeConfigDefaultsContainerdConfigArgs{}) + pulumi.RegisterInputType(reflect.TypeOf((*ClusterNodePoolDefaultsNodeConfigDefaultsContainerdConfigPrivateRegistryAccessConfigInput)(nil)).Elem(), ClusterNodePoolDefaultsNodeConfigDefaultsContainerdConfigPrivateRegistryAccessConfigArgs{}) + pulumi.RegisterInputType(reflect.TypeOf((*ClusterNodePoolDefaultsNodeConfigDefaultsContainerdConfigPrivateRegistryAccessConfigPtrInput)(nil)).Elem(), ClusterNodePoolDefaultsNodeConfigDefaultsContainerdConfigPrivateRegistryAccessConfigArgs{}) + pulumi.RegisterInputType(reflect.TypeOf((*ClusterNodePoolDefaultsNodeConfigDefaultsContainerdConfigPrivateRegistryAccessConfigCertificateAuthorityDomainConfigInput)(nil)).Elem(), ClusterNodePoolDefaultsNodeConfigDefaultsContainerdConfigPrivateRegistryAccessConfigCertificateAuthorityDomainConfigArgs{}) + pulumi.RegisterInputType(reflect.TypeOf((*ClusterNodePoolDefaultsNodeConfigDefaultsContainerdConfigPrivateRegistryAccessConfigCertificateAuthorityDomainConfigArrayInput)(nil)).Elem(), ClusterNodePoolDefaultsNodeConfigDefaultsContainerdConfigPrivateRegistryAccessConfigCertificateAuthorityDomainConfigArray{}) + pulumi.RegisterInputType(reflect.TypeOf((*ClusterNodePoolDefaultsNodeConfigDefaultsContainerdConfigPrivateRegistryAccessConfigCertificateAuthorityDomainConfigGcpSecretManagerCertificateConfigInput)(nil)).Elem(), ClusterNodePoolDefaultsNodeConfigDefaultsContainerdConfigPrivateRegistryAccessConfigCertificateAuthorityDomainConfigGcpSecretManagerCertificateConfigArgs{}) pulumi.RegisterInputType(reflect.TypeOf((*ClusterNodePoolDefaultsNodeConfigDefaultsGcfsConfigInput)(nil)).Elem(), ClusterNodePoolDefaultsNodeConfigDefaultsGcfsConfigArgs{}) pulumi.RegisterInputType(reflect.TypeOf((*ClusterNodePoolDefaultsNodeConfigDefaultsGcfsConfigPtrInput)(nil)).Elem(), ClusterNodePoolDefaultsNodeConfigDefaultsGcfsConfigArgs{}) pulumi.RegisterInputType(reflect.TypeOf((*ClusterNodePoolManagementInput)(nil)).Elem(), ClusterNodePoolManagementArgs{}) @@ -55943,6 +59164,13 @@ func init() { pulumi.RegisterInputType(reflect.TypeOf((*ClusterNodePoolNodeConfigAdvancedMachineFeaturesPtrInput)(nil)).Elem(), ClusterNodePoolNodeConfigAdvancedMachineFeaturesArgs{}) pulumi.RegisterInputType(reflect.TypeOf((*ClusterNodePoolNodeConfigConfidentialNodesInput)(nil)).Elem(), ClusterNodePoolNodeConfigConfidentialNodesArgs{}) pulumi.RegisterInputType(reflect.TypeOf((*ClusterNodePoolNodeConfigConfidentialNodesPtrInput)(nil)).Elem(), ClusterNodePoolNodeConfigConfidentialNodesArgs{}) + pulumi.RegisterInputType(reflect.TypeOf((*ClusterNodePoolNodeConfigContainerdConfigInput)(nil)).Elem(), ClusterNodePoolNodeConfigContainerdConfigArgs{}) + pulumi.RegisterInputType(reflect.TypeOf((*ClusterNodePoolNodeConfigContainerdConfigPtrInput)(nil)).Elem(), ClusterNodePoolNodeConfigContainerdConfigArgs{}) + pulumi.RegisterInputType(reflect.TypeOf((*ClusterNodePoolNodeConfigContainerdConfigPrivateRegistryAccessConfigInput)(nil)).Elem(), ClusterNodePoolNodeConfigContainerdConfigPrivateRegistryAccessConfigArgs{}) + pulumi.RegisterInputType(reflect.TypeOf((*ClusterNodePoolNodeConfigContainerdConfigPrivateRegistryAccessConfigPtrInput)(nil)).Elem(), ClusterNodePoolNodeConfigContainerdConfigPrivateRegistryAccessConfigArgs{}) + pulumi.RegisterInputType(reflect.TypeOf((*ClusterNodePoolNodeConfigContainerdConfigPrivateRegistryAccessConfigCertificateAuthorityDomainConfigInput)(nil)).Elem(), ClusterNodePoolNodeConfigContainerdConfigPrivateRegistryAccessConfigCertificateAuthorityDomainConfigArgs{}) + pulumi.RegisterInputType(reflect.TypeOf((*ClusterNodePoolNodeConfigContainerdConfigPrivateRegistryAccessConfigCertificateAuthorityDomainConfigArrayInput)(nil)).Elem(), ClusterNodePoolNodeConfigContainerdConfigPrivateRegistryAccessConfigCertificateAuthorityDomainConfigArray{}) + pulumi.RegisterInputType(reflect.TypeOf((*ClusterNodePoolNodeConfigContainerdConfigPrivateRegistryAccessConfigCertificateAuthorityDomainConfigGcpSecretManagerCertificateConfigInput)(nil)).Elem(), ClusterNodePoolNodeConfigContainerdConfigPrivateRegistryAccessConfigCertificateAuthorityDomainConfigGcpSecretManagerCertificateConfigArgs{}) pulumi.RegisterInputType(reflect.TypeOf((*ClusterNodePoolNodeConfigEffectiveTaintInput)(nil)).Elem(), ClusterNodePoolNodeConfigEffectiveTaintArgs{}) pulumi.RegisterInputType(reflect.TypeOf((*ClusterNodePoolNodeConfigEffectiveTaintArrayInput)(nil)).Elem(), ClusterNodePoolNodeConfigEffectiveTaintArray{}) pulumi.RegisterInputType(reflect.TypeOf((*ClusterNodePoolNodeConfigEphemeralStorageConfigInput)(nil)).Elem(), ClusterNodePoolNodeConfigEphemeralStorageConfigArgs{}) @@ -56049,6 +59277,13 @@ func init() { pulumi.RegisterInputType(reflect.TypeOf((*NodePoolNodeConfigAdvancedMachineFeaturesPtrInput)(nil)).Elem(), NodePoolNodeConfigAdvancedMachineFeaturesArgs{}) pulumi.RegisterInputType(reflect.TypeOf((*NodePoolNodeConfigConfidentialNodesInput)(nil)).Elem(), NodePoolNodeConfigConfidentialNodesArgs{}) pulumi.RegisterInputType(reflect.TypeOf((*NodePoolNodeConfigConfidentialNodesPtrInput)(nil)).Elem(), NodePoolNodeConfigConfidentialNodesArgs{}) + pulumi.RegisterInputType(reflect.TypeOf((*NodePoolNodeConfigContainerdConfigInput)(nil)).Elem(), NodePoolNodeConfigContainerdConfigArgs{}) + pulumi.RegisterInputType(reflect.TypeOf((*NodePoolNodeConfigContainerdConfigPtrInput)(nil)).Elem(), NodePoolNodeConfigContainerdConfigArgs{}) + pulumi.RegisterInputType(reflect.TypeOf((*NodePoolNodeConfigContainerdConfigPrivateRegistryAccessConfigInput)(nil)).Elem(), NodePoolNodeConfigContainerdConfigPrivateRegistryAccessConfigArgs{}) + pulumi.RegisterInputType(reflect.TypeOf((*NodePoolNodeConfigContainerdConfigPrivateRegistryAccessConfigPtrInput)(nil)).Elem(), NodePoolNodeConfigContainerdConfigPrivateRegistryAccessConfigArgs{}) + pulumi.RegisterInputType(reflect.TypeOf((*NodePoolNodeConfigContainerdConfigPrivateRegistryAccessConfigCertificateAuthorityDomainConfigInput)(nil)).Elem(), NodePoolNodeConfigContainerdConfigPrivateRegistryAccessConfigCertificateAuthorityDomainConfigArgs{}) + pulumi.RegisterInputType(reflect.TypeOf((*NodePoolNodeConfigContainerdConfigPrivateRegistryAccessConfigCertificateAuthorityDomainConfigArrayInput)(nil)).Elem(), NodePoolNodeConfigContainerdConfigPrivateRegistryAccessConfigCertificateAuthorityDomainConfigArray{}) + pulumi.RegisterInputType(reflect.TypeOf((*NodePoolNodeConfigContainerdConfigPrivateRegistryAccessConfigCertificateAuthorityDomainConfigGcpSecretManagerCertificateConfigInput)(nil)).Elem(), NodePoolNodeConfigContainerdConfigPrivateRegistryAccessConfigCertificateAuthorityDomainConfigGcpSecretManagerCertificateConfigArgs{}) pulumi.RegisterInputType(reflect.TypeOf((*NodePoolNodeConfigEffectiveTaintInput)(nil)).Elem(), NodePoolNodeConfigEffectiveTaintArgs{}) pulumi.RegisterInputType(reflect.TypeOf((*NodePoolNodeConfigEffectiveTaintArrayInput)(nil)).Elem(), NodePoolNodeConfigEffectiveTaintArray{}) pulumi.RegisterInputType(reflect.TypeOf((*NodePoolNodeConfigEphemeralStorageConfigInput)(nil)).Elem(), NodePoolNodeConfigEphemeralStorageConfigArgs{}) @@ -56213,6 +59448,14 @@ func init() { pulumi.RegisterInputType(reflect.TypeOf((*GetClusterNodeConfigAdvancedMachineFeatureArrayInput)(nil)).Elem(), GetClusterNodeConfigAdvancedMachineFeatureArray{}) pulumi.RegisterInputType(reflect.TypeOf((*GetClusterNodeConfigConfidentialNodeInput)(nil)).Elem(), GetClusterNodeConfigConfidentialNodeArgs{}) pulumi.RegisterInputType(reflect.TypeOf((*GetClusterNodeConfigConfidentialNodeArrayInput)(nil)).Elem(), GetClusterNodeConfigConfidentialNodeArray{}) + pulumi.RegisterInputType(reflect.TypeOf((*GetClusterNodeConfigContainerdConfigInput)(nil)).Elem(), GetClusterNodeConfigContainerdConfigArgs{}) + pulumi.RegisterInputType(reflect.TypeOf((*GetClusterNodeConfigContainerdConfigArrayInput)(nil)).Elem(), GetClusterNodeConfigContainerdConfigArray{}) + pulumi.RegisterInputType(reflect.TypeOf((*GetClusterNodeConfigContainerdConfigPrivateRegistryAccessConfigInput)(nil)).Elem(), GetClusterNodeConfigContainerdConfigPrivateRegistryAccessConfigArgs{}) + pulumi.RegisterInputType(reflect.TypeOf((*GetClusterNodeConfigContainerdConfigPrivateRegistryAccessConfigArrayInput)(nil)).Elem(), GetClusterNodeConfigContainerdConfigPrivateRegistryAccessConfigArray{}) + pulumi.RegisterInputType(reflect.TypeOf((*GetClusterNodeConfigContainerdConfigPrivateRegistryAccessConfigCertificateAuthorityDomainConfigInput)(nil)).Elem(), GetClusterNodeConfigContainerdConfigPrivateRegistryAccessConfigCertificateAuthorityDomainConfigArgs{}) + pulumi.RegisterInputType(reflect.TypeOf((*GetClusterNodeConfigContainerdConfigPrivateRegistryAccessConfigCertificateAuthorityDomainConfigArrayInput)(nil)).Elem(), GetClusterNodeConfigContainerdConfigPrivateRegistryAccessConfigCertificateAuthorityDomainConfigArray{}) + pulumi.RegisterInputType(reflect.TypeOf((*GetClusterNodeConfigContainerdConfigPrivateRegistryAccessConfigCertificateAuthorityDomainConfigGcpSecretManagerCertificateConfigInput)(nil)).Elem(), GetClusterNodeConfigContainerdConfigPrivateRegistryAccessConfigCertificateAuthorityDomainConfigGcpSecretManagerCertificateConfigArgs{}) + pulumi.RegisterInputType(reflect.TypeOf((*GetClusterNodeConfigContainerdConfigPrivateRegistryAccessConfigCertificateAuthorityDomainConfigGcpSecretManagerCertificateConfigArrayInput)(nil)).Elem(), GetClusterNodeConfigContainerdConfigPrivateRegistryAccessConfigCertificateAuthorityDomainConfigGcpSecretManagerCertificateConfigArray{}) pulumi.RegisterInputType(reflect.TypeOf((*GetClusterNodeConfigEffectiveTaintInput)(nil)).Elem(), GetClusterNodeConfigEffectiveTaintArgs{}) pulumi.RegisterInputType(reflect.TypeOf((*GetClusterNodeConfigEffectiveTaintArrayInput)(nil)).Elem(), GetClusterNodeConfigEffectiveTaintArray{}) pulumi.RegisterInputType(reflect.TypeOf((*GetClusterNodeConfigEphemeralStorageConfigInput)(nil)).Elem(), GetClusterNodeConfigEphemeralStorageConfigArgs{}) @@ -56267,6 +59510,14 @@ func init() { pulumi.RegisterInputType(reflect.TypeOf((*GetClusterNodePoolDefaultArrayInput)(nil)).Elem(), GetClusterNodePoolDefaultArray{}) pulumi.RegisterInputType(reflect.TypeOf((*GetClusterNodePoolDefaultNodeConfigDefaultInput)(nil)).Elem(), GetClusterNodePoolDefaultNodeConfigDefaultArgs{}) pulumi.RegisterInputType(reflect.TypeOf((*GetClusterNodePoolDefaultNodeConfigDefaultArrayInput)(nil)).Elem(), GetClusterNodePoolDefaultNodeConfigDefaultArray{}) + pulumi.RegisterInputType(reflect.TypeOf((*GetClusterNodePoolDefaultNodeConfigDefaultContainerdConfigInput)(nil)).Elem(), GetClusterNodePoolDefaultNodeConfigDefaultContainerdConfigArgs{}) + pulumi.RegisterInputType(reflect.TypeOf((*GetClusterNodePoolDefaultNodeConfigDefaultContainerdConfigArrayInput)(nil)).Elem(), GetClusterNodePoolDefaultNodeConfigDefaultContainerdConfigArray{}) + pulumi.RegisterInputType(reflect.TypeOf((*GetClusterNodePoolDefaultNodeConfigDefaultContainerdConfigPrivateRegistryAccessConfigInput)(nil)).Elem(), GetClusterNodePoolDefaultNodeConfigDefaultContainerdConfigPrivateRegistryAccessConfigArgs{}) + pulumi.RegisterInputType(reflect.TypeOf((*GetClusterNodePoolDefaultNodeConfigDefaultContainerdConfigPrivateRegistryAccessConfigArrayInput)(nil)).Elem(), GetClusterNodePoolDefaultNodeConfigDefaultContainerdConfigPrivateRegistryAccessConfigArray{}) + pulumi.RegisterInputType(reflect.TypeOf((*GetClusterNodePoolDefaultNodeConfigDefaultContainerdConfigPrivateRegistryAccessConfigCertificateAuthorityDomainConfigInput)(nil)).Elem(), GetClusterNodePoolDefaultNodeConfigDefaultContainerdConfigPrivateRegistryAccessConfigCertificateAuthorityDomainConfigArgs{}) + pulumi.RegisterInputType(reflect.TypeOf((*GetClusterNodePoolDefaultNodeConfigDefaultContainerdConfigPrivateRegistryAccessConfigCertificateAuthorityDomainConfigArrayInput)(nil)).Elem(), GetClusterNodePoolDefaultNodeConfigDefaultContainerdConfigPrivateRegistryAccessConfigCertificateAuthorityDomainConfigArray{}) + pulumi.RegisterInputType(reflect.TypeOf((*GetClusterNodePoolDefaultNodeConfigDefaultContainerdConfigPrivateRegistryAccessConfigCertificateAuthorityDomainConfigGcpSecretManagerCertificateConfigInput)(nil)).Elem(), GetClusterNodePoolDefaultNodeConfigDefaultContainerdConfigPrivateRegistryAccessConfigCertificateAuthorityDomainConfigGcpSecretManagerCertificateConfigArgs{}) + pulumi.RegisterInputType(reflect.TypeOf((*GetClusterNodePoolDefaultNodeConfigDefaultContainerdConfigPrivateRegistryAccessConfigCertificateAuthorityDomainConfigGcpSecretManagerCertificateConfigArrayInput)(nil)).Elem(), GetClusterNodePoolDefaultNodeConfigDefaultContainerdConfigPrivateRegistryAccessConfigCertificateAuthorityDomainConfigGcpSecretManagerCertificateConfigArray{}) pulumi.RegisterInputType(reflect.TypeOf((*GetClusterNodePoolDefaultNodeConfigDefaultGcfsConfigInput)(nil)).Elem(), GetClusterNodePoolDefaultNodeConfigDefaultGcfsConfigArgs{}) pulumi.RegisterInputType(reflect.TypeOf((*GetClusterNodePoolDefaultNodeConfigDefaultGcfsConfigArrayInput)(nil)).Elem(), GetClusterNodePoolDefaultNodeConfigDefaultGcfsConfigArray{}) pulumi.RegisterInputType(reflect.TypeOf((*GetClusterNodePoolManagementInput)(nil)).Elem(), GetClusterNodePoolManagementArgs{}) @@ -56287,6 +59538,14 @@ func init() { pulumi.RegisterInputType(reflect.TypeOf((*GetClusterNodePoolNodeConfigAdvancedMachineFeatureArrayInput)(nil)).Elem(), GetClusterNodePoolNodeConfigAdvancedMachineFeatureArray{}) pulumi.RegisterInputType(reflect.TypeOf((*GetClusterNodePoolNodeConfigConfidentialNodeInput)(nil)).Elem(), GetClusterNodePoolNodeConfigConfidentialNodeArgs{}) pulumi.RegisterInputType(reflect.TypeOf((*GetClusterNodePoolNodeConfigConfidentialNodeArrayInput)(nil)).Elem(), GetClusterNodePoolNodeConfigConfidentialNodeArray{}) + pulumi.RegisterInputType(reflect.TypeOf((*GetClusterNodePoolNodeConfigContainerdConfigInput)(nil)).Elem(), GetClusterNodePoolNodeConfigContainerdConfigArgs{}) + pulumi.RegisterInputType(reflect.TypeOf((*GetClusterNodePoolNodeConfigContainerdConfigArrayInput)(nil)).Elem(), GetClusterNodePoolNodeConfigContainerdConfigArray{}) + pulumi.RegisterInputType(reflect.TypeOf((*GetClusterNodePoolNodeConfigContainerdConfigPrivateRegistryAccessConfigInput)(nil)).Elem(), GetClusterNodePoolNodeConfigContainerdConfigPrivateRegistryAccessConfigArgs{}) + pulumi.RegisterInputType(reflect.TypeOf((*GetClusterNodePoolNodeConfigContainerdConfigPrivateRegistryAccessConfigArrayInput)(nil)).Elem(), GetClusterNodePoolNodeConfigContainerdConfigPrivateRegistryAccessConfigArray{}) + pulumi.RegisterInputType(reflect.TypeOf((*GetClusterNodePoolNodeConfigContainerdConfigPrivateRegistryAccessConfigCertificateAuthorityDomainConfigInput)(nil)).Elem(), GetClusterNodePoolNodeConfigContainerdConfigPrivateRegistryAccessConfigCertificateAuthorityDomainConfigArgs{}) + pulumi.RegisterInputType(reflect.TypeOf((*GetClusterNodePoolNodeConfigContainerdConfigPrivateRegistryAccessConfigCertificateAuthorityDomainConfigArrayInput)(nil)).Elem(), GetClusterNodePoolNodeConfigContainerdConfigPrivateRegistryAccessConfigCertificateAuthorityDomainConfigArray{}) + pulumi.RegisterInputType(reflect.TypeOf((*GetClusterNodePoolNodeConfigContainerdConfigPrivateRegistryAccessConfigCertificateAuthorityDomainConfigGcpSecretManagerCertificateConfigInput)(nil)).Elem(), GetClusterNodePoolNodeConfigContainerdConfigPrivateRegistryAccessConfigCertificateAuthorityDomainConfigGcpSecretManagerCertificateConfigArgs{}) + pulumi.RegisterInputType(reflect.TypeOf((*GetClusterNodePoolNodeConfigContainerdConfigPrivateRegistryAccessConfigCertificateAuthorityDomainConfigGcpSecretManagerCertificateConfigArrayInput)(nil)).Elem(), GetClusterNodePoolNodeConfigContainerdConfigPrivateRegistryAccessConfigCertificateAuthorityDomainConfigGcpSecretManagerCertificateConfigArray{}) pulumi.RegisterInputType(reflect.TypeOf((*GetClusterNodePoolNodeConfigEffectiveTaintInput)(nil)).Elem(), GetClusterNodePoolNodeConfigEffectiveTaintArgs{}) pulumi.RegisterInputType(reflect.TypeOf((*GetClusterNodePoolNodeConfigEffectiveTaintArrayInput)(nil)).Elem(), GetClusterNodePoolNodeConfigEffectiveTaintArray{}) pulumi.RegisterInputType(reflect.TypeOf((*GetClusterNodePoolNodeConfigEphemeralStorageConfigInput)(nil)).Elem(), GetClusterNodePoolNodeConfigEphemeralStorageConfigArgs{}) @@ -56619,6 +59878,13 @@ func init() { pulumi.RegisterOutputType(ClusterNodeConfigAdvancedMachineFeaturesPtrOutput{}) pulumi.RegisterOutputType(ClusterNodeConfigConfidentialNodesOutput{}) pulumi.RegisterOutputType(ClusterNodeConfigConfidentialNodesPtrOutput{}) + pulumi.RegisterOutputType(ClusterNodeConfigContainerdConfigOutput{}) + pulumi.RegisterOutputType(ClusterNodeConfigContainerdConfigPtrOutput{}) + pulumi.RegisterOutputType(ClusterNodeConfigContainerdConfigPrivateRegistryAccessConfigOutput{}) + pulumi.RegisterOutputType(ClusterNodeConfigContainerdConfigPrivateRegistryAccessConfigPtrOutput{}) + pulumi.RegisterOutputType(ClusterNodeConfigContainerdConfigPrivateRegistryAccessConfigCertificateAuthorityDomainConfigOutput{}) + pulumi.RegisterOutputType(ClusterNodeConfigContainerdConfigPrivateRegistryAccessConfigCertificateAuthorityDomainConfigArrayOutput{}) + pulumi.RegisterOutputType(ClusterNodeConfigContainerdConfigPrivateRegistryAccessConfigCertificateAuthorityDomainConfigGcpSecretManagerCertificateConfigOutput{}) pulumi.RegisterOutputType(ClusterNodeConfigEffectiveTaintOutput{}) pulumi.RegisterOutputType(ClusterNodeConfigEffectiveTaintArrayOutput{}) pulumi.RegisterOutputType(ClusterNodeConfigEphemeralStorageConfigOutput{}) @@ -56673,6 +59939,13 @@ func init() { pulumi.RegisterOutputType(ClusterNodePoolDefaultsPtrOutput{}) pulumi.RegisterOutputType(ClusterNodePoolDefaultsNodeConfigDefaultsOutput{}) pulumi.RegisterOutputType(ClusterNodePoolDefaultsNodeConfigDefaultsPtrOutput{}) + pulumi.RegisterOutputType(ClusterNodePoolDefaultsNodeConfigDefaultsContainerdConfigOutput{}) + pulumi.RegisterOutputType(ClusterNodePoolDefaultsNodeConfigDefaultsContainerdConfigPtrOutput{}) + pulumi.RegisterOutputType(ClusterNodePoolDefaultsNodeConfigDefaultsContainerdConfigPrivateRegistryAccessConfigOutput{}) + pulumi.RegisterOutputType(ClusterNodePoolDefaultsNodeConfigDefaultsContainerdConfigPrivateRegistryAccessConfigPtrOutput{}) + pulumi.RegisterOutputType(ClusterNodePoolDefaultsNodeConfigDefaultsContainerdConfigPrivateRegistryAccessConfigCertificateAuthorityDomainConfigOutput{}) + pulumi.RegisterOutputType(ClusterNodePoolDefaultsNodeConfigDefaultsContainerdConfigPrivateRegistryAccessConfigCertificateAuthorityDomainConfigArrayOutput{}) + pulumi.RegisterOutputType(ClusterNodePoolDefaultsNodeConfigDefaultsContainerdConfigPrivateRegistryAccessConfigCertificateAuthorityDomainConfigGcpSecretManagerCertificateConfigOutput{}) pulumi.RegisterOutputType(ClusterNodePoolDefaultsNodeConfigDefaultsGcfsConfigOutput{}) pulumi.RegisterOutputType(ClusterNodePoolDefaultsNodeConfigDefaultsGcfsConfigPtrOutput{}) pulumi.RegisterOutputType(ClusterNodePoolManagementOutput{}) @@ -56693,6 +59966,13 @@ func init() { pulumi.RegisterOutputType(ClusterNodePoolNodeConfigAdvancedMachineFeaturesPtrOutput{}) pulumi.RegisterOutputType(ClusterNodePoolNodeConfigConfidentialNodesOutput{}) pulumi.RegisterOutputType(ClusterNodePoolNodeConfigConfidentialNodesPtrOutput{}) + pulumi.RegisterOutputType(ClusterNodePoolNodeConfigContainerdConfigOutput{}) + pulumi.RegisterOutputType(ClusterNodePoolNodeConfigContainerdConfigPtrOutput{}) + pulumi.RegisterOutputType(ClusterNodePoolNodeConfigContainerdConfigPrivateRegistryAccessConfigOutput{}) + pulumi.RegisterOutputType(ClusterNodePoolNodeConfigContainerdConfigPrivateRegistryAccessConfigPtrOutput{}) + pulumi.RegisterOutputType(ClusterNodePoolNodeConfigContainerdConfigPrivateRegistryAccessConfigCertificateAuthorityDomainConfigOutput{}) + pulumi.RegisterOutputType(ClusterNodePoolNodeConfigContainerdConfigPrivateRegistryAccessConfigCertificateAuthorityDomainConfigArrayOutput{}) + pulumi.RegisterOutputType(ClusterNodePoolNodeConfigContainerdConfigPrivateRegistryAccessConfigCertificateAuthorityDomainConfigGcpSecretManagerCertificateConfigOutput{}) pulumi.RegisterOutputType(ClusterNodePoolNodeConfigEffectiveTaintOutput{}) pulumi.RegisterOutputType(ClusterNodePoolNodeConfigEffectiveTaintArrayOutput{}) pulumi.RegisterOutputType(ClusterNodePoolNodeConfigEphemeralStorageConfigOutput{}) @@ -56799,6 +60079,13 @@ func init() { pulumi.RegisterOutputType(NodePoolNodeConfigAdvancedMachineFeaturesPtrOutput{}) pulumi.RegisterOutputType(NodePoolNodeConfigConfidentialNodesOutput{}) pulumi.RegisterOutputType(NodePoolNodeConfigConfidentialNodesPtrOutput{}) + pulumi.RegisterOutputType(NodePoolNodeConfigContainerdConfigOutput{}) + pulumi.RegisterOutputType(NodePoolNodeConfigContainerdConfigPtrOutput{}) + pulumi.RegisterOutputType(NodePoolNodeConfigContainerdConfigPrivateRegistryAccessConfigOutput{}) + pulumi.RegisterOutputType(NodePoolNodeConfigContainerdConfigPrivateRegistryAccessConfigPtrOutput{}) + pulumi.RegisterOutputType(NodePoolNodeConfigContainerdConfigPrivateRegistryAccessConfigCertificateAuthorityDomainConfigOutput{}) + pulumi.RegisterOutputType(NodePoolNodeConfigContainerdConfigPrivateRegistryAccessConfigCertificateAuthorityDomainConfigArrayOutput{}) + pulumi.RegisterOutputType(NodePoolNodeConfigContainerdConfigPrivateRegistryAccessConfigCertificateAuthorityDomainConfigGcpSecretManagerCertificateConfigOutput{}) pulumi.RegisterOutputType(NodePoolNodeConfigEffectiveTaintOutput{}) pulumi.RegisterOutputType(NodePoolNodeConfigEffectiveTaintArrayOutput{}) pulumi.RegisterOutputType(NodePoolNodeConfigEphemeralStorageConfigOutput{}) @@ -56963,6 +60250,14 @@ func init() { pulumi.RegisterOutputType(GetClusterNodeConfigAdvancedMachineFeatureArrayOutput{}) pulumi.RegisterOutputType(GetClusterNodeConfigConfidentialNodeOutput{}) pulumi.RegisterOutputType(GetClusterNodeConfigConfidentialNodeArrayOutput{}) + pulumi.RegisterOutputType(GetClusterNodeConfigContainerdConfigOutput{}) + pulumi.RegisterOutputType(GetClusterNodeConfigContainerdConfigArrayOutput{}) + pulumi.RegisterOutputType(GetClusterNodeConfigContainerdConfigPrivateRegistryAccessConfigOutput{}) + pulumi.RegisterOutputType(GetClusterNodeConfigContainerdConfigPrivateRegistryAccessConfigArrayOutput{}) + pulumi.RegisterOutputType(GetClusterNodeConfigContainerdConfigPrivateRegistryAccessConfigCertificateAuthorityDomainConfigOutput{}) + pulumi.RegisterOutputType(GetClusterNodeConfigContainerdConfigPrivateRegistryAccessConfigCertificateAuthorityDomainConfigArrayOutput{}) + pulumi.RegisterOutputType(GetClusterNodeConfigContainerdConfigPrivateRegistryAccessConfigCertificateAuthorityDomainConfigGcpSecretManagerCertificateConfigOutput{}) + pulumi.RegisterOutputType(GetClusterNodeConfigContainerdConfigPrivateRegistryAccessConfigCertificateAuthorityDomainConfigGcpSecretManagerCertificateConfigArrayOutput{}) pulumi.RegisterOutputType(GetClusterNodeConfigEffectiveTaintOutput{}) pulumi.RegisterOutputType(GetClusterNodeConfigEffectiveTaintArrayOutput{}) pulumi.RegisterOutputType(GetClusterNodeConfigEphemeralStorageConfigOutput{}) @@ -57017,6 +60312,14 @@ func init() { pulumi.RegisterOutputType(GetClusterNodePoolDefaultArrayOutput{}) pulumi.RegisterOutputType(GetClusterNodePoolDefaultNodeConfigDefaultOutput{}) pulumi.RegisterOutputType(GetClusterNodePoolDefaultNodeConfigDefaultArrayOutput{}) + pulumi.RegisterOutputType(GetClusterNodePoolDefaultNodeConfigDefaultContainerdConfigOutput{}) + pulumi.RegisterOutputType(GetClusterNodePoolDefaultNodeConfigDefaultContainerdConfigArrayOutput{}) + pulumi.RegisterOutputType(GetClusterNodePoolDefaultNodeConfigDefaultContainerdConfigPrivateRegistryAccessConfigOutput{}) + pulumi.RegisterOutputType(GetClusterNodePoolDefaultNodeConfigDefaultContainerdConfigPrivateRegistryAccessConfigArrayOutput{}) + pulumi.RegisterOutputType(GetClusterNodePoolDefaultNodeConfigDefaultContainerdConfigPrivateRegistryAccessConfigCertificateAuthorityDomainConfigOutput{}) + pulumi.RegisterOutputType(GetClusterNodePoolDefaultNodeConfigDefaultContainerdConfigPrivateRegistryAccessConfigCertificateAuthorityDomainConfigArrayOutput{}) + pulumi.RegisterOutputType(GetClusterNodePoolDefaultNodeConfigDefaultContainerdConfigPrivateRegistryAccessConfigCertificateAuthorityDomainConfigGcpSecretManagerCertificateConfigOutput{}) + pulumi.RegisterOutputType(GetClusterNodePoolDefaultNodeConfigDefaultContainerdConfigPrivateRegistryAccessConfigCertificateAuthorityDomainConfigGcpSecretManagerCertificateConfigArrayOutput{}) pulumi.RegisterOutputType(GetClusterNodePoolDefaultNodeConfigDefaultGcfsConfigOutput{}) pulumi.RegisterOutputType(GetClusterNodePoolDefaultNodeConfigDefaultGcfsConfigArrayOutput{}) pulumi.RegisterOutputType(GetClusterNodePoolManagementOutput{}) @@ -57037,6 +60340,14 @@ func init() { pulumi.RegisterOutputType(GetClusterNodePoolNodeConfigAdvancedMachineFeatureArrayOutput{}) pulumi.RegisterOutputType(GetClusterNodePoolNodeConfigConfidentialNodeOutput{}) pulumi.RegisterOutputType(GetClusterNodePoolNodeConfigConfidentialNodeArrayOutput{}) + pulumi.RegisterOutputType(GetClusterNodePoolNodeConfigContainerdConfigOutput{}) + pulumi.RegisterOutputType(GetClusterNodePoolNodeConfigContainerdConfigArrayOutput{}) + pulumi.RegisterOutputType(GetClusterNodePoolNodeConfigContainerdConfigPrivateRegistryAccessConfigOutput{}) + pulumi.RegisterOutputType(GetClusterNodePoolNodeConfigContainerdConfigPrivateRegistryAccessConfigArrayOutput{}) + pulumi.RegisterOutputType(GetClusterNodePoolNodeConfigContainerdConfigPrivateRegistryAccessConfigCertificateAuthorityDomainConfigOutput{}) + pulumi.RegisterOutputType(GetClusterNodePoolNodeConfigContainerdConfigPrivateRegistryAccessConfigCertificateAuthorityDomainConfigArrayOutput{}) + pulumi.RegisterOutputType(GetClusterNodePoolNodeConfigContainerdConfigPrivateRegistryAccessConfigCertificateAuthorityDomainConfigGcpSecretManagerCertificateConfigOutput{}) + pulumi.RegisterOutputType(GetClusterNodePoolNodeConfigContainerdConfigPrivateRegistryAccessConfigCertificateAuthorityDomainConfigGcpSecretManagerCertificateConfigArrayOutput{}) pulumi.RegisterOutputType(GetClusterNodePoolNodeConfigEffectiveTaintOutput{}) pulumi.RegisterOutputType(GetClusterNodePoolNodeConfigEffectiveTaintArrayOutput{}) pulumi.RegisterOutputType(GetClusterNodePoolNodeConfigEphemeralStorageConfigOutput{}) diff --git a/sdk/go/gcp/dataplex/aspectType.go b/sdk/go/gcp/dataplex/aspectType.go new file mode 100644 index 0000000000..b3600dbcd5 --- /dev/null +++ b/sdk/go/gcp/dataplex/aspectType.go @@ -0,0 +1,663 @@ +// Code generated by the Pulumi Terraform Bridge (tfgen) Tool DO NOT EDIT. +// *** WARNING: Do not edit by hand unless you're certain you know what you are doing! *** + +package dataplex + +import ( + "context" + "reflect" + + "github.com/pulumi/pulumi-gcp/sdk/v7/go/gcp/internal" + "github.com/pulumi/pulumi/sdk/v3/go/pulumi" +) + +// An Aspect Type is a template for creating Aspects. +// +// ## Example Usage +// +// ### Dataplex Aspect Type Basic +// +// ```go +// package main +// +// import ( +// +// "github.com/pulumi/pulumi-gcp/sdk/v7/go/gcp/dataplex" +// "github.com/pulumi/pulumi/sdk/v3/go/pulumi" +// +// ) +// +// func main() { +// pulumi.Run(func(ctx *pulumi.Context) error { +// _, err := dataplex.NewAspectType(ctx, "test_aspect_type_basic", &dataplex.AspectTypeArgs{ +// AspectTypeId: pulumi.String("aspect-type-basic"), +// Project: pulumi.String("my-project-name"), +// Location: pulumi.String("us-central1"), +// MetadataTemplate: pulumi.String(`{ +// "name": "tf-test-template", +// "type": "record", +// "recordFields": [ +// { +// "name": "type", +// "type": "enum", +// "annotations": { +// "displayName": "Type", +// "description": "Specifies the type of view represented by the entry." +// }, +// "index": 1, +// "constraints": { +// "required": true +// }, +// "enumValues": [ +// { +// "name": "VIEW", +// "index": 1 +// } +// ] +// } +// ] +// } +// +// `), +// +// }) +// if err != nil { +// return err +// } +// return nil +// }) +// } +// +// ``` +// ### Dataplex Aspect Type Full +// +// ```go +// package main +// +// import ( +// +// "github.com/pulumi/pulumi-gcp/sdk/v7/go/gcp/dataplex" +// "github.com/pulumi/pulumi/sdk/v3/go/pulumi" +// +// ) +// +// func main() { +// pulumi.Run(func(ctx *pulumi.Context) error { +// _, err := dataplex.NewAspectType(ctx, "test_aspect_type_full", &dataplex.AspectTypeArgs{ +// AspectTypeId: pulumi.String("aspect-type-full"), +// Project: pulumi.String("my-project-name"), +// Location: pulumi.String("us-central1"), +// Labels: pulumi.StringMap{ +// "tag": pulumi.String("test-tf"), +// }, +// DisplayName: pulumi.String("terraform aspect type"), +// Description: pulumi.String("aspect type created by Terraform"), +// MetadataTemplate: pulumi.String(`{ +// "type": "record", +// "name": "Schema", +// "recordFields": [ +// { +// "name": "fields", +// "type": "array", +// "index": 1, +// "arrayItems": { +// "name": "field", +// "type": "record", +// "typeId": "field", +// "recordFields": [ +// { +// "name": "name", +// "type": "string", +// "index": 1, +// "constraints": { +// "required": true +// } +// }, +// { +// "name": "description", +// "type": "string", +// "index": 2 +// }, +// { +// "name": "dataType", +// "type": "string", +// "index": 3, +// "constraints": { +// "required": true +// } +// }, +// { +// "name": "metadataType", +// "type": "enum", +// "index": 4, +// "constraints": { +// "required": true +// }, +// "enumValues": [ +// { +// "name": "BOOLEAN", +// "index": 1 +// }, +// { +// "name": "NUMBER", +// "index": 2 +// }, +// { +// "name": "STRING", +// "index": 3 +// }, +// { +// "name": "BYTES", +// "index": 4 +// }, +// { +// "name": "DATETIME", +// "index": 5 +// }, +// { +// "name": "TIMESTAMP", +// "index": 6 +// }, +// { +// "name": "GEOSPATIAL", +// "index": 7 +// }, +// { +// "name": "STRUCT", +// "index": 8 +// }, +// { +// "name": "OTHER", +// "index": 100 +// } +// ] +// }, +// { +// "name": "mode", +// "type": "enum", +// "index": 5, +// "enumValues": [ +// { +// "name": "NULLABLE", +// "index": 1 +// }, +// { +// "name": "REPEATED", +// "index": 2 +// }, +// { +// "name": "REQUIRED", +// "index": 3 +// } +// ] +// }, +// { +// "name": "defaultValue", +// "type": "string", +// "index": 6 +// }, +// { +// "name": "annotations", +// "type": "map", +// "index": 7, +// "mapItems": { +// "name": "label", +// "type": "string" +// } +// }, +// { +// "name": "fields", +// "type": "array", +// "index": 20, +// "arrayItems": { +// "name": "field", +// "type": "record", +// "typeRef": "field" +// } +// } +// ] +// } +// } +// ] +// } +// +// `), +// +// }) +// if err != nil { +// return err +// } +// return nil +// }) +// } +// +// ``` +// +// ## Import +// +// AspectType can be imported using any of these accepted formats: +// +// * `projects/{{project}}/locations/{{location}}/aspectTypes/{{aspect_type_id}}` +// +// * `{{project}}/{{location}}/{{aspect_type_id}}` +// +// * `{{location}}/{{aspect_type_id}}` +// +// When using the `pulumi import` command, AspectType can be imported using one of the formats above. For example: +// +// ```sh +// $ pulumi import gcp:dataplex/aspectType:AspectType default projects/{{project}}/locations/{{location}}/aspectTypes/{{aspect_type_id}} +// ``` +// +// ```sh +// $ pulumi import gcp:dataplex/aspectType:AspectType default {{project}}/{{location}}/{{aspect_type_id}} +// ``` +// +// ```sh +// $ pulumi import gcp:dataplex/aspectType:AspectType default {{location}}/{{aspect_type_id}} +// ``` +type AspectType struct { + pulumi.CustomResourceState + + // The aspect type id of the aspect type. + AspectTypeId pulumi.StringPtrOutput `pulumi:"aspectTypeId"` + // The time when the AspectType was created. + CreateTime pulumi.StringOutput `pulumi:"createTime"` + // Description of the AspectType. + Description pulumi.StringPtrOutput `pulumi:"description"` + // User friendly display name. + DisplayName pulumi.StringPtrOutput `pulumi:"displayName"` + // All of labels (key/value pairs) present on the resource in GCP, including the labels configured through Pulumi, other clients and services. + EffectiveLabels pulumi.StringMapOutput `pulumi:"effectiveLabels"` + // User-defined labels for the AspectType. + // + // **Note**: This field is non-authoritative, and will only manage the labels present in your configuration. + // Please refer to the field `effectiveLabels` for all of the labels present on the resource. + Labels pulumi.StringMapOutput `pulumi:"labels"` + // The location where aspect type will be created in. + Location pulumi.StringPtrOutput `pulumi:"location"` + // MetadataTemplate of the Aspect. + MetadataTemplate pulumi.StringPtrOutput `pulumi:"metadataTemplate"` + // The relative resource name of the AspectType, of the form: projects/{project_number}/locations/{location_id}/aspectTypes/{aspect_type_id} + Name pulumi.StringOutput `pulumi:"name"` + // The ID of the project in which the resource belongs. + // If it is not provided, the provider project is used. + Project pulumi.StringOutput `pulumi:"project"` + // The combination of labels configured directly on the resource + // and default labels configured on the provider. + PulumiLabels pulumi.StringMapOutput `pulumi:"pulumiLabels"` + // Denotes the transfer status of the Aspect Type. It is unspecified + // for Aspect Type created from Dataplex API. + TransferStatus pulumi.StringOutput `pulumi:"transferStatus"` + // System generated globally unique ID for the AspectType. This ID will be different if the AspectType is deleted and re-created with the same name. + Uid pulumi.StringOutput `pulumi:"uid"` + // The time when the AspectType was last updated. + UpdateTime pulumi.StringOutput `pulumi:"updateTime"` +} + +// NewAspectType registers a new resource with the given unique name, arguments, and options. +func NewAspectType(ctx *pulumi.Context, + name string, args *AspectTypeArgs, opts ...pulumi.ResourceOption) (*AspectType, error) { + if args == nil { + args = &AspectTypeArgs{} + } + + secrets := pulumi.AdditionalSecretOutputs([]string{ + "effectiveLabels", + "pulumiLabels", + }) + opts = append(opts, secrets) + opts = internal.PkgResourceDefaultOpts(opts) + var resource AspectType + err := ctx.RegisterResource("gcp:dataplex/aspectType:AspectType", name, args, &resource, opts...) + if err != nil { + return nil, err + } + return &resource, nil +} + +// GetAspectType gets an existing AspectType resource's state with the given name, ID, and optional +// state properties that are used to uniquely qualify the lookup (nil if not required). +func GetAspectType(ctx *pulumi.Context, + name string, id pulumi.IDInput, state *AspectTypeState, opts ...pulumi.ResourceOption) (*AspectType, error) { + var resource AspectType + err := ctx.ReadResource("gcp:dataplex/aspectType:AspectType", name, id, state, &resource, opts...) + if err != nil { + return nil, err + } + return &resource, nil +} + +// Input properties used for looking up and filtering AspectType resources. +type aspectTypeState struct { + // The aspect type id of the aspect type. + AspectTypeId *string `pulumi:"aspectTypeId"` + // The time when the AspectType was created. + CreateTime *string `pulumi:"createTime"` + // Description of the AspectType. + Description *string `pulumi:"description"` + // User friendly display name. + DisplayName *string `pulumi:"displayName"` + // All of labels (key/value pairs) present on the resource in GCP, including the labels configured through Pulumi, other clients and services. + EffectiveLabels map[string]string `pulumi:"effectiveLabels"` + // User-defined labels for the AspectType. + // + // **Note**: This field is non-authoritative, and will only manage the labels present in your configuration. + // Please refer to the field `effectiveLabels` for all of the labels present on the resource. + Labels map[string]string `pulumi:"labels"` + // The location where aspect type will be created in. + Location *string `pulumi:"location"` + // MetadataTemplate of the Aspect. + MetadataTemplate *string `pulumi:"metadataTemplate"` + // The relative resource name of the AspectType, of the form: projects/{project_number}/locations/{location_id}/aspectTypes/{aspect_type_id} + Name *string `pulumi:"name"` + // The ID of the project in which the resource belongs. + // If it is not provided, the provider project is used. + Project *string `pulumi:"project"` + // The combination of labels configured directly on the resource + // and default labels configured on the provider. + PulumiLabels map[string]string `pulumi:"pulumiLabels"` + // Denotes the transfer status of the Aspect Type. It is unspecified + // for Aspect Type created from Dataplex API. + TransferStatus *string `pulumi:"transferStatus"` + // System generated globally unique ID for the AspectType. This ID will be different if the AspectType is deleted and re-created with the same name. + Uid *string `pulumi:"uid"` + // The time when the AspectType was last updated. + UpdateTime *string `pulumi:"updateTime"` +} + +type AspectTypeState struct { + // The aspect type id of the aspect type. + AspectTypeId pulumi.StringPtrInput + // The time when the AspectType was created. + CreateTime pulumi.StringPtrInput + // Description of the AspectType. + Description pulumi.StringPtrInput + // User friendly display name. + DisplayName pulumi.StringPtrInput + // All of labels (key/value pairs) present on the resource in GCP, including the labels configured through Pulumi, other clients and services. + EffectiveLabels pulumi.StringMapInput + // User-defined labels for the AspectType. + // + // **Note**: This field is non-authoritative, and will only manage the labels present in your configuration. + // Please refer to the field `effectiveLabels` for all of the labels present on the resource. + Labels pulumi.StringMapInput + // The location where aspect type will be created in. + Location pulumi.StringPtrInput + // MetadataTemplate of the Aspect. + MetadataTemplate pulumi.StringPtrInput + // The relative resource name of the AspectType, of the form: projects/{project_number}/locations/{location_id}/aspectTypes/{aspect_type_id} + Name pulumi.StringPtrInput + // The ID of the project in which the resource belongs. + // If it is not provided, the provider project is used. + Project pulumi.StringPtrInput + // The combination of labels configured directly on the resource + // and default labels configured on the provider. + PulumiLabels pulumi.StringMapInput + // Denotes the transfer status of the Aspect Type. It is unspecified + // for Aspect Type created from Dataplex API. + TransferStatus pulumi.StringPtrInput + // System generated globally unique ID for the AspectType. This ID will be different if the AspectType is deleted and re-created with the same name. + Uid pulumi.StringPtrInput + // The time when the AspectType was last updated. + UpdateTime pulumi.StringPtrInput +} + +func (AspectTypeState) ElementType() reflect.Type { + return reflect.TypeOf((*aspectTypeState)(nil)).Elem() +} + +type aspectTypeArgs struct { + // The aspect type id of the aspect type. + AspectTypeId *string `pulumi:"aspectTypeId"` + // Description of the AspectType. + Description *string `pulumi:"description"` + // User friendly display name. + DisplayName *string `pulumi:"displayName"` + // User-defined labels for the AspectType. + // + // **Note**: This field is non-authoritative, and will only manage the labels present in your configuration. + // Please refer to the field `effectiveLabels` for all of the labels present on the resource. + Labels map[string]string `pulumi:"labels"` + // The location where aspect type will be created in. + Location *string `pulumi:"location"` + // MetadataTemplate of the Aspect. + MetadataTemplate *string `pulumi:"metadataTemplate"` + // The ID of the project in which the resource belongs. + // If it is not provided, the provider project is used. + Project *string `pulumi:"project"` +} + +// The set of arguments for constructing a AspectType resource. +type AspectTypeArgs struct { + // The aspect type id of the aspect type. + AspectTypeId pulumi.StringPtrInput + // Description of the AspectType. + Description pulumi.StringPtrInput + // User friendly display name. + DisplayName pulumi.StringPtrInput + // User-defined labels for the AspectType. + // + // **Note**: This field is non-authoritative, and will only manage the labels present in your configuration. + // Please refer to the field `effectiveLabels` for all of the labels present on the resource. + Labels pulumi.StringMapInput + // The location where aspect type will be created in. + Location pulumi.StringPtrInput + // MetadataTemplate of the Aspect. + MetadataTemplate pulumi.StringPtrInput + // The ID of the project in which the resource belongs. + // If it is not provided, the provider project is used. + Project pulumi.StringPtrInput +} + +func (AspectTypeArgs) ElementType() reflect.Type { + return reflect.TypeOf((*aspectTypeArgs)(nil)).Elem() +} + +type AspectTypeInput interface { + pulumi.Input + + ToAspectTypeOutput() AspectTypeOutput + ToAspectTypeOutputWithContext(ctx context.Context) AspectTypeOutput +} + +func (*AspectType) ElementType() reflect.Type { + return reflect.TypeOf((**AspectType)(nil)).Elem() +} + +func (i *AspectType) ToAspectTypeOutput() AspectTypeOutput { + return i.ToAspectTypeOutputWithContext(context.Background()) +} + +func (i *AspectType) ToAspectTypeOutputWithContext(ctx context.Context) AspectTypeOutput { + return pulumi.ToOutputWithContext(ctx, i).(AspectTypeOutput) +} + +// AspectTypeArrayInput is an input type that accepts AspectTypeArray and AspectTypeArrayOutput values. +// You can construct a concrete instance of `AspectTypeArrayInput` via: +// +// AspectTypeArray{ AspectTypeArgs{...} } +type AspectTypeArrayInput interface { + pulumi.Input + + ToAspectTypeArrayOutput() AspectTypeArrayOutput + ToAspectTypeArrayOutputWithContext(context.Context) AspectTypeArrayOutput +} + +type AspectTypeArray []AspectTypeInput + +func (AspectTypeArray) ElementType() reflect.Type { + return reflect.TypeOf((*[]*AspectType)(nil)).Elem() +} + +func (i AspectTypeArray) ToAspectTypeArrayOutput() AspectTypeArrayOutput { + return i.ToAspectTypeArrayOutputWithContext(context.Background()) +} + +func (i AspectTypeArray) ToAspectTypeArrayOutputWithContext(ctx context.Context) AspectTypeArrayOutput { + return pulumi.ToOutputWithContext(ctx, i).(AspectTypeArrayOutput) +} + +// AspectTypeMapInput is an input type that accepts AspectTypeMap and AspectTypeMapOutput values. +// You can construct a concrete instance of `AspectTypeMapInput` via: +// +// AspectTypeMap{ "key": AspectTypeArgs{...} } +type AspectTypeMapInput interface { + pulumi.Input + + ToAspectTypeMapOutput() AspectTypeMapOutput + ToAspectTypeMapOutputWithContext(context.Context) AspectTypeMapOutput +} + +type AspectTypeMap map[string]AspectTypeInput + +func (AspectTypeMap) ElementType() reflect.Type { + return reflect.TypeOf((*map[string]*AspectType)(nil)).Elem() +} + +func (i AspectTypeMap) ToAspectTypeMapOutput() AspectTypeMapOutput { + return i.ToAspectTypeMapOutputWithContext(context.Background()) +} + +func (i AspectTypeMap) ToAspectTypeMapOutputWithContext(ctx context.Context) AspectTypeMapOutput { + return pulumi.ToOutputWithContext(ctx, i).(AspectTypeMapOutput) +} + +type AspectTypeOutput struct{ *pulumi.OutputState } + +func (AspectTypeOutput) ElementType() reflect.Type { + return reflect.TypeOf((**AspectType)(nil)).Elem() +} + +func (o AspectTypeOutput) ToAspectTypeOutput() AspectTypeOutput { + return o +} + +func (o AspectTypeOutput) ToAspectTypeOutputWithContext(ctx context.Context) AspectTypeOutput { + return o +} + +// The aspect type id of the aspect type. +func (o AspectTypeOutput) AspectTypeId() pulumi.StringPtrOutput { + return o.ApplyT(func(v *AspectType) pulumi.StringPtrOutput { return v.AspectTypeId }).(pulumi.StringPtrOutput) +} + +// The time when the AspectType was created. +func (o AspectTypeOutput) CreateTime() pulumi.StringOutput { + return o.ApplyT(func(v *AspectType) pulumi.StringOutput { return v.CreateTime }).(pulumi.StringOutput) +} + +// Description of the AspectType. +func (o AspectTypeOutput) Description() pulumi.StringPtrOutput { + return o.ApplyT(func(v *AspectType) pulumi.StringPtrOutput { return v.Description }).(pulumi.StringPtrOutput) +} + +// User friendly display name. +func (o AspectTypeOutput) DisplayName() pulumi.StringPtrOutput { + return o.ApplyT(func(v *AspectType) pulumi.StringPtrOutput { return v.DisplayName }).(pulumi.StringPtrOutput) +} + +// All of labels (key/value pairs) present on the resource in GCP, including the labels configured through Pulumi, other clients and services. +func (o AspectTypeOutput) EffectiveLabels() pulumi.StringMapOutput { + return o.ApplyT(func(v *AspectType) pulumi.StringMapOutput { return v.EffectiveLabels }).(pulumi.StringMapOutput) +} + +// User-defined labels for the AspectType. +// +// **Note**: This field is non-authoritative, and will only manage the labels present in your configuration. +// Please refer to the field `effectiveLabels` for all of the labels present on the resource. +func (o AspectTypeOutput) Labels() pulumi.StringMapOutput { + return o.ApplyT(func(v *AspectType) pulumi.StringMapOutput { return v.Labels }).(pulumi.StringMapOutput) +} + +// The location where aspect type will be created in. +func (o AspectTypeOutput) Location() pulumi.StringPtrOutput { + return o.ApplyT(func(v *AspectType) pulumi.StringPtrOutput { return v.Location }).(pulumi.StringPtrOutput) +} + +// MetadataTemplate of the Aspect. +func (o AspectTypeOutput) MetadataTemplate() pulumi.StringPtrOutput { + return o.ApplyT(func(v *AspectType) pulumi.StringPtrOutput { return v.MetadataTemplate }).(pulumi.StringPtrOutput) +} + +// The relative resource name of the AspectType, of the form: projects/{project_number}/locations/{location_id}/aspectTypes/{aspect_type_id} +func (o AspectTypeOutput) Name() pulumi.StringOutput { + return o.ApplyT(func(v *AspectType) pulumi.StringOutput { return v.Name }).(pulumi.StringOutput) +} + +// The ID of the project in which the resource belongs. +// If it is not provided, the provider project is used. +func (o AspectTypeOutput) Project() pulumi.StringOutput { + return o.ApplyT(func(v *AspectType) pulumi.StringOutput { return v.Project }).(pulumi.StringOutput) +} + +// The combination of labels configured directly on the resource +// and default labels configured on the provider. +func (o AspectTypeOutput) PulumiLabels() pulumi.StringMapOutput { + return o.ApplyT(func(v *AspectType) pulumi.StringMapOutput { return v.PulumiLabels }).(pulumi.StringMapOutput) +} + +// Denotes the transfer status of the Aspect Type. It is unspecified +// for Aspect Type created from Dataplex API. +func (o AspectTypeOutput) TransferStatus() pulumi.StringOutput { + return o.ApplyT(func(v *AspectType) pulumi.StringOutput { return v.TransferStatus }).(pulumi.StringOutput) +} + +// System generated globally unique ID for the AspectType. This ID will be different if the AspectType is deleted and re-created with the same name. +func (o AspectTypeOutput) Uid() pulumi.StringOutput { + return o.ApplyT(func(v *AspectType) pulumi.StringOutput { return v.Uid }).(pulumi.StringOutput) +} + +// The time when the AspectType was last updated. +func (o AspectTypeOutput) UpdateTime() pulumi.StringOutput { + return o.ApplyT(func(v *AspectType) pulumi.StringOutput { return v.UpdateTime }).(pulumi.StringOutput) +} + +type AspectTypeArrayOutput struct{ *pulumi.OutputState } + +func (AspectTypeArrayOutput) ElementType() reflect.Type { + return reflect.TypeOf((*[]*AspectType)(nil)).Elem() +} + +func (o AspectTypeArrayOutput) ToAspectTypeArrayOutput() AspectTypeArrayOutput { + return o +} + +func (o AspectTypeArrayOutput) ToAspectTypeArrayOutputWithContext(ctx context.Context) AspectTypeArrayOutput { + return o +} + +func (o AspectTypeArrayOutput) Index(i pulumi.IntInput) AspectTypeOutput { + return pulumi.All(o, i).ApplyT(func(vs []interface{}) *AspectType { + return vs[0].([]*AspectType)[vs[1].(int)] + }).(AspectTypeOutput) +} + +type AspectTypeMapOutput struct{ *pulumi.OutputState } + +func (AspectTypeMapOutput) ElementType() reflect.Type { + return reflect.TypeOf((*map[string]*AspectType)(nil)).Elem() +} + +func (o AspectTypeMapOutput) ToAspectTypeMapOutput() AspectTypeMapOutput { + return o +} + +func (o AspectTypeMapOutput) ToAspectTypeMapOutputWithContext(ctx context.Context) AspectTypeMapOutput { + return o +} + +func (o AspectTypeMapOutput) MapIndex(k pulumi.StringInput) AspectTypeOutput { + return pulumi.All(o, k).ApplyT(func(vs []interface{}) *AspectType { + return vs[0].(map[string]*AspectType)[vs[1].(string)] + }).(AspectTypeOutput) +} + +func init() { + pulumi.RegisterInputType(reflect.TypeOf((*AspectTypeInput)(nil)).Elem(), &AspectType{}) + pulumi.RegisterInputType(reflect.TypeOf((*AspectTypeArrayInput)(nil)).Elem(), AspectTypeArray{}) + pulumi.RegisterInputType(reflect.TypeOf((*AspectTypeMapInput)(nil)).Elem(), AspectTypeMap{}) + pulumi.RegisterOutputType(AspectTypeOutput{}) + pulumi.RegisterOutputType(AspectTypeArrayOutput{}) + pulumi.RegisterOutputType(AspectTypeMapOutput{}) +} diff --git a/sdk/go/gcp/dataplex/aspectTypeIamBinding.go b/sdk/go/gcp/dataplex/aspectTypeIamBinding.go new file mode 100644 index 0000000000..ebc8886c93 --- /dev/null +++ b/sdk/go/gcp/dataplex/aspectTypeIamBinding.go @@ -0,0 +1,643 @@ +// Code generated by the Pulumi Terraform Bridge (tfgen) Tool DO NOT EDIT. +// *** WARNING: Do not edit by hand unless you're certain you know what you are doing! *** + +package dataplex + +import ( + "context" + "reflect" + + "errors" + "github.com/pulumi/pulumi-gcp/sdk/v7/go/gcp/internal" + "github.com/pulumi/pulumi/sdk/v3/go/pulumi" +) + +// Three different resources help you manage your IAM policy for Dataplex AspectType. Each of these resources serves a different use case: +// +// * `dataplex.AspectTypeIamPolicy`: Authoritative. Sets the IAM policy for the aspecttype and replaces any existing policy already attached. +// * `dataplex.AspectTypeIamBinding`: Authoritative for a given role. Updates the IAM policy to grant a role to a list of members. Other roles within the IAM policy for the aspecttype are preserved. +// * `dataplex.AspectTypeIamMember`: Non-authoritative. Updates the IAM policy to grant a role to a new member. Other members for the role for the aspecttype are preserved. +// +// # A data source can be used to retrieve policy data in advent you do not need creation +// +// * `dataplex.AspectTypeIamPolicy`: Retrieves the IAM policy for the aspecttype +// +// > **Note:** `dataplex.AspectTypeIamPolicy` **cannot** be used in conjunction with `dataplex.AspectTypeIamBinding` and `dataplex.AspectTypeIamMember` or they will fight over what your policy should be. +// +// > **Note:** `dataplex.AspectTypeIamBinding` resources **can be** used in conjunction with `dataplex.AspectTypeIamMember` resources **only if** they do not grant privilege to the same role. +// +// ## dataplex.AspectTypeIamPolicy +// +// ```go +// package main +// +// import ( +// +// "github.com/pulumi/pulumi-gcp/sdk/v7/go/gcp/dataplex" +// "github.com/pulumi/pulumi-gcp/sdk/v7/go/gcp/organizations" +// "github.com/pulumi/pulumi/sdk/v3/go/pulumi" +// +// ) +// +// func main() { +// pulumi.Run(func(ctx *pulumi.Context) error { +// admin, err := organizations.LookupIAMPolicy(ctx, &organizations.LookupIAMPolicyArgs{ +// Bindings: []organizations.GetIAMPolicyBinding{ +// { +// Role: "roles/viewer", +// Members: []string{ +// "user:jane@example.com", +// }, +// }, +// }, +// }, nil) +// if err != nil { +// return err +// } +// _, err = dataplex.NewAspectTypeIamPolicy(ctx, "policy", &dataplex.AspectTypeIamPolicyArgs{ +// Project: pulumi.Any(testAspectTypeBasic.Project), +// Location: pulumi.Any(testAspectTypeBasic.Location), +// AspectTypeId: pulumi.Any(testAspectTypeBasic.AspectTypeId), +// PolicyData: pulumi.String(admin.PolicyData), +// }) +// if err != nil { +// return err +// } +// return nil +// }) +// } +// +// ``` +// +// ## dataplex.AspectTypeIamBinding +// +// ```go +// package main +// +// import ( +// +// "github.com/pulumi/pulumi-gcp/sdk/v7/go/gcp/dataplex" +// "github.com/pulumi/pulumi/sdk/v3/go/pulumi" +// +// ) +// +// func main() { +// pulumi.Run(func(ctx *pulumi.Context) error { +// _, err := dataplex.NewAspectTypeIamBinding(ctx, "binding", &dataplex.AspectTypeIamBindingArgs{ +// Project: pulumi.Any(testAspectTypeBasic.Project), +// Location: pulumi.Any(testAspectTypeBasic.Location), +// AspectTypeId: pulumi.Any(testAspectTypeBasic.AspectTypeId), +// Role: pulumi.String("roles/viewer"), +// Members: pulumi.StringArray{ +// pulumi.String("user:jane@example.com"), +// }, +// }) +// if err != nil { +// return err +// } +// return nil +// }) +// } +// +// ``` +// +// ## dataplex.AspectTypeIamMember +// +// ```go +// package main +// +// import ( +// +// "github.com/pulumi/pulumi-gcp/sdk/v7/go/gcp/dataplex" +// "github.com/pulumi/pulumi/sdk/v3/go/pulumi" +// +// ) +// +// func main() { +// pulumi.Run(func(ctx *pulumi.Context) error { +// _, err := dataplex.NewAspectTypeIamMember(ctx, "member", &dataplex.AspectTypeIamMemberArgs{ +// Project: pulumi.Any(testAspectTypeBasic.Project), +// Location: pulumi.Any(testAspectTypeBasic.Location), +// AspectTypeId: pulumi.Any(testAspectTypeBasic.AspectTypeId), +// Role: pulumi.String("roles/viewer"), +// Member: pulumi.String("user:jane@example.com"), +// }) +// if err != nil { +// return err +// } +// return nil +// }) +// } +// +// ``` +// +// ## dataplex.AspectTypeIamPolicy +// +// ```go +// package main +// +// import ( +// +// "github.com/pulumi/pulumi-gcp/sdk/v7/go/gcp/dataplex" +// "github.com/pulumi/pulumi-gcp/sdk/v7/go/gcp/organizations" +// "github.com/pulumi/pulumi/sdk/v3/go/pulumi" +// +// ) +// +// func main() { +// pulumi.Run(func(ctx *pulumi.Context) error { +// admin, err := organizations.LookupIAMPolicy(ctx, &organizations.LookupIAMPolicyArgs{ +// Bindings: []organizations.GetIAMPolicyBinding{ +// { +// Role: "roles/viewer", +// Members: []string{ +// "user:jane@example.com", +// }, +// }, +// }, +// }, nil) +// if err != nil { +// return err +// } +// _, err = dataplex.NewAspectTypeIamPolicy(ctx, "policy", &dataplex.AspectTypeIamPolicyArgs{ +// Project: pulumi.Any(testAspectTypeBasic.Project), +// Location: pulumi.Any(testAspectTypeBasic.Location), +// AspectTypeId: pulumi.Any(testAspectTypeBasic.AspectTypeId), +// PolicyData: pulumi.String(admin.PolicyData), +// }) +// if err != nil { +// return err +// } +// return nil +// }) +// } +// +// ``` +// +// ## dataplex.AspectTypeIamBinding +// +// ```go +// package main +// +// import ( +// +// "github.com/pulumi/pulumi-gcp/sdk/v7/go/gcp/dataplex" +// "github.com/pulumi/pulumi/sdk/v3/go/pulumi" +// +// ) +// +// func main() { +// pulumi.Run(func(ctx *pulumi.Context) error { +// _, err := dataplex.NewAspectTypeIamBinding(ctx, "binding", &dataplex.AspectTypeIamBindingArgs{ +// Project: pulumi.Any(testAspectTypeBasic.Project), +// Location: pulumi.Any(testAspectTypeBasic.Location), +// AspectTypeId: pulumi.Any(testAspectTypeBasic.AspectTypeId), +// Role: pulumi.String("roles/viewer"), +// Members: pulumi.StringArray{ +// pulumi.String("user:jane@example.com"), +// }, +// }) +// if err != nil { +// return err +// } +// return nil +// }) +// } +// +// ``` +// +// ## dataplex.AspectTypeIamMember +// +// ```go +// package main +// +// import ( +// +// "github.com/pulumi/pulumi-gcp/sdk/v7/go/gcp/dataplex" +// "github.com/pulumi/pulumi/sdk/v3/go/pulumi" +// +// ) +// +// func main() { +// pulumi.Run(func(ctx *pulumi.Context) error { +// _, err := dataplex.NewAspectTypeIamMember(ctx, "member", &dataplex.AspectTypeIamMemberArgs{ +// Project: pulumi.Any(testAspectTypeBasic.Project), +// Location: pulumi.Any(testAspectTypeBasic.Location), +// AspectTypeId: pulumi.Any(testAspectTypeBasic.AspectTypeId), +// Role: pulumi.String("roles/viewer"), +// Member: pulumi.String("user:jane@example.com"), +// }) +// if err != nil { +// return err +// } +// return nil +// }) +// } +// +// ``` +// +// ## Import +// +// For all import syntaxes, the "resource in question" can take any of the following forms: +// +// * projects/{{project}}/locations/{{location}}/aspectTypes/{{aspect_type_id}} +// +// * {{project}}/{{location}}/{{aspect_type_id}} +// +// * {{location}}/{{aspect_type_id}} +// +// * {{aspect_type_id}} +// +// Any variables not passed in the import command will be taken from the provider configuration. +// +// Dataplex aspecttype IAM resources can be imported using the resource identifiers, role, and member. +// +// IAM member imports use space-delimited identifiers: the resource in question, the role, and the member identity, e.g. +// +// ```sh +// $ pulumi import gcp:dataplex/aspectTypeIamBinding:AspectTypeIamBinding editor "projects/{{project}}/locations/{{location}}/aspectTypes/{{aspect_type_id}} roles/viewer user:jane@example.com" +// ``` +// +// IAM binding imports use space-delimited identifiers: the resource in question and the role, e.g. +// +// ```sh +// $ pulumi import gcp:dataplex/aspectTypeIamBinding:AspectTypeIamBinding editor "projects/{{project}}/locations/{{location}}/aspectTypes/{{aspect_type_id}} roles/viewer" +// ``` +// +// IAM policy imports use the identifier of the resource in question, e.g. +// +// ```sh +// $ pulumi import gcp:dataplex/aspectTypeIamBinding:AspectTypeIamBinding editor projects/{{project}}/locations/{{location}}/aspectTypes/{{aspect_type_id}} +// ``` +// +// -> **Custom Roles**: If you're importing a IAM resource with a custom role, make sure to use the +// +// full name of the custom role, e.g. `[projects/my-project|organizations/my-org]/roles/my-custom-role`. +type AspectTypeIamBinding struct { + pulumi.CustomResourceState + + AspectTypeId pulumi.StringOutput `pulumi:"aspectTypeId"` + Condition AspectTypeIamBindingConditionPtrOutput `pulumi:"condition"` + // (Computed) The etag of the IAM policy. + Etag pulumi.StringOutput `pulumi:"etag"` + // The location where aspect type will be created in. + // Used to find the parent resource to bind the IAM policy to + Location pulumi.StringOutput `pulumi:"location"` + // Identities that will be granted the privilege in `role`. + // Each entry can have one of the following values: + // * **allUsers**: A special identifier that represents anyone who is on the internet; with or without a Google account. + // * **allAuthenticatedUsers**: A special identifier that represents anyone who is authenticated with a Google account or a service account. + // * **user:{emailid}**: An email address that represents a specific Google account. For example, alice@gmail.com or joe@example.com. + // * **serviceAccount:{emailid}**: An email address that represents a service account. For example, my-other-app@appspot.gserviceaccount.com. + // * **group:{emailid}**: An email address that represents a Google group. For example, admins@example.com. + // * **domain:{domain}**: A G Suite domain (primary, instead of alias) name that represents all the users of that domain. For example, google.com or example.com. + // * **projectOwner:projectid**: Owners of the given project. For example, "projectOwner:my-example-project" + // * **projectEditor:projectid**: Editors of the given project. For example, "projectEditor:my-example-project" + // * **projectViewer:projectid**: Viewers of the given project. For example, "projectViewer:my-example-project" + Members pulumi.StringArrayOutput `pulumi:"members"` + // The ID of the project in which the resource belongs. + // If it is not provided, the project will be parsed from the identifier of the parent resource. If no project is provided in the parent identifier and no project is specified, the provider project is used. + Project pulumi.StringOutput `pulumi:"project"` + // The role that should be applied. Only one + // `dataplex.AspectTypeIamBinding` can be used per role. Note that custom roles must be of the format + // `[projects|organizations]/{parent-name}/roles/{role-name}`. + Role pulumi.StringOutput `pulumi:"role"` +} + +// NewAspectTypeIamBinding registers a new resource with the given unique name, arguments, and options. +func NewAspectTypeIamBinding(ctx *pulumi.Context, + name string, args *AspectTypeIamBindingArgs, opts ...pulumi.ResourceOption) (*AspectTypeIamBinding, error) { + if args == nil { + return nil, errors.New("missing one or more required arguments") + } + + if args.AspectTypeId == nil { + return nil, errors.New("invalid value for required argument 'AspectTypeId'") + } + if args.Members == nil { + return nil, errors.New("invalid value for required argument 'Members'") + } + if args.Role == nil { + return nil, errors.New("invalid value for required argument 'Role'") + } + opts = internal.PkgResourceDefaultOpts(opts) + var resource AspectTypeIamBinding + err := ctx.RegisterResource("gcp:dataplex/aspectTypeIamBinding:AspectTypeIamBinding", name, args, &resource, opts...) + if err != nil { + return nil, err + } + return &resource, nil +} + +// GetAspectTypeIamBinding gets an existing AspectTypeIamBinding resource's state with the given name, ID, and optional +// state properties that are used to uniquely qualify the lookup (nil if not required). +func GetAspectTypeIamBinding(ctx *pulumi.Context, + name string, id pulumi.IDInput, state *AspectTypeIamBindingState, opts ...pulumi.ResourceOption) (*AspectTypeIamBinding, error) { + var resource AspectTypeIamBinding + err := ctx.ReadResource("gcp:dataplex/aspectTypeIamBinding:AspectTypeIamBinding", name, id, state, &resource, opts...) + if err != nil { + return nil, err + } + return &resource, nil +} + +// Input properties used for looking up and filtering AspectTypeIamBinding resources. +type aspectTypeIamBindingState struct { + AspectTypeId *string `pulumi:"aspectTypeId"` + Condition *AspectTypeIamBindingCondition `pulumi:"condition"` + // (Computed) The etag of the IAM policy. + Etag *string `pulumi:"etag"` + // The location where aspect type will be created in. + // Used to find the parent resource to bind the IAM policy to + Location *string `pulumi:"location"` + // Identities that will be granted the privilege in `role`. + // Each entry can have one of the following values: + // * **allUsers**: A special identifier that represents anyone who is on the internet; with or without a Google account. + // * **allAuthenticatedUsers**: A special identifier that represents anyone who is authenticated with a Google account or a service account. + // * **user:{emailid}**: An email address that represents a specific Google account. For example, alice@gmail.com or joe@example.com. + // * **serviceAccount:{emailid}**: An email address that represents a service account. For example, my-other-app@appspot.gserviceaccount.com. + // * **group:{emailid}**: An email address that represents a Google group. For example, admins@example.com. + // * **domain:{domain}**: A G Suite domain (primary, instead of alias) name that represents all the users of that domain. For example, google.com or example.com. + // * **projectOwner:projectid**: Owners of the given project. For example, "projectOwner:my-example-project" + // * **projectEditor:projectid**: Editors of the given project. For example, "projectEditor:my-example-project" + // * **projectViewer:projectid**: Viewers of the given project. For example, "projectViewer:my-example-project" + Members []string `pulumi:"members"` + // The ID of the project in which the resource belongs. + // If it is not provided, the project will be parsed from the identifier of the parent resource. If no project is provided in the parent identifier and no project is specified, the provider project is used. + Project *string `pulumi:"project"` + // The role that should be applied. Only one + // `dataplex.AspectTypeIamBinding` can be used per role. Note that custom roles must be of the format + // `[projects|organizations]/{parent-name}/roles/{role-name}`. + Role *string `pulumi:"role"` +} + +type AspectTypeIamBindingState struct { + AspectTypeId pulumi.StringPtrInput + Condition AspectTypeIamBindingConditionPtrInput + // (Computed) The etag of the IAM policy. + Etag pulumi.StringPtrInput + // The location where aspect type will be created in. + // Used to find the parent resource to bind the IAM policy to + Location pulumi.StringPtrInput + // Identities that will be granted the privilege in `role`. + // Each entry can have one of the following values: + // * **allUsers**: A special identifier that represents anyone who is on the internet; with or without a Google account. + // * **allAuthenticatedUsers**: A special identifier that represents anyone who is authenticated with a Google account or a service account. + // * **user:{emailid}**: An email address that represents a specific Google account. For example, alice@gmail.com or joe@example.com. + // * **serviceAccount:{emailid}**: An email address that represents a service account. For example, my-other-app@appspot.gserviceaccount.com. + // * **group:{emailid}**: An email address that represents a Google group. For example, admins@example.com. + // * **domain:{domain}**: A G Suite domain (primary, instead of alias) name that represents all the users of that domain. For example, google.com or example.com. + // * **projectOwner:projectid**: Owners of the given project. For example, "projectOwner:my-example-project" + // * **projectEditor:projectid**: Editors of the given project. For example, "projectEditor:my-example-project" + // * **projectViewer:projectid**: Viewers of the given project. For example, "projectViewer:my-example-project" + Members pulumi.StringArrayInput + // The ID of the project in which the resource belongs. + // If it is not provided, the project will be parsed from the identifier of the parent resource. If no project is provided in the parent identifier and no project is specified, the provider project is used. + Project pulumi.StringPtrInput + // The role that should be applied. Only one + // `dataplex.AspectTypeIamBinding` can be used per role. Note that custom roles must be of the format + // `[projects|organizations]/{parent-name}/roles/{role-name}`. + Role pulumi.StringPtrInput +} + +func (AspectTypeIamBindingState) ElementType() reflect.Type { + return reflect.TypeOf((*aspectTypeIamBindingState)(nil)).Elem() +} + +type aspectTypeIamBindingArgs struct { + AspectTypeId string `pulumi:"aspectTypeId"` + Condition *AspectTypeIamBindingCondition `pulumi:"condition"` + // The location where aspect type will be created in. + // Used to find the parent resource to bind the IAM policy to + Location *string `pulumi:"location"` + // Identities that will be granted the privilege in `role`. + // Each entry can have one of the following values: + // * **allUsers**: A special identifier that represents anyone who is on the internet; with or without a Google account. + // * **allAuthenticatedUsers**: A special identifier that represents anyone who is authenticated with a Google account or a service account. + // * **user:{emailid}**: An email address that represents a specific Google account. For example, alice@gmail.com or joe@example.com. + // * **serviceAccount:{emailid}**: An email address that represents a service account. For example, my-other-app@appspot.gserviceaccount.com. + // * **group:{emailid}**: An email address that represents a Google group. For example, admins@example.com. + // * **domain:{domain}**: A G Suite domain (primary, instead of alias) name that represents all the users of that domain. For example, google.com or example.com. + // * **projectOwner:projectid**: Owners of the given project. For example, "projectOwner:my-example-project" + // * **projectEditor:projectid**: Editors of the given project. For example, "projectEditor:my-example-project" + // * **projectViewer:projectid**: Viewers of the given project. For example, "projectViewer:my-example-project" + Members []string `pulumi:"members"` + // The ID of the project in which the resource belongs. + // If it is not provided, the project will be parsed from the identifier of the parent resource. If no project is provided in the parent identifier and no project is specified, the provider project is used. + Project *string `pulumi:"project"` + // The role that should be applied. Only one + // `dataplex.AspectTypeIamBinding` can be used per role. Note that custom roles must be of the format + // `[projects|organizations]/{parent-name}/roles/{role-name}`. + Role string `pulumi:"role"` +} + +// The set of arguments for constructing a AspectTypeIamBinding resource. +type AspectTypeIamBindingArgs struct { + AspectTypeId pulumi.StringInput + Condition AspectTypeIamBindingConditionPtrInput + // The location where aspect type will be created in. + // Used to find the parent resource to bind the IAM policy to + Location pulumi.StringPtrInput + // Identities that will be granted the privilege in `role`. + // Each entry can have one of the following values: + // * **allUsers**: A special identifier that represents anyone who is on the internet; with or without a Google account. + // * **allAuthenticatedUsers**: A special identifier that represents anyone who is authenticated with a Google account or a service account. + // * **user:{emailid}**: An email address that represents a specific Google account. For example, alice@gmail.com or joe@example.com. + // * **serviceAccount:{emailid}**: An email address that represents a service account. For example, my-other-app@appspot.gserviceaccount.com. + // * **group:{emailid}**: An email address that represents a Google group. For example, admins@example.com. + // * **domain:{domain}**: A G Suite domain (primary, instead of alias) name that represents all the users of that domain. For example, google.com or example.com. + // * **projectOwner:projectid**: Owners of the given project. For example, "projectOwner:my-example-project" + // * **projectEditor:projectid**: Editors of the given project. For example, "projectEditor:my-example-project" + // * **projectViewer:projectid**: Viewers of the given project. For example, "projectViewer:my-example-project" + Members pulumi.StringArrayInput + // The ID of the project in which the resource belongs. + // If it is not provided, the project will be parsed from the identifier of the parent resource. If no project is provided in the parent identifier and no project is specified, the provider project is used. + Project pulumi.StringPtrInput + // The role that should be applied. Only one + // `dataplex.AspectTypeIamBinding` can be used per role. Note that custom roles must be of the format + // `[projects|organizations]/{parent-name}/roles/{role-name}`. + Role pulumi.StringInput +} + +func (AspectTypeIamBindingArgs) ElementType() reflect.Type { + return reflect.TypeOf((*aspectTypeIamBindingArgs)(nil)).Elem() +} + +type AspectTypeIamBindingInput interface { + pulumi.Input + + ToAspectTypeIamBindingOutput() AspectTypeIamBindingOutput + ToAspectTypeIamBindingOutputWithContext(ctx context.Context) AspectTypeIamBindingOutput +} + +func (*AspectTypeIamBinding) ElementType() reflect.Type { + return reflect.TypeOf((**AspectTypeIamBinding)(nil)).Elem() +} + +func (i *AspectTypeIamBinding) ToAspectTypeIamBindingOutput() AspectTypeIamBindingOutput { + return i.ToAspectTypeIamBindingOutputWithContext(context.Background()) +} + +func (i *AspectTypeIamBinding) ToAspectTypeIamBindingOutputWithContext(ctx context.Context) AspectTypeIamBindingOutput { + return pulumi.ToOutputWithContext(ctx, i).(AspectTypeIamBindingOutput) +} + +// AspectTypeIamBindingArrayInput is an input type that accepts AspectTypeIamBindingArray and AspectTypeIamBindingArrayOutput values. +// You can construct a concrete instance of `AspectTypeIamBindingArrayInput` via: +// +// AspectTypeIamBindingArray{ AspectTypeIamBindingArgs{...} } +type AspectTypeIamBindingArrayInput interface { + pulumi.Input + + ToAspectTypeIamBindingArrayOutput() AspectTypeIamBindingArrayOutput + ToAspectTypeIamBindingArrayOutputWithContext(context.Context) AspectTypeIamBindingArrayOutput +} + +type AspectTypeIamBindingArray []AspectTypeIamBindingInput + +func (AspectTypeIamBindingArray) ElementType() reflect.Type { + return reflect.TypeOf((*[]*AspectTypeIamBinding)(nil)).Elem() +} + +func (i AspectTypeIamBindingArray) ToAspectTypeIamBindingArrayOutput() AspectTypeIamBindingArrayOutput { + return i.ToAspectTypeIamBindingArrayOutputWithContext(context.Background()) +} + +func (i AspectTypeIamBindingArray) ToAspectTypeIamBindingArrayOutputWithContext(ctx context.Context) AspectTypeIamBindingArrayOutput { + return pulumi.ToOutputWithContext(ctx, i).(AspectTypeIamBindingArrayOutput) +} + +// AspectTypeIamBindingMapInput is an input type that accepts AspectTypeIamBindingMap and AspectTypeIamBindingMapOutput values. +// You can construct a concrete instance of `AspectTypeIamBindingMapInput` via: +// +// AspectTypeIamBindingMap{ "key": AspectTypeIamBindingArgs{...} } +type AspectTypeIamBindingMapInput interface { + pulumi.Input + + ToAspectTypeIamBindingMapOutput() AspectTypeIamBindingMapOutput + ToAspectTypeIamBindingMapOutputWithContext(context.Context) AspectTypeIamBindingMapOutput +} + +type AspectTypeIamBindingMap map[string]AspectTypeIamBindingInput + +func (AspectTypeIamBindingMap) ElementType() reflect.Type { + return reflect.TypeOf((*map[string]*AspectTypeIamBinding)(nil)).Elem() +} + +func (i AspectTypeIamBindingMap) ToAspectTypeIamBindingMapOutput() AspectTypeIamBindingMapOutput { + return i.ToAspectTypeIamBindingMapOutputWithContext(context.Background()) +} + +func (i AspectTypeIamBindingMap) ToAspectTypeIamBindingMapOutputWithContext(ctx context.Context) AspectTypeIamBindingMapOutput { + return pulumi.ToOutputWithContext(ctx, i).(AspectTypeIamBindingMapOutput) +} + +type AspectTypeIamBindingOutput struct{ *pulumi.OutputState } + +func (AspectTypeIamBindingOutput) ElementType() reflect.Type { + return reflect.TypeOf((**AspectTypeIamBinding)(nil)).Elem() +} + +func (o AspectTypeIamBindingOutput) ToAspectTypeIamBindingOutput() AspectTypeIamBindingOutput { + return o +} + +func (o AspectTypeIamBindingOutput) ToAspectTypeIamBindingOutputWithContext(ctx context.Context) AspectTypeIamBindingOutput { + return o +} + +func (o AspectTypeIamBindingOutput) AspectTypeId() pulumi.StringOutput { + return o.ApplyT(func(v *AspectTypeIamBinding) pulumi.StringOutput { return v.AspectTypeId }).(pulumi.StringOutput) +} + +func (o AspectTypeIamBindingOutput) Condition() AspectTypeIamBindingConditionPtrOutput { + return o.ApplyT(func(v *AspectTypeIamBinding) AspectTypeIamBindingConditionPtrOutput { return v.Condition }).(AspectTypeIamBindingConditionPtrOutput) +} + +// (Computed) The etag of the IAM policy. +func (o AspectTypeIamBindingOutput) Etag() pulumi.StringOutput { + return o.ApplyT(func(v *AspectTypeIamBinding) pulumi.StringOutput { return v.Etag }).(pulumi.StringOutput) +} + +// The location where aspect type will be created in. +// Used to find the parent resource to bind the IAM policy to +func (o AspectTypeIamBindingOutput) Location() pulumi.StringOutput { + return o.ApplyT(func(v *AspectTypeIamBinding) pulumi.StringOutput { return v.Location }).(pulumi.StringOutput) +} + +// Identities that will be granted the privilege in `role`. +// Each entry can have one of the following values: +// * **allUsers**: A special identifier that represents anyone who is on the internet; with or without a Google account. +// * **allAuthenticatedUsers**: A special identifier that represents anyone who is authenticated with a Google account or a service account. +// * **user:{emailid}**: An email address that represents a specific Google account. For example, alice@gmail.com or joe@example.com. +// * **serviceAccount:{emailid}**: An email address that represents a service account. For example, my-other-app@appspot.gserviceaccount.com. +// * **group:{emailid}**: An email address that represents a Google group. For example, admins@example.com. +// * **domain:{domain}**: A G Suite domain (primary, instead of alias) name that represents all the users of that domain. For example, google.com or example.com. +// * **projectOwner:projectid**: Owners of the given project. For example, "projectOwner:my-example-project" +// * **projectEditor:projectid**: Editors of the given project. For example, "projectEditor:my-example-project" +// * **projectViewer:projectid**: Viewers of the given project. For example, "projectViewer:my-example-project" +func (o AspectTypeIamBindingOutput) Members() pulumi.StringArrayOutput { + return o.ApplyT(func(v *AspectTypeIamBinding) pulumi.StringArrayOutput { return v.Members }).(pulumi.StringArrayOutput) +} + +// The ID of the project in which the resource belongs. +// If it is not provided, the project will be parsed from the identifier of the parent resource. If no project is provided in the parent identifier and no project is specified, the provider project is used. +func (o AspectTypeIamBindingOutput) Project() pulumi.StringOutput { + return o.ApplyT(func(v *AspectTypeIamBinding) pulumi.StringOutput { return v.Project }).(pulumi.StringOutput) +} + +// The role that should be applied. Only one +// `dataplex.AspectTypeIamBinding` can be used per role. Note that custom roles must be of the format +// `[projects|organizations]/{parent-name}/roles/{role-name}`. +func (o AspectTypeIamBindingOutput) Role() pulumi.StringOutput { + return o.ApplyT(func(v *AspectTypeIamBinding) pulumi.StringOutput { return v.Role }).(pulumi.StringOutput) +} + +type AspectTypeIamBindingArrayOutput struct{ *pulumi.OutputState } + +func (AspectTypeIamBindingArrayOutput) ElementType() reflect.Type { + return reflect.TypeOf((*[]*AspectTypeIamBinding)(nil)).Elem() +} + +func (o AspectTypeIamBindingArrayOutput) ToAspectTypeIamBindingArrayOutput() AspectTypeIamBindingArrayOutput { + return o +} + +func (o AspectTypeIamBindingArrayOutput) ToAspectTypeIamBindingArrayOutputWithContext(ctx context.Context) AspectTypeIamBindingArrayOutput { + return o +} + +func (o AspectTypeIamBindingArrayOutput) Index(i pulumi.IntInput) AspectTypeIamBindingOutput { + return pulumi.All(o, i).ApplyT(func(vs []interface{}) *AspectTypeIamBinding { + return vs[0].([]*AspectTypeIamBinding)[vs[1].(int)] + }).(AspectTypeIamBindingOutput) +} + +type AspectTypeIamBindingMapOutput struct{ *pulumi.OutputState } + +func (AspectTypeIamBindingMapOutput) ElementType() reflect.Type { + return reflect.TypeOf((*map[string]*AspectTypeIamBinding)(nil)).Elem() +} + +func (o AspectTypeIamBindingMapOutput) ToAspectTypeIamBindingMapOutput() AspectTypeIamBindingMapOutput { + return o +} + +func (o AspectTypeIamBindingMapOutput) ToAspectTypeIamBindingMapOutputWithContext(ctx context.Context) AspectTypeIamBindingMapOutput { + return o +} + +func (o AspectTypeIamBindingMapOutput) MapIndex(k pulumi.StringInput) AspectTypeIamBindingOutput { + return pulumi.All(o, k).ApplyT(func(vs []interface{}) *AspectTypeIamBinding { + return vs[0].(map[string]*AspectTypeIamBinding)[vs[1].(string)] + }).(AspectTypeIamBindingOutput) +} + +func init() { + pulumi.RegisterInputType(reflect.TypeOf((*AspectTypeIamBindingInput)(nil)).Elem(), &AspectTypeIamBinding{}) + pulumi.RegisterInputType(reflect.TypeOf((*AspectTypeIamBindingArrayInput)(nil)).Elem(), AspectTypeIamBindingArray{}) + pulumi.RegisterInputType(reflect.TypeOf((*AspectTypeIamBindingMapInput)(nil)).Elem(), AspectTypeIamBindingMap{}) + pulumi.RegisterOutputType(AspectTypeIamBindingOutput{}) + pulumi.RegisterOutputType(AspectTypeIamBindingArrayOutput{}) + pulumi.RegisterOutputType(AspectTypeIamBindingMapOutput{}) +} diff --git a/sdk/go/gcp/dataplex/aspectTypeIamMember.go b/sdk/go/gcp/dataplex/aspectTypeIamMember.go new file mode 100644 index 0000000000..b95ab9e43e --- /dev/null +++ b/sdk/go/gcp/dataplex/aspectTypeIamMember.go @@ -0,0 +1,643 @@ +// Code generated by the Pulumi Terraform Bridge (tfgen) Tool DO NOT EDIT. +// *** WARNING: Do not edit by hand unless you're certain you know what you are doing! *** + +package dataplex + +import ( + "context" + "reflect" + + "errors" + "github.com/pulumi/pulumi-gcp/sdk/v7/go/gcp/internal" + "github.com/pulumi/pulumi/sdk/v3/go/pulumi" +) + +// Three different resources help you manage your IAM policy for Dataplex AspectType. Each of these resources serves a different use case: +// +// * `dataplex.AspectTypeIamPolicy`: Authoritative. Sets the IAM policy for the aspecttype and replaces any existing policy already attached. +// * `dataplex.AspectTypeIamBinding`: Authoritative for a given role. Updates the IAM policy to grant a role to a list of members. Other roles within the IAM policy for the aspecttype are preserved. +// * `dataplex.AspectTypeIamMember`: Non-authoritative. Updates the IAM policy to grant a role to a new member. Other members for the role for the aspecttype are preserved. +// +// # A data source can be used to retrieve policy data in advent you do not need creation +// +// * `dataplex.AspectTypeIamPolicy`: Retrieves the IAM policy for the aspecttype +// +// > **Note:** `dataplex.AspectTypeIamPolicy` **cannot** be used in conjunction with `dataplex.AspectTypeIamBinding` and `dataplex.AspectTypeIamMember` or they will fight over what your policy should be. +// +// > **Note:** `dataplex.AspectTypeIamBinding` resources **can be** used in conjunction with `dataplex.AspectTypeIamMember` resources **only if** they do not grant privilege to the same role. +// +// ## dataplex.AspectTypeIamPolicy +// +// ```go +// package main +// +// import ( +// +// "github.com/pulumi/pulumi-gcp/sdk/v7/go/gcp/dataplex" +// "github.com/pulumi/pulumi-gcp/sdk/v7/go/gcp/organizations" +// "github.com/pulumi/pulumi/sdk/v3/go/pulumi" +// +// ) +// +// func main() { +// pulumi.Run(func(ctx *pulumi.Context) error { +// admin, err := organizations.LookupIAMPolicy(ctx, &organizations.LookupIAMPolicyArgs{ +// Bindings: []organizations.GetIAMPolicyBinding{ +// { +// Role: "roles/viewer", +// Members: []string{ +// "user:jane@example.com", +// }, +// }, +// }, +// }, nil) +// if err != nil { +// return err +// } +// _, err = dataplex.NewAspectTypeIamPolicy(ctx, "policy", &dataplex.AspectTypeIamPolicyArgs{ +// Project: pulumi.Any(testAspectTypeBasic.Project), +// Location: pulumi.Any(testAspectTypeBasic.Location), +// AspectTypeId: pulumi.Any(testAspectTypeBasic.AspectTypeId), +// PolicyData: pulumi.String(admin.PolicyData), +// }) +// if err != nil { +// return err +// } +// return nil +// }) +// } +// +// ``` +// +// ## dataplex.AspectTypeIamBinding +// +// ```go +// package main +// +// import ( +// +// "github.com/pulumi/pulumi-gcp/sdk/v7/go/gcp/dataplex" +// "github.com/pulumi/pulumi/sdk/v3/go/pulumi" +// +// ) +// +// func main() { +// pulumi.Run(func(ctx *pulumi.Context) error { +// _, err := dataplex.NewAspectTypeIamBinding(ctx, "binding", &dataplex.AspectTypeIamBindingArgs{ +// Project: pulumi.Any(testAspectTypeBasic.Project), +// Location: pulumi.Any(testAspectTypeBasic.Location), +// AspectTypeId: pulumi.Any(testAspectTypeBasic.AspectTypeId), +// Role: pulumi.String("roles/viewer"), +// Members: pulumi.StringArray{ +// pulumi.String("user:jane@example.com"), +// }, +// }) +// if err != nil { +// return err +// } +// return nil +// }) +// } +// +// ``` +// +// ## dataplex.AspectTypeIamMember +// +// ```go +// package main +// +// import ( +// +// "github.com/pulumi/pulumi-gcp/sdk/v7/go/gcp/dataplex" +// "github.com/pulumi/pulumi/sdk/v3/go/pulumi" +// +// ) +// +// func main() { +// pulumi.Run(func(ctx *pulumi.Context) error { +// _, err := dataplex.NewAspectTypeIamMember(ctx, "member", &dataplex.AspectTypeIamMemberArgs{ +// Project: pulumi.Any(testAspectTypeBasic.Project), +// Location: pulumi.Any(testAspectTypeBasic.Location), +// AspectTypeId: pulumi.Any(testAspectTypeBasic.AspectTypeId), +// Role: pulumi.String("roles/viewer"), +// Member: pulumi.String("user:jane@example.com"), +// }) +// if err != nil { +// return err +// } +// return nil +// }) +// } +// +// ``` +// +// ## dataplex.AspectTypeIamPolicy +// +// ```go +// package main +// +// import ( +// +// "github.com/pulumi/pulumi-gcp/sdk/v7/go/gcp/dataplex" +// "github.com/pulumi/pulumi-gcp/sdk/v7/go/gcp/organizations" +// "github.com/pulumi/pulumi/sdk/v3/go/pulumi" +// +// ) +// +// func main() { +// pulumi.Run(func(ctx *pulumi.Context) error { +// admin, err := organizations.LookupIAMPolicy(ctx, &organizations.LookupIAMPolicyArgs{ +// Bindings: []organizations.GetIAMPolicyBinding{ +// { +// Role: "roles/viewer", +// Members: []string{ +// "user:jane@example.com", +// }, +// }, +// }, +// }, nil) +// if err != nil { +// return err +// } +// _, err = dataplex.NewAspectTypeIamPolicy(ctx, "policy", &dataplex.AspectTypeIamPolicyArgs{ +// Project: pulumi.Any(testAspectTypeBasic.Project), +// Location: pulumi.Any(testAspectTypeBasic.Location), +// AspectTypeId: pulumi.Any(testAspectTypeBasic.AspectTypeId), +// PolicyData: pulumi.String(admin.PolicyData), +// }) +// if err != nil { +// return err +// } +// return nil +// }) +// } +// +// ``` +// +// ## dataplex.AspectTypeIamBinding +// +// ```go +// package main +// +// import ( +// +// "github.com/pulumi/pulumi-gcp/sdk/v7/go/gcp/dataplex" +// "github.com/pulumi/pulumi/sdk/v3/go/pulumi" +// +// ) +// +// func main() { +// pulumi.Run(func(ctx *pulumi.Context) error { +// _, err := dataplex.NewAspectTypeIamBinding(ctx, "binding", &dataplex.AspectTypeIamBindingArgs{ +// Project: pulumi.Any(testAspectTypeBasic.Project), +// Location: pulumi.Any(testAspectTypeBasic.Location), +// AspectTypeId: pulumi.Any(testAspectTypeBasic.AspectTypeId), +// Role: pulumi.String("roles/viewer"), +// Members: pulumi.StringArray{ +// pulumi.String("user:jane@example.com"), +// }, +// }) +// if err != nil { +// return err +// } +// return nil +// }) +// } +// +// ``` +// +// ## dataplex.AspectTypeIamMember +// +// ```go +// package main +// +// import ( +// +// "github.com/pulumi/pulumi-gcp/sdk/v7/go/gcp/dataplex" +// "github.com/pulumi/pulumi/sdk/v3/go/pulumi" +// +// ) +// +// func main() { +// pulumi.Run(func(ctx *pulumi.Context) error { +// _, err := dataplex.NewAspectTypeIamMember(ctx, "member", &dataplex.AspectTypeIamMemberArgs{ +// Project: pulumi.Any(testAspectTypeBasic.Project), +// Location: pulumi.Any(testAspectTypeBasic.Location), +// AspectTypeId: pulumi.Any(testAspectTypeBasic.AspectTypeId), +// Role: pulumi.String("roles/viewer"), +// Member: pulumi.String("user:jane@example.com"), +// }) +// if err != nil { +// return err +// } +// return nil +// }) +// } +// +// ``` +// +// ## Import +// +// For all import syntaxes, the "resource in question" can take any of the following forms: +// +// * projects/{{project}}/locations/{{location}}/aspectTypes/{{aspect_type_id}} +// +// * {{project}}/{{location}}/{{aspect_type_id}} +// +// * {{location}}/{{aspect_type_id}} +// +// * {{aspect_type_id}} +// +// Any variables not passed in the import command will be taken from the provider configuration. +// +// Dataplex aspecttype IAM resources can be imported using the resource identifiers, role, and member. +// +// IAM member imports use space-delimited identifiers: the resource in question, the role, and the member identity, e.g. +// +// ```sh +// $ pulumi import gcp:dataplex/aspectTypeIamMember:AspectTypeIamMember editor "projects/{{project}}/locations/{{location}}/aspectTypes/{{aspect_type_id}} roles/viewer user:jane@example.com" +// ``` +// +// IAM binding imports use space-delimited identifiers: the resource in question and the role, e.g. +// +// ```sh +// $ pulumi import gcp:dataplex/aspectTypeIamMember:AspectTypeIamMember editor "projects/{{project}}/locations/{{location}}/aspectTypes/{{aspect_type_id}} roles/viewer" +// ``` +// +// IAM policy imports use the identifier of the resource in question, e.g. +// +// ```sh +// $ pulumi import gcp:dataplex/aspectTypeIamMember:AspectTypeIamMember editor projects/{{project}}/locations/{{location}}/aspectTypes/{{aspect_type_id}} +// ``` +// +// -> **Custom Roles**: If you're importing a IAM resource with a custom role, make sure to use the +// +// full name of the custom role, e.g. `[projects/my-project|organizations/my-org]/roles/my-custom-role`. +type AspectTypeIamMember struct { + pulumi.CustomResourceState + + AspectTypeId pulumi.StringOutput `pulumi:"aspectTypeId"` + Condition AspectTypeIamMemberConditionPtrOutput `pulumi:"condition"` + // (Computed) The etag of the IAM policy. + Etag pulumi.StringOutput `pulumi:"etag"` + // The location where aspect type will be created in. + // Used to find the parent resource to bind the IAM policy to + Location pulumi.StringOutput `pulumi:"location"` + // Identities that will be granted the privilege in `role`. + // Each entry can have one of the following values: + // * **allUsers**: A special identifier that represents anyone who is on the internet; with or without a Google account. + // * **allAuthenticatedUsers**: A special identifier that represents anyone who is authenticated with a Google account or a service account. + // * **user:{emailid}**: An email address that represents a specific Google account. For example, alice@gmail.com or joe@example.com. + // * **serviceAccount:{emailid}**: An email address that represents a service account. For example, my-other-app@appspot.gserviceaccount.com. + // * **group:{emailid}**: An email address that represents a Google group. For example, admins@example.com. + // * **domain:{domain}**: A G Suite domain (primary, instead of alias) name that represents all the users of that domain. For example, google.com or example.com. + // * **projectOwner:projectid**: Owners of the given project. For example, "projectOwner:my-example-project" + // * **projectEditor:projectid**: Editors of the given project. For example, "projectEditor:my-example-project" + // * **projectViewer:projectid**: Viewers of the given project. For example, "projectViewer:my-example-project" + Member pulumi.StringOutput `pulumi:"member"` + // The ID of the project in which the resource belongs. + // If it is not provided, the project will be parsed from the identifier of the parent resource. If no project is provided in the parent identifier and no project is specified, the provider project is used. + Project pulumi.StringOutput `pulumi:"project"` + // The role that should be applied. Only one + // `dataplex.AspectTypeIamBinding` can be used per role. Note that custom roles must be of the format + // `[projects|organizations]/{parent-name}/roles/{role-name}`. + Role pulumi.StringOutput `pulumi:"role"` +} + +// NewAspectTypeIamMember registers a new resource with the given unique name, arguments, and options. +func NewAspectTypeIamMember(ctx *pulumi.Context, + name string, args *AspectTypeIamMemberArgs, opts ...pulumi.ResourceOption) (*AspectTypeIamMember, error) { + if args == nil { + return nil, errors.New("missing one or more required arguments") + } + + if args.AspectTypeId == nil { + return nil, errors.New("invalid value for required argument 'AspectTypeId'") + } + if args.Member == nil { + return nil, errors.New("invalid value for required argument 'Member'") + } + if args.Role == nil { + return nil, errors.New("invalid value for required argument 'Role'") + } + opts = internal.PkgResourceDefaultOpts(opts) + var resource AspectTypeIamMember + err := ctx.RegisterResource("gcp:dataplex/aspectTypeIamMember:AspectTypeIamMember", name, args, &resource, opts...) + if err != nil { + return nil, err + } + return &resource, nil +} + +// GetAspectTypeIamMember gets an existing AspectTypeIamMember resource's state with the given name, ID, and optional +// state properties that are used to uniquely qualify the lookup (nil if not required). +func GetAspectTypeIamMember(ctx *pulumi.Context, + name string, id pulumi.IDInput, state *AspectTypeIamMemberState, opts ...pulumi.ResourceOption) (*AspectTypeIamMember, error) { + var resource AspectTypeIamMember + err := ctx.ReadResource("gcp:dataplex/aspectTypeIamMember:AspectTypeIamMember", name, id, state, &resource, opts...) + if err != nil { + return nil, err + } + return &resource, nil +} + +// Input properties used for looking up and filtering AspectTypeIamMember resources. +type aspectTypeIamMemberState struct { + AspectTypeId *string `pulumi:"aspectTypeId"` + Condition *AspectTypeIamMemberCondition `pulumi:"condition"` + // (Computed) The etag of the IAM policy. + Etag *string `pulumi:"etag"` + // The location where aspect type will be created in. + // Used to find the parent resource to bind the IAM policy to + Location *string `pulumi:"location"` + // Identities that will be granted the privilege in `role`. + // Each entry can have one of the following values: + // * **allUsers**: A special identifier that represents anyone who is on the internet; with or without a Google account. + // * **allAuthenticatedUsers**: A special identifier that represents anyone who is authenticated with a Google account or a service account. + // * **user:{emailid}**: An email address that represents a specific Google account. For example, alice@gmail.com or joe@example.com. + // * **serviceAccount:{emailid}**: An email address that represents a service account. For example, my-other-app@appspot.gserviceaccount.com. + // * **group:{emailid}**: An email address that represents a Google group. For example, admins@example.com. + // * **domain:{domain}**: A G Suite domain (primary, instead of alias) name that represents all the users of that domain. For example, google.com or example.com. + // * **projectOwner:projectid**: Owners of the given project. For example, "projectOwner:my-example-project" + // * **projectEditor:projectid**: Editors of the given project. For example, "projectEditor:my-example-project" + // * **projectViewer:projectid**: Viewers of the given project. For example, "projectViewer:my-example-project" + Member *string `pulumi:"member"` + // The ID of the project in which the resource belongs. + // If it is not provided, the project will be parsed from the identifier of the parent resource. If no project is provided in the parent identifier and no project is specified, the provider project is used. + Project *string `pulumi:"project"` + // The role that should be applied. Only one + // `dataplex.AspectTypeIamBinding` can be used per role. Note that custom roles must be of the format + // `[projects|organizations]/{parent-name}/roles/{role-name}`. + Role *string `pulumi:"role"` +} + +type AspectTypeIamMemberState struct { + AspectTypeId pulumi.StringPtrInput + Condition AspectTypeIamMemberConditionPtrInput + // (Computed) The etag of the IAM policy. + Etag pulumi.StringPtrInput + // The location where aspect type will be created in. + // Used to find the parent resource to bind the IAM policy to + Location pulumi.StringPtrInput + // Identities that will be granted the privilege in `role`. + // Each entry can have one of the following values: + // * **allUsers**: A special identifier that represents anyone who is on the internet; with or without a Google account. + // * **allAuthenticatedUsers**: A special identifier that represents anyone who is authenticated with a Google account or a service account. + // * **user:{emailid}**: An email address that represents a specific Google account. For example, alice@gmail.com or joe@example.com. + // * **serviceAccount:{emailid}**: An email address that represents a service account. For example, my-other-app@appspot.gserviceaccount.com. + // * **group:{emailid}**: An email address that represents a Google group. For example, admins@example.com. + // * **domain:{domain}**: A G Suite domain (primary, instead of alias) name that represents all the users of that domain. For example, google.com or example.com. + // * **projectOwner:projectid**: Owners of the given project. For example, "projectOwner:my-example-project" + // * **projectEditor:projectid**: Editors of the given project. For example, "projectEditor:my-example-project" + // * **projectViewer:projectid**: Viewers of the given project. For example, "projectViewer:my-example-project" + Member pulumi.StringPtrInput + // The ID of the project in which the resource belongs. + // If it is not provided, the project will be parsed from the identifier of the parent resource. If no project is provided in the parent identifier and no project is specified, the provider project is used. + Project pulumi.StringPtrInput + // The role that should be applied. Only one + // `dataplex.AspectTypeIamBinding` can be used per role. Note that custom roles must be of the format + // `[projects|organizations]/{parent-name}/roles/{role-name}`. + Role pulumi.StringPtrInput +} + +func (AspectTypeIamMemberState) ElementType() reflect.Type { + return reflect.TypeOf((*aspectTypeIamMemberState)(nil)).Elem() +} + +type aspectTypeIamMemberArgs struct { + AspectTypeId string `pulumi:"aspectTypeId"` + Condition *AspectTypeIamMemberCondition `pulumi:"condition"` + // The location where aspect type will be created in. + // Used to find the parent resource to bind the IAM policy to + Location *string `pulumi:"location"` + // Identities that will be granted the privilege in `role`. + // Each entry can have one of the following values: + // * **allUsers**: A special identifier that represents anyone who is on the internet; with or without a Google account. + // * **allAuthenticatedUsers**: A special identifier that represents anyone who is authenticated with a Google account or a service account. + // * **user:{emailid}**: An email address that represents a specific Google account. For example, alice@gmail.com or joe@example.com. + // * **serviceAccount:{emailid}**: An email address that represents a service account. For example, my-other-app@appspot.gserviceaccount.com. + // * **group:{emailid}**: An email address that represents a Google group. For example, admins@example.com. + // * **domain:{domain}**: A G Suite domain (primary, instead of alias) name that represents all the users of that domain. For example, google.com or example.com. + // * **projectOwner:projectid**: Owners of the given project. For example, "projectOwner:my-example-project" + // * **projectEditor:projectid**: Editors of the given project. For example, "projectEditor:my-example-project" + // * **projectViewer:projectid**: Viewers of the given project. For example, "projectViewer:my-example-project" + Member string `pulumi:"member"` + // The ID of the project in which the resource belongs. + // If it is not provided, the project will be parsed from the identifier of the parent resource. If no project is provided in the parent identifier and no project is specified, the provider project is used. + Project *string `pulumi:"project"` + // The role that should be applied. Only one + // `dataplex.AspectTypeIamBinding` can be used per role. Note that custom roles must be of the format + // `[projects|organizations]/{parent-name}/roles/{role-name}`. + Role string `pulumi:"role"` +} + +// The set of arguments for constructing a AspectTypeIamMember resource. +type AspectTypeIamMemberArgs struct { + AspectTypeId pulumi.StringInput + Condition AspectTypeIamMemberConditionPtrInput + // The location where aspect type will be created in. + // Used to find the parent resource to bind the IAM policy to + Location pulumi.StringPtrInput + // Identities that will be granted the privilege in `role`. + // Each entry can have one of the following values: + // * **allUsers**: A special identifier that represents anyone who is on the internet; with or without a Google account. + // * **allAuthenticatedUsers**: A special identifier that represents anyone who is authenticated with a Google account or a service account. + // * **user:{emailid}**: An email address that represents a specific Google account. For example, alice@gmail.com or joe@example.com. + // * **serviceAccount:{emailid}**: An email address that represents a service account. For example, my-other-app@appspot.gserviceaccount.com. + // * **group:{emailid}**: An email address that represents a Google group. For example, admins@example.com. + // * **domain:{domain}**: A G Suite domain (primary, instead of alias) name that represents all the users of that domain. For example, google.com or example.com. + // * **projectOwner:projectid**: Owners of the given project. For example, "projectOwner:my-example-project" + // * **projectEditor:projectid**: Editors of the given project. For example, "projectEditor:my-example-project" + // * **projectViewer:projectid**: Viewers of the given project. For example, "projectViewer:my-example-project" + Member pulumi.StringInput + // The ID of the project in which the resource belongs. + // If it is not provided, the project will be parsed from the identifier of the parent resource. If no project is provided in the parent identifier and no project is specified, the provider project is used. + Project pulumi.StringPtrInput + // The role that should be applied. Only one + // `dataplex.AspectTypeIamBinding` can be used per role. Note that custom roles must be of the format + // `[projects|organizations]/{parent-name}/roles/{role-name}`. + Role pulumi.StringInput +} + +func (AspectTypeIamMemberArgs) ElementType() reflect.Type { + return reflect.TypeOf((*aspectTypeIamMemberArgs)(nil)).Elem() +} + +type AspectTypeIamMemberInput interface { + pulumi.Input + + ToAspectTypeIamMemberOutput() AspectTypeIamMemberOutput + ToAspectTypeIamMemberOutputWithContext(ctx context.Context) AspectTypeIamMemberOutput +} + +func (*AspectTypeIamMember) ElementType() reflect.Type { + return reflect.TypeOf((**AspectTypeIamMember)(nil)).Elem() +} + +func (i *AspectTypeIamMember) ToAspectTypeIamMemberOutput() AspectTypeIamMemberOutput { + return i.ToAspectTypeIamMemberOutputWithContext(context.Background()) +} + +func (i *AspectTypeIamMember) ToAspectTypeIamMemberOutputWithContext(ctx context.Context) AspectTypeIamMemberOutput { + return pulumi.ToOutputWithContext(ctx, i).(AspectTypeIamMemberOutput) +} + +// AspectTypeIamMemberArrayInput is an input type that accepts AspectTypeIamMemberArray and AspectTypeIamMemberArrayOutput values. +// You can construct a concrete instance of `AspectTypeIamMemberArrayInput` via: +// +// AspectTypeIamMemberArray{ AspectTypeIamMemberArgs{...} } +type AspectTypeIamMemberArrayInput interface { + pulumi.Input + + ToAspectTypeIamMemberArrayOutput() AspectTypeIamMemberArrayOutput + ToAspectTypeIamMemberArrayOutputWithContext(context.Context) AspectTypeIamMemberArrayOutput +} + +type AspectTypeIamMemberArray []AspectTypeIamMemberInput + +func (AspectTypeIamMemberArray) ElementType() reflect.Type { + return reflect.TypeOf((*[]*AspectTypeIamMember)(nil)).Elem() +} + +func (i AspectTypeIamMemberArray) ToAspectTypeIamMemberArrayOutput() AspectTypeIamMemberArrayOutput { + return i.ToAspectTypeIamMemberArrayOutputWithContext(context.Background()) +} + +func (i AspectTypeIamMemberArray) ToAspectTypeIamMemberArrayOutputWithContext(ctx context.Context) AspectTypeIamMemberArrayOutput { + return pulumi.ToOutputWithContext(ctx, i).(AspectTypeIamMemberArrayOutput) +} + +// AspectTypeIamMemberMapInput is an input type that accepts AspectTypeIamMemberMap and AspectTypeIamMemberMapOutput values. +// You can construct a concrete instance of `AspectTypeIamMemberMapInput` via: +// +// AspectTypeIamMemberMap{ "key": AspectTypeIamMemberArgs{...} } +type AspectTypeIamMemberMapInput interface { + pulumi.Input + + ToAspectTypeIamMemberMapOutput() AspectTypeIamMemberMapOutput + ToAspectTypeIamMemberMapOutputWithContext(context.Context) AspectTypeIamMemberMapOutput +} + +type AspectTypeIamMemberMap map[string]AspectTypeIamMemberInput + +func (AspectTypeIamMemberMap) ElementType() reflect.Type { + return reflect.TypeOf((*map[string]*AspectTypeIamMember)(nil)).Elem() +} + +func (i AspectTypeIamMemberMap) ToAspectTypeIamMemberMapOutput() AspectTypeIamMemberMapOutput { + return i.ToAspectTypeIamMemberMapOutputWithContext(context.Background()) +} + +func (i AspectTypeIamMemberMap) ToAspectTypeIamMemberMapOutputWithContext(ctx context.Context) AspectTypeIamMemberMapOutput { + return pulumi.ToOutputWithContext(ctx, i).(AspectTypeIamMemberMapOutput) +} + +type AspectTypeIamMemberOutput struct{ *pulumi.OutputState } + +func (AspectTypeIamMemberOutput) ElementType() reflect.Type { + return reflect.TypeOf((**AspectTypeIamMember)(nil)).Elem() +} + +func (o AspectTypeIamMemberOutput) ToAspectTypeIamMemberOutput() AspectTypeIamMemberOutput { + return o +} + +func (o AspectTypeIamMemberOutput) ToAspectTypeIamMemberOutputWithContext(ctx context.Context) AspectTypeIamMemberOutput { + return o +} + +func (o AspectTypeIamMemberOutput) AspectTypeId() pulumi.StringOutput { + return o.ApplyT(func(v *AspectTypeIamMember) pulumi.StringOutput { return v.AspectTypeId }).(pulumi.StringOutput) +} + +func (o AspectTypeIamMemberOutput) Condition() AspectTypeIamMemberConditionPtrOutput { + return o.ApplyT(func(v *AspectTypeIamMember) AspectTypeIamMemberConditionPtrOutput { return v.Condition }).(AspectTypeIamMemberConditionPtrOutput) +} + +// (Computed) The etag of the IAM policy. +func (o AspectTypeIamMemberOutput) Etag() pulumi.StringOutput { + return o.ApplyT(func(v *AspectTypeIamMember) pulumi.StringOutput { return v.Etag }).(pulumi.StringOutput) +} + +// The location where aspect type will be created in. +// Used to find the parent resource to bind the IAM policy to +func (o AspectTypeIamMemberOutput) Location() pulumi.StringOutput { + return o.ApplyT(func(v *AspectTypeIamMember) pulumi.StringOutput { return v.Location }).(pulumi.StringOutput) +} + +// Identities that will be granted the privilege in `role`. +// Each entry can have one of the following values: +// * **allUsers**: A special identifier that represents anyone who is on the internet; with or without a Google account. +// * **allAuthenticatedUsers**: A special identifier that represents anyone who is authenticated with a Google account or a service account. +// * **user:{emailid}**: An email address that represents a specific Google account. For example, alice@gmail.com or joe@example.com. +// * **serviceAccount:{emailid}**: An email address that represents a service account. For example, my-other-app@appspot.gserviceaccount.com. +// * **group:{emailid}**: An email address that represents a Google group. For example, admins@example.com. +// * **domain:{domain}**: A G Suite domain (primary, instead of alias) name that represents all the users of that domain. For example, google.com or example.com. +// * **projectOwner:projectid**: Owners of the given project. For example, "projectOwner:my-example-project" +// * **projectEditor:projectid**: Editors of the given project. For example, "projectEditor:my-example-project" +// * **projectViewer:projectid**: Viewers of the given project. For example, "projectViewer:my-example-project" +func (o AspectTypeIamMemberOutput) Member() pulumi.StringOutput { + return o.ApplyT(func(v *AspectTypeIamMember) pulumi.StringOutput { return v.Member }).(pulumi.StringOutput) +} + +// The ID of the project in which the resource belongs. +// If it is not provided, the project will be parsed from the identifier of the parent resource. If no project is provided in the parent identifier and no project is specified, the provider project is used. +func (o AspectTypeIamMemberOutput) Project() pulumi.StringOutput { + return o.ApplyT(func(v *AspectTypeIamMember) pulumi.StringOutput { return v.Project }).(pulumi.StringOutput) +} + +// The role that should be applied. Only one +// `dataplex.AspectTypeIamBinding` can be used per role. Note that custom roles must be of the format +// `[projects|organizations]/{parent-name}/roles/{role-name}`. +func (o AspectTypeIamMemberOutput) Role() pulumi.StringOutput { + return o.ApplyT(func(v *AspectTypeIamMember) pulumi.StringOutput { return v.Role }).(pulumi.StringOutput) +} + +type AspectTypeIamMemberArrayOutput struct{ *pulumi.OutputState } + +func (AspectTypeIamMemberArrayOutput) ElementType() reflect.Type { + return reflect.TypeOf((*[]*AspectTypeIamMember)(nil)).Elem() +} + +func (o AspectTypeIamMemberArrayOutput) ToAspectTypeIamMemberArrayOutput() AspectTypeIamMemberArrayOutput { + return o +} + +func (o AspectTypeIamMemberArrayOutput) ToAspectTypeIamMemberArrayOutputWithContext(ctx context.Context) AspectTypeIamMemberArrayOutput { + return o +} + +func (o AspectTypeIamMemberArrayOutput) Index(i pulumi.IntInput) AspectTypeIamMemberOutput { + return pulumi.All(o, i).ApplyT(func(vs []interface{}) *AspectTypeIamMember { + return vs[0].([]*AspectTypeIamMember)[vs[1].(int)] + }).(AspectTypeIamMemberOutput) +} + +type AspectTypeIamMemberMapOutput struct{ *pulumi.OutputState } + +func (AspectTypeIamMemberMapOutput) ElementType() reflect.Type { + return reflect.TypeOf((*map[string]*AspectTypeIamMember)(nil)).Elem() +} + +func (o AspectTypeIamMemberMapOutput) ToAspectTypeIamMemberMapOutput() AspectTypeIamMemberMapOutput { + return o +} + +func (o AspectTypeIamMemberMapOutput) ToAspectTypeIamMemberMapOutputWithContext(ctx context.Context) AspectTypeIamMemberMapOutput { + return o +} + +func (o AspectTypeIamMemberMapOutput) MapIndex(k pulumi.StringInput) AspectTypeIamMemberOutput { + return pulumi.All(o, k).ApplyT(func(vs []interface{}) *AspectTypeIamMember { + return vs[0].(map[string]*AspectTypeIamMember)[vs[1].(string)] + }).(AspectTypeIamMemberOutput) +} + +func init() { + pulumi.RegisterInputType(reflect.TypeOf((*AspectTypeIamMemberInput)(nil)).Elem(), &AspectTypeIamMember{}) + pulumi.RegisterInputType(reflect.TypeOf((*AspectTypeIamMemberArrayInput)(nil)).Elem(), AspectTypeIamMemberArray{}) + pulumi.RegisterInputType(reflect.TypeOf((*AspectTypeIamMemberMapInput)(nil)).Elem(), AspectTypeIamMemberMap{}) + pulumi.RegisterOutputType(AspectTypeIamMemberOutput{}) + pulumi.RegisterOutputType(AspectTypeIamMemberArrayOutput{}) + pulumi.RegisterOutputType(AspectTypeIamMemberMapOutput{}) +} diff --git a/sdk/go/gcp/dataplex/aspectTypeIamPolicy.go b/sdk/go/gcp/dataplex/aspectTypeIamPolicy.go new file mode 100644 index 0000000000..02004d6dc7 --- /dev/null +++ b/sdk/go/gcp/dataplex/aspectTypeIamPolicy.go @@ -0,0 +1,550 @@ +// Code generated by the Pulumi Terraform Bridge (tfgen) Tool DO NOT EDIT. +// *** WARNING: Do not edit by hand unless you're certain you know what you are doing! *** + +package dataplex + +import ( + "context" + "reflect" + + "errors" + "github.com/pulumi/pulumi-gcp/sdk/v7/go/gcp/internal" + "github.com/pulumi/pulumi/sdk/v3/go/pulumi" +) + +// Three different resources help you manage your IAM policy for Dataplex AspectType. Each of these resources serves a different use case: +// +// * `dataplex.AspectTypeIamPolicy`: Authoritative. Sets the IAM policy for the aspecttype and replaces any existing policy already attached. +// * `dataplex.AspectTypeIamBinding`: Authoritative for a given role. Updates the IAM policy to grant a role to a list of members. Other roles within the IAM policy for the aspecttype are preserved. +// * `dataplex.AspectTypeIamMember`: Non-authoritative. Updates the IAM policy to grant a role to a new member. Other members for the role for the aspecttype are preserved. +// +// # A data source can be used to retrieve policy data in advent you do not need creation +// +// * `dataplex.AspectTypeIamPolicy`: Retrieves the IAM policy for the aspecttype +// +// > **Note:** `dataplex.AspectTypeIamPolicy` **cannot** be used in conjunction with `dataplex.AspectTypeIamBinding` and `dataplex.AspectTypeIamMember` or they will fight over what your policy should be. +// +// > **Note:** `dataplex.AspectTypeIamBinding` resources **can be** used in conjunction with `dataplex.AspectTypeIamMember` resources **only if** they do not grant privilege to the same role. +// +// ## dataplex.AspectTypeIamPolicy +// +// ```go +// package main +// +// import ( +// +// "github.com/pulumi/pulumi-gcp/sdk/v7/go/gcp/dataplex" +// "github.com/pulumi/pulumi-gcp/sdk/v7/go/gcp/organizations" +// "github.com/pulumi/pulumi/sdk/v3/go/pulumi" +// +// ) +// +// func main() { +// pulumi.Run(func(ctx *pulumi.Context) error { +// admin, err := organizations.LookupIAMPolicy(ctx, &organizations.LookupIAMPolicyArgs{ +// Bindings: []organizations.GetIAMPolicyBinding{ +// { +// Role: "roles/viewer", +// Members: []string{ +// "user:jane@example.com", +// }, +// }, +// }, +// }, nil) +// if err != nil { +// return err +// } +// _, err = dataplex.NewAspectTypeIamPolicy(ctx, "policy", &dataplex.AspectTypeIamPolicyArgs{ +// Project: pulumi.Any(testAspectTypeBasic.Project), +// Location: pulumi.Any(testAspectTypeBasic.Location), +// AspectTypeId: pulumi.Any(testAspectTypeBasic.AspectTypeId), +// PolicyData: pulumi.String(admin.PolicyData), +// }) +// if err != nil { +// return err +// } +// return nil +// }) +// } +// +// ``` +// +// ## dataplex.AspectTypeIamBinding +// +// ```go +// package main +// +// import ( +// +// "github.com/pulumi/pulumi-gcp/sdk/v7/go/gcp/dataplex" +// "github.com/pulumi/pulumi/sdk/v3/go/pulumi" +// +// ) +// +// func main() { +// pulumi.Run(func(ctx *pulumi.Context) error { +// _, err := dataplex.NewAspectTypeIamBinding(ctx, "binding", &dataplex.AspectTypeIamBindingArgs{ +// Project: pulumi.Any(testAspectTypeBasic.Project), +// Location: pulumi.Any(testAspectTypeBasic.Location), +// AspectTypeId: pulumi.Any(testAspectTypeBasic.AspectTypeId), +// Role: pulumi.String("roles/viewer"), +// Members: pulumi.StringArray{ +// pulumi.String("user:jane@example.com"), +// }, +// }) +// if err != nil { +// return err +// } +// return nil +// }) +// } +// +// ``` +// +// ## dataplex.AspectTypeIamMember +// +// ```go +// package main +// +// import ( +// +// "github.com/pulumi/pulumi-gcp/sdk/v7/go/gcp/dataplex" +// "github.com/pulumi/pulumi/sdk/v3/go/pulumi" +// +// ) +// +// func main() { +// pulumi.Run(func(ctx *pulumi.Context) error { +// _, err := dataplex.NewAspectTypeIamMember(ctx, "member", &dataplex.AspectTypeIamMemberArgs{ +// Project: pulumi.Any(testAspectTypeBasic.Project), +// Location: pulumi.Any(testAspectTypeBasic.Location), +// AspectTypeId: pulumi.Any(testAspectTypeBasic.AspectTypeId), +// Role: pulumi.String("roles/viewer"), +// Member: pulumi.String("user:jane@example.com"), +// }) +// if err != nil { +// return err +// } +// return nil +// }) +// } +// +// ``` +// +// ## dataplex.AspectTypeIamPolicy +// +// ```go +// package main +// +// import ( +// +// "github.com/pulumi/pulumi-gcp/sdk/v7/go/gcp/dataplex" +// "github.com/pulumi/pulumi-gcp/sdk/v7/go/gcp/organizations" +// "github.com/pulumi/pulumi/sdk/v3/go/pulumi" +// +// ) +// +// func main() { +// pulumi.Run(func(ctx *pulumi.Context) error { +// admin, err := organizations.LookupIAMPolicy(ctx, &organizations.LookupIAMPolicyArgs{ +// Bindings: []organizations.GetIAMPolicyBinding{ +// { +// Role: "roles/viewer", +// Members: []string{ +// "user:jane@example.com", +// }, +// }, +// }, +// }, nil) +// if err != nil { +// return err +// } +// _, err = dataplex.NewAspectTypeIamPolicy(ctx, "policy", &dataplex.AspectTypeIamPolicyArgs{ +// Project: pulumi.Any(testAspectTypeBasic.Project), +// Location: pulumi.Any(testAspectTypeBasic.Location), +// AspectTypeId: pulumi.Any(testAspectTypeBasic.AspectTypeId), +// PolicyData: pulumi.String(admin.PolicyData), +// }) +// if err != nil { +// return err +// } +// return nil +// }) +// } +// +// ``` +// +// ## dataplex.AspectTypeIamBinding +// +// ```go +// package main +// +// import ( +// +// "github.com/pulumi/pulumi-gcp/sdk/v7/go/gcp/dataplex" +// "github.com/pulumi/pulumi/sdk/v3/go/pulumi" +// +// ) +// +// func main() { +// pulumi.Run(func(ctx *pulumi.Context) error { +// _, err := dataplex.NewAspectTypeIamBinding(ctx, "binding", &dataplex.AspectTypeIamBindingArgs{ +// Project: pulumi.Any(testAspectTypeBasic.Project), +// Location: pulumi.Any(testAspectTypeBasic.Location), +// AspectTypeId: pulumi.Any(testAspectTypeBasic.AspectTypeId), +// Role: pulumi.String("roles/viewer"), +// Members: pulumi.StringArray{ +// pulumi.String("user:jane@example.com"), +// }, +// }) +// if err != nil { +// return err +// } +// return nil +// }) +// } +// +// ``` +// +// ## dataplex.AspectTypeIamMember +// +// ```go +// package main +// +// import ( +// +// "github.com/pulumi/pulumi-gcp/sdk/v7/go/gcp/dataplex" +// "github.com/pulumi/pulumi/sdk/v3/go/pulumi" +// +// ) +// +// func main() { +// pulumi.Run(func(ctx *pulumi.Context) error { +// _, err := dataplex.NewAspectTypeIamMember(ctx, "member", &dataplex.AspectTypeIamMemberArgs{ +// Project: pulumi.Any(testAspectTypeBasic.Project), +// Location: pulumi.Any(testAspectTypeBasic.Location), +// AspectTypeId: pulumi.Any(testAspectTypeBasic.AspectTypeId), +// Role: pulumi.String("roles/viewer"), +// Member: pulumi.String("user:jane@example.com"), +// }) +// if err != nil { +// return err +// } +// return nil +// }) +// } +// +// ``` +// +// ## Import +// +// For all import syntaxes, the "resource in question" can take any of the following forms: +// +// * projects/{{project}}/locations/{{location}}/aspectTypes/{{aspect_type_id}} +// +// * {{project}}/{{location}}/{{aspect_type_id}} +// +// * {{location}}/{{aspect_type_id}} +// +// * {{aspect_type_id}} +// +// Any variables not passed in the import command will be taken from the provider configuration. +// +// Dataplex aspecttype IAM resources can be imported using the resource identifiers, role, and member. +// +// IAM member imports use space-delimited identifiers: the resource in question, the role, and the member identity, e.g. +// +// ```sh +// $ pulumi import gcp:dataplex/aspectTypeIamPolicy:AspectTypeIamPolicy editor "projects/{{project}}/locations/{{location}}/aspectTypes/{{aspect_type_id}} roles/viewer user:jane@example.com" +// ``` +// +// IAM binding imports use space-delimited identifiers: the resource in question and the role, e.g. +// +// ```sh +// $ pulumi import gcp:dataplex/aspectTypeIamPolicy:AspectTypeIamPolicy editor "projects/{{project}}/locations/{{location}}/aspectTypes/{{aspect_type_id}} roles/viewer" +// ``` +// +// IAM policy imports use the identifier of the resource in question, e.g. +// +// ```sh +// $ pulumi import gcp:dataplex/aspectTypeIamPolicy:AspectTypeIamPolicy editor projects/{{project}}/locations/{{location}}/aspectTypes/{{aspect_type_id}} +// ``` +// +// -> **Custom Roles**: If you're importing a IAM resource with a custom role, make sure to use the +// +// full name of the custom role, e.g. `[projects/my-project|organizations/my-org]/roles/my-custom-role`. +type AspectTypeIamPolicy struct { + pulumi.CustomResourceState + + AspectTypeId pulumi.StringOutput `pulumi:"aspectTypeId"` + // (Computed) The etag of the IAM policy. + Etag pulumi.StringOutput `pulumi:"etag"` + // The location where aspect type will be created in. + // Used to find the parent resource to bind the IAM policy to + Location pulumi.StringOutput `pulumi:"location"` + // The policy data generated by + // a `organizations.getIAMPolicy` data source. + PolicyData pulumi.StringOutput `pulumi:"policyData"` + // The ID of the project in which the resource belongs. + // If it is not provided, the project will be parsed from the identifier of the parent resource. If no project is provided in the parent identifier and no project is specified, the provider project is used. + Project pulumi.StringOutput `pulumi:"project"` +} + +// NewAspectTypeIamPolicy registers a new resource with the given unique name, arguments, and options. +func NewAspectTypeIamPolicy(ctx *pulumi.Context, + name string, args *AspectTypeIamPolicyArgs, opts ...pulumi.ResourceOption) (*AspectTypeIamPolicy, error) { + if args == nil { + return nil, errors.New("missing one or more required arguments") + } + + if args.AspectTypeId == nil { + return nil, errors.New("invalid value for required argument 'AspectTypeId'") + } + if args.PolicyData == nil { + return nil, errors.New("invalid value for required argument 'PolicyData'") + } + opts = internal.PkgResourceDefaultOpts(opts) + var resource AspectTypeIamPolicy + err := ctx.RegisterResource("gcp:dataplex/aspectTypeIamPolicy:AspectTypeIamPolicy", name, args, &resource, opts...) + if err != nil { + return nil, err + } + return &resource, nil +} + +// GetAspectTypeIamPolicy gets an existing AspectTypeIamPolicy resource's state with the given name, ID, and optional +// state properties that are used to uniquely qualify the lookup (nil if not required). +func GetAspectTypeIamPolicy(ctx *pulumi.Context, + name string, id pulumi.IDInput, state *AspectTypeIamPolicyState, opts ...pulumi.ResourceOption) (*AspectTypeIamPolicy, error) { + var resource AspectTypeIamPolicy + err := ctx.ReadResource("gcp:dataplex/aspectTypeIamPolicy:AspectTypeIamPolicy", name, id, state, &resource, opts...) + if err != nil { + return nil, err + } + return &resource, nil +} + +// Input properties used for looking up and filtering AspectTypeIamPolicy resources. +type aspectTypeIamPolicyState struct { + AspectTypeId *string `pulumi:"aspectTypeId"` + // (Computed) The etag of the IAM policy. + Etag *string `pulumi:"etag"` + // The location where aspect type will be created in. + // Used to find the parent resource to bind the IAM policy to + Location *string `pulumi:"location"` + // The policy data generated by + // a `organizations.getIAMPolicy` data source. + PolicyData *string `pulumi:"policyData"` + // The ID of the project in which the resource belongs. + // If it is not provided, the project will be parsed from the identifier of the parent resource. If no project is provided in the parent identifier and no project is specified, the provider project is used. + Project *string `pulumi:"project"` +} + +type AspectTypeIamPolicyState struct { + AspectTypeId pulumi.StringPtrInput + // (Computed) The etag of the IAM policy. + Etag pulumi.StringPtrInput + // The location where aspect type will be created in. + // Used to find the parent resource to bind the IAM policy to + Location pulumi.StringPtrInput + // The policy data generated by + // a `organizations.getIAMPolicy` data source. + PolicyData pulumi.StringPtrInput + // The ID of the project in which the resource belongs. + // If it is not provided, the project will be parsed from the identifier of the parent resource. If no project is provided in the parent identifier and no project is specified, the provider project is used. + Project pulumi.StringPtrInput +} + +func (AspectTypeIamPolicyState) ElementType() reflect.Type { + return reflect.TypeOf((*aspectTypeIamPolicyState)(nil)).Elem() +} + +type aspectTypeIamPolicyArgs struct { + AspectTypeId string `pulumi:"aspectTypeId"` + // The location where aspect type will be created in. + // Used to find the parent resource to bind the IAM policy to + Location *string `pulumi:"location"` + // The policy data generated by + // a `organizations.getIAMPolicy` data source. + PolicyData string `pulumi:"policyData"` + // The ID of the project in which the resource belongs. + // If it is not provided, the project will be parsed from the identifier of the parent resource. If no project is provided in the parent identifier and no project is specified, the provider project is used. + Project *string `pulumi:"project"` +} + +// The set of arguments for constructing a AspectTypeIamPolicy resource. +type AspectTypeIamPolicyArgs struct { + AspectTypeId pulumi.StringInput + // The location where aspect type will be created in. + // Used to find the parent resource to bind the IAM policy to + Location pulumi.StringPtrInput + // The policy data generated by + // a `organizations.getIAMPolicy` data source. + PolicyData pulumi.StringInput + // The ID of the project in which the resource belongs. + // If it is not provided, the project will be parsed from the identifier of the parent resource. If no project is provided in the parent identifier and no project is specified, the provider project is used. + Project pulumi.StringPtrInput +} + +func (AspectTypeIamPolicyArgs) ElementType() reflect.Type { + return reflect.TypeOf((*aspectTypeIamPolicyArgs)(nil)).Elem() +} + +type AspectTypeIamPolicyInput interface { + pulumi.Input + + ToAspectTypeIamPolicyOutput() AspectTypeIamPolicyOutput + ToAspectTypeIamPolicyOutputWithContext(ctx context.Context) AspectTypeIamPolicyOutput +} + +func (*AspectTypeIamPolicy) ElementType() reflect.Type { + return reflect.TypeOf((**AspectTypeIamPolicy)(nil)).Elem() +} + +func (i *AspectTypeIamPolicy) ToAspectTypeIamPolicyOutput() AspectTypeIamPolicyOutput { + return i.ToAspectTypeIamPolicyOutputWithContext(context.Background()) +} + +func (i *AspectTypeIamPolicy) ToAspectTypeIamPolicyOutputWithContext(ctx context.Context) AspectTypeIamPolicyOutput { + return pulumi.ToOutputWithContext(ctx, i).(AspectTypeIamPolicyOutput) +} + +// AspectTypeIamPolicyArrayInput is an input type that accepts AspectTypeIamPolicyArray and AspectTypeIamPolicyArrayOutput values. +// You can construct a concrete instance of `AspectTypeIamPolicyArrayInput` via: +// +// AspectTypeIamPolicyArray{ AspectTypeIamPolicyArgs{...} } +type AspectTypeIamPolicyArrayInput interface { + pulumi.Input + + ToAspectTypeIamPolicyArrayOutput() AspectTypeIamPolicyArrayOutput + ToAspectTypeIamPolicyArrayOutputWithContext(context.Context) AspectTypeIamPolicyArrayOutput +} + +type AspectTypeIamPolicyArray []AspectTypeIamPolicyInput + +func (AspectTypeIamPolicyArray) ElementType() reflect.Type { + return reflect.TypeOf((*[]*AspectTypeIamPolicy)(nil)).Elem() +} + +func (i AspectTypeIamPolicyArray) ToAspectTypeIamPolicyArrayOutput() AspectTypeIamPolicyArrayOutput { + return i.ToAspectTypeIamPolicyArrayOutputWithContext(context.Background()) +} + +func (i AspectTypeIamPolicyArray) ToAspectTypeIamPolicyArrayOutputWithContext(ctx context.Context) AspectTypeIamPolicyArrayOutput { + return pulumi.ToOutputWithContext(ctx, i).(AspectTypeIamPolicyArrayOutput) +} + +// AspectTypeIamPolicyMapInput is an input type that accepts AspectTypeIamPolicyMap and AspectTypeIamPolicyMapOutput values. +// You can construct a concrete instance of `AspectTypeIamPolicyMapInput` via: +// +// AspectTypeIamPolicyMap{ "key": AspectTypeIamPolicyArgs{...} } +type AspectTypeIamPolicyMapInput interface { + pulumi.Input + + ToAspectTypeIamPolicyMapOutput() AspectTypeIamPolicyMapOutput + ToAspectTypeIamPolicyMapOutputWithContext(context.Context) AspectTypeIamPolicyMapOutput +} + +type AspectTypeIamPolicyMap map[string]AspectTypeIamPolicyInput + +func (AspectTypeIamPolicyMap) ElementType() reflect.Type { + return reflect.TypeOf((*map[string]*AspectTypeIamPolicy)(nil)).Elem() +} + +func (i AspectTypeIamPolicyMap) ToAspectTypeIamPolicyMapOutput() AspectTypeIamPolicyMapOutput { + return i.ToAspectTypeIamPolicyMapOutputWithContext(context.Background()) +} + +func (i AspectTypeIamPolicyMap) ToAspectTypeIamPolicyMapOutputWithContext(ctx context.Context) AspectTypeIamPolicyMapOutput { + return pulumi.ToOutputWithContext(ctx, i).(AspectTypeIamPolicyMapOutput) +} + +type AspectTypeIamPolicyOutput struct{ *pulumi.OutputState } + +func (AspectTypeIamPolicyOutput) ElementType() reflect.Type { + return reflect.TypeOf((**AspectTypeIamPolicy)(nil)).Elem() +} + +func (o AspectTypeIamPolicyOutput) ToAspectTypeIamPolicyOutput() AspectTypeIamPolicyOutput { + return o +} + +func (o AspectTypeIamPolicyOutput) ToAspectTypeIamPolicyOutputWithContext(ctx context.Context) AspectTypeIamPolicyOutput { + return o +} + +func (o AspectTypeIamPolicyOutput) AspectTypeId() pulumi.StringOutput { + return o.ApplyT(func(v *AspectTypeIamPolicy) pulumi.StringOutput { return v.AspectTypeId }).(pulumi.StringOutput) +} + +// (Computed) The etag of the IAM policy. +func (o AspectTypeIamPolicyOutput) Etag() pulumi.StringOutput { + return o.ApplyT(func(v *AspectTypeIamPolicy) pulumi.StringOutput { return v.Etag }).(pulumi.StringOutput) +} + +// The location where aspect type will be created in. +// Used to find the parent resource to bind the IAM policy to +func (o AspectTypeIamPolicyOutput) Location() pulumi.StringOutput { + return o.ApplyT(func(v *AspectTypeIamPolicy) pulumi.StringOutput { return v.Location }).(pulumi.StringOutput) +} + +// The policy data generated by +// a `organizations.getIAMPolicy` data source. +func (o AspectTypeIamPolicyOutput) PolicyData() pulumi.StringOutput { + return o.ApplyT(func(v *AspectTypeIamPolicy) pulumi.StringOutput { return v.PolicyData }).(pulumi.StringOutput) +} + +// The ID of the project in which the resource belongs. +// If it is not provided, the project will be parsed from the identifier of the parent resource. If no project is provided in the parent identifier and no project is specified, the provider project is used. +func (o AspectTypeIamPolicyOutput) Project() pulumi.StringOutput { + return o.ApplyT(func(v *AspectTypeIamPolicy) pulumi.StringOutput { return v.Project }).(pulumi.StringOutput) +} + +type AspectTypeIamPolicyArrayOutput struct{ *pulumi.OutputState } + +func (AspectTypeIamPolicyArrayOutput) ElementType() reflect.Type { + return reflect.TypeOf((*[]*AspectTypeIamPolicy)(nil)).Elem() +} + +func (o AspectTypeIamPolicyArrayOutput) ToAspectTypeIamPolicyArrayOutput() AspectTypeIamPolicyArrayOutput { + return o +} + +func (o AspectTypeIamPolicyArrayOutput) ToAspectTypeIamPolicyArrayOutputWithContext(ctx context.Context) AspectTypeIamPolicyArrayOutput { + return o +} + +func (o AspectTypeIamPolicyArrayOutput) Index(i pulumi.IntInput) AspectTypeIamPolicyOutput { + return pulumi.All(o, i).ApplyT(func(vs []interface{}) *AspectTypeIamPolicy { + return vs[0].([]*AspectTypeIamPolicy)[vs[1].(int)] + }).(AspectTypeIamPolicyOutput) +} + +type AspectTypeIamPolicyMapOutput struct{ *pulumi.OutputState } + +func (AspectTypeIamPolicyMapOutput) ElementType() reflect.Type { + return reflect.TypeOf((*map[string]*AspectTypeIamPolicy)(nil)).Elem() +} + +func (o AspectTypeIamPolicyMapOutput) ToAspectTypeIamPolicyMapOutput() AspectTypeIamPolicyMapOutput { + return o +} + +func (o AspectTypeIamPolicyMapOutput) ToAspectTypeIamPolicyMapOutputWithContext(ctx context.Context) AspectTypeIamPolicyMapOutput { + return o +} + +func (o AspectTypeIamPolicyMapOutput) MapIndex(k pulumi.StringInput) AspectTypeIamPolicyOutput { + return pulumi.All(o, k).ApplyT(func(vs []interface{}) *AspectTypeIamPolicy { + return vs[0].(map[string]*AspectTypeIamPolicy)[vs[1].(string)] + }).(AspectTypeIamPolicyOutput) +} + +func init() { + pulumi.RegisterInputType(reflect.TypeOf((*AspectTypeIamPolicyInput)(nil)).Elem(), &AspectTypeIamPolicy{}) + pulumi.RegisterInputType(reflect.TypeOf((*AspectTypeIamPolicyArrayInput)(nil)).Elem(), AspectTypeIamPolicyArray{}) + pulumi.RegisterInputType(reflect.TypeOf((*AspectTypeIamPolicyMapInput)(nil)).Elem(), AspectTypeIamPolicyMap{}) + pulumi.RegisterOutputType(AspectTypeIamPolicyOutput{}) + pulumi.RegisterOutputType(AspectTypeIamPolicyArrayOutput{}) + pulumi.RegisterOutputType(AspectTypeIamPolicyMapOutput{}) +} diff --git a/sdk/go/gcp/dataplex/entryGroup.go b/sdk/go/gcp/dataplex/entryGroup.go new file mode 100644 index 0000000000..cbae22c983 --- /dev/null +++ b/sdk/go/gcp/dataplex/entryGroup.go @@ -0,0 +1,490 @@ +// Code generated by the Pulumi Terraform Bridge (tfgen) Tool DO NOT EDIT. +// *** WARNING: Do not edit by hand unless you're certain you know what you are doing! *** + +package dataplex + +import ( + "context" + "reflect" + + "github.com/pulumi/pulumi-gcp/sdk/v7/go/gcp/internal" + "github.com/pulumi/pulumi/sdk/v3/go/pulumi" +) + +// An Entry Group represents a logical grouping of one or more Entries. +// +// ## Example Usage +// +// ### Dataplex Entry Group Basic +// +// ```go +// package main +// +// import ( +// +// "github.com/pulumi/pulumi-gcp/sdk/v7/go/gcp/dataplex" +// "github.com/pulumi/pulumi/sdk/v3/go/pulumi" +// +// ) +// +// func main() { +// pulumi.Run(func(ctx *pulumi.Context) error { +// _, err := dataplex.NewEntryGroup(ctx, "test_entry_group_basic", &dataplex.EntryGroupArgs{ +// EntryGroupId: pulumi.String("entry-group-basic"), +// Project: pulumi.String("my-project-name"), +// Location: pulumi.String("us-central1"), +// }) +// if err != nil { +// return err +// } +// return nil +// }) +// } +// +// ``` +// ### Dataplex Entry Group Full +// +// ```go +// package main +// +// import ( +// +// "github.com/pulumi/pulumi-gcp/sdk/v7/go/gcp/dataplex" +// "github.com/pulumi/pulumi/sdk/v3/go/pulumi" +// +// ) +// +// func main() { +// pulumi.Run(func(ctx *pulumi.Context) error { +// _, err := dataplex.NewEntryGroup(ctx, "test_entry_group_full", &dataplex.EntryGroupArgs{ +// EntryGroupId: pulumi.String("entry-group-full"), +// Project: pulumi.String("my-project-name"), +// Location: pulumi.String("us-central1"), +// Labels: pulumi.StringMap{ +// "tag": pulumi.String("test-tf"), +// }, +// DisplayName: pulumi.String("terraform entry group"), +// Description: pulumi.String("entry group created by Terraform"), +// }) +// if err != nil { +// return err +// } +// return nil +// }) +// } +// +// ``` +// +// ## Import +// +// EntryGroup can be imported using any of these accepted formats: +// +// * `projects/{{project}}/locations/{{location}}/entryGroups/{{entry_group_id}}` +// +// * `{{project}}/{{location}}/{{entry_group_id}}` +// +// * `{{location}}/{{entry_group_id}}` +// +// When using the `pulumi import` command, EntryGroup can be imported using one of the formats above. For example: +// +// ```sh +// $ pulumi import gcp:dataplex/entryGroup:EntryGroup default projects/{{project}}/locations/{{location}}/entryGroups/{{entry_group_id}} +// ``` +// +// ```sh +// $ pulumi import gcp:dataplex/entryGroup:EntryGroup default {{project}}/{{location}}/{{entry_group_id}} +// ``` +// +// ```sh +// $ pulumi import gcp:dataplex/entryGroup:EntryGroup default {{location}}/{{entry_group_id}} +// ``` +type EntryGroup struct { + pulumi.CustomResourceState + + // The time when the EntryGroup was created. + CreateTime pulumi.StringOutput `pulumi:"createTime"` + // Description of the EntryGroup. + Description pulumi.StringPtrOutput `pulumi:"description"` + // User friendly display name. + DisplayName pulumi.StringPtrOutput `pulumi:"displayName"` + // All of labels (key/value pairs) present on the resource in GCP, including the labels configured through Pulumi, other clients and services. + EffectiveLabels pulumi.StringMapOutput `pulumi:"effectiveLabels"` + // The entry group id of the entry group. + EntryGroupId pulumi.StringPtrOutput `pulumi:"entryGroupId"` + // User-defined labels for the EntryGroup. + // + // **Note**: This field is non-authoritative, and will only manage the labels present in your configuration. + // Please refer to the field `effectiveLabels` for all of the labels present on the resource. + Labels pulumi.StringMapOutput `pulumi:"labels"` + // The location where entry group will be created in. + Location pulumi.StringPtrOutput `pulumi:"location"` + // The relative resource name of the EntryGroup, of the form: projects/{project_number}/locations/{location_id}/entryGroups/{entry_group_id} + Name pulumi.StringOutput `pulumi:"name"` + // The ID of the project in which the resource belongs. + // If it is not provided, the provider project is used. + Project pulumi.StringOutput `pulumi:"project"` + // The combination of labels configured directly on the resource + // and default labels configured on the provider. + PulumiLabels pulumi.StringMapOutput `pulumi:"pulumiLabels"` + // Denotes the transfer status of the Entry Group. It is unspecified + // for Entry Group created from Dataplex API. + TransferStatus pulumi.StringOutput `pulumi:"transferStatus"` + // System generated globally unique ID for the EntryGroup. This ID will be different if the EntryGroup is deleted and re-created with the same name. + Uid pulumi.StringOutput `pulumi:"uid"` + // The time when the EntryGroup was last updated. + UpdateTime pulumi.StringOutput `pulumi:"updateTime"` +} + +// NewEntryGroup registers a new resource with the given unique name, arguments, and options. +func NewEntryGroup(ctx *pulumi.Context, + name string, args *EntryGroupArgs, opts ...pulumi.ResourceOption) (*EntryGroup, error) { + if args == nil { + args = &EntryGroupArgs{} + } + + secrets := pulumi.AdditionalSecretOutputs([]string{ + "effectiveLabels", + "pulumiLabels", + }) + opts = append(opts, secrets) + opts = internal.PkgResourceDefaultOpts(opts) + var resource EntryGroup + err := ctx.RegisterResource("gcp:dataplex/entryGroup:EntryGroup", name, args, &resource, opts...) + if err != nil { + return nil, err + } + return &resource, nil +} + +// GetEntryGroup gets an existing EntryGroup resource's state with the given name, ID, and optional +// state properties that are used to uniquely qualify the lookup (nil if not required). +func GetEntryGroup(ctx *pulumi.Context, + name string, id pulumi.IDInput, state *EntryGroupState, opts ...pulumi.ResourceOption) (*EntryGroup, error) { + var resource EntryGroup + err := ctx.ReadResource("gcp:dataplex/entryGroup:EntryGroup", name, id, state, &resource, opts...) + if err != nil { + return nil, err + } + return &resource, nil +} + +// Input properties used for looking up and filtering EntryGroup resources. +type entryGroupState struct { + // The time when the EntryGroup was created. + CreateTime *string `pulumi:"createTime"` + // Description of the EntryGroup. + Description *string `pulumi:"description"` + // User friendly display name. + DisplayName *string `pulumi:"displayName"` + // All of labels (key/value pairs) present on the resource in GCP, including the labels configured through Pulumi, other clients and services. + EffectiveLabels map[string]string `pulumi:"effectiveLabels"` + // The entry group id of the entry group. + EntryGroupId *string `pulumi:"entryGroupId"` + // User-defined labels for the EntryGroup. + // + // **Note**: This field is non-authoritative, and will only manage the labels present in your configuration. + // Please refer to the field `effectiveLabels` for all of the labels present on the resource. + Labels map[string]string `pulumi:"labels"` + // The location where entry group will be created in. + Location *string `pulumi:"location"` + // The relative resource name of the EntryGroup, of the form: projects/{project_number}/locations/{location_id}/entryGroups/{entry_group_id} + Name *string `pulumi:"name"` + // The ID of the project in which the resource belongs. + // If it is not provided, the provider project is used. + Project *string `pulumi:"project"` + // The combination of labels configured directly on the resource + // and default labels configured on the provider. + PulumiLabels map[string]string `pulumi:"pulumiLabels"` + // Denotes the transfer status of the Entry Group. It is unspecified + // for Entry Group created from Dataplex API. + TransferStatus *string `pulumi:"transferStatus"` + // System generated globally unique ID for the EntryGroup. This ID will be different if the EntryGroup is deleted and re-created with the same name. + Uid *string `pulumi:"uid"` + // The time when the EntryGroup was last updated. + UpdateTime *string `pulumi:"updateTime"` +} + +type EntryGroupState struct { + // The time when the EntryGroup was created. + CreateTime pulumi.StringPtrInput + // Description of the EntryGroup. + Description pulumi.StringPtrInput + // User friendly display name. + DisplayName pulumi.StringPtrInput + // All of labels (key/value pairs) present on the resource in GCP, including the labels configured through Pulumi, other clients and services. + EffectiveLabels pulumi.StringMapInput + // The entry group id of the entry group. + EntryGroupId pulumi.StringPtrInput + // User-defined labels for the EntryGroup. + // + // **Note**: This field is non-authoritative, and will only manage the labels present in your configuration. + // Please refer to the field `effectiveLabels` for all of the labels present on the resource. + Labels pulumi.StringMapInput + // The location where entry group will be created in. + Location pulumi.StringPtrInput + // The relative resource name of the EntryGroup, of the form: projects/{project_number}/locations/{location_id}/entryGroups/{entry_group_id} + Name pulumi.StringPtrInput + // The ID of the project in which the resource belongs. + // If it is not provided, the provider project is used. + Project pulumi.StringPtrInput + // The combination of labels configured directly on the resource + // and default labels configured on the provider. + PulumiLabels pulumi.StringMapInput + // Denotes the transfer status of the Entry Group. It is unspecified + // for Entry Group created from Dataplex API. + TransferStatus pulumi.StringPtrInput + // System generated globally unique ID for the EntryGroup. This ID will be different if the EntryGroup is deleted and re-created with the same name. + Uid pulumi.StringPtrInput + // The time when the EntryGroup was last updated. + UpdateTime pulumi.StringPtrInput +} + +func (EntryGroupState) ElementType() reflect.Type { + return reflect.TypeOf((*entryGroupState)(nil)).Elem() +} + +type entryGroupArgs struct { + // Description of the EntryGroup. + Description *string `pulumi:"description"` + // User friendly display name. + DisplayName *string `pulumi:"displayName"` + // The entry group id of the entry group. + EntryGroupId *string `pulumi:"entryGroupId"` + // User-defined labels for the EntryGroup. + // + // **Note**: This field is non-authoritative, and will only manage the labels present in your configuration. + // Please refer to the field `effectiveLabels` for all of the labels present on the resource. + Labels map[string]string `pulumi:"labels"` + // The location where entry group will be created in. + Location *string `pulumi:"location"` + // The ID of the project in which the resource belongs. + // If it is not provided, the provider project is used. + Project *string `pulumi:"project"` +} + +// The set of arguments for constructing a EntryGroup resource. +type EntryGroupArgs struct { + // Description of the EntryGroup. + Description pulumi.StringPtrInput + // User friendly display name. + DisplayName pulumi.StringPtrInput + // The entry group id of the entry group. + EntryGroupId pulumi.StringPtrInput + // User-defined labels for the EntryGroup. + // + // **Note**: This field is non-authoritative, and will only manage the labels present in your configuration. + // Please refer to the field `effectiveLabels` for all of the labels present on the resource. + Labels pulumi.StringMapInput + // The location where entry group will be created in. + Location pulumi.StringPtrInput + // The ID of the project in which the resource belongs. + // If it is not provided, the provider project is used. + Project pulumi.StringPtrInput +} + +func (EntryGroupArgs) ElementType() reflect.Type { + return reflect.TypeOf((*entryGroupArgs)(nil)).Elem() +} + +type EntryGroupInput interface { + pulumi.Input + + ToEntryGroupOutput() EntryGroupOutput + ToEntryGroupOutputWithContext(ctx context.Context) EntryGroupOutput +} + +func (*EntryGroup) ElementType() reflect.Type { + return reflect.TypeOf((**EntryGroup)(nil)).Elem() +} + +func (i *EntryGroup) ToEntryGroupOutput() EntryGroupOutput { + return i.ToEntryGroupOutputWithContext(context.Background()) +} + +func (i *EntryGroup) ToEntryGroupOutputWithContext(ctx context.Context) EntryGroupOutput { + return pulumi.ToOutputWithContext(ctx, i).(EntryGroupOutput) +} + +// EntryGroupArrayInput is an input type that accepts EntryGroupArray and EntryGroupArrayOutput values. +// You can construct a concrete instance of `EntryGroupArrayInput` via: +// +// EntryGroupArray{ EntryGroupArgs{...} } +type EntryGroupArrayInput interface { + pulumi.Input + + ToEntryGroupArrayOutput() EntryGroupArrayOutput + ToEntryGroupArrayOutputWithContext(context.Context) EntryGroupArrayOutput +} + +type EntryGroupArray []EntryGroupInput + +func (EntryGroupArray) ElementType() reflect.Type { + return reflect.TypeOf((*[]*EntryGroup)(nil)).Elem() +} + +func (i EntryGroupArray) ToEntryGroupArrayOutput() EntryGroupArrayOutput { + return i.ToEntryGroupArrayOutputWithContext(context.Background()) +} + +func (i EntryGroupArray) ToEntryGroupArrayOutputWithContext(ctx context.Context) EntryGroupArrayOutput { + return pulumi.ToOutputWithContext(ctx, i).(EntryGroupArrayOutput) +} + +// EntryGroupMapInput is an input type that accepts EntryGroupMap and EntryGroupMapOutput values. +// You can construct a concrete instance of `EntryGroupMapInput` via: +// +// EntryGroupMap{ "key": EntryGroupArgs{...} } +type EntryGroupMapInput interface { + pulumi.Input + + ToEntryGroupMapOutput() EntryGroupMapOutput + ToEntryGroupMapOutputWithContext(context.Context) EntryGroupMapOutput +} + +type EntryGroupMap map[string]EntryGroupInput + +func (EntryGroupMap) ElementType() reflect.Type { + return reflect.TypeOf((*map[string]*EntryGroup)(nil)).Elem() +} + +func (i EntryGroupMap) ToEntryGroupMapOutput() EntryGroupMapOutput { + return i.ToEntryGroupMapOutputWithContext(context.Background()) +} + +func (i EntryGroupMap) ToEntryGroupMapOutputWithContext(ctx context.Context) EntryGroupMapOutput { + return pulumi.ToOutputWithContext(ctx, i).(EntryGroupMapOutput) +} + +type EntryGroupOutput struct{ *pulumi.OutputState } + +func (EntryGroupOutput) ElementType() reflect.Type { + return reflect.TypeOf((**EntryGroup)(nil)).Elem() +} + +func (o EntryGroupOutput) ToEntryGroupOutput() EntryGroupOutput { + return o +} + +func (o EntryGroupOutput) ToEntryGroupOutputWithContext(ctx context.Context) EntryGroupOutput { + return o +} + +// The time when the EntryGroup was created. +func (o EntryGroupOutput) CreateTime() pulumi.StringOutput { + return o.ApplyT(func(v *EntryGroup) pulumi.StringOutput { return v.CreateTime }).(pulumi.StringOutput) +} + +// Description of the EntryGroup. +func (o EntryGroupOutput) Description() pulumi.StringPtrOutput { + return o.ApplyT(func(v *EntryGroup) pulumi.StringPtrOutput { return v.Description }).(pulumi.StringPtrOutput) +} + +// User friendly display name. +func (o EntryGroupOutput) DisplayName() pulumi.StringPtrOutput { + return o.ApplyT(func(v *EntryGroup) pulumi.StringPtrOutput { return v.DisplayName }).(pulumi.StringPtrOutput) +} + +// All of labels (key/value pairs) present on the resource in GCP, including the labels configured through Pulumi, other clients and services. +func (o EntryGroupOutput) EffectiveLabels() pulumi.StringMapOutput { + return o.ApplyT(func(v *EntryGroup) pulumi.StringMapOutput { return v.EffectiveLabels }).(pulumi.StringMapOutput) +} + +// The entry group id of the entry group. +func (o EntryGroupOutput) EntryGroupId() pulumi.StringPtrOutput { + return o.ApplyT(func(v *EntryGroup) pulumi.StringPtrOutput { return v.EntryGroupId }).(pulumi.StringPtrOutput) +} + +// User-defined labels for the EntryGroup. +// +// **Note**: This field is non-authoritative, and will only manage the labels present in your configuration. +// Please refer to the field `effectiveLabels` for all of the labels present on the resource. +func (o EntryGroupOutput) Labels() pulumi.StringMapOutput { + return o.ApplyT(func(v *EntryGroup) pulumi.StringMapOutput { return v.Labels }).(pulumi.StringMapOutput) +} + +// The location where entry group will be created in. +func (o EntryGroupOutput) Location() pulumi.StringPtrOutput { + return o.ApplyT(func(v *EntryGroup) pulumi.StringPtrOutput { return v.Location }).(pulumi.StringPtrOutput) +} + +// The relative resource name of the EntryGroup, of the form: projects/{project_number}/locations/{location_id}/entryGroups/{entry_group_id} +func (o EntryGroupOutput) Name() pulumi.StringOutput { + return o.ApplyT(func(v *EntryGroup) pulumi.StringOutput { return v.Name }).(pulumi.StringOutput) +} + +// The ID of the project in which the resource belongs. +// If it is not provided, the provider project is used. +func (o EntryGroupOutput) Project() pulumi.StringOutput { + return o.ApplyT(func(v *EntryGroup) pulumi.StringOutput { return v.Project }).(pulumi.StringOutput) +} + +// The combination of labels configured directly on the resource +// and default labels configured on the provider. +func (o EntryGroupOutput) PulumiLabels() pulumi.StringMapOutput { + return o.ApplyT(func(v *EntryGroup) pulumi.StringMapOutput { return v.PulumiLabels }).(pulumi.StringMapOutput) +} + +// Denotes the transfer status of the Entry Group. It is unspecified +// for Entry Group created from Dataplex API. +func (o EntryGroupOutput) TransferStatus() pulumi.StringOutput { + return o.ApplyT(func(v *EntryGroup) pulumi.StringOutput { return v.TransferStatus }).(pulumi.StringOutput) +} + +// System generated globally unique ID for the EntryGroup. This ID will be different if the EntryGroup is deleted and re-created with the same name. +func (o EntryGroupOutput) Uid() pulumi.StringOutput { + return o.ApplyT(func(v *EntryGroup) pulumi.StringOutput { return v.Uid }).(pulumi.StringOutput) +} + +// The time when the EntryGroup was last updated. +func (o EntryGroupOutput) UpdateTime() pulumi.StringOutput { + return o.ApplyT(func(v *EntryGroup) pulumi.StringOutput { return v.UpdateTime }).(pulumi.StringOutput) +} + +type EntryGroupArrayOutput struct{ *pulumi.OutputState } + +func (EntryGroupArrayOutput) ElementType() reflect.Type { + return reflect.TypeOf((*[]*EntryGroup)(nil)).Elem() +} + +func (o EntryGroupArrayOutput) ToEntryGroupArrayOutput() EntryGroupArrayOutput { + return o +} + +func (o EntryGroupArrayOutput) ToEntryGroupArrayOutputWithContext(ctx context.Context) EntryGroupArrayOutput { + return o +} + +func (o EntryGroupArrayOutput) Index(i pulumi.IntInput) EntryGroupOutput { + return pulumi.All(o, i).ApplyT(func(vs []interface{}) *EntryGroup { + return vs[0].([]*EntryGroup)[vs[1].(int)] + }).(EntryGroupOutput) +} + +type EntryGroupMapOutput struct{ *pulumi.OutputState } + +func (EntryGroupMapOutput) ElementType() reflect.Type { + return reflect.TypeOf((*map[string]*EntryGroup)(nil)).Elem() +} + +func (o EntryGroupMapOutput) ToEntryGroupMapOutput() EntryGroupMapOutput { + return o +} + +func (o EntryGroupMapOutput) ToEntryGroupMapOutputWithContext(ctx context.Context) EntryGroupMapOutput { + return o +} + +func (o EntryGroupMapOutput) MapIndex(k pulumi.StringInput) EntryGroupOutput { + return pulumi.All(o, k).ApplyT(func(vs []interface{}) *EntryGroup { + return vs[0].(map[string]*EntryGroup)[vs[1].(string)] + }).(EntryGroupOutput) +} + +func init() { + pulumi.RegisterInputType(reflect.TypeOf((*EntryGroupInput)(nil)).Elem(), &EntryGroup{}) + pulumi.RegisterInputType(reflect.TypeOf((*EntryGroupArrayInput)(nil)).Elem(), EntryGroupArray{}) + pulumi.RegisterInputType(reflect.TypeOf((*EntryGroupMapInput)(nil)).Elem(), EntryGroupMap{}) + pulumi.RegisterOutputType(EntryGroupOutput{}) + pulumi.RegisterOutputType(EntryGroupArrayOutput{}) + pulumi.RegisterOutputType(EntryGroupMapOutput{}) +} diff --git a/sdk/go/gcp/dataplex/entryGroupIamBinding.go b/sdk/go/gcp/dataplex/entryGroupIamBinding.go new file mode 100644 index 0000000000..f6957f175e --- /dev/null +++ b/sdk/go/gcp/dataplex/entryGroupIamBinding.go @@ -0,0 +1,643 @@ +// Code generated by the Pulumi Terraform Bridge (tfgen) Tool DO NOT EDIT. +// *** WARNING: Do not edit by hand unless you're certain you know what you are doing! *** + +package dataplex + +import ( + "context" + "reflect" + + "errors" + "github.com/pulumi/pulumi-gcp/sdk/v7/go/gcp/internal" + "github.com/pulumi/pulumi/sdk/v3/go/pulumi" +) + +// Three different resources help you manage your IAM policy for Dataplex EntryGroup. Each of these resources serves a different use case: +// +// * `dataplex.EntryGroupIamPolicy`: Authoritative. Sets the IAM policy for the entrygroup and replaces any existing policy already attached. +// * `dataplex.EntryGroupIamBinding`: Authoritative for a given role. Updates the IAM policy to grant a role to a list of members. Other roles within the IAM policy for the entrygroup are preserved. +// * `dataplex.EntryGroupIamMember`: Non-authoritative. Updates the IAM policy to grant a role to a new member. Other members for the role for the entrygroup are preserved. +// +// # A data source can be used to retrieve policy data in advent you do not need creation +// +// * `dataplex.EntryGroupIamPolicy`: Retrieves the IAM policy for the entrygroup +// +// > **Note:** `dataplex.EntryGroupIamPolicy` **cannot** be used in conjunction with `dataplex.EntryGroupIamBinding` and `dataplex.EntryGroupIamMember` or they will fight over what your policy should be. +// +// > **Note:** `dataplex.EntryGroupIamBinding` resources **can be** used in conjunction with `dataplex.EntryGroupIamMember` resources **only if** they do not grant privilege to the same role. +// +// ## dataplex.EntryGroupIamPolicy +// +// ```go +// package main +// +// import ( +// +// "github.com/pulumi/pulumi-gcp/sdk/v7/go/gcp/dataplex" +// "github.com/pulumi/pulumi-gcp/sdk/v7/go/gcp/organizations" +// "github.com/pulumi/pulumi/sdk/v3/go/pulumi" +// +// ) +// +// func main() { +// pulumi.Run(func(ctx *pulumi.Context) error { +// admin, err := organizations.LookupIAMPolicy(ctx, &organizations.LookupIAMPolicyArgs{ +// Bindings: []organizations.GetIAMPolicyBinding{ +// { +// Role: "roles/viewer", +// Members: []string{ +// "user:jane@example.com", +// }, +// }, +// }, +// }, nil) +// if err != nil { +// return err +// } +// _, err = dataplex.NewEntryGroupIamPolicy(ctx, "policy", &dataplex.EntryGroupIamPolicyArgs{ +// Project: pulumi.Any(testEntryGroupBasic.Project), +// Location: pulumi.Any(testEntryGroupBasic.Location), +// EntryGroupId: pulumi.Any(testEntryGroupBasic.EntryGroupId), +// PolicyData: pulumi.String(admin.PolicyData), +// }) +// if err != nil { +// return err +// } +// return nil +// }) +// } +// +// ``` +// +// ## dataplex.EntryGroupIamBinding +// +// ```go +// package main +// +// import ( +// +// "github.com/pulumi/pulumi-gcp/sdk/v7/go/gcp/dataplex" +// "github.com/pulumi/pulumi/sdk/v3/go/pulumi" +// +// ) +// +// func main() { +// pulumi.Run(func(ctx *pulumi.Context) error { +// _, err := dataplex.NewEntryGroupIamBinding(ctx, "binding", &dataplex.EntryGroupIamBindingArgs{ +// Project: pulumi.Any(testEntryGroupBasic.Project), +// Location: pulumi.Any(testEntryGroupBasic.Location), +// EntryGroupId: pulumi.Any(testEntryGroupBasic.EntryGroupId), +// Role: pulumi.String("roles/viewer"), +// Members: pulumi.StringArray{ +// pulumi.String("user:jane@example.com"), +// }, +// }) +// if err != nil { +// return err +// } +// return nil +// }) +// } +// +// ``` +// +// ## dataplex.EntryGroupIamMember +// +// ```go +// package main +// +// import ( +// +// "github.com/pulumi/pulumi-gcp/sdk/v7/go/gcp/dataplex" +// "github.com/pulumi/pulumi/sdk/v3/go/pulumi" +// +// ) +// +// func main() { +// pulumi.Run(func(ctx *pulumi.Context) error { +// _, err := dataplex.NewEntryGroupIamMember(ctx, "member", &dataplex.EntryGroupIamMemberArgs{ +// Project: pulumi.Any(testEntryGroupBasic.Project), +// Location: pulumi.Any(testEntryGroupBasic.Location), +// EntryGroupId: pulumi.Any(testEntryGroupBasic.EntryGroupId), +// Role: pulumi.String("roles/viewer"), +// Member: pulumi.String("user:jane@example.com"), +// }) +// if err != nil { +// return err +// } +// return nil +// }) +// } +// +// ``` +// +// ## dataplex.EntryGroupIamPolicy +// +// ```go +// package main +// +// import ( +// +// "github.com/pulumi/pulumi-gcp/sdk/v7/go/gcp/dataplex" +// "github.com/pulumi/pulumi-gcp/sdk/v7/go/gcp/organizations" +// "github.com/pulumi/pulumi/sdk/v3/go/pulumi" +// +// ) +// +// func main() { +// pulumi.Run(func(ctx *pulumi.Context) error { +// admin, err := organizations.LookupIAMPolicy(ctx, &organizations.LookupIAMPolicyArgs{ +// Bindings: []organizations.GetIAMPolicyBinding{ +// { +// Role: "roles/viewer", +// Members: []string{ +// "user:jane@example.com", +// }, +// }, +// }, +// }, nil) +// if err != nil { +// return err +// } +// _, err = dataplex.NewEntryGroupIamPolicy(ctx, "policy", &dataplex.EntryGroupIamPolicyArgs{ +// Project: pulumi.Any(testEntryGroupBasic.Project), +// Location: pulumi.Any(testEntryGroupBasic.Location), +// EntryGroupId: pulumi.Any(testEntryGroupBasic.EntryGroupId), +// PolicyData: pulumi.String(admin.PolicyData), +// }) +// if err != nil { +// return err +// } +// return nil +// }) +// } +// +// ``` +// +// ## dataplex.EntryGroupIamBinding +// +// ```go +// package main +// +// import ( +// +// "github.com/pulumi/pulumi-gcp/sdk/v7/go/gcp/dataplex" +// "github.com/pulumi/pulumi/sdk/v3/go/pulumi" +// +// ) +// +// func main() { +// pulumi.Run(func(ctx *pulumi.Context) error { +// _, err := dataplex.NewEntryGroupIamBinding(ctx, "binding", &dataplex.EntryGroupIamBindingArgs{ +// Project: pulumi.Any(testEntryGroupBasic.Project), +// Location: pulumi.Any(testEntryGroupBasic.Location), +// EntryGroupId: pulumi.Any(testEntryGroupBasic.EntryGroupId), +// Role: pulumi.String("roles/viewer"), +// Members: pulumi.StringArray{ +// pulumi.String("user:jane@example.com"), +// }, +// }) +// if err != nil { +// return err +// } +// return nil +// }) +// } +// +// ``` +// +// ## dataplex.EntryGroupIamMember +// +// ```go +// package main +// +// import ( +// +// "github.com/pulumi/pulumi-gcp/sdk/v7/go/gcp/dataplex" +// "github.com/pulumi/pulumi/sdk/v3/go/pulumi" +// +// ) +// +// func main() { +// pulumi.Run(func(ctx *pulumi.Context) error { +// _, err := dataplex.NewEntryGroupIamMember(ctx, "member", &dataplex.EntryGroupIamMemberArgs{ +// Project: pulumi.Any(testEntryGroupBasic.Project), +// Location: pulumi.Any(testEntryGroupBasic.Location), +// EntryGroupId: pulumi.Any(testEntryGroupBasic.EntryGroupId), +// Role: pulumi.String("roles/viewer"), +// Member: pulumi.String("user:jane@example.com"), +// }) +// if err != nil { +// return err +// } +// return nil +// }) +// } +// +// ``` +// +// ## Import +// +// For all import syntaxes, the "resource in question" can take any of the following forms: +// +// * projects/{{project}}/locations/{{location}}/entryGroups/{{entry_group_id}} +// +// * {{project}}/{{location}}/{{entry_group_id}} +// +// * {{location}}/{{entry_group_id}} +// +// * {{entry_group_id}} +// +// Any variables not passed in the import command will be taken from the provider configuration. +// +// Dataplex entrygroup IAM resources can be imported using the resource identifiers, role, and member. +// +// IAM member imports use space-delimited identifiers: the resource in question, the role, and the member identity, e.g. +// +// ```sh +// $ pulumi import gcp:dataplex/entryGroupIamBinding:EntryGroupIamBinding editor "projects/{{project}}/locations/{{location}}/entryGroups/{{entry_group_id}} roles/viewer user:jane@example.com" +// ``` +// +// IAM binding imports use space-delimited identifiers: the resource in question and the role, e.g. +// +// ```sh +// $ pulumi import gcp:dataplex/entryGroupIamBinding:EntryGroupIamBinding editor "projects/{{project}}/locations/{{location}}/entryGroups/{{entry_group_id}} roles/viewer" +// ``` +// +// IAM policy imports use the identifier of the resource in question, e.g. +// +// ```sh +// $ pulumi import gcp:dataplex/entryGroupIamBinding:EntryGroupIamBinding editor projects/{{project}}/locations/{{location}}/entryGroups/{{entry_group_id}} +// ``` +// +// -> **Custom Roles**: If you're importing a IAM resource with a custom role, make sure to use the +// +// full name of the custom role, e.g. `[projects/my-project|organizations/my-org]/roles/my-custom-role`. +type EntryGroupIamBinding struct { + pulumi.CustomResourceState + + Condition EntryGroupIamBindingConditionPtrOutput `pulumi:"condition"` + EntryGroupId pulumi.StringOutput `pulumi:"entryGroupId"` + // (Computed) The etag of the IAM policy. + Etag pulumi.StringOutput `pulumi:"etag"` + // The location where entry group will be created in. + // Used to find the parent resource to bind the IAM policy to + Location pulumi.StringOutput `pulumi:"location"` + // Identities that will be granted the privilege in `role`. + // Each entry can have one of the following values: + // * **allUsers**: A special identifier that represents anyone who is on the internet; with or without a Google account. + // * **allAuthenticatedUsers**: A special identifier that represents anyone who is authenticated with a Google account or a service account. + // * **user:{emailid}**: An email address that represents a specific Google account. For example, alice@gmail.com or joe@example.com. + // * **serviceAccount:{emailid}**: An email address that represents a service account. For example, my-other-app@appspot.gserviceaccount.com. + // * **group:{emailid}**: An email address that represents a Google group. For example, admins@example.com. + // * **domain:{domain}**: A G Suite domain (primary, instead of alias) name that represents all the users of that domain. For example, google.com or example.com. + // * **projectOwner:projectid**: Owners of the given project. For example, "projectOwner:my-example-project" + // * **projectEditor:projectid**: Editors of the given project. For example, "projectEditor:my-example-project" + // * **projectViewer:projectid**: Viewers of the given project. For example, "projectViewer:my-example-project" + Members pulumi.StringArrayOutput `pulumi:"members"` + // The ID of the project in which the resource belongs. + // If it is not provided, the project will be parsed from the identifier of the parent resource. If no project is provided in the parent identifier and no project is specified, the provider project is used. + Project pulumi.StringOutput `pulumi:"project"` + // The role that should be applied. Only one + // `dataplex.EntryGroupIamBinding` can be used per role. Note that custom roles must be of the format + // `[projects|organizations]/{parent-name}/roles/{role-name}`. + Role pulumi.StringOutput `pulumi:"role"` +} + +// NewEntryGroupIamBinding registers a new resource with the given unique name, arguments, and options. +func NewEntryGroupIamBinding(ctx *pulumi.Context, + name string, args *EntryGroupIamBindingArgs, opts ...pulumi.ResourceOption) (*EntryGroupIamBinding, error) { + if args == nil { + return nil, errors.New("missing one or more required arguments") + } + + if args.EntryGroupId == nil { + return nil, errors.New("invalid value for required argument 'EntryGroupId'") + } + if args.Members == nil { + return nil, errors.New("invalid value for required argument 'Members'") + } + if args.Role == nil { + return nil, errors.New("invalid value for required argument 'Role'") + } + opts = internal.PkgResourceDefaultOpts(opts) + var resource EntryGroupIamBinding + err := ctx.RegisterResource("gcp:dataplex/entryGroupIamBinding:EntryGroupIamBinding", name, args, &resource, opts...) + if err != nil { + return nil, err + } + return &resource, nil +} + +// GetEntryGroupIamBinding gets an existing EntryGroupIamBinding resource's state with the given name, ID, and optional +// state properties that are used to uniquely qualify the lookup (nil if not required). +func GetEntryGroupIamBinding(ctx *pulumi.Context, + name string, id pulumi.IDInput, state *EntryGroupIamBindingState, opts ...pulumi.ResourceOption) (*EntryGroupIamBinding, error) { + var resource EntryGroupIamBinding + err := ctx.ReadResource("gcp:dataplex/entryGroupIamBinding:EntryGroupIamBinding", name, id, state, &resource, opts...) + if err != nil { + return nil, err + } + return &resource, nil +} + +// Input properties used for looking up and filtering EntryGroupIamBinding resources. +type entryGroupIamBindingState struct { + Condition *EntryGroupIamBindingCondition `pulumi:"condition"` + EntryGroupId *string `pulumi:"entryGroupId"` + // (Computed) The etag of the IAM policy. + Etag *string `pulumi:"etag"` + // The location where entry group will be created in. + // Used to find the parent resource to bind the IAM policy to + Location *string `pulumi:"location"` + // Identities that will be granted the privilege in `role`. + // Each entry can have one of the following values: + // * **allUsers**: A special identifier that represents anyone who is on the internet; with or without a Google account. + // * **allAuthenticatedUsers**: A special identifier that represents anyone who is authenticated with a Google account or a service account. + // * **user:{emailid}**: An email address that represents a specific Google account. For example, alice@gmail.com or joe@example.com. + // * **serviceAccount:{emailid}**: An email address that represents a service account. For example, my-other-app@appspot.gserviceaccount.com. + // * **group:{emailid}**: An email address that represents a Google group. For example, admins@example.com. + // * **domain:{domain}**: A G Suite domain (primary, instead of alias) name that represents all the users of that domain. For example, google.com or example.com. + // * **projectOwner:projectid**: Owners of the given project. For example, "projectOwner:my-example-project" + // * **projectEditor:projectid**: Editors of the given project. For example, "projectEditor:my-example-project" + // * **projectViewer:projectid**: Viewers of the given project. For example, "projectViewer:my-example-project" + Members []string `pulumi:"members"` + // The ID of the project in which the resource belongs. + // If it is not provided, the project will be parsed from the identifier of the parent resource. If no project is provided in the parent identifier and no project is specified, the provider project is used. + Project *string `pulumi:"project"` + // The role that should be applied. Only one + // `dataplex.EntryGroupIamBinding` can be used per role. Note that custom roles must be of the format + // `[projects|organizations]/{parent-name}/roles/{role-name}`. + Role *string `pulumi:"role"` +} + +type EntryGroupIamBindingState struct { + Condition EntryGroupIamBindingConditionPtrInput + EntryGroupId pulumi.StringPtrInput + // (Computed) The etag of the IAM policy. + Etag pulumi.StringPtrInput + // The location where entry group will be created in. + // Used to find the parent resource to bind the IAM policy to + Location pulumi.StringPtrInput + // Identities that will be granted the privilege in `role`. + // Each entry can have one of the following values: + // * **allUsers**: A special identifier that represents anyone who is on the internet; with or without a Google account. + // * **allAuthenticatedUsers**: A special identifier that represents anyone who is authenticated with a Google account or a service account. + // * **user:{emailid}**: An email address that represents a specific Google account. For example, alice@gmail.com or joe@example.com. + // * **serviceAccount:{emailid}**: An email address that represents a service account. For example, my-other-app@appspot.gserviceaccount.com. + // * **group:{emailid}**: An email address that represents a Google group. For example, admins@example.com. + // * **domain:{domain}**: A G Suite domain (primary, instead of alias) name that represents all the users of that domain. For example, google.com or example.com. + // * **projectOwner:projectid**: Owners of the given project. For example, "projectOwner:my-example-project" + // * **projectEditor:projectid**: Editors of the given project. For example, "projectEditor:my-example-project" + // * **projectViewer:projectid**: Viewers of the given project. For example, "projectViewer:my-example-project" + Members pulumi.StringArrayInput + // The ID of the project in which the resource belongs. + // If it is not provided, the project will be parsed from the identifier of the parent resource. If no project is provided in the parent identifier and no project is specified, the provider project is used. + Project pulumi.StringPtrInput + // The role that should be applied. Only one + // `dataplex.EntryGroupIamBinding` can be used per role. Note that custom roles must be of the format + // `[projects|organizations]/{parent-name}/roles/{role-name}`. + Role pulumi.StringPtrInput +} + +func (EntryGroupIamBindingState) ElementType() reflect.Type { + return reflect.TypeOf((*entryGroupIamBindingState)(nil)).Elem() +} + +type entryGroupIamBindingArgs struct { + Condition *EntryGroupIamBindingCondition `pulumi:"condition"` + EntryGroupId string `pulumi:"entryGroupId"` + // The location where entry group will be created in. + // Used to find the parent resource to bind the IAM policy to + Location *string `pulumi:"location"` + // Identities that will be granted the privilege in `role`. + // Each entry can have one of the following values: + // * **allUsers**: A special identifier that represents anyone who is on the internet; with or without a Google account. + // * **allAuthenticatedUsers**: A special identifier that represents anyone who is authenticated with a Google account or a service account. + // * **user:{emailid}**: An email address that represents a specific Google account. For example, alice@gmail.com or joe@example.com. + // * **serviceAccount:{emailid}**: An email address that represents a service account. For example, my-other-app@appspot.gserviceaccount.com. + // * **group:{emailid}**: An email address that represents a Google group. For example, admins@example.com. + // * **domain:{domain}**: A G Suite domain (primary, instead of alias) name that represents all the users of that domain. For example, google.com or example.com. + // * **projectOwner:projectid**: Owners of the given project. For example, "projectOwner:my-example-project" + // * **projectEditor:projectid**: Editors of the given project. For example, "projectEditor:my-example-project" + // * **projectViewer:projectid**: Viewers of the given project. For example, "projectViewer:my-example-project" + Members []string `pulumi:"members"` + // The ID of the project in which the resource belongs. + // If it is not provided, the project will be parsed from the identifier of the parent resource. If no project is provided in the parent identifier and no project is specified, the provider project is used. + Project *string `pulumi:"project"` + // The role that should be applied. Only one + // `dataplex.EntryGroupIamBinding` can be used per role. Note that custom roles must be of the format + // `[projects|organizations]/{parent-name}/roles/{role-name}`. + Role string `pulumi:"role"` +} + +// The set of arguments for constructing a EntryGroupIamBinding resource. +type EntryGroupIamBindingArgs struct { + Condition EntryGroupIamBindingConditionPtrInput + EntryGroupId pulumi.StringInput + // The location where entry group will be created in. + // Used to find the parent resource to bind the IAM policy to + Location pulumi.StringPtrInput + // Identities that will be granted the privilege in `role`. + // Each entry can have one of the following values: + // * **allUsers**: A special identifier that represents anyone who is on the internet; with or without a Google account. + // * **allAuthenticatedUsers**: A special identifier that represents anyone who is authenticated with a Google account or a service account. + // * **user:{emailid}**: An email address that represents a specific Google account. For example, alice@gmail.com or joe@example.com. + // * **serviceAccount:{emailid}**: An email address that represents a service account. For example, my-other-app@appspot.gserviceaccount.com. + // * **group:{emailid}**: An email address that represents a Google group. For example, admins@example.com. + // * **domain:{domain}**: A G Suite domain (primary, instead of alias) name that represents all the users of that domain. For example, google.com or example.com. + // * **projectOwner:projectid**: Owners of the given project. For example, "projectOwner:my-example-project" + // * **projectEditor:projectid**: Editors of the given project. For example, "projectEditor:my-example-project" + // * **projectViewer:projectid**: Viewers of the given project. For example, "projectViewer:my-example-project" + Members pulumi.StringArrayInput + // The ID of the project in which the resource belongs. + // If it is not provided, the project will be parsed from the identifier of the parent resource. If no project is provided in the parent identifier and no project is specified, the provider project is used. + Project pulumi.StringPtrInput + // The role that should be applied. Only one + // `dataplex.EntryGroupIamBinding` can be used per role. Note that custom roles must be of the format + // `[projects|organizations]/{parent-name}/roles/{role-name}`. + Role pulumi.StringInput +} + +func (EntryGroupIamBindingArgs) ElementType() reflect.Type { + return reflect.TypeOf((*entryGroupIamBindingArgs)(nil)).Elem() +} + +type EntryGroupIamBindingInput interface { + pulumi.Input + + ToEntryGroupIamBindingOutput() EntryGroupIamBindingOutput + ToEntryGroupIamBindingOutputWithContext(ctx context.Context) EntryGroupIamBindingOutput +} + +func (*EntryGroupIamBinding) ElementType() reflect.Type { + return reflect.TypeOf((**EntryGroupIamBinding)(nil)).Elem() +} + +func (i *EntryGroupIamBinding) ToEntryGroupIamBindingOutput() EntryGroupIamBindingOutput { + return i.ToEntryGroupIamBindingOutputWithContext(context.Background()) +} + +func (i *EntryGroupIamBinding) ToEntryGroupIamBindingOutputWithContext(ctx context.Context) EntryGroupIamBindingOutput { + return pulumi.ToOutputWithContext(ctx, i).(EntryGroupIamBindingOutput) +} + +// EntryGroupIamBindingArrayInput is an input type that accepts EntryGroupIamBindingArray and EntryGroupIamBindingArrayOutput values. +// You can construct a concrete instance of `EntryGroupIamBindingArrayInput` via: +// +// EntryGroupIamBindingArray{ EntryGroupIamBindingArgs{...} } +type EntryGroupIamBindingArrayInput interface { + pulumi.Input + + ToEntryGroupIamBindingArrayOutput() EntryGroupIamBindingArrayOutput + ToEntryGroupIamBindingArrayOutputWithContext(context.Context) EntryGroupIamBindingArrayOutput +} + +type EntryGroupIamBindingArray []EntryGroupIamBindingInput + +func (EntryGroupIamBindingArray) ElementType() reflect.Type { + return reflect.TypeOf((*[]*EntryGroupIamBinding)(nil)).Elem() +} + +func (i EntryGroupIamBindingArray) ToEntryGroupIamBindingArrayOutput() EntryGroupIamBindingArrayOutput { + return i.ToEntryGroupIamBindingArrayOutputWithContext(context.Background()) +} + +func (i EntryGroupIamBindingArray) ToEntryGroupIamBindingArrayOutputWithContext(ctx context.Context) EntryGroupIamBindingArrayOutput { + return pulumi.ToOutputWithContext(ctx, i).(EntryGroupIamBindingArrayOutput) +} + +// EntryGroupIamBindingMapInput is an input type that accepts EntryGroupIamBindingMap and EntryGroupIamBindingMapOutput values. +// You can construct a concrete instance of `EntryGroupIamBindingMapInput` via: +// +// EntryGroupIamBindingMap{ "key": EntryGroupIamBindingArgs{...} } +type EntryGroupIamBindingMapInput interface { + pulumi.Input + + ToEntryGroupIamBindingMapOutput() EntryGroupIamBindingMapOutput + ToEntryGroupIamBindingMapOutputWithContext(context.Context) EntryGroupIamBindingMapOutput +} + +type EntryGroupIamBindingMap map[string]EntryGroupIamBindingInput + +func (EntryGroupIamBindingMap) ElementType() reflect.Type { + return reflect.TypeOf((*map[string]*EntryGroupIamBinding)(nil)).Elem() +} + +func (i EntryGroupIamBindingMap) ToEntryGroupIamBindingMapOutput() EntryGroupIamBindingMapOutput { + return i.ToEntryGroupIamBindingMapOutputWithContext(context.Background()) +} + +func (i EntryGroupIamBindingMap) ToEntryGroupIamBindingMapOutputWithContext(ctx context.Context) EntryGroupIamBindingMapOutput { + return pulumi.ToOutputWithContext(ctx, i).(EntryGroupIamBindingMapOutput) +} + +type EntryGroupIamBindingOutput struct{ *pulumi.OutputState } + +func (EntryGroupIamBindingOutput) ElementType() reflect.Type { + return reflect.TypeOf((**EntryGroupIamBinding)(nil)).Elem() +} + +func (o EntryGroupIamBindingOutput) ToEntryGroupIamBindingOutput() EntryGroupIamBindingOutput { + return o +} + +func (o EntryGroupIamBindingOutput) ToEntryGroupIamBindingOutputWithContext(ctx context.Context) EntryGroupIamBindingOutput { + return o +} + +func (o EntryGroupIamBindingOutput) Condition() EntryGroupIamBindingConditionPtrOutput { + return o.ApplyT(func(v *EntryGroupIamBinding) EntryGroupIamBindingConditionPtrOutput { return v.Condition }).(EntryGroupIamBindingConditionPtrOutput) +} + +func (o EntryGroupIamBindingOutput) EntryGroupId() pulumi.StringOutput { + return o.ApplyT(func(v *EntryGroupIamBinding) pulumi.StringOutput { return v.EntryGroupId }).(pulumi.StringOutput) +} + +// (Computed) The etag of the IAM policy. +func (o EntryGroupIamBindingOutput) Etag() pulumi.StringOutput { + return o.ApplyT(func(v *EntryGroupIamBinding) pulumi.StringOutput { return v.Etag }).(pulumi.StringOutput) +} + +// The location where entry group will be created in. +// Used to find the parent resource to bind the IAM policy to +func (o EntryGroupIamBindingOutput) Location() pulumi.StringOutput { + return o.ApplyT(func(v *EntryGroupIamBinding) pulumi.StringOutput { return v.Location }).(pulumi.StringOutput) +} + +// Identities that will be granted the privilege in `role`. +// Each entry can have one of the following values: +// * **allUsers**: A special identifier that represents anyone who is on the internet; with or without a Google account. +// * **allAuthenticatedUsers**: A special identifier that represents anyone who is authenticated with a Google account or a service account. +// * **user:{emailid}**: An email address that represents a specific Google account. For example, alice@gmail.com or joe@example.com. +// * **serviceAccount:{emailid}**: An email address that represents a service account. For example, my-other-app@appspot.gserviceaccount.com. +// * **group:{emailid}**: An email address that represents a Google group. For example, admins@example.com. +// * **domain:{domain}**: A G Suite domain (primary, instead of alias) name that represents all the users of that domain. For example, google.com or example.com. +// * **projectOwner:projectid**: Owners of the given project. For example, "projectOwner:my-example-project" +// * **projectEditor:projectid**: Editors of the given project. For example, "projectEditor:my-example-project" +// * **projectViewer:projectid**: Viewers of the given project. For example, "projectViewer:my-example-project" +func (o EntryGroupIamBindingOutput) Members() pulumi.StringArrayOutput { + return o.ApplyT(func(v *EntryGroupIamBinding) pulumi.StringArrayOutput { return v.Members }).(pulumi.StringArrayOutput) +} + +// The ID of the project in which the resource belongs. +// If it is not provided, the project will be parsed from the identifier of the parent resource. If no project is provided in the parent identifier and no project is specified, the provider project is used. +func (o EntryGroupIamBindingOutput) Project() pulumi.StringOutput { + return o.ApplyT(func(v *EntryGroupIamBinding) pulumi.StringOutput { return v.Project }).(pulumi.StringOutput) +} + +// The role that should be applied. Only one +// `dataplex.EntryGroupIamBinding` can be used per role. Note that custom roles must be of the format +// `[projects|organizations]/{parent-name}/roles/{role-name}`. +func (o EntryGroupIamBindingOutput) Role() pulumi.StringOutput { + return o.ApplyT(func(v *EntryGroupIamBinding) pulumi.StringOutput { return v.Role }).(pulumi.StringOutput) +} + +type EntryGroupIamBindingArrayOutput struct{ *pulumi.OutputState } + +func (EntryGroupIamBindingArrayOutput) ElementType() reflect.Type { + return reflect.TypeOf((*[]*EntryGroupIamBinding)(nil)).Elem() +} + +func (o EntryGroupIamBindingArrayOutput) ToEntryGroupIamBindingArrayOutput() EntryGroupIamBindingArrayOutput { + return o +} + +func (o EntryGroupIamBindingArrayOutput) ToEntryGroupIamBindingArrayOutputWithContext(ctx context.Context) EntryGroupIamBindingArrayOutput { + return o +} + +func (o EntryGroupIamBindingArrayOutput) Index(i pulumi.IntInput) EntryGroupIamBindingOutput { + return pulumi.All(o, i).ApplyT(func(vs []interface{}) *EntryGroupIamBinding { + return vs[0].([]*EntryGroupIamBinding)[vs[1].(int)] + }).(EntryGroupIamBindingOutput) +} + +type EntryGroupIamBindingMapOutput struct{ *pulumi.OutputState } + +func (EntryGroupIamBindingMapOutput) ElementType() reflect.Type { + return reflect.TypeOf((*map[string]*EntryGroupIamBinding)(nil)).Elem() +} + +func (o EntryGroupIamBindingMapOutput) ToEntryGroupIamBindingMapOutput() EntryGroupIamBindingMapOutput { + return o +} + +func (o EntryGroupIamBindingMapOutput) ToEntryGroupIamBindingMapOutputWithContext(ctx context.Context) EntryGroupIamBindingMapOutput { + return o +} + +func (o EntryGroupIamBindingMapOutput) MapIndex(k pulumi.StringInput) EntryGroupIamBindingOutput { + return pulumi.All(o, k).ApplyT(func(vs []interface{}) *EntryGroupIamBinding { + return vs[0].(map[string]*EntryGroupIamBinding)[vs[1].(string)] + }).(EntryGroupIamBindingOutput) +} + +func init() { + pulumi.RegisterInputType(reflect.TypeOf((*EntryGroupIamBindingInput)(nil)).Elem(), &EntryGroupIamBinding{}) + pulumi.RegisterInputType(reflect.TypeOf((*EntryGroupIamBindingArrayInput)(nil)).Elem(), EntryGroupIamBindingArray{}) + pulumi.RegisterInputType(reflect.TypeOf((*EntryGroupIamBindingMapInput)(nil)).Elem(), EntryGroupIamBindingMap{}) + pulumi.RegisterOutputType(EntryGroupIamBindingOutput{}) + pulumi.RegisterOutputType(EntryGroupIamBindingArrayOutput{}) + pulumi.RegisterOutputType(EntryGroupIamBindingMapOutput{}) +} diff --git a/sdk/go/gcp/dataplex/entryGroupIamMember.go b/sdk/go/gcp/dataplex/entryGroupIamMember.go new file mode 100644 index 0000000000..f388c4fc10 --- /dev/null +++ b/sdk/go/gcp/dataplex/entryGroupIamMember.go @@ -0,0 +1,643 @@ +// Code generated by the Pulumi Terraform Bridge (tfgen) Tool DO NOT EDIT. +// *** WARNING: Do not edit by hand unless you're certain you know what you are doing! *** + +package dataplex + +import ( + "context" + "reflect" + + "errors" + "github.com/pulumi/pulumi-gcp/sdk/v7/go/gcp/internal" + "github.com/pulumi/pulumi/sdk/v3/go/pulumi" +) + +// Three different resources help you manage your IAM policy for Dataplex EntryGroup. Each of these resources serves a different use case: +// +// * `dataplex.EntryGroupIamPolicy`: Authoritative. Sets the IAM policy for the entrygroup and replaces any existing policy already attached. +// * `dataplex.EntryGroupIamBinding`: Authoritative for a given role. Updates the IAM policy to grant a role to a list of members. Other roles within the IAM policy for the entrygroup are preserved. +// * `dataplex.EntryGroupIamMember`: Non-authoritative. Updates the IAM policy to grant a role to a new member. Other members for the role for the entrygroup are preserved. +// +// # A data source can be used to retrieve policy data in advent you do not need creation +// +// * `dataplex.EntryGroupIamPolicy`: Retrieves the IAM policy for the entrygroup +// +// > **Note:** `dataplex.EntryGroupIamPolicy` **cannot** be used in conjunction with `dataplex.EntryGroupIamBinding` and `dataplex.EntryGroupIamMember` or they will fight over what your policy should be. +// +// > **Note:** `dataplex.EntryGroupIamBinding` resources **can be** used in conjunction with `dataplex.EntryGroupIamMember` resources **only if** they do not grant privilege to the same role. +// +// ## dataplex.EntryGroupIamPolicy +// +// ```go +// package main +// +// import ( +// +// "github.com/pulumi/pulumi-gcp/sdk/v7/go/gcp/dataplex" +// "github.com/pulumi/pulumi-gcp/sdk/v7/go/gcp/organizations" +// "github.com/pulumi/pulumi/sdk/v3/go/pulumi" +// +// ) +// +// func main() { +// pulumi.Run(func(ctx *pulumi.Context) error { +// admin, err := organizations.LookupIAMPolicy(ctx, &organizations.LookupIAMPolicyArgs{ +// Bindings: []organizations.GetIAMPolicyBinding{ +// { +// Role: "roles/viewer", +// Members: []string{ +// "user:jane@example.com", +// }, +// }, +// }, +// }, nil) +// if err != nil { +// return err +// } +// _, err = dataplex.NewEntryGroupIamPolicy(ctx, "policy", &dataplex.EntryGroupIamPolicyArgs{ +// Project: pulumi.Any(testEntryGroupBasic.Project), +// Location: pulumi.Any(testEntryGroupBasic.Location), +// EntryGroupId: pulumi.Any(testEntryGroupBasic.EntryGroupId), +// PolicyData: pulumi.String(admin.PolicyData), +// }) +// if err != nil { +// return err +// } +// return nil +// }) +// } +// +// ``` +// +// ## dataplex.EntryGroupIamBinding +// +// ```go +// package main +// +// import ( +// +// "github.com/pulumi/pulumi-gcp/sdk/v7/go/gcp/dataplex" +// "github.com/pulumi/pulumi/sdk/v3/go/pulumi" +// +// ) +// +// func main() { +// pulumi.Run(func(ctx *pulumi.Context) error { +// _, err := dataplex.NewEntryGroupIamBinding(ctx, "binding", &dataplex.EntryGroupIamBindingArgs{ +// Project: pulumi.Any(testEntryGroupBasic.Project), +// Location: pulumi.Any(testEntryGroupBasic.Location), +// EntryGroupId: pulumi.Any(testEntryGroupBasic.EntryGroupId), +// Role: pulumi.String("roles/viewer"), +// Members: pulumi.StringArray{ +// pulumi.String("user:jane@example.com"), +// }, +// }) +// if err != nil { +// return err +// } +// return nil +// }) +// } +// +// ``` +// +// ## dataplex.EntryGroupIamMember +// +// ```go +// package main +// +// import ( +// +// "github.com/pulumi/pulumi-gcp/sdk/v7/go/gcp/dataplex" +// "github.com/pulumi/pulumi/sdk/v3/go/pulumi" +// +// ) +// +// func main() { +// pulumi.Run(func(ctx *pulumi.Context) error { +// _, err := dataplex.NewEntryGroupIamMember(ctx, "member", &dataplex.EntryGroupIamMemberArgs{ +// Project: pulumi.Any(testEntryGroupBasic.Project), +// Location: pulumi.Any(testEntryGroupBasic.Location), +// EntryGroupId: pulumi.Any(testEntryGroupBasic.EntryGroupId), +// Role: pulumi.String("roles/viewer"), +// Member: pulumi.String("user:jane@example.com"), +// }) +// if err != nil { +// return err +// } +// return nil +// }) +// } +// +// ``` +// +// ## dataplex.EntryGroupIamPolicy +// +// ```go +// package main +// +// import ( +// +// "github.com/pulumi/pulumi-gcp/sdk/v7/go/gcp/dataplex" +// "github.com/pulumi/pulumi-gcp/sdk/v7/go/gcp/organizations" +// "github.com/pulumi/pulumi/sdk/v3/go/pulumi" +// +// ) +// +// func main() { +// pulumi.Run(func(ctx *pulumi.Context) error { +// admin, err := organizations.LookupIAMPolicy(ctx, &organizations.LookupIAMPolicyArgs{ +// Bindings: []organizations.GetIAMPolicyBinding{ +// { +// Role: "roles/viewer", +// Members: []string{ +// "user:jane@example.com", +// }, +// }, +// }, +// }, nil) +// if err != nil { +// return err +// } +// _, err = dataplex.NewEntryGroupIamPolicy(ctx, "policy", &dataplex.EntryGroupIamPolicyArgs{ +// Project: pulumi.Any(testEntryGroupBasic.Project), +// Location: pulumi.Any(testEntryGroupBasic.Location), +// EntryGroupId: pulumi.Any(testEntryGroupBasic.EntryGroupId), +// PolicyData: pulumi.String(admin.PolicyData), +// }) +// if err != nil { +// return err +// } +// return nil +// }) +// } +// +// ``` +// +// ## dataplex.EntryGroupIamBinding +// +// ```go +// package main +// +// import ( +// +// "github.com/pulumi/pulumi-gcp/sdk/v7/go/gcp/dataplex" +// "github.com/pulumi/pulumi/sdk/v3/go/pulumi" +// +// ) +// +// func main() { +// pulumi.Run(func(ctx *pulumi.Context) error { +// _, err := dataplex.NewEntryGroupIamBinding(ctx, "binding", &dataplex.EntryGroupIamBindingArgs{ +// Project: pulumi.Any(testEntryGroupBasic.Project), +// Location: pulumi.Any(testEntryGroupBasic.Location), +// EntryGroupId: pulumi.Any(testEntryGroupBasic.EntryGroupId), +// Role: pulumi.String("roles/viewer"), +// Members: pulumi.StringArray{ +// pulumi.String("user:jane@example.com"), +// }, +// }) +// if err != nil { +// return err +// } +// return nil +// }) +// } +// +// ``` +// +// ## dataplex.EntryGroupIamMember +// +// ```go +// package main +// +// import ( +// +// "github.com/pulumi/pulumi-gcp/sdk/v7/go/gcp/dataplex" +// "github.com/pulumi/pulumi/sdk/v3/go/pulumi" +// +// ) +// +// func main() { +// pulumi.Run(func(ctx *pulumi.Context) error { +// _, err := dataplex.NewEntryGroupIamMember(ctx, "member", &dataplex.EntryGroupIamMemberArgs{ +// Project: pulumi.Any(testEntryGroupBasic.Project), +// Location: pulumi.Any(testEntryGroupBasic.Location), +// EntryGroupId: pulumi.Any(testEntryGroupBasic.EntryGroupId), +// Role: pulumi.String("roles/viewer"), +// Member: pulumi.String("user:jane@example.com"), +// }) +// if err != nil { +// return err +// } +// return nil +// }) +// } +// +// ``` +// +// ## Import +// +// For all import syntaxes, the "resource in question" can take any of the following forms: +// +// * projects/{{project}}/locations/{{location}}/entryGroups/{{entry_group_id}} +// +// * {{project}}/{{location}}/{{entry_group_id}} +// +// * {{location}}/{{entry_group_id}} +// +// * {{entry_group_id}} +// +// Any variables not passed in the import command will be taken from the provider configuration. +// +// Dataplex entrygroup IAM resources can be imported using the resource identifiers, role, and member. +// +// IAM member imports use space-delimited identifiers: the resource in question, the role, and the member identity, e.g. +// +// ```sh +// $ pulumi import gcp:dataplex/entryGroupIamMember:EntryGroupIamMember editor "projects/{{project}}/locations/{{location}}/entryGroups/{{entry_group_id}} roles/viewer user:jane@example.com" +// ``` +// +// IAM binding imports use space-delimited identifiers: the resource in question and the role, e.g. +// +// ```sh +// $ pulumi import gcp:dataplex/entryGroupIamMember:EntryGroupIamMember editor "projects/{{project}}/locations/{{location}}/entryGroups/{{entry_group_id}} roles/viewer" +// ``` +// +// IAM policy imports use the identifier of the resource in question, e.g. +// +// ```sh +// $ pulumi import gcp:dataplex/entryGroupIamMember:EntryGroupIamMember editor projects/{{project}}/locations/{{location}}/entryGroups/{{entry_group_id}} +// ``` +// +// -> **Custom Roles**: If you're importing a IAM resource with a custom role, make sure to use the +// +// full name of the custom role, e.g. `[projects/my-project|organizations/my-org]/roles/my-custom-role`. +type EntryGroupIamMember struct { + pulumi.CustomResourceState + + Condition EntryGroupIamMemberConditionPtrOutput `pulumi:"condition"` + EntryGroupId pulumi.StringOutput `pulumi:"entryGroupId"` + // (Computed) The etag of the IAM policy. + Etag pulumi.StringOutput `pulumi:"etag"` + // The location where entry group will be created in. + // Used to find the parent resource to bind the IAM policy to + Location pulumi.StringOutput `pulumi:"location"` + // Identities that will be granted the privilege in `role`. + // Each entry can have one of the following values: + // * **allUsers**: A special identifier that represents anyone who is on the internet; with or without a Google account. + // * **allAuthenticatedUsers**: A special identifier that represents anyone who is authenticated with a Google account or a service account. + // * **user:{emailid}**: An email address that represents a specific Google account. For example, alice@gmail.com or joe@example.com. + // * **serviceAccount:{emailid}**: An email address that represents a service account. For example, my-other-app@appspot.gserviceaccount.com. + // * **group:{emailid}**: An email address that represents a Google group. For example, admins@example.com. + // * **domain:{domain}**: A G Suite domain (primary, instead of alias) name that represents all the users of that domain. For example, google.com or example.com. + // * **projectOwner:projectid**: Owners of the given project. For example, "projectOwner:my-example-project" + // * **projectEditor:projectid**: Editors of the given project. For example, "projectEditor:my-example-project" + // * **projectViewer:projectid**: Viewers of the given project. For example, "projectViewer:my-example-project" + Member pulumi.StringOutput `pulumi:"member"` + // The ID of the project in which the resource belongs. + // If it is not provided, the project will be parsed from the identifier of the parent resource. If no project is provided in the parent identifier and no project is specified, the provider project is used. + Project pulumi.StringOutput `pulumi:"project"` + // The role that should be applied. Only one + // `dataplex.EntryGroupIamBinding` can be used per role. Note that custom roles must be of the format + // `[projects|organizations]/{parent-name}/roles/{role-name}`. + Role pulumi.StringOutput `pulumi:"role"` +} + +// NewEntryGroupIamMember registers a new resource with the given unique name, arguments, and options. +func NewEntryGroupIamMember(ctx *pulumi.Context, + name string, args *EntryGroupIamMemberArgs, opts ...pulumi.ResourceOption) (*EntryGroupIamMember, error) { + if args == nil { + return nil, errors.New("missing one or more required arguments") + } + + if args.EntryGroupId == nil { + return nil, errors.New("invalid value for required argument 'EntryGroupId'") + } + if args.Member == nil { + return nil, errors.New("invalid value for required argument 'Member'") + } + if args.Role == nil { + return nil, errors.New("invalid value for required argument 'Role'") + } + opts = internal.PkgResourceDefaultOpts(opts) + var resource EntryGroupIamMember + err := ctx.RegisterResource("gcp:dataplex/entryGroupIamMember:EntryGroupIamMember", name, args, &resource, opts...) + if err != nil { + return nil, err + } + return &resource, nil +} + +// GetEntryGroupIamMember gets an existing EntryGroupIamMember resource's state with the given name, ID, and optional +// state properties that are used to uniquely qualify the lookup (nil if not required). +func GetEntryGroupIamMember(ctx *pulumi.Context, + name string, id pulumi.IDInput, state *EntryGroupIamMemberState, opts ...pulumi.ResourceOption) (*EntryGroupIamMember, error) { + var resource EntryGroupIamMember + err := ctx.ReadResource("gcp:dataplex/entryGroupIamMember:EntryGroupIamMember", name, id, state, &resource, opts...) + if err != nil { + return nil, err + } + return &resource, nil +} + +// Input properties used for looking up and filtering EntryGroupIamMember resources. +type entryGroupIamMemberState struct { + Condition *EntryGroupIamMemberCondition `pulumi:"condition"` + EntryGroupId *string `pulumi:"entryGroupId"` + // (Computed) The etag of the IAM policy. + Etag *string `pulumi:"etag"` + // The location where entry group will be created in. + // Used to find the parent resource to bind the IAM policy to + Location *string `pulumi:"location"` + // Identities that will be granted the privilege in `role`. + // Each entry can have one of the following values: + // * **allUsers**: A special identifier that represents anyone who is on the internet; with or without a Google account. + // * **allAuthenticatedUsers**: A special identifier that represents anyone who is authenticated with a Google account or a service account. + // * **user:{emailid}**: An email address that represents a specific Google account. For example, alice@gmail.com or joe@example.com. + // * **serviceAccount:{emailid}**: An email address that represents a service account. For example, my-other-app@appspot.gserviceaccount.com. + // * **group:{emailid}**: An email address that represents a Google group. For example, admins@example.com. + // * **domain:{domain}**: A G Suite domain (primary, instead of alias) name that represents all the users of that domain. For example, google.com or example.com. + // * **projectOwner:projectid**: Owners of the given project. For example, "projectOwner:my-example-project" + // * **projectEditor:projectid**: Editors of the given project. For example, "projectEditor:my-example-project" + // * **projectViewer:projectid**: Viewers of the given project. For example, "projectViewer:my-example-project" + Member *string `pulumi:"member"` + // The ID of the project in which the resource belongs. + // If it is not provided, the project will be parsed from the identifier of the parent resource. If no project is provided in the parent identifier and no project is specified, the provider project is used. + Project *string `pulumi:"project"` + // The role that should be applied. Only one + // `dataplex.EntryGroupIamBinding` can be used per role. Note that custom roles must be of the format + // `[projects|organizations]/{parent-name}/roles/{role-name}`. + Role *string `pulumi:"role"` +} + +type EntryGroupIamMemberState struct { + Condition EntryGroupIamMemberConditionPtrInput + EntryGroupId pulumi.StringPtrInput + // (Computed) The etag of the IAM policy. + Etag pulumi.StringPtrInput + // The location where entry group will be created in. + // Used to find the parent resource to bind the IAM policy to + Location pulumi.StringPtrInput + // Identities that will be granted the privilege in `role`. + // Each entry can have one of the following values: + // * **allUsers**: A special identifier that represents anyone who is on the internet; with or without a Google account. + // * **allAuthenticatedUsers**: A special identifier that represents anyone who is authenticated with a Google account or a service account. + // * **user:{emailid}**: An email address that represents a specific Google account. For example, alice@gmail.com or joe@example.com. + // * **serviceAccount:{emailid}**: An email address that represents a service account. For example, my-other-app@appspot.gserviceaccount.com. + // * **group:{emailid}**: An email address that represents a Google group. For example, admins@example.com. + // * **domain:{domain}**: A G Suite domain (primary, instead of alias) name that represents all the users of that domain. For example, google.com or example.com. + // * **projectOwner:projectid**: Owners of the given project. For example, "projectOwner:my-example-project" + // * **projectEditor:projectid**: Editors of the given project. For example, "projectEditor:my-example-project" + // * **projectViewer:projectid**: Viewers of the given project. For example, "projectViewer:my-example-project" + Member pulumi.StringPtrInput + // The ID of the project in which the resource belongs. + // If it is not provided, the project will be parsed from the identifier of the parent resource. If no project is provided in the parent identifier and no project is specified, the provider project is used. + Project pulumi.StringPtrInput + // The role that should be applied. Only one + // `dataplex.EntryGroupIamBinding` can be used per role. Note that custom roles must be of the format + // `[projects|organizations]/{parent-name}/roles/{role-name}`. + Role pulumi.StringPtrInput +} + +func (EntryGroupIamMemberState) ElementType() reflect.Type { + return reflect.TypeOf((*entryGroupIamMemberState)(nil)).Elem() +} + +type entryGroupIamMemberArgs struct { + Condition *EntryGroupIamMemberCondition `pulumi:"condition"` + EntryGroupId string `pulumi:"entryGroupId"` + // The location where entry group will be created in. + // Used to find the parent resource to bind the IAM policy to + Location *string `pulumi:"location"` + // Identities that will be granted the privilege in `role`. + // Each entry can have one of the following values: + // * **allUsers**: A special identifier that represents anyone who is on the internet; with or without a Google account. + // * **allAuthenticatedUsers**: A special identifier that represents anyone who is authenticated with a Google account or a service account. + // * **user:{emailid}**: An email address that represents a specific Google account. For example, alice@gmail.com or joe@example.com. + // * **serviceAccount:{emailid}**: An email address that represents a service account. For example, my-other-app@appspot.gserviceaccount.com. + // * **group:{emailid}**: An email address that represents a Google group. For example, admins@example.com. + // * **domain:{domain}**: A G Suite domain (primary, instead of alias) name that represents all the users of that domain. For example, google.com or example.com. + // * **projectOwner:projectid**: Owners of the given project. For example, "projectOwner:my-example-project" + // * **projectEditor:projectid**: Editors of the given project. For example, "projectEditor:my-example-project" + // * **projectViewer:projectid**: Viewers of the given project. For example, "projectViewer:my-example-project" + Member string `pulumi:"member"` + // The ID of the project in which the resource belongs. + // If it is not provided, the project will be parsed from the identifier of the parent resource. If no project is provided in the parent identifier and no project is specified, the provider project is used. + Project *string `pulumi:"project"` + // The role that should be applied. Only one + // `dataplex.EntryGroupIamBinding` can be used per role. Note that custom roles must be of the format + // `[projects|organizations]/{parent-name}/roles/{role-name}`. + Role string `pulumi:"role"` +} + +// The set of arguments for constructing a EntryGroupIamMember resource. +type EntryGroupIamMemberArgs struct { + Condition EntryGroupIamMemberConditionPtrInput + EntryGroupId pulumi.StringInput + // The location where entry group will be created in. + // Used to find the parent resource to bind the IAM policy to + Location pulumi.StringPtrInput + // Identities that will be granted the privilege in `role`. + // Each entry can have one of the following values: + // * **allUsers**: A special identifier that represents anyone who is on the internet; with or without a Google account. + // * **allAuthenticatedUsers**: A special identifier that represents anyone who is authenticated with a Google account or a service account. + // * **user:{emailid}**: An email address that represents a specific Google account. For example, alice@gmail.com or joe@example.com. + // * **serviceAccount:{emailid}**: An email address that represents a service account. For example, my-other-app@appspot.gserviceaccount.com. + // * **group:{emailid}**: An email address that represents a Google group. For example, admins@example.com. + // * **domain:{domain}**: A G Suite domain (primary, instead of alias) name that represents all the users of that domain. For example, google.com or example.com. + // * **projectOwner:projectid**: Owners of the given project. For example, "projectOwner:my-example-project" + // * **projectEditor:projectid**: Editors of the given project. For example, "projectEditor:my-example-project" + // * **projectViewer:projectid**: Viewers of the given project. For example, "projectViewer:my-example-project" + Member pulumi.StringInput + // The ID of the project in which the resource belongs. + // If it is not provided, the project will be parsed from the identifier of the parent resource. If no project is provided in the parent identifier and no project is specified, the provider project is used. + Project pulumi.StringPtrInput + // The role that should be applied. Only one + // `dataplex.EntryGroupIamBinding` can be used per role. Note that custom roles must be of the format + // `[projects|organizations]/{parent-name}/roles/{role-name}`. + Role pulumi.StringInput +} + +func (EntryGroupIamMemberArgs) ElementType() reflect.Type { + return reflect.TypeOf((*entryGroupIamMemberArgs)(nil)).Elem() +} + +type EntryGroupIamMemberInput interface { + pulumi.Input + + ToEntryGroupIamMemberOutput() EntryGroupIamMemberOutput + ToEntryGroupIamMemberOutputWithContext(ctx context.Context) EntryGroupIamMemberOutput +} + +func (*EntryGroupIamMember) ElementType() reflect.Type { + return reflect.TypeOf((**EntryGroupIamMember)(nil)).Elem() +} + +func (i *EntryGroupIamMember) ToEntryGroupIamMemberOutput() EntryGroupIamMemberOutput { + return i.ToEntryGroupIamMemberOutputWithContext(context.Background()) +} + +func (i *EntryGroupIamMember) ToEntryGroupIamMemberOutputWithContext(ctx context.Context) EntryGroupIamMemberOutput { + return pulumi.ToOutputWithContext(ctx, i).(EntryGroupIamMemberOutput) +} + +// EntryGroupIamMemberArrayInput is an input type that accepts EntryGroupIamMemberArray and EntryGroupIamMemberArrayOutput values. +// You can construct a concrete instance of `EntryGroupIamMemberArrayInput` via: +// +// EntryGroupIamMemberArray{ EntryGroupIamMemberArgs{...} } +type EntryGroupIamMemberArrayInput interface { + pulumi.Input + + ToEntryGroupIamMemberArrayOutput() EntryGroupIamMemberArrayOutput + ToEntryGroupIamMemberArrayOutputWithContext(context.Context) EntryGroupIamMemberArrayOutput +} + +type EntryGroupIamMemberArray []EntryGroupIamMemberInput + +func (EntryGroupIamMemberArray) ElementType() reflect.Type { + return reflect.TypeOf((*[]*EntryGroupIamMember)(nil)).Elem() +} + +func (i EntryGroupIamMemberArray) ToEntryGroupIamMemberArrayOutput() EntryGroupIamMemberArrayOutput { + return i.ToEntryGroupIamMemberArrayOutputWithContext(context.Background()) +} + +func (i EntryGroupIamMemberArray) ToEntryGroupIamMemberArrayOutputWithContext(ctx context.Context) EntryGroupIamMemberArrayOutput { + return pulumi.ToOutputWithContext(ctx, i).(EntryGroupIamMemberArrayOutput) +} + +// EntryGroupIamMemberMapInput is an input type that accepts EntryGroupIamMemberMap and EntryGroupIamMemberMapOutput values. +// You can construct a concrete instance of `EntryGroupIamMemberMapInput` via: +// +// EntryGroupIamMemberMap{ "key": EntryGroupIamMemberArgs{...} } +type EntryGroupIamMemberMapInput interface { + pulumi.Input + + ToEntryGroupIamMemberMapOutput() EntryGroupIamMemberMapOutput + ToEntryGroupIamMemberMapOutputWithContext(context.Context) EntryGroupIamMemberMapOutput +} + +type EntryGroupIamMemberMap map[string]EntryGroupIamMemberInput + +func (EntryGroupIamMemberMap) ElementType() reflect.Type { + return reflect.TypeOf((*map[string]*EntryGroupIamMember)(nil)).Elem() +} + +func (i EntryGroupIamMemberMap) ToEntryGroupIamMemberMapOutput() EntryGroupIamMemberMapOutput { + return i.ToEntryGroupIamMemberMapOutputWithContext(context.Background()) +} + +func (i EntryGroupIamMemberMap) ToEntryGroupIamMemberMapOutputWithContext(ctx context.Context) EntryGroupIamMemberMapOutput { + return pulumi.ToOutputWithContext(ctx, i).(EntryGroupIamMemberMapOutput) +} + +type EntryGroupIamMemberOutput struct{ *pulumi.OutputState } + +func (EntryGroupIamMemberOutput) ElementType() reflect.Type { + return reflect.TypeOf((**EntryGroupIamMember)(nil)).Elem() +} + +func (o EntryGroupIamMemberOutput) ToEntryGroupIamMemberOutput() EntryGroupIamMemberOutput { + return o +} + +func (o EntryGroupIamMemberOutput) ToEntryGroupIamMemberOutputWithContext(ctx context.Context) EntryGroupIamMemberOutput { + return o +} + +func (o EntryGroupIamMemberOutput) Condition() EntryGroupIamMemberConditionPtrOutput { + return o.ApplyT(func(v *EntryGroupIamMember) EntryGroupIamMemberConditionPtrOutput { return v.Condition }).(EntryGroupIamMemberConditionPtrOutput) +} + +func (o EntryGroupIamMemberOutput) EntryGroupId() pulumi.StringOutput { + return o.ApplyT(func(v *EntryGroupIamMember) pulumi.StringOutput { return v.EntryGroupId }).(pulumi.StringOutput) +} + +// (Computed) The etag of the IAM policy. +func (o EntryGroupIamMemberOutput) Etag() pulumi.StringOutput { + return o.ApplyT(func(v *EntryGroupIamMember) pulumi.StringOutput { return v.Etag }).(pulumi.StringOutput) +} + +// The location where entry group will be created in. +// Used to find the parent resource to bind the IAM policy to +func (o EntryGroupIamMemberOutput) Location() pulumi.StringOutput { + return o.ApplyT(func(v *EntryGroupIamMember) pulumi.StringOutput { return v.Location }).(pulumi.StringOutput) +} + +// Identities that will be granted the privilege in `role`. +// Each entry can have one of the following values: +// * **allUsers**: A special identifier that represents anyone who is on the internet; with or without a Google account. +// * **allAuthenticatedUsers**: A special identifier that represents anyone who is authenticated with a Google account or a service account. +// * **user:{emailid}**: An email address that represents a specific Google account. For example, alice@gmail.com or joe@example.com. +// * **serviceAccount:{emailid}**: An email address that represents a service account. For example, my-other-app@appspot.gserviceaccount.com. +// * **group:{emailid}**: An email address that represents a Google group. For example, admins@example.com. +// * **domain:{domain}**: A G Suite domain (primary, instead of alias) name that represents all the users of that domain. For example, google.com or example.com. +// * **projectOwner:projectid**: Owners of the given project. For example, "projectOwner:my-example-project" +// * **projectEditor:projectid**: Editors of the given project. For example, "projectEditor:my-example-project" +// * **projectViewer:projectid**: Viewers of the given project. For example, "projectViewer:my-example-project" +func (o EntryGroupIamMemberOutput) Member() pulumi.StringOutput { + return o.ApplyT(func(v *EntryGroupIamMember) pulumi.StringOutput { return v.Member }).(pulumi.StringOutput) +} + +// The ID of the project in which the resource belongs. +// If it is not provided, the project will be parsed from the identifier of the parent resource. If no project is provided in the parent identifier and no project is specified, the provider project is used. +func (o EntryGroupIamMemberOutput) Project() pulumi.StringOutput { + return o.ApplyT(func(v *EntryGroupIamMember) pulumi.StringOutput { return v.Project }).(pulumi.StringOutput) +} + +// The role that should be applied. Only one +// `dataplex.EntryGroupIamBinding` can be used per role. Note that custom roles must be of the format +// `[projects|organizations]/{parent-name}/roles/{role-name}`. +func (o EntryGroupIamMemberOutput) Role() pulumi.StringOutput { + return o.ApplyT(func(v *EntryGroupIamMember) pulumi.StringOutput { return v.Role }).(pulumi.StringOutput) +} + +type EntryGroupIamMemberArrayOutput struct{ *pulumi.OutputState } + +func (EntryGroupIamMemberArrayOutput) ElementType() reflect.Type { + return reflect.TypeOf((*[]*EntryGroupIamMember)(nil)).Elem() +} + +func (o EntryGroupIamMemberArrayOutput) ToEntryGroupIamMemberArrayOutput() EntryGroupIamMemberArrayOutput { + return o +} + +func (o EntryGroupIamMemberArrayOutput) ToEntryGroupIamMemberArrayOutputWithContext(ctx context.Context) EntryGroupIamMemberArrayOutput { + return o +} + +func (o EntryGroupIamMemberArrayOutput) Index(i pulumi.IntInput) EntryGroupIamMemberOutput { + return pulumi.All(o, i).ApplyT(func(vs []interface{}) *EntryGroupIamMember { + return vs[0].([]*EntryGroupIamMember)[vs[1].(int)] + }).(EntryGroupIamMemberOutput) +} + +type EntryGroupIamMemberMapOutput struct{ *pulumi.OutputState } + +func (EntryGroupIamMemberMapOutput) ElementType() reflect.Type { + return reflect.TypeOf((*map[string]*EntryGroupIamMember)(nil)).Elem() +} + +func (o EntryGroupIamMemberMapOutput) ToEntryGroupIamMemberMapOutput() EntryGroupIamMemberMapOutput { + return o +} + +func (o EntryGroupIamMemberMapOutput) ToEntryGroupIamMemberMapOutputWithContext(ctx context.Context) EntryGroupIamMemberMapOutput { + return o +} + +func (o EntryGroupIamMemberMapOutput) MapIndex(k pulumi.StringInput) EntryGroupIamMemberOutput { + return pulumi.All(o, k).ApplyT(func(vs []interface{}) *EntryGroupIamMember { + return vs[0].(map[string]*EntryGroupIamMember)[vs[1].(string)] + }).(EntryGroupIamMemberOutput) +} + +func init() { + pulumi.RegisterInputType(reflect.TypeOf((*EntryGroupIamMemberInput)(nil)).Elem(), &EntryGroupIamMember{}) + pulumi.RegisterInputType(reflect.TypeOf((*EntryGroupIamMemberArrayInput)(nil)).Elem(), EntryGroupIamMemberArray{}) + pulumi.RegisterInputType(reflect.TypeOf((*EntryGroupIamMemberMapInput)(nil)).Elem(), EntryGroupIamMemberMap{}) + pulumi.RegisterOutputType(EntryGroupIamMemberOutput{}) + pulumi.RegisterOutputType(EntryGroupIamMemberArrayOutput{}) + pulumi.RegisterOutputType(EntryGroupIamMemberMapOutput{}) +} diff --git a/sdk/go/gcp/dataplex/entryGroupIamPolicy.go b/sdk/go/gcp/dataplex/entryGroupIamPolicy.go new file mode 100644 index 0000000000..b2f24bc22e --- /dev/null +++ b/sdk/go/gcp/dataplex/entryGroupIamPolicy.go @@ -0,0 +1,550 @@ +// Code generated by the Pulumi Terraform Bridge (tfgen) Tool DO NOT EDIT. +// *** WARNING: Do not edit by hand unless you're certain you know what you are doing! *** + +package dataplex + +import ( + "context" + "reflect" + + "errors" + "github.com/pulumi/pulumi-gcp/sdk/v7/go/gcp/internal" + "github.com/pulumi/pulumi/sdk/v3/go/pulumi" +) + +// Three different resources help you manage your IAM policy for Dataplex EntryGroup. Each of these resources serves a different use case: +// +// * `dataplex.EntryGroupIamPolicy`: Authoritative. Sets the IAM policy for the entrygroup and replaces any existing policy already attached. +// * `dataplex.EntryGroupIamBinding`: Authoritative for a given role. Updates the IAM policy to grant a role to a list of members. Other roles within the IAM policy for the entrygroup are preserved. +// * `dataplex.EntryGroupIamMember`: Non-authoritative. Updates the IAM policy to grant a role to a new member. Other members for the role for the entrygroup are preserved. +// +// # A data source can be used to retrieve policy data in advent you do not need creation +// +// * `dataplex.EntryGroupIamPolicy`: Retrieves the IAM policy for the entrygroup +// +// > **Note:** `dataplex.EntryGroupIamPolicy` **cannot** be used in conjunction with `dataplex.EntryGroupIamBinding` and `dataplex.EntryGroupIamMember` or they will fight over what your policy should be. +// +// > **Note:** `dataplex.EntryGroupIamBinding` resources **can be** used in conjunction with `dataplex.EntryGroupIamMember` resources **only if** they do not grant privilege to the same role. +// +// ## dataplex.EntryGroupIamPolicy +// +// ```go +// package main +// +// import ( +// +// "github.com/pulumi/pulumi-gcp/sdk/v7/go/gcp/dataplex" +// "github.com/pulumi/pulumi-gcp/sdk/v7/go/gcp/organizations" +// "github.com/pulumi/pulumi/sdk/v3/go/pulumi" +// +// ) +// +// func main() { +// pulumi.Run(func(ctx *pulumi.Context) error { +// admin, err := organizations.LookupIAMPolicy(ctx, &organizations.LookupIAMPolicyArgs{ +// Bindings: []organizations.GetIAMPolicyBinding{ +// { +// Role: "roles/viewer", +// Members: []string{ +// "user:jane@example.com", +// }, +// }, +// }, +// }, nil) +// if err != nil { +// return err +// } +// _, err = dataplex.NewEntryGroupIamPolicy(ctx, "policy", &dataplex.EntryGroupIamPolicyArgs{ +// Project: pulumi.Any(testEntryGroupBasic.Project), +// Location: pulumi.Any(testEntryGroupBasic.Location), +// EntryGroupId: pulumi.Any(testEntryGroupBasic.EntryGroupId), +// PolicyData: pulumi.String(admin.PolicyData), +// }) +// if err != nil { +// return err +// } +// return nil +// }) +// } +// +// ``` +// +// ## dataplex.EntryGroupIamBinding +// +// ```go +// package main +// +// import ( +// +// "github.com/pulumi/pulumi-gcp/sdk/v7/go/gcp/dataplex" +// "github.com/pulumi/pulumi/sdk/v3/go/pulumi" +// +// ) +// +// func main() { +// pulumi.Run(func(ctx *pulumi.Context) error { +// _, err := dataplex.NewEntryGroupIamBinding(ctx, "binding", &dataplex.EntryGroupIamBindingArgs{ +// Project: pulumi.Any(testEntryGroupBasic.Project), +// Location: pulumi.Any(testEntryGroupBasic.Location), +// EntryGroupId: pulumi.Any(testEntryGroupBasic.EntryGroupId), +// Role: pulumi.String("roles/viewer"), +// Members: pulumi.StringArray{ +// pulumi.String("user:jane@example.com"), +// }, +// }) +// if err != nil { +// return err +// } +// return nil +// }) +// } +// +// ``` +// +// ## dataplex.EntryGroupIamMember +// +// ```go +// package main +// +// import ( +// +// "github.com/pulumi/pulumi-gcp/sdk/v7/go/gcp/dataplex" +// "github.com/pulumi/pulumi/sdk/v3/go/pulumi" +// +// ) +// +// func main() { +// pulumi.Run(func(ctx *pulumi.Context) error { +// _, err := dataplex.NewEntryGroupIamMember(ctx, "member", &dataplex.EntryGroupIamMemberArgs{ +// Project: pulumi.Any(testEntryGroupBasic.Project), +// Location: pulumi.Any(testEntryGroupBasic.Location), +// EntryGroupId: pulumi.Any(testEntryGroupBasic.EntryGroupId), +// Role: pulumi.String("roles/viewer"), +// Member: pulumi.String("user:jane@example.com"), +// }) +// if err != nil { +// return err +// } +// return nil +// }) +// } +// +// ``` +// +// ## dataplex.EntryGroupIamPolicy +// +// ```go +// package main +// +// import ( +// +// "github.com/pulumi/pulumi-gcp/sdk/v7/go/gcp/dataplex" +// "github.com/pulumi/pulumi-gcp/sdk/v7/go/gcp/organizations" +// "github.com/pulumi/pulumi/sdk/v3/go/pulumi" +// +// ) +// +// func main() { +// pulumi.Run(func(ctx *pulumi.Context) error { +// admin, err := organizations.LookupIAMPolicy(ctx, &organizations.LookupIAMPolicyArgs{ +// Bindings: []organizations.GetIAMPolicyBinding{ +// { +// Role: "roles/viewer", +// Members: []string{ +// "user:jane@example.com", +// }, +// }, +// }, +// }, nil) +// if err != nil { +// return err +// } +// _, err = dataplex.NewEntryGroupIamPolicy(ctx, "policy", &dataplex.EntryGroupIamPolicyArgs{ +// Project: pulumi.Any(testEntryGroupBasic.Project), +// Location: pulumi.Any(testEntryGroupBasic.Location), +// EntryGroupId: pulumi.Any(testEntryGroupBasic.EntryGroupId), +// PolicyData: pulumi.String(admin.PolicyData), +// }) +// if err != nil { +// return err +// } +// return nil +// }) +// } +// +// ``` +// +// ## dataplex.EntryGroupIamBinding +// +// ```go +// package main +// +// import ( +// +// "github.com/pulumi/pulumi-gcp/sdk/v7/go/gcp/dataplex" +// "github.com/pulumi/pulumi/sdk/v3/go/pulumi" +// +// ) +// +// func main() { +// pulumi.Run(func(ctx *pulumi.Context) error { +// _, err := dataplex.NewEntryGroupIamBinding(ctx, "binding", &dataplex.EntryGroupIamBindingArgs{ +// Project: pulumi.Any(testEntryGroupBasic.Project), +// Location: pulumi.Any(testEntryGroupBasic.Location), +// EntryGroupId: pulumi.Any(testEntryGroupBasic.EntryGroupId), +// Role: pulumi.String("roles/viewer"), +// Members: pulumi.StringArray{ +// pulumi.String("user:jane@example.com"), +// }, +// }) +// if err != nil { +// return err +// } +// return nil +// }) +// } +// +// ``` +// +// ## dataplex.EntryGroupIamMember +// +// ```go +// package main +// +// import ( +// +// "github.com/pulumi/pulumi-gcp/sdk/v7/go/gcp/dataplex" +// "github.com/pulumi/pulumi/sdk/v3/go/pulumi" +// +// ) +// +// func main() { +// pulumi.Run(func(ctx *pulumi.Context) error { +// _, err := dataplex.NewEntryGroupIamMember(ctx, "member", &dataplex.EntryGroupIamMemberArgs{ +// Project: pulumi.Any(testEntryGroupBasic.Project), +// Location: pulumi.Any(testEntryGroupBasic.Location), +// EntryGroupId: pulumi.Any(testEntryGroupBasic.EntryGroupId), +// Role: pulumi.String("roles/viewer"), +// Member: pulumi.String("user:jane@example.com"), +// }) +// if err != nil { +// return err +// } +// return nil +// }) +// } +// +// ``` +// +// ## Import +// +// For all import syntaxes, the "resource in question" can take any of the following forms: +// +// * projects/{{project}}/locations/{{location}}/entryGroups/{{entry_group_id}} +// +// * {{project}}/{{location}}/{{entry_group_id}} +// +// * {{location}}/{{entry_group_id}} +// +// * {{entry_group_id}} +// +// Any variables not passed in the import command will be taken from the provider configuration. +// +// Dataplex entrygroup IAM resources can be imported using the resource identifiers, role, and member. +// +// IAM member imports use space-delimited identifiers: the resource in question, the role, and the member identity, e.g. +// +// ```sh +// $ pulumi import gcp:dataplex/entryGroupIamPolicy:EntryGroupIamPolicy editor "projects/{{project}}/locations/{{location}}/entryGroups/{{entry_group_id}} roles/viewer user:jane@example.com" +// ``` +// +// IAM binding imports use space-delimited identifiers: the resource in question and the role, e.g. +// +// ```sh +// $ pulumi import gcp:dataplex/entryGroupIamPolicy:EntryGroupIamPolicy editor "projects/{{project}}/locations/{{location}}/entryGroups/{{entry_group_id}} roles/viewer" +// ``` +// +// IAM policy imports use the identifier of the resource in question, e.g. +// +// ```sh +// $ pulumi import gcp:dataplex/entryGroupIamPolicy:EntryGroupIamPolicy editor projects/{{project}}/locations/{{location}}/entryGroups/{{entry_group_id}} +// ``` +// +// -> **Custom Roles**: If you're importing a IAM resource with a custom role, make sure to use the +// +// full name of the custom role, e.g. `[projects/my-project|organizations/my-org]/roles/my-custom-role`. +type EntryGroupIamPolicy struct { + pulumi.CustomResourceState + + EntryGroupId pulumi.StringOutput `pulumi:"entryGroupId"` + // (Computed) The etag of the IAM policy. + Etag pulumi.StringOutput `pulumi:"etag"` + // The location where entry group will be created in. + // Used to find the parent resource to bind the IAM policy to + Location pulumi.StringOutput `pulumi:"location"` + // The policy data generated by + // a `organizations.getIAMPolicy` data source. + PolicyData pulumi.StringOutput `pulumi:"policyData"` + // The ID of the project in which the resource belongs. + // If it is not provided, the project will be parsed from the identifier of the parent resource. If no project is provided in the parent identifier and no project is specified, the provider project is used. + Project pulumi.StringOutput `pulumi:"project"` +} + +// NewEntryGroupIamPolicy registers a new resource with the given unique name, arguments, and options. +func NewEntryGroupIamPolicy(ctx *pulumi.Context, + name string, args *EntryGroupIamPolicyArgs, opts ...pulumi.ResourceOption) (*EntryGroupIamPolicy, error) { + if args == nil { + return nil, errors.New("missing one or more required arguments") + } + + if args.EntryGroupId == nil { + return nil, errors.New("invalid value for required argument 'EntryGroupId'") + } + if args.PolicyData == nil { + return nil, errors.New("invalid value for required argument 'PolicyData'") + } + opts = internal.PkgResourceDefaultOpts(opts) + var resource EntryGroupIamPolicy + err := ctx.RegisterResource("gcp:dataplex/entryGroupIamPolicy:EntryGroupIamPolicy", name, args, &resource, opts...) + if err != nil { + return nil, err + } + return &resource, nil +} + +// GetEntryGroupIamPolicy gets an existing EntryGroupIamPolicy resource's state with the given name, ID, and optional +// state properties that are used to uniquely qualify the lookup (nil if not required). +func GetEntryGroupIamPolicy(ctx *pulumi.Context, + name string, id pulumi.IDInput, state *EntryGroupIamPolicyState, opts ...pulumi.ResourceOption) (*EntryGroupIamPolicy, error) { + var resource EntryGroupIamPolicy + err := ctx.ReadResource("gcp:dataplex/entryGroupIamPolicy:EntryGroupIamPolicy", name, id, state, &resource, opts...) + if err != nil { + return nil, err + } + return &resource, nil +} + +// Input properties used for looking up and filtering EntryGroupIamPolicy resources. +type entryGroupIamPolicyState struct { + EntryGroupId *string `pulumi:"entryGroupId"` + // (Computed) The etag of the IAM policy. + Etag *string `pulumi:"etag"` + // The location where entry group will be created in. + // Used to find the parent resource to bind the IAM policy to + Location *string `pulumi:"location"` + // The policy data generated by + // a `organizations.getIAMPolicy` data source. + PolicyData *string `pulumi:"policyData"` + // The ID of the project in which the resource belongs. + // If it is not provided, the project will be parsed from the identifier of the parent resource. If no project is provided in the parent identifier and no project is specified, the provider project is used. + Project *string `pulumi:"project"` +} + +type EntryGroupIamPolicyState struct { + EntryGroupId pulumi.StringPtrInput + // (Computed) The etag of the IAM policy. + Etag pulumi.StringPtrInput + // The location where entry group will be created in. + // Used to find the parent resource to bind the IAM policy to + Location pulumi.StringPtrInput + // The policy data generated by + // a `organizations.getIAMPolicy` data source. + PolicyData pulumi.StringPtrInput + // The ID of the project in which the resource belongs. + // If it is not provided, the project will be parsed from the identifier of the parent resource. If no project is provided in the parent identifier and no project is specified, the provider project is used. + Project pulumi.StringPtrInput +} + +func (EntryGroupIamPolicyState) ElementType() reflect.Type { + return reflect.TypeOf((*entryGroupIamPolicyState)(nil)).Elem() +} + +type entryGroupIamPolicyArgs struct { + EntryGroupId string `pulumi:"entryGroupId"` + // The location where entry group will be created in. + // Used to find the parent resource to bind the IAM policy to + Location *string `pulumi:"location"` + // The policy data generated by + // a `organizations.getIAMPolicy` data source. + PolicyData string `pulumi:"policyData"` + // The ID of the project in which the resource belongs. + // If it is not provided, the project will be parsed from the identifier of the parent resource. If no project is provided in the parent identifier and no project is specified, the provider project is used. + Project *string `pulumi:"project"` +} + +// The set of arguments for constructing a EntryGroupIamPolicy resource. +type EntryGroupIamPolicyArgs struct { + EntryGroupId pulumi.StringInput + // The location where entry group will be created in. + // Used to find the parent resource to bind the IAM policy to + Location pulumi.StringPtrInput + // The policy data generated by + // a `organizations.getIAMPolicy` data source. + PolicyData pulumi.StringInput + // The ID of the project in which the resource belongs. + // If it is not provided, the project will be parsed from the identifier of the parent resource. If no project is provided in the parent identifier and no project is specified, the provider project is used. + Project pulumi.StringPtrInput +} + +func (EntryGroupIamPolicyArgs) ElementType() reflect.Type { + return reflect.TypeOf((*entryGroupIamPolicyArgs)(nil)).Elem() +} + +type EntryGroupIamPolicyInput interface { + pulumi.Input + + ToEntryGroupIamPolicyOutput() EntryGroupIamPolicyOutput + ToEntryGroupIamPolicyOutputWithContext(ctx context.Context) EntryGroupIamPolicyOutput +} + +func (*EntryGroupIamPolicy) ElementType() reflect.Type { + return reflect.TypeOf((**EntryGroupIamPolicy)(nil)).Elem() +} + +func (i *EntryGroupIamPolicy) ToEntryGroupIamPolicyOutput() EntryGroupIamPolicyOutput { + return i.ToEntryGroupIamPolicyOutputWithContext(context.Background()) +} + +func (i *EntryGroupIamPolicy) ToEntryGroupIamPolicyOutputWithContext(ctx context.Context) EntryGroupIamPolicyOutput { + return pulumi.ToOutputWithContext(ctx, i).(EntryGroupIamPolicyOutput) +} + +// EntryGroupIamPolicyArrayInput is an input type that accepts EntryGroupIamPolicyArray and EntryGroupIamPolicyArrayOutput values. +// You can construct a concrete instance of `EntryGroupIamPolicyArrayInput` via: +// +// EntryGroupIamPolicyArray{ EntryGroupIamPolicyArgs{...} } +type EntryGroupIamPolicyArrayInput interface { + pulumi.Input + + ToEntryGroupIamPolicyArrayOutput() EntryGroupIamPolicyArrayOutput + ToEntryGroupIamPolicyArrayOutputWithContext(context.Context) EntryGroupIamPolicyArrayOutput +} + +type EntryGroupIamPolicyArray []EntryGroupIamPolicyInput + +func (EntryGroupIamPolicyArray) ElementType() reflect.Type { + return reflect.TypeOf((*[]*EntryGroupIamPolicy)(nil)).Elem() +} + +func (i EntryGroupIamPolicyArray) ToEntryGroupIamPolicyArrayOutput() EntryGroupIamPolicyArrayOutput { + return i.ToEntryGroupIamPolicyArrayOutputWithContext(context.Background()) +} + +func (i EntryGroupIamPolicyArray) ToEntryGroupIamPolicyArrayOutputWithContext(ctx context.Context) EntryGroupIamPolicyArrayOutput { + return pulumi.ToOutputWithContext(ctx, i).(EntryGroupIamPolicyArrayOutput) +} + +// EntryGroupIamPolicyMapInput is an input type that accepts EntryGroupIamPolicyMap and EntryGroupIamPolicyMapOutput values. +// You can construct a concrete instance of `EntryGroupIamPolicyMapInput` via: +// +// EntryGroupIamPolicyMap{ "key": EntryGroupIamPolicyArgs{...} } +type EntryGroupIamPolicyMapInput interface { + pulumi.Input + + ToEntryGroupIamPolicyMapOutput() EntryGroupIamPolicyMapOutput + ToEntryGroupIamPolicyMapOutputWithContext(context.Context) EntryGroupIamPolicyMapOutput +} + +type EntryGroupIamPolicyMap map[string]EntryGroupIamPolicyInput + +func (EntryGroupIamPolicyMap) ElementType() reflect.Type { + return reflect.TypeOf((*map[string]*EntryGroupIamPolicy)(nil)).Elem() +} + +func (i EntryGroupIamPolicyMap) ToEntryGroupIamPolicyMapOutput() EntryGroupIamPolicyMapOutput { + return i.ToEntryGroupIamPolicyMapOutputWithContext(context.Background()) +} + +func (i EntryGroupIamPolicyMap) ToEntryGroupIamPolicyMapOutputWithContext(ctx context.Context) EntryGroupIamPolicyMapOutput { + return pulumi.ToOutputWithContext(ctx, i).(EntryGroupIamPolicyMapOutput) +} + +type EntryGroupIamPolicyOutput struct{ *pulumi.OutputState } + +func (EntryGroupIamPolicyOutput) ElementType() reflect.Type { + return reflect.TypeOf((**EntryGroupIamPolicy)(nil)).Elem() +} + +func (o EntryGroupIamPolicyOutput) ToEntryGroupIamPolicyOutput() EntryGroupIamPolicyOutput { + return o +} + +func (o EntryGroupIamPolicyOutput) ToEntryGroupIamPolicyOutputWithContext(ctx context.Context) EntryGroupIamPolicyOutput { + return o +} + +func (o EntryGroupIamPolicyOutput) EntryGroupId() pulumi.StringOutput { + return o.ApplyT(func(v *EntryGroupIamPolicy) pulumi.StringOutput { return v.EntryGroupId }).(pulumi.StringOutput) +} + +// (Computed) The etag of the IAM policy. +func (o EntryGroupIamPolicyOutput) Etag() pulumi.StringOutput { + return o.ApplyT(func(v *EntryGroupIamPolicy) pulumi.StringOutput { return v.Etag }).(pulumi.StringOutput) +} + +// The location where entry group will be created in. +// Used to find the parent resource to bind the IAM policy to +func (o EntryGroupIamPolicyOutput) Location() pulumi.StringOutput { + return o.ApplyT(func(v *EntryGroupIamPolicy) pulumi.StringOutput { return v.Location }).(pulumi.StringOutput) +} + +// The policy data generated by +// a `organizations.getIAMPolicy` data source. +func (o EntryGroupIamPolicyOutput) PolicyData() pulumi.StringOutput { + return o.ApplyT(func(v *EntryGroupIamPolicy) pulumi.StringOutput { return v.PolicyData }).(pulumi.StringOutput) +} + +// The ID of the project in which the resource belongs. +// If it is not provided, the project will be parsed from the identifier of the parent resource. If no project is provided in the parent identifier and no project is specified, the provider project is used. +func (o EntryGroupIamPolicyOutput) Project() pulumi.StringOutput { + return o.ApplyT(func(v *EntryGroupIamPolicy) pulumi.StringOutput { return v.Project }).(pulumi.StringOutput) +} + +type EntryGroupIamPolicyArrayOutput struct{ *pulumi.OutputState } + +func (EntryGroupIamPolicyArrayOutput) ElementType() reflect.Type { + return reflect.TypeOf((*[]*EntryGroupIamPolicy)(nil)).Elem() +} + +func (o EntryGroupIamPolicyArrayOutput) ToEntryGroupIamPolicyArrayOutput() EntryGroupIamPolicyArrayOutput { + return o +} + +func (o EntryGroupIamPolicyArrayOutput) ToEntryGroupIamPolicyArrayOutputWithContext(ctx context.Context) EntryGroupIamPolicyArrayOutput { + return o +} + +func (o EntryGroupIamPolicyArrayOutput) Index(i pulumi.IntInput) EntryGroupIamPolicyOutput { + return pulumi.All(o, i).ApplyT(func(vs []interface{}) *EntryGroupIamPolicy { + return vs[0].([]*EntryGroupIamPolicy)[vs[1].(int)] + }).(EntryGroupIamPolicyOutput) +} + +type EntryGroupIamPolicyMapOutput struct{ *pulumi.OutputState } + +func (EntryGroupIamPolicyMapOutput) ElementType() reflect.Type { + return reflect.TypeOf((*map[string]*EntryGroupIamPolicy)(nil)).Elem() +} + +func (o EntryGroupIamPolicyMapOutput) ToEntryGroupIamPolicyMapOutput() EntryGroupIamPolicyMapOutput { + return o +} + +func (o EntryGroupIamPolicyMapOutput) ToEntryGroupIamPolicyMapOutputWithContext(ctx context.Context) EntryGroupIamPolicyMapOutput { + return o +} + +func (o EntryGroupIamPolicyMapOutput) MapIndex(k pulumi.StringInput) EntryGroupIamPolicyOutput { + return pulumi.All(o, k).ApplyT(func(vs []interface{}) *EntryGroupIamPolicy { + return vs[0].(map[string]*EntryGroupIamPolicy)[vs[1].(string)] + }).(EntryGroupIamPolicyOutput) +} + +func init() { + pulumi.RegisterInputType(reflect.TypeOf((*EntryGroupIamPolicyInput)(nil)).Elem(), &EntryGroupIamPolicy{}) + pulumi.RegisterInputType(reflect.TypeOf((*EntryGroupIamPolicyArrayInput)(nil)).Elem(), EntryGroupIamPolicyArray{}) + pulumi.RegisterInputType(reflect.TypeOf((*EntryGroupIamPolicyMapInput)(nil)).Elem(), EntryGroupIamPolicyMap{}) + pulumi.RegisterOutputType(EntryGroupIamPolicyOutput{}) + pulumi.RegisterOutputType(EntryGroupIamPolicyArrayOutput{}) + pulumi.RegisterOutputType(EntryGroupIamPolicyMapOutput{}) +} diff --git a/sdk/go/gcp/dataplex/getAspectTypeIamPolicy.go b/sdk/go/gcp/dataplex/getAspectTypeIamPolicy.go new file mode 100644 index 0000000000..5a3c56b3fe --- /dev/null +++ b/sdk/go/gcp/dataplex/getAspectTypeIamPolicy.go @@ -0,0 +1,151 @@ +// Code generated by the Pulumi Terraform Bridge (tfgen) Tool DO NOT EDIT. +// *** WARNING: Do not edit by hand unless you're certain you know what you are doing! *** + +package dataplex + +import ( + "context" + "reflect" + + "github.com/pulumi/pulumi-gcp/sdk/v7/go/gcp/internal" + "github.com/pulumi/pulumi/sdk/v3/go/pulumi" +) + +// Retrieves the current IAM policy data for aspecttype +// +// ## example +// +// ```go +// package main +// +// import ( +// +// "github.com/pulumi/pulumi-gcp/sdk/v7/go/gcp/dataplex" +// "github.com/pulumi/pulumi/sdk/v3/go/pulumi" +// +// ) +// +// func main() { +// pulumi.Run(func(ctx *pulumi.Context) error { +// _, err := dataplex.LookupAspectTypeIamPolicy(ctx, &dataplex.LookupAspectTypeIamPolicyArgs{ +// Project: pulumi.StringRef(testAspectTypeBasic.Project), +// Location: pulumi.StringRef(testAspectTypeBasic.Location), +// AspectTypeId: testAspectTypeBasic.AspectTypeId, +// }, nil) +// if err != nil { +// return err +// } +// return nil +// }) +// } +// +// ``` +func LookupAspectTypeIamPolicy(ctx *pulumi.Context, args *LookupAspectTypeIamPolicyArgs, opts ...pulumi.InvokeOption) (*LookupAspectTypeIamPolicyResult, error) { + opts = internal.PkgInvokeDefaultOpts(opts) + var rv LookupAspectTypeIamPolicyResult + err := ctx.Invoke("gcp:dataplex/getAspectTypeIamPolicy:getAspectTypeIamPolicy", args, &rv, opts...) + if err != nil { + return nil, err + } + return &rv, nil +} + +// A collection of arguments for invoking getAspectTypeIamPolicy. +type LookupAspectTypeIamPolicyArgs struct { + AspectTypeId string `pulumi:"aspectTypeId"` + // The location where aspect type will be created in. + // Used to find the parent resource to bind the IAM policy to + Location *string `pulumi:"location"` + // The ID of the project in which the resource belongs. + // If it is not provided, the project will be parsed from the identifier of the parent resource. If no project is provided in the parent identifier and no project is specified, the provider project is used. + Project *string `pulumi:"project"` +} + +// A collection of values returned by getAspectTypeIamPolicy. +type LookupAspectTypeIamPolicyResult struct { + AspectTypeId string `pulumi:"aspectTypeId"` + // (Computed) The etag of the IAM policy. + Etag string `pulumi:"etag"` + // The provider-assigned unique ID for this managed resource. + Id string `pulumi:"id"` + Location string `pulumi:"location"` + // (Required only by `dataplex.AspectTypeIamPolicy`) The policy data generated by + // a `organizations.getIAMPolicy` data source. + PolicyData string `pulumi:"policyData"` + Project string `pulumi:"project"` +} + +func LookupAspectTypeIamPolicyOutput(ctx *pulumi.Context, args LookupAspectTypeIamPolicyOutputArgs, opts ...pulumi.InvokeOption) LookupAspectTypeIamPolicyResultOutput { + return pulumi.ToOutputWithContext(context.Background(), args). + ApplyT(func(v interface{}) (LookupAspectTypeIamPolicyResult, error) { + args := v.(LookupAspectTypeIamPolicyArgs) + r, err := LookupAspectTypeIamPolicy(ctx, &args, opts...) + var s LookupAspectTypeIamPolicyResult + if r != nil { + s = *r + } + return s, err + }).(LookupAspectTypeIamPolicyResultOutput) +} + +// A collection of arguments for invoking getAspectTypeIamPolicy. +type LookupAspectTypeIamPolicyOutputArgs struct { + AspectTypeId pulumi.StringInput `pulumi:"aspectTypeId"` + // The location where aspect type will be created in. + // Used to find the parent resource to bind the IAM policy to + Location pulumi.StringPtrInput `pulumi:"location"` + // The ID of the project in which the resource belongs. + // If it is not provided, the project will be parsed from the identifier of the parent resource. If no project is provided in the parent identifier and no project is specified, the provider project is used. + Project pulumi.StringPtrInput `pulumi:"project"` +} + +func (LookupAspectTypeIamPolicyOutputArgs) ElementType() reflect.Type { + return reflect.TypeOf((*LookupAspectTypeIamPolicyArgs)(nil)).Elem() +} + +// A collection of values returned by getAspectTypeIamPolicy. +type LookupAspectTypeIamPolicyResultOutput struct{ *pulumi.OutputState } + +func (LookupAspectTypeIamPolicyResultOutput) ElementType() reflect.Type { + return reflect.TypeOf((*LookupAspectTypeIamPolicyResult)(nil)).Elem() +} + +func (o LookupAspectTypeIamPolicyResultOutput) ToLookupAspectTypeIamPolicyResultOutput() LookupAspectTypeIamPolicyResultOutput { + return o +} + +func (o LookupAspectTypeIamPolicyResultOutput) ToLookupAspectTypeIamPolicyResultOutputWithContext(ctx context.Context) LookupAspectTypeIamPolicyResultOutput { + return o +} + +func (o LookupAspectTypeIamPolicyResultOutput) AspectTypeId() pulumi.StringOutput { + return o.ApplyT(func(v LookupAspectTypeIamPolicyResult) string { return v.AspectTypeId }).(pulumi.StringOutput) +} + +// (Computed) The etag of the IAM policy. +func (o LookupAspectTypeIamPolicyResultOutput) Etag() pulumi.StringOutput { + return o.ApplyT(func(v LookupAspectTypeIamPolicyResult) string { return v.Etag }).(pulumi.StringOutput) +} + +// The provider-assigned unique ID for this managed resource. +func (o LookupAspectTypeIamPolicyResultOutput) Id() pulumi.StringOutput { + return o.ApplyT(func(v LookupAspectTypeIamPolicyResult) string { return v.Id }).(pulumi.StringOutput) +} + +func (o LookupAspectTypeIamPolicyResultOutput) Location() pulumi.StringOutput { + return o.ApplyT(func(v LookupAspectTypeIamPolicyResult) string { return v.Location }).(pulumi.StringOutput) +} + +// (Required only by `dataplex.AspectTypeIamPolicy`) The policy data generated by +// a `organizations.getIAMPolicy` data source. +func (o LookupAspectTypeIamPolicyResultOutput) PolicyData() pulumi.StringOutput { + return o.ApplyT(func(v LookupAspectTypeIamPolicyResult) string { return v.PolicyData }).(pulumi.StringOutput) +} + +func (o LookupAspectTypeIamPolicyResultOutput) Project() pulumi.StringOutput { + return o.ApplyT(func(v LookupAspectTypeIamPolicyResult) string { return v.Project }).(pulumi.StringOutput) +} + +func init() { + pulumi.RegisterOutputType(LookupAspectTypeIamPolicyResultOutput{}) +} diff --git a/sdk/go/gcp/dataplex/getEntryGroupIamPolicy.go b/sdk/go/gcp/dataplex/getEntryGroupIamPolicy.go new file mode 100644 index 0000000000..ab94bd9c3d --- /dev/null +++ b/sdk/go/gcp/dataplex/getEntryGroupIamPolicy.go @@ -0,0 +1,151 @@ +// Code generated by the Pulumi Terraform Bridge (tfgen) Tool DO NOT EDIT. +// *** WARNING: Do not edit by hand unless you're certain you know what you are doing! *** + +package dataplex + +import ( + "context" + "reflect" + + "github.com/pulumi/pulumi-gcp/sdk/v7/go/gcp/internal" + "github.com/pulumi/pulumi/sdk/v3/go/pulumi" +) + +// Retrieves the current IAM policy data for entrygroup +// +// ## example +// +// ```go +// package main +// +// import ( +// +// "github.com/pulumi/pulumi-gcp/sdk/v7/go/gcp/dataplex" +// "github.com/pulumi/pulumi/sdk/v3/go/pulumi" +// +// ) +// +// func main() { +// pulumi.Run(func(ctx *pulumi.Context) error { +// _, err := dataplex.LookupEntryGroupIamPolicy(ctx, &dataplex.LookupEntryGroupIamPolicyArgs{ +// Project: pulumi.StringRef(testEntryGroupBasic.Project), +// Location: pulumi.StringRef(testEntryGroupBasic.Location), +// EntryGroupId: testEntryGroupBasic.EntryGroupId, +// }, nil) +// if err != nil { +// return err +// } +// return nil +// }) +// } +// +// ``` +func LookupEntryGroupIamPolicy(ctx *pulumi.Context, args *LookupEntryGroupIamPolicyArgs, opts ...pulumi.InvokeOption) (*LookupEntryGroupIamPolicyResult, error) { + opts = internal.PkgInvokeDefaultOpts(opts) + var rv LookupEntryGroupIamPolicyResult + err := ctx.Invoke("gcp:dataplex/getEntryGroupIamPolicy:getEntryGroupIamPolicy", args, &rv, opts...) + if err != nil { + return nil, err + } + return &rv, nil +} + +// A collection of arguments for invoking getEntryGroupIamPolicy. +type LookupEntryGroupIamPolicyArgs struct { + EntryGroupId string `pulumi:"entryGroupId"` + // The location where entry group will be created in. + // Used to find the parent resource to bind the IAM policy to + Location *string `pulumi:"location"` + // The ID of the project in which the resource belongs. + // If it is not provided, the project will be parsed from the identifier of the parent resource. If no project is provided in the parent identifier and no project is specified, the provider project is used. + Project *string `pulumi:"project"` +} + +// A collection of values returned by getEntryGroupIamPolicy. +type LookupEntryGroupIamPolicyResult struct { + EntryGroupId string `pulumi:"entryGroupId"` + // (Computed) The etag of the IAM policy. + Etag string `pulumi:"etag"` + // The provider-assigned unique ID for this managed resource. + Id string `pulumi:"id"` + Location string `pulumi:"location"` + // (Required only by `dataplex.EntryGroupIamPolicy`) The policy data generated by + // a `organizations.getIAMPolicy` data source. + PolicyData string `pulumi:"policyData"` + Project string `pulumi:"project"` +} + +func LookupEntryGroupIamPolicyOutput(ctx *pulumi.Context, args LookupEntryGroupIamPolicyOutputArgs, opts ...pulumi.InvokeOption) LookupEntryGroupIamPolicyResultOutput { + return pulumi.ToOutputWithContext(context.Background(), args). + ApplyT(func(v interface{}) (LookupEntryGroupIamPolicyResult, error) { + args := v.(LookupEntryGroupIamPolicyArgs) + r, err := LookupEntryGroupIamPolicy(ctx, &args, opts...) + var s LookupEntryGroupIamPolicyResult + if r != nil { + s = *r + } + return s, err + }).(LookupEntryGroupIamPolicyResultOutput) +} + +// A collection of arguments for invoking getEntryGroupIamPolicy. +type LookupEntryGroupIamPolicyOutputArgs struct { + EntryGroupId pulumi.StringInput `pulumi:"entryGroupId"` + // The location where entry group will be created in. + // Used to find the parent resource to bind the IAM policy to + Location pulumi.StringPtrInput `pulumi:"location"` + // The ID of the project in which the resource belongs. + // If it is not provided, the project will be parsed from the identifier of the parent resource. If no project is provided in the parent identifier and no project is specified, the provider project is used. + Project pulumi.StringPtrInput `pulumi:"project"` +} + +func (LookupEntryGroupIamPolicyOutputArgs) ElementType() reflect.Type { + return reflect.TypeOf((*LookupEntryGroupIamPolicyArgs)(nil)).Elem() +} + +// A collection of values returned by getEntryGroupIamPolicy. +type LookupEntryGroupIamPolicyResultOutput struct{ *pulumi.OutputState } + +func (LookupEntryGroupIamPolicyResultOutput) ElementType() reflect.Type { + return reflect.TypeOf((*LookupEntryGroupIamPolicyResult)(nil)).Elem() +} + +func (o LookupEntryGroupIamPolicyResultOutput) ToLookupEntryGroupIamPolicyResultOutput() LookupEntryGroupIamPolicyResultOutput { + return o +} + +func (o LookupEntryGroupIamPolicyResultOutput) ToLookupEntryGroupIamPolicyResultOutputWithContext(ctx context.Context) LookupEntryGroupIamPolicyResultOutput { + return o +} + +func (o LookupEntryGroupIamPolicyResultOutput) EntryGroupId() pulumi.StringOutput { + return o.ApplyT(func(v LookupEntryGroupIamPolicyResult) string { return v.EntryGroupId }).(pulumi.StringOutput) +} + +// (Computed) The etag of the IAM policy. +func (o LookupEntryGroupIamPolicyResultOutput) Etag() pulumi.StringOutput { + return o.ApplyT(func(v LookupEntryGroupIamPolicyResult) string { return v.Etag }).(pulumi.StringOutput) +} + +// The provider-assigned unique ID for this managed resource. +func (o LookupEntryGroupIamPolicyResultOutput) Id() pulumi.StringOutput { + return o.ApplyT(func(v LookupEntryGroupIamPolicyResult) string { return v.Id }).(pulumi.StringOutput) +} + +func (o LookupEntryGroupIamPolicyResultOutput) Location() pulumi.StringOutput { + return o.ApplyT(func(v LookupEntryGroupIamPolicyResult) string { return v.Location }).(pulumi.StringOutput) +} + +// (Required only by `dataplex.EntryGroupIamPolicy`) The policy data generated by +// a `organizations.getIAMPolicy` data source. +func (o LookupEntryGroupIamPolicyResultOutput) PolicyData() pulumi.StringOutput { + return o.ApplyT(func(v LookupEntryGroupIamPolicyResult) string { return v.PolicyData }).(pulumi.StringOutput) +} + +func (o LookupEntryGroupIamPolicyResultOutput) Project() pulumi.StringOutput { + return o.ApplyT(func(v LookupEntryGroupIamPolicyResult) string { return v.Project }).(pulumi.StringOutput) +} + +func init() { + pulumi.RegisterOutputType(LookupEntryGroupIamPolicyResultOutput{}) +} diff --git a/sdk/go/gcp/dataplex/init.go b/sdk/go/gcp/dataplex/init.go index 1a989b9f75..c34bbaf38c 100644 --- a/sdk/go/gcp/dataplex/init.go +++ b/sdk/go/gcp/dataplex/init.go @@ -21,6 +21,14 @@ func (m *module) Version() semver.Version { func (m *module) Construct(ctx *pulumi.Context, name, typ, urn string) (r pulumi.Resource, err error) { switch typ { + case "gcp:dataplex/aspectType:AspectType": + r = &AspectType{} + case "gcp:dataplex/aspectTypeIamBinding:AspectTypeIamBinding": + r = &AspectTypeIamBinding{} + case "gcp:dataplex/aspectTypeIamMember:AspectTypeIamMember": + r = &AspectTypeIamMember{} + case "gcp:dataplex/aspectTypeIamPolicy:AspectTypeIamPolicy": + r = &AspectTypeIamPolicy{} case "gcp:dataplex/asset:Asset": r = &Asset{} case "gcp:dataplex/assetIamBinding:AssetIamBinding": @@ -37,6 +45,14 @@ func (m *module) Construct(ctx *pulumi.Context, name, typ, urn string) (r pulumi r = &DatascanIamMember{} case "gcp:dataplex/datascanIamPolicy:DatascanIamPolicy": r = &DatascanIamPolicy{} + case "gcp:dataplex/entryGroup:EntryGroup": + r = &EntryGroup{} + case "gcp:dataplex/entryGroupIamBinding:EntryGroupIamBinding": + r = &EntryGroupIamBinding{} + case "gcp:dataplex/entryGroupIamMember:EntryGroupIamMember": + r = &EntryGroupIamMember{} + case "gcp:dataplex/entryGroupIamPolicy:EntryGroupIamPolicy": + r = &EntryGroupIamPolicy{} case "gcp:dataplex/lake:Lake": r = &Lake{} case "gcp:dataplex/lakeIamBinding:LakeIamBinding": @@ -74,6 +90,26 @@ func init() { if err != nil { version = semver.Version{Major: 1} } + pulumi.RegisterResourceModule( + "gcp", + "dataplex/aspectType", + &module{version}, + ) + pulumi.RegisterResourceModule( + "gcp", + "dataplex/aspectTypeIamBinding", + &module{version}, + ) + pulumi.RegisterResourceModule( + "gcp", + "dataplex/aspectTypeIamMember", + &module{version}, + ) + pulumi.RegisterResourceModule( + "gcp", + "dataplex/aspectTypeIamPolicy", + &module{version}, + ) pulumi.RegisterResourceModule( "gcp", "dataplex/asset", @@ -114,6 +150,26 @@ func init() { "dataplex/datascanIamPolicy", &module{version}, ) + pulumi.RegisterResourceModule( + "gcp", + "dataplex/entryGroup", + &module{version}, + ) + pulumi.RegisterResourceModule( + "gcp", + "dataplex/entryGroupIamBinding", + &module{version}, + ) + pulumi.RegisterResourceModule( + "gcp", + "dataplex/entryGroupIamMember", + &module{version}, + ) + pulumi.RegisterResourceModule( + "gcp", + "dataplex/entryGroupIamPolicy", + &module{version}, + ) pulumi.RegisterResourceModule( "gcp", "dataplex/lake", diff --git a/sdk/go/gcp/dataplex/pulumiTypes.go b/sdk/go/gcp/dataplex/pulumiTypes.go index 1324546fd5..ada549a863 100644 --- a/sdk/go/gcp/dataplex/pulumiTypes.go +++ b/sdk/go/gcp/dataplex/pulumiTypes.go @@ -13,6 +13,332 @@ import ( var _ = internal.GetEnvOrDefault +type AspectTypeIamBindingCondition struct { + Description *string `pulumi:"description"` + Expression string `pulumi:"expression"` + Title string `pulumi:"title"` +} + +// AspectTypeIamBindingConditionInput is an input type that accepts AspectTypeIamBindingConditionArgs and AspectTypeIamBindingConditionOutput values. +// You can construct a concrete instance of `AspectTypeIamBindingConditionInput` via: +// +// AspectTypeIamBindingConditionArgs{...} +type AspectTypeIamBindingConditionInput interface { + pulumi.Input + + ToAspectTypeIamBindingConditionOutput() AspectTypeIamBindingConditionOutput + ToAspectTypeIamBindingConditionOutputWithContext(context.Context) AspectTypeIamBindingConditionOutput +} + +type AspectTypeIamBindingConditionArgs struct { + Description pulumi.StringPtrInput `pulumi:"description"` + Expression pulumi.StringInput `pulumi:"expression"` + Title pulumi.StringInput `pulumi:"title"` +} + +func (AspectTypeIamBindingConditionArgs) ElementType() reflect.Type { + return reflect.TypeOf((*AspectTypeIamBindingCondition)(nil)).Elem() +} + +func (i AspectTypeIamBindingConditionArgs) ToAspectTypeIamBindingConditionOutput() AspectTypeIamBindingConditionOutput { + return i.ToAspectTypeIamBindingConditionOutputWithContext(context.Background()) +} + +func (i AspectTypeIamBindingConditionArgs) ToAspectTypeIamBindingConditionOutputWithContext(ctx context.Context) AspectTypeIamBindingConditionOutput { + return pulumi.ToOutputWithContext(ctx, i).(AspectTypeIamBindingConditionOutput) +} + +func (i AspectTypeIamBindingConditionArgs) ToAspectTypeIamBindingConditionPtrOutput() AspectTypeIamBindingConditionPtrOutput { + return i.ToAspectTypeIamBindingConditionPtrOutputWithContext(context.Background()) +} + +func (i AspectTypeIamBindingConditionArgs) ToAspectTypeIamBindingConditionPtrOutputWithContext(ctx context.Context) AspectTypeIamBindingConditionPtrOutput { + return pulumi.ToOutputWithContext(ctx, i).(AspectTypeIamBindingConditionOutput).ToAspectTypeIamBindingConditionPtrOutputWithContext(ctx) +} + +// AspectTypeIamBindingConditionPtrInput is an input type that accepts AspectTypeIamBindingConditionArgs, AspectTypeIamBindingConditionPtr and AspectTypeIamBindingConditionPtrOutput values. +// You can construct a concrete instance of `AspectTypeIamBindingConditionPtrInput` via: +// +// AspectTypeIamBindingConditionArgs{...} +// +// or: +// +// nil +type AspectTypeIamBindingConditionPtrInput interface { + pulumi.Input + + ToAspectTypeIamBindingConditionPtrOutput() AspectTypeIamBindingConditionPtrOutput + ToAspectTypeIamBindingConditionPtrOutputWithContext(context.Context) AspectTypeIamBindingConditionPtrOutput +} + +type aspectTypeIamBindingConditionPtrType AspectTypeIamBindingConditionArgs + +func AspectTypeIamBindingConditionPtr(v *AspectTypeIamBindingConditionArgs) AspectTypeIamBindingConditionPtrInput { + return (*aspectTypeIamBindingConditionPtrType)(v) +} + +func (*aspectTypeIamBindingConditionPtrType) ElementType() reflect.Type { + return reflect.TypeOf((**AspectTypeIamBindingCondition)(nil)).Elem() +} + +func (i *aspectTypeIamBindingConditionPtrType) ToAspectTypeIamBindingConditionPtrOutput() AspectTypeIamBindingConditionPtrOutput { + return i.ToAspectTypeIamBindingConditionPtrOutputWithContext(context.Background()) +} + +func (i *aspectTypeIamBindingConditionPtrType) ToAspectTypeIamBindingConditionPtrOutputWithContext(ctx context.Context) AspectTypeIamBindingConditionPtrOutput { + return pulumi.ToOutputWithContext(ctx, i).(AspectTypeIamBindingConditionPtrOutput) +} + +type AspectTypeIamBindingConditionOutput struct{ *pulumi.OutputState } + +func (AspectTypeIamBindingConditionOutput) ElementType() reflect.Type { + return reflect.TypeOf((*AspectTypeIamBindingCondition)(nil)).Elem() +} + +func (o AspectTypeIamBindingConditionOutput) ToAspectTypeIamBindingConditionOutput() AspectTypeIamBindingConditionOutput { + return o +} + +func (o AspectTypeIamBindingConditionOutput) ToAspectTypeIamBindingConditionOutputWithContext(ctx context.Context) AspectTypeIamBindingConditionOutput { + return o +} + +func (o AspectTypeIamBindingConditionOutput) ToAspectTypeIamBindingConditionPtrOutput() AspectTypeIamBindingConditionPtrOutput { + return o.ToAspectTypeIamBindingConditionPtrOutputWithContext(context.Background()) +} + +func (o AspectTypeIamBindingConditionOutput) ToAspectTypeIamBindingConditionPtrOutputWithContext(ctx context.Context) AspectTypeIamBindingConditionPtrOutput { + return o.ApplyTWithContext(ctx, func(_ context.Context, v AspectTypeIamBindingCondition) *AspectTypeIamBindingCondition { + return &v + }).(AspectTypeIamBindingConditionPtrOutput) +} + +func (o AspectTypeIamBindingConditionOutput) Description() pulumi.StringPtrOutput { + return o.ApplyT(func(v AspectTypeIamBindingCondition) *string { return v.Description }).(pulumi.StringPtrOutput) +} + +func (o AspectTypeIamBindingConditionOutput) Expression() pulumi.StringOutput { + return o.ApplyT(func(v AspectTypeIamBindingCondition) string { return v.Expression }).(pulumi.StringOutput) +} + +func (o AspectTypeIamBindingConditionOutput) Title() pulumi.StringOutput { + return o.ApplyT(func(v AspectTypeIamBindingCondition) string { return v.Title }).(pulumi.StringOutput) +} + +type AspectTypeIamBindingConditionPtrOutput struct{ *pulumi.OutputState } + +func (AspectTypeIamBindingConditionPtrOutput) ElementType() reflect.Type { + return reflect.TypeOf((**AspectTypeIamBindingCondition)(nil)).Elem() +} + +func (o AspectTypeIamBindingConditionPtrOutput) ToAspectTypeIamBindingConditionPtrOutput() AspectTypeIamBindingConditionPtrOutput { + return o +} + +func (o AspectTypeIamBindingConditionPtrOutput) ToAspectTypeIamBindingConditionPtrOutputWithContext(ctx context.Context) AspectTypeIamBindingConditionPtrOutput { + return o +} + +func (o AspectTypeIamBindingConditionPtrOutput) Elem() AspectTypeIamBindingConditionOutput { + return o.ApplyT(func(v *AspectTypeIamBindingCondition) AspectTypeIamBindingCondition { + if v != nil { + return *v + } + var ret AspectTypeIamBindingCondition + return ret + }).(AspectTypeIamBindingConditionOutput) +} + +func (o AspectTypeIamBindingConditionPtrOutput) Description() pulumi.StringPtrOutput { + return o.ApplyT(func(v *AspectTypeIamBindingCondition) *string { + if v == nil { + return nil + } + return v.Description + }).(pulumi.StringPtrOutput) +} + +func (o AspectTypeIamBindingConditionPtrOutput) Expression() pulumi.StringPtrOutput { + return o.ApplyT(func(v *AspectTypeIamBindingCondition) *string { + if v == nil { + return nil + } + return &v.Expression + }).(pulumi.StringPtrOutput) +} + +func (o AspectTypeIamBindingConditionPtrOutput) Title() pulumi.StringPtrOutput { + return o.ApplyT(func(v *AspectTypeIamBindingCondition) *string { + if v == nil { + return nil + } + return &v.Title + }).(pulumi.StringPtrOutput) +} + +type AspectTypeIamMemberCondition struct { + Description *string `pulumi:"description"` + Expression string `pulumi:"expression"` + Title string `pulumi:"title"` +} + +// AspectTypeIamMemberConditionInput is an input type that accepts AspectTypeIamMemberConditionArgs and AspectTypeIamMemberConditionOutput values. +// You can construct a concrete instance of `AspectTypeIamMemberConditionInput` via: +// +// AspectTypeIamMemberConditionArgs{...} +type AspectTypeIamMemberConditionInput interface { + pulumi.Input + + ToAspectTypeIamMemberConditionOutput() AspectTypeIamMemberConditionOutput + ToAspectTypeIamMemberConditionOutputWithContext(context.Context) AspectTypeIamMemberConditionOutput +} + +type AspectTypeIamMemberConditionArgs struct { + Description pulumi.StringPtrInput `pulumi:"description"` + Expression pulumi.StringInput `pulumi:"expression"` + Title pulumi.StringInput `pulumi:"title"` +} + +func (AspectTypeIamMemberConditionArgs) ElementType() reflect.Type { + return reflect.TypeOf((*AspectTypeIamMemberCondition)(nil)).Elem() +} + +func (i AspectTypeIamMemberConditionArgs) ToAspectTypeIamMemberConditionOutput() AspectTypeIamMemberConditionOutput { + return i.ToAspectTypeIamMemberConditionOutputWithContext(context.Background()) +} + +func (i AspectTypeIamMemberConditionArgs) ToAspectTypeIamMemberConditionOutputWithContext(ctx context.Context) AspectTypeIamMemberConditionOutput { + return pulumi.ToOutputWithContext(ctx, i).(AspectTypeIamMemberConditionOutput) +} + +func (i AspectTypeIamMemberConditionArgs) ToAspectTypeIamMemberConditionPtrOutput() AspectTypeIamMemberConditionPtrOutput { + return i.ToAspectTypeIamMemberConditionPtrOutputWithContext(context.Background()) +} + +func (i AspectTypeIamMemberConditionArgs) ToAspectTypeIamMemberConditionPtrOutputWithContext(ctx context.Context) AspectTypeIamMemberConditionPtrOutput { + return pulumi.ToOutputWithContext(ctx, i).(AspectTypeIamMemberConditionOutput).ToAspectTypeIamMemberConditionPtrOutputWithContext(ctx) +} + +// AspectTypeIamMemberConditionPtrInput is an input type that accepts AspectTypeIamMemberConditionArgs, AspectTypeIamMemberConditionPtr and AspectTypeIamMemberConditionPtrOutput values. +// You can construct a concrete instance of `AspectTypeIamMemberConditionPtrInput` via: +// +// AspectTypeIamMemberConditionArgs{...} +// +// or: +// +// nil +type AspectTypeIamMemberConditionPtrInput interface { + pulumi.Input + + ToAspectTypeIamMemberConditionPtrOutput() AspectTypeIamMemberConditionPtrOutput + ToAspectTypeIamMemberConditionPtrOutputWithContext(context.Context) AspectTypeIamMemberConditionPtrOutput +} + +type aspectTypeIamMemberConditionPtrType AspectTypeIamMemberConditionArgs + +func AspectTypeIamMemberConditionPtr(v *AspectTypeIamMemberConditionArgs) AspectTypeIamMemberConditionPtrInput { + return (*aspectTypeIamMemberConditionPtrType)(v) +} + +func (*aspectTypeIamMemberConditionPtrType) ElementType() reflect.Type { + return reflect.TypeOf((**AspectTypeIamMemberCondition)(nil)).Elem() +} + +func (i *aspectTypeIamMemberConditionPtrType) ToAspectTypeIamMemberConditionPtrOutput() AspectTypeIamMemberConditionPtrOutput { + return i.ToAspectTypeIamMemberConditionPtrOutputWithContext(context.Background()) +} + +func (i *aspectTypeIamMemberConditionPtrType) ToAspectTypeIamMemberConditionPtrOutputWithContext(ctx context.Context) AspectTypeIamMemberConditionPtrOutput { + return pulumi.ToOutputWithContext(ctx, i).(AspectTypeIamMemberConditionPtrOutput) +} + +type AspectTypeIamMemberConditionOutput struct{ *pulumi.OutputState } + +func (AspectTypeIamMemberConditionOutput) ElementType() reflect.Type { + return reflect.TypeOf((*AspectTypeIamMemberCondition)(nil)).Elem() +} + +func (o AspectTypeIamMemberConditionOutput) ToAspectTypeIamMemberConditionOutput() AspectTypeIamMemberConditionOutput { + return o +} + +func (o AspectTypeIamMemberConditionOutput) ToAspectTypeIamMemberConditionOutputWithContext(ctx context.Context) AspectTypeIamMemberConditionOutput { + return o +} + +func (o AspectTypeIamMemberConditionOutput) ToAspectTypeIamMemberConditionPtrOutput() AspectTypeIamMemberConditionPtrOutput { + return o.ToAspectTypeIamMemberConditionPtrOutputWithContext(context.Background()) +} + +func (o AspectTypeIamMemberConditionOutput) ToAspectTypeIamMemberConditionPtrOutputWithContext(ctx context.Context) AspectTypeIamMemberConditionPtrOutput { + return o.ApplyTWithContext(ctx, func(_ context.Context, v AspectTypeIamMemberCondition) *AspectTypeIamMemberCondition { + return &v + }).(AspectTypeIamMemberConditionPtrOutput) +} + +func (o AspectTypeIamMemberConditionOutput) Description() pulumi.StringPtrOutput { + return o.ApplyT(func(v AspectTypeIamMemberCondition) *string { return v.Description }).(pulumi.StringPtrOutput) +} + +func (o AspectTypeIamMemberConditionOutput) Expression() pulumi.StringOutput { + return o.ApplyT(func(v AspectTypeIamMemberCondition) string { return v.Expression }).(pulumi.StringOutput) +} + +func (o AspectTypeIamMemberConditionOutput) Title() pulumi.StringOutput { + return o.ApplyT(func(v AspectTypeIamMemberCondition) string { return v.Title }).(pulumi.StringOutput) +} + +type AspectTypeIamMemberConditionPtrOutput struct{ *pulumi.OutputState } + +func (AspectTypeIamMemberConditionPtrOutput) ElementType() reflect.Type { + return reflect.TypeOf((**AspectTypeIamMemberCondition)(nil)).Elem() +} + +func (o AspectTypeIamMemberConditionPtrOutput) ToAspectTypeIamMemberConditionPtrOutput() AspectTypeIamMemberConditionPtrOutput { + return o +} + +func (o AspectTypeIamMemberConditionPtrOutput) ToAspectTypeIamMemberConditionPtrOutputWithContext(ctx context.Context) AspectTypeIamMemberConditionPtrOutput { + return o +} + +func (o AspectTypeIamMemberConditionPtrOutput) Elem() AspectTypeIamMemberConditionOutput { + return o.ApplyT(func(v *AspectTypeIamMemberCondition) AspectTypeIamMemberCondition { + if v != nil { + return *v + } + var ret AspectTypeIamMemberCondition + return ret + }).(AspectTypeIamMemberConditionOutput) +} + +func (o AspectTypeIamMemberConditionPtrOutput) Description() pulumi.StringPtrOutput { + return o.ApplyT(func(v *AspectTypeIamMemberCondition) *string { + if v == nil { + return nil + } + return v.Description + }).(pulumi.StringPtrOutput) +} + +func (o AspectTypeIamMemberConditionPtrOutput) Expression() pulumi.StringPtrOutput { + return o.ApplyT(func(v *AspectTypeIamMemberCondition) *string { + if v == nil { + return nil + } + return &v.Expression + }).(pulumi.StringPtrOutput) +} + +func (o AspectTypeIamMemberConditionPtrOutput) Title() pulumi.StringPtrOutput { + return o.ApplyT(func(v *AspectTypeIamMemberCondition) *string { + if v == nil { + return nil + } + return &v.Title + }).(pulumi.StringPtrOutput) +} + type AssetDiscoverySpec struct { // Optional. Configuration for CSV data. CsvOptions *AssetDiscoverySpecCsvOptions `pulumi:"csvOptions"` @@ -5572,6 +5898,332 @@ func (o DatascanIamMemberConditionPtrOutput) Title() pulumi.StringPtrOutput { }).(pulumi.StringPtrOutput) } +type EntryGroupIamBindingCondition struct { + Description *string `pulumi:"description"` + Expression string `pulumi:"expression"` + Title string `pulumi:"title"` +} + +// EntryGroupIamBindingConditionInput is an input type that accepts EntryGroupIamBindingConditionArgs and EntryGroupIamBindingConditionOutput values. +// You can construct a concrete instance of `EntryGroupIamBindingConditionInput` via: +// +// EntryGroupIamBindingConditionArgs{...} +type EntryGroupIamBindingConditionInput interface { + pulumi.Input + + ToEntryGroupIamBindingConditionOutput() EntryGroupIamBindingConditionOutput + ToEntryGroupIamBindingConditionOutputWithContext(context.Context) EntryGroupIamBindingConditionOutput +} + +type EntryGroupIamBindingConditionArgs struct { + Description pulumi.StringPtrInput `pulumi:"description"` + Expression pulumi.StringInput `pulumi:"expression"` + Title pulumi.StringInput `pulumi:"title"` +} + +func (EntryGroupIamBindingConditionArgs) ElementType() reflect.Type { + return reflect.TypeOf((*EntryGroupIamBindingCondition)(nil)).Elem() +} + +func (i EntryGroupIamBindingConditionArgs) ToEntryGroupIamBindingConditionOutput() EntryGroupIamBindingConditionOutput { + return i.ToEntryGroupIamBindingConditionOutputWithContext(context.Background()) +} + +func (i EntryGroupIamBindingConditionArgs) ToEntryGroupIamBindingConditionOutputWithContext(ctx context.Context) EntryGroupIamBindingConditionOutput { + return pulumi.ToOutputWithContext(ctx, i).(EntryGroupIamBindingConditionOutput) +} + +func (i EntryGroupIamBindingConditionArgs) ToEntryGroupIamBindingConditionPtrOutput() EntryGroupIamBindingConditionPtrOutput { + return i.ToEntryGroupIamBindingConditionPtrOutputWithContext(context.Background()) +} + +func (i EntryGroupIamBindingConditionArgs) ToEntryGroupIamBindingConditionPtrOutputWithContext(ctx context.Context) EntryGroupIamBindingConditionPtrOutput { + return pulumi.ToOutputWithContext(ctx, i).(EntryGroupIamBindingConditionOutput).ToEntryGroupIamBindingConditionPtrOutputWithContext(ctx) +} + +// EntryGroupIamBindingConditionPtrInput is an input type that accepts EntryGroupIamBindingConditionArgs, EntryGroupIamBindingConditionPtr and EntryGroupIamBindingConditionPtrOutput values. +// You can construct a concrete instance of `EntryGroupIamBindingConditionPtrInput` via: +// +// EntryGroupIamBindingConditionArgs{...} +// +// or: +// +// nil +type EntryGroupIamBindingConditionPtrInput interface { + pulumi.Input + + ToEntryGroupIamBindingConditionPtrOutput() EntryGroupIamBindingConditionPtrOutput + ToEntryGroupIamBindingConditionPtrOutputWithContext(context.Context) EntryGroupIamBindingConditionPtrOutput +} + +type entryGroupIamBindingConditionPtrType EntryGroupIamBindingConditionArgs + +func EntryGroupIamBindingConditionPtr(v *EntryGroupIamBindingConditionArgs) EntryGroupIamBindingConditionPtrInput { + return (*entryGroupIamBindingConditionPtrType)(v) +} + +func (*entryGroupIamBindingConditionPtrType) ElementType() reflect.Type { + return reflect.TypeOf((**EntryGroupIamBindingCondition)(nil)).Elem() +} + +func (i *entryGroupIamBindingConditionPtrType) ToEntryGroupIamBindingConditionPtrOutput() EntryGroupIamBindingConditionPtrOutput { + return i.ToEntryGroupIamBindingConditionPtrOutputWithContext(context.Background()) +} + +func (i *entryGroupIamBindingConditionPtrType) ToEntryGroupIamBindingConditionPtrOutputWithContext(ctx context.Context) EntryGroupIamBindingConditionPtrOutput { + return pulumi.ToOutputWithContext(ctx, i).(EntryGroupIamBindingConditionPtrOutput) +} + +type EntryGroupIamBindingConditionOutput struct{ *pulumi.OutputState } + +func (EntryGroupIamBindingConditionOutput) ElementType() reflect.Type { + return reflect.TypeOf((*EntryGroupIamBindingCondition)(nil)).Elem() +} + +func (o EntryGroupIamBindingConditionOutput) ToEntryGroupIamBindingConditionOutput() EntryGroupIamBindingConditionOutput { + return o +} + +func (o EntryGroupIamBindingConditionOutput) ToEntryGroupIamBindingConditionOutputWithContext(ctx context.Context) EntryGroupIamBindingConditionOutput { + return o +} + +func (o EntryGroupIamBindingConditionOutput) ToEntryGroupIamBindingConditionPtrOutput() EntryGroupIamBindingConditionPtrOutput { + return o.ToEntryGroupIamBindingConditionPtrOutputWithContext(context.Background()) +} + +func (o EntryGroupIamBindingConditionOutput) ToEntryGroupIamBindingConditionPtrOutputWithContext(ctx context.Context) EntryGroupIamBindingConditionPtrOutput { + return o.ApplyTWithContext(ctx, func(_ context.Context, v EntryGroupIamBindingCondition) *EntryGroupIamBindingCondition { + return &v + }).(EntryGroupIamBindingConditionPtrOutput) +} + +func (o EntryGroupIamBindingConditionOutput) Description() pulumi.StringPtrOutput { + return o.ApplyT(func(v EntryGroupIamBindingCondition) *string { return v.Description }).(pulumi.StringPtrOutput) +} + +func (o EntryGroupIamBindingConditionOutput) Expression() pulumi.StringOutput { + return o.ApplyT(func(v EntryGroupIamBindingCondition) string { return v.Expression }).(pulumi.StringOutput) +} + +func (o EntryGroupIamBindingConditionOutput) Title() pulumi.StringOutput { + return o.ApplyT(func(v EntryGroupIamBindingCondition) string { return v.Title }).(pulumi.StringOutput) +} + +type EntryGroupIamBindingConditionPtrOutput struct{ *pulumi.OutputState } + +func (EntryGroupIamBindingConditionPtrOutput) ElementType() reflect.Type { + return reflect.TypeOf((**EntryGroupIamBindingCondition)(nil)).Elem() +} + +func (o EntryGroupIamBindingConditionPtrOutput) ToEntryGroupIamBindingConditionPtrOutput() EntryGroupIamBindingConditionPtrOutput { + return o +} + +func (o EntryGroupIamBindingConditionPtrOutput) ToEntryGroupIamBindingConditionPtrOutputWithContext(ctx context.Context) EntryGroupIamBindingConditionPtrOutput { + return o +} + +func (o EntryGroupIamBindingConditionPtrOutput) Elem() EntryGroupIamBindingConditionOutput { + return o.ApplyT(func(v *EntryGroupIamBindingCondition) EntryGroupIamBindingCondition { + if v != nil { + return *v + } + var ret EntryGroupIamBindingCondition + return ret + }).(EntryGroupIamBindingConditionOutput) +} + +func (o EntryGroupIamBindingConditionPtrOutput) Description() pulumi.StringPtrOutput { + return o.ApplyT(func(v *EntryGroupIamBindingCondition) *string { + if v == nil { + return nil + } + return v.Description + }).(pulumi.StringPtrOutput) +} + +func (o EntryGroupIamBindingConditionPtrOutput) Expression() pulumi.StringPtrOutput { + return o.ApplyT(func(v *EntryGroupIamBindingCondition) *string { + if v == nil { + return nil + } + return &v.Expression + }).(pulumi.StringPtrOutput) +} + +func (o EntryGroupIamBindingConditionPtrOutput) Title() pulumi.StringPtrOutput { + return o.ApplyT(func(v *EntryGroupIamBindingCondition) *string { + if v == nil { + return nil + } + return &v.Title + }).(pulumi.StringPtrOutput) +} + +type EntryGroupIamMemberCondition struct { + Description *string `pulumi:"description"` + Expression string `pulumi:"expression"` + Title string `pulumi:"title"` +} + +// EntryGroupIamMemberConditionInput is an input type that accepts EntryGroupIamMemberConditionArgs and EntryGroupIamMemberConditionOutput values. +// You can construct a concrete instance of `EntryGroupIamMemberConditionInput` via: +// +// EntryGroupIamMemberConditionArgs{...} +type EntryGroupIamMemberConditionInput interface { + pulumi.Input + + ToEntryGroupIamMemberConditionOutput() EntryGroupIamMemberConditionOutput + ToEntryGroupIamMemberConditionOutputWithContext(context.Context) EntryGroupIamMemberConditionOutput +} + +type EntryGroupIamMemberConditionArgs struct { + Description pulumi.StringPtrInput `pulumi:"description"` + Expression pulumi.StringInput `pulumi:"expression"` + Title pulumi.StringInput `pulumi:"title"` +} + +func (EntryGroupIamMemberConditionArgs) ElementType() reflect.Type { + return reflect.TypeOf((*EntryGroupIamMemberCondition)(nil)).Elem() +} + +func (i EntryGroupIamMemberConditionArgs) ToEntryGroupIamMemberConditionOutput() EntryGroupIamMemberConditionOutput { + return i.ToEntryGroupIamMemberConditionOutputWithContext(context.Background()) +} + +func (i EntryGroupIamMemberConditionArgs) ToEntryGroupIamMemberConditionOutputWithContext(ctx context.Context) EntryGroupIamMemberConditionOutput { + return pulumi.ToOutputWithContext(ctx, i).(EntryGroupIamMemberConditionOutput) +} + +func (i EntryGroupIamMemberConditionArgs) ToEntryGroupIamMemberConditionPtrOutput() EntryGroupIamMemberConditionPtrOutput { + return i.ToEntryGroupIamMemberConditionPtrOutputWithContext(context.Background()) +} + +func (i EntryGroupIamMemberConditionArgs) ToEntryGroupIamMemberConditionPtrOutputWithContext(ctx context.Context) EntryGroupIamMemberConditionPtrOutput { + return pulumi.ToOutputWithContext(ctx, i).(EntryGroupIamMemberConditionOutput).ToEntryGroupIamMemberConditionPtrOutputWithContext(ctx) +} + +// EntryGroupIamMemberConditionPtrInput is an input type that accepts EntryGroupIamMemberConditionArgs, EntryGroupIamMemberConditionPtr and EntryGroupIamMemberConditionPtrOutput values. +// You can construct a concrete instance of `EntryGroupIamMemberConditionPtrInput` via: +// +// EntryGroupIamMemberConditionArgs{...} +// +// or: +// +// nil +type EntryGroupIamMemberConditionPtrInput interface { + pulumi.Input + + ToEntryGroupIamMemberConditionPtrOutput() EntryGroupIamMemberConditionPtrOutput + ToEntryGroupIamMemberConditionPtrOutputWithContext(context.Context) EntryGroupIamMemberConditionPtrOutput +} + +type entryGroupIamMemberConditionPtrType EntryGroupIamMemberConditionArgs + +func EntryGroupIamMemberConditionPtr(v *EntryGroupIamMemberConditionArgs) EntryGroupIamMemberConditionPtrInput { + return (*entryGroupIamMemberConditionPtrType)(v) +} + +func (*entryGroupIamMemberConditionPtrType) ElementType() reflect.Type { + return reflect.TypeOf((**EntryGroupIamMemberCondition)(nil)).Elem() +} + +func (i *entryGroupIamMemberConditionPtrType) ToEntryGroupIamMemberConditionPtrOutput() EntryGroupIamMemberConditionPtrOutput { + return i.ToEntryGroupIamMemberConditionPtrOutputWithContext(context.Background()) +} + +func (i *entryGroupIamMemberConditionPtrType) ToEntryGroupIamMemberConditionPtrOutputWithContext(ctx context.Context) EntryGroupIamMemberConditionPtrOutput { + return pulumi.ToOutputWithContext(ctx, i).(EntryGroupIamMemberConditionPtrOutput) +} + +type EntryGroupIamMemberConditionOutput struct{ *pulumi.OutputState } + +func (EntryGroupIamMemberConditionOutput) ElementType() reflect.Type { + return reflect.TypeOf((*EntryGroupIamMemberCondition)(nil)).Elem() +} + +func (o EntryGroupIamMemberConditionOutput) ToEntryGroupIamMemberConditionOutput() EntryGroupIamMemberConditionOutput { + return o +} + +func (o EntryGroupIamMemberConditionOutput) ToEntryGroupIamMemberConditionOutputWithContext(ctx context.Context) EntryGroupIamMemberConditionOutput { + return o +} + +func (o EntryGroupIamMemberConditionOutput) ToEntryGroupIamMemberConditionPtrOutput() EntryGroupIamMemberConditionPtrOutput { + return o.ToEntryGroupIamMemberConditionPtrOutputWithContext(context.Background()) +} + +func (o EntryGroupIamMemberConditionOutput) ToEntryGroupIamMemberConditionPtrOutputWithContext(ctx context.Context) EntryGroupIamMemberConditionPtrOutput { + return o.ApplyTWithContext(ctx, func(_ context.Context, v EntryGroupIamMemberCondition) *EntryGroupIamMemberCondition { + return &v + }).(EntryGroupIamMemberConditionPtrOutput) +} + +func (o EntryGroupIamMemberConditionOutput) Description() pulumi.StringPtrOutput { + return o.ApplyT(func(v EntryGroupIamMemberCondition) *string { return v.Description }).(pulumi.StringPtrOutput) +} + +func (o EntryGroupIamMemberConditionOutput) Expression() pulumi.StringOutput { + return o.ApplyT(func(v EntryGroupIamMemberCondition) string { return v.Expression }).(pulumi.StringOutput) +} + +func (o EntryGroupIamMemberConditionOutput) Title() pulumi.StringOutput { + return o.ApplyT(func(v EntryGroupIamMemberCondition) string { return v.Title }).(pulumi.StringOutput) +} + +type EntryGroupIamMemberConditionPtrOutput struct{ *pulumi.OutputState } + +func (EntryGroupIamMemberConditionPtrOutput) ElementType() reflect.Type { + return reflect.TypeOf((**EntryGroupIamMemberCondition)(nil)).Elem() +} + +func (o EntryGroupIamMemberConditionPtrOutput) ToEntryGroupIamMemberConditionPtrOutput() EntryGroupIamMemberConditionPtrOutput { + return o +} + +func (o EntryGroupIamMemberConditionPtrOutput) ToEntryGroupIamMemberConditionPtrOutputWithContext(ctx context.Context) EntryGroupIamMemberConditionPtrOutput { + return o +} + +func (o EntryGroupIamMemberConditionPtrOutput) Elem() EntryGroupIamMemberConditionOutput { + return o.ApplyT(func(v *EntryGroupIamMemberCondition) EntryGroupIamMemberCondition { + if v != nil { + return *v + } + var ret EntryGroupIamMemberCondition + return ret + }).(EntryGroupIamMemberConditionOutput) +} + +func (o EntryGroupIamMemberConditionPtrOutput) Description() pulumi.StringPtrOutput { + return o.ApplyT(func(v *EntryGroupIamMemberCondition) *string { + if v == nil { + return nil + } + return v.Description + }).(pulumi.StringPtrOutput) +} + +func (o EntryGroupIamMemberConditionPtrOutput) Expression() pulumi.StringPtrOutput { + return o.ApplyT(func(v *EntryGroupIamMemberCondition) *string { + if v == nil { + return nil + } + return &v.Expression + }).(pulumi.StringPtrOutput) +} + +func (o EntryGroupIamMemberConditionPtrOutput) Title() pulumi.StringPtrOutput { + return o.ApplyT(func(v *EntryGroupIamMemberCondition) *string { + if v == nil { + return nil + } + return &v.Title + }).(pulumi.StringPtrOutput) +} + type LakeAssetStatus struct { // Number of active assets. ActiveAssets *int `pulumi:"activeAssets"` @@ -10422,6 +11074,10 @@ func (o ZoneResourceSpecPtrOutput) LocationType() pulumi.StringPtrOutput { } func init() { + pulumi.RegisterInputType(reflect.TypeOf((*AspectTypeIamBindingConditionInput)(nil)).Elem(), AspectTypeIamBindingConditionArgs{}) + pulumi.RegisterInputType(reflect.TypeOf((*AspectTypeIamBindingConditionPtrInput)(nil)).Elem(), AspectTypeIamBindingConditionArgs{}) + pulumi.RegisterInputType(reflect.TypeOf((*AspectTypeIamMemberConditionInput)(nil)).Elem(), AspectTypeIamMemberConditionArgs{}) + pulumi.RegisterInputType(reflect.TypeOf((*AspectTypeIamMemberConditionPtrInput)(nil)).Elem(), AspectTypeIamMemberConditionArgs{}) pulumi.RegisterInputType(reflect.TypeOf((*AssetDiscoverySpecInput)(nil)).Elem(), AssetDiscoverySpecArgs{}) pulumi.RegisterInputType(reflect.TypeOf((*AssetDiscoverySpecPtrInput)(nil)).Elem(), AssetDiscoverySpecArgs{}) pulumi.RegisterInputType(reflect.TypeOf((*AssetDiscoverySpecCsvOptionsInput)(nil)).Elem(), AssetDiscoverySpecCsvOptionsArgs{}) @@ -10492,6 +11148,10 @@ func init() { pulumi.RegisterInputType(reflect.TypeOf((*DatascanIamBindingConditionPtrInput)(nil)).Elem(), DatascanIamBindingConditionArgs{}) pulumi.RegisterInputType(reflect.TypeOf((*DatascanIamMemberConditionInput)(nil)).Elem(), DatascanIamMemberConditionArgs{}) pulumi.RegisterInputType(reflect.TypeOf((*DatascanIamMemberConditionPtrInput)(nil)).Elem(), DatascanIamMemberConditionArgs{}) + pulumi.RegisterInputType(reflect.TypeOf((*EntryGroupIamBindingConditionInput)(nil)).Elem(), EntryGroupIamBindingConditionArgs{}) + pulumi.RegisterInputType(reflect.TypeOf((*EntryGroupIamBindingConditionPtrInput)(nil)).Elem(), EntryGroupIamBindingConditionArgs{}) + pulumi.RegisterInputType(reflect.TypeOf((*EntryGroupIamMemberConditionInput)(nil)).Elem(), EntryGroupIamMemberConditionArgs{}) + pulumi.RegisterInputType(reflect.TypeOf((*EntryGroupIamMemberConditionPtrInput)(nil)).Elem(), EntryGroupIamMemberConditionArgs{}) pulumi.RegisterInputType(reflect.TypeOf((*LakeAssetStatusInput)(nil)).Elem(), LakeAssetStatusArgs{}) pulumi.RegisterInputType(reflect.TypeOf((*LakeAssetStatusArrayInput)(nil)).Elem(), LakeAssetStatusArray{}) pulumi.RegisterInputType(reflect.TypeOf((*LakeIamBindingConditionInput)(nil)).Elem(), LakeIamBindingConditionArgs{}) @@ -10548,6 +11208,10 @@ func init() { pulumi.RegisterInputType(reflect.TypeOf((*ZoneIamMemberConditionPtrInput)(nil)).Elem(), ZoneIamMemberConditionArgs{}) pulumi.RegisterInputType(reflect.TypeOf((*ZoneResourceSpecInput)(nil)).Elem(), ZoneResourceSpecArgs{}) pulumi.RegisterInputType(reflect.TypeOf((*ZoneResourceSpecPtrInput)(nil)).Elem(), ZoneResourceSpecArgs{}) + pulumi.RegisterOutputType(AspectTypeIamBindingConditionOutput{}) + pulumi.RegisterOutputType(AspectTypeIamBindingConditionPtrOutput{}) + pulumi.RegisterOutputType(AspectTypeIamMemberConditionOutput{}) + pulumi.RegisterOutputType(AspectTypeIamMemberConditionPtrOutput{}) pulumi.RegisterOutputType(AssetDiscoverySpecOutput{}) pulumi.RegisterOutputType(AssetDiscoverySpecPtrOutput{}) pulumi.RegisterOutputType(AssetDiscoverySpecCsvOptionsOutput{}) @@ -10618,6 +11282,10 @@ func init() { pulumi.RegisterOutputType(DatascanIamBindingConditionPtrOutput{}) pulumi.RegisterOutputType(DatascanIamMemberConditionOutput{}) pulumi.RegisterOutputType(DatascanIamMemberConditionPtrOutput{}) + pulumi.RegisterOutputType(EntryGroupIamBindingConditionOutput{}) + pulumi.RegisterOutputType(EntryGroupIamBindingConditionPtrOutput{}) + pulumi.RegisterOutputType(EntryGroupIamMemberConditionOutput{}) + pulumi.RegisterOutputType(EntryGroupIamMemberConditionPtrOutput{}) pulumi.RegisterOutputType(LakeAssetStatusOutput{}) pulumi.RegisterOutputType(LakeAssetStatusArrayOutput{}) pulumi.RegisterOutputType(LakeIamBindingConditionOutput{}) diff --git a/sdk/go/gcp/datastream/connectionProfile.go b/sdk/go/gcp/datastream/connectionProfile.go index bb72d6c9b5..f06dbbc808 100644 --- a/sdk/go/gcp/datastream/connectionProfile.go +++ b/sdk/go/gcp/datastream/connectionProfile.go @@ -407,6 +407,8 @@ type ConnectionProfile struct { BigqueryProfile ConnectionProfileBigqueryProfilePtrOutput `pulumi:"bigqueryProfile"` // The connection profile identifier. ConnectionProfileId pulumi.StringOutput `pulumi:"connectionProfileId"` + // Create the connection profile without validating it. + CreateWithoutValidation pulumi.BoolPtrOutput `pulumi:"createWithoutValidation"` // Display name. DisplayName pulumi.StringOutput `pulumi:"displayName"` // All of labels (key/value pairs) present on the resource in GCP, including the labels configured through Pulumi, other clients and services. @@ -498,6 +500,8 @@ type connectionProfileState struct { BigqueryProfile *ConnectionProfileBigqueryProfile `pulumi:"bigqueryProfile"` // The connection profile identifier. ConnectionProfileId *string `pulumi:"connectionProfileId"` + // Create the connection profile without validating it. + CreateWithoutValidation *bool `pulumi:"createWithoutValidation"` // Display name. DisplayName *string `pulumi:"displayName"` // All of labels (key/value pairs) present on the resource in GCP, including the labels configured through Pulumi, other clients and services. @@ -546,6 +550,8 @@ type ConnectionProfileState struct { BigqueryProfile ConnectionProfileBigqueryProfilePtrInput // The connection profile identifier. ConnectionProfileId pulumi.StringPtrInput + // Create the connection profile without validating it. + CreateWithoutValidation pulumi.BoolPtrInput // Display name. DisplayName pulumi.StringPtrInput // All of labels (key/value pairs) present on the resource in GCP, including the labels configured through Pulumi, other clients and services. @@ -598,6 +604,8 @@ type connectionProfileArgs struct { BigqueryProfile *ConnectionProfileBigqueryProfile `pulumi:"bigqueryProfile"` // The connection profile identifier. ConnectionProfileId string `pulumi:"connectionProfileId"` + // Create the connection profile without validating it. + CreateWithoutValidation *bool `pulumi:"createWithoutValidation"` // Display name. DisplayName string `pulumi:"displayName"` // Forward SSH tunnel connectivity. @@ -640,6 +648,8 @@ type ConnectionProfileArgs struct { BigqueryProfile ConnectionProfileBigqueryProfilePtrInput // The connection profile identifier. ConnectionProfileId pulumi.StringInput + // Create the connection profile without validating it. + CreateWithoutValidation pulumi.BoolPtrInput // Display name. DisplayName pulumi.StringInput // Forward SSH tunnel connectivity. @@ -773,6 +783,11 @@ func (o ConnectionProfileOutput) ConnectionProfileId() pulumi.StringOutput { return o.ApplyT(func(v *ConnectionProfile) pulumi.StringOutput { return v.ConnectionProfileId }).(pulumi.StringOutput) } +// Create the connection profile without validating it. +func (o ConnectionProfileOutput) CreateWithoutValidation() pulumi.BoolPtrOutput { + return o.ApplyT(func(v *ConnectionProfile) pulumi.BoolPtrOutput { return v.CreateWithoutValidation }).(pulumi.BoolPtrOutput) +} + // Display name. func (o ConnectionProfileOutput) DisplayName() pulumi.StringOutput { return o.ApplyT(func(v *ConnectionProfile) pulumi.StringOutput { return v.DisplayName }).(pulumi.StringOutput) diff --git a/sdk/go/gcp/datastream/privateConnection.go b/sdk/go/gcp/datastream/privateConnection.go index 8995e64d63..98ca7c4f46 100644 --- a/sdk/go/gcp/datastream/privateConnection.go +++ b/sdk/go/gcp/datastream/privateConnection.go @@ -90,6 +90,8 @@ import ( type PrivateConnection struct { pulumi.CustomResourceState + // If set to true, will skip validations. + CreateWithoutValidation pulumi.BoolPtrOutput `pulumi:"createWithoutValidation"` // Display name. DisplayName pulumi.StringOutput `pulumi:"displayName"` // All of labels (key/value pairs) present on the resource in GCP, including the labels configured through Pulumi, other clients and services. @@ -165,6 +167,8 @@ func GetPrivateConnection(ctx *pulumi.Context, // Input properties used for looking up and filtering PrivateConnection resources. type privateConnectionState struct { + // If set to true, will skip validations. + CreateWithoutValidation *bool `pulumi:"createWithoutValidation"` // Display name. DisplayName *string `pulumi:"displayName"` // All of labels (key/value pairs) present on the resource in GCP, including the labels configured through Pulumi, other clients and services. @@ -194,6 +198,8 @@ type privateConnectionState struct { } type PrivateConnectionState struct { + // If set to true, will skip validations. + CreateWithoutValidation pulumi.BoolPtrInput // Display name. DisplayName pulumi.StringPtrInput // All of labels (key/value pairs) present on the resource in GCP, including the labels configured through Pulumi, other clients and services. @@ -227,6 +233,8 @@ func (PrivateConnectionState) ElementType() reflect.Type { } type privateConnectionArgs struct { + // If set to true, will skip validations. + CreateWithoutValidation *bool `pulumi:"createWithoutValidation"` // Display name. DisplayName string `pulumi:"displayName"` // Labels. **Note**: This field is non-authoritative, and will only manage the labels present in your configuration. Please @@ -245,6 +253,8 @@ type privateConnectionArgs struct { // The set of arguments for constructing a PrivateConnection resource. type PrivateConnectionArgs struct { + // If set to true, will skip validations. + CreateWithoutValidation pulumi.BoolPtrInput // Display name. DisplayName pulumi.StringInput // Labels. **Note**: This field is non-authoritative, and will only manage the labels present in your configuration. Please @@ -348,6 +358,11 @@ func (o PrivateConnectionOutput) ToPrivateConnectionOutputWithContext(ctx contex return o } +// If set to true, will skip validations. +func (o PrivateConnectionOutput) CreateWithoutValidation() pulumi.BoolPtrOutput { + return o.ApplyT(func(v *PrivateConnection) pulumi.BoolPtrOutput { return v.CreateWithoutValidation }).(pulumi.BoolPtrOutput) +} + // Display name. func (o PrivateConnectionOutput) DisplayName() pulumi.StringOutput { return o.ApplyT(func(v *PrivateConnection) pulumi.StringOutput { return v.DisplayName }).(pulumi.StringOutput) diff --git a/sdk/go/gcp/datastream/stream.go b/sdk/go/gcp/datastream/stream.go index dd1736ade2..356dac6928 100644 --- a/sdk/go/gcp/datastream/stream.go +++ b/sdk/go/gcp/datastream/stream.go @@ -969,6 +969,8 @@ type Stream struct { BackfillAll StreamBackfillAllPtrOutput `pulumi:"backfillAll"` // Backfill strategy to disable automatic backfill for the Stream's objects. BackfillNone StreamBackfillNonePtrOutput `pulumi:"backfillNone"` + // Create the stream without validating it. + CreateWithoutValidation pulumi.BoolPtrOutput `pulumi:"createWithoutValidation"` // A reference to a KMS encryption key. If provided, it will be used to encrypt the data. If left blank, data will be // encrypted using an internal Stream-specific encryption key provisioned through KMS. CustomerManagedEncryptionKey pulumi.StringPtrOutput `pulumi:"customerManagedEncryptionKey"` @@ -1055,6 +1057,8 @@ type streamState struct { BackfillAll *StreamBackfillAll `pulumi:"backfillAll"` // Backfill strategy to disable automatic backfill for the Stream's objects. BackfillNone *StreamBackfillNone `pulumi:"backfillNone"` + // Create the stream without validating it. + CreateWithoutValidation *bool `pulumi:"createWithoutValidation"` // A reference to a KMS encryption key. If provided, it will be used to encrypt the data. If left blank, data will be // encrypted using an internal Stream-specific encryption key provisioned through KMS. CustomerManagedEncryptionKey *string `pulumi:"customerManagedEncryptionKey"` @@ -1092,6 +1096,8 @@ type StreamState struct { BackfillAll StreamBackfillAllPtrInput // Backfill strategy to disable automatic backfill for the Stream's objects. BackfillNone StreamBackfillNonePtrInput + // Create the stream without validating it. + CreateWithoutValidation pulumi.BoolPtrInput // A reference to a KMS encryption key. If provided, it will be used to encrypt the data. If left blank, data will be // encrypted using an internal Stream-specific encryption key provisioned through KMS. CustomerManagedEncryptionKey pulumi.StringPtrInput @@ -1133,6 +1139,8 @@ type streamArgs struct { BackfillAll *StreamBackfillAll `pulumi:"backfillAll"` // Backfill strategy to disable automatic backfill for the Stream's objects. BackfillNone *StreamBackfillNone `pulumi:"backfillNone"` + // Create the stream without validating it. + CreateWithoutValidation *bool `pulumi:"createWithoutValidation"` // A reference to a KMS encryption key. If provided, it will be used to encrypt the data. If left blank, data will be // encrypted using an internal Stream-specific encryption key provisioned through KMS. CustomerManagedEncryptionKey *string `pulumi:"customerManagedEncryptionKey"` @@ -1162,6 +1170,8 @@ type StreamArgs struct { BackfillAll StreamBackfillAllPtrInput // Backfill strategy to disable automatic backfill for the Stream's objects. BackfillNone StreamBackfillNonePtrInput + // Create the stream without validating it. + CreateWithoutValidation pulumi.BoolPtrInput // A reference to a KMS encryption key. If provided, it will be used to encrypt the data. If left blank, data will be // encrypted using an internal Stream-specific encryption key provisioned through KMS. CustomerManagedEncryptionKey pulumi.StringPtrInput @@ -1282,6 +1292,11 @@ func (o StreamOutput) BackfillNone() StreamBackfillNonePtrOutput { return o.ApplyT(func(v *Stream) StreamBackfillNonePtrOutput { return v.BackfillNone }).(StreamBackfillNonePtrOutput) } +// Create the stream without validating it. +func (o StreamOutput) CreateWithoutValidation() pulumi.BoolPtrOutput { + return o.ApplyT(func(v *Stream) pulumi.BoolPtrOutput { return v.CreateWithoutValidation }).(pulumi.BoolPtrOutput) +} + // A reference to a KMS encryption key. If provided, it will be used to encrypt the data. If left blank, data will be // encrypted using an internal Stream-specific encryption key provisioned through KMS. func (o StreamOutput) CustomerManagedEncryptionKey() pulumi.StringPtrOutput { diff --git a/sdk/go/gcp/kms/autokeyConfig.go b/sdk/go/gcp/kms/autokeyConfig.go new file mode 100644 index 0000000000..d08f21fc7b --- /dev/null +++ b/sdk/go/gcp/kms/autokeyConfig.go @@ -0,0 +1,394 @@ +// Code generated by the Pulumi Terraform Bridge (tfgen) Tool DO NOT EDIT. +// *** WARNING: Do not edit by hand unless you're certain you know what you are doing! *** + +package kms + +import ( + "context" + "reflect" + + "errors" + "github.com/pulumi/pulumi-gcp/sdk/v7/go/gcp/internal" + "github.com/pulumi/pulumi/sdk/v3/go/pulumi" +) + +// ## Example Usage +// +// ### Kms Autokey Config All +// +// ```go +// package main +// +// import ( +// +// "fmt" +// +// "github.com/pulumi/pulumi-gcp/sdk/v7/go/gcp/kms" +// "github.com/pulumi/pulumi-gcp/sdk/v7/go/gcp/organizations" +// "github.com/pulumi/pulumi-gcp/sdk/v7/go/gcp/projects" +// "github.com/pulumi/pulumi-time/sdk/go/time" +// "github.com/pulumi/pulumi/sdk/v3/go/pulumi" +// +// ) +// +// func main() { +// pulumi.Run(func(ctx *pulumi.Context) error { +// // Create Folder in GCP Organization +// autokmsFolder, err := organizations.NewFolder(ctx, "autokms_folder", &organizations.FolderArgs{ +// DisplayName: pulumi.String("my-folder"), +// Parent: pulumi.String("organizations/123456789"), +// }) +// if err != nil { +// return err +// } +// // Create the key project +// keyProject, err := organizations.NewProject(ctx, "key_project", &organizations.ProjectArgs{ +// ProjectId: pulumi.String("key-proj"), +// Name: pulumi.String("key-proj"), +// FolderId: autokmsFolder.FolderId, +// BillingAccount: pulumi.String("000000-0000000-0000000-000000"), +// }, pulumi.DependsOn([]pulumi.Resource{ +// autokmsFolder, +// })) +// if err != nil { +// return err +// } +// // Enable the Cloud KMS API +// kmsApiService, err := projects.NewService(ctx, "kms_api_service", &projects.ServiceArgs{ +// Service: pulumi.String("cloudkms.googleapis.com"), +// Project: keyProject.ProjectId, +// DisableOnDestroy: pulumi.Bool(false), +// DisableDependentServices: pulumi.Bool(true), +// }, pulumi.DependsOn([]pulumi.Resource{ +// keyProject, +// })) +// if err != nil { +// return err +// } +// // Wait delay after enabling APIs +// waitEnableServiceApi, err := time.NewSleep(ctx, "wait_enable_service_api", &time.SleepArgs{ +// CreateDuration: "30s", +// }, pulumi.DependsOn([]pulumi.Resource{ +// kmsApiService, +// })) +// if err != nil { +// return err +// } +// // Create KMS Service Agent +// kmsServiceAgent, err := projects.NewServiceIdentity(ctx, "kms_service_agent", &projects.ServiceIdentityArgs{ +// Service: pulumi.String("cloudkms.googleapis.com"), +// Project: keyProject.Number, +// }, pulumi.DependsOn([]pulumi.Resource{ +// waitEnableServiceApi, +// })) +// if err != nil { +// return err +// } +// // Wait delay after creating service agent. +// waitServiceAgent, err := time.NewSleep(ctx, "wait_service_agent", &time.SleepArgs{ +// CreateDuration: "10s", +// }, pulumi.DependsOn([]pulumi.Resource{ +// kmsServiceAgent, +// })) +// if err != nil { +// return err +// } +// // Grant the KMS Service Agent the Cloud KMS Admin role +// autokeyProjectAdmin, err := projects.NewIAMMember(ctx, "autokey_project_admin", &projects.IAMMemberArgs{ +// Project: keyProject.ProjectId, +// Role: pulumi.String("roles/cloudkms.admin"), +// Member: keyProject.Number.ApplyT(func(number string) (string, error) { +// return fmt.Sprintf("serviceAccount:service-%v@gcp-sa-cloudkms.iam.gserviceaccount.com", number), nil +// }).(pulumi.StringOutput), +// }, pulumi.DependsOn([]pulumi.Resource{ +// waitServiceAgent, +// })) +// if err != nil { +// return err +// } +// // Wait delay after granting IAM permissions +// waitSrvAccPermissions, err := time.NewSleep(ctx, "wait_srv_acc_permissions", &time.SleepArgs{ +// CreateDuration: "10s", +// }, pulumi.DependsOn([]pulumi.Resource{ +// autokeyProjectAdmin, +// })) +// if err != nil { +// return err +// } +// _, err = kms.NewAutokeyConfig(ctx, "example-autokeyconfig", &kms.AutokeyConfigArgs{ +// Folder: autokmsFolder.FolderId, +// KeyProject: keyProject.ProjectId.ApplyT(func(projectId string) (string, error) { +// return fmt.Sprintf("projects/%v", projectId), nil +// }).(pulumi.StringOutput), +// }, pulumi.DependsOn([]pulumi.Resource{ +// waitSrvAccPermissions, +// })) +// if err != nil { +// return err +// } +// return nil +// }) +// } +// +// ``` +// +// ## Import +// +// AutokeyConfig can be imported using any of these accepted formats: +// +// * `folders/{{folder}}/autokeyConfig` +// +// * `{{folder}}` +// +// When using the `pulumi import` command, AutokeyConfig can be imported using one of the formats above. For example: +// +// ```sh +// $ pulumi import gcp:kms/autokeyConfig:AutokeyConfig default folders/{{folder}}/autokeyConfig +// ``` +// +// ```sh +// $ pulumi import gcp:kms/autokeyConfig:AutokeyConfig default {{folder}} +// ``` +type AutokeyConfig struct { + pulumi.CustomResourceState + + // The folder for which to retrieve config. + // + // *** + Folder pulumi.StringOutput `pulumi:"folder"` + // The target key project for a given folder where KMS Autokey will provision a + // CryptoKey for any new KeyHandle the Developer creates. Should have the form + // `projects/`. + KeyProject pulumi.StringPtrOutput `pulumi:"keyProject"` +} + +// NewAutokeyConfig registers a new resource with the given unique name, arguments, and options. +func NewAutokeyConfig(ctx *pulumi.Context, + name string, args *AutokeyConfigArgs, opts ...pulumi.ResourceOption) (*AutokeyConfig, error) { + if args == nil { + return nil, errors.New("missing one or more required arguments") + } + + if args.Folder == nil { + return nil, errors.New("invalid value for required argument 'Folder'") + } + opts = internal.PkgResourceDefaultOpts(opts) + var resource AutokeyConfig + err := ctx.RegisterResource("gcp:kms/autokeyConfig:AutokeyConfig", name, args, &resource, opts...) + if err != nil { + return nil, err + } + return &resource, nil +} + +// GetAutokeyConfig gets an existing AutokeyConfig resource's state with the given name, ID, and optional +// state properties that are used to uniquely qualify the lookup (nil if not required). +func GetAutokeyConfig(ctx *pulumi.Context, + name string, id pulumi.IDInput, state *AutokeyConfigState, opts ...pulumi.ResourceOption) (*AutokeyConfig, error) { + var resource AutokeyConfig + err := ctx.ReadResource("gcp:kms/autokeyConfig:AutokeyConfig", name, id, state, &resource, opts...) + if err != nil { + return nil, err + } + return &resource, nil +} + +// Input properties used for looking up and filtering AutokeyConfig resources. +type autokeyConfigState struct { + // The folder for which to retrieve config. + // + // *** + Folder *string `pulumi:"folder"` + // The target key project for a given folder where KMS Autokey will provision a + // CryptoKey for any new KeyHandle the Developer creates. Should have the form + // `projects/`. + KeyProject *string `pulumi:"keyProject"` +} + +type AutokeyConfigState struct { + // The folder for which to retrieve config. + // + // *** + Folder pulumi.StringPtrInput + // The target key project for a given folder where KMS Autokey will provision a + // CryptoKey for any new KeyHandle the Developer creates. Should have the form + // `projects/`. + KeyProject pulumi.StringPtrInput +} + +func (AutokeyConfigState) ElementType() reflect.Type { + return reflect.TypeOf((*autokeyConfigState)(nil)).Elem() +} + +type autokeyConfigArgs struct { + // The folder for which to retrieve config. + // + // *** + Folder string `pulumi:"folder"` + // The target key project for a given folder where KMS Autokey will provision a + // CryptoKey for any new KeyHandle the Developer creates. Should have the form + // `projects/`. + KeyProject *string `pulumi:"keyProject"` +} + +// The set of arguments for constructing a AutokeyConfig resource. +type AutokeyConfigArgs struct { + // The folder for which to retrieve config. + // + // *** + Folder pulumi.StringInput + // The target key project for a given folder where KMS Autokey will provision a + // CryptoKey for any new KeyHandle the Developer creates. Should have the form + // `projects/`. + KeyProject pulumi.StringPtrInput +} + +func (AutokeyConfigArgs) ElementType() reflect.Type { + return reflect.TypeOf((*autokeyConfigArgs)(nil)).Elem() +} + +type AutokeyConfigInput interface { + pulumi.Input + + ToAutokeyConfigOutput() AutokeyConfigOutput + ToAutokeyConfigOutputWithContext(ctx context.Context) AutokeyConfigOutput +} + +func (*AutokeyConfig) ElementType() reflect.Type { + return reflect.TypeOf((**AutokeyConfig)(nil)).Elem() +} + +func (i *AutokeyConfig) ToAutokeyConfigOutput() AutokeyConfigOutput { + return i.ToAutokeyConfigOutputWithContext(context.Background()) +} + +func (i *AutokeyConfig) ToAutokeyConfigOutputWithContext(ctx context.Context) AutokeyConfigOutput { + return pulumi.ToOutputWithContext(ctx, i).(AutokeyConfigOutput) +} + +// AutokeyConfigArrayInput is an input type that accepts AutokeyConfigArray and AutokeyConfigArrayOutput values. +// You can construct a concrete instance of `AutokeyConfigArrayInput` via: +// +// AutokeyConfigArray{ AutokeyConfigArgs{...} } +type AutokeyConfigArrayInput interface { + pulumi.Input + + ToAutokeyConfigArrayOutput() AutokeyConfigArrayOutput + ToAutokeyConfigArrayOutputWithContext(context.Context) AutokeyConfigArrayOutput +} + +type AutokeyConfigArray []AutokeyConfigInput + +func (AutokeyConfigArray) ElementType() reflect.Type { + return reflect.TypeOf((*[]*AutokeyConfig)(nil)).Elem() +} + +func (i AutokeyConfigArray) ToAutokeyConfigArrayOutput() AutokeyConfigArrayOutput { + return i.ToAutokeyConfigArrayOutputWithContext(context.Background()) +} + +func (i AutokeyConfigArray) ToAutokeyConfigArrayOutputWithContext(ctx context.Context) AutokeyConfigArrayOutput { + return pulumi.ToOutputWithContext(ctx, i).(AutokeyConfigArrayOutput) +} + +// AutokeyConfigMapInput is an input type that accepts AutokeyConfigMap and AutokeyConfigMapOutput values. +// You can construct a concrete instance of `AutokeyConfigMapInput` via: +// +// AutokeyConfigMap{ "key": AutokeyConfigArgs{...} } +type AutokeyConfigMapInput interface { + pulumi.Input + + ToAutokeyConfigMapOutput() AutokeyConfigMapOutput + ToAutokeyConfigMapOutputWithContext(context.Context) AutokeyConfigMapOutput +} + +type AutokeyConfigMap map[string]AutokeyConfigInput + +func (AutokeyConfigMap) ElementType() reflect.Type { + return reflect.TypeOf((*map[string]*AutokeyConfig)(nil)).Elem() +} + +func (i AutokeyConfigMap) ToAutokeyConfigMapOutput() AutokeyConfigMapOutput { + return i.ToAutokeyConfigMapOutputWithContext(context.Background()) +} + +func (i AutokeyConfigMap) ToAutokeyConfigMapOutputWithContext(ctx context.Context) AutokeyConfigMapOutput { + return pulumi.ToOutputWithContext(ctx, i).(AutokeyConfigMapOutput) +} + +type AutokeyConfigOutput struct{ *pulumi.OutputState } + +func (AutokeyConfigOutput) ElementType() reflect.Type { + return reflect.TypeOf((**AutokeyConfig)(nil)).Elem() +} + +func (o AutokeyConfigOutput) ToAutokeyConfigOutput() AutokeyConfigOutput { + return o +} + +func (o AutokeyConfigOutput) ToAutokeyConfigOutputWithContext(ctx context.Context) AutokeyConfigOutput { + return o +} + +// The folder for which to retrieve config. +// +// *** +func (o AutokeyConfigOutput) Folder() pulumi.StringOutput { + return o.ApplyT(func(v *AutokeyConfig) pulumi.StringOutput { return v.Folder }).(pulumi.StringOutput) +} + +// The target key project for a given folder where KMS Autokey will provision a +// CryptoKey for any new KeyHandle the Developer creates. Should have the form +// `projects/`. +func (o AutokeyConfigOutput) KeyProject() pulumi.StringPtrOutput { + return o.ApplyT(func(v *AutokeyConfig) pulumi.StringPtrOutput { return v.KeyProject }).(pulumi.StringPtrOutput) +} + +type AutokeyConfigArrayOutput struct{ *pulumi.OutputState } + +func (AutokeyConfigArrayOutput) ElementType() reflect.Type { + return reflect.TypeOf((*[]*AutokeyConfig)(nil)).Elem() +} + +func (o AutokeyConfigArrayOutput) ToAutokeyConfigArrayOutput() AutokeyConfigArrayOutput { + return o +} + +func (o AutokeyConfigArrayOutput) ToAutokeyConfigArrayOutputWithContext(ctx context.Context) AutokeyConfigArrayOutput { + return o +} + +func (o AutokeyConfigArrayOutput) Index(i pulumi.IntInput) AutokeyConfigOutput { + return pulumi.All(o, i).ApplyT(func(vs []interface{}) *AutokeyConfig { + return vs[0].([]*AutokeyConfig)[vs[1].(int)] + }).(AutokeyConfigOutput) +} + +type AutokeyConfigMapOutput struct{ *pulumi.OutputState } + +func (AutokeyConfigMapOutput) ElementType() reflect.Type { + return reflect.TypeOf((*map[string]*AutokeyConfig)(nil)).Elem() +} + +func (o AutokeyConfigMapOutput) ToAutokeyConfigMapOutput() AutokeyConfigMapOutput { + return o +} + +func (o AutokeyConfigMapOutput) ToAutokeyConfigMapOutputWithContext(ctx context.Context) AutokeyConfigMapOutput { + return o +} + +func (o AutokeyConfigMapOutput) MapIndex(k pulumi.StringInput) AutokeyConfigOutput { + return pulumi.All(o, k).ApplyT(func(vs []interface{}) *AutokeyConfig { + return vs[0].(map[string]*AutokeyConfig)[vs[1].(string)] + }).(AutokeyConfigOutput) +} + +func init() { + pulumi.RegisterInputType(reflect.TypeOf((*AutokeyConfigInput)(nil)).Elem(), &AutokeyConfig{}) + pulumi.RegisterInputType(reflect.TypeOf((*AutokeyConfigArrayInput)(nil)).Elem(), AutokeyConfigArray{}) + pulumi.RegisterInputType(reflect.TypeOf((*AutokeyConfigMapInput)(nil)).Elem(), AutokeyConfigMap{}) + pulumi.RegisterOutputType(AutokeyConfigOutput{}) + pulumi.RegisterOutputType(AutokeyConfigArrayOutput{}) + pulumi.RegisterOutputType(AutokeyConfigMapOutput{}) +} diff --git a/sdk/go/gcp/kms/init.go b/sdk/go/gcp/kms/init.go index 6701671e59..26b41a7b9a 100644 --- a/sdk/go/gcp/kms/init.go +++ b/sdk/go/gcp/kms/init.go @@ -21,6 +21,8 @@ func (m *module) Version() semver.Version { func (m *module) Construct(ctx *pulumi.Context, name, typ, urn string) (r pulumi.Resource, err error) { switch typ { + case "gcp:kms/autokeyConfig:AutokeyConfig": + r = &AutokeyConfig{} case "gcp:kms/cryptoKey:CryptoKey": r = &CryptoKey{} case "gcp:kms/cryptoKeyIAMBinding:CryptoKeyIAMBinding": @@ -33,6 +35,8 @@ func (m *module) Construct(ctx *pulumi.Context, name, typ, urn string) (r pulumi r = &CryptoKeyVersion{} case "gcp:kms/ekmConnection:EkmConnection": r = &EkmConnection{} + case "gcp:kms/keyHandle:KeyHandle": + r = &KeyHandle{} case "gcp:kms/keyRing:KeyRing": r = &KeyRing{} case "gcp:kms/keyRingIAMBinding:KeyRingIAMBinding": @@ -58,6 +62,11 @@ func init() { if err != nil { version = semver.Version{Major: 1} } + pulumi.RegisterResourceModule( + "gcp", + "kms/autokeyConfig", + &module{version}, + ) pulumi.RegisterResourceModule( "gcp", "kms/cryptoKey", @@ -88,6 +97,11 @@ func init() { "kms/ekmConnection", &module{version}, ) + pulumi.RegisterResourceModule( + "gcp", + "kms/keyHandle", + &module{version}, + ) pulumi.RegisterResourceModule( "gcp", "kms/keyRing", diff --git a/sdk/go/gcp/kms/keyHandle.go b/sdk/go/gcp/kms/keyHandle.go new file mode 100644 index 0000000000..996b39925e --- /dev/null +++ b/sdk/go/gcp/kms/keyHandle.go @@ -0,0 +1,490 @@ +// Code generated by the Pulumi Terraform Bridge (tfgen) Tool DO NOT EDIT. +// *** WARNING: Do not edit by hand unless you're certain you know what you are doing! *** + +package kms + +import ( + "context" + "reflect" + + "errors" + "github.com/pulumi/pulumi-gcp/sdk/v7/go/gcp/internal" + "github.com/pulumi/pulumi/sdk/v3/go/pulumi" +) + +// ## Example Usage +// +// ### Kms Key Handle Basic +// +// ```go +// package main +// +// import ( +// +// "fmt" +// +// "github.com/pulumi/pulumi-gcp/sdk/v7/go/gcp/kms" +// "github.com/pulumi/pulumi-gcp/sdk/v7/go/gcp/organizations" +// "github.com/pulumi/pulumi-gcp/sdk/v7/go/gcp/projects" +// "github.com/pulumi/pulumi-time/sdk/go/time" +// "github.com/pulumi/pulumi/sdk/v3/go/pulumi" +// +// ) +// +// func main() { +// pulumi.Run(func(ctx *pulumi.Context) error { +// // Create Folder in GCP Organization +// autokmsFolder, err := organizations.NewFolder(ctx, "autokms_folder", &organizations.FolderArgs{ +// DisplayName: pulumi.String("folder-example"), +// Parent: pulumi.String("organizations/123456789"), +// }) +// if err != nil { +// return err +// } +// // Create the key project +// keyProject, err := organizations.NewProject(ctx, "key_project", &organizations.ProjectArgs{ +// ProjectId: pulumi.String("key-proj"), +// Name: pulumi.String("key-proj"), +// FolderId: autokmsFolder.FolderId, +// BillingAccount: pulumi.String("000000-0000000-0000000-000000"), +// }, pulumi.DependsOn([]pulumi.Resource{ +// autokmsFolder, +// })) +// if err != nil { +// return err +// } +// // Create the resource project +// resourceProject, err := organizations.NewProject(ctx, "resource_project", &organizations.ProjectArgs{ +// ProjectId: pulumi.String("resources"), +// Name: pulumi.String("resources"), +// FolderId: autokmsFolder.FolderId, +// BillingAccount: pulumi.String("000000-0000000-0000000-000000"), +// }, pulumi.DependsOn([]pulumi.Resource{ +// autokmsFolder, +// })) +// if err != nil { +// return err +// } +// // Enable the Cloud KMS API +// kmsApiService, err := projects.NewService(ctx, "kms_api_service", &projects.ServiceArgs{ +// Service: pulumi.String("cloudkms.googleapis.com"), +// Project: keyProject.ProjectId, +// DisableOnDestroy: pulumi.Bool(false), +// DisableDependentServices: pulumi.Bool(true), +// }, pulumi.DependsOn([]pulumi.Resource{ +// keyProject, +// })) +// if err != nil { +// return err +// } +// // Wait delay after enabling APIs +// waitEnableServiceApi, err := time.NewSleep(ctx, "wait_enable_service_api", &time.SleepArgs{ +// CreateDuration: "30s", +// }, pulumi.DependsOn([]pulumi.Resource{ +// kmsApiService, +// })) +// if err != nil { +// return err +// } +// // Create KMS Service Agent +// kmsServiceAgent, err := projects.NewServiceIdentity(ctx, "kms_service_agent", &projects.ServiceIdentityArgs{ +// Service: pulumi.String("cloudkms.googleapis.com"), +// Project: keyProject.Number, +// }, pulumi.DependsOn([]pulumi.Resource{ +// waitEnableServiceApi, +// })) +// if err != nil { +// return err +// } +// // Wait delay after creating service agent. +// waitServiceAgent, err := time.NewSleep(ctx, "wait_service_agent", &time.SleepArgs{ +// CreateDuration: "10s", +// }, pulumi.DependsOn([]pulumi.Resource{ +// kmsServiceAgent, +// })) +// if err != nil { +// return err +// } +// // Grant the KMS Service Agent the Cloud KMS Admin role +// autokeyProjectAdmin, err := projects.NewIAMMember(ctx, "autokey_project_admin", &projects.IAMMemberArgs{ +// Project: keyProject.ProjectId, +// Role: pulumi.String("roles/cloudkms.admin"), +// Member: keyProject.Number.ApplyT(func(number string) (string, error) { +// return fmt.Sprintf("serviceAccount:service-%v@gcp-sa-cloudkms.iam.gserviceaccount.com", number), nil +// }).(pulumi.StringOutput), +// }, pulumi.DependsOn([]pulumi.Resource{ +// waitServiceAgent, +// })) +// if err != nil { +// return err +// } +// // Wait delay after granting IAM permissions +// waitSrvAccPermissions, err := time.NewSleep(ctx, "wait_srv_acc_permissions", &time.SleepArgs{ +// CreateDuration: "10s", +// }, pulumi.DependsOn([]pulumi.Resource{ +// autokeyProjectAdmin, +// })) +// if err != nil { +// return err +// } +// autokeyConfig, err := kms.NewAutokeyConfig(ctx, "autokey_config", &kms.AutokeyConfigArgs{ +// Folder: autokmsFolder.FolderId, +// KeyProject: keyProject.ProjectId.ApplyT(func(projectId string) (string, error) { +// return fmt.Sprintf("projects/%v", projectId), nil +// }).(pulumi.StringOutput), +// }, pulumi.DependsOn([]pulumi.Resource{ +// waitSrvAccPermissions, +// })) +// if err != nil { +// return err +// } +// // Wait delay for autokey config to take effect +// waitAutokeyConfig, err := time.NewSleep(ctx, "wait_autokey_config", &time.SleepArgs{ +// CreateDuration: "10s", +// }, pulumi.DependsOn([]pulumi.Resource{ +// autokeyConfig, +// })) +// if err != nil { +// return err +// } +// _, err = kms.NewKeyHandle(ctx, "example-keyhandle", &kms.KeyHandleArgs{ +// Project: resourceProject.ProjectId, +// Name: pulumi.String("example-key-handle"), +// Location: pulumi.String("global"), +// ResourceTypeSelector: pulumi.String("storage.googleapis.com/Bucket"), +// }, pulumi.DependsOn([]pulumi.Resource{ +// waitAutokeyConfig, +// })) +// if err != nil { +// return err +// } +// return nil +// }) +// } +// +// ``` +// +// ## Import +// +// KeyHandle can be imported using any of these accepted formats: +// +// * `projects/{{project}}/locations/{{location}}/keyHandles/{{name}}` +// +// * `{{project}}/{{location}}/{{name}}` +// +// * `{{location}}/{{name}}` +// +// When using the `pulumi import` command, KeyHandle can be imported using one of the formats above. For example: +// +// ```sh +// $ pulumi import gcp:kms/keyHandle:KeyHandle default projects/{{project}}/locations/{{location}}/keyHandles/{{name}} +// ``` +// +// ```sh +// $ pulumi import gcp:kms/keyHandle:KeyHandle default {{project}}/{{location}}/{{name}} +// ``` +// +// ```sh +// $ pulumi import gcp:kms/keyHandle:KeyHandle default {{location}}/{{name}} +// ``` +type KeyHandle struct { + pulumi.CustomResourceState + + // A reference to a Cloud KMS CryptoKey that can be used for CMEK in the requested + // product/project/location, for example + // `projects/1/locations/us-east1/keyRings/foo/cryptoKeys/bar-ffffff` + KmsKey pulumi.StringOutput `pulumi:"kmsKey"` + // The location for the KeyHandle. + // A full list of valid locations can be found by running `gcloud kms locations list`. + // + // *** + Location pulumi.StringOutput `pulumi:"location"` + // The resource name for the KeyHandle. + Name pulumi.StringOutput `pulumi:"name"` + // The ID of the project in which the resource belongs. + // If it is not provided, the provider project is used. + Project pulumi.StringOutput `pulumi:"project"` + // Selector of the resource type where we want to protect resources. + // For example, `storage.googleapis.com/Bucket OR compute.googleapis.com/*` + ResourceTypeSelector pulumi.StringOutput `pulumi:"resourceTypeSelector"` +} + +// NewKeyHandle registers a new resource with the given unique name, arguments, and options. +func NewKeyHandle(ctx *pulumi.Context, + name string, args *KeyHandleArgs, opts ...pulumi.ResourceOption) (*KeyHandle, error) { + if args == nil { + return nil, errors.New("missing one or more required arguments") + } + + if args.Location == nil { + return nil, errors.New("invalid value for required argument 'Location'") + } + if args.ResourceTypeSelector == nil { + return nil, errors.New("invalid value for required argument 'ResourceTypeSelector'") + } + opts = internal.PkgResourceDefaultOpts(opts) + var resource KeyHandle + err := ctx.RegisterResource("gcp:kms/keyHandle:KeyHandle", name, args, &resource, opts...) + if err != nil { + return nil, err + } + return &resource, nil +} + +// GetKeyHandle gets an existing KeyHandle resource's state with the given name, ID, and optional +// state properties that are used to uniquely qualify the lookup (nil if not required). +func GetKeyHandle(ctx *pulumi.Context, + name string, id pulumi.IDInput, state *KeyHandleState, opts ...pulumi.ResourceOption) (*KeyHandle, error) { + var resource KeyHandle + err := ctx.ReadResource("gcp:kms/keyHandle:KeyHandle", name, id, state, &resource, opts...) + if err != nil { + return nil, err + } + return &resource, nil +} + +// Input properties used for looking up and filtering KeyHandle resources. +type keyHandleState struct { + // A reference to a Cloud KMS CryptoKey that can be used for CMEK in the requested + // product/project/location, for example + // `projects/1/locations/us-east1/keyRings/foo/cryptoKeys/bar-ffffff` + KmsKey *string `pulumi:"kmsKey"` + // The location for the KeyHandle. + // A full list of valid locations can be found by running `gcloud kms locations list`. + // + // *** + Location *string `pulumi:"location"` + // The resource name for the KeyHandle. + Name *string `pulumi:"name"` + // The ID of the project in which the resource belongs. + // If it is not provided, the provider project is used. + Project *string `pulumi:"project"` + // Selector of the resource type where we want to protect resources. + // For example, `storage.googleapis.com/Bucket OR compute.googleapis.com/*` + ResourceTypeSelector *string `pulumi:"resourceTypeSelector"` +} + +type KeyHandleState struct { + // A reference to a Cloud KMS CryptoKey that can be used for CMEK in the requested + // product/project/location, for example + // `projects/1/locations/us-east1/keyRings/foo/cryptoKeys/bar-ffffff` + KmsKey pulumi.StringPtrInput + // The location for the KeyHandle. + // A full list of valid locations can be found by running `gcloud kms locations list`. + // + // *** + Location pulumi.StringPtrInput + // The resource name for the KeyHandle. + Name pulumi.StringPtrInput + // The ID of the project in which the resource belongs. + // If it is not provided, the provider project is used. + Project pulumi.StringPtrInput + // Selector of the resource type where we want to protect resources. + // For example, `storage.googleapis.com/Bucket OR compute.googleapis.com/*` + ResourceTypeSelector pulumi.StringPtrInput +} + +func (KeyHandleState) ElementType() reflect.Type { + return reflect.TypeOf((*keyHandleState)(nil)).Elem() +} + +type keyHandleArgs struct { + // The location for the KeyHandle. + // A full list of valid locations can be found by running `gcloud kms locations list`. + // + // *** + Location string `pulumi:"location"` + // The resource name for the KeyHandle. + Name *string `pulumi:"name"` + // The ID of the project in which the resource belongs. + // If it is not provided, the provider project is used. + Project *string `pulumi:"project"` + // Selector of the resource type where we want to protect resources. + // For example, `storage.googleapis.com/Bucket OR compute.googleapis.com/*` + ResourceTypeSelector string `pulumi:"resourceTypeSelector"` +} + +// The set of arguments for constructing a KeyHandle resource. +type KeyHandleArgs struct { + // The location for the KeyHandle. + // A full list of valid locations can be found by running `gcloud kms locations list`. + // + // *** + Location pulumi.StringInput + // The resource name for the KeyHandle. + Name pulumi.StringPtrInput + // The ID of the project in which the resource belongs. + // If it is not provided, the provider project is used. + Project pulumi.StringPtrInput + // Selector of the resource type where we want to protect resources. + // For example, `storage.googleapis.com/Bucket OR compute.googleapis.com/*` + ResourceTypeSelector pulumi.StringInput +} + +func (KeyHandleArgs) ElementType() reflect.Type { + return reflect.TypeOf((*keyHandleArgs)(nil)).Elem() +} + +type KeyHandleInput interface { + pulumi.Input + + ToKeyHandleOutput() KeyHandleOutput + ToKeyHandleOutputWithContext(ctx context.Context) KeyHandleOutput +} + +func (*KeyHandle) ElementType() reflect.Type { + return reflect.TypeOf((**KeyHandle)(nil)).Elem() +} + +func (i *KeyHandle) ToKeyHandleOutput() KeyHandleOutput { + return i.ToKeyHandleOutputWithContext(context.Background()) +} + +func (i *KeyHandle) ToKeyHandleOutputWithContext(ctx context.Context) KeyHandleOutput { + return pulumi.ToOutputWithContext(ctx, i).(KeyHandleOutput) +} + +// KeyHandleArrayInput is an input type that accepts KeyHandleArray and KeyHandleArrayOutput values. +// You can construct a concrete instance of `KeyHandleArrayInput` via: +// +// KeyHandleArray{ KeyHandleArgs{...} } +type KeyHandleArrayInput interface { + pulumi.Input + + ToKeyHandleArrayOutput() KeyHandleArrayOutput + ToKeyHandleArrayOutputWithContext(context.Context) KeyHandleArrayOutput +} + +type KeyHandleArray []KeyHandleInput + +func (KeyHandleArray) ElementType() reflect.Type { + return reflect.TypeOf((*[]*KeyHandle)(nil)).Elem() +} + +func (i KeyHandleArray) ToKeyHandleArrayOutput() KeyHandleArrayOutput { + return i.ToKeyHandleArrayOutputWithContext(context.Background()) +} + +func (i KeyHandleArray) ToKeyHandleArrayOutputWithContext(ctx context.Context) KeyHandleArrayOutput { + return pulumi.ToOutputWithContext(ctx, i).(KeyHandleArrayOutput) +} + +// KeyHandleMapInput is an input type that accepts KeyHandleMap and KeyHandleMapOutput values. +// You can construct a concrete instance of `KeyHandleMapInput` via: +// +// KeyHandleMap{ "key": KeyHandleArgs{...} } +type KeyHandleMapInput interface { + pulumi.Input + + ToKeyHandleMapOutput() KeyHandleMapOutput + ToKeyHandleMapOutputWithContext(context.Context) KeyHandleMapOutput +} + +type KeyHandleMap map[string]KeyHandleInput + +func (KeyHandleMap) ElementType() reflect.Type { + return reflect.TypeOf((*map[string]*KeyHandle)(nil)).Elem() +} + +func (i KeyHandleMap) ToKeyHandleMapOutput() KeyHandleMapOutput { + return i.ToKeyHandleMapOutputWithContext(context.Background()) +} + +func (i KeyHandleMap) ToKeyHandleMapOutputWithContext(ctx context.Context) KeyHandleMapOutput { + return pulumi.ToOutputWithContext(ctx, i).(KeyHandleMapOutput) +} + +type KeyHandleOutput struct{ *pulumi.OutputState } + +func (KeyHandleOutput) ElementType() reflect.Type { + return reflect.TypeOf((**KeyHandle)(nil)).Elem() +} + +func (o KeyHandleOutput) ToKeyHandleOutput() KeyHandleOutput { + return o +} + +func (o KeyHandleOutput) ToKeyHandleOutputWithContext(ctx context.Context) KeyHandleOutput { + return o +} + +// A reference to a Cloud KMS CryptoKey that can be used for CMEK in the requested +// product/project/location, for example +// `projects/1/locations/us-east1/keyRings/foo/cryptoKeys/bar-ffffff` +func (o KeyHandleOutput) KmsKey() pulumi.StringOutput { + return o.ApplyT(func(v *KeyHandle) pulumi.StringOutput { return v.KmsKey }).(pulumi.StringOutput) +} + +// The location for the KeyHandle. +// A full list of valid locations can be found by running `gcloud kms locations list`. +// +// *** +func (o KeyHandleOutput) Location() pulumi.StringOutput { + return o.ApplyT(func(v *KeyHandle) pulumi.StringOutput { return v.Location }).(pulumi.StringOutput) +} + +// The resource name for the KeyHandle. +func (o KeyHandleOutput) Name() pulumi.StringOutput { + return o.ApplyT(func(v *KeyHandle) pulumi.StringOutput { return v.Name }).(pulumi.StringOutput) +} + +// The ID of the project in which the resource belongs. +// If it is not provided, the provider project is used. +func (o KeyHandleOutput) Project() pulumi.StringOutput { + return o.ApplyT(func(v *KeyHandle) pulumi.StringOutput { return v.Project }).(pulumi.StringOutput) +} + +// Selector of the resource type where we want to protect resources. +// For example, `storage.googleapis.com/Bucket OR compute.googleapis.com/*` +func (o KeyHandleOutput) ResourceTypeSelector() pulumi.StringOutput { + return o.ApplyT(func(v *KeyHandle) pulumi.StringOutput { return v.ResourceTypeSelector }).(pulumi.StringOutput) +} + +type KeyHandleArrayOutput struct{ *pulumi.OutputState } + +func (KeyHandleArrayOutput) ElementType() reflect.Type { + return reflect.TypeOf((*[]*KeyHandle)(nil)).Elem() +} + +func (o KeyHandleArrayOutput) ToKeyHandleArrayOutput() KeyHandleArrayOutput { + return o +} + +func (o KeyHandleArrayOutput) ToKeyHandleArrayOutputWithContext(ctx context.Context) KeyHandleArrayOutput { + return o +} + +func (o KeyHandleArrayOutput) Index(i pulumi.IntInput) KeyHandleOutput { + return pulumi.All(o, i).ApplyT(func(vs []interface{}) *KeyHandle { + return vs[0].([]*KeyHandle)[vs[1].(int)] + }).(KeyHandleOutput) +} + +type KeyHandleMapOutput struct{ *pulumi.OutputState } + +func (KeyHandleMapOutput) ElementType() reflect.Type { + return reflect.TypeOf((*map[string]*KeyHandle)(nil)).Elem() +} + +func (o KeyHandleMapOutput) ToKeyHandleMapOutput() KeyHandleMapOutput { + return o +} + +func (o KeyHandleMapOutput) ToKeyHandleMapOutputWithContext(ctx context.Context) KeyHandleMapOutput { + return o +} + +func (o KeyHandleMapOutput) MapIndex(k pulumi.StringInput) KeyHandleOutput { + return pulumi.All(o, k).ApplyT(func(vs []interface{}) *KeyHandle { + return vs[0].(map[string]*KeyHandle)[vs[1].(string)] + }).(KeyHandleOutput) +} + +func init() { + pulumi.RegisterInputType(reflect.TypeOf((*KeyHandleInput)(nil)).Elem(), &KeyHandle{}) + pulumi.RegisterInputType(reflect.TypeOf((*KeyHandleArrayInput)(nil)).Elem(), KeyHandleArray{}) + pulumi.RegisterInputType(reflect.TypeOf((*KeyHandleMapInput)(nil)).Elem(), KeyHandleMap{}) + pulumi.RegisterOutputType(KeyHandleOutput{}) + pulumi.RegisterOutputType(KeyHandleArrayOutput{}) + pulumi.RegisterOutputType(KeyHandleMapOutput{}) +} diff --git a/sdk/go/gcp/networkservices/init.go b/sdk/go/gcp/networkservices/init.go index 6df46faab4..dff32e32d6 100644 --- a/sdk/go/gcp/networkservices/init.go +++ b/sdk/go/gcp/networkservices/init.go @@ -35,6 +35,8 @@ func (m *module) Construct(ctx *pulumi.Context, name, typ, urn string) (r pulumi r = &GrpcRoute{} case "gcp:networkservices/httpRoute:HttpRoute": r = &HttpRoute{} + case "gcp:networkservices/lbRouteExtension:LbRouteExtension": + r = &LbRouteExtension{} case "gcp:networkservices/lbTrafficExtension:LbTrafficExtension": r = &LbTrafficExtension{} case "gcp:networkservices/mesh:Mesh": @@ -93,6 +95,11 @@ func init() { "networkservices/httpRoute", &module{version}, ) + pulumi.RegisterResourceModule( + "gcp", + "networkservices/lbRouteExtension", + &module{version}, + ) pulumi.RegisterResourceModule( "gcp", "networkservices/lbTrafficExtension", diff --git a/sdk/go/gcp/networkservices/lbRouteExtension.go b/sdk/go/gcp/networkservices/lbRouteExtension.go new file mode 100644 index 0000000000..398e9dad84 --- /dev/null +++ b/sdk/go/gcp/networkservices/lbRouteExtension.go @@ -0,0 +1,450 @@ +// Code generated by the Pulumi Terraform Bridge (tfgen) Tool DO NOT EDIT. +// *** WARNING: Do not edit by hand unless you're certain you know what you are doing! *** + +package networkservices + +import ( + "context" + "reflect" + + "errors" + "github.com/pulumi/pulumi-gcp/sdk/v7/go/gcp/internal" + "github.com/pulumi/pulumi/sdk/v3/go/pulumi" +) + +// LbRouteExtension is a resource that lets you control where traffic is routed to for a given request. +// +// To get more information about LbRouteExtension, see: +// +// * [API documentation](https://cloud.google.com/service-extensions/docs/reference/rest/v1beta1/projects.locations.lbRouteExtensions) +// * How-to Guides +// - [Configure a route extension](https://cloud.google.com/service-extensions/docs/configure-callout#configure_a_route_extension) +// +// ## Example Usage +// +// ## Import +// +// LbRouteExtension can be imported using any of these accepted formats: +// +// * `projects/{{project}}/locations/{{location}}/lbRouteExtensions/{{name}}` +// +// * `{{project}}/{{location}}/{{name}}` +// +// * `{{location}}/{{name}}` +// +// When using the `pulumi import` command, LbRouteExtension can be imported using one of the formats above. For example: +// +// ```sh +// $ pulumi import gcp:networkservices/lbRouteExtension:LbRouteExtension default projects/{{project}}/locations/{{location}}/lbRouteExtensions/{{name}} +// ``` +// +// ```sh +// $ pulumi import gcp:networkservices/lbRouteExtension:LbRouteExtension default {{project}}/{{location}}/{{name}} +// ``` +// +// ```sh +// $ pulumi import gcp:networkservices/lbRouteExtension:LbRouteExtension default {{location}}/{{name}} +// ``` +type LbRouteExtension struct { + pulumi.CustomResourceState + + // A human-readable description of the resource. + Description pulumi.StringPtrOutput `pulumi:"description"` + // All of labels (key/value pairs) present on the resource in GCP, including the labels configured through Pulumi, other clients and services. + EffectiveLabels pulumi.StringMapOutput `pulumi:"effectiveLabels"` + // A set of ordered extension chains that contain the match conditions and extensions to execute. + // Match conditions for each extension chain are evaluated in sequence for a given request. + // The first extension chain that has a condition that matches the request is executed. + // Any subsequent extension chains do not execute. Limited to 5 extension chains per resource. + // Structure is documented below. + ExtensionChains LbRouteExtensionExtensionChainArrayOutput `pulumi:"extensionChains"` + // A list of references to the forwarding rules to which this service extension is attached to. + // At least one forwarding rule is required. There can be only one LbRouteExtension resource per forwarding rule. + ForwardingRules pulumi.StringArrayOutput `pulumi:"forwardingRules"` + // Set of labels associated with the LbRouteExtension resource. **Note**: This field is non-authoritative, and will only + // manage the labels present in your configuration. Please refer to the field 'effective_labels' for all of the labels + // present on the resource. + Labels pulumi.StringMapOutput `pulumi:"labels"` + // All backend services and forwarding rules referenced by this extension must share the same load balancing scheme. + // For more information, refer to [Choosing a load balancer](https://cloud.google.com/load-balancing/docs/backend-service) and + // [Supported application load balancers](https://cloud.google.com/service-extensions/docs/callouts-overview#supported-lbs). + // Possible values are: `INTERNAL_MANAGED`, `EXTERNAL_MANAGED`. + LoadBalancingScheme pulumi.StringOutput `pulumi:"loadBalancingScheme"` + // The location of the route extension + Location pulumi.StringOutput `pulumi:"location"` + // Name of the LbRouteExtension resource in the following format: projects/{project}/locations/{location}/lbRouteExtensions/{lbRouteExtension} + Name pulumi.StringOutput `pulumi:"name"` + Project pulumi.StringOutput `pulumi:"project"` + // The combination of labels configured directly on the resource + // and default labels configured on the provider. + PulumiLabels pulumi.StringMapOutput `pulumi:"pulumiLabels"` +} + +// NewLbRouteExtension registers a new resource with the given unique name, arguments, and options. +func NewLbRouteExtension(ctx *pulumi.Context, + name string, args *LbRouteExtensionArgs, opts ...pulumi.ResourceOption) (*LbRouteExtension, error) { + if args == nil { + return nil, errors.New("missing one or more required arguments") + } + + if args.ExtensionChains == nil { + return nil, errors.New("invalid value for required argument 'ExtensionChains'") + } + if args.ForwardingRules == nil { + return nil, errors.New("invalid value for required argument 'ForwardingRules'") + } + if args.LoadBalancingScheme == nil { + return nil, errors.New("invalid value for required argument 'LoadBalancingScheme'") + } + if args.Location == nil { + return nil, errors.New("invalid value for required argument 'Location'") + } + secrets := pulumi.AdditionalSecretOutputs([]string{ + "effectiveLabels", + "pulumiLabels", + }) + opts = append(opts, secrets) + opts = internal.PkgResourceDefaultOpts(opts) + var resource LbRouteExtension + err := ctx.RegisterResource("gcp:networkservices/lbRouteExtension:LbRouteExtension", name, args, &resource, opts...) + if err != nil { + return nil, err + } + return &resource, nil +} + +// GetLbRouteExtension gets an existing LbRouteExtension resource's state with the given name, ID, and optional +// state properties that are used to uniquely qualify the lookup (nil if not required). +func GetLbRouteExtension(ctx *pulumi.Context, + name string, id pulumi.IDInput, state *LbRouteExtensionState, opts ...pulumi.ResourceOption) (*LbRouteExtension, error) { + var resource LbRouteExtension + err := ctx.ReadResource("gcp:networkservices/lbRouteExtension:LbRouteExtension", name, id, state, &resource, opts...) + if err != nil { + return nil, err + } + return &resource, nil +} + +// Input properties used for looking up and filtering LbRouteExtension resources. +type lbRouteExtensionState struct { + // A human-readable description of the resource. + Description *string `pulumi:"description"` + // All of labels (key/value pairs) present on the resource in GCP, including the labels configured through Pulumi, other clients and services. + EffectiveLabels map[string]string `pulumi:"effectiveLabels"` + // A set of ordered extension chains that contain the match conditions and extensions to execute. + // Match conditions for each extension chain are evaluated in sequence for a given request. + // The first extension chain that has a condition that matches the request is executed. + // Any subsequent extension chains do not execute. Limited to 5 extension chains per resource. + // Structure is documented below. + ExtensionChains []LbRouteExtensionExtensionChain `pulumi:"extensionChains"` + // A list of references to the forwarding rules to which this service extension is attached to. + // At least one forwarding rule is required. There can be only one LbRouteExtension resource per forwarding rule. + ForwardingRules []string `pulumi:"forwardingRules"` + // Set of labels associated with the LbRouteExtension resource. **Note**: This field is non-authoritative, and will only + // manage the labels present in your configuration. Please refer to the field 'effective_labels' for all of the labels + // present on the resource. + Labels map[string]string `pulumi:"labels"` + // All backend services and forwarding rules referenced by this extension must share the same load balancing scheme. + // For more information, refer to [Choosing a load balancer](https://cloud.google.com/load-balancing/docs/backend-service) and + // [Supported application load balancers](https://cloud.google.com/service-extensions/docs/callouts-overview#supported-lbs). + // Possible values are: `INTERNAL_MANAGED`, `EXTERNAL_MANAGED`. + LoadBalancingScheme *string `pulumi:"loadBalancingScheme"` + // The location of the route extension + Location *string `pulumi:"location"` + // Name of the LbRouteExtension resource in the following format: projects/{project}/locations/{location}/lbRouteExtensions/{lbRouteExtension} + Name *string `pulumi:"name"` + Project *string `pulumi:"project"` + // The combination of labels configured directly on the resource + // and default labels configured on the provider. + PulumiLabels map[string]string `pulumi:"pulumiLabels"` +} + +type LbRouteExtensionState struct { + // A human-readable description of the resource. + Description pulumi.StringPtrInput + // All of labels (key/value pairs) present on the resource in GCP, including the labels configured through Pulumi, other clients and services. + EffectiveLabels pulumi.StringMapInput + // A set of ordered extension chains that contain the match conditions and extensions to execute. + // Match conditions for each extension chain are evaluated in sequence for a given request. + // The first extension chain that has a condition that matches the request is executed. + // Any subsequent extension chains do not execute. Limited to 5 extension chains per resource. + // Structure is documented below. + ExtensionChains LbRouteExtensionExtensionChainArrayInput + // A list of references to the forwarding rules to which this service extension is attached to. + // At least one forwarding rule is required. There can be only one LbRouteExtension resource per forwarding rule. + ForwardingRules pulumi.StringArrayInput + // Set of labels associated with the LbRouteExtension resource. **Note**: This field is non-authoritative, and will only + // manage the labels present in your configuration. Please refer to the field 'effective_labels' for all of the labels + // present on the resource. + Labels pulumi.StringMapInput + // All backend services and forwarding rules referenced by this extension must share the same load balancing scheme. + // For more information, refer to [Choosing a load balancer](https://cloud.google.com/load-balancing/docs/backend-service) and + // [Supported application load balancers](https://cloud.google.com/service-extensions/docs/callouts-overview#supported-lbs). + // Possible values are: `INTERNAL_MANAGED`, `EXTERNAL_MANAGED`. + LoadBalancingScheme pulumi.StringPtrInput + // The location of the route extension + Location pulumi.StringPtrInput + // Name of the LbRouteExtension resource in the following format: projects/{project}/locations/{location}/lbRouteExtensions/{lbRouteExtension} + Name pulumi.StringPtrInput + Project pulumi.StringPtrInput + // The combination of labels configured directly on the resource + // and default labels configured on the provider. + PulumiLabels pulumi.StringMapInput +} + +func (LbRouteExtensionState) ElementType() reflect.Type { + return reflect.TypeOf((*lbRouteExtensionState)(nil)).Elem() +} + +type lbRouteExtensionArgs struct { + // A human-readable description of the resource. + Description *string `pulumi:"description"` + // A set of ordered extension chains that contain the match conditions and extensions to execute. + // Match conditions for each extension chain are evaluated in sequence for a given request. + // The first extension chain that has a condition that matches the request is executed. + // Any subsequent extension chains do not execute. Limited to 5 extension chains per resource. + // Structure is documented below. + ExtensionChains []LbRouteExtensionExtensionChain `pulumi:"extensionChains"` + // A list of references to the forwarding rules to which this service extension is attached to. + // At least one forwarding rule is required. There can be only one LbRouteExtension resource per forwarding rule. + ForwardingRules []string `pulumi:"forwardingRules"` + // Set of labels associated with the LbRouteExtension resource. **Note**: This field is non-authoritative, and will only + // manage the labels present in your configuration. Please refer to the field 'effective_labels' for all of the labels + // present on the resource. + Labels map[string]string `pulumi:"labels"` + // All backend services and forwarding rules referenced by this extension must share the same load balancing scheme. + // For more information, refer to [Choosing a load balancer](https://cloud.google.com/load-balancing/docs/backend-service) and + // [Supported application load balancers](https://cloud.google.com/service-extensions/docs/callouts-overview#supported-lbs). + // Possible values are: `INTERNAL_MANAGED`, `EXTERNAL_MANAGED`. + LoadBalancingScheme string `pulumi:"loadBalancingScheme"` + // The location of the route extension + Location string `pulumi:"location"` + // Name of the LbRouteExtension resource in the following format: projects/{project}/locations/{location}/lbRouteExtensions/{lbRouteExtension} + Name *string `pulumi:"name"` + Project *string `pulumi:"project"` +} + +// The set of arguments for constructing a LbRouteExtension resource. +type LbRouteExtensionArgs struct { + // A human-readable description of the resource. + Description pulumi.StringPtrInput + // A set of ordered extension chains that contain the match conditions and extensions to execute. + // Match conditions for each extension chain are evaluated in sequence for a given request. + // The first extension chain that has a condition that matches the request is executed. + // Any subsequent extension chains do not execute. Limited to 5 extension chains per resource. + // Structure is documented below. + ExtensionChains LbRouteExtensionExtensionChainArrayInput + // A list of references to the forwarding rules to which this service extension is attached to. + // At least one forwarding rule is required. There can be only one LbRouteExtension resource per forwarding rule. + ForwardingRules pulumi.StringArrayInput + // Set of labels associated with the LbRouteExtension resource. **Note**: This field is non-authoritative, and will only + // manage the labels present in your configuration. Please refer to the field 'effective_labels' for all of the labels + // present on the resource. + Labels pulumi.StringMapInput + // All backend services and forwarding rules referenced by this extension must share the same load balancing scheme. + // For more information, refer to [Choosing a load balancer](https://cloud.google.com/load-balancing/docs/backend-service) and + // [Supported application load balancers](https://cloud.google.com/service-extensions/docs/callouts-overview#supported-lbs). + // Possible values are: `INTERNAL_MANAGED`, `EXTERNAL_MANAGED`. + LoadBalancingScheme pulumi.StringInput + // The location of the route extension + Location pulumi.StringInput + // Name of the LbRouteExtension resource in the following format: projects/{project}/locations/{location}/lbRouteExtensions/{lbRouteExtension} + Name pulumi.StringPtrInput + Project pulumi.StringPtrInput +} + +func (LbRouteExtensionArgs) ElementType() reflect.Type { + return reflect.TypeOf((*lbRouteExtensionArgs)(nil)).Elem() +} + +type LbRouteExtensionInput interface { + pulumi.Input + + ToLbRouteExtensionOutput() LbRouteExtensionOutput + ToLbRouteExtensionOutputWithContext(ctx context.Context) LbRouteExtensionOutput +} + +func (*LbRouteExtension) ElementType() reflect.Type { + return reflect.TypeOf((**LbRouteExtension)(nil)).Elem() +} + +func (i *LbRouteExtension) ToLbRouteExtensionOutput() LbRouteExtensionOutput { + return i.ToLbRouteExtensionOutputWithContext(context.Background()) +} + +func (i *LbRouteExtension) ToLbRouteExtensionOutputWithContext(ctx context.Context) LbRouteExtensionOutput { + return pulumi.ToOutputWithContext(ctx, i).(LbRouteExtensionOutput) +} + +// LbRouteExtensionArrayInput is an input type that accepts LbRouteExtensionArray and LbRouteExtensionArrayOutput values. +// You can construct a concrete instance of `LbRouteExtensionArrayInput` via: +// +// LbRouteExtensionArray{ LbRouteExtensionArgs{...} } +type LbRouteExtensionArrayInput interface { + pulumi.Input + + ToLbRouteExtensionArrayOutput() LbRouteExtensionArrayOutput + ToLbRouteExtensionArrayOutputWithContext(context.Context) LbRouteExtensionArrayOutput +} + +type LbRouteExtensionArray []LbRouteExtensionInput + +func (LbRouteExtensionArray) ElementType() reflect.Type { + return reflect.TypeOf((*[]*LbRouteExtension)(nil)).Elem() +} + +func (i LbRouteExtensionArray) ToLbRouteExtensionArrayOutput() LbRouteExtensionArrayOutput { + return i.ToLbRouteExtensionArrayOutputWithContext(context.Background()) +} + +func (i LbRouteExtensionArray) ToLbRouteExtensionArrayOutputWithContext(ctx context.Context) LbRouteExtensionArrayOutput { + return pulumi.ToOutputWithContext(ctx, i).(LbRouteExtensionArrayOutput) +} + +// LbRouteExtensionMapInput is an input type that accepts LbRouteExtensionMap and LbRouteExtensionMapOutput values. +// You can construct a concrete instance of `LbRouteExtensionMapInput` via: +// +// LbRouteExtensionMap{ "key": LbRouteExtensionArgs{...} } +type LbRouteExtensionMapInput interface { + pulumi.Input + + ToLbRouteExtensionMapOutput() LbRouteExtensionMapOutput + ToLbRouteExtensionMapOutputWithContext(context.Context) LbRouteExtensionMapOutput +} + +type LbRouteExtensionMap map[string]LbRouteExtensionInput + +func (LbRouteExtensionMap) ElementType() reflect.Type { + return reflect.TypeOf((*map[string]*LbRouteExtension)(nil)).Elem() +} + +func (i LbRouteExtensionMap) ToLbRouteExtensionMapOutput() LbRouteExtensionMapOutput { + return i.ToLbRouteExtensionMapOutputWithContext(context.Background()) +} + +func (i LbRouteExtensionMap) ToLbRouteExtensionMapOutputWithContext(ctx context.Context) LbRouteExtensionMapOutput { + return pulumi.ToOutputWithContext(ctx, i).(LbRouteExtensionMapOutput) +} + +type LbRouteExtensionOutput struct{ *pulumi.OutputState } + +func (LbRouteExtensionOutput) ElementType() reflect.Type { + return reflect.TypeOf((**LbRouteExtension)(nil)).Elem() +} + +func (o LbRouteExtensionOutput) ToLbRouteExtensionOutput() LbRouteExtensionOutput { + return o +} + +func (o LbRouteExtensionOutput) ToLbRouteExtensionOutputWithContext(ctx context.Context) LbRouteExtensionOutput { + return o +} + +// A human-readable description of the resource. +func (o LbRouteExtensionOutput) Description() pulumi.StringPtrOutput { + return o.ApplyT(func(v *LbRouteExtension) pulumi.StringPtrOutput { return v.Description }).(pulumi.StringPtrOutput) +} + +// All of labels (key/value pairs) present on the resource in GCP, including the labels configured through Pulumi, other clients and services. +func (o LbRouteExtensionOutput) EffectiveLabels() pulumi.StringMapOutput { + return o.ApplyT(func(v *LbRouteExtension) pulumi.StringMapOutput { return v.EffectiveLabels }).(pulumi.StringMapOutput) +} + +// A set of ordered extension chains that contain the match conditions and extensions to execute. +// Match conditions for each extension chain are evaluated in sequence for a given request. +// The first extension chain that has a condition that matches the request is executed. +// Any subsequent extension chains do not execute. Limited to 5 extension chains per resource. +// Structure is documented below. +func (o LbRouteExtensionOutput) ExtensionChains() LbRouteExtensionExtensionChainArrayOutput { + return o.ApplyT(func(v *LbRouteExtension) LbRouteExtensionExtensionChainArrayOutput { return v.ExtensionChains }).(LbRouteExtensionExtensionChainArrayOutput) +} + +// A list of references to the forwarding rules to which this service extension is attached to. +// At least one forwarding rule is required. There can be only one LbRouteExtension resource per forwarding rule. +func (o LbRouteExtensionOutput) ForwardingRules() pulumi.StringArrayOutput { + return o.ApplyT(func(v *LbRouteExtension) pulumi.StringArrayOutput { return v.ForwardingRules }).(pulumi.StringArrayOutput) +} + +// Set of labels associated with the LbRouteExtension resource. **Note**: This field is non-authoritative, and will only +// manage the labels present in your configuration. Please refer to the field 'effective_labels' for all of the labels +// present on the resource. +func (o LbRouteExtensionOutput) Labels() pulumi.StringMapOutput { + return o.ApplyT(func(v *LbRouteExtension) pulumi.StringMapOutput { return v.Labels }).(pulumi.StringMapOutput) +} + +// All backend services and forwarding rules referenced by this extension must share the same load balancing scheme. +// For more information, refer to [Choosing a load balancer](https://cloud.google.com/load-balancing/docs/backend-service) and +// [Supported application load balancers](https://cloud.google.com/service-extensions/docs/callouts-overview#supported-lbs). +// Possible values are: `INTERNAL_MANAGED`, `EXTERNAL_MANAGED`. +func (o LbRouteExtensionOutput) LoadBalancingScheme() pulumi.StringOutput { + return o.ApplyT(func(v *LbRouteExtension) pulumi.StringOutput { return v.LoadBalancingScheme }).(pulumi.StringOutput) +} + +// The location of the route extension +func (o LbRouteExtensionOutput) Location() pulumi.StringOutput { + return o.ApplyT(func(v *LbRouteExtension) pulumi.StringOutput { return v.Location }).(pulumi.StringOutput) +} + +// Name of the LbRouteExtension resource in the following format: projects/{project}/locations/{location}/lbRouteExtensions/{lbRouteExtension} +func (o LbRouteExtensionOutput) Name() pulumi.StringOutput { + return o.ApplyT(func(v *LbRouteExtension) pulumi.StringOutput { return v.Name }).(pulumi.StringOutput) +} + +func (o LbRouteExtensionOutput) Project() pulumi.StringOutput { + return o.ApplyT(func(v *LbRouteExtension) pulumi.StringOutput { return v.Project }).(pulumi.StringOutput) +} + +// The combination of labels configured directly on the resource +// and default labels configured on the provider. +func (o LbRouteExtensionOutput) PulumiLabels() pulumi.StringMapOutput { + return o.ApplyT(func(v *LbRouteExtension) pulumi.StringMapOutput { return v.PulumiLabels }).(pulumi.StringMapOutput) +} + +type LbRouteExtensionArrayOutput struct{ *pulumi.OutputState } + +func (LbRouteExtensionArrayOutput) ElementType() reflect.Type { + return reflect.TypeOf((*[]*LbRouteExtension)(nil)).Elem() +} + +func (o LbRouteExtensionArrayOutput) ToLbRouteExtensionArrayOutput() LbRouteExtensionArrayOutput { + return o +} + +func (o LbRouteExtensionArrayOutput) ToLbRouteExtensionArrayOutputWithContext(ctx context.Context) LbRouteExtensionArrayOutput { + return o +} + +func (o LbRouteExtensionArrayOutput) Index(i pulumi.IntInput) LbRouteExtensionOutput { + return pulumi.All(o, i).ApplyT(func(vs []interface{}) *LbRouteExtension { + return vs[0].([]*LbRouteExtension)[vs[1].(int)] + }).(LbRouteExtensionOutput) +} + +type LbRouteExtensionMapOutput struct{ *pulumi.OutputState } + +func (LbRouteExtensionMapOutput) ElementType() reflect.Type { + return reflect.TypeOf((*map[string]*LbRouteExtension)(nil)).Elem() +} + +func (o LbRouteExtensionMapOutput) ToLbRouteExtensionMapOutput() LbRouteExtensionMapOutput { + return o +} + +func (o LbRouteExtensionMapOutput) ToLbRouteExtensionMapOutputWithContext(ctx context.Context) LbRouteExtensionMapOutput { + return o +} + +func (o LbRouteExtensionMapOutput) MapIndex(k pulumi.StringInput) LbRouteExtensionOutput { + return pulumi.All(o, k).ApplyT(func(vs []interface{}) *LbRouteExtension { + return vs[0].(map[string]*LbRouteExtension)[vs[1].(string)] + }).(LbRouteExtensionOutput) +} + +func init() { + pulumi.RegisterInputType(reflect.TypeOf((*LbRouteExtensionInput)(nil)).Elem(), &LbRouteExtension{}) + pulumi.RegisterInputType(reflect.TypeOf((*LbRouteExtensionArrayInput)(nil)).Elem(), LbRouteExtensionArray{}) + pulumi.RegisterInputType(reflect.TypeOf((*LbRouteExtensionMapInput)(nil)).Elem(), LbRouteExtensionMap{}) + pulumi.RegisterOutputType(LbRouteExtensionOutput{}) + pulumi.RegisterOutputType(LbRouteExtensionArrayOutput{}) + pulumi.RegisterOutputType(LbRouteExtensionMapOutput{}) +} diff --git a/sdk/go/gcp/networkservices/lbTrafficExtension.go b/sdk/go/gcp/networkservices/lbTrafficExtension.go index dfef3b7bf8..1b6142af93 100644 --- a/sdk/go/gcp/networkservices/lbTrafficExtension.go +++ b/sdk/go/gcp/networkservices/lbTrafficExtension.go @@ -66,8 +66,10 @@ type LbTrafficExtension struct { // present on the resource. Labels pulumi.StringMapOutput `pulumi:"labels"` // All backend services and forwarding rules referenced by this extension must share the same load balancing scheme. For - // more information, refer to Choosing a load balancer. Possible values: ["LOAD_BALANCING_SCHEME_UNSPECIFIED", - // "INTERNAL_MANAGED", "EXTERNAL_MANAGED"] + // more information, refer to [Choosing a load balancer](https://cloud.google.com/load-balancing/docs/backend-service) and + // [Supported application load + // balancers](https://cloud.google.com/service-extensions/docs/callouts-overview#supported-lbs). Possible values: + // ["INTERNAL_MANAGED", "EXTERNAL_MANAGED"] LoadBalancingScheme pulumi.StringPtrOutput `pulumi:"loadBalancingScheme"` // The location of the traffic extension Location pulumi.StringOutput `pulumi:"location"` @@ -141,8 +143,10 @@ type lbTrafficExtensionState struct { // present on the resource. Labels map[string]string `pulumi:"labels"` // All backend services and forwarding rules referenced by this extension must share the same load balancing scheme. For - // more information, refer to Choosing a load balancer. Possible values: ["LOAD_BALANCING_SCHEME_UNSPECIFIED", - // "INTERNAL_MANAGED", "EXTERNAL_MANAGED"] + // more information, refer to [Choosing a load balancer](https://cloud.google.com/load-balancing/docs/backend-service) and + // [Supported application load + // balancers](https://cloud.google.com/service-extensions/docs/callouts-overview#supported-lbs). Possible values: + // ["INTERNAL_MANAGED", "EXTERNAL_MANAGED"] LoadBalancingScheme *string `pulumi:"loadBalancingScheme"` // The location of the traffic extension Location *string `pulumi:"location"` @@ -173,8 +177,10 @@ type LbTrafficExtensionState struct { // present on the resource. Labels pulumi.StringMapInput // All backend services and forwarding rules referenced by this extension must share the same load balancing scheme. For - // more information, refer to Choosing a load balancer. Possible values: ["LOAD_BALANCING_SCHEME_UNSPECIFIED", - // "INTERNAL_MANAGED", "EXTERNAL_MANAGED"] + // more information, refer to [Choosing a load balancer](https://cloud.google.com/load-balancing/docs/backend-service) and + // [Supported application load + // balancers](https://cloud.google.com/service-extensions/docs/callouts-overview#supported-lbs). Possible values: + // ["INTERNAL_MANAGED", "EXTERNAL_MANAGED"] LoadBalancingScheme pulumi.StringPtrInput // The location of the traffic extension Location pulumi.StringPtrInput @@ -207,8 +213,10 @@ type lbTrafficExtensionArgs struct { // present on the resource. Labels map[string]string `pulumi:"labels"` // All backend services and forwarding rules referenced by this extension must share the same load balancing scheme. For - // more information, refer to Choosing a load balancer. Possible values: ["LOAD_BALANCING_SCHEME_UNSPECIFIED", - // "INTERNAL_MANAGED", "EXTERNAL_MANAGED"] + // more information, refer to [Choosing a load balancer](https://cloud.google.com/load-balancing/docs/backend-service) and + // [Supported application load + // balancers](https://cloud.google.com/service-extensions/docs/callouts-overview#supported-lbs). Possible values: + // ["INTERNAL_MANAGED", "EXTERNAL_MANAGED"] LoadBalancingScheme *string `pulumi:"loadBalancingScheme"` // The location of the traffic extension Location string `pulumi:"location"` @@ -235,8 +243,10 @@ type LbTrafficExtensionArgs struct { // present on the resource. Labels pulumi.StringMapInput // All backend services and forwarding rules referenced by this extension must share the same load balancing scheme. For - // more information, refer to Choosing a load balancer. Possible values: ["LOAD_BALANCING_SCHEME_UNSPECIFIED", - // "INTERNAL_MANAGED", "EXTERNAL_MANAGED"] + // more information, refer to [Choosing a load balancer](https://cloud.google.com/load-balancing/docs/backend-service) and + // [Supported application load + // balancers](https://cloud.google.com/service-extensions/docs/callouts-overview#supported-lbs). Possible values: + // ["INTERNAL_MANAGED", "EXTERNAL_MANAGED"] LoadBalancingScheme pulumi.StringPtrInput // The location of the traffic extension Location pulumi.StringInput @@ -365,8 +375,10 @@ func (o LbTrafficExtensionOutput) Labels() pulumi.StringMapOutput { } // All backend services and forwarding rules referenced by this extension must share the same load balancing scheme. For -// more information, refer to Choosing a load balancer. Possible values: ["LOAD_BALANCING_SCHEME_UNSPECIFIED", -// "INTERNAL_MANAGED", "EXTERNAL_MANAGED"] +// more information, refer to [Choosing a load balancer](https://cloud.google.com/load-balancing/docs/backend-service) and +// [Supported application load +// balancers](https://cloud.google.com/service-extensions/docs/callouts-overview#supported-lbs). Possible values: +// ["INTERNAL_MANAGED", "EXTERNAL_MANAGED"] func (o LbTrafficExtensionOutput) LoadBalancingScheme() pulumi.StringPtrOutput { return o.ApplyT(func(v *LbTrafficExtension) pulumi.StringPtrOutput { return v.LoadBalancingScheme }).(pulumi.StringPtrOutput) } diff --git a/sdk/go/gcp/networkservices/pulumiTypes.go b/sdk/go/gcp/networkservices/pulumiTypes.go index 0531375da2..a34f0cd2e7 100644 --- a/sdk/go/gcp/networkservices/pulumiTypes.go +++ b/sdk/go/gcp/networkservices/pulumiTypes.go @@ -10839,6 +10839,374 @@ func (o HttpRouteRuleMatchQueryParameterArrayOutput) Index(i pulumi.IntInput) Ht }).(HttpRouteRuleMatchQueryParameterOutput) } +type LbRouteExtensionExtensionChain struct { + // A set of extensions to execute for the matching request. + // At least one extension is required. Up to 3 extensions can be defined for each extension chain for + // LbTrafficExtension resource. LbRouteExtension chains are limited to 1 extension per extension chain. + // Structure is documented below. + Extensions []LbRouteExtensionExtensionChainExtension `pulumi:"extensions"` + // Conditions under which this chain is invoked for a request. + // Structure is documented below. + MatchCondition LbRouteExtensionExtensionChainMatchCondition `pulumi:"matchCondition"` + // The name for this extension chain. The name is logged as part of the HTTP request logs. + // The name must conform with RFC-1034, is restricted to lower-cased letters, numbers and hyphens, + // and can have a maximum length of 63 characters. Additionally, the first character must be a letter + // and the last character must be a letter or a number. + Name string `pulumi:"name"` +} + +// LbRouteExtensionExtensionChainInput is an input type that accepts LbRouteExtensionExtensionChainArgs and LbRouteExtensionExtensionChainOutput values. +// You can construct a concrete instance of `LbRouteExtensionExtensionChainInput` via: +// +// LbRouteExtensionExtensionChainArgs{...} +type LbRouteExtensionExtensionChainInput interface { + pulumi.Input + + ToLbRouteExtensionExtensionChainOutput() LbRouteExtensionExtensionChainOutput + ToLbRouteExtensionExtensionChainOutputWithContext(context.Context) LbRouteExtensionExtensionChainOutput +} + +type LbRouteExtensionExtensionChainArgs struct { + // A set of extensions to execute for the matching request. + // At least one extension is required. Up to 3 extensions can be defined for each extension chain for + // LbTrafficExtension resource. LbRouteExtension chains are limited to 1 extension per extension chain. + // Structure is documented below. + Extensions LbRouteExtensionExtensionChainExtensionArrayInput `pulumi:"extensions"` + // Conditions under which this chain is invoked for a request. + // Structure is documented below. + MatchCondition LbRouteExtensionExtensionChainMatchConditionInput `pulumi:"matchCondition"` + // The name for this extension chain. The name is logged as part of the HTTP request logs. + // The name must conform with RFC-1034, is restricted to lower-cased letters, numbers and hyphens, + // and can have a maximum length of 63 characters. Additionally, the first character must be a letter + // and the last character must be a letter or a number. + Name pulumi.StringInput `pulumi:"name"` +} + +func (LbRouteExtensionExtensionChainArgs) ElementType() reflect.Type { + return reflect.TypeOf((*LbRouteExtensionExtensionChain)(nil)).Elem() +} + +func (i LbRouteExtensionExtensionChainArgs) ToLbRouteExtensionExtensionChainOutput() LbRouteExtensionExtensionChainOutput { + return i.ToLbRouteExtensionExtensionChainOutputWithContext(context.Background()) +} + +func (i LbRouteExtensionExtensionChainArgs) ToLbRouteExtensionExtensionChainOutputWithContext(ctx context.Context) LbRouteExtensionExtensionChainOutput { + return pulumi.ToOutputWithContext(ctx, i).(LbRouteExtensionExtensionChainOutput) +} + +// LbRouteExtensionExtensionChainArrayInput is an input type that accepts LbRouteExtensionExtensionChainArray and LbRouteExtensionExtensionChainArrayOutput values. +// You can construct a concrete instance of `LbRouteExtensionExtensionChainArrayInput` via: +// +// LbRouteExtensionExtensionChainArray{ LbRouteExtensionExtensionChainArgs{...} } +type LbRouteExtensionExtensionChainArrayInput interface { + pulumi.Input + + ToLbRouteExtensionExtensionChainArrayOutput() LbRouteExtensionExtensionChainArrayOutput + ToLbRouteExtensionExtensionChainArrayOutputWithContext(context.Context) LbRouteExtensionExtensionChainArrayOutput +} + +type LbRouteExtensionExtensionChainArray []LbRouteExtensionExtensionChainInput + +func (LbRouteExtensionExtensionChainArray) ElementType() reflect.Type { + return reflect.TypeOf((*[]LbRouteExtensionExtensionChain)(nil)).Elem() +} + +func (i LbRouteExtensionExtensionChainArray) ToLbRouteExtensionExtensionChainArrayOutput() LbRouteExtensionExtensionChainArrayOutput { + return i.ToLbRouteExtensionExtensionChainArrayOutputWithContext(context.Background()) +} + +func (i LbRouteExtensionExtensionChainArray) ToLbRouteExtensionExtensionChainArrayOutputWithContext(ctx context.Context) LbRouteExtensionExtensionChainArrayOutput { + return pulumi.ToOutputWithContext(ctx, i).(LbRouteExtensionExtensionChainArrayOutput) +} + +type LbRouteExtensionExtensionChainOutput struct{ *pulumi.OutputState } + +func (LbRouteExtensionExtensionChainOutput) ElementType() reflect.Type { + return reflect.TypeOf((*LbRouteExtensionExtensionChain)(nil)).Elem() +} + +func (o LbRouteExtensionExtensionChainOutput) ToLbRouteExtensionExtensionChainOutput() LbRouteExtensionExtensionChainOutput { + return o +} + +func (o LbRouteExtensionExtensionChainOutput) ToLbRouteExtensionExtensionChainOutputWithContext(ctx context.Context) LbRouteExtensionExtensionChainOutput { + return o +} + +// A set of extensions to execute for the matching request. +// At least one extension is required. Up to 3 extensions can be defined for each extension chain for +// LbTrafficExtension resource. LbRouteExtension chains are limited to 1 extension per extension chain. +// Structure is documented below. +func (o LbRouteExtensionExtensionChainOutput) Extensions() LbRouteExtensionExtensionChainExtensionArrayOutput { + return o.ApplyT(func(v LbRouteExtensionExtensionChain) []LbRouteExtensionExtensionChainExtension { return v.Extensions }).(LbRouteExtensionExtensionChainExtensionArrayOutput) +} + +// Conditions under which this chain is invoked for a request. +// Structure is documented below. +func (o LbRouteExtensionExtensionChainOutput) MatchCondition() LbRouteExtensionExtensionChainMatchConditionOutput { + return o.ApplyT(func(v LbRouteExtensionExtensionChain) LbRouteExtensionExtensionChainMatchCondition { + return v.MatchCondition + }).(LbRouteExtensionExtensionChainMatchConditionOutput) +} + +// The name for this extension chain. The name is logged as part of the HTTP request logs. +// The name must conform with RFC-1034, is restricted to lower-cased letters, numbers and hyphens, +// and can have a maximum length of 63 characters. Additionally, the first character must be a letter +// and the last character must be a letter or a number. +func (o LbRouteExtensionExtensionChainOutput) Name() pulumi.StringOutput { + return o.ApplyT(func(v LbRouteExtensionExtensionChain) string { return v.Name }).(pulumi.StringOutput) +} + +type LbRouteExtensionExtensionChainArrayOutput struct{ *pulumi.OutputState } + +func (LbRouteExtensionExtensionChainArrayOutput) ElementType() reflect.Type { + return reflect.TypeOf((*[]LbRouteExtensionExtensionChain)(nil)).Elem() +} + +func (o LbRouteExtensionExtensionChainArrayOutput) ToLbRouteExtensionExtensionChainArrayOutput() LbRouteExtensionExtensionChainArrayOutput { + return o +} + +func (o LbRouteExtensionExtensionChainArrayOutput) ToLbRouteExtensionExtensionChainArrayOutputWithContext(ctx context.Context) LbRouteExtensionExtensionChainArrayOutput { + return o +} + +func (o LbRouteExtensionExtensionChainArrayOutput) Index(i pulumi.IntInput) LbRouteExtensionExtensionChainOutput { + return pulumi.All(o, i).ApplyT(func(vs []interface{}) LbRouteExtensionExtensionChain { + return vs[0].([]LbRouteExtensionExtensionChain)[vs[1].(int)] + }).(LbRouteExtensionExtensionChainOutput) +} + +type LbRouteExtensionExtensionChainExtension struct { + // The :authority header in the gRPC request sent from Envoy to the extension service. + Authority *string `pulumi:"authority"` + // Determines how the proxy behaves if the call to the extension fails or times out. + // When set to TRUE, request or response processing continues without error. + // Any subsequent extensions in the extension chain are also executed. + // When set to FALSE: * If response headers have not been delivered to the downstream client, + // a generic 500 error is returned to the client. The error response can be tailored by + // configuring a custom error response in the load balancer. + FailOpen *bool `pulumi:"failOpen"` + // List of the HTTP headers to forward to the extension (from the client or backend). + // If omitted, all headers are sent. Each element is a string indicating the header name. + // + // *** + ForwardHeaders []string `pulumi:"forwardHeaders"` + // The name for this extension. The name is logged as part of the HTTP request logs. + // The name must conform with RFC-1034, is restricted to lower-cased letters, numbers and hyphens, + // and can have a maximum length of 63 characters. Additionally, the first character must be a letter + // and the last a letter or a number. + Name string `pulumi:"name"` + // The reference to the service that runs the extension. Must be a reference to a backend service + Service string `pulumi:"service"` + // Specifies the timeout for each individual message on the stream. The timeout must be between 10-1000 milliseconds. + // A duration in seconds with up to nine fractional digits, ending with 's'. Example: "3.5s". + Timeout *string `pulumi:"timeout"` +} + +// LbRouteExtensionExtensionChainExtensionInput is an input type that accepts LbRouteExtensionExtensionChainExtensionArgs and LbRouteExtensionExtensionChainExtensionOutput values. +// You can construct a concrete instance of `LbRouteExtensionExtensionChainExtensionInput` via: +// +// LbRouteExtensionExtensionChainExtensionArgs{...} +type LbRouteExtensionExtensionChainExtensionInput interface { + pulumi.Input + + ToLbRouteExtensionExtensionChainExtensionOutput() LbRouteExtensionExtensionChainExtensionOutput + ToLbRouteExtensionExtensionChainExtensionOutputWithContext(context.Context) LbRouteExtensionExtensionChainExtensionOutput +} + +type LbRouteExtensionExtensionChainExtensionArgs struct { + // The :authority header in the gRPC request sent from Envoy to the extension service. + Authority pulumi.StringPtrInput `pulumi:"authority"` + // Determines how the proxy behaves if the call to the extension fails or times out. + // When set to TRUE, request or response processing continues without error. + // Any subsequent extensions in the extension chain are also executed. + // When set to FALSE: * If response headers have not been delivered to the downstream client, + // a generic 500 error is returned to the client. The error response can be tailored by + // configuring a custom error response in the load balancer. + FailOpen pulumi.BoolPtrInput `pulumi:"failOpen"` + // List of the HTTP headers to forward to the extension (from the client or backend). + // If omitted, all headers are sent. Each element is a string indicating the header name. + // + // *** + ForwardHeaders pulumi.StringArrayInput `pulumi:"forwardHeaders"` + // The name for this extension. The name is logged as part of the HTTP request logs. + // The name must conform with RFC-1034, is restricted to lower-cased letters, numbers and hyphens, + // and can have a maximum length of 63 characters. Additionally, the first character must be a letter + // and the last a letter or a number. + Name pulumi.StringInput `pulumi:"name"` + // The reference to the service that runs the extension. Must be a reference to a backend service + Service pulumi.StringInput `pulumi:"service"` + // Specifies the timeout for each individual message on the stream. The timeout must be between 10-1000 milliseconds. + // A duration in seconds with up to nine fractional digits, ending with 's'. Example: "3.5s". + Timeout pulumi.StringPtrInput `pulumi:"timeout"` +} + +func (LbRouteExtensionExtensionChainExtensionArgs) ElementType() reflect.Type { + return reflect.TypeOf((*LbRouteExtensionExtensionChainExtension)(nil)).Elem() +} + +func (i LbRouteExtensionExtensionChainExtensionArgs) ToLbRouteExtensionExtensionChainExtensionOutput() LbRouteExtensionExtensionChainExtensionOutput { + return i.ToLbRouteExtensionExtensionChainExtensionOutputWithContext(context.Background()) +} + +func (i LbRouteExtensionExtensionChainExtensionArgs) ToLbRouteExtensionExtensionChainExtensionOutputWithContext(ctx context.Context) LbRouteExtensionExtensionChainExtensionOutput { + return pulumi.ToOutputWithContext(ctx, i).(LbRouteExtensionExtensionChainExtensionOutput) +} + +// LbRouteExtensionExtensionChainExtensionArrayInput is an input type that accepts LbRouteExtensionExtensionChainExtensionArray and LbRouteExtensionExtensionChainExtensionArrayOutput values. +// You can construct a concrete instance of `LbRouteExtensionExtensionChainExtensionArrayInput` via: +// +// LbRouteExtensionExtensionChainExtensionArray{ LbRouteExtensionExtensionChainExtensionArgs{...} } +type LbRouteExtensionExtensionChainExtensionArrayInput interface { + pulumi.Input + + ToLbRouteExtensionExtensionChainExtensionArrayOutput() LbRouteExtensionExtensionChainExtensionArrayOutput + ToLbRouteExtensionExtensionChainExtensionArrayOutputWithContext(context.Context) LbRouteExtensionExtensionChainExtensionArrayOutput +} + +type LbRouteExtensionExtensionChainExtensionArray []LbRouteExtensionExtensionChainExtensionInput + +func (LbRouteExtensionExtensionChainExtensionArray) ElementType() reflect.Type { + return reflect.TypeOf((*[]LbRouteExtensionExtensionChainExtension)(nil)).Elem() +} + +func (i LbRouteExtensionExtensionChainExtensionArray) ToLbRouteExtensionExtensionChainExtensionArrayOutput() LbRouteExtensionExtensionChainExtensionArrayOutput { + return i.ToLbRouteExtensionExtensionChainExtensionArrayOutputWithContext(context.Background()) +} + +func (i LbRouteExtensionExtensionChainExtensionArray) ToLbRouteExtensionExtensionChainExtensionArrayOutputWithContext(ctx context.Context) LbRouteExtensionExtensionChainExtensionArrayOutput { + return pulumi.ToOutputWithContext(ctx, i).(LbRouteExtensionExtensionChainExtensionArrayOutput) +} + +type LbRouteExtensionExtensionChainExtensionOutput struct{ *pulumi.OutputState } + +func (LbRouteExtensionExtensionChainExtensionOutput) ElementType() reflect.Type { + return reflect.TypeOf((*LbRouteExtensionExtensionChainExtension)(nil)).Elem() +} + +func (o LbRouteExtensionExtensionChainExtensionOutput) ToLbRouteExtensionExtensionChainExtensionOutput() LbRouteExtensionExtensionChainExtensionOutput { + return o +} + +func (o LbRouteExtensionExtensionChainExtensionOutput) ToLbRouteExtensionExtensionChainExtensionOutputWithContext(ctx context.Context) LbRouteExtensionExtensionChainExtensionOutput { + return o +} + +// The :authority header in the gRPC request sent from Envoy to the extension service. +func (o LbRouteExtensionExtensionChainExtensionOutput) Authority() pulumi.StringPtrOutput { + return o.ApplyT(func(v LbRouteExtensionExtensionChainExtension) *string { return v.Authority }).(pulumi.StringPtrOutput) +} + +// Determines how the proxy behaves if the call to the extension fails or times out. +// When set to TRUE, request or response processing continues without error. +// Any subsequent extensions in the extension chain are also executed. +// When set to FALSE: * If response headers have not been delivered to the downstream client, +// a generic 500 error is returned to the client. The error response can be tailored by +// configuring a custom error response in the load balancer. +func (o LbRouteExtensionExtensionChainExtensionOutput) FailOpen() pulumi.BoolPtrOutput { + return o.ApplyT(func(v LbRouteExtensionExtensionChainExtension) *bool { return v.FailOpen }).(pulumi.BoolPtrOutput) +} + +// List of the HTTP headers to forward to the extension (from the client or backend). +// If omitted, all headers are sent. Each element is a string indicating the header name. +// +// *** +func (o LbRouteExtensionExtensionChainExtensionOutput) ForwardHeaders() pulumi.StringArrayOutput { + return o.ApplyT(func(v LbRouteExtensionExtensionChainExtension) []string { return v.ForwardHeaders }).(pulumi.StringArrayOutput) +} + +// The name for this extension. The name is logged as part of the HTTP request logs. +// The name must conform with RFC-1034, is restricted to lower-cased letters, numbers and hyphens, +// and can have a maximum length of 63 characters. Additionally, the first character must be a letter +// and the last a letter or a number. +func (o LbRouteExtensionExtensionChainExtensionOutput) Name() pulumi.StringOutput { + return o.ApplyT(func(v LbRouteExtensionExtensionChainExtension) string { return v.Name }).(pulumi.StringOutput) +} + +// The reference to the service that runs the extension. Must be a reference to a backend service +func (o LbRouteExtensionExtensionChainExtensionOutput) Service() pulumi.StringOutput { + return o.ApplyT(func(v LbRouteExtensionExtensionChainExtension) string { return v.Service }).(pulumi.StringOutput) +} + +// Specifies the timeout for each individual message on the stream. The timeout must be between 10-1000 milliseconds. +// A duration in seconds with up to nine fractional digits, ending with 's'. Example: "3.5s". +func (o LbRouteExtensionExtensionChainExtensionOutput) Timeout() pulumi.StringPtrOutput { + return o.ApplyT(func(v LbRouteExtensionExtensionChainExtension) *string { return v.Timeout }).(pulumi.StringPtrOutput) +} + +type LbRouteExtensionExtensionChainExtensionArrayOutput struct{ *pulumi.OutputState } + +func (LbRouteExtensionExtensionChainExtensionArrayOutput) ElementType() reflect.Type { + return reflect.TypeOf((*[]LbRouteExtensionExtensionChainExtension)(nil)).Elem() +} + +func (o LbRouteExtensionExtensionChainExtensionArrayOutput) ToLbRouteExtensionExtensionChainExtensionArrayOutput() LbRouteExtensionExtensionChainExtensionArrayOutput { + return o +} + +func (o LbRouteExtensionExtensionChainExtensionArrayOutput) ToLbRouteExtensionExtensionChainExtensionArrayOutputWithContext(ctx context.Context) LbRouteExtensionExtensionChainExtensionArrayOutput { + return o +} + +func (o LbRouteExtensionExtensionChainExtensionArrayOutput) Index(i pulumi.IntInput) LbRouteExtensionExtensionChainExtensionOutput { + return pulumi.All(o, i).ApplyT(func(vs []interface{}) LbRouteExtensionExtensionChainExtension { + return vs[0].([]LbRouteExtensionExtensionChainExtension)[vs[1].(int)] + }).(LbRouteExtensionExtensionChainExtensionOutput) +} + +type LbRouteExtensionExtensionChainMatchCondition struct { + // A Common Expression Language (CEL) expression that is used to match requests for which the extension chain is executed. + CelExpression string `pulumi:"celExpression"` +} + +// LbRouteExtensionExtensionChainMatchConditionInput is an input type that accepts LbRouteExtensionExtensionChainMatchConditionArgs and LbRouteExtensionExtensionChainMatchConditionOutput values. +// You can construct a concrete instance of `LbRouteExtensionExtensionChainMatchConditionInput` via: +// +// LbRouteExtensionExtensionChainMatchConditionArgs{...} +type LbRouteExtensionExtensionChainMatchConditionInput interface { + pulumi.Input + + ToLbRouteExtensionExtensionChainMatchConditionOutput() LbRouteExtensionExtensionChainMatchConditionOutput + ToLbRouteExtensionExtensionChainMatchConditionOutputWithContext(context.Context) LbRouteExtensionExtensionChainMatchConditionOutput +} + +type LbRouteExtensionExtensionChainMatchConditionArgs struct { + // A Common Expression Language (CEL) expression that is used to match requests for which the extension chain is executed. + CelExpression pulumi.StringInput `pulumi:"celExpression"` +} + +func (LbRouteExtensionExtensionChainMatchConditionArgs) ElementType() reflect.Type { + return reflect.TypeOf((*LbRouteExtensionExtensionChainMatchCondition)(nil)).Elem() +} + +func (i LbRouteExtensionExtensionChainMatchConditionArgs) ToLbRouteExtensionExtensionChainMatchConditionOutput() LbRouteExtensionExtensionChainMatchConditionOutput { + return i.ToLbRouteExtensionExtensionChainMatchConditionOutputWithContext(context.Background()) +} + +func (i LbRouteExtensionExtensionChainMatchConditionArgs) ToLbRouteExtensionExtensionChainMatchConditionOutputWithContext(ctx context.Context) LbRouteExtensionExtensionChainMatchConditionOutput { + return pulumi.ToOutputWithContext(ctx, i).(LbRouteExtensionExtensionChainMatchConditionOutput) +} + +type LbRouteExtensionExtensionChainMatchConditionOutput struct{ *pulumi.OutputState } + +func (LbRouteExtensionExtensionChainMatchConditionOutput) ElementType() reflect.Type { + return reflect.TypeOf((*LbRouteExtensionExtensionChainMatchCondition)(nil)).Elem() +} + +func (o LbRouteExtensionExtensionChainMatchConditionOutput) ToLbRouteExtensionExtensionChainMatchConditionOutput() LbRouteExtensionExtensionChainMatchConditionOutput { + return o +} + +func (o LbRouteExtensionExtensionChainMatchConditionOutput) ToLbRouteExtensionExtensionChainMatchConditionOutputWithContext(ctx context.Context) LbRouteExtensionExtensionChainMatchConditionOutput { + return o +} + +// A Common Expression Language (CEL) expression that is used to match requests for which the extension chain is executed. +func (o LbRouteExtensionExtensionChainMatchConditionOutput) CelExpression() pulumi.StringOutput { + return o.ApplyT(func(v LbRouteExtensionExtensionChainMatchCondition) string { return v.CelExpression }).(pulumi.StringOutput) +} + type LbTrafficExtensionExtensionChain struct { // A set of extensions to execute for the matching request. // At least one extension is required. Up to 3 extensions can be defined for each extension chain for @@ -10981,7 +11349,7 @@ func (o LbTrafficExtensionExtensionChainArrayOutput) Index(i pulumi.IntInput) Lb type LbTrafficExtensionExtensionChainExtension struct { // The :authority header in the gRPC request sent from Envoy to the extension service. - Authority string `pulumi:"authority"` + Authority *string `pulumi:"authority"` // Determines how the proxy behaves if the call to the extension fails or times out. // When set to TRUE, request or response processing continues without error. // Any subsequent extensions in the extension chain are also executed. @@ -11008,7 +11376,7 @@ type LbTrafficExtensionExtensionChainExtension struct { SupportedEvents []string `pulumi:"supportedEvents"` // Specifies the timeout for each individual message on the stream. The timeout must be between 10-1000 milliseconds. // A duration in seconds with up to nine fractional digits, ending with 's'. Example: "3.5s". - Timeout string `pulumi:"timeout"` + Timeout *string `pulumi:"timeout"` } // LbTrafficExtensionExtensionChainExtensionInput is an input type that accepts LbTrafficExtensionExtensionChainExtensionArgs and LbTrafficExtensionExtensionChainExtensionOutput values. @@ -11024,7 +11392,7 @@ type LbTrafficExtensionExtensionChainExtensionInput interface { type LbTrafficExtensionExtensionChainExtensionArgs struct { // The :authority header in the gRPC request sent from Envoy to the extension service. - Authority pulumi.StringInput `pulumi:"authority"` + Authority pulumi.StringPtrInput `pulumi:"authority"` // Determines how the proxy behaves if the call to the extension fails or times out. // When set to TRUE, request or response processing continues without error. // Any subsequent extensions in the extension chain are also executed. @@ -11051,7 +11419,7 @@ type LbTrafficExtensionExtensionChainExtensionArgs struct { SupportedEvents pulumi.StringArrayInput `pulumi:"supportedEvents"` // Specifies the timeout for each individual message on the stream. The timeout must be between 10-1000 milliseconds. // A duration in seconds with up to nine fractional digits, ending with 's'. Example: "3.5s". - Timeout pulumi.StringInput `pulumi:"timeout"` + Timeout pulumi.StringPtrInput `pulumi:"timeout"` } func (LbTrafficExtensionExtensionChainExtensionArgs) ElementType() reflect.Type { @@ -11106,8 +11474,8 @@ func (o LbTrafficExtensionExtensionChainExtensionOutput) ToLbTrafficExtensionExt } // The :authority header in the gRPC request sent from Envoy to the extension service. -func (o LbTrafficExtensionExtensionChainExtensionOutput) Authority() pulumi.StringOutput { - return o.ApplyT(func(v LbTrafficExtensionExtensionChainExtension) string { return v.Authority }).(pulumi.StringOutput) +func (o LbTrafficExtensionExtensionChainExtensionOutput) Authority() pulumi.StringPtrOutput { + return o.ApplyT(func(v LbTrafficExtensionExtensionChainExtension) *string { return v.Authority }).(pulumi.StringPtrOutput) } // Determines how the proxy behaves if the call to the extension fails or times out. @@ -11151,8 +11519,8 @@ func (o LbTrafficExtensionExtensionChainExtensionOutput) SupportedEvents() pulum // Specifies the timeout for each individual message on the stream. The timeout must be between 10-1000 milliseconds. // A duration in seconds with up to nine fractional digits, ending with 's'. Example: "3.5s". -func (o LbTrafficExtensionExtensionChainExtensionOutput) Timeout() pulumi.StringOutput { - return o.ApplyT(func(v LbTrafficExtensionExtensionChainExtension) string { return v.Timeout }).(pulumi.StringOutput) +func (o LbTrafficExtensionExtensionChainExtensionOutput) Timeout() pulumi.StringPtrOutput { + return o.ApplyT(func(v LbTrafficExtensionExtensionChainExtension) *string { return v.Timeout }).(pulumi.StringPtrOutput) } type LbTrafficExtensionExtensionChainExtensionArrayOutput struct{ *pulumi.OutputState } @@ -12149,6 +12517,11 @@ func init() { pulumi.RegisterInputType(reflect.TypeOf((*HttpRouteRuleMatchHeaderRangeMatchPtrInput)(nil)).Elem(), HttpRouteRuleMatchHeaderRangeMatchArgs{}) pulumi.RegisterInputType(reflect.TypeOf((*HttpRouteRuleMatchQueryParameterInput)(nil)).Elem(), HttpRouteRuleMatchQueryParameterArgs{}) pulumi.RegisterInputType(reflect.TypeOf((*HttpRouteRuleMatchQueryParameterArrayInput)(nil)).Elem(), HttpRouteRuleMatchQueryParameterArray{}) + pulumi.RegisterInputType(reflect.TypeOf((*LbRouteExtensionExtensionChainInput)(nil)).Elem(), LbRouteExtensionExtensionChainArgs{}) + pulumi.RegisterInputType(reflect.TypeOf((*LbRouteExtensionExtensionChainArrayInput)(nil)).Elem(), LbRouteExtensionExtensionChainArray{}) + pulumi.RegisterInputType(reflect.TypeOf((*LbRouteExtensionExtensionChainExtensionInput)(nil)).Elem(), LbRouteExtensionExtensionChainExtensionArgs{}) + pulumi.RegisterInputType(reflect.TypeOf((*LbRouteExtensionExtensionChainExtensionArrayInput)(nil)).Elem(), LbRouteExtensionExtensionChainExtensionArray{}) + pulumi.RegisterInputType(reflect.TypeOf((*LbRouteExtensionExtensionChainMatchConditionInput)(nil)).Elem(), LbRouteExtensionExtensionChainMatchConditionArgs{}) pulumi.RegisterInputType(reflect.TypeOf((*LbTrafficExtensionExtensionChainInput)(nil)).Elem(), LbTrafficExtensionExtensionChainArgs{}) pulumi.RegisterInputType(reflect.TypeOf((*LbTrafficExtensionExtensionChainArrayInput)(nil)).Elem(), LbTrafficExtensionExtensionChainArray{}) pulumi.RegisterInputType(reflect.TypeOf((*LbTrafficExtensionExtensionChainExtensionInput)(nil)).Elem(), LbTrafficExtensionExtensionChainExtensionArgs{}) @@ -12292,6 +12665,11 @@ func init() { pulumi.RegisterOutputType(HttpRouteRuleMatchHeaderRangeMatchPtrOutput{}) pulumi.RegisterOutputType(HttpRouteRuleMatchQueryParameterOutput{}) pulumi.RegisterOutputType(HttpRouteRuleMatchQueryParameterArrayOutput{}) + pulumi.RegisterOutputType(LbRouteExtensionExtensionChainOutput{}) + pulumi.RegisterOutputType(LbRouteExtensionExtensionChainArrayOutput{}) + pulumi.RegisterOutputType(LbRouteExtensionExtensionChainExtensionOutput{}) + pulumi.RegisterOutputType(LbRouteExtensionExtensionChainExtensionArrayOutput{}) + pulumi.RegisterOutputType(LbRouteExtensionExtensionChainMatchConditionOutput{}) pulumi.RegisterOutputType(LbTrafficExtensionExtensionChainOutput{}) pulumi.RegisterOutputType(LbTrafficExtensionExtensionChainArrayOutput{}) pulumi.RegisterOutputType(LbTrafficExtensionExtensionChainExtensionOutput{}) diff --git a/sdk/go/gcp/orgpolicy/policy.go b/sdk/go/gcp/orgpolicy/policy.go index c793dc5d9f..73d6ae0744 100644 --- a/sdk/go/gcp/orgpolicy/policy.go +++ b/sdk/go/gcp/orgpolicy/policy.go @@ -223,7 +223,7 @@ import ( // func main() { // pulumi.Run(func(ctx *pulumi.Context) error { // constraint, err := orgpolicy.NewCustomConstraint(ctx, "constraint", &orgpolicy.CustomConstraintArgs{ -// Name: pulumi.String("custom.disableGkeAutoUpgrade_87786"), +// Name: pulumi.String("custom.disableGkeAutoUpgrade_2067"), // Parent: pulumi.String("organizations/123456789"), // DisplayName: pulumi.String("Disable GKE auto upgrade"), // Description: pulumi.String("Only allow GKE NodePool resource to be created or updated if AutoUpgrade is not enabled where this custom constraint is enforced."), diff --git a/sdk/go/gcp/pubsub/pulumiTypes.go b/sdk/go/gcp/pubsub/pulumiTypes.go index 854e05f693..e870eb5592 100644 --- a/sdk/go/gcp/pubsub/pulumiTypes.go +++ b/sdk/go/gcp/pubsub/pulumiTypes.go @@ -1348,6 +1348,8 @@ type SubscriptionCloudStorageConfig struct { AvroConfig *SubscriptionCloudStorageConfigAvroConfig `pulumi:"avroConfig"` // User-provided name for the Cloud Storage bucket. The bucket must be created by the user. The bucket name must be without any prefix like "gs://". Bucket string `pulumi:"bucket"` + // User-provided format string specifying how to represent datetimes in Cloud Storage filenames. + FilenameDatetimeFormat *string `pulumi:"filenameDatetimeFormat"` // User-provided prefix for Cloud Storage filename. FilenamePrefix *string `pulumi:"filenamePrefix"` // User-provided suffix for Cloud Storage filename. Must not end in "/". @@ -1381,6 +1383,8 @@ type SubscriptionCloudStorageConfigArgs struct { AvroConfig SubscriptionCloudStorageConfigAvroConfigPtrInput `pulumi:"avroConfig"` // User-provided name for the Cloud Storage bucket. The bucket must be created by the user. The bucket name must be without any prefix like "gs://". Bucket pulumi.StringInput `pulumi:"bucket"` + // User-provided format string specifying how to represent datetimes in Cloud Storage filenames. + FilenameDatetimeFormat pulumi.StringPtrInput `pulumi:"filenameDatetimeFormat"` // User-provided prefix for Cloud Storage filename. FilenamePrefix pulumi.StringPtrInput `pulumi:"filenamePrefix"` // User-provided suffix for Cloud Storage filename. Must not end in "/". @@ -1485,6 +1489,11 @@ func (o SubscriptionCloudStorageConfigOutput) Bucket() pulumi.StringOutput { return o.ApplyT(func(v SubscriptionCloudStorageConfig) string { return v.Bucket }).(pulumi.StringOutput) } +// User-provided format string specifying how to represent datetimes in Cloud Storage filenames. +func (o SubscriptionCloudStorageConfigOutput) FilenameDatetimeFormat() pulumi.StringPtrOutput { + return o.ApplyT(func(v SubscriptionCloudStorageConfig) *string { return v.FilenameDatetimeFormat }).(pulumi.StringPtrOutput) +} + // User-provided prefix for Cloud Storage filename. func (o SubscriptionCloudStorageConfigOutput) FilenamePrefix() pulumi.StringPtrOutput { return o.ApplyT(func(v SubscriptionCloudStorageConfig) *string { return v.FilenamePrefix }).(pulumi.StringPtrOutput) @@ -1559,6 +1568,16 @@ func (o SubscriptionCloudStorageConfigPtrOutput) Bucket() pulumi.StringPtrOutput }).(pulumi.StringPtrOutput) } +// User-provided format string specifying how to represent datetimes in Cloud Storage filenames. +func (o SubscriptionCloudStorageConfigPtrOutput) FilenameDatetimeFormat() pulumi.StringPtrOutput { + return o.ApplyT(func(v *SubscriptionCloudStorageConfig) *string { + if v == nil { + return nil + } + return v.FilenameDatetimeFormat + }).(pulumi.StringPtrOutput) +} + // User-provided prefix for Cloud Storage filename. func (o SubscriptionCloudStorageConfigPtrOutput) FilenamePrefix() pulumi.StringPtrOutput { return o.ApplyT(func(v *SubscriptionCloudStorageConfig) *string { @@ -4405,6 +4424,8 @@ type GetSubscriptionCloudStorageConfig struct { AvroConfigs []GetSubscriptionCloudStorageConfigAvroConfig `pulumi:"avroConfigs"` // User-provided name for the Cloud Storage bucket. The bucket must be created by the user. The bucket name must be without any prefix like "gs://". Bucket string `pulumi:"bucket"` + // User-provided format string specifying how to represent datetimes in Cloud Storage filenames. + FilenameDatetimeFormat string `pulumi:"filenameDatetimeFormat"` // User-provided prefix for Cloud Storage filename. FilenamePrefix string `pulumi:"filenamePrefix"` // User-provided suffix for Cloud Storage filename. Must not end in "/". @@ -4436,6 +4457,8 @@ type GetSubscriptionCloudStorageConfigArgs struct { AvroConfigs GetSubscriptionCloudStorageConfigAvroConfigArrayInput `pulumi:"avroConfigs"` // User-provided name for the Cloud Storage bucket. The bucket must be created by the user. The bucket name must be without any prefix like "gs://". Bucket pulumi.StringInput `pulumi:"bucket"` + // User-provided format string specifying how to represent datetimes in Cloud Storage filenames. + FilenameDatetimeFormat pulumi.StringInput `pulumi:"filenameDatetimeFormat"` // User-provided prefix for Cloud Storage filename. FilenamePrefix pulumi.StringInput `pulumi:"filenamePrefix"` // User-provided suffix for Cloud Storage filename. Must not end in "/". @@ -4514,6 +4537,11 @@ func (o GetSubscriptionCloudStorageConfigOutput) Bucket() pulumi.StringOutput { return o.ApplyT(func(v GetSubscriptionCloudStorageConfig) string { return v.Bucket }).(pulumi.StringOutput) } +// User-provided format string specifying how to represent datetimes in Cloud Storage filenames. +func (o GetSubscriptionCloudStorageConfigOutput) FilenameDatetimeFormat() pulumi.StringOutput { + return o.ApplyT(func(v GetSubscriptionCloudStorageConfig) string { return v.FilenameDatetimeFormat }).(pulumi.StringOutput) +} + // User-provided prefix for Cloud Storage filename. func (o GetSubscriptionCloudStorageConfigOutput) FilenamePrefix() pulumi.StringOutput { return o.ApplyT(func(v GetSubscriptionCloudStorageConfig) string { return v.FilenamePrefix }).(pulumi.StringOutput) diff --git a/sdk/go/gcp/pubsub/subscription.go b/sdk/go/gcp/pubsub/subscription.go index d1e90e5ff8..155054699b 100644 --- a/sdk/go/gcp/pubsub/subscription.go +++ b/sdk/go/gcp/pubsub/subscription.go @@ -390,11 +390,12 @@ import ( // Name: pulumi.String("example-subscription"), // Topic: exampleTopic.ID(), // CloudStorageConfig: &pubsub.SubscriptionCloudStorageConfigArgs{ -// Bucket: example.Name, -// FilenamePrefix: pulumi.String("pre-"), -// FilenameSuffix: pulumi.String("-_2067"), -// MaxBytes: pulumi.Int(1000), -// MaxDuration: pulumi.String("300s"), +// Bucket: example.Name, +// FilenamePrefix: pulumi.String("pre-"), +// FilenameSuffix: pulumi.String("-_40785"), +// FilenameDatetimeFormat: pulumi.String("YYYY-MM-DD/hh_mm_ssZ"), +// MaxBytes: pulumi.Int(1000), +// MaxDuration: pulumi.String("300s"), // }, // }, pulumi.DependsOn([]pulumi.Resource{ // example, @@ -456,11 +457,12 @@ import ( // Name: pulumi.String("example-subscription"), // Topic: exampleTopic.ID(), // CloudStorageConfig: &pubsub.SubscriptionCloudStorageConfigArgs{ -// Bucket: example.Name, -// FilenamePrefix: pulumi.String("pre-"), -// FilenameSuffix: pulumi.String("-_40785"), -// MaxBytes: pulumi.Int(1000), -// MaxDuration: pulumi.String("300s"), +// Bucket: example.Name, +// FilenamePrefix: pulumi.String("pre-"), +// FilenameSuffix: pulumi.String("-_79169"), +// FilenameDatetimeFormat: pulumi.String("YYYY-MM-DD/hh_mm_ssZ"), +// MaxBytes: pulumi.Int(1000), +// MaxDuration: pulumi.String("300s"), // AvroConfig: &pubsub.SubscriptionCloudStorageConfigAvroConfigArgs{ // WriteMetadata: pulumi.Bool(true), // }, diff --git a/sdk/go/gcp/sql/user.go b/sdk/go/gcp/sql/user.go index 03c15cc58b..b6e89b4a04 100644 --- a/sdk/go/gcp/sql/user.go +++ b/sdk/go/gcp/sql/user.go @@ -99,7 +99,7 @@ import ( // Tier: pulumi.String("db-f1-micro"), // DatabaseFlags: sql.DatabaseInstanceSettingsDatabaseFlagArray{ // &sql.DatabaseInstanceSettingsDatabaseFlagArgs{ -// Name: pulumi.String("cloudsql.iam_authentication"), +// Name: pulumi.String("cloudsql_iam_authentication"), // Value: pulumi.String("on"), // }, // }, @@ -169,7 +169,7 @@ import ( // Tier: pulumi.String("db-f1-micro"), // DatabaseFlags: sql.DatabaseInstanceSettingsDatabaseFlagArray{ // &sql.DatabaseInstanceSettingsDatabaseFlagArgs{ -// Name: pulumi.String("cloudsql.iam_authentication"), +// Name: pulumi.String("cloudsql_iam_authentication"), // Value: pulumi.String("on"), // }, // }, diff --git a/sdk/go/gcp/tpu/pulumiTypes.go b/sdk/go/gcp/tpu/pulumiTypes.go index 81ebf99e68..d2c8731a63 100644 --- a/sdk/go/gcp/tpu/pulumiTypes.go +++ b/sdk/go/gcp/tpu/pulumiTypes.go @@ -266,7 +266,7 @@ type V2VmAcceleratorConfig struct { // Topology of TPU in chips. Topology string `pulumi:"topology"` // Type of TPU. - // Possible values are: `V2`, `V3`, `V4`. + // Possible values are: `V2`, `V3`, `V4`, `V5P`. Type string `pulumi:"type"` } @@ -285,7 +285,7 @@ type V2VmAcceleratorConfigArgs struct { // Topology of TPU in chips. Topology pulumi.StringInput `pulumi:"topology"` // Type of TPU. - // Possible values are: `V2`, `V3`, `V4`. + // Possible values are: `V2`, `V3`, `V4`, `V5P`. Type pulumi.StringInput `pulumi:"type"` } @@ -372,7 +372,7 @@ func (o V2VmAcceleratorConfigOutput) Topology() pulumi.StringOutput { } // Type of TPU. -// Possible values are: `V2`, `V3`, `V4`. +// Possible values are: `V2`, `V3`, `V4`, `V5P`. func (o V2VmAcceleratorConfigOutput) Type() pulumi.StringOutput { return o.ApplyT(func(v V2VmAcceleratorConfig) string { return v.Type }).(pulumi.StringOutput) } @@ -412,7 +412,7 @@ func (o V2VmAcceleratorConfigPtrOutput) Topology() pulumi.StringPtrOutput { } // Type of TPU. -// Possible values are: `V2`, `V3`, `V4`. +// Possible values are: `V2`, `V3`, `V4`, `V5P`. func (o V2VmAcceleratorConfigPtrOutput) Type() pulumi.StringPtrOutput { return o.ApplyT(func(v *V2VmAcceleratorConfig) *string { if v == nil { diff --git a/sdk/java/src/main/java/com/pulumi/gcp/appengine/DomainMapping.java b/sdk/java/src/main/java/com/pulumi/gcp/appengine/DomainMapping.java index 140e5f154e..69a18f34b6 100644 --- a/sdk/java/src/main/java/com/pulumi/gcp/appengine/DomainMapping.java +++ b/sdk/java/src/main/java/com/pulumi/gcp/appengine/DomainMapping.java @@ -186,15 +186,15 @@ public Output> resourceRecords() { * */ @Export(name="sslSettings", refs={DomainMappingSslSettings.class}, tree="[0]") - private Output sslSettings; + private Output sslSettings; /** * @return SSL configuration for this domain. If unconfigured, this domain will not serve with SSL. * Structure is documented below. * */ - public Output> sslSettings() { - return Codegen.optional(this.sslSettings); + public Output sslSettings() { + return this.sslSettings; } /** diff --git a/sdk/java/src/main/java/com/pulumi/gcp/appengine/inputs/FlexibleAppVersionNetworkArgs.java b/sdk/java/src/main/java/com/pulumi/gcp/appengine/inputs/FlexibleAppVersionNetworkArgs.java index 9d9b1a8a1c..5ffdf1db14 100644 --- a/sdk/java/src/main/java/com/pulumi/gcp/appengine/inputs/FlexibleAppVersionNetworkArgs.java +++ b/sdk/java/src/main/java/com/pulumi/gcp/appengine/inputs/FlexibleAppVersionNetworkArgs.java @@ -33,6 +33,23 @@ public Optional>> forwardedPorts() { return Optional.ofNullable(this.forwardedPorts); } + /** + * Prevent instances from receiving an ephemeral external IP address. + * Possible values are: `EXTERNAL`, `INTERNAL`. + * + */ + @Import(name="instanceIpMode") + private @Nullable Output instanceIpMode; + + /** + * @return Prevent instances from receiving an ephemeral external IP address. + * Possible values are: `EXTERNAL`, `INTERNAL`. + * + */ + public Optional> instanceIpMode() { + return Optional.ofNullable(this.instanceIpMode); + } + /** * Tag to apply to the instance during creation. * @@ -105,6 +122,7 @@ private FlexibleAppVersionNetworkArgs() {} private FlexibleAppVersionNetworkArgs(FlexibleAppVersionNetworkArgs $) { this.forwardedPorts = $.forwardedPorts; + this.instanceIpMode = $.instanceIpMode; this.instanceTag = $.instanceTag; this.name = $.name; this.sessionAffinity = $.sessionAffinity; @@ -160,6 +178,29 @@ public Builder forwardedPorts(String... forwardedPorts) { return forwardedPorts(List.of(forwardedPorts)); } + /** + * @param instanceIpMode Prevent instances from receiving an ephemeral external IP address. + * Possible values are: `EXTERNAL`, `INTERNAL`. + * + * @return builder + * + */ + public Builder instanceIpMode(@Nullable Output instanceIpMode) { + $.instanceIpMode = instanceIpMode; + return this; + } + + /** + * @param instanceIpMode Prevent instances from receiving an ephemeral external IP address. + * Possible values are: `EXTERNAL`, `INTERNAL`. + * + * @return builder + * + */ + public Builder instanceIpMode(String instanceIpMode) { + return instanceIpMode(Output.of(instanceIpMode)); + } + /** * @param instanceTag Tag to apply to the instance during creation. * diff --git a/sdk/java/src/main/java/com/pulumi/gcp/appengine/outputs/FlexibleAppVersionNetwork.java b/sdk/java/src/main/java/com/pulumi/gcp/appengine/outputs/FlexibleAppVersionNetwork.java index 43d8762c1d..50e7850b22 100644 --- a/sdk/java/src/main/java/com/pulumi/gcp/appengine/outputs/FlexibleAppVersionNetwork.java +++ b/sdk/java/src/main/java/com/pulumi/gcp/appengine/outputs/FlexibleAppVersionNetwork.java @@ -19,6 +19,12 @@ public final class FlexibleAppVersionNetwork { * */ private @Nullable List forwardedPorts; + /** + * @return Prevent instances from receiving an ephemeral external IP address. + * Possible values are: `EXTERNAL`, `INTERNAL`. + * + */ + private @Nullable String instanceIpMode; /** * @return Tag to apply to the instance during creation. * @@ -52,6 +58,14 @@ private FlexibleAppVersionNetwork() {} public List forwardedPorts() { return this.forwardedPorts == null ? List.of() : this.forwardedPorts; } + /** + * @return Prevent instances from receiving an ephemeral external IP address. + * Possible values are: `EXTERNAL`, `INTERNAL`. + * + */ + public Optional instanceIpMode() { + return Optional.ofNullable(this.instanceIpMode); + } /** * @return Tag to apply to the instance during creation. * @@ -95,6 +109,7 @@ public static Builder builder(FlexibleAppVersionNetwork defaults) { @CustomType.Builder public static final class Builder { private @Nullable List forwardedPorts; + private @Nullable String instanceIpMode; private @Nullable String instanceTag; private String name; private @Nullable Boolean sessionAffinity; @@ -103,6 +118,7 @@ public Builder() {} public Builder(FlexibleAppVersionNetwork defaults) { Objects.requireNonNull(defaults); this.forwardedPorts = defaults.forwardedPorts; + this.instanceIpMode = defaults.instanceIpMode; this.instanceTag = defaults.instanceTag; this.name = defaults.name; this.sessionAffinity = defaults.sessionAffinity; @@ -119,6 +135,12 @@ public Builder forwardedPorts(String... forwardedPorts) { return forwardedPorts(List.of(forwardedPorts)); } @CustomType.Setter + public Builder instanceIpMode(@Nullable String instanceIpMode) { + + this.instanceIpMode = instanceIpMode; + return this; + } + @CustomType.Setter public Builder instanceTag(@Nullable String instanceTag) { this.instanceTag = instanceTag; @@ -147,6 +169,7 @@ public Builder subnetwork(@Nullable String subnetwork) { public FlexibleAppVersionNetwork build() { final var _resultValue = new FlexibleAppVersionNetwork(); _resultValue.forwardedPorts = forwardedPorts; + _resultValue.instanceIpMode = instanceIpMode; _resultValue.instanceTag = instanceTag; _resultValue.name = name; _resultValue.sessionAffinity = sessionAffinity; diff --git a/sdk/java/src/main/java/com/pulumi/gcp/bigquery/Table.java b/sdk/java/src/main/java/com/pulumi/gcp/bigquery/Table.java index acb847ac0d..6258d9c563 100644 --- a/sdk/java/src/main/java/com/pulumi/gcp/bigquery/Table.java +++ b/sdk/java/src/main/java/com/pulumi/gcp/bigquery/Table.java @@ -146,14 +146,16 @@ @ResourceType(type="gcp:bigquery/table:Table") public class Table extends com.pulumi.resources.CustomResource { /** - * Whether or not to allow table deletion when there are still resource tags attached. + * This field is in beta. If set to true, it allows table deletion when there + * are still resource tags attached. The default value is false. * */ @Export(name="allowResourceTagsOnDeletion", refs={Boolean.class}, tree="[0]") private Output allowResourceTagsOnDeletion; /** - * @return Whether or not to allow table deletion when there are still resource tags attached. + * @return This field is in beta. If set to true, it allows table deletion when there + * are still resource tags attached. The default value is false. * */ public Output> allowResourceTagsOnDeletion() { @@ -558,18 +560,22 @@ public Output> requirePartitionFilter() { return Codegen.optional(this.requirePartitionFilter); } /** - * The tags attached to this table. Tag keys are globally unique. Tag key is expected to be in the namespaced format, for - * example "123456789012/environment" where 123456789012 is the ID of the parent organization or project resource for this - * tag key. Tag value is expected to be the short name, for example "Production". + * This field is in beta. The tags attached to this table. Tag keys are + * globally unique. Tag key is expected to be in the namespaced format, for + * example "123456789012/environment" where 123456789012 is the ID of the + * parent organization or project resource for this tag key. Tag value is + * expected to be the short name, for example "Production". * */ @Export(name="resourceTags", refs={Map.class,String.class}, tree="[0,1,1]") private Output> resourceTags; /** - * @return The tags attached to this table. Tag keys are globally unique. Tag key is expected to be in the namespaced format, for - * example "123456789012/environment" where 123456789012 is the ID of the parent organization or project resource for this - * tag key. Tag value is expected to be the short name, for example "Production". + * @return This field is in beta. The tags attached to this table. Tag keys are + * globally unique. Tag key is expected to be in the namespaced format, for + * example "123456789012/environment" where 123456789012 is the ID of the + * parent organization or project resource for this tag key. Tag value is + * expected to be the short name, for example "Production". * */ public Output>> resourceTags() { @@ -636,14 +642,20 @@ public Output tableId() { return this.tableId; } /** - * Replication info of a table created using "AS REPLICA" DDL like: "CREATE MATERIALIZED VIEW mv1 AS REPLICA OF src_mv". + * Replication info of a table created + * using "AS REPLICA" DDL like: + * `CREATE MATERIALIZED VIEW mv1 AS REPLICA OF src_mv`. + * Structure is documented below. * */ @Export(name="tableReplicationInfo", refs={TableTableReplicationInfo.class}, tree="[0]") private Output tableReplicationInfo; /** - * @return Replication info of a table created using "AS REPLICA" DDL like: "CREATE MATERIALIZED VIEW mv1 AS REPLICA OF src_mv". + * @return Replication info of a table created + * using "AS REPLICA" DDL like: + * `CREATE MATERIALIZED VIEW mv1 AS REPLICA OF src_mv`. + * Structure is documented below. * */ public Output> tableReplicationInfo() { diff --git a/sdk/java/src/main/java/com/pulumi/gcp/bigquery/TableArgs.java b/sdk/java/src/main/java/com/pulumi/gcp/bigquery/TableArgs.java index ffd424ced2..2eba92eff7 100644 --- a/sdk/java/src/main/java/com/pulumi/gcp/bigquery/TableArgs.java +++ b/sdk/java/src/main/java/com/pulumi/gcp/bigquery/TableArgs.java @@ -29,14 +29,16 @@ public final class TableArgs extends com.pulumi.resources.ResourceArgs { public static final TableArgs Empty = new TableArgs(); /** - * Whether or not to allow table deletion when there are still resource tags attached. + * This field is in beta. If set to true, it allows table deletion when there + * are still resource tags attached. The default value is false. * */ @Import(name="allowResourceTagsOnDeletion") private @Nullable Output allowResourceTagsOnDeletion; /** - * @return Whether or not to allow table deletion when there are still resource tags attached. + * @return This field is in beta. If set to true, it allows table deletion when there + * are still resource tags attached. The default value is false. * */ public Optional> allowResourceTagsOnDeletion() { @@ -300,18 +302,22 @@ public Optional> requirePartitionFilter() { } /** - * The tags attached to this table. Tag keys are globally unique. Tag key is expected to be in the namespaced format, for - * example "123456789012/environment" where 123456789012 is the ID of the parent organization or project resource for this - * tag key. Tag value is expected to be the short name, for example "Production". + * This field is in beta. The tags attached to this table. Tag keys are + * globally unique. Tag key is expected to be in the namespaced format, for + * example "123456789012/environment" where 123456789012 is the ID of the + * parent organization or project resource for this tag key. Tag value is + * expected to be the short name, for example "Production". * */ @Import(name="resourceTags") private @Nullable Output> resourceTags; /** - * @return The tags attached to this table. Tag keys are globally unique. Tag key is expected to be in the namespaced format, for - * example "123456789012/environment" where 123456789012 is the ID of the parent organization or project resource for this - * tag key. Tag value is expected to be the short name, for example "Production". + * @return This field is in beta. The tags attached to this table. Tag keys are + * globally unique. Tag key is expected to be in the namespaced format, for + * example "123456789012/environment" where 123456789012 is the ID of the + * parent organization or project resource for this tag key. Tag value is + * expected to be the short name, for example "Production". * */ public Optional>> resourceTags() { @@ -368,14 +374,20 @@ public Output tableId() { } /** - * Replication info of a table created using "AS REPLICA" DDL like: "CREATE MATERIALIZED VIEW mv1 AS REPLICA OF src_mv". + * Replication info of a table created + * using "AS REPLICA" DDL like: + * `CREATE MATERIALIZED VIEW mv1 AS REPLICA OF src_mv`. + * Structure is documented below. * */ @Import(name="tableReplicationInfo") private @Nullable Output tableReplicationInfo; /** - * @return Replication info of a table created using "AS REPLICA" DDL like: "CREATE MATERIALIZED VIEW mv1 AS REPLICA OF src_mv". + * @return Replication info of a table created + * using "AS REPLICA" DDL like: + * `CREATE MATERIALIZED VIEW mv1 AS REPLICA OF src_mv`. + * Structure is documented below. * */ public Optional> tableReplicationInfo() { @@ -462,7 +474,8 @@ public Builder(TableArgs defaults) { } /** - * @param allowResourceTagsOnDeletion Whether or not to allow table deletion when there are still resource tags attached. + * @param allowResourceTagsOnDeletion This field is in beta. If set to true, it allows table deletion when there + * are still resource tags attached. The default value is false. * * @return builder * @@ -473,7 +486,8 @@ public Builder allowResourceTagsOnDeletion(@Nullable Output allowResour } /** - * @param allowResourceTagsOnDeletion Whether or not to allow table deletion when there are still resource tags attached. + * @param allowResourceTagsOnDeletion This field is in beta. If set to true, it allows table deletion when there + * are still resource tags attached. The default value is false. * * @return builder * @@ -835,9 +849,11 @@ public Builder requirePartitionFilter(Boolean requirePartitionFilter) { } /** - * @param resourceTags The tags attached to this table. Tag keys are globally unique. Tag key is expected to be in the namespaced format, for - * example "123456789012/environment" where 123456789012 is the ID of the parent organization or project resource for this - * tag key. Tag value is expected to be the short name, for example "Production". + * @param resourceTags This field is in beta. The tags attached to this table. Tag keys are + * globally unique. Tag key is expected to be in the namespaced format, for + * example "123456789012/environment" where 123456789012 is the ID of the + * parent organization or project resource for this tag key. Tag value is + * expected to be the short name, for example "Production". * * @return builder * @@ -848,9 +864,11 @@ public Builder resourceTags(@Nullable Output> resourceTags) { } /** - * @param resourceTags The tags attached to this table. Tag keys are globally unique. Tag key is expected to be in the namespaced format, for - * example "123456789012/environment" where 123456789012 is the ID of the parent organization or project resource for this - * tag key. Tag value is expected to be the short name, for example "Production". + * @param resourceTags This field is in beta. The tags attached to this table. Tag keys are + * globally unique. Tag key is expected to be in the namespaced format, for + * example "123456789012/environment" where 123456789012 is the ID of the + * parent organization or project resource for this tag key. Tag value is + * expected to be the short name, for example "Production". * * @return builder * @@ -927,7 +945,10 @@ public Builder tableId(String tableId) { } /** - * @param tableReplicationInfo Replication info of a table created using "AS REPLICA" DDL like: "CREATE MATERIALIZED VIEW mv1 AS REPLICA OF src_mv". + * @param tableReplicationInfo Replication info of a table created + * using "AS REPLICA" DDL like: + * `CREATE MATERIALIZED VIEW mv1 AS REPLICA OF src_mv`. + * Structure is documented below. * * @return builder * @@ -938,7 +959,10 @@ public Builder tableReplicationInfo(@Nullable Output> avroOptio return Optional.ofNullable(this.avroOptions); } + /** + * Additional properties to set if + * `source_format` is set to "BIGTABLE". Structure is documented below. + * + */ + @Import(name="bigtableOptions") + private @Nullable Output bigtableOptions; + + /** + * @return Additional properties to set if + * `source_format` is set to "BIGTABLE". Structure is documented below. + * + */ + public Optional> bigtableOptions() { + return Optional.ofNullable(this.bigtableOptions); + } + /** * The compression type of the data source. * Valid values are "NONE" or "GZIP". @@ -403,6 +421,7 @@ private TableExternalDataConfigurationArgs() {} private TableExternalDataConfigurationArgs(TableExternalDataConfigurationArgs $) { this.autodetect = $.autodetect; this.avroOptions = $.avroOptions; + this.bigtableOptions = $.bigtableOptions; this.compression = $.compression; this.connectionId = $.connectionId; this.csvOptions = $.csvOptions; @@ -486,6 +505,29 @@ public Builder avroOptions(TableExternalDataConfigurationAvroOptionsArgs avroOpt return avroOptions(Output.of(avroOptions)); } + /** + * @param bigtableOptions Additional properties to set if + * `source_format` is set to "BIGTABLE". Structure is documented below. + * + * @return builder + * + */ + public Builder bigtableOptions(@Nullable Output bigtableOptions) { + $.bigtableOptions = bigtableOptions; + return this; + } + + /** + * @param bigtableOptions Additional properties to set if + * `source_format` is set to "BIGTABLE". Structure is documented below. + * + * @return builder + * + */ + public Builder bigtableOptions(TableExternalDataConfigurationBigtableOptionsArgs bigtableOptions) { + return bigtableOptions(Output.of(bigtableOptions)); + } + /** * @param compression The compression type of the data source. * Valid values are "NONE" or "GZIP". diff --git a/sdk/java/src/main/java/com/pulumi/gcp/bigquery/inputs/TableExternalDataConfigurationBigtableOptionsArgs.java b/sdk/java/src/main/java/com/pulumi/gcp/bigquery/inputs/TableExternalDataConfigurationBigtableOptionsArgs.java new file mode 100644 index 0000000000..04a960e999 --- /dev/null +++ b/sdk/java/src/main/java/com/pulumi/gcp/bigquery/inputs/TableExternalDataConfigurationBigtableOptionsArgs.java @@ -0,0 +1,206 @@ +// *** WARNING: this file was generated by pulumi-java-gen. *** +// *** Do not edit by hand unless you're certain you know what you are doing! *** + +package com.pulumi.gcp.bigquery.inputs; + +import com.pulumi.core.Output; +import com.pulumi.core.annotations.Import; +import com.pulumi.gcp.bigquery.inputs.TableExternalDataConfigurationBigtableOptionsColumnFamilyArgs; +import java.lang.Boolean; +import java.util.List; +import java.util.Objects; +import java.util.Optional; +import javax.annotation.Nullable; + + +public final class TableExternalDataConfigurationBigtableOptionsArgs extends com.pulumi.resources.ResourceArgs { + + public static final TableExternalDataConfigurationBigtableOptionsArgs Empty = new TableExternalDataConfigurationBigtableOptionsArgs(); + + /** + * A list of column families to expose in the table schema along with their types. This list restricts the column families that can be referenced in queries and specifies their value types. You can use this list to do type conversions - see the 'type' field for more details. If you leave this list empty, all column families are present in the table schema and their values are read as BYTES. During a query only the column families referenced in that query are read from Bigtable. Structure is documented below. + * + */ + @Import(name="columnFamilies") + private @Nullable Output> columnFamilies; + + /** + * @return A list of column families to expose in the table schema along with their types. This list restricts the column families that can be referenced in queries and specifies their value types. You can use this list to do type conversions - see the 'type' field for more details. If you leave this list empty, all column families are present in the table schema and their values are read as BYTES. During a query only the column families referenced in that query are read from Bigtable. Structure is documented below. + * + */ + public Optional>> columnFamilies() { + return Optional.ofNullable(this.columnFamilies); + } + + /** + * If field is true, then the column families that are not specified in columnFamilies list are not exposed in the table schema. Otherwise, they are read with BYTES type values. The default value is false. + * + */ + @Import(name="ignoreUnspecifiedColumnFamilies") + private @Nullable Output ignoreUnspecifiedColumnFamilies; + + /** + * @return If field is true, then the column families that are not specified in columnFamilies list are not exposed in the table schema. Otherwise, they are read with BYTES type values. The default value is false. + * + */ + public Optional> ignoreUnspecifiedColumnFamilies() { + return Optional.ofNullable(this.ignoreUnspecifiedColumnFamilies); + } + + /** + * If field is true, then each column family will be read as a single JSON column. Otherwise they are read as a repeated cell structure containing timestamp/value tuples. The default value is false. + * + */ + @Import(name="outputColumnFamiliesAsJson") + private @Nullable Output outputColumnFamiliesAsJson; + + /** + * @return If field is true, then each column family will be read as a single JSON column. Otherwise they are read as a repeated cell structure containing timestamp/value tuples. The default value is false. + * + */ + public Optional> outputColumnFamiliesAsJson() { + return Optional.ofNullable(this.outputColumnFamiliesAsJson); + } + + /** + * If field is true, then the rowkey column families will be read and converted to string. Otherwise they are read with BYTES type values and users need to manually cast them with CAST if necessary. The default value is false. + * + */ + @Import(name="readRowkeyAsString") + private @Nullable Output readRowkeyAsString; + + /** + * @return If field is true, then the rowkey column families will be read and converted to string. Otherwise they are read with BYTES type values and users need to manually cast them with CAST if necessary. The default value is false. + * + */ + public Optional> readRowkeyAsString() { + return Optional.ofNullable(this.readRowkeyAsString); + } + + private TableExternalDataConfigurationBigtableOptionsArgs() {} + + private TableExternalDataConfigurationBigtableOptionsArgs(TableExternalDataConfigurationBigtableOptionsArgs $) { + this.columnFamilies = $.columnFamilies; + this.ignoreUnspecifiedColumnFamilies = $.ignoreUnspecifiedColumnFamilies; + this.outputColumnFamiliesAsJson = $.outputColumnFamiliesAsJson; + this.readRowkeyAsString = $.readRowkeyAsString; + } + + public static Builder builder() { + return new Builder(); + } + public static Builder builder(TableExternalDataConfigurationBigtableOptionsArgs defaults) { + return new Builder(defaults); + } + + public static final class Builder { + private TableExternalDataConfigurationBigtableOptionsArgs $; + + public Builder() { + $ = new TableExternalDataConfigurationBigtableOptionsArgs(); + } + + public Builder(TableExternalDataConfigurationBigtableOptionsArgs defaults) { + $ = new TableExternalDataConfigurationBigtableOptionsArgs(Objects.requireNonNull(defaults)); + } + + /** + * @param columnFamilies A list of column families to expose in the table schema along with their types. This list restricts the column families that can be referenced in queries and specifies their value types. You can use this list to do type conversions - see the 'type' field for more details. If you leave this list empty, all column families are present in the table schema and their values are read as BYTES. During a query only the column families referenced in that query are read from Bigtable. Structure is documented below. + * + * @return builder + * + */ + public Builder columnFamilies(@Nullable Output> columnFamilies) { + $.columnFamilies = columnFamilies; + return this; + } + + /** + * @param columnFamilies A list of column families to expose in the table schema along with their types. This list restricts the column families that can be referenced in queries and specifies their value types. You can use this list to do type conversions - see the 'type' field for more details. If you leave this list empty, all column families are present in the table schema and their values are read as BYTES. During a query only the column families referenced in that query are read from Bigtable. Structure is documented below. + * + * @return builder + * + */ + public Builder columnFamilies(List columnFamilies) { + return columnFamilies(Output.of(columnFamilies)); + } + + /** + * @param columnFamilies A list of column families to expose in the table schema along with their types. This list restricts the column families that can be referenced in queries and specifies their value types. You can use this list to do type conversions - see the 'type' field for more details. If you leave this list empty, all column families are present in the table schema and their values are read as BYTES. During a query only the column families referenced in that query are read from Bigtable. Structure is documented below. + * + * @return builder + * + */ + public Builder columnFamilies(TableExternalDataConfigurationBigtableOptionsColumnFamilyArgs... columnFamilies) { + return columnFamilies(List.of(columnFamilies)); + } + + /** + * @param ignoreUnspecifiedColumnFamilies If field is true, then the column families that are not specified in columnFamilies list are not exposed in the table schema. Otherwise, they are read with BYTES type values. The default value is false. + * + * @return builder + * + */ + public Builder ignoreUnspecifiedColumnFamilies(@Nullable Output ignoreUnspecifiedColumnFamilies) { + $.ignoreUnspecifiedColumnFamilies = ignoreUnspecifiedColumnFamilies; + return this; + } + + /** + * @param ignoreUnspecifiedColumnFamilies If field is true, then the column families that are not specified in columnFamilies list are not exposed in the table schema. Otherwise, they are read with BYTES type values. The default value is false. + * + * @return builder + * + */ + public Builder ignoreUnspecifiedColumnFamilies(Boolean ignoreUnspecifiedColumnFamilies) { + return ignoreUnspecifiedColumnFamilies(Output.of(ignoreUnspecifiedColumnFamilies)); + } + + /** + * @param outputColumnFamiliesAsJson If field is true, then each column family will be read as a single JSON column. Otherwise they are read as a repeated cell structure containing timestamp/value tuples. The default value is false. + * + * @return builder + * + */ + public Builder outputColumnFamiliesAsJson(@Nullable Output outputColumnFamiliesAsJson) { + $.outputColumnFamiliesAsJson = outputColumnFamiliesAsJson; + return this; + } + + /** + * @param outputColumnFamiliesAsJson If field is true, then each column family will be read as a single JSON column. Otherwise they are read as a repeated cell structure containing timestamp/value tuples. The default value is false. + * + * @return builder + * + */ + public Builder outputColumnFamiliesAsJson(Boolean outputColumnFamiliesAsJson) { + return outputColumnFamiliesAsJson(Output.of(outputColumnFamiliesAsJson)); + } + + /** + * @param readRowkeyAsString If field is true, then the rowkey column families will be read and converted to string. Otherwise they are read with BYTES type values and users need to manually cast them with CAST if necessary. The default value is false. + * + * @return builder + * + */ + public Builder readRowkeyAsString(@Nullable Output readRowkeyAsString) { + $.readRowkeyAsString = readRowkeyAsString; + return this; + } + + /** + * @param readRowkeyAsString If field is true, then the rowkey column families will be read and converted to string. Otherwise they are read with BYTES type values and users need to manually cast them with CAST if necessary. The default value is false. + * + * @return builder + * + */ + public Builder readRowkeyAsString(Boolean readRowkeyAsString) { + return readRowkeyAsString(Output.of(readRowkeyAsString)); + } + + public TableExternalDataConfigurationBigtableOptionsArgs build() { + return $; + } + } + +} diff --git a/sdk/java/src/main/java/com/pulumi/gcp/bigquery/inputs/TableExternalDataConfigurationBigtableOptionsColumnFamilyArgs.java b/sdk/java/src/main/java/com/pulumi/gcp/bigquery/inputs/TableExternalDataConfigurationBigtableOptionsColumnFamilyArgs.java new file mode 100644 index 0000000000..f7c66af319 --- /dev/null +++ b/sdk/java/src/main/java/com/pulumi/gcp/bigquery/inputs/TableExternalDataConfigurationBigtableOptionsColumnFamilyArgs.java @@ -0,0 +1,244 @@ +// *** WARNING: this file was generated by pulumi-java-gen. *** +// *** Do not edit by hand unless you're certain you know what you are doing! *** + +package com.pulumi.gcp.bigquery.inputs; + +import com.pulumi.core.Output; +import com.pulumi.core.annotations.Import; +import com.pulumi.gcp.bigquery.inputs.TableExternalDataConfigurationBigtableOptionsColumnFamilyColumnArgs; +import java.lang.Boolean; +import java.lang.String; +import java.util.List; +import java.util.Objects; +import java.util.Optional; +import javax.annotation.Nullable; + + +public final class TableExternalDataConfigurationBigtableOptionsColumnFamilyArgs extends com.pulumi.resources.ResourceArgs { + + public static final TableExternalDataConfigurationBigtableOptionsColumnFamilyArgs Empty = new TableExternalDataConfigurationBigtableOptionsColumnFamilyArgs(); + + /** + * A List of columns that should be exposed as individual fields as opposed to a list of (column name, value) pairs. All columns whose qualifier matches a qualifier in this list can be accessed as Other columns can be accessed as a list through column field. Structure is documented below. + * + */ + @Import(name="columns") + private @Nullable Output> columns; + + /** + * @return A List of columns that should be exposed as individual fields as opposed to a list of (column name, value) pairs. All columns whose qualifier matches a qualifier in this list can be accessed as Other columns can be accessed as a list through column field. Structure is documented below. + * + */ + public Optional>> columns() { + return Optional.ofNullable(this.columns); + } + + /** + * The encoding of the values when the type is not STRING. Acceptable encoding values are: TEXT - indicates values are alphanumeric text strings. BINARY - indicates values are encoded using HBase Bytes.toBytes family of functions. This can be overridden for a specific column by listing that column in 'columns' and specifying an encoding for it. + * + */ + @Import(name="encoding") + private @Nullable Output encoding; + + /** + * @return The encoding of the values when the type is not STRING. Acceptable encoding values are: TEXT - indicates values are alphanumeric text strings. BINARY - indicates values are encoded using HBase Bytes.toBytes family of functions. This can be overridden for a specific column by listing that column in 'columns' and specifying an encoding for it. + * + */ + public Optional> encoding() { + return Optional.ofNullable(this.encoding); + } + + /** + * Identifier of the column family. + * + */ + @Import(name="familyId") + private @Nullable Output familyId; + + /** + * @return Identifier of the column family. + * + */ + public Optional> familyId() { + return Optional.ofNullable(this.familyId); + } + + /** + * If this is set only the latest version of value are exposed for all columns in this column family. This can be overridden for a specific column by listing that column in 'columns' and specifying a different setting for that column. + * + */ + @Import(name="onlyReadLatest") + private @Nullable Output onlyReadLatest; + + /** + * @return If this is set only the latest version of value are exposed for all columns in this column family. This can be overridden for a specific column by listing that column in 'columns' and specifying a different setting for that column. + * + */ + public Optional> onlyReadLatest() { + return Optional.ofNullable(this.onlyReadLatest); + } + + /** + * The type to convert the value in cells of this column family. The values are expected to be encoded using HBase Bytes.toBytes function when using the BINARY encoding value. Following BigQuery types are allowed (case-sensitive): "BYTES", "STRING", "INTEGER", "FLOAT", "BOOLEAN", "JSON". Default type is BYTES. This can be overridden for a specific column by listing that column in 'columns' and specifying a type for it. + * + */ + @Import(name="type") + private @Nullable Output type; + + /** + * @return The type to convert the value in cells of this column family. The values are expected to be encoded using HBase Bytes.toBytes function when using the BINARY encoding value. Following BigQuery types are allowed (case-sensitive): "BYTES", "STRING", "INTEGER", "FLOAT", "BOOLEAN", "JSON". Default type is BYTES. This can be overridden for a specific column by listing that column in 'columns' and specifying a type for it. + * + */ + public Optional> type() { + return Optional.ofNullable(this.type); + } + + private TableExternalDataConfigurationBigtableOptionsColumnFamilyArgs() {} + + private TableExternalDataConfigurationBigtableOptionsColumnFamilyArgs(TableExternalDataConfigurationBigtableOptionsColumnFamilyArgs $) { + this.columns = $.columns; + this.encoding = $.encoding; + this.familyId = $.familyId; + this.onlyReadLatest = $.onlyReadLatest; + this.type = $.type; + } + + public static Builder builder() { + return new Builder(); + } + public static Builder builder(TableExternalDataConfigurationBigtableOptionsColumnFamilyArgs defaults) { + return new Builder(defaults); + } + + public static final class Builder { + private TableExternalDataConfigurationBigtableOptionsColumnFamilyArgs $; + + public Builder() { + $ = new TableExternalDataConfigurationBigtableOptionsColumnFamilyArgs(); + } + + public Builder(TableExternalDataConfigurationBigtableOptionsColumnFamilyArgs defaults) { + $ = new TableExternalDataConfigurationBigtableOptionsColumnFamilyArgs(Objects.requireNonNull(defaults)); + } + + /** + * @param columns A List of columns that should be exposed as individual fields as opposed to a list of (column name, value) pairs. All columns whose qualifier matches a qualifier in this list can be accessed as Other columns can be accessed as a list through column field. Structure is documented below. + * + * @return builder + * + */ + public Builder columns(@Nullable Output> columns) { + $.columns = columns; + return this; + } + + /** + * @param columns A List of columns that should be exposed as individual fields as opposed to a list of (column name, value) pairs. All columns whose qualifier matches a qualifier in this list can be accessed as Other columns can be accessed as a list through column field. Structure is documented below. + * + * @return builder + * + */ + public Builder columns(List columns) { + return columns(Output.of(columns)); + } + + /** + * @param columns A List of columns that should be exposed as individual fields as opposed to a list of (column name, value) pairs. All columns whose qualifier matches a qualifier in this list can be accessed as Other columns can be accessed as a list through column field. Structure is documented below. + * + * @return builder + * + */ + public Builder columns(TableExternalDataConfigurationBigtableOptionsColumnFamilyColumnArgs... columns) { + return columns(List.of(columns)); + } + + /** + * @param encoding The encoding of the values when the type is not STRING. Acceptable encoding values are: TEXT - indicates values are alphanumeric text strings. BINARY - indicates values are encoded using HBase Bytes.toBytes family of functions. This can be overridden for a specific column by listing that column in 'columns' and specifying an encoding for it. + * + * @return builder + * + */ + public Builder encoding(@Nullable Output encoding) { + $.encoding = encoding; + return this; + } + + /** + * @param encoding The encoding of the values when the type is not STRING. Acceptable encoding values are: TEXT - indicates values are alphanumeric text strings. BINARY - indicates values are encoded using HBase Bytes.toBytes family of functions. This can be overridden for a specific column by listing that column in 'columns' and specifying an encoding for it. + * + * @return builder + * + */ + public Builder encoding(String encoding) { + return encoding(Output.of(encoding)); + } + + /** + * @param familyId Identifier of the column family. + * + * @return builder + * + */ + public Builder familyId(@Nullable Output familyId) { + $.familyId = familyId; + return this; + } + + /** + * @param familyId Identifier of the column family. + * + * @return builder + * + */ + public Builder familyId(String familyId) { + return familyId(Output.of(familyId)); + } + + /** + * @param onlyReadLatest If this is set only the latest version of value are exposed for all columns in this column family. This can be overridden for a specific column by listing that column in 'columns' and specifying a different setting for that column. + * + * @return builder + * + */ + public Builder onlyReadLatest(@Nullable Output onlyReadLatest) { + $.onlyReadLatest = onlyReadLatest; + return this; + } + + /** + * @param onlyReadLatest If this is set only the latest version of value are exposed for all columns in this column family. This can be overridden for a specific column by listing that column in 'columns' and specifying a different setting for that column. + * + * @return builder + * + */ + public Builder onlyReadLatest(Boolean onlyReadLatest) { + return onlyReadLatest(Output.of(onlyReadLatest)); + } + + /** + * @param type The type to convert the value in cells of this column family. The values are expected to be encoded using HBase Bytes.toBytes function when using the BINARY encoding value. Following BigQuery types are allowed (case-sensitive): "BYTES", "STRING", "INTEGER", "FLOAT", "BOOLEAN", "JSON". Default type is BYTES. This can be overridden for a specific column by listing that column in 'columns' and specifying a type for it. + * + * @return builder + * + */ + public Builder type(@Nullable Output type) { + $.type = type; + return this; + } + + /** + * @param type The type to convert the value in cells of this column family. The values are expected to be encoded using HBase Bytes.toBytes function when using the BINARY encoding value. Following BigQuery types are allowed (case-sensitive): "BYTES", "STRING", "INTEGER", "FLOAT", "BOOLEAN", "JSON". Default type is BYTES. This can be overridden for a specific column by listing that column in 'columns' and specifying a type for it. + * + * @return builder + * + */ + public Builder type(String type) { + return type(Output.of(type)); + } + + public TableExternalDataConfigurationBigtableOptionsColumnFamilyArgs build() { + return $; + } + } + +} diff --git a/sdk/java/src/main/java/com/pulumi/gcp/bigquery/inputs/TableExternalDataConfigurationBigtableOptionsColumnFamilyColumnArgs.java b/sdk/java/src/main/java/com/pulumi/gcp/bigquery/inputs/TableExternalDataConfigurationBigtableOptionsColumnFamilyColumnArgs.java new file mode 100644 index 0000000000..acb7f280bd --- /dev/null +++ b/sdk/java/src/main/java/com/pulumi/gcp/bigquery/inputs/TableExternalDataConfigurationBigtableOptionsColumnFamilyColumnArgs.java @@ -0,0 +1,269 @@ +// *** WARNING: this file was generated by pulumi-java-gen. *** +// *** Do not edit by hand unless you're certain you know what you are doing! *** + +package com.pulumi.gcp.bigquery.inputs; + +import com.pulumi.core.Output; +import com.pulumi.core.annotations.Import; +import java.lang.Boolean; +import java.lang.String; +import java.util.Objects; +import java.util.Optional; +import javax.annotation.Nullable; + + +public final class TableExternalDataConfigurationBigtableOptionsColumnFamilyColumnArgs extends com.pulumi.resources.ResourceArgs { + + public static final TableExternalDataConfigurationBigtableOptionsColumnFamilyColumnArgs Empty = new TableExternalDataConfigurationBigtableOptionsColumnFamilyColumnArgs(); + + /** + * The encoding of the values when the type is not STRING. Acceptable encoding values are: TEXT - indicates values are alphanumeric text strings. BINARY - indicates values are encoded using HBase Bytes.toBytes family of functions. 'encoding' can also be set at the column family level. However, the setting at this level takes precedence if 'encoding' is set at both levels. + * + */ + @Import(name="encoding") + private @Nullable Output encoding; + + /** + * @return The encoding of the values when the type is not STRING. Acceptable encoding values are: TEXT - indicates values are alphanumeric text strings. BINARY - indicates values are encoded using HBase Bytes.toBytes family of functions. 'encoding' can also be set at the column family level. However, the setting at this level takes precedence if 'encoding' is set at both levels. + * + */ + public Optional> encoding() { + return Optional.ofNullable(this.encoding); + } + + /** + * If the qualifier is not a valid BigQuery field identifier i.e. does not match [a-zA-Z][a-zA-Z0-9_]*, a valid identifier must be provided as the column field name and is used as field name in queries. + * + */ + @Import(name="fieldName") + private @Nullable Output fieldName; + + /** + * @return If the qualifier is not a valid BigQuery field identifier i.e. does not match [a-zA-Z][a-zA-Z0-9_]*, a valid identifier must be provided as the column field name and is used as field name in queries. + * + */ + public Optional> fieldName() { + return Optional.ofNullable(this.fieldName); + } + + /** + * If this is set, only the latest version of value in this column are exposed. 'onlyReadLatest' can also be set at the column family level. However, the setting at this level takes precedence if 'onlyReadLatest' is set at both levels. + * + */ + @Import(name="onlyReadLatest") + private @Nullable Output onlyReadLatest; + + /** + * @return If this is set, only the latest version of value in this column are exposed. 'onlyReadLatest' can also be set at the column family level. However, the setting at this level takes precedence if 'onlyReadLatest' is set at both levels. + * + */ + public Optional> onlyReadLatest() { + return Optional.ofNullable(this.onlyReadLatest); + } + + /** + * Qualifier of the column. Columns in the parent column family that has this exact qualifier are exposed as . field. If the qualifier is valid UTF-8 string, it can be specified in the qualifierString field. Otherwise, a base-64 encoded value must be set to qualifierEncoded. The column field name is the same as the column qualifier. However, if the qualifier is not a valid BigQuery field identifier i.e. does not match [a-zA-Z][a-zA-Z0-9_]*, a valid identifier must be provided as fieldName. + * + */ + @Import(name="qualifierEncoded") + private @Nullable Output qualifierEncoded; + + /** + * @return Qualifier of the column. Columns in the parent column family that has this exact qualifier are exposed as . field. If the qualifier is valid UTF-8 string, it can be specified in the qualifierString field. Otherwise, a base-64 encoded value must be set to qualifierEncoded. The column field name is the same as the column qualifier. However, if the qualifier is not a valid BigQuery field identifier i.e. does not match [a-zA-Z][a-zA-Z0-9_]*, a valid identifier must be provided as fieldName. + * + */ + public Optional> qualifierEncoded() { + return Optional.ofNullable(this.qualifierEncoded); + } + + /** + * Qualifier string. + * + */ + @Import(name="qualifierString") + private @Nullable Output qualifierString; + + /** + * @return Qualifier string. + * + */ + public Optional> qualifierString() { + return Optional.ofNullable(this.qualifierString); + } + + /** + * The type to convert the value in cells of this column. The values are expected to be encoded using HBase Bytes.toBytes function when using the BINARY encoding value. Following BigQuery types are allowed (case-sensitive): "BYTES", "STRING", "INTEGER", "FLOAT", "BOOLEAN", "JSON", Default type is "BYTES". 'type' can also be set at the column family level. However, the setting at this level takes precedence if 'type' is set at both levels. + * + */ + @Import(name="type") + private @Nullable Output type; + + /** + * @return The type to convert the value in cells of this column. The values are expected to be encoded using HBase Bytes.toBytes function when using the BINARY encoding value. Following BigQuery types are allowed (case-sensitive): "BYTES", "STRING", "INTEGER", "FLOAT", "BOOLEAN", "JSON", Default type is "BYTES". 'type' can also be set at the column family level. However, the setting at this level takes precedence if 'type' is set at both levels. + * + */ + public Optional> type() { + return Optional.ofNullable(this.type); + } + + private TableExternalDataConfigurationBigtableOptionsColumnFamilyColumnArgs() {} + + private TableExternalDataConfigurationBigtableOptionsColumnFamilyColumnArgs(TableExternalDataConfigurationBigtableOptionsColumnFamilyColumnArgs $) { + this.encoding = $.encoding; + this.fieldName = $.fieldName; + this.onlyReadLatest = $.onlyReadLatest; + this.qualifierEncoded = $.qualifierEncoded; + this.qualifierString = $.qualifierString; + this.type = $.type; + } + + public static Builder builder() { + return new Builder(); + } + public static Builder builder(TableExternalDataConfigurationBigtableOptionsColumnFamilyColumnArgs defaults) { + return new Builder(defaults); + } + + public static final class Builder { + private TableExternalDataConfigurationBigtableOptionsColumnFamilyColumnArgs $; + + public Builder() { + $ = new TableExternalDataConfigurationBigtableOptionsColumnFamilyColumnArgs(); + } + + public Builder(TableExternalDataConfigurationBigtableOptionsColumnFamilyColumnArgs defaults) { + $ = new TableExternalDataConfigurationBigtableOptionsColumnFamilyColumnArgs(Objects.requireNonNull(defaults)); + } + + /** + * @param encoding The encoding of the values when the type is not STRING. Acceptable encoding values are: TEXT - indicates values are alphanumeric text strings. BINARY - indicates values are encoded using HBase Bytes.toBytes family of functions. 'encoding' can also be set at the column family level. However, the setting at this level takes precedence if 'encoding' is set at both levels. + * + * @return builder + * + */ + public Builder encoding(@Nullable Output encoding) { + $.encoding = encoding; + return this; + } + + /** + * @param encoding The encoding of the values when the type is not STRING. Acceptable encoding values are: TEXT - indicates values are alphanumeric text strings. BINARY - indicates values are encoded using HBase Bytes.toBytes family of functions. 'encoding' can also be set at the column family level. However, the setting at this level takes precedence if 'encoding' is set at both levels. + * + * @return builder + * + */ + public Builder encoding(String encoding) { + return encoding(Output.of(encoding)); + } + + /** + * @param fieldName If the qualifier is not a valid BigQuery field identifier i.e. does not match [a-zA-Z][a-zA-Z0-9_]*, a valid identifier must be provided as the column field name and is used as field name in queries. + * + * @return builder + * + */ + public Builder fieldName(@Nullable Output fieldName) { + $.fieldName = fieldName; + return this; + } + + /** + * @param fieldName If the qualifier is not a valid BigQuery field identifier i.e. does not match [a-zA-Z][a-zA-Z0-9_]*, a valid identifier must be provided as the column field name and is used as field name in queries. + * + * @return builder + * + */ + public Builder fieldName(String fieldName) { + return fieldName(Output.of(fieldName)); + } + + /** + * @param onlyReadLatest If this is set, only the latest version of value in this column are exposed. 'onlyReadLatest' can also be set at the column family level. However, the setting at this level takes precedence if 'onlyReadLatest' is set at both levels. + * + * @return builder + * + */ + public Builder onlyReadLatest(@Nullable Output onlyReadLatest) { + $.onlyReadLatest = onlyReadLatest; + return this; + } + + /** + * @param onlyReadLatest If this is set, only the latest version of value in this column are exposed. 'onlyReadLatest' can also be set at the column family level. However, the setting at this level takes precedence if 'onlyReadLatest' is set at both levels. + * + * @return builder + * + */ + public Builder onlyReadLatest(Boolean onlyReadLatest) { + return onlyReadLatest(Output.of(onlyReadLatest)); + } + + /** + * @param qualifierEncoded Qualifier of the column. Columns in the parent column family that has this exact qualifier are exposed as . field. If the qualifier is valid UTF-8 string, it can be specified in the qualifierString field. Otherwise, a base-64 encoded value must be set to qualifierEncoded. The column field name is the same as the column qualifier. However, if the qualifier is not a valid BigQuery field identifier i.e. does not match [a-zA-Z][a-zA-Z0-9_]*, a valid identifier must be provided as fieldName. + * + * @return builder + * + */ + public Builder qualifierEncoded(@Nullable Output qualifierEncoded) { + $.qualifierEncoded = qualifierEncoded; + return this; + } + + /** + * @param qualifierEncoded Qualifier of the column. Columns in the parent column family that has this exact qualifier are exposed as . field. If the qualifier is valid UTF-8 string, it can be specified in the qualifierString field. Otherwise, a base-64 encoded value must be set to qualifierEncoded. The column field name is the same as the column qualifier. However, if the qualifier is not a valid BigQuery field identifier i.e. does not match [a-zA-Z][a-zA-Z0-9_]*, a valid identifier must be provided as fieldName. + * + * @return builder + * + */ + public Builder qualifierEncoded(String qualifierEncoded) { + return qualifierEncoded(Output.of(qualifierEncoded)); + } + + /** + * @param qualifierString Qualifier string. + * + * @return builder + * + */ + public Builder qualifierString(@Nullable Output qualifierString) { + $.qualifierString = qualifierString; + return this; + } + + /** + * @param qualifierString Qualifier string. + * + * @return builder + * + */ + public Builder qualifierString(String qualifierString) { + return qualifierString(Output.of(qualifierString)); + } + + /** + * @param type The type to convert the value in cells of this column. The values are expected to be encoded using HBase Bytes.toBytes function when using the BINARY encoding value. Following BigQuery types are allowed (case-sensitive): "BYTES", "STRING", "INTEGER", "FLOAT", "BOOLEAN", "JSON", Default type is "BYTES". 'type' can also be set at the column family level. However, the setting at this level takes precedence if 'type' is set at both levels. + * + * @return builder + * + */ + public Builder type(@Nullable Output type) { + $.type = type; + return this; + } + + /** + * @param type The type to convert the value in cells of this column. The values are expected to be encoded using HBase Bytes.toBytes function when using the BINARY encoding value. Following BigQuery types are allowed (case-sensitive): "BYTES", "STRING", "INTEGER", "FLOAT", "BOOLEAN", "JSON", Default type is "BYTES". 'type' can also be set at the column family level. However, the setting at this level takes precedence if 'type' is set at both levels. + * + * @return builder + * + */ + public Builder type(String type) { + return type(Output.of(type)); + } + + public TableExternalDataConfigurationBigtableOptionsColumnFamilyColumnArgs build() { + return $; + } + } + +} diff --git a/sdk/java/src/main/java/com/pulumi/gcp/bigquery/inputs/TableState.java b/sdk/java/src/main/java/com/pulumi/gcp/bigquery/inputs/TableState.java index e88692da4c..dd4f70c467 100644 --- a/sdk/java/src/main/java/com/pulumi/gcp/bigquery/inputs/TableState.java +++ b/sdk/java/src/main/java/com/pulumi/gcp/bigquery/inputs/TableState.java @@ -28,14 +28,16 @@ public final class TableState extends com.pulumi.resources.ResourceArgs { public static final TableState Empty = new TableState(); /** - * Whether or not to allow table deletion when there are still resource tags attached. + * This field is in beta. If set to true, it allows table deletion when there + * are still resource tags attached. The default value is false. * */ @Import(name="allowResourceTagsOnDeletion") private @Nullable Output allowResourceTagsOnDeletion; /** - * @return Whether or not to allow table deletion when there are still resource tags attached. + * @return This field is in beta. If set to true, it allows table deletion when there + * are still resource tags attached. The default value is false. * */ public Optional> allowResourceTagsOnDeletion() { @@ -464,18 +466,22 @@ public Optional> requirePartitionFilter() { } /** - * The tags attached to this table. Tag keys are globally unique. Tag key is expected to be in the namespaced format, for - * example "123456789012/environment" where 123456789012 is the ID of the parent organization or project resource for this - * tag key. Tag value is expected to be the short name, for example "Production". + * This field is in beta. The tags attached to this table. Tag keys are + * globally unique. Tag key is expected to be in the namespaced format, for + * example "123456789012/environment" where 123456789012 is the ID of the + * parent organization or project resource for this tag key. Tag value is + * expected to be the short name, for example "Production". * */ @Import(name="resourceTags") private @Nullable Output> resourceTags; /** - * @return The tags attached to this table. Tag keys are globally unique. Tag key is expected to be in the namespaced format, for - * example "123456789012/environment" where 123456789012 is the ID of the parent organization or project resource for this - * tag key. Tag value is expected to be the short name, for example "Production". + * @return This field is in beta. The tags attached to this table. Tag keys are + * globally unique. Tag key is expected to be in the namespaced format, for + * example "123456789012/environment" where 123456789012 is the ID of the + * parent organization or project resource for this tag key. Tag value is + * expected to be the short name, for example "Production". * */ public Optional>> resourceTags() { @@ -547,14 +553,20 @@ public Optional> tableId() { } /** - * Replication info of a table created using "AS REPLICA" DDL like: "CREATE MATERIALIZED VIEW mv1 AS REPLICA OF src_mv". + * Replication info of a table created + * using "AS REPLICA" DDL like: + * `CREATE MATERIALIZED VIEW mv1 AS REPLICA OF src_mv`. + * Structure is documented below. * */ @Import(name="tableReplicationInfo") private @Nullable Output tableReplicationInfo; /** - * @return Replication info of a table created using "AS REPLICA" DDL like: "CREATE MATERIALIZED VIEW mv1 AS REPLICA OF src_mv". + * @return Replication info of a table created + * using "AS REPLICA" DDL like: + * `CREATE MATERIALIZED VIEW mv1 AS REPLICA OF src_mv`. + * Structure is documented below. * */ public Optional> tableReplicationInfo() { @@ -667,7 +679,8 @@ public Builder(TableState defaults) { } /** - * @param allowResourceTagsOnDeletion Whether or not to allow table deletion when there are still resource tags attached. + * @param allowResourceTagsOnDeletion This field is in beta. If set to true, it allows table deletion when there + * are still resource tags attached. The default value is false. * * @return builder * @@ -678,7 +691,8 @@ public Builder allowResourceTagsOnDeletion(@Nullable Output allowResour } /** - * @param allowResourceTagsOnDeletion Whether or not to allow table deletion when there are still resource tags attached. + * @param allowResourceTagsOnDeletion This field is in beta. If set to true, it allows table deletion when there + * are still resource tags attached. The default value is false. * * @return builder * @@ -1259,9 +1273,11 @@ public Builder requirePartitionFilter(Boolean requirePartitionFilter) { } /** - * @param resourceTags The tags attached to this table. Tag keys are globally unique. Tag key is expected to be in the namespaced format, for - * example "123456789012/environment" where 123456789012 is the ID of the parent organization or project resource for this - * tag key. Tag value is expected to be the short name, for example "Production". + * @param resourceTags This field is in beta. The tags attached to this table. Tag keys are + * globally unique. Tag key is expected to be in the namespaced format, for + * example "123456789012/environment" where 123456789012 is the ID of the + * parent organization or project resource for this tag key. Tag value is + * expected to be the short name, for example "Production". * * @return builder * @@ -1272,9 +1288,11 @@ public Builder resourceTags(@Nullable Output> resourceTags) { } /** - * @param resourceTags The tags attached to this table. Tag keys are globally unique. Tag key is expected to be in the namespaced format, for - * example "123456789012/environment" where 123456789012 is the ID of the parent organization or project resource for this - * tag key. Tag value is expected to be the short name, for example "Production". + * @param resourceTags This field is in beta. The tags attached to this table. Tag keys are + * globally unique. Tag key is expected to be in the namespaced format, for + * example "123456789012/environment" where 123456789012 is the ID of the + * parent organization or project resource for this tag key. Tag value is + * expected to be the short name, for example "Production". * * @return builder * @@ -1372,7 +1390,10 @@ public Builder tableId(String tableId) { } /** - * @param tableReplicationInfo Replication info of a table created using "AS REPLICA" DDL like: "CREATE MATERIALIZED VIEW mv1 AS REPLICA OF src_mv". + * @param tableReplicationInfo Replication info of a table created + * using "AS REPLICA" DDL like: + * `CREATE MATERIALIZED VIEW mv1 AS REPLICA OF src_mv`. + * Structure is documented below. * * @return builder * @@ -1383,7 +1404,10 @@ public Builder tableReplicationInfo(@Nullable Output replicationIntervalMs; /** - * @return The interval at which the source materialized view is polled for updates. The default is 300000. + * @return The interval at which the source + * materialized view is polled for updates. The default is 300000. * */ public Optional> replicationIntervalMs() { @@ -105,7 +107,8 @@ public Builder(TableTableReplicationInfoArgs defaults) { } /** - * @param replicationIntervalMs The interval at which the source materialized view is polled for updates. The default is 300000. + * @param replicationIntervalMs The interval at which the source + * materialized view is polled for updates. The default is 300000. * * @return builder * @@ -116,7 +119,8 @@ public Builder replicationIntervalMs(@Nullable Output replicationInterv } /** - * @param replicationIntervalMs The interval at which the source materialized view is polled for updates. The default is 300000. + * @param replicationIntervalMs The interval at which the source + * materialized view is polled for updates. The default is 300000. * * @return builder * diff --git a/sdk/java/src/main/java/com/pulumi/gcp/bigquery/outputs/TableExternalDataConfiguration.java b/sdk/java/src/main/java/com/pulumi/gcp/bigquery/outputs/TableExternalDataConfiguration.java index 5d11956f1b..f42682979c 100644 --- a/sdk/java/src/main/java/com/pulumi/gcp/bigquery/outputs/TableExternalDataConfiguration.java +++ b/sdk/java/src/main/java/com/pulumi/gcp/bigquery/outputs/TableExternalDataConfiguration.java @@ -6,6 +6,7 @@ import com.pulumi.core.annotations.CustomType; import com.pulumi.exceptions.MissingRequiredPropertyException; import com.pulumi.gcp.bigquery.outputs.TableExternalDataConfigurationAvroOptions; +import com.pulumi.gcp.bigquery.outputs.TableExternalDataConfigurationBigtableOptions; import com.pulumi.gcp.bigquery.outputs.TableExternalDataConfigurationCsvOptions; import com.pulumi.gcp.bigquery.outputs.TableExternalDataConfigurationGoogleSheetsOptions; import com.pulumi.gcp.bigquery.outputs.TableExternalDataConfigurationHivePartitioningOptions; @@ -33,6 +34,12 @@ public final class TableExternalDataConfiguration { * */ private @Nullable TableExternalDataConfigurationAvroOptions avroOptions; + /** + * @return Additional properties to set if + * `source_format` is set to "BIGTABLE". Structure is documented below. + * + */ + private @Nullable TableExternalDataConfigurationBigtableOptions bigtableOptions; /** * @return The compression type of the data source. * Valid values are "NONE" or "GZIP". @@ -178,6 +185,14 @@ public Boolean autodetect() { public Optional avroOptions() { return Optional.ofNullable(this.avroOptions); } + /** + * @return Additional properties to set if + * `source_format` is set to "BIGTABLE". Structure is documented below. + * + */ + public Optional bigtableOptions() { + return Optional.ofNullable(this.bigtableOptions); + } /** * @return The compression type of the data source. * Valid values are "NONE" or "GZIP". @@ -351,6 +366,7 @@ public static Builder builder(TableExternalDataConfiguration defaults) { public static final class Builder { private Boolean autodetect; private @Nullable TableExternalDataConfigurationAvroOptions avroOptions; + private @Nullable TableExternalDataConfigurationBigtableOptions bigtableOptions; private @Nullable String compression; private @Nullable String connectionId; private @Nullable TableExternalDataConfigurationCsvOptions csvOptions; @@ -373,6 +389,7 @@ public Builder(TableExternalDataConfiguration defaults) { Objects.requireNonNull(defaults); this.autodetect = defaults.autodetect; this.avroOptions = defaults.avroOptions; + this.bigtableOptions = defaults.bigtableOptions; this.compression = defaults.compression; this.connectionId = defaults.connectionId; this.csvOptions = defaults.csvOptions; @@ -407,6 +424,12 @@ public Builder avroOptions(@Nullable TableExternalDataConfigurationAvroOptions a return this; } @CustomType.Setter + public Builder bigtableOptions(@Nullable TableExternalDataConfigurationBigtableOptions bigtableOptions) { + + this.bigtableOptions = bigtableOptions; + return this; + } + @CustomType.Setter public Builder compression(@Nullable String compression) { this.compression = compression; @@ -517,6 +540,7 @@ public TableExternalDataConfiguration build() { final var _resultValue = new TableExternalDataConfiguration(); _resultValue.autodetect = autodetect; _resultValue.avroOptions = avroOptions; + _resultValue.bigtableOptions = bigtableOptions; _resultValue.compression = compression; _resultValue.connectionId = connectionId; _resultValue.csvOptions = csvOptions; diff --git a/sdk/java/src/main/java/com/pulumi/gcp/bigquery/outputs/TableExternalDataConfigurationBigtableOptions.java b/sdk/java/src/main/java/com/pulumi/gcp/bigquery/outputs/TableExternalDataConfigurationBigtableOptions.java new file mode 100644 index 0000000000..649a8e7173 --- /dev/null +++ b/sdk/java/src/main/java/com/pulumi/gcp/bigquery/outputs/TableExternalDataConfigurationBigtableOptions.java @@ -0,0 +1,125 @@ +// *** WARNING: this file was generated by pulumi-java-gen. *** +// *** Do not edit by hand unless you're certain you know what you are doing! *** + +package com.pulumi.gcp.bigquery.outputs; + +import com.pulumi.core.annotations.CustomType; +import com.pulumi.gcp.bigquery.outputs.TableExternalDataConfigurationBigtableOptionsColumnFamily; +import java.lang.Boolean; +import java.util.List; +import java.util.Objects; +import java.util.Optional; +import javax.annotation.Nullable; + +@CustomType +public final class TableExternalDataConfigurationBigtableOptions { + /** + * @return A list of column families to expose in the table schema along with their types. This list restricts the column families that can be referenced in queries and specifies their value types. You can use this list to do type conversions - see the 'type' field for more details. If you leave this list empty, all column families are present in the table schema and their values are read as BYTES. During a query only the column families referenced in that query are read from Bigtable. Structure is documented below. + * + */ + private @Nullable List columnFamilies; + /** + * @return If field is true, then the column families that are not specified in columnFamilies list are not exposed in the table schema. Otherwise, they are read with BYTES type values. The default value is false. + * + */ + private @Nullable Boolean ignoreUnspecifiedColumnFamilies; + /** + * @return If field is true, then each column family will be read as a single JSON column. Otherwise they are read as a repeated cell structure containing timestamp/value tuples. The default value is false. + * + */ + private @Nullable Boolean outputColumnFamiliesAsJson; + /** + * @return If field is true, then the rowkey column families will be read and converted to string. Otherwise they are read with BYTES type values and users need to manually cast them with CAST if necessary. The default value is false. + * + */ + private @Nullable Boolean readRowkeyAsString; + + private TableExternalDataConfigurationBigtableOptions() {} + /** + * @return A list of column families to expose in the table schema along with their types. This list restricts the column families that can be referenced in queries and specifies their value types. You can use this list to do type conversions - see the 'type' field for more details. If you leave this list empty, all column families are present in the table schema and their values are read as BYTES. During a query only the column families referenced in that query are read from Bigtable. Structure is documented below. + * + */ + public List columnFamilies() { + return this.columnFamilies == null ? List.of() : this.columnFamilies; + } + /** + * @return If field is true, then the column families that are not specified in columnFamilies list are not exposed in the table schema. Otherwise, they are read with BYTES type values. The default value is false. + * + */ + public Optional ignoreUnspecifiedColumnFamilies() { + return Optional.ofNullable(this.ignoreUnspecifiedColumnFamilies); + } + /** + * @return If field is true, then each column family will be read as a single JSON column. Otherwise they are read as a repeated cell structure containing timestamp/value tuples. The default value is false. + * + */ + public Optional outputColumnFamiliesAsJson() { + return Optional.ofNullable(this.outputColumnFamiliesAsJson); + } + /** + * @return If field is true, then the rowkey column families will be read and converted to string. Otherwise they are read with BYTES type values and users need to manually cast them with CAST if necessary. The default value is false. + * + */ + public Optional readRowkeyAsString() { + return Optional.ofNullable(this.readRowkeyAsString); + } + + public static Builder builder() { + return new Builder(); + } + + public static Builder builder(TableExternalDataConfigurationBigtableOptions defaults) { + return new Builder(defaults); + } + @CustomType.Builder + public static final class Builder { + private @Nullable List columnFamilies; + private @Nullable Boolean ignoreUnspecifiedColumnFamilies; + private @Nullable Boolean outputColumnFamiliesAsJson; + private @Nullable Boolean readRowkeyAsString; + public Builder() {} + public Builder(TableExternalDataConfigurationBigtableOptions defaults) { + Objects.requireNonNull(defaults); + this.columnFamilies = defaults.columnFamilies; + this.ignoreUnspecifiedColumnFamilies = defaults.ignoreUnspecifiedColumnFamilies; + this.outputColumnFamiliesAsJson = defaults.outputColumnFamiliesAsJson; + this.readRowkeyAsString = defaults.readRowkeyAsString; + } + + @CustomType.Setter + public Builder columnFamilies(@Nullable List columnFamilies) { + + this.columnFamilies = columnFamilies; + return this; + } + public Builder columnFamilies(TableExternalDataConfigurationBigtableOptionsColumnFamily... columnFamilies) { + return columnFamilies(List.of(columnFamilies)); + } + @CustomType.Setter + public Builder ignoreUnspecifiedColumnFamilies(@Nullable Boolean ignoreUnspecifiedColumnFamilies) { + + this.ignoreUnspecifiedColumnFamilies = ignoreUnspecifiedColumnFamilies; + return this; + } + @CustomType.Setter + public Builder outputColumnFamiliesAsJson(@Nullable Boolean outputColumnFamiliesAsJson) { + + this.outputColumnFamiliesAsJson = outputColumnFamiliesAsJson; + return this; + } + @CustomType.Setter + public Builder readRowkeyAsString(@Nullable Boolean readRowkeyAsString) { + + this.readRowkeyAsString = readRowkeyAsString; + return this; + } + public TableExternalDataConfigurationBigtableOptions build() { + final var _resultValue = new TableExternalDataConfigurationBigtableOptions(); + _resultValue.columnFamilies = columnFamilies; + _resultValue.ignoreUnspecifiedColumnFamilies = ignoreUnspecifiedColumnFamilies; + _resultValue.outputColumnFamiliesAsJson = outputColumnFamiliesAsJson; + _resultValue.readRowkeyAsString = readRowkeyAsString; + return _resultValue; + } + } +} diff --git a/sdk/java/src/main/java/com/pulumi/gcp/bigquery/outputs/TableExternalDataConfigurationBigtableOptionsColumnFamily.java b/sdk/java/src/main/java/com/pulumi/gcp/bigquery/outputs/TableExternalDataConfigurationBigtableOptionsColumnFamily.java new file mode 100644 index 0000000000..cab42212d1 --- /dev/null +++ b/sdk/java/src/main/java/com/pulumi/gcp/bigquery/outputs/TableExternalDataConfigurationBigtableOptionsColumnFamily.java @@ -0,0 +1,147 @@ +// *** WARNING: this file was generated by pulumi-java-gen. *** +// *** Do not edit by hand unless you're certain you know what you are doing! *** + +package com.pulumi.gcp.bigquery.outputs; + +import com.pulumi.core.annotations.CustomType; +import com.pulumi.gcp.bigquery.outputs.TableExternalDataConfigurationBigtableOptionsColumnFamilyColumn; +import java.lang.Boolean; +import java.lang.String; +import java.util.List; +import java.util.Objects; +import java.util.Optional; +import javax.annotation.Nullable; + +@CustomType +public final class TableExternalDataConfigurationBigtableOptionsColumnFamily { + /** + * @return A List of columns that should be exposed as individual fields as opposed to a list of (column name, value) pairs. All columns whose qualifier matches a qualifier in this list can be accessed as Other columns can be accessed as a list through column field. Structure is documented below. + * + */ + private @Nullable List columns; + /** + * @return The encoding of the values when the type is not STRING. Acceptable encoding values are: TEXT - indicates values are alphanumeric text strings. BINARY - indicates values are encoded using HBase Bytes.toBytes family of functions. This can be overridden for a specific column by listing that column in 'columns' and specifying an encoding for it. + * + */ + private @Nullable String encoding; + /** + * @return Identifier of the column family. + * + */ + private @Nullable String familyId; + /** + * @return If this is set only the latest version of value are exposed for all columns in this column family. This can be overridden for a specific column by listing that column in 'columns' and specifying a different setting for that column. + * + */ + private @Nullable Boolean onlyReadLatest; + /** + * @return The type to convert the value in cells of this column family. The values are expected to be encoded using HBase Bytes.toBytes function when using the BINARY encoding value. Following BigQuery types are allowed (case-sensitive): "BYTES", "STRING", "INTEGER", "FLOAT", "BOOLEAN", "JSON". Default type is BYTES. This can be overridden for a specific column by listing that column in 'columns' and specifying a type for it. + * + */ + private @Nullable String type; + + private TableExternalDataConfigurationBigtableOptionsColumnFamily() {} + /** + * @return A List of columns that should be exposed as individual fields as opposed to a list of (column name, value) pairs. All columns whose qualifier matches a qualifier in this list can be accessed as Other columns can be accessed as a list through column field. Structure is documented below. + * + */ + public List columns() { + return this.columns == null ? List.of() : this.columns; + } + /** + * @return The encoding of the values when the type is not STRING. Acceptable encoding values are: TEXT - indicates values are alphanumeric text strings. BINARY - indicates values are encoded using HBase Bytes.toBytes family of functions. This can be overridden for a specific column by listing that column in 'columns' and specifying an encoding for it. + * + */ + public Optional encoding() { + return Optional.ofNullable(this.encoding); + } + /** + * @return Identifier of the column family. + * + */ + public Optional familyId() { + return Optional.ofNullable(this.familyId); + } + /** + * @return If this is set only the latest version of value are exposed for all columns in this column family. This can be overridden for a specific column by listing that column in 'columns' and specifying a different setting for that column. + * + */ + public Optional onlyReadLatest() { + return Optional.ofNullable(this.onlyReadLatest); + } + /** + * @return The type to convert the value in cells of this column family. The values are expected to be encoded using HBase Bytes.toBytes function when using the BINARY encoding value. Following BigQuery types are allowed (case-sensitive): "BYTES", "STRING", "INTEGER", "FLOAT", "BOOLEAN", "JSON". Default type is BYTES. This can be overridden for a specific column by listing that column in 'columns' and specifying a type for it. + * + */ + public Optional type() { + return Optional.ofNullable(this.type); + } + + public static Builder builder() { + return new Builder(); + } + + public static Builder builder(TableExternalDataConfigurationBigtableOptionsColumnFamily defaults) { + return new Builder(defaults); + } + @CustomType.Builder + public static final class Builder { + private @Nullable List columns; + private @Nullable String encoding; + private @Nullable String familyId; + private @Nullable Boolean onlyReadLatest; + private @Nullable String type; + public Builder() {} + public Builder(TableExternalDataConfigurationBigtableOptionsColumnFamily defaults) { + Objects.requireNonNull(defaults); + this.columns = defaults.columns; + this.encoding = defaults.encoding; + this.familyId = defaults.familyId; + this.onlyReadLatest = defaults.onlyReadLatest; + this.type = defaults.type; + } + + @CustomType.Setter + public Builder columns(@Nullable List columns) { + + this.columns = columns; + return this; + } + public Builder columns(TableExternalDataConfigurationBigtableOptionsColumnFamilyColumn... columns) { + return columns(List.of(columns)); + } + @CustomType.Setter + public Builder encoding(@Nullable String encoding) { + + this.encoding = encoding; + return this; + } + @CustomType.Setter + public Builder familyId(@Nullable String familyId) { + + this.familyId = familyId; + return this; + } + @CustomType.Setter + public Builder onlyReadLatest(@Nullable Boolean onlyReadLatest) { + + this.onlyReadLatest = onlyReadLatest; + return this; + } + @CustomType.Setter + public Builder type(@Nullable String type) { + + this.type = type; + return this; + } + public TableExternalDataConfigurationBigtableOptionsColumnFamily build() { + final var _resultValue = new TableExternalDataConfigurationBigtableOptionsColumnFamily(); + _resultValue.columns = columns; + _resultValue.encoding = encoding; + _resultValue.familyId = familyId; + _resultValue.onlyReadLatest = onlyReadLatest; + _resultValue.type = type; + return _resultValue; + } + } +} diff --git a/sdk/java/src/main/java/com/pulumi/gcp/bigquery/outputs/TableExternalDataConfigurationBigtableOptionsColumnFamilyColumn.java b/sdk/java/src/main/java/com/pulumi/gcp/bigquery/outputs/TableExternalDataConfigurationBigtableOptionsColumnFamilyColumn.java new file mode 100644 index 0000000000..565d0c1735 --- /dev/null +++ b/sdk/java/src/main/java/com/pulumi/gcp/bigquery/outputs/TableExternalDataConfigurationBigtableOptionsColumnFamilyColumn.java @@ -0,0 +1,163 @@ +// *** WARNING: this file was generated by pulumi-java-gen. *** +// *** Do not edit by hand unless you're certain you know what you are doing! *** + +package com.pulumi.gcp.bigquery.outputs; + +import com.pulumi.core.annotations.CustomType; +import java.lang.Boolean; +import java.lang.String; +import java.util.Objects; +import java.util.Optional; +import javax.annotation.Nullable; + +@CustomType +public final class TableExternalDataConfigurationBigtableOptionsColumnFamilyColumn { + /** + * @return The encoding of the values when the type is not STRING. Acceptable encoding values are: TEXT - indicates values are alphanumeric text strings. BINARY - indicates values are encoded using HBase Bytes.toBytes family of functions. 'encoding' can also be set at the column family level. However, the setting at this level takes precedence if 'encoding' is set at both levels. + * + */ + private @Nullable String encoding; + /** + * @return If the qualifier is not a valid BigQuery field identifier i.e. does not match [a-zA-Z][a-zA-Z0-9_]*, a valid identifier must be provided as the column field name and is used as field name in queries. + * + */ + private @Nullable String fieldName; + /** + * @return If this is set, only the latest version of value in this column are exposed. 'onlyReadLatest' can also be set at the column family level. However, the setting at this level takes precedence if 'onlyReadLatest' is set at both levels. + * + */ + private @Nullable Boolean onlyReadLatest; + /** + * @return Qualifier of the column. Columns in the parent column family that has this exact qualifier are exposed as . field. If the qualifier is valid UTF-8 string, it can be specified in the qualifierString field. Otherwise, a base-64 encoded value must be set to qualifierEncoded. The column field name is the same as the column qualifier. However, if the qualifier is not a valid BigQuery field identifier i.e. does not match [a-zA-Z][a-zA-Z0-9_]*, a valid identifier must be provided as fieldName. + * + */ + private @Nullable String qualifierEncoded; + /** + * @return Qualifier string. + * + */ + private @Nullable String qualifierString; + /** + * @return The type to convert the value in cells of this column. The values are expected to be encoded using HBase Bytes.toBytes function when using the BINARY encoding value. Following BigQuery types are allowed (case-sensitive): "BYTES", "STRING", "INTEGER", "FLOAT", "BOOLEAN", "JSON", Default type is "BYTES". 'type' can also be set at the column family level. However, the setting at this level takes precedence if 'type' is set at both levels. + * + */ + private @Nullable String type; + + private TableExternalDataConfigurationBigtableOptionsColumnFamilyColumn() {} + /** + * @return The encoding of the values when the type is not STRING. Acceptable encoding values are: TEXT - indicates values are alphanumeric text strings. BINARY - indicates values are encoded using HBase Bytes.toBytes family of functions. 'encoding' can also be set at the column family level. However, the setting at this level takes precedence if 'encoding' is set at both levels. + * + */ + public Optional encoding() { + return Optional.ofNullable(this.encoding); + } + /** + * @return If the qualifier is not a valid BigQuery field identifier i.e. does not match [a-zA-Z][a-zA-Z0-9_]*, a valid identifier must be provided as the column field name and is used as field name in queries. + * + */ + public Optional fieldName() { + return Optional.ofNullable(this.fieldName); + } + /** + * @return If this is set, only the latest version of value in this column are exposed. 'onlyReadLatest' can also be set at the column family level. However, the setting at this level takes precedence if 'onlyReadLatest' is set at both levels. + * + */ + public Optional onlyReadLatest() { + return Optional.ofNullable(this.onlyReadLatest); + } + /** + * @return Qualifier of the column. Columns in the parent column family that has this exact qualifier are exposed as . field. If the qualifier is valid UTF-8 string, it can be specified in the qualifierString field. Otherwise, a base-64 encoded value must be set to qualifierEncoded. The column field name is the same as the column qualifier. However, if the qualifier is not a valid BigQuery field identifier i.e. does not match [a-zA-Z][a-zA-Z0-9_]*, a valid identifier must be provided as fieldName. + * + */ + public Optional qualifierEncoded() { + return Optional.ofNullable(this.qualifierEncoded); + } + /** + * @return Qualifier string. + * + */ + public Optional qualifierString() { + return Optional.ofNullable(this.qualifierString); + } + /** + * @return The type to convert the value in cells of this column. The values are expected to be encoded using HBase Bytes.toBytes function when using the BINARY encoding value. Following BigQuery types are allowed (case-sensitive): "BYTES", "STRING", "INTEGER", "FLOAT", "BOOLEAN", "JSON", Default type is "BYTES". 'type' can also be set at the column family level. However, the setting at this level takes precedence if 'type' is set at both levels. + * + */ + public Optional type() { + return Optional.ofNullable(this.type); + } + + public static Builder builder() { + return new Builder(); + } + + public static Builder builder(TableExternalDataConfigurationBigtableOptionsColumnFamilyColumn defaults) { + return new Builder(defaults); + } + @CustomType.Builder + public static final class Builder { + private @Nullable String encoding; + private @Nullable String fieldName; + private @Nullable Boolean onlyReadLatest; + private @Nullable String qualifierEncoded; + private @Nullable String qualifierString; + private @Nullable String type; + public Builder() {} + public Builder(TableExternalDataConfigurationBigtableOptionsColumnFamilyColumn defaults) { + Objects.requireNonNull(defaults); + this.encoding = defaults.encoding; + this.fieldName = defaults.fieldName; + this.onlyReadLatest = defaults.onlyReadLatest; + this.qualifierEncoded = defaults.qualifierEncoded; + this.qualifierString = defaults.qualifierString; + this.type = defaults.type; + } + + @CustomType.Setter + public Builder encoding(@Nullable String encoding) { + + this.encoding = encoding; + return this; + } + @CustomType.Setter + public Builder fieldName(@Nullable String fieldName) { + + this.fieldName = fieldName; + return this; + } + @CustomType.Setter + public Builder onlyReadLatest(@Nullable Boolean onlyReadLatest) { + + this.onlyReadLatest = onlyReadLatest; + return this; + } + @CustomType.Setter + public Builder qualifierEncoded(@Nullable String qualifierEncoded) { + + this.qualifierEncoded = qualifierEncoded; + return this; + } + @CustomType.Setter + public Builder qualifierString(@Nullable String qualifierString) { + + this.qualifierString = qualifierString; + return this; + } + @CustomType.Setter + public Builder type(@Nullable String type) { + + this.type = type; + return this; + } + public TableExternalDataConfigurationBigtableOptionsColumnFamilyColumn build() { + final var _resultValue = new TableExternalDataConfigurationBigtableOptionsColumnFamilyColumn(); + _resultValue.encoding = encoding; + _resultValue.fieldName = fieldName; + _resultValue.onlyReadLatest = onlyReadLatest; + _resultValue.qualifierEncoded = qualifierEncoded; + _resultValue.qualifierString = qualifierString; + _resultValue.type = type; + return _resultValue; + } + } +} diff --git a/sdk/java/src/main/java/com/pulumi/gcp/bigquery/outputs/TableTableReplicationInfo.java b/sdk/java/src/main/java/com/pulumi/gcp/bigquery/outputs/TableTableReplicationInfo.java index 275a1589e9..9db4adeee7 100644 --- a/sdk/java/src/main/java/com/pulumi/gcp/bigquery/outputs/TableTableReplicationInfo.java +++ b/sdk/java/src/main/java/com/pulumi/gcp/bigquery/outputs/TableTableReplicationInfo.java @@ -14,7 +14,8 @@ @CustomType public final class TableTableReplicationInfo { /** - * @return The interval at which the source materialized view is polled for updates. The default is 300000. + * @return The interval at which the source + * materialized view is polled for updates. The default is 300000. * */ private @Nullable Integer replicationIntervalMs; @@ -36,7 +37,8 @@ public final class TableTableReplicationInfo { private TableTableReplicationInfo() {} /** - * @return The interval at which the source materialized view is polled for updates. The default is 300000. + * @return The interval at which the source + * materialized view is polled for updates. The default is 300000. * */ public Optional replicationIntervalMs() { diff --git a/sdk/java/src/main/java/com/pulumi/gcp/cloudfunctionsv2/Function.java b/sdk/java/src/main/java/com/pulumi/gcp/cloudfunctionsv2/Function.java index b5273e49eb..00d6473350 100644 --- a/sdk/java/src/main/java/com/pulumi/gcp/cloudfunctionsv2/Function.java +++ b/sdk/java/src/main/java/com/pulumi/gcp/cloudfunctionsv2/Function.java @@ -97,7 +97,6 @@ * .build()) * .build()); * - * ctx.export("functionUri", function.serviceConfig().applyValue(serviceConfig -> serviceConfig.uri())); * } * } * } @@ -733,7 +732,6 @@ * .dependsOn(wait60s) * .build()); * - * ctx.export("functionUri", function.serviceConfig().applyValue(serviceConfig -> serviceConfig.uri())); * } * } * } diff --git a/sdk/java/src/main/java/com/pulumi/gcp/cloudrun/inputs/ServiceTemplateSpecVolumeArgs.java b/sdk/java/src/main/java/com/pulumi/gcp/cloudrun/inputs/ServiceTemplateSpecVolumeArgs.java index 0b45aaa92d..cc02fca683 100644 --- a/sdk/java/src/main/java/com/pulumi/gcp/cloudrun/inputs/ServiceTemplateSpecVolumeArgs.java +++ b/sdk/java/src/main/java/com/pulumi/gcp/cloudrun/inputs/ServiceTemplateSpecVolumeArgs.java @@ -8,6 +8,7 @@ import com.pulumi.exceptions.MissingRequiredPropertyException; import com.pulumi.gcp.cloudrun.inputs.ServiceTemplateSpecVolumeCsiArgs; import com.pulumi.gcp.cloudrun.inputs.ServiceTemplateSpecVolumeEmptyDirArgs; +import com.pulumi.gcp.cloudrun.inputs.ServiceTemplateSpecVolumeNfsArgs; import com.pulumi.gcp.cloudrun.inputs.ServiceTemplateSpecVolumeSecretArgs; import java.lang.String; import java.util.Objects; @@ -68,6 +69,27 @@ public Output name() { return this.name; } + /** + * A filesystem backed by a Network File System share. This filesystem requires the + * run.googleapis.com/execution-environment annotation to be set to "gen2" and + * run.googleapis.com/launch-stage set to "BETA" or "ALPHA". + * Structure is documented below. + * + */ + @Import(name="nfs") + private @Nullable Output nfs; + + /** + * @return A filesystem backed by a Network File System share. This filesystem requires the + * run.googleapis.com/execution-environment annotation to be set to "gen2" and + * run.googleapis.com/launch-stage set to "BETA" or "ALPHA". + * Structure is documented below. + * + */ + public Optional> nfs() { + return Optional.ofNullable(this.nfs); + } + /** * The secret's value will be presented as the content of a file whose * name is defined in the item path. If no items are defined, the name of @@ -95,6 +117,7 @@ private ServiceTemplateSpecVolumeArgs(ServiceTemplateSpecVolumeArgs $) { this.csi = $.csi; this.emptyDir = $.emptyDir; this.name = $.name; + this.nfs = $.nfs; this.secret = $.secret; } @@ -183,6 +206,33 @@ public Builder name(String name) { return name(Output.of(name)); } + /** + * @param nfs A filesystem backed by a Network File System share. This filesystem requires the + * run.googleapis.com/execution-environment annotation to be set to "gen2" and + * run.googleapis.com/launch-stage set to "BETA" or "ALPHA". + * Structure is documented below. + * + * @return builder + * + */ + public Builder nfs(@Nullable Output nfs) { + $.nfs = nfs; + return this; + } + + /** + * @param nfs A filesystem backed by a Network File System share. This filesystem requires the + * run.googleapis.com/execution-environment annotation to be set to "gen2" and + * run.googleapis.com/launch-stage set to "BETA" or "ALPHA". + * Structure is documented below. + * + * @return builder + * + */ + public Builder nfs(ServiceTemplateSpecVolumeNfsArgs nfs) { + return nfs(Output.of(nfs)); + } + /** * @param secret The secret's value will be presented as the content of a file whose * name is defined in the item path. If no items are defined, the name of diff --git a/sdk/java/src/main/java/com/pulumi/gcp/cloudrun/inputs/ServiceTemplateSpecVolumeCsiArgs.java b/sdk/java/src/main/java/com/pulumi/gcp/cloudrun/inputs/ServiceTemplateSpecVolumeCsiArgs.java index b2a81f7db7..9d3cb7718f 100644 --- a/sdk/java/src/main/java/com/pulumi/gcp/cloudrun/inputs/ServiceTemplateSpecVolumeCsiArgs.java +++ b/sdk/java/src/main/java/com/pulumi/gcp/cloudrun/inputs/ServiceTemplateSpecVolumeCsiArgs.java @@ -59,8 +59,6 @@ public Optional> readOnly() { * * gcsfuse.run.googleapis.com * * bucketName: The name of the Cloud Storage Bucket that backs this volume. The Cloud Run Service identity must have access to this bucket. * - * *** - * */ @Import(name="volumeAttributes") private @Nullable Output> volumeAttributes; @@ -70,8 +68,6 @@ public Optional> readOnly() { * * gcsfuse.run.googleapis.com * * bucketName: The name of the Cloud Storage Bucket that backs this volume. The Cloud Run Service identity must have access to this bucket. * - * *** - * */ public Optional>> volumeAttributes() { return Optional.ofNullable(this.volumeAttributes); @@ -156,8 +152,6 @@ public Builder readOnly(Boolean readOnly) { * * gcsfuse.run.googleapis.com * * bucketName: The name of the Cloud Storage Bucket that backs this volume. The Cloud Run Service identity must have access to this bucket. * - * *** - * * @return builder * */ @@ -171,8 +165,6 @@ public Builder volumeAttributes(@Nullable Output> volumeAttri * * gcsfuse.run.googleapis.com * * bucketName: The name of the Cloud Storage Bucket that backs this volume. The Cloud Run Service identity must have access to this bucket. * - * *** - * * @return builder * */ diff --git a/sdk/java/src/main/java/com/pulumi/gcp/cloudrun/inputs/ServiceTemplateSpecVolumeNfsArgs.java b/sdk/java/src/main/java/com/pulumi/gcp/cloudrun/inputs/ServiceTemplateSpecVolumeNfsArgs.java new file mode 100644 index 0000000000..a5e33ffa39 --- /dev/null +++ b/sdk/java/src/main/java/com/pulumi/gcp/cloudrun/inputs/ServiceTemplateSpecVolumeNfsArgs.java @@ -0,0 +1,173 @@ +// *** WARNING: this file was generated by pulumi-java-gen. *** +// *** Do not edit by hand unless you're certain you know what you are doing! *** + +package com.pulumi.gcp.cloudrun.inputs; + +import com.pulumi.core.Output; +import com.pulumi.core.annotations.Import; +import com.pulumi.exceptions.MissingRequiredPropertyException; +import java.lang.Boolean; +import java.lang.String; +import java.util.Objects; +import java.util.Optional; +import javax.annotation.Nullable; + + +public final class ServiceTemplateSpecVolumeNfsArgs extends com.pulumi.resources.ResourceArgs { + + public static final ServiceTemplateSpecVolumeNfsArgs Empty = new ServiceTemplateSpecVolumeNfsArgs(); + + /** + * Path exported by the NFS server + * + */ + @Import(name="path", required=true) + private Output path; + + /** + * @return Path exported by the NFS server + * + */ + public Output path() { + return this.path; + } + + /** + * If true, mount the NFS volume as read only in all mounts. Defaults to false. + * + * *** + * + */ + @Import(name="readOnly") + private @Nullable Output readOnly; + + /** + * @return If true, mount the NFS volume as read only in all mounts. Defaults to false. + * + * *** + * + */ + public Optional> readOnly() { + return Optional.ofNullable(this.readOnly); + } + + /** + * IP address or hostname of the NFS server + * + */ + @Import(name="server", required=true) + private Output server; + + /** + * @return IP address or hostname of the NFS server + * + */ + public Output server() { + return this.server; + } + + private ServiceTemplateSpecVolumeNfsArgs() {} + + private ServiceTemplateSpecVolumeNfsArgs(ServiceTemplateSpecVolumeNfsArgs $) { + this.path = $.path; + this.readOnly = $.readOnly; + this.server = $.server; + } + + public static Builder builder() { + return new Builder(); + } + public static Builder builder(ServiceTemplateSpecVolumeNfsArgs defaults) { + return new Builder(defaults); + } + + public static final class Builder { + private ServiceTemplateSpecVolumeNfsArgs $; + + public Builder() { + $ = new ServiceTemplateSpecVolumeNfsArgs(); + } + + public Builder(ServiceTemplateSpecVolumeNfsArgs defaults) { + $ = new ServiceTemplateSpecVolumeNfsArgs(Objects.requireNonNull(defaults)); + } + + /** + * @param path Path exported by the NFS server + * + * @return builder + * + */ + public Builder path(Output path) { + $.path = path; + return this; + } + + /** + * @param path Path exported by the NFS server + * + * @return builder + * + */ + public Builder path(String path) { + return path(Output.of(path)); + } + + /** + * @param readOnly If true, mount the NFS volume as read only in all mounts. Defaults to false. + * + * *** + * + * @return builder + * + */ + public Builder readOnly(@Nullable Output readOnly) { + $.readOnly = readOnly; + return this; + } + + /** + * @param readOnly If true, mount the NFS volume as read only in all mounts. Defaults to false. + * + * *** + * + * @return builder + * + */ + public Builder readOnly(Boolean readOnly) { + return readOnly(Output.of(readOnly)); + } + + /** + * @param server IP address or hostname of the NFS server + * + * @return builder + * + */ + public Builder server(Output server) { + $.server = server; + return this; + } + + /** + * @param server IP address or hostname of the NFS server + * + * @return builder + * + */ + public Builder server(String server) { + return server(Output.of(server)); + } + + public ServiceTemplateSpecVolumeNfsArgs build() { + if ($.path == null) { + throw new MissingRequiredPropertyException("ServiceTemplateSpecVolumeNfsArgs", "path"); + } + if ($.server == null) { + throw new MissingRequiredPropertyException("ServiceTemplateSpecVolumeNfsArgs", "server"); + } + return $; + } + } + +} diff --git a/sdk/java/src/main/java/com/pulumi/gcp/cloudrun/outputs/GetServiceTemplateSpecVolume.java b/sdk/java/src/main/java/com/pulumi/gcp/cloudrun/outputs/GetServiceTemplateSpecVolume.java index 65bbcefcd3..0acb4ef7c1 100644 --- a/sdk/java/src/main/java/com/pulumi/gcp/cloudrun/outputs/GetServiceTemplateSpecVolume.java +++ b/sdk/java/src/main/java/com/pulumi/gcp/cloudrun/outputs/GetServiceTemplateSpecVolume.java @@ -7,6 +7,7 @@ import com.pulumi.exceptions.MissingRequiredPropertyException; import com.pulumi.gcp.cloudrun.outputs.GetServiceTemplateSpecVolumeCsi; import com.pulumi.gcp.cloudrun.outputs.GetServiceTemplateSpecVolumeEmptyDir; +import com.pulumi.gcp.cloudrun.outputs.GetServiceTemplateSpecVolumeNf; import com.pulumi.gcp.cloudrun.outputs.GetServiceTemplateSpecVolumeSecret; import java.lang.String; import java.util.List; @@ -29,6 +30,13 @@ public final class GetServiceTemplateSpecVolume { * */ private String name; + /** + * @return A filesystem backed by a Network File System share. This filesystem requires the + * run.googleapis.com/execution-environment annotation to be set to "gen2" and + * run.googleapis.com/launch-stage set to "BETA" or "ALPHA". + * + */ + private List nfs; /** * @return The secret's value will be presented as the content of a file whose * name is defined in the item path. If no items are defined, the name of @@ -59,6 +67,15 @@ public List emptyDirs() { public String name() { return this.name; } + /** + * @return A filesystem backed by a Network File System share. This filesystem requires the + * run.googleapis.com/execution-environment annotation to be set to "gen2" and + * run.googleapis.com/launch-stage set to "BETA" or "ALPHA". + * + */ + public List nfs() { + return this.nfs; + } /** * @return The secret's value will be presented as the content of a file whose * name is defined in the item path. If no items are defined, the name of @@ -81,6 +98,7 @@ public static final class Builder { private List csis; private List emptyDirs; private String name; + private List nfs; private List secrets; public Builder() {} public Builder(GetServiceTemplateSpecVolume defaults) { @@ -88,6 +106,7 @@ public Builder(GetServiceTemplateSpecVolume defaults) { this.csis = defaults.csis; this.emptyDirs = defaults.emptyDirs; this.name = defaults.name; + this.nfs = defaults.nfs; this.secrets = defaults.secrets; } @@ -122,6 +141,17 @@ public Builder name(String name) { return this; } @CustomType.Setter + public Builder nfs(List nfs) { + if (nfs == null) { + throw new MissingRequiredPropertyException("GetServiceTemplateSpecVolume", "nfs"); + } + this.nfs = nfs; + return this; + } + public Builder nfs(GetServiceTemplateSpecVolumeNf... nfs) { + return nfs(List.of(nfs)); + } + @CustomType.Setter public Builder secrets(List secrets) { if (secrets == null) { throw new MissingRequiredPropertyException("GetServiceTemplateSpecVolume", "secrets"); @@ -137,6 +167,7 @@ public GetServiceTemplateSpecVolume build() { _resultValue.csis = csis; _resultValue.emptyDirs = emptyDirs; _resultValue.name = name; + _resultValue.nfs = nfs; _resultValue.secrets = secrets; return _resultValue; } diff --git a/sdk/java/src/main/java/com/pulumi/gcp/cloudrun/outputs/GetServiceTemplateSpecVolumeNf.java b/sdk/java/src/main/java/com/pulumi/gcp/cloudrun/outputs/GetServiceTemplateSpecVolumeNf.java new file mode 100644 index 0000000000..71e174071e --- /dev/null +++ b/sdk/java/src/main/java/com/pulumi/gcp/cloudrun/outputs/GetServiceTemplateSpecVolumeNf.java @@ -0,0 +1,105 @@ +// *** WARNING: this file was generated by pulumi-java-gen. *** +// *** Do not edit by hand unless you're certain you know what you are doing! *** + +package com.pulumi.gcp.cloudrun.outputs; + +import com.pulumi.core.annotations.CustomType; +import com.pulumi.exceptions.MissingRequiredPropertyException; +import java.lang.Boolean; +import java.lang.String; +import java.util.Objects; + +@CustomType +public final class GetServiceTemplateSpecVolumeNf { + /** + * @return Path exported by the NFS server + * + */ + private String path; + /** + * @return If true, mount the NFS volume as read only in all mounts. Defaults to false. + * + */ + private Boolean readOnly; + /** + * @return IP address or hostname of the NFS server + * + */ + private String server; + + private GetServiceTemplateSpecVolumeNf() {} + /** + * @return Path exported by the NFS server + * + */ + public String path() { + return this.path; + } + /** + * @return If true, mount the NFS volume as read only in all mounts. Defaults to false. + * + */ + public Boolean readOnly() { + return this.readOnly; + } + /** + * @return IP address or hostname of the NFS server + * + */ + public String server() { + return this.server; + } + + public static Builder builder() { + return new Builder(); + } + + public static Builder builder(GetServiceTemplateSpecVolumeNf defaults) { + return new Builder(defaults); + } + @CustomType.Builder + public static final class Builder { + private String path; + private Boolean readOnly; + private String server; + public Builder() {} + public Builder(GetServiceTemplateSpecVolumeNf defaults) { + Objects.requireNonNull(defaults); + this.path = defaults.path; + this.readOnly = defaults.readOnly; + this.server = defaults.server; + } + + @CustomType.Setter + public Builder path(String path) { + if (path == null) { + throw new MissingRequiredPropertyException("GetServiceTemplateSpecVolumeNf", "path"); + } + this.path = path; + return this; + } + @CustomType.Setter + public Builder readOnly(Boolean readOnly) { + if (readOnly == null) { + throw new MissingRequiredPropertyException("GetServiceTemplateSpecVolumeNf", "readOnly"); + } + this.readOnly = readOnly; + return this; + } + @CustomType.Setter + public Builder server(String server) { + if (server == null) { + throw new MissingRequiredPropertyException("GetServiceTemplateSpecVolumeNf", "server"); + } + this.server = server; + return this; + } + public GetServiceTemplateSpecVolumeNf build() { + final var _resultValue = new GetServiceTemplateSpecVolumeNf(); + _resultValue.path = path; + _resultValue.readOnly = readOnly; + _resultValue.server = server; + return _resultValue; + } + } +} diff --git a/sdk/java/src/main/java/com/pulumi/gcp/cloudrun/outputs/ServiceTemplateSpecVolume.java b/sdk/java/src/main/java/com/pulumi/gcp/cloudrun/outputs/ServiceTemplateSpecVolume.java index 27f08d6dce..2bccd8b036 100644 --- a/sdk/java/src/main/java/com/pulumi/gcp/cloudrun/outputs/ServiceTemplateSpecVolume.java +++ b/sdk/java/src/main/java/com/pulumi/gcp/cloudrun/outputs/ServiceTemplateSpecVolume.java @@ -7,6 +7,7 @@ import com.pulumi.exceptions.MissingRequiredPropertyException; import com.pulumi.gcp.cloudrun.outputs.ServiceTemplateSpecVolumeCsi; import com.pulumi.gcp.cloudrun.outputs.ServiceTemplateSpecVolumeEmptyDir; +import com.pulumi.gcp.cloudrun.outputs.ServiceTemplateSpecVolumeNfs; import com.pulumi.gcp.cloudrun.outputs.ServiceTemplateSpecVolumeSecret; import java.lang.String; import java.util.Objects; @@ -32,6 +33,14 @@ public final class ServiceTemplateSpecVolume { * */ private String name; + /** + * @return A filesystem backed by a Network File System share. This filesystem requires the + * run.googleapis.com/execution-environment annotation to be set to "gen2" and + * run.googleapis.com/launch-stage set to "BETA" or "ALPHA". + * Structure is documented below. + * + */ + private @Nullable ServiceTemplateSpecVolumeNfs nfs; /** * @return The secret's value will be presented as the content of a file whose * name is defined in the item path. If no items are defined, the name of @@ -65,6 +74,16 @@ public Optional emptyDir() { public String name() { return this.name; } + /** + * @return A filesystem backed by a Network File System share. This filesystem requires the + * run.googleapis.com/execution-environment annotation to be set to "gen2" and + * run.googleapis.com/launch-stage set to "BETA" or "ALPHA". + * Structure is documented below. + * + */ + public Optional nfs() { + return Optional.ofNullable(this.nfs); + } /** * @return The secret's value will be presented as the content of a file whose * name is defined in the item path. If no items are defined, the name of @@ -88,6 +107,7 @@ public static final class Builder { private @Nullable ServiceTemplateSpecVolumeCsi csi; private @Nullable ServiceTemplateSpecVolumeEmptyDir emptyDir; private String name; + private @Nullable ServiceTemplateSpecVolumeNfs nfs; private @Nullable ServiceTemplateSpecVolumeSecret secret; public Builder() {} public Builder(ServiceTemplateSpecVolume defaults) { @@ -95,6 +115,7 @@ public Builder(ServiceTemplateSpecVolume defaults) { this.csi = defaults.csi; this.emptyDir = defaults.emptyDir; this.name = defaults.name; + this.nfs = defaults.nfs; this.secret = defaults.secret; } @@ -119,6 +140,12 @@ public Builder name(String name) { return this; } @CustomType.Setter + public Builder nfs(@Nullable ServiceTemplateSpecVolumeNfs nfs) { + + this.nfs = nfs; + return this; + } + @CustomType.Setter public Builder secret(@Nullable ServiceTemplateSpecVolumeSecret secret) { this.secret = secret; @@ -129,6 +156,7 @@ public ServiceTemplateSpecVolume build() { _resultValue.csi = csi; _resultValue.emptyDir = emptyDir; _resultValue.name = name; + _resultValue.nfs = nfs; _resultValue.secret = secret; return _resultValue; } diff --git a/sdk/java/src/main/java/com/pulumi/gcp/cloudrun/outputs/ServiceTemplateSpecVolumeCsi.java b/sdk/java/src/main/java/com/pulumi/gcp/cloudrun/outputs/ServiceTemplateSpecVolumeCsi.java index 798ba3e8e2..c279b28888 100644 --- a/sdk/java/src/main/java/com/pulumi/gcp/cloudrun/outputs/ServiceTemplateSpecVolumeCsi.java +++ b/sdk/java/src/main/java/com/pulumi/gcp/cloudrun/outputs/ServiceTemplateSpecVolumeCsi.java @@ -32,8 +32,6 @@ public final class ServiceTemplateSpecVolumeCsi { * * gcsfuse.run.googleapis.com * * bucketName: The name of the Cloud Storage Bucket that backs this volume. The Cloud Run Service identity must have access to this bucket. * - * *** - * */ private @Nullable Map volumeAttributes; @@ -60,8 +58,6 @@ public Optional readOnly() { * * gcsfuse.run.googleapis.com * * bucketName: The name of the Cloud Storage Bucket that backs this volume. The Cloud Run Service identity must have access to this bucket. * - * *** - * */ public Map volumeAttributes() { return this.volumeAttributes == null ? Map.of() : this.volumeAttributes; diff --git a/sdk/java/src/main/java/com/pulumi/gcp/cloudrun/outputs/ServiceTemplateSpecVolumeNfs.java b/sdk/java/src/main/java/com/pulumi/gcp/cloudrun/outputs/ServiceTemplateSpecVolumeNfs.java new file mode 100644 index 0000000000..b298049051 --- /dev/null +++ b/sdk/java/src/main/java/com/pulumi/gcp/cloudrun/outputs/ServiceTemplateSpecVolumeNfs.java @@ -0,0 +1,109 @@ +// *** WARNING: this file was generated by pulumi-java-gen. *** +// *** Do not edit by hand unless you're certain you know what you are doing! *** + +package com.pulumi.gcp.cloudrun.outputs; + +import com.pulumi.core.annotations.CustomType; +import com.pulumi.exceptions.MissingRequiredPropertyException; +import java.lang.Boolean; +import java.lang.String; +import java.util.Objects; +import java.util.Optional; +import javax.annotation.Nullable; + +@CustomType +public final class ServiceTemplateSpecVolumeNfs { + /** + * @return Path exported by the NFS server + * + */ + private String path; + /** + * @return If true, mount the NFS volume as read only in all mounts. Defaults to false. + * + * *** + * + */ + private @Nullable Boolean readOnly; + /** + * @return IP address or hostname of the NFS server + * + */ + private String server; + + private ServiceTemplateSpecVolumeNfs() {} + /** + * @return Path exported by the NFS server + * + */ + public String path() { + return this.path; + } + /** + * @return If true, mount the NFS volume as read only in all mounts. Defaults to false. + * + * *** + * + */ + public Optional readOnly() { + return Optional.ofNullable(this.readOnly); + } + /** + * @return IP address or hostname of the NFS server + * + */ + public String server() { + return this.server; + } + + public static Builder builder() { + return new Builder(); + } + + public static Builder builder(ServiceTemplateSpecVolumeNfs defaults) { + return new Builder(defaults); + } + @CustomType.Builder + public static final class Builder { + private String path; + private @Nullable Boolean readOnly; + private String server; + public Builder() {} + public Builder(ServiceTemplateSpecVolumeNfs defaults) { + Objects.requireNonNull(defaults); + this.path = defaults.path; + this.readOnly = defaults.readOnly; + this.server = defaults.server; + } + + @CustomType.Setter + public Builder path(String path) { + if (path == null) { + throw new MissingRequiredPropertyException("ServiceTemplateSpecVolumeNfs", "path"); + } + this.path = path; + return this; + } + @CustomType.Setter + public Builder readOnly(@Nullable Boolean readOnly) { + + this.readOnly = readOnly; + return this; + } + @CustomType.Setter + public Builder server(String server) { + if (server == null) { + throw new MissingRequiredPropertyException("ServiceTemplateSpecVolumeNfs", "server"); + } + this.server = server; + return this; + } + public ServiceTemplateSpecVolumeNfs build() { + final var _resultValue = new ServiceTemplateSpecVolumeNfs(); + _resultValue.path = path; + _resultValue.readOnly = readOnly; + _resultValue.server = server; + return _resultValue; + } + } +} diff --git a/sdk/java/src/main/java/com/pulumi/gcp/composer/UserWorkloadsSecret.java b/sdk/java/src/main/java/com/pulumi/gcp/composer/UserWorkloadsSecret.java index 691a4acc35..315a8a5218 100644 --- a/sdk/java/src/main/java/com/pulumi/gcp/composer/UserWorkloadsSecret.java +++ b/sdk/java/src/main/java/com/pulumi/gcp/composer/UserWorkloadsSecret.java @@ -87,7 +87,7 @@ * * * `{{project}}/{{region}}/{{environment}}/{{name}}` * - * * `{{name}}` + * * `{{environment}}/{{name}}` * * When using the `pulumi import` command, Environment can be imported using one of the formats above. For example: * @@ -100,7 +100,7 @@ * ``` * * ```sh - * $ pulumi import gcp:composer/userWorkloadsSecret:UserWorkloadsSecret example {{name}} + * $ pulumi import gcp:composer/userWorkloadsSecret:UserWorkloadsSecret example {{environment}}/{{name}} * ``` * */ diff --git a/sdk/java/src/main/java/com/pulumi/gcp/compute/ComputeFunctions.java b/sdk/java/src/main/java/com/pulumi/gcp/compute/ComputeFunctions.java index 14aff305d3..b708b9555e 100644 --- a/sdk/java/src/main/java/com/pulumi/gcp/compute/ComputeFunctions.java +++ b/sdk/java/src/main/java/com/pulumi/gcp/compute/ComputeFunctions.java @@ -108,6 +108,8 @@ import com.pulumi.gcp.compute.inputs.GetSubnetworkIamPolicyArgs; import com.pulumi.gcp.compute.inputs.GetSubnetworkIamPolicyPlainArgs; import com.pulumi.gcp.compute.inputs.GetSubnetworkPlainArgs; +import com.pulumi.gcp.compute.inputs.GetSubnetworksArgs; +import com.pulumi.gcp.compute.inputs.GetSubnetworksPlainArgs; import com.pulumi.gcp.compute.inputs.GetVPNGatewayArgs; import com.pulumi.gcp.compute.inputs.GetVPNGatewayPlainArgs; import com.pulumi.gcp.compute.inputs.GetZonesArgs; @@ -165,6 +167,7 @@ import com.pulumi.gcp.compute.outputs.GetSnapshotResult; import com.pulumi.gcp.compute.outputs.GetSubnetworkIamPolicyResult; import com.pulumi.gcp.compute.outputs.GetSubnetworkResult; +import com.pulumi.gcp.compute.outputs.GetSubnetworksResult; import com.pulumi.gcp.compute.outputs.GetVPNGatewayResult; import com.pulumi.gcp.compute.outputs.GetZonesResult; import com.pulumi.gcp.compute.outputs.RouterStatusResult; @@ -8782,6 +8785,282 @@ public static Output getSubnetworkIamPolicy(GetSub public static CompletableFuture getSubnetworkIamPolicyPlain(GetSubnetworkIamPolicyPlainArgs args, InvokeOptions options) { return Deployment.getInstance().invokeAsync("gcp:compute/getSubnetworkIamPolicy:getSubnetworkIamPolicy", TypeShape.of(GetSubnetworkIamPolicyResult.class), args, Utilities.withVersion(options)); } + /** + * Get subnetworks within GCE. + * See [the official documentation](https://cloud.google.com/vpc/docs/subnets) + * and [API](https://cloud.google.com/compute/docs/reference/rest/v1/subnetworks/list). + * + * ## Example Usage + * + * <!--Start PulumiCodeChooser --> + * 
+     * {@code
+     * package generated_program;
+     * 
+     * import com.pulumi.Context;
+     * import com.pulumi.Pulumi;
+     * import com.pulumi.core.Output;
+     * import com.pulumi.gcp.compute.ComputeFunctions;
+     * import com.pulumi.gcp.compute.inputs.GetSubnetworksArgs;
+     * import java.util.List;
+     * import java.util.ArrayList;
+     * import java.util.Map;
+     * import java.io.File;
+     * import java.nio.file.Files;
+     * import java.nio.file.Paths;
+     * 
+     * public class App {
+     *     public static void main(String[] args) {
+     *         Pulumi.run(App::stack);
+     *     }
+     * 
+     *     public static void stack(Context ctx) {
+     *         final var my-subnetworks = ComputeFunctions.getSubnetworks(GetSubnetworksArgs.builder()
+     *             .filter("ipCidrRange eq 192.168.178.0/24")
+     *             .project("my-project")
+     *             .region("us-east1")
+     *             .build());
+     * 
+     *     }
+     * }
+     * }
+     *
+ * <!--End PulumiCodeChooser --> + * + */ + public static Output getSubnetworks() { + return getSubnetworks(GetSubnetworksArgs.Empty, InvokeOptions.Empty); + } + /** + * Get subnetworks within GCE. + * See [the official documentation](https://cloud.google.com/vpc/docs/subnets) + * and [API](https://cloud.google.com/compute/docs/reference/rest/v1/subnetworks/list). + * + * ## Example Usage + * + * <!--Start PulumiCodeChooser --> + * 
+     * {@code
+     * package generated_program;
+     * 
+     * import com.pulumi.Context;
+     * import com.pulumi.Pulumi;
+     * import com.pulumi.core.Output;
+     * import com.pulumi.gcp.compute.ComputeFunctions;
+     * import com.pulumi.gcp.compute.inputs.GetSubnetworksArgs;
+     * import java.util.List;
+     * import java.util.ArrayList;
+     * import java.util.Map;
+     * import java.io.File;
+     * import java.nio.file.Files;
+     * import java.nio.file.Paths;
+     * 
+     * public class App {
+     *     public static void main(String[] args) {
+     *         Pulumi.run(App::stack);
+     *     }
+     * 
+     *     public static void stack(Context ctx) {
+     *         final var my-subnetworks = ComputeFunctions.getSubnetworks(GetSubnetworksArgs.builder()
+     *             .filter("ipCidrRange eq 192.168.178.0/24")
+     *             .project("my-project")
+     *             .region("us-east1")
+     *             .build());
+     * 
+     *     }
+     * }
+     * }
+     *
+ * <!--End PulumiCodeChooser --> + * + */ + public static CompletableFuture getSubnetworksPlain() { + return getSubnetworksPlain(GetSubnetworksPlainArgs.Empty, InvokeOptions.Empty); + } + /** + * Get subnetworks within GCE. + * See [the official documentation](https://cloud.google.com/vpc/docs/subnets) + * and [API](https://cloud.google.com/compute/docs/reference/rest/v1/subnetworks/list). + * + * ## Example Usage + * + * <!--Start PulumiCodeChooser --> + * 
+     * {@code
+     * package generated_program;
+     * 
+     * import com.pulumi.Context;
+     * import com.pulumi.Pulumi;
+     * import com.pulumi.core.Output;
+     * import com.pulumi.gcp.compute.ComputeFunctions;
+     * import com.pulumi.gcp.compute.inputs.GetSubnetworksArgs;
+     * import java.util.List;
+     * import java.util.ArrayList;
+     * import java.util.Map;
+     * import java.io.File;
+     * import java.nio.file.Files;
+     * import java.nio.file.Paths;
+     * 
+     * public class App {
+     *     public static void main(String[] args) {
+     *         Pulumi.run(App::stack);
+     *     }
+     * 
+     *     public static void stack(Context ctx) {
+     *         final var my-subnetworks = ComputeFunctions.getSubnetworks(GetSubnetworksArgs.builder()
+     *             .filter("ipCidrRange eq 192.168.178.0/24")
+     *             .project("my-project")
+     *             .region("us-east1")
+     *             .build());
+     * 
+     *     }
+     * }
+     * }
+     *
+ * <!--End PulumiCodeChooser --> + * + */ + public static Output getSubnetworks(GetSubnetworksArgs args) { + return getSubnetworks(args, InvokeOptions.Empty); + } + /** + * Get subnetworks within GCE. + * See [the official documentation](https://cloud.google.com/vpc/docs/subnets) + * and [API](https://cloud.google.com/compute/docs/reference/rest/v1/subnetworks/list). + * + * ## Example Usage + * + * <!--Start PulumiCodeChooser --> + * 
+     * {@code
+     * package generated_program;
+     * 
+     * import com.pulumi.Context;
+     * import com.pulumi.Pulumi;
+     * import com.pulumi.core.Output;
+     * import com.pulumi.gcp.compute.ComputeFunctions;
+     * import com.pulumi.gcp.compute.inputs.GetSubnetworksArgs;
+     * import java.util.List;
+     * import java.util.ArrayList;
+     * import java.util.Map;
+     * import java.io.File;
+     * import java.nio.file.Files;
+     * import java.nio.file.Paths;
+     * 
+     * public class App {
+     *     public static void main(String[] args) {
+     *         Pulumi.run(App::stack);
+     *     }
+     * 
+     *     public static void stack(Context ctx) {
+     *         final var my-subnetworks = ComputeFunctions.getSubnetworks(GetSubnetworksArgs.builder()
+     *             .filter("ipCidrRange eq 192.168.178.0/24")
+     *             .project("my-project")
+     *             .region("us-east1")
+     *             .build());
+     * 
+     *     }
+     * }
+     * }
+     *
+ * <!--End PulumiCodeChooser --> + * + */ + public static CompletableFuture getSubnetworksPlain(GetSubnetworksPlainArgs args) { + return getSubnetworksPlain(args, InvokeOptions.Empty); + } + /** + * Get subnetworks within GCE. + * See [the official documentation](https://cloud.google.com/vpc/docs/subnets) + * and [API](https://cloud.google.com/compute/docs/reference/rest/v1/subnetworks/list). + * + * ## Example Usage + * + * <!--Start PulumiCodeChooser --> + * 
+     * {@code
+     * package generated_program;
+     * 
+     * import com.pulumi.Context;
+     * import com.pulumi.Pulumi;
+     * import com.pulumi.core.Output;
+     * import com.pulumi.gcp.compute.ComputeFunctions;
+     * import com.pulumi.gcp.compute.inputs.GetSubnetworksArgs;
+     * import java.util.List;
+     * import java.util.ArrayList;
+     * import java.util.Map;
+     * import java.io.File;
+     * import java.nio.file.Files;
+     * import java.nio.file.Paths;
+     * 
+     * public class App {
+     *     public static void main(String[] args) {
+     *         Pulumi.run(App::stack);
+     *     }
+     * 
+     *     public static void stack(Context ctx) {
+     *         final var my-subnetworks = ComputeFunctions.getSubnetworks(GetSubnetworksArgs.builder()
+     *             .filter("ipCidrRange eq 192.168.178.0/24")
+     *             .project("my-project")
+     *             .region("us-east1")
+     *             .build());
+     * 
+     *     }
+     * }
+     * }
+     *
+ * <!--End PulumiCodeChooser --> + * + */ + public static Output getSubnetworks(GetSubnetworksArgs args, InvokeOptions options) { + return Deployment.getInstance().invoke("gcp:compute/getSubnetworks:getSubnetworks", TypeShape.of(GetSubnetworksResult.class), args, Utilities.withVersion(options)); + } + /** + * Get subnetworks within GCE. + * See [the official documentation](https://cloud.google.com/vpc/docs/subnets) + * and [API](https://cloud.google.com/compute/docs/reference/rest/v1/subnetworks/list). + * + * ## Example Usage + * + * <!--Start PulumiCodeChooser --> + * 
+     * {@code
+     * package generated_program;
+     * 
+     * import com.pulumi.Context;
+     * import com.pulumi.Pulumi;
+     * import com.pulumi.core.Output;
+     * import com.pulumi.gcp.compute.ComputeFunctions;
+     * import com.pulumi.gcp.compute.inputs.GetSubnetworksArgs;
+     * import java.util.List;
+     * import java.util.ArrayList;
+     * import java.util.Map;
+     * import java.io.File;
+     * import java.nio.file.Files;
+     * import java.nio.file.Paths;
+     * 
+     * public class App {
+     *     public static void main(String[] args) {
+     *         Pulumi.run(App::stack);
+     *     }
+     * 
+     *     public static void stack(Context ctx) {
+     *         final var my-subnetworks = ComputeFunctions.getSubnetworks(GetSubnetworksArgs.builder()
+     *             .filter("ipCidrRange eq 192.168.178.0/24")
+     *             .project("my-project")
+     *             .region("us-east1")
+     *             .build());
+     * 
+     *     }
+     * }
+     * }
+     *
+ * <!--End PulumiCodeChooser --> + * + */ + public static CompletableFuture getSubnetworksPlain(GetSubnetworksPlainArgs args, InvokeOptions options) { + return Deployment.getInstance().invokeAsync("gcp:compute/getSubnetworks:getSubnetworks", TypeShape.of(GetSubnetworksResult.class), args, Utilities.withVersion(options)); + } /** * Get a VPN gateway within GCE from its name. * diff --git a/sdk/java/src/main/java/com/pulumi/gcp/compute/InstanceGroupMembership.java b/sdk/java/src/main/java/com/pulumi/gcp/compute/InstanceGroupMembership.java index 08129df32e..0a9ce20c52 100644 --- a/sdk/java/src/main/java/com/pulumi/gcp/compute/InstanceGroupMembership.java +++ b/sdk/java/src/main/java/com/pulumi/gcp/compute/InstanceGroupMembership.java @@ -24,7 +24,7 @@ * > **NOTE** This resource has been added to avoid a situation, where after * Instance is recreated, it's removed from Instance Group and it's needed to * perform `apply` twice. To avoid situations like this, please use this resource - * with the lifecycle `update_triggered_by` method, with the passed Instance's ID. + * with the lifecycle `replace_triggered_by` method, with the passed Instance's ID. * * To get more information about InstanceGroupMembership, see: * diff --git a/sdk/java/src/main/java/com/pulumi/gcp/compute/InterconnectAttachment.java b/sdk/java/src/main/java/com/pulumi/gcp/compute/InterconnectAttachment.java index e0eb6a1e28..229d0932dc 100644 --- a/sdk/java/src/main/java/com/pulumi/gcp/compute/InterconnectAttachment.java +++ b/sdk/java/src/main/java/com/pulumi/gcp/compute/InterconnectAttachment.java @@ -677,6 +677,30 @@ public Output stackType() { public Output state() { return this.state; } + /** + * Length of the IPv4 subnet mask. Allowed values: 29 (default), 30. The default value is 29, + * except for Cross-Cloud Interconnect connections that use an InterconnectRemoteLocation with a + * constraints.subnetLengthRange.min equal to 30. For example, connections that use an Azure + * remote location fall into this category. In these cases, the default value is 30, and + * requesting 29 returns an error. Where both 29 and 30 are allowed, 29 is preferred, because it + * gives Google Cloud Support more debugging visibility. + * + */ + @Export(name="subnetLength", refs={Integer.class}, tree="[0]") + private Output subnetLength; + + /** + * @return Length of the IPv4 subnet mask. Allowed values: 29 (default), 30. The default value is 29, + * except for Cross-Cloud Interconnect connections that use an InterconnectRemoteLocation with a + * constraints.subnetLengthRange.min equal to 30. For example, connections that use an Azure + * remote location fall into this category. In these cases, the default value is 30, and + * requesting 29 returns an error. Where both 29 and 30 are allowed, 29 is preferred, because it + * gives Google Cloud Support more debugging visibility. + * + */ + public Output> subnetLength() { + return Codegen.optional(this.subnetLength); + } /** * The type of InterconnectAttachment you wish to create. Defaults to * DEDICATED. diff --git a/sdk/java/src/main/java/com/pulumi/gcp/compute/InterconnectAttachmentArgs.java b/sdk/java/src/main/java/com/pulumi/gcp/compute/InterconnectAttachmentArgs.java index 4a0f830c63..eaa825a02a 100644 --- a/sdk/java/src/main/java/com/pulumi/gcp/compute/InterconnectAttachmentArgs.java +++ b/sdk/java/src/main/java/com/pulumi/gcp/compute/InterconnectAttachmentArgs.java @@ -351,6 +351,31 @@ public Optional> stackType() { return Optional.ofNullable(this.stackType); } + /** + * Length of the IPv4 subnet mask. Allowed values: 29 (default), 30. The default value is 29, + * except for Cross-Cloud Interconnect connections that use an InterconnectRemoteLocation with a + * constraints.subnetLengthRange.min equal to 30. For example, connections that use an Azure + * remote location fall into this category. In these cases, the default value is 30, and + * requesting 29 returns an error. Where both 29 and 30 are allowed, 29 is preferred, because it + * gives Google Cloud Support more debugging visibility. + * + */ + @Import(name="subnetLength") + private @Nullable Output subnetLength; + + /** + * @return Length of the IPv4 subnet mask. Allowed values: 29 (default), 30. The default value is 29, + * except for Cross-Cloud Interconnect connections that use an InterconnectRemoteLocation with a + * constraints.subnetLengthRange.min equal to 30. For example, connections that use an Azure + * remote location fall into this category. In these cases, the default value is 30, and + * requesting 29 returns an error. Where both 29 and 30 are allowed, 29 is preferred, because it + * gives Google Cloud Support more debugging visibility. + * + */ + public Optional> subnetLength() { + return Optional.ofNullable(this.subnetLength); + } + /** * The type of InterconnectAttachment you wish to create. Defaults to * DEDICATED. @@ -404,6 +429,7 @@ private InterconnectAttachmentArgs(InterconnectAttachmentArgs $) { this.region = $.region; this.router = $.router; this.stackType = $.stackType; + this.subnetLength = $.subnetLength; this.type = $.type; this.vlanTag8021q = $.vlanTag8021q; } @@ -882,6 +908,37 @@ public Builder stackType(String stackType) { return stackType(Output.of(stackType)); } + /** + * @param subnetLength Length of the IPv4 subnet mask. Allowed values: 29 (default), 30. The default value is 29, + * except for Cross-Cloud Interconnect connections that use an InterconnectRemoteLocation with a + * constraints.subnetLengthRange.min equal to 30. For example, connections that use an Azure + * remote location fall into this category. In these cases, the default value is 30, and + * requesting 29 returns an error. Where both 29 and 30 are allowed, 29 is preferred, because it + * gives Google Cloud Support more debugging visibility. + * + * @return builder + * + */ + public Builder subnetLength(@Nullable Output subnetLength) { + $.subnetLength = subnetLength; + return this; + } + + /** + * @param subnetLength Length of the IPv4 subnet mask. Allowed values: 29 (default), 30. The default value is 29, + * except for Cross-Cloud Interconnect connections that use an InterconnectRemoteLocation with a + * constraints.subnetLengthRange.min equal to 30. For example, connections that use an Azure + * remote location fall into this category. In these cases, the default value is 30, and + * requesting 29 returns an error. Where both 29 and 30 are allowed, 29 is preferred, because it + * gives Google Cloud Support more debugging visibility. + * + * @return builder + * + */ + public Builder subnetLength(Integer subnetLength) { + return subnetLength(Output.of(subnetLength)); + } + /** * @param type The type of InterconnectAttachment you wish to create. Defaults to * DEDICATED. diff --git a/sdk/java/src/main/java/com/pulumi/gcp/compute/NetworkEndpoint.java b/sdk/java/src/main/java/com/pulumi/gcp/compute/NetworkEndpoint.java index d54aa26e86..f7c3703fff 100644 --- a/sdk/java/src/main/java/com/pulumi/gcp/compute/NetworkEndpoint.java +++ b/sdk/java/src/main/java/com/pulumi/gcp/compute/NetworkEndpoint.java @@ -24,7 +24,7 @@ * * > **NOTE** In case the Endpoint's Instance is recreated, it's needed to * perform `apply` twice. To avoid situations like this, please use this resource - * with the lifecycle `update_triggered_by` method, with the passed Instance's ID. + * with the lifecycle `replace_triggered_by` method, with the passed Instance's ID. * * To get more information about NetworkEndpoint, see: * diff --git a/sdk/java/src/main/java/com/pulumi/gcp/compute/NetworkEndpointList.java b/sdk/java/src/main/java/com/pulumi/gcp/compute/NetworkEndpointList.java index 306256be29..1ef67c27e2 100644 --- a/sdk/java/src/main/java/com/pulumi/gcp/compute/NetworkEndpointList.java +++ b/sdk/java/src/main/java/com/pulumi/gcp/compute/NetworkEndpointList.java @@ -28,7 +28,7 @@ * * > **NOTE** In case the Endpoint's Instance is recreated, it's needed to * perform `apply` twice. To avoid situations like this, please use this resource - * with the lifecycle `update_triggered_by` method, with the passed Instance's ID. + * with the lifecycle `replace_triggered_by` method, with the passed Instance's ID. * * To get more information about NetworkEndpoints, see: * diff --git a/sdk/java/src/main/java/com/pulumi/gcp/compute/RegionSslPolicy.java b/sdk/java/src/main/java/com/pulumi/gcp/compute/RegionSslPolicy.java index 2c1c13db8b..0d59b5ff8b 100644 --- a/sdk/java/src/main/java/com/pulumi/gcp/compute/RegionSslPolicy.java +++ b/sdk/java/src/main/java/com/pulumi/gcp/compute/RegionSslPolicy.java @@ -171,6 +171,8 @@ public Output> minTlsVersion() { * characters must be a dash, lowercase letter, or digit, except the last * character, which cannot be a dash. * + * *** + * */ @Export(name="name", refs={String.class}, tree="[0]") private Output name; @@ -184,6 +186,8 @@ public Output> minTlsVersion() { * characters must be a dash, lowercase letter, or digit, except the last * character, which cannot be a dash. * + * *** + * */ public Output name() { return this.name; @@ -237,8 +241,6 @@ public Output project() { /** * The region where the regional SSL policy resides. * - * *** - * */ @Export(name="region", refs={String.class}, tree="[0]") private Output region; @@ -246,8 +248,6 @@ public Output project() { /** * @return The region where the regional SSL policy resides. * - * *** - * */ public Output region() { return this.region; @@ -279,7 +279,7 @@ public RegionSslPolicy(String name) { * @param name The _unique_ name of the resulting resource. * @param args The arguments to use to populate this resource's properties. */ - public RegionSslPolicy(String name, RegionSslPolicyArgs args) { + public RegionSslPolicy(String name, @Nullable RegionSslPolicyArgs args) { this(name, args, null); } /** @@ -288,7 +288,7 @@ public RegionSslPolicy(String name, RegionSslPolicyArgs args) { * @param args The arguments to use to populate this resource's properties. * @param options A bag of options that control this resource's behavior. */ - public RegionSslPolicy(String name, RegionSslPolicyArgs args, @Nullable com.pulumi.resources.CustomResourceOptions options) { + public RegionSslPolicy(String name, @Nullable RegionSslPolicyArgs args, @Nullable com.pulumi.resources.CustomResourceOptions options) { super("gcp:compute/regionSslPolicy:RegionSslPolicy", name, args == null ? RegionSslPolicyArgs.Empty : args, makeResourceOptions(options, Codegen.empty())); } diff --git a/sdk/java/src/main/java/com/pulumi/gcp/compute/RegionSslPolicyArgs.java b/sdk/java/src/main/java/com/pulumi/gcp/compute/RegionSslPolicyArgs.java index 488a8e5b60..051156b3ee 100644 --- a/sdk/java/src/main/java/com/pulumi/gcp/compute/RegionSslPolicyArgs.java +++ b/sdk/java/src/main/java/com/pulumi/gcp/compute/RegionSslPolicyArgs.java @@ -5,7 +5,6 @@ import com.pulumi.core.Output; import com.pulumi.core.annotations.Import; -import com.pulumi.exceptions.MissingRequiredPropertyException; import java.lang.String; import java.util.List; import java.util.Objects; @@ -89,6 +88,8 @@ public Optional> minTlsVersion() { * characters must be a dash, lowercase letter, or digit, except the last * character, which cannot be a dash. * + * *** + * */ @Import(name="name") private @Nullable Output name; @@ -102,6 +103,8 @@ public Optional> minTlsVersion() { * characters must be a dash, lowercase letter, or digit, except the last * character, which cannot be a dash. * + * *** + * */ public Optional> name() { return Optional.ofNullable(this.name); @@ -158,20 +161,16 @@ public Optional> project() { /** * The region where the regional SSL policy resides. * - * *** - * */ - @Import(name="region", required=true) - private Output region; + @Import(name="region") + private @Nullable Output region; /** * @return The region where the regional SSL policy resides. * - * *** - * */ - public Output region() { - return this.region; + public Optional> region() { + return Optional.ofNullable(this.region); } private RegionSslPolicyArgs() {} @@ -310,6 +309,8 @@ public Builder minTlsVersion(String minTlsVersion) { * characters must be a dash, lowercase letter, or digit, except the last * character, which cannot be a dash. * + * *** + * * @return builder * */ @@ -327,6 +328,8 @@ public Builder name(@Nullable Output name) { * characters must be a dash, lowercase letter, or digit, except the last * character, which cannot be a dash. * + * *** + * * @return builder * */ @@ -397,12 +400,10 @@ public Builder project(String project) { /** * @param region The region where the regional SSL policy resides. * - * *** - * * @return builder * */ - public Builder region(Output region) { + public Builder region(@Nullable Output region) { $.region = region; return this; } @@ -410,8 +411,6 @@ public Builder region(Output region) { /** * @param region The region where the regional SSL policy resides. * - * *** - * * @return builder * */ @@ -420,9 +419,6 @@ public Builder region(String region) { } public RegionSslPolicyArgs build() { - if ($.region == null) { - throw new MissingRequiredPropertyException("RegionSslPolicyArgs", "region"); - } return $; } } diff --git a/sdk/java/src/main/java/com/pulumi/gcp/compute/SecurityPolicyRule.java b/sdk/java/src/main/java/com/pulumi/gcp/compute/SecurityPolicyRule.java index 0cd981e63b..98261fa9e2 100644 --- a/sdk/java/src/main/java/com/pulumi/gcp/compute/SecurityPolicyRule.java +++ b/sdk/java/src/main/java/com/pulumi/gcp/compute/SecurityPolicyRule.java @@ -12,6 +12,7 @@ import com.pulumi.gcp.compute.inputs.SecurityPolicyRuleState; import com.pulumi.gcp.compute.outputs.SecurityPolicyRuleMatch; import com.pulumi.gcp.compute.outputs.SecurityPolicyRulePreconfiguredWafConfig; +import com.pulumi.gcp.compute.outputs.SecurityPolicyRuleRateLimitOptions; import java.lang.Boolean; import java.lang.Integer; import java.lang.String; @@ -375,6 +376,22 @@ public Output priority() { public Output project() { return this.project; } + /** + * Must be specified if the action is "rate_based_ban" or "throttle". Cannot be specified for any other actions. + * Structure is documented below. + * + */ + @Export(name="rateLimitOptions", refs={SecurityPolicyRuleRateLimitOptions.class}, tree="[0]") + private Output rateLimitOptions; + + /** + * @return Must be specified if the action is "rate_based_ban" or "throttle". Cannot be specified for any other actions. + * Structure is documented below. + * + */ + public Output> rateLimitOptions() { + return Codegen.optional(this.rateLimitOptions); + } /** * The name of the security policy this rule belongs to. * diff --git a/sdk/java/src/main/java/com/pulumi/gcp/compute/SecurityPolicyRuleArgs.java b/sdk/java/src/main/java/com/pulumi/gcp/compute/SecurityPolicyRuleArgs.java index 7fc7da94c6..4f413ef1d1 100644 --- a/sdk/java/src/main/java/com/pulumi/gcp/compute/SecurityPolicyRuleArgs.java +++ b/sdk/java/src/main/java/com/pulumi/gcp/compute/SecurityPolicyRuleArgs.java @@ -8,6 +8,7 @@ import com.pulumi.exceptions.MissingRequiredPropertyException; import com.pulumi.gcp.compute.inputs.SecurityPolicyRuleMatchArgs; import com.pulumi.gcp.compute.inputs.SecurityPolicyRulePreconfiguredWafConfigArgs; +import com.pulumi.gcp.compute.inputs.SecurityPolicyRuleRateLimitOptionsArgs; import java.lang.Boolean; import java.lang.Integer; import java.lang.String; @@ -149,6 +150,23 @@ public Optional> project() { return Optional.ofNullable(this.project); } + /** + * Must be specified if the action is "rate_based_ban" or "throttle". Cannot be specified for any other actions. + * Structure is documented below. + * + */ + @Import(name="rateLimitOptions") + private @Nullable Output rateLimitOptions; + + /** + * @return Must be specified if the action is "rate_based_ban" or "throttle". Cannot be specified for any other actions. + * Structure is documented below. + * + */ + public Optional> rateLimitOptions() { + return Optional.ofNullable(this.rateLimitOptions); + } + /** * The name of the security policy this rule belongs to. * @@ -178,6 +196,7 @@ private SecurityPolicyRuleArgs(SecurityPolicyRuleArgs $) { this.preview = $.preview; this.priority = $.priority; this.project = $.project; + this.rateLimitOptions = $.rateLimitOptions; this.securityPolicy = $.securityPolicy; } @@ -370,6 +389,29 @@ public Builder project(String project) { return project(Output.of(project)); } + /** + * @param rateLimitOptions Must be specified if the action is "rate_based_ban" or "throttle". Cannot be specified for any other actions. + * Structure is documented below. + * + * @return builder + * + */ + public Builder rateLimitOptions(@Nullable Output rateLimitOptions) { + $.rateLimitOptions = rateLimitOptions; + return this; + } + + /** + * @param rateLimitOptions Must be specified if the action is "rate_based_ban" or "throttle". Cannot be specified for any other actions. + * Structure is documented below. + * + * @return builder + * + */ + public Builder rateLimitOptions(SecurityPolicyRuleRateLimitOptionsArgs rateLimitOptions) { + return rateLimitOptions(Output.of(rateLimitOptions)); + } + /** * @param securityPolicy The name of the security policy this rule belongs to. * diff --git a/sdk/java/src/main/java/com/pulumi/gcp/compute/inputs/GetSubnetworksArgs.java b/sdk/java/src/main/java/com/pulumi/gcp/compute/inputs/GetSubnetworksArgs.java new file mode 100644 index 0000000000..1735783785 --- /dev/null +++ b/sdk/java/src/main/java/com/pulumi/gcp/compute/inputs/GetSubnetworksArgs.java @@ -0,0 +1,165 @@ +// *** WARNING: this file was generated by pulumi-java-gen. *** +// *** Do not edit by hand unless you're certain you know what you are doing! *** + +package com.pulumi.gcp.compute.inputs; + +import com.pulumi.core.Output; +import com.pulumi.core.annotations.Import; +import java.lang.String; +import java.util.Objects; +import java.util.Optional; +import javax.annotation.Nullable; + + +public final class GetSubnetworksArgs extends com.pulumi.resources.InvokeArgs { + + public static final GetSubnetworksArgs Empty = new GetSubnetworksArgs(); + + /** + * A string filter as defined in the [REST API](https://cloud.google.com/compute/docs/reference/rest/v1/subnetworks/list#query-parameters). + * + */ + @Import(name="filter") + private @Nullable Output filter; + + /** + * @return A string filter as defined in the [REST API](https://cloud.google.com/compute/docs/reference/rest/v1/subnetworks/list#query-parameters). + * + */ + public Optional> filter() { + return Optional.ofNullable(this.filter); + } + + /** + * The ID of the project in which the resource belongs. If it + * is not provided, the provider project is used. + * + */ + @Import(name="project") + private @Nullable Output project; + + /** + * @return The ID of the project in which the resource belongs. If it + * is not provided, the provider project is used. + * + */ + public Optional> project() { + return Optional.ofNullable(this.project); + } + + /** + * The region this subnetwork has been created in. If + * unspecified, this defaults to the region configured in the provider. + * + */ + @Import(name="region") + private @Nullable Output region; + + /** + * @return The region this subnetwork has been created in. If + * unspecified, this defaults to the region configured in the provider. + * + */ + public Optional> region() { + return Optional.ofNullable(this.region); + } + + private GetSubnetworksArgs() {} + + private GetSubnetworksArgs(GetSubnetworksArgs $) { + this.filter = $.filter; + this.project = $.project; + this.region = $.region; + } + + public static Builder builder() { + return new Builder(); + } + public static Builder builder(GetSubnetworksArgs defaults) { + return new Builder(defaults); + } + + public static final class Builder { + private GetSubnetworksArgs $; + + public Builder() { + $ = new GetSubnetworksArgs(); + } + + public Builder(GetSubnetworksArgs defaults) { + $ = new GetSubnetworksArgs(Objects.requireNonNull(defaults)); + } + + /** + * @param filter A string filter as defined in the [REST API](https://cloud.google.com/compute/docs/reference/rest/v1/subnetworks/list#query-parameters). + * + * @return builder + * + */ + public Builder filter(@Nullable Output filter) { + $.filter = filter; + return this; + } + + /** + * @param filter A string filter as defined in the [REST API](https://cloud.google.com/compute/docs/reference/rest/v1/subnetworks/list#query-parameters). + * + * @return builder + * + */ + public Builder filter(String filter) { + return filter(Output.of(filter)); + } + + /** + * @param project The ID of the project in which the resource belongs. If it + * is not provided, the provider project is used. + * + * @return builder + * + */ + public Builder project(@Nullable Output project) { + $.project = project; + return this; + } + + /** + * @param project The ID of the project in which the resource belongs. If it + * is not provided, the provider project is used. + * + * @return builder + * + */ + public Builder project(String project) { + return project(Output.of(project)); + } + + /** + * @param region The region this subnetwork has been created in. If + * unspecified, this defaults to the region configured in the provider. + * + * @return builder + * + */ + public Builder region(@Nullable Output region) { + $.region = region; + return this; + } + + /** + * @param region The region this subnetwork has been created in. If + * unspecified, this defaults to the region configured in the provider. + * + * @return builder + * + */ + public Builder region(String region) { + return region(Output.of(region)); + } + + public GetSubnetworksArgs build() { + return $; + } + } + +} diff --git a/sdk/java/src/main/java/com/pulumi/gcp/compute/inputs/GetSubnetworksPlainArgs.java b/sdk/java/src/main/java/com/pulumi/gcp/compute/inputs/GetSubnetworksPlainArgs.java new file mode 100644 index 0000000000..1a7c6b6f3f --- /dev/null +++ b/sdk/java/src/main/java/com/pulumi/gcp/compute/inputs/GetSubnetworksPlainArgs.java @@ -0,0 +1,132 @@ +// *** WARNING: this file was generated by pulumi-java-gen. *** +// *** Do not edit by hand unless you're certain you know what you are doing! *** + +package com.pulumi.gcp.compute.inputs; + +import com.pulumi.core.annotations.Import; +import java.lang.String; +import java.util.Objects; +import java.util.Optional; +import javax.annotation.Nullable; + + +public final class GetSubnetworksPlainArgs extends com.pulumi.resources.InvokeArgs { + + public static final GetSubnetworksPlainArgs Empty = new GetSubnetworksPlainArgs(); + + /** + * A string filter as defined in the [REST API](https://cloud.google.com/compute/docs/reference/rest/v1/subnetworks/list#query-parameters). + * + */ + @Import(name="filter") + private @Nullable String filter; + + /** + * @return A string filter as defined in the [REST API](https://cloud.google.com/compute/docs/reference/rest/v1/subnetworks/list#query-parameters). + * + */ + public Optional filter() { + return Optional.ofNullable(this.filter); + } + + /** + * The ID of the project in which the resource belongs. If it + * is not provided, the provider project is used. + * + */ + @Import(name="project") + private @Nullable String project; + + /** + * @return The ID of the project in which the resource belongs. If it + * is not provided, the provider project is used. + * + */ + public Optional project() { + return Optional.ofNullable(this.project); + } + + /** + * The region this subnetwork has been created in. If + * unspecified, this defaults to the region configured in the provider. + * + */ + @Import(name="region") + private @Nullable String region; + + /** + * @return The region this subnetwork has been created in. If + * unspecified, this defaults to the region configured in the provider. + * + */ + public Optional region() { + return Optional.ofNullable(this.region); + } + + private GetSubnetworksPlainArgs() {} + + private GetSubnetworksPlainArgs(GetSubnetworksPlainArgs $) { + this.filter = $.filter; + this.project = $.project; + this.region = $.region; + } + + public static Builder builder() { + return new Builder(); + } + public static Builder builder(GetSubnetworksPlainArgs defaults) { + return new Builder(defaults); + } + + public static final class Builder { + private GetSubnetworksPlainArgs $; + + public Builder() { + $ = new GetSubnetworksPlainArgs(); + } + + public Builder(GetSubnetworksPlainArgs defaults) { + $ = new GetSubnetworksPlainArgs(Objects.requireNonNull(defaults)); + } + + /** + * @param filter A string filter as defined in the [REST API](https://cloud.google.com/compute/docs/reference/rest/v1/subnetworks/list#query-parameters). + * + * @return builder + * + */ + public Builder filter(@Nullable String filter) { + $.filter = filter; + return this; + } + + /** + * @param project The ID of the project in which the resource belongs. If it + * is not provided, the provider project is used. + * + * @return builder + * + */ + public Builder project(@Nullable String project) { + $.project = project; + return this; + } + + /** + * @param region The region this subnetwork has been created in. If + * unspecified, this defaults to the region configured in the provider. + * + * @return builder + * + */ + public Builder region(@Nullable String region) { + $.region = region; + return this; + } + + public GetSubnetworksPlainArgs build() { + return $; + } + } + +} diff --git a/sdk/java/src/main/java/com/pulumi/gcp/compute/inputs/InstanceFromMachineImageSchedulingArgs.java b/sdk/java/src/main/java/com/pulumi/gcp/compute/inputs/InstanceFromMachineImageSchedulingArgs.java index e646f3606d..5b47193837 100644 --- a/sdk/java/src/main/java/com/pulumi/gcp/compute/inputs/InstanceFromMachineImageSchedulingArgs.java +++ b/sdk/java/src/main/java/com/pulumi/gcp/compute/inputs/InstanceFromMachineImageSchedulingArgs.java @@ -8,6 +8,7 @@ import com.pulumi.gcp.compute.inputs.InstanceFromMachineImageSchedulingLocalSsdRecoveryTimeoutArgs; import com.pulumi.gcp.compute.inputs.InstanceFromMachineImageSchedulingMaxRunDurationArgs; import com.pulumi.gcp.compute.inputs.InstanceFromMachineImageSchedulingNodeAffinityArgs; +import com.pulumi.gcp.compute.inputs.InstanceFromMachineImageSchedulingOnInstanceStopActionArgs; import java.lang.Boolean; import java.lang.Integer; import java.lang.String; @@ -139,6 +140,21 @@ public Optional> onHostMaintenance() { return Optional.ofNullable(this.onHostMaintenance); } + /** + * Defines the behaviour for instances with the instance_termination_action. + * + */ + @Import(name="onInstanceStopAction") + private @Nullable Output onInstanceStopAction; + + /** + * @return Defines the behaviour for instances with the instance_termination_action. + * + */ + public Optional> onInstanceStopAction() { + return Optional.ofNullable(this.onInstanceStopAction); + } + /** * Whether the instance is preemptible. * @@ -180,6 +196,7 @@ private InstanceFromMachineImageSchedulingArgs(InstanceFromMachineImageSchedulin this.minNodeCpus = $.minNodeCpus; this.nodeAffinities = $.nodeAffinities; this.onHostMaintenance = $.onHostMaintenance; + this.onInstanceStopAction = $.onInstanceStopAction; this.preemptible = $.preemptible; this.provisioningModel = $.provisioningModel; } @@ -374,6 +391,27 @@ public Builder onHostMaintenance(String onHostMaintenance) { return onHostMaintenance(Output.of(onHostMaintenance)); } + /** + * @param onInstanceStopAction Defines the behaviour for instances with the instance_termination_action. + * + * @return builder + * + */ + public Builder onInstanceStopAction(@Nullable Output onInstanceStopAction) { + $.onInstanceStopAction = onInstanceStopAction; + return this; + } + + /** + * @param onInstanceStopAction Defines the behaviour for instances with the instance_termination_action. + * + * @return builder + * + */ + public Builder onInstanceStopAction(InstanceFromMachineImageSchedulingOnInstanceStopActionArgs onInstanceStopAction) { + return onInstanceStopAction(Output.of(onInstanceStopAction)); + } + /** * @param preemptible Whether the instance is preemptible. * diff --git a/sdk/java/src/main/java/com/pulumi/gcp/compute/inputs/InstanceFromMachineImageSchedulingOnInstanceStopActionArgs.java b/sdk/java/src/main/java/com/pulumi/gcp/compute/inputs/InstanceFromMachineImageSchedulingOnInstanceStopActionArgs.java new file mode 100644 index 0000000000..b787d8c22a --- /dev/null +++ b/sdk/java/src/main/java/com/pulumi/gcp/compute/inputs/InstanceFromMachineImageSchedulingOnInstanceStopActionArgs.java @@ -0,0 +1,83 @@ +// *** WARNING: this file was generated by pulumi-java-gen. *** +// *** Do not edit by hand unless you're certain you know what you are doing! *** + +package com.pulumi.gcp.compute.inputs; + +import com.pulumi.core.Output; +import com.pulumi.core.annotations.Import; +import java.lang.Boolean; +import java.util.Objects; +import java.util.Optional; +import javax.annotation.Nullable; + + +public final class InstanceFromMachineImageSchedulingOnInstanceStopActionArgs extends com.pulumi.resources.ResourceArgs { + + public static final InstanceFromMachineImageSchedulingOnInstanceStopActionArgs Empty = new InstanceFromMachineImageSchedulingOnInstanceStopActionArgs(); + + /** + * If true, the contents of any attached Local SSD disks will be discarded. + * + */ + @Import(name="discardLocalSsd") + private @Nullable Output discardLocalSsd; + + /** + * @return If true, the contents of any attached Local SSD disks will be discarded. + * + */ + public Optional> discardLocalSsd() { + return Optional.ofNullable(this.discardLocalSsd); + } + + private InstanceFromMachineImageSchedulingOnInstanceStopActionArgs() {} + + private InstanceFromMachineImageSchedulingOnInstanceStopActionArgs(InstanceFromMachineImageSchedulingOnInstanceStopActionArgs $) { + this.discardLocalSsd = $.discardLocalSsd; + } + + public static Builder builder() { + return new Builder(); + } + public static Builder builder(InstanceFromMachineImageSchedulingOnInstanceStopActionArgs defaults) { + return new Builder(defaults); + } + + public static final class Builder { + private InstanceFromMachineImageSchedulingOnInstanceStopActionArgs $; + + public Builder() { + $ = new InstanceFromMachineImageSchedulingOnInstanceStopActionArgs(); + } + + public Builder(InstanceFromMachineImageSchedulingOnInstanceStopActionArgs defaults) { + $ = new InstanceFromMachineImageSchedulingOnInstanceStopActionArgs(Objects.requireNonNull(defaults)); + } + + /** + * @param discardLocalSsd If true, the contents of any attached Local SSD disks will be discarded. + * + * @return builder + * + */ + public Builder discardLocalSsd(@Nullable Output discardLocalSsd) { + $.discardLocalSsd = discardLocalSsd; + return this; + } + + /** + * @param discardLocalSsd If true, the contents of any attached Local SSD disks will be discarded. + * + * @return builder + * + */ + public Builder discardLocalSsd(Boolean discardLocalSsd) { + return discardLocalSsd(Output.of(discardLocalSsd)); + } + + public InstanceFromMachineImageSchedulingOnInstanceStopActionArgs build() { + return $; + } + } + +} diff --git a/sdk/java/src/main/java/com/pulumi/gcp/compute/inputs/InstanceFromTemplateSchedulingArgs.java b/sdk/java/src/main/java/com/pulumi/gcp/compute/inputs/InstanceFromTemplateSchedulingArgs.java index bd00ff1fa1..be13336c0a 100644 --- a/sdk/java/src/main/java/com/pulumi/gcp/compute/inputs/InstanceFromTemplateSchedulingArgs.java +++ b/sdk/java/src/main/java/com/pulumi/gcp/compute/inputs/InstanceFromTemplateSchedulingArgs.java @@ -8,6 +8,7 @@ import com.pulumi.gcp.compute.inputs.InstanceFromTemplateSchedulingLocalSsdRecoveryTimeoutArgs; import com.pulumi.gcp.compute.inputs.InstanceFromTemplateSchedulingMaxRunDurationArgs; import com.pulumi.gcp.compute.inputs.InstanceFromTemplateSchedulingNodeAffinityArgs; +import com.pulumi.gcp.compute.inputs.InstanceFromTemplateSchedulingOnInstanceStopActionArgs; import java.lang.Boolean; import java.lang.Integer; import java.lang.String; @@ -139,6 +140,21 @@ public Optional> onHostMaintenance() { return Optional.ofNullable(this.onHostMaintenance); } + /** + * Defines the behaviour for instances with the instance_termination_action. + * + */ + @Import(name="onInstanceStopAction") + private @Nullable Output onInstanceStopAction; + + /** + * @return Defines the behaviour for instances with the instance_termination_action. + * + */ + public Optional> onInstanceStopAction() { + return Optional.ofNullable(this.onInstanceStopAction); + } + /** * Whether the instance is preemptible. * @@ -180,6 +196,7 @@ private InstanceFromTemplateSchedulingArgs(InstanceFromTemplateSchedulingArgs $) this.minNodeCpus = $.minNodeCpus; this.nodeAffinities = $.nodeAffinities; this.onHostMaintenance = $.onHostMaintenance; + this.onInstanceStopAction = $.onInstanceStopAction; this.preemptible = $.preemptible; this.provisioningModel = $.provisioningModel; } @@ -374,6 +391,27 @@ public Builder onHostMaintenance(String onHostMaintenance) { return onHostMaintenance(Output.of(onHostMaintenance)); } + /** + * @param onInstanceStopAction Defines the behaviour for instances with the instance_termination_action. + * + * @return builder + * + */ + public Builder onInstanceStopAction(@Nullable Output onInstanceStopAction) { + $.onInstanceStopAction = onInstanceStopAction; + return this; + } + + /** + * @param onInstanceStopAction Defines the behaviour for instances with the instance_termination_action. + * + * @return builder + * + */ + public Builder onInstanceStopAction(InstanceFromTemplateSchedulingOnInstanceStopActionArgs onInstanceStopAction) { + return onInstanceStopAction(Output.of(onInstanceStopAction)); + } + /** * @param preemptible Whether the instance is preemptible. * diff --git a/sdk/java/src/main/java/com/pulumi/gcp/compute/inputs/InstanceFromTemplateSchedulingOnInstanceStopActionArgs.java b/sdk/java/src/main/java/com/pulumi/gcp/compute/inputs/InstanceFromTemplateSchedulingOnInstanceStopActionArgs.java new file mode 100644 index 0000000000..3cb2bba766 --- /dev/null +++ b/sdk/java/src/main/java/com/pulumi/gcp/compute/inputs/InstanceFromTemplateSchedulingOnInstanceStopActionArgs.java @@ -0,0 +1,83 @@ +// *** WARNING: this file was generated by pulumi-java-gen. *** +// *** Do not edit by hand unless you're certain you know what you are doing! *** + +package com.pulumi.gcp.compute.inputs; + +import com.pulumi.core.Output; +import com.pulumi.core.annotations.Import; +import java.lang.Boolean; +import java.util.Objects; +import java.util.Optional; +import javax.annotation.Nullable; + + +public final class InstanceFromTemplateSchedulingOnInstanceStopActionArgs extends com.pulumi.resources.ResourceArgs { + + public static final InstanceFromTemplateSchedulingOnInstanceStopActionArgs Empty = new InstanceFromTemplateSchedulingOnInstanceStopActionArgs(); + + /** + * If true, the contents of any attached Local SSD disks will be discarded. + * + */ + @Import(name="discardLocalSsd") + private @Nullable Output discardLocalSsd; + + /** + * @return If true, the contents of any attached Local SSD disks will be discarded. + * + */ + public Optional> discardLocalSsd() { + return Optional.ofNullable(this.discardLocalSsd); + } + + private InstanceFromTemplateSchedulingOnInstanceStopActionArgs() {} + + private InstanceFromTemplateSchedulingOnInstanceStopActionArgs(InstanceFromTemplateSchedulingOnInstanceStopActionArgs $) { + this.discardLocalSsd = $.discardLocalSsd; + } + + public static Builder builder() { + return new Builder(); + } + public static Builder builder(InstanceFromTemplateSchedulingOnInstanceStopActionArgs defaults) { + return new Builder(defaults); + } + + public static final class Builder { + private InstanceFromTemplateSchedulingOnInstanceStopActionArgs $; + + public Builder() { + $ = new InstanceFromTemplateSchedulingOnInstanceStopActionArgs(); + } + + public Builder(InstanceFromTemplateSchedulingOnInstanceStopActionArgs defaults) { + $ = new InstanceFromTemplateSchedulingOnInstanceStopActionArgs(Objects.requireNonNull(defaults)); + } + + /** + * @param discardLocalSsd If true, the contents of any attached Local SSD disks will be discarded. + * + * @return builder + * + */ + public Builder discardLocalSsd(@Nullable Output discardLocalSsd) { + $.discardLocalSsd = discardLocalSsd; + return this; + } + + /** + * @param discardLocalSsd If true, the contents of any attached Local SSD disks will be discarded. + * + * @return builder + * + */ + public Builder discardLocalSsd(Boolean discardLocalSsd) { + return discardLocalSsd(Output.of(discardLocalSsd)); + } + + public InstanceFromTemplateSchedulingOnInstanceStopActionArgs build() { + return $; + } + } + +} diff --git a/sdk/java/src/main/java/com/pulumi/gcp/compute/inputs/InstanceSchedulingArgs.java b/sdk/java/src/main/java/com/pulumi/gcp/compute/inputs/InstanceSchedulingArgs.java index f1d3aca426..2bba294a86 100644 --- a/sdk/java/src/main/java/com/pulumi/gcp/compute/inputs/InstanceSchedulingArgs.java +++ b/sdk/java/src/main/java/com/pulumi/gcp/compute/inputs/InstanceSchedulingArgs.java @@ -8,6 +8,7 @@ import com.pulumi.gcp.compute.inputs.InstanceSchedulingLocalSsdRecoveryTimeoutArgs; import com.pulumi.gcp.compute.inputs.InstanceSchedulingMaxRunDurationArgs; import com.pulumi.gcp.compute.inputs.InstanceSchedulingNodeAffinityArgs; +import com.pulumi.gcp.compute.inputs.InstanceSchedulingOnInstanceStopActionArgs; import java.lang.Boolean; import java.lang.Integer; import java.lang.String; @@ -92,16 +93,14 @@ public Optional> maintenanceInterval() { } /** - * The duration of the instance. Instance will run and be terminated after then, the termination action could be defined in `instance_termination_action`. Only support `DELETE` `instance_termination_action` at this point. Structure is documented below. - * <a name="nested_max_run_duration"></a>The `max_run_duration` block supports: + * The duration of the instance. Instance will run and be terminated after then, the termination action could be defined in `instance_termination_action`. Structure is documented below. * */ @Import(name="maxRunDuration") private @Nullable Output maxRunDuration; /** - * @return The duration of the instance. Instance will run and be terminated after then, the termination action could be defined in `instance_termination_action`. Only support `DELETE` `instance_termination_action` at this point. Structure is documented below. - * <a name="nested_max_run_duration"></a>The `max_run_duration` block supports: + * @return The duration of the instance. Instance will run and be terminated after then, the termination action could be defined in `instance_termination_action`. Structure is documented below. * */ public Optional> maxRunDuration() { @@ -165,6 +164,21 @@ public Optional> onHostMaintenance() { return Optional.ofNullable(this.onHostMaintenance); } + /** + * Specifies the action to be performed when the instance is terminated using `max_run_duration` and `STOP` `instance_termination_action`. Only support `true` `discard_local_ssd` at this point. Structure is documented below. + * + */ + @Import(name="onInstanceStopAction") + private @Nullable Output onInstanceStopAction; + + /** + * @return Specifies the action to be performed when the instance is terminated using `max_run_duration` and `STOP` `instance_termination_action`. Only support `true` `discard_local_ssd` at this point. Structure is documented below. + * + */ + public Optional> onInstanceStopAction() { + return Optional.ofNullable(this.onInstanceStopAction); + } + /** * Specifies if the instance is preemptible. * If this field is set to true, then `automatic_restart` must be @@ -216,6 +230,7 @@ private InstanceSchedulingArgs(InstanceSchedulingArgs $) { this.minNodeCpus = $.minNodeCpus; this.nodeAffinities = $.nodeAffinities; this.onHostMaintenance = $.onHostMaintenance; + this.onInstanceStopAction = $.onInstanceStopAction; this.preemptible = $.preemptible; this.provisioningModel = $.provisioningModel; } @@ -333,8 +348,7 @@ public Builder maintenanceInterval(String maintenanceInterval) { } /** - * @param maxRunDuration The duration of the instance. Instance will run and be terminated after then, the termination action could be defined in `instance_termination_action`. Only support `DELETE` `instance_termination_action` at this point. Structure is documented below. - * <a name="nested_max_run_duration"></a>The `max_run_duration` block supports: + * @param maxRunDuration The duration of the instance. Instance will run and be terminated after then, the termination action could be defined in `instance_termination_action`. Structure is documented below. * * @return builder * @@ -345,8 +359,7 @@ public Builder maxRunDuration(@Nullable Output onInstanceStopAction) { + $.onInstanceStopAction = onInstanceStopAction; + return this; + } + + /** + * @param onInstanceStopAction Specifies the action to be performed when the instance is terminated using `max_run_duration` and `STOP` `instance_termination_action`. Only support `true` `discard_local_ssd` at this point. Structure is documented below. + * + * @return builder + * + */ + public Builder onInstanceStopAction(InstanceSchedulingOnInstanceStopActionArgs onInstanceStopAction) { + return onInstanceStopAction(Output.of(onInstanceStopAction)); + } + /** * @param preemptible Specifies if the instance is preemptible. * If this field is set to true, then `automatic_restart` must be diff --git a/sdk/java/src/main/java/com/pulumi/gcp/compute/inputs/InstanceSchedulingMaxRunDurationArgs.java b/sdk/java/src/main/java/com/pulumi/gcp/compute/inputs/InstanceSchedulingMaxRunDurationArgs.java index 1781629c77..d2502c781a 100644 --- a/sdk/java/src/main/java/com/pulumi/gcp/compute/inputs/InstanceSchedulingMaxRunDurationArgs.java +++ b/sdk/java/src/main/java/com/pulumi/gcp/compute/inputs/InstanceSchedulingMaxRunDurationArgs.java @@ -18,9 +18,9 @@ public final class InstanceSchedulingMaxRunDurationArgs extends com.pulumi.resou /** * Span of time that's a fraction of a second at nanosecond - * resolution. Durations less than one second are represented - * with a 0 seconds field and a positive nanos field. Must - * be from 0 to 999,999,999 inclusive. + * resolution. Durations less than one second are represented with a 0 + * `seconds` field and a positive `nanos` field. Must be from 0 to + * 999,999,999 inclusive. * */ @Import(name="nanos") @@ -28,9 +28,9 @@ public final class InstanceSchedulingMaxRunDurationArgs extends com.pulumi.resou /** * @return Span of time that's a fraction of a second at nanosecond - * resolution. Durations less than one second are represented - * with a 0 seconds field and a positive nanos field. Must - * be from 0 to 999,999,999 inclusive. + * resolution. Durations less than one second are represented with a 0 + * `seconds` field and a positive `nanos` field. Must be from 0 to + * 999,999,999 inclusive. * */ public Optional> nanos() { @@ -38,16 +38,18 @@ public Optional> nanos() { } /** - * Span of time at a resolution of a second. - * Must be from 0 to 315,576,000,000 inclusive. + * Span of time at a resolution of a second. Must be from 0 to + * 315,576,000,000 inclusive. Note: these bounds are computed from: 60 + * sec/min * 60 min/hr * 24 hr/day * 365.25 days/year * 10000 years. * */ @Import(name="seconds", required=true) private Output seconds; /** - * @return Span of time at a resolution of a second. - * Must be from 0 to 315,576,000,000 inclusive. + * @return Span of time at a resolution of a second. Must be from 0 to + * 315,576,000,000 inclusive. Note: these bounds are computed from: 60 + * sec/min * 60 min/hr * 24 hr/day * 365.25 days/year * 10000 years. * */ public Output seconds() { @@ -81,9 +83,9 @@ public Builder(InstanceSchedulingMaxRunDurationArgs defaults) { /** * @param nanos Span of time that's a fraction of a second at nanosecond - * resolution. Durations less than one second are represented - * with a 0 seconds field and a positive nanos field. Must - * be from 0 to 999,999,999 inclusive. + * resolution. Durations less than one second are represented with a 0 + * `seconds` field and a positive `nanos` field. Must be from 0 to + * 999,999,999 inclusive. * * @return builder * @@ -95,9 +97,9 @@ public Builder nanos(@Nullable Output nanos) { /** * @param nanos Span of time that's a fraction of a second at nanosecond - * resolution. Durations less than one second are represented - * with a 0 seconds field and a positive nanos field. Must - * be from 0 to 999,999,999 inclusive. + * resolution. Durations less than one second are represented with a 0 + * `seconds` field and a positive `nanos` field. Must be from 0 to + * 999,999,999 inclusive. * * @return builder * @@ -107,8 +109,9 @@ public Builder nanos(Integer nanos) { } /** - * @param seconds Span of time at a resolution of a second. - * Must be from 0 to 315,576,000,000 inclusive. + * @param seconds Span of time at a resolution of a second. Must be from 0 to + * 315,576,000,000 inclusive. Note: these bounds are computed from: 60 + * sec/min * 60 min/hr * 24 hr/day * 365.25 days/year * 10000 years. * * @return builder * @@ -119,8 +122,9 @@ public Builder seconds(Output seconds) { } /** - * @param seconds Span of time at a resolution of a second. - * Must be from 0 to 315,576,000,000 inclusive. + * @param seconds Span of time at a resolution of a second. Must be from 0 to + * 315,576,000,000 inclusive. Note: these bounds are computed from: 60 + * sec/min * 60 min/hr * 24 hr/day * 365.25 days/year * 10000 years. * * @return builder * diff --git a/sdk/java/src/main/java/com/pulumi/gcp/compute/inputs/InstanceSchedulingOnInstanceStopActionArgs.java b/sdk/java/src/main/java/com/pulumi/gcp/compute/inputs/InstanceSchedulingOnInstanceStopActionArgs.java new file mode 100644 index 0000000000..d0ba2cae84 --- /dev/null +++ b/sdk/java/src/main/java/com/pulumi/gcp/compute/inputs/InstanceSchedulingOnInstanceStopActionArgs.java @@ -0,0 +1,83 @@ +// *** WARNING: this file was generated by pulumi-java-gen. *** +// *** Do not edit by hand unless you're certain you know what you are doing! *** + +package com.pulumi.gcp.compute.inputs; + +import com.pulumi.core.Output; +import com.pulumi.core.annotations.Import; +import java.lang.Boolean; +import java.util.Objects; +import java.util.Optional; +import javax.annotation.Nullable; + + +public final class InstanceSchedulingOnInstanceStopActionArgs extends com.pulumi.resources.ResourceArgs { + + public static final InstanceSchedulingOnInstanceStopActionArgs Empty = new InstanceSchedulingOnInstanceStopActionArgs(); + + /** + * Whether to discard local SSDs attached to the VM while terminating using `max_run_duration`. Only supports `true` at this point. + * + */ + @Import(name="discardLocalSsd") + private @Nullable Output discardLocalSsd; + + /** + * @return Whether to discard local SSDs attached to the VM while terminating using `max_run_duration`. Only supports `true` at this point. + * + */ + public Optional> discardLocalSsd() { + return Optional.ofNullable(this.discardLocalSsd); + } + + private InstanceSchedulingOnInstanceStopActionArgs() {} + + private InstanceSchedulingOnInstanceStopActionArgs(InstanceSchedulingOnInstanceStopActionArgs $) { + this.discardLocalSsd = $.discardLocalSsd; + } + + public static Builder builder() { + return new Builder(); + } + public static Builder builder(InstanceSchedulingOnInstanceStopActionArgs defaults) { + return new Builder(defaults); + } + + public static final class Builder { + private InstanceSchedulingOnInstanceStopActionArgs $; + + public Builder() { + $ = new InstanceSchedulingOnInstanceStopActionArgs(); + } + + public Builder(InstanceSchedulingOnInstanceStopActionArgs defaults) { + $ = new InstanceSchedulingOnInstanceStopActionArgs(Objects.requireNonNull(defaults)); + } + + /** + * @param discardLocalSsd Whether to discard local SSDs attached to the VM while terminating using `max_run_duration`. Only supports `true` at this point. + * + * @return builder + * + */ + public Builder discardLocalSsd(@Nullable Output discardLocalSsd) { + $.discardLocalSsd = discardLocalSsd; + return this; + } + + /** + * @param discardLocalSsd Whether to discard local SSDs attached to the VM while terminating using `max_run_duration`. Only supports `true` at this point. + * + * @return builder + * + */ + public Builder discardLocalSsd(Boolean discardLocalSsd) { + return discardLocalSsd(Output.of(discardLocalSsd)); + } + + public InstanceSchedulingOnInstanceStopActionArgs build() { + return $; + } + } + +} diff --git a/sdk/java/src/main/java/com/pulumi/gcp/compute/inputs/InstanceTemplateSchedulingArgs.java b/sdk/java/src/main/java/com/pulumi/gcp/compute/inputs/InstanceTemplateSchedulingArgs.java index 1049dd5004..103840bdf6 100644 --- a/sdk/java/src/main/java/com/pulumi/gcp/compute/inputs/InstanceTemplateSchedulingArgs.java +++ b/sdk/java/src/main/java/com/pulumi/gcp/compute/inputs/InstanceTemplateSchedulingArgs.java @@ -8,6 +8,7 @@ import com.pulumi.gcp.compute.inputs.InstanceTemplateSchedulingLocalSsdRecoveryTimeoutArgs; import com.pulumi.gcp.compute.inputs.InstanceTemplateSchedulingMaxRunDurationArgs; import com.pulumi.gcp.compute.inputs.InstanceTemplateSchedulingNodeAffinityArgs; +import com.pulumi.gcp.compute.inputs.InstanceTemplateSchedulingOnInstanceStopActionArgs; import java.lang.Boolean; import java.lang.Integer; import java.lang.String; @@ -92,16 +93,14 @@ public Optional> maintenanceInterval() { } /** - * The duration of the instance. Instance will run and be terminated after then, the termination action could be defined in `instance_termination_action`. Only support `DELETE` `instance_termination_action` at this point. Structure is documented below. - * <a name="nested_max_run_duration"></a>The `max_run_duration` block supports: + * The duration of the instance. Instance will run and be terminated after then, the termination action could be defined in `instance_termination_action`. Structure is documented below. * */ @Import(name="maxRunDuration") private @Nullable Output maxRunDuration; /** - * @return The duration of the instance. Instance will run and be terminated after then, the termination action could be defined in `instance_termination_action`. Only support `DELETE` `instance_termination_action` at this point. Structure is documented below. - * <a name="nested_max_run_duration"></a>The `max_run_duration` block supports: + * @return The duration of the instance. Instance will run and be terminated after then, the termination action could be defined in `instance_termination_action`. Structure is documented below. * */ public Optional> maxRunDuration() { @@ -163,6 +162,21 @@ public Optional> onHostMaintenance() { return Optional.ofNullable(this.onHostMaintenance); } + /** + * Specifies the action to be performed when the instance is terminated using `max_run_duration` and `STOP` `instance_termination_action`. Only support `true` `discard_local_ssd` at this point. Structure is documented below. + * + */ + @Import(name="onInstanceStopAction") + private @Nullable Output onInstanceStopAction; + + /** + * @return Specifies the action to be performed when the instance is terminated using `max_run_duration` and `STOP` `instance_termination_action`. Only support `true` `discard_local_ssd` at this point. Structure is documented below. + * + */ + public Optional> onInstanceStopAction() { + return Optional.ofNullable(this.onInstanceStopAction); + } + /** * Allows instance to be preempted. This defaults to * false. Read more on this @@ -214,6 +228,7 @@ private InstanceTemplateSchedulingArgs(InstanceTemplateSchedulingArgs $) { this.minNodeCpus = $.minNodeCpus; this.nodeAffinities = $.nodeAffinities; this.onHostMaintenance = $.onHostMaintenance; + this.onInstanceStopAction = $.onInstanceStopAction; this.preemptible = $.preemptible; this.provisioningModel = $.provisioningModel; } @@ -344,8 +359,7 @@ public Builder maintenanceInterval(String maintenanceInterval) { } /** - * @param maxRunDuration The duration of the instance. Instance will run and be terminated after then, the termination action could be defined in `instance_termination_action`. Only support `DELETE` `instance_termination_action` at this point. Structure is documented below. - * <a name="nested_max_run_duration"></a>The `max_run_duration` block supports: + * @param maxRunDuration The duration of the instance. Instance will run and be terminated after then, the termination action could be defined in `instance_termination_action`. Structure is documented below. * * @return builder * @@ -356,8 +370,7 @@ public Builder maxRunDuration(@Nullable Output onInstanceStopAction) { + $.onInstanceStopAction = onInstanceStopAction; + return this; + } + + /** + * @param onInstanceStopAction Specifies the action to be performed when the instance is terminated using `max_run_duration` and `STOP` `instance_termination_action`. Only support `true` `discard_local_ssd` at this point. Structure is documented below. + * + * @return builder + * + */ + public Builder onInstanceStopAction(InstanceTemplateSchedulingOnInstanceStopActionArgs onInstanceStopAction) { + return onInstanceStopAction(Output.of(onInstanceStopAction)); + } + /** * @param preemptible Allows instance to be preempted. This defaults to * false. Read more on this diff --git a/sdk/java/src/main/java/com/pulumi/gcp/compute/inputs/InstanceTemplateSchedulingMaxRunDurationArgs.java b/sdk/java/src/main/java/com/pulumi/gcp/compute/inputs/InstanceTemplateSchedulingMaxRunDurationArgs.java index a181dc4c96..add344478c 100644 --- a/sdk/java/src/main/java/com/pulumi/gcp/compute/inputs/InstanceTemplateSchedulingMaxRunDurationArgs.java +++ b/sdk/java/src/main/java/com/pulumi/gcp/compute/inputs/InstanceTemplateSchedulingMaxRunDurationArgs.java @@ -18,9 +18,9 @@ public final class InstanceTemplateSchedulingMaxRunDurationArgs extends com.pulu /** * Span of time that's a fraction of a second at nanosecond - * resolution. Durations less than one second are represented - * with a 0 seconds field and a positive nanos field. Must - * be from 0 to 999,999,999 inclusive. + * resolution. Durations less than one second are represented with a 0 + * `seconds` field and a positive `nanos` field. Must be from 0 to + * 999,999,999 inclusive. * */ @Import(name="nanos") @@ -28,9 +28,9 @@ public final class InstanceTemplateSchedulingMaxRunDurationArgs extends com.pulu /** * @return Span of time that's a fraction of a second at nanosecond - * resolution. Durations less than one second are represented - * with a 0 seconds field and a positive nanos field. Must - * be from 0 to 999,999,999 inclusive. + * resolution. Durations less than one second are represented with a 0 + * `seconds` field and a positive `nanos` field. Must be from 0 to + * 999,999,999 inclusive. * */ public Optional> nanos() { @@ -38,16 +38,18 @@ public Optional> nanos() { } /** - * Span of time at a resolution of a second. - * Must be from 0 to 315,576,000,000 inclusive. + * Span of time at a resolution of a second. Must be from 0 to + * 315,576,000,000 inclusive. Note: these bounds are computed from: 60 + * sec/min * 60 min/hr * 24 hr/day * 365.25 days/year * 10000 years. * */ @Import(name="seconds", required=true) private Output seconds; /** - * @return Span of time at a resolution of a second. - * Must be from 0 to 315,576,000,000 inclusive. + * @return Span of time at a resolution of a second. Must be from 0 to + * 315,576,000,000 inclusive. Note: these bounds are computed from: 60 + * sec/min * 60 min/hr * 24 hr/day * 365.25 days/year * 10000 years. * */ public Output seconds() { @@ -81,9 +83,9 @@ public Builder(InstanceTemplateSchedulingMaxRunDurationArgs defaults) { /** * @param nanos Span of time that's a fraction of a second at nanosecond - * resolution. Durations less than one second are represented - * with a 0 seconds field and a positive nanos field. Must - * be from 0 to 999,999,999 inclusive. + * resolution. Durations less than one second are represented with a 0 + * `seconds` field and a positive `nanos` field. Must be from 0 to + * 999,999,999 inclusive. * * @return builder * @@ -95,9 +97,9 @@ public Builder nanos(@Nullable Output nanos) { /** * @param nanos Span of time that's a fraction of a second at nanosecond - * resolution. Durations less than one second are represented - * with a 0 seconds field and a positive nanos field. Must - * be from 0 to 999,999,999 inclusive. + * resolution. Durations less than one second are represented with a 0 + * `seconds` field and a positive `nanos` field. Must be from 0 to + * 999,999,999 inclusive. * * @return builder * @@ -107,8 +109,9 @@ public Builder nanos(Integer nanos) { } /** - * @param seconds Span of time at a resolution of a second. - * Must be from 0 to 315,576,000,000 inclusive. + * @param seconds Span of time at a resolution of a second. Must be from 0 to + * 315,576,000,000 inclusive. Note: these bounds are computed from: 60 + * sec/min * 60 min/hr * 24 hr/day * 365.25 days/year * 10000 years. * * @return builder * @@ -119,8 +122,9 @@ public Builder seconds(Output seconds) { } /** - * @param seconds Span of time at a resolution of a second. - * Must be from 0 to 315,576,000,000 inclusive. + * @param seconds Span of time at a resolution of a second. Must be from 0 to + * 315,576,000,000 inclusive. Note: these bounds are computed from: 60 + * sec/min * 60 min/hr * 24 hr/day * 365.25 days/year * 10000 years. * * @return builder * diff --git a/sdk/java/src/main/java/com/pulumi/gcp/compute/inputs/InstanceTemplateSchedulingOnInstanceStopActionArgs.java b/sdk/java/src/main/java/com/pulumi/gcp/compute/inputs/InstanceTemplateSchedulingOnInstanceStopActionArgs.java new file mode 100644 index 0000000000..382a61e8e5 --- /dev/null +++ b/sdk/java/src/main/java/com/pulumi/gcp/compute/inputs/InstanceTemplateSchedulingOnInstanceStopActionArgs.java @@ -0,0 +1,83 @@ +// *** WARNING: this file was generated by pulumi-java-gen. *** +// *** Do not edit by hand unless you're certain you know what you are doing! *** + +package com.pulumi.gcp.compute.inputs; + +import com.pulumi.core.Output; +import com.pulumi.core.annotations.Import; +import java.lang.Boolean; +import java.util.Objects; +import java.util.Optional; +import javax.annotation.Nullable; + + +public final class InstanceTemplateSchedulingOnInstanceStopActionArgs extends com.pulumi.resources.ResourceArgs { + + public static final InstanceTemplateSchedulingOnInstanceStopActionArgs Empty = new InstanceTemplateSchedulingOnInstanceStopActionArgs(); + + /** + * Whether to discard local SSDs attached to the VM while terminating using `max_run_duration`. Only supports `true` at this point. + * + */ + @Import(name="discardLocalSsd") + private @Nullable Output discardLocalSsd; + + /** + * @return Whether to discard local SSDs attached to the VM while terminating using `max_run_duration`. Only supports `true` at this point. + * + */ + public Optional> discardLocalSsd() { + return Optional.ofNullable(this.discardLocalSsd); + } + + private InstanceTemplateSchedulingOnInstanceStopActionArgs() {} + + private InstanceTemplateSchedulingOnInstanceStopActionArgs(InstanceTemplateSchedulingOnInstanceStopActionArgs $) { + this.discardLocalSsd = $.discardLocalSsd; + } + + public static Builder builder() { + return new Builder(); + } + public static Builder builder(InstanceTemplateSchedulingOnInstanceStopActionArgs defaults) { + return new Builder(defaults); + } + + public static final class Builder { + private InstanceTemplateSchedulingOnInstanceStopActionArgs $; + + public Builder() { + $ = new InstanceTemplateSchedulingOnInstanceStopActionArgs(); + } + + public Builder(InstanceTemplateSchedulingOnInstanceStopActionArgs defaults) { + $ = new InstanceTemplateSchedulingOnInstanceStopActionArgs(Objects.requireNonNull(defaults)); + } + + /** + * @param discardLocalSsd Whether to discard local SSDs attached to the VM while terminating using `max_run_duration`. Only supports `true` at this point. + * + * @return builder + * + */ + public Builder discardLocalSsd(@Nullable Output discardLocalSsd) { + $.discardLocalSsd = discardLocalSsd; + return this; + } + + /** + * @param discardLocalSsd Whether to discard local SSDs attached to the VM while terminating using `max_run_duration`. Only supports `true` at this point. + * + * @return builder + * + */ + public Builder discardLocalSsd(Boolean discardLocalSsd) { + return discardLocalSsd(Output.of(discardLocalSsd)); + } + + public InstanceTemplateSchedulingOnInstanceStopActionArgs build() { + return $; + } + } + +} diff --git a/sdk/java/src/main/java/com/pulumi/gcp/compute/inputs/InterconnectAttachmentState.java b/sdk/java/src/main/java/com/pulumi/gcp/compute/inputs/InterconnectAttachmentState.java index e9f50c7dbf..580079e2a1 100644 --- a/sdk/java/src/main/java/com/pulumi/gcp/compute/inputs/InterconnectAttachmentState.java +++ b/sdk/java/src/main/java/com/pulumi/gcp/compute/inputs/InterconnectAttachmentState.java @@ -538,6 +538,31 @@ public Optional> state() { return Optional.ofNullable(this.state); } + /** + * Length of the IPv4 subnet mask. Allowed values: 29 (default), 30. The default value is 29, + * except for Cross-Cloud Interconnect connections that use an InterconnectRemoteLocation with a + * constraints.subnetLengthRange.min equal to 30. For example, connections that use an Azure + * remote location fall into this category. In these cases, the default value is 30, and + * requesting 29 returns an error. Where both 29 and 30 are allowed, 29 is preferred, because it + * gives Google Cloud Support more debugging visibility. + * + */ + @Import(name="subnetLength") + private @Nullable Output subnetLength; + + /** + * @return Length of the IPv4 subnet mask. Allowed values: 29 (default), 30. The default value is 29, + * except for Cross-Cloud Interconnect connections that use an InterconnectRemoteLocation with a + * constraints.subnetLengthRange.min equal to 30. For example, connections that use an Azure + * remote location fall into this category. In these cases, the default value is 30, and + * requesting 29 returns an error. Where both 29 and 30 are allowed, 29 is preferred, because it + * gives Google Cloud Support more debugging visibility. + * + */ + public Optional> subnetLength() { + return Optional.ofNullable(this.subnetLength); + } + /** * The type of InterconnectAttachment you wish to create. Defaults to * DEDICATED. @@ -602,6 +627,7 @@ private InterconnectAttachmentState(InterconnectAttachmentState $) { this.selfLink = $.selfLink; this.stackType = $.stackType; this.state = $.state; + this.subnetLength = $.subnetLength; this.type = $.type; this.vlanTag8021q = $.vlanTag8021q; } @@ -1345,6 +1371,37 @@ public Builder state(String state) { return state(Output.of(state)); } + /** + * @param subnetLength Length of the IPv4 subnet mask. Allowed values: 29 (default), 30. The default value is 29, + * except for Cross-Cloud Interconnect connections that use an InterconnectRemoteLocation with a + * constraints.subnetLengthRange.min equal to 30. For example, connections that use an Azure + * remote location fall into this category. In these cases, the default value is 30, and + * requesting 29 returns an error. Where both 29 and 30 are allowed, 29 is preferred, because it + * gives Google Cloud Support more debugging visibility. + * + * @return builder + * + */ + public Builder subnetLength(@Nullable Output subnetLength) { + $.subnetLength = subnetLength; + return this; + } + + /** + * @param subnetLength Length of the IPv4 subnet mask. Allowed values: 29 (default), 30. The default value is 29, + * except for Cross-Cloud Interconnect connections that use an InterconnectRemoteLocation with a + * constraints.subnetLengthRange.min equal to 30. For example, connections that use an Azure + * remote location fall into this category. In these cases, the default value is 30, and + * requesting 29 returns an error. Where both 29 and 30 are allowed, 29 is preferred, because it + * gives Google Cloud Support more debugging visibility. + * + * @return builder + * + */ + public Builder subnetLength(Integer subnetLength) { + return subnetLength(Output.of(subnetLength)); + } + /** * @param type The type of InterconnectAttachment you wish to create. Defaults to * DEDICATED. diff --git a/sdk/java/src/main/java/com/pulumi/gcp/compute/inputs/RegionInstanceTemplateSchedulingArgs.java b/sdk/java/src/main/java/com/pulumi/gcp/compute/inputs/RegionInstanceTemplateSchedulingArgs.java index 624bdf44f0..8f7918ac69 100644 --- a/sdk/java/src/main/java/com/pulumi/gcp/compute/inputs/RegionInstanceTemplateSchedulingArgs.java +++ b/sdk/java/src/main/java/com/pulumi/gcp/compute/inputs/RegionInstanceTemplateSchedulingArgs.java @@ -8,6 +8,7 @@ import com.pulumi.gcp.compute.inputs.RegionInstanceTemplateSchedulingLocalSsdRecoveryTimeoutArgs; import com.pulumi.gcp.compute.inputs.RegionInstanceTemplateSchedulingMaxRunDurationArgs; import com.pulumi.gcp.compute.inputs.RegionInstanceTemplateSchedulingNodeAffinityArgs; +import com.pulumi.gcp.compute.inputs.RegionInstanceTemplateSchedulingOnInstanceStopActionArgs; import java.lang.Boolean; import java.lang.Integer; import java.lang.String; @@ -161,6 +162,21 @@ public Optional> onHostMaintenance() { return Optional.ofNullable(this.onHostMaintenance); } + /** + * Defines the behaviour for instances with the instance_termination_action. + * + */ + @Import(name="onInstanceStopAction") + private @Nullable Output onInstanceStopAction; + + /** + * @return Defines the behaviour for instances with the instance_termination_action. + * + */ + public Optional> onInstanceStopAction() { + return Optional.ofNullable(this.onInstanceStopAction); + } + /** * Allows instance to be preempted. This defaults to * false. Read more on this @@ -212,6 +228,7 @@ private RegionInstanceTemplateSchedulingArgs(RegionInstanceTemplateSchedulingArg this.minNodeCpus = $.minNodeCpus; this.nodeAffinities = $.nodeAffinities; this.onHostMaintenance = $.onHostMaintenance; + this.onInstanceStopAction = $.onInstanceStopAction; this.preemptible = $.preemptible; this.provisioningModel = $.provisioningModel; } @@ -449,6 +466,27 @@ public Builder onHostMaintenance(String onHostMaintenance) { return onHostMaintenance(Output.of(onHostMaintenance)); } + /** + * @param onInstanceStopAction Defines the behaviour for instances with the instance_termination_action. + * + * @return builder + * + */ + public Builder onInstanceStopAction(@Nullable Output onInstanceStopAction) { + $.onInstanceStopAction = onInstanceStopAction; + return this; + } + + /** + * @param onInstanceStopAction Defines the behaviour for instances with the instance_termination_action. + * + * @return builder + * + */ + public Builder onInstanceStopAction(RegionInstanceTemplateSchedulingOnInstanceStopActionArgs onInstanceStopAction) { + return onInstanceStopAction(Output.of(onInstanceStopAction)); + } + /** * @param preemptible Allows instance to be preempted. This defaults to * false. Read more on this diff --git a/sdk/java/src/main/java/com/pulumi/gcp/compute/inputs/RegionInstanceTemplateSchedulingOnInstanceStopActionArgs.java b/sdk/java/src/main/java/com/pulumi/gcp/compute/inputs/RegionInstanceTemplateSchedulingOnInstanceStopActionArgs.java new file mode 100644 index 0000000000..4f063fb7fb --- /dev/null +++ b/sdk/java/src/main/java/com/pulumi/gcp/compute/inputs/RegionInstanceTemplateSchedulingOnInstanceStopActionArgs.java @@ -0,0 +1,83 @@ +// *** WARNING: this file was generated by pulumi-java-gen. *** +// *** Do not edit by hand unless you're certain you know what you are doing! *** + +package com.pulumi.gcp.compute.inputs; + +import com.pulumi.core.Output; +import com.pulumi.core.annotations.Import; +import java.lang.Boolean; +import java.util.Objects; +import java.util.Optional; +import javax.annotation.Nullable; + + +public final class RegionInstanceTemplateSchedulingOnInstanceStopActionArgs extends com.pulumi.resources.ResourceArgs { + + public static final RegionInstanceTemplateSchedulingOnInstanceStopActionArgs Empty = new RegionInstanceTemplateSchedulingOnInstanceStopActionArgs(); + + /** + * If true, the contents of any attached Local SSD disks will be discarded. + * + */ + @Import(name="discardLocalSsd") + private @Nullable Output discardLocalSsd; + + /** + * @return If true, the contents of any attached Local SSD disks will be discarded. + * + */ + public Optional> discardLocalSsd() { + return Optional.ofNullable(this.discardLocalSsd); + } + + private RegionInstanceTemplateSchedulingOnInstanceStopActionArgs() {} + + private RegionInstanceTemplateSchedulingOnInstanceStopActionArgs(RegionInstanceTemplateSchedulingOnInstanceStopActionArgs $) { + this.discardLocalSsd = $.discardLocalSsd; + } + + public static Builder builder() { + return new Builder(); + } + public static Builder builder(RegionInstanceTemplateSchedulingOnInstanceStopActionArgs defaults) { + return new Builder(defaults); + } + + public static final class Builder { + private RegionInstanceTemplateSchedulingOnInstanceStopActionArgs $; + + public Builder() { + $ = new RegionInstanceTemplateSchedulingOnInstanceStopActionArgs(); + } + + public Builder(RegionInstanceTemplateSchedulingOnInstanceStopActionArgs defaults) { + $ = new RegionInstanceTemplateSchedulingOnInstanceStopActionArgs(Objects.requireNonNull(defaults)); + } + + /** + * @param discardLocalSsd If true, the contents of any attached Local SSD disks will be discarded. + * + * @return builder + * + */ + public Builder discardLocalSsd(@Nullable Output discardLocalSsd) { + $.discardLocalSsd = discardLocalSsd; + return this; + } + + /** + * @param discardLocalSsd If true, the contents of any attached Local SSD disks will be discarded. + * + * @return builder + * + */ + public Builder discardLocalSsd(Boolean discardLocalSsd) { + return discardLocalSsd(Output.of(discardLocalSsd)); + } + + public RegionInstanceTemplateSchedulingOnInstanceStopActionArgs build() { + return $; + } + } + +} diff --git a/sdk/java/src/main/java/com/pulumi/gcp/compute/inputs/RegionSslPolicyState.java b/sdk/java/src/main/java/com/pulumi/gcp/compute/inputs/RegionSslPolicyState.java index 523ae2c348..a60eb79066 100644 --- a/sdk/java/src/main/java/com/pulumi/gcp/compute/inputs/RegionSslPolicyState.java +++ b/sdk/java/src/main/java/com/pulumi/gcp/compute/inputs/RegionSslPolicyState.java @@ -135,6 +135,8 @@ public Optional> minTlsVersion() { * characters must be a dash, lowercase letter, or digit, except the last * character, which cannot be a dash. * + * *** + * */ @Import(name="name") private @Nullable Output name; @@ -148,6 +150,8 @@ public Optional> minTlsVersion() { * characters must be a dash, lowercase letter, or digit, except the last * character, which cannot be a dash. * + * *** + * */ public Optional> name() { return Optional.ofNullable(this.name); @@ -204,8 +208,6 @@ public Optional> project() { /** * The region where the regional SSL policy resides. * - * *** - * */ @Import(name="region") private @Nullable Output region; @@ -213,8 +215,6 @@ public Optional> project() { /** * @return The region where the regional SSL policy resides. * - * *** - * */ public Optional> region() { return Optional.ofNullable(this.region); @@ -450,6 +450,8 @@ public Builder minTlsVersion(String minTlsVersion) { * characters must be a dash, lowercase letter, or digit, except the last * character, which cannot be a dash. * + * *** + * * @return builder * */ @@ -467,6 +469,8 @@ public Builder name(@Nullable Output name) { * characters must be a dash, lowercase letter, or digit, except the last * character, which cannot be a dash. * + * *** + * * @return builder * */ @@ -537,8 +541,6 @@ public Builder project(String project) { /** * @param region The region where the regional SSL policy resides. * - * *** - * * @return builder * */ @@ -550,8 +552,6 @@ public Builder region(@Nullable Output region) { /** * @param region The region where the regional SSL policy resides. * - * *** - * * @return builder * */ diff --git a/sdk/java/src/main/java/com/pulumi/gcp/compute/inputs/SecurityPolicyAdvancedOptionsConfigArgs.java b/sdk/java/src/main/java/com/pulumi/gcp/compute/inputs/SecurityPolicyAdvancedOptionsConfigArgs.java index 6db4c8049b..445267e9af 100644 --- a/sdk/java/src/main/java/com/pulumi/gcp/compute/inputs/SecurityPolicyAdvancedOptionsConfigArgs.java +++ b/sdk/java/src/main/java/com/pulumi/gcp/compute/inputs/SecurityPolicyAdvancedOptionsConfigArgs.java @@ -38,6 +38,7 @@ public Optional> * Whether or not to JSON parse the payload body. Defaults to `DISABLED`. * * `DISABLED` - Don't parse JSON payloads in POST bodies. * * `STANDARD` - Parse JSON payloads in POST bodies. + * * `STANDARD_WITH_GRAPHQL` - Parse JSON and GraphQL payloads in POST bodies. * */ @Import(name="jsonParsing") @@ -47,6 +48,7 @@ public Optional> * @return Whether or not to JSON parse the payload body. Defaults to `DISABLED`. * * `DISABLED` - Don't parse JSON payloads in POST bodies. * * `STANDARD` - Parse JSON payloads in POST bodies. + * * `STANDARD_WITH_GRAPHQL` - Parse JSON and GraphQL payloads in POST bodies. * */ public Optional> jsonParsing() { @@ -141,6 +143,7 @@ public Builder jsonCustomConfig(SecurityPolicyAdvancedOptionsConfigJsonCustomCon * @param jsonParsing Whether or not to JSON parse the payload body. Defaults to `DISABLED`. * * `DISABLED` - Don't parse JSON payloads in POST bodies. * * `STANDARD` - Parse JSON payloads in POST bodies. + * * `STANDARD_WITH_GRAPHQL` - Parse JSON and GraphQL payloads in POST bodies. * * @return builder * @@ -154,6 +157,7 @@ public Builder jsonParsing(@Nullable Output jsonParsing) { * @param jsonParsing Whether or not to JSON parse the payload body. Defaults to `DISABLED`. * * `DISABLED` - Don't parse JSON payloads in POST bodies. * * `STANDARD` - Parse JSON payloads in POST bodies. + * * `STANDARD_WITH_GRAPHQL` - Parse JSON and GraphQL payloads in POST bodies. * * @return builder * diff --git a/sdk/java/src/main/java/com/pulumi/gcp/compute/inputs/SecurityPolicyRuleRateLimitOptionsArgs.java b/sdk/java/src/main/java/com/pulumi/gcp/compute/inputs/SecurityPolicyRuleRateLimitOptionsArgs.java index 2cf05b6797..babf21b0d4 100644 --- a/sdk/java/src/main/java/com/pulumi/gcp/compute/inputs/SecurityPolicyRuleRateLimitOptionsArgs.java +++ b/sdk/java/src/main/java/com/pulumi/gcp/compute/inputs/SecurityPolicyRuleRateLimitOptionsArgs.java @@ -5,7 +5,6 @@ import com.pulumi.core.Output; import com.pulumi.core.annotations.Import; -import com.pulumi.exceptions.MissingRequiredPropertyException; import com.pulumi.gcp.compute.inputs.SecurityPolicyRuleRateLimitOptionsBanThresholdArgs; import com.pulumi.gcp.compute.inputs.SecurityPolicyRuleRateLimitOptionsEnforceOnKeyConfigArgs; import com.pulumi.gcp.compute.inputs.SecurityPolicyRuleRateLimitOptionsExceedRedirectOptionsArgs; @@ -23,7 +22,7 @@ public final class SecurityPolicyRuleRateLimitOptionsArgs extends com.pulumi.res public static final SecurityPolicyRuleRateLimitOptionsArgs Empty = new SecurityPolicyRuleRateLimitOptionsArgs(); /** - * Can only be specified if the `action` for the rule is `rate_based_ban`. + * Can only be specified if the action for the rule is "rate_based_ban". * If specified, determines the time (in seconds) the traffic will continue to be banned by the rate limit after the rate falls below the threshold. * */ @@ -31,7 +30,7 @@ public final class SecurityPolicyRuleRateLimitOptionsArgs extends com.pulumi.res private @Nullable Output banDurationSec; /** - * @return Can only be specified if the `action` for the rule is `rate_based_ban`. + * @return Can only be specified if the action for the rule is "rate_based_ban". * If specified, determines the time (in seconds) the traffic will continue to be banned by the rate limit after the rate falls below the threshold. * */ @@ -40,18 +39,18 @@ public Optional> banDurationSec() { } /** - * Can only be specified if the `action` for the rule is `rate_based_ban`. - * If specified, the key will be banned for the configured `ban_duration_sec` when the number of requests that exceed the `rate_limit_threshold` also - * exceed this `ban_threshold`. Structure is documented below. + * Can only be specified if the action for the rule is "rate_based_ban". + * If specified, the key will be banned for the configured 'banDurationSec' when the number of requests that exceed the 'rateLimitThreshold' also exceed this 'banThreshold'. + * Structure is documented below. * */ @Import(name="banThreshold") private @Nullable Output banThreshold; /** - * @return Can only be specified if the `action` for the rule is `rate_based_ban`. - * If specified, the key will be banned for the configured `ban_duration_sec` when the number of requests that exceed the `rate_limit_threshold` also - * exceed this `ban_threshold`. Structure is documented below. + * @return Can only be specified if the action for the rule is "rate_based_ban". + * If specified, the key will be banned for the configured 'banDurationSec' when the number of requests that exceed the 'rateLimitThreshold' also exceed this 'banThreshold'. + * Structure is documented below. * */ public Optional> banThreshold() { @@ -59,47 +58,53 @@ public Optional> banT } /** - * Action to take for requests that are under the configured rate limit threshold. Valid option is `allow` only. + * Action to take for requests that are under the configured rate limit threshold. + * Valid option is "allow" only. * */ - @Import(name="conformAction", required=true) - private Output conformAction; + @Import(name="conformAction") + private @Nullable Output conformAction; /** - * @return Action to take for requests that are under the configured rate limit threshold. Valid option is `allow` only. + * @return Action to take for requests that are under the configured rate limit threshold. + * Valid option is "allow" only. * */ - public Output conformAction() { - return this.conformAction; + public Optional> conformAction() { + return Optional.ofNullable(this.conformAction); } /** - * Determines the key to enforce the rate_limit_threshold on. If not specified, defaults to `ALL`. - * - * * `ALL`: A single rate limit threshold is applied to all the requests matching this rule. - * * `IP`: The source IP address of the request is the key. Each IP has this limit enforced separately. - * * `HTTP_HEADER`: The value of the HTTP header whose name is configured under `enforce_on_key_name`. The key value is truncated to the first 128 bytes of the header value. If no such header is present in the request, the key type defaults to `ALL`. - * * `XFF_IP`: The first IP address (i.e. the originating client IP address) specified in the list of IPs under `X-Forwarded-For` HTTP header. If no such header is present or the value is not a valid IP, the key type defaults to `ALL`. - * * `HTTP_COOKIE`: The value of the HTTP cookie whose name is configured under `enforce_on_key_name`. The key value is truncated to the first 128 bytes of the cookie value. If no such cookie is present in the request, the key type defaults to `ALL`. - * * `HTTP_PATH`: The URL path of the HTTP request. The key value is truncated to the first 128 bytes - * * `SNI`: Server name indication in the TLS session of the HTTPS request. The key value is truncated to the first 128 bytes. The key type defaults to `ALL` on a HTTP session. - * * `REGION_CODE`: The country/region from which the request originates. + * Determines the key to enforce the rateLimitThreshold on. Possible values are: + * * ALL: A single rate limit threshold is applied to all the requests matching this rule. This is the default value if "enforceOnKey" is not configured. + * * IP: The source IP address of the request is the key. Each IP has this limit enforced separately. + * * HTTP_HEADER: The value of the HTTP header whose name is configured under "enforceOnKeyName". The key value is truncated to the first 128 bytes of the header value. If no such header is present in the request, the key type defaults to ALL. + * * XFF_IP: The first IP address (i.e. the originating client IP address) specified in the list of IPs under X-Forwarded-For HTTP header. If no such header is present or the value is not a valid IP, the key defaults to the source IP address of the request i.e. key type IP. + * * HTTP_COOKIE: The value of the HTTP cookie whose name is configured under "enforceOnKeyName". The key value is truncated to the first 128 bytes of the cookie value. If no such cookie is present in the request, the key type defaults to ALL. + * * HTTP_PATH: The URL path of the HTTP request. The key value is truncated to the first 128 bytes. + * * SNI: Server name indication in the TLS session of the HTTPS request. The key value is truncated to the first 128 bytes. The key type defaults to ALL on a HTTP session. + * * REGION_CODE: The country/region from which the request originates. + * * TLS_JA3_FINGERPRINT: JA3 TLS/SSL fingerprint if the client connects using HTTPS, HTTP/2 or HTTP/3. If not available, the key type defaults to ALL. + * * USER_IP: The IP address of the originating client, which is resolved based on "userIpRequestHeaders" configured with the security policy. If there is no "userIpRequestHeaders" configuration or an IP address cannot be resolved from it, the key type defaults to IP. + * Possible values are: `ALL`, `IP`, `HTTP_HEADER`, `XFF_IP`, `HTTP_COOKIE`, `HTTP_PATH`, `SNI`, `REGION_CODE`, `TLS_JA3_FINGERPRINT`, `USER_IP`. * */ @Import(name="enforceOnKey") private @Nullable Output enforceOnKey; /** - * @return Determines the key to enforce the rate_limit_threshold on. If not specified, defaults to `ALL`. - * - * * `ALL`: A single rate limit threshold is applied to all the requests matching this rule. - * * `IP`: The source IP address of the request is the key. Each IP has this limit enforced separately. - * * `HTTP_HEADER`: The value of the HTTP header whose name is configured under `enforce_on_key_name`. The key value is truncated to the first 128 bytes of the header value. If no such header is present in the request, the key type defaults to `ALL`. - * * `XFF_IP`: The first IP address (i.e. the originating client IP address) specified in the list of IPs under `X-Forwarded-For` HTTP header. If no such header is present or the value is not a valid IP, the key type defaults to `ALL`. - * * `HTTP_COOKIE`: The value of the HTTP cookie whose name is configured under `enforce_on_key_name`. The key value is truncated to the first 128 bytes of the cookie value. If no such cookie is present in the request, the key type defaults to `ALL`. - * * `HTTP_PATH`: The URL path of the HTTP request. The key value is truncated to the first 128 bytes - * * `SNI`: Server name indication in the TLS session of the HTTPS request. The key value is truncated to the first 128 bytes. The key type defaults to `ALL` on a HTTP session. - * * `REGION_CODE`: The country/region from which the request originates. + * @return Determines the key to enforce the rateLimitThreshold on. Possible values are: + * * ALL: A single rate limit threshold is applied to all the requests matching this rule. This is the default value if "enforceOnKey" is not configured. + * * IP: The source IP address of the request is the key. Each IP has this limit enforced separately. + * * HTTP_HEADER: The value of the HTTP header whose name is configured under "enforceOnKeyName". The key value is truncated to the first 128 bytes of the header value. If no such header is present in the request, the key type defaults to ALL. + * * XFF_IP: The first IP address (i.e. the originating client IP address) specified in the list of IPs under X-Forwarded-For HTTP header. If no such header is present or the value is not a valid IP, the key defaults to the source IP address of the request i.e. key type IP. + * * HTTP_COOKIE: The value of the HTTP cookie whose name is configured under "enforceOnKeyName". The key value is truncated to the first 128 bytes of the cookie value. If no such cookie is present in the request, the key type defaults to ALL. + * * HTTP_PATH: The URL path of the HTTP request. The key value is truncated to the first 128 bytes. + * * SNI: Server name indication in the TLS session of the HTTPS request. The key value is truncated to the first 128 bytes. The key type defaults to ALL on a HTTP session. + * * REGION_CODE: The country/region from which the request originates. + * * TLS_JA3_FINGERPRINT: JA3 TLS/SSL fingerprint if the client connects using HTTPS, HTTP/2 or HTTP/3. If not available, the key type defaults to ALL. + * * USER_IP: The IP address of the originating client, which is resolved based on "userIpRequestHeaders" configured with the security policy. If there is no "userIpRequestHeaders" configuration or an IP address cannot be resolved from it, the key type defaults to IP. + * Possible values are: `ALL`, `IP`, `HTTP_HEADER`, `XFF_IP`, `HTTP_COOKIE`, `HTTP_PATH`, `SNI`, `REGION_CODE`, `TLS_JA3_FINGERPRINT`, `USER_IP`. * */ public Optional> enforceOnKey() { @@ -107,18 +112,20 @@ public Optional> enforceOnKey() { } /** - * If specified, any combination of values of enforce_on_key_type/enforce_on_key_name is treated as the key on which rate limit threshold/action is enforced. You can specify up to 3 enforce_on_key_configs. If `enforce_on_key_configs` is specified, `enforce_on_key` must be set to an empty string. Structure is documented below. - * - * **Note:** To avoid the conflict between `enforce_on_key` and `enforce_on_key_configs`, the field `enforce_on_key` needs to be set to an empty string. + * If specified, any combination of values of enforceOnKeyType/enforceOnKeyName is treated as the key on which ratelimit threshold/action is enforced. + * You can specify up to 3 enforceOnKeyConfigs. + * If enforceOnKeyConfigs is specified, enforceOnKey must not be specified. + * Structure is documented below. * */ @Import(name="enforceOnKeyConfigs") private @Nullable Output> enforceOnKeyConfigs; /** - * @return If specified, any combination of values of enforce_on_key_type/enforce_on_key_name is treated as the key on which rate limit threshold/action is enforced. You can specify up to 3 enforce_on_key_configs. If `enforce_on_key_configs` is specified, `enforce_on_key` must be set to an empty string. Structure is documented below. - * - * **Note:** To avoid the conflict between `enforce_on_key` and `enforce_on_key_configs`, the field `enforce_on_key` needs to be set to an empty string. + * @return If specified, any combination of values of enforceOnKeyType/enforceOnKeyName is treated as the key on which ratelimit threshold/action is enforced. + * You can specify up to 3 enforceOnKeyConfigs. + * If enforceOnKeyConfigs is specified, enforceOnKey must not be specified. + * Structure is documented below. * */ public Optional>> enforceOnKeyConfigs() { @@ -127,9 +134,8 @@ public Optional> enforceOnKeyName() { @@ -147,31 +152,33 @@ public Optional> enforceOnKeyName() { } /** - * When a request is denied, returns the HTTP response code specified. - * Valid options are `deny()` where valid values for status are 403, 404, 429, and 502. + * Action to take for requests that are above the configured rate limit threshold, to either deny with a specified HTTP response code, or redirect to a different endpoint. + * Valid options are deny(STATUS), where valid values for STATUS are 403, 404, 429, and 502. * */ - @Import(name="exceedAction", required=true) - private Output exceedAction; + @Import(name="exceedAction") + private @Nullable Output exceedAction; /** - * @return When a request is denied, returns the HTTP response code specified. - * Valid options are `deny()` where valid values for status are 403, 404, 429, and 502. + * @return Action to take for requests that are above the configured rate limit threshold, to either deny with a specified HTTP response code, or redirect to a different endpoint. + * Valid options are deny(STATUS), where valid values for STATUS are 403, 404, 429, and 502. * */ - public Output exceedAction() { - return this.exceedAction; + public Optional> exceedAction() { + return Optional.ofNullable(this.exceedAction); } /** - * Parameters defining the redirect action that is used as the exceed action. Cannot be specified if the exceed action is not redirect. + * Parameters defining the redirect action that is used as the exceed action. Cannot be specified if the exceed action is not redirect. This field is only supported in Global Security Policies of type CLOUD_ARMOR. + * Structure is documented below. * */ @Import(name="exceedRedirectOptions") private @Nullable Output exceedRedirectOptions; /** - * @return Parameters defining the redirect action that is used as the exceed action. Cannot be specified if the exceed action is not redirect. + * @return Parameters defining the redirect action that is used as the exceed action. Cannot be specified if the exceed action is not redirect. This field is only supported in Global Security Policies of type CLOUD_ARMOR. + * Structure is documented below. * */ public Optional> exceedRedirectOptions() { @@ -179,18 +186,20 @@ public Optional rateLimitThreshold; + @Import(name="rateLimitThreshold") + private @Nullable Output rateLimitThreshold; /** - * @return Threshold at which to begin ratelimiting. Structure is documented below. + * @return Threshold at which to begin ratelimiting. + * Structure is documented below. * */ - public Output rateLimitThreshold() { - return this.rateLimitThreshold; + public Optional> rateLimitThreshold() { + return Optional.ofNullable(this.rateLimitThreshold); } private SecurityPolicyRuleRateLimitOptionsArgs() {} @@ -226,7 +235,7 @@ public Builder(SecurityPolicyRuleRateLimitOptionsArgs defaults) { } /** - * @param banDurationSec Can only be specified if the `action` for the rule is `rate_based_ban`. + * @param banDurationSec Can only be specified if the action for the rule is "rate_based_ban". * If specified, determines the time (in seconds) the traffic will continue to be banned by the rate limit after the rate falls below the threshold. * * @return builder @@ -238,7 +247,7 @@ public Builder banDurationSec(@Nullable Output banDurationSec) { } /** - * @param banDurationSec Can only be specified if the `action` for the rule is `rate_based_ban`. + * @param banDurationSec Can only be specified if the action for the rule is "rate_based_ban". * If specified, determines the time (in seconds) the traffic will continue to be banned by the rate limit after the rate falls below the threshold. * * @return builder @@ -249,9 +258,9 @@ public Builder banDurationSec(Integer banDurationSec) { } /** - * @param banThreshold Can only be specified if the `action` for the rule is `rate_based_ban`. - * If specified, the key will be banned for the configured `ban_duration_sec` when the number of requests that exceed the `rate_limit_threshold` also - * exceed this `ban_threshold`. Structure is documented below. + * @param banThreshold Can only be specified if the action for the rule is "rate_based_ban". + * If specified, the key will be banned for the configured 'banDurationSec' when the number of requests that exceed the 'rateLimitThreshold' also exceed this 'banThreshold'. + * Structure is documented below. * * @return builder * @@ -262,9 +271,9 @@ public Builder banThreshold(@Nullable Output conformAction) { + public Builder conformAction(@Nullable Output conformAction) { $.conformAction = conformAction; return this; } /** - * @param conformAction Action to take for requests that are under the configured rate limit threshold. Valid option is `allow` only. + * @param conformAction Action to take for requests that are under the configured rate limit threshold. + * Valid option is "allow" only. * * @return builder * @@ -295,16 +306,18 @@ public Builder conformAction(String conformAction) { } /** - * @param enforceOnKey Determines the key to enforce the rate_limit_threshold on. If not specified, defaults to `ALL`. - * - * * `ALL`: A single rate limit threshold is applied to all the requests matching this rule. - * * `IP`: The source IP address of the request is the key. Each IP has this limit enforced separately. - * * `HTTP_HEADER`: The value of the HTTP header whose name is configured under `enforce_on_key_name`. The key value is truncated to the first 128 bytes of the header value. If no such header is present in the request, the key type defaults to `ALL`. - * * `XFF_IP`: The first IP address (i.e. the originating client IP address) specified in the list of IPs under `X-Forwarded-For` HTTP header. If no such header is present or the value is not a valid IP, the key type defaults to `ALL`. - * * `HTTP_COOKIE`: The value of the HTTP cookie whose name is configured under `enforce_on_key_name`. The key value is truncated to the first 128 bytes of the cookie value. If no such cookie is present in the request, the key type defaults to `ALL`. - * * `HTTP_PATH`: The URL path of the HTTP request. The key value is truncated to the first 128 bytes - * * `SNI`: Server name indication in the TLS session of the HTTPS request. The key value is truncated to the first 128 bytes. The key type defaults to `ALL` on a HTTP session. - * * `REGION_CODE`: The country/region from which the request originates. + * @param enforceOnKey Determines the key to enforce the rateLimitThreshold on. Possible values are: + * * ALL: A single rate limit threshold is applied to all the requests matching this rule. This is the default value if "enforceOnKey" is not configured. + * * IP: The source IP address of the request is the key. Each IP has this limit enforced separately. + * * HTTP_HEADER: The value of the HTTP header whose name is configured under "enforceOnKeyName". The key value is truncated to the first 128 bytes of the header value. If no such header is present in the request, the key type defaults to ALL. + * * XFF_IP: The first IP address (i.e. the originating client IP address) specified in the list of IPs under X-Forwarded-For HTTP header. If no such header is present or the value is not a valid IP, the key defaults to the source IP address of the request i.e. key type IP. + * * HTTP_COOKIE: The value of the HTTP cookie whose name is configured under "enforceOnKeyName". The key value is truncated to the first 128 bytes of the cookie value. If no such cookie is present in the request, the key type defaults to ALL. + * * HTTP_PATH: The URL path of the HTTP request. The key value is truncated to the first 128 bytes. + * * SNI: Server name indication in the TLS session of the HTTPS request. The key value is truncated to the first 128 bytes. The key type defaults to ALL on a HTTP session. + * * REGION_CODE: The country/region from which the request originates. + * * TLS_JA3_FINGERPRINT: JA3 TLS/SSL fingerprint if the client connects using HTTPS, HTTP/2 or HTTP/3. If not available, the key type defaults to ALL. + * * USER_IP: The IP address of the originating client, which is resolved based on "userIpRequestHeaders" configured with the security policy. If there is no "userIpRequestHeaders" configuration or an IP address cannot be resolved from it, the key type defaults to IP. + * Possible values are: `ALL`, `IP`, `HTTP_HEADER`, `XFF_IP`, `HTTP_COOKIE`, `HTTP_PATH`, `SNI`, `REGION_CODE`, `TLS_JA3_FINGERPRINT`, `USER_IP`. * * @return builder * @@ -315,16 +328,18 @@ public Builder enforceOnKey(@Nullable Output enforceOnKey) { } /** - * @param enforceOnKey Determines the key to enforce the rate_limit_threshold on. If not specified, defaults to `ALL`. - * - * * `ALL`: A single rate limit threshold is applied to all the requests matching this rule. - * * `IP`: The source IP address of the request is the key. Each IP has this limit enforced separately. - * * `HTTP_HEADER`: The value of the HTTP header whose name is configured under `enforce_on_key_name`. The key value is truncated to the first 128 bytes of the header value. If no such header is present in the request, the key type defaults to `ALL`. - * * `XFF_IP`: The first IP address (i.e. the originating client IP address) specified in the list of IPs under `X-Forwarded-For` HTTP header. If no such header is present or the value is not a valid IP, the key type defaults to `ALL`. - * * `HTTP_COOKIE`: The value of the HTTP cookie whose name is configured under `enforce_on_key_name`. The key value is truncated to the first 128 bytes of the cookie value. If no such cookie is present in the request, the key type defaults to `ALL`. - * * `HTTP_PATH`: The URL path of the HTTP request. The key value is truncated to the first 128 bytes - * * `SNI`: Server name indication in the TLS session of the HTTPS request. The key value is truncated to the first 128 bytes. The key type defaults to `ALL` on a HTTP session. - * * `REGION_CODE`: The country/region from which the request originates. + * @param enforceOnKey Determines the key to enforce the rateLimitThreshold on. Possible values are: + * * ALL: A single rate limit threshold is applied to all the requests matching this rule. This is the default value if "enforceOnKey" is not configured. + * * IP: The source IP address of the request is the key. Each IP has this limit enforced separately. + * * HTTP_HEADER: The value of the HTTP header whose name is configured under "enforceOnKeyName". The key value is truncated to the first 128 bytes of the header value. If no such header is present in the request, the key type defaults to ALL. + * * XFF_IP: The first IP address (i.e. the originating client IP address) specified in the list of IPs under X-Forwarded-For HTTP header. If no such header is present or the value is not a valid IP, the key defaults to the source IP address of the request i.e. key type IP. + * * HTTP_COOKIE: The value of the HTTP cookie whose name is configured under "enforceOnKeyName". The key value is truncated to the first 128 bytes of the cookie value. If no such cookie is present in the request, the key type defaults to ALL. + * * HTTP_PATH: The URL path of the HTTP request. The key value is truncated to the first 128 bytes. + * * SNI: Server name indication in the TLS session of the HTTPS request. The key value is truncated to the first 128 bytes. The key type defaults to ALL on a HTTP session. + * * REGION_CODE: The country/region from which the request originates. + * * TLS_JA3_FINGERPRINT: JA3 TLS/SSL fingerprint if the client connects using HTTPS, HTTP/2 or HTTP/3. If not available, the key type defaults to ALL. + * * USER_IP: The IP address of the originating client, which is resolved based on "userIpRequestHeaders" configured with the security policy. If there is no "userIpRequestHeaders" configuration or an IP address cannot be resolved from it, the key type defaults to IP. + * Possible values are: `ALL`, `IP`, `HTTP_HEADER`, `XFF_IP`, `HTTP_COOKIE`, `HTTP_PATH`, `SNI`, `REGION_CODE`, `TLS_JA3_FINGERPRINT`, `USER_IP`. * * @return builder * @@ -334,9 +349,10 @@ public Builder enforceOnKey(String enforceOnKey) { } /** - * @param enforceOnKeyConfigs If specified, any combination of values of enforce_on_key_type/enforce_on_key_name is treated as the key on which rate limit threshold/action is enforced. You can specify up to 3 enforce_on_key_configs. If `enforce_on_key_configs` is specified, `enforce_on_key` must be set to an empty string. Structure is documented below. - * - * **Note:** To avoid the conflict between `enforce_on_key` and `enforce_on_key_configs`, the field `enforce_on_key` needs to be set to an empty string. + * @param enforceOnKeyConfigs If specified, any combination of values of enforceOnKeyType/enforceOnKeyName is treated as the key on which ratelimit threshold/action is enforced. + * You can specify up to 3 enforceOnKeyConfigs. + * If enforceOnKeyConfigs is specified, enforceOnKey must not be specified. + * Structure is documented below. * * @return builder * @@ -347,9 +363,10 @@ public Builder enforceOnKeyConfigs(@Nullable Output enforceOnKeyName) { /** * @param enforceOnKeyName Rate limit key name applicable only for the following key types: - * - * * `HTTP_HEADER` -- Name of the HTTP header whose value is taken as the key value. - * * `HTTP_COOKIE` -- Name of the HTTP cookie whose value is taken as the key value. + * HTTP_HEADER -- Name of the HTTP header whose value is taken as the key value. + * HTTP_COOKIE -- Name of the HTTP cookie whose value is taken as the key value. * * @return builder * @@ -398,20 +414,20 @@ public Builder enforceOnKeyName(String enforceOnKeyName) { } /** - * @param exceedAction When a request is denied, returns the HTTP response code specified. - * Valid options are `deny()` where valid values for status are 403, 404, 429, and 502. + * @param exceedAction Action to take for requests that are above the configured rate limit threshold, to either deny with a specified HTTP response code, or redirect to a different endpoint. + * Valid options are deny(STATUS), where valid values for STATUS are 403, 404, 429, and 502. * * @return builder * */ - public Builder exceedAction(Output exceedAction) { + public Builder exceedAction(@Nullable Output exceedAction) { $.exceedAction = exceedAction; return this; } /** - * @param exceedAction When a request is denied, returns the HTTP response code specified. - * Valid options are `deny()` where valid values for status are 403, 404, 429, and 502. + * @param exceedAction Action to take for requests that are above the configured rate limit threshold, to either deny with a specified HTTP response code, or redirect to a different endpoint. + * Valid options are deny(STATUS), where valid values for STATUS are 403, 404, 429, and 502. * * @return builder * @@ -421,7 +437,8 @@ public Builder exceedAction(String exceedAction) { } /** - * @param exceedRedirectOptions Parameters defining the redirect action that is used as the exceed action. Cannot be specified if the exceed action is not redirect. + * @param exceedRedirectOptions Parameters defining the redirect action that is used as the exceed action. Cannot be specified if the exceed action is not redirect. This field is only supported in Global Security Policies of type CLOUD_ARMOR. + * Structure is documented below. * * @return builder * @@ -432,7 +449,8 @@ public Builder exceedRedirectOptions(@Nullable Output rateLimitThreshold) { + public Builder rateLimitThreshold(@Nullable Output rateLimitThreshold) { $.rateLimitThreshold = rateLimitThreshold; return this; } /** - * @param rateLimitThreshold Threshold at which to begin ratelimiting. Structure is documented below. + * @param rateLimitThreshold Threshold at which to begin ratelimiting. + * Structure is documented below. * * @return builder * @@ -463,15 +483,6 @@ public Builder rateLimitThreshold(SecurityPolicyRuleRateLimitOptionsRateLimitThr } public SecurityPolicyRuleRateLimitOptionsArgs build() { - if ($.conformAction == null) { - throw new MissingRequiredPropertyException("SecurityPolicyRuleRateLimitOptionsArgs", "conformAction"); - } - if ($.exceedAction == null) { - throw new MissingRequiredPropertyException("SecurityPolicyRuleRateLimitOptionsArgs", "exceedAction"); - } - if ($.rateLimitThreshold == null) { - throw new MissingRequiredPropertyException("SecurityPolicyRuleRateLimitOptionsArgs", "rateLimitThreshold"); - } return $; } } diff --git a/sdk/java/src/main/java/com/pulumi/gcp/compute/inputs/SecurityPolicyRuleRateLimitOptionsBanThresholdArgs.java b/sdk/java/src/main/java/com/pulumi/gcp/compute/inputs/SecurityPolicyRuleRateLimitOptionsBanThresholdArgs.java index 69a43d8017..4f087a2c1f 100644 --- a/sdk/java/src/main/java/com/pulumi/gcp/compute/inputs/SecurityPolicyRuleRateLimitOptionsBanThresholdArgs.java +++ b/sdk/java/src/main/java/com/pulumi/gcp/compute/inputs/SecurityPolicyRuleRateLimitOptionsBanThresholdArgs.java @@ -5,9 +5,10 @@ import com.pulumi.core.Output; import com.pulumi.core.annotations.Import; -import com.pulumi.exceptions.MissingRequiredPropertyException; import java.lang.Integer; import java.util.Objects; +import java.util.Optional; +import javax.annotation.Nullable; public final class SecurityPolicyRuleRateLimitOptionsBanThresholdArgs extends com.pulumi.resources.ResourceArgs { @@ -18,30 +19,30 @@ public final class SecurityPolicyRuleRateLimitOptionsBanThresholdArgs extends co * Number of HTTP(S) requests for calculating the threshold. * */ - @Import(name="count", required=true) - private Output count; + @Import(name="count") + private @Nullable Output count; /** * @return Number of HTTP(S) requests for calculating the threshold. * */ - public Output count() { - return this.count; + public Optional> count() { + return Optional.ofNullable(this.count); } /** * Interval over which the threshold is computed. * */ - @Import(name="intervalSec", required=true) - private Output intervalSec; + @Import(name="intervalSec") + private @Nullable Output intervalSec; /** * @return Interval over which the threshold is computed. * */ - public Output intervalSec() { - return this.intervalSec; + public Optional> intervalSec() { + return Optional.ofNullable(this.intervalSec); } private SecurityPolicyRuleRateLimitOptionsBanThresholdArgs() {} @@ -75,7 +76,7 @@ public Builder(SecurityPolicyRuleRateLimitOptionsBanThresholdArgs defaults) { * @return builder * */ - public Builder count(Output count) { + public Builder count(@Nullable Output count) { $.count = count; return this; } @@ -96,7 +97,7 @@ public Builder count(Integer count) { * @return builder * */ - public Builder intervalSec(Output intervalSec) { + public Builder intervalSec(@Nullable Output intervalSec) { $.intervalSec = intervalSec; return this; } @@ -112,12 +113,6 @@ public Builder intervalSec(Integer intervalSec) { } public SecurityPolicyRuleRateLimitOptionsBanThresholdArgs build() { - if ($.count == null) { - throw new MissingRequiredPropertyException("SecurityPolicyRuleRateLimitOptionsBanThresholdArgs", "count"); - } - if ($.intervalSec == null) { - throw new MissingRequiredPropertyException("SecurityPolicyRuleRateLimitOptionsBanThresholdArgs", "intervalSec"); - } return $; } } diff --git a/sdk/java/src/main/java/com/pulumi/gcp/compute/inputs/SecurityPolicyRuleRateLimitOptionsEnforceOnKeyConfigArgs.java b/sdk/java/src/main/java/com/pulumi/gcp/compute/inputs/SecurityPolicyRuleRateLimitOptionsEnforceOnKeyConfigArgs.java index 0d9f9ee0d1..14611721e7 100644 --- a/sdk/java/src/main/java/com/pulumi/gcp/compute/inputs/SecurityPolicyRuleRateLimitOptionsEnforceOnKeyConfigArgs.java +++ b/sdk/java/src/main/java/com/pulumi/gcp/compute/inputs/SecurityPolicyRuleRateLimitOptionsEnforceOnKeyConfigArgs.java @@ -17,9 +17,8 @@ public final class SecurityPolicyRuleRateLimitOptionsEnforceOnKeyConfigArgs exte /** * Rate limit key name applicable only for the following key types: - * - * * `HTTP_HEADER` -- Name of the HTTP header whose value is taken as the key value. - * * `HTTP_COOKIE` -- Name of the HTTP cookie whose value is taken as the key value. + * HTTP_HEADER -- Name of the HTTP header whose value is taken as the key value. + * HTTP_COOKIE -- Name of the HTTP cookie whose value is taken as the key value. * */ @Import(name="enforceOnKeyName") @@ -27,9 +26,8 @@ public final class SecurityPolicyRuleRateLimitOptionsEnforceOnKeyConfigArgs exte /** * @return Rate limit key name applicable only for the following key types: - * - * * `HTTP_HEADER` -- Name of the HTTP header whose value is taken as the key value. - * * `HTTP_COOKIE` -- Name of the HTTP cookie whose value is taken as the key value. + * HTTP_HEADER -- Name of the HTTP header whose value is taken as the key value. + * HTTP_COOKIE -- Name of the HTTP cookie whose value is taken as the key value. * */ public Optional> enforceOnKeyName() { @@ -37,32 +35,36 @@ public Optional> enforceOnKeyName() { } /** - * Determines the key to enforce the `rate_limit_threshold` on. If not specified, defaults to `ALL`. - * - * * `ALL`: A single rate limit threshold is applied to all the requests matching this rule. - * * `IP`: The source IP address of the request is the key. Each IP has this limit enforced separately. - * * `HTTP_HEADER`: The value of the HTTP header whose name is configured on `enforce_on_key_name`. The key value is truncated to the first 128 bytes of the header value. If no such header is present in the request, the key type defaults to `ALL`. - * * `XFF_IP`: The first IP address (i.e. the originating client IP address) specified in the list of IPs under X-Forwarded-For HTTP header. If no such header is present or the value is not a valid IP, the key type defaults to `ALL`. - * * `HTTP_COOKIE`: The value of the HTTP cookie whose name is configured under `enforce_on_key_name`. The key value is truncated to the first 128 bytes of the cookie value. If no such cookie is present in the request, the key type defaults to `ALL`. - * * `HTTP_PATH`: The URL path of the HTTP request. The key value is truncated to the first 128 bytes - * * `SNI`: Server name indication in the TLS session of the HTTPS request. The key value is truncated to the first 128 bytes. The key type defaults to `ALL` on a HTTP session. - * * `REGION_CODE`: The country/region from which the request originates. + * Determines the key to enforce the rateLimitThreshold on. Possible values are: + * * ALL: A single rate limit threshold is applied to all the requests matching this rule. This is the default value if "enforceOnKeyConfigs" is not configured. + * * IP: The source IP address of the request is the key. Each IP has this limit enforced separately. + * * HTTP_HEADER: The value of the HTTP header whose name is configured under "enforceOnKeyName". The key value is truncated to the first 128 bytes of the header value. If no such header is present in the request, the key type defaults to ALL. + * * XFF_IP: The first IP address (i.e. the originating client IP address) specified in the list of IPs under X-Forwarded-For HTTP header. If no such header is present or the value is not a valid IP, the key defaults to the source IP address of the request i.e. key type IP. + * * HTTP_COOKIE: The value of the HTTP cookie whose name is configured under "enforceOnKeyName". The key value is truncated to the first 128 bytes of the cookie value. If no such cookie is present in the request, the key type defaults to ALL. + * * HTTP_PATH: The URL path of the HTTP request. The key value is truncated to the first 128 bytes. + * * SNI: Server name indication in the TLS session of the HTTPS request. The key value is truncated to the first 128 bytes. The key type defaults to ALL on a HTTP session. + * * REGION_CODE: The country/region from which the request originates. + * * TLS_JA3_FINGERPRINT: JA3 TLS/SSL fingerprint if the client connects using HTTPS, HTTP/2 or HTTP/3. If not available, the key type defaults to ALL. + * * USER_IP: The IP address of the originating client, which is resolved based on "userIpRequestHeaders" configured with the security policy. If there is no "userIpRequestHeaders" configuration or an IP address cannot be resolved from it, the key type defaults to IP. + * Possible values are: `ALL`, `IP`, `HTTP_HEADER`, `XFF_IP`, `HTTP_COOKIE`, `HTTP_PATH`, `SNI`, `REGION_CODE`, `TLS_JA3_FINGERPRINT`, `USER_IP`. * */ @Import(name="enforceOnKeyType") private @Nullable Output enforceOnKeyType; /** - * @return Determines the key to enforce the `rate_limit_threshold` on. If not specified, defaults to `ALL`. - * - * * `ALL`: A single rate limit threshold is applied to all the requests matching this rule. - * * `IP`: The source IP address of the request is the key. Each IP has this limit enforced separately. - * * `HTTP_HEADER`: The value of the HTTP header whose name is configured on `enforce_on_key_name`. The key value is truncated to the first 128 bytes of the header value. If no such header is present in the request, the key type defaults to `ALL`. - * * `XFF_IP`: The first IP address (i.e. the originating client IP address) specified in the list of IPs under X-Forwarded-For HTTP header. If no such header is present or the value is not a valid IP, the key type defaults to `ALL`. - * * `HTTP_COOKIE`: The value of the HTTP cookie whose name is configured under `enforce_on_key_name`. The key value is truncated to the first 128 bytes of the cookie value. If no such cookie is present in the request, the key type defaults to `ALL`. - * * `HTTP_PATH`: The URL path of the HTTP request. The key value is truncated to the first 128 bytes - * * `SNI`: Server name indication in the TLS session of the HTTPS request. The key value is truncated to the first 128 bytes. The key type defaults to `ALL` on a HTTP session. - * * `REGION_CODE`: The country/region from which the request originates. + * @return Determines the key to enforce the rateLimitThreshold on. Possible values are: + * * ALL: A single rate limit threshold is applied to all the requests matching this rule. This is the default value if "enforceOnKeyConfigs" is not configured. + * * IP: The source IP address of the request is the key. Each IP has this limit enforced separately. + * * HTTP_HEADER: The value of the HTTP header whose name is configured under "enforceOnKeyName". The key value is truncated to the first 128 bytes of the header value. If no such header is present in the request, the key type defaults to ALL. + * * XFF_IP: The first IP address (i.e. the originating client IP address) specified in the list of IPs under X-Forwarded-For HTTP header. If no such header is present or the value is not a valid IP, the key defaults to the source IP address of the request i.e. key type IP. + * * HTTP_COOKIE: The value of the HTTP cookie whose name is configured under "enforceOnKeyName". The key value is truncated to the first 128 bytes of the cookie value. If no such cookie is present in the request, the key type defaults to ALL. + * * HTTP_PATH: The URL path of the HTTP request. The key value is truncated to the first 128 bytes. + * * SNI: Server name indication in the TLS session of the HTTPS request. The key value is truncated to the first 128 bytes. The key type defaults to ALL on a HTTP session. + * * REGION_CODE: The country/region from which the request originates. + * * TLS_JA3_FINGERPRINT: JA3 TLS/SSL fingerprint if the client connects using HTTPS, HTTP/2 or HTTP/3. If not available, the key type defaults to ALL. + * * USER_IP: The IP address of the originating client, which is resolved based on "userIpRequestHeaders" configured with the security policy. If there is no "userIpRequestHeaders" configuration or an IP address cannot be resolved from it, the key type defaults to IP. + * Possible values are: `ALL`, `IP`, `HTTP_HEADER`, `XFF_IP`, `HTTP_COOKIE`, `HTTP_PATH`, `SNI`, `REGION_CODE`, `TLS_JA3_FINGERPRINT`, `USER_IP`. * */ public Optional> enforceOnKeyType() { @@ -96,9 +98,8 @@ public Builder(SecurityPolicyRuleRateLimitOptionsEnforceOnKeyConfigArgs defaults /** * @param enforceOnKeyName Rate limit key name applicable only for the following key types: - * - * * `HTTP_HEADER` -- Name of the HTTP header whose value is taken as the key value. - * * `HTTP_COOKIE` -- Name of the HTTP cookie whose value is taken as the key value. + * HTTP_HEADER -- Name of the HTTP header whose value is taken as the key value. + * HTTP_COOKIE -- Name of the HTTP cookie whose value is taken as the key value. * * @return builder * @@ -110,9 +111,8 @@ public Builder enforceOnKeyName(@Nullable Output enforceOnKeyName) { /** * @param enforceOnKeyName Rate limit key name applicable only for the following key types: - * - * * `HTTP_HEADER` -- Name of the HTTP header whose value is taken as the key value. - * * `HTTP_COOKIE` -- Name of the HTTP cookie whose value is taken as the key value. + * HTTP_HEADER -- Name of the HTTP header whose value is taken as the key value. + * HTTP_COOKIE -- Name of the HTTP cookie whose value is taken as the key value. * * @return builder * @@ -122,16 +122,18 @@ public Builder enforceOnKeyName(String enforceOnKeyName) { } /** - * @param enforceOnKeyType Determines the key to enforce the `rate_limit_threshold` on. If not specified, defaults to `ALL`. - * - * * `ALL`: A single rate limit threshold is applied to all the requests matching this rule. - * * `IP`: The source IP address of the request is the key. Each IP has this limit enforced separately. - * * `HTTP_HEADER`: The value of the HTTP header whose name is configured on `enforce_on_key_name`. The key value is truncated to the first 128 bytes of the header value. If no such header is present in the request, the key type defaults to `ALL`. - * * `XFF_IP`: The first IP address (i.e. the originating client IP address) specified in the list of IPs under X-Forwarded-For HTTP header. If no such header is present or the value is not a valid IP, the key type defaults to `ALL`. - * * `HTTP_COOKIE`: The value of the HTTP cookie whose name is configured under `enforce_on_key_name`. The key value is truncated to the first 128 bytes of the cookie value. If no such cookie is present in the request, the key type defaults to `ALL`. - * * `HTTP_PATH`: The URL path of the HTTP request. The key value is truncated to the first 128 bytes - * * `SNI`: Server name indication in the TLS session of the HTTPS request. The key value is truncated to the first 128 bytes. The key type defaults to `ALL` on a HTTP session. - * * `REGION_CODE`: The country/region from which the request originates. + * @param enforceOnKeyType Determines the key to enforce the rateLimitThreshold on. Possible values are: + * * ALL: A single rate limit threshold is applied to all the requests matching this rule. This is the default value if "enforceOnKeyConfigs" is not configured. + * * IP: The source IP address of the request is the key. Each IP has this limit enforced separately. + * * HTTP_HEADER: The value of the HTTP header whose name is configured under "enforceOnKeyName". The key value is truncated to the first 128 bytes of the header value. If no such header is present in the request, the key type defaults to ALL. + * * XFF_IP: The first IP address (i.e. the originating client IP address) specified in the list of IPs under X-Forwarded-For HTTP header. If no such header is present or the value is not a valid IP, the key defaults to the source IP address of the request i.e. key type IP. + * * HTTP_COOKIE: The value of the HTTP cookie whose name is configured under "enforceOnKeyName". The key value is truncated to the first 128 bytes of the cookie value. If no such cookie is present in the request, the key type defaults to ALL. + * * HTTP_PATH: The URL path of the HTTP request. The key value is truncated to the first 128 bytes. + * * SNI: Server name indication in the TLS session of the HTTPS request. The key value is truncated to the first 128 bytes. The key type defaults to ALL on a HTTP session. + * * REGION_CODE: The country/region from which the request originates. + * * TLS_JA3_FINGERPRINT: JA3 TLS/SSL fingerprint if the client connects using HTTPS, HTTP/2 or HTTP/3. If not available, the key type defaults to ALL. + * * USER_IP: The IP address of the originating client, which is resolved based on "userIpRequestHeaders" configured with the security policy. If there is no "userIpRequestHeaders" configuration or an IP address cannot be resolved from it, the key type defaults to IP. + * Possible values are: `ALL`, `IP`, `HTTP_HEADER`, `XFF_IP`, `HTTP_COOKIE`, `HTTP_PATH`, `SNI`, `REGION_CODE`, `TLS_JA3_FINGERPRINT`, `USER_IP`. * * @return builder * @@ -142,16 +144,18 @@ public Builder enforceOnKeyType(@Nullable Output enforceOnKeyType) { } /** - * @param enforceOnKeyType Determines the key to enforce the `rate_limit_threshold` on. If not specified, defaults to `ALL`. - * - * * `ALL`: A single rate limit threshold is applied to all the requests matching this rule. - * * `IP`: The source IP address of the request is the key. Each IP has this limit enforced separately. - * * `HTTP_HEADER`: The value of the HTTP header whose name is configured on `enforce_on_key_name`. The key value is truncated to the first 128 bytes of the header value. If no such header is present in the request, the key type defaults to `ALL`. - * * `XFF_IP`: The first IP address (i.e. the originating client IP address) specified in the list of IPs under X-Forwarded-For HTTP header. If no such header is present or the value is not a valid IP, the key type defaults to `ALL`. - * * `HTTP_COOKIE`: The value of the HTTP cookie whose name is configured under `enforce_on_key_name`. The key value is truncated to the first 128 bytes of the cookie value. If no such cookie is present in the request, the key type defaults to `ALL`. - * * `HTTP_PATH`: The URL path of the HTTP request. The key value is truncated to the first 128 bytes - * * `SNI`: Server name indication in the TLS session of the HTTPS request. The key value is truncated to the first 128 bytes. The key type defaults to `ALL` on a HTTP session. - * * `REGION_CODE`: The country/region from which the request originates. + * @param enforceOnKeyType Determines the key to enforce the rateLimitThreshold on. Possible values are: + * * ALL: A single rate limit threshold is applied to all the requests matching this rule. This is the default value if "enforceOnKeyConfigs" is not configured. + * * IP: The source IP address of the request is the key. Each IP has this limit enforced separately. + * * HTTP_HEADER: The value of the HTTP header whose name is configured under "enforceOnKeyName". The key value is truncated to the first 128 bytes of the header value. If no such header is present in the request, the key type defaults to ALL. + * * XFF_IP: The first IP address (i.e. the originating client IP address) specified in the list of IPs under X-Forwarded-For HTTP header. If no such header is present or the value is not a valid IP, the key defaults to the source IP address of the request i.e. key type IP. + * * HTTP_COOKIE: The value of the HTTP cookie whose name is configured under "enforceOnKeyName". The key value is truncated to the first 128 bytes of the cookie value. If no such cookie is present in the request, the key type defaults to ALL. + * * HTTP_PATH: The URL path of the HTTP request. The key value is truncated to the first 128 bytes. + * * SNI: Server name indication in the TLS session of the HTTPS request. The key value is truncated to the first 128 bytes. The key type defaults to ALL on a HTTP session. + * * REGION_CODE: The country/region from which the request originates. + * * TLS_JA3_FINGERPRINT: JA3 TLS/SSL fingerprint if the client connects using HTTPS, HTTP/2 or HTTP/3. If not available, the key type defaults to ALL. + * * USER_IP: The IP address of the originating client, which is resolved based on "userIpRequestHeaders" configured with the security policy. If there is no "userIpRequestHeaders" configuration or an IP address cannot be resolved from it, the key type defaults to IP. + * Possible values are: `ALL`, `IP`, `HTTP_HEADER`, `XFF_IP`, `HTTP_COOKIE`, `HTTP_PATH`, `SNI`, `REGION_CODE`, `TLS_JA3_FINGERPRINT`, `USER_IP`. * * @return builder * diff --git a/sdk/java/src/main/java/com/pulumi/gcp/compute/inputs/SecurityPolicyRuleRateLimitOptionsExceedRedirectOptionsArgs.java b/sdk/java/src/main/java/com/pulumi/gcp/compute/inputs/SecurityPolicyRuleRateLimitOptionsExceedRedirectOptionsArgs.java index 212af3b41e..d2d5bba8c9 100644 --- a/sdk/java/src/main/java/com/pulumi/gcp/compute/inputs/SecurityPolicyRuleRateLimitOptionsExceedRedirectOptionsArgs.java +++ b/sdk/java/src/main/java/com/pulumi/gcp/compute/inputs/SecurityPolicyRuleRateLimitOptionsExceedRedirectOptionsArgs.java @@ -5,7 +5,6 @@ import com.pulumi.core.Output; import com.pulumi.core.annotations.Import; -import com.pulumi.exceptions.MissingRequiredPropertyException; import java.lang.String; import java.util.Objects; import java.util.Optional; @@ -17,14 +16,14 @@ public final class SecurityPolicyRuleRateLimitOptionsExceedRedirectOptionsArgs e public static final SecurityPolicyRuleRateLimitOptionsExceedRedirectOptionsArgs Empty = new SecurityPolicyRuleRateLimitOptionsExceedRedirectOptionsArgs(); /** - * Target for the redirect action. This is required if the type is `EXTERNAL_302` and cannot be specified for `GOOGLE_RECAPTCHA`. + * Target for the redirect action. This is required if the type is EXTERNAL_302 and cannot be specified for GOOGLE_RECAPTCHA. * */ @Import(name="target") private @Nullable Output target; /** - * @return Target for the redirect action. This is required if the type is `EXTERNAL_302` and cannot be specified for `GOOGLE_RECAPTCHA`. + * @return Target for the redirect action. This is required if the type is EXTERNAL_302 and cannot be specified for GOOGLE_RECAPTCHA. * */ public Optional> target() { @@ -35,15 +34,15 @@ public Optional> target() { * Type of the redirect action. * */ - @Import(name="type", required=true) - private Output type; + @Import(name="type") + private @Nullable Output type; /** * @return Type of the redirect action. * */ - public Output type() { - return this.type; + public Optional> type() { + return Optional.ofNullable(this.type); } private SecurityPolicyRuleRateLimitOptionsExceedRedirectOptionsArgs() {} @@ -72,7 +71,7 @@ public Builder(SecurityPolicyRuleRateLimitOptionsExceedRedirectOptionsArgs defau } /** - * @param target Target for the redirect action. This is required if the type is `EXTERNAL_302` and cannot be specified for `GOOGLE_RECAPTCHA`. + * @param target Target for the redirect action. This is required if the type is EXTERNAL_302 and cannot be specified for GOOGLE_RECAPTCHA. * * @return builder * @@ -83,7 +82,7 @@ public Builder target(@Nullable Output target) { } /** - * @param target Target for the redirect action. This is required if the type is `EXTERNAL_302` and cannot be specified for `GOOGLE_RECAPTCHA`. + * @param target Target for the redirect action. This is required if the type is EXTERNAL_302 and cannot be specified for GOOGLE_RECAPTCHA. * * @return builder * @@ -98,7 +97,7 @@ public Builder target(String target) { * @return builder * */ - public Builder type(Output type) { + public Builder type(@Nullable Output type) { $.type = type; return this; } @@ -114,9 +113,6 @@ public Builder type(String type) { } public SecurityPolicyRuleRateLimitOptionsExceedRedirectOptionsArgs build() { - if ($.type == null) { - throw new MissingRequiredPropertyException("SecurityPolicyRuleRateLimitOptionsExceedRedirectOptionsArgs", "type"); - } return $; } } diff --git a/sdk/java/src/main/java/com/pulumi/gcp/compute/inputs/SecurityPolicyRuleRateLimitOptionsRateLimitThresholdArgs.java b/sdk/java/src/main/java/com/pulumi/gcp/compute/inputs/SecurityPolicyRuleRateLimitOptionsRateLimitThresholdArgs.java index 0c3f895423..b80bbcead4 100644 --- a/sdk/java/src/main/java/com/pulumi/gcp/compute/inputs/SecurityPolicyRuleRateLimitOptionsRateLimitThresholdArgs.java +++ b/sdk/java/src/main/java/com/pulumi/gcp/compute/inputs/SecurityPolicyRuleRateLimitOptionsRateLimitThresholdArgs.java @@ -5,9 +5,10 @@ import com.pulumi.core.Output; import com.pulumi.core.annotations.Import; -import com.pulumi.exceptions.MissingRequiredPropertyException; import java.lang.Integer; import java.util.Objects; +import java.util.Optional; +import javax.annotation.Nullable; public final class SecurityPolicyRuleRateLimitOptionsRateLimitThresholdArgs extends com.pulumi.resources.ResourceArgs { @@ -18,30 +19,30 @@ public final class SecurityPolicyRuleRateLimitOptionsRateLimitThresholdArgs exte * Number of HTTP(S) requests for calculating the threshold. * */ - @Import(name="count", required=true) - private Output count; + @Import(name="count") + private @Nullable Output count; /** * @return Number of HTTP(S) requests for calculating the threshold. * */ - public Output count() { - return this.count; + public Optional> count() { + return Optional.ofNullable(this.count); } /** * Interval over which the threshold is computed. * */ - @Import(name="intervalSec", required=true) - private Output intervalSec; + @Import(name="intervalSec") + private @Nullable Output intervalSec; /** * @return Interval over which the threshold is computed. * */ - public Output intervalSec() { - return this.intervalSec; + public Optional> intervalSec() { + return Optional.ofNullable(this.intervalSec); } private SecurityPolicyRuleRateLimitOptionsRateLimitThresholdArgs() {} @@ -75,7 +76,7 @@ public Builder(SecurityPolicyRuleRateLimitOptionsRateLimitThresholdArgs defaults * @return builder * */ - public Builder count(Output count) { + public Builder count(@Nullable Output count) { $.count = count; return this; } @@ -96,7 +97,7 @@ public Builder count(Integer count) { * @return builder * */ - public Builder intervalSec(Output intervalSec) { + public Builder intervalSec(@Nullable Output intervalSec) { $.intervalSec = intervalSec; return this; } @@ -112,12 +113,6 @@ public Builder intervalSec(Integer intervalSec) { } public SecurityPolicyRuleRateLimitOptionsRateLimitThresholdArgs build() { - if ($.count == null) { - throw new MissingRequiredPropertyException("SecurityPolicyRuleRateLimitOptionsRateLimitThresholdArgs", "count"); - } - if ($.intervalSec == null) { - throw new MissingRequiredPropertyException("SecurityPolicyRuleRateLimitOptionsRateLimitThresholdArgs", "intervalSec"); - } return $; } } diff --git a/sdk/java/src/main/java/com/pulumi/gcp/compute/inputs/SecurityPolicyRuleState.java b/sdk/java/src/main/java/com/pulumi/gcp/compute/inputs/SecurityPolicyRuleState.java index ea056b99d3..2569ad92ab 100644 --- a/sdk/java/src/main/java/com/pulumi/gcp/compute/inputs/SecurityPolicyRuleState.java +++ b/sdk/java/src/main/java/com/pulumi/gcp/compute/inputs/SecurityPolicyRuleState.java @@ -7,6 +7,7 @@ import com.pulumi.core.annotations.Import; import com.pulumi.gcp.compute.inputs.SecurityPolicyRuleMatchArgs; import com.pulumi.gcp.compute.inputs.SecurityPolicyRulePreconfiguredWafConfigArgs; +import com.pulumi.gcp.compute.inputs.SecurityPolicyRuleRateLimitOptionsArgs; import java.lang.Boolean; import java.lang.Integer; import java.lang.String; @@ -148,6 +149,23 @@ public Optional> project() { return Optional.ofNullable(this.project); } + /** + * Must be specified if the action is "rate_based_ban" or "throttle". Cannot be specified for any other actions. + * Structure is documented below. + * + */ + @Import(name="rateLimitOptions") + private @Nullable Output rateLimitOptions; + + /** + * @return Must be specified if the action is "rate_based_ban" or "throttle". Cannot be specified for any other actions. + * Structure is documented below. + * + */ + public Optional> rateLimitOptions() { + return Optional.ofNullable(this.rateLimitOptions); + } + /** * The name of the security policy this rule belongs to. * @@ -177,6 +195,7 @@ private SecurityPolicyRuleState(SecurityPolicyRuleState $) { this.preview = $.preview; this.priority = $.priority; this.project = $.project; + this.rateLimitOptions = $.rateLimitOptions; this.securityPolicy = $.securityPolicy; } @@ -369,6 +388,29 @@ public Builder project(String project) { return project(Output.of(project)); } + /** + * @param rateLimitOptions Must be specified if the action is "rate_based_ban" or "throttle". Cannot be specified for any other actions. + * Structure is documented below. + * + * @return builder + * + */ + public Builder rateLimitOptions(@Nullable Output rateLimitOptions) { + $.rateLimitOptions = rateLimitOptions; + return this; + } + + /** + * @param rateLimitOptions Must be specified if the action is "rate_based_ban" or "throttle". Cannot be specified for any other actions. + * Structure is documented below. + * + * @return builder + * + */ + public Builder rateLimitOptions(SecurityPolicyRuleRateLimitOptionsArgs rateLimitOptions) { + return rateLimitOptions(Output.of(rateLimitOptions)); + } + /** * @param securityPolicy The name of the security policy this rule belongs to. * diff --git a/sdk/java/src/main/java/com/pulumi/gcp/compute/outputs/GetInstanceScheduling.java b/sdk/java/src/main/java/com/pulumi/gcp/compute/outputs/GetInstanceScheduling.java index c582eadd17..d69934737a 100644 --- a/sdk/java/src/main/java/com/pulumi/gcp/compute/outputs/GetInstanceScheduling.java +++ b/sdk/java/src/main/java/com/pulumi/gcp/compute/outputs/GetInstanceScheduling.java @@ -8,6 +8,7 @@ import com.pulumi.gcp.compute.outputs.GetInstanceSchedulingLocalSsdRecoveryTimeout; import com.pulumi.gcp.compute.outputs.GetInstanceSchedulingMaxRunDuration; import com.pulumi.gcp.compute.outputs.GetInstanceSchedulingNodeAffinity; +import com.pulumi.gcp.compute.outputs.GetInstanceSchedulingOnInstanceStopAction; import java.lang.Boolean; import java.lang.Integer; import java.lang.String; @@ -58,6 +59,11 @@ public final class GetInstanceScheduling { * */ private String onHostMaintenance; + /** + * @return Defines the behaviour for instances with the instance_termination_action. + * + */ + private List onInstanceStopActions; /** * @return Whether the instance is preemptible. * @@ -128,6 +134,13 @@ public List nodeAffinities() { public String onHostMaintenance() { return this.onHostMaintenance; } + /** + * @return Defines the behaviour for instances with the instance_termination_action. + * + */ + public List onInstanceStopActions() { + return this.onInstanceStopActions; + } /** * @return Whether the instance is preemptible. * @@ -160,6 +173,7 @@ public static final class Builder { private Integer minNodeCpus; private List nodeAffinities; private String onHostMaintenance; + private List onInstanceStopActions; private Boolean preemptible; private String provisioningModel; public Builder() {} @@ -173,6 +187,7 @@ public Builder(GetInstanceScheduling defaults) { this.minNodeCpus = defaults.minNodeCpus; this.nodeAffinities = defaults.nodeAffinities; this.onHostMaintenance = defaults.onHostMaintenance; + this.onInstanceStopActions = defaults.onInstanceStopActions; this.preemptible = defaults.preemptible; this.provisioningModel = defaults.provisioningModel; } @@ -251,6 +266,17 @@ public Builder onHostMaintenance(String onHostMaintenance) { return this; } @CustomType.Setter + public Builder onInstanceStopActions(List onInstanceStopActions) { + if (onInstanceStopActions == null) { + throw new MissingRequiredPropertyException("GetInstanceScheduling", "onInstanceStopActions"); + } + this.onInstanceStopActions = onInstanceStopActions; + return this; + } + public Builder onInstanceStopActions(GetInstanceSchedulingOnInstanceStopAction... onInstanceStopActions) { + return onInstanceStopActions(List.of(onInstanceStopActions)); + } + @CustomType.Setter public Builder preemptible(Boolean preemptible) { if (preemptible == null) { throw new MissingRequiredPropertyException("GetInstanceScheduling", "preemptible"); @@ -276,6 +302,7 @@ public GetInstanceScheduling build() { _resultValue.minNodeCpus = minNodeCpus; _resultValue.nodeAffinities = nodeAffinities; _resultValue.onHostMaintenance = onHostMaintenance; + _resultValue.onInstanceStopActions = onInstanceStopActions; _resultValue.preemptible = preemptible; _resultValue.provisioningModel = provisioningModel; return _resultValue; diff --git a/sdk/java/src/main/java/com/pulumi/gcp/compute/outputs/GetInstanceSchedulingOnInstanceStopAction.java b/sdk/java/src/main/java/com/pulumi/gcp/compute/outputs/GetInstanceSchedulingOnInstanceStopAction.java new file mode 100644 index 0000000000..6ca51aa8fd --- /dev/null +++ b/sdk/java/src/main/java/com/pulumi/gcp/compute/outputs/GetInstanceSchedulingOnInstanceStopAction.java @@ -0,0 +1,58 @@ +// *** WARNING: this file was generated by pulumi-java-gen. *** +// *** Do not edit by hand unless you're certain you know what you are doing! *** + +package com.pulumi.gcp.compute.outputs; + +import com.pulumi.core.annotations.CustomType; +import com.pulumi.exceptions.MissingRequiredPropertyException; +import java.lang.Boolean; +import java.util.Objects; + +@CustomType +public final class GetInstanceSchedulingOnInstanceStopAction { + /** + * @return If true, the contents of any attached Local SSD disks will be discarded. + * + */ + private Boolean discardLocalSsd; + + private GetInstanceSchedulingOnInstanceStopAction() {} + /** + * @return If true, the contents of any attached Local SSD disks will be discarded. + * + */ + public Boolean discardLocalSsd() { + return this.discardLocalSsd; + } + + public static Builder builder() { + return new Builder(); + } + + public static Builder builder(GetInstanceSchedulingOnInstanceStopAction defaults) { + return new Builder(defaults); + } + @CustomType.Builder + public static final class Builder { + private Boolean discardLocalSsd; + public Builder() {} + public Builder(GetInstanceSchedulingOnInstanceStopAction defaults) { + Objects.requireNonNull(defaults); + this.discardLocalSsd = defaults.discardLocalSsd; + } + + @CustomType.Setter + public Builder discardLocalSsd(Boolean discardLocalSsd) { + if (discardLocalSsd == null) { + throw new MissingRequiredPropertyException("GetInstanceSchedulingOnInstanceStopAction", "discardLocalSsd"); + } + this.discardLocalSsd = discardLocalSsd; + return this; + } + public GetInstanceSchedulingOnInstanceStopAction build() { + final var _resultValue = new GetInstanceSchedulingOnInstanceStopAction(); + _resultValue.discardLocalSsd = discardLocalSsd; + return _resultValue; + } + } +} diff --git a/sdk/java/src/main/java/com/pulumi/gcp/compute/outputs/GetInstanceTemplateScheduling.java b/sdk/java/src/main/java/com/pulumi/gcp/compute/outputs/GetInstanceTemplateScheduling.java index 54b4785742..582da2c8f1 100644 --- a/sdk/java/src/main/java/com/pulumi/gcp/compute/outputs/GetInstanceTemplateScheduling.java +++ b/sdk/java/src/main/java/com/pulumi/gcp/compute/outputs/GetInstanceTemplateScheduling.java @@ -8,6 +8,7 @@ import com.pulumi.gcp.compute.outputs.GetInstanceTemplateSchedulingLocalSsdRecoveryTimeout; import com.pulumi.gcp.compute.outputs.GetInstanceTemplateSchedulingMaxRunDuration; import com.pulumi.gcp.compute.outputs.GetInstanceTemplateSchedulingNodeAffinity; +import com.pulumi.gcp.compute.outputs.GetInstanceTemplateSchedulingOnInstanceStopAction; import java.lang.Boolean; import java.lang.Integer; import java.lang.String; @@ -66,6 +67,11 @@ public final class GetInstanceTemplateScheduling { * */ private String onHostMaintenance; + /** + * @return Defines the behaviour for instances with the instance_termination_action. + * + */ + private List onInstanceStopActions; /** * @return Allows instance to be preempted. This defaults to * false. Read more on this @@ -146,6 +152,13 @@ public List nodeAffinities() { public String onHostMaintenance() { return this.onHostMaintenance; } + /** + * @return Defines the behaviour for instances with the instance_termination_action. + * + */ + public List onInstanceStopActions() { + return this.onInstanceStopActions; + } /** * @return Allows instance to be preempted. This defaults to * false. Read more on this @@ -180,6 +193,7 @@ public static final class Builder { private Integer minNodeCpus; private List nodeAffinities; private String onHostMaintenance; + private List onInstanceStopActions; private Boolean preemptible; private String provisioningModel; public Builder() {} @@ -193,6 +207,7 @@ public Builder(GetInstanceTemplateScheduling defaults) { this.minNodeCpus = defaults.minNodeCpus; this.nodeAffinities = defaults.nodeAffinities; this.onHostMaintenance = defaults.onHostMaintenance; + this.onInstanceStopActions = defaults.onInstanceStopActions; this.preemptible = defaults.preemptible; this.provisioningModel = defaults.provisioningModel; } @@ -271,6 +286,17 @@ public Builder onHostMaintenance(String onHostMaintenance) { return this; } @CustomType.Setter + public Builder onInstanceStopActions(List onInstanceStopActions) { + if (onInstanceStopActions == null) { + throw new MissingRequiredPropertyException("GetInstanceTemplateScheduling", "onInstanceStopActions"); + } + this.onInstanceStopActions = onInstanceStopActions; + return this; + } + public Builder onInstanceStopActions(GetInstanceTemplateSchedulingOnInstanceStopAction... onInstanceStopActions) { + return onInstanceStopActions(List.of(onInstanceStopActions)); + } + @CustomType.Setter public Builder preemptible(Boolean preemptible) { if (preemptible == null) { throw new MissingRequiredPropertyException("GetInstanceTemplateScheduling", "preemptible"); @@ -296,6 +322,7 @@ public GetInstanceTemplateScheduling build() { _resultValue.minNodeCpus = minNodeCpus; _resultValue.nodeAffinities = nodeAffinities; _resultValue.onHostMaintenance = onHostMaintenance; + _resultValue.onInstanceStopActions = onInstanceStopActions; _resultValue.preemptible = preemptible; _resultValue.provisioningModel = provisioningModel; return _resultValue; diff --git a/sdk/java/src/main/java/com/pulumi/gcp/compute/outputs/GetInstanceTemplateSchedulingOnInstanceStopAction.java b/sdk/java/src/main/java/com/pulumi/gcp/compute/outputs/GetInstanceTemplateSchedulingOnInstanceStopAction.java new file mode 100644 index 0000000000..665f58e503 --- /dev/null +++ b/sdk/java/src/main/java/com/pulumi/gcp/compute/outputs/GetInstanceTemplateSchedulingOnInstanceStopAction.java @@ -0,0 +1,58 @@ +// *** WARNING: this file was generated by pulumi-java-gen. *** +// *** Do not edit by hand unless you're certain you know what you are doing! *** + +package com.pulumi.gcp.compute.outputs; + +import com.pulumi.core.annotations.CustomType; +import com.pulumi.exceptions.MissingRequiredPropertyException; +import java.lang.Boolean; +import java.util.Objects; + +@CustomType +public final class GetInstanceTemplateSchedulingOnInstanceStopAction { + /** + * @return If true, the contents of any attached Local SSD disks will be discarded. + * + */ + private Boolean discardLocalSsd; + + private GetInstanceTemplateSchedulingOnInstanceStopAction() {} + /** + * @return If true, the contents of any attached Local SSD disks will be discarded. + * + */ + public Boolean discardLocalSsd() { + return this.discardLocalSsd; + } + + public static Builder builder() { + return new Builder(); + } + + public static Builder builder(GetInstanceTemplateSchedulingOnInstanceStopAction defaults) { + return new Builder(defaults); + } + @CustomType.Builder + public static final class Builder { + private Boolean discardLocalSsd; + public Builder() {} + public Builder(GetInstanceTemplateSchedulingOnInstanceStopAction defaults) { + Objects.requireNonNull(defaults); + this.discardLocalSsd = defaults.discardLocalSsd; + } + + @CustomType.Setter + public Builder discardLocalSsd(Boolean discardLocalSsd) { + if (discardLocalSsd == null) { + throw new MissingRequiredPropertyException("GetInstanceTemplateSchedulingOnInstanceStopAction", "discardLocalSsd"); + } + this.discardLocalSsd = discardLocalSsd; + return this; + } + public GetInstanceTemplateSchedulingOnInstanceStopAction build() { + final var _resultValue = new GetInstanceTemplateSchedulingOnInstanceStopAction(); + _resultValue.discardLocalSsd = discardLocalSsd; + return _resultValue; + } + } +} diff --git a/sdk/java/src/main/java/com/pulumi/gcp/compute/outputs/GetRegionInstanceTemplateScheduling.java b/sdk/java/src/main/java/com/pulumi/gcp/compute/outputs/GetRegionInstanceTemplateScheduling.java index f9272c19fc..13e5f4b488 100644 --- a/sdk/java/src/main/java/com/pulumi/gcp/compute/outputs/GetRegionInstanceTemplateScheduling.java +++ b/sdk/java/src/main/java/com/pulumi/gcp/compute/outputs/GetRegionInstanceTemplateScheduling.java @@ -8,6 +8,7 @@ import com.pulumi.gcp.compute.outputs.GetRegionInstanceTemplateSchedulingLocalSsdRecoveryTimeout; import com.pulumi.gcp.compute.outputs.GetRegionInstanceTemplateSchedulingMaxRunDuration; import com.pulumi.gcp.compute.outputs.GetRegionInstanceTemplateSchedulingNodeAffinity; +import com.pulumi.gcp.compute.outputs.GetRegionInstanceTemplateSchedulingOnInstanceStopAction; import java.lang.Boolean; import java.lang.Integer; import java.lang.String; @@ -66,6 +67,11 @@ public final class GetRegionInstanceTemplateScheduling { * */ private String onHostMaintenance; + /** + * @return Defines the behaviour for instances with the instance_termination_action. + * + */ + private List onInstanceStopActions; /** * @return Allows instance to be preempted. This defaults to * false. Read more on this @@ -146,6 +152,13 @@ public List nodeAffinities() { public String onHostMaintenance() { return this.onHostMaintenance; } + /** + * @return Defines the behaviour for instances with the instance_termination_action. + * + */ + public List onInstanceStopActions() { + return this.onInstanceStopActions; + } /** * @return Allows instance to be preempted. This defaults to * false. Read more on this @@ -180,6 +193,7 @@ public static final class Builder { private Integer minNodeCpus; private List nodeAffinities; private String onHostMaintenance; + private List onInstanceStopActions; private Boolean preemptible; private String provisioningModel; public Builder() {} @@ -193,6 +207,7 @@ public Builder(GetRegionInstanceTemplateScheduling defaults) { this.minNodeCpus = defaults.minNodeCpus; this.nodeAffinities = defaults.nodeAffinities; this.onHostMaintenance = defaults.onHostMaintenance; + this.onInstanceStopActions = defaults.onInstanceStopActions; this.preemptible = defaults.preemptible; this.provisioningModel = defaults.provisioningModel; } @@ -271,6 +286,17 @@ public Builder onHostMaintenance(String onHostMaintenance) { return this; } @CustomType.Setter + public Builder onInstanceStopActions(List onInstanceStopActions) { + if (onInstanceStopActions == null) { + throw new MissingRequiredPropertyException("GetRegionInstanceTemplateScheduling", "onInstanceStopActions"); + } + this.onInstanceStopActions = onInstanceStopActions; + return this; + } + public Builder onInstanceStopActions(GetRegionInstanceTemplateSchedulingOnInstanceStopAction... onInstanceStopActions) { + return onInstanceStopActions(List.of(onInstanceStopActions)); + } + @CustomType.Setter public Builder preemptible(Boolean preemptible) { if (preemptible == null) { throw new MissingRequiredPropertyException("GetRegionInstanceTemplateScheduling", "preemptible"); @@ -296,6 +322,7 @@ public GetRegionInstanceTemplateScheduling build() { _resultValue.minNodeCpus = minNodeCpus; _resultValue.nodeAffinities = nodeAffinities; _resultValue.onHostMaintenance = onHostMaintenance; + _resultValue.onInstanceStopActions = onInstanceStopActions; _resultValue.preemptible = preemptible; _resultValue.provisioningModel = provisioningModel; return _resultValue; diff --git a/sdk/java/src/main/java/com/pulumi/gcp/compute/outputs/GetRegionInstanceTemplateSchedulingOnInstanceStopAction.java b/sdk/java/src/main/java/com/pulumi/gcp/compute/outputs/GetRegionInstanceTemplateSchedulingOnInstanceStopAction.java new file mode 100644 index 0000000000..8488eeabda --- /dev/null +++ b/sdk/java/src/main/java/com/pulumi/gcp/compute/outputs/GetRegionInstanceTemplateSchedulingOnInstanceStopAction.java @@ -0,0 +1,58 @@ +// *** WARNING: this file was generated by pulumi-java-gen. *** +// *** Do not edit by hand unless you're certain you know what you are doing! *** + +package com.pulumi.gcp.compute.outputs; + +import com.pulumi.core.annotations.CustomType; +import com.pulumi.exceptions.MissingRequiredPropertyException; +import java.lang.Boolean; +import java.util.Objects; + +@CustomType +public final class GetRegionInstanceTemplateSchedulingOnInstanceStopAction { + /** + * @return If true, the contents of any attached Local SSD disks will be discarded. + * + */ + private Boolean discardLocalSsd; + + private GetRegionInstanceTemplateSchedulingOnInstanceStopAction() {} + /** + * @return If true, the contents of any attached Local SSD disks will be discarded. + * + */ + public Boolean discardLocalSsd() { + return this.discardLocalSsd; + } + + public static Builder builder() { + return new Builder(); + } + + public static Builder builder(GetRegionInstanceTemplateSchedulingOnInstanceStopAction defaults) { + return new Builder(defaults); + } + @CustomType.Builder + public static final class Builder { + private Boolean discardLocalSsd; + public Builder() {} + public Builder(GetRegionInstanceTemplateSchedulingOnInstanceStopAction defaults) { + Objects.requireNonNull(defaults); + this.discardLocalSsd = defaults.discardLocalSsd; + } + + @CustomType.Setter + public Builder discardLocalSsd(Boolean discardLocalSsd) { + if (discardLocalSsd == null) { + throw new MissingRequiredPropertyException("GetRegionInstanceTemplateSchedulingOnInstanceStopAction", "discardLocalSsd"); + } + this.discardLocalSsd = discardLocalSsd; + return this; + } + public GetRegionInstanceTemplateSchedulingOnInstanceStopAction build() { + final var _resultValue = new GetRegionInstanceTemplateSchedulingOnInstanceStopAction(); + _resultValue.discardLocalSsd = discardLocalSsd; + return _resultValue; + } + } +} diff --git a/sdk/java/src/main/java/com/pulumi/gcp/compute/outputs/GetSubnetworksResult.java b/sdk/java/src/main/java/com/pulumi/gcp/compute/outputs/GetSubnetworksResult.java new file mode 100644 index 0000000000..b48b112e04 --- /dev/null +++ b/sdk/java/src/main/java/com/pulumi/gcp/compute/outputs/GetSubnetworksResult.java @@ -0,0 +1,127 @@ +// *** WARNING: this file was generated by pulumi-java-gen. *** +// *** Do not edit by hand unless you're certain you know what you are doing! *** + +package com.pulumi.gcp.compute.outputs; + +import com.pulumi.core.annotations.CustomType; +import com.pulumi.exceptions.MissingRequiredPropertyException; +import com.pulumi.gcp.compute.outputs.GetSubnetworksSubnetwork; +import java.lang.String; +import java.util.List; +import java.util.Objects; +import java.util.Optional; +import javax.annotation.Nullable; + +@CustomType +public final class GetSubnetworksResult { + private @Nullable String filter; + /** + * @return The provider-assigned unique ID for this managed resource. + * + */ + private String id; + private @Nullable String project; + private @Nullable String region; + /** + * @return A list of all retrieved GCE subnetworks. Structure is defined below. + * + */ + private List subnetworks; + + private GetSubnetworksResult() {} + public Optional filter() { + return Optional.ofNullable(this.filter); + } + /** + * @return The provider-assigned unique ID for this managed resource. + * + */ + public String id() { + return this.id; + } + public Optional project() { + return Optional.ofNullable(this.project); + } + public Optional region() { + return Optional.ofNullable(this.region); + } + /** + * @return A list of all retrieved GCE subnetworks. Structure is defined below. + * + */ + public List subnetworks() { + return this.subnetworks; + } + + public static Builder builder() { + return new Builder(); + } + + public static Builder builder(GetSubnetworksResult defaults) { + return new Builder(defaults); + } + @CustomType.Builder + public static final class Builder { + private @Nullable String filter; + private String id; + private @Nullable String project; + private @Nullable String region; + private List subnetworks; + public Builder() {} + public Builder(GetSubnetworksResult defaults) { + Objects.requireNonNull(defaults); + this.filter = defaults.filter; + this.id = defaults.id; + this.project = defaults.project; + this.region = defaults.region; + this.subnetworks = defaults.subnetworks; + } + + @CustomType.Setter + public Builder filter(@Nullable String filter) { + + this.filter = filter; + return this; + } + @CustomType.Setter + public Builder id(String id) { + if (id == null) { + throw new MissingRequiredPropertyException("GetSubnetworksResult", "id"); + } + this.id = id; + return this; + } + @CustomType.Setter + public Builder project(@Nullable String project) { + + this.project = project; + return this; + } + @CustomType.Setter + public Builder region(@Nullable String region) { + + this.region = region; + return this; + } + @CustomType.Setter + public Builder subnetworks(List subnetworks) { + if (subnetworks == null) { + throw new MissingRequiredPropertyException("GetSubnetworksResult", "subnetworks"); + } + this.subnetworks = subnetworks; + return this; + } + public Builder subnetworks(GetSubnetworksSubnetwork... subnetworks) { + return subnetworks(List.of(subnetworks)); + } + public GetSubnetworksResult build() { + final var _resultValue = new GetSubnetworksResult(); + _resultValue.filter = filter; + _resultValue.id = id; + _resultValue.project = project; + _resultValue.region = region; + _resultValue.subnetworks = subnetworks; + return _resultValue; + } + } +} diff --git a/sdk/java/src/main/java/com/pulumi/gcp/compute/outputs/GetSubnetworksSubnetwork.java b/sdk/java/src/main/java/com/pulumi/gcp/compute/outputs/GetSubnetworksSubnetwork.java new file mode 100644 index 0000000000..83aba77db5 --- /dev/null +++ b/sdk/java/src/main/java/com/pulumi/gcp/compute/outputs/GetSubnetworksSubnetwork.java @@ -0,0 +1,189 @@ +// *** WARNING: this file was generated by pulumi-java-gen. *** +// *** Do not edit by hand unless you're certain you know what you are doing! *** + +package com.pulumi.gcp.compute.outputs; + +import com.pulumi.core.annotations.CustomType; +import com.pulumi.exceptions.MissingRequiredPropertyException; +import java.lang.Boolean; +import java.lang.String; +import java.util.Objects; + +@CustomType +public final class GetSubnetworksSubnetwork { + /** + * @return Description of the subnetwork. + * + */ + private String description; + /** + * @return The IP address range represented as a CIDR block. + * + */ + private String ipCidrRange; + /** + * @return The name of the subnetwork. + * + */ + private String name; + /** + * @return The self link of the parent network. + * + */ + private String network; + private String networkSelfLink; + /** + * @return Whether the VMs in the subnet can access Google services without assigned external IP addresses. + * + */ + private Boolean privateIpGoogleAccess; + /** + * @return The self link of the subnetwork. + * + */ + private String selfLink; + + private GetSubnetworksSubnetwork() {} + /** + * @return Description of the subnetwork. + * + */ + public String description() { + return this.description; + } + /** + * @return The IP address range represented as a CIDR block. + * + */ + public String ipCidrRange() { + return this.ipCidrRange; + } + /** + * @return The name of the subnetwork. + * + */ + public String name() { + return this.name; + } + /** + * @return The self link of the parent network. + * + */ + public String network() { + return this.network; + } + public String networkSelfLink() { + return this.networkSelfLink; + } + /** + * @return Whether the VMs in the subnet can access Google services without assigned external IP addresses. + * + */ + public Boolean privateIpGoogleAccess() { + return this.privateIpGoogleAccess; + } + /** + * @return The self link of the subnetwork. + * + */ + public String selfLink() { + return this.selfLink; + } + + public static Builder builder() { + return new Builder(); + } + + public static Builder builder(GetSubnetworksSubnetwork defaults) { + return new Builder(defaults); + } + @CustomType.Builder + public static final class Builder { + private String description; + private String ipCidrRange; + private String name; + private String network; + private String networkSelfLink; + private Boolean privateIpGoogleAccess; + private String selfLink; + public Builder() {} + public Builder(GetSubnetworksSubnetwork defaults) { + Objects.requireNonNull(defaults); + this.description = defaults.description; + this.ipCidrRange = defaults.ipCidrRange; + this.name = defaults.name; + this.network = defaults.network; + this.networkSelfLink = defaults.networkSelfLink; + this.privateIpGoogleAccess = defaults.privateIpGoogleAccess; + this.selfLink = defaults.selfLink; + } + + @CustomType.Setter + public Builder description(String description) { + if (description == null) { + throw new MissingRequiredPropertyException("GetSubnetworksSubnetwork", "description"); + } + this.description = description; + return this; + } + @CustomType.Setter + public Builder ipCidrRange(String ipCidrRange) { + if (ipCidrRange == null) { + throw new MissingRequiredPropertyException("GetSubnetworksSubnetwork", "ipCidrRange"); + } + this.ipCidrRange = ipCidrRange; + return this; + } + @CustomType.Setter + public Builder name(String name) { + if (name == null) { + throw new MissingRequiredPropertyException("GetSubnetworksSubnetwork", "name"); + } + this.name = name; + return this; + } + @CustomType.Setter + public Builder network(String network) { + if (network == null) { + throw new MissingRequiredPropertyException("GetSubnetworksSubnetwork", "network"); + } + this.network = network; + return this; + } + @CustomType.Setter + public Builder networkSelfLink(String networkSelfLink) { + if (networkSelfLink == null) { + throw new MissingRequiredPropertyException("GetSubnetworksSubnetwork", "networkSelfLink"); + } + this.networkSelfLink = networkSelfLink; + return this; + } + @CustomType.Setter + public Builder privateIpGoogleAccess(Boolean privateIpGoogleAccess) { + if (privateIpGoogleAccess == null) { + throw new MissingRequiredPropertyException("GetSubnetworksSubnetwork", "privateIpGoogleAccess"); + } + this.privateIpGoogleAccess = privateIpGoogleAccess; + return this; + } + @CustomType.Setter + public Builder selfLink(String selfLink) { + if (selfLink == null) { + throw new MissingRequiredPropertyException("GetSubnetworksSubnetwork", "selfLink"); + } + this.selfLink = selfLink; + return this; + } + public GetSubnetworksSubnetwork build() { + final var _resultValue = new GetSubnetworksSubnetwork(); + _resultValue.description = description; + _resultValue.ipCidrRange = ipCidrRange; + _resultValue.name = name; + _resultValue.network = network; + _resultValue.networkSelfLink = networkSelfLink; + _resultValue.privateIpGoogleAccess = privateIpGoogleAccess; + _resultValue.selfLink = selfLink; + return _resultValue; + } + } +} diff --git a/sdk/java/src/main/java/com/pulumi/gcp/compute/outputs/InstanceFromMachineImageScheduling.java b/sdk/java/src/main/java/com/pulumi/gcp/compute/outputs/InstanceFromMachineImageScheduling.java index ba100f2b71..73740fae17 100644 --- a/sdk/java/src/main/java/com/pulumi/gcp/compute/outputs/InstanceFromMachineImageScheduling.java +++ b/sdk/java/src/main/java/com/pulumi/gcp/compute/outputs/InstanceFromMachineImageScheduling.java @@ -7,6 +7,7 @@ import com.pulumi.gcp.compute.outputs.InstanceFromMachineImageSchedulingLocalSsdRecoveryTimeout; import com.pulumi.gcp.compute.outputs.InstanceFromMachineImageSchedulingMaxRunDuration; import com.pulumi.gcp.compute.outputs.InstanceFromMachineImageSchedulingNodeAffinity; +import com.pulumi.gcp.compute.outputs.InstanceFromMachineImageSchedulingOnInstanceStopAction; import java.lang.Boolean; import java.lang.Integer; import java.lang.String; @@ -56,6 +57,11 @@ public final class InstanceFromMachineImageScheduling { * */ private @Nullable String onHostMaintenance; + /** + * @return Defines the behaviour for instances with the instance_termination_action. + * + */ + private @Nullable InstanceFromMachineImageSchedulingOnInstanceStopAction onInstanceStopAction; /** * @return Whether the instance is preemptible. * @@ -123,6 +129,13 @@ public List nodeAffinities() { public Optional onHostMaintenance() { return Optional.ofNullable(this.onHostMaintenance); } + /** + * @return Defines the behaviour for instances with the instance_termination_action. + * + */ + public Optional onInstanceStopAction() { + return Optional.ofNullable(this.onInstanceStopAction); + } /** * @return Whether the instance is preemptible. * @@ -155,6 +168,7 @@ public static final class Builder { private @Nullable Integer minNodeCpus; private @Nullable List nodeAffinities; private @Nullable String onHostMaintenance; + private @Nullable InstanceFromMachineImageSchedulingOnInstanceStopAction onInstanceStopAction; private @Nullable Boolean preemptible; private @Nullable String provisioningModel; public Builder() {} @@ -168,6 +182,7 @@ public Builder(InstanceFromMachineImageScheduling defaults) { this.minNodeCpus = defaults.minNodeCpus; this.nodeAffinities = defaults.nodeAffinities; this.onHostMaintenance = defaults.onHostMaintenance; + this.onInstanceStopAction = defaults.onInstanceStopAction; this.preemptible = defaults.preemptible; this.provisioningModel = defaults.provisioningModel; } @@ -224,6 +239,12 @@ public Builder onHostMaintenance(@Nullable String onHostMaintenance) { return this; } @CustomType.Setter + public Builder onInstanceStopAction(@Nullable InstanceFromMachineImageSchedulingOnInstanceStopAction onInstanceStopAction) { + + this.onInstanceStopAction = onInstanceStopAction; + return this; + } + @CustomType.Setter public Builder preemptible(@Nullable Boolean preemptible) { this.preemptible = preemptible; @@ -245,6 +266,7 @@ public InstanceFromMachineImageScheduling build() { _resultValue.minNodeCpus = minNodeCpus; _resultValue.nodeAffinities = nodeAffinities; _resultValue.onHostMaintenance = onHostMaintenance; + _resultValue.onInstanceStopAction = onInstanceStopAction; _resultValue.preemptible = preemptible; _resultValue.provisioningModel = provisioningModel; return _resultValue; diff --git a/sdk/java/src/main/java/com/pulumi/gcp/compute/outputs/InstanceFromMachineImageSchedulingOnInstanceStopAction.java b/sdk/java/src/main/java/com/pulumi/gcp/compute/outputs/InstanceFromMachineImageSchedulingOnInstanceStopAction.java new file mode 100644 index 0000000000..4600a04e7e --- /dev/null +++ b/sdk/java/src/main/java/com/pulumi/gcp/compute/outputs/InstanceFromMachineImageSchedulingOnInstanceStopAction.java @@ -0,0 +1,57 @@ +// *** WARNING: this file was generated by pulumi-java-gen. *** +// *** Do not edit by hand unless you're certain you know what you are doing! *** + +package com.pulumi.gcp.compute.outputs; + +import com.pulumi.core.annotations.CustomType; +import java.lang.Boolean; +import java.util.Objects; +import java.util.Optional; +import javax.annotation.Nullable; + +@CustomType +public final class InstanceFromMachineImageSchedulingOnInstanceStopAction { + /** + * @return If true, the contents of any attached Local SSD disks will be discarded. + * + */ + private @Nullable Boolean discardLocalSsd; + + private InstanceFromMachineImageSchedulingOnInstanceStopAction() {} + /** + * @return If true, the contents of any attached Local SSD disks will be discarded. + * + */ + public Optional discardLocalSsd() { + return Optional.ofNullable(this.discardLocalSsd); + } + + public static Builder builder() { + return new Builder(); + } + + public static Builder builder(InstanceFromMachineImageSchedulingOnInstanceStopAction defaults) { + return new Builder(defaults); + } + @CustomType.Builder + public static final class Builder { + private @Nullable Boolean discardLocalSsd; + public Builder() {} + public Builder(InstanceFromMachineImageSchedulingOnInstanceStopAction defaults) { + Objects.requireNonNull(defaults); + this.discardLocalSsd = defaults.discardLocalSsd; + } + + @CustomType.Setter + public Builder discardLocalSsd(@Nullable Boolean discardLocalSsd) { + + this.discardLocalSsd = discardLocalSsd; + return this; + } + public InstanceFromMachineImageSchedulingOnInstanceStopAction build() { + final var _resultValue = new InstanceFromMachineImageSchedulingOnInstanceStopAction(); + _resultValue.discardLocalSsd = discardLocalSsd; + return _resultValue; + } + } +} diff --git a/sdk/java/src/main/java/com/pulumi/gcp/compute/outputs/InstanceFromTemplateScheduling.java b/sdk/java/src/main/java/com/pulumi/gcp/compute/outputs/InstanceFromTemplateScheduling.java index 462bf4d024..6e70f931a2 100644 --- a/sdk/java/src/main/java/com/pulumi/gcp/compute/outputs/InstanceFromTemplateScheduling.java +++ b/sdk/java/src/main/java/com/pulumi/gcp/compute/outputs/InstanceFromTemplateScheduling.java @@ -7,6 +7,7 @@ import com.pulumi.gcp.compute.outputs.InstanceFromTemplateSchedulingLocalSsdRecoveryTimeout; import com.pulumi.gcp.compute.outputs.InstanceFromTemplateSchedulingMaxRunDuration; import com.pulumi.gcp.compute.outputs.InstanceFromTemplateSchedulingNodeAffinity; +import com.pulumi.gcp.compute.outputs.InstanceFromTemplateSchedulingOnInstanceStopAction; import java.lang.Boolean; import java.lang.Integer; import java.lang.String; @@ -56,6 +57,11 @@ public final class InstanceFromTemplateScheduling { * */ private @Nullable String onHostMaintenance; + /** + * @return Defines the behaviour for instances with the instance_termination_action. + * + */ + private @Nullable InstanceFromTemplateSchedulingOnInstanceStopAction onInstanceStopAction; /** * @return Whether the instance is preemptible. * @@ -123,6 +129,13 @@ public List nodeAffinities() { public Optional onHostMaintenance() { return Optional.ofNullable(this.onHostMaintenance); } + /** + * @return Defines the behaviour for instances with the instance_termination_action. + * + */ + public Optional onInstanceStopAction() { + return Optional.ofNullable(this.onInstanceStopAction); + } /** * @return Whether the instance is preemptible. * @@ -155,6 +168,7 @@ public static final class Builder { private @Nullable Integer minNodeCpus; private @Nullable List nodeAffinities; private @Nullable String onHostMaintenance; + private @Nullable InstanceFromTemplateSchedulingOnInstanceStopAction onInstanceStopAction; private @Nullable Boolean preemptible; private @Nullable String provisioningModel; public Builder() {} @@ -168,6 +182,7 @@ public Builder(InstanceFromTemplateScheduling defaults) { this.minNodeCpus = defaults.minNodeCpus; this.nodeAffinities = defaults.nodeAffinities; this.onHostMaintenance = defaults.onHostMaintenance; + this.onInstanceStopAction = defaults.onInstanceStopAction; this.preemptible = defaults.preemptible; this.provisioningModel = defaults.provisioningModel; } @@ -224,6 +239,12 @@ public Builder onHostMaintenance(@Nullable String onHostMaintenance) { return this; } @CustomType.Setter + public Builder onInstanceStopAction(@Nullable InstanceFromTemplateSchedulingOnInstanceStopAction onInstanceStopAction) { + + this.onInstanceStopAction = onInstanceStopAction; + return this; + } + @CustomType.Setter public Builder preemptible(@Nullable Boolean preemptible) { this.preemptible = preemptible; @@ -245,6 +266,7 @@ public InstanceFromTemplateScheduling build() { _resultValue.minNodeCpus = minNodeCpus; _resultValue.nodeAffinities = nodeAffinities; _resultValue.onHostMaintenance = onHostMaintenance; + _resultValue.onInstanceStopAction = onInstanceStopAction; _resultValue.preemptible = preemptible; _resultValue.provisioningModel = provisioningModel; return _resultValue; diff --git a/sdk/java/src/main/java/com/pulumi/gcp/compute/outputs/InstanceFromTemplateSchedulingOnInstanceStopAction.java b/sdk/java/src/main/java/com/pulumi/gcp/compute/outputs/InstanceFromTemplateSchedulingOnInstanceStopAction.java new file mode 100644 index 0000000000..9d48ab93b5 --- /dev/null +++ b/sdk/java/src/main/java/com/pulumi/gcp/compute/outputs/InstanceFromTemplateSchedulingOnInstanceStopAction.java @@ -0,0 +1,57 @@ +// *** WARNING: this file was generated by pulumi-java-gen. *** +// *** Do not edit by hand unless you're certain you know what you are doing! *** + +package com.pulumi.gcp.compute.outputs; + +import com.pulumi.core.annotations.CustomType; +import java.lang.Boolean; +import java.util.Objects; +import java.util.Optional; +import javax.annotation.Nullable; + +@CustomType +public final class InstanceFromTemplateSchedulingOnInstanceStopAction { + /** + * @return If true, the contents of any attached Local SSD disks will be discarded. + * + */ + private @Nullable Boolean discardLocalSsd; + + private InstanceFromTemplateSchedulingOnInstanceStopAction() {} + /** + * @return If true, the contents of any attached Local SSD disks will be discarded. + * + */ + public Optional discardLocalSsd() { + return Optional.ofNullable(this.discardLocalSsd); + } + + public static Builder builder() { + return new Builder(); + } + + public static Builder builder(InstanceFromTemplateSchedulingOnInstanceStopAction defaults) { + return new Builder(defaults); + } + @CustomType.Builder + public static final class Builder { + private @Nullable Boolean discardLocalSsd; + public Builder() {} + public Builder(InstanceFromTemplateSchedulingOnInstanceStopAction defaults) { + Objects.requireNonNull(defaults); + this.discardLocalSsd = defaults.discardLocalSsd; + } + + @CustomType.Setter + public Builder discardLocalSsd(@Nullable Boolean discardLocalSsd) { + + this.discardLocalSsd = discardLocalSsd; + return this; + } + public InstanceFromTemplateSchedulingOnInstanceStopAction build() { + final var _resultValue = new InstanceFromTemplateSchedulingOnInstanceStopAction(); + _resultValue.discardLocalSsd = discardLocalSsd; + return _resultValue; + } + } +} diff --git a/sdk/java/src/main/java/com/pulumi/gcp/compute/outputs/InstanceScheduling.java b/sdk/java/src/main/java/com/pulumi/gcp/compute/outputs/InstanceScheduling.java index 568d0e7496..b59ef9f534 100644 --- a/sdk/java/src/main/java/com/pulumi/gcp/compute/outputs/InstanceScheduling.java +++ b/sdk/java/src/main/java/com/pulumi/gcp/compute/outputs/InstanceScheduling.java @@ -7,6 +7,7 @@ import com.pulumi.gcp.compute.outputs.InstanceSchedulingLocalSsdRecoveryTimeout; import com.pulumi.gcp.compute.outputs.InstanceSchedulingMaxRunDuration; import com.pulumi.gcp.compute.outputs.InstanceSchedulingNodeAffinity; +import com.pulumi.gcp.compute.outputs.InstanceSchedulingOnInstanceStopAction; import java.lang.Boolean; import java.lang.Integer; import java.lang.String; @@ -43,8 +44,7 @@ public final class InstanceScheduling { */ private @Nullable String maintenanceInterval; /** - * @return The duration of the instance. Instance will run and be terminated after then, the termination action could be defined in `instance_termination_action`. Only support `DELETE` `instance_termination_action` at this point. Structure is documented below. - * <a name="nested_max_run_duration"></a>The `max_run_duration` block supports: + * @return The duration of the instance. Instance will run and be terminated after then, the termination action could be defined in `instance_termination_action`. Structure is documented below. * */ private @Nullable InstanceSchedulingMaxRunDuration maxRunDuration; @@ -69,6 +69,11 @@ public final class InstanceScheduling { * */ private @Nullable String onHostMaintenance; + /** + * @return Specifies the action to be performed when the instance is terminated using `max_run_duration` and `STOP` `instance_termination_action`. Only support `true` `discard_local_ssd` at this point. Structure is documented below. + * + */ + private @Nullable InstanceSchedulingOnInstanceStopAction onInstanceStopAction; /** * @return Specifies if the instance is preemptible. * If this field is set to true, then `automatic_restart` must be @@ -120,8 +125,7 @@ public Optional maintenanceInterval() { return Optional.ofNullable(this.maintenanceInterval); } /** - * @return The duration of the instance. Instance will run and be terminated after then, the termination action could be defined in `instance_termination_action`. Only support `DELETE` `instance_termination_action` at this point. Structure is documented below. - * <a name="nested_max_run_duration"></a>The `max_run_duration` block supports: + * @return The duration of the instance. Instance will run and be terminated after then, the termination action could be defined in `instance_termination_action`. Structure is documented below. * */ public Optional maxRunDuration() { @@ -154,6 +158,13 @@ public List nodeAffinities() { public Optional onHostMaintenance() { return Optional.ofNullable(this.onHostMaintenance); } + /** + * @return Specifies the action to be performed when the instance is terminated using `max_run_duration` and `STOP` `instance_termination_action`. Only support `true` `discard_local_ssd` at this point. Structure is documented below. + * + */ + public Optional onInstanceStopAction() { + return Optional.ofNullable(this.onInstanceStopAction); + } /** * @return Specifies if the instance is preemptible. * If this field is set to true, then `automatic_restart` must be @@ -191,6 +202,7 @@ public static final class Builder { private @Nullable Integer minNodeCpus; private @Nullable List nodeAffinities; private @Nullable String onHostMaintenance; + private @Nullable InstanceSchedulingOnInstanceStopAction onInstanceStopAction; private @Nullable Boolean preemptible; private @Nullable String provisioningModel; public Builder() {} @@ -204,6 +216,7 @@ public Builder(InstanceScheduling defaults) { this.minNodeCpus = defaults.minNodeCpus; this.nodeAffinities = defaults.nodeAffinities; this.onHostMaintenance = defaults.onHostMaintenance; + this.onInstanceStopAction = defaults.onInstanceStopAction; this.preemptible = defaults.preemptible; this.provisioningModel = defaults.provisioningModel; } @@ -260,6 +273,12 @@ public Builder onHostMaintenance(@Nullable String onHostMaintenance) { return this; } @CustomType.Setter + public Builder onInstanceStopAction(@Nullable InstanceSchedulingOnInstanceStopAction onInstanceStopAction) { + + this.onInstanceStopAction = onInstanceStopAction; + return this; + } + @CustomType.Setter public Builder preemptible(@Nullable Boolean preemptible) { this.preemptible = preemptible; @@ -281,6 +300,7 @@ public InstanceScheduling build() { _resultValue.minNodeCpus = minNodeCpus; _resultValue.nodeAffinities = nodeAffinities; _resultValue.onHostMaintenance = onHostMaintenance; + _resultValue.onInstanceStopAction = onInstanceStopAction; _resultValue.preemptible = preemptible; _resultValue.provisioningModel = provisioningModel; return _resultValue; diff --git a/sdk/java/src/main/java/com/pulumi/gcp/compute/outputs/InstanceSchedulingMaxRunDuration.java b/sdk/java/src/main/java/com/pulumi/gcp/compute/outputs/InstanceSchedulingMaxRunDuration.java index f1cacdb8e3..0f9d1535a9 100644 --- a/sdk/java/src/main/java/com/pulumi/gcp/compute/outputs/InstanceSchedulingMaxRunDuration.java +++ b/sdk/java/src/main/java/com/pulumi/gcp/compute/outputs/InstanceSchedulingMaxRunDuration.java @@ -14,15 +14,16 @@ public final class InstanceSchedulingMaxRunDuration { /** * @return Span of time that's a fraction of a second at nanosecond - * resolution. Durations less than one second are represented - * with a 0 seconds field and a positive nanos field. Must - * be from 0 to 999,999,999 inclusive. + * resolution. Durations less than one second are represented with a 0 + * `seconds` field and a positive `nanos` field. Must be from 0 to + * 999,999,999 inclusive. * */ private @Nullable Integer nanos; /** - * @return Span of time at a resolution of a second. - * Must be from 0 to 315,576,000,000 inclusive. + * @return Span of time at a resolution of a second. Must be from 0 to + * 315,576,000,000 inclusive. Note: these bounds are computed from: 60 + * sec/min * 60 min/hr * 24 hr/day * 365.25 days/year * 10000 years. * */ private Integer seconds; @@ -30,17 +31,18 @@ public final class InstanceSchedulingMaxRunDuration { private InstanceSchedulingMaxRunDuration() {} /** * @return Span of time that's a fraction of a second at nanosecond - * resolution. Durations less than one second are represented - * with a 0 seconds field and a positive nanos field. Must - * be from 0 to 999,999,999 inclusive. + * resolution. Durations less than one second are represented with a 0 + * `seconds` field and a positive `nanos` field. Must be from 0 to + * 999,999,999 inclusive. * */ public Optional nanos() { return Optional.ofNullable(this.nanos); } /** - * @return Span of time at a resolution of a second. - * Must be from 0 to 315,576,000,000 inclusive. + * @return Span of time at a resolution of a second. Must be from 0 to + * 315,576,000,000 inclusive. Note: these bounds are computed from: 60 + * sec/min * 60 min/hr * 24 hr/day * 365.25 days/year * 10000 years. * */ public Integer seconds() { diff --git a/sdk/java/src/main/java/com/pulumi/gcp/compute/outputs/InstanceSchedulingOnInstanceStopAction.java b/sdk/java/src/main/java/com/pulumi/gcp/compute/outputs/InstanceSchedulingOnInstanceStopAction.java new file mode 100644 index 0000000000..0740d2b9b8 --- /dev/null +++ b/sdk/java/src/main/java/com/pulumi/gcp/compute/outputs/InstanceSchedulingOnInstanceStopAction.java @@ -0,0 +1,57 @@ +// *** WARNING: this file was generated by pulumi-java-gen. *** +// *** Do not edit by hand unless you're certain you know what you are doing! *** + +package com.pulumi.gcp.compute.outputs; + +import com.pulumi.core.annotations.CustomType; +import java.lang.Boolean; +import java.util.Objects; +import java.util.Optional; +import javax.annotation.Nullable; + +@CustomType +public final class InstanceSchedulingOnInstanceStopAction { + /** + * @return Whether to discard local SSDs attached to the VM while terminating using `max_run_duration`. Only supports `true` at this point. + * + */ + private @Nullable Boolean discardLocalSsd; + + private InstanceSchedulingOnInstanceStopAction() {} + /** + * @return Whether to discard local SSDs attached to the VM while terminating using `max_run_duration`. Only supports `true` at this point. + * + */ + public Optional discardLocalSsd() { + return Optional.ofNullable(this.discardLocalSsd); + } + + public static Builder builder() { + return new Builder(); + } + + public static Builder builder(InstanceSchedulingOnInstanceStopAction defaults) { + return new Builder(defaults); + } + @CustomType.Builder + public static final class Builder { + private @Nullable Boolean discardLocalSsd; + public Builder() {} + public Builder(InstanceSchedulingOnInstanceStopAction defaults) { + Objects.requireNonNull(defaults); + this.discardLocalSsd = defaults.discardLocalSsd; + } + + @CustomType.Setter + public Builder discardLocalSsd(@Nullable Boolean discardLocalSsd) { + + this.discardLocalSsd = discardLocalSsd; + return this; + } + public InstanceSchedulingOnInstanceStopAction build() { + final var _resultValue = new InstanceSchedulingOnInstanceStopAction(); + _resultValue.discardLocalSsd = discardLocalSsd; + return _resultValue; + } + } +} diff --git a/sdk/java/src/main/java/com/pulumi/gcp/compute/outputs/InstanceTemplateScheduling.java b/sdk/java/src/main/java/com/pulumi/gcp/compute/outputs/InstanceTemplateScheduling.java index f9ae31c6ba..2901cd4220 100644 --- a/sdk/java/src/main/java/com/pulumi/gcp/compute/outputs/InstanceTemplateScheduling.java +++ b/sdk/java/src/main/java/com/pulumi/gcp/compute/outputs/InstanceTemplateScheduling.java @@ -7,6 +7,7 @@ import com.pulumi.gcp.compute.outputs.InstanceTemplateSchedulingLocalSsdRecoveryTimeout; import com.pulumi.gcp.compute.outputs.InstanceTemplateSchedulingMaxRunDuration; import com.pulumi.gcp.compute.outputs.InstanceTemplateSchedulingNodeAffinity; +import com.pulumi.gcp.compute.outputs.InstanceTemplateSchedulingOnInstanceStopAction; import java.lang.Boolean; import java.lang.Integer; import java.lang.String; @@ -43,8 +44,7 @@ public final class InstanceTemplateScheduling { */ private @Nullable String maintenanceInterval; /** - * @return The duration of the instance. Instance will run and be terminated after then, the termination action could be defined in `instance_termination_action`. Only support `DELETE` `instance_termination_action` at this point. Structure is documented below. - * <a name="nested_max_run_duration"></a>The `max_run_duration` block supports: + * @return The duration of the instance. Instance will run and be terminated after then, the termination action could be defined in `instance_termination_action`. Structure is documented below. * */ private @Nullable InstanceTemplateSchedulingMaxRunDuration maxRunDuration; @@ -68,6 +68,11 @@ public final class InstanceTemplateScheduling { * */ private @Nullable String onHostMaintenance; + /** + * @return Specifies the action to be performed when the instance is terminated using `max_run_duration` and `STOP` `instance_termination_action`. Only support `true` `discard_local_ssd` at this point. Structure is documented below. + * + */ + private @Nullable InstanceTemplateSchedulingOnInstanceStopAction onInstanceStopAction; /** * @return Allows instance to be preempted. This defaults to * false. Read more on this @@ -119,8 +124,7 @@ public Optional maintenanceInterval() { return Optional.ofNullable(this.maintenanceInterval); } /** - * @return The duration of the instance. Instance will run and be terminated after then, the termination action could be defined in `instance_termination_action`. Only support `DELETE` `instance_termination_action` at this point. Structure is documented below. - * <a name="nested_max_run_duration"></a>The `max_run_duration` block supports: + * @return The duration of the instance. Instance will run and be terminated after then, the termination action could be defined in `instance_termination_action`. Structure is documented below. * */ public Optional maxRunDuration() { @@ -152,6 +156,13 @@ public List nodeAffinities() { public Optional onHostMaintenance() { return Optional.ofNullable(this.onHostMaintenance); } + /** + * @return Specifies the action to be performed when the instance is terminated using `max_run_duration` and `STOP` `instance_termination_action`. Only support `true` `discard_local_ssd` at this point. Structure is documented below. + * + */ + public Optional onInstanceStopAction() { + return Optional.ofNullable(this.onInstanceStopAction); + } /** * @return Allows instance to be preempted. This defaults to * false. Read more on this @@ -189,6 +200,7 @@ public static final class Builder { private @Nullable Integer minNodeCpus; private @Nullable List nodeAffinities; private @Nullable String onHostMaintenance; + private @Nullable InstanceTemplateSchedulingOnInstanceStopAction onInstanceStopAction; private @Nullable Boolean preemptible; private @Nullable String provisioningModel; public Builder() {} @@ -202,6 +214,7 @@ public Builder(InstanceTemplateScheduling defaults) { this.minNodeCpus = defaults.minNodeCpus; this.nodeAffinities = defaults.nodeAffinities; this.onHostMaintenance = defaults.onHostMaintenance; + this.onInstanceStopAction = defaults.onInstanceStopAction; this.preemptible = defaults.preemptible; this.provisioningModel = defaults.provisioningModel; } @@ -261,6 +274,12 @@ public Builder onHostMaintenance(@Nullable String onHostMaintenance) { return this; } @CustomType.Setter + public Builder onInstanceStopAction(@Nullable InstanceTemplateSchedulingOnInstanceStopAction onInstanceStopAction) { + + this.onInstanceStopAction = onInstanceStopAction; + return this; + } + @CustomType.Setter public Builder preemptible(@Nullable Boolean preemptible) { this.preemptible = preemptible; @@ -282,6 +301,7 @@ public InstanceTemplateScheduling build() { _resultValue.minNodeCpus = minNodeCpus; _resultValue.nodeAffinities = nodeAffinities; _resultValue.onHostMaintenance = onHostMaintenance; + _resultValue.onInstanceStopAction = onInstanceStopAction; _resultValue.preemptible = preemptible; _resultValue.provisioningModel = provisioningModel; return _resultValue; diff --git a/sdk/java/src/main/java/com/pulumi/gcp/compute/outputs/InstanceTemplateSchedulingMaxRunDuration.java b/sdk/java/src/main/java/com/pulumi/gcp/compute/outputs/InstanceTemplateSchedulingMaxRunDuration.java index f968e3faa4..9c897ecec6 100644 --- a/sdk/java/src/main/java/com/pulumi/gcp/compute/outputs/InstanceTemplateSchedulingMaxRunDuration.java +++ b/sdk/java/src/main/java/com/pulumi/gcp/compute/outputs/InstanceTemplateSchedulingMaxRunDuration.java @@ -14,15 +14,16 @@ public final class InstanceTemplateSchedulingMaxRunDuration { /** * @return Span of time that's a fraction of a second at nanosecond - * resolution. Durations less than one second are represented - * with a 0 seconds field and a positive nanos field. Must - * be from 0 to 999,999,999 inclusive. + * resolution. Durations less than one second are represented with a 0 + * `seconds` field and a positive `nanos` field. Must be from 0 to + * 999,999,999 inclusive. * */ private @Nullable Integer nanos; /** - * @return Span of time at a resolution of a second. - * Must be from 0 to 315,576,000,000 inclusive. + * @return Span of time at a resolution of a second. Must be from 0 to + * 315,576,000,000 inclusive. Note: these bounds are computed from: 60 + * sec/min * 60 min/hr * 24 hr/day * 365.25 days/year * 10000 years. * */ private Integer seconds; @@ -30,17 +31,18 @@ public final class InstanceTemplateSchedulingMaxRunDuration { private InstanceTemplateSchedulingMaxRunDuration() {} /** * @return Span of time that's a fraction of a second at nanosecond - * resolution. Durations less than one second are represented - * with a 0 seconds field and a positive nanos field. Must - * be from 0 to 999,999,999 inclusive. + * resolution. Durations less than one second are represented with a 0 + * `seconds` field and a positive `nanos` field. Must be from 0 to + * 999,999,999 inclusive. * */ public Optional nanos() { return Optional.ofNullable(this.nanos); } /** - * @return Span of time at a resolution of a second. - * Must be from 0 to 315,576,000,000 inclusive. + * @return Span of time at a resolution of a second. Must be from 0 to + * 315,576,000,000 inclusive. Note: these bounds are computed from: 60 + * sec/min * 60 min/hr * 24 hr/day * 365.25 days/year * 10000 years. * */ public Integer seconds() { diff --git a/sdk/java/src/main/java/com/pulumi/gcp/compute/outputs/InstanceTemplateSchedulingOnInstanceStopAction.java b/sdk/java/src/main/java/com/pulumi/gcp/compute/outputs/InstanceTemplateSchedulingOnInstanceStopAction.java new file mode 100644 index 0000000000..8ac30c153c --- /dev/null +++ b/sdk/java/src/main/java/com/pulumi/gcp/compute/outputs/InstanceTemplateSchedulingOnInstanceStopAction.java @@ -0,0 +1,57 @@ +// *** WARNING: this file was generated by pulumi-java-gen. *** +// *** Do not edit by hand unless you're certain you know what you are doing! *** + +package com.pulumi.gcp.compute.outputs; + +import com.pulumi.core.annotations.CustomType; +import java.lang.Boolean; +import java.util.Objects; +import java.util.Optional; +import javax.annotation.Nullable; + +@CustomType +public final class InstanceTemplateSchedulingOnInstanceStopAction { + /** + * @return Whether to discard local SSDs attached to the VM while terminating using `max_run_duration`. Only supports `true` at this point. + * + */ + private @Nullable Boolean discardLocalSsd; + + private InstanceTemplateSchedulingOnInstanceStopAction() {} + /** + * @return Whether to discard local SSDs attached to the VM while terminating using `max_run_duration`. Only supports `true` at this point. + * + */ + public Optional discardLocalSsd() { + return Optional.ofNullable(this.discardLocalSsd); + } + + public static Builder builder() { + return new Builder(); + } + + public static Builder builder(InstanceTemplateSchedulingOnInstanceStopAction defaults) { + return new Builder(defaults); + } + @CustomType.Builder + public static final class Builder { + private @Nullable Boolean discardLocalSsd; + public Builder() {} + public Builder(InstanceTemplateSchedulingOnInstanceStopAction defaults) { + Objects.requireNonNull(defaults); + this.discardLocalSsd = defaults.discardLocalSsd; + } + + @CustomType.Setter + public Builder discardLocalSsd(@Nullable Boolean discardLocalSsd) { + + this.discardLocalSsd = discardLocalSsd; + return this; + } + public InstanceTemplateSchedulingOnInstanceStopAction build() { + final var _resultValue = new InstanceTemplateSchedulingOnInstanceStopAction(); + _resultValue.discardLocalSsd = discardLocalSsd; + return _resultValue; + } + } +} diff --git a/sdk/java/src/main/java/com/pulumi/gcp/compute/outputs/RegionInstanceTemplateScheduling.java b/sdk/java/src/main/java/com/pulumi/gcp/compute/outputs/RegionInstanceTemplateScheduling.java index 3edaa33fd0..fd4b7fe6a9 100644 --- a/sdk/java/src/main/java/com/pulumi/gcp/compute/outputs/RegionInstanceTemplateScheduling.java +++ b/sdk/java/src/main/java/com/pulumi/gcp/compute/outputs/RegionInstanceTemplateScheduling.java @@ -7,6 +7,7 @@ import com.pulumi.gcp.compute.outputs.RegionInstanceTemplateSchedulingLocalSsdRecoveryTimeout; import com.pulumi.gcp.compute.outputs.RegionInstanceTemplateSchedulingMaxRunDuration; import com.pulumi.gcp.compute.outputs.RegionInstanceTemplateSchedulingNodeAffinity; +import com.pulumi.gcp.compute.outputs.RegionInstanceTemplateSchedulingOnInstanceStopAction; import java.lang.Boolean; import java.lang.Integer; import java.lang.String; @@ -67,6 +68,11 @@ public final class RegionInstanceTemplateScheduling { * */ private @Nullable String onHostMaintenance; + /** + * @return Defines the behaviour for instances with the instance_termination_action. + * + */ + private @Nullable RegionInstanceTemplateSchedulingOnInstanceStopAction onInstanceStopAction; /** * @return Allows instance to be preempted. This defaults to * false. Read more on this @@ -150,6 +156,13 @@ public List nodeAffinities() { public Optional onHostMaintenance() { return Optional.ofNullable(this.onHostMaintenance); } + /** + * @return Defines the behaviour for instances with the instance_termination_action. + * + */ + public Optional onInstanceStopAction() { + return Optional.ofNullable(this.onInstanceStopAction); + } /** * @return Allows instance to be preempted. This defaults to * false. Read more on this @@ -187,6 +200,7 @@ public static final class Builder { private @Nullable Integer minNodeCpus; private @Nullable List nodeAffinities; private @Nullable String onHostMaintenance; + private @Nullable RegionInstanceTemplateSchedulingOnInstanceStopAction onInstanceStopAction; private @Nullable Boolean preemptible; private @Nullable String provisioningModel; public Builder() {} @@ -200,6 +214,7 @@ public Builder(RegionInstanceTemplateScheduling defaults) { this.minNodeCpus = defaults.minNodeCpus; this.nodeAffinities = defaults.nodeAffinities; this.onHostMaintenance = defaults.onHostMaintenance; + this.onInstanceStopAction = defaults.onInstanceStopAction; this.preemptible = defaults.preemptible; this.provisioningModel = defaults.provisioningModel; } @@ -259,6 +274,12 @@ public Builder onHostMaintenance(@Nullable String onHostMaintenance) { return this; } @CustomType.Setter + public Builder onInstanceStopAction(@Nullable RegionInstanceTemplateSchedulingOnInstanceStopAction onInstanceStopAction) { + + this.onInstanceStopAction = onInstanceStopAction; + return this; + } + @CustomType.Setter public Builder preemptible(@Nullable Boolean preemptible) { this.preemptible = preemptible; @@ -280,6 +301,7 @@ public RegionInstanceTemplateScheduling build() { _resultValue.minNodeCpus = minNodeCpus; _resultValue.nodeAffinities = nodeAffinities; _resultValue.onHostMaintenance = onHostMaintenance; + _resultValue.onInstanceStopAction = onInstanceStopAction; _resultValue.preemptible = preemptible; _resultValue.provisioningModel = provisioningModel; return _resultValue; diff --git a/sdk/java/src/main/java/com/pulumi/gcp/compute/outputs/RegionInstanceTemplateSchedulingOnInstanceStopAction.java b/sdk/java/src/main/java/com/pulumi/gcp/compute/outputs/RegionInstanceTemplateSchedulingOnInstanceStopAction.java new file mode 100644 index 0000000000..5f4ceefea3 --- /dev/null +++ b/sdk/java/src/main/java/com/pulumi/gcp/compute/outputs/RegionInstanceTemplateSchedulingOnInstanceStopAction.java @@ -0,0 +1,57 @@ +// *** WARNING: this file was generated by pulumi-java-gen. *** +// *** Do not edit by hand unless you're certain you know what you are doing! *** + +package com.pulumi.gcp.compute.outputs; + +import com.pulumi.core.annotations.CustomType; +import java.lang.Boolean; +import java.util.Objects; +import java.util.Optional; +import javax.annotation.Nullable; + +@CustomType +public final class RegionInstanceTemplateSchedulingOnInstanceStopAction { + /** + * @return If true, the contents of any attached Local SSD disks will be discarded. + * + */ + private @Nullable Boolean discardLocalSsd; + + private RegionInstanceTemplateSchedulingOnInstanceStopAction() {} + /** + * @return If true, the contents of any attached Local SSD disks will be discarded. + * + */ + public Optional discardLocalSsd() { + return Optional.ofNullable(this.discardLocalSsd); + } + + public static Builder builder() { + return new Builder(); + } + + public static Builder builder(RegionInstanceTemplateSchedulingOnInstanceStopAction defaults) { + return new Builder(defaults); + } + @CustomType.Builder + public static final class Builder { + private @Nullable Boolean discardLocalSsd; + public Builder() {} + public Builder(RegionInstanceTemplateSchedulingOnInstanceStopAction defaults) { + Objects.requireNonNull(defaults); + this.discardLocalSsd = defaults.discardLocalSsd; + } + + @CustomType.Setter + public Builder discardLocalSsd(@Nullable Boolean discardLocalSsd) { + + this.discardLocalSsd = discardLocalSsd; + return this; + } + public RegionInstanceTemplateSchedulingOnInstanceStopAction build() { + final var _resultValue = new RegionInstanceTemplateSchedulingOnInstanceStopAction(); + _resultValue.discardLocalSsd = discardLocalSsd; + return _resultValue; + } + } +} diff --git a/sdk/java/src/main/java/com/pulumi/gcp/compute/outputs/SecurityPolicyAdvancedOptionsConfig.java b/sdk/java/src/main/java/com/pulumi/gcp/compute/outputs/SecurityPolicyAdvancedOptionsConfig.java index 1625347a5b..13c6f85bb2 100644 --- a/sdk/java/src/main/java/com/pulumi/gcp/compute/outputs/SecurityPolicyAdvancedOptionsConfig.java +++ b/sdk/java/src/main/java/com/pulumi/gcp/compute/outputs/SecurityPolicyAdvancedOptionsConfig.java @@ -23,6 +23,7 @@ public final class SecurityPolicyAdvancedOptionsConfig { * @return Whether or not to JSON parse the payload body. Defaults to `DISABLED`. * * `DISABLED` - Don't parse JSON payloads in POST bodies. * * `STANDARD` - Parse JSON payloads in POST bodies. + * * `STANDARD_WITH_GRAPHQL` - Parse JSON and GraphQL payloads in POST bodies. * */ private @Nullable String jsonParsing; @@ -52,6 +53,7 @@ public Optional jsonCustomC * @return Whether or not to JSON parse the payload body. Defaults to `DISABLED`. * * `DISABLED` - Don't parse JSON payloads in POST bodies. * * `STANDARD` - Parse JSON payloads in POST bodies. + * * `STANDARD_WITH_GRAPHQL` - Parse JSON and GraphQL payloads in POST bodies. * */ public Optional jsonParsing() { diff --git a/sdk/java/src/main/java/com/pulumi/gcp/compute/outputs/SecurityPolicyRuleRateLimitOptions.java b/sdk/java/src/main/java/com/pulumi/gcp/compute/outputs/SecurityPolicyRuleRateLimitOptions.java index 6281c9c543..1719c90738 100644 --- a/sdk/java/src/main/java/com/pulumi/gcp/compute/outputs/SecurityPolicyRuleRateLimitOptions.java +++ b/sdk/java/src/main/java/com/pulumi/gcp/compute/outputs/SecurityPolicyRuleRateLimitOptions.java @@ -4,7 +4,6 @@ package com.pulumi.gcp.compute.outputs; import com.pulumi.core.annotations.CustomType; -import com.pulumi.exceptions.MissingRequiredPropertyException; import com.pulumi.gcp.compute.outputs.SecurityPolicyRuleRateLimitOptionsBanThreshold; import com.pulumi.gcp.compute.outputs.SecurityPolicyRuleRateLimitOptionsEnforceOnKeyConfig; import com.pulumi.gcp.compute.outputs.SecurityPolicyRuleRateLimitOptionsExceedRedirectOptions; @@ -19,72 +18,77 @@ @CustomType public final class SecurityPolicyRuleRateLimitOptions { /** - * @return Can only be specified if the `action` for the rule is `rate_based_ban`. + * @return Can only be specified if the action for the rule is "rate_based_ban". * If specified, determines the time (in seconds) the traffic will continue to be banned by the rate limit after the rate falls below the threshold. * */ private @Nullable Integer banDurationSec; /** - * @return Can only be specified if the `action` for the rule is `rate_based_ban`. - * If specified, the key will be banned for the configured `ban_duration_sec` when the number of requests that exceed the `rate_limit_threshold` also - * exceed this `ban_threshold`. Structure is documented below. + * @return Can only be specified if the action for the rule is "rate_based_ban". + * If specified, the key will be banned for the configured 'banDurationSec' when the number of requests that exceed the 'rateLimitThreshold' also exceed this 'banThreshold'. + * Structure is documented below. * */ private @Nullable SecurityPolicyRuleRateLimitOptionsBanThreshold banThreshold; /** - * @return Action to take for requests that are under the configured rate limit threshold. Valid option is `allow` only. + * @return Action to take for requests that are under the configured rate limit threshold. + * Valid option is "allow" only. * */ - private String conformAction; + private @Nullable String conformAction; /** - * @return Determines the key to enforce the rate_limit_threshold on. If not specified, defaults to `ALL`. - * - * * `ALL`: A single rate limit threshold is applied to all the requests matching this rule. - * * `IP`: The source IP address of the request is the key. Each IP has this limit enforced separately. - * * `HTTP_HEADER`: The value of the HTTP header whose name is configured under `enforce_on_key_name`. The key value is truncated to the first 128 bytes of the header value. If no such header is present in the request, the key type defaults to `ALL`. - * * `XFF_IP`: The first IP address (i.e. the originating client IP address) specified in the list of IPs under `X-Forwarded-For` HTTP header. If no such header is present or the value is not a valid IP, the key type defaults to `ALL`. - * * `HTTP_COOKIE`: The value of the HTTP cookie whose name is configured under `enforce_on_key_name`. The key value is truncated to the first 128 bytes of the cookie value. If no such cookie is present in the request, the key type defaults to `ALL`. - * * `HTTP_PATH`: The URL path of the HTTP request. The key value is truncated to the first 128 bytes - * * `SNI`: Server name indication in the TLS session of the HTTPS request. The key value is truncated to the first 128 bytes. The key type defaults to `ALL` on a HTTP session. - * * `REGION_CODE`: The country/region from which the request originates. + * @return Determines the key to enforce the rateLimitThreshold on. Possible values are: + * * ALL: A single rate limit threshold is applied to all the requests matching this rule. This is the default value if "enforceOnKey" is not configured. + * * IP: The source IP address of the request is the key. Each IP has this limit enforced separately. + * * HTTP_HEADER: The value of the HTTP header whose name is configured under "enforceOnKeyName". The key value is truncated to the first 128 bytes of the header value. If no such header is present in the request, the key type defaults to ALL. + * * XFF_IP: The first IP address (i.e. the originating client IP address) specified in the list of IPs under X-Forwarded-For HTTP header. If no such header is present or the value is not a valid IP, the key defaults to the source IP address of the request i.e. key type IP. + * * HTTP_COOKIE: The value of the HTTP cookie whose name is configured under "enforceOnKeyName". The key value is truncated to the first 128 bytes of the cookie value. If no such cookie is present in the request, the key type defaults to ALL. + * * HTTP_PATH: The URL path of the HTTP request. The key value is truncated to the first 128 bytes. + * * SNI: Server name indication in the TLS session of the HTTPS request. The key value is truncated to the first 128 bytes. The key type defaults to ALL on a HTTP session. + * * REGION_CODE: The country/region from which the request originates. + * * TLS_JA3_FINGERPRINT: JA3 TLS/SSL fingerprint if the client connects using HTTPS, HTTP/2 or HTTP/3. If not available, the key type defaults to ALL. + * * USER_IP: The IP address of the originating client, which is resolved based on "userIpRequestHeaders" configured with the security policy. If there is no "userIpRequestHeaders" configuration or an IP address cannot be resolved from it, the key type defaults to IP. + * Possible values are: `ALL`, `IP`, `HTTP_HEADER`, `XFF_IP`, `HTTP_COOKIE`, `HTTP_PATH`, `SNI`, `REGION_CODE`, `TLS_JA3_FINGERPRINT`, `USER_IP`. * */ private @Nullable String enforceOnKey; /** - * @return If specified, any combination of values of enforce_on_key_type/enforce_on_key_name is treated as the key on which rate limit threshold/action is enforced. You can specify up to 3 enforce_on_key_configs. If `enforce_on_key_configs` is specified, `enforce_on_key` must be set to an empty string. Structure is documented below. - * - * **Note:** To avoid the conflict between `enforce_on_key` and `enforce_on_key_configs`, the field `enforce_on_key` needs to be set to an empty string. + * @return If specified, any combination of values of enforceOnKeyType/enforceOnKeyName is treated as the key on which ratelimit threshold/action is enforced. + * You can specify up to 3 enforceOnKeyConfigs. + * If enforceOnKeyConfigs is specified, enforceOnKey must not be specified. + * Structure is documented below. * */ private @Nullable List enforceOnKeyConfigs; /** * @return Rate limit key name applicable only for the following key types: - * - * * `HTTP_HEADER` -- Name of the HTTP header whose value is taken as the key value. - * * `HTTP_COOKIE` -- Name of the HTTP cookie whose value is taken as the key value. + * HTTP_HEADER -- Name of the HTTP header whose value is taken as the key value. + * HTTP_COOKIE -- Name of the HTTP cookie whose value is taken as the key value. * */ private @Nullable String enforceOnKeyName; /** - * @return When a request is denied, returns the HTTP response code specified. - * Valid options are `deny()` where valid values for status are 403, 404, 429, and 502. + * @return Action to take for requests that are above the configured rate limit threshold, to either deny with a specified HTTP response code, or redirect to a different endpoint. + * Valid options are deny(STATUS), where valid values for STATUS are 403, 404, 429, and 502. * */ - private String exceedAction; + private @Nullable String exceedAction; /** - * @return Parameters defining the redirect action that is used as the exceed action. Cannot be specified if the exceed action is not redirect. + * @return Parameters defining the redirect action that is used as the exceed action. Cannot be specified if the exceed action is not redirect. This field is only supported in Global Security Policies of type CLOUD_ARMOR. + * Structure is documented below. * */ private @Nullable SecurityPolicyRuleRateLimitOptionsExceedRedirectOptions exceedRedirectOptions; /** - * @return Threshold at which to begin ratelimiting. Structure is documented below. + * @return Threshold at which to begin ratelimiting. + * Structure is documented below. * */ - private SecurityPolicyRuleRateLimitOptionsRateLimitThreshold rateLimitThreshold; + private @Nullable SecurityPolicyRuleRateLimitOptionsRateLimitThreshold rateLimitThreshold; private SecurityPolicyRuleRateLimitOptions() {} /** - * @return Can only be specified if the `action` for the rule is `rate_based_ban`. + * @return Can only be specified if the action for the rule is "rate_based_ban". * If specified, determines the time (in seconds) the traffic will continue to be banned by the rate limit after the rate falls below the threshold. * */ @@ -92,41 +96,45 @@ public Optional banDurationSec() { return Optional.ofNullable(this.banDurationSec); } /** - * @return Can only be specified if the `action` for the rule is `rate_based_ban`. - * If specified, the key will be banned for the configured `ban_duration_sec` when the number of requests that exceed the `rate_limit_threshold` also - * exceed this `ban_threshold`. Structure is documented below. + * @return Can only be specified if the action for the rule is "rate_based_ban". + * If specified, the key will be banned for the configured 'banDurationSec' when the number of requests that exceed the 'rateLimitThreshold' also exceed this 'banThreshold'. + * Structure is documented below. * */ public Optional banThreshold() { return Optional.ofNullable(this.banThreshold); } /** - * @return Action to take for requests that are under the configured rate limit threshold. Valid option is `allow` only. + * @return Action to take for requests that are under the configured rate limit threshold. + * Valid option is "allow" only. * */ - public String conformAction() { - return this.conformAction; + public Optional conformAction() { + return Optional.ofNullable(this.conformAction); } /** - * @return Determines the key to enforce the rate_limit_threshold on. If not specified, defaults to `ALL`. - * - * * `ALL`: A single rate limit threshold is applied to all the requests matching this rule. - * * `IP`: The source IP address of the request is the key. Each IP has this limit enforced separately. - * * `HTTP_HEADER`: The value of the HTTP header whose name is configured under `enforce_on_key_name`. The key value is truncated to the first 128 bytes of the header value. If no such header is present in the request, the key type defaults to `ALL`. - * * `XFF_IP`: The first IP address (i.e. the originating client IP address) specified in the list of IPs under `X-Forwarded-For` HTTP header. If no such header is present or the value is not a valid IP, the key type defaults to `ALL`. - * * `HTTP_COOKIE`: The value of the HTTP cookie whose name is configured under `enforce_on_key_name`. The key value is truncated to the first 128 bytes of the cookie value. If no such cookie is present in the request, the key type defaults to `ALL`. - * * `HTTP_PATH`: The URL path of the HTTP request. The key value is truncated to the first 128 bytes - * * `SNI`: Server name indication in the TLS session of the HTTPS request. The key value is truncated to the first 128 bytes. The key type defaults to `ALL` on a HTTP session. - * * `REGION_CODE`: The country/region from which the request originates. + * @return Determines the key to enforce the rateLimitThreshold on. Possible values are: + * * ALL: A single rate limit threshold is applied to all the requests matching this rule. This is the default value if "enforceOnKey" is not configured. + * * IP: The source IP address of the request is the key. Each IP has this limit enforced separately. + * * HTTP_HEADER: The value of the HTTP header whose name is configured under "enforceOnKeyName". The key value is truncated to the first 128 bytes of the header value. If no such header is present in the request, the key type defaults to ALL. + * * XFF_IP: The first IP address (i.e. the originating client IP address) specified in the list of IPs under X-Forwarded-For HTTP header. If no such header is present or the value is not a valid IP, the key defaults to the source IP address of the request i.e. key type IP. + * * HTTP_COOKIE: The value of the HTTP cookie whose name is configured under "enforceOnKeyName". The key value is truncated to the first 128 bytes of the cookie value. If no such cookie is present in the request, the key type defaults to ALL. + * * HTTP_PATH: The URL path of the HTTP request. The key value is truncated to the first 128 bytes. + * * SNI: Server name indication in the TLS session of the HTTPS request. The key value is truncated to the first 128 bytes. The key type defaults to ALL on a HTTP session. + * * REGION_CODE: The country/region from which the request originates. + * * TLS_JA3_FINGERPRINT: JA3 TLS/SSL fingerprint if the client connects using HTTPS, HTTP/2 or HTTP/3. If not available, the key type defaults to ALL. + * * USER_IP: The IP address of the originating client, which is resolved based on "userIpRequestHeaders" configured with the security policy. If there is no "userIpRequestHeaders" configuration or an IP address cannot be resolved from it, the key type defaults to IP. + * Possible values are: `ALL`, `IP`, `HTTP_HEADER`, `XFF_IP`, `HTTP_COOKIE`, `HTTP_PATH`, `SNI`, `REGION_CODE`, `TLS_JA3_FINGERPRINT`, `USER_IP`. * */ public Optional enforceOnKey() { return Optional.ofNullable(this.enforceOnKey); } /** - * @return If specified, any combination of values of enforce_on_key_type/enforce_on_key_name is treated as the key on which rate limit threshold/action is enforced. You can specify up to 3 enforce_on_key_configs. If `enforce_on_key_configs` is specified, `enforce_on_key` must be set to an empty string. Structure is documented below. - * - * **Note:** To avoid the conflict between `enforce_on_key` and `enforce_on_key_configs`, the field `enforce_on_key` needs to be set to an empty string. + * @return If specified, any combination of values of enforceOnKeyType/enforceOnKeyName is treated as the key on which ratelimit threshold/action is enforced. + * You can specify up to 3 enforceOnKeyConfigs. + * If enforceOnKeyConfigs is specified, enforceOnKey must not be specified. + * Structure is documented below. * */ public List enforceOnKeyConfigs() { @@ -134,35 +142,36 @@ public List enforceOnKeyCo } /** * @return Rate limit key name applicable only for the following key types: - * - * * `HTTP_HEADER` -- Name of the HTTP header whose value is taken as the key value. - * * `HTTP_COOKIE` -- Name of the HTTP cookie whose value is taken as the key value. + * HTTP_HEADER -- Name of the HTTP header whose value is taken as the key value. + * HTTP_COOKIE -- Name of the HTTP cookie whose value is taken as the key value. * */ public Optional enforceOnKeyName() { return Optional.ofNullable(this.enforceOnKeyName); } /** - * @return When a request is denied, returns the HTTP response code specified. - * Valid options are `deny()` where valid values for status are 403, 404, 429, and 502. + * @return Action to take for requests that are above the configured rate limit threshold, to either deny with a specified HTTP response code, or redirect to a different endpoint. + * Valid options are deny(STATUS), where valid values for STATUS are 403, 404, 429, and 502. * */ - public String exceedAction() { - return this.exceedAction; + public Optional exceedAction() { + return Optional.ofNullable(this.exceedAction); } /** - * @return Parameters defining the redirect action that is used as the exceed action. Cannot be specified if the exceed action is not redirect. + * @return Parameters defining the redirect action that is used as the exceed action. Cannot be specified if the exceed action is not redirect. This field is only supported in Global Security Policies of type CLOUD_ARMOR. + * Structure is documented below. * */ public Optional exceedRedirectOptions() { return Optional.ofNullable(this.exceedRedirectOptions); } /** - * @return Threshold at which to begin ratelimiting. Structure is documented below. + * @return Threshold at which to begin ratelimiting. + * Structure is documented below. * */ - public SecurityPolicyRuleRateLimitOptionsRateLimitThreshold rateLimitThreshold() { - return this.rateLimitThreshold; + public Optional rateLimitThreshold() { + return Optional.ofNullable(this.rateLimitThreshold); } public static Builder builder() { @@ -176,13 +185,13 @@ public static Builder builder(SecurityPolicyRuleRateLimitOptions defaults) { public static final class Builder { private @Nullable Integer banDurationSec; private @Nullable SecurityPolicyRuleRateLimitOptionsBanThreshold banThreshold; - private String conformAction; + private @Nullable String conformAction; private @Nullable String enforceOnKey; private @Nullable List enforceOnKeyConfigs; private @Nullable String enforceOnKeyName; - private String exceedAction; + private @Nullable String exceedAction; private @Nullable SecurityPolicyRuleRateLimitOptionsExceedRedirectOptions exceedRedirectOptions; - private SecurityPolicyRuleRateLimitOptionsRateLimitThreshold rateLimitThreshold; + private @Nullable SecurityPolicyRuleRateLimitOptionsRateLimitThreshold rateLimitThreshold; public Builder() {} public Builder(SecurityPolicyRuleRateLimitOptions defaults) { Objects.requireNonNull(defaults); @@ -210,10 +219,8 @@ public Builder banThreshold(@Nullable SecurityPolicyRuleRateLimitOptionsBanThres return this; } @CustomType.Setter - public Builder conformAction(String conformAction) { - if (conformAction == null) { - throw new MissingRequiredPropertyException("SecurityPolicyRuleRateLimitOptions", "conformAction"); - } + public Builder conformAction(@Nullable String conformAction) { + this.conformAction = conformAction; return this; } @@ -239,10 +246,8 @@ public Builder enforceOnKeyName(@Nullable String enforceOnKeyName) { return this; } @CustomType.Setter - public Builder exceedAction(String exceedAction) { - if (exceedAction == null) { - throw new MissingRequiredPropertyException("SecurityPolicyRuleRateLimitOptions", "exceedAction"); - } + public Builder exceedAction(@Nullable String exceedAction) { + this.exceedAction = exceedAction; return this; } @@ -253,10 +258,8 @@ public Builder exceedRedirectOptions(@Nullable SecurityPolicyRuleRateLimitOption return this; } @CustomType.Setter - public Builder rateLimitThreshold(SecurityPolicyRuleRateLimitOptionsRateLimitThreshold rateLimitThreshold) { - if (rateLimitThreshold == null) { - throw new MissingRequiredPropertyException("SecurityPolicyRuleRateLimitOptions", "rateLimitThreshold"); - } + public Builder rateLimitThreshold(@Nullable SecurityPolicyRuleRateLimitOptionsRateLimitThreshold rateLimitThreshold) { + this.rateLimitThreshold = rateLimitThreshold; return this; } diff --git a/sdk/java/src/main/java/com/pulumi/gcp/compute/outputs/SecurityPolicyRuleRateLimitOptionsBanThreshold.java b/sdk/java/src/main/java/com/pulumi/gcp/compute/outputs/SecurityPolicyRuleRateLimitOptionsBanThreshold.java index 2e9697ed3d..5d936d4f01 100644 --- a/sdk/java/src/main/java/com/pulumi/gcp/compute/outputs/SecurityPolicyRuleRateLimitOptionsBanThreshold.java +++ b/sdk/java/src/main/java/com/pulumi/gcp/compute/outputs/SecurityPolicyRuleRateLimitOptionsBanThreshold.java @@ -4,9 +4,10 @@ package com.pulumi.gcp.compute.outputs; import com.pulumi.core.annotations.CustomType; -import com.pulumi.exceptions.MissingRequiredPropertyException; import java.lang.Integer; import java.util.Objects; +import java.util.Optional; +import javax.annotation.Nullable; @CustomType public final class SecurityPolicyRuleRateLimitOptionsBanThreshold { @@ -14,27 +15,27 @@ public final class SecurityPolicyRuleRateLimitOptionsBanThreshold { * @return Number of HTTP(S) requests for calculating the threshold. * */ - private Integer count; + private @Nullable Integer count; /** * @return Interval over which the threshold is computed. * */ - private Integer intervalSec; + private @Nullable Integer intervalSec; private SecurityPolicyRuleRateLimitOptionsBanThreshold() {} /** * @return Number of HTTP(S) requests for calculating the threshold. * */ - public Integer count() { - return this.count; + public Optional count() { + return Optional.ofNullable(this.count); } /** * @return Interval over which the threshold is computed. * */ - public Integer intervalSec() { - return this.intervalSec; + public Optional intervalSec() { + return Optional.ofNullable(this.intervalSec); } public static Builder builder() { @@ -46,8 +47,8 @@ public static Builder builder(SecurityPolicyRuleRateLimitOptionsBanThreshold def } @CustomType.Builder public static final class Builder { - private Integer count; - private Integer intervalSec; + private @Nullable Integer count; + private @Nullable Integer intervalSec; public Builder() {} public Builder(SecurityPolicyRuleRateLimitOptionsBanThreshold defaults) { Objects.requireNonNull(defaults); @@ -56,18 +57,14 @@ public Builder(SecurityPolicyRuleRateLimitOptionsBanThreshold defaults) { } @CustomType.Setter - public Builder count(Integer count) { - if (count == null) { - throw new MissingRequiredPropertyException("SecurityPolicyRuleRateLimitOptionsBanThreshold", "count"); - } + public Builder count(@Nullable Integer count) { + this.count = count; return this; } @CustomType.Setter - public Builder intervalSec(Integer intervalSec) { - if (intervalSec == null) { - throw new MissingRequiredPropertyException("SecurityPolicyRuleRateLimitOptionsBanThreshold", "intervalSec"); - } + public Builder intervalSec(@Nullable Integer intervalSec) { + this.intervalSec = intervalSec; return this; } diff --git a/sdk/java/src/main/java/com/pulumi/gcp/compute/outputs/SecurityPolicyRuleRateLimitOptionsEnforceOnKeyConfig.java b/sdk/java/src/main/java/com/pulumi/gcp/compute/outputs/SecurityPolicyRuleRateLimitOptionsEnforceOnKeyConfig.java index 62d45a14a5..1cff68955e 100644 --- a/sdk/java/src/main/java/com/pulumi/gcp/compute/outputs/SecurityPolicyRuleRateLimitOptionsEnforceOnKeyConfig.java +++ b/sdk/java/src/main/java/com/pulumi/gcp/compute/outputs/SecurityPolicyRuleRateLimitOptionsEnforceOnKeyConfig.java @@ -13,23 +13,24 @@ public final class SecurityPolicyRuleRateLimitOptionsEnforceOnKeyConfig { /** * @return Rate limit key name applicable only for the following key types: - * - * * `HTTP_HEADER` -- Name of the HTTP header whose value is taken as the key value. - * * `HTTP_COOKIE` -- Name of the HTTP cookie whose value is taken as the key value. + * HTTP_HEADER -- Name of the HTTP header whose value is taken as the key value. + * HTTP_COOKIE -- Name of the HTTP cookie whose value is taken as the key value. * */ private @Nullable String enforceOnKeyName; /** - * @return Determines the key to enforce the `rate_limit_threshold` on. If not specified, defaults to `ALL`. - * - * * `ALL`: A single rate limit threshold is applied to all the requests matching this rule. - * * `IP`: The source IP address of the request is the key. Each IP has this limit enforced separately. - * * `HTTP_HEADER`: The value of the HTTP header whose name is configured on `enforce_on_key_name`. The key value is truncated to the first 128 bytes of the header value. If no such header is present in the request, the key type defaults to `ALL`. - * * `XFF_IP`: The first IP address (i.e. the originating client IP address) specified in the list of IPs under X-Forwarded-For HTTP header. If no such header is present or the value is not a valid IP, the key type defaults to `ALL`. - * * `HTTP_COOKIE`: The value of the HTTP cookie whose name is configured under `enforce_on_key_name`. The key value is truncated to the first 128 bytes of the cookie value. If no such cookie is present in the request, the key type defaults to `ALL`. - * * `HTTP_PATH`: The URL path of the HTTP request. The key value is truncated to the first 128 bytes - * * `SNI`: Server name indication in the TLS session of the HTTPS request. The key value is truncated to the first 128 bytes. The key type defaults to `ALL` on a HTTP session. - * * `REGION_CODE`: The country/region from which the request originates. + * @return Determines the key to enforce the rateLimitThreshold on. Possible values are: + * * ALL: A single rate limit threshold is applied to all the requests matching this rule. This is the default value if "enforceOnKeyConfigs" is not configured. + * * IP: The source IP address of the request is the key. Each IP has this limit enforced separately. + * * HTTP_HEADER: The value of the HTTP header whose name is configured under "enforceOnKeyName". The key value is truncated to the first 128 bytes of the header value. If no such header is present in the request, the key type defaults to ALL. + * * XFF_IP: The first IP address (i.e. the originating client IP address) specified in the list of IPs under X-Forwarded-For HTTP header. If no such header is present or the value is not a valid IP, the key defaults to the source IP address of the request i.e. key type IP. + * * HTTP_COOKIE: The value of the HTTP cookie whose name is configured under "enforceOnKeyName". The key value is truncated to the first 128 bytes of the cookie value. If no such cookie is present in the request, the key type defaults to ALL. + * * HTTP_PATH: The URL path of the HTTP request. The key value is truncated to the first 128 bytes. + * * SNI: Server name indication in the TLS session of the HTTPS request. The key value is truncated to the first 128 bytes. The key type defaults to ALL on a HTTP session. + * * REGION_CODE: The country/region from which the request originates. + * * TLS_JA3_FINGERPRINT: JA3 TLS/SSL fingerprint if the client connects using HTTPS, HTTP/2 or HTTP/3. If not available, the key type defaults to ALL. + * * USER_IP: The IP address of the originating client, which is resolved based on "userIpRequestHeaders" configured with the security policy. If there is no "userIpRequestHeaders" configuration or an IP address cannot be resolved from it, the key type defaults to IP. + * Possible values are: `ALL`, `IP`, `HTTP_HEADER`, `XFF_IP`, `HTTP_COOKIE`, `HTTP_PATH`, `SNI`, `REGION_CODE`, `TLS_JA3_FINGERPRINT`, `USER_IP`. * */ private @Nullable String enforceOnKeyType; @@ -37,25 +38,26 @@ public final class SecurityPolicyRuleRateLimitOptionsEnforceOnKeyConfig { private SecurityPolicyRuleRateLimitOptionsEnforceOnKeyConfig() {} /** * @return Rate limit key name applicable only for the following key types: - * - * * `HTTP_HEADER` -- Name of the HTTP header whose value is taken as the key value. - * * `HTTP_COOKIE` -- Name of the HTTP cookie whose value is taken as the key value. + * HTTP_HEADER -- Name of the HTTP header whose value is taken as the key value. + * HTTP_COOKIE -- Name of the HTTP cookie whose value is taken as the key value. * */ public Optional enforceOnKeyName() { return Optional.ofNullable(this.enforceOnKeyName); } /** - * @return Determines the key to enforce the `rate_limit_threshold` on. If not specified, defaults to `ALL`. - * - * * `ALL`: A single rate limit threshold is applied to all the requests matching this rule. - * * `IP`: The source IP address of the request is the key. Each IP has this limit enforced separately. - * * `HTTP_HEADER`: The value of the HTTP header whose name is configured on `enforce_on_key_name`. The key value is truncated to the first 128 bytes of the header value. If no such header is present in the request, the key type defaults to `ALL`. - * * `XFF_IP`: The first IP address (i.e. the originating client IP address) specified in the list of IPs under X-Forwarded-For HTTP header. If no such header is present or the value is not a valid IP, the key type defaults to `ALL`. - * * `HTTP_COOKIE`: The value of the HTTP cookie whose name is configured under `enforce_on_key_name`. The key value is truncated to the first 128 bytes of the cookie value. If no such cookie is present in the request, the key type defaults to `ALL`. - * * `HTTP_PATH`: The URL path of the HTTP request. The key value is truncated to the first 128 bytes - * * `SNI`: Server name indication in the TLS session of the HTTPS request. The key value is truncated to the first 128 bytes. The key type defaults to `ALL` on a HTTP session. - * * `REGION_CODE`: The country/region from which the request originates. + * @return Determines the key to enforce the rateLimitThreshold on. Possible values are: + * * ALL: A single rate limit threshold is applied to all the requests matching this rule. This is the default value if "enforceOnKeyConfigs" is not configured. + * * IP: The source IP address of the request is the key. Each IP has this limit enforced separately. + * * HTTP_HEADER: The value of the HTTP header whose name is configured under "enforceOnKeyName". The key value is truncated to the first 128 bytes of the header value. If no such header is present in the request, the key type defaults to ALL. + * * XFF_IP: The first IP address (i.e. the originating client IP address) specified in the list of IPs under X-Forwarded-For HTTP header. If no such header is present or the value is not a valid IP, the key defaults to the source IP address of the request i.e. key type IP. + * * HTTP_COOKIE: The value of the HTTP cookie whose name is configured under "enforceOnKeyName". The key value is truncated to the first 128 bytes of the cookie value. If no such cookie is present in the request, the key type defaults to ALL. + * * HTTP_PATH: The URL path of the HTTP request. The key value is truncated to the first 128 bytes. + * * SNI: Server name indication in the TLS session of the HTTPS request. The key value is truncated to the first 128 bytes. The key type defaults to ALL on a HTTP session. + * * REGION_CODE: The country/region from which the request originates. + * * TLS_JA3_FINGERPRINT: JA3 TLS/SSL fingerprint if the client connects using HTTPS, HTTP/2 or HTTP/3. If not available, the key type defaults to ALL. + * * USER_IP: The IP address of the originating client, which is resolved based on "userIpRequestHeaders" configured with the security policy. If there is no "userIpRequestHeaders" configuration or an IP address cannot be resolved from it, the key type defaults to IP. + * Possible values are: `ALL`, `IP`, `HTTP_HEADER`, `XFF_IP`, `HTTP_COOKIE`, `HTTP_PATH`, `SNI`, `REGION_CODE`, `TLS_JA3_FINGERPRINT`, `USER_IP`. * */ public Optional enforceOnKeyType() { diff --git a/sdk/java/src/main/java/com/pulumi/gcp/compute/outputs/SecurityPolicyRuleRateLimitOptionsExceedRedirectOptions.java b/sdk/java/src/main/java/com/pulumi/gcp/compute/outputs/SecurityPolicyRuleRateLimitOptionsExceedRedirectOptions.java index 4704ce9be9..7257a545f5 100644 --- a/sdk/java/src/main/java/com/pulumi/gcp/compute/outputs/SecurityPolicyRuleRateLimitOptionsExceedRedirectOptions.java +++ b/sdk/java/src/main/java/com/pulumi/gcp/compute/outputs/SecurityPolicyRuleRateLimitOptionsExceedRedirectOptions.java @@ -4,7 +4,6 @@ package com.pulumi.gcp.compute.outputs; import com.pulumi.core.annotations.CustomType; -import com.pulumi.exceptions.MissingRequiredPropertyException; import java.lang.String; import java.util.Objects; import java.util.Optional; @@ -13,7 +12,7 @@ @CustomType public final class SecurityPolicyRuleRateLimitOptionsExceedRedirectOptions { /** - * @return Target for the redirect action. This is required if the type is `EXTERNAL_302` and cannot be specified for `GOOGLE_RECAPTCHA`. + * @return Target for the redirect action. This is required if the type is EXTERNAL_302 and cannot be specified for GOOGLE_RECAPTCHA. * */ private @Nullable String target; @@ -21,11 +20,11 @@ public final class SecurityPolicyRuleRateLimitOptionsExceedRedirectOptions { * @return Type of the redirect action. * */ - private String type; + private @Nullable String type; private SecurityPolicyRuleRateLimitOptionsExceedRedirectOptions() {} /** - * @return Target for the redirect action. This is required if the type is `EXTERNAL_302` and cannot be specified for `GOOGLE_RECAPTCHA`. + * @return Target for the redirect action. This is required if the type is EXTERNAL_302 and cannot be specified for GOOGLE_RECAPTCHA. * */ public Optional target() { @@ -35,8 +34,8 @@ public Optional target() { * @return Type of the redirect action. * */ - public String type() { - return this.type; + public Optional type() { + return Optional.ofNullable(this.type); } public static Builder builder() { @@ -49,7 +48,7 @@ public static Builder builder(SecurityPolicyRuleRateLimitOptionsExceedRedirectOp @CustomType.Builder public static final class Builder { private @Nullable String target; - private String type; + private @Nullable String type; public Builder() {} public Builder(SecurityPolicyRuleRateLimitOptionsExceedRedirectOptions defaults) { Objects.requireNonNull(defaults); @@ -64,10 +63,8 @@ public Builder target(@Nullable String target) { return this; } @CustomType.Setter - public Builder type(String type) { - if (type == null) { - throw new MissingRequiredPropertyException("SecurityPolicyRuleRateLimitOptionsExceedRedirectOptions", "type"); - } + public Builder type(@Nullable String type) { + this.type = type; return this; } diff --git a/sdk/java/src/main/java/com/pulumi/gcp/compute/outputs/SecurityPolicyRuleRateLimitOptionsRateLimitThreshold.java b/sdk/java/src/main/java/com/pulumi/gcp/compute/outputs/SecurityPolicyRuleRateLimitOptionsRateLimitThreshold.java index 0bdf499ed8..47eaf646be 100644 --- a/sdk/java/src/main/java/com/pulumi/gcp/compute/outputs/SecurityPolicyRuleRateLimitOptionsRateLimitThreshold.java +++ b/sdk/java/src/main/java/com/pulumi/gcp/compute/outputs/SecurityPolicyRuleRateLimitOptionsRateLimitThreshold.java @@ -4,9 +4,10 @@ package com.pulumi.gcp.compute.outputs; import com.pulumi.core.annotations.CustomType; -import com.pulumi.exceptions.MissingRequiredPropertyException; import java.lang.Integer; import java.util.Objects; +import java.util.Optional; +import javax.annotation.Nullable; @CustomType public final class SecurityPolicyRuleRateLimitOptionsRateLimitThreshold { @@ -14,27 +15,27 @@ public final class SecurityPolicyRuleRateLimitOptionsRateLimitThreshold { * @return Number of HTTP(S) requests for calculating the threshold. * */ - private Integer count; + private @Nullable Integer count; /** * @return Interval over which the threshold is computed. * */ - private Integer intervalSec; + private @Nullable Integer intervalSec; private SecurityPolicyRuleRateLimitOptionsRateLimitThreshold() {} /** * @return Number of HTTP(S) requests for calculating the threshold. * */ - public Integer count() { - return this.count; + public Optional count() { + return Optional.ofNullable(this.count); } /** * @return Interval over which the threshold is computed. * */ - public Integer intervalSec() { - return this.intervalSec; + public Optional intervalSec() { + return Optional.ofNullable(this.intervalSec); } public static Builder builder() { @@ -46,8 +47,8 @@ public static Builder builder(SecurityPolicyRuleRateLimitOptionsRateLimitThresho } @CustomType.Builder public static final class Builder { - private Integer count; - private Integer intervalSec; + private @Nullable Integer count; + private @Nullable Integer intervalSec; public Builder() {} public Builder(SecurityPolicyRuleRateLimitOptionsRateLimitThreshold defaults) { Objects.requireNonNull(defaults); @@ -56,18 +57,14 @@ public Builder(SecurityPolicyRuleRateLimitOptionsRateLimitThreshold defaults) { } @CustomType.Setter - public Builder count(Integer count) { - if (count == null) { - throw new MissingRequiredPropertyException("SecurityPolicyRuleRateLimitOptionsRateLimitThreshold", "count"); - } + public Builder count(@Nullable Integer count) { + this.count = count; return this; } @CustomType.Setter - public Builder intervalSec(Integer intervalSec) { - if (intervalSec == null) { - throw new MissingRequiredPropertyException("SecurityPolicyRuleRateLimitOptionsRateLimitThreshold", "intervalSec"); - } + public Builder intervalSec(@Nullable Integer intervalSec) { + this.intervalSec = intervalSec; return this; } diff --git a/sdk/java/src/main/java/com/pulumi/gcp/container/inputs/ClusterNodeConfigArgs.java b/sdk/java/src/main/java/com/pulumi/gcp/container/inputs/ClusterNodeConfigArgs.java index e1f5690333..6cee415bec 100644 --- a/sdk/java/src/main/java/com/pulumi/gcp/container/inputs/ClusterNodeConfigArgs.java +++ b/sdk/java/src/main/java/com/pulumi/gcp/container/inputs/ClusterNodeConfigArgs.java @@ -7,6 +7,7 @@ import com.pulumi.core.annotations.Import; import com.pulumi.gcp.container.inputs.ClusterNodeConfigAdvancedMachineFeaturesArgs; import com.pulumi.gcp.container.inputs.ClusterNodeConfigConfidentialNodesArgs; +import com.pulumi.gcp.container.inputs.ClusterNodeConfigContainerdConfigArgs; import com.pulumi.gcp.container.inputs.ClusterNodeConfigEffectiveTaintArgs; import com.pulumi.gcp.container.inputs.ClusterNodeConfigEphemeralStorageConfigArgs; import com.pulumi.gcp.container.inputs.ClusterNodeConfigEphemeralStorageLocalSsdConfigArgs; @@ -87,6 +88,21 @@ public Optional> confidentialNode return Optional.ofNullable(this.confidentialNodes); } + /** + * Parameters to customize containerd runtime. Structure is documented below. + * + */ + @Import(name="containerdConfig") + private @Nullable Output containerdConfig; + + /** + * @return Parameters to customize containerd runtime. Structure is documented below. + * + */ + public Optional> containerdConfig() { + return Optional.ofNullable(this.containerdConfig); + } + /** * Size of the disk attached to each node, specified * in GB. The smallest allowed disk size is 10GB. Defaults to 100GB. @@ -729,6 +745,7 @@ private ClusterNodeConfigArgs(ClusterNodeConfigArgs $) { this.advancedMachineFeatures = $.advancedMachineFeatures; this.bootDiskKmsKey = $.bootDiskKmsKey; this.confidentialNodes = $.confidentialNodes; + this.containerdConfig = $.containerdConfig; this.diskSizeGb = $.diskSizeGb; this.diskType = $.diskType; this.effectiveTaints = $.effectiveTaints; @@ -850,6 +867,27 @@ public Builder confidentialNodes(ClusterNodeConfigConfidentialNodesArgs confiden return confidentialNodes(Output.of(confidentialNodes)); } + /** + * @param containerdConfig Parameters to customize containerd runtime. Structure is documented below. + * + * @return builder + * + */ + public Builder containerdConfig(@Nullable Output containerdConfig) { + $.containerdConfig = containerdConfig; + return this; + } + + /** + * @param containerdConfig Parameters to customize containerd runtime. Structure is documented below. + * + * @return builder + * + */ + public Builder containerdConfig(ClusterNodeConfigContainerdConfigArgs containerdConfig) { + return containerdConfig(Output.of(containerdConfig)); + } + /** * @param diskSizeGb Size of the disk attached to each node, specified * in GB. The smallest allowed disk size is 10GB. Defaults to 100GB. diff --git a/sdk/java/src/main/java/com/pulumi/gcp/container/inputs/ClusterNodeConfigContainerdConfigArgs.java b/sdk/java/src/main/java/com/pulumi/gcp/container/inputs/ClusterNodeConfigContainerdConfigArgs.java new file mode 100644 index 0000000000..c1340c1852 --- /dev/null +++ b/sdk/java/src/main/java/com/pulumi/gcp/container/inputs/ClusterNodeConfigContainerdConfigArgs.java @@ -0,0 +1,83 @@ +// *** WARNING: this file was generated by pulumi-java-gen. *** +// *** Do not edit by hand unless you're certain you know what you are doing! *** + +package com.pulumi.gcp.container.inputs; + +import com.pulumi.core.Output; +import com.pulumi.core.annotations.Import; +import com.pulumi.gcp.container.inputs.ClusterNodeConfigContainerdConfigPrivateRegistryAccessConfigArgs; +import java.util.Objects; +import java.util.Optional; +import javax.annotation.Nullable; + + +public final class ClusterNodeConfigContainerdConfigArgs extends com.pulumi.resources.ResourceArgs { + + public static final ClusterNodeConfigContainerdConfigArgs Empty = new ClusterNodeConfigContainerdConfigArgs(); + + /** + * Configuration for private container registries. There are two fields in this config: + * + */ + @Import(name="privateRegistryAccessConfig") + private @Nullable Output privateRegistryAccessConfig; + + /** + * @return Configuration for private container registries. There are two fields in this config: + * + */ + public Optional> privateRegistryAccessConfig() { + return Optional.ofNullable(this.privateRegistryAccessConfig); + } + + private ClusterNodeConfigContainerdConfigArgs() {} + + private ClusterNodeConfigContainerdConfigArgs(ClusterNodeConfigContainerdConfigArgs $) { + this.privateRegistryAccessConfig = $.privateRegistryAccessConfig; + } + + public static Builder builder() { + return new Builder(); + } + public static Builder builder(ClusterNodeConfigContainerdConfigArgs defaults) { + return new Builder(defaults); + } + + public static final class Builder { + private ClusterNodeConfigContainerdConfigArgs $; + + public Builder() { + $ = new ClusterNodeConfigContainerdConfigArgs(); + } + + public Builder(ClusterNodeConfigContainerdConfigArgs defaults) { + $ = new ClusterNodeConfigContainerdConfigArgs(Objects.requireNonNull(defaults)); + } + + /** + * @param privateRegistryAccessConfig Configuration for private container registries. There are two fields in this config: + * + * @return builder + * + */ + public Builder privateRegistryAccessConfig(@Nullable Output privateRegistryAccessConfig) { + $.privateRegistryAccessConfig = privateRegistryAccessConfig; + return this; + } + + /** + * @param privateRegistryAccessConfig Configuration for private container registries. There are two fields in this config: + * + * @return builder + * + */ + public Builder privateRegistryAccessConfig(ClusterNodeConfigContainerdConfigPrivateRegistryAccessConfigArgs privateRegistryAccessConfig) { + return privateRegistryAccessConfig(Output.of(privateRegistryAccessConfig)); + } + + public ClusterNodeConfigContainerdConfigArgs build() { + return $; + } + } + +} diff --git a/sdk/java/src/main/java/com/pulumi/gcp/container/inputs/ClusterNodeConfigContainerdConfigPrivateRegistryAccessConfigArgs.java b/sdk/java/src/main/java/com/pulumi/gcp/container/inputs/ClusterNodeConfigContainerdConfigPrivateRegistryAccessConfigArgs.java new file mode 100644 index 0000000000..c4255bfe49 --- /dev/null +++ b/sdk/java/src/main/java/com/pulumi/gcp/container/inputs/ClusterNodeConfigContainerdConfigPrivateRegistryAccessConfigArgs.java @@ -0,0 +1,136 @@ +// *** WARNING: this file was generated by pulumi-java-gen. *** +// *** Do not edit by hand unless you're certain you know what you are doing! *** + +package com.pulumi.gcp.container.inputs; + +import com.pulumi.core.Output; +import com.pulumi.core.annotations.Import; +import com.pulumi.exceptions.MissingRequiredPropertyException; +import com.pulumi.gcp.container.inputs.ClusterNodeConfigContainerdConfigPrivateRegistryAccessConfigCertificateAuthorityDomainConfigArgs; +import java.lang.Boolean; +import java.util.List; +import java.util.Objects; +import java.util.Optional; +import javax.annotation.Nullable; + + +public final class ClusterNodeConfigContainerdConfigPrivateRegistryAccessConfigArgs extends com.pulumi.resources.ResourceArgs { + + public static final ClusterNodeConfigContainerdConfigPrivateRegistryAccessConfigArgs Empty = new ClusterNodeConfigContainerdConfigPrivateRegistryAccessConfigArgs(); + + /** + * List of configuration objects for CA and domains. Each object identifies a certificate and its assigned domains. See [how to configure for private container registries](https://cloud.google.com/kubernetes-engine/docs/how-to/access-private-registries-private-certificates) for more detail. Example: + * + */ + @Import(name="certificateAuthorityDomainConfigs") + private @Nullable Output> certificateAuthorityDomainConfigs; + + /** + * @return List of configuration objects for CA and domains. Each object identifies a certificate and its assigned domains. See [how to configure for private container registries](https://cloud.google.com/kubernetes-engine/docs/how-to/access-private-registries-private-certificates) for more detail. Example: + * + */ + public Optional>> certificateAuthorityDomainConfigs() { + return Optional.ofNullable(this.certificateAuthorityDomainConfigs); + } + + /** + * Enables private registry config. If set to false, all other fields in this object must not be set. + * + */ + @Import(name="enabled", required=true) + private Output enabled; + + /** + * @return Enables private registry config. If set to false, all other fields in this object must not be set. + * + */ + public Output enabled() { + return this.enabled; + } + + private ClusterNodeConfigContainerdConfigPrivateRegistryAccessConfigArgs() {} + + private ClusterNodeConfigContainerdConfigPrivateRegistryAccessConfigArgs(ClusterNodeConfigContainerdConfigPrivateRegistryAccessConfigArgs $) { + this.certificateAuthorityDomainConfigs = $.certificateAuthorityDomainConfigs; + this.enabled = $.enabled; + } + + public static Builder builder() { + return new Builder(); + } + public static Builder builder(ClusterNodeConfigContainerdConfigPrivateRegistryAccessConfigArgs defaults) { + return new Builder(defaults); + } + + public static final class Builder { + private ClusterNodeConfigContainerdConfigPrivateRegistryAccessConfigArgs $; + + public Builder() { + $ = new ClusterNodeConfigContainerdConfigPrivateRegistryAccessConfigArgs(); + } + + public Builder(ClusterNodeConfigContainerdConfigPrivateRegistryAccessConfigArgs defaults) { + $ = new ClusterNodeConfigContainerdConfigPrivateRegistryAccessConfigArgs(Objects.requireNonNull(defaults)); + } + + /** + * @param certificateAuthorityDomainConfigs List of configuration objects for CA and domains. Each object identifies a certificate and its assigned domains. See [how to configure for private container registries](https://cloud.google.com/kubernetes-engine/docs/how-to/access-private-registries-private-certificates) for more detail. Example: + * + * @return builder + * + */ + public Builder certificateAuthorityDomainConfigs(@Nullable Output> certificateAuthorityDomainConfigs) { + $.certificateAuthorityDomainConfigs = certificateAuthorityDomainConfigs; + return this; + } + + /** + * @param certificateAuthorityDomainConfigs List of configuration objects for CA and domains. Each object identifies a certificate and its assigned domains. See [how to configure for private container registries](https://cloud.google.com/kubernetes-engine/docs/how-to/access-private-registries-private-certificates) for more detail. Example: + * + * @return builder + * + */ + public Builder certificateAuthorityDomainConfigs(List certificateAuthorityDomainConfigs) { + return certificateAuthorityDomainConfigs(Output.of(certificateAuthorityDomainConfigs)); + } + + /** + * @param certificateAuthorityDomainConfigs List of configuration objects for CA and domains. Each object identifies a certificate and its assigned domains. See [how to configure for private container registries](https://cloud.google.com/kubernetes-engine/docs/how-to/access-private-registries-private-certificates) for more detail. Example: + * + * @return builder + * + */ + public Builder certificateAuthorityDomainConfigs(ClusterNodeConfigContainerdConfigPrivateRegistryAccessConfigCertificateAuthorityDomainConfigArgs... certificateAuthorityDomainConfigs) { + return certificateAuthorityDomainConfigs(List.of(certificateAuthorityDomainConfigs)); + } + + /** + * @param enabled Enables private registry config. If set to false, all other fields in this object must not be set. + * + * @return builder + * + */ + public Builder enabled(Output enabled) { + $.enabled = enabled; + return this; + } + + /** + * @param enabled Enables private registry config. If set to false, all other fields in this object must not be set. + * + * @return builder + * + */ + public Builder enabled(Boolean enabled) { + return enabled(Output.of(enabled)); + } + + public ClusterNodeConfigContainerdConfigPrivateRegistryAccessConfigArgs build() { + if ($.enabled == null) { + throw new MissingRequiredPropertyException("ClusterNodeConfigContainerdConfigPrivateRegistryAccessConfigArgs", "enabled"); + } + return $; + } + } + +} diff --git a/sdk/java/src/main/java/com/pulumi/gcp/container/inputs/ClusterNodeConfigContainerdConfigPrivateRegistryAccessConfigCertificateAuthorityDomainConfigArgs.java b/sdk/java/src/main/java/com/pulumi/gcp/container/inputs/ClusterNodeConfigContainerdConfigPrivateRegistryAccessConfigCertificateAuthorityDomainConfigArgs.java new file mode 100644 index 0000000000..3499a10b26 --- /dev/null +++ b/sdk/java/src/main/java/com/pulumi/gcp/container/inputs/ClusterNodeConfigContainerdConfigPrivateRegistryAccessConfigCertificateAuthorityDomainConfigArgs.java @@ -0,0 +1,137 @@ +// *** WARNING: this file was generated by pulumi-java-gen. *** +// *** Do not edit by hand unless you're certain you know what you are doing! *** + +package com.pulumi.gcp.container.inputs; + +import com.pulumi.core.Output; +import com.pulumi.core.annotations.Import; +import com.pulumi.exceptions.MissingRequiredPropertyException; +import com.pulumi.gcp.container.inputs.ClusterNodeConfigContainerdConfigPrivateRegistryAccessConfigCertificateAuthorityDomainConfigGcpSecretManagerCertificateConfigArgs; +import java.lang.String; +import java.util.List; +import java.util.Objects; + + +public final class ClusterNodeConfigContainerdConfigPrivateRegistryAccessConfigCertificateAuthorityDomainConfigArgs extends com.pulumi.resources.ResourceArgs { + + public static final ClusterNodeConfigContainerdConfigPrivateRegistryAccessConfigCertificateAuthorityDomainConfigArgs Empty = new ClusterNodeConfigContainerdConfigPrivateRegistryAccessConfigCertificateAuthorityDomainConfigArgs(); + + /** + * List of fully-qualified-domain-names. IPv4s and port specification are supported. + * + */ + @Import(name="fqdns", required=true) + private Output> fqdns; + + /** + * @return List of fully-qualified-domain-names. IPv4s and port specification are supported. + * + */ + public Output> fqdns() { + return this.fqdns; + } + + /** + * Parameters for configuring a certificate hosted in GCP SecretManager. + * + */ + @Import(name="gcpSecretManagerCertificateConfig", required=true) + private Output gcpSecretManagerCertificateConfig; + + /** + * @return Parameters for configuring a certificate hosted in GCP SecretManager. + * + */ + public Output gcpSecretManagerCertificateConfig() { + return this.gcpSecretManagerCertificateConfig; + } + + private ClusterNodeConfigContainerdConfigPrivateRegistryAccessConfigCertificateAuthorityDomainConfigArgs() {} + + private ClusterNodeConfigContainerdConfigPrivateRegistryAccessConfigCertificateAuthorityDomainConfigArgs(ClusterNodeConfigContainerdConfigPrivateRegistryAccessConfigCertificateAuthorityDomainConfigArgs $) { + this.fqdns = $.fqdns; + this.gcpSecretManagerCertificateConfig = $.gcpSecretManagerCertificateConfig; + } + + public static Builder builder() { + return new Builder(); + } + public static Builder builder(ClusterNodeConfigContainerdConfigPrivateRegistryAccessConfigCertificateAuthorityDomainConfigArgs defaults) { + return new Builder(defaults); + } + + public static final class Builder { + private ClusterNodeConfigContainerdConfigPrivateRegistryAccessConfigCertificateAuthorityDomainConfigArgs $; + + public Builder() { + $ = new ClusterNodeConfigContainerdConfigPrivateRegistryAccessConfigCertificateAuthorityDomainConfigArgs(); + } + + public Builder(ClusterNodeConfigContainerdConfigPrivateRegistryAccessConfigCertificateAuthorityDomainConfigArgs defaults) { + $ = new ClusterNodeConfigContainerdConfigPrivateRegistryAccessConfigCertificateAuthorityDomainConfigArgs(Objects.requireNonNull(defaults)); + } + + /** + * @param fqdns List of fully-qualified-domain-names. IPv4s and port specification are supported. + * + * @return builder + * + */ + public Builder fqdns(Output> fqdns) { + $.fqdns = fqdns; + return this; + } + + /** + * @param fqdns List of fully-qualified-domain-names. IPv4s and port specification are supported. + * + * @return builder + * + */ + public Builder fqdns(List fqdns) { + return fqdns(Output.of(fqdns)); + } + + /** + * @param fqdns List of fully-qualified-domain-names. IPv4s and port specification are supported. + * + * @return builder + * + */ + public Builder fqdns(String... fqdns) { + return fqdns(List.of(fqdns)); + } + + /** + * @param gcpSecretManagerCertificateConfig Parameters for configuring a certificate hosted in GCP SecretManager. + * + * @return builder + * + */ + public Builder gcpSecretManagerCertificateConfig(Output gcpSecretManagerCertificateConfig) { + $.gcpSecretManagerCertificateConfig = gcpSecretManagerCertificateConfig; + return this; + } + + /** + * @param gcpSecretManagerCertificateConfig Parameters for configuring a certificate hosted in GCP SecretManager. + * + * @return builder + * + */ + public Builder gcpSecretManagerCertificateConfig(ClusterNodeConfigContainerdConfigPrivateRegistryAccessConfigCertificateAuthorityDomainConfigGcpSecretManagerCertificateConfigArgs gcpSecretManagerCertificateConfig) { + return gcpSecretManagerCertificateConfig(Output.of(gcpSecretManagerCertificateConfig)); + } + + public ClusterNodeConfigContainerdConfigPrivateRegistryAccessConfigCertificateAuthorityDomainConfigArgs build() { + if ($.fqdns == null) { + throw new MissingRequiredPropertyException("ClusterNodeConfigContainerdConfigPrivateRegistryAccessConfigCertificateAuthorityDomainConfigArgs", "fqdns"); + } + if ($.gcpSecretManagerCertificateConfig == null) { + throw new MissingRequiredPropertyException("ClusterNodeConfigContainerdConfigPrivateRegistryAccessConfigCertificateAuthorityDomainConfigArgs", "gcpSecretManagerCertificateConfig"); + } + return $; + } + } + +} diff --git a/sdk/java/src/main/java/com/pulumi/gcp/container/inputs/ClusterNodeConfigContainerdConfigPrivateRegistryAccessConfigCertificateAuthorityDomainConfigGcpSecretManagerCertificateConfigArgs.java b/sdk/java/src/main/java/com/pulumi/gcp/container/inputs/ClusterNodeConfigContainerdConfigPrivateRegistryAccessConfigCertificateAuthorityDomainConfigGcpSecretManagerCertificateConfigArgs.java new file mode 100644 index 0000000000..6aa7ab3728 --- /dev/null +++ b/sdk/java/src/main/java/com/pulumi/gcp/container/inputs/ClusterNodeConfigContainerdConfigPrivateRegistryAccessConfigCertificateAuthorityDomainConfigGcpSecretManagerCertificateConfigArgs.java @@ -0,0 +1,85 @@ +// *** WARNING: this file was generated by pulumi-java-gen. *** +// *** Do not edit by hand unless you're certain you know what you are doing! *** + +package com.pulumi.gcp.container.inputs; + +import com.pulumi.core.Output; +import com.pulumi.core.annotations.Import; +import com.pulumi.exceptions.MissingRequiredPropertyException; +import java.lang.String; +import java.util.Objects; + + +public final class ClusterNodeConfigContainerdConfigPrivateRegistryAccessConfigCertificateAuthorityDomainConfigGcpSecretManagerCertificateConfigArgs extends com.pulumi.resources.ResourceArgs { + + public static final ClusterNodeConfigContainerdConfigPrivateRegistryAccessConfigCertificateAuthorityDomainConfigGcpSecretManagerCertificateConfigArgs Empty = new ClusterNodeConfigContainerdConfigPrivateRegistryAccessConfigCertificateAuthorityDomainConfigGcpSecretManagerCertificateConfigArgs(); + + /** + * URI for the secret that hosts a certificate. Must be in the format 'projects/PROJECT_NUM/secrets/SECRET_NAME/versions/VERSION_OR_LATEST'. + * + */ + @Import(name="secretUri", required=true) + private Output secretUri; + + /** + * @return URI for the secret that hosts a certificate. Must be in the format 'projects/PROJECT_NUM/secrets/SECRET_NAME/versions/VERSION_OR_LATEST'. + * + */ + public Output secretUri() { + return this.secretUri; + } + + private ClusterNodeConfigContainerdConfigPrivateRegistryAccessConfigCertificateAuthorityDomainConfigGcpSecretManagerCertificateConfigArgs() {} + + private ClusterNodeConfigContainerdConfigPrivateRegistryAccessConfigCertificateAuthorityDomainConfigGcpSecretManagerCertificateConfigArgs(ClusterNodeConfigContainerdConfigPrivateRegistryAccessConfigCertificateAuthorityDomainConfigGcpSecretManagerCertificateConfigArgs $) { + this.secretUri = $.secretUri; + } + + public static Builder builder() { + return new Builder(); + } + public static Builder builder(ClusterNodeConfigContainerdConfigPrivateRegistryAccessConfigCertificateAuthorityDomainConfigGcpSecretManagerCertificateConfigArgs defaults) { + return new Builder(defaults); + } + + public static final class Builder { + private ClusterNodeConfigContainerdConfigPrivateRegistryAccessConfigCertificateAuthorityDomainConfigGcpSecretManagerCertificateConfigArgs $; + + public Builder() { + $ = new ClusterNodeConfigContainerdConfigPrivateRegistryAccessConfigCertificateAuthorityDomainConfigGcpSecretManagerCertificateConfigArgs(); + } + + public Builder(ClusterNodeConfigContainerdConfigPrivateRegistryAccessConfigCertificateAuthorityDomainConfigGcpSecretManagerCertificateConfigArgs defaults) { + $ = new ClusterNodeConfigContainerdConfigPrivateRegistryAccessConfigCertificateAuthorityDomainConfigGcpSecretManagerCertificateConfigArgs(Objects.requireNonNull(defaults)); + } + + /** + * @param secretUri URI for the secret that hosts a certificate. Must be in the format 'projects/PROJECT_NUM/secrets/SECRET_NAME/versions/VERSION_OR_LATEST'. + * + * @return builder + * + */ + public Builder secretUri(Output secretUri) { + $.secretUri = secretUri; + return this; + } + + /** + * @param secretUri URI for the secret that hosts a certificate. Must be in the format 'projects/PROJECT_NUM/secrets/SECRET_NAME/versions/VERSION_OR_LATEST'. + * + * @return builder + * + */ + public Builder secretUri(String secretUri) { + return secretUri(Output.of(secretUri)); + } + + public ClusterNodeConfigContainerdConfigPrivateRegistryAccessConfigCertificateAuthorityDomainConfigGcpSecretManagerCertificateConfigArgs build() { + if ($.secretUri == null) { + throw new MissingRequiredPropertyException("ClusterNodeConfigContainerdConfigPrivateRegistryAccessConfigCertificateAuthorityDomainConfigGcpSecretManagerCertificateConfigArgs", "secretUri"); + } + return $; + } + } + +} diff --git a/sdk/java/src/main/java/com/pulumi/gcp/container/inputs/ClusterNodePoolDefaultsNodeConfigDefaultsArgs.java b/sdk/java/src/main/java/com/pulumi/gcp/container/inputs/ClusterNodePoolDefaultsNodeConfigDefaultsArgs.java index 1b74aa817b..dcc892cf5a 100644 --- a/sdk/java/src/main/java/com/pulumi/gcp/container/inputs/ClusterNodePoolDefaultsNodeConfigDefaultsArgs.java +++ b/sdk/java/src/main/java/com/pulumi/gcp/container/inputs/ClusterNodePoolDefaultsNodeConfigDefaultsArgs.java @@ -5,6 +5,7 @@ import com.pulumi.core.Output; import com.pulumi.core.annotations.Import; +import com.pulumi.gcp.container.inputs.ClusterNodePoolDefaultsNodeConfigDefaultsContainerdConfigArgs; import com.pulumi.gcp.container.inputs.ClusterNodePoolDefaultsNodeConfigDefaultsGcfsConfigArgs; import java.lang.String; import java.util.Objects; @@ -16,6 +17,21 @@ public final class ClusterNodePoolDefaultsNodeConfigDefaultsArgs extends com.pul public static final ClusterNodePoolDefaultsNodeConfigDefaultsArgs Empty = new ClusterNodePoolDefaultsNodeConfigDefaultsArgs(); + /** + * Parameters for containerd configuration. + * + */ + @Import(name="containerdConfig") + private @Nullable Output containerdConfig; + + /** + * @return Parameters for containerd configuration. + * + */ + public Optional> containerdConfig() { + return Optional.ofNullable(this.containerdConfig); + } + /** * The default Google Container Filesystem (GCFS) configuration at the cluster level. e.g. enable [image streaming](https://cloud.google.com/kubernetes-engine/docs/how-to/image-streaming) across all the node pools within the cluster. Structure is documented below. * @@ -49,6 +65,7 @@ public Optional> loggingVariant() { private ClusterNodePoolDefaultsNodeConfigDefaultsArgs() {} private ClusterNodePoolDefaultsNodeConfigDefaultsArgs(ClusterNodePoolDefaultsNodeConfigDefaultsArgs $) { + this.containerdConfig = $.containerdConfig; this.gcfsConfig = $.gcfsConfig; this.loggingVariant = $.loggingVariant; } @@ -71,6 +88,27 @@ public Builder(ClusterNodePoolDefaultsNodeConfigDefaultsArgs defaults) { $ = new ClusterNodePoolDefaultsNodeConfigDefaultsArgs(Objects.requireNonNull(defaults)); } + /** + * @param containerdConfig Parameters for containerd configuration. + * + * @return builder + * + */ + public Builder containerdConfig(@Nullable Output containerdConfig) { + $.containerdConfig = containerdConfig; + return this; + } + + /** + * @param containerdConfig Parameters for containerd configuration. + * + * @return builder + * + */ + public Builder containerdConfig(ClusterNodePoolDefaultsNodeConfigDefaultsContainerdConfigArgs containerdConfig) { + return containerdConfig(Output.of(containerdConfig)); + } + /** * @param gcfsConfig The default Google Container Filesystem (GCFS) configuration at the cluster level. e.g. enable [image streaming](https://cloud.google.com/kubernetes-engine/docs/how-to/image-streaming) across all the node pools within the cluster. Structure is documented below. * diff --git a/sdk/java/src/main/java/com/pulumi/gcp/container/inputs/ClusterNodePoolDefaultsNodeConfigDefaultsContainerdConfigArgs.java b/sdk/java/src/main/java/com/pulumi/gcp/container/inputs/ClusterNodePoolDefaultsNodeConfigDefaultsContainerdConfigArgs.java new file mode 100644 index 0000000000..1321f7d5a7 --- /dev/null +++ b/sdk/java/src/main/java/com/pulumi/gcp/container/inputs/ClusterNodePoolDefaultsNodeConfigDefaultsContainerdConfigArgs.java @@ -0,0 +1,83 @@ +// *** WARNING: this file was generated by pulumi-java-gen. *** +// *** Do not edit by hand unless you're certain you know what you are doing! *** + +package com.pulumi.gcp.container.inputs; + +import com.pulumi.core.Output; +import com.pulumi.core.annotations.Import; +import com.pulumi.gcp.container.inputs.ClusterNodePoolDefaultsNodeConfigDefaultsContainerdConfigPrivateRegistryAccessConfigArgs; +import java.util.Objects; +import java.util.Optional; +import javax.annotation.Nullable; + + +public final class ClusterNodePoolDefaultsNodeConfigDefaultsContainerdConfigArgs extends com.pulumi.resources.ResourceArgs { + + public static final ClusterNodePoolDefaultsNodeConfigDefaultsContainerdConfigArgs Empty = new ClusterNodePoolDefaultsNodeConfigDefaultsContainerdConfigArgs(); + + /** + * Configuration for private container registries. There are two fields in this config: + * + */ + @Import(name="privateRegistryAccessConfig") + private @Nullable Output privateRegistryAccessConfig; + + /** + * @return Configuration for private container registries. There are two fields in this config: + * + */ + public Optional> privateRegistryAccessConfig() { + return Optional.ofNullable(this.privateRegistryAccessConfig); + } + + private ClusterNodePoolDefaultsNodeConfigDefaultsContainerdConfigArgs() {} + + private ClusterNodePoolDefaultsNodeConfigDefaultsContainerdConfigArgs(ClusterNodePoolDefaultsNodeConfigDefaultsContainerdConfigArgs $) { + this.privateRegistryAccessConfig = $.privateRegistryAccessConfig; + } + + public static Builder builder() { + return new Builder(); + } + public static Builder builder(ClusterNodePoolDefaultsNodeConfigDefaultsContainerdConfigArgs defaults) { + return new Builder(defaults); + } + + public static final class Builder { + private ClusterNodePoolDefaultsNodeConfigDefaultsContainerdConfigArgs $; + + public Builder() { + $ = new ClusterNodePoolDefaultsNodeConfigDefaultsContainerdConfigArgs(); + } + + public Builder(ClusterNodePoolDefaultsNodeConfigDefaultsContainerdConfigArgs defaults) { + $ = new ClusterNodePoolDefaultsNodeConfigDefaultsContainerdConfigArgs(Objects.requireNonNull(defaults)); + } + + /** + * @param privateRegistryAccessConfig Configuration for private container registries. There are two fields in this config: + * + * @return builder + * + */ + public Builder privateRegistryAccessConfig(@Nullable Output privateRegistryAccessConfig) { + $.privateRegistryAccessConfig = privateRegistryAccessConfig; + return this; + } + + /** + * @param privateRegistryAccessConfig Configuration for private container registries. There are two fields in this config: + * + * @return builder + * + */ + public Builder privateRegistryAccessConfig(ClusterNodePoolDefaultsNodeConfigDefaultsContainerdConfigPrivateRegistryAccessConfigArgs privateRegistryAccessConfig) { + return privateRegistryAccessConfig(Output.of(privateRegistryAccessConfig)); + } + + public ClusterNodePoolDefaultsNodeConfigDefaultsContainerdConfigArgs build() { + return $; + } + } + +} diff --git a/sdk/java/src/main/java/com/pulumi/gcp/container/inputs/ClusterNodePoolDefaultsNodeConfigDefaultsContainerdConfigPrivateRegistryAccessConfigArgs.java b/sdk/java/src/main/java/com/pulumi/gcp/container/inputs/ClusterNodePoolDefaultsNodeConfigDefaultsContainerdConfigPrivateRegistryAccessConfigArgs.java new file mode 100644 index 0000000000..dccef136fa --- /dev/null +++ b/sdk/java/src/main/java/com/pulumi/gcp/container/inputs/ClusterNodePoolDefaultsNodeConfigDefaultsContainerdConfigPrivateRegistryAccessConfigArgs.java @@ -0,0 +1,136 @@ +// *** WARNING: this file was generated by pulumi-java-gen. *** +// *** Do not edit by hand unless you're certain you know what you are doing! *** + +package com.pulumi.gcp.container.inputs; + +import com.pulumi.core.Output; +import com.pulumi.core.annotations.Import; +import com.pulumi.exceptions.MissingRequiredPropertyException; +import com.pulumi.gcp.container.inputs.ClusterNodePoolDefaultsNodeConfigDefaultsContainerdConfigPrivateRegistryAccessConfigCertificateAuthorityDomainConfigArgs; +import java.lang.Boolean; +import java.util.List; +import java.util.Objects; +import java.util.Optional; +import javax.annotation.Nullable; + + +public final class ClusterNodePoolDefaultsNodeConfigDefaultsContainerdConfigPrivateRegistryAccessConfigArgs extends com.pulumi.resources.ResourceArgs { + + public static final ClusterNodePoolDefaultsNodeConfigDefaultsContainerdConfigPrivateRegistryAccessConfigArgs Empty = new ClusterNodePoolDefaultsNodeConfigDefaultsContainerdConfigPrivateRegistryAccessConfigArgs(); + + /** + * List of configuration objects for CA and domains. Each object identifies a certificate and its assigned domains. See [how to configure for private container registries](https://cloud.google.com/kubernetes-engine/docs/how-to/access-private-registries-private-certificates) for more detail. Example: + * + */ + @Import(name="certificateAuthorityDomainConfigs") + private @Nullable Output> certificateAuthorityDomainConfigs; + + /** + * @return List of configuration objects for CA and domains. Each object identifies a certificate and its assigned domains. See [how to configure for private container registries](https://cloud.google.com/kubernetes-engine/docs/how-to/access-private-registries-private-certificates) for more detail. Example: + * + */ + public Optional>> certificateAuthorityDomainConfigs() { + return Optional.ofNullable(this.certificateAuthorityDomainConfigs); + } + + /** + * Enables private registry config. If set to false, all other fields in this object must not be set. + * + */ + @Import(name="enabled", required=true) + private Output enabled; + + /** + * @return Enables private registry config. If set to false, all other fields in this object must not be set. + * + */ + public Output enabled() { + return this.enabled; + } + + private ClusterNodePoolDefaultsNodeConfigDefaultsContainerdConfigPrivateRegistryAccessConfigArgs() {} + + private ClusterNodePoolDefaultsNodeConfigDefaultsContainerdConfigPrivateRegistryAccessConfigArgs(ClusterNodePoolDefaultsNodeConfigDefaultsContainerdConfigPrivateRegistryAccessConfigArgs $) { + this.certificateAuthorityDomainConfigs = $.certificateAuthorityDomainConfigs; + this.enabled = $.enabled; + } + + public static Builder builder() { + return new Builder(); + } + public static Builder builder(ClusterNodePoolDefaultsNodeConfigDefaultsContainerdConfigPrivateRegistryAccessConfigArgs defaults) { + return new Builder(defaults); + } + + public static final class Builder { + private ClusterNodePoolDefaultsNodeConfigDefaultsContainerdConfigPrivateRegistryAccessConfigArgs $; + + public Builder() { + $ = new ClusterNodePoolDefaultsNodeConfigDefaultsContainerdConfigPrivateRegistryAccessConfigArgs(); + } + + public Builder(ClusterNodePoolDefaultsNodeConfigDefaultsContainerdConfigPrivateRegistryAccessConfigArgs defaults) { + $ = new ClusterNodePoolDefaultsNodeConfigDefaultsContainerdConfigPrivateRegistryAccessConfigArgs(Objects.requireNonNull(defaults)); + } + + /** + * @param certificateAuthorityDomainConfigs List of configuration objects for CA and domains. Each object identifies a certificate and its assigned domains. See [how to configure for private container registries](https://cloud.google.com/kubernetes-engine/docs/how-to/access-private-registries-private-certificates) for more detail. Example: + * + * @return builder + * + */ + public Builder certificateAuthorityDomainConfigs(@Nullable Output> certificateAuthorityDomainConfigs) { + $.certificateAuthorityDomainConfigs = certificateAuthorityDomainConfigs; + return this; + } + + /** + * @param certificateAuthorityDomainConfigs List of configuration objects for CA and domains. Each object identifies a certificate and its assigned domains. See [how to configure for private container registries](https://cloud.google.com/kubernetes-engine/docs/how-to/access-private-registries-private-certificates) for more detail. Example: + * + * @return builder + * + */ + public Builder certificateAuthorityDomainConfigs(List certificateAuthorityDomainConfigs) { + return certificateAuthorityDomainConfigs(Output.of(certificateAuthorityDomainConfigs)); + } + + /** + * @param certificateAuthorityDomainConfigs List of configuration objects for CA and domains. Each object identifies a certificate and its assigned domains. See [how to configure for private container registries](https://cloud.google.com/kubernetes-engine/docs/how-to/access-private-registries-private-certificates) for more detail. Example: + * + * @return builder + * + */ + public Builder certificateAuthorityDomainConfigs(ClusterNodePoolDefaultsNodeConfigDefaultsContainerdConfigPrivateRegistryAccessConfigCertificateAuthorityDomainConfigArgs... certificateAuthorityDomainConfigs) { + return certificateAuthorityDomainConfigs(List.of(certificateAuthorityDomainConfigs)); + } + + /** + * @param enabled Enables private registry config. If set to false, all other fields in this object must not be set. + * + * @return builder + * + */ + public Builder enabled(Output enabled) { + $.enabled = enabled; + return this; + } + + /** + * @param enabled Enables private registry config. If set to false, all other fields in this object must not be set. + * + * @return builder + * + */ + public Builder enabled(Boolean enabled) { + return enabled(Output.of(enabled)); + } + + public ClusterNodePoolDefaultsNodeConfigDefaultsContainerdConfigPrivateRegistryAccessConfigArgs build() { + if ($.enabled == null) { + throw new MissingRequiredPropertyException("ClusterNodePoolDefaultsNodeConfigDefaultsContainerdConfigPrivateRegistryAccessConfigArgs", "enabled"); + } + return $; + } + } + +} diff --git a/sdk/java/src/main/java/com/pulumi/gcp/container/inputs/ClusterNodePoolDefaultsNodeConfigDefaultsContainerdConfigPrivateRegistryAccessConfigCertificateAuthorityDomainConfigArgs.java b/sdk/java/src/main/java/com/pulumi/gcp/container/inputs/ClusterNodePoolDefaultsNodeConfigDefaultsContainerdConfigPrivateRegistryAccessConfigCertificateAuthorityDomainConfigArgs.java new file mode 100644 index 0000000000..d8da6c7d1b --- /dev/null +++ b/sdk/java/src/main/java/com/pulumi/gcp/container/inputs/ClusterNodePoolDefaultsNodeConfigDefaultsContainerdConfigPrivateRegistryAccessConfigCertificateAuthorityDomainConfigArgs.java @@ -0,0 +1,137 @@ +// *** WARNING: this file was generated by pulumi-java-gen. *** +// *** Do not edit by hand unless you're certain you know what you are doing! *** + +package com.pulumi.gcp.container.inputs; + +import com.pulumi.core.Output; +import com.pulumi.core.annotations.Import; +import com.pulumi.exceptions.MissingRequiredPropertyException; +import com.pulumi.gcp.container.inputs.ClusterNodePoolDefaultsNodeConfigDefaultsContainerdConfigPrivateRegistryAccessConfigCertificateAuthorityDomainConfigGcpSecretManagerCertificateConfigArgs; +import java.lang.String; +import java.util.List; +import java.util.Objects; + + +public final class ClusterNodePoolDefaultsNodeConfigDefaultsContainerdConfigPrivateRegistryAccessConfigCertificateAuthorityDomainConfigArgs extends com.pulumi.resources.ResourceArgs { + + public static final ClusterNodePoolDefaultsNodeConfigDefaultsContainerdConfigPrivateRegistryAccessConfigCertificateAuthorityDomainConfigArgs Empty = new ClusterNodePoolDefaultsNodeConfigDefaultsContainerdConfigPrivateRegistryAccessConfigCertificateAuthorityDomainConfigArgs(); + + /** + * List of fully-qualified-domain-names. IPv4s and port specification are supported. + * + */ + @Import(name="fqdns", required=true) + private Output> fqdns; + + /** + * @return List of fully-qualified-domain-names. IPv4s and port specification are supported. + * + */ + public Output> fqdns() { + return this.fqdns; + } + + /** + * Parameters for configuring a certificate hosted in GCP SecretManager. + * + */ + @Import(name="gcpSecretManagerCertificateConfig", required=true) + private Output gcpSecretManagerCertificateConfig; + + /** + * @return Parameters for configuring a certificate hosted in GCP SecretManager. + * + */ + public Output gcpSecretManagerCertificateConfig() { + return this.gcpSecretManagerCertificateConfig; + } + + private ClusterNodePoolDefaultsNodeConfigDefaultsContainerdConfigPrivateRegistryAccessConfigCertificateAuthorityDomainConfigArgs() {} + + private ClusterNodePoolDefaultsNodeConfigDefaultsContainerdConfigPrivateRegistryAccessConfigCertificateAuthorityDomainConfigArgs(ClusterNodePoolDefaultsNodeConfigDefaultsContainerdConfigPrivateRegistryAccessConfigCertificateAuthorityDomainConfigArgs $) { + this.fqdns = $.fqdns; + this.gcpSecretManagerCertificateConfig = $.gcpSecretManagerCertificateConfig; + } + + public static Builder builder() { + return new Builder(); + } + public static Builder builder(ClusterNodePoolDefaultsNodeConfigDefaultsContainerdConfigPrivateRegistryAccessConfigCertificateAuthorityDomainConfigArgs defaults) { + return new Builder(defaults); + } + + public static final class Builder { + private ClusterNodePoolDefaultsNodeConfigDefaultsContainerdConfigPrivateRegistryAccessConfigCertificateAuthorityDomainConfigArgs $; + + public Builder() { + $ = new ClusterNodePoolDefaultsNodeConfigDefaultsContainerdConfigPrivateRegistryAccessConfigCertificateAuthorityDomainConfigArgs(); + } + + public Builder(ClusterNodePoolDefaultsNodeConfigDefaultsContainerdConfigPrivateRegistryAccessConfigCertificateAuthorityDomainConfigArgs defaults) { + $ = new ClusterNodePoolDefaultsNodeConfigDefaultsContainerdConfigPrivateRegistryAccessConfigCertificateAuthorityDomainConfigArgs(Objects.requireNonNull(defaults)); + } + + /** + * @param fqdns List of fully-qualified-domain-names. IPv4s and port specification are supported. + * + * @return builder + * + */ + public Builder fqdns(Output> fqdns) { + $.fqdns = fqdns; + return this; + } + + /** + * @param fqdns List of fully-qualified-domain-names. IPv4s and port specification are supported. + * + * @return builder + * + */ + public Builder fqdns(List fqdns) { + return fqdns(Output.of(fqdns)); + } + + /** + * @param fqdns List of fully-qualified-domain-names. IPv4s and port specification are supported. + * + * @return builder + * + */ + public Builder fqdns(String... fqdns) { + return fqdns(List.of(fqdns)); + } + + /** + * @param gcpSecretManagerCertificateConfig Parameters for configuring a certificate hosted in GCP SecretManager. + * + * @return builder + * + */ + public Builder gcpSecretManagerCertificateConfig(Output gcpSecretManagerCertificateConfig) { + $.gcpSecretManagerCertificateConfig = gcpSecretManagerCertificateConfig; + return this; + } + + /** + * @param gcpSecretManagerCertificateConfig Parameters for configuring a certificate hosted in GCP SecretManager. + * + * @return builder + * + */ + public Builder gcpSecretManagerCertificateConfig(ClusterNodePoolDefaultsNodeConfigDefaultsContainerdConfigPrivateRegistryAccessConfigCertificateAuthorityDomainConfigGcpSecretManagerCertificateConfigArgs gcpSecretManagerCertificateConfig) { + return gcpSecretManagerCertificateConfig(Output.of(gcpSecretManagerCertificateConfig)); + } + + public ClusterNodePoolDefaultsNodeConfigDefaultsContainerdConfigPrivateRegistryAccessConfigCertificateAuthorityDomainConfigArgs build() { + if ($.fqdns == null) { + throw new MissingRequiredPropertyException("ClusterNodePoolDefaultsNodeConfigDefaultsContainerdConfigPrivateRegistryAccessConfigCertificateAuthorityDomainConfigArgs", "fqdns"); + } + if ($.gcpSecretManagerCertificateConfig == null) { + throw new MissingRequiredPropertyException("ClusterNodePoolDefaultsNodeConfigDefaultsContainerdConfigPrivateRegistryAccessConfigCertificateAuthorityDomainConfigArgs", "gcpSecretManagerCertificateConfig"); + } + return $; + } + } + +} diff --git a/sdk/java/src/main/java/com/pulumi/gcp/container/inputs/ClusterNodePoolDefaultsNodeConfigDefaultsContainerdConfigPrivateRegistryAccessConfigCertificateAuthorityDomainConfigGcpSecretManagerCertificateConfigArgs.java b/sdk/java/src/main/java/com/pulumi/gcp/container/inputs/ClusterNodePoolDefaultsNodeConfigDefaultsContainerdConfigPrivateRegistryAccessConfigCertificateAuthorityDomainConfigGcpSecretManagerCertificateConfigArgs.java new file mode 100644 index 0000000000..26fb4098f4 --- /dev/null +++ b/sdk/java/src/main/java/com/pulumi/gcp/container/inputs/ClusterNodePoolDefaultsNodeConfigDefaultsContainerdConfigPrivateRegistryAccessConfigCertificateAuthorityDomainConfigGcpSecretManagerCertificateConfigArgs.java @@ -0,0 +1,85 @@ +// *** WARNING: this file was generated by pulumi-java-gen. *** +// *** Do not edit by hand unless you're certain you know what you are doing! *** + +package com.pulumi.gcp.container.inputs; + +import com.pulumi.core.Output; +import com.pulumi.core.annotations.Import; +import com.pulumi.exceptions.MissingRequiredPropertyException; +import java.lang.String; +import java.util.Objects; + + +public final class ClusterNodePoolDefaultsNodeConfigDefaultsContainerdConfigPrivateRegistryAccessConfigCertificateAuthorityDomainConfigGcpSecretManagerCertificateConfigArgs extends com.pulumi.resources.ResourceArgs { + + public static final ClusterNodePoolDefaultsNodeConfigDefaultsContainerdConfigPrivateRegistryAccessConfigCertificateAuthorityDomainConfigGcpSecretManagerCertificateConfigArgs Empty = new ClusterNodePoolDefaultsNodeConfigDefaultsContainerdConfigPrivateRegistryAccessConfigCertificateAuthorityDomainConfigGcpSecretManagerCertificateConfigArgs(); + + /** + * URI for the secret that hosts a certificate. Must be in the format 'projects/PROJECT_NUM/secrets/SECRET_NAME/versions/VERSION_OR_LATEST'. + * + */ + @Import(name="secretUri", required=true) + private Output secretUri; + + /** + * @return URI for the secret that hosts a certificate. Must be in the format 'projects/PROJECT_NUM/secrets/SECRET_NAME/versions/VERSION_OR_LATEST'. + * + */ + public Output secretUri() { + return this.secretUri; + } + + private ClusterNodePoolDefaultsNodeConfigDefaultsContainerdConfigPrivateRegistryAccessConfigCertificateAuthorityDomainConfigGcpSecretManagerCertificateConfigArgs() {} + + private ClusterNodePoolDefaultsNodeConfigDefaultsContainerdConfigPrivateRegistryAccessConfigCertificateAuthorityDomainConfigGcpSecretManagerCertificateConfigArgs(ClusterNodePoolDefaultsNodeConfigDefaultsContainerdConfigPrivateRegistryAccessConfigCertificateAuthorityDomainConfigGcpSecretManagerCertificateConfigArgs $) { + this.secretUri = $.secretUri; + } + + public static Builder builder() { + return new Builder(); + } + public static Builder builder(ClusterNodePoolDefaultsNodeConfigDefaultsContainerdConfigPrivateRegistryAccessConfigCertificateAuthorityDomainConfigGcpSecretManagerCertificateConfigArgs defaults) { + return new Builder(defaults); + } + + public static final class Builder { + private ClusterNodePoolDefaultsNodeConfigDefaultsContainerdConfigPrivateRegistryAccessConfigCertificateAuthorityDomainConfigGcpSecretManagerCertificateConfigArgs $; + + public Builder() { + $ = new ClusterNodePoolDefaultsNodeConfigDefaultsContainerdConfigPrivateRegistryAccessConfigCertificateAuthorityDomainConfigGcpSecretManagerCertificateConfigArgs(); + } + + public Builder(ClusterNodePoolDefaultsNodeConfigDefaultsContainerdConfigPrivateRegistryAccessConfigCertificateAuthorityDomainConfigGcpSecretManagerCertificateConfigArgs defaults) { + $ = new ClusterNodePoolDefaultsNodeConfigDefaultsContainerdConfigPrivateRegistryAccessConfigCertificateAuthorityDomainConfigGcpSecretManagerCertificateConfigArgs(Objects.requireNonNull(defaults)); + } + + /** + * @param secretUri URI for the secret that hosts a certificate. Must be in the format 'projects/PROJECT_NUM/secrets/SECRET_NAME/versions/VERSION_OR_LATEST'. + * + * @return builder + * + */ + public Builder secretUri(Output secretUri) { + $.secretUri = secretUri; + return this; + } + + /** + * @param secretUri URI for the secret that hosts a certificate. Must be in the format 'projects/PROJECT_NUM/secrets/SECRET_NAME/versions/VERSION_OR_LATEST'. + * + * @return builder + * + */ + public Builder secretUri(String secretUri) { + return secretUri(Output.of(secretUri)); + } + + public ClusterNodePoolDefaultsNodeConfigDefaultsContainerdConfigPrivateRegistryAccessConfigCertificateAuthorityDomainConfigGcpSecretManagerCertificateConfigArgs build() { + if ($.secretUri == null) { + throw new MissingRequiredPropertyException("ClusterNodePoolDefaultsNodeConfigDefaultsContainerdConfigPrivateRegistryAccessConfigCertificateAuthorityDomainConfigGcpSecretManagerCertificateConfigArgs", "secretUri"); + } + return $; + } + } + +} diff --git a/sdk/java/src/main/java/com/pulumi/gcp/container/inputs/ClusterNodePoolNodeConfigArgs.java b/sdk/java/src/main/java/com/pulumi/gcp/container/inputs/ClusterNodePoolNodeConfigArgs.java index dfd0431479..b286482242 100644 --- a/sdk/java/src/main/java/com/pulumi/gcp/container/inputs/ClusterNodePoolNodeConfigArgs.java +++ b/sdk/java/src/main/java/com/pulumi/gcp/container/inputs/ClusterNodePoolNodeConfigArgs.java @@ -7,6 +7,7 @@ import com.pulumi.core.annotations.Import; import com.pulumi.gcp.container.inputs.ClusterNodePoolNodeConfigAdvancedMachineFeaturesArgs; import com.pulumi.gcp.container.inputs.ClusterNodePoolNodeConfigConfidentialNodesArgs; +import com.pulumi.gcp.container.inputs.ClusterNodePoolNodeConfigContainerdConfigArgs; import com.pulumi.gcp.container.inputs.ClusterNodePoolNodeConfigEffectiveTaintArgs; import com.pulumi.gcp.container.inputs.ClusterNodePoolNodeConfigEphemeralStorageConfigArgs; import com.pulumi.gcp.container.inputs.ClusterNodePoolNodeConfigEphemeralStorageLocalSsdConfigArgs; @@ -87,6 +88,21 @@ public Optional> confiden return Optional.ofNullable(this.confidentialNodes); } + /** + * Parameters to customize containerd runtime. Structure is documented below. + * + */ + @Import(name="containerdConfig") + private @Nullable Output containerdConfig; + + /** + * @return Parameters to customize containerd runtime. Structure is documented below. + * + */ + public Optional> containerdConfig() { + return Optional.ofNullable(this.containerdConfig); + } + /** * Size of the disk attached to each node, specified * in GB. The smallest allowed disk size is 10GB. Defaults to 100GB. @@ -729,6 +745,7 @@ private ClusterNodePoolNodeConfigArgs(ClusterNodePoolNodeConfigArgs $) { this.advancedMachineFeatures = $.advancedMachineFeatures; this.bootDiskKmsKey = $.bootDiskKmsKey; this.confidentialNodes = $.confidentialNodes; + this.containerdConfig = $.containerdConfig; this.diskSizeGb = $.diskSizeGb; this.diskType = $.diskType; this.effectiveTaints = $.effectiveTaints; @@ -850,6 +867,27 @@ public Builder confidentialNodes(ClusterNodePoolNodeConfigConfidentialNodesArgs return confidentialNodes(Output.of(confidentialNodes)); } + /** + * @param containerdConfig Parameters to customize containerd runtime. Structure is documented below. + * + * @return builder + * + */ + public Builder containerdConfig(@Nullable Output containerdConfig) { + $.containerdConfig = containerdConfig; + return this; + } + + /** + * @param containerdConfig Parameters to customize containerd runtime. Structure is documented below. + * + * @return builder + * + */ + public Builder containerdConfig(ClusterNodePoolNodeConfigContainerdConfigArgs containerdConfig) { + return containerdConfig(Output.of(containerdConfig)); + } + /** * @param diskSizeGb Size of the disk attached to each node, specified * in GB. The smallest allowed disk size is 10GB. Defaults to 100GB. diff --git a/sdk/java/src/main/java/com/pulumi/gcp/container/inputs/ClusterNodePoolNodeConfigContainerdConfigArgs.java b/sdk/java/src/main/java/com/pulumi/gcp/container/inputs/ClusterNodePoolNodeConfigContainerdConfigArgs.java new file mode 100644 index 0000000000..8a1e577b3a --- /dev/null +++ b/sdk/java/src/main/java/com/pulumi/gcp/container/inputs/ClusterNodePoolNodeConfigContainerdConfigArgs.java @@ -0,0 +1,83 @@ +// *** WARNING: this file was generated by pulumi-java-gen. *** +// *** Do not edit by hand unless you're certain you know what you are doing! *** + +package com.pulumi.gcp.container.inputs; + +import com.pulumi.core.Output; +import com.pulumi.core.annotations.Import; +import com.pulumi.gcp.container.inputs.ClusterNodePoolNodeConfigContainerdConfigPrivateRegistryAccessConfigArgs; +import java.util.Objects; +import java.util.Optional; +import javax.annotation.Nullable; + + +public final class ClusterNodePoolNodeConfigContainerdConfigArgs extends com.pulumi.resources.ResourceArgs { + + public static final ClusterNodePoolNodeConfigContainerdConfigArgs Empty = new ClusterNodePoolNodeConfigContainerdConfigArgs(); + + /** + * Configuration for private container registries. There are two fields in this config: + * + */ + @Import(name="privateRegistryAccessConfig") + private @Nullable Output privateRegistryAccessConfig; + + /** + * @return Configuration for private container registries. There are two fields in this config: + * + */ + public Optional> privateRegistryAccessConfig() { + return Optional.ofNullable(this.privateRegistryAccessConfig); + } + + private ClusterNodePoolNodeConfigContainerdConfigArgs() {} + + private ClusterNodePoolNodeConfigContainerdConfigArgs(ClusterNodePoolNodeConfigContainerdConfigArgs $) { + this.privateRegistryAccessConfig = $.privateRegistryAccessConfig; + } + + public static Builder builder() { + return new Builder(); + } + public static Builder builder(ClusterNodePoolNodeConfigContainerdConfigArgs defaults) { + return new Builder(defaults); + } + + public static final class Builder { + private ClusterNodePoolNodeConfigContainerdConfigArgs $; + + public Builder() { + $ = new ClusterNodePoolNodeConfigContainerdConfigArgs(); + } + + public Builder(ClusterNodePoolNodeConfigContainerdConfigArgs defaults) { + $ = new ClusterNodePoolNodeConfigContainerdConfigArgs(Objects.requireNonNull(defaults)); + } + + /** + * @param privateRegistryAccessConfig Configuration for private container registries. There are two fields in this config: + * + * @return builder + * + */ + public Builder privateRegistryAccessConfig(@Nullable Output privateRegistryAccessConfig) { + $.privateRegistryAccessConfig = privateRegistryAccessConfig; + return this; + } + + /** + * @param privateRegistryAccessConfig Configuration for private container registries. There are two fields in this config: + * + * @return builder + * + */ + public Builder privateRegistryAccessConfig(ClusterNodePoolNodeConfigContainerdConfigPrivateRegistryAccessConfigArgs privateRegistryAccessConfig) { + return privateRegistryAccessConfig(Output.of(privateRegistryAccessConfig)); + } + + public ClusterNodePoolNodeConfigContainerdConfigArgs build() { + return $; + } + } + +} diff --git a/sdk/java/src/main/java/com/pulumi/gcp/container/inputs/ClusterNodePoolNodeConfigContainerdConfigPrivateRegistryAccessConfigArgs.java b/sdk/java/src/main/java/com/pulumi/gcp/container/inputs/ClusterNodePoolNodeConfigContainerdConfigPrivateRegistryAccessConfigArgs.java new file mode 100644 index 0000000000..dd2087ae82 --- /dev/null +++ b/sdk/java/src/main/java/com/pulumi/gcp/container/inputs/ClusterNodePoolNodeConfigContainerdConfigPrivateRegistryAccessConfigArgs.java @@ -0,0 +1,136 @@ +// *** WARNING: this file was generated by pulumi-java-gen. *** +// *** Do not edit by hand unless you're certain you know what you are doing! *** + +package com.pulumi.gcp.container.inputs; + +import com.pulumi.core.Output; +import com.pulumi.core.annotations.Import; +import com.pulumi.exceptions.MissingRequiredPropertyException; +import com.pulumi.gcp.container.inputs.ClusterNodePoolNodeConfigContainerdConfigPrivateRegistryAccessConfigCertificateAuthorityDomainConfigArgs; +import java.lang.Boolean; +import java.util.List; +import java.util.Objects; +import java.util.Optional; +import javax.annotation.Nullable; + + +public final class ClusterNodePoolNodeConfigContainerdConfigPrivateRegistryAccessConfigArgs extends com.pulumi.resources.ResourceArgs { + + public static final ClusterNodePoolNodeConfigContainerdConfigPrivateRegistryAccessConfigArgs Empty = new ClusterNodePoolNodeConfigContainerdConfigPrivateRegistryAccessConfigArgs(); + + /** + * List of configuration objects for CA and domains. Each object identifies a certificate and its assigned domains. See [how to configure for private container registries](https://cloud.google.com/kubernetes-engine/docs/how-to/access-private-registries-private-certificates) for more detail. Example: + * + */ + @Import(name="certificateAuthorityDomainConfigs") + private @Nullable Output> certificateAuthorityDomainConfigs; + + /** + * @return List of configuration objects for CA and domains. Each object identifies a certificate and its assigned domains. See [how to configure for private container registries](https://cloud.google.com/kubernetes-engine/docs/how-to/access-private-registries-private-certificates) for more detail. Example: + * + */ + public Optional>> certificateAuthorityDomainConfigs() { + return Optional.ofNullable(this.certificateAuthorityDomainConfigs); + } + + /** + * Enables private registry config. If set to false, all other fields in this object must not be set. + * + */ + @Import(name="enabled", required=true) + private Output enabled; + + /** + * @return Enables private registry config. If set to false, all other fields in this object must not be set. + * + */ + public Output enabled() { + return this.enabled; + } + + private ClusterNodePoolNodeConfigContainerdConfigPrivateRegistryAccessConfigArgs() {} + + private ClusterNodePoolNodeConfigContainerdConfigPrivateRegistryAccessConfigArgs(ClusterNodePoolNodeConfigContainerdConfigPrivateRegistryAccessConfigArgs $) { + this.certificateAuthorityDomainConfigs = $.certificateAuthorityDomainConfigs; + this.enabled = $.enabled; + } + + public static Builder builder() { + return new Builder(); + } + public static Builder builder(ClusterNodePoolNodeConfigContainerdConfigPrivateRegistryAccessConfigArgs defaults) { + return new Builder(defaults); + } + + public static final class Builder { + private ClusterNodePoolNodeConfigContainerdConfigPrivateRegistryAccessConfigArgs $; + + public Builder() { + $ = new ClusterNodePoolNodeConfigContainerdConfigPrivateRegistryAccessConfigArgs(); + } + + public Builder(ClusterNodePoolNodeConfigContainerdConfigPrivateRegistryAccessConfigArgs defaults) { + $ = new ClusterNodePoolNodeConfigContainerdConfigPrivateRegistryAccessConfigArgs(Objects.requireNonNull(defaults)); + } + + /** + * @param certificateAuthorityDomainConfigs List of configuration objects for CA and domains. Each object identifies a certificate and its assigned domains. See [how to configure for private container registries](https://cloud.google.com/kubernetes-engine/docs/how-to/access-private-registries-private-certificates) for more detail. Example: + * + * @return builder + * + */ + public Builder certificateAuthorityDomainConfigs(@Nullable Output> certificateAuthorityDomainConfigs) { + $.certificateAuthorityDomainConfigs = certificateAuthorityDomainConfigs; + return this; + } + + /** + * @param certificateAuthorityDomainConfigs List of configuration objects for CA and domains. Each object identifies a certificate and its assigned domains. See [how to configure for private container registries](https://cloud.google.com/kubernetes-engine/docs/how-to/access-private-registries-private-certificates) for more detail. Example: + * + * @return builder + * + */ + public Builder certificateAuthorityDomainConfigs(List certificateAuthorityDomainConfigs) { + return certificateAuthorityDomainConfigs(Output.of(certificateAuthorityDomainConfigs)); + } + + /** + * @param certificateAuthorityDomainConfigs List of configuration objects for CA and domains. Each object identifies a certificate and its assigned domains. See [how to configure for private container registries](https://cloud.google.com/kubernetes-engine/docs/how-to/access-private-registries-private-certificates) for more detail. Example: + * + * @return builder + * + */ + public Builder certificateAuthorityDomainConfigs(ClusterNodePoolNodeConfigContainerdConfigPrivateRegistryAccessConfigCertificateAuthorityDomainConfigArgs... certificateAuthorityDomainConfigs) { + return certificateAuthorityDomainConfigs(List.of(certificateAuthorityDomainConfigs)); + } + + /** + * @param enabled Enables private registry config. If set to false, all other fields in this object must not be set. + * + * @return builder + * + */ + public Builder enabled(Output enabled) { + $.enabled = enabled; + return this; + } + + /** + * @param enabled Enables private registry config. If set to false, all other fields in this object must not be set. + * + * @return builder + * + */ + public Builder enabled(Boolean enabled) { + return enabled(Output.of(enabled)); + } + + public ClusterNodePoolNodeConfigContainerdConfigPrivateRegistryAccessConfigArgs build() { + if ($.enabled == null) { + throw new MissingRequiredPropertyException("ClusterNodePoolNodeConfigContainerdConfigPrivateRegistryAccessConfigArgs", "enabled"); + } + return $; + } + } + +} diff --git a/sdk/java/src/main/java/com/pulumi/gcp/container/inputs/ClusterNodePoolNodeConfigContainerdConfigPrivateRegistryAccessConfigCertificateAuthorityDomainConfigArgs.java b/sdk/java/src/main/java/com/pulumi/gcp/container/inputs/ClusterNodePoolNodeConfigContainerdConfigPrivateRegistryAccessConfigCertificateAuthorityDomainConfigArgs.java new file mode 100644 index 0000000000..14570c555f --- /dev/null +++ b/sdk/java/src/main/java/com/pulumi/gcp/container/inputs/ClusterNodePoolNodeConfigContainerdConfigPrivateRegistryAccessConfigCertificateAuthorityDomainConfigArgs.java @@ -0,0 +1,137 @@ +// *** WARNING: this file was generated by pulumi-java-gen. *** +// *** Do not edit by hand unless you're certain you know what you are doing! *** + +package com.pulumi.gcp.container.inputs; + +import com.pulumi.core.Output; +import com.pulumi.core.annotations.Import; +import com.pulumi.exceptions.MissingRequiredPropertyException; +import com.pulumi.gcp.container.inputs.ClusterNodePoolNodeConfigContainerdConfigPrivateRegistryAccessConfigCertificateAuthorityDomainConfigGcpSecretManagerCertificateConfigArgs; +import java.lang.String; +import java.util.List; +import java.util.Objects; + + +public final class ClusterNodePoolNodeConfigContainerdConfigPrivateRegistryAccessConfigCertificateAuthorityDomainConfigArgs extends com.pulumi.resources.ResourceArgs { + + public static final ClusterNodePoolNodeConfigContainerdConfigPrivateRegistryAccessConfigCertificateAuthorityDomainConfigArgs Empty = new ClusterNodePoolNodeConfigContainerdConfigPrivateRegistryAccessConfigCertificateAuthorityDomainConfigArgs(); + + /** + * List of fully-qualified-domain-names. IPv4s and port specification are supported. + * + */ + @Import(name="fqdns", required=true) + private Output> fqdns; + + /** + * @return List of fully-qualified-domain-names. IPv4s and port specification are supported. + * + */ + public Output> fqdns() { + return this.fqdns; + } + + /** + * Parameters for configuring a certificate hosted in GCP SecretManager. + * + */ + @Import(name="gcpSecretManagerCertificateConfig", required=true) + private Output gcpSecretManagerCertificateConfig; + + /** + * @return Parameters for configuring a certificate hosted in GCP SecretManager. + * + */ + public Output gcpSecretManagerCertificateConfig() { + return this.gcpSecretManagerCertificateConfig; + } + + private ClusterNodePoolNodeConfigContainerdConfigPrivateRegistryAccessConfigCertificateAuthorityDomainConfigArgs() {} + + private ClusterNodePoolNodeConfigContainerdConfigPrivateRegistryAccessConfigCertificateAuthorityDomainConfigArgs(ClusterNodePoolNodeConfigContainerdConfigPrivateRegistryAccessConfigCertificateAuthorityDomainConfigArgs $) { + this.fqdns = $.fqdns; + this.gcpSecretManagerCertificateConfig = $.gcpSecretManagerCertificateConfig; + } + + public static Builder builder() { + return new Builder(); + } + public static Builder builder(ClusterNodePoolNodeConfigContainerdConfigPrivateRegistryAccessConfigCertificateAuthorityDomainConfigArgs defaults) { + return new Builder(defaults); + } + + public static final class Builder { + private ClusterNodePoolNodeConfigContainerdConfigPrivateRegistryAccessConfigCertificateAuthorityDomainConfigArgs $; + + public Builder() { + $ = new ClusterNodePoolNodeConfigContainerdConfigPrivateRegistryAccessConfigCertificateAuthorityDomainConfigArgs(); + } + + public Builder(ClusterNodePoolNodeConfigContainerdConfigPrivateRegistryAccessConfigCertificateAuthorityDomainConfigArgs defaults) { + $ = new ClusterNodePoolNodeConfigContainerdConfigPrivateRegistryAccessConfigCertificateAuthorityDomainConfigArgs(Objects.requireNonNull(defaults)); + } + + /** + * @param fqdns List of fully-qualified-domain-names. IPv4s and port specification are supported. + * + * @return builder + * + */ + public Builder fqdns(Output> fqdns) { + $.fqdns = fqdns; + return this; + } + + /** + * @param fqdns List of fully-qualified-domain-names. IPv4s and port specification are supported. + * + * @return builder + * + */ + public Builder fqdns(List fqdns) { + return fqdns(Output.of(fqdns)); + } + + /** + * @param fqdns List of fully-qualified-domain-names. IPv4s and port specification are supported. + * + * @return builder + * + */ + public Builder fqdns(String... fqdns) { + return fqdns(List.of(fqdns)); + } + + /** + * @param gcpSecretManagerCertificateConfig Parameters for configuring a certificate hosted in GCP SecretManager. + * + * @return builder + * + */ + public Builder gcpSecretManagerCertificateConfig(Output gcpSecretManagerCertificateConfig) { + $.gcpSecretManagerCertificateConfig = gcpSecretManagerCertificateConfig; + return this; + } + + /** + * @param gcpSecretManagerCertificateConfig Parameters for configuring a certificate hosted in GCP SecretManager. + * + * @return builder + * + */ + public Builder gcpSecretManagerCertificateConfig(ClusterNodePoolNodeConfigContainerdConfigPrivateRegistryAccessConfigCertificateAuthorityDomainConfigGcpSecretManagerCertificateConfigArgs gcpSecretManagerCertificateConfig) { + return gcpSecretManagerCertificateConfig(Output.of(gcpSecretManagerCertificateConfig)); + } + + public ClusterNodePoolNodeConfigContainerdConfigPrivateRegistryAccessConfigCertificateAuthorityDomainConfigArgs build() { + if ($.fqdns == null) { + throw new MissingRequiredPropertyException("ClusterNodePoolNodeConfigContainerdConfigPrivateRegistryAccessConfigCertificateAuthorityDomainConfigArgs", "fqdns"); + } + if ($.gcpSecretManagerCertificateConfig == null) { + throw new MissingRequiredPropertyException("ClusterNodePoolNodeConfigContainerdConfigPrivateRegistryAccessConfigCertificateAuthorityDomainConfigArgs", "gcpSecretManagerCertificateConfig"); + } + return $; + } + } + +} diff --git a/sdk/java/src/main/java/com/pulumi/gcp/container/inputs/ClusterNodePoolNodeConfigContainerdConfigPrivateRegistryAccessConfigCertificateAuthorityDomainConfigGcpSecretManagerCertificateConfigArgs.java b/sdk/java/src/main/java/com/pulumi/gcp/container/inputs/ClusterNodePoolNodeConfigContainerdConfigPrivateRegistryAccessConfigCertificateAuthorityDomainConfigGcpSecretManagerCertificateConfigArgs.java new file mode 100644 index 0000000000..d4f8fb2065 --- /dev/null +++ b/sdk/java/src/main/java/com/pulumi/gcp/container/inputs/ClusterNodePoolNodeConfigContainerdConfigPrivateRegistryAccessConfigCertificateAuthorityDomainConfigGcpSecretManagerCertificateConfigArgs.java @@ -0,0 +1,85 @@ +// *** WARNING: this file was generated by pulumi-java-gen. *** +// *** Do not edit by hand unless you're certain you know what you are doing! *** + +package com.pulumi.gcp.container.inputs; + +import com.pulumi.core.Output; +import com.pulumi.core.annotations.Import; +import com.pulumi.exceptions.MissingRequiredPropertyException; +import java.lang.String; +import java.util.Objects; + + +public final class ClusterNodePoolNodeConfigContainerdConfigPrivateRegistryAccessConfigCertificateAuthorityDomainConfigGcpSecretManagerCertificateConfigArgs extends com.pulumi.resources.ResourceArgs { + + public static final ClusterNodePoolNodeConfigContainerdConfigPrivateRegistryAccessConfigCertificateAuthorityDomainConfigGcpSecretManagerCertificateConfigArgs Empty = new ClusterNodePoolNodeConfigContainerdConfigPrivateRegistryAccessConfigCertificateAuthorityDomainConfigGcpSecretManagerCertificateConfigArgs(); + + /** + * URI for the secret that hosts a certificate. Must be in the format 'projects/PROJECT_NUM/secrets/SECRET_NAME/versions/VERSION_OR_LATEST'. + * + */ + @Import(name="secretUri", required=true) + private Output secretUri; + + /** + * @return URI for the secret that hosts a certificate. Must be in the format 'projects/PROJECT_NUM/secrets/SECRET_NAME/versions/VERSION_OR_LATEST'. + * + */ + public Output secretUri() { + return this.secretUri; + } + + private ClusterNodePoolNodeConfigContainerdConfigPrivateRegistryAccessConfigCertificateAuthorityDomainConfigGcpSecretManagerCertificateConfigArgs() {} + + private ClusterNodePoolNodeConfigContainerdConfigPrivateRegistryAccessConfigCertificateAuthorityDomainConfigGcpSecretManagerCertificateConfigArgs(ClusterNodePoolNodeConfigContainerdConfigPrivateRegistryAccessConfigCertificateAuthorityDomainConfigGcpSecretManagerCertificateConfigArgs $) { + this.secretUri = $.secretUri; + } + + public static Builder builder() { + return new Builder(); + } + public static Builder builder(ClusterNodePoolNodeConfigContainerdConfigPrivateRegistryAccessConfigCertificateAuthorityDomainConfigGcpSecretManagerCertificateConfigArgs defaults) { + return new Builder(defaults); + } + + public static final class Builder { + private ClusterNodePoolNodeConfigContainerdConfigPrivateRegistryAccessConfigCertificateAuthorityDomainConfigGcpSecretManagerCertificateConfigArgs $; + + public Builder() { + $ = new ClusterNodePoolNodeConfigContainerdConfigPrivateRegistryAccessConfigCertificateAuthorityDomainConfigGcpSecretManagerCertificateConfigArgs(); + } + + public Builder(ClusterNodePoolNodeConfigContainerdConfigPrivateRegistryAccessConfigCertificateAuthorityDomainConfigGcpSecretManagerCertificateConfigArgs defaults) { + $ = new ClusterNodePoolNodeConfigContainerdConfigPrivateRegistryAccessConfigCertificateAuthorityDomainConfigGcpSecretManagerCertificateConfigArgs(Objects.requireNonNull(defaults)); + } + + /** + * @param secretUri URI for the secret that hosts a certificate. Must be in the format 'projects/PROJECT_NUM/secrets/SECRET_NAME/versions/VERSION_OR_LATEST'. + * + * @return builder + * + */ + public Builder secretUri(Output secretUri) { + $.secretUri = secretUri; + return this; + } + + /** + * @param secretUri URI for the secret that hosts a certificate. Must be in the format 'projects/PROJECT_NUM/secrets/SECRET_NAME/versions/VERSION_OR_LATEST'. + * + * @return builder + * + */ + public Builder secretUri(String secretUri) { + return secretUri(Output.of(secretUri)); + } + + public ClusterNodePoolNodeConfigContainerdConfigPrivateRegistryAccessConfigCertificateAuthorityDomainConfigGcpSecretManagerCertificateConfigArgs build() { + if ($.secretUri == null) { + throw new MissingRequiredPropertyException("ClusterNodePoolNodeConfigContainerdConfigPrivateRegistryAccessConfigCertificateAuthorityDomainConfigGcpSecretManagerCertificateConfigArgs", "secretUri"); + } + return $; + } + } + +} diff --git a/sdk/java/src/main/java/com/pulumi/gcp/container/inputs/NodePoolNodeConfigArgs.java b/sdk/java/src/main/java/com/pulumi/gcp/container/inputs/NodePoolNodeConfigArgs.java index f689734c57..3da369c5fd 100644 --- a/sdk/java/src/main/java/com/pulumi/gcp/container/inputs/NodePoolNodeConfigArgs.java +++ b/sdk/java/src/main/java/com/pulumi/gcp/container/inputs/NodePoolNodeConfigArgs.java @@ -7,6 +7,7 @@ import com.pulumi.core.annotations.Import; import com.pulumi.gcp.container.inputs.NodePoolNodeConfigAdvancedMachineFeaturesArgs; import com.pulumi.gcp.container.inputs.NodePoolNodeConfigConfidentialNodesArgs; +import com.pulumi.gcp.container.inputs.NodePoolNodeConfigContainerdConfigArgs; import com.pulumi.gcp.container.inputs.NodePoolNodeConfigEffectiveTaintArgs; import com.pulumi.gcp.container.inputs.NodePoolNodeConfigEphemeralStorageConfigArgs; import com.pulumi.gcp.container.inputs.NodePoolNodeConfigEphemeralStorageLocalSsdConfigArgs; @@ -85,6 +86,21 @@ public Optional> confidentialNod return Optional.ofNullable(this.confidentialNodes); } + /** + * Parameters for containerd configuration. + * + */ + @Import(name="containerdConfig") + private @Nullable Output containerdConfig; + + /** + * @return Parameters for containerd configuration. + * + */ + public Optional> containerdConfig() { + return Optional.ofNullable(this.containerdConfig); + } + /** * Size of the disk attached to each node, specified in GB. The smallest allowed disk size is 10GB. * @@ -631,6 +647,7 @@ private NodePoolNodeConfigArgs(NodePoolNodeConfigArgs $) { this.advancedMachineFeatures = $.advancedMachineFeatures; this.bootDiskKmsKey = $.bootDiskKmsKey; this.confidentialNodes = $.confidentialNodes; + this.containerdConfig = $.containerdConfig; this.diskSizeGb = $.diskSizeGb; this.diskType = $.diskType; this.effectiveTaints = $.effectiveTaints; @@ -750,6 +767,27 @@ public Builder confidentialNodes(NodePoolNodeConfigConfidentialNodesArgs confide return confidentialNodes(Output.of(confidentialNodes)); } + /** + * @param containerdConfig Parameters for containerd configuration. + * + * @return builder + * + */ + public Builder containerdConfig(@Nullable Output containerdConfig) { + $.containerdConfig = containerdConfig; + return this; + } + + /** + * @param containerdConfig Parameters for containerd configuration. + * + * @return builder + * + */ + public Builder containerdConfig(NodePoolNodeConfigContainerdConfigArgs containerdConfig) { + return containerdConfig(Output.of(containerdConfig)); + } + /** * @param diskSizeGb Size of the disk attached to each node, specified in GB. The smallest allowed disk size is 10GB. * diff --git a/sdk/java/src/main/java/com/pulumi/gcp/container/inputs/NodePoolNodeConfigContainerdConfigArgs.java b/sdk/java/src/main/java/com/pulumi/gcp/container/inputs/NodePoolNodeConfigContainerdConfigArgs.java new file mode 100644 index 0000000000..75f6294c41 --- /dev/null +++ b/sdk/java/src/main/java/com/pulumi/gcp/container/inputs/NodePoolNodeConfigContainerdConfigArgs.java @@ -0,0 +1,83 @@ +// *** WARNING: this file was generated by pulumi-java-gen. *** +// *** Do not edit by hand unless you're certain you know what you are doing! *** + +package com.pulumi.gcp.container.inputs; + +import com.pulumi.core.Output; +import com.pulumi.core.annotations.Import; +import com.pulumi.gcp.container.inputs.NodePoolNodeConfigContainerdConfigPrivateRegistryAccessConfigArgs; +import java.util.Objects; +import java.util.Optional; +import javax.annotation.Nullable; + + +public final class NodePoolNodeConfigContainerdConfigArgs extends com.pulumi.resources.ResourceArgs { + + public static final NodePoolNodeConfigContainerdConfigArgs Empty = new NodePoolNodeConfigContainerdConfigArgs(); + + /** + * Parameters for private container registries configuration. + * + */ + @Import(name="privateRegistryAccessConfig") + private @Nullable Output privateRegistryAccessConfig; + + /** + * @return Parameters for private container registries configuration. + * + */ + public Optional> privateRegistryAccessConfig() { + return Optional.ofNullable(this.privateRegistryAccessConfig); + } + + private NodePoolNodeConfigContainerdConfigArgs() {} + + private NodePoolNodeConfigContainerdConfigArgs(NodePoolNodeConfigContainerdConfigArgs $) { + this.privateRegistryAccessConfig = $.privateRegistryAccessConfig; + } + + public static Builder builder() { + return new Builder(); + } + public static Builder builder(NodePoolNodeConfigContainerdConfigArgs defaults) { + return new Builder(defaults); + } + + public static final class Builder { + private NodePoolNodeConfigContainerdConfigArgs $; + + public Builder() { + $ = new NodePoolNodeConfigContainerdConfigArgs(); + } + + public Builder(NodePoolNodeConfigContainerdConfigArgs defaults) { + $ = new NodePoolNodeConfigContainerdConfigArgs(Objects.requireNonNull(defaults)); + } + + /** + * @param privateRegistryAccessConfig Parameters for private container registries configuration. + * + * @return builder + * + */ + public Builder privateRegistryAccessConfig(@Nullable Output privateRegistryAccessConfig) { + $.privateRegistryAccessConfig = privateRegistryAccessConfig; + return this; + } + + /** + * @param privateRegistryAccessConfig Parameters for private container registries configuration. + * + * @return builder + * + */ + public Builder privateRegistryAccessConfig(NodePoolNodeConfigContainerdConfigPrivateRegistryAccessConfigArgs privateRegistryAccessConfig) { + return privateRegistryAccessConfig(Output.of(privateRegistryAccessConfig)); + } + + public NodePoolNodeConfigContainerdConfigArgs build() { + return $; + } + } + +} diff --git a/sdk/java/src/main/java/com/pulumi/gcp/container/inputs/NodePoolNodeConfigContainerdConfigPrivateRegistryAccessConfigArgs.java b/sdk/java/src/main/java/com/pulumi/gcp/container/inputs/NodePoolNodeConfigContainerdConfigPrivateRegistryAccessConfigArgs.java new file mode 100644 index 0000000000..cb5a92bdbe --- /dev/null +++ b/sdk/java/src/main/java/com/pulumi/gcp/container/inputs/NodePoolNodeConfigContainerdConfigPrivateRegistryAccessConfigArgs.java @@ -0,0 +1,136 @@ +// *** WARNING: this file was generated by pulumi-java-gen. *** +// *** Do not edit by hand unless you're certain you know what you are doing! *** + +package com.pulumi.gcp.container.inputs; + +import com.pulumi.core.Output; +import com.pulumi.core.annotations.Import; +import com.pulumi.exceptions.MissingRequiredPropertyException; +import com.pulumi.gcp.container.inputs.NodePoolNodeConfigContainerdConfigPrivateRegistryAccessConfigCertificateAuthorityDomainConfigArgs; +import java.lang.Boolean; +import java.util.List; +import java.util.Objects; +import java.util.Optional; +import javax.annotation.Nullable; + + +public final class NodePoolNodeConfigContainerdConfigPrivateRegistryAccessConfigArgs extends com.pulumi.resources.ResourceArgs { + + public static final NodePoolNodeConfigContainerdConfigPrivateRegistryAccessConfigArgs Empty = new NodePoolNodeConfigContainerdConfigPrivateRegistryAccessConfigArgs(); + + /** + * Parameters for configuring CA certificate and domains. + * + */ + @Import(name="certificateAuthorityDomainConfigs") + private @Nullable Output> certificateAuthorityDomainConfigs; + + /** + * @return Parameters for configuring CA certificate and domains. + * + */ + public Optional>> certificateAuthorityDomainConfigs() { + return Optional.ofNullable(this.certificateAuthorityDomainConfigs); + } + + /** + * Whether or not private registries are configured. + * + */ + @Import(name="enabled", required=true) + private Output enabled; + + /** + * @return Whether or not private registries are configured. + * + */ + public Output enabled() { + return this.enabled; + } + + private NodePoolNodeConfigContainerdConfigPrivateRegistryAccessConfigArgs() {} + + private NodePoolNodeConfigContainerdConfigPrivateRegistryAccessConfigArgs(NodePoolNodeConfigContainerdConfigPrivateRegistryAccessConfigArgs $) { + this.certificateAuthorityDomainConfigs = $.certificateAuthorityDomainConfigs; + this.enabled = $.enabled; + } + + public static Builder builder() { + return new Builder(); + } + public static Builder builder(NodePoolNodeConfigContainerdConfigPrivateRegistryAccessConfigArgs defaults) { + return new Builder(defaults); + } + + public static final class Builder { + private NodePoolNodeConfigContainerdConfigPrivateRegistryAccessConfigArgs $; + + public Builder() { + $ = new NodePoolNodeConfigContainerdConfigPrivateRegistryAccessConfigArgs(); + } + + public Builder(NodePoolNodeConfigContainerdConfigPrivateRegistryAccessConfigArgs defaults) { + $ = new NodePoolNodeConfigContainerdConfigPrivateRegistryAccessConfigArgs(Objects.requireNonNull(defaults)); + } + + /** + * @param certificateAuthorityDomainConfigs Parameters for configuring CA certificate and domains. + * + * @return builder + * + */ + public Builder certificateAuthorityDomainConfigs(@Nullable Output> certificateAuthorityDomainConfigs) { + $.certificateAuthorityDomainConfigs = certificateAuthorityDomainConfigs; + return this; + } + + /** + * @param certificateAuthorityDomainConfigs Parameters for configuring CA certificate and domains. + * + * @return builder + * + */ + public Builder certificateAuthorityDomainConfigs(List certificateAuthorityDomainConfigs) { + return certificateAuthorityDomainConfigs(Output.of(certificateAuthorityDomainConfigs)); + } + + /** + * @param certificateAuthorityDomainConfigs Parameters for configuring CA certificate and domains. + * + * @return builder + * + */ + public Builder certificateAuthorityDomainConfigs(NodePoolNodeConfigContainerdConfigPrivateRegistryAccessConfigCertificateAuthorityDomainConfigArgs... certificateAuthorityDomainConfigs) { + return certificateAuthorityDomainConfigs(List.of(certificateAuthorityDomainConfigs)); + } + + /** + * @param enabled Whether or not private registries are configured. + * + * @return builder + * + */ + public Builder enabled(Output enabled) { + $.enabled = enabled; + return this; + } + + /** + * @param enabled Whether or not private registries are configured. + * + * @return builder + * + */ + public Builder enabled(Boolean enabled) { + return enabled(Output.of(enabled)); + } + + public NodePoolNodeConfigContainerdConfigPrivateRegistryAccessConfigArgs build() { + if ($.enabled == null) { + throw new MissingRequiredPropertyException("NodePoolNodeConfigContainerdConfigPrivateRegistryAccessConfigArgs", "enabled"); + } + return $; + } + } + +} diff --git a/sdk/java/src/main/java/com/pulumi/gcp/container/inputs/NodePoolNodeConfigContainerdConfigPrivateRegistryAccessConfigCertificateAuthorityDomainConfigArgs.java b/sdk/java/src/main/java/com/pulumi/gcp/container/inputs/NodePoolNodeConfigContainerdConfigPrivateRegistryAccessConfigCertificateAuthorityDomainConfigArgs.java new file mode 100644 index 0000000000..62aca6b1cd --- /dev/null +++ b/sdk/java/src/main/java/com/pulumi/gcp/container/inputs/NodePoolNodeConfigContainerdConfigPrivateRegistryAccessConfigCertificateAuthorityDomainConfigArgs.java @@ -0,0 +1,137 @@ +// *** WARNING: this file was generated by pulumi-java-gen. *** +// *** Do not edit by hand unless you're certain you know what you are doing! *** + +package com.pulumi.gcp.container.inputs; + +import com.pulumi.core.Output; +import com.pulumi.core.annotations.Import; +import com.pulumi.exceptions.MissingRequiredPropertyException; +import com.pulumi.gcp.container.inputs.NodePoolNodeConfigContainerdConfigPrivateRegistryAccessConfigCertificateAuthorityDomainConfigGcpSecretManagerCertificateConfigArgs; +import java.lang.String; +import java.util.List; +import java.util.Objects; + + +public final class NodePoolNodeConfigContainerdConfigPrivateRegistryAccessConfigCertificateAuthorityDomainConfigArgs extends com.pulumi.resources.ResourceArgs { + + public static final NodePoolNodeConfigContainerdConfigPrivateRegistryAccessConfigCertificateAuthorityDomainConfigArgs Empty = new NodePoolNodeConfigContainerdConfigPrivateRegistryAccessConfigCertificateAuthorityDomainConfigArgs(); + + /** + * List of fully-qualified-domain-names. IPv4s and port specification are supported. + * + */ + @Import(name="fqdns", required=true) + private Output> fqdns; + + /** + * @return List of fully-qualified-domain-names. IPv4s and port specification are supported. + * + */ + public Output> fqdns() { + return this.fqdns; + } + + /** + * Parameters for configuring a certificate hosted in GCP SecretManager. + * + */ + @Import(name="gcpSecretManagerCertificateConfig", required=true) + private Output gcpSecretManagerCertificateConfig; + + /** + * @return Parameters for configuring a certificate hosted in GCP SecretManager. + * + */ + public Output gcpSecretManagerCertificateConfig() { + return this.gcpSecretManagerCertificateConfig; + } + + private NodePoolNodeConfigContainerdConfigPrivateRegistryAccessConfigCertificateAuthorityDomainConfigArgs() {} + + private NodePoolNodeConfigContainerdConfigPrivateRegistryAccessConfigCertificateAuthorityDomainConfigArgs(NodePoolNodeConfigContainerdConfigPrivateRegistryAccessConfigCertificateAuthorityDomainConfigArgs $) { + this.fqdns = $.fqdns; + this.gcpSecretManagerCertificateConfig = $.gcpSecretManagerCertificateConfig; + } + + public static Builder builder() { + return new Builder(); + } + public static Builder builder(NodePoolNodeConfigContainerdConfigPrivateRegistryAccessConfigCertificateAuthorityDomainConfigArgs defaults) { + return new Builder(defaults); + } + + public static final class Builder { + private NodePoolNodeConfigContainerdConfigPrivateRegistryAccessConfigCertificateAuthorityDomainConfigArgs $; + + public Builder() { + $ = new NodePoolNodeConfigContainerdConfigPrivateRegistryAccessConfigCertificateAuthorityDomainConfigArgs(); + } + + public Builder(NodePoolNodeConfigContainerdConfigPrivateRegistryAccessConfigCertificateAuthorityDomainConfigArgs defaults) { + $ = new NodePoolNodeConfigContainerdConfigPrivateRegistryAccessConfigCertificateAuthorityDomainConfigArgs(Objects.requireNonNull(defaults)); + } + + /** + * @param fqdns List of fully-qualified-domain-names. IPv4s and port specification are supported. + * + * @return builder + * + */ + public Builder fqdns(Output> fqdns) { + $.fqdns = fqdns; + return this; + } + + /** + * @param fqdns List of fully-qualified-domain-names. IPv4s and port specification are supported. + * + * @return builder + * + */ + public Builder fqdns(List fqdns) { + return fqdns(Output.of(fqdns)); + } + + /** + * @param fqdns List of fully-qualified-domain-names. IPv4s and port specification are supported. + * + * @return builder + * + */ + public Builder fqdns(String... fqdns) { + return fqdns(List.of(fqdns)); + } + + /** + * @param gcpSecretManagerCertificateConfig Parameters for configuring a certificate hosted in GCP SecretManager. + * + * @return builder + * + */ + public Builder gcpSecretManagerCertificateConfig(Output gcpSecretManagerCertificateConfig) { + $.gcpSecretManagerCertificateConfig = gcpSecretManagerCertificateConfig; + return this; + } + + /** + * @param gcpSecretManagerCertificateConfig Parameters for configuring a certificate hosted in GCP SecretManager. + * + * @return builder + * + */ + public Builder gcpSecretManagerCertificateConfig(NodePoolNodeConfigContainerdConfigPrivateRegistryAccessConfigCertificateAuthorityDomainConfigGcpSecretManagerCertificateConfigArgs gcpSecretManagerCertificateConfig) { + return gcpSecretManagerCertificateConfig(Output.of(gcpSecretManagerCertificateConfig)); + } + + public NodePoolNodeConfigContainerdConfigPrivateRegistryAccessConfigCertificateAuthorityDomainConfigArgs build() { + if ($.fqdns == null) { + throw new MissingRequiredPropertyException("NodePoolNodeConfigContainerdConfigPrivateRegistryAccessConfigCertificateAuthorityDomainConfigArgs", "fqdns"); + } + if ($.gcpSecretManagerCertificateConfig == null) { + throw new MissingRequiredPropertyException("NodePoolNodeConfigContainerdConfigPrivateRegistryAccessConfigCertificateAuthorityDomainConfigArgs", "gcpSecretManagerCertificateConfig"); + } + return $; + } + } + +} diff --git a/sdk/java/src/main/java/com/pulumi/gcp/container/inputs/NodePoolNodeConfigContainerdConfigPrivateRegistryAccessConfigCertificateAuthorityDomainConfigGcpSecretManagerCertificateConfigArgs.java b/sdk/java/src/main/java/com/pulumi/gcp/container/inputs/NodePoolNodeConfigContainerdConfigPrivateRegistryAccessConfigCertificateAuthorityDomainConfigGcpSecretManagerCertificateConfigArgs.java new file mode 100644 index 0000000000..1cffceb8b3 --- /dev/null +++ b/sdk/java/src/main/java/com/pulumi/gcp/container/inputs/NodePoolNodeConfigContainerdConfigPrivateRegistryAccessConfigCertificateAuthorityDomainConfigGcpSecretManagerCertificateConfigArgs.java @@ -0,0 +1,85 @@ +// *** WARNING: this file was generated by pulumi-java-gen. *** +// *** Do not edit by hand unless you're certain you know what you are doing! *** + +package com.pulumi.gcp.container.inputs; + +import com.pulumi.core.Output; +import com.pulumi.core.annotations.Import; +import com.pulumi.exceptions.MissingRequiredPropertyException; +import java.lang.String; +import java.util.Objects; + + +public final class NodePoolNodeConfigContainerdConfigPrivateRegistryAccessConfigCertificateAuthorityDomainConfigGcpSecretManagerCertificateConfigArgs extends com.pulumi.resources.ResourceArgs { + + public static final NodePoolNodeConfigContainerdConfigPrivateRegistryAccessConfigCertificateAuthorityDomainConfigGcpSecretManagerCertificateConfigArgs Empty = new NodePoolNodeConfigContainerdConfigPrivateRegistryAccessConfigCertificateAuthorityDomainConfigGcpSecretManagerCertificateConfigArgs(); + + /** + * URI for the secret that hosts a certificate. Must be in the format 'projects/PROJECT_NUM/secrets/SECRET_NAME/versions/VERSION_OR_LATEST'. + * + */ + @Import(name="secretUri", required=true) + private Output secretUri; + + /** + * @return URI for the secret that hosts a certificate. Must be in the format 'projects/PROJECT_NUM/secrets/SECRET_NAME/versions/VERSION_OR_LATEST'. + * + */ + public Output secretUri() { + return this.secretUri; + } + + private NodePoolNodeConfigContainerdConfigPrivateRegistryAccessConfigCertificateAuthorityDomainConfigGcpSecretManagerCertificateConfigArgs() {} + + private NodePoolNodeConfigContainerdConfigPrivateRegistryAccessConfigCertificateAuthorityDomainConfigGcpSecretManagerCertificateConfigArgs(NodePoolNodeConfigContainerdConfigPrivateRegistryAccessConfigCertificateAuthorityDomainConfigGcpSecretManagerCertificateConfigArgs $) { + this.secretUri = $.secretUri; + } + + public static Builder builder() { + return new Builder(); + } + public static Builder builder(NodePoolNodeConfigContainerdConfigPrivateRegistryAccessConfigCertificateAuthorityDomainConfigGcpSecretManagerCertificateConfigArgs defaults) { + return new Builder(defaults); + } + + public static final class Builder { + private NodePoolNodeConfigContainerdConfigPrivateRegistryAccessConfigCertificateAuthorityDomainConfigGcpSecretManagerCertificateConfigArgs $; + + public Builder() { + $ = new NodePoolNodeConfigContainerdConfigPrivateRegistryAccessConfigCertificateAuthorityDomainConfigGcpSecretManagerCertificateConfigArgs(); + } + + public Builder(NodePoolNodeConfigContainerdConfigPrivateRegistryAccessConfigCertificateAuthorityDomainConfigGcpSecretManagerCertificateConfigArgs defaults) { + $ = new NodePoolNodeConfigContainerdConfigPrivateRegistryAccessConfigCertificateAuthorityDomainConfigGcpSecretManagerCertificateConfigArgs(Objects.requireNonNull(defaults)); + } + + /** + * @param secretUri URI for the secret that hosts a certificate. Must be in the format 'projects/PROJECT_NUM/secrets/SECRET_NAME/versions/VERSION_OR_LATEST'. + * + * @return builder + * + */ + public Builder secretUri(Output secretUri) { + $.secretUri = secretUri; + return this; + } + + /** + * @param secretUri URI for the secret that hosts a certificate. Must be in the format 'projects/PROJECT_NUM/secrets/SECRET_NAME/versions/VERSION_OR_LATEST'. + * + * @return builder + * + */ + public Builder secretUri(String secretUri) { + return secretUri(Output.of(secretUri)); + } + + public NodePoolNodeConfigContainerdConfigPrivateRegistryAccessConfigCertificateAuthorityDomainConfigGcpSecretManagerCertificateConfigArgs build() { + if ($.secretUri == null) { + throw new MissingRequiredPropertyException("NodePoolNodeConfigContainerdConfigPrivateRegistryAccessConfigCertificateAuthorityDomainConfigGcpSecretManagerCertificateConfigArgs", "secretUri"); + } + return $; + } + } + +} diff --git a/sdk/java/src/main/java/com/pulumi/gcp/container/outputs/ClusterNodeConfig.java b/sdk/java/src/main/java/com/pulumi/gcp/container/outputs/ClusterNodeConfig.java index 6a6ed6b8f2..314ac2c5e8 100644 --- a/sdk/java/src/main/java/com/pulumi/gcp/container/outputs/ClusterNodeConfig.java +++ b/sdk/java/src/main/java/com/pulumi/gcp/container/outputs/ClusterNodeConfig.java @@ -6,6 +6,7 @@ import com.pulumi.core.annotations.CustomType; import com.pulumi.gcp.container.outputs.ClusterNodeConfigAdvancedMachineFeatures; import com.pulumi.gcp.container.outputs.ClusterNodeConfigConfidentialNodes; +import com.pulumi.gcp.container.outputs.ClusterNodeConfigContainerdConfig; import com.pulumi.gcp.container.outputs.ClusterNodeConfigEffectiveTaint; import com.pulumi.gcp.container.outputs.ClusterNodeConfigEphemeralStorageConfig; import com.pulumi.gcp.container.outputs.ClusterNodeConfigEphemeralStorageLocalSsdConfig; @@ -52,6 +53,11 @@ public final class ClusterNodeConfig { * */ private @Nullable ClusterNodeConfigConfidentialNodes confidentialNodes; + /** + * @return Parameters to customize containerd runtime. Structure is documented below. + * + */ + private @Nullable ClusterNodeConfigContainerdConfig containerdConfig; /** * @return Size of the disk attached to each node, specified * in GB. The smallest allowed disk size is 10GB. Defaults to 100GB. @@ -304,6 +310,13 @@ public Optional bootDiskKmsKey() { public Optional confidentialNodes() { return Optional.ofNullable(this.confidentialNodes); } + /** + * @return Parameters to customize containerd runtime. Structure is documented below. + * + */ + public Optional containerdConfig() { + return Optional.ofNullable(this.containerdConfig); + } /** * @return Size of the disk attached to each node, specified * in GB. The smallest allowed disk size is 10GB. Defaults to 100GB. @@ -617,6 +630,7 @@ public static final class Builder { private @Nullable ClusterNodeConfigAdvancedMachineFeatures advancedMachineFeatures; private @Nullable String bootDiskKmsKey; private @Nullable ClusterNodeConfigConfidentialNodes confidentialNodes; + private @Nullable ClusterNodeConfigContainerdConfig containerdConfig; private @Nullable Integer diskSizeGb; private @Nullable String diskType; private @Nullable List effectiveTaints; @@ -659,6 +673,7 @@ public Builder(ClusterNodeConfig defaults) { this.advancedMachineFeatures = defaults.advancedMachineFeatures; this.bootDiskKmsKey = defaults.bootDiskKmsKey; this.confidentialNodes = defaults.confidentialNodes; + this.containerdConfig = defaults.containerdConfig; this.diskSizeGb = defaults.diskSizeGb; this.diskType = defaults.diskType; this.effectiveTaints = defaults.effectiveTaints; @@ -716,6 +731,12 @@ public Builder confidentialNodes(@Nullable ClusterNodeConfigConfidentialNodes co return this; } @CustomType.Setter + public Builder containerdConfig(@Nullable ClusterNodeConfigContainerdConfig containerdConfig) { + + this.containerdConfig = containerdConfig; + return this; + } + @CustomType.Setter public Builder diskSizeGb(@Nullable Integer diskSizeGb) { this.diskSizeGb = diskSizeGb; @@ -954,6 +975,7 @@ public ClusterNodeConfig build() { _resultValue.advancedMachineFeatures = advancedMachineFeatures; _resultValue.bootDiskKmsKey = bootDiskKmsKey; _resultValue.confidentialNodes = confidentialNodes; + _resultValue.containerdConfig = containerdConfig; _resultValue.diskSizeGb = diskSizeGb; _resultValue.diskType = diskType; _resultValue.effectiveTaints = effectiveTaints; diff --git a/sdk/java/src/main/java/com/pulumi/gcp/container/outputs/ClusterNodeConfigContainerdConfig.java b/sdk/java/src/main/java/com/pulumi/gcp/container/outputs/ClusterNodeConfigContainerdConfig.java new file mode 100644 index 0000000000..7e0ef44041 --- /dev/null +++ b/sdk/java/src/main/java/com/pulumi/gcp/container/outputs/ClusterNodeConfigContainerdConfig.java @@ -0,0 +1,57 @@ +// *** WARNING: this file was generated by pulumi-java-gen. *** +// *** Do not edit by hand unless you're certain you know what you are doing! *** + +package com.pulumi.gcp.container.outputs; + +import com.pulumi.core.annotations.CustomType; +import com.pulumi.gcp.container.outputs.ClusterNodeConfigContainerdConfigPrivateRegistryAccessConfig; +import java.util.Objects; +import java.util.Optional; +import javax.annotation.Nullable; + +@CustomType +public final class ClusterNodeConfigContainerdConfig { + /** + * @return Configuration for private container registries. There are two fields in this config: + * + */ + private @Nullable ClusterNodeConfigContainerdConfigPrivateRegistryAccessConfig privateRegistryAccessConfig; + + private ClusterNodeConfigContainerdConfig() {} + /** + * @return Configuration for private container registries. There are two fields in this config: + * + */ + public Optional privateRegistryAccessConfig() { + return Optional.ofNullable(this.privateRegistryAccessConfig); + } + + public static Builder builder() { + return new Builder(); + } + + public static Builder builder(ClusterNodeConfigContainerdConfig defaults) { + return new Builder(defaults); + } + @CustomType.Builder + public static final class Builder { + private @Nullable ClusterNodeConfigContainerdConfigPrivateRegistryAccessConfig privateRegistryAccessConfig; + public Builder() {} + public Builder(ClusterNodeConfigContainerdConfig defaults) { + Objects.requireNonNull(defaults); + this.privateRegistryAccessConfig = defaults.privateRegistryAccessConfig; + } + + @CustomType.Setter + public Builder privateRegistryAccessConfig(@Nullable ClusterNodeConfigContainerdConfigPrivateRegistryAccessConfig privateRegistryAccessConfig) { + + this.privateRegistryAccessConfig = privateRegistryAccessConfig; + return this; + } + public ClusterNodeConfigContainerdConfig build() { + final var _resultValue = new ClusterNodeConfigContainerdConfig(); + _resultValue.privateRegistryAccessConfig = privateRegistryAccessConfig; + return _resultValue; + } + } +} diff --git a/sdk/java/src/main/java/com/pulumi/gcp/container/outputs/ClusterNodeConfigContainerdConfigPrivateRegistryAccessConfig.java b/sdk/java/src/main/java/com/pulumi/gcp/container/outputs/ClusterNodeConfigContainerdConfigPrivateRegistryAccessConfig.java new file mode 100644 index 0000000000..483fe75c3d --- /dev/null +++ b/sdk/java/src/main/java/com/pulumi/gcp/container/outputs/ClusterNodeConfigContainerdConfigPrivateRegistryAccessConfig.java @@ -0,0 +1,85 @@ +// *** WARNING: this file was generated by pulumi-java-gen. *** +// *** Do not edit by hand unless you're certain you know what you are doing! *** + +package com.pulumi.gcp.container.outputs; + +import com.pulumi.core.annotations.CustomType; +import com.pulumi.exceptions.MissingRequiredPropertyException; +import com.pulumi.gcp.container.outputs.ClusterNodeConfigContainerdConfigPrivateRegistryAccessConfigCertificateAuthorityDomainConfig; +import java.lang.Boolean; +import java.util.List; +import java.util.Objects; +import javax.annotation.Nullable; + +@CustomType +public final class ClusterNodeConfigContainerdConfigPrivateRegistryAccessConfig { + /** + * @return List of configuration objects for CA and domains. Each object identifies a certificate and its assigned domains. See [how to configure for private container registries](https://cloud.google.com/kubernetes-engine/docs/how-to/access-private-registries-private-certificates) for more detail. Example: + * + */ + private @Nullable List certificateAuthorityDomainConfigs; + /** + * @return Enables private registry config. If set to false, all other fields in this object must not be set. + * + */ + private Boolean enabled; + + private ClusterNodeConfigContainerdConfigPrivateRegistryAccessConfig() {} + /** + * @return List of configuration objects for CA and domains. Each object identifies a certificate and its assigned domains. See [how to configure for private container registries](https://cloud.google.com/kubernetes-engine/docs/how-to/access-private-registries-private-certificates) for more detail. Example: + * + */ + public List certificateAuthorityDomainConfigs() { + return this.certificateAuthorityDomainConfigs == null ? List.of() : this.certificateAuthorityDomainConfigs; + } + /** + * @return Enables private registry config. If set to false, all other fields in this object must not be set. + * + */ + public Boolean enabled() { + return this.enabled; + } + + public static Builder builder() { + return new Builder(); + } + + public static Builder builder(ClusterNodeConfigContainerdConfigPrivateRegistryAccessConfig defaults) { + return new Builder(defaults); + } + @CustomType.Builder + public static final class Builder { + private @Nullable List certificateAuthorityDomainConfigs; + private Boolean enabled; + public Builder() {} + public Builder(ClusterNodeConfigContainerdConfigPrivateRegistryAccessConfig defaults) { + Objects.requireNonNull(defaults); + this.certificateAuthorityDomainConfigs = defaults.certificateAuthorityDomainConfigs; + this.enabled = defaults.enabled; + } + + @CustomType.Setter + public Builder certificateAuthorityDomainConfigs(@Nullable List certificateAuthorityDomainConfigs) { + + this.certificateAuthorityDomainConfigs = certificateAuthorityDomainConfigs; + return this; + } + public Builder certificateAuthorityDomainConfigs(ClusterNodeConfigContainerdConfigPrivateRegistryAccessConfigCertificateAuthorityDomainConfig... certificateAuthorityDomainConfigs) { + return certificateAuthorityDomainConfigs(List.of(certificateAuthorityDomainConfigs)); + } + @CustomType.Setter + public Builder enabled(Boolean enabled) { + if (enabled == null) { + throw new MissingRequiredPropertyException("ClusterNodeConfigContainerdConfigPrivateRegistryAccessConfig", "enabled"); + } + this.enabled = enabled; + return this; + } + public ClusterNodeConfigContainerdConfigPrivateRegistryAccessConfig build() { + final var _resultValue = new ClusterNodeConfigContainerdConfigPrivateRegistryAccessConfig(); + _resultValue.certificateAuthorityDomainConfigs = certificateAuthorityDomainConfigs; + _resultValue.enabled = enabled; + return _resultValue; + } + } +} diff --git a/sdk/java/src/main/java/com/pulumi/gcp/container/outputs/ClusterNodeConfigContainerdConfigPrivateRegistryAccessConfigCertificateAuthorityDomainConfig.java b/sdk/java/src/main/java/com/pulumi/gcp/container/outputs/ClusterNodeConfigContainerdConfigPrivateRegistryAccessConfigCertificateAuthorityDomainConfig.java new file mode 100644 index 0000000000..3629167eab --- /dev/null +++ b/sdk/java/src/main/java/com/pulumi/gcp/container/outputs/ClusterNodeConfigContainerdConfigPrivateRegistryAccessConfigCertificateAuthorityDomainConfig.java @@ -0,0 +1,86 @@ +// *** WARNING: this file was generated by pulumi-java-gen. *** +// *** Do not edit by hand unless you're certain you know what you are doing! *** + +package com.pulumi.gcp.container.outputs; + +import com.pulumi.core.annotations.CustomType; +import com.pulumi.exceptions.MissingRequiredPropertyException; +import com.pulumi.gcp.container.outputs.ClusterNodeConfigContainerdConfigPrivateRegistryAccessConfigCertificateAuthorityDomainConfigGcpSecretManagerCertificateConfig; +import java.lang.String; +import java.util.List; +import java.util.Objects; + +@CustomType +public final class ClusterNodeConfigContainerdConfigPrivateRegistryAccessConfigCertificateAuthorityDomainConfig { + /** + * @return List of fully-qualified-domain-names. IPv4s and port specification are supported. + * + */ + private List fqdns; + /** + * @return Parameters for configuring a certificate hosted in GCP SecretManager. + * + */ + private ClusterNodeConfigContainerdConfigPrivateRegistryAccessConfigCertificateAuthorityDomainConfigGcpSecretManagerCertificateConfig gcpSecretManagerCertificateConfig; + + private ClusterNodeConfigContainerdConfigPrivateRegistryAccessConfigCertificateAuthorityDomainConfig() {} + /** + * @return List of fully-qualified-domain-names. IPv4s and port specification are supported. + * + */ + public List fqdns() { + return this.fqdns; + } + /** + * @return Parameters for configuring a certificate hosted in GCP SecretManager. + * + */ + public ClusterNodeConfigContainerdConfigPrivateRegistryAccessConfigCertificateAuthorityDomainConfigGcpSecretManagerCertificateConfig gcpSecretManagerCertificateConfig() { + return this.gcpSecretManagerCertificateConfig; + } + + public static Builder builder() { + return new Builder(); + } + + public static Builder builder(ClusterNodeConfigContainerdConfigPrivateRegistryAccessConfigCertificateAuthorityDomainConfig defaults) { + return new Builder(defaults); + } + @CustomType.Builder + public static final class Builder { + private List fqdns; + private ClusterNodeConfigContainerdConfigPrivateRegistryAccessConfigCertificateAuthorityDomainConfigGcpSecretManagerCertificateConfig gcpSecretManagerCertificateConfig; + public Builder() {} + public Builder(ClusterNodeConfigContainerdConfigPrivateRegistryAccessConfigCertificateAuthorityDomainConfig defaults) { + Objects.requireNonNull(defaults); + this.fqdns = defaults.fqdns; + this.gcpSecretManagerCertificateConfig = defaults.gcpSecretManagerCertificateConfig; + } + + @CustomType.Setter + public Builder fqdns(List fqdns) { + if (fqdns == null) { + throw new MissingRequiredPropertyException("ClusterNodeConfigContainerdConfigPrivateRegistryAccessConfigCertificateAuthorityDomainConfig", "fqdns"); + } + this.fqdns = fqdns; + return this; + } + public Builder fqdns(String... fqdns) { + return fqdns(List.of(fqdns)); + } + @CustomType.Setter + public Builder gcpSecretManagerCertificateConfig(ClusterNodeConfigContainerdConfigPrivateRegistryAccessConfigCertificateAuthorityDomainConfigGcpSecretManagerCertificateConfig gcpSecretManagerCertificateConfig) { + if (gcpSecretManagerCertificateConfig == null) { + throw new MissingRequiredPropertyException("ClusterNodeConfigContainerdConfigPrivateRegistryAccessConfigCertificateAuthorityDomainConfig", "gcpSecretManagerCertificateConfig"); + } + this.gcpSecretManagerCertificateConfig = gcpSecretManagerCertificateConfig; + return this; + } + public ClusterNodeConfigContainerdConfigPrivateRegistryAccessConfigCertificateAuthorityDomainConfig build() { + final var _resultValue = new ClusterNodeConfigContainerdConfigPrivateRegistryAccessConfigCertificateAuthorityDomainConfig(); + _resultValue.fqdns = fqdns; + _resultValue.gcpSecretManagerCertificateConfig = gcpSecretManagerCertificateConfig; + return _resultValue; + } + } +} diff --git a/sdk/java/src/main/java/com/pulumi/gcp/container/outputs/ClusterNodeConfigContainerdConfigPrivateRegistryAccessConfigCertificateAuthorityDomainConfigGcpSecretManagerCertificateConfig.java b/sdk/java/src/main/java/com/pulumi/gcp/container/outputs/ClusterNodeConfigContainerdConfigPrivateRegistryAccessConfigCertificateAuthorityDomainConfigGcpSecretManagerCertificateConfig.java new file mode 100644 index 0000000000..b719dfd795 --- /dev/null +++ b/sdk/java/src/main/java/com/pulumi/gcp/container/outputs/ClusterNodeConfigContainerdConfigPrivateRegistryAccessConfigCertificateAuthorityDomainConfigGcpSecretManagerCertificateConfig.java @@ -0,0 +1,58 @@ +// *** WARNING: this file was generated by pulumi-java-gen. *** +// *** Do not edit by hand unless you're certain you know what you are doing! *** + +package com.pulumi.gcp.container.outputs; + +import com.pulumi.core.annotations.CustomType; +import com.pulumi.exceptions.MissingRequiredPropertyException; +import java.lang.String; +import java.util.Objects; + +@CustomType +public final class ClusterNodeConfigContainerdConfigPrivateRegistryAccessConfigCertificateAuthorityDomainConfigGcpSecretManagerCertificateConfig { + /** + * @return URI for the secret that hosts a certificate. Must be in the format 'projects/PROJECT_NUM/secrets/SECRET_NAME/versions/VERSION_OR_LATEST'. + * + */ + private String secretUri; + + private ClusterNodeConfigContainerdConfigPrivateRegistryAccessConfigCertificateAuthorityDomainConfigGcpSecretManagerCertificateConfig() {} + /** + * @return URI for the secret that hosts a certificate. Must be in the format 'projects/PROJECT_NUM/secrets/SECRET_NAME/versions/VERSION_OR_LATEST'. + * + */ + public String secretUri() { + return this.secretUri; + } + + public static Builder builder() { + return new Builder(); + } + + public static Builder builder(ClusterNodeConfigContainerdConfigPrivateRegistryAccessConfigCertificateAuthorityDomainConfigGcpSecretManagerCertificateConfig defaults) { + return new Builder(defaults); + } + @CustomType.Builder + public static final class Builder { + private String secretUri; + public Builder() {} + public Builder(ClusterNodeConfigContainerdConfigPrivateRegistryAccessConfigCertificateAuthorityDomainConfigGcpSecretManagerCertificateConfig defaults) { + Objects.requireNonNull(defaults); + this.secretUri = defaults.secretUri; + } + + @CustomType.Setter + public Builder secretUri(String secretUri) { + if (secretUri == null) { + throw new MissingRequiredPropertyException("ClusterNodeConfigContainerdConfigPrivateRegistryAccessConfigCertificateAuthorityDomainConfigGcpSecretManagerCertificateConfig", "secretUri"); + } + this.secretUri = secretUri; + return this; + } + public ClusterNodeConfigContainerdConfigPrivateRegistryAccessConfigCertificateAuthorityDomainConfigGcpSecretManagerCertificateConfig build() { + final var _resultValue = new ClusterNodeConfigContainerdConfigPrivateRegistryAccessConfigCertificateAuthorityDomainConfigGcpSecretManagerCertificateConfig(); + _resultValue.secretUri = secretUri; + return _resultValue; + } + } +} diff --git a/sdk/java/src/main/java/com/pulumi/gcp/container/outputs/ClusterNodePoolDefaultsNodeConfigDefaults.java b/sdk/java/src/main/java/com/pulumi/gcp/container/outputs/ClusterNodePoolDefaultsNodeConfigDefaults.java index 6fb7f9f345..47165b502f 100644 --- a/sdk/java/src/main/java/com/pulumi/gcp/container/outputs/ClusterNodePoolDefaultsNodeConfigDefaults.java +++ b/sdk/java/src/main/java/com/pulumi/gcp/container/outputs/ClusterNodePoolDefaultsNodeConfigDefaults.java @@ -4,6 +4,7 @@ package com.pulumi.gcp.container.outputs; import com.pulumi.core.annotations.CustomType; +import com.pulumi.gcp.container.outputs.ClusterNodePoolDefaultsNodeConfigDefaultsContainerdConfig; import com.pulumi.gcp.container.outputs.ClusterNodePoolDefaultsNodeConfigDefaultsGcfsConfig; import java.lang.String; import java.util.Objects; @@ -12,6 +13,11 @@ @CustomType public final class ClusterNodePoolDefaultsNodeConfigDefaults { + /** + * @return Parameters for containerd configuration. + * + */ + private @Nullable ClusterNodePoolDefaultsNodeConfigDefaultsContainerdConfig containerdConfig; /** * @return The default Google Container Filesystem (GCFS) configuration at the cluster level. e.g. enable [image streaming](https://cloud.google.com/kubernetes-engine/docs/how-to/image-streaming) across all the node pools within the cluster. Structure is documented below. * @@ -24,6 +30,13 @@ public final class ClusterNodePoolDefaultsNodeConfigDefaults { private @Nullable String loggingVariant; private ClusterNodePoolDefaultsNodeConfigDefaults() {} + /** + * @return Parameters for containerd configuration. + * + */ + public Optional containerdConfig() { + return Optional.ofNullable(this.containerdConfig); + } /** * @return The default Google Container Filesystem (GCFS) configuration at the cluster level. e.g. enable [image streaming](https://cloud.google.com/kubernetes-engine/docs/how-to/image-streaming) across all the node pools within the cluster. Structure is documented below. * @@ -48,15 +61,23 @@ public static Builder builder(ClusterNodePoolDefaultsNodeConfigDefaults defaults } @CustomType.Builder public static final class Builder { + private @Nullable ClusterNodePoolDefaultsNodeConfigDefaultsContainerdConfig containerdConfig; private @Nullable ClusterNodePoolDefaultsNodeConfigDefaultsGcfsConfig gcfsConfig; private @Nullable String loggingVariant; public Builder() {} public Builder(ClusterNodePoolDefaultsNodeConfigDefaults defaults) { Objects.requireNonNull(defaults); + this.containerdConfig = defaults.containerdConfig; this.gcfsConfig = defaults.gcfsConfig; this.loggingVariant = defaults.loggingVariant; } + @CustomType.Setter + public Builder containerdConfig(@Nullable ClusterNodePoolDefaultsNodeConfigDefaultsContainerdConfig containerdConfig) { + + this.containerdConfig = containerdConfig; + return this; + } @CustomType.Setter public Builder gcfsConfig(@Nullable ClusterNodePoolDefaultsNodeConfigDefaultsGcfsConfig gcfsConfig) { @@ -71,6 +92,7 @@ public Builder loggingVariant(@Nullable String loggingVariant) { } public ClusterNodePoolDefaultsNodeConfigDefaults build() { final var _resultValue = new ClusterNodePoolDefaultsNodeConfigDefaults(); + _resultValue.containerdConfig = containerdConfig; _resultValue.gcfsConfig = gcfsConfig; _resultValue.loggingVariant = loggingVariant; return _resultValue; diff --git a/sdk/java/src/main/java/com/pulumi/gcp/container/outputs/ClusterNodePoolDefaultsNodeConfigDefaultsContainerdConfig.java b/sdk/java/src/main/java/com/pulumi/gcp/container/outputs/ClusterNodePoolDefaultsNodeConfigDefaultsContainerdConfig.java new file mode 100644 index 0000000000..bf4854a470 --- /dev/null +++ b/sdk/java/src/main/java/com/pulumi/gcp/container/outputs/ClusterNodePoolDefaultsNodeConfigDefaultsContainerdConfig.java @@ -0,0 +1,57 @@ +// *** WARNING: this file was generated by pulumi-java-gen. *** +// *** Do not edit by hand unless you're certain you know what you are doing! *** + +package com.pulumi.gcp.container.outputs; + +import com.pulumi.core.annotations.CustomType; +import com.pulumi.gcp.container.outputs.ClusterNodePoolDefaultsNodeConfigDefaultsContainerdConfigPrivateRegistryAccessConfig; +import java.util.Objects; +import java.util.Optional; +import javax.annotation.Nullable; + +@CustomType +public final class ClusterNodePoolDefaultsNodeConfigDefaultsContainerdConfig { + /** + * @return Configuration for private container registries. There are two fields in this config: + * + */ + private @Nullable ClusterNodePoolDefaultsNodeConfigDefaultsContainerdConfigPrivateRegistryAccessConfig privateRegistryAccessConfig; + + private ClusterNodePoolDefaultsNodeConfigDefaultsContainerdConfig() {} + /** + * @return Configuration for private container registries. There are two fields in this config: + * + */ + public Optional privateRegistryAccessConfig() { + return Optional.ofNullable(this.privateRegistryAccessConfig); + } + + public static Builder builder() { + return new Builder(); + } + + public static Builder builder(ClusterNodePoolDefaultsNodeConfigDefaultsContainerdConfig defaults) { + return new Builder(defaults); + } + @CustomType.Builder + public static final class Builder { + private @Nullable ClusterNodePoolDefaultsNodeConfigDefaultsContainerdConfigPrivateRegistryAccessConfig privateRegistryAccessConfig; + public Builder() {} + public Builder(ClusterNodePoolDefaultsNodeConfigDefaultsContainerdConfig defaults) { + Objects.requireNonNull(defaults); + this.privateRegistryAccessConfig = defaults.privateRegistryAccessConfig; + } + + @CustomType.Setter + public Builder privateRegistryAccessConfig(@Nullable ClusterNodePoolDefaultsNodeConfigDefaultsContainerdConfigPrivateRegistryAccessConfig privateRegistryAccessConfig) { + + this.privateRegistryAccessConfig = privateRegistryAccessConfig; + return this; + } + public ClusterNodePoolDefaultsNodeConfigDefaultsContainerdConfig build() { + final var _resultValue = new ClusterNodePoolDefaultsNodeConfigDefaultsContainerdConfig(); + _resultValue.privateRegistryAccessConfig = privateRegistryAccessConfig; + return _resultValue; + } + } +} diff --git a/sdk/java/src/main/java/com/pulumi/gcp/container/outputs/ClusterNodePoolDefaultsNodeConfigDefaultsContainerdConfigPrivateRegistryAccessConfig.java b/sdk/java/src/main/java/com/pulumi/gcp/container/outputs/ClusterNodePoolDefaultsNodeConfigDefaultsContainerdConfigPrivateRegistryAccessConfig.java new file mode 100644 index 0000000000..0eaa02b6fc --- /dev/null +++ b/sdk/java/src/main/java/com/pulumi/gcp/container/outputs/ClusterNodePoolDefaultsNodeConfigDefaultsContainerdConfigPrivateRegistryAccessConfig.java @@ -0,0 +1,85 @@ +// *** WARNING: this file was generated by pulumi-java-gen. *** +// *** Do not edit by hand unless you're certain you know what you are doing! *** + +package com.pulumi.gcp.container.outputs; + +import com.pulumi.core.annotations.CustomType; +import com.pulumi.exceptions.MissingRequiredPropertyException; +import com.pulumi.gcp.container.outputs.ClusterNodePoolDefaultsNodeConfigDefaultsContainerdConfigPrivateRegistryAccessConfigCertificateAuthorityDomainConfig; +import java.lang.Boolean; +import java.util.List; +import java.util.Objects; +import javax.annotation.Nullable; + +@CustomType +public final class ClusterNodePoolDefaultsNodeConfigDefaultsContainerdConfigPrivateRegistryAccessConfig { + /** + * @return List of configuration objects for CA and domains. Each object identifies a certificate and its assigned domains. See [how to configure for private container registries](https://cloud.google.com/kubernetes-engine/docs/how-to/access-private-registries-private-certificates) for more detail. Example: + * + */ + private @Nullable List certificateAuthorityDomainConfigs; + /** + * @return Enables private registry config. If set to false, all other fields in this object must not be set. + * + */ + private Boolean enabled; + + private ClusterNodePoolDefaultsNodeConfigDefaultsContainerdConfigPrivateRegistryAccessConfig() {} + /** + * @return List of configuration objects for CA and domains. Each object identifies a certificate and its assigned domains. See [how to configure for private container registries](https://cloud.google.com/kubernetes-engine/docs/how-to/access-private-registries-private-certificates) for more detail. Example: + * + */ + public List certificateAuthorityDomainConfigs() { + return this.certificateAuthorityDomainConfigs == null ? List.of() : this.certificateAuthorityDomainConfigs; + } + /** + * @return Enables private registry config. If set to false, all other fields in this object must not be set. + * + */ + public Boolean enabled() { + return this.enabled; + } + + public static Builder builder() { + return new Builder(); + } + + public static Builder builder(ClusterNodePoolDefaultsNodeConfigDefaultsContainerdConfigPrivateRegistryAccessConfig defaults) { + return new Builder(defaults); + } + @CustomType.Builder + public static final class Builder { + private @Nullable List certificateAuthorityDomainConfigs; + private Boolean enabled; + public Builder() {} + public Builder(ClusterNodePoolDefaultsNodeConfigDefaultsContainerdConfigPrivateRegistryAccessConfig defaults) { + Objects.requireNonNull(defaults); + this.certificateAuthorityDomainConfigs = defaults.certificateAuthorityDomainConfigs; + this.enabled = defaults.enabled; + } + + @CustomType.Setter + public Builder certificateAuthorityDomainConfigs(@Nullable List certificateAuthorityDomainConfigs) { + + this.certificateAuthorityDomainConfigs = certificateAuthorityDomainConfigs; + return this; + } + public Builder certificateAuthorityDomainConfigs(ClusterNodePoolDefaultsNodeConfigDefaultsContainerdConfigPrivateRegistryAccessConfigCertificateAuthorityDomainConfig... certificateAuthorityDomainConfigs) { + return certificateAuthorityDomainConfigs(List.of(certificateAuthorityDomainConfigs)); + } + @CustomType.Setter + public Builder enabled(Boolean enabled) { + if (enabled == null) { + throw new MissingRequiredPropertyException("ClusterNodePoolDefaultsNodeConfigDefaultsContainerdConfigPrivateRegistryAccessConfig", "enabled"); + } + this.enabled = enabled; + return this; + } + public ClusterNodePoolDefaultsNodeConfigDefaultsContainerdConfigPrivateRegistryAccessConfig build() { + final var _resultValue = new ClusterNodePoolDefaultsNodeConfigDefaultsContainerdConfigPrivateRegistryAccessConfig(); + _resultValue.certificateAuthorityDomainConfigs = certificateAuthorityDomainConfigs; + _resultValue.enabled = enabled; + return _resultValue; + } + } +} diff --git a/sdk/java/src/main/java/com/pulumi/gcp/container/outputs/ClusterNodePoolDefaultsNodeConfigDefaultsContainerdConfigPrivateRegistryAccessConfigCertificateAuthorityDomainConfig.java b/sdk/java/src/main/java/com/pulumi/gcp/container/outputs/ClusterNodePoolDefaultsNodeConfigDefaultsContainerdConfigPrivateRegistryAccessConfigCertificateAuthorityDomainConfig.java new file mode 100644 index 0000000000..d8757ba415 --- /dev/null +++ b/sdk/java/src/main/java/com/pulumi/gcp/container/outputs/ClusterNodePoolDefaultsNodeConfigDefaultsContainerdConfigPrivateRegistryAccessConfigCertificateAuthorityDomainConfig.java @@ -0,0 +1,86 @@ +// *** WARNING: this file was generated by pulumi-java-gen. *** +// *** Do not edit by hand unless you're certain you know what you are doing! *** + +package com.pulumi.gcp.container.outputs; + +import com.pulumi.core.annotations.CustomType; +import com.pulumi.exceptions.MissingRequiredPropertyException; +import com.pulumi.gcp.container.outputs.ClusterNodePoolDefaultsNodeConfigDefaultsContainerdConfigPrivateRegistryAccessConfigCertificateAuthorityDomainConfigGcpSecretManagerCertificateConfig; +import java.lang.String; +import java.util.List; +import java.util.Objects; + +@CustomType +public final class ClusterNodePoolDefaultsNodeConfigDefaultsContainerdConfigPrivateRegistryAccessConfigCertificateAuthorityDomainConfig { + /** + * @return List of fully-qualified-domain-names. IPv4s and port specification are supported. + * + */ + private List fqdns; + /** + * @return Parameters for configuring a certificate hosted in GCP SecretManager. + * + */ + private ClusterNodePoolDefaultsNodeConfigDefaultsContainerdConfigPrivateRegistryAccessConfigCertificateAuthorityDomainConfigGcpSecretManagerCertificateConfig gcpSecretManagerCertificateConfig; + + private ClusterNodePoolDefaultsNodeConfigDefaultsContainerdConfigPrivateRegistryAccessConfigCertificateAuthorityDomainConfig() {} + /** + * @return List of fully-qualified-domain-names. IPv4s and port specification are supported. + * + */ + public List fqdns() { + return this.fqdns; + } + /** + * @return Parameters for configuring a certificate hosted in GCP SecretManager. + * + */ + public ClusterNodePoolDefaultsNodeConfigDefaultsContainerdConfigPrivateRegistryAccessConfigCertificateAuthorityDomainConfigGcpSecretManagerCertificateConfig gcpSecretManagerCertificateConfig() { + return this.gcpSecretManagerCertificateConfig; + } + + public static Builder builder() { + return new Builder(); + } + + public static Builder builder(ClusterNodePoolDefaultsNodeConfigDefaultsContainerdConfigPrivateRegistryAccessConfigCertificateAuthorityDomainConfig defaults) { + return new Builder(defaults); + } + @CustomType.Builder + public static final class Builder { + private List fqdns; + private ClusterNodePoolDefaultsNodeConfigDefaultsContainerdConfigPrivateRegistryAccessConfigCertificateAuthorityDomainConfigGcpSecretManagerCertificateConfig gcpSecretManagerCertificateConfig; + public Builder() {} + public Builder(ClusterNodePoolDefaultsNodeConfigDefaultsContainerdConfigPrivateRegistryAccessConfigCertificateAuthorityDomainConfig defaults) { + Objects.requireNonNull(defaults); + this.fqdns = defaults.fqdns; + this.gcpSecretManagerCertificateConfig = defaults.gcpSecretManagerCertificateConfig; + } + + @CustomType.Setter + public Builder fqdns(List fqdns) { + if (fqdns == null) { + throw new MissingRequiredPropertyException("ClusterNodePoolDefaultsNodeConfigDefaultsContainerdConfigPrivateRegistryAccessConfigCertificateAuthorityDomainConfig", "fqdns"); + } + this.fqdns = fqdns; + return this; + } + public Builder fqdns(String... fqdns) { + return fqdns(List.of(fqdns)); + } + @CustomType.Setter + public Builder gcpSecretManagerCertificateConfig(ClusterNodePoolDefaultsNodeConfigDefaultsContainerdConfigPrivateRegistryAccessConfigCertificateAuthorityDomainConfigGcpSecretManagerCertificateConfig gcpSecretManagerCertificateConfig) { + if (gcpSecretManagerCertificateConfig == null) { + throw new MissingRequiredPropertyException("ClusterNodePoolDefaultsNodeConfigDefaultsContainerdConfigPrivateRegistryAccessConfigCertificateAuthorityDomainConfig", "gcpSecretManagerCertificateConfig"); + } + this.gcpSecretManagerCertificateConfig = gcpSecretManagerCertificateConfig; + return this; + } + public ClusterNodePoolDefaultsNodeConfigDefaultsContainerdConfigPrivateRegistryAccessConfigCertificateAuthorityDomainConfig build() { + final var _resultValue = new ClusterNodePoolDefaultsNodeConfigDefaultsContainerdConfigPrivateRegistryAccessConfigCertificateAuthorityDomainConfig(); + _resultValue.fqdns = fqdns; + _resultValue.gcpSecretManagerCertificateConfig = gcpSecretManagerCertificateConfig; + return _resultValue; + } + } +} diff --git a/sdk/java/src/main/java/com/pulumi/gcp/container/outputs/ClusterNodePoolDefaultsNodeConfigDefaultsContainerdConfigPrivateRegistryAccessConfigCertificateAuthorityDomainConfigGcpSecretManagerCertificateConfig.java b/sdk/java/src/main/java/com/pulumi/gcp/container/outputs/ClusterNodePoolDefaultsNodeConfigDefaultsContainerdConfigPrivateRegistryAccessConfigCertificateAuthorityDomainConfigGcpSecretManagerCertificateConfig.java new file mode 100644 index 0000000000..ecff85fc1e --- /dev/null +++ b/sdk/java/src/main/java/com/pulumi/gcp/container/outputs/ClusterNodePoolDefaultsNodeConfigDefaultsContainerdConfigPrivateRegistryAccessConfigCertificateAuthorityDomainConfigGcpSecretManagerCertificateConfig.java @@ -0,0 +1,58 @@ +// *** WARNING: this file was generated by pulumi-java-gen. *** +// *** Do not edit by hand unless you're certain you know what you are doing! *** + +package com.pulumi.gcp.container.outputs; + +import com.pulumi.core.annotations.CustomType; +import com.pulumi.exceptions.MissingRequiredPropertyException; +import java.lang.String; +import java.util.Objects; + +@CustomType +public final class ClusterNodePoolDefaultsNodeConfigDefaultsContainerdConfigPrivateRegistryAccessConfigCertificateAuthorityDomainConfigGcpSecretManagerCertificateConfig { + /** + * @return URI for the secret that hosts a certificate. Must be in the format 'projects/PROJECT_NUM/secrets/SECRET_NAME/versions/VERSION_OR_LATEST'. + * + */ + private String secretUri; + + private ClusterNodePoolDefaultsNodeConfigDefaultsContainerdConfigPrivateRegistryAccessConfigCertificateAuthorityDomainConfigGcpSecretManagerCertificateConfig() {} + /** + * @return URI for the secret that hosts a certificate. Must be in the format 'projects/PROJECT_NUM/secrets/SECRET_NAME/versions/VERSION_OR_LATEST'. + * + */ + public String secretUri() { + return this.secretUri; + } + + public static Builder builder() { + return new Builder(); + } + + public static Builder builder(ClusterNodePoolDefaultsNodeConfigDefaultsContainerdConfigPrivateRegistryAccessConfigCertificateAuthorityDomainConfigGcpSecretManagerCertificateConfig defaults) { + return new Builder(defaults); + } + @CustomType.Builder + public static final class Builder { + private String secretUri; + public Builder() {} + public Builder(ClusterNodePoolDefaultsNodeConfigDefaultsContainerdConfigPrivateRegistryAccessConfigCertificateAuthorityDomainConfigGcpSecretManagerCertificateConfig defaults) { + Objects.requireNonNull(defaults); + this.secretUri = defaults.secretUri; + } + + @CustomType.Setter + public Builder secretUri(String secretUri) { + if (secretUri == null) { + throw new MissingRequiredPropertyException("ClusterNodePoolDefaultsNodeConfigDefaultsContainerdConfigPrivateRegistryAccessConfigCertificateAuthorityDomainConfigGcpSecretManagerCertificateConfig", "secretUri"); + } + this.secretUri = secretUri; + return this; + } + public ClusterNodePoolDefaultsNodeConfigDefaultsContainerdConfigPrivateRegistryAccessConfigCertificateAuthorityDomainConfigGcpSecretManagerCertificateConfig build() { + final var _resultValue = new ClusterNodePoolDefaultsNodeConfigDefaultsContainerdConfigPrivateRegistryAccessConfigCertificateAuthorityDomainConfigGcpSecretManagerCertificateConfig(); + _resultValue.secretUri = secretUri; + return _resultValue; + } + } +} diff --git a/sdk/java/src/main/java/com/pulumi/gcp/container/outputs/ClusterNodePoolNodeConfig.java b/sdk/java/src/main/java/com/pulumi/gcp/container/outputs/ClusterNodePoolNodeConfig.java index bfc6a416ce..4787f4832a 100644 --- a/sdk/java/src/main/java/com/pulumi/gcp/container/outputs/ClusterNodePoolNodeConfig.java +++ b/sdk/java/src/main/java/com/pulumi/gcp/container/outputs/ClusterNodePoolNodeConfig.java @@ -6,6 +6,7 @@ import com.pulumi.core.annotations.CustomType; import com.pulumi.gcp.container.outputs.ClusterNodePoolNodeConfigAdvancedMachineFeatures; import com.pulumi.gcp.container.outputs.ClusterNodePoolNodeConfigConfidentialNodes; +import com.pulumi.gcp.container.outputs.ClusterNodePoolNodeConfigContainerdConfig; import com.pulumi.gcp.container.outputs.ClusterNodePoolNodeConfigEffectiveTaint; import com.pulumi.gcp.container.outputs.ClusterNodePoolNodeConfigEphemeralStorageConfig; import com.pulumi.gcp.container.outputs.ClusterNodePoolNodeConfigEphemeralStorageLocalSsdConfig; @@ -52,6 +53,11 @@ public final class ClusterNodePoolNodeConfig { * */ private @Nullable ClusterNodePoolNodeConfigConfidentialNodes confidentialNodes; + /** + * @return Parameters to customize containerd runtime. Structure is documented below. + * + */ + private @Nullable ClusterNodePoolNodeConfigContainerdConfig containerdConfig; /** * @return Size of the disk attached to each node, specified * in GB. The smallest allowed disk size is 10GB. Defaults to 100GB. @@ -304,6 +310,13 @@ public Optional bootDiskKmsKey() { public Optional confidentialNodes() { return Optional.ofNullable(this.confidentialNodes); } + /** + * @return Parameters to customize containerd runtime. Structure is documented below. + * + */ + public Optional containerdConfig() { + return Optional.ofNullable(this.containerdConfig); + } /** * @return Size of the disk attached to each node, specified * in GB. The smallest allowed disk size is 10GB. Defaults to 100GB. @@ -617,6 +630,7 @@ public static final class Builder { private @Nullable ClusterNodePoolNodeConfigAdvancedMachineFeatures advancedMachineFeatures; private @Nullable String bootDiskKmsKey; private @Nullable ClusterNodePoolNodeConfigConfidentialNodes confidentialNodes; + private @Nullable ClusterNodePoolNodeConfigContainerdConfig containerdConfig; private @Nullable Integer diskSizeGb; private @Nullable String diskType; private @Nullable List effectiveTaints; @@ -659,6 +673,7 @@ public Builder(ClusterNodePoolNodeConfig defaults) { this.advancedMachineFeatures = defaults.advancedMachineFeatures; this.bootDiskKmsKey = defaults.bootDiskKmsKey; this.confidentialNodes = defaults.confidentialNodes; + this.containerdConfig = defaults.containerdConfig; this.diskSizeGb = defaults.diskSizeGb; this.diskType = defaults.diskType; this.effectiveTaints = defaults.effectiveTaints; @@ -716,6 +731,12 @@ public Builder confidentialNodes(@Nullable ClusterNodePoolNodeConfigConfidential return this; } @CustomType.Setter + public Builder containerdConfig(@Nullable ClusterNodePoolNodeConfigContainerdConfig containerdConfig) { + + this.containerdConfig = containerdConfig; + return this; + } + @CustomType.Setter public Builder diskSizeGb(@Nullable Integer diskSizeGb) { this.diskSizeGb = diskSizeGb; @@ -954,6 +975,7 @@ public ClusterNodePoolNodeConfig build() { _resultValue.advancedMachineFeatures = advancedMachineFeatures; _resultValue.bootDiskKmsKey = bootDiskKmsKey; _resultValue.confidentialNodes = confidentialNodes; + _resultValue.containerdConfig = containerdConfig; _resultValue.diskSizeGb = diskSizeGb; _resultValue.diskType = diskType; _resultValue.effectiveTaints = effectiveTaints; diff --git a/sdk/java/src/main/java/com/pulumi/gcp/container/outputs/ClusterNodePoolNodeConfigContainerdConfig.java b/sdk/java/src/main/java/com/pulumi/gcp/container/outputs/ClusterNodePoolNodeConfigContainerdConfig.java new file mode 100644 index 0000000000..d19d2e945c --- /dev/null +++ b/sdk/java/src/main/java/com/pulumi/gcp/container/outputs/ClusterNodePoolNodeConfigContainerdConfig.java @@ -0,0 +1,57 @@ +// *** WARNING: this file was generated by pulumi-java-gen. *** +// *** Do not edit by hand unless you're certain you know what you are doing! *** + +package com.pulumi.gcp.container.outputs; + +import com.pulumi.core.annotations.CustomType; +import com.pulumi.gcp.container.outputs.ClusterNodePoolNodeConfigContainerdConfigPrivateRegistryAccessConfig; +import java.util.Objects; +import java.util.Optional; +import javax.annotation.Nullable; + +@CustomType +public final class ClusterNodePoolNodeConfigContainerdConfig { + /** + * @return Configuration for private container registries. There are two fields in this config: + * + */ + private @Nullable ClusterNodePoolNodeConfigContainerdConfigPrivateRegistryAccessConfig privateRegistryAccessConfig; + + private ClusterNodePoolNodeConfigContainerdConfig() {} + /** + * @return Configuration for private container registries. There are two fields in this config: + * + */ + public Optional privateRegistryAccessConfig() { + return Optional.ofNullable(this.privateRegistryAccessConfig); + } + + public static Builder builder() { + return new Builder(); + } + + public static Builder builder(ClusterNodePoolNodeConfigContainerdConfig defaults) { + return new Builder(defaults); + } + @CustomType.Builder + public static final class Builder { + private @Nullable ClusterNodePoolNodeConfigContainerdConfigPrivateRegistryAccessConfig privateRegistryAccessConfig; + public Builder() {} + public Builder(ClusterNodePoolNodeConfigContainerdConfig defaults) { + Objects.requireNonNull(defaults); + this.privateRegistryAccessConfig = defaults.privateRegistryAccessConfig; + } + + @CustomType.Setter + public Builder privateRegistryAccessConfig(@Nullable ClusterNodePoolNodeConfigContainerdConfigPrivateRegistryAccessConfig privateRegistryAccessConfig) { + + this.privateRegistryAccessConfig = privateRegistryAccessConfig; + return this; + } + public ClusterNodePoolNodeConfigContainerdConfig build() { + final var _resultValue = new ClusterNodePoolNodeConfigContainerdConfig(); + _resultValue.privateRegistryAccessConfig = privateRegistryAccessConfig; + return _resultValue; + } + } +} diff --git a/sdk/java/src/main/java/com/pulumi/gcp/container/outputs/ClusterNodePoolNodeConfigContainerdConfigPrivateRegistryAccessConfig.java b/sdk/java/src/main/java/com/pulumi/gcp/container/outputs/ClusterNodePoolNodeConfigContainerdConfigPrivateRegistryAccessConfig.java new file mode 100644 index 0000000000..df08f12a70 --- /dev/null +++ b/sdk/java/src/main/java/com/pulumi/gcp/container/outputs/ClusterNodePoolNodeConfigContainerdConfigPrivateRegistryAccessConfig.java @@ -0,0 +1,85 @@ +// *** WARNING: this file was generated by pulumi-java-gen. *** +// *** Do not edit by hand unless you're certain you know what you are doing! *** + +package com.pulumi.gcp.container.outputs; + +import com.pulumi.core.annotations.CustomType; +import com.pulumi.exceptions.MissingRequiredPropertyException; +import com.pulumi.gcp.container.outputs.ClusterNodePoolNodeConfigContainerdConfigPrivateRegistryAccessConfigCertificateAuthorityDomainConfig; +import java.lang.Boolean; +import java.util.List; +import java.util.Objects; +import javax.annotation.Nullable; + +@CustomType +public final class ClusterNodePoolNodeConfigContainerdConfigPrivateRegistryAccessConfig { + /** + * @return List of configuration objects for CA and domains. Each object identifies a certificate and its assigned domains. See [how to configure for private container registries](https://cloud.google.com/kubernetes-engine/docs/how-to/access-private-registries-private-certificates) for more detail. Example: + * + */ + private @Nullable List certificateAuthorityDomainConfigs; + /** + * @return Enables private registry config. If set to false, all other fields in this object must not be set. + * + */ + private Boolean enabled; + + private ClusterNodePoolNodeConfigContainerdConfigPrivateRegistryAccessConfig() {} + /** + * @return List of configuration objects for CA and domains. Each object identifies a certificate and its assigned domains. See [how to configure for private container registries](https://cloud.google.com/kubernetes-engine/docs/how-to/access-private-registries-private-certificates) for more detail. Example: + * + */ + public List certificateAuthorityDomainConfigs() { + return this.certificateAuthorityDomainConfigs == null ? List.of() : this.certificateAuthorityDomainConfigs; + } + /** + * @return Enables private registry config. If set to false, all other fields in this object must not be set. + * + */ + public Boolean enabled() { + return this.enabled; + } + + public static Builder builder() { + return new Builder(); + } + + public static Builder builder(ClusterNodePoolNodeConfigContainerdConfigPrivateRegistryAccessConfig defaults) { + return new Builder(defaults); + } + @CustomType.Builder + public static final class Builder { + private @Nullable List certificateAuthorityDomainConfigs; + private Boolean enabled; + public Builder() {} + public Builder(ClusterNodePoolNodeConfigContainerdConfigPrivateRegistryAccessConfig defaults) { + Objects.requireNonNull(defaults); + this.certificateAuthorityDomainConfigs = defaults.certificateAuthorityDomainConfigs; + this.enabled = defaults.enabled; + } + + @CustomType.Setter + public Builder certificateAuthorityDomainConfigs(@Nullable List certificateAuthorityDomainConfigs) { + + this.certificateAuthorityDomainConfigs = certificateAuthorityDomainConfigs; + return this; + } + public Builder certificateAuthorityDomainConfigs(ClusterNodePoolNodeConfigContainerdConfigPrivateRegistryAccessConfigCertificateAuthorityDomainConfig... certificateAuthorityDomainConfigs) { + return certificateAuthorityDomainConfigs(List.of(certificateAuthorityDomainConfigs)); + } + @CustomType.Setter + public Builder enabled(Boolean enabled) { + if (enabled == null) { + throw new MissingRequiredPropertyException("ClusterNodePoolNodeConfigContainerdConfigPrivateRegistryAccessConfig", "enabled"); + } + this.enabled = enabled; + return this; + } + public ClusterNodePoolNodeConfigContainerdConfigPrivateRegistryAccessConfig build() { + final var _resultValue = new ClusterNodePoolNodeConfigContainerdConfigPrivateRegistryAccessConfig(); + _resultValue.certificateAuthorityDomainConfigs = certificateAuthorityDomainConfigs; + _resultValue.enabled = enabled; + return _resultValue; + } + } +} diff --git a/sdk/java/src/main/java/com/pulumi/gcp/container/outputs/ClusterNodePoolNodeConfigContainerdConfigPrivateRegistryAccessConfigCertificateAuthorityDomainConfig.java b/sdk/java/src/main/java/com/pulumi/gcp/container/outputs/ClusterNodePoolNodeConfigContainerdConfigPrivateRegistryAccessConfigCertificateAuthorityDomainConfig.java new file mode 100644 index 0000000000..e16f4fab1d --- /dev/null +++ b/sdk/java/src/main/java/com/pulumi/gcp/container/outputs/ClusterNodePoolNodeConfigContainerdConfigPrivateRegistryAccessConfigCertificateAuthorityDomainConfig.java @@ -0,0 +1,86 @@ +// *** WARNING: this file was generated by pulumi-java-gen. *** +// *** Do not edit by hand unless you're certain you know what you are doing! *** + +package com.pulumi.gcp.container.outputs; + +import com.pulumi.core.annotations.CustomType; +import com.pulumi.exceptions.MissingRequiredPropertyException; +import com.pulumi.gcp.container.outputs.ClusterNodePoolNodeConfigContainerdConfigPrivateRegistryAccessConfigCertificateAuthorityDomainConfigGcpSecretManagerCertificateConfig; +import java.lang.String; +import java.util.List; +import java.util.Objects; + +@CustomType +public final class ClusterNodePoolNodeConfigContainerdConfigPrivateRegistryAccessConfigCertificateAuthorityDomainConfig { + /** + * @return List of fully-qualified-domain-names. IPv4s and port specification are supported. + * + */ + private List fqdns; + /** + * @return Parameters for configuring a certificate hosted in GCP SecretManager. + * + */ + private ClusterNodePoolNodeConfigContainerdConfigPrivateRegistryAccessConfigCertificateAuthorityDomainConfigGcpSecretManagerCertificateConfig gcpSecretManagerCertificateConfig; + + private ClusterNodePoolNodeConfigContainerdConfigPrivateRegistryAccessConfigCertificateAuthorityDomainConfig() {} + /** + * @return List of fully-qualified-domain-names. IPv4s and port specification are supported. + * + */ + public List fqdns() { + return this.fqdns; + } + /** + * @return Parameters for configuring a certificate hosted in GCP SecretManager. + * + */ + public ClusterNodePoolNodeConfigContainerdConfigPrivateRegistryAccessConfigCertificateAuthorityDomainConfigGcpSecretManagerCertificateConfig gcpSecretManagerCertificateConfig() { + return this.gcpSecretManagerCertificateConfig; + } + + public static Builder builder() { + return new Builder(); + } + + public static Builder builder(ClusterNodePoolNodeConfigContainerdConfigPrivateRegistryAccessConfigCertificateAuthorityDomainConfig defaults) { + return new Builder(defaults); + } + @CustomType.Builder + public static final class Builder { + private List fqdns; + private ClusterNodePoolNodeConfigContainerdConfigPrivateRegistryAccessConfigCertificateAuthorityDomainConfigGcpSecretManagerCertificateConfig gcpSecretManagerCertificateConfig; + public Builder() {} + public Builder(ClusterNodePoolNodeConfigContainerdConfigPrivateRegistryAccessConfigCertificateAuthorityDomainConfig defaults) { + Objects.requireNonNull(defaults); + this.fqdns = defaults.fqdns; + this.gcpSecretManagerCertificateConfig = defaults.gcpSecretManagerCertificateConfig; + } + + @CustomType.Setter + public Builder fqdns(List fqdns) { + if (fqdns == null) { + throw new MissingRequiredPropertyException("ClusterNodePoolNodeConfigContainerdConfigPrivateRegistryAccessConfigCertificateAuthorityDomainConfig", "fqdns"); + } + this.fqdns = fqdns; + return this; + } + public Builder fqdns(String... fqdns) { + return fqdns(List.of(fqdns)); + } + @CustomType.Setter + public Builder gcpSecretManagerCertificateConfig(ClusterNodePoolNodeConfigContainerdConfigPrivateRegistryAccessConfigCertificateAuthorityDomainConfigGcpSecretManagerCertificateConfig gcpSecretManagerCertificateConfig) { + if (gcpSecretManagerCertificateConfig == null) { + throw new MissingRequiredPropertyException("ClusterNodePoolNodeConfigContainerdConfigPrivateRegistryAccessConfigCertificateAuthorityDomainConfig", "gcpSecretManagerCertificateConfig"); + } + this.gcpSecretManagerCertificateConfig = gcpSecretManagerCertificateConfig; + return this; + } + public ClusterNodePoolNodeConfigContainerdConfigPrivateRegistryAccessConfigCertificateAuthorityDomainConfig build() { + final var _resultValue = new ClusterNodePoolNodeConfigContainerdConfigPrivateRegistryAccessConfigCertificateAuthorityDomainConfig(); + _resultValue.fqdns = fqdns; + _resultValue.gcpSecretManagerCertificateConfig = gcpSecretManagerCertificateConfig; + return _resultValue; + } + } +} diff --git a/sdk/java/src/main/java/com/pulumi/gcp/container/outputs/ClusterNodePoolNodeConfigContainerdConfigPrivateRegistryAccessConfigCertificateAuthorityDomainConfigGcpSecretManagerCertificateConfig.java b/sdk/java/src/main/java/com/pulumi/gcp/container/outputs/ClusterNodePoolNodeConfigContainerdConfigPrivateRegistryAccessConfigCertificateAuthorityDomainConfigGcpSecretManagerCertificateConfig.java new file mode 100644 index 0000000000..58e91b8236 --- /dev/null +++ b/sdk/java/src/main/java/com/pulumi/gcp/container/outputs/ClusterNodePoolNodeConfigContainerdConfigPrivateRegistryAccessConfigCertificateAuthorityDomainConfigGcpSecretManagerCertificateConfig.java @@ -0,0 +1,58 @@ +// *** WARNING: this file was generated by pulumi-java-gen. *** +// *** Do not edit by hand unless you're certain you know what you are doing! *** + +package com.pulumi.gcp.container.outputs; + +import com.pulumi.core.annotations.CustomType; +import com.pulumi.exceptions.MissingRequiredPropertyException; +import java.lang.String; +import java.util.Objects; + +@CustomType +public final class ClusterNodePoolNodeConfigContainerdConfigPrivateRegistryAccessConfigCertificateAuthorityDomainConfigGcpSecretManagerCertificateConfig { + /** + * @return URI for the secret that hosts a certificate. Must be in the format 'projects/PROJECT_NUM/secrets/SECRET_NAME/versions/VERSION_OR_LATEST'. + * + */ + private String secretUri; + + private ClusterNodePoolNodeConfigContainerdConfigPrivateRegistryAccessConfigCertificateAuthorityDomainConfigGcpSecretManagerCertificateConfig() {} + /** + * @return URI for the secret that hosts a certificate. Must be in the format 'projects/PROJECT_NUM/secrets/SECRET_NAME/versions/VERSION_OR_LATEST'. + * + */ + public String secretUri() { + return this.secretUri; + } + + public static Builder builder() { + return new Builder(); + } + + public static Builder builder(ClusterNodePoolNodeConfigContainerdConfigPrivateRegistryAccessConfigCertificateAuthorityDomainConfigGcpSecretManagerCertificateConfig defaults) { + return new Builder(defaults); + } + @CustomType.Builder + public static final class Builder { + private String secretUri; + public Builder() {} + public Builder(ClusterNodePoolNodeConfigContainerdConfigPrivateRegistryAccessConfigCertificateAuthorityDomainConfigGcpSecretManagerCertificateConfig defaults) { + Objects.requireNonNull(defaults); + this.secretUri = defaults.secretUri; + } + + @CustomType.Setter + public Builder secretUri(String secretUri) { + if (secretUri == null) { + throw new MissingRequiredPropertyException("ClusterNodePoolNodeConfigContainerdConfigPrivateRegistryAccessConfigCertificateAuthorityDomainConfigGcpSecretManagerCertificateConfig", "secretUri"); + } + this.secretUri = secretUri; + return this; + } + public ClusterNodePoolNodeConfigContainerdConfigPrivateRegistryAccessConfigCertificateAuthorityDomainConfigGcpSecretManagerCertificateConfig build() { + final var _resultValue = new ClusterNodePoolNodeConfigContainerdConfigPrivateRegistryAccessConfigCertificateAuthorityDomainConfigGcpSecretManagerCertificateConfig(); + _resultValue.secretUri = secretUri; + return _resultValue; + } + } +} diff --git a/sdk/java/src/main/java/com/pulumi/gcp/container/outputs/GetClusterNodeConfig.java b/sdk/java/src/main/java/com/pulumi/gcp/container/outputs/GetClusterNodeConfig.java index c1dda7b3b2..e394881489 100644 --- a/sdk/java/src/main/java/com/pulumi/gcp/container/outputs/GetClusterNodeConfig.java +++ b/sdk/java/src/main/java/com/pulumi/gcp/container/outputs/GetClusterNodeConfig.java @@ -7,6 +7,7 @@ import com.pulumi.exceptions.MissingRequiredPropertyException; import com.pulumi.gcp.container.outputs.GetClusterNodeConfigAdvancedMachineFeature; import com.pulumi.gcp.container.outputs.GetClusterNodeConfigConfidentialNode; +import com.pulumi.gcp.container.outputs.GetClusterNodeConfigContainerdConfig; import com.pulumi.gcp.container.outputs.GetClusterNodeConfigEffectiveTaint; import com.pulumi.gcp.container.outputs.GetClusterNodeConfigEphemeralStorageConfig; import com.pulumi.gcp.container.outputs.GetClusterNodeConfigEphemeralStorageLocalSsdConfig; @@ -50,6 +51,11 @@ public final class GetClusterNodeConfig { * */ private List confidentialNodes; + /** + * @return Parameters for containerd configuration. + * + */ + private List containerdConfigs; /** * @return Size of the disk attached to each node, specified in GB. The smallest allowed disk size is 10GB. * @@ -253,6 +259,13 @@ public String bootDiskKmsKey() { public List confidentialNodes() { return this.confidentialNodes; } + /** + * @return Parameters for containerd configuration. + * + */ + public List containerdConfigs() { + return this.containerdConfigs; + } /** * @return Size of the disk attached to each node, specified in GB. The smallest allowed disk size is 10GB. * @@ -518,6 +531,7 @@ public static final class Builder { private List advancedMachineFeatures; private String bootDiskKmsKey; private List confidentialNodes; + private List containerdConfigs; private Integer diskSizeGb; private String diskType; private List effectiveTaints; @@ -560,6 +574,7 @@ public Builder(GetClusterNodeConfig defaults) { this.advancedMachineFeatures = defaults.advancedMachineFeatures; this.bootDiskKmsKey = defaults.bootDiskKmsKey; this.confidentialNodes = defaults.confidentialNodes; + this.containerdConfigs = defaults.containerdConfigs; this.diskSizeGb = defaults.diskSizeGb; this.diskType = defaults.diskType; this.effectiveTaints = defaults.effectiveTaints; @@ -629,6 +644,17 @@ public Builder confidentialNodes(GetClusterNodeConfigConfidentialNode... confide return confidentialNodes(List.of(confidentialNodes)); } @CustomType.Setter + public Builder containerdConfigs(List containerdConfigs) { + if (containerdConfigs == null) { + throw new MissingRequiredPropertyException("GetClusterNodeConfig", "containerdConfigs"); + } + this.containerdConfigs = containerdConfigs; + return this; + } + public Builder containerdConfigs(GetClusterNodeConfigContainerdConfig... containerdConfigs) { + return containerdConfigs(List.of(containerdConfigs)); + } + @CustomType.Setter public Builder diskSizeGb(Integer diskSizeGb) { if (diskSizeGb == null) { throw new MissingRequiredPropertyException("GetClusterNodeConfig", "diskSizeGb"); @@ -981,6 +1007,7 @@ public GetClusterNodeConfig build() { _resultValue.advancedMachineFeatures = advancedMachineFeatures; _resultValue.bootDiskKmsKey = bootDiskKmsKey; _resultValue.confidentialNodes = confidentialNodes; + _resultValue.containerdConfigs = containerdConfigs; _resultValue.diskSizeGb = diskSizeGb; _resultValue.diskType = diskType; _resultValue.effectiveTaints = effectiveTaints; diff --git a/sdk/java/src/main/java/com/pulumi/gcp/container/outputs/GetClusterNodeConfigContainerdConfig.java b/sdk/java/src/main/java/com/pulumi/gcp/container/outputs/GetClusterNodeConfigContainerdConfig.java new file mode 100644 index 0000000000..c2677d2475 --- /dev/null +++ b/sdk/java/src/main/java/com/pulumi/gcp/container/outputs/GetClusterNodeConfigContainerdConfig.java @@ -0,0 +1,62 @@ +// *** WARNING: this file was generated by pulumi-java-gen. *** +// *** Do not edit by hand unless you're certain you know what you are doing! *** + +package com.pulumi.gcp.container.outputs; + +import com.pulumi.core.annotations.CustomType; +import com.pulumi.exceptions.MissingRequiredPropertyException; +import com.pulumi.gcp.container.outputs.GetClusterNodeConfigContainerdConfigPrivateRegistryAccessConfig; +import java.util.List; +import java.util.Objects; + +@CustomType +public final class GetClusterNodeConfigContainerdConfig { + /** + * @return Parameters for private container registries configuration. + * + */ + private List privateRegistryAccessConfigs; + + private GetClusterNodeConfigContainerdConfig() {} + /** + * @return Parameters for private container registries configuration. + * + */ + public List privateRegistryAccessConfigs() { + return this.privateRegistryAccessConfigs; + } + + public static Builder builder() { + return new Builder(); + } + + public static Builder builder(GetClusterNodeConfigContainerdConfig defaults) { + return new Builder(defaults); + } + @CustomType.Builder + public static final class Builder { + private List privateRegistryAccessConfigs; + public Builder() {} + public Builder(GetClusterNodeConfigContainerdConfig defaults) { + Objects.requireNonNull(defaults); + this.privateRegistryAccessConfigs = defaults.privateRegistryAccessConfigs; + } + + @CustomType.Setter + public Builder privateRegistryAccessConfigs(List privateRegistryAccessConfigs) { + if (privateRegistryAccessConfigs == null) { + throw new MissingRequiredPropertyException("GetClusterNodeConfigContainerdConfig", "privateRegistryAccessConfigs"); + } + this.privateRegistryAccessConfigs = privateRegistryAccessConfigs; + return this; + } + public Builder privateRegistryAccessConfigs(GetClusterNodeConfigContainerdConfigPrivateRegistryAccessConfig... privateRegistryAccessConfigs) { + return privateRegistryAccessConfigs(List.of(privateRegistryAccessConfigs)); + } + public GetClusterNodeConfigContainerdConfig build() { + final var _resultValue = new GetClusterNodeConfigContainerdConfig(); + _resultValue.privateRegistryAccessConfigs = privateRegistryAccessConfigs; + return _resultValue; + } + } +} diff --git a/sdk/java/src/main/java/com/pulumi/gcp/container/outputs/GetClusterNodeConfigContainerdConfigPrivateRegistryAccessConfig.java b/sdk/java/src/main/java/com/pulumi/gcp/container/outputs/GetClusterNodeConfigContainerdConfigPrivateRegistryAccessConfig.java new file mode 100644 index 0000000000..1679725580 --- /dev/null +++ b/sdk/java/src/main/java/com/pulumi/gcp/container/outputs/GetClusterNodeConfigContainerdConfigPrivateRegistryAccessConfig.java @@ -0,0 +1,86 @@ +// *** WARNING: this file was generated by pulumi-java-gen. *** +// *** Do not edit by hand unless you're certain you know what you are doing! *** + +package com.pulumi.gcp.container.outputs; + +import com.pulumi.core.annotations.CustomType; +import com.pulumi.exceptions.MissingRequiredPropertyException; +import com.pulumi.gcp.container.outputs.GetClusterNodeConfigContainerdConfigPrivateRegistryAccessConfigCertificateAuthorityDomainConfig; +import java.lang.Boolean; +import java.util.List; +import java.util.Objects; + +@CustomType +public final class GetClusterNodeConfigContainerdConfigPrivateRegistryAccessConfig { + /** + * @return Parameters for configuring CA certificate and domains. + * + */ + private List certificateAuthorityDomainConfigs; + /** + * @return Whether or not private registries are configured. + * + */ + private Boolean enabled; + + private GetClusterNodeConfigContainerdConfigPrivateRegistryAccessConfig() {} + /** + * @return Parameters for configuring CA certificate and domains. + * + */ + public List certificateAuthorityDomainConfigs() { + return this.certificateAuthorityDomainConfigs; + } + /** + * @return Whether or not private registries are configured. + * + */ + public Boolean enabled() { + return this.enabled; + } + + public static Builder builder() { + return new Builder(); + } + + public static Builder builder(GetClusterNodeConfigContainerdConfigPrivateRegistryAccessConfig defaults) { + return new Builder(defaults); + } + @CustomType.Builder + public static final class Builder { + private List certificateAuthorityDomainConfigs; + private Boolean enabled; + public Builder() {} + public Builder(GetClusterNodeConfigContainerdConfigPrivateRegistryAccessConfig defaults) { + Objects.requireNonNull(defaults); + this.certificateAuthorityDomainConfigs = defaults.certificateAuthorityDomainConfigs; + this.enabled = defaults.enabled; + } + + @CustomType.Setter + public Builder certificateAuthorityDomainConfigs(List certificateAuthorityDomainConfigs) { + if (certificateAuthorityDomainConfigs == null) { + throw new MissingRequiredPropertyException("GetClusterNodeConfigContainerdConfigPrivateRegistryAccessConfig", "certificateAuthorityDomainConfigs"); + } + this.certificateAuthorityDomainConfigs = certificateAuthorityDomainConfigs; + return this; + } + public Builder certificateAuthorityDomainConfigs(GetClusterNodeConfigContainerdConfigPrivateRegistryAccessConfigCertificateAuthorityDomainConfig... certificateAuthorityDomainConfigs) { + return certificateAuthorityDomainConfigs(List.of(certificateAuthorityDomainConfigs)); + } + @CustomType.Setter + public Builder enabled(Boolean enabled) { + if (enabled == null) { + throw new MissingRequiredPropertyException("GetClusterNodeConfigContainerdConfigPrivateRegistryAccessConfig", "enabled"); + } + this.enabled = enabled; + return this; + } + public GetClusterNodeConfigContainerdConfigPrivateRegistryAccessConfig build() { + final var _resultValue = new GetClusterNodeConfigContainerdConfigPrivateRegistryAccessConfig(); + _resultValue.certificateAuthorityDomainConfigs = certificateAuthorityDomainConfigs; + _resultValue.enabled = enabled; + return _resultValue; + } + } +} diff --git a/sdk/java/src/main/java/com/pulumi/gcp/container/outputs/GetClusterNodeConfigContainerdConfigPrivateRegistryAccessConfigCertificateAuthorityDomainConfig.java b/sdk/java/src/main/java/com/pulumi/gcp/container/outputs/GetClusterNodeConfigContainerdConfigPrivateRegistryAccessConfigCertificateAuthorityDomainConfig.java new file mode 100644 index 0000000000..c2e20ee637 --- /dev/null +++ b/sdk/java/src/main/java/com/pulumi/gcp/container/outputs/GetClusterNodeConfigContainerdConfigPrivateRegistryAccessConfigCertificateAuthorityDomainConfig.java @@ -0,0 +1,89 @@ +// *** WARNING: this file was generated by pulumi-java-gen. *** +// *** Do not edit by hand unless you're certain you know what you are doing! *** + +package com.pulumi.gcp.container.outputs; + +import com.pulumi.core.annotations.CustomType; +import com.pulumi.exceptions.MissingRequiredPropertyException; +import com.pulumi.gcp.container.outputs.GetClusterNodeConfigContainerdConfigPrivateRegistryAccessConfigCertificateAuthorityDomainConfigGcpSecretManagerCertificateConfig; +import java.lang.String; +import java.util.List; +import java.util.Objects; + +@CustomType +public final class GetClusterNodeConfigContainerdConfigPrivateRegistryAccessConfigCertificateAuthorityDomainConfig { + /** + * @return List of fully-qualified-domain-names. IPv4s and port specification are supported. + * + */ + private List fqdns; + /** + * @return Parameters for configuring a certificate hosted in GCP SecretManager. + * + */ + private List gcpSecretManagerCertificateConfigs; + + private GetClusterNodeConfigContainerdConfigPrivateRegistryAccessConfigCertificateAuthorityDomainConfig() {} + /** + * @return List of fully-qualified-domain-names. IPv4s and port specification are supported. + * + */ + public List fqdns() { + return this.fqdns; + } + /** + * @return Parameters for configuring a certificate hosted in GCP SecretManager. + * + */ + public List gcpSecretManagerCertificateConfigs() { + return this.gcpSecretManagerCertificateConfigs; + } + + public static Builder builder() { + return new Builder(); + } + + public static Builder builder(GetClusterNodeConfigContainerdConfigPrivateRegistryAccessConfigCertificateAuthorityDomainConfig defaults) { + return new Builder(defaults); + } + @CustomType.Builder + public static final class Builder { + private List fqdns; + private List gcpSecretManagerCertificateConfigs; + public Builder() {} + public Builder(GetClusterNodeConfigContainerdConfigPrivateRegistryAccessConfigCertificateAuthorityDomainConfig defaults) { + Objects.requireNonNull(defaults); + this.fqdns = defaults.fqdns; + this.gcpSecretManagerCertificateConfigs = defaults.gcpSecretManagerCertificateConfigs; + } + + @CustomType.Setter + public Builder fqdns(List fqdns) { + if (fqdns == null) { + throw new MissingRequiredPropertyException("GetClusterNodeConfigContainerdConfigPrivateRegistryAccessConfigCertificateAuthorityDomainConfig", "fqdns"); + } + this.fqdns = fqdns; + return this; + } + public Builder fqdns(String... fqdns) { + return fqdns(List.of(fqdns)); + } + @CustomType.Setter + public Builder gcpSecretManagerCertificateConfigs(List gcpSecretManagerCertificateConfigs) { + if (gcpSecretManagerCertificateConfigs == null) { + throw new MissingRequiredPropertyException("GetClusterNodeConfigContainerdConfigPrivateRegistryAccessConfigCertificateAuthorityDomainConfig", "gcpSecretManagerCertificateConfigs"); + } + this.gcpSecretManagerCertificateConfigs = gcpSecretManagerCertificateConfigs; + return this; + } + public Builder gcpSecretManagerCertificateConfigs(GetClusterNodeConfigContainerdConfigPrivateRegistryAccessConfigCertificateAuthorityDomainConfigGcpSecretManagerCertificateConfig... gcpSecretManagerCertificateConfigs) { + return gcpSecretManagerCertificateConfigs(List.of(gcpSecretManagerCertificateConfigs)); + } + public GetClusterNodeConfigContainerdConfigPrivateRegistryAccessConfigCertificateAuthorityDomainConfig build() { + final var _resultValue = new GetClusterNodeConfigContainerdConfigPrivateRegistryAccessConfigCertificateAuthorityDomainConfig(); + _resultValue.fqdns = fqdns; + _resultValue.gcpSecretManagerCertificateConfigs = gcpSecretManagerCertificateConfigs; + return _resultValue; + } + } +} diff --git a/sdk/java/src/main/java/com/pulumi/gcp/container/outputs/GetClusterNodeConfigContainerdConfigPrivateRegistryAccessConfigCertificateAuthorityDomainConfigGcpSecretManagerCertificateConfig.java b/sdk/java/src/main/java/com/pulumi/gcp/container/outputs/GetClusterNodeConfigContainerdConfigPrivateRegistryAccessConfigCertificateAuthorityDomainConfigGcpSecretManagerCertificateConfig.java new file mode 100644 index 0000000000..9771ce28c3 --- /dev/null +++ b/sdk/java/src/main/java/com/pulumi/gcp/container/outputs/GetClusterNodeConfigContainerdConfigPrivateRegistryAccessConfigCertificateAuthorityDomainConfigGcpSecretManagerCertificateConfig.java @@ -0,0 +1,58 @@ +// *** WARNING: this file was generated by pulumi-java-gen. *** +// *** Do not edit by hand unless you're certain you know what you are doing! *** + +package com.pulumi.gcp.container.outputs; + +import com.pulumi.core.annotations.CustomType; +import com.pulumi.exceptions.MissingRequiredPropertyException; +import java.lang.String; +import java.util.Objects; + +@CustomType +public final class GetClusterNodeConfigContainerdConfigPrivateRegistryAccessConfigCertificateAuthorityDomainConfigGcpSecretManagerCertificateConfig { + /** + * @return URI for the secret that hosts a certificate. Must be in the format 'projects/PROJECT_NUM/secrets/SECRET_NAME/versions/VERSION_OR_LATEST'. + * + */ + private String secretUri; + + private GetClusterNodeConfigContainerdConfigPrivateRegistryAccessConfigCertificateAuthorityDomainConfigGcpSecretManagerCertificateConfig() {} + /** + * @return URI for the secret that hosts a certificate. Must be in the format 'projects/PROJECT_NUM/secrets/SECRET_NAME/versions/VERSION_OR_LATEST'. + * + */ + public String secretUri() { + return this.secretUri; + } + + public static Builder builder() { + return new Builder(); + } + + public static Builder builder(GetClusterNodeConfigContainerdConfigPrivateRegistryAccessConfigCertificateAuthorityDomainConfigGcpSecretManagerCertificateConfig defaults) { + return new Builder(defaults); + } + @CustomType.Builder + public static final class Builder { + private String secretUri; + public Builder() {} + public Builder(GetClusterNodeConfigContainerdConfigPrivateRegistryAccessConfigCertificateAuthorityDomainConfigGcpSecretManagerCertificateConfig defaults) { + Objects.requireNonNull(defaults); + this.secretUri = defaults.secretUri; + } + + @CustomType.Setter + public Builder secretUri(String secretUri) { + if (secretUri == null) { + throw new MissingRequiredPropertyException("GetClusterNodeConfigContainerdConfigPrivateRegistryAccessConfigCertificateAuthorityDomainConfigGcpSecretManagerCertificateConfig", "secretUri"); + } + this.secretUri = secretUri; + return this; + } + public GetClusterNodeConfigContainerdConfigPrivateRegistryAccessConfigCertificateAuthorityDomainConfigGcpSecretManagerCertificateConfig build() { + final var _resultValue = new GetClusterNodeConfigContainerdConfigPrivateRegistryAccessConfigCertificateAuthorityDomainConfigGcpSecretManagerCertificateConfig(); + _resultValue.secretUri = secretUri; + return _resultValue; + } + } +} diff --git a/sdk/java/src/main/java/com/pulumi/gcp/container/outputs/GetClusterNodePoolDefaultNodeConfigDefault.java b/sdk/java/src/main/java/com/pulumi/gcp/container/outputs/GetClusterNodePoolDefaultNodeConfigDefault.java index c9fa41a2ac..e5ebf972fc 100644 --- a/sdk/java/src/main/java/com/pulumi/gcp/container/outputs/GetClusterNodePoolDefaultNodeConfigDefault.java +++ b/sdk/java/src/main/java/com/pulumi/gcp/container/outputs/GetClusterNodePoolDefaultNodeConfigDefault.java @@ -5,6 +5,7 @@ import com.pulumi.core.annotations.CustomType; import com.pulumi.exceptions.MissingRequiredPropertyException; +import com.pulumi.gcp.container.outputs.GetClusterNodePoolDefaultNodeConfigDefaultContainerdConfig; import com.pulumi.gcp.container.outputs.GetClusterNodePoolDefaultNodeConfigDefaultGcfsConfig; import java.lang.String; import java.util.List; @@ -12,6 +13,11 @@ @CustomType public final class GetClusterNodePoolDefaultNodeConfigDefault { + /** + * @return Parameters for containerd configuration. + * + */ + private List containerdConfigs; /** * @return GCFS configuration for this node. * @@ -24,6 +30,13 @@ public final class GetClusterNodePoolDefaultNodeConfigDefault { private String loggingVariant; private GetClusterNodePoolDefaultNodeConfigDefault() {} + /** + * @return Parameters for containerd configuration. + * + */ + public List containerdConfigs() { + return this.containerdConfigs; + } /** * @return GCFS configuration for this node. * @@ -48,15 +61,28 @@ public static Builder builder(GetClusterNodePoolDefaultNodeConfigDefault default } @CustomType.Builder public static final class Builder { + private List containerdConfigs; private List gcfsConfigs; private String loggingVariant; public Builder() {} public Builder(GetClusterNodePoolDefaultNodeConfigDefault defaults) { Objects.requireNonNull(defaults); + this.containerdConfigs = defaults.containerdConfigs; this.gcfsConfigs = defaults.gcfsConfigs; this.loggingVariant = defaults.loggingVariant; } + @CustomType.Setter + public Builder containerdConfigs(List containerdConfigs) { + if (containerdConfigs == null) { + throw new MissingRequiredPropertyException("GetClusterNodePoolDefaultNodeConfigDefault", "containerdConfigs"); + } + this.containerdConfigs = containerdConfigs; + return this; + } + public Builder containerdConfigs(GetClusterNodePoolDefaultNodeConfigDefaultContainerdConfig... containerdConfigs) { + return containerdConfigs(List.of(containerdConfigs)); + } @CustomType.Setter public Builder gcfsConfigs(List gcfsConfigs) { if (gcfsConfigs == null) { @@ -78,6 +104,7 @@ public Builder loggingVariant(String loggingVariant) { } public GetClusterNodePoolDefaultNodeConfigDefault build() { final var _resultValue = new GetClusterNodePoolDefaultNodeConfigDefault(); + _resultValue.containerdConfigs = containerdConfigs; _resultValue.gcfsConfigs = gcfsConfigs; _resultValue.loggingVariant = loggingVariant; return _resultValue; diff --git a/sdk/java/src/main/java/com/pulumi/gcp/container/outputs/GetClusterNodePoolDefaultNodeConfigDefaultContainerdConfig.java b/sdk/java/src/main/java/com/pulumi/gcp/container/outputs/GetClusterNodePoolDefaultNodeConfigDefaultContainerdConfig.java new file mode 100644 index 0000000000..c079972710 --- /dev/null +++ b/sdk/java/src/main/java/com/pulumi/gcp/container/outputs/GetClusterNodePoolDefaultNodeConfigDefaultContainerdConfig.java @@ -0,0 +1,62 @@ +// *** WARNING: this file was generated by pulumi-java-gen. *** +// *** Do not edit by hand unless you're certain you know what you are doing! *** + +package com.pulumi.gcp.container.outputs; + +import com.pulumi.core.annotations.CustomType; +import com.pulumi.exceptions.MissingRequiredPropertyException; +import com.pulumi.gcp.container.outputs.GetClusterNodePoolDefaultNodeConfigDefaultContainerdConfigPrivateRegistryAccessConfig; +import java.util.List; +import java.util.Objects; + +@CustomType +public final class GetClusterNodePoolDefaultNodeConfigDefaultContainerdConfig { + /** + * @return Parameters for private container registries configuration. + * + */ + private List privateRegistryAccessConfigs; + + private GetClusterNodePoolDefaultNodeConfigDefaultContainerdConfig() {} + /** + * @return Parameters for private container registries configuration. + * + */ + public List privateRegistryAccessConfigs() { + return this.privateRegistryAccessConfigs; + } + + public static Builder builder() { + return new Builder(); + } + + public static Builder builder(GetClusterNodePoolDefaultNodeConfigDefaultContainerdConfig defaults) { + return new Builder(defaults); + } + @CustomType.Builder + public static final class Builder { + private List privateRegistryAccessConfigs; + public Builder() {} + public Builder(GetClusterNodePoolDefaultNodeConfigDefaultContainerdConfig defaults) { + Objects.requireNonNull(defaults); + this.privateRegistryAccessConfigs = defaults.privateRegistryAccessConfigs; + } + + @CustomType.Setter + public Builder privateRegistryAccessConfigs(List privateRegistryAccessConfigs) { + if (privateRegistryAccessConfigs == null) { + throw new MissingRequiredPropertyException("GetClusterNodePoolDefaultNodeConfigDefaultContainerdConfig", "privateRegistryAccessConfigs"); + } + this.privateRegistryAccessConfigs = privateRegistryAccessConfigs; + return this; + } + public Builder privateRegistryAccessConfigs(GetClusterNodePoolDefaultNodeConfigDefaultContainerdConfigPrivateRegistryAccessConfig... privateRegistryAccessConfigs) { + return privateRegistryAccessConfigs(List.of(privateRegistryAccessConfigs)); + } + public GetClusterNodePoolDefaultNodeConfigDefaultContainerdConfig build() { + final var _resultValue = new GetClusterNodePoolDefaultNodeConfigDefaultContainerdConfig(); + _resultValue.privateRegistryAccessConfigs = privateRegistryAccessConfigs; + return _resultValue; + } + } +} diff --git a/sdk/java/src/main/java/com/pulumi/gcp/container/outputs/GetClusterNodePoolDefaultNodeConfigDefaultContainerdConfigPrivateRegistryAccessConfig.java b/sdk/java/src/main/java/com/pulumi/gcp/container/outputs/GetClusterNodePoolDefaultNodeConfigDefaultContainerdConfigPrivateRegistryAccessConfig.java new file mode 100644 index 0000000000..9d01c95cae --- /dev/null +++ b/sdk/java/src/main/java/com/pulumi/gcp/container/outputs/GetClusterNodePoolDefaultNodeConfigDefaultContainerdConfigPrivateRegistryAccessConfig.java @@ -0,0 +1,86 @@ +// *** WARNING: this file was generated by pulumi-java-gen. *** +// *** Do not edit by hand unless you're certain you know what you are doing! *** + +package com.pulumi.gcp.container.outputs; + +import com.pulumi.core.annotations.CustomType; +import com.pulumi.exceptions.MissingRequiredPropertyException; +import com.pulumi.gcp.container.outputs.GetClusterNodePoolDefaultNodeConfigDefaultContainerdConfigPrivateRegistryAccessConfigCertificateAuthorityDomainConfig; +import java.lang.Boolean; +import java.util.List; +import java.util.Objects; + +@CustomType +public final class GetClusterNodePoolDefaultNodeConfigDefaultContainerdConfigPrivateRegistryAccessConfig { + /** + * @return Parameters for configuring CA certificate and domains. + * + */ + private List certificateAuthorityDomainConfigs; + /** + * @return Whether or not private registries are configured. + * + */ + private Boolean enabled; + + private GetClusterNodePoolDefaultNodeConfigDefaultContainerdConfigPrivateRegistryAccessConfig() {} + /** + * @return Parameters for configuring CA certificate and domains. + * + */ + public List certificateAuthorityDomainConfigs() { + return this.certificateAuthorityDomainConfigs; + } + /** + * @return Whether or not private registries are configured. + * + */ + public Boolean enabled() { + return this.enabled; + } + + public static Builder builder() { + return new Builder(); + } + + public static Builder builder(GetClusterNodePoolDefaultNodeConfigDefaultContainerdConfigPrivateRegistryAccessConfig defaults) { + return new Builder(defaults); + } + @CustomType.Builder + public static final class Builder { + private List certificateAuthorityDomainConfigs; + private Boolean enabled; + public Builder() {} + public Builder(GetClusterNodePoolDefaultNodeConfigDefaultContainerdConfigPrivateRegistryAccessConfig defaults) { + Objects.requireNonNull(defaults); + this.certificateAuthorityDomainConfigs = defaults.certificateAuthorityDomainConfigs; + this.enabled = defaults.enabled; + } + + @CustomType.Setter + public Builder certificateAuthorityDomainConfigs(List certificateAuthorityDomainConfigs) { + if (certificateAuthorityDomainConfigs == null) { + throw new MissingRequiredPropertyException("GetClusterNodePoolDefaultNodeConfigDefaultContainerdConfigPrivateRegistryAccessConfig", "certificateAuthorityDomainConfigs"); + } + this.certificateAuthorityDomainConfigs = certificateAuthorityDomainConfigs; + return this; + } + public Builder certificateAuthorityDomainConfigs(GetClusterNodePoolDefaultNodeConfigDefaultContainerdConfigPrivateRegistryAccessConfigCertificateAuthorityDomainConfig... certificateAuthorityDomainConfigs) { + return certificateAuthorityDomainConfigs(List.of(certificateAuthorityDomainConfigs)); + } + @CustomType.Setter + public Builder enabled(Boolean enabled) { + if (enabled == null) { + throw new MissingRequiredPropertyException("GetClusterNodePoolDefaultNodeConfigDefaultContainerdConfigPrivateRegistryAccessConfig", "enabled"); + } + this.enabled = enabled; + return this; + } + public GetClusterNodePoolDefaultNodeConfigDefaultContainerdConfigPrivateRegistryAccessConfig build() { + final var _resultValue = new GetClusterNodePoolDefaultNodeConfigDefaultContainerdConfigPrivateRegistryAccessConfig(); + _resultValue.certificateAuthorityDomainConfigs = certificateAuthorityDomainConfigs; + _resultValue.enabled = enabled; + return _resultValue; + } + } +} diff --git a/sdk/java/src/main/java/com/pulumi/gcp/container/outputs/GetClusterNodePoolDefaultNodeConfigDefaultContainerdConfigPrivateRegistryAccessConfigCertificateAuthorityDomainConfig.java b/sdk/java/src/main/java/com/pulumi/gcp/container/outputs/GetClusterNodePoolDefaultNodeConfigDefaultContainerdConfigPrivateRegistryAccessConfigCertificateAuthorityDomainConfig.java new file mode 100644 index 0000000000..47c8470fb6 --- /dev/null +++ b/sdk/java/src/main/java/com/pulumi/gcp/container/outputs/GetClusterNodePoolDefaultNodeConfigDefaultContainerdConfigPrivateRegistryAccessConfigCertificateAuthorityDomainConfig.java @@ -0,0 +1,89 @@ +// *** WARNING: this file was generated by pulumi-java-gen. *** +// *** Do not edit by hand unless you're certain you know what you are doing! *** + +package com.pulumi.gcp.container.outputs; + +import com.pulumi.core.annotations.CustomType; +import com.pulumi.exceptions.MissingRequiredPropertyException; +import com.pulumi.gcp.container.outputs.GetClusterNodePoolDefaultNodeConfigDefaultContainerdConfigPrivateRegistryAccessConfigCertificateAuthorityDomainConfigGcpSecretManagerCertificateConfig; +import java.lang.String; +import java.util.List; +import java.util.Objects; + +@CustomType +public final class GetClusterNodePoolDefaultNodeConfigDefaultContainerdConfigPrivateRegistryAccessConfigCertificateAuthorityDomainConfig { + /** + * @return List of fully-qualified-domain-names. IPv4s and port specification are supported. + * + */ + private List fqdns; + /** + * @return Parameters for configuring a certificate hosted in GCP SecretManager. + * + */ + private List gcpSecretManagerCertificateConfigs; + + private GetClusterNodePoolDefaultNodeConfigDefaultContainerdConfigPrivateRegistryAccessConfigCertificateAuthorityDomainConfig() {} + /** + * @return List of fully-qualified-domain-names. IPv4s and port specification are supported. + * + */ + public List fqdns() { + return this.fqdns; + } + /** + * @return Parameters for configuring a certificate hosted in GCP SecretManager. + * + */ + public List gcpSecretManagerCertificateConfigs() { + return this.gcpSecretManagerCertificateConfigs; + } + + public static Builder builder() { + return new Builder(); + } + + public static Builder builder(GetClusterNodePoolDefaultNodeConfigDefaultContainerdConfigPrivateRegistryAccessConfigCertificateAuthorityDomainConfig defaults) { + return new Builder(defaults); + } + @CustomType.Builder + public static final class Builder { + private List fqdns; + private List gcpSecretManagerCertificateConfigs; + public Builder() {} + public Builder(GetClusterNodePoolDefaultNodeConfigDefaultContainerdConfigPrivateRegistryAccessConfigCertificateAuthorityDomainConfig defaults) { + Objects.requireNonNull(defaults); + this.fqdns = defaults.fqdns; + this.gcpSecretManagerCertificateConfigs = defaults.gcpSecretManagerCertificateConfigs; + } + + @CustomType.Setter + public Builder fqdns(List fqdns) { + if (fqdns == null) { + throw new MissingRequiredPropertyException("GetClusterNodePoolDefaultNodeConfigDefaultContainerdConfigPrivateRegistryAccessConfigCertificateAuthorityDomainConfig", "fqdns"); + } + this.fqdns = fqdns; + return this; + } + public Builder fqdns(String... fqdns) { + return fqdns(List.of(fqdns)); + } + @CustomType.Setter + public Builder gcpSecretManagerCertificateConfigs(List gcpSecretManagerCertificateConfigs) { + if (gcpSecretManagerCertificateConfigs == null) { + throw new MissingRequiredPropertyException("GetClusterNodePoolDefaultNodeConfigDefaultContainerdConfigPrivateRegistryAccessConfigCertificateAuthorityDomainConfig", "gcpSecretManagerCertificateConfigs"); + } + this.gcpSecretManagerCertificateConfigs = gcpSecretManagerCertificateConfigs; + return this; + } + public Builder gcpSecretManagerCertificateConfigs(GetClusterNodePoolDefaultNodeConfigDefaultContainerdConfigPrivateRegistryAccessConfigCertificateAuthorityDomainConfigGcpSecretManagerCertificateConfig... gcpSecretManagerCertificateConfigs) { + return gcpSecretManagerCertificateConfigs(List.of(gcpSecretManagerCertificateConfigs)); + } + public GetClusterNodePoolDefaultNodeConfigDefaultContainerdConfigPrivateRegistryAccessConfigCertificateAuthorityDomainConfig build() { + final var _resultValue = new GetClusterNodePoolDefaultNodeConfigDefaultContainerdConfigPrivateRegistryAccessConfigCertificateAuthorityDomainConfig(); + _resultValue.fqdns = fqdns; + _resultValue.gcpSecretManagerCertificateConfigs = gcpSecretManagerCertificateConfigs; + return _resultValue; + } + } +} diff --git a/sdk/java/src/main/java/com/pulumi/gcp/container/outputs/GetClusterNodePoolDefaultNodeConfigDefaultContainerdConfigPrivateRegistryAccessConfigCertificateAuthorityDomainConfigGcpSecretManagerCertificateConfig.java b/sdk/java/src/main/java/com/pulumi/gcp/container/outputs/GetClusterNodePoolDefaultNodeConfigDefaultContainerdConfigPrivateRegistryAccessConfigCertificateAuthorityDomainConfigGcpSecretManagerCertificateConfig.java new file mode 100644 index 0000000000..df040f44d0 --- /dev/null +++ b/sdk/java/src/main/java/com/pulumi/gcp/container/outputs/GetClusterNodePoolDefaultNodeConfigDefaultContainerdConfigPrivateRegistryAccessConfigCertificateAuthorityDomainConfigGcpSecretManagerCertificateConfig.java @@ -0,0 +1,58 @@ +// *** WARNING: this file was generated by pulumi-java-gen. *** +// *** Do not edit by hand unless you're certain you know what you are doing! *** + +package com.pulumi.gcp.container.outputs; + +import com.pulumi.core.annotations.CustomType; +import com.pulumi.exceptions.MissingRequiredPropertyException; +import java.lang.String; +import java.util.Objects; + +@CustomType +public final class GetClusterNodePoolDefaultNodeConfigDefaultContainerdConfigPrivateRegistryAccessConfigCertificateAuthorityDomainConfigGcpSecretManagerCertificateConfig { + /** + * @return URI for the secret that hosts a certificate. Must be in the format 'projects/PROJECT_NUM/secrets/SECRET_NAME/versions/VERSION_OR_LATEST'. + * + */ + private String secretUri; + + private GetClusterNodePoolDefaultNodeConfigDefaultContainerdConfigPrivateRegistryAccessConfigCertificateAuthorityDomainConfigGcpSecretManagerCertificateConfig() {} + /** + * @return URI for the secret that hosts a certificate. Must be in the format 'projects/PROJECT_NUM/secrets/SECRET_NAME/versions/VERSION_OR_LATEST'. + * + */ + public String secretUri() { + return this.secretUri; + } + + public static Builder builder() { + return new Builder(); + } + + public static Builder builder(GetClusterNodePoolDefaultNodeConfigDefaultContainerdConfigPrivateRegistryAccessConfigCertificateAuthorityDomainConfigGcpSecretManagerCertificateConfig defaults) { + return new Builder(defaults); + } + @CustomType.Builder + public static final class Builder { + private String secretUri; + public Builder() {} + public Builder(GetClusterNodePoolDefaultNodeConfigDefaultContainerdConfigPrivateRegistryAccessConfigCertificateAuthorityDomainConfigGcpSecretManagerCertificateConfig defaults) { + Objects.requireNonNull(defaults); + this.secretUri = defaults.secretUri; + } + + @CustomType.Setter + public Builder secretUri(String secretUri) { + if (secretUri == null) { + throw new MissingRequiredPropertyException("GetClusterNodePoolDefaultNodeConfigDefaultContainerdConfigPrivateRegistryAccessConfigCertificateAuthorityDomainConfigGcpSecretManagerCertificateConfig", "secretUri"); + } + this.secretUri = secretUri; + return this; + } + public GetClusterNodePoolDefaultNodeConfigDefaultContainerdConfigPrivateRegistryAccessConfigCertificateAuthorityDomainConfigGcpSecretManagerCertificateConfig build() { + final var _resultValue = new GetClusterNodePoolDefaultNodeConfigDefaultContainerdConfigPrivateRegistryAccessConfigCertificateAuthorityDomainConfigGcpSecretManagerCertificateConfig(); + _resultValue.secretUri = secretUri; + return _resultValue; + } + } +} diff --git a/sdk/java/src/main/java/com/pulumi/gcp/container/outputs/GetClusterNodePoolNodeConfig.java b/sdk/java/src/main/java/com/pulumi/gcp/container/outputs/GetClusterNodePoolNodeConfig.java index 8d8306a773..fba56a5a99 100644 --- a/sdk/java/src/main/java/com/pulumi/gcp/container/outputs/GetClusterNodePoolNodeConfig.java +++ b/sdk/java/src/main/java/com/pulumi/gcp/container/outputs/GetClusterNodePoolNodeConfig.java @@ -7,6 +7,7 @@ import com.pulumi.exceptions.MissingRequiredPropertyException; import com.pulumi.gcp.container.outputs.GetClusterNodePoolNodeConfigAdvancedMachineFeature; import com.pulumi.gcp.container.outputs.GetClusterNodePoolNodeConfigConfidentialNode; +import com.pulumi.gcp.container.outputs.GetClusterNodePoolNodeConfigContainerdConfig; import com.pulumi.gcp.container.outputs.GetClusterNodePoolNodeConfigEffectiveTaint; import com.pulumi.gcp.container.outputs.GetClusterNodePoolNodeConfigEphemeralStorageConfig; import com.pulumi.gcp.container.outputs.GetClusterNodePoolNodeConfigEphemeralStorageLocalSsdConfig; @@ -50,6 +51,11 @@ public final class GetClusterNodePoolNodeConfig { * */ private List confidentialNodes; + /** + * @return Parameters for containerd configuration. + * + */ + private List containerdConfigs; /** * @return Size of the disk attached to each node, specified in GB. The smallest allowed disk size is 10GB. * @@ -253,6 +259,13 @@ public String bootDiskKmsKey() { public List confidentialNodes() { return this.confidentialNodes; } + /** + * @return Parameters for containerd configuration. + * + */ + public List containerdConfigs() { + return this.containerdConfigs; + } /** * @return Size of the disk attached to each node, specified in GB. The smallest allowed disk size is 10GB. * @@ -518,6 +531,7 @@ public static final class Builder { private List advancedMachineFeatures; private String bootDiskKmsKey; private List confidentialNodes; + private List containerdConfigs; private Integer diskSizeGb; private String diskType; private List effectiveTaints; @@ -560,6 +574,7 @@ public Builder(GetClusterNodePoolNodeConfig defaults) { this.advancedMachineFeatures = defaults.advancedMachineFeatures; this.bootDiskKmsKey = defaults.bootDiskKmsKey; this.confidentialNodes = defaults.confidentialNodes; + this.containerdConfigs = defaults.containerdConfigs; this.diskSizeGb = defaults.diskSizeGb; this.diskType = defaults.diskType; this.effectiveTaints = defaults.effectiveTaints; @@ -629,6 +644,17 @@ public Builder confidentialNodes(GetClusterNodePoolNodeConfigConfidentialNode... return confidentialNodes(List.of(confidentialNodes)); } @CustomType.Setter + public Builder containerdConfigs(List containerdConfigs) { + if (containerdConfigs == null) { + throw new MissingRequiredPropertyException("GetClusterNodePoolNodeConfig", "containerdConfigs"); + } + this.containerdConfigs = containerdConfigs; + return this; + } + public Builder containerdConfigs(GetClusterNodePoolNodeConfigContainerdConfig... containerdConfigs) { + return containerdConfigs(List.of(containerdConfigs)); + } + @CustomType.Setter public Builder diskSizeGb(Integer diskSizeGb) { if (diskSizeGb == null) { throw new MissingRequiredPropertyException("GetClusterNodePoolNodeConfig", "diskSizeGb"); @@ -981,6 +1007,7 @@ public GetClusterNodePoolNodeConfig build() { _resultValue.advancedMachineFeatures = advancedMachineFeatures; _resultValue.bootDiskKmsKey = bootDiskKmsKey; _resultValue.confidentialNodes = confidentialNodes; + _resultValue.containerdConfigs = containerdConfigs; _resultValue.diskSizeGb = diskSizeGb; _resultValue.diskType = diskType; _resultValue.effectiveTaints = effectiveTaints; diff --git a/sdk/java/src/main/java/com/pulumi/gcp/container/outputs/GetClusterNodePoolNodeConfigContainerdConfig.java b/sdk/java/src/main/java/com/pulumi/gcp/container/outputs/GetClusterNodePoolNodeConfigContainerdConfig.java new file mode 100644 index 0000000000..40036a7f00 --- /dev/null +++ b/sdk/java/src/main/java/com/pulumi/gcp/container/outputs/GetClusterNodePoolNodeConfigContainerdConfig.java @@ -0,0 +1,62 @@ +// *** WARNING: this file was generated by pulumi-java-gen. *** +// *** Do not edit by hand unless you're certain you know what you are doing! *** + +package com.pulumi.gcp.container.outputs; + +import com.pulumi.core.annotations.CustomType; +import com.pulumi.exceptions.MissingRequiredPropertyException; +import com.pulumi.gcp.container.outputs.GetClusterNodePoolNodeConfigContainerdConfigPrivateRegistryAccessConfig; +import java.util.List; +import java.util.Objects; + +@CustomType +public final class GetClusterNodePoolNodeConfigContainerdConfig { + /** + * @return Parameters for private container registries configuration. + * + */ + private List privateRegistryAccessConfigs; + + private GetClusterNodePoolNodeConfigContainerdConfig() {} + /** + * @return Parameters for private container registries configuration. + * + */ + public List privateRegistryAccessConfigs() { + return this.privateRegistryAccessConfigs; + } + + public static Builder builder() { + return new Builder(); + } + + public static Builder builder(GetClusterNodePoolNodeConfigContainerdConfig defaults) { + return new Builder(defaults); + } + @CustomType.Builder + public static final class Builder { + private List privateRegistryAccessConfigs; + public Builder() {} + public Builder(GetClusterNodePoolNodeConfigContainerdConfig defaults) { + Objects.requireNonNull(defaults); + this.privateRegistryAccessConfigs = defaults.privateRegistryAccessConfigs; + } + + @CustomType.Setter + public Builder privateRegistryAccessConfigs(List privateRegistryAccessConfigs) { + if (privateRegistryAccessConfigs == null) { + throw new MissingRequiredPropertyException("GetClusterNodePoolNodeConfigContainerdConfig", "privateRegistryAccessConfigs"); + } + this.privateRegistryAccessConfigs = privateRegistryAccessConfigs; + return this; + } + public Builder privateRegistryAccessConfigs(GetClusterNodePoolNodeConfigContainerdConfigPrivateRegistryAccessConfig... privateRegistryAccessConfigs) { + return privateRegistryAccessConfigs(List.of(privateRegistryAccessConfigs)); + } + public GetClusterNodePoolNodeConfigContainerdConfig build() { + final var _resultValue = new GetClusterNodePoolNodeConfigContainerdConfig(); + _resultValue.privateRegistryAccessConfigs = privateRegistryAccessConfigs; + return _resultValue; + } + } +} diff --git a/sdk/java/src/main/java/com/pulumi/gcp/container/outputs/GetClusterNodePoolNodeConfigContainerdConfigPrivateRegistryAccessConfig.java b/sdk/java/src/main/java/com/pulumi/gcp/container/outputs/GetClusterNodePoolNodeConfigContainerdConfigPrivateRegistryAccessConfig.java new file mode 100644 index 0000000000..c64509e062 --- /dev/null +++ b/sdk/java/src/main/java/com/pulumi/gcp/container/outputs/GetClusterNodePoolNodeConfigContainerdConfigPrivateRegistryAccessConfig.java @@ -0,0 +1,86 @@ +// *** WARNING: this file was generated by pulumi-java-gen. *** +// *** Do not edit by hand unless you're certain you know what you are doing! *** + +package com.pulumi.gcp.container.outputs; + +import com.pulumi.core.annotations.CustomType; +import com.pulumi.exceptions.MissingRequiredPropertyException; +import com.pulumi.gcp.container.outputs.GetClusterNodePoolNodeConfigContainerdConfigPrivateRegistryAccessConfigCertificateAuthorityDomainConfig; +import java.lang.Boolean; +import java.util.List; +import java.util.Objects; + +@CustomType +public final class GetClusterNodePoolNodeConfigContainerdConfigPrivateRegistryAccessConfig { + /** + * @return Parameters for configuring CA certificate and domains. + * + */ + private List certificateAuthorityDomainConfigs; + /** + * @return Whether or not private registries are configured. + * + */ + private Boolean enabled; + + private GetClusterNodePoolNodeConfigContainerdConfigPrivateRegistryAccessConfig() {} + /** + * @return Parameters for configuring CA certificate and domains. + * + */ + public List certificateAuthorityDomainConfigs() { + return this.certificateAuthorityDomainConfigs; + } + /** + * @return Whether or not private registries are configured. + * + */ + public Boolean enabled() { + return this.enabled; + } + + public static Builder builder() { + return new Builder(); + } + + public static Builder builder(GetClusterNodePoolNodeConfigContainerdConfigPrivateRegistryAccessConfig defaults) { + return new Builder(defaults); + } + @CustomType.Builder + public static final class Builder { + private List certificateAuthorityDomainConfigs; + private Boolean enabled; + public Builder() {} + public Builder(GetClusterNodePoolNodeConfigContainerdConfigPrivateRegistryAccessConfig defaults) { + Objects.requireNonNull(defaults); + this.certificateAuthorityDomainConfigs = defaults.certificateAuthorityDomainConfigs; + this.enabled = defaults.enabled; + } + + @CustomType.Setter + public Builder certificateAuthorityDomainConfigs(List certificateAuthorityDomainConfigs) { + if (certificateAuthorityDomainConfigs == null) { + throw new MissingRequiredPropertyException("GetClusterNodePoolNodeConfigContainerdConfigPrivateRegistryAccessConfig", "certificateAuthorityDomainConfigs"); + } + this.certificateAuthorityDomainConfigs = certificateAuthorityDomainConfigs; + return this; + } + public Builder certificateAuthorityDomainConfigs(GetClusterNodePoolNodeConfigContainerdConfigPrivateRegistryAccessConfigCertificateAuthorityDomainConfig... certificateAuthorityDomainConfigs) { + return certificateAuthorityDomainConfigs(List.of(certificateAuthorityDomainConfigs)); + } + @CustomType.Setter + public Builder enabled(Boolean enabled) { + if (enabled == null) { + throw new MissingRequiredPropertyException("GetClusterNodePoolNodeConfigContainerdConfigPrivateRegistryAccessConfig", "enabled"); + } + this.enabled = enabled; + return this; + } + public GetClusterNodePoolNodeConfigContainerdConfigPrivateRegistryAccessConfig build() { + final var _resultValue = new GetClusterNodePoolNodeConfigContainerdConfigPrivateRegistryAccessConfig(); + _resultValue.certificateAuthorityDomainConfigs = certificateAuthorityDomainConfigs; + _resultValue.enabled = enabled; + return _resultValue; + } + } +} diff --git a/sdk/java/src/main/java/com/pulumi/gcp/container/outputs/GetClusterNodePoolNodeConfigContainerdConfigPrivateRegistryAccessConfigCertificateAuthorityDomainConfig.java b/sdk/java/src/main/java/com/pulumi/gcp/container/outputs/GetClusterNodePoolNodeConfigContainerdConfigPrivateRegistryAccessConfigCertificateAuthorityDomainConfig.java new file mode 100644 index 0000000000..d680794ceb --- /dev/null +++ b/sdk/java/src/main/java/com/pulumi/gcp/container/outputs/GetClusterNodePoolNodeConfigContainerdConfigPrivateRegistryAccessConfigCertificateAuthorityDomainConfig.java @@ -0,0 +1,89 @@ +// *** WARNING: this file was generated by pulumi-java-gen. *** +// *** Do not edit by hand unless you're certain you know what you are doing! *** + +package com.pulumi.gcp.container.outputs; + +import com.pulumi.core.annotations.CustomType; +import com.pulumi.exceptions.MissingRequiredPropertyException; +import com.pulumi.gcp.container.outputs.GetClusterNodePoolNodeConfigContainerdConfigPrivateRegistryAccessConfigCertificateAuthorityDomainConfigGcpSecretManagerCertificateConfig; +import java.lang.String; +import java.util.List; +import java.util.Objects; + +@CustomType +public final class GetClusterNodePoolNodeConfigContainerdConfigPrivateRegistryAccessConfigCertificateAuthorityDomainConfig { + /** + * @return List of fully-qualified-domain-names. IPv4s and port specification are supported. + * + */ + private List fqdns; + /** + * @return Parameters for configuring a certificate hosted in GCP SecretManager. + * + */ + private List gcpSecretManagerCertificateConfigs; + + private GetClusterNodePoolNodeConfigContainerdConfigPrivateRegistryAccessConfigCertificateAuthorityDomainConfig() {} + /** + * @return List of fully-qualified-domain-names. IPv4s and port specification are supported. + * + */ + public List fqdns() { + return this.fqdns; + } + /** + * @return Parameters for configuring a certificate hosted in GCP SecretManager. + * + */ + public List gcpSecretManagerCertificateConfigs() { + return this.gcpSecretManagerCertificateConfigs; + } + + public static Builder builder() { + return new Builder(); + } + + public static Builder builder(GetClusterNodePoolNodeConfigContainerdConfigPrivateRegistryAccessConfigCertificateAuthorityDomainConfig defaults) { + return new Builder(defaults); + } + @CustomType.Builder + public static final class Builder { + private List fqdns; + private List gcpSecretManagerCertificateConfigs; + public Builder() {} + public Builder(GetClusterNodePoolNodeConfigContainerdConfigPrivateRegistryAccessConfigCertificateAuthorityDomainConfig defaults) { + Objects.requireNonNull(defaults); + this.fqdns = defaults.fqdns; + this.gcpSecretManagerCertificateConfigs = defaults.gcpSecretManagerCertificateConfigs; + } + + @CustomType.Setter + public Builder fqdns(List fqdns) { + if (fqdns == null) { + throw new MissingRequiredPropertyException("GetClusterNodePoolNodeConfigContainerdConfigPrivateRegistryAccessConfigCertificateAuthorityDomainConfig", "fqdns"); + } + this.fqdns = fqdns; + return this; + } + public Builder fqdns(String... fqdns) { + return fqdns(List.of(fqdns)); + } + @CustomType.Setter + public Builder gcpSecretManagerCertificateConfigs(List gcpSecretManagerCertificateConfigs) { + if (gcpSecretManagerCertificateConfigs == null) { + throw new MissingRequiredPropertyException("GetClusterNodePoolNodeConfigContainerdConfigPrivateRegistryAccessConfigCertificateAuthorityDomainConfig", "gcpSecretManagerCertificateConfigs"); + } + this.gcpSecretManagerCertificateConfigs = gcpSecretManagerCertificateConfigs; + return this; + } + public Builder gcpSecretManagerCertificateConfigs(GetClusterNodePoolNodeConfigContainerdConfigPrivateRegistryAccessConfigCertificateAuthorityDomainConfigGcpSecretManagerCertificateConfig... gcpSecretManagerCertificateConfigs) { + return gcpSecretManagerCertificateConfigs(List.of(gcpSecretManagerCertificateConfigs)); + } + public GetClusterNodePoolNodeConfigContainerdConfigPrivateRegistryAccessConfigCertificateAuthorityDomainConfig build() { + final var _resultValue = new GetClusterNodePoolNodeConfigContainerdConfigPrivateRegistryAccessConfigCertificateAuthorityDomainConfig(); + _resultValue.fqdns = fqdns; + _resultValue.gcpSecretManagerCertificateConfigs = gcpSecretManagerCertificateConfigs; + return _resultValue; + } + } +} diff --git a/sdk/java/src/main/java/com/pulumi/gcp/container/outputs/GetClusterNodePoolNodeConfigContainerdConfigPrivateRegistryAccessConfigCertificateAuthorityDomainConfigGcpSecretManagerCertificateConfig.java b/sdk/java/src/main/java/com/pulumi/gcp/container/outputs/GetClusterNodePoolNodeConfigContainerdConfigPrivateRegistryAccessConfigCertificateAuthorityDomainConfigGcpSecretManagerCertificateConfig.java new file mode 100644 index 0000000000..5f2acd66a2 --- /dev/null +++ b/sdk/java/src/main/java/com/pulumi/gcp/container/outputs/GetClusterNodePoolNodeConfigContainerdConfigPrivateRegistryAccessConfigCertificateAuthorityDomainConfigGcpSecretManagerCertificateConfig.java @@ -0,0 +1,58 @@ +// *** WARNING: this file was generated by pulumi-java-gen. *** +// *** Do not edit by hand unless you're certain you know what you are doing! *** + +package com.pulumi.gcp.container.outputs; + +import com.pulumi.core.annotations.CustomType; +import com.pulumi.exceptions.MissingRequiredPropertyException; +import java.lang.String; +import java.util.Objects; + +@CustomType +public final class GetClusterNodePoolNodeConfigContainerdConfigPrivateRegistryAccessConfigCertificateAuthorityDomainConfigGcpSecretManagerCertificateConfig { + /** + * @return URI for the secret that hosts a certificate. Must be in the format 'projects/PROJECT_NUM/secrets/SECRET_NAME/versions/VERSION_OR_LATEST'. + * + */ + private String secretUri; + + private GetClusterNodePoolNodeConfigContainerdConfigPrivateRegistryAccessConfigCertificateAuthorityDomainConfigGcpSecretManagerCertificateConfig() {} + /** + * @return URI for the secret that hosts a certificate. Must be in the format 'projects/PROJECT_NUM/secrets/SECRET_NAME/versions/VERSION_OR_LATEST'. + * + */ + public String secretUri() { + return this.secretUri; + } + + public static Builder builder() { + return new Builder(); + } + + public static Builder builder(GetClusterNodePoolNodeConfigContainerdConfigPrivateRegistryAccessConfigCertificateAuthorityDomainConfigGcpSecretManagerCertificateConfig defaults) { + return new Builder(defaults); + } + @CustomType.Builder + public static final class Builder { + private String secretUri; + public Builder() {} + public Builder(GetClusterNodePoolNodeConfigContainerdConfigPrivateRegistryAccessConfigCertificateAuthorityDomainConfigGcpSecretManagerCertificateConfig defaults) { + Objects.requireNonNull(defaults); + this.secretUri = defaults.secretUri; + } + + @CustomType.Setter + public Builder secretUri(String secretUri) { + if (secretUri == null) { + throw new MissingRequiredPropertyException("GetClusterNodePoolNodeConfigContainerdConfigPrivateRegistryAccessConfigCertificateAuthorityDomainConfigGcpSecretManagerCertificateConfig", "secretUri"); + } + this.secretUri = secretUri; + return this; + } + public GetClusterNodePoolNodeConfigContainerdConfigPrivateRegistryAccessConfigCertificateAuthorityDomainConfigGcpSecretManagerCertificateConfig build() { + final var _resultValue = new GetClusterNodePoolNodeConfigContainerdConfigPrivateRegistryAccessConfigCertificateAuthorityDomainConfigGcpSecretManagerCertificateConfig(); + _resultValue.secretUri = secretUri; + return _resultValue; + } + } +} diff --git a/sdk/java/src/main/java/com/pulumi/gcp/container/outputs/NodePoolNodeConfig.java b/sdk/java/src/main/java/com/pulumi/gcp/container/outputs/NodePoolNodeConfig.java index 4fd636a110..b50ed42e89 100644 --- a/sdk/java/src/main/java/com/pulumi/gcp/container/outputs/NodePoolNodeConfig.java +++ b/sdk/java/src/main/java/com/pulumi/gcp/container/outputs/NodePoolNodeConfig.java @@ -6,6 +6,7 @@ import com.pulumi.core.annotations.CustomType; import com.pulumi.gcp.container.outputs.NodePoolNodeConfigAdvancedMachineFeatures; import com.pulumi.gcp.container.outputs.NodePoolNodeConfigConfidentialNodes; +import com.pulumi.gcp.container.outputs.NodePoolNodeConfigContainerdConfig; import com.pulumi.gcp.container.outputs.NodePoolNodeConfigEffectiveTaint; import com.pulumi.gcp.container.outputs.NodePoolNodeConfigEphemeralStorageConfig; import com.pulumi.gcp.container.outputs.NodePoolNodeConfigEphemeralStorageLocalSsdConfig; @@ -51,6 +52,11 @@ public final class NodePoolNodeConfig { * */ private @Nullable NodePoolNodeConfigConfidentialNodes confidentialNodes; + /** + * @return Parameters for containerd configuration. + * + */ + private @Nullable NodePoolNodeConfigContainerdConfig containerdConfig; /** * @return Size of the disk attached to each node, specified in GB. The smallest allowed disk size is 10GB. * @@ -254,6 +260,13 @@ public Optional bootDiskKmsKey() { public Optional confidentialNodes() { return Optional.ofNullable(this.confidentialNodes); } + /** + * @return Parameters for containerd configuration. + * + */ + public Optional containerdConfig() { + return Optional.ofNullable(this.containerdConfig); + } /** * @return Size of the disk attached to each node, specified in GB. The smallest allowed disk size is 10GB. * @@ -519,6 +532,7 @@ public static final class Builder { private @Nullable NodePoolNodeConfigAdvancedMachineFeatures advancedMachineFeatures; private @Nullable String bootDiskKmsKey; private @Nullable NodePoolNodeConfigConfidentialNodes confidentialNodes; + private @Nullable NodePoolNodeConfigContainerdConfig containerdConfig; private @Nullable Integer diskSizeGb; private @Nullable String diskType; private @Nullable List effectiveTaints; @@ -561,6 +575,7 @@ public Builder(NodePoolNodeConfig defaults) { this.advancedMachineFeatures = defaults.advancedMachineFeatures; this.bootDiskKmsKey = defaults.bootDiskKmsKey; this.confidentialNodes = defaults.confidentialNodes; + this.containerdConfig = defaults.containerdConfig; this.diskSizeGb = defaults.diskSizeGb; this.diskType = defaults.diskType; this.effectiveTaints = defaults.effectiveTaints; @@ -618,6 +633,12 @@ public Builder confidentialNodes(@Nullable NodePoolNodeConfigConfidentialNodes c return this; } @CustomType.Setter + public Builder containerdConfig(@Nullable NodePoolNodeConfigContainerdConfig containerdConfig) { + + this.containerdConfig = containerdConfig; + return this; + } + @CustomType.Setter public Builder diskSizeGb(@Nullable Integer diskSizeGb) { this.diskSizeGb = diskSizeGb; @@ -856,6 +877,7 @@ public NodePoolNodeConfig build() { _resultValue.advancedMachineFeatures = advancedMachineFeatures; _resultValue.bootDiskKmsKey = bootDiskKmsKey; _resultValue.confidentialNodes = confidentialNodes; + _resultValue.containerdConfig = containerdConfig; _resultValue.diskSizeGb = diskSizeGb; _resultValue.diskType = diskType; _resultValue.effectiveTaints = effectiveTaints; diff --git a/sdk/java/src/main/java/com/pulumi/gcp/container/outputs/NodePoolNodeConfigContainerdConfig.java b/sdk/java/src/main/java/com/pulumi/gcp/container/outputs/NodePoolNodeConfigContainerdConfig.java new file mode 100644 index 0000000000..a43d7ddb6e --- /dev/null +++ b/sdk/java/src/main/java/com/pulumi/gcp/container/outputs/NodePoolNodeConfigContainerdConfig.java @@ -0,0 +1,57 @@ +// *** WARNING: this file was generated by pulumi-java-gen. *** +// *** Do not edit by hand unless you're certain you know what you are doing! *** + +package com.pulumi.gcp.container.outputs; + +import com.pulumi.core.annotations.CustomType; +import com.pulumi.gcp.container.outputs.NodePoolNodeConfigContainerdConfigPrivateRegistryAccessConfig; +import java.util.Objects; +import java.util.Optional; +import javax.annotation.Nullable; + +@CustomType +public final class NodePoolNodeConfigContainerdConfig { + /** + * @return Parameters for private container registries configuration. + * + */ + private @Nullable NodePoolNodeConfigContainerdConfigPrivateRegistryAccessConfig privateRegistryAccessConfig; + + private NodePoolNodeConfigContainerdConfig() {} + /** + * @return Parameters for private container registries configuration. + * + */ + public Optional privateRegistryAccessConfig() { + return Optional.ofNullable(this.privateRegistryAccessConfig); + } + + public static Builder builder() { + return new Builder(); + } + + public static Builder builder(NodePoolNodeConfigContainerdConfig defaults) { + return new Builder(defaults); + } + @CustomType.Builder + public static final class Builder { + private @Nullable NodePoolNodeConfigContainerdConfigPrivateRegistryAccessConfig privateRegistryAccessConfig; + public Builder() {} + public Builder(NodePoolNodeConfigContainerdConfig defaults) { + Objects.requireNonNull(defaults); + this.privateRegistryAccessConfig = defaults.privateRegistryAccessConfig; + } + + @CustomType.Setter + public Builder privateRegistryAccessConfig(@Nullable NodePoolNodeConfigContainerdConfigPrivateRegistryAccessConfig privateRegistryAccessConfig) { + + this.privateRegistryAccessConfig = privateRegistryAccessConfig; + return this; + } + public NodePoolNodeConfigContainerdConfig build() { + final var _resultValue = new NodePoolNodeConfigContainerdConfig(); + _resultValue.privateRegistryAccessConfig = privateRegistryAccessConfig; + return _resultValue; + } + } +} diff --git a/sdk/java/src/main/java/com/pulumi/gcp/container/outputs/NodePoolNodeConfigContainerdConfigPrivateRegistryAccessConfig.java b/sdk/java/src/main/java/com/pulumi/gcp/container/outputs/NodePoolNodeConfigContainerdConfigPrivateRegistryAccessConfig.java new file mode 100644 index 0000000000..3a43466cdd --- /dev/null +++ b/sdk/java/src/main/java/com/pulumi/gcp/container/outputs/NodePoolNodeConfigContainerdConfigPrivateRegistryAccessConfig.java @@ -0,0 +1,85 @@ +// *** WARNING: this file was generated by pulumi-java-gen. *** +// *** Do not edit by hand unless you're certain you know what you are doing! *** + +package com.pulumi.gcp.container.outputs; + +import com.pulumi.core.annotations.CustomType; +import com.pulumi.exceptions.MissingRequiredPropertyException; +import com.pulumi.gcp.container.outputs.NodePoolNodeConfigContainerdConfigPrivateRegistryAccessConfigCertificateAuthorityDomainConfig; +import java.lang.Boolean; +import java.util.List; +import java.util.Objects; +import javax.annotation.Nullable; + +@CustomType +public final class NodePoolNodeConfigContainerdConfigPrivateRegistryAccessConfig { + /** + * @return Parameters for configuring CA certificate and domains. + * + */ + private @Nullable List certificateAuthorityDomainConfigs; + /** + * @return Whether or not private registries are configured. + * + */ + private Boolean enabled; + + private NodePoolNodeConfigContainerdConfigPrivateRegistryAccessConfig() {} + /** + * @return Parameters for configuring CA certificate and domains. + * + */ + public List certificateAuthorityDomainConfigs() { + return this.certificateAuthorityDomainConfigs == null ? List.of() : this.certificateAuthorityDomainConfigs; + } + /** + * @return Whether or not private registries are configured. + * + */ + public Boolean enabled() { + return this.enabled; + } + + public static Builder builder() { + return new Builder(); + } + + public static Builder builder(NodePoolNodeConfigContainerdConfigPrivateRegistryAccessConfig defaults) { + return new Builder(defaults); + } + @CustomType.Builder + public static final class Builder { + private @Nullable List certificateAuthorityDomainConfigs; + private Boolean enabled; + public Builder() {} + public Builder(NodePoolNodeConfigContainerdConfigPrivateRegistryAccessConfig defaults) { + Objects.requireNonNull(defaults); + this.certificateAuthorityDomainConfigs = defaults.certificateAuthorityDomainConfigs; + this.enabled = defaults.enabled; + } + + @CustomType.Setter + public Builder certificateAuthorityDomainConfigs(@Nullable List certificateAuthorityDomainConfigs) { + + this.certificateAuthorityDomainConfigs = certificateAuthorityDomainConfigs; + return this; + } + public Builder certificateAuthorityDomainConfigs(NodePoolNodeConfigContainerdConfigPrivateRegistryAccessConfigCertificateAuthorityDomainConfig... certificateAuthorityDomainConfigs) { + return certificateAuthorityDomainConfigs(List.of(certificateAuthorityDomainConfigs)); + } + @CustomType.Setter + public Builder enabled(Boolean enabled) { + if (enabled == null) { + throw new MissingRequiredPropertyException("NodePoolNodeConfigContainerdConfigPrivateRegistryAccessConfig", "enabled"); + } + this.enabled = enabled; + return this; + } + public NodePoolNodeConfigContainerdConfigPrivateRegistryAccessConfig build() { + final var _resultValue = new NodePoolNodeConfigContainerdConfigPrivateRegistryAccessConfig(); + _resultValue.certificateAuthorityDomainConfigs = certificateAuthorityDomainConfigs; + _resultValue.enabled = enabled; + return _resultValue; + } + } +} diff --git a/sdk/java/src/main/java/com/pulumi/gcp/container/outputs/NodePoolNodeConfigContainerdConfigPrivateRegistryAccessConfigCertificateAuthorityDomainConfig.java b/sdk/java/src/main/java/com/pulumi/gcp/container/outputs/NodePoolNodeConfigContainerdConfigPrivateRegistryAccessConfigCertificateAuthorityDomainConfig.java new file mode 100644 index 0000000000..5e24a87fdf --- /dev/null +++ b/sdk/java/src/main/java/com/pulumi/gcp/container/outputs/NodePoolNodeConfigContainerdConfigPrivateRegistryAccessConfigCertificateAuthorityDomainConfig.java @@ -0,0 +1,86 @@ +// *** WARNING: this file was generated by pulumi-java-gen. *** +// *** Do not edit by hand unless you're certain you know what you are doing! *** + +package com.pulumi.gcp.container.outputs; + +import com.pulumi.core.annotations.CustomType; +import com.pulumi.exceptions.MissingRequiredPropertyException; +import com.pulumi.gcp.container.outputs.NodePoolNodeConfigContainerdConfigPrivateRegistryAccessConfigCertificateAuthorityDomainConfigGcpSecretManagerCertificateConfig; +import java.lang.String; +import java.util.List; +import java.util.Objects; + +@CustomType +public final class NodePoolNodeConfigContainerdConfigPrivateRegistryAccessConfigCertificateAuthorityDomainConfig { + /** + * @return List of fully-qualified-domain-names. IPv4s and port specification are supported. + * + */ + private List fqdns; + /** + * @return Parameters for configuring a certificate hosted in GCP SecretManager. + * + */ + private NodePoolNodeConfigContainerdConfigPrivateRegistryAccessConfigCertificateAuthorityDomainConfigGcpSecretManagerCertificateConfig gcpSecretManagerCertificateConfig; + + private NodePoolNodeConfigContainerdConfigPrivateRegistryAccessConfigCertificateAuthorityDomainConfig() {} + /** + * @return List of fully-qualified-domain-names. IPv4s and port specification are supported. + * + */ + public List fqdns() { + return this.fqdns; + } + /** + * @return Parameters for configuring a certificate hosted in GCP SecretManager. + * + */ + public NodePoolNodeConfigContainerdConfigPrivateRegistryAccessConfigCertificateAuthorityDomainConfigGcpSecretManagerCertificateConfig gcpSecretManagerCertificateConfig() { + return this.gcpSecretManagerCertificateConfig; + } + + public static Builder builder() { + return new Builder(); + } + + public static Builder builder(NodePoolNodeConfigContainerdConfigPrivateRegistryAccessConfigCertificateAuthorityDomainConfig defaults) { + return new Builder(defaults); + } + @CustomType.Builder + public static final class Builder { + private List fqdns; + private NodePoolNodeConfigContainerdConfigPrivateRegistryAccessConfigCertificateAuthorityDomainConfigGcpSecretManagerCertificateConfig gcpSecretManagerCertificateConfig; + public Builder() {} + public Builder(NodePoolNodeConfigContainerdConfigPrivateRegistryAccessConfigCertificateAuthorityDomainConfig defaults) { + Objects.requireNonNull(defaults); + this.fqdns = defaults.fqdns; + this.gcpSecretManagerCertificateConfig = defaults.gcpSecretManagerCertificateConfig; + } + + @CustomType.Setter + public Builder fqdns(List fqdns) { + if (fqdns == null) { + throw new MissingRequiredPropertyException("NodePoolNodeConfigContainerdConfigPrivateRegistryAccessConfigCertificateAuthorityDomainConfig", "fqdns"); + } + this.fqdns = fqdns; + return this; + } + public Builder fqdns(String... fqdns) { + return fqdns(List.of(fqdns)); + } + @CustomType.Setter + public Builder gcpSecretManagerCertificateConfig(NodePoolNodeConfigContainerdConfigPrivateRegistryAccessConfigCertificateAuthorityDomainConfigGcpSecretManagerCertificateConfig gcpSecretManagerCertificateConfig) { + if (gcpSecretManagerCertificateConfig == null) { + throw new MissingRequiredPropertyException("NodePoolNodeConfigContainerdConfigPrivateRegistryAccessConfigCertificateAuthorityDomainConfig", "gcpSecretManagerCertificateConfig"); + } + this.gcpSecretManagerCertificateConfig = gcpSecretManagerCertificateConfig; + return this; + } + public NodePoolNodeConfigContainerdConfigPrivateRegistryAccessConfigCertificateAuthorityDomainConfig build() { + final var _resultValue = new NodePoolNodeConfigContainerdConfigPrivateRegistryAccessConfigCertificateAuthorityDomainConfig(); + _resultValue.fqdns = fqdns; + _resultValue.gcpSecretManagerCertificateConfig = gcpSecretManagerCertificateConfig; + return _resultValue; + } + } +} diff --git a/sdk/java/src/main/java/com/pulumi/gcp/container/outputs/NodePoolNodeConfigContainerdConfigPrivateRegistryAccessConfigCertificateAuthorityDomainConfigGcpSecretManagerCertificateConfig.java b/sdk/java/src/main/java/com/pulumi/gcp/container/outputs/NodePoolNodeConfigContainerdConfigPrivateRegistryAccessConfigCertificateAuthorityDomainConfigGcpSecretManagerCertificateConfig.java new file mode 100644 index 0000000000..8985e5e8b2 --- /dev/null +++ b/sdk/java/src/main/java/com/pulumi/gcp/container/outputs/NodePoolNodeConfigContainerdConfigPrivateRegistryAccessConfigCertificateAuthorityDomainConfigGcpSecretManagerCertificateConfig.java @@ -0,0 +1,58 @@ +// *** WARNING: this file was generated by pulumi-java-gen. *** +// *** Do not edit by hand unless you're certain you know what you are doing! *** + +package com.pulumi.gcp.container.outputs; + +import com.pulumi.core.annotations.CustomType; +import com.pulumi.exceptions.MissingRequiredPropertyException; +import java.lang.String; +import java.util.Objects; + +@CustomType +public final class NodePoolNodeConfigContainerdConfigPrivateRegistryAccessConfigCertificateAuthorityDomainConfigGcpSecretManagerCertificateConfig { + /** + * @return URI for the secret that hosts a certificate. Must be in the format 'projects/PROJECT_NUM/secrets/SECRET_NAME/versions/VERSION_OR_LATEST'. + * + */ + private String secretUri; + + private NodePoolNodeConfigContainerdConfigPrivateRegistryAccessConfigCertificateAuthorityDomainConfigGcpSecretManagerCertificateConfig() {} + /** + * @return URI for the secret that hosts a certificate. Must be in the format 'projects/PROJECT_NUM/secrets/SECRET_NAME/versions/VERSION_OR_LATEST'. + * + */ + public String secretUri() { + return this.secretUri; + } + + public static Builder builder() { + return new Builder(); + } + + public static Builder builder(NodePoolNodeConfigContainerdConfigPrivateRegistryAccessConfigCertificateAuthorityDomainConfigGcpSecretManagerCertificateConfig defaults) { + return new Builder(defaults); + } + @CustomType.Builder + public static final class Builder { + private String secretUri; + public Builder() {} + public Builder(NodePoolNodeConfigContainerdConfigPrivateRegistryAccessConfigCertificateAuthorityDomainConfigGcpSecretManagerCertificateConfig defaults) { + Objects.requireNonNull(defaults); + this.secretUri = defaults.secretUri; + } + + @CustomType.Setter + public Builder secretUri(String secretUri) { + if (secretUri == null) { + throw new MissingRequiredPropertyException("NodePoolNodeConfigContainerdConfigPrivateRegistryAccessConfigCertificateAuthorityDomainConfigGcpSecretManagerCertificateConfig", "secretUri"); + } + this.secretUri = secretUri; + return this; + } + public NodePoolNodeConfigContainerdConfigPrivateRegistryAccessConfigCertificateAuthorityDomainConfigGcpSecretManagerCertificateConfig build() { + final var _resultValue = new NodePoolNodeConfigContainerdConfigPrivateRegistryAccessConfigCertificateAuthorityDomainConfigGcpSecretManagerCertificateConfig(); + _resultValue.secretUri = secretUri; + return _resultValue; + } + } +} diff --git a/sdk/java/src/main/java/com/pulumi/gcp/dataplex/AspectType.java b/sdk/java/src/main/java/com/pulumi/gcp/dataplex/AspectType.java new file mode 100644 index 0000000000..fed2816144 --- /dev/null +++ b/sdk/java/src/main/java/com/pulumi/gcp/dataplex/AspectType.java @@ -0,0 +1,544 @@ +// *** WARNING: this file was generated by pulumi-java-gen. *** +// *** Do not edit by hand unless you're certain you know what you are doing! *** + +package com.pulumi.gcp.dataplex; + +import com.pulumi.core.Output; +import com.pulumi.core.annotations.Export; +import com.pulumi.core.annotations.ResourceType; +import com.pulumi.core.internal.Codegen; +import com.pulumi.gcp.Utilities; +import com.pulumi.gcp.dataplex.AspectTypeArgs; +import com.pulumi.gcp.dataplex.inputs.AspectTypeState; +import java.lang.String; +import java.util.List; +import java.util.Map; +import java.util.Optional; +import javax.annotation.Nullable; + +/** + * An Aspect Type is a template for creating Aspects. + * + * ## Example Usage + * + * ### Dataplex Aspect Type Basic + * + * <!--Start PulumiCodeChooser --> + * 
+ * {@code
+ * package generated_program;
+ * 
+ * import com.pulumi.Context;
+ * import com.pulumi.Pulumi;
+ * import com.pulumi.core.Output;
+ * import com.pulumi.gcp.dataplex.AspectType;
+ * import com.pulumi.gcp.dataplex.AspectTypeArgs;
+ * import java.util.List;
+ * import java.util.ArrayList;
+ * import java.util.Map;
+ * import java.io.File;
+ * import java.nio.file.Files;
+ * import java.nio.file.Paths;
+ * 
+ * public class App {
+ *     public static void main(String[] args) {
+ *         Pulumi.run(App::stack);
+ *     }
+ * 
+ *     public static void stack(Context ctx) {
+ *         var testAspectTypeBasic = new AspectType("testAspectTypeBasic", AspectTypeArgs.builder()
+ *             .aspectTypeId("aspect-type-basic")
+ *             .project("my-project-name")
+ *             .location("us-central1")
+ *             .metadataTemplate("""
+ * {
+ *   "name": "tf-test-template",
+ *   "type": "record",
+ *   "recordFields": [
+ *     {
+ *       "name": "type",
+ *       "type": "enum",
+ *       "annotations": {
+ *         "displayName": "Type",
+ *         "description": "Specifies the type of view represented by the entry."
+ *       },
+ *       "index": 1,
+ *       "constraints": {
+ *         "required": true
+ *       },
+ *       "enumValues": [
+ *         {
+ *           "name": "VIEW",
+ *           "index": 1
+ *         }
+ *       ]
+ *     }
+ *   ]
+ * }
+ *             """)
+ *             .build());
+ * 
+ *     }
+ * }
+ * }
+ *
+ * <!--End PulumiCodeChooser --> + * ### Dataplex Aspect Type Full + * + * <!--Start PulumiCodeChooser --> + * 
+ * {@code
+ * package generated_program;
+ * 
+ * import com.pulumi.Context;
+ * import com.pulumi.Pulumi;
+ * import com.pulumi.core.Output;
+ * import com.pulumi.gcp.dataplex.AspectType;
+ * import com.pulumi.gcp.dataplex.AspectTypeArgs;
+ * import java.util.List;
+ * import java.util.ArrayList;
+ * import java.util.Map;
+ * import java.io.File;
+ * import java.nio.file.Files;
+ * import java.nio.file.Paths;
+ * 
+ * public class App {
+ *     public static void main(String[] args) {
+ *         Pulumi.run(App::stack);
+ *     }
+ * 
+ *     public static void stack(Context ctx) {
+ *         var testAspectTypeFull = new AspectType("testAspectTypeFull", AspectTypeArgs.builder()
+ *             .aspectTypeId("aspect-type-full")
+ *             .project("my-project-name")
+ *             .location("us-central1")
+ *             .labels(Map.of("tag", "test-tf"))
+ *             .displayName("terraform aspect type")
+ *             .description("aspect type created by Terraform")
+ *             .metadataTemplate("""
+ * {
+ *   "type": "record",
+ *   "name": "Schema",
+ *   "recordFields": [
+ *     {
+ *       "name": "fields",
+ *       "type": "array",
+ *       "index": 1,
+ *       "arrayItems": {
+ *         "name": "field",
+ *         "type": "record",
+ *         "typeId": "field",
+ *         "recordFields": [
+ *           {
+ *             "name": "name",
+ *             "type": "string",
+ *             "index": 1,
+ *             "constraints": {
+ *               "required": true
+ *             }
+ *           },
+ *           {
+ *             "name": "description",
+ *             "type": "string",
+ *             "index": 2
+ *           },
+ *           {
+ *             "name": "dataType",
+ *             "type": "string",
+ *             "index": 3,
+ *             "constraints": {
+ *               "required": true
+ *             }
+ *           },
+ *           {
+ *             "name": "metadataType",
+ *             "type": "enum",
+ *             "index": 4,
+ *             "constraints": {
+ *               "required": true
+ *             },
+ *             "enumValues": [
+ *               {
+ *                 "name": "BOOLEAN",
+ *                 "index": 1
+ *               },
+ *               {
+ *                 "name": "NUMBER",
+ *                 "index": 2
+ *               },
+ *               {
+ *                 "name": "STRING",
+ *                 "index": 3
+ *               },
+ *               {
+ *                 "name": "BYTES",
+ *                 "index": 4
+ *               },
+ *               {
+ *                 "name": "DATETIME",
+ *                 "index": 5
+ *               },
+ *               {
+ *                 "name": "TIMESTAMP",
+ *                 "index": 6
+ *               },
+ *               {
+ *                 "name": "GEOSPATIAL",
+ *                 "index": 7
+ *               },
+ *               {
+ *                 "name": "STRUCT",
+ *                 "index": 8
+ *               },
+ *               {
+ *                 "name": "OTHER",
+ *                 "index": 100
+ *               }
+ *             ]
+ *           },
+ *           {
+ *             "name": "mode",
+ *             "type": "enum",
+ *             "index": 5,
+ *             "enumValues": [
+ *               {
+ *                 "name": "NULLABLE",
+ *                 "index": 1
+ *               },
+ *               {
+ *                 "name": "REPEATED",
+ *                 "index": 2
+ *               },
+ *               {
+ *                 "name": "REQUIRED",
+ *                 "index": 3
+ *               }
+ *             ]
+ *           },
+ *           {
+ *             "name": "defaultValue",
+ *             "type": "string",
+ *             "index": 6
+ *           },
+ *           {
+ *             "name": "annotations",
+ *             "type": "map",
+ *             "index": 7,
+ *             "mapItems": {
+ *               "name": "label",
+ *               "type": "string"
+ *             }
+ *           },
+ *           {
+ *             "name": "fields",
+ *             "type": "array",
+ *             "index": 20,
+ *             "arrayItems": {
+ *               "name": "field",
+ *               "type": "record",
+ *               "typeRef": "field"
+ *             }
+ *           }
+ *         ]
+ *       }
+ *     }
+ *   ]
+ * }
+ *             """)
+ *             .build());
+ * 
+ *     }
+ * }
+ * }
+ *
+ * <!--End PulumiCodeChooser --> + * + * ## Import + * + * AspectType can be imported using any of these accepted formats: + * + * * `projects/{{project}}/locations/{{location}}/aspectTypes/{{aspect_type_id}}` + * + * * `{{project}}/{{location}}/{{aspect_type_id}}` + * + * * `{{location}}/{{aspect_type_id}}` + * + * When using the `pulumi import` command, AspectType can be imported using one of the formats above. For example: + * + * ```sh + * $ pulumi import gcp:dataplex/aspectType:AspectType default projects/{{project}}/locations/{{location}}/aspectTypes/{{aspect_type_id}} + * ``` + * + * ```sh + * $ pulumi import gcp:dataplex/aspectType:AspectType default {{project}}/{{location}}/{{aspect_type_id}} + * ``` + * + * ```sh + * $ pulumi import gcp:dataplex/aspectType:AspectType default {{location}}/{{aspect_type_id}} + * ``` + * + */ +@ResourceType(type="gcp:dataplex/aspectType:AspectType") +public class AspectType extends com.pulumi.resources.CustomResource { + /** + * The aspect type id of the aspect type. + * + */ + @Export(name="aspectTypeId", refs={String.class}, tree="[0]") + private Output aspectTypeId; + + /** + * @return The aspect type id of the aspect type. + * + */ + public Output> aspectTypeId() { + return Codegen.optional(this.aspectTypeId); + } + /** + * The time when the AspectType was created. + * + */ + @Export(name="createTime", refs={String.class}, tree="[0]") + private Output createTime; + + /** + * @return The time when the AspectType was created. + * + */ + public Output createTime() { + return this.createTime; + } + /** + * Description of the AspectType. + * + */ + @Export(name="description", refs={String.class}, tree="[0]") + private Output description; + + /** + * @return Description of the AspectType. + * + */ + public Output> description() { + return Codegen.optional(this.description); + } + /** + * User friendly display name. + * + */ + @Export(name="displayName", refs={String.class}, tree="[0]") + private Output displayName; + + /** + * @return User friendly display name. + * + */ + public Output> displayName() { + return Codegen.optional(this.displayName); + } + /** + * All of labels (key/value pairs) present on the resource in GCP, including the labels configured through Pulumi, other clients and services. + * + */ + @Export(name="effectiveLabels", refs={Map.class,String.class}, tree="[0,1,1]") + private Output> effectiveLabels; + + /** + * @return All of labels (key/value pairs) present on the resource in GCP, including the labels configured through Pulumi, other clients and services. + * + */ + public Output> effectiveLabels() { + return this.effectiveLabels; + } + /** + * User-defined labels for the AspectType. + * + * **Note**: This field is non-authoritative, and will only manage the labels present in your configuration. + * Please refer to the field `effective_labels` for all of the labels present on the resource. + * + */ + @Export(name="labels", refs={Map.class,String.class}, tree="[0,1,1]") + private Output> labels; + + /** + * @return User-defined labels for the AspectType. + * + * **Note**: This field is non-authoritative, and will only manage the labels present in your configuration. + * Please refer to the field `effective_labels` for all of the labels present on the resource. + * + */ + public Output>> labels() { + return Codegen.optional(this.labels); + } + /** + * The location where aspect type will be created in. + * + */ + @Export(name="location", refs={String.class}, tree="[0]") + private Output location; + + /** + * @return The location where aspect type will be created in. + * + */ + public Output> location() { + return Codegen.optional(this.location); + } + /** + * MetadataTemplate of the Aspect. + * + */ + @Export(name="metadataTemplate", refs={String.class}, tree="[0]") + private Output metadataTemplate; + + /** + * @return MetadataTemplate of the Aspect. + * + */ + public Output> metadataTemplate() { + return Codegen.optional(this.metadataTemplate); + } + /** + * The relative resource name of the AspectType, of the form: projects/{project_number}/locations/{location_id}/aspectTypes/{aspect_type_id} + * + */ + @Export(name="name", refs={String.class}, tree="[0]") + private Output name; + + /** + * @return The relative resource name of the AspectType, of the form: projects/{project_number}/locations/{location_id}/aspectTypes/{aspect_type_id} + * + */ + public Output name() { + return this.name; + } + /** + * The ID of the project in which the resource belongs. + * If it is not provided, the provider project is used. + * + */ + @Export(name="project", refs={String.class}, tree="[0]") + private Output project; + + /** + * @return The ID of the project in which the resource belongs. + * If it is not provided, the provider project is used. + * + */ + public Output project() { + return this.project; + } + /** + * The combination of labels configured directly on the resource + * and default labels configured on the provider. + * + */ + @Export(name="pulumiLabels", refs={Map.class,String.class}, tree="[0,1,1]") + private Output> pulumiLabels; + + /** + * @return The combination of labels configured directly on the resource + * and default labels configured on the provider. + * + */ + public Output> pulumiLabels() { + return this.pulumiLabels; + } + /** + * Denotes the transfer status of the Aspect Type. It is unspecified + * for Aspect Type created from Dataplex API. + * + */ + @Export(name="transferStatus", refs={String.class}, tree="[0]") + private Output transferStatus; + + /** + * @return Denotes the transfer status of the Aspect Type. It is unspecified + * for Aspect Type created from Dataplex API. + * + */ + public Output transferStatus() { + return this.transferStatus; + } + /** + * System generated globally unique ID for the AspectType. This ID will be different if the AspectType is deleted and re-created with the same name. + * + */ + @Export(name="uid", refs={String.class}, tree="[0]") + private Output uid; + + /** + * @return System generated globally unique ID for the AspectType. This ID will be different if the AspectType is deleted and re-created with the same name. + * + */ + public Output uid() { + return this.uid; + } + /** + * The time when the AspectType was last updated. + * + */ + @Export(name="updateTime", refs={String.class}, tree="[0]") + private Output updateTime; + + /** + * @return The time when the AspectType was last updated. + * + */ + public Output updateTime() { + return this.updateTime; + } + + /** + * + * @param name The _unique_ name of the resulting resource. + */ + public AspectType(String name) { + this(name, AspectTypeArgs.Empty); + } + /** + * + * @param name The _unique_ name of the resulting resource. + * @param args The arguments to use to populate this resource's properties. + */ + public AspectType(String name, @Nullable AspectTypeArgs args) { + this(name, args, null); + } + /** + * + * @param name The _unique_ name of the resulting resource. + * @param args The arguments to use to populate this resource's properties. + * @param options A bag of options that control this resource's behavior. + */ + public AspectType(String name, @Nullable AspectTypeArgs args, @Nullable com.pulumi.resources.CustomResourceOptions options) { + super("gcp:dataplex/aspectType:AspectType", name, args == null ? AspectTypeArgs.Empty : args, makeResourceOptions(options, Codegen.empty())); + } + + private AspectType(String name, Output id, @Nullable AspectTypeState state, @Nullable com.pulumi.resources.CustomResourceOptions options) { + super("gcp:dataplex/aspectType:AspectType", name, state, makeResourceOptions(options, id)); + } + + private static com.pulumi.resources.CustomResourceOptions makeResourceOptions(@Nullable com.pulumi.resources.CustomResourceOptions options, @Nullable Output id) { + var defaultOptions = com.pulumi.resources.CustomResourceOptions.builder() + .version(Utilities.getVersion()) + .additionalSecretOutputs(List.of( + "effectiveLabels", + "pulumiLabels" + )) + .build(); + return com.pulumi.resources.CustomResourceOptions.merge(defaultOptions, options, id); + } + + /** + * Get an existing Host resource's state with the given name, ID, and optional extra + * properties used to qualify the lookup. + * + * @param name The _unique_ name of the resulting resource. + * @param id The _unique_ provider ID of the resource to lookup. + * @param state + * @param options Optional settings to control the behavior of the CustomResource. + */ + public static AspectType get(String name, Output id, @Nullable AspectTypeState state, @Nullable com.pulumi.resources.CustomResourceOptions options) { + return new AspectType(name, id, state, options); + } +} diff --git a/sdk/java/src/main/java/com/pulumi/gcp/dataplex/AspectTypeArgs.java b/sdk/java/src/main/java/com/pulumi/gcp/dataplex/AspectTypeArgs.java new file mode 100644 index 0000000000..3da0400bc5 --- /dev/null +++ b/sdk/java/src/main/java/com/pulumi/gcp/dataplex/AspectTypeArgs.java @@ -0,0 +1,322 @@ +// *** WARNING: this file was generated by pulumi-java-gen. *** +// *** Do not edit by hand unless you're certain you know what you are doing! *** + +package com.pulumi.gcp.dataplex; + +import com.pulumi.core.Output; +import com.pulumi.core.annotations.Import; +import java.lang.String; +import java.util.Map; +import java.util.Objects; +import java.util.Optional; +import javax.annotation.Nullable; + + +public final class AspectTypeArgs extends com.pulumi.resources.ResourceArgs { + + public static final AspectTypeArgs Empty = new AspectTypeArgs(); + + /** + * The aspect type id of the aspect type. + * + */ + @Import(name="aspectTypeId") + private @Nullable Output aspectTypeId; + + /** + * @return The aspect type id of the aspect type. + * + */ + public Optional> aspectTypeId() { + return Optional.ofNullable(this.aspectTypeId); + } + + /** + * Description of the AspectType. + * + */ + @Import(name="description") + private @Nullable Output description; + + /** + * @return Description of the AspectType. + * + */ + public Optional> description() { + return Optional.ofNullable(this.description); + } + + /** + * User friendly display name. + * + */ + @Import(name="displayName") + private @Nullable Output displayName; + + /** + * @return User friendly display name. + * + */ + public Optional> displayName() { + return Optional.ofNullable(this.displayName); + } + + /** + * User-defined labels for the AspectType. + * + * **Note**: This field is non-authoritative, and will only manage the labels present in your configuration. + * Please refer to the field `effective_labels` for all of the labels present on the resource. + * + */ + @Import(name="labels") + private @Nullable Output> labels; + + /** + * @return User-defined labels for the AspectType. + * + * **Note**: This field is non-authoritative, and will only manage the labels present in your configuration. + * Please refer to the field `effective_labels` for all of the labels present on the resource. + * + */ + public Optional>> labels() { + return Optional.ofNullable(this.labels); + } + + /** + * The location where aspect type will be created in. + * + */ + @Import(name="location") + private @Nullable Output location; + + /** + * @return The location where aspect type will be created in. + * + */ + public Optional> location() { + return Optional.ofNullable(this.location); + } + + /** + * MetadataTemplate of the Aspect. + * + */ + @Import(name="metadataTemplate") + private @Nullable Output metadataTemplate; + + /** + * @return MetadataTemplate of the Aspect. + * + */ + public Optional> metadataTemplate() { + return Optional.ofNullable(this.metadataTemplate); + } + + /** + * The ID of the project in which the resource belongs. + * If it is not provided, the provider project is used. + * + */ + @Import(name="project") + private @Nullable Output project; + + /** + * @return The ID of the project in which the resource belongs. + * If it is not provided, the provider project is used. + * + */ + public Optional> project() { + return Optional.ofNullable(this.project); + } + + private AspectTypeArgs() {} + + private AspectTypeArgs(AspectTypeArgs $) { + this.aspectTypeId = $.aspectTypeId; + this.description = $.description; + this.displayName = $.displayName; + this.labels = $.labels; + this.location = $.location; + this.metadataTemplate = $.metadataTemplate; + this.project = $.project; + } + + public static Builder builder() { + return new Builder(); + } + public static Builder builder(AspectTypeArgs defaults) { + return new Builder(defaults); + } + + public static final class Builder { + private AspectTypeArgs $; + + public Builder() { + $ = new AspectTypeArgs(); + } + + public Builder(AspectTypeArgs defaults) { + $ = new AspectTypeArgs(Objects.requireNonNull(defaults)); + } + + /** + * @param aspectTypeId The aspect type id of the aspect type. + * + * @return builder + * + */ + public Builder aspectTypeId(@Nullable Output aspectTypeId) { + $.aspectTypeId = aspectTypeId; + return this; + } + + /** + * @param aspectTypeId The aspect type id of the aspect type. + * + * @return builder + * + */ + public Builder aspectTypeId(String aspectTypeId) { + return aspectTypeId(Output.of(aspectTypeId)); + } + + /** + * @param description Description of the AspectType. + * + * @return builder + * + */ + public Builder description(@Nullable Output description) { + $.description = description; + return this; + } + + /** + * @param description Description of the AspectType. + * + * @return builder + * + */ + public Builder description(String description) { + return description(Output.of(description)); + } + + /** + * @param displayName User friendly display name. + * + * @return builder + * + */ + public Builder displayName(@Nullable Output displayName) { + $.displayName = displayName; + return this; + } + + /** + * @param displayName User friendly display name. + * + * @return builder + * + */ + public Builder displayName(String displayName) { + return displayName(Output.of(displayName)); + } + + /** + * @param labels User-defined labels for the AspectType. + * + * **Note**: This field is non-authoritative, and will only manage the labels present in your configuration. + * Please refer to the field `effective_labels` for all of the labels present on the resource. + * + * @return builder + * + */ + public Builder labels(@Nullable Output> labels) { + $.labels = labels; + return this; + } + + /** + * @param labels User-defined labels for the AspectType. + * + * **Note**: This field is non-authoritative, and will only manage the labels present in your configuration. + * Please refer to the field `effective_labels` for all of the labels present on the resource. + * + * @return builder + * + */ + public Builder labels(Map labels) { + return labels(Output.of(labels)); + } + + /** + * @param location The location where aspect type will be created in. + * + * @return builder + * + */ + public Builder location(@Nullable Output location) { + $.location = location; + return this; + } + + /** + * @param location The location where aspect type will be created in. + * + * @return builder + * + */ + public Builder location(String location) { + return location(Output.of(location)); + } + + /** + * @param metadataTemplate MetadataTemplate of the Aspect. + * + * @return builder + * + */ + public Builder metadataTemplate(@Nullable Output metadataTemplate) { + $.metadataTemplate = metadataTemplate; + return this; + } + + /** + * @param metadataTemplate MetadataTemplate of the Aspect. + * + * @return builder + * + */ + public Builder metadataTemplate(String metadataTemplate) { + return metadataTemplate(Output.of(metadataTemplate)); + } + + /** + * @param project The ID of the project in which the resource belongs. + * If it is not provided, the provider project is used. + * + * @return builder + * + */ + public Builder project(@Nullable Output project) { + $.project = project; + return this; + } + + /** + * @param project The ID of the project in which the resource belongs. + * If it is not provided, the provider project is used. + * + * @return builder + * + */ + public Builder project(String project) { + return project(Output.of(project)); + } + + public AspectTypeArgs build() { + return $; + } + } + +} diff --git a/sdk/java/src/main/java/com/pulumi/gcp/dataplex/AspectTypeIamBinding.java b/sdk/java/src/main/java/com/pulumi/gcp/dataplex/AspectTypeIamBinding.java new file mode 100644 index 0000000000..3e7a806f55 --- /dev/null +++ b/sdk/java/src/main/java/com/pulumi/gcp/dataplex/AspectTypeIamBinding.java @@ -0,0 +1,484 @@ +// *** WARNING: this file was generated by pulumi-java-gen. *** +// *** Do not edit by hand unless you're certain you know what you are doing! *** + +package com.pulumi.gcp.dataplex; + +import com.pulumi.core.Output; +import com.pulumi.core.annotations.Export; +import com.pulumi.core.annotations.ResourceType; +import com.pulumi.core.internal.Codegen; +import com.pulumi.gcp.Utilities; +import com.pulumi.gcp.dataplex.AspectTypeIamBindingArgs; +import com.pulumi.gcp.dataplex.inputs.AspectTypeIamBindingState; +import com.pulumi.gcp.dataplex.outputs.AspectTypeIamBindingCondition; +import java.lang.String; +import java.util.List; +import java.util.Optional; +import javax.annotation.Nullable; + +/** + * Three different resources help you manage your IAM policy for Dataplex AspectType. Each of these resources serves a different use case: + * + * * `gcp.dataplex.AspectTypeIamPolicy`: Authoritative. Sets the IAM policy for the aspecttype and replaces any existing policy already attached. + * * `gcp.dataplex.AspectTypeIamBinding`: Authoritative for a given role. Updates the IAM policy to grant a role to a list of members. Other roles within the IAM policy for the aspecttype are preserved. + * * `gcp.dataplex.AspectTypeIamMember`: Non-authoritative. Updates the IAM policy to grant a role to a new member. Other members for the role for the aspecttype are preserved. + * + * A data source can be used to retrieve policy data in advent you do not need creation + * + * * `gcp.dataplex.AspectTypeIamPolicy`: Retrieves the IAM policy for the aspecttype + * + * > **Note:** `gcp.dataplex.AspectTypeIamPolicy` **cannot** be used in conjunction with `gcp.dataplex.AspectTypeIamBinding` and `gcp.dataplex.AspectTypeIamMember` or they will fight over what your policy should be. + * + * > **Note:** `gcp.dataplex.AspectTypeIamBinding` resources **can be** used in conjunction with `gcp.dataplex.AspectTypeIamMember` resources **only if** they do not grant privilege to the same role. + * + * ## gcp.dataplex.AspectTypeIamPolicy + * + * <!--Start PulumiCodeChooser --> + * 
+ * {@code
+ * package generated_program;
+ * 
+ * import com.pulumi.Context;
+ * import com.pulumi.Pulumi;
+ * import com.pulumi.core.Output;
+ * import com.pulumi.gcp.organizations.OrganizationsFunctions;
+ * import com.pulumi.gcp.organizations.inputs.GetIAMPolicyArgs;
+ * import com.pulumi.gcp.dataplex.AspectTypeIamPolicy;
+ * import com.pulumi.gcp.dataplex.AspectTypeIamPolicyArgs;
+ * import java.util.List;
+ * import java.util.ArrayList;
+ * import java.util.Map;
+ * import java.io.File;
+ * import java.nio.file.Files;
+ * import java.nio.file.Paths;
+ * 
+ * public class App {
+ *     public static void main(String[] args) {
+ *         Pulumi.run(App::stack);
+ *     }
+ * 
+ *     public static void stack(Context ctx) {
+ *         final var admin = OrganizationsFunctions.getIAMPolicy(GetIAMPolicyArgs.builder()
+ *             .bindings(GetIAMPolicyBindingArgs.builder()
+ *                 .role("roles/viewer")
+ *                 .members("user:jane{@literal @}example.com")
+ *                 .build())
+ *             .build());
+ * 
+ *         var policy = new AspectTypeIamPolicy("policy", AspectTypeIamPolicyArgs.builder()
+ *             .project(testAspectTypeBasic.project())
+ *             .location(testAspectTypeBasic.location())
+ *             .aspectTypeId(testAspectTypeBasic.aspectTypeId())
+ *             .policyData(admin.applyValue(getIAMPolicyResult -> getIAMPolicyResult.policyData()))
+ *             .build());
+ * 
+ *     }
+ * }
+ * }
+ *
+ * <!--End PulumiCodeChooser --> + * + * ## gcp.dataplex.AspectTypeIamBinding + * + * <!--Start PulumiCodeChooser --> + * 
+ * {@code
+ * package generated_program;
+ * 
+ * import com.pulumi.Context;
+ * import com.pulumi.Pulumi;
+ * import com.pulumi.core.Output;
+ * import com.pulumi.gcp.dataplex.AspectTypeIamBinding;
+ * import com.pulumi.gcp.dataplex.AspectTypeIamBindingArgs;
+ * import java.util.List;
+ * import java.util.ArrayList;
+ * import java.util.Map;
+ * import java.io.File;
+ * import java.nio.file.Files;
+ * import java.nio.file.Paths;
+ * 
+ * public class App {
+ *     public static void main(String[] args) {
+ *         Pulumi.run(App::stack);
+ *     }
+ * 
+ *     public static void stack(Context ctx) {
+ *         var binding = new AspectTypeIamBinding("binding", AspectTypeIamBindingArgs.builder()
+ *             .project(testAspectTypeBasic.project())
+ *             .location(testAspectTypeBasic.location())
+ *             .aspectTypeId(testAspectTypeBasic.aspectTypeId())
+ *             .role("roles/viewer")
+ *             .members("user:jane{@literal @}example.com")
+ *             .build());
+ * 
+ *     }
+ * }
+ * }
+ *
+ * <!--End PulumiCodeChooser --> + * + * ## gcp.dataplex.AspectTypeIamMember + * + * <!--Start PulumiCodeChooser --> + * 
+ * {@code
+ * package generated_program;
+ * 
+ * import com.pulumi.Context;
+ * import com.pulumi.Pulumi;
+ * import com.pulumi.core.Output;
+ * import com.pulumi.gcp.dataplex.AspectTypeIamMember;
+ * import com.pulumi.gcp.dataplex.AspectTypeIamMemberArgs;
+ * import java.util.List;
+ * import java.util.ArrayList;
+ * import java.util.Map;
+ * import java.io.File;
+ * import java.nio.file.Files;
+ * import java.nio.file.Paths;
+ * 
+ * public class App {
+ *     public static void main(String[] args) {
+ *         Pulumi.run(App::stack);
+ *     }
+ * 
+ *     public static void stack(Context ctx) {
+ *         var member = new AspectTypeIamMember("member", AspectTypeIamMemberArgs.builder()
+ *             .project(testAspectTypeBasic.project())
+ *             .location(testAspectTypeBasic.location())
+ *             .aspectTypeId(testAspectTypeBasic.aspectTypeId())
+ *             .role("roles/viewer")
+ *             .member("user:jane{@literal @}example.com")
+ *             .build());
+ * 
+ *     }
+ * }
+ * }
+ *
+ * <!--End PulumiCodeChooser --> + * + * ## gcp.dataplex.AspectTypeIamPolicy + * + * <!--Start PulumiCodeChooser --> + * 
+ * {@code
+ * package generated_program;
+ * 
+ * import com.pulumi.Context;
+ * import com.pulumi.Pulumi;
+ * import com.pulumi.core.Output;
+ * import com.pulumi.gcp.organizations.OrganizationsFunctions;
+ * import com.pulumi.gcp.organizations.inputs.GetIAMPolicyArgs;
+ * import com.pulumi.gcp.dataplex.AspectTypeIamPolicy;
+ * import com.pulumi.gcp.dataplex.AspectTypeIamPolicyArgs;
+ * import java.util.List;
+ * import java.util.ArrayList;
+ * import java.util.Map;
+ * import java.io.File;
+ * import java.nio.file.Files;
+ * import java.nio.file.Paths;
+ * 
+ * public class App {
+ *     public static void main(String[] args) {
+ *         Pulumi.run(App::stack);
+ *     }
+ * 
+ *     public static void stack(Context ctx) {
+ *         final var admin = OrganizationsFunctions.getIAMPolicy(GetIAMPolicyArgs.builder()
+ *             .bindings(GetIAMPolicyBindingArgs.builder()
+ *                 .role("roles/viewer")
+ *                 .members("user:jane{@literal @}example.com")
+ *                 .build())
+ *             .build());
+ * 
+ *         var policy = new AspectTypeIamPolicy("policy", AspectTypeIamPolicyArgs.builder()
+ *             .project(testAspectTypeBasic.project())
+ *             .location(testAspectTypeBasic.location())
+ *             .aspectTypeId(testAspectTypeBasic.aspectTypeId())
+ *             .policyData(admin.applyValue(getIAMPolicyResult -> getIAMPolicyResult.policyData()))
+ *             .build());
+ * 
+ *     }
+ * }
+ * }
+ *
+ * <!--End PulumiCodeChooser --> + * + * ## gcp.dataplex.AspectTypeIamBinding + * + * <!--Start PulumiCodeChooser --> + * 
+ * {@code
+ * package generated_program;
+ * 
+ * import com.pulumi.Context;
+ * import com.pulumi.Pulumi;
+ * import com.pulumi.core.Output;
+ * import com.pulumi.gcp.dataplex.AspectTypeIamBinding;
+ * import com.pulumi.gcp.dataplex.AspectTypeIamBindingArgs;
+ * import java.util.List;
+ * import java.util.ArrayList;
+ * import java.util.Map;
+ * import java.io.File;
+ * import java.nio.file.Files;
+ * import java.nio.file.Paths;
+ * 
+ * public class App {
+ *     public static void main(String[] args) {
+ *         Pulumi.run(App::stack);
+ *     }
+ * 
+ *     public static void stack(Context ctx) {
+ *         var binding = new AspectTypeIamBinding("binding", AspectTypeIamBindingArgs.builder()
+ *             .project(testAspectTypeBasic.project())
+ *             .location(testAspectTypeBasic.location())
+ *             .aspectTypeId(testAspectTypeBasic.aspectTypeId())
+ *             .role("roles/viewer")
+ *             .members("user:jane{@literal @}example.com")
+ *             .build());
+ * 
+ *     }
+ * }
+ * }
+ *
+ * <!--End PulumiCodeChooser --> + * + * ## gcp.dataplex.AspectTypeIamMember + * + * <!--Start PulumiCodeChooser --> + * 
+ * {@code
+ * package generated_program;
+ * 
+ * import com.pulumi.Context;
+ * import com.pulumi.Pulumi;
+ * import com.pulumi.core.Output;
+ * import com.pulumi.gcp.dataplex.AspectTypeIamMember;
+ * import com.pulumi.gcp.dataplex.AspectTypeIamMemberArgs;
+ * import java.util.List;
+ * import java.util.ArrayList;
+ * import java.util.Map;
+ * import java.io.File;
+ * import java.nio.file.Files;
+ * import java.nio.file.Paths;
+ * 
+ * public class App {
+ *     public static void main(String[] args) {
+ *         Pulumi.run(App::stack);
+ *     }
+ * 
+ *     public static void stack(Context ctx) {
+ *         var member = new AspectTypeIamMember("member", AspectTypeIamMemberArgs.builder()
+ *             .project(testAspectTypeBasic.project())
+ *             .location(testAspectTypeBasic.location())
+ *             .aspectTypeId(testAspectTypeBasic.aspectTypeId())
+ *             .role("roles/viewer")
+ *             .member("user:jane{@literal @}example.com")
+ *             .build());
+ * 
+ *     }
+ * }
+ * }
+ *
+ * <!--End PulumiCodeChooser --> + * + * ## Import + * + * For all import syntaxes, the "resource in question" can take any of the following forms: + * + * * projects/{{project}}/locations/{{location}}/aspectTypes/{{aspect_type_id}} + * + * * {{project}}/{{location}}/{{aspect_type_id}} + * + * * {{location}}/{{aspect_type_id}} + * + * * {{aspect_type_id}} + * + * Any variables not passed in the import command will be taken from the provider configuration. + * + * Dataplex aspecttype IAM resources can be imported using the resource identifiers, role, and member. + * + * IAM member imports use space-delimited identifiers: the resource in question, the role, and the member identity, e.g. + * + * ```sh + * $ pulumi import gcp:dataplex/aspectTypeIamBinding:AspectTypeIamBinding editor "projects/{{project}}/locations/{{location}}/aspectTypes/{{aspect_type_id}} roles/viewer user:jane{@literal @}example.com" + * ``` + * + * IAM binding imports use space-delimited identifiers: the resource in question and the role, e.g. + * + * ```sh + * $ pulumi import gcp:dataplex/aspectTypeIamBinding:AspectTypeIamBinding editor "projects/{{project}}/locations/{{location}}/aspectTypes/{{aspect_type_id}} roles/viewer" + * ``` + * + * IAM policy imports use the identifier of the resource in question, e.g. + * + * ```sh + * $ pulumi import gcp:dataplex/aspectTypeIamBinding:AspectTypeIamBinding editor projects/{{project}}/locations/{{location}}/aspectTypes/{{aspect_type_id}} + * ``` + * + * -> **Custom Roles**: If you're importing a IAM resource with a custom role, make sure to use the + * + * full name of the custom role, e.g. `[projects/my-project|organizations/my-org]/roles/my-custom-role`. + * + */ +@ResourceType(type="gcp:dataplex/aspectTypeIamBinding:AspectTypeIamBinding") +public class AspectTypeIamBinding extends com.pulumi.resources.CustomResource { + @Export(name="aspectTypeId", refs={String.class}, tree="[0]") + private Output aspectTypeId; + + public Output aspectTypeId() { + return this.aspectTypeId; + } + @Export(name="condition", refs={AspectTypeIamBindingCondition.class}, tree="[0]") + private Output condition; + + public Output> condition() { + return Codegen.optional(this.condition); + } + /** + * (Computed) The etag of the IAM policy. + * + */ + @Export(name="etag", refs={String.class}, tree="[0]") + private Output etag; + + /** + * @return (Computed) The etag of the IAM policy. + * + */ + public Output etag() { + return this.etag; + } + /** + * The location where aspect type will be created in. + * Used to find the parent resource to bind the IAM policy to + * + */ + @Export(name="location", refs={String.class}, tree="[0]") + private Output location; + + /** + * @return The location where aspect type will be created in. + * Used to find the parent resource to bind the IAM policy to + * + */ + public Output location() { + return this.location; + } + /** + * Identities that will be granted the privilege in `role`. + * Each entry can have one of the following values: + * * **allUsers**: A special identifier that represents anyone who is on the internet; with or without a Google account. + * * **allAuthenticatedUsers**: A special identifier that represents anyone who is authenticated with a Google account or a service account. + * * **user:{emailid}**: An email address that represents a specific Google account. For example, alice{@literal @}gmail.com or joe{@literal @}example.com. + * * **serviceAccount:{emailid}**: An email address that represents a service account. For example, my-other-app{@literal @}appspot.gserviceaccount.com. + * * **group:{emailid}**: An email address that represents a Google group. For example, admins{@literal @}example.com. + * * **domain:{domain}**: A G Suite domain (primary, instead of alias) name that represents all the users of that domain. For example, google.com or example.com. + * * **projectOwner:projectid**: Owners of the given project. For example, "projectOwner:my-example-project" + * * **projectEditor:projectid**: Editors of the given project. For example, "projectEditor:my-example-project" + * * **projectViewer:projectid**: Viewers of the given project. For example, "projectViewer:my-example-project" + * + */ + @Export(name="members", refs={List.class,String.class}, tree="[0,1]") + private Output> members; + + /** + * @return Identities that will be granted the privilege in `role`. + * Each entry can have one of the following values: + * * **allUsers**: A special identifier that represents anyone who is on the internet; with or without a Google account. + * * **allAuthenticatedUsers**: A special identifier that represents anyone who is authenticated with a Google account or a service account. + * * **user:{emailid}**: An email address that represents a specific Google account. For example, alice{@literal @}gmail.com or joe{@literal @}example.com. + * * **serviceAccount:{emailid}**: An email address that represents a service account. For example, my-other-app{@literal @}appspot.gserviceaccount.com. + * * **group:{emailid}**: An email address that represents a Google group. For example, admins{@literal @}example.com. + * * **domain:{domain}**: A G Suite domain (primary, instead of alias) name that represents all the users of that domain. For example, google.com or example.com. + * * **projectOwner:projectid**: Owners of the given project. For example, "projectOwner:my-example-project" + * * **projectEditor:projectid**: Editors of the given project. For example, "projectEditor:my-example-project" + * * **projectViewer:projectid**: Viewers of the given project. For example, "projectViewer:my-example-project" + * + */ + public Output> members() { + return this.members; + } + /** + * The ID of the project in which the resource belongs. + * If it is not provided, the project will be parsed from the identifier of the parent resource. If no project is provided in the parent identifier and no project is specified, the provider project is used. + * + */ + @Export(name="project", refs={String.class}, tree="[0]") + private Output project; + + /** + * @return The ID of the project in which the resource belongs. + * If it is not provided, the project will be parsed from the identifier of the parent resource. If no project is provided in the parent identifier and no project is specified, the provider project is used. + * + */ + public Output project() { + return this.project; + } + /** + * The role that should be applied. Only one + * `gcp.dataplex.AspectTypeIamBinding` can be used per role. Note that custom roles must be of the format + * `[projects|organizations]/{parent-name}/roles/{role-name}`. + * + */ + @Export(name="role", refs={String.class}, tree="[0]") + private Output role; + + /** + * @return The role that should be applied. Only one + * `gcp.dataplex.AspectTypeIamBinding` can be used per role. Note that custom roles must be of the format + * `[projects|organizations]/{parent-name}/roles/{role-name}`. + * + */ + public Output role() { + return this.role; + } + + /** + * + * @param name The _unique_ name of the resulting resource. + */ + public AspectTypeIamBinding(String name) { + this(name, AspectTypeIamBindingArgs.Empty); + } + /** + * + * @param name The _unique_ name of the resulting resource. + * @param args The arguments to use to populate this resource's properties. + */ + public AspectTypeIamBinding(String name, AspectTypeIamBindingArgs args) { + this(name, args, null); + } + /** + * + * @param name The _unique_ name of the resulting resource. + * @param args The arguments to use to populate this resource's properties. + * @param options A bag of options that control this resource's behavior. + */ + public AspectTypeIamBinding(String name, AspectTypeIamBindingArgs args, @Nullable com.pulumi.resources.CustomResourceOptions options) { + super("gcp:dataplex/aspectTypeIamBinding:AspectTypeIamBinding", name, args == null ? AspectTypeIamBindingArgs.Empty : args, makeResourceOptions(options, Codegen.empty())); + } + + private AspectTypeIamBinding(String name, Output id, @Nullable AspectTypeIamBindingState state, @Nullable com.pulumi.resources.CustomResourceOptions options) { + super("gcp:dataplex/aspectTypeIamBinding:AspectTypeIamBinding", name, state, makeResourceOptions(options, id)); + } + + private static com.pulumi.resources.CustomResourceOptions makeResourceOptions(@Nullable com.pulumi.resources.CustomResourceOptions options, @Nullable Output id) { + var defaultOptions = com.pulumi.resources.CustomResourceOptions.builder() + .version(Utilities.getVersion()) + .build(); + return com.pulumi.resources.CustomResourceOptions.merge(defaultOptions, options, id); + } + + /** + * Get an existing Host resource's state with the given name, ID, and optional extra + * properties used to qualify the lookup. + * + * @param name The _unique_ name of the resulting resource. + * @param id The _unique_ provider ID of the resource to lookup. + * @param state + * @param options Optional settings to control the behavior of the CustomResource. + */ + public static AspectTypeIamBinding get(String name, Output id, @Nullable AspectTypeIamBindingState state, @Nullable com.pulumi.resources.CustomResourceOptions options) { + return new AspectTypeIamBinding(name, id, state, options); + } +} diff --git a/sdk/java/src/main/java/com/pulumi/gcp/dataplex/AspectTypeIamBindingArgs.java b/sdk/java/src/main/java/com/pulumi/gcp/dataplex/AspectTypeIamBindingArgs.java new file mode 100644 index 0000000000..be3975286c --- /dev/null +++ b/sdk/java/src/main/java/com/pulumi/gcp/dataplex/AspectTypeIamBindingArgs.java @@ -0,0 +1,316 @@ +// *** WARNING: this file was generated by pulumi-java-gen. *** +// *** Do not edit by hand unless you're certain you know what you are doing! *** + +package com.pulumi.gcp.dataplex; + +import com.pulumi.core.Output; +import com.pulumi.core.annotations.Import; +import com.pulumi.exceptions.MissingRequiredPropertyException; +import com.pulumi.gcp.dataplex.inputs.AspectTypeIamBindingConditionArgs; +import java.lang.String; +import java.util.List; +import java.util.Objects; +import java.util.Optional; +import javax.annotation.Nullable; + + +public final class AspectTypeIamBindingArgs extends com.pulumi.resources.ResourceArgs { + + public static final AspectTypeIamBindingArgs Empty = new AspectTypeIamBindingArgs(); + + @Import(name="aspectTypeId", required=true) + private Output aspectTypeId; + + public Output aspectTypeId() { + return this.aspectTypeId; + } + + @Import(name="condition") + private @Nullable Output condition; + + public Optional> condition() { + return Optional.ofNullable(this.condition); + } + + /** + * The location where aspect type will be created in. + * Used to find the parent resource to bind the IAM policy to + * + */ + @Import(name="location") + private @Nullable Output location; + + /** + * @return The location where aspect type will be created in. + * Used to find the parent resource to bind the IAM policy to + * + */ + public Optional> location() { + return Optional.ofNullable(this.location); + } + + /** + * Identities that will be granted the privilege in `role`. + * Each entry can have one of the following values: + * * **allUsers**: A special identifier that represents anyone who is on the internet; with or without a Google account. + * * **allAuthenticatedUsers**: A special identifier that represents anyone who is authenticated with a Google account or a service account. + * * **user:{emailid}**: An email address that represents a specific Google account. For example, alice{@literal @}gmail.com or joe{@literal @}example.com. + * * **serviceAccount:{emailid}**: An email address that represents a service account. For example, my-other-app{@literal @}appspot.gserviceaccount.com. + * * **group:{emailid}**: An email address that represents a Google group. For example, admins{@literal @}example.com. + * * **domain:{domain}**: A G Suite domain (primary, instead of alias) name that represents all the users of that domain. For example, google.com or example.com. + * * **projectOwner:projectid**: Owners of the given project. For example, "projectOwner:my-example-project" + * * **projectEditor:projectid**: Editors of the given project. For example, "projectEditor:my-example-project" + * * **projectViewer:projectid**: Viewers of the given project. For example, "projectViewer:my-example-project" + * + */ + @Import(name="members", required=true) + private Output> members; + + /** + * @return Identities that will be granted the privilege in `role`. + * Each entry can have one of the following values: + * * **allUsers**: A special identifier that represents anyone who is on the internet; with or without a Google account. + * * **allAuthenticatedUsers**: A special identifier that represents anyone who is authenticated with a Google account or a service account. + * * **user:{emailid}**: An email address that represents a specific Google account. For example, alice{@literal @}gmail.com or joe{@literal @}example.com. + * * **serviceAccount:{emailid}**: An email address that represents a service account. For example, my-other-app{@literal @}appspot.gserviceaccount.com. + * * **group:{emailid}**: An email address that represents a Google group. For example, admins{@literal @}example.com. + * * **domain:{domain}**: A G Suite domain (primary, instead of alias) name that represents all the users of that domain. For example, google.com or example.com. + * * **projectOwner:projectid**: Owners of the given project. For example, "projectOwner:my-example-project" + * * **projectEditor:projectid**: Editors of the given project. For example, "projectEditor:my-example-project" + * * **projectViewer:projectid**: Viewers of the given project. For example, "projectViewer:my-example-project" + * + */ + public Output> members() { + return this.members; + } + + /** + * The ID of the project in which the resource belongs. + * If it is not provided, the project will be parsed from the identifier of the parent resource. If no project is provided in the parent identifier and no project is specified, the provider project is used. + * + */ + @Import(name="project") + private @Nullable Output project; + + /** + * @return The ID of the project in which the resource belongs. + * If it is not provided, the project will be parsed from the identifier of the parent resource. If no project is provided in the parent identifier and no project is specified, the provider project is used. + * + */ + public Optional> project() { + return Optional.ofNullable(this.project); + } + + /** + * The role that should be applied. Only one + * `gcp.dataplex.AspectTypeIamBinding` can be used per role. Note that custom roles must be of the format + * `[projects|organizations]/{parent-name}/roles/{role-name}`. + * + */ + @Import(name="role", required=true) + private Output role; + + /** + * @return The role that should be applied. Only one + * `gcp.dataplex.AspectTypeIamBinding` can be used per role. Note that custom roles must be of the format + * `[projects|organizations]/{parent-name}/roles/{role-name}`. + * + */ + public Output role() { + return this.role; + } + + private AspectTypeIamBindingArgs() {} + + private AspectTypeIamBindingArgs(AspectTypeIamBindingArgs $) { + this.aspectTypeId = $.aspectTypeId; + this.condition = $.condition; + this.location = $.location; + this.members = $.members; + this.project = $.project; + this.role = $.role; + } + + public static Builder builder() { + return new Builder(); + } + public static Builder builder(AspectTypeIamBindingArgs defaults) { + return new Builder(defaults); + } + + public static final class Builder { + private AspectTypeIamBindingArgs $; + + public Builder() { + $ = new AspectTypeIamBindingArgs(); + } + + public Builder(AspectTypeIamBindingArgs defaults) { + $ = new AspectTypeIamBindingArgs(Objects.requireNonNull(defaults)); + } + + public Builder aspectTypeId(Output aspectTypeId) { + $.aspectTypeId = aspectTypeId; + return this; + } + + public Builder aspectTypeId(String aspectTypeId) { + return aspectTypeId(Output.of(aspectTypeId)); + } + + public Builder condition(@Nullable Output condition) { + $.condition = condition; + return this; + } + + public Builder condition(AspectTypeIamBindingConditionArgs condition) { + return condition(Output.of(condition)); + } + + /** + * @param location The location where aspect type will be created in. + * Used to find the parent resource to bind the IAM policy to + * + * @return builder + * + */ + public Builder location(@Nullable Output location) { + $.location = location; + return this; + } + + /** + * @param location The location where aspect type will be created in. + * Used to find the parent resource to bind the IAM policy to + * + * @return builder + * + */ + public Builder location(String location) { + return location(Output.of(location)); + } + + /** + * @param members Identities that will be granted the privilege in `role`. + * Each entry can have one of the following values: + * * **allUsers**: A special identifier that represents anyone who is on the internet; with or without a Google account. + * * **allAuthenticatedUsers**: A special identifier that represents anyone who is authenticated with a Google account or a service account. + * * **user:{emailid}**: An email address that represents a specific Google account. For example, alice{@literal @}gmail.com or joe{@literal @}example.com. + * * **serviceAccount:{emailid}**: An email address that represents a service account. For example, my-other-app{@literal @}appspot.gserviceaccount.com. + * * **group:{emailid}**: An email address that represents a Google group. For example, admins{@literal @}example.com. + * * **domain:{domain}**: A G Suite domain (primary, instead of alias) name that represents all the users of that domain. For example, google.com or example.com. + * * **projectOwner:projectid**: Owners of the given project. For example, "projectOwner:my-example-project" + * * **projectEditor:projectid**: Editors of the given project. For example, "projectEditor:my-example-project" + * * **projectViewer:projectid**: Viewers of the given project. For example, "projectViewer:my-example-project" + * + * @return builder + * + */ + public Builder members(Output> members) { + $.members = members; + return this; + } + + /** + * @param members Identities that will be granted the privilege in `role`. + * Each entry can have one of the following values: + * * **allUsers**: A special identifier that represents anyone who is on the internet; with or without a Google account. + * * **allAuthenticatedUsers**: A special identifier that represents anyone who is authenticated with a Google account or a service account. + * * **user:{emailid}**: An email address that represents a specific Google account. For example, alice{@literal @}gmail.com or joe{@literal @}example.com. + * * **serviceAccount:{emailid}**: An email address that represents a service account. For example, my-other-app{@literal @}appspot.gserviceaccount.com. + * * **group:{emailid}**: An email address that represents a Google group. For example, admins{@literal @}example.com. + * * **domain:{domain}**: A G Suite domain (primary, instead of alias) name that represents all the users of that domain. For example, google.com or example.com. + * * **projectOwner:projectid**: Owners of the given project. For example, "projectOwner:my-example-project" + * * **projectEditor:projectid**: Editors of the given project. For example, "projectEditor:my-example-project" + * * **projectViewer:projectid**: Viewers of the given project. For example, "projectViewer:my-example-project" + * + * @return builder + * + */ + public Builder members(List members) { + return members(Output.of(members)); + } + + /** + * @param members Identities that will be granted the privilege in `role`. + * Each entry can have one of the following values: + * * **allUsers**: A special identifier that represents anyone who is on the internet; with or without a Google account. + * * **allAuthenticatedUsers**: A special identifier that represents anyone who is authenticated with a Google account or a service account. + * * **user:{emailid}**: An email address that represents a specific Google account. For example, alice{@literal @}gmail.com or joe{@literal @}example.com. + * * **serviceAccount:{emailid}**: An email address that represents a service account. For example, my-other-app{@literal @}appspot.gserviceaccount.com. + * * **group:{emailid}**: An email address that represents a Google group. For example, admins{@literal @}example.com. + * * **domain:{domain}**: A G Suite domain (primary, instead of alias) name that represents all the users of that domain. For example, google.com or example.com. + * * **projectOwner:projectid**: Owners of the given project. For example, "projectOwner:my-example-project" + * * **projectEditor:projectid**: Editors of the given project. For example, "projectEditor:my-example-project" + * * **projectViewer:projectid**: Viewers of the given project. For example, "projectViewer:my-example-project" + * + * @return builder + * + */ + public Builder members(String... members) { + return members(List.of(members)); + } + + /** + * @param project The ID of the project in which the resource belongs. + * If it is not provided, the project will be parsed from the identifier of the parent resource. If no project is provided in the parent identifier and no project is specified, the provider project is used. + * + * @return builder + * + */ + public Builder project(@Nullable Output project) { + $.project = project; + return this; + } + + /** + * @param project The ID of the project in which the resource belongs. + * If it is not provided, the project will be parsed from the identifier of the parent resource. If no project is provided in the parent identifier and no project is specified, the provider project is used. + * + * @return builder + * + */ + public Builder project(String project) { + return project(Output.of(project)); + } + + /** + * @param role The role that should be applied. Only one + * `gcp.dataplex.AspectTypeIamBinding` can be used per role. Note that custom roles must be of the format + * `[projects|organizations]/{parent-name}/roles/{role-name}`. + * + * @return builder + * + */ + public Builder role(Output role) { + $.role = role; + return this; + } + + /** + * @param role The role that should be applied. Only one + * `gcp.dataplex.AspectTypeIamBinding` can be used per role. Note that custom roles must be of the format + * `[projects|organizations]/{parent-name}/roles/{role-name}`. + * + * @return builder + * + */ + public Builder role(String role) { + return role(Output.of(role)); + } + + public AspectTypeIamBindingArgs build() { + if ($.aspectTypeId == null) { + throw new MissingRequiredPropertyException("AspectTypeIamBindingArgs", "aspectTypeId"); + } + if ($.members == null) { + throw new MissingRequiredPropertyException("AspectTypeIamBindingArgs", "members"); + } + if ($.role == null) { + throw new MissingRequiredPropertyException("AspectTypeIamBindingArgs", "role"); + } + return $; + } + } + +} diff --git a/sdk/java/src/main/java/com/pulumi/gcp/dataplex/AspectTypeIamMember.java b/sdk/java/src/main/java/com/pulumi/gcp/dataplex/AspectTypeIamMember.java new file mode 100644 index 0000000000..e854fa4344 --- /dev/null +++ b/sdk/java/src/main/java/com/pulumi/gcp/dataplex/AspectTypeIamMember.java @@ -0,0 +1,483 @@ +// *** WARNING: this file was generated by pulumi-java-gen. *** +// *** Do not edit by hand unless you're certain you know what you are doing! *** + +package com.pulumi.gcp.dataplex; + +import com.pulumi.core.Output; +import com.pulumi.core.annotations.Export; +import com.pulumi.core.annotations.ResourceType; +import com.pulumi.core.internal.Codegen; +import com.pulumi.gcp.Utilities; +import com.pulumi.gcp.dataplex.AspectTypeIamMemberArgs; +import com.pulumi.gcp.dataplex.inputs.AspectTypeIamMemberState; +import com.pulumi.gcp.dataplex.outputs.AspectTypeIamMemberCondition; +import java.lang.String; +import java.util.Optional; +import javax.annotation.Nullable; + +/** + * Three different resources help you manage your IAM policy for Dataplex AspectType. Each of these resources serves a different use case: + * + * * `gcp.dataplex.AspectTypeIamPolicy`: Authoritative. Sets the IAM policy for the aspecttype and replaces any existing policy already attached. + * * `gcp.dataplex.AspectTypeIamBinding`: Authoritative for a given role. Updates the IAM policy to grant a role to a list of members. Other roles within the IAM policy for the aspecttype are preserved. + * * `gcp.dataplex.AspectTypeIamMember`: Non-authoritative. Updates the IAM policy to grant a role to a new member. Other members for the role for the aspecttype are preserved. + * + * A data source can be used to retrieve policy data in advent you do not need creation + * + * * `gcp.dataplex.AspectTypeIamPolicy`: Retrieves the IAM policy for the aspecttype + * + * > **Note:** `gcp.dataplex.AspectTypeIamPolicy` **cannot** be used in conjunction with `gcp.dataplex.AspectTypeIamBinding` and `gcp.dataplex.AspectTypeIamMember` or they will fight over what your policy should be. + * + * > **Note:** `gcp.dataplex.AspectTypeIamBinding` resources **can be** used in conjunction with `gcp.dataplex.AspectTypeIamMember` resources **only if** they do not grant privilege to the same role. + * + * ## gcp.dataplex.AspectTypeIamPolicy + * + * <!--Start PulumiCodeChooser --> + * 
+ * {@code
+ * package generated_program;
+ * 
+ * import com.pulumi.Context;
+ * import com.pulumi.Pulumi;
+ * import com.pulumi.core.Output;
+ * import com.pulumi.gcp.organizations.OrganizationsFunctions;
+ * import com.pulumi.gcp.organizations.inputs.GetIAMPolicyArgs;
+ * import com.pulumi.gcp.dataplex.AspectTypeIamPolicy;
+ * import com.pulumi.gcp.dataplex.AspectTypeIamPolicyArgs;
+ * import java.util.List;
+ * import java.util.ArrayList;
+ * import java.util.Map;
+ * import java.io.File;
+ * import java.nio.file.Files;
+ * import java.nio.file.Paths;
+ * 
+ * public class App {
+ *     public static void main(String[] args) {
+ *         Pulumi.run(App::stack);
+ *     }
+ * 
+ *     public static void stack(Context ctx) {
+ *         final var admin = OrganizationsFunctions.getIAMPolicy(GetIAMPolicyArgs.builder()
+ *             .bindings(GetIAMPolicyBindingArgs.builder()
+ *                 .role("roles/viewer")
+ *                 .members("user:jane{@literal @}example.com")
+ *                 .build())
+ *             .build());
+ * 
+ *         var policy = new AspectTypeIamPolicy("policy", AspectTypeIamPolicyArgs.builder()
+ *             .project(testAspectTypeBasic.project())
+ *             .location(testAspectTypeBasic.location())
+ *             .aspectTypeId(testAspectTypeBasic.aspectTypeId())
+ *             .policyData(admin.applyValue(getIAMPolicyResult -> getIAMPolicyResult.policyData()))
+ *             .build());
+ * 
+ *     }
+ * }
+ * }
+ *
+ * <!--End PulumiCodeChooser --> + * + * ## gcp.dataplex.AspectTypeIamBinding + * + * <!--Start PulumiCodeChooser --> + * 
+ * {@code
+ * package generated_program;
+ * 
+ * import com.pulumi.Context;
+ * import com.pulumi.Pulumi;
+ * import com.pulumi.core.Output;
+ * import com.pulumi.gcp.dataplex.AspectTypeIamBinding;
+ * import com.pulumi.gcp.dataplex.AspectTypeIamBindingArgs;
+ * import java.util.List;
+ * import java.util.ArrayList;
+ * import java.util.Map;
+ * import java.io.File;
+ * import java.nio.file.Files;
+ * import java.nio.file.Paths;
+ * 
+ * public class App {
+ *     public static void main(String[] args) {
+ *         Pulumi.run(App::stack);
+ *     }
+ * 
+ *     public static void stack(Context ctx) {
+ *         var binding = new AspectTypeIamBinding("binding", AspectTypeIamBindingArgs.builder()
+ *             .project(testAspectTypeBasic.project())
+ *             .location(testAspectTypeBasic.location())
+ *             .aspectTypeId(testAspectTypeBasic.aspectTypeId())
+ *             .role("roles/viewer")
+ *             .members("user:jane{@literal @}example.com")
+ *             .build());
+ * 
+ *     }
+ * }
+ * }
+ *
+ * <!--End PulumiCodeChooser --> + * + * ## gcp.dataplex.AspectTypeIamMember + * + * <!--Start PulumiCodeChooser --> + * 
+ * {@code
+ * package generated_program;
+ * 
+ * import com.pulumi.Context;
+ * import com.pulumi.Pulumi;
+ * import com.pulumi.core.Output;
+ * import com.pulumi.gcp.dataplex.AspectTypeIamMember;
+ * import com.pulumi.gcp.dataplex.AspectTypeIamMemberArgs;
+ * import java.util.List;
+ * import java.util.ArrayList;
+ * import java.util.Map;
+ * import java.io.File;
+ * import java.nio.file.Files;
+ * import java.nio.file.Paths;
+ * 
+ * public class App {
+ *     public static void main(String[] args) {
+ *         Pulumi.run(App::stack);
+ *     }
+ * 
+ *     public static void stack(Context ctx) {
+ *         var member = new AspectTypeIamMember("member", AspectTypeIamMemberArgs.builder()
+ *             .project(testAspectTypeBasic.project())
+ *             .location(testAspectTypeBasic.location())
+ *             .aspectTypeId(testAspectTypeBasic.aspectTypeId())
+ *             .role("roles/viewer")
+ *             .member("user:jane{@literal @}example.com")
+ *             .build());
+ * 
+ *     }
+ * }
+ * }
+ *
+ * <!--End PulumiCodeChooser --> + * + * ## gcp.dataplex.AspectTypeIamPolicy + * + * <!--Start PulumiCodeChooser --> + * 
+ * {@code
+ * package generated_program;
+ * 
+ * import com.pulumi.Context;
+ * import com.pulumi.Pulumi;
+ * import com.pulumi.core.Output;
+ * import com.pulumi.gcp.organizations.OrganizationsFunctions;
+ * import com.pulumi.gcp.organizations.inputs.GetIAMPolicyArgs;
+ * import com.pulumi.gcp.dataplex.AspectTypeIamPolicy;
+ * import com.pulumi.gcp.dataplex.AspectTypeIamPolicyArgs;
+ * import java.util.List;
+ * import java.util.ArrayList;
+ * import java.util.Map;
+ * import java.io.File;
+ * import java.nio.file.Files;
+ * import java.nio.file.Paths;
+ * 
+ * public class App {
+ *     public static void main(String[] args) {
+ *         Pulumi.run(App::stack);
+ *     }
+ * 
+ *     public static void stack(Context ctx) {
+ *         final var admin = OrganizationsFunctions.getIAMPolicy(GetIAMPolicyArgs.builder()
+ *             .bindings(GetIAMPolicyBindingArgs.builder()
+ *                 .role("roles/viewer")
+ *                 .members("user:jane{@literal @}example.com")
+ *                 .build())
+ *             .build());
+ * 
+ *         var policy = new AspectTypeIamPolicy("policy", AspectTypeIamPolicyArgs.builder()
+ *             .project(testAspectTypeBasic.project())
+ *             .location(testAspectTypeBasic.location())
+ *             .aspectTypeId(testAspectTypeBasic.aspectTypeId())
+ *             .policyData(admin.applyValue(getIAMPolicyResult -> getIAMPolicyResult.policyData()))
+ *             .build());
+ * 
+ *     }
+ * }
+ * }
+ *
+ * <!--End PulumiCodeChooser --> + * + * ## gcp.dataplex.AspectTypeIamBinding + * + * <!--Start PulumiCodeChooser --> + * 
+ * {@code
+ * package generated_program;
+ * 
+ * import com.pulumi.Context;
+ * import com.pulumi.Pulumi;
+ * import com.pulumi.core.Output;
+ * import com.pulumi.gcp.dataplex.AspectTypeIamBinding;
+ * import com.pulumi.gcp.dataplex.AspectTypeIamBindingArgs;
+ * import java.util.List;
+ * import java.util.ArrayList;
+ * import java.util.Map;
+ * import java.io.File;
+ * import java.nio.file.Files;
+ * import java.nio.file.Paths;
+ * 
+ * public class App {
+ *     public static void main(String[] args) {
+ *         Pulumi.run(App::stack);
+ *     }
+ * 
+ *     public static void stack(Context ctx) {
+ *         var binding = new AspectTypeIamBinding("binding", AspectTypeIamBindingArgs.builder()
+ *             .project(testAspectTypeBasic.project())
+ *             .location(testAspectTypeBasic.location())
+ *             .aspectTypeId(testAspectTypeBasic.aspectTypeId())
+ *             .role("roles/viewer")
+ *             .members("user:jane{@literal @}example.com")
+ *             .build());
+ * 
+ *     }
+ * }
+ * }
+ *
+ * <!--End PulumiCodeChooser --> + * + * ## gcp.dataplex.AspectTypeIamMember + * + * <!--Start PulumiCodeChooser --> + * 
+ * {@code
+ * package generated_program;
+ * 
+ * import com.pulumi.Context;
+ * import com.pulumi.Pulumi;
+ * import com.pulumi.core.Output;
+ * import com.pulumi.gcp.dataplex.AspectTypeIamMember;
+ * import com.pulumi.gcp.dataplex.AspectTypeIamMemberArgs;
+ * import java.util.List;
+ * import java.util.ArrayList;
+ * import java.util.Map;
+ * import java.io.File;
+ * import java.nio.file.Files;
+ * import java.nio.file.Paths;
+ * 
+ * public class App {
+ *     public static void main(String[] args) {
+ *         Pulumi.run(App::stack);
+ *     }
+ * 
+ *     public static void stack(Context ctx) {
+ *         var member = new AspectTypeIamMember("member", AspectTypeIamMemberArgs.builder()
+ *             .project(testAspectTypeBasic.project())
+ *             .location(testAspectTypeBasic.location())
+ *             .aspectTypeId(testAspectTypeBasic.aspectTypeId())
+ *             .role("roles/viewer")
+ *             .member("user:jane{@literal @}example.com")
+ *             .build());
+ * 
+ *     }
+ * }
+ * }
+ *
+ * <!--End PulumiCodeChooser --> + * + * ## Import + * + * For all import syntaxes, the "resource in question" can take any of the following forms: + * + * * projects/{{project}}/locations/{{location}}/aspectTypes/{{aspect_type_id}} + * + * * {{project}}/{{location}}/{{aspect_type_id}} + * + * * {{location}}/{{aspect_type_id}} + * + * * {{aspect_type_id}} + * + * Any variables not passed in the import command will be taken from the provider configuration. + * + * Dataplex aspecttype IAM resources can be imported using the resource identifiers, role, and member. + * + * IAM member imports use space-delimited identifiers: the resource in question, the role, and the member identity, e.g. + * + * ```sh + * $ pulumi import gcp:dataplex/aspectTypeIamMember:AspectTypeIamMember editor "projects/{{project}}/locations/{{location}}/aspectTypes/{{aspect_type_id}} roles/viewer user:jane{@literal @}example.com" + * ``` + * + * IAM binding imports use space-delimited identifiers: the resource in question and the role, e.g. + * + * ```sh + * $ pulumi import gcp:dataplex/aspectTypeIamMember:AspectTypeIamMember editor "projects/{{project}}/locations/{{location}}/aspectTypes/{{aspect_type_id}} roles/viewer" + * ``` + * + * IAM policy imports use the identifier of the resource in question, e.g. + * + * ```sh + * $ pulumi import gcp:dataplex/aspectTypeIamMember:AspectTypeIamMember editor projects/{{project}}/locations/{{location}}/aspectTypes/{{aspect_type_id}} + * ``` + * + * -> **Custom Roles**: If you're importing a IAM resource with a custom role, make sure to use the + * + * full name of the custom role, e.g. `[projects/my-project|organizations/my-org]/roles/my-custom-role`. + * + */ +@ResourceType(type="gcp:dataplex/aspectTypeIamMember:AspectTypeIamMember") +public class AspectTypeIamMember extends com.pulumi.resources.CustomResource { + @Export(name="aspectTypeId", refs={String.class}, tree="[0]") + private Output aspectTypeId; + + public Output aspectTypeId() { + return this.aspectTypeId; + } + @Export(name="condition", refs={AspectTypeIamMemberCondition.class}, tree="[0]") + private Output condition; + + public Output> condition() { + return Codegen.optional(this.condition); + } + /** + * (Computed) The etag of the IAM policy. + * + */ + @Export(name="etag", refs={String.class}, tree="[0]") + private Output etag; + + /** + * @return (Computed) The etag of the IAM policy. + * + */ + public Output etag() { + return this.etag; + } + /** + * The location where aspect type will be created in. + * Used to find the parent resource to bind the IAM policy to + * + */ + @Export(name="location", refs={String.class}, tree="[0]") + private Output location; + + /** + * @return The location where aspect type will be created in. + * Used to find the parent resource to bind the IAM policy to + * + */ + public Output location() { + return this.location; + } + /** + * Identities that will be granted the privilege in `role`. + * Each entry can have one of the following values: + * * **allUsers**: A special identifier that represents anyone who is on the internet; with or without a Google account. + * * **allAuthenticatedUsers**: A special identifier that represents anyone who is authenticated with a Google account or a service account. + * * **user:{emailid}**: An email address that represents a specific Google account. For example, alice{@literal @}gmail.com or joe{@literal @}example.com. + * * **serviceAccount:{emailid}**: An email address that represents a service account. For example, my-other-app{@literal @}appspot.gserviceaccount.com. + * * **group:{emailid}**: An email address that represents a Google group. For example, admins{@literal @}example.com. + * * **domain:{domain}**: A G Suite domain (primary, instead of alias) name that represents all the users of that domain. For example, google.com or example.com. + * * **projectOwner:projectid**: Owners of the given project. For example, "projectOwner:my-example-project" + * * **projectEditor:projectid**: Editors of the given project. For example, "projectEditor:my-example-project" + * * **projectViewer:projectid**: Viewers of the given project. For example, "projectViewer:my-example-project" + * + */ + @Export(name="member", refs={String.class}, tree="[0]") + private Output member; + + /** + * @return Identities that will be granted the privilege in `role`. + * Each entry can have one of the following values: + * * **allUsers**: A special identifier that represents anyone who is on the internet; with or without a Google account. + * * **allAuthenticatedUsers**: A special identifier that represents anyone who is authenticated with a Google account or a service account. + * * **user:{emailid}**: An email address that represents a specific Google account. For example, alice{@literal @}gmail.com or joe{@literal @}example.com. + * * **serviceAccount:{emailid}**: An email address that represents a service account. For example, my-other-app{@literal @}appspot.gserviceaccount.com. + * * **group:{emailid}**: An email address that represents a Google group. For example, admins{@literal @}example.com. + * * **domain:{domain}**: A G Suite domain (primary, instead of alias) name that represents all the users of that domain. For example, google.com or example.com. + * * **projectOwner:projectid**: Owners of the given project. For example, "projectOwner:my-example-project" + * * **projectEditor:projectid**: Editors of the given project. For example, "projectEditor:my-example-project" + * * **projectViewer:projectid**: Viewers of the given project. For example, "projectViewer:my-example-project" + * + */ + public Output member() { + return this.member; + } + /** + * The ID of the project in which the resource belongs. + * If it is not provided, the project will be parsed from the identifier of the parent resource. If no project is provided in the parent identifier and no project is specified, the provider project is used. + * + */ + @Export(name="project", refs={String.class}, tree="[0]") + private Output project; + + /** + * @return The ID of the project in which the resource belongs. + * If it is not provided, the project will be parsed from the identifier of the parent resource. If no project is provided in the parent identifier and no project is specified, the provider project is used. + * + */ + public Output project() { + return this.project; + } + /** + * The role that should be applied. Only one + * `gcp.dataplex.AspectTypeIamBinding` can be used per role. Note that custom roles must be of the format + * `[projects|organizations]/{parent-name}/roles/{role-name}`. + * + */ + @Export(name="role", refs={String.class}, tree="[0]") + private Output role; + + /** + * @return The role that should be applied. Only one + * `gcp.dataplex.AspectTypeIamBinding` can be used per role. Note that custom roles must be of the format + * `[projects|organizations]/{parent-name}/roles/{role-name}`. + * + */ + public Output role() { + return this.role; + } + + /** + * + * @param name The _unique_ name of the resulting resource. + */ + public AspectTypeIamMember(String name) { + this(name, AspectTypeIamMemberArgs.Empty); + } + /** + * + * @param name The _unique_ name of the resulting resource. + * @param args The arguments to use to populate this resource's properties. + */ + public AspectTypeIamMember(String name, AspectTypeIamMemberArgs args) { + this(name, args, null); + } + /** + * + * @param name The _unique_ name of the resulting resource. + * @param args The arguments to use to populate this resource's properties. + * @param options A bag of options that control this resource's behavior. + */ + public AspectTypeIamMember(String name, AspectTypeIamMemberArgs args, @Nullable com.pulumi.resources.CustomResourceOptions options) { + super("gcp:dataplex/aspectTypeIamMember:AspectTypeIamMember", name, args == null ? AspectTypeIamMemberArgs.Empty : args, makeResourceOptions(options, Codegen.empty())); + } + + private AspectTypeIamMember(String name, Output id, @Nullable AspectTypeIamMemberState state, @Nullable com.pulumi.resources.CustomResourceOptions options) { + super("gcp:dataplex/aspectTypeIamMember:AspectTypeIamMember", name, state, makeResourceOptions(options, id)); + } + + private static com.pulumi.resources.CustomResourceOptions makeResourceOptions(@Nullable com.pulumi.resources.CustomResourceOptions options, @Nullable Output id) { + var defaultOptions = com.pulumi.resources.CustomResourceOptions.builder() + .version(Utilities.getVersion()) + .build(); + return com.pulumi.resources.CustomResourceOptions.merge(defaultOptions, options, id); + } + + /** + * Get an existing Host resource's state with the given name, ID, and optional extra + * properties used to qualify the lookup. + * + * @param name The _unique_ name of the resulting resource. + * @param id The _unique_ provider ID of the resource to lookup. + * @param state + * @param options Optional settings to control the behavior of the CustomResource. + */ + public static AspectTypeIamMember get(String name, Output id, @Nullable AspectTypeIamMemberState state, @Nullable com.pulumi.resources.CustomResourceOptions options) { + return new AspectTypeIamMember(name, id, state, options); + } +} diff --git a/sdk/java/src/main/java/com/pulumi/gcp/dataplex/AspectTypeIamMemberArgs.java b/sdk/java/src/main/java/com/pulumi/gcp/dataplex/AspectTypeIamMemberArgs.java new file mode 100644 index 0000000000..e915702138 --- /dev/null +++ b/sdk/java/src/main/java/com/pulumi/gcp/dataplex/AspectTypeIamMemberArgs.java @@ -0,0 +1,295 @@ +// *** WARNING: this file was generated by pulumi-java-gen. *** +// *** Do not edit by hand unless you're certain you know what you are doing! *** + +package com.pulumi.gcp.dataplex; + +import com.pulumi.core.Output; +import com.pulumi.core.annotations.Import; +import com.pulumi.exceptions.MissingRequiredPropertyException; +import com.pulumi.gcp.dataplex.inputs.AspectTypeIamMemberConditionArgs; +import java.lang.String; +import java.util.Objects; +import java.util.Optional; +import javax.annotation.Nullable; + + +public final class AspectTypeIamMemberArgs extends com.pulumi.resources.ResourceArgs { + + public static final AspectTypeIamMemberArgs Empty = new AspectTypeIamMemberArgs(); + + @Import(name="aspectTypeId", required=true) + private Output aspectTypeId; + + public Output aspectTypeId() { + return this.aspectTypeId; + } + + @Import(name="condition") + private @Nullable Output condition; + + public Optional> condition() { + return Optional.ofNullable(this.condition); + } + + /** + * The location where aspect type will be created in. + * Used to find the parent resource to bind the IAM policy to + * + */ + @Import(name="location") + private @Nullable Output location; + + /** + * @return The location where aspect type will be created in. + * Used to find the parent resource to bind the IAM policy to + * + */ + public Optional> location() { + return Optional.ofNullable(this.location); + } + + /** + * Identities that will be granted the privilege in `role`. + * Each entry can have one of the following values: + * * **allUsers**: A special identifier that represents anyone who is on the internet; with or without a Google account. + * * **allAuthenticatedUsers**: A special identifier that represents anyone who is authenticated with a Google account or a service account. + * * **user:{emailid}**: An email address that represents a specific Google account. For example, alice{@literal @}gmail.com or joe{@literal @}example.com. + * * **serviceAccount:{emailid}**: An email address that represents a service account. For example, my-other-app{@literal @}appspot.gserviceaccount.com. + * * **group:{emailid}**: An email address that represents a Google group. For example, admins{@literal @}example.com. + * * **domain:{domain}**: A G Suite domain (primary, instead of alias) name that represents all the users of that domain. For example, google.com or example.com. + * * **projectOwner:projectid**: Owners of the given project. For example, "projectOwner:my-example-project" + * * **projectEditor:projectid**: Editors of the given project. For example, "projectEditor:my-example-project" + * * **projectViewer:projectid**: Viewers of the given project. For example, "projectViewer:my-example-project" + * + */ + @Import(name="member", required=true) + private Output member; + + /** + * @return Identities that will be granted the privilege in `role`. + * Each entry can have one of the following values: + * * **allUsers**: A special identifier that represents anyone who is on the internet; with or without a Google account. + * * **allAuthenticatedUsers**: A special identifier that represents anyone who is authenticated with a Google account or a service account. + * * **user:{emailid}**: An email address that represents a specific Google account. For example, alice{@literal @}gmail.com or joe{@literal @}example.com. + * * **serviceAccount:{emailid}**: An email address that represents a service account. For example, my-other-app{@literal @}appspot.gserviceaccount.com. + * * **group:{emailid}**: An email address that represents a Google group. For example, admins{@literal @}example.com. + * * **domain:{domain}**: A G Suite domain (primary, instead of alias) name that represents all the users of that domain. For example, google.com or example.com. + * * **projectOwner:projectid**: Owners of the given project. For example, "projectOwner:my-example-project" + * * **projectEditor:projectid**: Editors of the given project. For example, "projectEditor:my-example-project" + * * **projectViewer:projectid**: Viewers of the given project. For example, "projectViewer:my-example-project" + * + */ + public Output member() { + return this.member; + } + + /** + * The ID of the project in which the resource belongs. + * If it is not provided, the project will be parsed from the identifier of the parent resource. If no project is provided in the parent identifier and no project is specified, the provider project is used. + * + */ + @Import(name="project") + private @Nullable Output project; + + /** + * @return The ID of the project in which the resource belongs. + * If it is not provided, the project will be parsed from the identifier of the parent resource. If no project is provided in the parent identifier and no project is specified, the provider project is used. + * + */ + public Optional> project() { + return Optional.ofNullable(this.project); + } + + /** + * The role that should be applied. Only one + * `gcp.dataplex.AspectTypeIamBinding` can be used per role. Note that custom roles must be of the format + * `[projects|organizations]/{parent-name}/roles/{role-name}`. + * + */ + @Import(name="role", required=true) + private Output role; + + /** + * @return The role that should be applied. Only one + * `gcp.dataplex.AspectTypeIamBinding` can be used per role. Note that custom roles must be of the format + * `[projects|organizations]/{parent-name}/roles/{role-name}`. + * + */ + public Output role() { + return this.role; + } + + private AspectTypeIamMemberArgs() {} + + private AspectTypeIamMemberArgs(AspectTypeIamMemberArgs $) { + this.aspectTypeId = $.aspectTypeId; + this.condition = $.condition; + this.location = $.location; + this.member = $.member; + this.project = $.project; + this.role = $.role; + } + + public static Builder builder() { + return new Builder(); + } + public static Builder builder(AspectTypeIamMemberArgs defaults) { + return new Builder(defaults); + } + + public static final class Builder { + private AspectTypeIamMemberArgs $; + + public Builder() { + $ = new AspectTypeIamMemberArgs(); + } + + public Builder(AspectTypeIamMemberArgs defaults) { + $ = new AspectTypeIamMemberArgs(Objects.requireNonNull(defaults)); + } + + public Builder aspectTypeId(Output aspectTypeId) { + $.aspectTypeId = aspectTypeId; + return this; + } + + public Builder aspectTypeId(String aspectTypeId) { + return aspectTypeId(Output.of(aspectTypeId)); + } + + public Builder condition(@Nullable Output condition) { + $.condition = condition; + return this; + } + + public Builder condition(AspectTypeIamMemberConditionArgs condition) { + return condition(Output.of(condition)); + } + + /** + * @param location The location where aspect type will be created in. + * Used to find the parent resource to bind the IAM policy to + * + * @return builder + * + */ + public Builder location(@Nullable Output location) { + $.location = location; + return this; + } + + /** + * @param location The location where aspect type will be created in. + * Used to find the parent resource to bind the IAM policy to + * + * @return builder + * + */ + public Builder location(String location) { + return location(Output.of(location)); + } + + /** + * @param member Identities that will be granted the privilege in `role`. + * Each entry can have one of the following values: + * * **allUsers**: A special identifier that represents anyone who is on the internet; with or without a Google account. + * * **allAuthenticatedUsers**: A special identifier that represents anyone who is authenticated with a Google account or a service account. + * * **user:{emailid}**: An email address that represents a specific Google account. For example, alice{@literal @}gmail.com or joe{@literal @}example.com. + * * **serviceAccount:{emailid}**: An email address that represents a service account. For example, my-other-app{@literal @}appspot.gserviceaccount.com. + * * **group:{emailid}**: An email address that represents a Google group. For example, admins{@literal @}example.com. + * * **domain:{domain}**: A G Suite domain (primary, instead of alias) name that represents all the users of that domain. For example, google.com or example.com. + * * **projectOwner:projectid**: Owners of the given project. For example, "projectOwner:my-example-project" + * * **projectEditor:projectid**: Editors of the given project. For example, "projectEditor:my-example-project" + * * **projectViewer:projectid**: Viewers of the given project. For example, "projectViewer:my-example-project" + * + * @return builder + * + */ + public Builder member(Output member) { + $.member = member; + return this; + } + + /** + * @param member Identities that will be granted the privilege in `role`. + * Each entry can have one of the following values: + * * **allUsers**: A special identifier that represents anyone who is on the internet; with or without a Google account. + * * **allAuthenticatedUsers**: A special identifier that represents anyone who is authenticated with a Google account or a service account. + * * **user:{emailid}**: An email address that represents a specific Google account. For example, alice{@literal @}gmail.com or joe{@literal @}example.com. + * * **serviceAccount:{emailid}**: An email address that represents a service account. For example, my-other-app{@literal @}appspot.gserviceaccount.com. + * * **group:{emailid}**: An email address that represents a Google group. For example, admins{@literal @}example.com. + * * **domain:{domain}**: A G Suite domain (primary, instead of alias) name that represents all the users of that domain. For example, google.com or example.com. + * * **projectOwner:projectid**: Owners of the given project. For example, "projectOwner:my-example-project" + * * **projectEditor:projectid**: Editors of the given project. For example, "projectEditor:my-example-project" + * * **projectViewer:projectid**: Viewers of the given project. For example, "projectViewer:my-example-project" + * + * @return builder + * + */ + public Builder member(String member) { + return member(Output.of(member)); + } + + /** + * @param project The ID of the project in which the resource belongs. + * If it is not provided, the project will be parsed from the identifier of the parent resource. If no project is provided in the parent identifier and no project is specified, the provider project is used. + * + * @return builder + * + */ + public Builder project(@Nullable Output project) { + $.project = project; + return this; + } + + /** + * @param project The ID of the project in which the resource belongs. + * If it is not provided, the project will be parsed from the identifier of the parent resource. If no project is provided in the parent identifier and no project is specified, the provider project is used. + * + * @return builder + * + */ + public Builder project(String project) { + return project(Output.of(project)); + } + + /** + * @param role The role that should be applied. Only one + * `gcp.dataplex.AspectTypeIamBinding` can be used per role. Note that custom roles must be of the format + * `[projects|organizations]/{parent-name}/roles/{role-name}`. + * + * @return builder + * + */ + public Builder role(Output role) { + $.role = role; + return this; + } + + /** + * @param role The role that should be applied. Only one + * `gcp.dataplex.AspectTypeIamBinding` can be used per role. Note that custom roles must be of the format + * `[projects|organizations]/{parent-name}/roles/{role-name}`. + * + * @return builder + * + */ + public Builder role(String role) { + return role(Output.of(role)); + } + + public AspectTypeIamMemberArgs build() { + if ($.aspectTypeId == null) { + throw new MissingRequiredPropertyException("AspectTypeIamMemberArgs", "aspectTypeId"); + } + if ($.member == null) { + throw new MissingRequiredPropertyException("AspectTypeIamMemberArgs", "member"); + } + if ($.role == null) { + throw new MissingRequiredPropertyException("AspectTypeIamMemberArgs", "role"); + } + return $; + } + } + +} diff --git a/sdk/java/src/main/java/com/pulumi/gcp/dataplex/AspectTypeIamPolicy.java b/sdk/java/src/main/java/com/pulumi/gcp/dataplex/AspectTypeIamPolicy.java new file mode 100644 index 0000000000..1313c81c72 --- /dev/null +++ b/sdk/java/src/main/java/com/pulumi/gcp/dataplex/AspectTypeIamPolicy.java @@ -0,0 +1,439 @@ +// *** WARNING: this file was generated by pulumi-java-gen. *** +// *** Do not edit by hand unless you're certain you know what you are doing! *** + +package com.pulumi.gcp.dataplex; + +import com.pulumi.core.Output; +import com.pulumi.core.annotations.Export; +import com.pulumi.core.annotations.ResourceType; +import com.pulumi.core.internal.Codegen; +import com.pulumi.gcp.Utilities; +import com.pulumi.gcp.dataplex.AspectTypeIamPolicyArgs; +import com.pulumi.gcp.dataplex.inputs.AspectTypeIamPolicyState; +import java.lang.String; +import javax.annotation.Nullable; + +/** + * Three different resources help you manage your IAM policy for Dataplex AspectType. Each of these resources serves a different use case: + * + * * `gcp.dataplex.AspectTypeIamPolicy`: Authoritative. Sets the IAM policy for the aspecttype and replaces any existing policy already attached. + * * `gcp.dataplex.AspectTypeIamBinding`: Authoritative for a given role. Updates the IAM policy to grant a role to a list of members. Other roles within the IAM policy for the aspecttype are preserved. + * * `gcp.dataplex.AspectTypeIamMember`: Non-authoritative. Updates the IAM policy to grant a role to a new member. Other members for the role for the aspecttype are preserved. + * + * A data source can be used to retrieve policy data in advent you do not need creation + * + * * `gcp.dataplex.AspectTypeIamPolicy`: Retrieves the IAM policy for the aspecttype + * + * > **Note:** `gcp.dataplex.AspectTypeIamPolicy` **cannot** be used in conjunction with `gcp.dataplex.AspectTypeIamBinding` and `gcp.dataplex.AspectTypeIamMember` or they will fight over what your policy should be. + * + * > **Note:** `gcp.dataplex.AspectTypeIamBinding` resources **can be** used in conjunction with `gcp.dataplex.AspectTypeIamMember` resources **only if** they do not grant privilege to the same role. + * + * ## gcp.dataplex.AspectTypeIamPolicy + * + * <!--Start PulumiCodeChooser --> + * 
+ * {@code
+ * package generated_program;
+ * 
+ * import com.pulumi.Context;
+ * import com.pulumi.Pulumi;
+ * import com.pulumi.core.Output;
+ * import com.pulumi.gcp.organizations.OrganizationsFunctions;
+ * import com.pulumi.gcp.organizations.inputs.GetIAMPolicyArgs;
+ * import com.pulumi.gcp.dataplex.AspectTypeIamPolicy;
+ * import com.pulumi.gcp.dataplex.AspectTypeIamPolicyArgs;
+ * import java.util.List;
+ * import java.util.ArrayList;
+ * import java.util.Map;
+ * import java.io.File;
+ * import java.nio.file.Files;
+ * import java.nio.file.Paths;
+ * 
+ * public class App {
+ *     public static void main(String[] args) {
+ *         Pulumi.run(App::stack);
+ *     }
+ * 
+ *     public static void stack(Context ctx) {
+ *         final var admin = OrganizationsFunctions.getIAMPolicy(GetIAMPolicyArgs.builder()
+ *             .bindings(GetIAMPolicyBindingArgs.builder()
+ *                 .role("roles/viewer")
+ *                 .members("user:jane{@literal @}example.com")
+ *                 .build())
+ *             .build());
+ * 
+ *         var policy = new AspectTypeIamPolicy("policy", AspectTypeIamPolicyArgs.builder()
+ *             .project(testAspectTypeBasic.project())
+ *             .location(testAspectTypeBasic.location())
+ *             .aspectTypeId(testAspectTypeBasic.aspectTypeId())
+ *             .policyData(admin.applyValue(getIAMPolicyResult -> getIAMPolicyResult.policyData()))
+ *             .build());
+ * 
+ *     }
+ * }
+ * }
+ *
+ * <!--End PulumiCodeChooser --> + * + * ## gcp.dataplex.AspectTypeIamBinding + * + * <!--Start PulumiCodeChooser --> + * 
+ * {@code
+ * package generated_program;
+ * 
+ * import com.pulumi.Context;
+ * import com.pulumi.Pulumi;
+ * import com.pulumi.core.Output;
+ * import com.pulumi.gcp.dataplex.AspectTypeIamBinding;
+ * import com.pulumi.gcp.dataplex.AspectTypeIamBindingArgs;
+ * import java.util.List;
+ * import java.util.ArrayList;
+ * import java.util.Map;
+ * import java.io.File;
+ * import java.nio.file.Files;
+ * import java.nio.file.Paths;
+ * 
+ * public class App {
+ *     public static void main(String[] args) {
+ *         Pulumi.run(App::stack);
+ *     }
+ * 
+ *     public static void stack(Context ctx) {
+ *         var binding = new AspectTypeIamBinding("binding", AspectTypeIamBindingArgs.builder()
+ *             .project(testAspectTypeBasic.project())
+ *             .location(testAspectTypeBasic.location())
+ *             .aspectTypeId(testAspectTypeBasic.aspectTypeId())
+ *             .role("roles/viewer")
+ *             .members("user:jane{@literal @}example.com")
+ *             .build());
+ * 
+ *     }
+ * }
+ * }
+ *
+ * <!--End PulumiCodeChooser --> + * + * ## gcp.dataplex.AspectTypeIamMember + * + * <!--Start PulumiCodeChooser --> + * 
+ * {@code
+ * package generated_program;
+ * 
+ * import com.pulumi.Context;
+ * import com.pulumi.Pulumi;
+ * import com.pulumi.core.Output;
+ * import com.pulumi.gcp.dataplex.AspectTypeIamMember;
+ * import com.pulumi.gcp.dataplex.AspectTypeIamMemberArgs;
+ * import java.util.List;
+ * import java.util.ArrayList;
+ * import java.util.Map;
+ * import java.io.File;
+ * import java.nio.file.Files;
+ * import java.nio.file.Paths;
+ * 
+ * public class App {
+ *     public static void main(String[] args) {
+ *         Pulumi.run(App::stack);
+ *     }
+ * 
+ *     public static void stack(Context ctx) {
+ *         var member = new AspectTypeIamMember("member", AspectTypeIamMemberArgs.builder()
+ *             .project(testAspectTypeBasic.project())
+ *             .location(testAspectTypeBasic.location())
+ *             .aspectTypeId(testAspectTypeBasic.aspectTypeId())
+ *             .role("roles/viewer")
+ *             .member("user:jane{@literal @}example.com")
+ *             .build());
+ * 
+ *     }
+ * }
+ * }
+ *
+ * <!--End PulumiCodeChooser --> + * + * ## gcp.dataplex.AspectTypeIamPolicy + * + * <!--Start PulumiCodeChooser --> + * 
+ * {@code
+ * package generated_program;
+ * 
+ * import com.pulumi.Context;
+ * import com.pulumi.Pulumi;
+ * import com.pulumi.core.Output;
+ * import com.pulumi.gcp.organizations.OrganizationsFunctions;
+ * import com.pulumi.gcp.organizations.inputs.GetIAMPolicyArgs;
+ * import com.pulumi.gcp.dataplex.AspectTypeIamPolicy;
+ * import com.pulumi.gcp.dataplex.AspectTypeIamPolicyArgs;
+ * import java.util.List;
+ * import java.util.ArrayList;
+ * import java.util.Map;
+ * import java.io.File;
+ * import java.nio.file.Files;
+ * import java.nio.file.Paths;
+ * 
+ * public class App {
+ *     public static void main(String[] args) {
+ *         Pulumi.run(App::stack);
+ *     }
+ * 
+ *     public static void stack(Context ctx) {
+ *         final var admin = OrganizationsFunctions.getIAMPolicy(GetIAMPolicyArgs.builder()
+ *             .bindings(GetIAMPolicyBindingArgs.builder()
+ *                 .role("roles/viewer")
+ *                 .members("user:jane{@literal @}example.com")
+ *                 .build())
+ *             .build());
+ * 
+ *         var policy = new AspectTypeIamPolicy("policy", AspectTypeIamPolicyArgs.builder()
+ *             .project(testAspectTypeBasic.project())
+ *             .location(testAspectTypeBasic.location())
+ *             .aspectTypeId(testAspectTypeBasic.aspectTypeId())
+ *             .policyData(admin.applyValue(getIAMPolicyResult -> getIAMPolicyResult.policyData()))
+ *             .build());
+ * 
+ *     }
+ * }
+ * }
+ *
+ * <!--End PulumiCodeChooser --> + * + * ## gcp.dataplex.AspectTypeIamBinding + * + * <!--Start PulumiCodeChooser --> + * 
+ * {@code
+ * package generated_program;
+ * 
+ * import com.pulumi.Context;
+ * import com.pulumi.Pulumi;
+ * import com.pulumi.core.Output;
+ * import com.pulumi.gcp.dataplex.AspectTypeIamBinding;
+ * import com.pulumi.gcp.dataplex.AspectTypeIamBindingArgs;
+ * import java.util.List;
+ * import java.util.ArrayList;
+ * import java.util.Map;
+ * import java.io.File;
+ * import java.nio.file.Files;
+ * import java.nio.file.Paths;
+ * 
+ * public class App {
+ *     public static void main(String[] args) {
+ *         Pulumi.run(App::stack);
+ *     }
+ * 
+ *     public static void stack(Context ctx) {
+ *         var binding = new AspectTypeIamBinding("binding", AspectTypeIamBindingArgs.builder()
+ *             .project(testAspectTypeBasic.project())
+ *             .location(testAspectTypeBasic.location())
+ *             .aspectTypeId(testAspectTypeBasic.aspectTypeId())
+ *             .role("roles/viewer")
+ *             .members("user:jane{@literal @}example.com")
+ *             .build());
+ * 
+ *     }
+ * }
+ * }
+ *
+ * <!--End PulumiCodeChooser --> + * + * ## gcp.dataplex.AspectTypeIamMember + * + * <!--Start PulumiCodeChooser --> + * 
+ * {@code
+ * package generated_program;
+ * 
+ * import com.pulumi.Context;
+ * import com.pulumi.Pulumi;
+ * import com.pulumi.core.Output;
+ * import com.pulumi.gcp.dataplex.AspectTypeIamMember;
+ * import com.pulumi.gcp.dataplex.AspectTypeIamMemberArgs;
+ * import java.util.List;
+ * import java.util.ArrayList;
+ * import java.util.Map;
+ * import java.io.File;
+ * import java.nio.file.Files;
+ * import java.nio.file.Paths;
+ * 
+ * public class App {
+ *     public static void main(String[] args) {
+ *         Pulumi.run(App::stack);
+ *     }
+ * 
+ *     public static void stack(Context ctx) {
+ *         var member = new AspectTypeIamMember("member", AspectTypeIamMemberArgs.builder()
+ *             .project(testAspectTypeBasic.project())
+ *             .location(testAspectTypeBasic.location())
+ *             .aspectTypeId(testAspectTypeBasic.aspectTypeId())
+ *             .role("roles/viewer")
+ *             .member("user:jane{@literal @}example.com")
+ *             .build());
+ * 
+ *     }
+ * }
+ * }
+ *
+ * <!--End PulumiCodeChooser --> + * + * ## Import + * + * For all import syntaxes, the "resource in question" can take any of the following forms: + * + * * projects/{{project}}/locations/{{location}}/aspectTypes/{{aspect_type_id}} + * + * * {{project}}/{{location}}/{{aspect_type_id}} + * + * * {{location}}/{{aspect_type_id}} + * + * * {{aspect_type_id}} + * + * Any variables not passed in the import command will be taken from the provider configuration. + * + * Dataplex aspecttype IAM resources can be imported using the resource identifiers, role, and member. + * + * IAM member imports use space-delimited identifiers: the resource in question, the role, and the member identity, e.g. + * + * ```sh + * $ pulumi import gcp:dataplex/aspectTypeIamPolicy:AspectTypeIamPolicy editor "projects/{{project}}/locations/{{location}}/aspectTypes/{{aspect_type_id}} roles/viewer user:jane{@literal @}example.com" + * ``` + * + * IAM binding imports use space-delimited identifiers: the resource in question and the role, e.g. + * + * ```sh + * $ pulumi import gcp:dataplex/aspectTypeIamPolicy:AspectTypeIamPolicy editor "projects/{{project}}/locations/{{location}}/aspectTypes/{{aspect_type_id}} roles/viewer" + * ``` + * + * IAM policy imports use the identifier of the resource in question, e.g. + * + * ```sh + * $ pulumi import gcp:dataplex/aspectTypeIamPolicy:AspectTypeIamPolicy editor projects/{{project}}/locations/{{location}}/aspectTypes/{{aspect_type_id}} + * ``` + * + * -> **Custom Roles**: If you're importing a IAM resource with a custom role, make sure to use the + * + * full name of the custom role, e.g. `[projects/my-project|organizations/my-org]/roles/my-custom-role`. + * + */ +@ResourceType(type="gcp:dataplex/aspectTypeIamPolicy:AspectTypeIamPolicy") +public class AspectTypeIamPolicy extends com.pulumi.resources.CustomResource { + @Export(name="aspectTypeId", refs={String.class}, tree="[0]") + private Output aspectTypeId; + + public Output aspectTypeId() { + return this.aspectTypeId; + } + /** + * (Computed) The etag of the IAM policy. + * + */ + @Export(name="etag", refs={String.class}, tree="[0]") + private Output etag; + + /** + * @return (Computed) The etag of the IAM policy. + * + */ + public Output etag() { + return this.etag; + } + /** + * The location where aspect type will be created in. + * Used to find the parent resource to bind the IAM policy to + * + */ + @Export(name="location", refs={String.class}, tree="[0]") + private Output location; + + /** + * @return The location where aspect type will be created in. + * Used to find the parent resource to bind the IAM policy to + * + */ + public Output location() { + return this.location; + } + /** + * The policy data generated by + * a `gcp.organizations.getIAMPolicy` data source. + * + */ + @Export(name="policyData", refs={String.class}, tree="[0]") + private Output policyData; + + /** + * @return The policy data generated by + * a `gcp.organizations.getIAMPolicy` data source. + * + */ + public Output policyData() { + return this.policyData; + } + /** + * The ID of the project in which the resource belongs. + * If it is not provided, the project will be parsed from the identifier of the parent resource. If no project is provided in the parent identifier and no project is specified, the provider project is used. + * + */ + @Export(name="project", refs={String.class}, tree="[0]") + private Output project; + + /** + * @return The ID of the project in which the resource belongs. + * If it is not provided, the project will be parsed from the identifier of the parent resource. If no project is provided in the parent identifier and no project is specified, the provider project is used. + * + */ + public Output project() { + return this.project; + } + + /** + * + * @param name The _unique_ name of the resulting resource. + */ + public AspectTypeIamPolicy(String name) { + this(name, AspectTypeIamPolicyArgs.Empty); + } + /** + * + * @param name The _unique_ name of the resulting resource. + * @param args The arguments to use to populate this resource's properties. + */ + public AspectTypeIamPolicy(String name, AspectTypeIamPolicyArgs args) { + this(name, args, null); + } + /** + * + * @param name The _unique_ name of the resulting resource. + * @param args The arguments to use to populate this resource's properties. + * @param options A bag of options that control this resource's behavior. + */ + public AspectTypeIamPolicy(String name, AspectTypeIamPolicyArgs args, @Nullable com.pulumi.resources.CustomResourceOptions options) { + super("gcp:dataplex/aspectTypeIamPolicy:AspectTypeIamPolicy", name, args == null ? AspectTypeIamPolicyArgs.Empty : args, makeResourceOptions(options, Codegen.empty())); + } + + private AspectTypeIamPolicy(String name, Output id, @Nullable AspectTypeIamPolicyState state, @Nullable com.pulumi.resources.CustomResourceOptions options) { + super("gcp:dataplex/aspectTypeIamPolicy:AspectTypeIamPolicy", name, state, makeResourceOptions(options, id)); + } + + private static com.pulumi.resources.CustomResourceOptions makeResourceOptions(@Nullable com.pulumi.resources.CustomResourceOptions options, @Nullable Output id) { + var defaultOptions = com.pulumi.resources.CustomResourceOptions.builder() + .version(Utilities.getVersion()) + .build(); + return com.pulumi.resources.CustomResourceOptions.merge(defaultOptions, options, id); + } + + /** + * Get an existing Host resource's state with the given name, ID, and optional extra + * properties used to qualify the lookup. + * + * @param name The _unique_ name of the resulting resource. + * @param id The _unique_ provider ID of the resource to lookup. + * @param state + * @param options Optional settings to control the behavior of the CustomResource. + */ + public static AspectTypeIamPolicy get(String name, Output id, @Nullable AspectTypeIamPolicyState state, @Nullable com.pulumi.resources.CustomResourceOptions options) { + return new AspectTypeIamPolicy(name, id, state, options); + } +} diff --git a/sdk/java/src/main/java/com/pulumi/gcp/dataplex/AspectTypeIamPolicyArgs.java b/sdk/java/src/main/java/com/pulumi/gcp/dataplex/AspectTypeIamPolicyArgs.java new file mode 100644 index 0000000000..d6295669b9 --- /dev/null +++ b/sdk/java/src/main/java/com/pulumi/gcp/dataplex/AspectTypeIamPolicyArgs.java @@ -0,0 +1,193 @@ +// *** WARNING: this file was generated by pulumi-java-gen. *** +// *** Do not edit by hand unless you're certain you know what you are doing! *** + +package com.pulumi.gcp.dataplex; + +import com.pulumi.core.Output; +import com.pulumi.core.annotations.Import; +import com.pulumi.exceptions.MissingRequiredPropertyException; +import java.lang.String; +import java.util.Objects; +import java.util.Optional; +import javax.annotation.Nullable; + + +public final class AspectTypeIamPolicyArgs extends com.pulumi.resources.ResourceArgs { + + public static final AspectTypeIamPolicyArgs Empty = new AspectTypeIamPolicyArgs(); + + @Import(name="aspectTypeId", required=true) + private Output aspectTypeId; + + public Output aspectTypeId() { + return this.aspectTypeId; + } + + /** + * The location where aspect type will be created in. + * Used to find the parent resource to bind the IAM policy to + * + */ + @Import(name="location") + private @Nullable Output location; + + /** + * @return The location where aspect type will be created in. + * Used to find the parent resource to bind the IAM policy to + * + */ + public Optional> location() { + return Optional.ofNullable(this.location); + } + + /** + * The policy data generated by + * a `gcp.organizations.getIAMPolicy` data source. + * + */ + @Import(name="policyData", required=true) + private Output policyData; + + /** + * @return The policy data generated by + * a `gcp.organizations.getIAMPolicy` data source. + * + */ + public Output policyData() { + return this.policyData; + } + + /** + * The ID of the project in which the resource belongs. + * If it is not provided, the project will be parsed from the identifier of the parent resource. If no project is provided in the parent identifier and no project is specified, the provider project is used. + * + */ + @Import(name="project") + private @Nullable Output project; + + /** + * @return The ID of the project in which the resource belongs. + * If it is not provided, the project will be parsed from the identifier of the parent resource. If no project is provided in the parent identifier and no project is specified, the provider project is used. + * + */ + public Optional> project() { + return Optional.ofNullable(this.project); + } + + private AspectTypeIamPolicyArgs() {} + + private AspectTypeIamPolicyArgs(AspectTypeIamPolicyArgs $) { + this.aspectTypeId = $.aspectTypeId; + this.location = $.location; + this.policyData = $.policyData; + this.project = $.project; + } + + public static Builder builder() { + return new Builder(); + } + public static Builder builder(AspectTypeIamPolicyArgs defaults) { + return new Builder(defaults); + } + + public static final class Builder { + private AspectTypeIamPolicyArgs $; + + public Builder() { + $ = new AspectTypeIamPolicyArgs(); + } + + public Builder(AspectTypeIamPolicyArgs defaults) { + $ = new AspectTypeIamPolicyArgs(Objects.requireNonNull(defaults)); + } + + public Builder aspectTypeId(Output aspectTypeId) { + $.aspectTypeId = aspectTypeId; + return this; + } + + public Builder aspectTypeId(String aspectTypeId) { + return aspectTypeId(Output.of(aspectTypeId)); + } + + /** + * @param location The location where aspect type will be created in. + * Used to find the parent resource to bind the IAM policy to + * + * @return builder + * + */ + public Builder location(@Nullable Output location) { + $.location = location; + return this; + } + + /** + * @param location The location where aspect type will be created in. + * Used to find the parent resource to bind the IAM policy to + * + * @return builder + * + */ + public Builder location(String location) { + return location(Output.of(location)); + } + + /** + * @param policyData The policy data generated by + * a `gcp.organizations.getIAMPolicy` data source. + * + * @return builder + * + */ + public Builder policyData(Output policyData) { + $.policyData = policyData; + return this; + } + + /** + * @param policyData The policy data generated by + * a `gcp.organizations.getIAMPolicy` data source. + * + * @return builder + * + */ + public Builder policyData(String policyData) { + return policyData(Output.of(policyData)); + } + + /** + * @param project The ID of the project in which the resource belongs. + * If it is not provided, the project will be parsed from the identifier of the parent resource. If no project is provided in the parent identifier and no project is specified, the provider project is used. + * + * @return builder + * + */ + public Builder project(@Nullable Output project) { + $.project = project; + return this; + } + + /** + * @param project The ID of the project in which the resource belongs. + * If it is not provided, the project will be parsed from the identifier of the parent resource. If no project is provided in the parent identifier and no project is specified, the provider project is used. + * + * @return builder + * + */ + public Builder project(String project) { + return project(Output.of(project)); + } + + public AspectTypeIamPolicyArgs build() { + if ($.aspectTypeId == null) { + throw new MissingRequiredPropertyException("AspectTypeIamPolicyArgs", "aspectTypeId"); + } + if ($.policyData == null) { + throw new MissingRequiredPropertyException("AspectTypeIamPolicyArgs", "policyData"); + } + return $; + } + } + +} diff --git a/sdk/java/src/main/java/com/pulumi/gcp/dataplex/DataplexFunctions.java b/sdk/java/src/main/java/com/pulumi/gcp/dataplex/DataplexFunctions.java index 70eb402440..e90d0ea0dc 100644 --- a/sdk/java/src/main/java/com/pulumi/gcp/dataplex/DataplexFunctions.java +++ b/sdk/java/src/main/java/com/pulumi/gcp/dataplex/DataplexFunctions.java @@ -8,24 +8,206 @@ import com.pulumi.deployment.Deployment; import com.pulumi.deployment.InvokeOptions; import com.pulumi.gcp.Utilities; +import com.pulumi.gcp.dataplex.inputs.GetAspectTypeIamPolicyArgs; +import com.pulumi.gcp.dataplex.inputs.GetAspectTypeIamPolicyPlainArgs; import com.pulumi.gcp.dataplex.inputs.GetAssetIamPolicyArgs; import com.pulumi.gcp.dataplex.inputs.GetAssetIamPolicyPlainArgs; import com.pulumi.gcp.dataplex.inputs.GetDatascanIamPolicyArgs; import com.pulumi.gcp.dataplex.inputs.GetDatascanIamPolicyPlainArgs; +import com.pulumi.gcp.dataplex.inputs.GetEntryGroupIamPolicyArgs; +import com.pulumi.gcp.dataplex.inputs.GetEntryGroupIamPolicyPlainArgs; import com.pulumi.gcp.dataplex.inputs.GetLakeIamPolicyArgs; import com.pulumi.gcp.dataplex.inputs.GetLakeIamPolicyPlainArgs; import com.pulumi.gcp.dataplex.inputs.GetTaskIamPolicyArgs; import com.pulumi.gcp.dataplex.inputs.GetTaskIamPolicyPlainArgs; import com.pulumi.gcp.dataplex.inputs.GetZoneIamPolicyArgs; import com.pulumi.gcp.dataplex.inputs.GetZoneIamPolicyPlainArgs; +import com.pulumi.gcp.dataplex.outputs.GetAspectTypeIamPolicyResult; import com.pulumi.gcp.dataplex.outputs.GetAssetIamPolicyResult; import com.pulumi.gcp.dataplex.outputs.GetDatascanIamPolicyResult; +import com.pulumi.gcp.dataplex.outputs.GetEntryGroupIamPolicyResult; import com.pulumi.gcp.dataplex.outputs.GetLakeIamPolicyResult; import com.pulumi.gcp.dataplex.outputs.GetTaskIamPolicyResult; import com.pulumi.gcp.dataplex.outputs.GetZoneIamPolicyResult; import java.util.concurrent.CompletableFuture; public final class DataplexFunctions { + /** + * Retrieves the current IAM policy data for aspecttype + * + * ## example + * + * <!--Start PulumiCodeChooser --> + * 
+     * {@code
+     * package generated_program;
+     * 
+     * import com.pulumi.Context;
+     * import com.pulumi.Pulumi;
+     * import com.pulumi.core.Output;
+     * import com.pulumi.gcp.dataplex.DataplexFunctions;
+     * import com.pulumi.gcp.dataplex.inputs.GetAspectTypeIamPolicyArgs;
+     * import java.util.List;
+     * import java.util.ArrayList;
+     * import java.util.Map;
+     * import java.io.File;
+     * import java.nio.file.Files;
+     * import java.nio.file.Paths;
+     * 
+     * public class App {
+     *     public static void main(String[] args) {
+     *         Pulumi.run(App::stack);
+     *     }
+     * 
+     *     public static void stack(Context ctx) {
+     *         final var policy = DataplexFunctions.getAspectTypeIamPolicy(GetAspectTypeIamPolicyArgs.builder()
+     *             .project(testAspectTypeBasic.project())
+     *             .location(testAspectTypeBasic.location())
+     *             .aspectTypeId(testAspectTypeBasic.aspectTypeId())
+     *             .build());
+     * 
+     *     }
+     * }
+     * }
+     *
+ * <!--End PulumiCodeChooser --> + * + */ + public static Output getAspectTypeIamPolicy(GetAspectTypeIamPolicyArgs args) { + return getAspectTypeIamPolicy(args, InvokeOptions.Empty); + } + /** + * Retrieves the current IAM policy data for aspecttype + * + * ## example + * + * <!--Start PulumiCodeChooser --> + * 
+     * {@code
+     * package generated_program;
+     * 
+     * import com.pulumi.Context;
+     * import com.pulumi.Pulumi;
+     * import com.pulumi.core.Output;
+     * import com.pulumi.gcp.dataplex.DataplexFunctions;
+     * import com.pulumi.gcp.dataplex.inputs.GetAspectTypeIamPolicyArgs;
+     * import java.util.List;
+     * import java.util.ArrayList;
+     * import java.util.Map;
+     * import java.io.File;
+     * import java.nio.file.Files;
+     * import java.nio.file.Paths;
+     * 
+     * public class App {
+     *     public static void main(String[] args) {
+     *         Pulumi.run(App::stack);
+     *     }
+     * 
+     *     public static void stack(Context ctx) {
+     *         final var policy = DataplexFunctions.getAspectTypeIamPolicy(GetAspectTypeIamPolicyArgs.builder()
+     *             .project(testAspectTypeBasic.project())
+     *             .location(testAspectTypeBasic.location())
+     *             .aspectTypeId(testAspectTypeBasic.aspectTypeId())
+     *             .build());
+     * 
+     *     }
+     * }
+     * }
+     *
+ * <!--End PulumiCodeChooser --> + * + */ + public static CompletableFuture getAspectTypeIamPolicyPlain(GetAspectTypeIamPolicyPlainArgs args) { + return getAspectTypeIamPolicyPlain(args, InvokeOptions.Empty); + } + /** + * Retrieves the current IAM policy data for aspecttype + * + * ## example + * + * <!--Start PulumiCodeChooser --> + * 
+     * {@code
+     * package generated_program;
+     * 
+     * import com.pulumi.Context;
+     * import com.pulumi.Pulumi;
+     * import com.pulumi.core.Output;
+     * import com.pulumi.gcp.dataplex.DataplexFunctions;
+     * import com.pulumi.gcp.dataplex.inputs.GetAspectTypeIamPolicyArgs;
+     * import java.util.List;
+     * import java.util.ArrayList;
+     * import java.util.Map;
+     * import java.io.File;
+     * import java.nio.file.Files;
+     * import java.nio.file.Paths;
+     * 
+     * public class App {
+     *     public static void main(String[] args) {
+     *         Pulumi.run(App::stack);
+     *     }
+     * 
+     *     public static void stack(Context ctx) {
+     *         final var policy = DataplexFunctions.getAspectTypeIamPolicy(GetAspectTypeIamPolicyArgs.builder()
+     *             .project(testAspectTypeBasic.project())
+     *             .location(testAspectTypeBasic.location())
+     *             .aspectTypeId(testAspectTypeBasic.aspectTypeId())
+     *             .build());
+     * 
+     *     }
+     * }
+     * }
+     *
+ * <!--End PulumiCodeChooser --> + * + */ + public static Output getAspectTypeIamPolicy(GetAspectTypeIamPolicyArgs args, InvokeOptions options) { + return Deployment.getInstance().invoke("gcp:dataplex/getAspectTypeIamPolicy:getAspectTypeIamPolicy", TypeShape.of(GetAspectTypeIamPolicyResult.class), args, Utilities.withVersion(options)); + } + /** + * Retrieves the current IAM policy data for aspecttype + * + * ## example + * + * <!--Start PulumiCodeChooser --> + * 
+     * {@code
+     * package generated_program;
+     * 
+     * import com.pulumi.Context;
+     * import com.pulumi.Pulumi;
+     * import com.pulumi.core.Output;
+     * import com.pulumi.gcp.dataplex.DataplexFunctions;
+     * import com.pulumi.gcp.dataplex.inputs.GetAspectTypeIamPolicyArgs;
+     * import java.util.List;
+     * import java.util.ArrayList;
+     * import java.util.Map;
+     * import java.io.File;
+     * import java.nio.file.Files;
+     * import java.nio.file.Paths;
+     * 
+     * public class App {
+     *     public static void main(String[] args) {
+     *         Pulumi.run(App::stack);
+     *     }
+     * 
+     *     public static void stack(Context ctx) {
+     *         final var policy = DataplexFunctions.getAspectTypeIamPolicy(GetAspectTypeIamPolicyArgs.builder()
+     *             .project(testAspectTypeBasic.project())
+     *             .location(testAspectTypeBasic.location())
+     *             .aspectTypeId(testAspectTypeBasic.aspectTypeId())
+     *             .build());
+     * 
+     *     }
+     * }
+     * }
+     *
+ * <!--End PulumiCodeChooser --> + * + */ + public static CompletableFuture getAspectTypeIamPolicyPlain(GetAspectTypeIamPolicyPlainArgs args, InvokeOptions options) { + return Deployment.getInstance().invokeAsync("gcp:dataplex/getAspectTypeIamPolicy:getAspectTypeIamPolicy", TypeShape.of(GetAspectTypeIamPolicyResult.class), args, Utilities.withVersion(options)); + } /** * Retrieves the current IAM policy data for asset * @@ -386,6 +568,182 @@ public static Output getDatascanIamPolicy(GetDatasca public static CompletableFuture getDatascanIamPolicyPlain(GetDatascanIamPolicyPlainArgs args, InvokeOptions options) { return Deployment.getInstance().invokeAsync("gcp:dataplex/getDatascanIamPolicy:getDatascanIamPolicy", TypeShape.of(GetDatascanIamPolicyResult.class), args, Utilities.withVersion(options)); } + /** + * Retrieves the current IAM policy data for entrygroup + * + * ## example + * + * <!--Start PulumiCodeChooser --> + * 
+     * {@code
+     * package generated_program;
+     * 
+     * import com.pulumi.Context;
+     * import com.pulumi.Pulumi;
+     * import com.pulumi.core.Output;
+     * import com.pulumi.gcp.dataplex.DataplexFunctions;
+     * import com.pulumi.gcp.dataplex.inputs.GetEntryGroupIamPolicyArgs;
+     * import java.util.List;
+     * import java.util.ArrayList;
+     * import java.util.Map;
+     * import java.io.File;
+     * import java.nio.file.Files;
+     * import java.nio.file.Paths;
+     * 
+     * public class App {
+     *     public static void main(String[] args) {
+     *         Pulumi.run(App::stack);
+     *     }
+     * 
+     *     public static void stack(Context ctx) {
+     *         final var policy = DataplexFunctions.getEntryGroupIamPolicy(GetEntryGroupIamPolicyArgs.builder()
+     *             .project(testEntryGroupBasic.project())
+     *             .location(testEntryGroupBasic.location())
+     *             .entryGroupId(testEntryGroupBasic.entryGroupId())
+     *             .build());
+     * 
+     *     }
+     * }
+     * }
+     *
+ * <!--End PulumiCodeChooser --> + * + */ + public static Output getEntryGroupIamPolicy(GetEntryGroupIamPolicyArgs args) { + return getEntryGroupIamPolicy(args, InvokeOptions.Empty); + } + /** + * Retrieves the current IAM policy data for entrygroup + * + * ## example + * + * <!--Start PulumiCodeChooser --> + * 
+     * {@code
+     * package generated_program;
+     * 
+     * import com.pulumi.Context;
+     * import com.pulumi.Pulumi;
+     * import com.pulumi.core.Output;
+     * import com.pulumi.gcp.dataplex.DataplexFunctions;
+     * import com.pulumi.gcp.dataplex.inputs.GetEntryGroupIamPolicyArgs;
+     * import java.util.List;
+     * import java.util.ArrayList;
+     * import java.util.Map;
+     * import java.io.File;
+     * import java.nio.file.Files;
+     * import java.nio.file.Paths;
+     * 
+     * public class App {
+     *     public static void main(String[] args) {
+     *         Pulumi.run(App::stack);
+     *     }
+     * 
+     *     public static void stack(Context ctx) {
+     *         final var policy = DataplexFunctions.getEntryGroupIamPolicy(GetEntryGroupIamPolicyArgs.builder()
+     *             .project(testEntryGroupBasic.project())
+     *             .location(testEntryGroupBasic.location())
+     *             .entryGroupId(testEntryGroupBasic.entryGroupId())
+     *             .build());
+     * 
+     *     }
+     * }
+     * }
+     *
+ * <!--End PulumiCodeChooser --> + * + */ + public static CompletableFuture getEntryGroupIamPolicyPlain(GetEntryGroupIamPolicyPlainArgs args) { + return getEntryGroupIamPolicyPlain(args, InvokeOptions.Empty); + } + /** + * Retrieves the current IAM policy data for entrygroup + * + * ## example + * + * <!--Start PulumiCodeChooser --> + * 
+     * {@code
+     * package generated_program;
+     * 
+     * import com.pulumi.Context;
+     * import com.pulumi.Pulumi;
+     * import com.pulumi.core.Output;
+     * import com.pulumi.gcp.dataplex.DataplexFunctions;
+     * import com.pulumi.gcp.dataplex.inputs.GetEntryGroupIamPolicyArgs;
+     * import java.util.List;
+     * import java.util.ArrayList;
+     * import java.util.Map;
+     * import java.io.File;
+     * import java.nio.file.Files;
+     * import java.nio.file.Paths;
+     * 
+     * public class App {
+     *     public static void main(String[] args) {
+     *         Pulumi.run(App::stack);
+     *     }
+     * 
+     *     public static void stack(Context ctx) {
+     *         final var policy = DataplexFunctions.getEntryGroupIamPolicy(GetEntryGroupIamPolicyArgs.builder()
+     *             .project(testEntryGroupBasic.project())
+     *             .location(testEntryGroupBasic.location())
+     *             .entryGroupId(testEntryGroupBasic.entryGroupId())
+     *             .build());
+     * 
+     *     }
+     * }
+     * }
+     *
+ * <!--End PulumiCodeChooser --> + * + */ + public static Output getEntryGroupIamPolicy(GetEntryGroupIamPolicyArgs args, InvokeOptions options) { + return Deployment.getInstance().invoke("gcp:dataplex/getEntryGroupIamPolicy:getEntryGroupIamPolicy", TypeShape.of(GetEntryGroupIamPolicyResult.class), args, Utilities.withVersion(options)); + } + /** + * Retrieves the current IAM policy data for entrygroup + * + * ## example + * + * <!--Start PulumiCodeChooser --> + * 
+     * {@code
+     * package generated_program;
+     * 
+     * import com.pulumi.Context;
+     * import com.pulumi.Pulumi;
+     * import com.pulumi.core.Output;
+     * import com.pulumi.gcp.dataplex.DataplexFunctions;
+     * import com.pulumi.gcp.dataplex.inputs.GetEntryGroupIamPolicyArgs;
+     * import java.util.List;
+     * import java.util.ArrayList;
+     * import java.util.Map;
+     * import java.io.File;
+     * import java.nio.file.Files;
+     * import java.nio.file.Paths;
+     * 
+     * public class App {
+     *     public static void main(String[] args) {
+     *         Pulumi.run(App::stack);
+     *     }
+     * 
+     *     public static void stack(Context ctx) {
+     *         final var policy = DataplexFunctions.getEntryGroupIamPolicy(GetEntryGroupIamPolicyArgs.builder()
+     *             .project(testEntryGroupBasic.project())
+     *             .location(testEntryGroupBasic.location())
+     *             .entryGroupId(testEntryGroupBasic.entryGroupId())
+     *             .build());
+     * 
+     *     }
+     * }
+     * }
+     *
+ * <!--End PulumiCodeChooser --> + * + */ + public static CompletableFuture getEntryGroupIamPolicyPlain(GetEntryGroupIamPolicyPlainArgs args, InvokeOptions options) { + return Deployment.getInstance().invokeAsync("gcp:dataplex/getEntryGroupIamPolicy:getEntryGroupIamPolicy", TypeShape.of(GetEntryGroupIamPolicyResult.class), args, Utilities.withVersion(options)); + } /** * Retrieves the current IAM policy data for lake * diff --git a/sdk/java/src/main/java/com/pulumi/gcp/dataplex/EntryGroup.java b/sdk/java/src/main/java/com/pulumi/gcp/dataplex/EntryGroup.java new file mode 100644 index 0000000000..7d7eff61f0 --- /dev/null +++ b/sdk/java/src/main/java/com/pulumi/gcp/dataplex/EntryGroup.java @@ -0,0 +1,374 @@ +// *** WARNING: this file was generated by pulumi-java-gen. *** +// *** Do not edit by hand unless you're certain you know what you are doing! *** + +package com.pulumi.gcp.dataplex; + +import com.pulumi.core.Output; +import com.pulumi.core.annotations.Export; +import com.pulumi.core.annotations.ResourceType; +import com.pulumi.core.internal.Codegen; +import com.pulumi.gcp.Utilities; +import com.pulumi.gcp.dataplex.EntryGroupArgs; +import com.pulumi.gcp.dataplex.inputs.EntryGroupState; +import java.lang.String; +import java.util.List; +import java.util.Map; +import java.util.Optional; +import javax.annotation.Nullable; + +/** + * An Entry Group represents a logical grouping of one or more Entries. + * + * ## Example Usage + * + * ### Dataplex Entry Group Basic + * + * <!--Start PulumiCodeChooser --> + * 
+ * {@code
+ * package generated_program;
+ * 
+ * import com.pulumi.Context;
+ * import com.pulumi.Pulumi;
+ * import com.pulumi.core.Output;
+ * import com.pulumi.gcp.dataplex.EntryGroup;
+ * import com.pulumi.gcp.dataplex.EntryGroupArgs;
+ * import java.util.List;
+ * import java.util.ArrayList;
+ * import java.util.Map;
+ * import java.io.File;
+ * import java.nio.file.Files;
+ * import java.nio.file.Paths;
+ * 
+ * public class App {
+ *     public static void main(String[] args) {
+ *         Pulumi.run(App::stack);
+ *     }
+ * 
+ *     public static void stack(Context ctx) {
+ *         var testEntryGroupBasic = new EntryGroup("testEntryGroupBasic", EntryGroupArgs.builder()
+ *             .entryGroupId("entry-group-basic")
+ *             .project("my-project-name")
+ *             .location("us-central1")
+ *             .build());
+ * 
+ *     }
+ * }
+ * }
+ *
+ * <!--End PulumiCodeChooser --> + * ### Dataplex Entry Group Full + * + * <!--Start PulumiCodeChooser --> + * 
+ * {@code
+ * package generated_program;
+ * 
+ * import com.pulumi.Context;
+ * import com.pulumi.Pulumi;
+ * import com.pulumi.core.Output;
+ * import com.pulumi.gcp.dataplex.EntryGroup;
+ * import com.pulumi.gcp.dataplex.EntryGroupArgs;
+ * import java.util.List;
+ * import java.util.ArrayList;
+ * import java.util.Map;
+ * import java.io.File;
+ * import java.nio.file.Files;
+ * import java.nio.file.Paths;
+ * 
+ * public class App {
+ *     public static void main(String[] args) {
+ *         Pulumi.run(App::stack);
+ *     }
+ * 
+ *     public static void stack(Context ctx) {
+ *         var testEntryGroupFull = new EntryGroup("testEntryGroupFull", EntryGroupArgs.builder()
+ *             .entryGroupId("entry-group-full")
+ *             .project("my-project-name")
+ *             .location("us-central1")
+ *             .labels(Map.of("tag", "test-tf"))
+ *             .displayName("terraform entry group")
+ *             .description("entry group created by Terraform")
+ *             .build());
+ * 
+ *     }
+ * }
+ * }
+ *
+ * <!--End PulumiCodeChooser --> + * + * ## Import + * + * EntryGroup can be imported using any of these accepted formats: + * + * * `projects/{{project}}/locations/{{location}}/entryGroups/{{entry_group_id}}` + * + * * `{{project}}/{{location}}/{{entry_group_id}}` + * + * * `{{location}}/{{entry_group_id}}` + * + * When using the `pulumi import` command, EntryGroup can be imported using one of the formats above. For example: + * + * ```sh + * $ pulumi import gcp:dataplex/entryGroup:EntryGroup default projects/{{project}}/locations/{{location}}/entryGroups/{{entry_group_id}} + * ``` + * + * ```sh + * $ pulumi import gcp:dataplex/entryGroup:EntryGroup default {{project}}/{{location}}/{{entry_group_id}} + * ``` + * + * ```sh + * $ pulumi import gcp:dataplex/entryGroup:EntryGroup default {{location}}/{{entry_group_id}} + * ``` + * + */ +@ResourceType(type="gcp:dataplex/entryGroup:EntryGroup") +public class EntryGroup extends com.pulumi.resources.CustomResource { + /** + * The time when the EntryGroup was created. + * + */ + @Export(name="createTime", refs={String.class}, tree="[0]") + private Output createTime; + + /** + * @return The time when the EntryGroup was created. + * + */ + public Output createTime() { + return this.createTime; + } + /** + * Description of the EntryGroup. + * + */ + @Export(name="description", refs={String.class}, tree="[0]") + private Output description; + + /** + * @return Description of the EntryGroup. + * + */ + public Output> description() { + return Codegen.optional(this.description); + } + /** + * User friendly display name. + * + */ + @Export(name="displayName", refs={String.class}, tree="[0]") + private Output displayName; + + /** + * @return User friendly display name. + * + */ + public Output> displayName() { + return Codegen.optional(this.displayName); + } + /** + * All of labels (key/value pairs) present on the resource in GCP, including the labels configured through Pulumi, other clients and services. + * + */ + @Export(name="effectiveLabels", refs={Map.class,String.class}, tree="[0,1,1]") + private Output> effectiveLabels; + + /** + * @return All of labels (key/value pairs) present on the resource in GCP, including the labels configured through Pulumi, other clients and services. + * + */ + public Output> effectiveLabels() { + return this.effectiveLabels; + } + /** + * The entry group id of the entry group. + * + */ + @Export(name="entryGroupId", refs={String.class}, tree="[0]") + private Output entryGroupId; + + /** + * @return The entry group id of the entry group. + * + */ + public Output> entryGroupId() { + return Codegen.optional(this.entryGroupId); + } + /** + * User-defined labels for the EntryGroup. + * + * **Note**: This field is non-authoritative, and will only manage the labels present in your configuration. + * Please refer to the field `effective_labels` for all of the labels present on the resource. + * + */ + @Export(name="labels", refs={Map.class,String.class}, tree="[0,1,1]") + private Output> labels; + + /** + * @return User-defined labels for the EntryGroup. + * + * **Note**: This field is non-authoritative, and will only manage the labels present in your configuration. + * Please refer to the field `effective_labels` for all of the labels present on the resource. + * + */ + public Output>> labels() { + return Codegen.optional(this.labels); + } + /** + * The location where entry group will be created in. + * + */ + @Export(name="location", refs={String.class}, tree="[0]") + private Output location; + + /** + * @return The location where entry group will be created in. + * + */ + public Output> location() { + return Codegen.optional(this.location); + } + /** + * The relative resource name of the EntryGroup, of the form: projects/{project_number}/locations/{location_id}/entryGroups/{entry_group_id} + * + */ + @Export(name="name", refs={String.class}, tree="[0]") + private Output name; + + /** + * @return The relative resource name of the EntryGroup, of the form: projects/{project_number}/locations/{location_id}/entryGroups/{entry_group_id} + * + */ + public Output name() { + return this.name; + } + /** + * The ID of the project in which the resource belongs. + * If it is not provided, the provider project is used. + * + */ + @Export(name="project", refs={String.class}, tree="[0]") + private Output project; + + /** + * @return The ID of the project in which the resource belongs. + * If it is not provided, the provider project is used. + * + */ + public Output project() { + return this.project; + } + /** + * The combination of labels configured directly on the resource + * and default labels configured on the provider. + * + */ + @Export(name="pulumiLabels", refs={Map.class,String.class}, tree="[0,1,1]") + private Output> pulumiLabels; + + /** + * @return The combination of labels configured directly on the resource + * and default labels configured on the provider. + * + */ + public Output> pulumiLabels() { + return this.pulumiLabels; + } + /** + * Denotes the transfer status of the Entry Group. It is unspecified + * for Entry Group created from Dataplex API. + * + */ + @Export(name="transferStatus", refs={String.class}, tree="[0]") + private Output transferStatus; + + /** + * @return Denotes the transfer status of the Entry Group. It is unspecified + * for Entry Group created from Dataplex API. + * + */ + public Output transferStatus() { + return this.transferStatus; + } + /** + * System generated globally unique ID for the EntryGroup. This ID will be different if the EntryGroup is deleted and re-created with the same name. + * + */ + @Export(name="uid", refs={String.class}, tree="[0]") + private Output uid; + + /** + * @return System generated globally unique ID for the EntryGroup. This ID will be different if the EntryGroup is deleted and re-created with the same name. + * + */ + public Output uid() { + return this.uid; + } + /** + * The time when the EntryGroup was last updated. + * + */ + @Export(name="updateTime", refs={String.class}, tree="[0]") + private Output updateTime; + + /** + * @return The time when the EntryGroup was last updated. + * + */ + public Output updateTime() { + return this.updateTime; + } + + /** + * + * @param name The _unique_ name of the resulting resource. + */ + public EntryGroup(String name) { + this(name, EntryGroupArgs.Empty); + } + /** + * + * @param name The _unique_ name of the resulting resource. + * @param args The arguments to use to populate this resource's properties. + */ + public EntryGroup(String name, @Nullable EntryGroupArgs args) { + this(name, args, null); + } + /** + * + * @param name The _unique_ name of the resulting resource. + * @param args The arguments to use to populate this resource's properties. + * @param options A bag of options that control this resource's behavior. + */ + public EntryGroup(String name, @Nullable EntryGroupArgs args, @Nullable com.pulumi.resources.CustomResourceOptions options) { + super("gcp:dataplex/entryGroup:EntryGroup", name, args == null ? EntryGroupArgs.Empty : args, makeResourceOptions(options, Codegen.empty())); + } + + private EntryGroup(String name, Output id, @Nullable EntryGroupState state, @Nullable com.pulumi.resources.CustomResourceOptions options) { + super("gcp:dataplex/entryGroup:EntryGroup", name, state, makeResourceOptions(options, id)); + } + + private static com.pulumi.resources.CustomResourceOptions makeResourceOptions(@Nullable com.pulumi.resources.CustomResourceOptions options, @Nullable Output id) { + var defaultOptions = com.pulumi.resources.CustomResourceOptions.builder() + .version(Utilities.getVersion()) + .additionalSecretOutputs(List.of( + "effectiveLabels", + "pulumiLabels" + )) + .build(); + return com.pulumi.resources.CustomResourceOptions.merge(defaultOptions, options, id); + } + + /** + * Get an existing Host resource's state with the given name, ID, and optional extra + * properties used to qualify the lookup. + * + * @param name The _unique_ name of the resulting resource. + * @param id The _unique_ provider ID of the resource to lookup. + * @param state + * @param options Optional settings to control the behavior of the CustomResource. + */ + public static EntryGroup get(String name, Output id, @Nullable EntryGroupState state, @Nullable com.pulumi.resources.CustomResourceOptions options) { + return new EntryGroup(name, id, state, options); + } +} diff --git a/sdk/java/src/main/java/com/pulumi/gcp/dataplex/EntryGroupArgs.java b/sdk/java/src/main/java/com/pulumi/gcp/dataplex/EntryGroupArgs.java new file mode 100644 index 0000000000..c6727b9d6c --- /dev/null +++ b/sdk/java/src/main/java/com/pulumi/gcp/dataplex/EntryGroupArgs.java @@ -0,0 +1,285 @@ +// *** WARNING: this file was generated by pulumi-java-gen. *** +// *** Do not edit by hand unless you're certain you know what you are doing! *** + +package com.pulumi.gcp.dataplex; + +import com.pulumi.core.Output; +import com.pulumi.core.annotations.Import; +import java.lang.String; +import java.util.Map; +import java.util.Objects; +import java.util.Optional; +import javax.annotation.Nullable; + + +public final class EntryGroupArgs extends com.pulumi.resources.ResourceArgs { + + public static final EntryGroupArgs Empty = new EntryGroupArgs(); + + /** + * Description of the EntryGroup. + * + */ + @Import(name="description") + private @Nullable Output description; + + /** + * @return Description of the EntryGroup. + * + */ + public Optional> description() { + return Optional.ofNullable(this.description); + } + + /** + * User friendly display name. + * + */ + @Import(name="displayName") + private @Nullable Output displayName; + + /** + * @return User friendly display name. + * + */ + public Optional> displayName() { + return Optional.ofNullable(this.displayName); + } + + /** + * The entry group id of the entry group. + * + */ + @Import(name="entryGroupId") + private @Nullable Output entryGroupId; + + /** + * @return The entry group id of the entry group. + * + */ + public Optional> entryGroupId() { + return Optional.ofNullable(this.entryGroupId); + } + + /** + * User-defined labels for the EntryGroup. + * + * **Note**: This field is non-authoritative, and will only manage the labels present in your configuration. + * Please refer to the field `effective_labels` for all of the labels present on the resource. + * + */ + @Import(name="labels") + private @Nullable Output> labels; + + /** + * @return User-defined labels for the EntryGroup. + * + * **Note**: This field is non-authoritative, and will only manage the labels present in your configuration. + * Please refer to the field `effective_labels` for all of the labels present on the resource. + * + */ + public Optional>> labels() { + return Optional.ofNullable(this.labels); + } + + /** + * The location where entry group will be created in. + * + */ + @Import(name="location") + private @Nullable Output location; + + /** + * @return The location where entry group will be created in. + * + */ + public Optional> location() { + return Optional.ofNullable(this.location); + } + + /** + * The ID of the project in which the resource belongs. + * If it is not provided, the provider project is used. + * + */ + @Import(name="project") + private @Nullable Output project; + + /** + * @return The ID of the project in which the resource belongs. + * If it is not provided, the provider project is used. + * + */ + public Optional> project() { + return Optional.ofNullable(this.project); + } + + private EntryGroupArgs() {} + + private EntryGroupArgs(EntryGroupArgs $) { + this.description = $.description; + this.displayName = $.displayName; + this.entryGroupId = $.entryGroupId; + this.labels = $.labels; + this.location = $.location; + this.project = $.project; + } + + public static Builder builder() { + return new Builder(); + } + public static Builder builder(EntryGroupArgs defaults) { + return new Builder(defaults); + } + + public static final class Builder { + private EntryGroupArgs $; + + public Builder() { + $ = new EntryGroupArgs(); + } + + public Builder(EntryGroupArgs defaults) { + $ = new EntryGroupArgs(Objects.requireNonNull(defaults)); + } + + /** + * @param description Description of the EntryGroup. + * + * @return builder + * + */ + public Builder description(@Nullable Output description) { + $.description = description; + return this; + } + + /** + * @param description Description of the EntryGroup. + * + * @return builder + * + */ + public Builder description(String description) { + return description(Output.of(description)); + } + + /** + * @param displayName User friendly display name. + * + * @return builder + * + */ + public Builder displayName(@Nullable Output displayName) { + $.displayName = displayName; + return this; + } + + /** + * @param displayName User friendly display name. + * + * @return builder + * + */ + public Builder displayName(String displayName) { + return displayName(Output.of(displayName)); + } + + /** + * @param entryGroupId The entry group id of the entry group. + * + * @return builder + * + */ + public Builder entryGroupId(@Nullable Output entryGroupId) { + $.entryGroupId = entryGroupId; + return this; + } + + /** + * @param entryGroupId The entry group id of the entry group. + * + * @return builder + * + */ + public Builder entryGroupId(String entryGroupId) { + return entryGroupId(Output.of(entryGroupId)); + } + + /** + * @param labels User-defined labels for the EntryGroup. + * + * **Note**: This field is non-authoritative, and will only manage the labels present in your configuration. + * Please refer to the field `effective_labels` for all of the labels present on the resource. + * + * @return builder + * + */ + public Builder labels(@Nullable Output> labels) { + $.labels = labels; + return this; + } + + /** + * @param labels User-defined labels for the EntryGroup. + * + * **Note**: This field is non-authoritative, and will only manage the labels present in your configuration. + * Please refer to the field `effective_labels` for all of the labels present on the resource. + * + * @return builder + * + */ + public Builder labels(Map labels) { + return labels(Output.of(labels)); + } + + /** + * @param location The location where entry group will be created in. + * + * @return builder + * + */ + public Builder location(@Nullable Output location) { + $.location = location; + return this; + } + + /** + * @param location The location where entry group will be created in. + * + * @return builder + * + */ + public Builder location(String location) { + return location(Output.of(location)); + } + + /** + * @param project The ID of the project in which the resource belongs. + * If it is not provided, the provider project is used. + * + * @return builder + * + */ + public Builder project(@Nullable Output project) { + $.project = project; + return this; + } + + /** + * @param project The ID of the project in which the resource belongs. + * If it is not provided, the provider project is used. + * + * @return builder + * + */ + public Builder project(String project) { + return project(Output.of(project)); + } + + public EntryGroupArgs build() { + return $; + } + } + +} diff --git a/sdk/java/src/main/java/com/pulumi/gcp/dataplex/EntryGroupIamBinding.java b/sdk/java/src/main/java/com/pulumi/gcp/dataplex/EntryGroupIamBinding.java new file mode 100644 index 0000000000..55d28bc3b5 --- /dev/null +++ b/sdk/java/src/main/java/com/pulumi/gcp/dataplex/EntryGroupIamBinding.java @@ -0,0 +1,484 @@ +// *** WARNING: this file was generated by pulumi-java-gen. *** +// *** Do not edit by hand unless you're certain you know what you are doing! *** + +package com.pulumi.gcp.dataplex; + +import com.pulumi.core.Output; +import com.pulumi.core.annotations.Export; +import com.pulumi.core.annotations.ResourceType; +import com.pulumi.core.internal.Codegen; +import com.pulumi.gcp.Utilities; +import com.pulumi.gcp.dataplex.EntryGroupIamBindingArgs; +import com.pulumi.gcp.dataplex.inputs.EntryGroupIamBindingState; +import com.pulumi.gcp.dataplex.outputs.EntryGroupIamBindingCondition; +import java.lang.String; +import java.util.List; +import java.util.Optional; +import javax.annotation.Nullable; + +/** + * Three different resources help you manage your IAM policy for Dataplex EntryGroup. Each of these resources serves a different use case: + * + * * `gcp.dataplex.EntryGroupIamPolicy`: Authoritative. Sets the IAM policy for the entrygroup and replaces any existing policy already attached. + * * `gcp.dataplex.EntryGroupIamBinding`: Authoritative for a given role. Updates the IAM policy to grant a role to a list of members. Other roles within the IAM policy for the entrygroup are preserved. + * * `gcp.dataplex.EntryGroupIamMember`: Non-authoritative. Updates the IAM policy to grant a role to a new member. Other members for the role for the entrygroup are preserved. + * + * A data source can be used to retrieve policy data in advent you do not need creation + * + * * `gcp.dataplex.EntryGroupIamPolicy`: Retrieves the IAM policy for the entrygroup + * + * > **Note:** `gcp.dataplex.EntryGroupIamPolicy` **cannot** be used in conjunction with `gcp.dataplex.EntryGroupIamBinding` and `gcp.dataplex.EntryGroupIamMember` or they will fight over what your policy should be. + * + * > **Note:** `gcp.dataplex.EntryGroupIamBinding` resources **can be** used in conjunction with `gcp.dataplex.EntryGroupIamMember` resources **only if** they do not grant privilege to the same role. + * + * ## gcp.dataplex.EntryGroupIamPolicy + * + * <!--Start PulumiCodeChooser --> + * 
+ * {@code
+ * package generated_program;
+ * 
+ * import com.pulumi.Context;
+ * import com.pulumi.Pulumi;
+ * import com.pulumi.core.Output;
+ * import com.pulumi.gcp.organizations.OrganizationsFunctions;
+ * import com.pulumi.gcp.organizations.inputs.GetIAMPolicyArgs;
+ * import com.pulumi.gcp.dataplex.EntryGroupIamPolicy;
+ * import com.pulumi.gcp.dataplex.EntryGroupIamPolicyArgs;
+ * import java.util.List;
+ * import java.util.ArrayList;
+ * import java.util.Map;
+ * import java.io.File;
+ * import java.nio.file.Files;
+ * import java.nio.file.Paths;
+ * 
+ * public class App {
+ *     public static void main(String[] args) {
+ *         Pulumi.run(App::stack);
+ *     }
+ * 
+ *     public static void stack(Context ctx) {
+ *         final var admin = OrganizationsFunctions.getIAMPolicy(GetIAMPolicyArgs.builder()
+ *             .bindings(GetIAMPolicyBindingArgs.builder()
+ *                 .role("roles/viewer")
+ *                 .members("user:jane{@literal @}example.com")
+ *                 .build())
+ *             .build());
+ * 
+ *         var policy = new EntryGroupIamPolicy("policy", EntryGroupIamPolicyArgs.builder()
+ *             .project(testEntryGroupBasic.project())
+ *             .location(testEntryGroupBasic.location())
+ *             .entryGroupId(testEntryGroupBasic.entryGroupId())
+ *             .policyData(admin.applyValue(getIAMPolicyResult -> getIAMPolicyResult.policyData()))
+ *             .build());
+ * 
+ *     }
+ * }
+ * }
+ *
+ * <!--End PulumiCodeChooser --> + * + * ## gcp.dataplex.EntryGroupIamBinding + * + * <!--Start PulumiCodeChooser --> + * 
+ * {@code
+ * package generated_program;
+ * 
+ * import com.pulumi.Context;
+ * import com.pulumi.Pulumi;
+ * import com.pulumi.core.Output;
+ * import com.pulumi.gcp.dataplex.EntryGroupIamBinding;
+ * import com.pulumi.gcp.dataplex.EntryGroupIamBindingArgs;
+ * import java.util.List;
+ * import java.util.ArrayList;
+ * import java.util.Map;
+ * import java.io.File;
+ * import java.nio.file.Files;
+ * import java.nio.file.Paths;
+ * 
+ * public class App {
+ *     public static void main(String[] args) {
+ *         Pulumi.run(App::stack);
+ *     }
+ * 
+ *     public static void stack(Context ctx) {
+ *         var binding = new EntryGroupIamBinding("binding", EntryGroupIamBindingArgs.builder()
+ *             .project(testEntryGroupBasic.project())
+ *             .location(testEntryGroupBasic.location())
+ *             .entryGroupId(testEntryGroupBasic.entryGroupId())
+ *             .role("roles/viewer")
+ *             .members("user:jane{@literal @}example.com")
+ *             .build());
+ * 
+ *     }
+ * }
+ * }
+ *
+ * <!--End PulumiCodeChooser --> + * + * ## gcp.dataplex.EntryGroupIamMember + * + * <!--Start PulumiCodeChooser --> + * 
+ * {@code
+ * package generated_program;
+ * 
+ * import com.pulumi.Context;
+ * import com.pulumi.Pulumi;
+ * import com.pulumi.core.Output;
+ * import com.pulumi.gcp.dataplex.EntryGroupIamMember;
+ * import com.pulumi.gcp.dataplex.EntryGroupIamMemberArgs;
+ * import java.util.List;
+ * import java.util.ArrayList;
+ * import java.util.Map;
+ * import java.io.File;
+ * import java.nio.file.Files;
+ * import java.nio.file.Paths;
+ * 
+ * public class App {
+ *     public static void main(String[] args) {
+ *         Pulumi.run(App::stack);
+ *     }
+ * 
+ *     public static void stack(Context ctx) {
+ *         var member = new EntryGroupIamMember("member", EntryGroupIamMemberArgs.builder()
+ *             .project(testEntryGroupBasic.project())
+ *             .location(testEntryGroupBasic.location())
+ *             .entryGroupId(testEntryGroupBasic.entryGroupId())
+ *             .role("roles/viewer")
+ *             .member("user:jane{@literal @}example.com")
+ *             .build());
+ * 
+ *     }
+ * }
+ * }
+ *
+ * <!--End PulumiCodeChooser --> + * + * ## gcp.dataplex.EntryGroupIamPolicy + * + * <!--Start PulumiCodeChooser --> + * 
+ * {@code
+ * package generated_program;
+ * 
+ * import com.pulumi.Context;
+ * import com.pulumi.Pulumi;
+ * import com.pulumi.core.Output;
+ * import com.pulumi.gcp.organizations.OrganizationsFunctions;
+ * import com.pulumi.gcp.organizations.inputs.GetIAMPolicyArgs;
+ * import com.pulumi.gcp.dataplex.EntryGroupIamPolicy;
+ * import com.pulumi.gcp.dataplex.EntryGroupIamPolicyArgs;
+ * import java.util.List;
+ * import java.util.ArrayList;
+ * import java.util.Map;
+ * import java.io.File;
+ * import java.nio.file.Files;
+ * import java.nio.file.Paths;
+ * 
+ * public class App {
+ *     public static void main(String[] args) {
+ *         Pulumi.run(App::stack);
+ *     }
+ * 
+ *     public static void stack(Context ctx) {
+ *         final var admin = OrganizationsFunctions.getIAMPolicy(GetIAMPolicyArgs.builder()
+ *             .bindings(GetIAMPolicyBindingArgs.builder()
+ *                 .role("roles/viewer")
+ *                 .members("user:jane{@literal @}example.com")
+ *                 .build())
+ *             .build());
+ * 
+ *         var policy = new EntryGroupIamPolicy("policy", EntryGroupIamPolicyArgs.builder()
+ *             .project(testEntryGroupBasic.project())
+ *             .location(testEntryGroupBasic.location())
+ *             .entryGroupId(testEntryGroupBasic.entryGroupId())
+ *             .policyData(admin.applyValue(getIAMPolicyResult -> getIAMPolicyResult.policyData()))
+ *             .build());
+ * 
+ *     }
+ * }
+ * }
+ *
+ * <!--End PulumiCodeChooser --> + * + * ## gcp.dataplex.EntryGroupIamBinding + * + * <!--Start PulumiCodeChooser --> + * 
+ * {@code
+ * package generated_program;
+ * 
+ * import com.pulumi.Context;
+ * import com.pulumi.Pulumi;
+ * import com.pulumi.core.Output;
+ * import com.pulumi.gcp.dataplex.EntryGroupIamBinding;
+ * import com.pulumi.gcp.dataplex.EntryGroupIamBindingArgs;
+ * import java.util.List;
+ * import java.util.ArrayList;
+ * import java.util.Map;
+ * import java.io.File;
+ * import java.nio.file.Files;
+ * import java.nio.file.Paths;
+ * 
+ * public class App {
+ *     public static void main(String[] args) {
+ *         Pulumi.run(App::stack);
+ *     }
+ * 
+ *     public static void stack(Context ctx) {
+ *         var binding = new EntryGroupIamBinding("binding", EntryGroupIamBindingArgs.builder()
+ *             .project(testEntryGroupBasic.project())
+ *             .location(testEntryGroupBasic.location())
+ *             .entryGroupId(testEntryGroupBasic.entryGroupId())
+ *             .role("roles/viewer")
+ *             .members("user:jane{@literal @}example.com")
+ *             .build());
+ * 
+ *     }
+ * }
+ * }
+ *
+ * <!--End PulumiCodeChooser --> + * + * ## gcp.dataplex.EntryGroupIamMember + * + * <!--Start PulumiCodeChooser --> + * 
+ * {@code
+ * package generated_program;
+ * 
+ * import com.pulumi.Context;
+ * import com.pulumi.Pulumi;
+ * import com.pulumi.core.Output;
+ * import com.pulumi.gcp.dataplex.EntryGroupIamMember;
+ * import com.pulumi.gcp.dataplex.EntryGroupIamMemberArgs;
+ * import java.util.List;
+ * import java.util.ArrayList;
+ * import java.util.Map;
+ * import java.io.File;
+ * import java.nio.file.Files;
+ * import java.nio.file.Paths;
+ * 
+ * public class App {
+ *     public static void main(String[] args) {
+ *         Pulumi.run(App::stack);
+ *     }
+ * 
+ *     public static void stack(Context ctx) {
+ *         var member = new EntryGroupIamMember("member", EntryGroupIamMemberArgs.builder()
+ *             .project(testEntryGroupBasic.project())
+ *             .location(testEntryGroupBasic.location())
+ *             .entryGroupId(testEntryGroupBasic.entryGroupId())
+ *             .role("roles/viewer")
+ *             .member("user:jane{@literal @}example.com")
+ *             .build());
+ * 
+ *     }
+ * }
+ * }
+ *
+ * <!--End PulumiCodeChooser --> + * + * ## Import + * + * For all import syntaxes, the "resource in question" can take any of the following forms: + * + * * projects/{{project}}/locations/{{location}}/entryGroups/{{entry_group_id}} + * + * * {{project}}/{{location}}/{{entry_group_id}} + * + * * {{location}}/{{entry_group_id}} + * + * * {{entry_group_id}} + * + * Any variables not passed in the import command will be taken from the provider configuration. + * + * Dataplex entrygroup IAM resources can be imported using the resource identifiers, role, and member. + * + * IAM member imports use space-delimited identifiers: the resource in question, the role, and the member identity, e.g. + * + * ```sh + * $ pulumi import gcp:dataplex/entryGroupIamBinding:EntryGroupIamBinding editor "projects/{{project}}/locations/{{location}}/entryGroups/{{entry_group_id}} roles/viewer user:jane{@literal @}example.com" + * ``` + * + * IAM binding imports use space-delimited identifiers: the resource in question and the role, e.g. + * + * ```sh + * $ pulumi import gcp:dataplex/entryGroupIamBinding:EntryGroupIamBinding editor "projects/{{project}}/locations/{{location}}/entryGroups/{{entry_group_id}} roles/viewer" + * ``` + * + * IAM policy imports use the identifier of the resource in question, e.g. + * + * ```sh + * $ pulumi import gcp:dataplex/entryGroupIamBinding:EntryGroupIamBinding editor projects/{{project}}/locations/{{location}}/entryGroups/{{entry_group_id}} + * ``` + * + * -> **Custom Roles**: If you're importing a IAM resource with a custom role, make sure to use the + * + * full name of the custom role, e.g. `[projects/my-project|organizations/my-org]/roles/my-custom-role`. + * + */ +@ResourceType(type="gcp:dataplex/entryGroupIamBinding:EntryGroupIamBinding") +public class EntryGroupIamBinding extends com.pulumi.resources.CustomResource { + @Export(name="condition", refs={EntryGroupIamBindingCondition.class}, tree="[0]") + private Output condition; + + public Output> condition() { + return Codegen.optional(this.condition); + } + @Export(name="entryGroupId", refs={String.class}, tree="[0]") + private Output entryGroupId; + + public Output entryGroupId() { + return this.entryGroupId; + } + /** + * (Computed) The etag of the IAM policy. + * + */ + @Export(name="etag", refs={String.class}, tree="[0]") + private Output etag; + + /** + * @return (Computed) The etag of the IAM policy. + * + */ + public Output etag() { + return this.etag; + } + /** + * The location where entry group will be created in. + * Used to find the parent resource to bind the IAM policy to + * + */ + @Export(name="location", refs={String.class}, tree="[0]") + private Output location; + + /** + * @return The location where entry group will be created in. + * Used to find the parent resource to bind the IAM policy to + * + */ + public Output location() { + return this.location; + } + /** + * Identities that will be granted the privilege in `role`. + * Each entry can have one of the following values: + * * **allUsers**: A special identifier that represents anyone who is on the internet; with or without a Google account. + * * **allAuthenticatedUsers**: A special identifier that represents anyone who is authenticated with a Google account or a service account. + * * **user:{emailid}**: An email address that represents a specific Google account. For example, alice{@literal @}gmail.com or joe{@literal @}example.com. + * * **serviceAccount:{emailid}**: An email address that represents a service account. For example, my-other-app{@literal @}appspot.gserviceaccount.com. + * * **group:{emailid}**: An email address that represents a Google group. For example, admins{@literal @}example.com. + * * **domain:{domain}**: A G Suite domain (primary, instead of alias) name that represents all the users of that domain. For example, google.com or example.com. + * * **projectOwner:projectid**: Owners of the given project. For example, "projectOwner:my-example-project" + * * **projectEditor:projectid**: Editors of the given project. For example, "projectEditor:my-example-project" + * * **projectViewer:projectid**: Viewers of the given project. For example, "projectViewer:my-example-project" + * + */ + @Export(name="members", refs={List.class,String.class}, tree="[0,1]") + private Output> members; + + /** + * @return Identities that will be granted the privilege in `role`. + * Each entry can have one of the following values: + * * **allUsers**: A special identifier that represents anyone who is on the internet; with or without a Google account. + * * **allAuthenticatedUsers**: A special identifier that represents anyone who is authenticated with a Google account or a service account. + * * **user:{emailid}**: An email address that represents a specific Google account. For example, alice{@literal @}gmail.com or joe{@literal @}example.com. + * * **serviceAccount:{emailid}**: An email address that represents a service account. For example, my-other-app{@literal @}appspot.gserviceaccount.com. + * * **group:{emailid}**: An email address that represents a Google group. For example, admins{@literal @}example.com. + * * **domain:{domain}**: A G Suite domain (primary, instead of alias) name that represents all the users of that domain. For example, google.com or example.com. + * * **projectOwner:projectid**: Owners of the given project. For example, "projectOwner:my-example-project" + * * **projectEditor:projectid**: Editors of the given project. For example, "projectEditor:my-example-project" + * * **projectViewer:projectid**: Viewers of the given project. For example, "projectViewer:my-example-project" + * + */ + public Output> members() { + return this.members; + } + /** + * The ID of the project in which the resource belongs. + * If it is not provided, the project will be parsed from the identifier of the parent resource. If no project is provided in the parent identifier and no project is specified, the provider project is used. + * + */ + @Export(name="project", refs={String.class}, tree="[0]") + private Output project; + + /** + * @return The ID of the project in which the resource belongs. + * If it is not provided, the project will be parsed from the identifier of the parent resource. If no project is provided in the parent identifier and no project is specified, the provider project is used. + * + */ + public Output project() { + return this.project; + } + /** + * The role that should be applied. Only one + * `gcp.dataplex.EntryGroupIamBinding` can be used per role. Note that custom roles must be of the format + * `[projects|organizations]/{parent-name}/roles/{role-name}`. + * + */ + @Export(name="role", refs={String.class}, tree="[0]") + private Output role; + + /** + * @return The role that should be applied. Only one + * `gcp.dataplex.EntryGroupIamBinding` can be used per role. Note that custom roles must be of the format + * `[projects|organizations]/{parent-name}/roles/{role-name}`. + * + */ + public Output role() { + return this.role; + } + + /** + * + * @param name The _unique_ name of the resulting resource. + */ + public EntryGroupIamBinding(String name) { + this(name, EntryGroupIamBindingArgs.Empty); + } + /** + * + * @param name The _unique_ name of the resulting resource. + * @param args The arguments to use to populate this resource's properties. + */ + public EntryGroupIamBinding(String name, EntryGroupIamBindingArgs args) { + this(name, args, null); + } + /** + * + * @param name The _unique_ name of the resulting resource. + * @param args The arguments to use to populate this resource's properties. + * @param options A bag of options that control this resource's behavior. + */ + public EntryGroupIamBinding(String name, EntryGroupIamBindingArgs args, @Nullable com.pulumi.resources.CustomResourceOptions options) { + super("gcp:dataplex/entryGroupIamBinding:EntryGroupIamBinding", name, args == null ? EntryGroupIamBindingArgs.Empty : args, makeResourceOptions(options, Codegen.empty())); + } + + private EntryGroupIamBinding(String name, Output id, @Nullable EntryGroupIamBindingState state, @Nullable com.pulumi.resources.CustomResourceOptions options) { + super("gcp:dataplex/entryGroupIamBinding:EntryGroupIamBinding", name, state, makeResourceOptions(options, id)); + } + + private static com.pulumi.resources.CustomResourceOptions makeResourceOptions(@Nullable com.pulumi.resources.CustomResourceOptions options, @Nullable Output id) { + var defaultOptions = com.pulumi.resources.CustomResourceOptions.builder() + .version(Utilities.getVersion()) + .build(); + return com.pulumi.resources.CustomResourceOptions.merge(defaultOptions, options, id); + } + + /** + * Get an existing Host resource's state with the given name, ID, and optional extra + * properties used to qualify the lookup. + * + * @param name The _unique_ name of the resulting resource. + * @param id The _unique_ provider ID of the resource to lookup. + * @param state + * @param options Optional settings to control the behavior of the CustomResource. + */ + public static EntryGroupIamBinding get(String name, Output id, @Nullable EntryGroupIamBindingState state, @Nullable com.pulumi.resources.CustomResourceOptions options) { + return new EntryGroupIamBinding(name, id, state, options); + } +} diff --git a/sdk/java/src/main/java/com/pulumi/gcp/dataplex/EntryGroupIamBindingArgs.java b/sdk/java/src/main/java/com/pulumi/gcp/dataplex/EntryGroupIamBindingArgs.java new file mode 100644 index 0000000000..74198d3194 --- /dev/null +++ b/sdk/java/src/main/java/com/pulumi/gcp/dataplex/EntryGroupIamBindingArgs.java @@ -0,0 +1,316 @@ +// *** WARNING: this file was generated by pulumi-java-gen. *** +// *** Do not edit by hand unless you're certain you know what you are doing! *** + +package com.pulumi.gcp.dataplex; + +import com.pulumi.core.Output; +import com.pulumi.core.annotations.Import; +import com.pulumi.exceptions.MissingRequiredPropertyException; +import com.pulumi.gcp.dataplex.inputs.EntryGroupIamBindingConditionArgs; +import java.lang.String; +import java.util.List; +import java.util.Objects; +import java.util.Optional; +import javax.annotation.Nullable; + + +public final class EntryGroupIamBindingArgs extends com.pulumi.resources.ResourceArgs { + + public static final EntryGroupIamBindingArgs Empty = new EntryGroupIamBindingArgs(); + + @Import(name="condition") + private @Nullable Output condition; + + public Optional> condition() { + return Optional.ofNullable(this.condition); + } + + @Import(name="entryGroupId", required=true) + private Output entryGroupId; + + public Output entryGroupId() { + return this.entryGroupId; + } + + /** + * The location where entry group will be created in. + * Used to find the parent resource to bind the IAM policy to + * + */ + @Import(name="location") + private @Nullable Output location; + + /** + * @return The location where entry group will be created in. + * Used to find the parent resource to bind the IAM policy to + * + */ + public Optional> location() { + return Optional.ofNullable(this.location); + } + + /** + * Identities that will be granted the privilege in `role`. + * Each entry can have one of the following values: + * * **allUsers**: A special identifier that represents anyone who is on the internet; with or without a Google account. + * * **allAuthenticatedUsers**: A special identifier that represents anyone who is authenticated with a Google account or a service account. + * * **user:{emailid}**: An email address that represents a specific Google account. For example, alice{@literal @}gmail.com or joe{@literal @}example.com. + * * **serviceAccount:{emailid}**: An email address that represents a service account. For example, my-other-app{@literal @}appspot.gserviceaccount.com. + * * **group:{emailid}**: An email address that represents a Google group. For example, admins{@literal @}example.com. + * * **domain:{domain}**: A G Suite domain (primary, instead of alias) name that represents all the users of that domain. For example, google.com or example.com. + * * **projectOwner:projectid**: Owners of the given project. For example, "projectOwner:my-example-project" + * * **projectEditor:projectid**: Editors of the given project. For example, "projectEditor:my-example-project" + * * **projectViewer:projectid**: Viewers of the given project. For example, "projectViewer:my-example-project" + * + */ + @Import(name="members", required=true) + private Output> members; + + /** + * @return Identities that will be granted the privilege in `role`. + * Each entry can have one of the following values: + * * **allUsers**: A special identifier that represents anyone who is on the internet; with or without a Google account. + * * **allAuthenticatedUsers**: A special identifier that represents anyone who is authenticated with a Google account or a service account. + * * **user:{emailid}**: An email address that represents a specific Google account. For example, alice{@literal @}gmail.com or joe{@literal @}example.com. + * * **serviceAccount:{emailid}**: An email address that represents a service account. For example, my-other-app{@literal @}appspot.gserviceaccount.com. + * * **group:{emailid}**: An email address that represents a Google group. For example, admins{@literal @}example.com. + * * **domain:{domain}**: A G Suite domain (primary, instead of alias) name that represents all the users of that domain. For example, google.com or example.com. + * * **projectOwner:projectid**: Owners of the given project. For example, "projectOwner:my-example-project" + * * **projectEditor:projectid**: Editors of the given project. For example, "projectEditor:my-example-project" + * * **projectViewer:projectid**: Viewers of the given project. For example, "projectViewer:my-example-project" + * + */ + public Output> members() { + return this.members; + } + + /** + * The ID of the project in which the resource belongs. + * If it is not provided, the project will be parsed from the identifier of the parent resource. If no project is provided in the parent identifier and no project is specified, the provider project is used. + * + */ + @Import(name="project") + private @Nullable Output project; + + /** + * @return The ID of the project in which the resource belongs. + * If it is not provided, the project will be parsed from the identifier of the parent resource. If no project is provided in the parent identifier and no project is specified, the provider project is used. + * + */ + public Optional> project() { + return Optional.ofNullable(this.project); + } + + /** + * The role that should be applied. Only one + * `gcp.dataplex.EntryGroupIamBinding` can be used per role. Note that custom roles must be of the format + * `[projects|organizations]/{parent-name}/roles/{role-name}`. + * + */ + @Import(name="role", required=true) + private Output role; + + /** + * @return The role that should be applied. Only one + * `gcp.dataplex.EntryGroupIamBinding` can be used per role. Note that custom roles must be of the format + * `[projects|organizations]/{parent-name}/roles/{role-name}`. + * + */ + public Output role() { + return this.role; + } + + private EntryGroupIamBindingArgs() {} + + private EntryGroupIamBindingArgs(EntryGroupIamBindingArgs $) { + this.condition = $.condition; + this.entryGroupId = $.entryGroupId; + this.location = $.location; + this.members = $.members; + this.project = $.project; + this.role = $.role; + } + + public static Builder builder() { + return new Builder(); + } + public static Builder builder(EntryGroupIamBindingArgs defaults) { + return new Builder(defaults); + } + + public static final class Builder { + private EntryGroupIamBindingArgs $; + + public Builder() { + $ = new EntryGroupIamBindingArgs(); + } + + public Builder(EntryGroupIamBindingArgs defaults) { + $ = new EntryGroupIamBindingArgs(Objects.requireNonNull(defaults)); + } + + public Builder condition(@Nullable Output condition) { + $.condition = condition; + return this; + } + + public Builder condition(EntryGroupIamBindingConditionArgs condition) { + return condition(Output.of(condition)); + } + + public Builder entryGroupId(Output entryGroupId) { + $.entryGroupId = entryGroupId; + return this; + } + + public Builder entryGroupId(String entryGroupId) { + return entryGroupId(Output.of(entryGroupId)); + } + + /** + * @param location The location where entry group will be created in. + * Used to find the parent resource to bind the IAM policy to + * + * @return builder + * + */ + public Builder location(@Nullable Output location) { + $.location = location; + return this; + } + + /** + * @param location The location where entry group will be created in. + * Used to find the parent resource to bind the IAM policy to + * + * @return builder + * + */ + public Builder location(String location) { + return location(Output.of(location)); + } + + /** + * @param members Identities that will be granted the privilege in `role`. + * Each entry can have one of the following values: + * * **allUsers**: A special identifier that represents anyone who is on the internet; with or without a Google account. + * * **allAuthenticatedUsers**: A special identifier that represents anyone who is authenticated with a Google account or a service account. + * * **user:{emailid}**: An email address that represents a specific Google account. For example, alice{@literal @}gmail.com or joe{@literal @}example.com. + * * **serviceAccount:{emailid}**: An email address that represents a service account. For example, my-other-app{@literal @}appspot.gserviceaccount.com. + * * **group:{emailid}**: An email address that represents a Google group. For example, admins{@literal @}example.com. + * * **domain:{domain}**: A G Suite domain (primary, instead of alias) name that represents all the users of that domain. For example, google.com or example.com. + * * **projectOwner:projectid**: Owners of the given project. For example, "projectOwner:my-example-project" + * * **projectEditor:projectid**: Editors of the given project. For example, "projectEditor:my-example-project" + * * **projectViewer:projectid**: Viewers of the given project. For example, "projectViewer:my-example-project" + * + * @return builder + * + */ + public Builder members(Output> members) { + $.members = members; + return this; + } + + /** + * @param members Identities that will be granted the privilege in `role`. + * Each entry can have one of the following values: + * * **allUsers**: A special identifier that represents anyone who is on the internet; with or without a Google account. + * * **allAuthenticatedUsers**: A special identifier that represents anyone who is authenticated with a Google account or a service account. + * * **user:{emailid}**: An email address that represents a specific Google account. For example, alice{@literal @}gmail.com or joe{@literal @}example.com. + * * **serviceAccount:{emailid}**: An email address that represents a service account. For example, my-other-app{@literal @}appspot.gserviceaccount.com. + * * **group:{emailid}**: An email address that represents a Google group. For example, admins{@literal @}example.com. + * * **domain:{domain}**: A G Suite domain (primary, instead of alias) name that represents all the users of that domain. For example, google.com or example.com. + * * **projectOwner:projectid**: Owners of the given project. For example, "projectOwner:my-example-project" + * * **projectEditor:projectid**: Editors of the given project. For example, "projectEditor:my-example-project" + * * **projectViewer:projectid**: Viewers of the given project. For example, "projectViewer:my-example-project" + * + * @return builder + * + */ + public Builder members(List members) { + return members(Output.of(members)); + } + + /** + * @param members Identities that will be granted the privilege in `role`. + * Each entry can have one of the following values: + * * **allUsers**: A special identifier that represents anyone who is on the internet; with or without a Google account. + * * **allAuthenticatedUsers**: A special identifier that represents anyone who is authenticated with a Google account or a service account. + * * **user:{emailid}**: An email address that represents a specific Google account. For example, alice{@literal @}gmail.com or joe{@literal @}example.com. + * * **serviceAccount:{emailid}**: An email address that represents a service account. For example, my-other-app{@literal @}appspot.gserviceaccount.com. + * * **group:{emailid}**: An email address that represents a Google group. For example, admins{@literal @}example.com. + * * **domain:{domain}**: A G Suite domain (primary, instead of alias) name that represents all the users of that domain. For example, google.com or example.com. + * * **projectOwner:projectid**: Owners of the given project. For example, "projectOwner:my-example-project" + * * **projectEditor:projectid**: Editors of the given project. For example, "projectEditor:my-example-project" + * * **projectViewer:projectid**: Viewers of the given project. For example, "projectViewer:my-example-project" + * + * @return builder + * + */ + public Builder members(String... members) { + return members(List.of(members)); + } + + /** + * @param project The ID of the project in which the resource belongs. + * If it is not provided, the project will be parsed from the identifier of the parent resource. If no project is provided in the parent identifier and no project is specified, the provider project is used. + * + * @return builder + * + */ + public Builder project(@Nullable Output project) { + $.project = project; + return this; + } + + /** + * @param project The ID of the project in which the resource belongs. + * If it is not provided, the project will be parsed from the identifier of the parent resource. If no project is provided in the parent identifier and no project is specified, the provider project is used. + * + * @return builder + * + */ + public Builder project(String project) { + return project(Output.of(project)); + } + + /** + * @param role The role that should be applied. Only one + * `gcp.dataplex.EntryGroupIamBinding` can be used per role. Note that custom roles must be of the format + * `[projects|organizations]/{parent-name}/roles/{role-name}`. + * + * @return builder + * + */ + public Builder role(Output role) { + $.role = role; + return this; + } + + /** + * @param role The role that should be applied. Only one + * `gcp.dataplex.EntryGroupIamBinding` can be used per role. Note that custom roles must be of the format + * `[projects|organizations]/{parent-name}/roles/{role-name}`. + * + * @return builder + * + */ + public Builder role(String role) { + return role(Output.of(role)); + } + + public EntryGroupIamBindingArgs build() { + if ($.entryGroupId == null) { + throw new MissingRequiredPropertyException("EntryGroupIamBindingArgs", "entryGroupId"); + } + if ($.members == null) { + throw new MissingRequiredPropertyException("EntryGroupIamBindingArgs", "members"); + } + if ($.role == null) { + throw new MissingRequiredPropertyException("EntryGroupIamBindingArgs", "role"); + } + return $; + } + } + +} diff --git a/sdk/java/src/main/java/com/pulumi/gcp/dataplex/EntryGroupIamMember.java b/sdk/java/src/main/java/com/pulumi/gcp/dataplex/EntryGroupIamMember.java new file mode 100644 index 0000000000..352827f78d --- /dev/null +++ b/sdk/java/src/main/java/com/pulumi/gcp/dataplex/EntryGroupIamMember.java @@ -0,0 +1,483 @@ +// *** WARNING: this file was generated by pulumi-java-gen. *** +// *** Do not edit by hand unless you're certain you know what you are doing! *** + +package com.pulumi.gcp.dataplex; + +import com.pulumi.core.Output; +import com.pulumi.core.annotations.Export; +import com.pulumi.core.annotations.ResourceType; +import com.pulumi.core.internal.Codegen; +import com.pulumi.gcp.Utilities; +import com.pulumi.gcp.dataplex.EntryGroupIamMemberArgs; +import com.pulumi.gcp.dataplex.inputs.EntryGroupIamMemberState; +import com.pulumi.gcp.dataplex.outputs.EntryGroupIamMemberCondition; +import java.lang.String; +import java.util.Optional; +import javax.annotation.Nullable; + +/** + * Three different resources help you manage your IAM policy for Dataplex EntryGroup. Each of these resources serves a different use case: + * + * * `gcp.dataplex.EntryGroupIamPolicy`: Authoritative. Sets the IAM policy for the entrygroup and replaces any existing policy already attached. + * * `gcp.dataplex.EntryGroupIamBinding`: Authoritative for a given role. Updates the IAM policy to grant a role to a list of members. Other roles within the IAM policy for the entrygroup are preserved. + * * `gcp.dataplex.EntryGroupIamMember`: Non-authoritative. Updates the IAM policy to grant a role to a new member. Other members for the role for the entrygroup are preserved. + * + * A data source can be used to retrieve policy data in advent you do not need creation + * + * * `gcp.dataplex.EntryGroupIamPolicy`: Retrieves the IAM policy for the entrygroup + * + * > **Note:** `gcp.dataplex.EntryGroupIamPolicy` **cannot** be used in conjunction with `gcp.dataplex.EntryGroupIamBinding` and `gcp.dataplex.EntryGroupIamMember` or they will fight over what your policy should be. + * + * > **Note:** `gcp.dataplex.EntryGroupIamBinding` resources **can be** used in conjunction with `gcp.dataplex.EntryGroupIamMember` resources **only if** they do not grant privilege to the same role. + * + * ## gcp.dataplex.EntryGroupIamPolicy + * + * <!--Start PulumiCodeChooser --> + * 
+ * {@code
+ * package generated_program;
+ * 
+ * import com.pulumi.Context;
+ * import com.pulumi.Pulumi;
+ * import com.pulumi.core.Output;
+ * import com.pulumi.gcp.organizations.OrganizationsFunctions;
+ * import com.pulumi.gcp.organizations.inputs.GetIAMPolicyArgs;
+ * import com.pulumi.gcp.dataplex.EntryGroupIamPolicy;
+ * import com.pulumi.gcp.dataplex.EntryGroupIamPolicyArgs;
+ * import java.util.List;
+ * import java.util.ArrayList;
+ * import java.util.Map;
+ * import java.io.File;
+ * import java.nio.file.Files;
+ * import java.nio.file.Paths;
+ * 
+ * public class App {
+ *     public static void main(String[] args) {
+ *         Pulumi.run(App::stack);
+ *     }
+ * 
+ *     public static void stack(Context ctx) {
+ *         final var admin = OrganizationsFunctions.getIAMPolicy(GetIAMPolicyArgs.builder()
+ *             .bindings(GetIAMPolicyBindingArgs.builder()
+ *                 .role("roles/viewer")
+ *                 .members("user:jane{@literal @}example.com")
+ *                 .build())
+ *             .build());
+ * 
+ *         var policy = new EntryGroupIamPolicy("policy", EntryGroupIamPolicyArgs.builder()
+ *             .project(testEntryGroupBasic.project())
+ *             .location(testEntryGroupBasic.location())
+ *             .entryGroupId(testEntryGroupBasic.entryGroupId())
+ *             .policyData(admin.applyValue(getIAMPolicyResult -> getIAMPolicyResult.policyData()))
+ *             .build());
+ * 
+ *     }
+ * }
+ * }
+ *
+ * <!--End PulumiCodeChooser --> + * + * ## gcp.dataplex.EntryGroupIamBinding + * + * <!--Start PulumiCodeChooser --> + * 
+ * {@code
+ * package generated_program;
+ * 
+ * import com.pulumi.Context;
+ * import com.pulumi.Pulumi;
+ * import com.pulumi.core.Output;
+ * import com.pulumi.gcp.dataplex.EntryGroupIamBinding;
+ * import com.pulumi.gcp.dataplex.EntryGroupIamBindingArgs;
+ * import java.util.List;
+ * import java.util.ArrayList;
+ * import java.util.Map;
+ * import java.io.File;
+ * import java.nio.file.Files;
+ * import java.nio.file.Paths;
+ * 
+ * public class App {
+ *     public static void main(String[] args) {
+ *         Pulumi.run(App::stack);
+ *     }
+ * 
+ *     public static void stack(Context ctx) {
+ *         var binding = new EntryGroupIamBinding("binding", EntryGroupIamBindingArgs.builder()
+ *             .project(testEntryGroupBasic.project())
+ *             .location(testEntryGroupBasic.location())
+ *             .entryGroupId(testEntryGroupBasic.entryGroupId())
+ *             .role("roles/viewer")
+ *             .members("user:jane{@literal @}example.com")
+ *             .build());
+ * 
+ *     }
+ * }
+ * }
+ *
+ * <!--End PulumiCodeChooser --> + * + * ## gcp.dataplex.EntryGroupIamMember + * + * <!--Start PulumiCodeChooser --> + * 
+ * {@code
+ * package generated_program;
+ * 
+ * import com.pulumi.Context;
+ * import com.pulumi.Pulumi;
+ * import com.pulumi.core.Output;
+ * import com.pulumi.gcp.dataplex.EntryGroupIamMember;
+ * import com.pulumi.gcp.dataplex.EntryGroupIamMemberArgs;
+ * import java.util.List;
+ * import java.util.ArrayList;
+ * import java.util.Map;
+ * import java.io.File;
+ * import java.nio.file.Files;
+ * import java.nio.file.Paths;
+ * 
+ * public class App {
+ *     public static void main(String[] args) {
+ *         Pulumi.run(App::stack);
+ *     }
+ * 
+ *     public static void stack(Context ctx) {
+ *         var member = new EntryGroupIamMember("member", EntryGroupIamMemberArgs.builder()
+ *             .project(testEntryGroupBasic.project())
+ *             .location(testEntryGroupBasic.location())
+ *             .entryGroupId(testEntryGroupBasic.entryGroupId())
+ *             .role("roles/viewer")
+ *             .member("user:jane{@literal @}example.com")
+ *             .build());
+ * 
+ *     }
+ * }
+ * }
+ *
+ * <!--End PulumiCodeChooser --> + * + * ## gcp.dataplex.EntryGroupIamPolicy + * + * <!--Start PulumiCodeChooser --> + * 
+ * {@code
+ * package generated_program;
+ * 
+ * import com.pulumi.Context;
+ * import com.pulumi.Pulumi;
+ * import com.pulumi.core.Output;
+ * import com.pulumi.gcp.organizations.OrganizationsFunctions;
+ * import com.pulumi.gcp.organizations.inputs.GetIAMPolicyArgs;
+ * import com.pulumi.gcp.dataplex.EntryGroupIamPolicy;
+ * import com.pulumi.gcp.dataplex.EntryGroupIamPolicyArgs;
+ * import java.util.List;
+ * import java.util.ArrayList;
+ * import java.util.Map;
+ * import java.io.File;
+ * import java.nio.file.Files;
+ * import java.nio.file.Paths;
+ * 
+ * public class App {
+ *     public static void main(String[] args) {
+ *         Pulumi.run(App::stack);
+ *     }
+ * 
+ *     public static void stack(Context ctx) {
+ *         final var admin = OrganizationsFunctions.getIAMPolicy(GetIAMPolicyArgs.builder()
+ *             .bindings(GetIAMPolicyBindingArgs.builder()
+ *                 .role("roles/viewer")
+ *                 .members("user:jane{@literal @}example.com")
+ *                 .build())
+ *             .build());
+ * 
+ *         var policy = new EntryGroupIamPolicy("policy", EntryGroupIamPolicyArgs.builder()
+ *             .project(testEntryGroupBasic.project())
+ *             .location(testEntryGroupBasic.location())
+ *             .entryGroupId(testEntryGroupBasic.entryGroupId())
+ *             .policyData(admin.applyValue(getIAMPolicyResult -> getIAMPolicyResult.policyData()))
+ *             .build());
+ * 
+ *     }
+ * }
+ * }
+ *
+ * <!--End PulumiCodeChooser --> + * + * ## gcp.dataplex.EntryGroupIamBinding + * + * <!--Start PulumiCodeChooser --> + * 
+ * {@code
+ * package generated_program;
+ * 
+ * import com.pulumi.Context;
+ * import com.pulumi.Pulumi;
+ * import com.pulumi.core.Output;
+ * import com.pulumi.gcp.dataplex.EntryGroupIamBinding;
+ * import com.pulumi.gcp.dataplex.EntryGroupIamBindingArgs;
+ * import java.util.List;
+ * import java.util.ArrayList;
+ * import java.util.Map;
+ * import java.io.File;
+ * import java.nio.file.Files;
+ * import java.nio.file.Paths;
+ * 
+ * public class App {
+ *     public static void main(String[] args) {
+ *         Pulumi.run(App::stack);
+ *     }
+ * 
+ *     public static void stack(Context ctx) {
+ *         var binding = new EntryGroupIamBinding("binding", EntryGroupIamBindingArgs.builder()
+ *             .project(testEntryGroupBasic.project())
+ *             .location(testEntryGroupBasic.location())
+ *             .entryGroupId(testEntryGroupBasic.entryGroupId())
+ *             .role("roles/viewer")
+ *             .members("user:jane{@literal @}example.com")
+ *             .build());
+ * 
+ *     }
+ * }
+ * }
+ *
+ * <!--End PulumiCodeChooser --> + * + * ## gcp.dataplex.EntryGroupIamMember + * + * <!--Start PulumiCodeChooser --> + * 
+ * {@code
+ * package generated_program;
+ * 
+ * import com.pulumi.Context;
+ * import com.pulumi.Pulumi;
+ * import com.pulumi.core.Output;
+ * import com.pulumi.gcp.dataplex.EntryGroupIamMember;
+ * import com.pulumi.gcp.dataplex.EntryGroupIamMemberArgs;
+ * import java.util.List;
+ * import java.util.ArrayList;
+ * import java.util.Map;
+ * import java.io.File;
+ * import java.nio.file.Files;
+ * import java.nio.file.Paths;
+ * 
+ * public class App {
+ *     public static void main(String[] args) {
+ *         Pulumi.run(App::stack);
+ *     }
+ * 
+ *     public static void stack(Context ctx) {
+ *         var member = new EntryGroupIamMember("member", EntryGroupIamMemberArgs.builder()
+ *             .project(testEntryGroupBasic.project())
+ *             .location(testEntryGroupBasic.location())
+ *             .entryGroupId(testEntryGroupBasic.entryGroupId())
+ *             .role("roles/viewer")
+ *             .member("user:jane{@literal @}example.com")
+ *             .build());
+ * 
+ *     }
+ * }
+ * }
+ *
+ * <!--End PulumiCodeChooser --> + * + * ## Import + * + * For all import syntaxes, the "resource in question" can take any of the following forms: + * + * * projects/{{project}}/locations/{{location}}/entryGroups/{{entry_group_id}} + * + * * {{project}}/{{location}}/{{entry_group_id}} + * + * * {{location}}/{{entry_group_id}} + * + * * {{entry_group_id}} + * + * Any variables not passed in the import command will be taken from the provider configuration. + * + * Dataplex entrygroup IAM resources can be imported using the resource identifiers, role, and member. + * + * IAM member imports use space-delimited identifiers: the resource in question, the role, and the member identity, e.g. + * + * ```sh + * $ pulumi import gcp:dataplex/entryGroupIamMember:EntryGroupIamMember editor "projects/{{project}}/locations/{{location}}/entryGroups/{{entry_group_id}} roles/viewer user:jane{@literal @}example.com" + * ``` + * + * IAM binding imports use space-delimited identifiers: the resource in question and the role, e.g. + * + * ```sh + * $ pulumi import gcp:dataplex/entryGroupIamMember:EntryGroupIamMember editor "projects/{{project}}/locations/{{location}}/entryGroups/{{entry_group_id}} roles/viewer" + * ``` + * + * IAM policy imports use the identifier of the resource in question, e.g. + * + * ```sh + * $ pulumi import gcp:dataplex/entryGroupIamMember:EntryGroupIamMember editor projects/{{project}}/locations/{{location}}/entryGroups/{{entry_group_id}} + * ``` + * + * -> **Custom Roles**: If you're importing a IAM resource with a custom role, make sure to use the + * + * full name of the custom role, e.g. `[projects/my-project|organizations/my-org]/roles/my-custom-role`. + * + */ +@ResourceType(type="gcp:dataplex/entryGroupIamMember:EntryGroupIamMember") +public class EntryGroupIamMember extends com.pulumi.resources.CustomResource { + @Export(name="condition", refs={EntryGroupIamMemberCondition.class}, tree="[0]") + private Output condition; + + public Output> condition() { + return Codegen.optional(this.condition); + } + @Export(name="entryGroupId", refs={String.class}, tree="[0]") + private Output entryGroupId; + + public Output entryGroupId() { + return this.entryGroupId; + } + /** + * (Computed) The etag of the IAM policy. + * + */ + @Export(name="etag", refs={String.class}, tree="[0]") + private Output etag; + + /** + * @return (Computed) The etag of the IAM policy. + * + */ + public Output etag() { + return this.etag; + } + /** + * The location where entry group will be created in. + * Used to find the parent resource to bind the IAM policy to + * + */ + @Export(name="location", refs={String.class}, tree="[0]") + private Output location; + + /** + * @return The location where entry group will be created in. + * Used to find the parent resource to bind the IAM policy to + * + */ + public Output location() { + return this.location; + } + /** + * Identities that will be granted the privilege in `role`. + * Each entry can have one of the following values: + * * **allUsers**: A special identifier that represents anyone who is on the internet; with or without a Google account. + * * **allAuthenticatedUsers**: A special identifier that represents anyone who is authenticated with a Google account or a service account. + * * **user:{emailid}**: An email address that represents a specific Google account. For example, alice{@literal @}gmail.com or joe{@literal @}example.com. + * * **serviceAccount:{emailid}**: An email address that represents a service account. For example, my-other-app{@literal @}appspot.gserviceaccount.com. + * * **group:{emailid}**: An email address that represents a Google group. For example, admins{@literal @}example.com. + * * **domain:{domain}**: A G Suite domain (primary, instead of alias) name that represents all the users of that domain. For example, google.com or example.com. + * * **projectOwner:projectid**: Owners of the given project. For example, "projectOwner:my-example-project" + * * **projectEditor:projectid**: Editors of the given project. For example, "projectEditor:my-example-project" + * * **projectViewer:projectid**: Viewers of the given project. For example, "projectViewer:my-example-project" + * + */ + @Export(name="member", refs={String.class}, tree="[0]") + private Output member; + + /** + * @return Identities that will be granted the privilege in `role`. + * Each entry can have one of the following values: + * * **allUsers**: A special identifier that represents anyone who is on the internet; with or without a Google account. + * * **allAuthenticatedUsers**: A special identifier that represents anyone who is authenticated with a Google account or a service account. + * * **user:{emailid}**: An email address that represents a specific Google account. For example, alice{@literal @}gmail.com or joe{@literal @}example.com. + * * **serviceAccount:{emailid}**: An email address that represents a service account. For example, my-other-app{@literal @}appspot.gserviceaccount.com. + * * **group:{emailid}**: An email address that represents a Google group. For example, admins{@literal @}example.com. + * * **domain:{domain}**: A G Suite domain (primary, instead of alias) name that represents all the users of that domain. For example, google.com or example.com. + * * **projectOwner:projectid**: Owners of the given project. For example, "projectOwner:my-example-project" + * * **projectEditor:projectid**: Editors of the given project. For example, "projectEditor:my-example-project" + * * **projectViewer:projectid**: Viewers of the given project. For example, "projectViewer:my-example-project" + * + */ + public Output member() { + return this.member; + } + /** + * The ID of the project in which the resource belongs. + * If it is not provided, the project will be parsed from the identifier of the parent resource. If no project is provided in the parent identifier and no project is specified, the provider project is used. + * + */ + @Export(name="project", refs={String.class}, tree="[0]") + private Output project; + + /** + * @return The ID of the project in which the resource belongs. + * If it is not provided, the project will be parsed from the identifier of the parent resource. If no project is provided in the parent identifier and no project is specified, the provider project is used. + * + */ + public Output project() { + return this.project; + } + /** + * The role that should be applied. Only one + * `gcp.dataplex.EntryGroupIamBinding` can be used per role. Note that custom roles must be of the format + * `[projects|organizations]/{parent-name}/roles/{role-name}`. + * + */ + @Export(name="role", refs={String.class}, tree="[0]") + private Output role; + + /** + * @return The role that should be applied. Only one + * `gcp.dataplex.EntryGroupIamBinding` can be used per role. Note that custom roles must be of the format + * `[projects|organizations]/{parent-name}/roles/{role-name}`. + * + */ + public Output role() { + return this.role; + } + + /** + * + * @param name The _unique_ name of the resulting resource. + */ + public EntryGroupIamMember(String name) { + this(name, EntryGroupIamMemberArgs.Empty); + } + /** + * + * @param name The _unique_ name of the resulting resource. + * @param args The arguments to use to populate this resource's properties. + */ + public EntryGroupIamMember(String name, EntryGroupIamMemberArgs args) { + this(name, args, null); + } + /** + * + * @param name The _unique_ name of the resulting resource. + * @param args The arguments to use to populate this resource's properties. + * @param options A bag of options that control this resource's behavior. + */ + public EntryGroupIamMember(String name, EntryGroupIamMemberArgs args, @Nullable com.pulumi.resources.CustomResourceOptions options) { + super("gcp:dataplex/entryGroupIamMember:EntryGroupIamMember", name, args == null ? EntryGroupIamMemberArgs.Empty : args, makeResourceOptions(options, Codegen.empty())); + } + + private EntryGroupIamMember(String name, Output id, @Nullable EntryGroupIamMemberState state, @Nullable com.pulumi.resources.CustomResourceOptions options) { + super("gcp:dataplex/entryGroupIamMember:EntryGroupIamMember", name, state, makeResourceOptions(options, id)); + } + + private static com.pulumi.resources.CustomResourceOptions makeResourceOptions(@Nullable com.pulumi.resources.CustomResourceOptions options, @Nullable Output id) { + var defaultOptions = com.pulumi.resources.CustomResourceOptions.builder() + .version(Utilities.getVersion()) + .build(); + return com.pulumi.resources.CustomResourceOptions.merge(defaultOptions, options, id); + } + + /** + * Get an existing Host resource's state with the given name, ID, and optional extra + * properties used to qualify the lookup. + * + * @param name The _unique_ name of the resulting resource. + * @param id The _unique_ provider ID of the resource to lookup. + * @param state + * @param options Optional settings to control the behavior of the CustomResource. + */ + public static EntryGroupIamMember get(String name, Output id, @Nullable EntryGroupIamMemberState state, @Nullable com.pulumi.resources.CustomResourceOptions options) { + return new EntryGroupIamMember(name, id, state, options); + } +} diff --git a/sdk/java/src/main/java/com/pulumi/gcp/dataplex/EntryGroupIamMemberArgs.java b/sdk/java/src/main/java/com/pulumi/gcp/dataplex/EntryGroupIamMemberArgs.java new file mode 100644 index 0000000000..943d8e927e --- /dev/null +++ b/sdk/java/src/main/java/com/pulumi/gcp/dataplex/EntryGroupIamMemberArgs.java @@ -0,0 +1,295 @@ +// *** WARNING: this file was generated by pulumi-java-gen. *** +// *** Do not edit by hand unless you're certain you know what you are doing! *** + +package com.pulumi.gcp.dataplex; + +import com.pulumi.core.Output; +import com.pulumi.core.annotations.Import; +import com.pulumi.exceptions.MissingRequiredPropertyException; +import com.pulumi.gcp.dataplex.inputs.EntryGroupIamMemberConditionArgs; +import java.lang.String; +import java.util.Objects; +import java.util.Optional; +import javax.annotation.Nullable; + + +public final class EntryGroupIamMemberArgs extends com.pulumi.resources.ResourceArgs { + + public static final EntryGroupIamMemberArgs Empty = new EntryGroupIamMemberArgs(); + + @Import(name="condition") + private @Nullable Output condition; + + public Optional> condition() { + return Optional.ofNullable(this.condition); + } + + @Import(name="entryGroupId", required=true) + private Output entryGroupId; + + public Output entryGroupId() { + return this.entryGroupId; + } + + /** + * The location where entry group will be created in. + * Used to find the parent resource to bind the IAM policy to + * + */ + @Import(name="location") + private @Nullable Output location; + + /** + * @return The location where entry group will be created in. + * Used to find the parent resource to bind the IAM policy to + * + */ + public Optional> location() { + return Optional.ofNullable(this.location); + } + + /** + * Identities that will be granted the privilege in `role`. + * Each entry can have one of the following values: + * * **allUsers**: A special identifier that represents anyone who is on the internet; with or without a Google account. + * * **allAuthenticatedUsers**: A special identifier that represents anyone who is authenticated with a Google account or a service account. + * * **user:{emailid}**: An email address that represents a specific Google account. For example, alice{@literal @}gmail.com or joe{@literal @}example.com. + * * **serviceAccount:{emailid}**: An email address that represents a service account. For example, my-other-app{@literal @}appspot.gserviceaccount.com. + * * **group:{emailid}**: An email address that represents a Google group. For example, admins{@literal @}example.com. + * * **domain:{domain}**: A G Suite domain (primary, instead of alias) name that represents all the users of that domain. For example, google.com or example.com. + * * **projectOwner:projectid**: Owners of the given project. For example, "projectOwner:my-example-project" + * * **projectEditor:projectid**: Editors of the given project. For example, "projectEditor:my-example-project" + * * **projectViewer:projectid**: Viewers of the given project. For example, "projectViewer:my-example-project" + * + */ + @Import(name="member", required=true) + private Output member; + + /** + * @return Identities that will be granted the privilege in `role`. + * Each entry can have one of the following values: + * * **allUsers**: A special identifier that represents anyone who is on the internet; with or without a Google account. + * * **allAuthenticatedUsers**: A special identifier that represents anyone who is authenticated with a Google account or a service account. + * * **user:{emailid}**: An email address that represents a specific Google account. For example, alice{@literal @}gmail.com or joe{@literal @}example.com. + * * **serviceAccount:{emailid}**: An email address that represents a service account. For example, my-other-app{@literal @}appspot.gserviceaccount.com. + * * **group:{emailid}**: An email address that represents a Google group. For example, admins{@literal @}example.com. + * * **domain:{domain}**: A G Suite domain (primary, instead of alias) name that represents all the users of that domain. For example, google.com or example.com. + * * **projectOwner:projectid**: Owners of the given project. For example, "projectOwner:my-example-project" + * * **projectEditor:projectid**: Editors of the given project. For example, "projectEditor:my-example-project" + * * **projectViewer:projectid**: Viewers of the given project. For example, "projectViewer:my-example-project" + * + */ + public Output member() { + return this.member; + } + + /** + * The ID of the project in which the resource belongs. + * If it is not provided, the project will be parsed from the identifier of the parent resource. If no project is provided in the parent identifier and no project is specified, the provider project is used. + * + */ + @Import(name="project") + private @Nullable Output project; + + /** + * @return The ID of the project in which the resource belongs. + * If it is not provided, the project will be parsed from the identifier of the parent resource. If no project is provided in the parent identifier and no project is specified, the provider project is used. + * + */ + public Optional> project() { + return Optional.ofNullable(this.project); + } + + /** + * The role that should be applied. Only one + * `gcp.dataplex.EntryGroupIamBinding` can be used per role. Note that custom roles must be of the format + * `[projects|organizations]/{parent-name}/roles/{role-name}`. + * + */ + @Import(name="role", required=true) + private Output role; + + /** + * @return The role that should be applied. Only one + * `gcp.dataplex.EntryGroupIamBinding` can be used per role. Note that custom roles must be of the format + * `[projects|organizations]/{parent-name}/roles/{role-name}`. + * + */ + public Output role() { + return this.role; + } + + private EntryGroupIamMemberArgs() {} + + private EntryGroupIamMemberArgs(EntryGroupIamMemberArgs $) { + this.condition = $.condition; + this.entryGroupId = $.entryGroupId; + this.location = $.location; + this.member = $.member; + this.project = $.project; + this.role = $.role; + } + + public static Builder builder() { + return new Builder(); + } + public static Builder builder(EntryGroupIamMemberArgs defaults) { + return new Builder(defaults); + } + + public static final class Builder { + private EntryGroupIamMemberArgs $; + + public Builder() { + $ = new EntryGroupIamMemberArgs(); + } + + public Builder(EntryGroupIamMemberArgs defaults) { + $ = new EntryGroupIamMemberArgs(Objects.requireNonNull(defaults)); + } + + public Builder condition(@Nullable Output condition) { + $.condition = condition; + return this; + } + + public Builder condition(EntryGroupIamMemberConditionArgs condition) { + return condition(Output.of(condition)); + } + + public Builder entryGroupId(Output entryGroupId) { + $.entryGroupId = entryGroupId; + return this; + } + + public Builder entryGroupId(String entryGroupId) { + return entryGroupId(Output.of(entryGroupId)); + } + + /** + * @param location The location where entry group will be created in. + * Used to find the parent resource to bind the IAM policy to + * + * @return builder + * + */ + public Builder location(@Nullable Output location) { + $.location = location; + return this; + } + + /** + * @param location The location where entry group will be created in. + * Used to find the parent resource to bind the IAM policy to + * + * @return builder + * + */ + public Builder location(String location) { + return location(Output.of(location)); + } + + /** + * @param member Identities that will be granted the privilege in `role`. + * Each entry can have one of the following values: + * * **allUsers**: A special identifier that represents anyone who is on the internet; with or without a Google account. + * * **allAuthenticatedUsers**: A special identifier that represents anyone who is authenticated with a Google account or a service account. + * * **user:{emailid}**: An email address that represents a specific Google account. For example, alice{@literal @}gmail.com or joe{@literal @}example.com. + * * **serviceAccount:{emailid}**: An email address that represents a service account. For example, my-other-app{@literal @}appspot.gserviceaccount.com. + * * **group:{emailid}**: An email address that represents a Google group. For example, admins{@literal @}example.com. + * * **domain:{domain}**: A G Suite domain (primary, instead of alias) name that represents all the users of that domain. For example, google.com or example.com. + * * **projectOwner:projectid**: Owners of the given project. For example, "projectOwner:my-example-project" + * * **projectEditor:projectid**: Editors of the given project. For example, "projectEditor:my-example-project" + * * **projectViewer:projectid**: Viewers of the given project. For example, "projectViewer:my-example-project" + * + * @return builder + * + */ + public Builder member(Output member) { + $.member = member; + return this; + } + + /** + * @param member Identities that will be granted the privilege in `role`. + * Each entry can have one of the following values: + * * **allUsers**: A special identifier that represents anyone who is on the internet; with or without a Google account. + * * **allAuthenticatedUsers**: A special identifier that represents anyone who is authenticated with a Google account or a service account. + * * **user:{emailid}**: An email address that represents a specific Google account. For example, alice{@literal @}gmail.com or joe{@literal @}example.com. + * * **serviceAccount:{emailid}**: An email address that represents a service account. For example, my-other-app{@literal @}appspot.gserviceaccount.com. + * * **group:{emailid}**: An email address that represents a Google group. For example, admins{@literal @}example.com. + * * **domain:{domain}**: A G Suite domain (primary, instead of alias) name that represents all the users of that domain. For example, google.com or example.com. + * * **projectOwner:projectid**: Owners of the given project. For example, "projectOwner:my-example-project" + * * **projectEditor:projectid**: Editors of the given project. For example, "projectEditor:my-example-project" + * * **projectViewer:projectid**: Viewers of the given project. For example, "projectViewer:my-example-project" + * + * @return builder + * + */ + public Builder member(String member) { + return member(Output.of(member)); + } + + /** + * @param project The ID of the project in which the resource belongs. + * If it is not provided, the project will be parsed from the identifier of the parent resource. If no project is provided in the parent identifier and no project is specified, the provider project is used. + * + * @return builder + * + */ + public Builder project(@Nullable Output project) { + $.project = project; + return this; + } + + /** + * @param project The ID of the project in which the resource belongs. + * If it is not provided, the project will be parsed from the identifier of the parent resource. If no project is provided in the parent identifier and no project is specified, the provider project is used. + * + * @return builder + * + */ + public Builder project(String project) { + return project(Output.of(project)); + } + + /** + * @param role The role that should be applied. Only one + * `gcp.dataplex.EntryGroupIamBinding` can be used per role. Note that custom roles must be of the format + * `[projects|organizations]/{parent-name}/roles/{role-name}`. + * + * @return builder + * + */ + public Builder role(Output role) { + $.role = role; + return this; + } + + /** + * @param role The role that should be applied. Only one + * `gcp.dataplex.EntryGroupIamBinding` can be used per role. Note that custom roles must be of the format + * `[projects|organizations]/{parent-name}/roles/{role-name}`. + * + * @return builder + * + */ + public Builder role(String role) { + return role(Output.of(role)); + } + + public EntryGroupIamMemberArgs build() { + if ($.entryGroupId == null) { + throw new MissingRequiredPropertyException("EntryGroupIamMemberArgs", "entryGroupId"); + } + if ($.member == null) { + throw new MissingRequiredPropertyException("EntryGroupIamMemberArgs", "member"); + } + if ($.role == null) { + throw new MissingRequiredPropertyException("EntryGroupIamMemberArgs", "role"); + } + return $; + } + } + +} diff --git a/sdk/java/src/main/java/com/pulumi/gcp/dataplex/EntryGroupIamPolicy.java b/sdk/java/src/main/java/com/pulumi/gcp/dataplex/EntryGroupIamPolicy.java new file mode 100644 index 0000000000..85042b3df6 --- /dev/null +++ b/sdk/java/src/main/java/com/pulumi/gcp/dataplex/EntryGroupIamPolicy.java @@ -0,0 +1,439 @@ +// *** WARNING: this file was generated by pulumi-java-gen. *** +// *** Do not edit by hand unless you're certain you know what you are doing! *** + +package com.pulumi.gcp.dataplex; + +import com.pulumi.core.Output; +import com.pulumi.core.annotations.Export; +import com.pulumi.core.annotations.ResourceType; +import com.pulumi.core.internal.Codegen; +import com.pulumi.gcp.Utilities; +import com.pulumi.gcp.dataplex.EntryGroupIamPolicyArgs; +import com.pulumi.gcp.dataplex.inputs.EntryGroupIamPolicyState; +import java.lang.String; +import javax.annotation.Nullable; + +/** + * Three different resources help you manage your IAM policy for Dataplex EntryGroup. Each of these resources serves a different use case: + * + * * `gcp.dataplex.EntryGroupIamPolicy`: Authoritative. Sets the IAM policy for the entrygroup and replaces any existing policy already attached. + * * `gcp.dataplex.EntryGroupIamBinding`: Authoritative for a given role. Updates the IAM policy to grant a role to a list of members. Other roles within the IAM policy for the entrygroup are preserved. + * * `gcp.dataplex.EntryGroupIamMember`: Non-authoritative. Updates the IAM policy to grant a role to a new member. Other members for the role for the entrygroup are preserved. + * + * A data source can be used to retrieve policy data in advent you do not need creation + * + * * `gcp.dataplex.EntryGroupIamPolicy`: Retrieves the IAM policy for the entrygroup + * + * > **Note:** `gcp.dataplex.EntryGroupIamPolicy` **cannot** be used in conjunction with `gcp.dataplex.EntryGroupIamBinding` and `gcp.dataplex.EntryGroupIamMember` or they will fight over what your policy should be. + * + * > **Note:** `gcp.dataplex.EntryGroupIamBinding` resources **can be** used in conjunction with `gcp.dataplex.EntryGroupIamMember` resources **only if** they do not grant privilege to the same role. + * + * ## gcp.dataplex.EntryGroupIamPolicy + * + * <!--Start PulumiCodeChooser --> + * 
+ * {@code
+ * package generated_program;
+ * 
+ * import com.pulumi.Context;
+ * import com.pulumi.Pulumi;
+ * import com.pulumi.core.Output;
+ * import com.pulumi.gcp.organizations.OrganizationsFunctions;
+ * import com.pulumi.gcp.organizations.inputs.GetIAMPolicyArgs;
+ * import com.pulumi.gcp.dataplex.EntryGroupIamPolicy;
+ * import com.pulumi.gcp.dataplex.EntryGroupIamPolicyArgs;
+ * import java.util.List;
+ * import java.util.ArrayList;
+ * import java.util.Map;
+ * import java.io.File;
+ * import java.nio.file.Files;
+ * import java.nio.file.Paths;
+ * 
+ * public class App {
+ *     public static void main(String[] args) {
+ *         Pulumi.run(App::stack);
+ *     }
+ * 
+ *     public static void stack(Context ctx) {
+ *         final var admin = OrganizationsFunctions.getIAMPolicy(GetIAMPolicyArgs.builder()
+ *             .bindings(GetIAMPolicyBindingArgs.builder()
+ *                 .role("roles/viewer")
+ *                 .members("user:jane{@literal @}example.com")
+ *                 .build())
+ *             .build());
+ * 
+ *         var policy = new EntryGroupIamPolicy("policy", EntryGroupIamPolicyArgs.builder()
+ *             .project(testEntryGroupBasic.project())
+ *             .location(testEntryGroupBasic.location())
+ *             .entryGroupId(testEntryGroupBasic.entryGroupId())
+ *             .policyData(admin.applyValue(getIAMPolicyResult -> getIAMPolicyResult.policyData()))
+ *             .build());
+ * 
+ *     }
+ * }
+ * }
+ *
+ * <!--End PulumiCodeChooser --> + * + * ## gcp.dataplex.EntryGroupIamBinding + * + * <!--Start PulumiCodeChooser --> + * 
+ * {@code
+ * package generated_program;
+ * 
+ * import com.pulumi.Context;
+ * import com.pulumi.Pulumi;
+ * import com.pulumi.core.Output;
+ * import com.pulumi.gcp.dataplex.EntryGroupIamBinding;
+ * import com.pulumi.gcp.dataplex.EntryGroupIamBindingArgs;
+ * import java.util.List;
+ * import java.util.ArrayList;
+ * import java.util.Map;
+ * import java.io.File;
+ * import java.nio.file.Files;
+ * import java.nio.file.Paths;
+ * 
+ * public class App {
+ *     public static void main(String[] args) {
+ *         Pulumi.run(App::stack);
+ *     }
+ * 
+ *     public static void stack(Context ctx) {
+ *         var binding = new EntryGroupIamBinding("binding", EntryGroupIamBindingArgs.builder()
+ *             .project(testEntryGroupBasic.project())
+ *             .location(testEntryGroupBasic.location())
+ *             .entryGroupId(testEntryGroupBasic.entryGroupId())
+ *             .role("roles/viewer")
+ *             .members("user:jane{@literal @}example.com")
+ *             .build());
+ * 
+ *     }
+ * }
+ * }
+ *
+ * <!--End PulumiCodeChooser --> + * + * ## gcp.dataplex.EntryGroupIamMember + * + * <!--Start PulumiCodeChooser --> + * 
+ * {@code
+ * package generated_program;
+ * 
+ * import com.pulumi.Context;
+ * import com.pulumi.Pulumi;
+ * import com.pulumi.core.Output;
+ * import com.pulumi.gcp.dataplex.EntryGroupIamMember;
+ * import com.pulumi.gcp.dataplex.EntryGroupIamMemberArgs;
+ * import java.util.List;
+ * import java.util.ArrayList;
+ * import java.util.Map;
+ * import java.io.File;
+ * import java.nio.file.Files;
+ * import java.nio.file.Paths;
+ * 
+ * public class App {
+ *     public static void main(String[] args) {
+ *         Pulumi.run(App::stack);
+ *     }
+ * 
+ *     public static void stack(Context ctx) {
+ *         var member = new EntryGroupIamMember("member", EntryGroupIamMemberArgs.builder()
+ *             .project(testEntryGroupBasic.project())
+ *             .location(testEntryGroupBasic.location())
+ *             .entryGroupId(testEntryGroupBasic.entryGroupId())
+ *             .role("roles/viewer")
+ *             .member("user:jane{@literal @}example.com")
+ *             .build());
+ * 
+ *     }
+ * }
+ * }
+ *
+ * <!--End PulumiCodeChooser --> + * + * ## gcp.dataplex.EntryGroupIamPolicy + * + * <!--Start PulumiCodeChooser --> + * 
+ * {@code
+ * package generated_program;
+ * 
+ * import com.pulumi.Context;
+ * import com.pulumi.Pulumi;
+ * import com.pulumi.core.Output;
+ * import com.pulumi.gcp.organizations.OrganizationsFunctions;
+ * import com.pulumi.gcp.organizations.inputs.GetIAMPolicyArgs;
+ * import com.pulumi.gcp.dataplex.EntryGroupIamPolicy;
+ * import com.pulumi.gcp.dataplex.EntryGroupIamPolicyArgs;
+ * import java.util.List;
+ * import java.util.ArrayList;
+ * import java.util.Map;
+ * import java.io.File;
+ * import java.nio.file.Files;
+ * import java.nio.file.Paths;
+ * 
+ * public class App {
+ *     public static void main(String[] args) {
+ *         Pulumi.run(App::stack);
+ *     }
+ * 
+ *     public static void stack(Context ctx) {
+ *         final var admin = OrganizationsFunctions.getIAMPolicy(GetIAMPolicyArgs.builder()
+ *             .bindings(GetIAMPolicyBindingArgs.builder()
+ *                 .role("roles/viewer")
+ *                 .members("user:jane{@literal @}example.com")
+ *                 .build())
+ *             .build());
+ * 
+ *         var policy = new EntryGroupIamPolicy("policy", EntryGroupIamPolicyArgs.builder()
+ *             .project(testEntryGroupBasic.project())
+ *             .location(testEntryGroupBasic.location())
+ *             .entryGroupId(testEntryGroupBasic.entryGroupId())
+ *             .policyData(admin.applyValue(getIAMPolicyResult -> getIAMPolicyResult.policyData()))
+ *             .build());
+ * 
+ *     }
+ * }
+ * }
+ *
+ * <!--End PulumiCodeChooser --> + * + * ## gcp.dataplex.EntryGroupIamBinding + * + * <!--Start PulumiCodeChooser --> + * 
+ * {@code
+ * package generated_program;
+ * 
+ * import com.pulumi.Context;
+ * import com.pulumi.Pulumi;
+ * import com.pulumi.core.Output;
+ * import com.pulumi.gcp.dataplex.EntryGroupIamBinding;
+ * import com.pulumi.gcp.dataplex.EntryGroupIamBindingArgs;
+ * import java.util.List;
+ * import java.util.ArrayList;
+ * import java.util.Map;
+ * import java.io.File;
+ * import java.nio.file.Files;
+ * import java.nio.file.Paths;
+ * 
+ * public class App {
+ *     public static void main(String[] args) {
+ *         Pulumi.run(App::stack);
+ *     }
+ * 
+ *     public static void stack(Context ctx) {
+ *         var binding = new EntryGroupIamBinding("binding", EntryGroupIamBindingArgs.builder()
+ *             .project(testEntryGroupBasic.project())
+ *             .location(testEntryGroupBasic.location())
+ *             .entryGroupId(testEntryGroupBasic.entryGroupId())
+ *             .role("roles/viewer")
+ *             .members("user:jane{@literal @}example.com")
+ *             .build());
+ * 
+ *     }
+ * }
+ * }
+ *
+ * <!--End PulumiCodeChooser --> + * + * ## gcp.dataplex.EntryGroupIamMember + * + * <!--Start PulumiCodeChooser --> + * 
+ * {@code
+ * package generated_program;
+ * 
+ * import com.pulumi.Context;
+ * import com.pulumi.Pulumi;
+ * import com.pulumi.core.Output;
+ * import com.pulumi.gcp.dataplex.EntryGroupIamMember;
+ * import com.pulumi.gcp.dataplex.EntryGroupIamMemberArgs;
+ * import java.util.List;
+ * import java.util.ArrayList;
+ * import java.util.Map;
+ * import java.io.File;
+ * import java.nio.file.Files;
+ * import java.nio.file.Paths;
+ * 
+ * public class App {
+ *     public static void main(String[] args) {
+ *         Pulumi.run(App::stack);
+ *     }
+ * 
+ *     public static void stack(Context ctx) {
+ *         var member = new EntryGroupIamMember("member", EntryGroupIamMemberArgs.builder()
+ *             .project(testEntryGroupBasic.project())
+ *             .location(testEntryGroupBasic.location())
+ *             .entryGroupId(testEntryGroupBasic.entryGroupId())
+ *             .role("roles/viewer")
+ *             .member("user:jane{@literal @}example.com")
+ *             .build());
+ * 
+ *     }
+ * }
+ * }
+ *
+ * <!--End PulumiCodeChooser --> + * + * ## Import + * + * For all import syntaxes, the "resource in question" can take any of the following forms: + * + * * projects/{{project}}/locations/{{location}}/entryGroups/{{entry_group_id}} + * + * * {{project}}/{{location}}/{{entry_group_id}} + * + * * {{location}}/{{entry_group_id}} + * + * * {{entry_group_id}} + * + * Any variables not passed in the import command will be taken from the provider configuration. + * + * Dataplex entrygroup IAM resources can be imported using the resource identifiers, role, and member. + * + * IAM member imports use space-delimited identifiers: the resource in question, the role, and the member identity, e.g. + * + * ```sh + * $ pulumi import gcp:dataplex/entryGroupIamPolicy:EntryGroupIamPolicy editor "projects/{{project}}/locations/{{location}}/entryGroups/{{entry_group_id}} roles/viewer user:jane{@literal @}example.com" + * ``` + * + * IAM binding imports use space-delimited identifiers: the resource in question and the role, e.g. + * + * ```sh + * $ pulumi import gcp:dataplex/entryGroupIamPolicy:EntryGroupIamPolicy editor "projects/{{project}}/locations/{{location}}/entryGroups/{{entry_group_id}} roles/viewer" + * ``` + * + * IAM policy imports use the identifier of the resource in question, e.g. + * + * ```sh + * $ pulumi import gcp:dataplex/entryGroupIamPolicy:EntryGroupIamPolicy editor projects/{{project}}/locations/{{location}}/entryGroups/{{entry_group_id}} + * ``` + * + * -> **Custom Roles**: If you're importing a IAM resource with a custom role, make sure to use the + * + * full name of the custom role, e.g. `[projects/my-project|organizations/my-org]/roles/my-custom-role`. + * + */ +@ResourceType(type="gcp:dataplex/entryGroupIamPolicy:EntryGroupIamPolicy") +public class EntryGroupIamPolicy extends com.pulumi.resources.CustomResource { + @Export(name="entryGroupId", refs={String.class}, tree="[0]") + private Output entryGroupId; + + public Output entryGroupId() { + return this.entryGroupId; + } + /** + * (Computed) The etag of the IAM policy. + * + */ + @Export(name="etag", refs={String.class}, tree="[0]") + private Output etag; + + /** + * @return (Computed) The etag of the IAM policy. + * + */ + public Output etag() { + return this.etag; + } + /** + * The location where entry group will be created in. + * Used to find the parent resource to bind the IAM policy to + * + */ + @Export(name="location", refs={String.class}, tree="[0]") + private Output location; + + /** + * @return The location where entry group will be created in. + * Used to find the parent resource to bind the IAM policy to + * + */ + public Output location() { + return this.location; + } + /** + * The policy data generated by + * a `gcp.organizations.getIAMPolicy` data source. + * + */ + @Export(name="policyData", refs={String.class}, tree="[0]") + private Output policyData; + + /** + * @return The policy data generated by + * a `gcp.organizations.getIAMPolicy` data source. + * + */ + public Output policyData() { + return this.policyData; + } + /** + * The ID of the project in which the resource belongs. + * If it is not provided, the project will be parsed from the identifier of the parent resource. If no project is provided in the parent identifier and no project is specified, the provider project is used. + * + */ + @Export(name="project", refs={String.class}, tree="[0]") + private Output project; + + /** + * @return The ID of the project in which the resource belongs. + * If it is not provided, the project will be parsed from the identifier of the parent resource. If no project is provided in the parent identifier and no project is specified, the provider project is used. + * + */ + public Output project() { + return this.project; + } + + /** + * + * @param name The _unique_ name of the resulting resource. + */ + public EntryGroupIamPolicy(String name) { + this(name, EntryGroupIamPolicyArgs.Empty); + } + /** + * + * @param name The _unique_ name of the resulting resource. + * @param args The arguments to use to populate this resource's properties. + */ + public EntryGroupIamPolicy(String name, EntryGroupIamPolicyArgs args) { + this(name, args, null); + } + /** + * + * @param name The _unique_ name of the resulting resource. + * @param args The arguments to use to populate this resource's properties. + * @param options A bag of options that control this resource's behavior. + */ + public EntryGroupIamPolicy(String name, EntryGroupIamPolicyArgs args, @Nullable com.pulumi.resources.CustomResourceOptions options) { + super("gcp:dataplex/entryGroupIamPolicy:EntryGroupIamPolicy", name, args == null ? EntryGroupIamPolicyArgs.Empty : args, makeResourceOptions(options, Codegen.empty())); + } + + private EntryGroupIamPolicy(String name, Output id, @Nullable EntryGroupIamPolicyState state, @Nullable com.pulumi.resources.CustomResourceOptions options) { + super("gcp:dataplex/entryGroupIamPolicy:EntryGroupIamPolicy", name, state, makeResourceOptions(options, id)); + } + + private static com.pulumi.resources.CustomResourceOptions makeResourceOptions(@Nullable com.pulumi.resources.CustomResourceOptions options, @Nullable Output id) { + var defaultOptions = com.pulumi.resources.CustomResourceOptions.builder() + .version(Utilities.getVersion()) + .build(); + return com.pulumi.resources.CustomResourceOptions.merge(defaultOptions, options, id); + } + + /** + * Get an existing Host resource's state with the given name, ID, and optional extra + * properties used to qualify the lookup. + * + * @param name The _unique_ name of the resulting resource. + * @param id The _unique_ provider ID of the resource to lookup. + * @param state + * @param options Optional settings to control the behavior of the CustomResource. + */ + public static EntryGroupIamPolicy get(String name, Output id, @Nullable EntryGroupIamPolicyState state, @Nullable com.pulumi.resources.CustomResourceOptions options) { + return new EntryGroupIamPolicy(name, id, state, options); + } +} diff --git a/sdk/java/src/main/java/com/pulumi/gcp/dataplex/EntryGroupIamPolicyArgs.java b/sdk/java/src/main/java/com/pulumi/gcp/dataplex/EntryGroupIamPolicyArgs.java new file mode 100644 index 0000000000..01b4b5b132 --- /dev/null +++ b/sdk/java/src/main/java/com/pulumi/gcp/dataplex/EntryGroupIamPolicyArgs.java @@ -0,0 +1,193 @@ +// *** WARNING: this file was generated by pulumi-java-gen. *** +// *** Do not edit by hand unless you're certain you know what you are doing! *** + +package com.pulumi.gcp.dataplex; + +import com.pulumi.core.Output; +import com.pulumi.core.annotations.Import; +import com.pulumi.exceptions.MissingRequiredPropertyException; +import java.lang.String; +import java.util.Objects; +import java.util.Optional; +import javax.annotation.Nullable; + + +public final class EntryGroupIamPolicyArgs extends com.pulumi.resources.ResourceArgs { + + public static final EntryGroupIamPolicyArgs Empty = new EntryGroupIamPolicyArgs(); + + @Import(name="entryGroupId", required=true) + private Output entryGroupId; + + public Output entryGroupId() { + return this.entryGroupId; + } + + /** + * The location where entry group will be created in. + * Used to find the parent resource to bind the IAM policy to + * + */ + @Import(name="location") + private @Nullable Output location; + + /** + * @return The location where entry group will be created in. + * Used to find the parent resource to bind the IAM policy to + * + */ + public Optional> location() { + return Optional.ofNullable(this.location); + } + + /** + * The policy data generated by + * a `gcp.organizations.getIAMPolicy` data source. + * + */ + @Import(name="policyData", required=true) + private Output policyData; + + /** + * @return The policy data generated by + * a `gcp.organizations.getIAMPolicy` data source. + * + */ + public Output policyData() { + return this.policyData; + } + + /** + * The ID of the project in which the resource belongs. + * If it is not provided, the project will be parsed from the identifier of the parent resource. If no project is provided in the parent identifier and no project is specified, the provider project is used. + * + */ + @Import(name="project") + private @Nullable Output project; + + /** + * @return The ID of the project in which the resource belongs. + * If it is not provided, the project will be parsed from the identifier of the parent resource. If no project is provided in the parent identifier and no project is specified, the provider project is used. + * + */ + public Optional> project() { + return Optional.ofNullable(this.project); + } + + private EntryGroupIamPolicyArgs() {} + + private EntryGroupIamPolicyArgs(EntryGroupIamPolicyArgs $) { + this.entryGroupId = $.entryGroupId; + this.location = $.location; + this.policyData = $.policyData; + this.project = $.project; + } + + public static Builder builder() { + return new Builder(); + } + public static Builder builder(EntryGroupIamPolicyArgs defaults) { + return new Builder(defaults); + } + + public static final class Builder { + private EntryGroupIamPolicyArgs $; + + public Builder() { + $ = new EntryGroupIamPolicyArgs(); + } + + public Builder(EntryGroupIamPolicyArgs defaults) { + $ = new EntryGroupIamPolicyArgs(Objects.requireNonNull(defaults)); + } + + public Builder entryGroupId(Output entryGroupId) { + $.entryGroupId = entryGroupId; + return this; + } + + public Builder entryGroupId(String entryGroupId) { + return entryGroupId(Output.of(entryGroupId)); + } + + /** + * @param location The location where entry group will be created in. + * Used to find the parent resource to bind the IAM policy to + * + * @return builder + * + */ + public Builder location(@Nullable Output location) { + $.location = location; + return this; + } + + /** + * @param location The location where entry group will be created in. + * Used to find the parent resource to bind the IAM policy to + * + * @return builder + * + */ + public Builder location(String location) { + return location(Output.of(location)); + } + + /** + * @param policyData The policy data generated by + * a `gcp.organizations.getIAMPolicy` data source. + * + * @return builder + * + */ + public Builder policyData(Output policyData) { + $.policyData = policyData; + return this; + } + + /** + * @param policyData The policy data generated by + * a `gcp.organizations.getIAMPolicy` data source. + * + * @return builder + * + */ + public Builder policyData(String policyData) { + return policyData(Output.of(policyData)); + } + + /** + * @param project The ID of the project in which the resource belongs. + * If it is not provided, the project will be parsed from the identifier of the parent resource. If no project is provided in the parent identifier and no project is specified, the provider project is used. + * + * @return builder + * + */ + public Builder project(@Nullable Output project) { + $.project = project; + return this; + } + + /** + * @param project The ID of the project in which the resource belongs. + * If it is not provided, the project will be parsed from the identifier of the parent resource. If no project is provided in the parent identifier and no project is specified, the provider project is used. + * + * @return builder + * + */ + public Builder project(String project) { + return project(Output.of(project)); + } + + public EntryGroupIamPolicyArgs build() { + if ($.entryGroupId == null) { + throw new MissingRequiredPropertyException("EntryGroupIamPolicyArgs", "entryGroupId"); + } + if ($.policyData == null) { + throw new MissingRequiredPropertyException("EntryGroupIamPolicyArgs", "policyData"); + } + return $; + } + } + +} diff --git a/sdk/java/src/main/java/com/pulumi/gcp/dataplex/inputs/AspectTypeIamBindingConditionArgs.java b/sdk/java/src/main/java/com/pulumi/gcp/dataplex/inputs/AspectTypeIamBindingConditionArgs.java new file mode 100644 index 0000000000..d79e488204 --- /dev/null +++ b/sdk/java/src/main/java/com/pulumi/gcp/dataplex/inputs/AspectTypeIamBindingConditionArgs.java @@ -0,0 +1,104 @@ +// *** WARNING: this file was generated by pulumi-java-gen. *** +// *** Do not edit by hand unless you're certain you know what you are doing! *** + +package com.pulumi.gcp.dataplex.inputs; + +import com.pulumi.core.Output; +import com.pulumi.core.annotations.Import; +import com.pulumi.exceptions.MissingRequiredPropertyException; +import java.lang.String; +import java.util.Objects; +import java.util.Optional; +import javax.annotation.Nullable; + + +public final class AspectTypeIamBindingConditionArgs extends com.pulumi.resources.ResourceArgs { + + public static final AspectTypeIamBindingConditionArgs Empty = new AspectTypeIamBindingConditionArgs(); + + @Import(name="description") + private @Nullable Output description; + + public Optional> description() { + return Optional.ofNullable(this.description); + } + + @Import(name="expression", required=true) + private Output expression; + + public Output expression() { + return this.expression; + } + + @Import(name="title", required=true) + private Output title; + + public Output title() { + return this.title; + } + + private AspectTypeIamBindingConditionArgs() {} + + private AspectTypeIamBindingConditionArgs(AspectTypeIamBindingConditionArgs $) { + this.description = $.description; + this.expression = $.expression; + this.title = $.title; + } + + public static Builder builder() { + return new Builder(); + } + public static Builder builder(AspectTypeIamBindingConditionArgs defaults) { + return new Builder(defaults); + } + + public static final class Builder { + private AspectTypeIamBindingConditionArgs $; + + public Builder() { + $ = new AspectTypeIamBindingConditionArgs(); + } + + public Builder(AspectTypeIamBindingConditionArgs defaults) { + $ = new AspectTypeIamBindingConditionArgs(Objects.requireNonNull(defaults)); + } + + public Builder description(@Nullable Output description) { + $.description = description; + return this; + } + + public Builder description(String description) { + return description(Output.of(description)); + } + + public Builder expression(Output expression) { + $.expression = expression; + return this; + } + + public Builder expression(String expression) { + return expression(Output.of(expression)); + } + + public Builder title(Output title) { + $.title = title; + return this; + } + + public Builder title(String title) { + return title(Output.of(title)); + } + + public AspectTypeIamBindingConditionArgs build() { + if ($.expression == null) { + throw new MissingRequiredPropertyException("AspectTypeIamBindingConditionArgs", "expression"); + } + if ($.title == null) { + throw new MissingRequiredPropertyException("AspectTypeIamBindingConditionArgs", "title"); + } + return $; + } + } + +} diff --git a/sdk/java/src/main/java/com/pulumi/gcp/dataplex/inputs/AspectTypeIamBindingState.java b/sdk/java/src/main/java/com/pulumi/gcp/dataplex/inputs/AspectTypeIamBindingState.java new file mode 100644 index 0000000000..cb638ee2d4 --- /dev/null +++ b/sdk/java/src/main/java/com/pulumi/gcp/dataplex/inputs/AspectTypeIamBindingState.java @@ -0,0 +1,343 @@ +// *** WARNING: this file was generated by pulumi-java-gen. *** +// *** Do not edit by hand unless you're certain you know what you are doing! *** + +package com.pulumi.gcp.dataplex.inputs; + +import com.pulumi.core.Output; +import com.pulumi.core.annotations.Import; +import com.pulumi.gcp.dataplex.inputs.AspectTypeIamBindingConditionArgs; +import java.lang.String; +import java.util.List; +import java.util.Objects; +import java.util.Optional; +import javax.annotation.Nullable; + + +public final class AspectTypeIamBindingState extends com.pulumi.resources.ResourceArgs { + + public static final AspectTypeIamBindingState Empty = new AspectTypeIamBindingState(); + + @Import(name="aspectTypeId") + private @Nullable Output aspectTypeId; + + public Optional> aspectTypeId() { + return Optional.ofNullable(this.aspectTypeId); + } + + @Import(name="condition") + private @Nullable Output condition; + + public Optional> condition() { + return Optional.ofNullable(this.condition); + } + + /** + * (Computed) The etag of the IAM policy. + * + */ + @Import(name="etag") + private @Nullable Output etag; + + /** + * @return (Computed) The etag of the IAM policy. + * + */ + public Optional> etag() { + return Optional.ofNullable(this.etag); + } + + /** + * The location where aspect type will be created in. + * Used to find the parent resource to bind the IAM policy to + * + */ + @Import(name="location") + private @Nullable Output location; + + /** + * @return The location where aspect type will be created in. + * Used to find the parent resource to bind the IAM policy to + * + */ + public Optional> location() { + return Optional.ofNullable(this.location); + } + + /** + * Identities that will be granted the privilege in `role`. + * Each entry can have one of the following values: + * * **allUsers**: A special identifier that represents anyone who is on the internet; with or without a Google account. + * * **allAuthenticatedUsers**: A special identifier that represents anyone who is authenticated with a Google account or a service account. + * * **user:{emailid}**: An email address that represents a specific Google account. For example, alice{@literal @}gmail.com or joe{@literal @}example.com. + * * **serviceAccount:{emailid}**: An email address that represents a service account. For example, my-other-app{@literal @}appspot.gserviceaccount.com. + * * **group:{emailid}**: An email address that represents a Google group. For example, admins{@literal @}example.com. + * * **domain:{domain}**: A G Suite domain (primary, instead of alias) name that represents all the users of that domain. For example, google.com or example.com. + * * **projectOwner:projectid**: Owners of the given project. For example, "projectOwner:my-example-project" + * * **projectEditor:projectid**: Editors of the given project. For example, "projectEditor:my-example-project" + * * **projectViewer:projectid**: Viewers of the given project. For example, "projectViewer:my-example-project" + * + */ + @Import(name="members") + private @Nullable Output> members; + + /** + * @return Identities that will be granted the privilege in `role`. + * Each entry can have one of the following values: + * * **allUsers**: A special identifier that represents anyone who is on the internet; with or without a Google account. + * * **allAuthenticatedUsers**: A special identifier that represents anyone who is authenticated with a Google account or a service account. + * * **user:{emailid}**: An email address that represents a specific Google account. For example, alice{@literal @}gmail.com or joe{@literal @}example.com. + * * **serviceAccount:{emailid}**: An email address that represents a service account. For example, my-other-app{@literal @}appspot.gserviceaccount.com. + * * **group:{emailid}**: An email address that represents a Google group. For example, admins{@literal @}example.com. + * * **domain:{domain}**: A G Suite domain (primary, instead of alias) name that represents all the users of that domain. For example, google.com or example.com. + * * **projectOwner:projectid**: Owners of the given project. For example, "projectOwner:my-example-project" + * * **projectEditor:projectid**: Editors of the given project. For example, "projectEditor:my-example-project" + * * **projectViewer:projectid**: Viewers of the given project. For example, "projectViewer:my-example-project" + * + */ + public Optional>> members() { + return Optional.ofNullable(this.members); + } + + /** + * The ID of the project in which the resource belongs. + * If it is not provided, the project will be parsed from the identifier of the parent resource. If no project is provided in the parent identifier and no project is specified, the provider project is used. + * + */ + @Import(name="project") + private @Nullable Output project; + + /** + * @return The ID of the project in which the resource belongs. + * If it is not provided, the project will be parsed from the identifier of the parent resource. If no project is provided in the parent identifier and no project is specified, the provider project is used. + * + */ + public Optional> project() { + return Optional.ofNullable(this.project); + } + + /** + * The role that should be applied. Only one + * `gcp.dataplex.AspectTypeIamBinding` can be used per role. Note that custom roles must be of the format + * `[projects|organizations]/{parent-name}/roles/{role-name}`. + * + */ + @Import(name="role") + private @Nullable Output role; + + /** + * @return The role that should be applied. Only one + * `gcp.dataplex.AspectTypeIamBinding` can be used per role. Note that custom roles must be of the format + * `[projects|organizations]/{parent-name}/roles/{role-name}`. + * + */ + public Optional> role() { + return Optional.ofNullable(this.role); + } + + private AspectTypeIamBindingState() {} + + private AspectTypeIamBindingState(AspectTypeIamBindingState $) { + this.aspectTypeId = $.aspectTypeId; + this.condition = $.condition; + this.etag = $.etag; + this.location = $.location; + this.members = $.members; + this.project = $.project; + this.role = $.role; + } + + public static Builder builder() { + return new Builder(); + } + public static Builder builder(AspectTypeIamBindingState defaults) { + return new Builder(defaults); + } + + public static final class Builder { + private AspectTypeIamBindingState $; + + public Builder() { + $ = new AspectTypeIamBindingState(); + } + + public Builder(AspectTypeIamBindingState defaults) { + $ = new AspectTypeIamBindingState(Objects.requireNonNull(defaults)); + } + + public Builder aspectTypeId(@Nullable Output aspectTypeId) { + $.aspectTypeId = aspectTypeId; + return this; + } + + public Builder aspectTypeId(String aspectTypeId) { + return aspectTypeId(Output.of(aspectTypeId)); + } + + public Builder condition(@Nullable Output condition) { + $.condition = condition; + return this; + } + + public Builder condition(AspectTypeIamBindingConditionArgs condition) { + return condition(Output.of(condition)); + } + + /** + * @param etag (Computed) The etag of the IAM policy. + * + * @return builder + * + */ + public Builder etag(@Nullable Output etag) { + $.etag = etag; + return this; + } + + /** + * @param etag (Computed) The etag of the IAM policy. + * + * @return builder + * + */ + public Builder etag(String etag) { + return etag(Output.of(etag)); + } + + /** + * @param location The location where aspect type will be created in. + * Used to find the parent resource to bind the IAM policy to + * + * @return builder + * + */ + public Builder location(@Nullable Output location) { + $.location = location; + return this; + } + + /** + * @param location The location where aspect type will be created in. + * Used to find the parent resource to bind the IAM policy to + * + * @return builder + * + */ + public Builder location(String location) { + return location(Output.of(location)); + } + + /** + * @param members Identities that will be granted the privilege in `role`. + * Each entry can have one of the following values: + * * **allUsers**: A special identifier that represents anyone who is on the internet; with or without a Google account. + * * **allAuthenticatedUsers**: A special identifier that represents anyone who is authenticated with a Google account or a service account. + * * **user:{emailid}**: An email address that represents a specific Google account. For example, alice{@literal @}gmail.com or joe{@literal @}example.com. + * * **serviceAccount:{emailid}**: An email address that represents a service account. For example, my-other-app{@literal @}appspot.gserviceaccount.com. + * * **group:{emailid}**: An email address that represents a Google group. For example, admins{@literal @}example.com. + * * **domain:{domain}**: A G Suite domain (primary, instead of alias) name that represents all the users of that domain. For example, google.com or example.com. + * * **projectOwner:projectid**: Owners of the given project. For example, "projectOwner:my-example-project" + * * **projectEditor:projectid**: Editors of the given project. For example, "projectEditor:my-example-project" + * * **projectViewer:projectid**: Viewers of the given project. For example, "projectViewer:my-example-project" + * + * @return builder + * + */ + public Builder members(@Nullable Output> members) { + $.members = members; + return this; + } + + /** + * @param members Identities that will be granted the privilege in `role`. + * Each entry can have one of the following values: + * * **allUsers**: A special identifier that represents anyone who is on the internet; with or without a Google account. + * * **allAuthenticatedUsers**: A special identifier that represents anyone who is authenticated with a Google account or a service account. + * * **user:{emailid}**: An email address that represents a specific Google account. For example, alice{@literal @}gmail.com or joe{@literal @}example.com. + * * **serviceAccount:{emailid}**: An email address that represents a service account. For example, my-other-app{@literal @}appspot.gserviceaccount.com. + * * **group:{emailid}**: An email address that represents a Google group. For example, admins{@literal @}example.com. + * * **domain:{domain}**: A G Suite domain (primary, instead of alias) name that represents all the users of that domain. For example, google.com or example.com. + * * **projectOwner:projectid**: Owners of the given project. For example, "projectOwner:my-example-project" + * * **projectEditor:projectid**: Editors of the given project. For example, "projectEditor:my-example-project" + * * **projectViewer:projectid**: Viewers of the given project. For example, "projectViewer:my-example-project" + * + * @return builder + * + */ + public Builder members(List members) { + return members(Output.of(members)); + } + + /** + * @param members Identities that will be granted the privilege in `role`. + * Each entry can have one of the following values: + * * **allUsers**: A special identifier that represents anyone who is on the internet; with or without a Google account. + * * **allAuthenticatedUsers**: A special identifier that represents anyone who is authenticated with a Google account or a service account. + * * **user:{emailid}**: An email address that represents a specific Google account. For example, alice{@literal @}gmail.com or joe{@literal @}example.com. + * * **serviceAccount:{emailid}**: An email address that represents a service account. For example, my-other-app{@literal @}appspot.gserviceaccount.com. + * * **group:{emailid}**: An email address that represents a Google group. For example, admins{@literal @}example.com. + * * **domain:{domain}**: A G Suite domain (primary, instead of alias) name that represents all the users of that domain. For example, google.com or example.com. + * * **projectOwner:projectid**: Owners of the given project. For example, "projectOwner:my-example-project" + * * **projectEditor:projectid**: Editors of the given project. For example, "projectEditor:my-example-project" + * * **projectViewer:projectid**: Viewers of the given project. For example, "projectViewer:my-example-project" + * + * @return builder + * + */ + public Builder members(String... members) { + return members(List.of(members)); + } + + /** + * @param project The ID of the project in which the resource belongs. + * If it is not provided, the project will be parsed from the identifier of the parent resource. If no project is provided in the parent identifier and no project is specified, the provider project is used. + * + * @return builder + * + */ + public Builder project(@Nullable Output project) { + $.project = project; + return this; + } + + /** + * @param project The ID of the project in which the resource belongs. + * If it is not provided, the project will be parsed from the identifier of the parent resource. If no project is provided in the parent identifier and no project is specified, the provider project is used. + * + * @return builder + * + */ + public Builder project(String project) { + return project(Output.of(project)); + } + + /** + * @param role The role that should be applied. Only one + * `gcp.dataplex.AspectTypeIamBinding` can be used per role. Note that custom roles must be of the format + * `[projects|organizations]/{parent-name}/roles/{role-name}`. + * + * @return builder + * + */ + public Builder role(@Nullable Output role) { + $.role = role; + return this; + } + + /** + * @param role The role that should be applied. Only one + * `gcp.dataplex.AspectTypeIamBinding` can be used per role. Note that custom roles must be of the format + * `[projects|organizations]/{parent-name}/roles/{role-name}`. + * + * @return builder + * + */ + public Builder role(String role) { + return role(Output.of(role)); + } + + public AspectTypeIamBindingState build() { + return $; + } + } + +} diff --git a/sdk/java/src/main/java/com/pulumi/gcp/dataplex/inputs/AspectTypeIamMemberConditionArgs.java b/sdk/java/src/main/java/com/pulumi/gcp/dataplex/inputs/AspectTypeIamMemberConditionArgs.java new file mode 100644 index 0000000000..e81cb1327b --- /dev/null +++ b/sdk/java/src/main/java/com/pulumi/gcp/dataplex/inputs/AspectTypeIamMemberConditionArgs.java @@ -0,0 +1,104 @@ +// *** WARNING: this file was generated by pulumi-java-gen. *** +// *** Do not edit by hand unless you're certain you know what you are doing! *** + +package com.pulumi.gcp.dataplex.inputs; + +import com.pulumi.core.Output; +import com.pulumi.core.annotations.Import; +import com.pulumi.exceptions.MissingRequiredPropertyException; +import java.lang.String; +import java.util.Objects; +import java.util.Optional; +import javax.annotation.Nullable; + + +public final class AspectTypeIamMemberConditionArgs extends com.pulumi.resources.ResourceArgs { + + public static final AspectTypeIamMemberConditionArgs Empty = new AspectTypeIamMemberConditionArgs(); + + @Import(name="description") + private @Nullable Output description; + + public Optional> description() { + return Optional.ofNullable(this.description); + } + + @Import(name="expression", required=true) + private Output expression; + + public Output expression() { + return this.expression; + } + + @Import(name="title", required=true) + private Output title; + + public Output title() { + return this.title; + } + + private AspectTypeIamMemberConditionArgs() {} + + private AspectTypeIamMemberConditionArgs(AspectTypeIamMemberConditionArgs $) { + this.description = $.description; + this.expression = $.expression; + this.title = $.title; + } + + public static Builder builder() { + return new Builder(); + } + public static Builder builder(AspectTypeIamMemberConditionArgs defaults) { + return new Builder(defaults); + } + + public static final class Builder { + private AspectTypeIamMemberConditionArgs $; + + public Builder() { + $ = new AspectTypeIamMemberConditionArgs(); + } + + public Builder(AspectTypeIamMemberConditionArgs defaults) { + $ = new AspectTypeIamMemberConditionArgs(Objects.requireNonNull(defaults)); + } + + public Builder description(@Nullable Output description) { + $.description = description; + return this; + } + + public Builder description(String description) { + return description(Output.of(description)); + } + + public Builder expression(Output expression) { + $.expression = expression; + return this; + } + + public Builder expression(String expression) { + return expression(Output.of(expression)); + } + + public Builder title(Output title) { + $.title = title; + return this; + } + + public Builder title(String title) { + return title(Output.of(title)); + } + + public AspectTypeIamMemberConditionArgs build() { + if ($.expression == null) { + throw new MissingRequiredPropertyException("AspectTypeIamMemberConditionArgs", "expression"); + } + if ($.title == null) { + throw new MissingRequiredPropertyException("AspectTypeIamMemberConditionArgs", "title"); + } + return $; + } + } + +} diff --git a/sdk/java/src/main/java/com/pulumi/gcp/dataplex/inputs/AspectTypeIamMemberState.java b/sdk/java/src/main/java/com/pulumi/gcp/dataplex/inputs/AspectTypeIamMemberState.java new file mode 100644 index 0000000000..ccfb380ed2 --- /dev/null +++ b/sdk/java/src/main/java/com/pulumi/gcp/dataplex/inputs/AspectTypeIamMemberState.java @@ -0,0 +1,322 @@ +// *** WARNING: this file was generated by pulumi-java-gen. *** +// *** Do not edit by hand unless you're certain you know what you are doing! *** + +package com.pulumi.gcp.dataplex.inputs; + +import com.pulumi.core.Output; +import com.pulumi.core.annotations.Import; +import com.pulumi.gcp.dataplex.inputs.AspectTypeIamMemberConditionArgs; +import java.lang.String; +import java.util.Objects; +import java.util.Optional; +import javax.annotation.Nullable; + + +public final class AspectTypeIamMemberState extends com.pulumi.resources.ResourceArgs { + + public static final AspectTypeIamMemberState Empty = new AspectTypeIamMemberState(); + + @Import(name="aspectTypeId") + private @Nullable Output aspectTypeId; + + public Optional> aspectTypeId() { + return Optional.ofNullable(this.aspectTypeId); + } + + @Import(name="condition") + private @Nullable Output condition; + + public Optional> condition() { + return Optional.ofNullable(this.condition); + } + + /** + * (Computed) The etag of the IAM policy. + * + */ + @Import(name="etag") + private @Nullable Output etag; + + /** + * @return (Computed) The etag of the IAM policy. + * + */ + public Optional> etag() { + return Optional.ofNullable(this.etag); + } + + /** + * The location where aspect type will be created in. + * Used to find the parent resource to bind the IAM policy to + * + */ + @Import(name="location") + private @Nullable Output location; + + /** + * @return The location where aspect type will be created in. + * Used to find the parent resource to bind the IAM policy to + * + */ + public Optional> location() { + return Optional.ofNullable(this.location); + } + + /** + * Identities that will be granted the privilege in `role`. + * Each entry can have one of the following values: + * * **allUsers**: A special identifier that represents anyone who is on the internet; with or without a Google account. + * * **allAuthenticatedUsers**: A special identifier that represents anyone who is authenticated with a Google account or a service account. + * * **user:{emailid}**: An email address that represents a specific Google account. For example, alice{@literal @}gmail.com or joe{@literal @}example.com. + * * **serviceAccount:{emailid}**: An email address that represents a service account. For example, my-other-app{@literal @}appspot.gserviceaccount.com. + * * **group:{emailid}**: An email address that represents a Google group. For example, admins{@literal @}example.com. + * * **domain:{domain}**: A G Suite domain (primary, instead of alias) name that represents all the users of that domain. For example, google.com or example.com. + * * **projectOwner:projectid**: Owners of the given project. For example, "projectOwner:my-example-project" + * * **projectEditor:projectid**: Editors of the given project. For example, "projectEditor:my-example-project" + * * **projectViewer:projectid**: Viewers of the given project. For example, "projectViewer:my-example-project" + * + */ + @Import(name="member") + private @Nullable Output member; + + /** + * @return Identities that will be granted the privilege in `role`. + * Each entry can have one of the following values: + * * **allUsers**: A special identifier that represents anyone who is on the internet; with or without a Google account. + * * **allAuthenticatedUsers**: A special identifier that represents anyone who is authenticated with a Google account or a service account. + * * **user:{emailid}**: An email address that represents a specific Google account. For example, alice{@literal @}gmail.com or joe{@literal @}example.com. + * * **serviceAccount:{emailid}**: An email address that represents a service account. For example, my-other-app{@literal @}appspot.gserviceaccount.com. + * * **group:{emailid}**: An email address that represents a Google group. For example, admins{@literal @}example.com. + * * **domain:{domain}**: A G Suite domain (primary, instead of alias) name that represents all the users of that domain. For example, google.com or example.com. + * * **projectOwner:projectid**: Owners of the given project. For example, "projectOwner:my-example-project" + * * **projectEditor:projectid**: Editors of the given project. For example, "projectEditor:my-example-project" + * * **projectViewer:projectid**: Viewers of the given project. For example, "projectViewer:my-example-project" + * + */ + public Optional> member() { + return Optional.ofNullable(this.member); + } + + /** + * The ID of the project in which the resource belongs. + * If it is not provided, the project will be parsed from the identifier of the parent resource. If no project is provided in the parent identifier and no project is specified, the provider project is used. + * + */ + @Import(name="project") + private @Nullable Output project; + + /** + * @return The ID of the project in which the resource belongs. + * If it is not provided, the project will be parsed from the identifier of the parent resource. If no project is provided in the parent identifier and no project is specified, the provider project is used. + * + */ + public Optional> project() { + return Optional.ofNullable(this.project); + } + + /** + * The role that should be applied. Only one + * `gcp.dataplex.AspectTypeIamBinding` can be used per role. Note that custom roles must be of the format + * `[projects|organizations]/{parent-name}/roles/{role-name}`. + * + */ + @Import(name="role") + private @Nullable Output role; + + /** + * @return The role that should be applied. Only one + * `gcp.dataplex.AspectTypeIamBinding` can be used per role. Note that custom roles must be of the format + * `[projects|organizations]/{parent-name}/roles/{role-name}`. + * + */ + public Optional> role() { + return Optional.ofNullable(this.role); + } + + private AspectTypeIamMemberState() {} + + private AspectTypeIamMemberState(AspectTypeIamMemberState $) { + this.aspectTypeId = $.aspectTypeId; + this.condition = $.condition; + this.etag = $.etag; + this.location = $.location; + this.member = $.member; + this.project = $.project; + this.role = $.role; + } + + public static Builder builder() { + return new Builder(); + } + public static Builder builder(AspectTypeIamMemberState defaults) { + return new Builder(defaults); + } + + public static final class Builder { + private AspectTypeIamMemberState $; + + public Builder() { + $ = new AspectTypeIamMemberState(); + } + + public Builder(AspectTypeIamMemberState defaults) { + $ = new AspectTypeIamMemberState(Objects.requireNonNull(defaults)); + } + + public Builder aspectTypeId(@Nullable Output aspectTypeId) { + $.aspectTypeId = aspectTypeId; + return this; + } + + public Builder aspectTypeId(String aspectTypeId) { + return aspectTypeId(Output.of(aspectTypeId)); + } + + public Builder condition(@Nullable Output condition) { + $.condition = condition; + return this; + } + + public Builder condition(AspectTypeIamMemberConditionArgs condition) { + return condition(Output.of(condition)); + } + + /** + * @param etag (Computed) The etag of the IAM policy. + * + * @return builder + * + */ + public Builder etag(@Nullable Output etag) { + $.etag = etag; + return this; + } + + /** + * @param etag (Computed) The etag of the IAM policy. + * + * @return builder + * + */ + public Builder etag(String etag) { + return etag(Output.of(etag)); + } + + /** + * @param location The location where aspect type will be created in. + * Used to find the parent resource to bind the IAM policy to + * + * @return builder + * + */ + public Builder location(@Nullable Output location) { + $.location = location; + return this; + } + + /** + * @param location The location where aspect type will be created in. + * Used to find the parent resource to bind the IAM policy to + * + * @return builder + * + */ + public Builder location(String location) { + return location(Output.of(location)); + } + + /** + * @param member Identities that will be granted the privilege in `role`. + * Each entry can have one of the following values: + * * **allUsers**: A special identifier that represents anyone who is on the internet; with or without a Google account. + * * **allAuthenticatedUsers**: A special identifier that represents anyone who is authenticated with a Google account or a service account. + * * **user:{emailid}**: An email address that represents a specific Google account. For example, alice{@literal @}gmail.com or joe{@literal @}example.com. + * * **serviceAccount:{emailid}**: An email address that represents a service account. For example, my-other-app{@literal @}appspot.gserviceaccount.com. + * * **group:{emailid}**: An email address that represents a Google group. For example, admins{@literal @}example.com. + * * **domain:{domain}**: A G Suite domain (primary, instead of alias) name that represents all the users of that domain. For example, google.com or example.com. + * * **projectOwner:projectid**: Owners of the given project. For example, "projectOwner:my-example-project" + * * **projectEditor:projectid**: Editors of the given project. For example, "projectEditor:my-example-project" + * * **projectViewer:projectid**: Viewers of the given project. For example, "projectViewer:my-example-project" + * + * @return builder + * + */ + public Builder member(@Nullable Output member) { + $.member = member; + return this; + } + + /** + * @param member Identities that will be granted the privilege in `role`. + * Each entry can have one of the following values: + * * **allUsers**: A special identifier that represents anyone who is on the internet; with or without a Google account. + * * **allAuthenticatedUsers**: A special identifier that represents anyone who is authenticated with a Google account or a service account. + * * **user:{emailid}**: An email address that represents a specific Google account. For example, alice{@literal @}gmail.com or joe{@literal @}example.com. + * * **serviceAccount:{emailid}**: An email address that represents a service account. For example, my-other-app{@literal @}appspot.gserviceaccount.com. + * * **group:{emailid}**: An email address that represents a Google group. For example, admins{@literal @}example.com. + * * **domain:{domain}**: A G Suite domain (primary, instead of alias) name that represents all the users of that domain. For example, google.com or example.com. + * * **projectOwner:projectid**: Owners of the given project. For example, "projectOwner:my-example-project" + * * **projectEditor:projectid**: Editors of the given project. For example, "projectEditor:my-example-project" + * * **projectViewer:projectid**: Viewers of the given project. For example, "projectViewer:my-example-project" + * + * @return builder + * + */ + public Builder member(String member) { + return member(Output.of(member)); + } + + /** + * @param project The ID of the project in which the resource belongs. + * If it is not provided, the project will be parsed from the identifier of the parent resource. If no project is provided in the parent identifier and no project is specified, the provider project is used. + * + * @return builder + * + */ + public Builder project(@Nullable Output project) { + $.project = project; + return this; + } + + /** + * @param project The ID of the project in which the resource belongs. + * If it is not provided, the project will be parsed from the identifier of the parent resource. If no project is provided in the parent identifier and no project is specified, the provider project is used. + * + * @return builder + * + */ + public Builder project(String project) { + return project(Output.of(project)); + } + + /** + * @param role The role that should be applied. Only one + * `gcp.dataplex.AspectTypeIamBinding` can be used per role. Note that custom roles must be of the format + * `[projects|organizations]/{parent-name}/roles/{role-name}`. + * + * @return builder + * + */ + public Builder role(@Nullable Output role) { + $.role = role; + return this; + } + + /** + * @param role The role that should be applied. Only one + * `gcp.dataplex.AspectTypeIamBinding` can be used per role. Note that custom roles must be of the format + * `[projects|organizations]/{parent-name}/roles/{role-name}`. + * + * @return builder + * + */ + public Builder role(String role) { + return role(Output.of(role)); + } + + public AspectTypeIamMemberState build() { + return $; + } + } + +} diff --git a/sdk/java/src/main/java/com/pulumi/gcp/dataplex/inputs/AspectTypeIamPolicyState.java b/sdk/java/src/main/java/com/pulumi/gcp/dataplex/inputs/AspectTypeIamPolicyState.java new file mode 100644 index 0000000000..b64b64dcb9 --- /dev/null +++ b/sdk/java/src/main/java/com/pulumi/gcp/dataplex/inputs/AspectTypeIamPolicyState.java @@ -0,0 +1,223 @@ +// *** WARNING: this file was generated by pulumi-java-gen. *** +// *** Do not edit by hand unless you're certain you know what you are doing! *** + +package com.pulumi.gcp.dataplex.inputs; + +import com.pulumi.core.Output; +import com.pulumi.core.annotations.Import; +import java.lang.String; +import java.util.Objects; +import java.util.Optional; +import javax.annotation.Nullable; + + +public final class AspectTypeIamPolicyState extends com.pulumi.resources.ResourceArgs { + + public static final AspectTypeIamPolicyState Empty = new AspectTypeIamPolicyState(); + + @Import(name="aspectTypeId") + private @Nullable Output aspectTypeId; + + public Optional> aspectTypeId() { + return Optional.ofNullable(this.aspectTypeId); + } + + /** + * (Computed) The etag of the IAM policy. + * + */ + @Import(name="etag") + private @Nullable Output etag; + + /** + * @return (Computed) The etag of the IAM policy. + * + */ + public Optional> etag() { + return Optional.ofNullable(this.etag); + } + + /** + * The location where aspect type will be created in. + * Used to find the parent resource to bind the IAM policy to + * + */ + @Import(name="location") + private @Nullable Output location; + + /** + * @return The location where aspect type will be created in. + * Used to find the parent resource to bind the IAM policy to + * + */ + public Optional> location() { + return Optional.ofNullable(this.location); + } + + /** + * The policy data generated by + * a `gcp.organizations.getIAMPolicy` data source. + * + */ + @Import(name="policyData") + private @Nullable Output policyData; + + /** + * @return The policy data generated by + * a `gcp.organizations.getIAMPolicy` data source. + * + */ + public Optional> policyData() { + return Optional.ofNullable(this.policyData); + } + + /** + * The ID of the project in which the resource belongs. + * If it is not provided, the project will be parsed from the identifier of the parent resource. If no project is provided in the parent identifier and no project is specified, the provider project is used. + * + */ + @Import(name="project") + private @Nullable Output project; + + /** + * @return The ID of the project in which the resource belongs. + * If it is not provided, the project will be parsed from the identifier of the parent resource. If no project is provided in the parent identifier and no project is specified, the provider project is used. + * + */ + public Optional> project() { + return Optional.ofNullable(this.project); + } + + private AspectTypeIamPolicyState() {} + + private AspectTypeIamPolicyState(AspectTypeIamPolicyState $) { + this.aspectTypeId = $.aspectTypeId; + this.etag = $.etag; + this.location = $.location; + this.policyData = $.policyData; + this.project = $.project; + } + + public static Builder builder() { + return new Builder(); + } + public static Builder builder(AspectTypeIamPolicyState defaults) { + return new Builder(defaults); + } + + public static final class Builder { + private AspectTypeIamPolicyState $; + + public Builder() { + $ = new AspectTypeIamPolicyState(); + } + + public Builder(AspectTypeIamPolicyState defaults) { + $ = new AspectTypeIamPolicyState(Objects.requireNonNull(defaults)); + } + + public Builder aspectTypeId(@Nullable Output aspectTypeId) { + $.aspectTypeId = aspectTypeId; + return this; + } + + public Builder aspectTypeId(String aspectTypeId) { + return aspectTypeId(Output.of(aspectTypeId)); + } + + /** + * @param etag (Computed) The etag of the IAM policy. + * + * @return builder + * + */ + public Builder etag(@Nullable Output etag) { + $.etag = etag; + return this; + } + + /** + * @param etag (Computed) The etag of the IAM policy. + * + * @return builder + * + */ + public Builder etag(String etag) { + return etag(Output.of(etag)); + } + + /** + * @param location The location where aspect type will be created in. + * Used to find the parent resource to bind the IAM policy to + * + * @return builder + * + */ + public Builder location(@Nullable Output location) { + $.location = location; + return this; + } + + /** + * @param location The location where aspect type will be created in. + * Used to find the parent resource to bind the IAM policy to + * + * @return builder + * + */ + public Builder location(String location) { + return location(Output.of(location)); + } + + /** + * @param policyData The policy data generated by + * a `gcp.organizations.getIAMPolicy` data source. + * + * @return builder + * + */ + public Builder policyData(@Nullable Output policyData) { + $.policyData = policyData; + return this; + } + + /** + * @param policyData The policy data generated by + * a `gcp.organizations.getIAMPolicy` data source. + * + * @return builder + * + */ + public Builder policyData(String policyData) { + return policyData(Output.of(policyData)); + } + + /** + * @param project The ID of the project in which the resource belongs. + * If it is not provided, the project will be parsed from the identifier of the parent resource. If no project is provided in the parent identifier and no project is specified, the provider project is used. + * + * @return builder + * + */ + public Builder project(@Nullable Output project) { + $.project = project; + return this; + } + + /** + * @param project The ID of the project in which the resource belongs. + * If it is not provided, the project will be parsed from the identifier of the parent resource. If no project is provided in the parent identifier and no project is specified, the provider project is used. + * + * @return builder + * + */ + public Builder project(String project) { + return project(Output.of(project)); + } + + public AspectTypeIamPolicyState build() { + return $; + } + } + +} diff --git a/sdk/java/src/main/java/com/pulumi/gcp/dataplex/inputs/AspectTypeState.java b/sdk/java/src/main/java/com/pulumi/gcp/dataplex/inputs/AspectTypeState.java new file mode 100644 index 0000000000..993b7d0728 --- /dev/null +++ b/sdk/java/src/main/java/com/pulumi/gcp/dataplex/inputs/AspectTypeState.java @@ -0,0 +1,589 @@ +// *** WARNING: this file was generated by pulumi-java-gen. *** +// *** Do not edit by hand unless you're certain you know what you are doing! *** + +package com.pulumi.gcp.dataplex.inputs; + +import com.pulumi.core.Output; +import com.pulumi.core.annotations.Import; +import java.lang.String; +import java.util.Map; +import java.util.Objects; +import java.util.Optional; +import javax.annotation.Nullable; + + +public final class AspectTypeState extends com.pulumi.resources.ResourceArgs { + + public static final AspectTypeState Empty = new AspectTypeState(); + + /** + * The aspect type id of the aspect type. + * + */ + @Import(name="aspectTypeId") + private @Nullable Output aspectTypeId; + + /** + * @return The aspect type id of the aspect type. + * + */ + public Optional> aspectTypeId() { + return Optional.ofNullable(this.aspectTypeId); + } + + /** + * The time when the AspectType was created. + * + */ + @Import(name="createTime") + private @Nullable Output createTime; + + /** + * @return The time when the AspectType was created. + * + */ + public Optional> createTime() { + return Optional.ofNullable(this.createTime); + } + + /** + * Description of the AspectType. + * + */ + @Import(name="description") + private @Nullable Output description; + + /** + * @return Description of the AspectType. + * + */ + public Optional> description() { + return Optional.ofNullable(this.description); + } + + /** + * User friendly display name. + * + */ + @Import(name="displayName") + private @Nullable Output displayName; + + /** + * @return User friendly display name. + * + */ + public Optional> displayName() { + return Optional.ofNullable(this.displayName); + } + + /** + * All of labels (key/value pairs) present on the resource in GCP, including the labels configured through Pulumi, other clients and services. + * + */ + @Import(name="effectiveLabels") + private @Nullable Output> effectiveLabels; + + /** + * @return All of labels (key/value pairs) present on the resource in GCP, including the labels configured through Pulumi, other clients and services. + * + */ + public Optional>> effectiveLabels() { + return Optional.ofNullable(this.effectiveLabels); + } + + /** + * User-defined labels for the AspectType. + * + * **Note**: This field is non-authoritative, and will only manage the labels present in your configuration. + * Please refer to the field `effective_labels` for all of the labels present on the resource. + * + */ + @Import(name="labels") + private @Nullable Output> labels; + + /** + * @return User-defined labels for the AspectType. + * + * **Note**: This field is non-authoritative, and will only manage the labels present in your configuration. + * Please refer to the field `effective_labels` for all of the labels present on the resource. + * + */ + public Optional>> labels() { + return Optional.ofNullable(this.labels); + } + + /** + * The location where aspect type will be created in. + * + */ + @Import(name="location") + private @Nullable Output location; + + /** + * @return The location where aspect type will be created in. + * + */ + public Optional> location() { + return Optional.ofNullable(this.location); + } + + /** + * MetadataTemplate of the Aspect. + * + */ + @Import(name="metadataTemplate") + private @Nullable Output metadataTemplate; + + /** + * @return MetadataTemplate of the Aspect. + * + */ + public Optional> metadataTemplate() { + return Optional.ofNullable(this.metadataTemplate); + } + + /** + * The relative resource name of the AspectType, of the form: projects/{project_number}/locations/{location_id}/aspectTypes/{aspect_type_id} + * + */ + @Import(name="name") + private @Nullable Output name; + + /** + * @return The relative resource name of the AspectType, of the form: projects/{project_number}/locations/{location_id}/aspectTypes/{aspect_type_id} + * + */ + public Optional> name() { + return Optional.ofNullable(this.name); + } + + /** + * The ID of the project in which the resource belongs. + * If it is not provided, the provider project is used. + * + */ + @Import(name="project") + private @Nullable Output project; + + /** + * @return The ID of the project in which the resource belongs. + * If it is not provided, the provider project is used. + * + */ + public Optional> project() { + return Optional.ofNullable(this.project); + } + + /** + * The combination of labels configured directly on the resource + * and default labels configured on the provider. + * + */ + @Import(name="pulumiLabels") + private @Nullable Output> pulumiLabels; + + /** + * @return The combination of labels configured directly on the resource + * and default labels configured on the provider. + * + */ + public Optional>> pulumiLabels() { + return Optional.ofNullable(this.pulumiLabels); + } + + /** + * Denotes the transfer status of the Aspect Type. It is unspecified + * for Aspect Type created from Dataplex API. + * + */ + @Import(name="transferStatus") + private @Nullable Output transferStatus; + + /** + * @return Denotes the transfer status of the Aspect Type. It is unspecified + * for Aspect Type created from Dataplex API. + * + */ + public Optional> transferStatus() { + return Optional.ofNullable(this.transferStatus); + } + + /** + * System generated globally unique ID for the AspectType. This ID will be different if the AspectType is deleted and re-created with the same name. + * + */ + @Import(name="uid") + private @Nullable Output uid; + + /** + * @return System generated globally unique ID for the AspectType. This ID will be different if the AspectType is deleted and re-created with the same name. + * + */ + public Optional> uid() { + return Optional.ofNullable(this.uid); + } + + /** + * The time when the AspectType was last updated. + * + */ + @Import(name="updateTime") + private @Nullable Output updateTime; + + /** + * @return The time when the AspectType was last updated. + * + */ + public Optional> updateTime() { + return Optional.ofNullable(this.updateTime); + } + + private AspectTypeState() {} + + private AspectTypeState(AspectTypeState $) { + this.aspectTypeId = $.aspectTypeId; + this.createTime = $.createTime; + this.description = $.description; + this.displayName = $.displayName; + this.effectiveLabels = $.effectiveLabels; + this.labels = $.labels; + this.location = $.location; + this.metadataTemplate = $.metadataTemplate; + this.name = $.name; + this.project = $.project; + this.pulumiLabels = $.pulumiLabels; + this.transferStatus = $.transferStatus; + this.uid = $.uid; + this.updateTime = $.updateTime; + } + + public static Builder builder() { + return new Builder(); + } + public static Builder builder(AspectTypeState defaults) { + return new Builder(defaults); + } + + public static final class Builder { + private AspectTypeState $; + + public Builder() { + $ = new AspectTypeState(); + } + + public Builder(AspectTypeState defaults) { + $ = new AspectTypeState(Objects.requireNonNull(defaults)); + } + + /** + * @param aspectTypeId The aspect type id of the aspect type. + * + * @return builder + * + */ + public Builder aspectTypeId(@Nullable Output aspectTypeId) { + $.aspectTypeId = aspectTypeId; + return this; + } + + /** + * @param aspectTypeId The aspect type id of the aspect type. + * + * @return builder + * + */ + public Builder aspectTypeId(String aspectTypeId) { + return aspectTypeId(Output.of(aspectTypeId)); + } + + /** + * @param createTime The time when the AspectType was created. + * + * @return builder + * + */ + public Builder createTime(@Nullable Output createTime) { + $.createTime = createTime; + return this; + } + + /** + * @param createTime The time when the AspectType was created. + * + * @return builder + * + */ + public Builder createTime(String createTime) { + return createTime(Output.of(createTime)); + } + + /** + * @param description Description of the AspectType. + * + * @return builder + * + */ + public Builder description(@Nullable Output description) { + $.description = description; + return this; + } + + /** + * @param description Description of the AspectType. + * + * @return builder + * + */ + public Builder description(String description) { + return description(Output.of(description)); + } + + /** + * @param displayName User friendly display name. + * + * @return builder + * + */ + public Builder displayName(@Nullable Output displayName) { + $.displayName = displayName; + return this; + } + + /** + * @param displayName User friendly display name. + * + * @return builder + * + */ + public Builder displayName(String displayName) { + return displayName(Output.of(displayName)); + } + + /** + * @param effectiveLabels All of labels (key/value pairs) present on the resource in GCP, including the labels configured through Pulumi, other clients and services. + * + * @return builder + * + */ + public Builder effectiveLabels(@Nullable Output> effectiveLabels) { + $.effectiveLabels = effectiveLabels; + return this; + } + + /** + * @param effectiveLabels All of labels (key/value pairs) present on the resource in GCP, including the labels configured through Pulumi, other clients and services. + * + * @return builder + * + */ + public Builder effectiveLabels(Map effectiveLabels) { + return effectiveLabels(Output.of(effectiveLabels)); + } + + /** + * @param labels User-defined labels for the AspectType. + * + * **Note**: This field is non-authoritative, and will only manage the labels present in your configuration. + * Please refer to the field `effective_labels` for all of the labels present on the resource. + * + * @return builder + * + */ + public Builder labels(@Nullable Output> labels) { + $.labels = labels; + return this; + } + + /** + * @param labels User-defined labels for the AspectType. + * + * **Note**: This field is non-authoritative, and will only manage the labels present in your configuration. + * Please refer to the field `effective_labels` for all of the labels present on the resource. + * + * @return builder + * + */ + public Builder labels(Map labels) { + return labels(Output.of(labels)); + } + + /** + * @param location The location where aspect type will be created in. + * + * @return builder + * + */ + public Builder location(@Nullable Output location) { + $.location = location; + return this; + } + + /** + * @param location The location where aspect type will be created in. + * + * @return builder + * + */ + public Builder location(String location) { + return location(Output.of(location)); + } + + /** + * @param metadataTemplate MetadataTemplate of the Aspect. + * + * @return builder + * + */ + public Builder metadataTemplate(@Nullable Output metadataTemplate) { + $.metadataTemplate = metadataTemplate; + return this; + } + + /** + * @param metadataTemplate MetadataTemplate of the Aspect. + * + * @return builder + * + */ + public Builder metadataTemplate(String metadataTemplate) { + return metadataTemplate(Output.of(metadataTemplate)); + } + + /** + * @param name The relative resource name of the AspectType, of the form: projects/{project_number}/locations/{location_id}/aspectTypes/{aspect_type_id} + * + * @return builder + * + */ + public Builder name(@Nullable Output name) { + $.name = name; + return this; + } + + /** + * @param name The relative resource name of the AspectType, of the form: projects/{project_number}/locations/{location_id}/aspectTypes/{aspect_type_id} + * + * @return builder + * + */ + public Builder name(String name) { + return name(Output.of(name)); + } + + /** + * @param project The ID of the project in which the resource belongs. + * If it is not provided, the provider project is used. + * + * @return builder + * + */ + public Builder project(@Nullable Output project) { + $.project = project; + return this; + } + + /** + * @param project The ID of the project in which the resource belongs. + * If it is not provided, the provider project is used. + * + * @return builder + * + */ + public Builder project(String project) { + return project(Output.of(project)); + } + + /** + * @param pulumiLabels The combination of labels configured directly on the resource + * and default labels configured on the provider. + * + * @return builder + * + */ + public Builder pulumiLabels(@Nullable Output> pulumiLabels) { + $.pulumiLabels = pulumiLabels; + return this; + } + + /** + * @param pulumiLabels The combination of labels configured directly on the resource + * and default labels configured on the provider. + * + * @return builder + * + */ + public Builder pulumiLabels(Map pulumiLabels) { + return pulumiLabels(Output.of(pulumiLabels)); + } + + /** + * @param transferStatus Denotes the transfer status of the Aspect Type. It is unspecified + * for Aspect Type created from Dataplex API. + * + * @return builder + * + */ + public Builder transferStatus(@Nullable Output transferStatus) { + $.transferStatus = transferStatus; + return this; + } + + /** + * @param transferStatus Denotes the transfer status of the Aspect Type. It is unspecified + * for Aspect Type created from Dataplex API. + * + * @return builder + * + */ + public Builder transferStatus(String transferStatus) { + return transferStatus(Output.of(transferStatus)); + } + + /** + * @param uid System generated globally unique ID for the AspectType. This ID will be different if the AspectType is deleted and re-created with the same name. + * + * @return builder + * + */ + public Builder uid(@Nullable Output uid) { + $.uid = uid; + return this; + } + + /** + * @param uid System generated globally unique ID for the AspectType. This ID will be different if the AspectType is deleted and re-created with the same name. + * + * @return builder + * + */ + public Builder uid(String uid) { + return uid(Output.of(uid)); + } + + /** + * @param updateTime The time when the AspectType was last updated. + * + * @return builder + * + */ + public Builder updateTime(@Nullable Output updateTime) { + $.updateTime = updateTime; + return this; + } + + /** + * @param updateTime The time when the AspectType was last updated. + * + * @return builder + * + */ + public Builder updateTime(String updateTime) { + return updateTime(Output.of(updateTime)); + } + + public AspectTypeState build() { + return $; + } + } + +} diff --git a/sdk/java/src/main/java/com/pulumi/gcp/dataplex/inputs/EntryGroupIamBindingConditionArgs.java b/sdk/java/src/main/java/com/pulumi/gcp/dataplex/inputs/EntryGroupIamBindingConditionArgs.java new file mode 100644 index 0000000000..c4bccb64d0 --- /dev/null +++ b/sdk/java/src/main/java/com/pulumi/gcp/dataplex/inputs/EntryGroupIamBindingConditionArgs.java @@ -0,0 +1,104 @@ +// *** WARNING: this file was generated by pulumi-java-gen. *** +// *** Do not edit by hand unless you're certain you know what you are doing! *** + +package com.pulumi.gcp.dataplex.inputs; + +import com.pulumi.core.Output; +import com.pulumi.core.annotations.Import; +import com.pulumi.exceptions.MissingRequiredPropertyException; +import java.lang.String; +import java.util.Objects; +import java.util.Optional; +import javax.annotation.Nullable; + + +public final class EntryGroupIamBindingConditionArgs extends com.pulumi.resources.ResourceArgs { + + public static final EntryGroupIamBindingConditionArgs Empty = new EntryGroupIamBindingConditionArgs(); + + @Import(name="description") + private @Nullable Output description; + + public Optional> description() { + return Optional.ofNullable(this.description); + } + + @Import(name="expression", required=true) + private Output expression; + + public Output expression() { + return this.expression; + } + + @Import(name="title", required=true) + private Output title; + + public Output title() { + return this.title; + } + + private EntryGroupIamBindingConditionArgs() {} + + private EntryGroupIamBindingConditionArgs(EntryGroupIamBindingConditionArgs $) { + this.description = $.description; + this.expression = $.expression; + this.title = $.title; + } + + public static Builder builder() { + return new Builder(); + } + public static Builder builder(EntryGroupIamBindingConditionArgs defaults) { + return new Builder(defaults); + } + + public static final class Builder { + private EntryGroupIamBindingConditionArgs $; + + public Builder() { + $ = new EntryGroupIamBindingConditionArgs(); + } + + public Builder(EntryGroupIamBindingConditionArgs defaults) { + $ = new EntryGroupIamBindingConditionArgs(Objects.requireNonNull(defaults)); + } + + public Builder description(@Nullable Output description) { + $.description = description; + return this; + } + + public Builder description(String description) { + return description(Output.of(description)); + } + + public Builder expression(Output expression) { + $.expression = expression; + return this; + } + + public Builder expression(String expression) { + return expression(Output.of(expression)); + } + + public Builder title(Output title) { + $.title = title; + return this; + } + + public Builder title(String title) { + return title(Output.of(title)); + } + + public EntryGroupIamBindingConditionArgs build() { + if ($.expression == null) { + throw new MissingRequiredPropertyException("EntryGroupIamBindingConditionArgs", "expression"); + } + if ($.title == null) { + throw new MissingRequiredPropertyException("EntryGroupIamBindingConditionArgs", "title"); + } + return $; + } + } + +} diff --git a/sdk/java/src/main/java/com/pulumi/gcp/dataplex/inputs/EntryGroupIamBindingState.java b/sdk/java/src/main/java/com/pulumi/gcp/dataplex/inputs/EntryGroupIamBindingState.java new file mode 100644 index 0000000000..c16ea5d087 --- /dev/null +++ b/sdk/java/src/main/java/com/pulumi/gcp/dataplex/inputs/EntryGroupIamBindingState.java @@ -0,0 +1,343 @@ +// *** WARNING: this file was generated by pulumi-java-gen. *** +// *** Do not edit by hand unless you're certain you know what you are doing! *** + +package com.pulumi.gcp.dataplex.inputs; + +import com.pulumi.core.Output; +import com.pulumi.core.annotations.Import; +import com.pulumi.gcp.dataplex.inputs.EntryGroupIamBindingConditionArgs; +import java.lang.String; +import java.util.List; +import java.util.Objects; +import java.util.Optional; +import javax.annotation.Nullable; + + +public final class EntryGroupIamBindingState extends com.pulumi.resources.ResourceArgs { + + public static final EntryGroupIamBindingState Empty = new EntryGroupIamBindingState(); + + @Import(name="condition") + private @Nullable Output condition; + + public Optional> condition() { + return Optional.ofNullable(this.condition); + } + + @Import(name="entryGroupId") + private @Nullable Output entryGroupId; + + public Optional> entryGroupId() { + return Optional.ofNullable(this.entryGroupId); + } + + /** + * (Computed) The etag of the IAM policy. + * + */ + @Import(name="etag") + private @Nullable Output etag; + + /** + * @return (Computed) The etag of the IAM policy. + * + */ + public Optional> etag() { + return Optional.ofNullable(this.etag); + } + + /** + * The location where entry group will be created in. + * Used to find the parent resource to bind the IAM policy to + * + */ + @Import(name="location") + private @Nullable Output location; + + /** + * @return The location where entry group will be created in. + * Used to find the parent resource to bind the IAM policy to + * + */ + public Optional> location() { + return Optional.ofNullable(this.location); + } + + /** + * Identities that will be granted the privilege in `role`. + * Each entry can have one of the following values: + * * **allUsers**: A special identifier that represents anyone who is on the internet; with or without a Google account. + * * **allAuthenticatedUsers**: A special identifier that represents anyone who is authenticated with a Google account or a service account. + * * **user:{emailid}**: An email address that represents a specific Google account. For example, alice{@literal @}gmail.com or joe{@literal @}example.com. + * * **serviceAccount:{emailid}**: An email address that represents a service account. For example, my-other-app{@literal @}appspot.gserviceaccount.com. + * * **group:{emailid}**: An email address that represents a Google group. For example, admins{@literal @}example.com. + * * **domain:{domain}**: A G Suite domain (primary, instead of alias) name that represents all the users of that domain. For example, google.com or example.com. + * * **projectOwner:projectid**: Owners of the given project. For example, "projectOwner:my-example-project" + * * **projectEditor:projectid**: Editors of the given project. For example, "projectEditor:my-example-project" + * * **projectViewer:projectid**: Viewers of the given project. For example, "projectViewer:my-example-project" + * + */ + @Import(name="members") + private @Nullable Output> members; + + /** + * @return Identities that will be granted the privilege in `role`. + * Each entry can have one of the following values: + * * **allUsers**: A special identifier that represents anyone who is on the internet; with or without a Google account. + * * **allAuthenticatedUsers**: A special identifier that represents anyone who is authenticated with a Google account or a service account. + * * **user:{emailid}**: An email address that represents a specific Google account. For example, alice{@literal @}gmail.com or joe{@literal @}example.com. + * * **serviceAccount:{emailid}**: An email address that represents a service account. For example, my-other-app{@literal @}appspot.gserviceaccount.com. + * * **group:{emailid}**: An email address that represents a Google group. For example, admins{@literal @}example.com. + * * **domain:{domain}**: A G Suite domain (primary, instead of alias) name that represents all the users of that domain. For example, google.com or example.com. + * * **projectOwner:projectid**: Owners of the given project. For example, "projectOwner:my-example-project" + * * **projectEditor:projectid**: Editors of the given project. For example, "projectEditor:my-example-project" + * * **projectViewer:projectid**: Viewers of the given project. For example, "projectViewer:my-example-project" + * + */ + public Optional>> members() { + return Optional.ofNullable(this.members); + } + + /** + * The ID of the project in which the resource belongs. + * If it is not provided, the project will be parsed from the identifier of the parent resource. If no project is provided in the parent identifier and no project is specified, the provider project is used. + * + */ + @Import(name="project") + private @Nullable Output project; + + /** + * @return The ID of the project in which the resource belongs. + * If it is not provided, the project will be parsed from the identifier of the parent resource. If no project is provided in the parent identifier and no project is specified, the provider project is used. + * + */ + public Optional> project() { + return Optional.ofNullable(this.project); + } + + /** + * The role that should be applied. Only one + * `gcp.dataplex.EntryGroupIamBinding` can be used per role. Note that custom roles must be of the format + * `[projects|organizations]/{parent-name}/roles/{role-name}`. + * + */ + @Import(name="role") + private @Nullable Output role; + + /** + * @return The role that should be applied. Only one + * `gcp.dataplex.EntryGroupIamBinding` can be used per role. Note that custom roles must be of the format + * `[projects|organizations]/{parent-name}/roles/{role-name}`. + * + */ + public Optional> role() { + return Optional.ofNullable(this.role); + } + + private EntryGroupIamBindingState() {} + + private EntryGroupIamBindingState(EntryGroupIamBindingState $) { + this.condition = $.condition; + this.entryGroupId = $.entryGroupId; + this.etag = $.etag; + this.location = $.location; + this.members = $.members; + this.project = $.project; + this.role = $.role; + } + + public static Builder builder() { + return new Builder(); + } + public static Builder builder(EntryGroupIamBindingState defaults) { + return new Builder(defaults); + } + + public static final class Builder { + private EntryGroupIamBindingState $; + + public Builder() { + $ = new EntryGroupIamBindingState(); + } + + public Builder(EntryGroupIamBindingState defaults) { + $ = new EntryGroupIamBindingState(Objects.requireNonNull(defaults)); + } + + public Builder condition(@Nullable Output condition) { + $.condition = condition; + return this; + } + + public Builder condition(EntryGroupIamBindingConditionArgs condition) { + return condition(Output.of(condition)); + } + + public Builder entryGroupId(@Nullable Output entryGroupId) { + $.entryGroupId = entryGroupId; + return this; + } + + public Builder entryGroupId(String entryGroupId) { + return entryGroupId(Output.of(entryGroupId)); + } + + /** + * @param etag (Computed) The etag of the IAM policy. + * + * @return builder + * + */ + public Builder etag(@Nullable Output etag) { + $.etag = etag; + return this; + } + + /** + * @param etag (Computed) The etag of the IAM policy. + * + * @return builder + * + */ + public Builder etag(String etag) { + return etag(Output.of(etag)); + } + + /** + * @param location The location where entry group will be created in. + * Used to find the parent resource to bind the IAM policy to + * + * @return builder + * + */ + public Builder location(@Nullable Output location) { + $.location = location; + return this; + } + + /** + * @param location The location where entry group will be created in. + * Used to find the parent resource to bind the IAM policy to + * + * @return builder + * + */ + public Builder location(String location) { + return location(Output.of(location)); + } + + /** + * @param members Identities that will be granted the privilege in `role`. + * Each entry can have one of the following values: + * * **allUsers**: A special identifier that represents anyone who is on the internet; with or without a Google account. + * * **allAuthenticatedUsers**: A special identifier that represents anyone who is authenticated with a Google account or a service account. + * * **user:{emailid}**: An email address that represents a specific Google account. For example, alice{@literal @}gmail.com or joe{@literal @}example.com. + * * **serviceAccount:{emailid}**: An email address that represents a service account. For example, my-other-app{@literal @}appspot.gserviceaccount.com. + * * **group:{emailid}**: An email address that represents a Google group. For example, admins{@literal @}example.com. + * * **domain:{domain}**: A G Suite domain (primary, instead of alias) name that represents all the users of that domain. For example, google.com or example.com. + * * **projectOwner:projectid**: Owners of the given project. For example, "projectOwner:my-example-project" + * * **projectEditor:projectid**: Editors of the given project. For example, "projectEditor:my-example-project" + * * **projectViewer:projectid**: Viewers of the given project. For example, "projectViewer:my-example-project" + * + * @return builder + * + */ + public Builder members(@Nullable Output> members) { + $.members = members; + return this; + } + + /** + * @param members Identities that will be granted the privilege in `role`. + * Each entry can have one of the following values: + * * **allUsers**: A special identifier that represents anyone who is on the internet; with or without a Google account. + * * **allAuthenticatedUsers**: A special identifier that represents anyone who is authenticated with a Google account or a service account. + * * **user:{emailid}**: An email address that represents a specific Google account. For example, alice{@literal @}gmail.com or joe{@literal @}example.com. + * * **serviceAccount:{emailid}**: An email address that represents a service account. For example, my-other-app{@literal @}appspot.gserviceaccount.com. + * * **group:{emailid}**: An email address that represents a Google group. For example, admins{@literal @}example.com. + * * **domain:{domain}**: A G Suite domain (primary, instead of alias) name that represents all the users of that domain. For example, google.com or example.com. + * * **projectOwner:projectid**: Owners of the given project. For example, "projectOwner:my-example-project" + * * **projectEditor:projectid**: Editors of the given project. For example, "projectEditor:my-example-project" + * * **projectViewer:projectid**: Viewers of the given project. For example, "projectViewer:my-example-project" + * + * @return builder + * + */ + public Builder members(List members) { + return members(Output.of(members)); + } + + /** + * @param members Identities that will be granted the privilege in `role`. + * Each entry can have one of the following values: + * * **allUsers**: A special identifier that represents anyone who is on the internet; with or without a Google account. + * * **allAuthenticatedUsers**: A special identifier that represents anyone who is authenticated with a Google account or a service account. + * * **user:{emailid}**: An email address that represents a specific Google account. For example, alice{@literal @}gmail.com or joe{@literal @}example.com. + * * **serviceAccount:{emailid}**: An email address that represents a service account. For example, my-other-app{@literal @}appspot.gserviceaccount.com. + * * **group:{emailid}**: An email address that represents a Google group. For example, admins{@literal @}example.com. + * * **domain:{domain}**: A G Suite domain (primary, instead of alias) name that represents all the users of that domain. For example, google.com or example.com. + * * **projectOwner:projectid**: Owners of the given project. For example, "projectOwner:my-example-project" + * * **projectEditor:projectid**: Editors of the given project. For example, "projectEditor:my-example-project" + * * **projectViewer:projectid**: Viewers of the given project. For example, "projectViewer:my-example-project" + * + * @return builder + * + */ + public Builder members(String... members) { + return members(List.of(members)); + } + + /** + * @param project The ID of the project in which the resource belongs. + * If it is not provided, the project will be parsed from the identifier of the parent resource. If no project is provided in the parent identifier and no project is specified, the provider project is used. + * + * @return builder + * + */ + public Builder project(@Nullable Output project) { + $.project = project; + return this; + } + + /** + * @param project The ID of the project in which the resource belongs. + * If it is not provided, the project will be parsed from the identifier of the parent resource. If no project is provided in the parent identifier and no project is specified, the provider project is used. + * + * @return builder + * + */ + public Builder project(String project) { + return project(Output.of(project)); + } + + /** + * @param role The role that should be applied. Only one + * `gcp.dataplex.EntryGroupIamBinding` can be used per role. Note that custom roles must be of the format + * `[projects|organizations]/{parent-name}/roles/{role-name}`. + * + * @return builder + * + */ + public Builder role(@Nullable Output role) { + $.role = role; + return this; + } + + /** + * @param role The role that should be applied. Only one + * `gcp.dataplex.EntryGroupIamBinding` can be used per role. Note that custom roles must be of the format + * `[projects|organizations]/{parent-name}/roles/{role-name}`. + * + * @return builder + * + */ + public Builder role(String role) { + return role(Output.of(role)); + } + + public EntryGroupIamBindingState build() { + return $; + } + } + +} diff --git a/sdk/java/src/main/java/com/pulumi/gcp/dataplex/inputs/EntryGroupIamMemberConditionArgs.java b/sdk/java/src/main/java/com/pulumi/gcp/dataplex/inputs/EntryGroupIamMemberConditionArgs.java new file mode 100644 index 0000000000..51553cc137 --- /dev/null +++ b/sdk/java/src/main/java/com/pulumi/gcp/dataplex/inputs/EntryGroupIamMemberConditionArgs.java @@ -0,0 +1,104 @@ +// *** WARNING: this file was generated by pulumi-java-gen. *** +// *** Do not edit by hand unless you're certain you know what you are doing! *** + +package com.pulumi.gcp.dataplex.inputs; + +import com.pulumi.core.Output; +import com.pulumi.core.annotations.Import; +import com.pulumi.exceptions.MissingRequiredPropertyException; +import java.lang.String; +import java.util.Objects; +import java.util.Optional; +import javax.annotation.Nullable; + + +public final class EntryGroupIamMemberConditionArgs extends com.pulumi.resources.ResourceArgs { + + public static final EntryGroupIamMemberConditionArgs Empty = new EntryGroupIamMemberConditionArgs(); + + @Import(name="description") + private @Nullable Output description; + + public Optional> description() { + return Optional.ofNullable(this.description); + } + + @Import(name="expression", required=true) + private Output expression; + + public Output expression() { + return this.expression; + } + + @Import(name="title", required=true) + private Output title; + + public Output title() { + return this.title; + } + + private EntryGroupIamMemberConditionArgs() {} + + private EntryGroupIamMemberConditionArgs(EntryGroupIamMemberConditionArgs $) { + this.description = $.description; + this.expression = $.expression; + this.title = $.title; + } + + public static Builder builder() { + return new Builder(); + } + public static Builder builder(EntryGroupIamMemberConditionArgs defaults) { + return new Builder(defaults); + } + + public static final class Builder { + private EntryGroupIamMemberConditionArgs $; + + public Builder() { + $ = new EntryGroupIamMemberConditionArgs(); + } + + public Builder(EntryGroupIamMemberConditionArgs defaults) { + $ = new EntryGroupIamMemberConditionArgs(Objects.requireNonNull(defaults)); + } + + public Builder description(@Nullable Output description) { + $.description = description; + return this; + } + + public Builder description(String description) { + return description(Output.of(description)); + } + + public Builder expression(Output expression) { + $.expression = expression; + return this; + } + + public Builder expression(String expression) { + return expression(Output.of(expression)); + } + + public Builder title(Output title) { + $.title = title; + return this; + } + + public Builder title(String title) { + return title(Output.of(title)); + } + + public EntryGroupIamMemberConditionArgs build() { + if ($.expression == null) { + throw new MissingRequiredPropertyException("EntryGroupIamMemberConditionArgs", "expression"); + } + if ($.title == null) { + throw new MissingRequiredPropertyException("EntryGroupIamMemberConditionArgs", "title"); + } + return $; + } + } + +} diff --git a/sdk/java/src/main/java/com/pulumi/gcp/dataplex/inputs/EntryGroupIamMemberState.java b/sdk/java/src/main/java/com/pulumi/gcp/dataplex/inputs/EntryGroupIamMemberState.java new file mode 100644 index 0000000000..1944930d5c --- /dev/null +++ b/sdk/java/src/main/java/com/pulumi/gcp/dataplex/inputs/EntryGroupIamMemberState.java @@ -0,0 +1,322 @@ +// *** WARNING: this file was generated by pulumi-java-gen. *** +// *** Do not edit by hand unless you're certain you know what you are doing! *** + +package com.pulumi.gcp.dataplex.inputs; + +import com.pulumi.core.Output; +import com.pulumi.core.annotations.Import; +import com.pulumi.gcp.dataplex.inputs.EntryGroupIamMemberConditionArgs; +import java.lang.String; +import java.util.Objects; +import java.util.Optional; +import javax.annotation.Nullable; + + +public final class EntryGroupIamMemberState extends com.pulumi.resources.ResourceArgs { + + public static final EntryGroupIamMemberState Empty = new EntryGroupIamMemberState(); + + @Import(name="condition") + private @Nullable Output condition; + + public Optional> condition() { + return Optional.ofNullable(this.condition); + } + + @Import(name="entryGroupId") + private @Nullable Output entryGroupId; + + public Optional> entryGroupId() { + return Optional.ofNullable(this.entryGroupId); + } + + /** + * (Computed) The etag of the IAM policy. + * + */ + @Import(name="etag") + private @Nullable Output etag; + + /** + * @return (Computed) The etag of the IAM policy. + * + */ + public Optional> etag() { + return Optional.ofNullable(this.etag); + } + + /** + * The location where entry group will be created in. + * Used to find the parent resource to bind the IAM policy to + * + */ + @Import(name="location") + private @Nullable Output location; + + /** + * @return The location where entry group will be created in. + * Used to find the parent resource to bind the IAM policy to + * + */ + public Optional> location() { + return Optional.ofNullable(this.location); + } + + /** + * Identities that will be granted the privilege in `role`. + * Each entry can have one of the following values: + * * **allUsers**: A special identifier that represents anyone who is on the internet; with or without a Google account. + * * **allAuthenticatedUsers**: A special identifier that represents anyone who is authenticated with a Google account or a service account. + * * **user:{emailid}**: An email address that represents a specific Google account. For example, alice{@literal @}gmail.com or joe{@literal @}example.com. + * * **serviceAccount:{emailid}**: An email address that represents a service account. For example, my-other-app{@literal @}appspot.gserviceaccount.com. + * * **group:{emailid}**: An email address that represents a Google group. For example, admins{@literal @}example.com. + * * **domain:{domain}**: A G Suite domain (primary, instead of alias) name that represents all the users of that domain. For example, google.com or example.com. + * * **projectOwner:projectid**: Owners of the given project. For example, "projectOwner:my-example-project" + * * **projectEditor:projectid**: Editors of the given project. For example, "projectEditor:my-example-project" + * * **projectViewer:projectid**: Viewers of the given project. For example, "projectViewer:my-example-project" + * + */ + @Import(name="member") + private @Nullable Output member; + + /** + * @return Identities that will be granted the privilege in `role`. + * Each entry can have one of the following values: + * * **allUsers**: A special identifier that represents anyone who is on the internet; with or without a Google account. + * * **allAuthenticatedUsers**: A special identifier that represents anyone who is authenticated with a Google account or a service account. + * * **user:{emailid}**: An email address that represents a specific Google account. For example, alice{@literal @}gmail.com or joe{@literal @}example.com. + * * **serviceAccount:{emailid}**: An email address that represents a service account. For example, my-other-app{@literal @}appspot.gserviceaccount.com. + * * **group:{emailid}**: An email address that represents a Google group. For example, admins{@literal @}example.com. + * * **domain:{domain}**: A G Suite domain (primary, instead of alias) name that represents all the users of that domain. For example, google.com or example.com. + * * **projectOwner:projectid**: Owners of the given project. For example, "projectOwner:my-example-project" + * * **projectEditor:projectid**: Editors of the given project. For example, "projectEditor:my-example-project" + * * **projectViewer:projectid**: Viewers of the given project. For example, "projectViewer:my-example-project" + * + */ + public Optional> member() { + return Optional.ofNullable(this.member); + } + + /** + * The ID of the project in which the resource belongs. + * If it is not provided, the project will be parsed from the identifier of the parent resource. If no project is provided in the parent identifier and no project is specified, the provider project is used. + * + */ + @Import(name="project") + private @Nullable Output project; + + /** + * @return The ID of the project in which the resource belongs. + * If it is not provided, the project will be parsed from the identifier of the parent resource. If no project is provided in the parent identifier and no project is specified, the provider project is used. + * + */ + public Optional> project() { + return Optional.ofNullable(this.project); + } + + /** + * The role that should be applied. Only one + * `gcp.dataplex.EntryGroupIamBinding` can be used per role. Note that custom roles must be of the format + * `[projects|organizations]/{parent-name}/roles/{role-name}`. + * + */ + @Import(name="role") + private @Nullable Output role; + + /** + * @return The role that should be applied. Only one + * `gcp.dataplex.EntryGroupIamBinding` can be used per role. Note that custom roles must be of the format + * `[projects|organizations]/{parent-name}/roles/{role-name}`. + * + */ + public Optional> role() { + return Optional.ofNullable(this.role); + } + + private EntryGroupIamMemberState() {} + + private EntryGroupIamMemberState(EntryGroupIamMemberState $) { + this.condition = $.condition; + this.entryGroupId = $.entryGroupId; + this.etag = $.etag; + this.location = $.location; + this.member = $.member; + this.project = $.project; + this.role = $.role; + } + + public static Builder builder() { + return new Builder(); + } + public static Builder builder(EntryGroupIamMemberState defaults) { + return new Builder(defaults); + } + + public static final class Builder { + private EntryGroupIamMemberState $; + + public Builder() { + $ = new EntryGroupIamMemberState(); + } + + public Builder(EntryGroupIamMemberState defaults) { + $ = new EntryGroupIamMemberState(Objects.requireNonNull(defaults)); + } + + public Builder condition(@Nullable Output condition) { + $.condition = condition; + return this; + } + + public Builder condition(EntryGroupIamMemberConditionArgs condition) { + return condition(Output.of(condition)); + } + + public Builder entryGroupId(@Nullable Output entryGroupId) { + $.entryGroupId = entryGroupId; + return this; + } + + public Builder entryGroupId(String entryGroupId) { + return entryGroupId(Output.of(entryGroupId)); + } + + /** + * @param etag (Computed) The etag of the IAM policy. + * + * @return builder + * + */ + public Builder etag(@Nullable Output etag) { + $.etag = etag; + return this; + } + + /** + * @param etag (Computed) The etag of the IAM policy. + * + * @return builder + * + */ + public Builder etag(String etag) { + return etag(Output.of(etag)); + } + + /** + * @param location The location where entry group will be created in. + * Used to find the parent resource to bind the IAM policy to + * + * @return builder + * + */ + public Builder location(@Nullable Output location) { + $.location = location; + return this; + } + + /** + * @param location The location where entry group will be created in. + * Used to find the parent resource to bind the IAM policy to + * + * @return builder + * + */ + public Builder location(String location) { + return location(Output.of(location)); + } + + /** + * @param member Identities that will be granted the privilege in `role`. + * Each entry can have one of the following values: + * * **allUsers**: A special identifier that represents anyone who is on the internet; with or without a Google account. + * * **allAuthenticatedUsers**: A special identifier that represents anyone who is authenticated with a Google account or a service account. + * * **user:{emailid}**: An email address that represents a specific Google account. For example, alice{@literal @}gmail.com or joe{@literal @}example.com. + * * **serviceAccount:{emailid}**: An email address that represents a service account. For example, my-other-app{@literal @}appspot.gserviceaccount.com. + * * **group:{emailid}**: An email address that represents a Google group. For example, admins{@literal @}example.com. + * * **domain:{domain}**: A G Suite domain (primary, instead of alias) name that represents all the users of that domain. For example, google.com or example.com. + * * **projectOwner:projectid**: Owners of the given project. For example, "projectOwner:my-example-project" + * * **projectEditor:projectid**: Editors of the given project. For example, "projectEditor:my-example-project" + * * **projectViewer:projectid**: Viewers of the given project. For example, "projectViewer:my-example-project" + * + * @return builder + * + */ + public Builder member(@Nullable Output member) { + $.member = member; + return this; + } + + /** + * @param member Identities that will be granted the privilege in `role`. + * Each entry can have one of the following values: + * * **allUsers**: A special identifier that represents anyone who is on the internet; with or without a Google account. + * * **allAuthenticatedUsers**: A special identifier that represents anyone who is authenticated with a Google account or a service account. + * * **user:{emailid}**: An email address that represents a specific Google account. For example, alice{@literal @}gmail.com or joe{@literal @}example.com. + * * **serviceAccount:{emailid}**: An email address that represents a service account. For example, my-other-app{@literal @}appspot.gserviceaccount.com. + * * **group:{emailid}**: An email address that represents a Google group. For example, admins{@literal @}example.com. + * * **domain:{domain}**: A G Suite domain (primary, instead of alias) name that represents all the users of that domain. For example, google.com or example.com. + * * **projectOwner:projectid**: Owners of the given project. For example, "projectOwner:my-example-project" + * * **projectEditor:projectid**: Editors of the given project. For example, "projectEditor:my-example-project" + * * **projectViewer:projectid**: Viewers of the given project. For example, "projectViewer:my-example-project" + * + * @return builder + * + */ + public Builder member(String member) { + return member(Output.of(member)); + } + + /** + * @param project The ID of the project in which the resource belongs. + * If it is not provided, the project will be parsed from the identifier of the parent resource. If no project is provided in the parent identifier and no project is specified, the provider project is used. + * + * @return builder + * + */ + public Builder project(@Nullable Output project) { + $.project = project; + return this; + } + + /** + * @param project The ID of the project in which the resource belongs. + * If it is not provided, the project will be parsed from the identifier of the parent resource. If no project is provided in the parent identifier and no project is specified, the provider project is used. + * + * @return builder + * + */ + public Builder project(String project) { + return project(Output.of(project)); + } + + /** + * @param role The role that should be applied. Only one + * `gcp.dataplex.EntryGroupIamBinding` can be used per role. Note that custom roles must be of the format + * `[projects|organizations]/{parent-name}/roles/{role-name}`. + * + * @return builder + * + */ + public Builder role(@Nullable Output role) { + $.role = role; + return this; + } + + /** + * @param role The role that should be applied. Only one + * `gcp.dataplex.EntryGroupIamBinding` can be used per role. Note that custom roles must be of the format + * `[projects|organizations]/{parent-name}/roles/{role-name}`. + * + * @return builder + * + */ + public Builder role(String role) { + return role(Output.of(role)); + } + + public EntryGroupIamMemberState build() { + return $; + } + } + +} diff --git a/sdk/java/src/main/java/com/pulumi/gcp/dataplex/inputs/EntryGroupIamPolicyState.java b/sdk/java/src/main/java/com/pulumi/gcp/dataplex/inputs/EntryGroupIamPolicyState.java new file mode 100644 index 0000000000..aee79b911d --- /dev/null +++ b/sdk/java/src/main/java/com/pulumi/gcp/dataplex/inputs/EntryGroupIamPolicyState.java @@ -0,0 +1,223 @@ +// *** WARNING: this file was generated by pulumi-java-gen. *** +// *** Do not edit by hand unless you're certain you know what you are doing! *** + +package com.pulumi.gcp.dataplex.inputs; + +import com.pulumi.core.Output; +import com.pulumi.core.annotations.Import; +import java.lang.String; +import java.util.Objects; +import java.util.Optional; +import javax.annotation.Nullable; + + +public final class EntryGroupIamPolicyState extends com.pulumi.resources.ResourceArgs { + + public static final EntryGroupIamPolicyState Empty = new EntryGroupIamPolicyState(); + + @Import(name="entryGroupId") + private @Nullable Output entryGroupId; + + public Optional> entryGroupId() { + return Optional.ofNullable(this.entryGroupId); + } + + /** + * (Computed) The etag of the IAM policy. + * + */ + @Import(name="etag") + private @Nullable Output etag; + + /** + * @return (Computed) The etag of the IAM policy. + * + */ + public Optional> etag() { + return Optional.ofNullable(this.etag); + } + + /** + * The location where entry group will be created in. + * Used to find the parent resource to bind the IAM policy to + * + */ + @Import(name="location") + private @Nullable Output location; + + /** + * @return The location where entry group will be created in. + * Used to find the parent resource to bind the IAM policy to + * + */ + public Optional> location() { + return Optional.ofNullable(this.location); + } + + /** + * The policy data generated by + * a `gcp.organizations.getIAMPolicy` data source. + * + */ + @Import(name="policyData") + private @Nullable Output policyData; + + /** + * @return The policy data generated by + * a `gcp.organizations.getIAMPolicy` data source. + * + */ + public Optional> policyData() { + return Optional.ofNullable(this.policyData); + } + + /** + * The ID of the project in which the resource belongs. + * If it is not provided, the project will be parsed from the identifier of the parent resource. If no project is provided in the parent identifier and no project is specified, the provider project is used. + * + */ + @Import(name="project") + private @Nullable Output project; + + /** + * @return The ID of the project in which the resource belongs. + * If it is not provided, the project will be parsed from the identifier of the parent resource. If no project is provided in the parent identifier and no project is specified, the provider project is used. + * + */ + public Optional> project() { + return Optional.ofNullable(this.project); + } + + private EntryGroupIamPolicyState() {} + + private EntryGroupIamPolicyState(EntryGroupIamPolicyState $) { + this.entryGroupId = $.entryGroupId; + this.etag = $.etag; + this.location = $.location; + this.policyData = $.policyData; + this.project = $.project; + } + + public static Builder builder() { + return new Builder(); + } + public static Builder builder(EntryGroupIamPolicyState defaults) { + return new Builder(defaults); + } + + public static final class Builder { + private EntryGroupIamPolicyState $; + + public Builder() { + $ = new EntryGroupIamPolicyState(); + } + + public Builder(EntryGroupIamPolicyState defaults) { + $ = new EntryGroupIamPolicyState(Objects.requireNonNull(defaults)); + } + + public Builder entryGroupId(@Nullable Output entryGroupId) { + $.entryGroupId = entryGroupId; + return this; + } + + public Builder entryGroupId(String entryGroupId) { + return entryGroupId(Output.of(entryGroupId)); + } + + /** + * @param etag (Computed) The etag of the IAM policy. + * + * @return builder + * + */ + public Builder etag(@Nullable Output etag) { + $.etag = etag; + return this; + } + + /** + * @param etag (Computed) The etag of the IAM policy. + * + * @return builder + * + */ + public Builder etag(String etag) { + return etag(Output.of(etag)); + } + + /** + * @param location The location where entry group will be created in. + * Used to find the parent resource to bind the IAM policy to + * + * @return builder + * + */ + public Builder location(@Nullable Output location) { + $.location = location; + return this; + } + + /** + * @param location The location where entry group will be created in. + * Used to find the parent resource to bind the IAM policy to + * + * @return builder + * + */ + public Builder location(String location) { + return location(Output.of(location)); + } + + /** + * @param policyData The policy data generated by + * a `gcp.organizations.getIAMPolicy` data source. + * + * @return builder + * + */ + public Builder policyData(@Nullable Output policyData) { + $.policyData = policyData; + return this; + } + + /** + * @param policyData The policy data generated by + * a `gcp.organizations.getIAMPolicy` data source. + * + * @return builder + * + */ + public Builder policyData(String policyData) { + return policyData(Output.of(policyData)); + } + + /** + * @param project The ID of the project in which the resource belongs. + * If it is not provided, the project will be parsed from the identifier of the parent resource. If no project is provided in the parent identifier and no project is specified, the provider project is used. + * + * @return builder + * + */ + public Builder project(@Nullable Output project) { + $.project = project; + return this; + } + + /** + * @param project The ID of the project in which the resource belongs. + * If it is not provided, the project will be parsed from the identifier of the parent resource. If no project is provided in the parent identifier and no project is specified, the provider project is used. + * + * @return builder + * + */ + public Builder project(String project) { + return project(Output.of(project)); + } + + public EntryGroupIamPolicyState build() { + return $; + } + } + +} diff --git a/sdk/java/src/main/java/com/pulumi/gcp/dataplex/inputs/EntryGroupState.java b/sdk/java/src/main/java/com/pulumi/gcp/dataplex/inputs/EntryGroupState.java new file mode 100644 index 0000000000..ad729b991a --- /dev/null +++ b/sdk/java/src/main/java/com/pulumi/gcp/dataplex/inputs/EntryGroupState.java @@ -0,0 +1,552 @@ +// *** WARNING: this file was generated by pulumi-java-gen. *** +// *** Do not edit by hand unless you're certain you know what you are doing! *** + +package com.pulumi.gcp.dataplex.inputs; + +import com.pulumi.core.Output; +import com.pulumi.core.annotations.Import; +import java.lang.String; +import java.util.Map; +import java.util.Objects; +import java.util.Optional; +import javax.annotation.Nullable; + + +public final class EntryGroupState extends com.pulumi.resources.ResourceArgs { + + public static final EntryGroupState Empty = new EntryGroupState(); + + /** + * The time when the EntryGroup was created. + * + */ + @Import(name="createTime") + private @Nullable Output createTime; + + /** + * @return The time when the EntryGroup was created. + * + */ + public Optional> createTime() { + return Optional.ofNullable(this.createTime); + } + + /** + * Description of the EntryGroup. + * + */ + @Import(name="description") + private @Nullable Output description; + + /** + * @return Description of the EntryGroup. + * + */ + public Optional> description() { + return Optional.ofNullable(this.description); + } + + /** + * User friendly display name. + * + */ + @Import(name="displayName") + private @Nullable Output displayName; + + /** + * @return User friendly display name. + * + */ + public Optional> displayName() { + return Optional.ofNullable(this.displayName); + } + + /** + * All of labels (key/value pairs) present on the resource in GCP, including the labels configured through Pulumi, other clients and services. + * + */ + @Import(name="effectiveLabels") + private @Nullable Output> effectiveLabels; + + /** + * @return All of labels (key/value pairs) present on the resource in GCP, including the labels configured through Pulumi, other clients and services. + * + */ + public Optional>> effectiveLabels() { + return Optional.ofNullable(this.effectiveLabels); + } + + /** + * The entry group id of the entry group. + * + */ + @Import(name="entryGroupId") + private @Nullable Output entryGroupId; + + /** + * @return The entry group id of the entry group. + * + */ + public Optional> entryGroupId() { + return Optional.ofNullable(this.entryGroupId); + } + + /** + * User-defined labels for the EntryGroup. + * + * **Note**: This field is non-authoritative, and will only manage the labels present in your configuration. + * Please refer to the field `effective_labels` for all of the labels present on the resource. + * + */ + @Import(name="labels") + private @Nullable Output> labels; + + /** + * @return User-defined labels for the EntryGroup. + * + * **Note**: This field is non-authoritative, and will only manage the labels present in your configuration. + * Please refer to the field `effective_labels` for all of the labels present on the resource. + * + */ + public Optional>> labels() { + return Optional.ofNullable(this.labels); + } + + /** + * The location where entry group will be created in. + * + */ + @Import(name="location") + private @Nullable Output location; + + /** + * @return The location where entry group will be created in. + * + */ + public Optional> location() { + return Optional.ofNullable(this.location); + } + + /** + * The relative resource name of the EntryGroup, of the form: projects/{project_number}/locations/{location_id}/entryGroups/{entry_group_id} + * + */ + @Import(name="name") + private @Nullable Output name; + + /** + * @return The relative resource name of the EntryGroup, of the form: projects/{project_number}/locations/{location_id}/entryGroups/{entry_group_id} + * + */ + public Optional> name() { + return Optional.ofNullable(this.name); + } + + /** + * The ID of the project in which the resource belongs. + * If it is not provided, the provider project is used. + * + */ + @Import(name="project") + private @Nullable Output project; + + /** + * @return The ID of the project in which the resource belongs. + * If it is not provided, the provider project is used. + * + */ + public Optional> project() { + return Optional.ofNullable(this.project); + } + + /** + * The combination of labels configured directly on the resource + * and default labels configured on the provider. + * + */ + @Import(name="pulumiLabels") + private @Nullable Output> pulumiLabels; + + /** + * @return The combination of labels configured directly on the resource + * and default labels configured on the provider. + * + */ + public Optional>> pulumiLabels() { + return Optional.ofNullable(this.pulumiLabels); + } + + /** + * Denotes the transfer status of the Entry Group. It is unspecified + * for Entry Group created from Dataplex API. + * + */ + @Import(name="transferStatus") + private @Nullable Output transferStatus; + + /** + * @return Denotes the transfer status of the Entry Group. It is unspecified + * for Entry Group created from Dataplex API. + * + */ + public Optional> transferStatus() { + return Optional.ofNullable(this.transferStatus); + } + + /** + * System generated globally unique ID for the EntryGroup. This ID will be different if the EntryGroup is deleted and re-created with the same name. + * + */ + @Import(name="uid") + private @Nullable Output uid; + + /** + * @return System generated globally unique ID for the EntryGroup. This ID will be different if the EntryGroup is deleted and re-created with the same name. + * + */ + public Optional> uid() { + return Optional.ofNullable(this.uid); + } + + /** + * The time when the EntryGroup was last updated. + * + */ + @Import(name="updateTime") + private @Nullable Output updateTime; + + /** + * @return The time when the EntryGroup was last updated. + * + */ + public Optional> updateTime() { + return Optional.ofNullable(this.updateTime); + } + + private EntryGroupState() {} + + private EntryGroupState(EntryGroupState $) { + this.createTime = $.createTime; + this.description = $.description; + this.displayName = $.displayName; + this.effectiveLabels = $.effectiveLabels; + this.entryGroupId = $.entryGroupId; + this.labels = $.labels; + this.location = $.location; + this.name = $.name; + this.project = $.project; + this.pulumiLabels = $.pulumiLabels; + this.transferStatus = $.transferStatus; + this.uid = $.uid; + this.updateTime = $.updateTime; + } + + public static Builder builder() { + return new Builder(); + } + public static Builder builder(EntryGroupState defaults) { + return new Builder(defaults); + } + + public static final class Builder { + private EntryGroupState $; + + public Builder() { + $ = new EntryGroupState(); + } + + public Builder(EntryGroupState defaults) { + $ = new EntryGroupState(Objects.requireNonNull(defaults)); + } + + /** + * @param createTime The time when the EntryGroup was created. + * + * @return builder + * + */ + public Builder createTime(@Nullable Output createTime) { + $.createTime = createTime; + return this; + } + + /** + * @param createTime The time when the EntryGroup was created. + * + * @return builder + * + */ + public Builder createTime(String createTime) { + return createTime(Output.of(createTime)); + } + + /** + * @param description Description of the EntryGroup. + * + * @return builder + * + */ + public Builder description(@Nullable Output description) { + $.description = description; + return this; + } + + /** + * @param description Description of the EntryGroup. + * + * @return builder + * + */ + public Builder description(String description) { + return description(Output.of(description)); + } + + /** + * @param displayName User friendly display name. + * + * @return builder + * + */ + public Builder displayName(@Nullable Output displayName) { + $.displayName = displayName; + return this; + } + + /** + * @param displayName User friendly display name. + * + * @return builder + * + */ + public Builder displayName(String displayName) { + return displayName(Output.of(displayName)); + } + + /** + * @param effectiveLabels All of labels (key/value pairs) present on the resource in GCP, including the labels configured through Pulumi, other clients and services. + * + * @return builder + * + */ + public Builder effectiveLabels(@Nullable Output> effectiveLabels) { + $.effectiveLabels = effectiveLabels; + return this; + } + + /** + * @param effectiveLabels All of labels (key/value pairs) present on the resource in GCP, including the labels configured through Pulumi, other clients and services. + * + * @return builder + * + */ + public Builder effectiveLabels(Map effectiveLabels) { + return effectiveLabels(Output.of(effectiveLabels)); + } + + /** + * @param entryGroupId The entry group id of the entry group. + * + * @return builder + * + */ + public Builder entryGroupId(@Nullable Output entryGroupId) { + $.entryGroupId = entryGroupId; + return this; + } + + /** + * @param entryGroupId The entry group id of the entry group. + * + * @return builder + * + */ + public Builder entryGroupId(String entryGroupId) { + return entryGroupId(Output.of(entryGroupId)); + } + + /** + * @param labels User-defined labels for the EntryGroup. + * + * **Note**: This field is non-authoritative, and will only manage the labels present in your configuration. + * Please refer to the field `effective_labels` for all of the labels present on the resource. + * + * @return builder + * + */ + public Builder labels(@Nullable Output> labels) { + $.labels = labels; + return this; + } + + /** + * @param labels User-defined labels for the EntryGroup. + * + * **Note**: This field is non-authoritative, and will only manage the labels present in your configuration. + * Please refer to the field `effective_labels` for all of the labels present on the resource. + * + * @return builder + * + */ + public Builder labels(Map labels) { + return labels(Output.of(labels)); + } + + /** + * @param location The location where entry group will be created in. + * + * @return builder + * + */ + public Builder location(@Nullable Output location) { + $.location = location; + return this; + } + + /** + * @param location The location where entry group will be created in. + * + * @return builder + * + */ + public Builder location(String location) { + return location(Output.of(location)); + } + + /** + * @param name The relative resource name of the EntryGroup, of the form: projects/{project_number}/locations/{location_id}/entryGroups/{entry_group_id} + * + * @return builder + * + */ + public Builder name(@Nullable Output name) { + $.name = name; + return this; + } + + /** + * @param name The relative resource name of the EntryGroup, of the form: projects/{project_number}/locations/{location_id}/entryGroups/{entry_group_id} + * + * @return builder + * + */ + public Builder name(String name) { + return name(Output.of(name)); + } + + /** + * @param project The ID of the project in which the resource belongs. + * If it is not provided, the provider project is used. + * + * @return builder + * + */ + public Builder project(@Nullable Output project) { + $.project = project; + return this; + } + + /** + * @param project The ID of the project in which the resource belongs. + * If it is not provided, the provider project is used. + * + * @return builder + * + */ + public Builder project(String project) { + return project(Output.of(project)); + } + + /** + * @param pulumiLabels The combination of labels configured directly on the resource + * and default labels configured on the provider. + * + * @return builder + * + */ + public Builder pulumiLabels(@Nullable Output> pulumiLabels) { + $.pulumiLabels = pulumiLabels; + return this; + } + + /** + * @param pulumiLabels The combination of labels configured directly on the resource + * and default labels configured on the provider. + * + * @return builder + * + */ + public Builder pulumiLabels(Map pulumiLabels) { + return pulumiLabels(Output.of(pulumiLabels)); + } + + /** + * @param transferStatus Denotes the transfer status of the Entry Group. It is unspecified + * for Entry Group created from Dataplex API. + * + * @return builder + * + */ + public Builder transferStatus(@Nullable Output transferStatus) { + $.transferStatus = transferStatus; + return this; + } + + /** + * @param transferStatus Denotes the transfer status of the Entry Group. It is unspecified + * for Entry Group created from Dataplex API. + * + * @return builder + * + */ + public Builder transferStatus(String transferStatus) { + return transferStatus(Output.of(transferStatus)); + } + + /** + * @param uid System generated globally unique ID for the EntryGroup. This ID will be different if the EntryGroup is deleted and re-created with the same name. + * + * @return builder + * + */ + public Builder uid(@Nullable Output uid) { + $.uid = uid; + return this; + } + + /** + * @param uid System generated globally unique ID for the EntryGroup. This ID will be different if the EntryGroup is deleted and re-created with the same name. + * + * @return builder + * + */ + public Builder uid(String uid) { + return uid(Output.of(uid)); + } + + /** + * @param updateTime The time when the EntryGroup was last updated. + * + * @return builder + * + */ + public Builder updateTime(@Nullable Output updateTime) { + $.updateTime = updateTime; + return this; + } + + /** + * @param updateTime The time when the EntryGroup was last updated. + * + * @return builder + * + */ + public Builder updateTime(String updateTime) { + return updateTime(Output.of(updateTime)); + } + + public EntryGroupState build() { + return $; + } + } + +} diff --git a/sdk/java/src/main/java/com/pulumi/gcp/dataplex/inputs/GetAspectTypeIamPolicyArgs.java b/sdk/java/src/main/java/com/pulumi/gcp/dataplex/inputs/GetAspectTypeIamPolicyArgs.java new file mode 100644 index 0000000000..1190978059 --- /dev/null +++ b/sdk/java/src/main/java/com/pulumi/gcp/dataplex/inputs/GetAspectTypeIamPolicyArgs.java @@ -0,0 +1,149 @@ +// *** WARNING: this file was generated by pulumi-java-gen. *** +// *** Do not edit by hand unless you're certain you know what you are doing! *** + +package com.pulumi.gcp.dataplex.inputs; + +import com.pulumi.core.Output; +import com.pulumi.core.annotations.Import; +import com.pulumi.exceptions.MissingRequiredPropertyException; +import java.lang.String; +import java.util.Objects; +import java.util.Optional; +import javax.annotation.Nullable; + + +public final class GetAspectTypeIamPolicyArgs extends com.pulumi.resources.InvokeArgs { + + public static final GetAspectTypeIamPolicyArgs Empty = new GetAspectTypeIamPolicyArgs(); + + @Import(name="aspectTypeId", required=true) + private Output aspectTypeId; + + public Output aspectTypeId() { + return this.aspectTypeId; + } + + /** + * The location where aspect type will be created in. + * Used to find the parent resource to bind the IAM policy to + * + */ + @Import(name="location") + private @Nullable Output location; + + /** + * @return The location where aspect type will be created in. + * Used to find the parent resource to bind the IAM policy to + * + */ + public Optional> location() { + return Optional.ofNullable(this.location); + } + + /** + * The ID of the project in which the resource belongs. + * If it is not provided, the project will be parsed from the identifier of the parent resource. If no project is provided in the parent identifier and no project is specified, the provider project is used. + * + */ + @Import(name="project") + private @Nullable Output project; + + /** + * @return The ID of the project in which the resource belongs. + * If it is not provided, the project will be parsed from the identifier of the parent resource. If no project is provided in the parent identifier and no project is specified, the provider project is used. + * + */ + public Optional> project() { + return Optional.ofNullable(this.project); + } + + private GetAspectTypeIamPolicyArgs() {} + + private GetAspectTypeIamPolicyArgs(GetAspectTypeIamPolicyArgs $) { + this.aspectTypeId = $.aspectTypeId; + this.location = $.location; + this.project = $.project; + } + + public static Builder builder() { + return new Builder(); + } + public static Builder builder(GetAspectTypeIamPolicyArgs defaults) { + return new Builder(defaults); + } + + public static final class Builder { + private GetAspectTypeIamPolicyArgs $; + + public Builder() { + $ = new GetAspectTypeIamPolicyArgs(); + } + + public Builder(GetAspectTypeIamPolicyArgs defaults) { + $ = new GetAspectTypeIamPolicyArgs(Objects.requireNonNull(defaults)); + } + + public Builder aspectTypeId(Output aspectTypeId) { + $.aspectTypeId = aspectTypeId; + return this; + } + + public Builder aspectTypeId(String aspectTypeId) { + return aspectTypeId(Output.of(aspectTypeId)); + } + + /** + * @param location The location where aspect type will be created in. + * Used to find the parent resource to bind the IAM policy to + * + * @return builder + * + */ + public Builder location(@Nullable Output location) { + $.location = location; + return this; + } + + /** + * @param location The location where aspect type will be created in. + * Used to find the parent resource to bind the IAM policy to + * + * @return builder + * + */ + public Builder location(String location) { + return location(Output.of(location)); + } + + /** + * @param project The ID of the project in which the resource belongs. + * If it is not provided, the project will be parsed from the identifier of the parent resource. If no project is provided in the parent identifier and no project is specified, the provider project is used. + * + * @return builder + * + */ + public Builder project(@Nullable Output project) { + $.project = project; + return this; + } + + /** + * @param project The ID of the project in which the resource belongs. + * If it is not provided, the project will be parsed from the identifier of the parent resource. If no project is provided in the parent identifier and no project is specified, the provider project is used. + * + * @return builder + * + */ + public Builder project(String project) { + return project(Output.of(project)); + } + + public GetAspectTypeIamPolicyArgs build() { + if ($.aspectTypeId == null) { + throw new MissingRequiredPropertyException("GetAspectTypeIamPolicyArgs", "aspectTypeId"); + } + return $; + } + } + +} diff --git a/sdk/java/src/main/java/com/pulumi/gcp/dataplex/inputs/GetAspectTypeIamPolicyPlainArgs.java b/sdk/java/src/main/java/com/pulumi/gcp/dataplex/inputs/GetAspectTypeIamPolicyPlainArgs.java new file mode 100644 index 0000000000..74f35bdf1b --- /dev/null +++ b/sdk/java/src/main/java/com/pulumi/gcp/dataplex/inputs/GetAspectTypeIamPolicyPlainArgs.java @@ -0,0 +1,122 @@ +// *** WARNING: this file was generated by pulumi-java-gen. *** +// *** Do not edit by hand unless you're certain you know what you are doing! *** + +package com.pulumi.gcp.dataplex.inputs; + +import com.pulumi.core.annotations.Import; +import com.pulumi.exceptions.MissingRequiredPropertyException; +import java.lang.String; +import java.util.Objects; +import java.util.Optional; +import javax.annotation.Nullable; + + +public final class GetAspectTypeIamPolicyPlainArgs extends com.pulumi.resources.InvokeArgs { + + public static final GetAspectTypeIamPolicyPlainArgs Empty = new GetAspectTypeIamPolicyPlainArgs(); + + @Import(name="aspectTypeId", required=true) + private String aspectTypeId; + + public String aspectTypeId() { + return this.aspectTypeId; + } + + /** + * The location where aspect type will be created in. + * Used to find the parent resource to bind the IAM policy to + * + */ + @Import(name="location") + private @Nullable String location; + + /** + * @return The location where aspect type will be created in. + * Used to find the parent resource to bind the IAM policy to + * + */ + public Optional location() { + return Optional.ofNullable(this.location); + } + + /** + * The ID of the project in which the resource belongs. + * If it is not provided, the project will be parsed from the identifier of the parent resource. If no project is provided in the parent identifier and no project is specified, the provider project is used. + * + */ + @Import(name="project") + private @Nullable String project; + + /** + * @return The ID of the project in which the resource belongs. + * If it is not provided, the project will be parsed from the identifier of the parent resource. If no project is provided in the parent identifier and no project is specified, the provider project is used. + * + */ + public Optional project() { + return Optional.ofNullable(this.project); + } + + private GetAspectTypeIamPolicyPlainArgs() {} + + private GetAspectTypeIamPolicyPlainArgs(GetAspectTypeIamPolicyPlainArgs $) { + this.aspectTypeId = $.aspectTypeId; + this.location = $.location; + this.project = $.project; + } + + public static Builder builder() { + return new Builder(); + } + public static Builder builder(GetAspectTypeIamPolicyPlainArgs defaults) { + return new Builder(defaults); + } + + public static final class Builder { + private GetAspectTypeIamPolicyPlainArgs $; + + public Builder() { + $ = new GetAspectTypeIamPolicyPlainArgs(); + } + + public Builder(GetAspectTypeIamPolicyPlainArgs defaults) { + $ = new GetAspectTypeIamPolicyPlainArgs(Objects.requireNonNull(defaults)); + } + + public Builder aspectTypeId(String aspectTypeId) { + $.aspectTypeId = aspectTypeId; + return this; + } + + /** + * @param location The location where aspect type will be created in. + * Used to find the parent resource to bind the IAM policy to + * + * @return builder + * + */ + public Builder location(@Nullable String location) { + $.location = location; + return this; + } + + /** + * @param project The ID of the project in which the resource belongs. + * If it is not provided, the project will be parsed from the identifier of the parent resource. If no project is provided in the parent identifier and no project is specified, the provider project is used. + * + * @return builder + * + */ + public Builder project(@Nullable String project) { + $.project = project; + return this; + } + + public GetAspectTypeIamPolicyPlainArgs build() { + if ($.aspectTypeId == null) { + throw new MissingRequiredPropertyException("GetAspectTypeIamPolicyPlainArgs", "aspectTypeId"); + } + return $; + } + } + +} diff --git a/sdk/java/src/main/java/com/pulumi/gcp/dataplex/inputs/GetEntryGroupIamPolicyArgs.java b/sdk/java/src/main/java/com/pulumi/gcp/dataplex/inputs/GetEntryGroupIamPolicyArgs.java new file mode 100644 index 0000000000..ea4fc2a86f --- /dev/null +++ b/sdk/java/src/main/java/com/pulumi/gcp/dataplex/inputs/GetEntryGroupIamPolicyArgs.java @@ -0,0 +1,149 @@ +// *** WARNING: this file was generated by pulumi-java-gen. *** +// *** Do not edit by hand unless you're certain you know what you are doing! *** + +package com.pulumi.gcp.dataplex.inputs; + +import com.pulumi.core.Output; +import com.pulumi.core.annotations.Import; +import com.pulumi.exceptions.MissingRequiredPropertyException; +import java.lang.String; +import java.util.Objects; +import java.util.Optional; +import javax.annotation.Nullable; + + +public final class GetEntryGroupIamPolicyArgs extends com.pulumi.resources.InvokeArgs { + + public static final GetEntryGroupIamPolicyArgs Empty = new GetEntryGroupIamPolicyArgs(); + + @Import(name="entryGroupId", required=true) + private Output entryGroupId; + + public Output entryGroupId() { + return this.entryGroupId; + } + + /** + * The location where entry group will be created in. + * Used to find the parent resource to bind the IAM policy to + * + */ + @Import(name="location") + private @Nullable Output location; + + /** + * @return The location where entry group will be created in. + * Used to find the parent resource to bind the IAM policy to + * + */ + public Optional> location() { + return Optional.ofNullable(this.location); + } + + /** + * The ID of the project in which the resource belongs. + * If it is not provided, the project will be parsed from the identifier of the parent resource. If no project is provided in the parent identifier and no project is specified, the provider project is used. + * + */ + @Import(name="project") + private @Nullable Output project; + + /** + * @return The ID of the project in which the resource belongs. + * If it is not provided, the project will be parsed from the identifier of the parent resource. If no project is provided in the parent identifier and no project is specified, the provider project is used. + * + */ + public Optional> project() { + return Optional.ofNullable(this.project); + } + + private GetEntryGroupIamPolicyArgs() {} + + private GetEntryGroupIamPolicyArgs(GetEntryGroupIamPolicyArgs $) { + this.entryGroupId = $.entryGroupId; + this.location = $.location; + this.project = $.project; + } + + public static Builder builder() { + return new Builder(); + } + public static Builder builder(GetEntryGroupIamPolicyArgs defaults) { + return new Builder(defaults); + } + + public static final class Builder { + private GetEntryGroupIamPolicyArgs $; + + public Builder() { + $ = new GetEntryGroupIamPolicyArgs(); + } + + public Builder(GetEntryGroupIamPolicyArgs defaults) { + $ = new GetEntryGroupIamPolicyArgs(Objects.requireNonNull(defaults)); + } + + public Builder entryGroupId(Output entryGroupId) { + $.entryGroupId = entryGroupId; + return this; + } + + public Builder entryGroupId(String entryGroupId) { + return entryGroupId(Output.of(entryGroupId)); + } + + /** + * @param location The location where entry group will be created in. + * Used to find the parent resource to bind the IAM policy to + * + * @return builder + * + */ + public Builder location(@Nullable Output location) { + $.location = location; + return this; + } + + /** + * @param location The location where entry group will be created in. + * Used to find the parent resource to bind the IAM policy to + * + * @return builder + * + */ + public Builder location(String location) { + return location(Output.of(location)); + } + + /** + * @param project The ID of the project in which the resource belongs. + * If it is not provided, the project will be parsed from the identifier of the parent resource. If no project is provided in the parent identifier and no project is specified, the provider project is used. + * + * @return builder + * + */ + public Builder project(@Nullable Output project) { + $.project = project; + return this; + } + + /** + * @param project The ID of the project in which the resource belongs. + * If it is not provided, the project will be parsed from the identifier of the parent resource. If no project is provided in the parent identifier and no project is specified, the provider project is used. + * + * @return builder + * + */ + public Builder project(String project) { + return project(Output.of(project)); + } + + public GetEntryGroupIamPolicyArgs build() { + if ($.entryGroupId == null) { + throw new MissingRequiredPropertyException("GetEntryGroupIamPolicyArgs", "entryGroupId"); + } + return $; + } + } + +} diff --git a/sdk/java/src/main/java/com/pulumi/gcp/dataplex/inputs/GetEntryGroupIamPolicyPlainArgs.java b/sdk/java/src/main/java/com/pulumi/gcp/dataplex/inputs/GetEntryGroupIamPolicyPlainArgs.java new file mode 100644 index 0000000000..60eb602087 --- /dev/null +++ b/sdk/java/src/main/java/com/pulumi/gcp/dataplex/inputs/GetEntryGroupIamPolicyPlainArgs.java @@ -0,0 +1,122 @@ +// *** WARNING: this file was generated by pulumi-java-gen. *** +// *** Do not edit by hand unless you're certain you know what you are doing! *** + +package com.pulumi.gcp.dataplex.inputs; + +import com.pulumi.core.annotations.Import; +import com.pulumi.exceptions.MissingRequiredPropertyException; +import java.lang.String; +import java.util.Objects; +import java.util.Optional; +import javax.annotation.Nullable; + + +public final class GetEntryGroupIamPolicyPlainArgs extends com.pulumi.resources.InvokeArgs { + + public static final GetEntryGroupIamPolicyPlainArgs Empty = new GetEntryGroupIamPolicyPlainArgs(); + + @Import(name="entryGroupId", required=true) + private String entryGroupId; + + public String entryGroupId() { + return this.entryGroupId; + } + + /** + * The location where entry group will be created in. + * Used to find the parent resource to bind the IAM policy to + * + */ + @Import(name="location") + private @Nullable String location; + + /** + * @return The location where entry group will be created in. + * Used to find the parent resource to bind the IAM policy to + * + */ + public Optional location() { + return Optional.ofNullable(this.location); + } + + /** + * The ID of the project in which the resource belongs. + * If it is not provided, the project will be parsed from the identifier of the parent resource. If no project is provided in the parent identifier and no project is specified, the provider project is used. + * + */ + @Import(name="project") + private @Nullable String project; + + /** + * @return The ID of the project in which the resource belongs. + * If it is not provided, the project will be parsed from the identifier of the parent resource. If no project is provided in the parent identifier and no project is specified, the provider project is used. + * + */ + public Optional project() { + return Optional.ofNullable(this.project); + } + + private GetEntryGroupIamPolicyPlainArgs() {} + + private GetEntryGroupIamPolicyPlainArgs(GetEntryGroupIamPolicyPlainArgs $) { + this.entryGroupId = $.entryGroupId; + this.location = $.location; + this.project = $.project; + } + + public static Builder builder() { + return new Builder(); + } + public static Builder builder(GetEntryGroupIamPolicyPlainArgs defaults) { + return new Builder(defaults); + } + + public static final class Builder { + private GetEntryGroupIamPolicyPlainArgs $; + + public Builder() { + $ = new GetEntryGroupIamPolicyPlainArgs(); + } + + public Builder(GetEntryGroupIamPolicyPlainArgs defaults) { + $ = new GetEntryGroupIamPolicyPlainArgs(Objects.requireNonNull(defaults)); + } + + public Builder entryGroupId(String entryGroupId) { + $.entryGroupId = entryGroupId; + return this; + } + + /** + * @param location The location where entry group will be created in. + * Used to find the parent resource to bind the IAM policy to + * + * @return builder + * + */ + public Builder location(@Nullable String location) { + $.location = location; + return this; + } + + /** + * @param project The ID of the project in which the resource belongs. + * If it is not provided, the project will be parsed from the identifier of the parent resource. If no project is provided in the parent identifier and no project is specified, the provider project is used. + * + * @return builder + * + */ + public Builder project(@Nullable String project) { + $.project = project; + return this; + } + + public GetEntryGroupIamPolicyPlainArgs build() { + if ($.entryGroupId == null) { + throw new MissingRequiredPropertyException("GetEntryGroupIamPolicyPlainArgs", "entryGroupId"); + } + return $; + } + } + +} diff --git a/sdk/java/src/main/java/com/pulumi/gcp/dataplex/outputs/AspectTypeIamBindingCondition.java b/sdk/java/src/main/java/com/pulumi/gcp/dataplex/outputs/AspectTypeIamBindingCondition.java new file mode 100644 index 0000000000..01c75230fa --- /dev/null +++ b/sdk/java/src/main/java/com/pulumi/gcp/dataplex/outputs/AspectTypeIamBindingCondition.java @@ -0,0 +1,80 @@ +// *** WARNING: this file was generated by pulumi-java-gen. *** +// *** Do not edit by hand unless you're certain you know what you are doing! *** + +package com.pulumi.gcp.dataplex.outputs; + +import com.pulumi.core.annotations.CustomType; +import com.pulumi.exceptions.MissingRequiredPropertyException; +import java.lang.String; +import java.util.Objects; +import java.util.Optional; +import javax.annotation.Nullable; + +@CustomType +public final class AspectTypeIamBindingCondition { + private @Nullable String description; + private String expression; + private String title; + + private AspectTypeIamBindingCondition() {} + public Optional description() { + return Optional.ofNullable(this.description); + } + public String expression() { + return this.expression; + } + public String title() { + return this.title; + } + + public static Builder builder() { + return new Builder(); + } + + public static Builder builder(AspectTypeIamBindingCondition defaults) { + return new Builder(defaults); + } + @CustomType.Builder + public static final class Builder { + private @Nullable String description; + private String expression; + private String title; + public Builder() {} + public Builder(AspectTypeIamBindingCondition defaults) { + Objects.requireNonNull(defaults); + this.description = defaults.description; + this.expression = defaults.expression; + this.title = defaults.title; + } + + @CustomType.Setter + public Builder description(@Nullable String description) { + + this.description = description; + return this; + } + @CustomType.Setter + public Builder expression(String expression) { + if (expression == null) { + throw new MissingRequiredPropertyException("AspectTypeIamBindingCondition", "expression"); + } + this.expression = expression; + return this; + } + @CustomType.Setter + public Builder title(String title) { + if (title == null) { + throw new MissingRequiredPropertyException("AspectTypeIamBindingCondition", "title"); + } + this.title = title; + return this; + } + public AspectTypeIamBindingCondition build() { + final var _resultValue = new AspectTypeIamBindingCondition(); + _resultValue.description = description; + _resultValue.expression = expression; + _resultValue.title = title; + return _resultValue; + } + } +} diff --git a/sdk/java/src/main/java/com/pulumi/gcp/dataplex/outputs/AspectTypeIamMemberCondition.java b/sdk/java/src/main/java/com/pulumi/gcp/dataplex/outputs/AspectTypeIamMemberCondition.java new file mode 100644 index 0000000000..8fea71689c --- /dev/null +++ b/sdk/java/src/main/java/com/pulumi/gcp/dataplex/outputs/AspectTypeIamMemberCondition.java @@ -0,0 +1,80 @@ +// *** WARNING: this file was generated by pulumi-java-gen. *** +// *** Do not edit by hand unless you're certain you know what you are doing! *** + +package com.pulumi.gcp.dataplex.outputs; + +import com.pulumi.core.annotations.CustomType; +import com.pulumi.exceptions.MissingRequiredPropertyException; +import java.lang.String; +import java.util.Objects; +import java.util.Optional; +import javax.annotation.Nullable; + +@CustomType +public final class AspectTypeIamMemberCondition { + private @Nullable String description; + private String expression; + private String title; + + private AspectTypeIamMemberCondition() {} + public Optional description() { + return Optional.ofNullable(this.description); + } + public String expression() { + return this.expression; + } + public String title() { + return this.title; + } + + public static Builder builder() { + return new Builder(); + } + + public static Builder builder(AspectTypeIamMemberCondition defaults) { + return new Builder(defaults); + } + @CustomType.Builder + public static final class Builder { + private @Nullable String description; + private String expression; + private String title; + public Builder() {} + public Builder(AspectTypeIamMemberCondition defaults) { + Objects.requireNonNull(defaults); + this.description = defaults.description; + this.expression = defaults.expression; + this.title = defaults.title; + } + + @CustomType.Setter + public Builder description(@Nullable String description) { + + this.description = description; + return this; + } + @CustomType.Setter + public Builder expression(String expression) { + if (expression == null) { + throw new MissingRequiredPropertyException("AspectTypeIamMemberCondition", "expression"); + } + this.expression = expression; + return this; + } + @CustomType.Setter + public Builder title(String title) { + if (title == null) { + throw new MissingRequiredPropertyException("AspectTypeIamMemberCondition", "title"); + } + this.title = title; + return this; + } + public AspectTypeIamMemberCondition build() { + final var _resultValue = new AspectTypeIamMemberCondition(); + _resultValue.description = description; + _resultValue.expression = expression; + _resultValue.title = title; + return _resultValue; + } + } +} diff --git a/sdk/java/src/main/java/com/pulumi/gcp/dataplex/outputs/EntryGroupIamBindingCondition.java b/sdk/java/src/main/java/com/pulumi/gcp/dataplex/outputs/EntryGroupIamBindingCondition.java new file mode 100644 index 0000000000..c525ac03a8 --- /dev/null +++ b/sdk/java/src/main/java/com/pulumi/gcp/dataplex/outputs/EntryGroupIamBindingCondition.java @@ -0,0 +1,80 @@ +// *** WARNING: this file was generated by pulumi-java-gen. *** +// *** Do not edit by hand unless you're certain you know what you are doing! *** + +package com.pulumi.gcp.dataplex.outputs; + +import com.pulumi.core.annotations.CustomType; +import com.pulumi.exceptions.MissingRequiredPropertyException; +import java.lang.String; +import java.util.Objects; +import java.util.Optional; +import javax.annotation.Nullable; + +@CustomType +public final class EntryGroupIamBindingCondition { + private @Nullable String description; + private String expression; + private String title; + + private EntryGroupIamBindingCondition() {} + public Optional description() { + return Optional.ofNullable(this.description); + } + public String expression() { + return this.expression; + } + public String title() { + return this.title; + } + + public static Builder builder() { + return new Builder(); + } + + public static Builder builder(EntryGroupIamBindingCondition defaults) { + return new Builder(defaults); + } + @CustomType.Builder + public static final class Builder { + private @Nullable String description; + private String expression; + private String title; + public Builder() {} + public Builder(EntryGroupIamBindingCondition defaults) { + Objects.requireNonNull(defaults); + this.description = defaults.description; + this.expression = defaults.expression; + this.title = defaults.title; + } + + @CustomType.Setter + public Builder description(@Nullable String description) { + + this.description = description; + return this; + } + @CustomType.Setter + public Builder expression(String expression) { + if (expression == null) { + throw new MissingRequiredPropertyException("EntryGroupIamBindingCondition", "expression"); + } + this.expression = expression; + return this; + } + @CustomType.Setter + public Builder title(String title) { + if (title == null) { + throw new MissingRequiredPropertyException("EntryGroupIamBindingCondition", "title"); + } + this.title = title; + return this; + } + public EntryGroupIamBindingCondition build() { + final var _resultValue = new EntryGroupIamBindingCondition(); + _resultValue.description = description; + _resultValue.expression = expression; + _resultValue.title = title; + return _resultValue; + } + } +} diff --git a/sdk/java/src/main/java/com/pulumi/gcp/dataplex/outputs/EntryGroupIamMemberCondition.java b/sdk/java/src/main/java/com/pulumi/gcp/dataplex/outputs/EntryGroupIamMemberCondition.java new file mode 100644 index 0000000000..5882f81ae0 --- /dev/null +++ b/sdk/java/src/main/java/com/pulumi/gcp/dataplex/outputs/EntryGroupIamMemberCondition.java @@ -0,0 +1,80 @@ +// *** WARNING: this file was generated by pulumi-java-gen. *** +// *** Do not edit by hand unless you're certain you know what you are doing! *** + +package com.pulumi.gcp.dataplex.outputs; + +import com.pulumi.core.annotations.CustomType; +import com.pulumi.exceptions.MissingRequiredPropertyException; +import java.lang.String; +import java.util.Objects; +import java.util.Optional; +import javax.annotation.Nullable; + +@CustomType +public final class EntryGroupIamMemberCondition { + private @Nullable String description; + private String expression; + private String title; + + private EntryGroupIamMemberCondition() {} + public Optional description() { + return Optional.ofNullable(this.description); + } + public String expression() { + return this.expression; + } + public String title() { + return this.title; + } + + public static Builder builder() { + return new Builder(); + } + + public static Builder builder(EntryGroupIamMemberCondition defaults) { + return new Builder(defaults); + } + @CustomType.Builder + public static final class Builder { + private @Nullable String description; + private String expression; + private String title; + public Builder() {} + public Builder(EntryGroupIamMemberCondition defaults) { + Objects.requireNonNull(defaults); + this.description = defaults.description; + this.expression = defaults.expression; + this.title = defaults.title; + } + + @CustomType.Setter + public Builder description(@Nullable String description) { + + this.description = description; + return this; + } + @CustomType.Setter + public Builder expression(String expression) { + if (expression == null) { + throw new MissingRequiredPropertyException("EntryGroupIamMemberCondition", "expression"); + } + this.expression = expression; + return this; + } + @CustomType.Setter + public Builder title(String title) { + if (title == null) { + throw new MissingRequiredPropertyException("EntryGroupIamMemberCondition", "title"); + } + this.title = title; + return this; + } + public EntryGroupIamMemberCondition build() { + final var _resultValue = new EntryGroupIamMemberCondition(); + _resultValue.description = description; + _resultValue.expression = expression; + _resultValue.title = title; + return _resultValue; + } + } +} diff --git a/sdk/java/src/main/java/com/pulumi/gcp/dataplex/outputs/GetAspectTypeIamPolicyResult.java b/sdk/java/src/main/java/com/pulumi/gcp/dataplex/outputs/GetAspectTypeIamPolicyResult.java new file mode 100644 index 0000000000..e4660b463f --- /dev/null +++ b/sdk/java/src/main/java/com/pulumi/gcp/dataplex/outputs/GetAspectTypeIamPolicyResult.java @@ -0,0 +1,151 @@ +// *** WARNING: this file was generated by pulumi-java-gen. *** +// *** Do not edit by hand unless you're certain you know what you are doing! *** + +package com.pulumi.gcp.dataplex.outputs; + +import com.pulumi.core.annotations.CustomType; +import com.pulumi.exceptions.MissingRequiredPropertyException; +import java.lang.String; +import java.util.Objects; + +@CustomType +public final class GetAspectTypeIamPolicyResult { + private String aspectTypeId; + /** + * @return (Computed) The etag of the IAM policy. + * + */ + private String etag; + /** + * @return The provider-assigned unique ID for this managed resource. + * + */ + private String id; + private String location; + /** + * @return (Required only by `gcp.dataplex.AspectTypeIamPolicy`) The policy data generated by + * a `gcp.organizations.getIAMPolicy` data source. + * + */ + private String policyData; + private String project; + + private GetAspectTypeIamPolicyResult() {} + public String aspectTypeId() { + return this.aspectTypeId; + } + /** + * @return (Computed) The etag of the IAM policy. + * + */ + public String etag() { + return this.etag; + } + /** + * @return The provider-assigned unique ID for this managed resource. + * + */ + public String id() { + return this.id; + } + public String location() { + return this.location; + } + /** + * @return (Required only by `gcp.dataplex.AspectTypeIamPolicy`) The policy data generated by + * a `gcp.organizations.getIAMPolicy` data source. + * + */ + public String policyData() { + return this.policyData; + } + public String project() { + return this.project; + } + + public static Builder builder() { + return new Builder(); + } + + public static Builder builder(GetAspectTypeIamPolicyResult defaults) { + return new Builder(defaults); + } + @CustomType.Builder + public static final class Builder { + private String aspectTypeId; + private String etag; + private String id; + private String location; + private String policyData; + private String project; + public Builder() {} + public Builder(GetAspectTypeIamPolicyResult defaults) { + Objects.requireNonNull(defaults); + this.aspectTypeId = defaults.aspectTypeId; + this.etag = defaults.etag; + this.id = defaults.id; + this.location = defaults.location; + this.policyData = defaults.policyData; + this.project = defaults.project; + } + + @CustomType.Setter + public Builder aspectTypeId(String aspectTypeId) { + if (aspectTypeId == null) { + throw new MissingRequiredPropertyException("GetAspectTypeIamPolicyResult", "aspectTypeId"); + } + this.aspectTypeId = aspectTypeId; + return this; + } + @CustomType.Setter + public Builder etag(String etag) { + if (etag == null) { + throw new MissingRequiredPropertyException("GetAspectTypeIamPolicyResult", "etag"); + } + this.etag = etag; + return this; + } + @CustomType.Setter + public Builder id(String id) { + if (id == null) { + throw new MissingRequiredPropertyException("GetAspectTypeIamPolicyResult", "id"); + } + this.id = id; + return this; + } + @CustomType.Setter + public Builder location(String location) { + if (location == null) { + throw new MissingRequiredPropertyException("GetAspectTypeIamPolicyResult", "location"); + } + this.location = location; + return this; + } + @CustomType.Setter + public Builder policyData(String policyData) { + if (policyData == null) { + throw new MissingRequiredPropertyException("GetAspectTypeIamPolicyResult", "policyData"); + } + this.policyData = policyData; + return this; + } + @CustomType.Setter + public Builder project(String project) { + if (project == null) { + throw new MissingRequiredPropertyException("GetAspectTypeIamPolicyResult", "project"); + } + this.project = project; + return this; + } + public GetAspectTypeIamPolicyResult build() { + final var _resultValue = new GetAspectTypeIamPolicyResult(); + _resultValue.aspectTypeId = aspectTypeId; + _resultValue.etag = etag; + _resultValue.id = id; + _resultValue.location = location; + _resultValue.policyData = policyData; + _resultValue.project = project; + return _resultValue; + } + } +} diff --git a/sdk/java/src/main/java/com/pulumi/gcp/dataplex/outputs/GetEntryGroupIamPolicyResult.java b/sdk/java/src/main/java/com/pulumi/gcp/dataplex/outputs/GetEntryGroupIamPolicyResult.java new file mode 100644 index 0000000000..65602a42d9 --- /dev/null +++ b/sdk/java/src/main/java/com/pulumi/gcp/dataplex/outputs/GetEntryGroupIamPolicyResult.java @@ -0,0 +1,151 @@ +// *** WARNING: this file was generated by pulumi-java-gen. *** +// *** Do not edit by hand unless you're certain you know what you are doing! *** + +package com.pulumi.gcp.dataplex.outputs; + +import com.pulumi.core.annotations.CustomType; +import com.pulumi.exceptions.MissingRequiredPropertyException; +import java.lang.String; +import java.util.Objects; + +@CustomType +public final class GetEntryGroupIamPolicyResult { + private String entryGroupId; + /** + * @return (Computed) The etag of the IAM policy. + * + */ + private String etag; + /** + * @return The provider-assigned unique ID for this managed resource. + * + */ + private String id; + private String location; + /** + * @return (Required only by `gcp.dataplex.EntryGroupIamPolicy`) The policy data generated by + * a `gcp.organizations.getIAMPolicy` data source. + * + */ + private String policyData; + private String project; + + private GetEntryGroupIamPolicyResult() {} + public String entryGroupId() { + return this.entryGroupId; + } + /** + * @return (Computed) The etag of the IAM policy. + * + */ + public String etag() { + return this.etag; + } + /** + * @return The provider-assigned unique ID for this managed resource. + * + */ + public String id() { + return this.id; + } + public String location() { + return this.location; + } + /** + * @return (Required only by `gcp.dataplex.EntryGroupIamPolicy`) The policy data generated by + * a `gcp.organizations.getIAMPolicy` data source. + * + */ + public String policyData() { + return this.policyData; + } + public String project() { + return this.project; + } + + public static Builder builder() { + return new Builder(); + } + + public static Builder builder(GetEntryGroupIamPolicyResult defaults) { + return new Builder(defaults); + } + @CustomType.Builder + public static final class Builder { + private String entryGroupId; + private String etag; + private String id; + private String location; + private String policyData; + private String project; + public Builder() {} + public Builder(GetEntryGroupIamPolicyResult defaults) { + Objects.requireNonNull(defaults); + this.entryGroupId = defaults.entryGroupId; + this.etag = defaults.etag; + this.id = defaults.id; + this.location = defaults.location; + this.policyData = defaults.policyData; + this.project = defaults.project; + } + + @CustomType.Setter + public Builder entryGroupId(String entryGroupId) { + if (entryGroupId == null) { + throw new MissingRequiredPropertyException("GetEntryGroupIamPolicyResult", "entryGroupId"); + } + this.entryGroupId = entryGroupId; + return this; + } + @CustomType.Setter + public Builder etag(String etag) { + if (etag == null) { + throw new MissingRequiredPropertyException("GetEntryGroupIamPolicyResult", "etag"); + } + this.etag = etag; + return this; + } + @CustomType.Setter + public Builder id(String id) { + if (id == null) { + throw new MissingRequiredPropertyException("GetEntryGroupIamPolicyResult", "id"); + } + this.id = id; + return this; + } + @CustomType.Setter + public Builder location(String location) { + if (location == null) { + throw new MissingRequiredPropertyException("GetEntryGroupIamPolicyResult", "location"); + } + this.location = location; + return this; + } + @CustomType.Setter + public Builder policyData(String policyData) { + if (policyData == null) { + throw new MissingRequiredPropertyException("GetEntryGroupIamPolicyResult", "policyData"); + } + this.policyData = policyData; + return this; + } + @CustomType.Setter + public Builder project(String project) { + if (project == null) { + throw new MissingRequiredPropertyException("GetEntryGroupIamPolicyResult", "project"); + } + this.project = project; + return this; + } + public GetEntryGroupIamPolicyResult build() { + final var _resultValue = new GetEntryGroupIamPolicyResult(); + _resultValue.entryGroupId = entryGroupId; + _resultValue.etag = etag; + _resultValue.id = id; + _resultValue.location = location; + _resultValue.policyData = policyData; + _resultValue.project = project; + return _resultValue; + } + } +} diff --git a/sdk/java/src/main/java/com/pulumi/gcp/datastream/ConnectionProfile.java b/sdk/java/src/main/java/com/pulumi/gcp/datastream/ConnectionProfile.java index bec266170b..166b982eec 100644 --- a/sdk/java/src/main/java/com/pulumi/gcp/datastream/ConnectionProfile.java +++ b/sdk/java/src/main/java/com/pulumi/gcp/datastream/ConnectionProfile.java @@ -18,6 +18,7 @@ import com.pulumi.gcp.datastream.outputs.ConnectionProfilePostgresqlProfile; import com.pulumi.gcp.datastream.outputs.ConnectionProfilePrivateConnectivity; import com.pulumi.gcp.datastream.outputs.ConnectionProfileSqlServerProfile; +import java.lang.Boolean; import java.lang.String; import java.util.List; import java.util.Map; @@ -491,6 +492,20 @@ public Output> bigqueryProfile() { public Output connectionProfileId() { return this.connectionProfileId; } + /** + * Create the connection profile without validating it. + * + */ + @Export(name="createWithoutValidation", refs={Boolean.class}, tree="[0]") + private Output createWithoutValidation; + + /** + * @return Create the connection profile without validating it. + * + */ + public Output> createWithoutValidation() { + return Codegen.optional(this.createWithoutValidation); + } /** * Display name. * diff --git a/sdk/java/src/main/java/com/pulumi/gcp/datastream/ConnectionProfileArgs.java b/sdk/java/src/main/java/com/pulumi/gcp/datastream/ConnectionProfileArgs.java index ad6fadee70..963ca27ba5 100644 --- a/sdk/java/src/main/java/com/pulumi/gcp/datastream/ConnectionProfileArgs.java +++ b/sdk/java/src/main/java/com/pulumi/gcp/datastream/ConnectionProfileArgs.java @@ -14,6 +14,7 @@ import com.pulumi.gcp.datastream.inputs.ConnectionProfilePostgresqlProfileArgs; import com.pulumi.gcp.datastream.inputs.ConnectionProfilePrivateConnectivityArgs; import com.pulumi.gcp.datastream.inputs.ConnectionProfileSqlServerProfileArgs; +import java.lang.Boolean; import java.lang.String; import java.util.Map; import java.util.Objects; @@ -55,6 +56,21 @@ public Output connectionProfileId() { return this.connectionProfileId; } + /** + * Create the connection profile without validating it. + * + */ + @Import(name="createWithoutValidation") + private @Nullable Output createWithoutValidation; + + /** + * @return Create the connection profile without validating it. + * + */ + public Optional> createWithoutValidation() { + return Optional.ofNullable(this.createWithoutValidation); + } + /** * Display name. * @@ -249,6 +265,7 @@ private ConnectionProfileArgs() {} private ConnectionProfileArgs(ConnectionProfileArgs $) { this.bigqueryProfile = $.bigqueryProfile; this.connectionProfileId = $.connectionProfileId; + this.createWithoutValidation = $.createWithoutValidation; this.displayName = $.displayName; this.forwardSshConnectivity = $.forwardSshConnectivity; this.gcsProfile = $.gcsProfile; @@ -322,6 +339,27 @@ public Builder connectionProfileId(String connectionProfileId) { return connectionProfileId(Output.of(connectionProfileId)); } + /** + * @param createWithoutValidation Create the connection profile without validating it. + * + * @return builder + * + */ + public Builder createWithoutValidation(@Nullable Output createWithoutValidation) { + $.createWithoutValidation = createWithoutValidation; + return this; + } + + /** + * @param createWithoutValidation Create the connection profile without validating it. + * + * @return builder + * + */ + public Builder createWithoutValidation(Boolean createWithoutValidation) { + return createWithoutValidation(Output.of(createWithoutValidation)); + } + /** * @param displayName Display name. * diff --git a/sdk/java/src/main/java/com/pulumi/gcp/datastream/PrivateConnection.java b/sdk/java/src/main/java/com/pulumi/gcp/datastream/PrivateConnection.java index 6eb1e3afb8..fd57b00ff4 100644 --- a/sdk/java/src/main/java/com/pulumi/gcp/datastream/PrivateConnection.java +++ b/sdk/java/src/main/java/com/pulumi/gcp/datastream/PrivateConnection.java @@ -12,6 +12,7 @@ import com.pulumi.gcp.datastream.inputs.PrivateConnectionState; import com.pulumi.gcp.datastream.outputs.PrivateConnectionError; import com.pulumi.gcp.datastream.outputs.PrivateConnectionVpcPeeringConfig; +import java.lang.Boolean; import java.lang.String; import java.util.List; import java.util.Map; @@ -105,6 +106,20 @@ */ @ResourceType(type="gcp:datastream/privateConnection:PrivateConnection") public class PrivateConnection extends com.pulumi.resources.CustomResource { + /** + * If set to true, will skip validations. + * + */ + @Export(name="createWithoutValidation", refs={Boolean.class}, tree="[0]") + private Output createWithoutValidation; + + /** + * @return If set to true, will skip validations. + * + */ + public Output> createWithoutValidation() { + return Codegen.optional(this.createWithoutValidation); + } /** * Display name. * diff --git a/sdk/java/src/main/java/com/pulumi/gcp/datastream/PrivateConnectionArgs.java b/sdk/java/src/main/java/com/pulumi/gcp/datastream/PrivateConnectionArgs.java index 7a0b760317..a8a01f8b40 100644 --- a/sdk/java/src/main/java/com/pulumi/gcp/datastream/PrivateConnectionArgs.java +++ b/sdk/java/src/main/java/com/pulumi/gcp/datastream/PrivateConnectionArgs.java @@ -7,6 +7,7 @@ import com.pulumi.core.annotations.Import; import com.pulumi.exceptions.MissingRequiredPropertyException; import com.pulumi.gcp.datastream.inputs.PrivateConnectionVpcPeeringConfigArgs; +import java.lang.Boolean; import java.lang.String; import java.util.Map; import java.util.Objects; @@ -18,6 +19,21 @@ public final class PrivateConnectionArgs extends com.pulumi.resources.ResourceAr public static final PrivateConnectionArgs Empty = new PrivateConnectionArgs(); + /** + * If set to true, will skip validations. + * + */ + @Import(name="createWithoutValidation") + private @Nullable Output createWithoutValidation; + + /** + * @return If set to true, will skip validations. + * + */ + public Optional> createWithoutValidation() { + return Optional.ofNullable(this.createWithoutValidation); + } + /** * Display name. * @@ -109,6 +125,7 @@ public Output vpcPeeringConfig() { private PrivateConnectionArgs() {} private PrivateConnectionArgs(PrivateConnectionArgs $) { + this.createWithoutValidation = $.createWithoutValidation; this.displayName = $.displayName; this.labels = $.labels; this.location = $.location; @@ -135,6 +152,27 @@ public Builder(PrivateConnectionArgs defaults) { $ = new PrivateConnectionArgs(Objects.requireNonNull(defaults)); } + /** + * @param createWithoutValidation If set to true, will skip validations. + * + * @return builder + * + */ + public Builder createWithoutValidation(@Nullable Output createWithoutValidation) { + $.createWithoutValidation = createWithoutValidation; + return this; + } + + /** + * @param createWithoutValidation If set to true, will skip validations. + * + * @return builder + * + */ + public Builder createWithoutValidation(Boolean createWithoutValidation) { + return createWithoutValidation(Output.of(createWithoutValidation)); + } + /** * @param displayName Display name. * diff --git a/sdk/java/src/main/java/com/pulumi/gcp/datastream/Stream.java b/sdk/java/src/main/java/com/pulumi/gcp/datastream/Stream.java index f114ef19c2..c1bdd5500f 100644 --- a/sdk/java/src/main/java/com/pulumi/gcp/datastream/Stream.java +++ b/sdk/java/src/main/java/com/pulumi/gcp/datastream/Stream.java @@ -14,6 +14,7 @@ import com.pulumi.gcp.datastream.outputs.StreamBackfillNone; import com.pulumi.gcp.datastream.outputs.StreamDestinationConfig; import com.pulumi.gcp.datastream.outputs.StreamSourceConfig; +import java.lang.Boolean; import java.lang.String; import java.util.List; import java.util.Map; @@ -1037,6 +1038,20 @@ public Output> backfillAll() { public Output> backfillNone() { return Codegen.optional(this.backfillNone); } + /** + * Create the stream without validating it. + * + */ + @Export(name="createWithoutValidation", refs={Boolean.class}, tree="[0]") + private Output createWithoutValidation; + + /** + * @return Create the stream without validating it. + * + */ + public Output> createWithoutValidation() { + return Codegen.optional(this.createWithoutValidation); + } /** * A reference to a KMS encryption key. If provided, it will be used to encrypt the data. If left blank, data will be * encrypted using an internal Stream-specific encryption key provisioned through KMS. diff --git a/sdk/java/src/main/java/com/pulumi/gcp/datastream/StreamArgs.java b/sdk/java/src/main/java/com/pulumi/gcp/datastream/StreamArgs.java index a4a8c28964..fa9c324ed0 100644 --- a/sdk/java/src/main/java/com/pulumi/gcp/datastream/StreamArgs.java +++ b/sdk/java/src/main/java/com/pulumi/gcp/datastream/StreamArgs.java @@ -10,6 +10,7 @@ import com.pulumi.gcp.datastream.inputs.StreamBackfillNoneArgs; import com.pulumi.gcp.datastream.inputs.StreamDestinationConfigArgs; import com.pulumi.gcp.datastream.inputs.StreamSourceConfigArgs; +import java.lang.Boolean; import java.lang.String; import java.util.Map; import java.util.Objects; @@ -51,6 +52,21 @@ public Optional> backfillNone() { return Optional.ofNullable(this.backfillNone); } + /** + * Create the stream without validating it. + * + */ + @Import(name="createWithoutValidation") + private @Nullable Output createWithoutValidation; + + /** + * @return Create the stream without validating it. + * + */ + public Optional> createWithoutValidation() { + return Optional.ofNullable(this.createWithoutValidation); + } + /** * A reference to a KMS encryption key. If provided, it will be used to encrypt the data. If left blank, data will be * encrypted using an internal Stream-specific encryption key provisioned through KMS. @@ -191,6 +207,7 @@ private StreamArgs() {} private StreamArgs(StreamArgs $) { this.backfillAll = $.backfillAll; this.backfillNone = $.backfillNone; + this.createWithoutValidation = $.createWithoutValidation; this.customerManagedEncryptionKey = $.customerManagedEncryptionKey; this.desiredState = $.desiredState; this.destinationConfig = $.destinationConfig; @@ -262,6 +279,27 @@ public Builder backfillNone(StreamBackfillNoneArgs backfillNone) { return backfillNone(Output.of(backfillNone)); } + /** + * @param createWithoutValidation Create the stream without validating it. + * + * @return builder + * + */ + public Builder createWithoutValidation(@Nullable Output createWithoutValidation) { + $.createWithoutValidation = createWithoutValidation; + return this; + } + + /** + * @param createWithoutValidation Create the stream without validating it. + * + * @return builder + * + */ + public Builder createWithoutValidation(Boolean createWithoutValidation) { + return createWithoutValidation(Output.of(createWithoutValidation)); + } + /** * @param customerManagedEncryptionKey A reference to a KMS encryption key. If provided, it will be used to encrypt the data. If left blank, data will be * encrypted using an internal Stream-specific encryption key provisioned through KMS. diff --git a/sdk/java/src/main/java/com/pulumi/gcp/datastream/inputs/ConnectionProfileState.java b/sdk/java/src/main/java/com/pulumi/gcp/datastream/inputs/ConnectionProfileState.java index a56abebdcb..6dc785365f 100644 --- a/sdk/java/src/main/java/com/pulumi/gcp/datastream/inputs/ConnectionProfileState.java +++ b/sdk/java/src/main/java/com/pulumi/gcp/datastream/inputs/ConnectionProfileState.java @@ -13,6 +13,7 @@ import com.pulumi.gcp.datastream.inputs.ConnectionProfilePostgresqlProfileArgs; import com.pulumi.gcp.datastream.inputs.ConnectionProfilePrivateConnectivityArgs; import com.pulumi.gcp.datastream.inputs.ConnectionProfileSqlServerProfileArgs; +import java.lang.Boolean; import java.lang.String; import java.util.Map; import java.util.Objects; @@ -54,6 +55,21 @@ public Optional> connectionProfileId() { return Optional.ofNullable(this.connectionProfileId); } + /** + * Create the connection profile without validating it. + * + */ + @Import(name="createWithoutValidation") + private @Nullable Output createWithoutValidation; + + /** + * @return Create the connection profile without validating it. + * + */ + public Optional> createWithoutValidation() { + return Optional.ofNullable(this.createWithoutValidation); + } + /** * Display name. * @@ -295,6 +311,7 @@ private ConnectionProfileState() {} private ConnectionProfileState(ConnectionProfileState $) { this.bigqueryProfile = $.bigqueryProfile; this.connectionProfileId = $.connectionProfileId; + this.createWithoutValidation = $.createWithoutValidation; this.displayName = $.displayName; this.effectiveLabels = $.effectiveLabels; this.forwardSshConnectivity = $.forwardSshConnectivity; @@ -371,6 +388,27 @@ public Builder connectionProfileId(String connectionProfileId) { return connectionProfileId(Output.of(connectionProfileId)); } + /** + * @param createWithoutValidation Create the connection profile without validating it. + * + * @return builder + * + */ + public Builder createWithoutValidation(@Nullable Output createWithoutValidation) { + $.createWithoutValidation = createWithoutValidation; + return this; + } + + /** + * @param createWithoutValidation Create the connection profile without validating it. + * + * @return builder + * + */ + public Builder createWithoutValidation(Boolean createWithoutValidation) { + return createWithoutValidation(Output.of(createWithoutValidation)); + } + /** * @param displayName Display name. * diff --git a/sdk/java/src/main/java/com/pulumi/gcp/datastream/inputs/PrivateConnectionState.java b/sdk/java/src/main/java/com/pulumi/gcp/datastream/inputs/PrivateConnectionState.java index d54baab462..dd3e07cb1f 100644 --- a/sdk/java/src/main/java/com/pulumi/gcp/datastream/inputs/PrivateConnectionState.java +++ b/sdk/java/src/main/java/com/pulumi/gcp/datastream/inputs/PrivateConnectionState.java @@ -7,6 +7,7 @@ import com.pulumi.core.annotations.Import; import com.pulumi.gcp.datastream.inputs.PrivateConnectionErrorArgs; import com.pulumi.gcp.datastream.inputs.PrivateConnectionVpcPeeringConfigArgs; +import java.lang.Boolean; import java.lang.String; import java.util.List; import java.util.Map; @@ -19,6 +20,21 @@ public final class PrivateConnectionState extends com.pulumi.resources.ResourceA public static final PrivateConnectionState Empty = new PrivateConnectionState(); + /** + * If set to true, will skip validations. + * + */ + @Import(name="createWithoutValidation") + private @Nullable Output createWithoutValidation; + + /** + * @return If set to true, will skip validations. + * + */ + public Optional> createWithoutValidation() { + return Optional.ofNullable(this.createWithoutValidation); + } + /** * Display name. * @@ -189,6 +205,7 @@ public Optional> vpcPeeringConfig( private PrivateConnectionState() {} private PrivateConnectionState(PrivateConnectionState $) { + this.createWithoutValidation = $.createWithoutValidation; this.displayName = $.displayName; this.effectiveLabels = $.effectiveLabels; this.errors = $.errors; @@ -220,6 +237,27 @@ public Builder(PrivateConnectionState defaults) { $ = new PrivateConnectionState(Objects.requireNonNull(defaults)); } + /** + * @param createWithoutValidation If set to true, will skip validations. + * + * @return builder + * + */ + public Builder createWithoutValidation(@Nullable Output createWithoutValidation) { + $.createWithoutValidation = createWithoutValidation; + return this; + } + + /** + * @param createWithoutValidation If set to true, will skip validations. + * + * @return builder + * + */ + public Builder createWithoutValidation(Boolean createWithoutValidation) { + return createWithoutValidation(Output.of(createWithoutValidation)); + } + /** * @param displayName Display name. * diff --git a/sdk/java/src/main/java/com/pulumi/gcp/datastream/inputs/StreamState.java b/sdk/java/src/main/java/com/pulumi/gcp/datastream/inputs/StreamState.java index 0639e34ffa..ea8afe728f 100644 --- a/sdk/java/src/main/java/com/pulumi/gcp/datastream/inputs/StreamState.java +++ b/sdk/java/src/main/java/com/pulumi/gcp/datastream/inputs/StreamState.java @@ -9,6 +9,7 @@ import com.pulumi.gcp.datastream.inputs.StreamBackfillNoneArgs; import com.pulumi.gcp.datastream.inputs.StreamDestinationConfigArgs; import com.pulumi.gcp.datastream.inputs.StreamSourceConfigArgs; +import java.lang.Boolean; import java.lang.String; import java.util.Map; import java.util.Objects; @@ -50,6 +51,21 @@ public Optional> backfillNone() { return Optional.ofNullable(this.backfillNone); } + /** + * Create the stream without validating it. + * + */ + @Import(name="createWithoutValidation") + private @Nullable Output createWithoutValidation; + + /** + * @return Create the stream without validating it. + * + */ + public Optional> createWithoutValidation() { + return Optional.ofNullable(this.createWithoutValidation); + } + /** * A reference to a KMS encryption key. If provided, it will be used to encrypt the data. If left blank, data will be * encrypted using an internal Stream-specific encryption key provisioned through KMS. @@ -252,6 +268,7 @@ private StreamState() {} private StreamState(StreamState $) { this.backfillAll = $.backfillAll; this.backfillNone = $.backfillNone; + this.createWithoutValidation = $.createWithoutValidation; this.customerManagedEncryptionKey = $.customerManagedEncryptionKey; this.desiredState = $.desiredState; this.destinationConfig = $.destinationConfig; @@ -327,6 +344,27 @@ public Builder backfillNone(StreamBackfillNoneArgs backfillNone) { return backfillNone(Output.of(backfillNone)); } + /** + * @param createWithoutValidation Create the stream without validating it. + * + * @return builder + * + */ + public Builder createWithoutValidation(@Nullable Output createWithoutValidation) { + $.createWithoutValidation = createWithoutValidation; + return this; + } + + /** + * @param createWithoutValidation Create the stream without validating it. + * + * @return builder + * + */ + public Builder createWithoutValidation(Boolean createWithoutValidation) { + return createWithoutValidation(Output.of(createWithoutValidation)); + } + /** * @param customerManagedEncryptionKey A reference to a KMS encryption key. If provided, it will be used to encrypt the data. If left blank, data will be * encrypted using an internal Stream-specific encryption key provisioned through KMS. diff --git a/sdk/java/src/main/java/com/pulumi/gcp/kms/AutokeyConfig.java b/sdk/java/src/main/java/com/pulumi/gcp/kms/AutokeyConfig.java new file mode 100644 index 0000000000..aa5c010c60 --- /dev/null +++ b/sdk/java/src/main/java/com/pulumi/gcp/kms/AutokeyConfig.java @@ -0,0 +1,241 @@ +// *** WARNING: this file was generated by pulumi-java-gen. *** +// *** Do not edit by hand unless you're certain you know what you are doing! *** + +package com.pulumi.gcp.kms; + +import com.pulumi.core.Output; +import com.pulumi.core.annotations.Export; +import com.pulumi.core.annotations.ResourceType; +import com.pulumi.core.internal.Codegen; +import com.pulumi.gcp.Utilities; +import com.pulumi.gcp.kms.AutokeyConfigArgs; +import com.pulumi.gcp.kms.inputs.AutokeyConfigState; +import java.lang.String; +import java.util.Optional; +import javax.annotation.Nullable; + +/** + * ## Example Usage + * + * ### Kms Autokey Config All + * + * <!--Start PulumiCodeChooser --> + * 
+ * {@code
+ * package generated_program;
+ * 
+ * import com.pulumi.Context;
+ * import com.pulumi.Pulumi;
+ * import com.pulumi.core.Output;
+ * import com.pulumi.gcp.organizations.Folder;
+ * import com.pulumi.gcp.organizations.FolderArgs;
+ * import com.pulumi.gcp.organizations.Project;
+ * import com.pulumi.gcp.organizations.ProjectArgs;
+ * import com.pulumi.gcp.projects.Service;
+ * import com.pulumi.gcp.projects.ServiceArgs;
+ * import com.pulumi.time.sleep;
+ * import com.pulumi.time.SleepArgs;
+ * import com.pulumi.gcp.projects.ServiceIdentity;
+ * import com.pulumi.gcp.projects.ServiceIdentityArgs;
+ * import com.pulumi.gcp.projects.IAMMember;
+ * import com.pulumi.gcp.projects.IAMMemberArgs;
+ * import com.pulumi.gcp.kms.AutokeyConfig;
+ * import com.pulumi.gcp.kms.AutokeyConfigArgs;
+ * import com.pulumi.resources.CustomResourceOptions;
+ * import java.util.List;
+ * import java.util.ArrayList;
+ * import java.util.Map;
+ * import java.io.File;
+ * import java.nio.file.Files;
+ * import java.nio.file.Paths;
+ * 
+ * public class App {
+ *     public static void main(String[] args) {
+ *         Pulumi.run(App::stack);
+ *     }
+ * 
+ *     public static void stack(Context ctx) {
+ *         // Create Folder in GCP Organization
+ *         var autokmsFolder = new Folder("autokmsFolder", FolderArgs.builder()
+ *             .displayName("my-folder")
+ *             .parent("organizations/123456789")
+ *             .build());
+ * 
+ *         // Create the key project
+ *         var keyProject = new Project("keyProject", ProjectArgs.builder()
+ *             .projectId("key-proj")
+ *             .name("key-proj")
+ *             .folderId(autokmsFolder.folderId())
+ *             .billingAccount("000000-0000000-0000000-000000")
+ *             .build(), CustomResourceOptions.builder()
+ *                 .dependsOn(autokmsFolder)
+ *                 .build());
+ * 
+ *         // Enable the Cloud KMS API
+ *         var kmsApiService = new Service("kmsApiService", ServiceArgs.builder()
+ *             .service("cloudkms.googleapis.com")
+ *             .project(keyProject.projectId())
+ *             .disableOnDestroy(false)
+ *             .disableDependentServices(true)
+ *             .build(), CustomResourceOptions.builder()
+ *                 .dependsOn(keyProject)
+ *                 .build());
+ * 
+ *         // Wait delay after enabling APIs
+ *         var waitEnableServiceApi = new Sleep("waitEnableServiceApi", SleepArgs.builder()
+ *             .createDuration("30s")
+ *             .build(), CustomResourceOptions.builder()
+ *                 .dependsOn(kmsApiService)
+ *                 .build());
+ * 
+ *         //Create KMS Service Agent
+ *         var kmsServiceAgent = new ServiceIdentity("kmsServiceAgent", ServiceIdentityArgs.builder()
+ *             .service("cloudkms.googleapis.com")
+ *             .project(keyProject.number())
+ *             .build(), CustomResourceOptions.builder()
+ *                 .dependsOn(waitEnableServiceApi)
+ *                 .build());
+ * 
+ *         // Wait delay after creating service agent.
+ *         var waitServiceAgent = new Sleep("waitServiceAgent", SleepArgs.builder()
+ *             .createDuration("10s")
+ *             .build(), CustomResourceOptions.builder()
+ *                 .dependsOn(kmsServiceAgent)
+ *                 .build());
+ * 
+ *         //Grant the KMS Service Agent the Cloud KMS Admin role
+ *         var autokeyProjectAdmin = new IAMMember("autokeyProjectAdmin", IAMMemberArgs.builder()
+ *             .project(keyProject.projectId())
+ *             .role("roles/cloudkms.admin")
+ *             .member(keyProject.number().applyValue(number -> String.format("serviceAccount:service-%s{@literal @}gcp-sa-cloudkms.iam.gserviceaccount.com", number)))
+ *             .build(), CustomResourceOptions.builder()
+ *                 .dependsOn(waitServiceAgent)
+ *                 .build());
+ * 
+ *         // Wait delay after granting IAM permissions
+ *         var waitSrvAccPermissions = new Sleep("waitSrvAccPermissions", SleepArgs.builder()
+ *             .createDuration("10s")
+ *             .build(), CustomResourceOptions.builder()
+ *                 .dependsOn(autokeyProjectAdmin)
+ *                 .build());
+ * 
+ *         var example_autokeyconfig = new AutokeyConfig("example-autokeyconfig", AutokeyConfigArgs.builder()
+ *             .folder(autokmsFolder.folderId())
+ *             .keyProject(keyProject.projectId().applyValue(projectId -> String.format("projects/%s", projectId)))
+ *             .build(), CustomResourceOptions.builder()
+ *                 .dependsOn(waitSrvAccPermissions)
+ *                 .build());
+ * 
+ *     }
+ * }
+ * }
+ *
+ * <!--End PulumiCodeChooser --> + * + * ## Import + * + * AutokeyConfig can be imported using any of these accepted formats: + * + * * `folders/{{folder}}/autokeyConfig` + * + * * `{{folder}}` + * + * When using the `pulumi import` command, AutokeyConfig can be imported using one of the formats above. For example: + * + * ```sh + * $ pulumi import gcp:kms/autokeyConfig:AutokeyConfig default folders/{{folder}}/autokeyConfig + * ``` + * + * ```sh + * $ pulumi import gcp:kms/autokeyConfig:AutokeyConfig default {{folder}} + * ``` + * + */ +@ResourceType(type="gcp:kms/autokeyConfig:AutokeyConfig") +public class AutokeyConfig extends com.pulumi.resources.CustomResource { + /** + * The folder for which to retrieve config. + * + * *** + * + */ + @Export(name="folder", refs={String.class}, tree="[0]") + private Output folder; + + /** + * @return The folder for which to retrieve config. + * + * *** + * + */ + public Output folder() { + return this.folder; + } + /** + * The target key project for a given folder where KMS Autokey will provision a + * CryptoKey for any new KeyHandle the Developer creates. Should have the form + * `projects/<project_id_or_number>`. + * + */ + @Export(name="keyProject", refs={String.class}, tree="[0]") + private Output keyProject; + + /** + * @return The target key project for a given folder where KMS Autokey will provision a + * CryptoKey for any new KeyHandle the Developer creates. Should have the form + * `projects/<project_id_or_number>`. + * + */ + public Output> keyProject() { + return Codegen.optional(this.keyProject); + } + + /** + * + * @param name The _unique_ name of the resulting resource. + */ + public AutokeyConfig(String name) { + this(name, AutokeyConfigArgs.Empty); + } + /** + * + * @param name The _unique_ name of the resulting resource. + * @param args The arguments to use to populate this resource's properties. + */ + public AutokeyConfig(String name, AutokeyConfigArgs args) { + this(name, args, null); + } + /** + * + * @param name The _unique_ name of the resulting resource. + * @param args The arguments to use to populate this resource's properties. + * @param options A bag of options that control this resource's behavior. + */ + public AutokeyConfig(String name, AutokeyConfigArgs args, @Nullable com.pulumi.resources.CustomResourceOptions options) { + super("gcp:kms/autokeyConfig:AutokeyConfig", name, args == null ? AutokeyConfigArgs.Empty : args, makeResourceOptions(options, Codegen.empty())); + } + + private AutokeyConfig(String name, Output id, @Nullable AutokeyConfigState state, @Nullable com.pulumi.resources.CustomResourceOptions options) { + super("gcp:kms/autokeyConfig:AutokeyConfig", name, state, makeResourceOptions(options, id)); + } + + private static com.pulumi.resources.CustomResourceOptions makeResourceOptions(@Nullable com.pulumi.resources.CustomResourceOptions options, @Nullable Output id) { + var defaultOptions = com.pulumi.resources.CustomResourceOptions.builder() + .version(Utilities.getVersion()) + .build(); + return com.pulumi.resources.CustomResourceOptions.merge(defaultOptions, options, id); + } + + /** + * Get an existing Host resource's state with the given name, ID, and optional extra + * properties used to qualify the lookup. + * + * @param name The _unique_ name of the resulting resource. + * @param id The _unique_ provider ID of the resource to lookup. + * @param state + * @param options Optional settings to control the behavior of the CustomResource. + */ + public static AutokeyConfig get(String name, Output id, @Nullable AutokeyConfigState state, @Nullable com.pulumi.resources.CustomResourceOptions options) { + return new AutokeyConfig(name, id, state, options); + } +} diff --git a/sdk/java/src/main/java/com/pulumi/gcp/kms/AutokeyConfigArgs.java b/sdk/java/src/main/java/com/pulumi/gcp/kms/AutokeyConfigArgs.java new file mode 100644 index 0000000000..9ea55b5568 --- /dev/null +++ b/sdk/java/src/main/java/com/pulumi/gcp/kms/AutokeyConfigArgs.java @@ -0,0 +1,140 @@ +// *** WARNING: this file was generated by pulumi-java-gen. *** +// *** Do not edit by hand unless you're certain you know what you are doing! *** + +package com.pulumi.gcp.kms; + +import com.pulumi.core.Output; +import com.pulumi.core.annotations.Import; +import com.pulumi.exceptions.MissingRequiredPropertyException; +import java.lang.String; +import java.util.Objects; +import java.util.Optional; +import javax.annotation.Nullable; + + +public final class AutokeyConfigArgs extends com.pulumi.resources.ResourceArgs { + + public static final AutokeyConfigArgs Empty = new AutokeyConfigArgs(); + + /** + * The folder for which to retrieve config. + * + * *** + * + */ + @Import(name="folder", required=true) + private Output folder; + + /** + * @return The folder for which to retrieve config. + * + * *** + * + */ + public Output folder() { + return this.folder; + } + + /** + * The target key project for a given folder where KMS Autokey will provision a + * CryptoKey for any new KeyHandle the Developer creates. Should have the form + * `projects/<project_id_or_number>`. + * + */ + @Import(name="keyProject") + private @Nullable Output keyProject; + + /** + * @return The target key project for a given folder where KMS Autokey will provision a + * CryptoKey for any new KeyHandle the Developer creates. Should have the form + * `projects/<project_id_or_number>`. + * + */ + public Optional> keyProject() { + return Optional.ofNullable(this.keyProject); + } + + private AutokeyConfigArgs() {} + + private AutokeyConfigArgs(AutokeyConfigArgs $) { + this.folder = $.folder; + this.keyProject = $.keyProject; + } + + public static Builder builder() { + return new Builder(); + } + public static Builder builder(AutokeyConfigArgs defaults) { + return new Builder(defaults); + } + + public static final class Builder { + private AutokeyConfigArgs $; + + public Builder() { + $ = new AutokeyConfigArgs(); + } + + public Builder(AutokeyConfigArgs defaults) { + $ = new AutokeyConfigArgs(Objects.requireNonNull(defaults)); + } + + /** + * @param folder The folder for which to retrieve config. + * + * *** + * + * @return builder + * + */ + public Builder folder(Output folder) { + $.folder = folder; + return this; + } + + /** + * @param folder The folder for which to retrieve config. + * + * *** + * + * @return builder + * + */ + public Builder folder(String folder) { + return folder(Output.of(folder)); + } + + /** + * @param keyProject The target key project for a given folder where KMS Autokey will provision a + * CryptoKey for any new KeyHandle the Developer creates. Should have the form + * `projects/<project_id_or_number>`. + * + * @return builder + * + */ + public Builder keyProject(@Nullable Output keyProject) { + $.keyProject = keyProject; + return this; + } + + /** + * @param keyProject The target key project for a given folder where KMS Autokey will provision a + * CryptoKey for any new KeyHandle the Developer creates. Should have the form + * `projects/<project_id_or_number>`. + * + * @return builder + * + */ + public Builder keyProject(String keyProject) { + return keyProject(Output.of(keyProject)); + } + + public AutokeyConfigArgs build() { + if ($.folder == null) { + throw new MissingRequiredPropertyException("AutokeyConfigArgs", "folder"); + } + return $; + } + } + +} diff --git a/sdk/java/src/main/java/com/pulumi/gcp/kms/KeyHandle.java b/sdk/java/src/main/java/com/pulumi/gcp/kms/KeyHandle.java new file mode 100644 index 0000000000..e49d2c2ef5 --- /dev/null +++ b/sdk/java/src/main/java/com/pulumi/gcp/kms/KeyHandle.java @@ -0,0 +1,322 @@ +// *** WARNING: this file was generated by pulumi-java-gen. *** +// *** Do not edit by hand unless you're certain you know what you are doing! *** + +package com.pulumi.gcp.kms; + +import com.pulumi.core.Output; +import com.pulumi.core.annotations.Export; +import com.pulumi.core.annotations.ResourceType; +import com.pulumi.core.internal.Codegen; +import com.pulumi.gcp.Utilities; +import com.pulumi.gcp.kms.KeyHandleArgs; +import com.pulumi.gcp.kms.inputs.KeyHandleState; +import java.lang.String; +import javax.annotation.Nullable; + +/** + * ## Example Usage + * + * ### Kms Key Handle Basic + * + * <!--Start PulumiCodeChooser --> + * 
+ * {@code
+ * package generated_program;
+ * 
+ * import com.pulumi.Context;
+ * import com.pulumi.Pulumi;
+ * import com.pulumi.core.Output;
+ * import com.pulumi.gcp.organizations.Folder;
+ * import com.pulumi.gcp.organizations.FolderArgs;
+ * import com.pulumi.gcp.organizations.Project;
+ * import com.pulumi.gcp.organizations.ProjectArgs;
+ * import com.pulumi.gcp.projects.Service;
+ * import com.pulumi.gcp.projects.ServiceArgs;
+ * import com.pulumi.time.sleep;
+ * import com.pulumi.time.SleepArgs;
+ * import com.pulumi.gcp.projects.ServiceIdentity;
+ * import com.pulumi.gcp.projects.ServiceIdentityArgs;
+ * import com.pulumi.gcp.projects.IAMMember;
+ * import com.pulumi.gcp.projects.IAMMemberArgs;
+ * import com.pulumi.gcp.kms.AutokeyConfig;
+ * import com.pulumi.gcp.kms.AutokeyConfigArgs;
+ * import com.pulumi.gcp.kms.KeyHandle;
+ * import com.pulumi.gcp.kms.KeyHandleArgs;
+ * import com.pulumi.resources.CustomResourceOptions;
+ * import java.util.List;
+ * import java.util.ArrayList;
+ * import java.util.Map;
+ * import java.io.File;
+ * import java.nio.file.Files;
+ * import java.nio.file.Paths;
+ * 
+ * public class App {
+ *     public static void main(String[] args) {
+ *         Pulumi.run(App::stack);
+ *     }
+ * 
+ *     public static void stack(Context ctx) {
+ *         // Create Folder in GCP Organization
+ *         var autokmsFolder = new Folder("autokmsFolder", FolderArgs.builder()
+ *             .displayName("folder-example")
+ *             .parent("organizations/123456789")
+ *             .build());
+ * 
+ *         // Create the key project
+ *         var keyProject = new Project("keyProject", ProjectArgs.builder()
+ *             .projectId("key-proj")
+ *             .name("key-proj")
+ *             .folderId(autokmsFolder.folderId())
+ *             .billingAccount("000000-0000000-0000000-000000")
+ *             .build(), CustomResourceOptions.builder()
+ *                 .dependsOn(autokmsFolder)
+ *                 .build());
+ * 
+ *         // Create the resource project
+ *         var resourceProject = new Project("resourceProject", ProjectArgs.builder()
+ *             .projectId("resources")
+ *             .name("resources")
+ *             .folderId(autokmsFolder.folderId())
+ *             .billingAccount("000000-0000000-0000000-000000")
+ *             .build(), CustomResourceOptions.builder()
+ *                 .dependsOn(autokmsFolder)
+ *                 .build());
+ * 
+ *         // Enable the Cloud KMS API
+ *         var kmsApiService = new Service("kmsApiService", ServiceArgs.builder()
+ *             .service("cloudkms.googleapis.com")
+ *             .project(keyProject.projectId())
+ *             .disableOnDestroy(false)
+ *             .disableDependentServices(true)
+ *             .build(), CustomResourceOptions.builder()
+ *                 .dependsOn(keyProject)
+ *                 .build());
+ * 
+ *         // Wait delay after enabling APIs
+ *         var waitEnableServiceApi = new Sleep("waitEnableServiceApi", SleepArgs.builder()
+ *             .createDuration("30s")
+ *             .build(), CustomResourceOptions.builder()
+ *                 .dependsOn(kmsApiService)
+ *                 .build());
+ * 
+ *         //Create KMS Service Agent
+ *         var kmsServiceAgent = new ServiceIdentity("kmsServiceAgent", ServiceIdentityArgs.builder()
+ *             .service("cloudkms.googleapis.com")
+ *             .project(keyProject.number())
+ *             .build(), CustomResourceOptions.builder()
+ *                 .dependsOn(waitEnableServiceApi)
+ *                 .build());
+ * 
+ *         // Wait delay after creating service agent.
+ *         var waitServiceAgent = new Sleep("waitServiceAgent", SleepArgs.builder()
+ *             .createDuration("10s")
+ *             .build(), CustomResourceOptions.builder()
+ *                 .dependsOn(kmsServiceAgent)
+ *                 .build());
+ * 
+ *         //Grant the KMS Service Agent the Cloud KMS Admin role
+ *         var autokeyProjectAdmin = new IAMMember("autokeyProjectAdmin", IAMMemberArgs.builder()
+ *             .project(keyProject.projectId())
+ *             .role("roles/cloudkms.admin")
+ *             .member(keyProject.number().applyValue(number -> String.format("serviceAccount:service-%s{@literal @}gcp-sa-cloudkms.iam.gserviceaccount.com", number)))
+ *             .build(), CustomResourceOptions.builder()
+ *                 .dependsOn(waitServiceAgent)
+ *                 .build());
+ * 
+ *         // Wait delay after granting IAM permissions
+ *         var waitSrvAccPermissions = new Sleep("waitSrvAccPermissions", SleepArgs.builder()
+ *             .createDuration("10s")
+ *             .build(), CustomResourceOptions.builder()
+ *                 .dependsOn(autokeyProjectAdmin)
+ *                 .build());
+ * 
+ *         var autokeyConfig = new AutokeyConfig("autokeyConfig", AutokeyConfigArgs.builder()
+ *             .folder(autokmsFolder.folderId())
+ *             .keyProject(keyProject.projectId().applyValue(projectId -> String.format("projects/%s", projectId)))
+ *             .build(), CustomResourceOptions.builder()
+ *                 .dependsOn(waitSrvAccPermissions)
+ *                 .build());
+ * 
+ *         // Wait delay for autokey config to take effect
+ *         var waitAutokeyConfig = new Sleep("waitAutokeyConfig", SleepArgs.builder()
+ *             .createDuration("10s")
+ *             .build(), CustomResourceOptions.builder()
+ *                 .dependsOn(autokeyConfig)
+ *                 .build());
+ * 
+ *         var example_keyhandle = new KeyHandle("example-keyhandle", KeyHandleArgs.builder()
+ *             .project(resourceProject.projectId())
+ *             .name("example-key-handle")
+ *             .location("global")
+ *             .resourceTypeSelector("storage.googleapis.com/Bucket")
+ *             .build(), CustomResourceOptions.builder()
+ *                 .dependsOn(waitAutokeyConfig)
+ *                 .build());
+ * 
+ *     }
+ * }
+ * }
+ *
+ * <!--End PulumiCodeChooser --> + * + * ## Import + * + * KeyHandle can be imported using any of these accepted formats: + * + * * `projects/{{project}}/locations/{{location}}/keyHandles/{{name}}` + * + * * `{{project}}/{{location}}/{{name}}` + * + * * `{{location}}/{{name}}` + * + * When using the `pulumi import` command, KeyHandle can be imported using one of the formats above. For example: + * + * ```sh + * $ pulumi import gcp:kms/keyHandle:KeyHandle default projects/{{project}}/locations/{{location}}/keyHandles/{{name}} + * ``` + * + * ```sh + * $ pulumi import gcp:kms/keyHandle:KeyHandle default {{project}}/{{location}}/{{name}} + * ``` + * + * ```sh + * $ pulumi import gcp:kms/keyHandle:KeyHandle default {{location}}/{{name}} + * ``` + * + */ +@ResourceType(type="gcp:kms/keyHandle:KeyHandle") +public class KeyHandle extends com.pulumi.resources.CustomResource { + /** + * A reference to a Cloud KMS CryptoKey that can be used for CMEK in the requested + * product/project/location, for example + * `projects/1/locations/us-east1/keyRings/foo/cryptoKeys/bar-ffffff` + * + */ + @Export(name="kmsKey", refs={String.class}, tree="[0]") + private Output kmsKey; + + /** + * @return A reference to a Cloud KMS CryptoKey that can be used for CMEK in the requested + * product/project/location, for example + * `projects/1/locations/us-east1/keyRings/foo/cryptoKeys/bar-ffffff` + * + */ + public Output kmsKey() { + return this.kmsKey; + } + /** + * The location for the KeyHandle. + * A full list of valid locations can be found by running `gcloud kms locations list`. + * + * *** + * + */ + @Export(name="location", refs={String.class}, tree="[0]") + private Output location; + + /** + * @return The location for the KeyHandle. + * A full list of valid locations can be found by running `gcloud kms locations list`. + * + * *** + * + */ + public Output location() { + return this.location; + } + /** + * The resource name for the KeyHandle. + * + */ + @Export(name="name", refs={String.class}, tree="[0]") + private Output name; + + /** + * @return The resource name for the KeyHandle. + * + */ + public Output name() { + return this.name; + } + /** + * The ID of the project in which the resource belongs. + * If it is not provided, the provider project is used. + * + */ + @Export(name="project", refs={String.class}, tree="[0]") + private Output project; + + /** + * @return The ID of the project in which the resource belongs. + * If it is not provided, the provider project is used. + * + */ + public Output project() { + return this.project; + } + /** + * Selector of the resource type where we want to protect resources. + * For example, `storage.googleapis.com/Bucket OR compute.googleapis.com/*` + * + */ + @Export(name="resourceTypeSelector", refs={String.class}, tree="[0]") + private Output resourceTypeSelector; + + /** + * @return Selector of the resource type where we want to protect resources. + * For example, `storage.googleapis.com/Bucket OR compute.googleapis.com/*` + * + */ + public Output resourceTypeSelector() { + return this.resourceTypeSelector; + } + + /** + * + * @param name The _unique_ name of the resulting resource. + */ + public KeyHandle(String name) { + this(name, KeyHandleArgs.Empty); + } + /** + * + * @param name The _unique_ name of the resulting resource. + * @param args The arguments to use to populate this resource's properties. + */ + public KeyHandle(String name, KeyHandleArgs args) { + this(name, args, null); + } + /** + * + * @param name The _unique_ name of the resulting resource. + * @param args The arguments to use to populate this resource's properties. + * @param options A bag of options that control this resource's behavior. + */ + public KeyHandle(String name, KeyHandleArgs args, @Nullable com.pulumi.resources.CustomResourceOptions options) { + super("gcp:kms/keyHandle:KeyHandle", name, args == null ? KeyHandleArgs.Empty : args, makeResourceOptions(options, Codegen.empty())); + } + + private KeyHandle(String name, Output id, @Nullable KeyHandleState state, @Nullable com.pulumi.resources.CustomResourceOptions options) { + super("gcp:kms/keyHandle:KeyHandle", name, state, makeResourceOptions(options, id)); + } + + private static com.pulumi.resources.CustomResourceOptions makeResourceOptions(@Nullable com.pulumi.resources.CustomResourceOptions options, @Nullable Output id) { + var defaultOptions = com.pulumi.resources.CustomResourceOptions.builder() + .version(Utilities.getVersion()) + .build(); + return com.pulumi.resources.CustomResourceOptions.merge(defaultOptions, options, id); + } + + /** + * Get an existing Host resource's state with the given name, ID, and optional extra + * properties used to qualify the lookup. + * + * @param name The _unique_ name of the resulting resource. + * @param id The _unique_ provider ID of the resource to lookup. + * @param state + * @param options Optional settings to control the behavior of the CustomResource. + */ + public static KeyHandle get(String name, Output id, @Nullable KeyHandleState state, @Nullable com.pulumi.resources.CustomResourceOptions options) { + return new KeyHandle(name, id, state, options); + } +} diff --git a/sdk/java/src/main/java/com/pulumi/gcp/kms/KeyHandleArgs.java b/sdk/java/src/main/java/com/pulumi/gcp/kms/KeyHandleArgs.java new file mode 100644 index 0000000000..99310d39dc --- /dev/null +++ b/sdk/java/src/main/java/com/pulumi/gcp/kms/KeyHandleArgs.java @@ -0,0 +1,221 @@ +// *** WARNING: this file was generated by pulumi-java-gen. *** +// *** Do not edit by hand unless you're certain you know what you are doing! *** + +package com.pulumi.gcp.kms; + +import com.pulumi.core.Output; +import com.pulumi.core.annotations.Import; +import com.pulumi.exceptions.MissingRequiredPropertyException; +import java.lang.String; +import java.util.Objects; +import java.util.Optional; +import javax.annotation.Nullable; + + +public final class KeyHandleArgs extends com.pulumi.resources.ResourceArgs { + + public static final KeyHandleArgs Empty = new KeyHandleArgs(); + + /** + * The location for the KeyHandle. + * A full list of valid locations can be found by running `gcloud kms locations list`. + * + * *** + * + */ + @Import(name="location", required=true) + private Output location; + + /** + * @return The location for the KeyHandle. + * A full list of valid locations can be found by running `gcloud kms locations list`. + * + * *** + * + */ + public Output location() { + return this.location; + } + + /** + * The resource name for the KeyHandle. + * + */ + @Import(name="name") + private @Nullable Output name; + + /** + * @return The resource name for the KeyHandle. + * + */ + public Optional> name() { + return Optional.ofNullable(this.name); + } + + /** + * The ID of the project in which the resource belongs. + * If it is not provided, the provider project is used. + * + */ + @Import(name="project") + private @Nullable Output project; + + /** + * @return The ID of the project in which the resource belongs. + * If it is not provided, the provider project is used. + * + */ + public Optional> project() { + return Optional.ofNullable(this.project); + } + + /** + * Selector of the resource type where we want to protect resources. + * For example, `storage.googleapis.com/Bucket OR compute.googleapis.com/*` + * + */ + @Import(name="resourceTypeSelector", required=true) + private Output resourceTypeSelector; + + /** + * @return Selector of the resource type where we want to protect resources. + * For example, `storage.googleapis.com/Bucket OR compute.googleapis.com/*` + * + */ + public Output resourceTypeSelector() { + return this.resourceTypeSelector; + } + + private KeyHandleArgs() {} + + private KeyHandleArgs(KeyHandleArgs $) { + this.location = $.location; + this.name = $.name; + this.project = $.project; + this.resourceTypeSelector = $.resourceTypeSelector; + } + + public static Builder builder() { + return new Builder(); + } + public static Builder builder(KeyHandleArgs defaults) { + return new Builder(defaults); + } + + public static final class Builder { + private KeyHandleArgs $; + + public Builder() { + $ = new KeyHandleArgs(); + } + + public Builder(KeyHandleArgs defaults) { + $ = new KeyHandleArgs(Objects.requireNonNull(defaults)); + } + + /** + * @param location The location for the KeyHandle. + * A full list of valid locations can be found by running `gcloud kms locations list`. + * + * *** + * + * @return builder + * + */ + public Builder location(Output location) { + $.location = location; + return this; + } + + /** + * @param location The location for the KeyHandle. + * A full list of valid locations can be found by running `gcloud kms locations list`. + * + * *** + * + * @return builder + * + */ + public Builder location(String location) { + return location(Output.of(location)); + } + + /** + * @param name The resource name for the KeyHandle. + * + * @return builder + * + */ + public Builder name(@Nullable Output name) { + $.name = name; + return this; + } + + /** + * @param name The resource name for the KeyHandle. + * + * @return builder + * + */ + public Builder name(String name) { + return name(Output.of(name)); + } + + /** + * @param project The ID of the project in which the resource belongs. + * If it is not provided, the provider project is used. + * + * @return builder + * + */ + public Builder project(@Nullable Output project) { + $.project = project; + return this; + } + + /** + * @param project The ID of the project in which the resource belongs. + * If it is not provided, the provider project is used. + * + * @return builder + * + */ + public Builder project(String project) { + return project(Output.of(project)); + } + + /** + * @param resourceTypeSelector Selector of the resource type where we want to protect resources. + * For example, `storage.googleapis.com/Bucket OR compute.googleapis.com/*` + * + * @return builder + * + */ + public Builder resourceTypeSelector(Output resourceTypeSelector) { + $.resourceTypeSelector = resourceTypeSelector; + return this; + } + + /** + * @param resourceTypeSelector Selector of the resource type where we want to protect resources. + * For example, `storage.googleapis.com/Bucket OR compute.googleapis.com/*` + * + * @return builder + * + */ + public Builder resourceTypeSelector(String resourceTypeSelector) { + return resourceTypeSelector(Output.of(resourceTypeSelector)); + } + + public KeyHandleArgs build() { + if ($.location == null) { + throw new MissingRequiredPropertyException("KeyHandleArgs", "location"); + } + if ($.resourceTypeSelector == null) { + throw new MissingRequiredPropertyException("KeyHandleArgs", "resourceTypeSelector"); + } + return $; + } + } + +} diff --git a/sdk/java/src/main/java/com/pulumi/gcp/kms/inputs/AutokeyConfigState.java b/sdk/java/src/main/java/com/pulumi/gcp/kms/inputs/AutokeyConfigState.java new file mode 100644 index 0000000000..4da066c397 --- /dev/null +++ b/sdk/java/src/main/java/com/pulumi/gcp/kms/inputs/AutokeyConfigState.java @@ -0,0 +1,136 @@ +// *** WARNING: this file was generated by pulumi-java-gen. *** +// *** Do not edit by hand unless you're certain you know what you are doing! *** + +package com.pulumi.gcp.kms.inputs; + +import com.pulumi.core.Output; +import com.pulumi.core.annotations.Import; +import java.lang.String; +import java.util.Objects; +import java.util.Optional; +import javax.annotation.Nullable; + + +public final class AutokeyConfigState extends com.pulumi.resources.ResourceArgs { + + public static final AutokeyConfigState Empty = new AutokeyConfigState(); + + /** + * The folder for which to retrieve config. + * + * *** + * + */ + @Import(name="folder") + private @Nullable Output folder; + + /** + * @return The folder for which to retrieve config. + * + * *** + * + */ + public Optional> folder() { + return Optional.ofNullable(this.folder); + } + + /** + * The target key project for a given folder where KMS Autokey will provision a + * CryptoKey for any new KeyHandle the Developer creates. Should have the form + * `projects/<project_id_or_number>`. + * + */ + @Import(name="keyProject") + private @Nullable Output keyProject; + + /** + * @return The target key project for a given folder where KMS Autokey will provision a + * CryptoKey for any new KeyHandle the Developer creates. Should have the form + * `projects/<project_id_or_number>`. + * + */ + public Optional> keyProject() { + return Optional.ofNullable(this.keyProject); + } + + private AutokeyConfigState() {} + + private AutokeyConfigState(AutokeyConfigState $) { + this.folder = $.folder; + this.keyProject = $.keyProject; + } + + public static Builder builder() { + return new Builder(); + } + public static Builder builder(AutokeyConfigState defaults) { + return new Builder(defaults); + } + + public static final class Builder { + private AutokeyConfigState $; + + public Builder() { + $ = new AutokeyConfigState(); + } + + public Builder(AutokeyConfigState defaults) { + $ = new AutokeyConfigState(Objects.requireNonNull(defaults)); + } + + /** + * @param folder The folder for which to retrieve config. + * + * *** + * + * @return builder + * + */ + public Builder folder(@Nullable Output folder) { + $.folder = folder; + return this; + } + + /** + * @param folder The folder for which to retrieve config. + * + * *** + * + * @return builder + * + */ + public Builder folder(String folder) { + return folder(Output.of(folder)); + } + + /** + * @param keyProject The target key project for a given folder where KMS Autokey will provision a + * CryptoKey for any new KeyHandle the Developer creates. Should have the form + * `projects/<project_id_or_number>`. + * + * @return builder + * + */ + public Builder keyProject(@Nullable Output keyProject) { + $.keyProject = keyProject; + return this; + } + + /** + * @param keyProject The target key project for a given folder where KMS Autokey will provision a + * CryptoKey for any new KeyHandle the Developer creates. Should have the form + * `projects/<project_id_or_number>`. + * + * @return builder + * + */ + public Builder keyProject(String keyProject) { + return keyProject(Output.of(keyProject)); + } + + public AutokeyConfigState build() { + return $; + } + } + +} diff --git a/sdk/java/src/main/java/com/pulumi/gcp/kms/inputs/KeyHandleState.java b/sdk/java/src/main/java/com/pulumi/gcp/kms/inputs/KeyHandleState.java new file mode 100644 index 0000000000..40db9c1ecf --- /dev/null +++ b/sdk/java/src/main/java/com/pulumi/gcp/kms/inputs/KeyHandleState.java @@ -0,0 +1,259 @@ +// *** WARNING: this file was generated by pulumi-java-gen. *** +// *** Do not edit by hand unless you're certain you know what you are doing! *** + +package com.pulumi.gcp.kms.inputs; + +import com.pulumi.core.Output; +import com.pulumi.core.annotations.Import; +import java.lang.String; +import java.util.Objects; +import java.util.Optional; +import javax.annotation.Nullable; + + +public final class KeyHandleState extends com.pulumi.resources.ResourceArgs { + + public static final KeyHandleState Empty = new KeyHandleState(); + + /** + * A reference to a Cloud KMS CryptoKey that can be used for CMEK in the requested + * product/project/location, for example + * `projects/1/locations/us-east1/keyRings/foo/cryptoKeys/bar-ffffff` + * + */ + @Import(name="kmsKey") + private @Nullable Output kmsKey; + + /** + * @return A reference to a Cloud KMS CryptoKey that can be used for CMEK in the requested + * product/project/location, for example + * `projects/1/locations/us-east1/keyRings/foo/cryptoKeys/bar-ffffff` + * + */ + public Optional> kmsKey() { + return Optional.ofNullable(this.kmsKey); + } + + /** + * The location for the KeyHandle. + * A full list of valid locations can be found by running `gcloud kms locations list`. + * + * *** + * + */ + @Import(name="location") + private @Nullable Output location; + + /** + * @return The location for the KeyHandle. + * A full list of valid locations can be found by running `gcloud kms locations list`. + * + * *** + * + */ + public Optional> location() { + return Optional.ofNullable(this.location); + } + + /** + * The resource name for the KeyHandle. + * + */ + @Import(name="name") + private @Nullable Output name; + + /** + * @return The resource name for the KeyHandle. + * + */ + public Optional> name() { + return Optional.ofNullable(this.name); + } + + /** + * The ID of the project in which the resource belongs. + * If it is not provided, the provider project is used. + * + */ + @Import(name="project") + private @Nullable Output project; + + /** + * @return The ID of the project in which the resource belongs. + * If it is not provided, the provider project is used. + * + */ + public Optional> project() { + return Optional.ofNullable(this.project); + } + + /** + * Selector of the resource type where we want to protect resources. + * For example, `storage.googleapis.com/Bucket OR compute.googleapis.com/*` + * + */ + @Import(name="resourceTypeSelector") + private @Nullable Output resourceTypeSelector; + + /** + * @return Selector of the resource type where we want to protect resources. + * For example, `storage.googleapis.com/Bucket OR compute.googleapis.com/*` + * + */ + public Optional> resourceTypeSelector() { + return Optional.ofNullable(this.resourceTypeSelector); + } + + private KeyHandleState() {} + + private KeyHandleState(KeyHandleState $) { + this.kmsKey = $.kmsKey; + this.location = $.location; + this.name = $.name; + this.project = $.project; + this.resourceTypeSelector = $.resourceTypeSelector; + } + + public static Builder builder() { + return new Builder(); + } + public static Builder builder(KeyHandleState defaults) { + return new Builder(defaults); + } + + public static final class Builder { + private KeyHandleState $; + + public Builder() { + $ = new KeyHandleState(); + } + + public Builder(KeyHandleState defaults) { + $ = new KeyHandleState(Objects.requireNonNull(defaults)); + } + + /** + * @param kmsKey A reference to a Cloud KMS CryptoKey that can be used for CMEK in the requested + * product/project/location, for example + * `projects/1/locations/us-east1/keyRings/foo/cryptoKeys/bar-ffffff` + * + * @return builder + * + */ + public Builder kmsKey(@Nullable Output kmsKey) { + $.kmsKey = kmsKey; + return this; + } + + /** + * @param kmsKey A reference to a Cloud KMS CryptoKey that can be used for CMEK in the requested + * product/project/location, for example + * `projects/1/locations/us-east1/keyRings/foo/cryptoKeys/bar-ffffff` + * + * @return builder + * + */ + public Builder kmsKey(String kmsKey) { + return kmsKey(Output.of(kmsKey)); + } + + /** + * @param location The location for the KeyHandle. + * A full list of valid locations can be found by running `gcloud kms locations list`. + * + * *** + * + * @return builder + * + */ + public Builder location(@Nullable Output location) { + $.location = location; + return this; + } + + /** + * @param location The location for the KeyHandle. + * A full list of valid locations can be found by running `gcloud kms locations list`. + * + * *** + * + * @return builder + * + */ + public Builder location(String location) { + return location(Output.of(location)); + } + + /** + * @param name The resource name for the KeyHandle. + * + * @return builder + * + */ + public Builder name(@Nullable Output name) { + $.name = name; + return this; + } + + /** + * @param name The resource name for the KeyHandle. + * + * @return builder + * + */ + public Builder name(String name) { + return name(Output.of(name)); + } + + /** + * @param project The ID of the project in which the resource belongs. + * If it is not provided, the provider project is used. + * + * @return builder + * + */ + public Builder project(@Nullable Output project) { + $.project = project; + return this; + } + + /** + * @param project The ID of the project in which the resource belongs. + * If it is not provided, the provider project is used. + * + * @return builder + * + */ + public Builder project(String project) { + return project(Output.of(project)); + } + + /** + * @param resourceTypeSelector Selector of the resource type where we want to protect resources. + * For example, `storage.googleapis.com/Bucket OR compute.googleapis.com/*` + * + * @return builder + * + */ + public Builder resourceTypeSelector(@Nullable Output resourceTypeSelector) { + $.resourceTypeSelector = resourceTypeSelector; + return this; + } + + /** + * @param resourceTypeSelector Selector of the resource type where we want to protect resources. + * For example, `storage.googleapis.com/Bucket OR compute.googleapis.com/*` + * + * @return builder + * + */ + public Builder resourceTypeSelector(String resourceTypeSelector) { + return resourceTypeSelector(Output.of(resourceTypeSelector)); + } + + public KeyHandleState build() { + return $; + } + } + +} diff --git a/sdk/java/src/main/java/com/pulumi/gcp/networkservices/LbRouteExtension.java b/sdk/java/src/main/java/com/pulumi/gcp/networkservices/LbRouteExtension.java new file mode 100644 index 0000000000..1b2db4e7b0 --- /dev/null +++ b/sdk/java/src/main/java/com/pulumi/gcp/networkservices/LbRouteExtension.java @@ -0,0 +1,265 @@ +// *** WARNING: this file was generated by pulumi-java-gen. *** +// *** Do not edit by hand unless you're certain you know what you are doing! *** + +package com.pulumi.gcp.networkservices; + +import com.pulumi.core.Output; +import com.pulumi.core.annotations.Export; +import com.pulumi.core.annotations.ResourceType; +import com.pulumi.core.internal.Codegen; +import com.pulumi.gcp.Utilities; +import com.pulumi.gcp.networkservices.LbRouteExtensionArgs; +import com.pulumi.gcp.networkservices.inputs.LbRouteExtensionState; +import com.pulumi.gcp.networkservices.outputs.LbRouteExtensionExtensionChain; +import java.lang.String; +import java.util.List; +import java.util.Map; +import java.util.Optional; +import javax.annotation.Nullable; + +/** + * LbRouteExtension is a resource that lets you control where traffic is routed to for a given request. + * + * To get more information about LbRouteExtension, see: + * + * * [API documentation](https://cloud.google.com/service-extensions/docs/reference/rest/v1beta1/projects.locations.lbRouteExtensions) + * * How-to Guides + * * [Configure a route extension](https://cloud.google.com/service-extensions/docs/configure-callout#configure_a_route_extension) + * + * ## Example Usage + * + * ## Import + * + * LbRouteExtension can be imported using any of these accepted formats: + * + * * `projects/{{project}}/locations/{{location}}/lbRouteExtensions/{{name}}` + * + * * `{{project}}/{{location}}/{{name}}` + * + * * `{{location}}/{{name}}` + * + * When using the `pulumi import` command, LbRouteExtension can be imported using one of the formats above. For example: + * + * ```sh + * $ pulumi import gcp:networkservices/lbRouteExtension:LbRouteExtension default projects/{{project}}/locations/{{location}}/lbRouteExtensions/{{name}} + * ``` + * + * ```sh + * $ pulumi import gcp:networkservices/lbRouteExtension:LbRouteExtension default {{project}}/{{location}}/{{name}} + * ``` + * + * ```sh + * $ pulumi import gcp:networkservices/lbRouteExtension:LbRouteExtension default {{location}}/{{name}} + * ``` + * + */ +@ResourceType(type="gcp:networkservices/lbRouteExtension:LbRouteExtension") +public class LbRouteExtension extends com.pulumi.resources.CustomResource { + /** + * A human-readable description of the resource. + * + */ + @Export(name="description", refs={String.class}, tree="[0]") + private Output description; + + /** + * @return A human-readable description of the resource. + * + */ + public Output> description() { + return Codegen.optional(this.description); + } + /** + * All of labels (key/value pairs) present on the resource in GCP, including the labels configured through Pulumi, other clients and services. + * + */ + @Export(name="effectiveLabels", refs={Map.class,String.class}, tree="[0,1,1]") + private Output> effectiveLabels; + + /** + * @return All of labels (key/value pairs) present on the resource in GCP, including the labels configured through Pulumi, other clients and services. + * + */ + public Output> effectiveLabels() { + return this.effectiveLabels; + } + /** + * A set of ordered extension chains that contain the match conditions and extensions to execute. + * Match conditions for each extension chain are evaluated in sequence for a given request. + * The first extension chain that has a condition that matches the request is executed. + * Any subsequent extension chains do not execute. Limited to 5 extension chains per resource. + * Structure is documented below. + * + */ + @Export(name="extensionChains", refs={List.class,LbRouteExtensionExtensionChain.class}, tree="[0,1]") + private Output> extensionChains; + + /** + * @return A set of ordered extension chains that contain the match conditions and extensions to execute. + * Match conditions for each extension chain are evaluated in sequence for a given request. + * The first extension chain that has a condition that matches the request is executed. + * Any subsequent extension chains do not execute. Limited to 5 extension chains per resource. + * Structure is documented below. + * + */ + public Output> extensionChains() { + return this.extensionChains; + } + /** + * A list of references to the forwarding rules to which this service extension is attached to. + * At least one forwarding rule is required. There can be only one LbRouteExtension resource per forwarding rule. + * + */ + @Export(name="forwardingRules", refs={List.class,String.class}, tree="[0,1]") + private Output> forwardingRules; + + /** + * @return A list of references to the forwarding rules to which this service extension is attached to. + * At least one forwarding rule is required. There can be only one LbRouteExtension resource per forwarding rule. + * + */ + public Output> forwardingRules() { + return this.forwardingRules; + } + /** + * Set of labels associated with the LbRouteExtension resource. **Note**: This field is non-authoritative, and will only + * manage the labels present in your configuration. Please refer to the field 'effective_labels' for all of the labels + * present on the resource. + * + */ + @Export(name="labels", refs={Map.class,String.class}, tree="[0,1,1]") + private Output> labels; + + /** + * @return Set of labels associated with the LbRouteExtension resource. **Note**: This field is non-authoritative, and will only + * manage the labels present in your configuration. Please refer to the field 'effective_labels' for all of the labels + * present on the resource. + * + */ + public Output>> labels() { + return Codegen.optional(this.labels); + } + /** + * All backend services and forwarding rules referenced by this extension must share the same load balancing scheme. + * For more information, refer to [Choosing a load balancer](https://cloud.google.com/load-balancing/docs/backend-service) and + * [Supported application load balancers](https://cloud.google.com/service-extensions/docs/callouts-overview#supported-lbs). + * Possible values are: `INTERNAL_MANAGED`, `EXTERNAL_MANAGED`. + * + */ + @Export(name="loadBalancingScheme", refs={String.class}, tree="[0]") + private Output loadBalancingScheme; + + /** + * @return All backend services and forwarding rules referenced by this extension must share the same load balancing scheme. + * For more information, refer to [Choosing a load balancer](https://cloud.google.com/load-balancing/docs/backend-service) and + * [Supported application load balancers](https://cloud.google.com/service-extensions/docs/callouts-overview#supported-lbs). + * Possible values are: `INTERNAL_MANAGED`, `EXTERNAL_MANAGED`. + * + */ + public Output loadBalancingScheme() { + return this.loadBalancingScheme; + } + /** + * The location of the route extension + * + */ + @Export(name="location", refs={String.class}, tree="[0]") + private Output location; + + /** + * @return The location of the route extension + * + */ + public Output location() { + return this.location; + } + /** + * Name of the LbRouteExtension resource in the following format: projects/{project}/locations/{location}/lbRouteExtensions/{lbRouteExtension} + * + */ + @Export(name="name", refs={String.class}, tree="[0]") + private Output name; + + /** + * @return Name of the LbRouteExtension resource in the following format: projects/{project}/locations/{location}/lbRouteExtensions/{lbRouteExtension} + * + */ + public Output name() { + return this.name; + } + @Export(name="project", refs={String.class}, tree="[0]") + private Output project; + + public Output project() { + return this.project; + } + /** + * The combination of labels configured directly on the resource + * and default labels configured on the provider. + * + */ + @Export(name="pulumiLabels", refs={Map.class,String.class}, tree="[0,1,1]") + private Output> pulumiLabels; + + /** + * @return The combination of labels configured directly on the resource + * and default labels configured on the provider. + * + */ + public Output> pulumiLabels() { + return this.pulumiLabels; + } + + /** + * + * @param name The _unique_ name of the resulting resource. + */ + public LbRouteExtension(String name) { + this(name, LbRouteExtensionArgs.Empty); + } + /** + * + * @param name The _unique_ name of the resulting resource. + * @param args The arguments to use to populate this resource's properties. + */ + public LbRouteExtension(String name, LbRouteExtensionArgs args) { + this(name, args, null); + } + /** + * + * @param name The _unique_ name of the resulting resource. + * @param args The arguments to use to populate this resource's properties. + * @param options A bag of options that control this resource's behavior. + */ + public LbRouteExtension(String name, LbRouteExtensionArgs args, @Nullable com.pulumi.resources.CustomResourceOptions options) { + super("gcp:networkservices/lbRouteExtension:LbRouteExtension", name, args == null ? LbRouteExtensionArgs.Empty : args, makeResourceOptions(options, Codegen.empty())); + } + + private LbRouteExtension(String name, Output id, @Nullable LbRouteExtensionState state, @Nullable com.pulumi.resources.CustomResourceOptions options) { + super("gcp:networkservices/lbRouteExtension:LbRouteExtension", name, state, makeResourceOptions(options, id)); + } + + private static com.pulumi.resources.CustomResourceOptions makeResourceOptions(@Nullable com.pulumi.resources.CustomResourceOptions options, @Nullable Output id) { + var defaultOptions = com.pulumi.resources.CustomResourceOptions.builder() + .version(Utilities.getVersion()) + .additionalSecretOutputs(List.of( + "effectiveLabels", + "pulumiLabels" + )) + .build(); + return com.pulumi.resources.CustomResourceOptions.merge(defaultOptions, options, id); + } + + /** + * Get an existing Host resource's state with the given name, ID, and optional extra + * properties used to qualify the lookup. + * + * @param name The _unique_ name of the resulting resource. + * @param id The _unique_ provider ID of the resource to lookup. + * @param state + * @param options Optional settings to control the behavior of the CustomResource. + */ + public static LbRouteExtension get(String name, Output id, @Nullable LbRouteExtensionState state, @Nullable com.pulumi.resources.CustomResourceOptions options) { + return new LbRouteExtension(name, id, state, options); + } +} diff --git a/sdk/java/src/main/java/com/pulumi/gcp/networkservices/LbRouteExtensionArgs.java b/sdk/java/src/main/java/com/pulumi/gcp/networkservices/LbRouteExtensionArgs.java new file mode 100644 index 0000000000..9addc8aea1 --- /dev/null +++ b/sdk/java/src/main/java/com/pulumi/gcp/networkservices/LbRouteExtensionArgs.java @@ -0,0 +1,403 @@ +// *** WARNING: this file was generated by pulumi-java-gen. *** +// *** Do not edit by hand unless you're certain you know what you are doing! *** + +package com.pulumi.gcp.networkservices; + +import com.pulumi.core.Output; +import com.pulumi.core.annotations.Import; +import com.pulumi.exceptions.MissingRequiredPropertyException; +import com.pulumi.gcp.networkservices.inputs.LbRouteExtensionExtensionChainArgs; +import java.lang.String; +import java.util.List; +import java.util.Map; +import java.util.Objects; +import java.util.Optional; +import javax.annotation.Nullable; + + +public final class LbRouteExtensionArgs extends com.pulumi.resources.ResourceArgs { + + public static final LbRouteExtensionArgs Empty = new LbRouteExtensionArgs(); + + /** + * A human-readable description of the resource. + * + */ + @Import(name="description") + private @Nullable Output description; + + /** + * @return A human-readable description of the resource. + * + */ + public Optional> description() { + return Optional.ofNullable(this.description); + } + + /** + * A set of ordered extension chains that contain the match conditions and extensions to execute. + * Match conditions for each extension chain are evaluated in sequence for a given request. + * The first extension chain that has a condition that matches the request is executed. + * Any subsequent extension chains do not execute. Limited to 5 extension chains per resource. + * Structure is documented below. + * + */ + @Import(name="extensionChains", required=true) + private Output> extensionChains; + + /** + * @return A set of ordered extension chains that contain the match conditions and extensions to execute. + * Match conditions for each extension chain are evaluated in sequence for a given request. + * The first extension chain that has a condition that matches the request is executed. + * Any subsequent extension chains do not execute. Limited to 5 extension chains per resource. + * Structure is documented below. + * + */ + public Output> extensionChains() { + return this.extensionChains; + } + + /** + * A list of references to the forwarding rules to which this service extension is attached to. + * At least one forwarding rule is required. There can be only one LbRouteExtension resource per forwarding rule. + * + */ + @Import(name="forwardingRules", required=true) + private Output> forwardingRules; + + /** + * @return A list of references to the forwarding rules to which this service extension is attached to. + * At least one forwarding rule is required. There can be only one LbRouteExtension resource per forwarding rule. + * + */ + public Output> forwardingRules() { + return this.forwardingRules; + } + + /** + * Set of labels associated with the LbRouteExtension resource. **Note**: This field is non-authoritative, and will only + * manage the labels present in your configuration. Please refer to the field 'effective_labels' for all of the labels + * present on the resource. + * + */ + @Import(name="labels") + private @Nullable Output> labels; + + /** + * @return Set of labels associated with the LbRouteExtension resource. **Note**: This field is non-authoritative, and will only + * manage the labels present in your configuration. Please refer to the field 'effective_labels' for all of the labels + * present on the resource. + * + */ + public Optional>> labels() { + return Optional.ofNullable(this.labels); + } + + /** + * All backend services and forwarding rules referenced by this extension must share the same load balancing scheme. + * For more information, refer to [Choosing a load balancer](https://cloud.google.com/load-balancing/docs/backend-service) and + * [Supported application load balancers](https://cloud.google.com/service-extensions/docs/callouts-overview#supported-lbs). + * Possible values are: `INTERNAL_MANAGED`, `EXTERNAL_MANAGED`. + * + */ + @Import(name="loadBalancingScheme", required=true) + private Output loadBalancingScheme; + + /** + * @return All backend services and forwarding rules referenced by this extension must share the same load balancing scheme. + * For more information, refer to [Choosing a load balancer](https://cloud.google.com/load-balancing/docs/backend-service) and + * [Supported application load balancers](https://cloud.google.com/service-extensions/docs/callouts-overview#supported-lbs). + * Possible values are: `INTERNAL_MANAGED`, `EXTERNAL_MANAGED`. + * + */ + public Output loadBalancingScheme() { + return this.loadBalancingScheme; + } + + /** + * The location of the route extension + * + */ + @Import(name="location", required=true) + private Output location; + + /** + * @return The location of the route extension + * + */ + public Output location() { + return this.location; + } + + /** + * Name of the LbRouteExtension resource in the following format: projects/{project}/locations/{location}/lbRouteExtensions/{lbRouteExtension} + * + */ + @Import(name="name") + private @Nullable Output name; + + /** + * @return Name of the LbRouteExtension resource in the following format: projects/{project}/locations/{location}/lbRouteExtensions/{lbRouteExtension} + * + */ + public Optional> name() { + return Optional.ofNullable(this.name); + } + + @Import(name="project") + private @Nullable Output project; + + public Optional> project() { + return Optional.ofNullable(this.project); + } + + private LbRouteExtensionArgs() {} + + private LbRouteExtensionArgs(LbRouteExtensionArgs $) { + this.description = $.description; + this.extensionChains = $.extensionChains; + this.forwardingRules = $.forwardingRules; + this.labels = $.labels; + this.loadBalancingScheme = $.loadBalancingScheme; + this.location = $.location; + this.name = $.name; + this.project = $.project; + } + + public static Builder builder() { + return new Builder(); + } + public static Builder builder(LbRouteExtensionArgs defaults) { + return new Builder(defaults); + } + + public static final class Builder { + private LbRouteExtensionArgs $; + + public Builder() { + $ = new LbRouteExtensionArgs(); + } + + public Builder(LbRouteExtensionArgs defaults) { + $ = new LbRouteExtensionArgs(Objects.requireNonNull(defaults)); + } + + /** + * @param description A human-readable description of the resource. + * + * @return builder + * + */ + public Builder description(@Nullable Output description) { + $.description = description; + return this; + } + + /** + * @param description A human-readable description of the resource. + * + * @return builder + * + */ + public Builder description(String description) { + return description(Output.of(description)); + } + + /** + * @param extensionChains A set of ordered extension chains that contain the match conditions and extensions to execute. + * Match conditions for each extension chain are evaluated in sequence for a given request. + * The first extension chain that has a condition that matches the request is executed. + * Any subsequent extension chains do not execute. Limited to 5 extension chains per resource. + * Structure is documented below. + * + * @return builder + * + */ + public Builder extensionChains(Output> extensionChains) { + $.extensionChains = extensionChains; + return this; + } + + /** + * @param extensionChains A set of ordered extension chains that contain the match conditions and extensions to execute. + * Match conditions for each extension chain are evaluated in sequence for a given request. + * The first extension chain that has a condition that matches the request is executed. + * Any subsequent extension chains do not execute. Limited to 5 extension chains per resource. + * Structure is documented below. + * + * @return builder + * + */ + public Builder extensionChains(List extensionChains) { + return extensionChains(Output.of(extensionChains)); + } + + /** + * @param extensionChains A set of ordered extension chains that contain the match conditions and extensions to execute. + * Match conditions for each extension chain are evaluated in sequence for a given request. + * The first extension chain that has a condition that matches the request is executed. + * Any subsequent extension chains do not execute. Limited to 5 extension chains per resource. + * Structure is documented below. + * + * @return builder + * + */ + public Builder extensionChains(LbRouteExtensionExtensionChainArgs... extensionChains) { + return extensionChains(List.of(extensionChains)); + } + + /** + * @param forwardingRules A list of references to the forwarding rules to which this service extension is attached to. + * At least one forwarding rule is required. There can be only one LbRouteExtension resource per forwarding rule. + * + * @return builder + * + */ + public Builder forwardingRules(Output> forwardingRules) { + $.forwardingRules = forwardingRules; + return this; + } + + /** + * @param forwardingRules A list of references to the forwarding rules to which this service extension is attached to. + * At least one forwarding rule is required. There can be only one LbRouteExtension resource per forwarding rule. + * + * @return builder + * + */ + public Builder forwardingRules(List forwardingRules) { + return forwardingRules(Output.of(forwardingRules)); + } + + /** + * @param forwardingRules A list of references to the forwarding rules to which this service extension is attached to. + * At least one forwarding rule is required. There can be only one LbRouteExtension resource per forwarding rule. + * + * @return builder + * + */ + public Builder forwardingRules(String... forwardingRules) { + return forwardingRules(List.of(forwardingRules)); + } + + /** + * @param labels Set of labels associated with the LbRouteExtension resource. **Note**: This field is non-authoritative, and will only + * manage the labels present in your configuration. Please refer to the field 'effective_labels' for all of the labels + * present on the resource. + * + * @return builder + * + */ + public Builder labels(@Nullable Output> labels) { + $.labels = labels; + return this; + } + + /** + * @param labels Set of labels associated with the LbRouteExtension resource. **Note**: This field is non-authoritative, and will only + * manage the labels present in your configuration. Please refer to the field 'effective_labels' for all of the labels + * present on the resource. + * + * @return builder + * + */ + public Builder labels(Map labels) { + return labels(Output.of(labels)); + } + + /** + * @param loadBalancingScheme All backend services and forwarding rules referenced by this extension must share the same load balancing scheme. + * For more information, refer to [Choosing a load balancer](https://cloud.google.com/load-balancing/docs/backend-service) and + * [Supported application load balancers](https://cloud.google.com/service-extensions/docs/callouts-overview#supported-lbs). + * Possible values are: `INTERNAL_MANAGED`, `EXTERNAL_MANAGED`. + * + * @return builder + * + */ + public Builder loadBalancingScheme(Output loadBalancingScheme) { + $.loadBalancingScheme = loadBalancingScheme; + return this; + } + + /** + * @param loadBalancingScheme All backend services and forwarding rules referenced by this extension must share the same load balancing scheme. + * For more information, refer to [Choosing a load balancer](https://cloud.google.com/load-balancing/docs/backend-service) and + * [Supported application load balancers](https://cloud.google.com/service-extensions/docs/callouts-overview#supported-lbs). + * Possible values are: `INTERNAL_MANAGED`, `EXTERNAL_MANAGED`. + * + * @return builder + * + */ + public Builder loadBalancingScheme(String loadBalancingScheme) { + return loadBalancingScheme(Output.of(loadBalancingScheme)); + } + + /** + * @param location The location of the route extension + * + * @return builder + * + */ + public Builder location(Output location) { + $.location = location; + return this; + } + + /** + * @param location The location of the route extension + * + * @return builder + * + */ + public Builder location(String location) { + return location(Output.of(location)); + } + + /** + * @param name Name of the LbRouteExtension resource in the following format: projects/{project}/locations/{location}/lbRouteExtensions/{lbRouteExtension} + * + * @return builder + * + */ + public Builder name(@Nullable Output name) { + $.name = name; + return this; + } + + /** + * @param name Name of the LbRouteExtension resource in the following format: projects/{project}/locations/{location}/lbRouteExtensions/{lbRouteExtension} + * + * @return builder + * + */ + public Builder name(String name) { + return name(Output.of(name)); + } + + public Builder project(@Nullable Output project) { + $.project = project; + return this; + } + + public Builder project(String project) { + return project(Output.of(project)); + } + + public LbRouteExtensionArgs build() { + if ($.extensionChains == null) { + throw new MissingRequiredPropertyException("LbRouteExtensionArgs", "extensionChains"); + } + if ($.forwardingRules == null) { + throw new MissingRequiredPropertyException("LbRouteExtensionArgs", "forwardingRules"); + } + if ($.loadBalancingScheme == null) { + throw new MissingRequiredPropertyException("LbRouteExtensionArgs", "loadBalancingScheme"); + } + if ($.location == null) { + throw new MissingRequiredPropertyException("LbRouteExtensionArgs", "location"); + } + return $; + } + } + +} diff --git a/sdk/java/src/main/java/com/pulumi/gcp/networkservices/LbTrafficExtension.java b/sdk/java/src/main/java/com/pulumi/gcp/networkservices/LbTrafficExtension.java index ce6bd5708d..21ce133c72 100644 --- a/sdk/java/src/main/java/com/pulumi/gcp/networkservices/LbTrafficExtension.java +++ b/sdk/java/src/main/java/com/pulumi/gcp/networkservices/LbTrafficExtension.java @@ -141,8 +141,10 @@ public Output>> labels() { } /** * All backend services and forwarding rules referenced by this extension must share the same load balancing scheme. For - * more information, refer to Choosing a load balancer. Possible values: ["LOAD_BALANCING_SCHEME_UNSPECIFIED", - * "INTERNAL_MANAGED", "EXTERNAL_MANAGED"] + * more information, refer to [Choosing a load balancer](https://cloud.google.com/load-balancing/docs/backend-service) and + * [Supported application load + * balancers](https://cloud.google.com/service-extensions/docs/callouts-overview#supported-lbs). Possible values: + * ["INTERNAL_MANAGED", "EXTERNAL_MANAGED"] * */ @Export(name="loadBalancingScheme", refs={String.class}, tree="[0]") @@ -150,8 +152,10 @@ public Output>> labels() { /** * @return All backend services and forwarding rules referenced by this extension must share the same load balancing scheme. For - * more information, refer to Choosing a load balancer. Possible values: ["LOAD_BALANCING_SCHEME_UNSPECIFIED", - * "INTERNAL_MANAGED", "EXTERNAL_MANAGED"] + * more information, refer to [Choosing a load balancer](https://cloud.google.com/load-balancing/docs/backend-service) and + * [Supported application load + * balancers](https://cloud.google.com/service-extensions/docs/callouts-overview#supported-lbs). Possible values: + * ["INTERNAL_MANAGED", "EXTERNAL_MANAGED"] * */ public Output> loadBalancingScheme() { diff --git a/sdk/java/src/main/java/com/pulumi/gcp/networkservices/LbTrafficExtensionArgs.java b/sdk/java/src/main/java/com/pulumi/gcp/networkservices/LbTrafficExtensionArgs.java index 0768273c28..310c499785 100644 --- a/sdk/java/src/main/java/com/pulumi/gcp/networkservices/LbTrafficExtensionArgs.java +++ b/sdk/java/src/main/java/com/pulumi/gcp/networkservices/LbTrafficExtensionArgs.java @@ -95,8 +95,10 @@ public Optional>> labels() { /** * All backend services and forwarding rules referenced by this extension must share the same load balancing scheme. For - * more information, refer to Choosing a load balancer. Possible values: ["LOAD_BALANCING_SCHEME_UNSPECIFIED", - * "INTERNAL_MANAGED", "EXTERNAL_MANAGED"] + * more information, refer to [Choosing a load balancer](https://cloud.google.com/load-balancing/docs/backend-service) and + * [Supported application load + * balancers](https://cloud.google.com/service-extensions/docs/callouts-overview#supported-lbs). Possible values: + * ["INTERNAL_MANAGED", "EXTERNAL_MANAGED"] * */ @Import(name="loadBalancingScheme") @@ -104,8 +106,10 @@ public Optional>> labels() { /** * @return All backend services and forwarding rules referenced by this extension must share the same load balancing scheme. For - * more information, refer to Choosing a load balancer. Possible values: ["LOAD_BALANCING_SCHEME_UNSPECIFIED", - * "INTERNAL_MANAGED", "EXTERNAL_MANAGED"] + * more information, refer to [Choosing a load balancer](https://cloud.google.com/load-balancing/docs/backend-service) and + * [Supported application load + * balancers](https://cloud.google.com/service-extensions/docs/callouts-overview#supported-lbs). Possible values: + * ["INTERNAL_MANAGED", "EXTERNAL_MANAGED"] * */ public Optional> loadBalancingScheme() { @@ -305,8 +309,10 @@ public Builder labels(Map labels) { /** * @param loadBalancingScheme All backend services and forwarding rules referenced by this extension must share the same load balancing scheme. For - * more information, refer to Choosing a load balancer. Possible values: ["LOAD_BALANCING_SCHEME_UNSPECIFIED", - * "INTERNAL_MANAGED", "EXTERNAL_MANAGED"] + * more information, refer to [Choosing a load balancer](https://cloud.google.com/load-balancing/docs/backend-service) and + * [Supported application load + * balancers](https://cloud.google.com/service-extensions/docs/callouts-overview#supported-lbs). Possible values: + * ["INTERNAL_MANAGED", "EXTERNAL_MANAGED"] * * @return builder * @@ -318,8 +324,10 @@ public Builder loadBalancingScheme(@Nullable Output loadBalancingScheme) /** * @param loadBalancingScheme All backend services and forwarding rules referenced by this extension must share the same load balancing scheme. For - * more information, refer to Choosing a load balancer. Possible values: ["LOAD_BALANCING_SCHEME_UNSPECIFIED", - * "INTERNAL_MANAGED", "EXTERNAL_MANAGED"] + * more information, refer to [Choosing a load balancer](https://cloud.google.com/load-balancing/docs/backend-service) and + * [Supported application load + * balancers](https://cloud.google.com/service-extensions/docs/callouts-overview#supported-lbs). Possible values: + * ["INTERNAL_MANAGED", "EXTERNAL_MANAGED"] * * @return builder * diff --git a/sdk/java/src/main/java/com/pulumi/gcp/networkservices/inputs/LbRouteExtensionExtensionChainArgs.java b/sdk/java/src/main/java/com/pulumi/gcp/networkservices/inputs/LbRouteExtensionExtensionChainArgs.java new file mode 100644 index 0000000000..58d310b95f --- /dev/null +++ b/sdk/java/src/main/java/com/pulumi/gcp/networkservices/inputs/LbRouteExtensionExtensionChainArgs.java @@ -0,0 +1,209 @@ +// *** WARNING: this file was generated by pulumi-java-gen. *** +// *** Do not edit by hand unless you're certain you know what you are doing! *** + +package com.pulumi.gcp.networkservices.inputs; + +import com.pulumi.core.Output; +import com.pulumi.core.annotations.Import; +import com.pulumi.exceptions.MissingRequiredPropertyException; +import com.pulumi.gcp.networkservices.inputs.LbRouteExtensionExtensionChainExtensionArgs; +import com.pulumi.gcp.networkservices.inputs.LbRouteExtensionExtensionChainMatchConditionArgs; +import java.lang.String; +import java.util.List; +import java.util.Objects; + + +public final class LbRouteExtensionExtensionChainArgs extends com.pulumi.resources.ResourceArgs { + + public static final LbRouteExtensionExtensionChainArgs Empty = new LbRouteExtensionExtensionChainArgs(); + + /** + * A set of extensions to execute for the matching request. + * At least one extension is required. Up to 3 extensions can be defined for each extension chain for + * LbTrafficExtension resource. LbRouteExtension chains are limited to 1 extension per extension chain. + * Structure is documented below. + * + */ + @Import(name="extensions", required=true) + private Output> extensions; + + /** + * @return A set of extensions to execute for the matching request. + * At least one extension is required. Up to 3 extensions can be defined for each extension chain for + * LbTrafficExtension resource. LbRouteExtension chains are limited to 1 extension per extension chain. + * Structure is documented below. + * + */ + public Output> extensions() { + return this.extensions; + } + + /** + * Conditions under which this chain is invoked for a request. + * Structure is documented below. + * + */ + @Import(name="matchCondition", required=true) + private Output matchCondition; + + /** + * @return Conditions under which this chain is invoked for a request. + * Structure is documented below. + * + */ + public Output matchCondition() { + return this.matchCondition; + } + + /** + * The name for this extension chain. The name is logged as part of the HTTP request logs. + * The name must conform with RFC-1034, is restricted to lower-cased letters, numbers and hyphens, + * and can have a maximum length of 63 characters. Additionally, the first character must be a letter + * and the last character must be a letter or a number. + * + */ + @Import(name="name", required=true) + private Output name; + + /** + * @return The name for this extension chain. The name is logged as part of the HTTP request logs. + * The name must conform with RFC-1034, is restricted to lower-cased letters, numbers and hyphens, + * and can have a maximum length of 63 characters. Additionally, the first character must be a letter + * and the last character must be a letter or a number. + * + */ + public Output name() { + return this.name; + } + + private LbRouteExtensionExtensionChainArgs() {} + + private LbRouteExtensionExtensionChainArgs(LbRouteExtensionExtensionChainArgs $) { + this.extensions = $.extensions; + this.matchCondition = $.matchCondition; + this.name = $.name; + } + + public static Builder builder() { + return new Builder(); + } + public static Builder builder(LbRouteExtensionExtensionChainArgs defaults) { + return new Builder(defaults); + } + + public static final class Builder { + private LbRouteExtensionExtensionChainArgs $; + + public Builder() { + $ = new LbRouteExtensionExtensionChainArgs(); + } + + public Builder(LbRouteExtensionExtensionChainArgs defaults) { + $ = new LbRouteExtensionExtensionChainArgs(Objects.requireNonNull(defaults)); + } + + /** + * @param extensions A set of extensions to execute for the matching request. + * At least one extension is required. Up to 3 extensions can be defined for each extension chain for + * LbTrafficExtension resource. LbRouteExtension chains are limited to 1 extension per extension chain. + * Structure is documented below. + * + * @return builder + * + */ + public Builder extensions(Output> extensions) { + $.extensions = extensions; + return this; + } + + /** + * @param extensions A set of extensions to execute for the matching request. + * At least one extension is required. Up to 3 extensions can be defined for each extension chain for + * LbTrafficExtension resource. LbRouteExtension chains are limited to 1 extension per extension chain. + * Structure is documented below. + * + * @return builder + * + */ + public Builder extensions(List extensions) { + return extensions(Output.of(extensions)); + } + + /** + * @param extensions A set of extensions to execute for the matching request. + * At least one extension is required. Up to 3 extensions can be defined for each extension chain for + * LbTrafficExtension resource. LbRouteExtension chains are limited to 1 extension per extension chain. + * Structure is documented below. + * + * @return builder + * + */ + public Builder extensions(LbRouteExtensionExtensionChainExtensionArgs... extensions) { + return extensions(List.of(extensions)); + } + + /** + * @param matchCondition Conditions under which this chain is invoked for a request. + * Structure is documented below. + * + * @return builder + * + */ + public Builder matchCondition(Output matchCondition) { + $.matchCondition = matchCondition; + return this; + } + + /** + * @param matchCondition Conditions under which this chain is invoked for a request. + * Structure is documented below. + * + * @return builder + * + */ + public Builder matchCondition(LbRouteExtensionExtensionChainMatchConditionArgs matchCondition) { + return matchCondition(Output.of(matchCondition)); + } + + /** + * @param name The name for this extension chain. The name is logged as part of the HTTP request logs. + * The name must conform with RFC-1034, is restricted to lower-cased letters, numbers and hyphens, + * and can have a maximum length of 63 characters. Additionally, the first character must be a letter + * and the last character must be a letter or a number. + * + * @return builder + * + */ + public Builder name(Output name) { + $.name = name; + return this; + } + + /** + * @param name The name for this extension chain. The name is logged as part of the HTTP request logs. + * The name must conform with RFC-1034, is restricted to lower-cased letters, numbers and hyphens, + * and can have a maximum length of 63 characters. Additionally, the first character must be a letter + * and the last character must be a letter or a number. + * + * @return builder + * + */ + public Builder name(String name) { + return name(Output.of(name)); + } + + public LbRouteExtensionExtensionChainArgs build() { + if ($.extensions == null) { + throw new MissingRequiredPropertyException("LbRouteExtensionExtensionChainArgs", "extensions"); + } + if ($.matchCondition == null) { + throw new MissingRequiredPropertyException("LbRouteExtensionExtensionChainArgs", "matchCondition"); + } + if ($.name == null) { + throw new MissingRequiredPropertyException("LbRouteExtensionExtensionChainArgs", "name"); + } + return $; + } + } + +} diff --git a/sdk/java/src/main/java/com/pulumi/gcp/networkservices/inputs/LbRouteExtensionExtensionChainExtensionArgs.java b/sdk/java/src/main/java/com/pulumi/gcp/networkservices/inputs/LbRouteExtensionExtensionChainExtensionArgs.java new file mode 100644 index 0000000000..8dbcc2ca5d --- /dev/null +++ b/sdk/java/src/main/java/com/pulumi/gcp/networkservices/inputs/LbRouteExtensionExtensionChainExtensionArgs.java @@ -0,0 +1,338 @@ +// *** WARNING: this file was generated by pulumi-java-gen. *** +// *** Do not edit by hand unless you're certain you know what you are doing! *** + +package com.pulumi.gcp.networkservices.inputs; + +import com.pulumi.core.Output; +import com.pulumi.core.annotations.Import; +import com.pulumi.exceptions.MissingRequiredPropertyException; +import java.lang.Boolean; +import java.lang.String; +import java.util.List; +import java.util.Objects; +import java.util.Optional; +import javax.annotation.Nullable; + + +public final class LbRouteExtensionExtensionChainExtensionArgs extends com.pulumi.resources.ResourceArgs { + + public static final LbRouteExtensionExtensionChainExtensionArgs Empty = new LbRouteExtensionExtensionChainExtensionArgs(); + + /** + * The :authority header in the gRPC request sent from Envoy to the extension service. + * + */ + @Import(name="authority") + private @Nullable Output authority; + + /** + * @return The :authority header in the gRPC request sent from Envoy to the extension service. + * + */ + public Optional> authority() { + return Optional.ofNullable(this.authority); + } + + /** + * Determines how the proxy behaves if the call to the extension fails or times out. + * When set to TRUE, request or response processing continues without error. + * Any subsequent extensions in the extension chain are also executed. + * When set to FALSE: * If response headers have not been delivered to the downstream client, + * a generic 500 error is returned to the client. The error response can be tailored by + * configuring a custom error response in the load balancer. + * + */ + @Import(name="failOpen") + private @Nullable Output failOpen; + + /** + * @return Determines how the proxy behaves if the call to the extension fails or times out. + * When set to TRUE, request or response processing continues without error. + * Any subsequent extensions in the extension chain are also executed. + * When set to FALSE: * If response headers have not been delivered to the downstream client, + * a generic 500 error is returned to the client. The error response can be tailored by + * configuring a custom error response in the load balancer. + * + */ + public Optional> failOpen() { + return Optional.ofNullable(this.failOpen); + } + + /** + * List of the HTTP headers to forward to the extension (from the client or backend). + * If omitted, all headers are sent. Each element is a string indicating the header name. + * + * *** + * + */ + @Import(name="forwardHeaders") + private @Nullable Output> forwardHeaders; + + /** + * @return List of the HTTP headers to forward to the extension (from the client or backend). + * If omitted, all headers are sent. Each element is a string indicating the header name. + * + * *** + * + */ + public Optional>> forwardHeaders() { + return Optional.ofNullable(this.forwardHeaders); + } + + /** + * The name for this extension. The name is logged as part of the HTTP request logs. + * The name must conform with RFC-1034, is restricted to lower-cased letters, numbers and hyphens, + * and can have a maximum length of 63 characters. Additionally, the first character must be a letter + * and the last a letter or a number. + * + */ + @Import(name="name", required=true) + private Output name; + + /** + * @return The name for this extension. The name is logged as part of the HTTP request logs. + * The name must conform with RFC-1034, is restricted to lower-cased letters, numbers and hyphens, + * and can have a maximum length of 63 characters. Additionally, the first character must be a letter + * and the last a letter or a number. + * + */ + public Output name() { + return this.name; + } + + /** + * The reference to the service that runs the extension. Must be a reference to a backend service + * + */ + @Import(name="service", required=true) + private Output service; + + /** + * @return The reference to the service that runs the extension. Must be a reference to a backend service + * + */ + public Output service() { + return this.service; + } + + /** + * Specifies the timeout for each individual message on the stream. The timeout must be between 10-1000 milliseconds. + * A duration in seconds with up to nine fractional digits, ending with 's'. Example: "3.5s". + * + */ + @Import(name="timeout") + private @Nullable Output timeout; + + /** + * @return Specifies the timeout for each individual message on the stream. The timeout must be between 10-1000 milliseconds. + * A duration in seconds with up to nine fractional digits, ending with 's'. Example: "3.5s". + * + */ + public Optional> timeout() { + return Optional.ofNullable(this.timeout); + } + + private LbRouteExtensionExtensionChainExtensionArgs() {} + + private LbRouteExtensionExtensionChainExtensionArgs(LbRouteExtensionExtensionChainExtensionArgs $) { + this.authority = $.authority; + this.failOpen = $.failOpen; + this.forwardHeaders = $.forwardHeaders; + this.name = $.name; + this.service = $.service; + this.timeout = $.timeout; + } + + public static Builder builder() { + return new Builder(); + } + public static Builder builder(LbRouteExtensionExtensionChainExtensionArgs defaults) { + return new Builder(defaults); + } + + public static final class Builder { + private LbRouteExtensionExtensionChainExtensionArgs $; + + public Builder() { + $ = new LbRouteExtensionExtensionChainExtensionArgs(); + } + + public Builder(LbRouteExtensionExtensionChainExtensionArgs defaults) { + $ = new LbRouteExtensionExtensionChainExtensionArgs(Objects.requireNonNull(defaults)); + } + + /** + * @param authority The :authority header in the gRPC request sent from Envoy to the extension service. + * + * @return builder + * + */ + public Builder authority(@Nullable Output authority) { + $.authority = authority; + return this; + } + + /** + * @param authority The :authority header in the gRPC request sent from Envoy to the extension service. + * + * @return builder + * + */ + public Builder authority(String authority) { + return authority(Output.of(authority)); + } + + /** + * @param failOpen Determines how the proxy behaves if the call to the extension fails or times out. + * When set to TRUE, request or response processing continues without error. + * Any subsequent extensions in the extension chain are also executed. + * When set to FALSE: * If response headers have not been delivered to the downstream client, + * a generic 500 error is returned to the client. The error response can be tailored by + * configuring a custom error response in the load balancer. + * + * @return builder + * + */ + public Builder failOpen(@Nullable Output failOpen) { + $.failOpen = failOpen; + return this; + } + + /** + * @param failOpen Determines how the proxy behaves if the call to the extension fails or times out. + * When set to TRUE, request or response processing continues without error. + * Any subsequent extensions in the extension chain are also executed. + * When set to FALSE: * If response headers have not been delivered to the downstream client, + * a generic 500 error is returned to the client. The error response can be tailored by + * configuring a custom error response in the load balancer. + * + * @return builder + * + */ + public Builder failOpen(Boolean failOpen) { + return failOpen(Output.of(failOpen)); + } + + /** + * @param forwardHeaders List of the HTTP headers to forward to the extension (from the client or backend). + * If omitted, all headers are sent. Each element is a string indicating the header name. + * + * *** + * + * @return builder + * + */ + public Builder forwardHeaders(@Nullable Output> forwardHeaders) { + $.forwardHeaders = forwardHeaders; + return this; + } + + /** + * @param forwardHeaders List of the HTTP headers to forward to the extension (from the client or backend). + * If omitted, all headers are sent. Each element is a string indicating the header name. + * + * *** + * + * @return builder + * + */ + public Builder forwardHeaders(List forwardHeaders) { + return forwardHeaders(Output.of(forwardHeaders)); + } + + /** + * @param forwardHeaders List of the HTTP headers to forward to the extension (from the client or backend). + * If omitted, all headers are sent. Each element is a string indicating the header name. + * + * *** + * + * @return builder + * + */ + public Builder forwardHeaders(String... forwardHeaders) { + return forwardHeaders(List.of(forwardHeaders)); + } + + /** + * @param name The name for this extension. The name is logged as part of the HTTP request logs. + * The name must conform with RFC-1034, is restricted to lower-cased letters, numbers and hyphens, + * and can have a maximum length of 63 characters. Additionally, the first character must be a letter + * and the last a letter or a number. + * + * @return builder + * + */ + public Builder name(Output name) { + $.name = name; + return this; + } + + /** + * @param name The name for this extension. The name is logged as part of the HTTP request logs. + * The name must conform with RFC-1034, is restricted to lower-cased letters, numbers and hyphens, + * and can have a maximum length of 63 characters. Additionally, the first character must be a letter + * and the last a letter or a number. + * + * @return builder + * + */ + public Builder name(String name) { + return name(Output.of(name)); + } + + /** + * @param service The reference to the service that runs the extension. Must be a reference to a backend service + * + * @return builder + * + */ + public Builder service(Output service) { + $.service = service; + return this; + } + + /** + * @param service The reference to the service that runs the extension. Must be a reference to a backend service + * + * @return builder + * + */ + public Builder service(String service) { + return service(Output.of(service)); + } + + /** + * @param timeout Specifies the timeout for each individual message on the stream. The timeout must be between 10-1000 milliseconds. + * A duration in seconds with up to nine fractional digits, ending with 's'. Example: "3.5s". + * + * @return builder + * + */ + public Builder timeout(@Nullable Output timeout) { + $.timeout = timeout; + return this; + } + + /** + * @param timeout Specifies the timeout for each individual message on the stream. The timeout must be between 10-1000 milliseconds. + * A duration in seconds with up to nine fractional digits, ending with 's'. Example: "3.5s". + * + * @return builder + * + */ + public Builder timeout(String timeout) { + return timeout(Output.of(timeout)); + } + + public LbRouteExtensionExtensionChainExtensionArgs build() { + if ($.name == null) { + throw new MissingRequiredPropertyException("LbRouteExtensionExtensionChainExtensionArgs", "name"); + } + if ($.service == null) { + throw new MissingRequiredPropertyException("LbRouteExtensionExtensionChainExtensionArgs", "service"); + } + return $; + } + } + +} diff --git a/sdk/java/src/main/java/com/pulumi/gcp/networkservices/inputs/LbRouteExtensionExtensionChainMatchConditionArgs.java b/sdk/java/src/main/java/com/pulumi/gcp/networkservices/inputs/LbRouteExtensionExtensionChainMatchConditionArgs.java new file mode 100644 index 0000000000..ae7927743e --- /dev/null +++ b/sdk/java/src/main/java/com/pulumi/gcp/networkservices/inputs/LbRouteExtensionExtensionChainMatchConditionArgs.java @@ -0,0 +1,85 @@ +// *** WARNING: this file was generated by pulumi-java-gen. *** +// *** Do not edit by hand unless you're certain you know what you are doing! *** + +package com.pulumi.gcp.networkservices.inputs; + +import com.pulumi.core.Output; +import com.pulumi.core.annotations.Import; +import com.pulumi.exceptions.MissingRequiredPropertyException; +import java.lang.String; +import java.util.Objects; + + +public final class LbRouteExtensionExtensionChainMatchConditionArgs extends com.pulumi.resources.ResourceArgs { + + public static final LbRouteExtensionExtensionChainMatchConditionArgs Empty = new LbRouteExtensionExtensionChainMatchConditionArgs(); + + /** + * A Common Expression Language (CEL) expression that is used to match requests for which the extension chain is executed. + * + */ + @Import(name="celExpression", required=true) + private Output celExpression; + + /** + * @return A Common Expression Language (CEL) expression that is used to match requests for which the extension chain is executed. + * + */ + public Output celExpression() { + return this.celExpression; + } + + private LbRouteExtensionExtensionChainMatchConditionArgs() {} + + private LbRouteExtensionExtensionChainMatchConditionArgs(LbRouteExtensionExtensionChainMatchConditionArgs $) { + this.celExpression = $.celExpression; + } + + public static Builder builder() { + return new Builder(); + } + public static Builder builder(LbRouteExtensionExtensionChainMatchConditionArgs defaults) { + return new Builder(defaults); + } + + public static final class Builder { + private LbRouteExtensionExtensionChainMatchConditionArgs $; + + public Builder() { + $ = new LbRouteExtensionExtensionChainMatchConditionArgs(); + } + + public Builder(LbRouteExtensionExtensionChainMatchConditionArgs defaults) { + $ = new LbRouteExtensionExtensionChainMatchConditionArgs(Objects.requireNonNull(defaults)); + } + + /** + * @param celExpression A Common Expression Language (CEL) expression that is used to match requests for which the extension chain is executed. + * + * @return builder + * + */ + public Builder celExpression(Output celExpression) { + $.celExpression = celExpression; + return this; + } + + /** + * @param celExpression A Common Expression Language (CEL) expression that is used to match requests for which the extension chain is executed. + * + * @return builder + * + */ + public Builder celExpression(String celExpression) { + return celExpression(Output.of(celExpression)); + } + + public LbRouteExtensionExtensionChainMatchConditionArgs build() { + if ($.celExpression == null) { + throw new MissingRequiredPropertyException("LbRouteExtensionExtensionChainMatchConditionArgs", "celExpression"); + } + return $; + } + } + +} diff --git a/sdk/java/src/main/java/com/pulumi/gcp/networkservices/inputs/LbRouteExtensionState.java b/sdk/java/src/main/java/com/pulumi/gcp/networkservices/inputs/LbRouteExtensionState.java new file mode 100644 index 0000000000..f4da21837f --- /dev/null +++ b/sdk/java/src/main/java/com/pulumi/gcp/networkservices/inputs/LbRouteExtensionState.java @@ -0,0 +1,468 @@ +// *** WARNING: this file was generated by pulumi-java-gen. *** +// *** Do not edit by hand unless you're certain you know what you are doing! *** + +package com.pulumi.gcp.networkservices.inputs; + +import com.pulumi.core.Output; +import com.pulumi.core.annotations.Import; +import com.pulumi.gcp.networkservices.inputs.LbRouteExtensionExtensionChainArgs; +import java.lang.String; +import java.util.List; +import java.util.Map; +import java.util.Objects; +import java.util.Optional; +import javax.annotation.Nullable; + + +public final class LbRouteExtensionState extends com.pulumi.resources.ResourceArgs { + + public static final LbRouteExtensionState Empty = new LbRouteExtensionState(); + + /** + * A human-readable description of the resource. + * + */ + @Import(name="description") + private @Nullable Output description; + + /** + * @return A human-readable description of the resource. + * + */ + public Optional> description() { + return Optional.ofNullable(this.description); + } + + /** + * All of labels (key/value pairs) present on the resource in GCP, including the labels configured through Pulumi, other clients and services. + * + */ + @Import(name="effectiveLabels") + private @Nullable Output> effectiveLabels; + + /** + * @return All of labels (key/value pairs) present on the resource in GCP, including the labels configured through Pulumi, other clients and services. + * + */ + public Optional>> effectiveLabels() { + return Optional.ofNullable(this.effectiveLabels); + } + + /** + * A set of ordered extension chains that contain the match conditions and extensions to execute. + * Match conditions for each extension chain are evaluated in sequence for a given request. + * The first extension chain that has a condition that matches the request is executed. + * Any subsequent extension chains do not execute. Limited to 5 extension chains per resource. + * Structure is documented below. + * + */ + @Import(name="extensionChains") + private @Nullable Output> extensionChains; + + /** + * @return A set of ordered extension chains that contain the match conditions and extensions to execute. + * Match conditions for each extension chain are evaluated in sequence for a given request. + * The first extension chain that has a condition that matches the request is executed. + * Any subsequent extension chains do not execute. Limited to 5 extension chains per resource. + * Structure is documented below. + * + */ + public Optional>> extensionChains() { + return Optional.ofNullable(this.extensionChains); + } + + /** + * A list of references to the forwarding rules to which this service extension is attached to. + * At least one forwarding rule is required. There can be only one LbRouteExtension resource per forwarding rule. + * + */ + @Import(name="forwardingRules") + private @Nullable Output> forwardingRules; + + /** + * @return A list of references to the forwarding rules to which this service extension is attached to. + * At least one forwarding rule is required. There can be only one LbRouteExtension resource per forwarding rule. + * + */ + public Optional>> forwardingRules() { + return Optional.ofNullable(this.forwardingRules); + } + + /** + * Set of labels associated with the LbRouteExtension resource. **Note**: This field is non-authoritative, and will only + * manage the labels present in your configuration. Please refer to the field 'effective_labels' for all of the labels + * present on the resource. + * + */ + @Import(name="labels") + private @Nullable Output> labels; + + /** + * @return Set of labels associated with the LbRouteExtension resource. **Note**: This field is non-authoritative, and will only + * manage the labels present in your configuration. Please refer to the field 'effective_labels' for all of the labels + * present on the resource. + * + */ + public Optional>> labels() { + return Optional.ofNullable(this.labels); + } + + /** + * All backend services and forwarding rules referenced by this extension must share the same load balancing scheme. + * For more information, refer to [Choosing a load balancer](https://cloud.google.com/load-balancing/docs/backend-service) and + * [Supported application load balancers](https://cloud.google.com/service-extensions/docs/callouts-overview#supported-lbs). + * Possible values are: `INTERNAL_MANAGED`, `EXTERNAL_MANAGED`. + * + */ + @Import(name="loadBalancingScheme") + private @Nullable Output loadBalancingScheme; + + /** + * @return All backend services and forwarding rules referenced by this extension must share the same load balancing scheme. + * For more information, refer to [Choosing a load balancer](https://cloud.google.com/load-balancing/docs/backend-service) and + * [Supported application load balancers](https://cloud.google.com/service-extensions/docs/callouts-overview#supported-lbs). + * Possible values are: `INTERNAL_MANAGED`, `EXTERNAL_MANAGED`. + * + */ + public Optional> loadBalancingScheme() { + return Optional.ofNullable(this.loadBalancingScheme); + } + + /** + * The location of the route extension + * + */ + @Import(name="location") + private @Nullable Output location; + + /** + * @return The location of the route extension + * + */ + public Optional> location() { + return Optional.ofNullable(this.location); + } + + /** + * Name of the LbRouteExtension resource in the following format: projects/{project}/locations/{location}/lbRouteExtensions/{lbRouteExtension} + * + */ + @Import(name="name") + private @Nullable Output name; + + /** + * @return Name of the LbRouteExtension resource in the following format: projects/{project}/locations/{location}/lbRouteExtensions/{lbRouteExtension} + * + */ + public Optional> name() { + return Optional.ofNullable(this.name); + } + + @Import(name="project") + private @Nullable Output project; + + public Optional> project() { + return Optional.ofNullable(this.project); + } + + /** + * The combination of labels configured directly on the resource + * and default labels configured on the provider. + * + */ + @Import(name="pulumiLabels") + private @Nullable Output> pulumiLabels; + + /** + * @return The combination of labels configured directly on the resource + * and default labels configured on the provider. + * + */ + public Optional>> pulumiLabels() { + return Optional.ofNullable(this.pulumiLabels); + } + + private LbRouteExtensionState() {} + + private LbRouteExtensionState(LbRouteExtensionState $) { + this.description = $.description; + this.effectiveLabels = $.effectiveLabels; + this.extensionChains = $.extensionChains; + this.forwardingRules = $.forwardingRules; + this.labels = $.labels; + this.loadBalancingScheme = $.loadBalancingScheme; + this.location = $.location; + this.name = $.name; + this.project = $.project; + this.pulumiLabels = $.pulumiLabels; + } + + public static Builder builder() { + return new Builder(); + } + public static Builder builder(LbRouteExtensionState defaults) { + return new Builder(defaults); + } + + public static final class Builder { + private LbRouteExtensionState $; + + public Builder() { + $ = new LbRouteExtensionState(); + } + + public Builder(LbRouteExtensionState defaults) { + $ = new LbRouteExtensionState(Objects.requireNonNull(defaults)); + } + + /** + * @param description A human-readable description of the resource. + * + * @return builder + * + */ + public Builder description(@Nullable Output description) { + $.description = description; + return this; + } + + /** + * @param description A human-readable description of the resource. + * + * @return builder + * + */ + public Builder description(String description) { + return description(Output.of(description)); + } + + /** + * @param effectiveLabels All of labels (key/value pairs) present on the resource in GCP, including the labels configured through Pulumi, other clients and services. + * + * @return builder + * + */ + public Builder effectiveLabels(@Nullable Output> effectiveLabels) { + $.effectiveLabels = effectiveLabels; + return this; + } + + /** + * @param effectiveLabels All of labels (key/value pairs) present on the resource in GCP, including the labels configured through Pulumi, other clients and services. + * + * @return builder + * + */ + public Builder effectiveLabels(Map effectiveLabels) { + return effectiveLabels(Output.of(effectiveLabels)); + } + + /** + * @param extensionChains A set of ordered extension chains that contain the match conditions and extensions to execute. + * Match conditions for each extension chain are evaluated in sequence for a given request. + * The first extension chain that has a condition that matches the request is executed. + * Any subsequent extension chains do not execute. Limited to 5 extension chains per resource. + * Structure is documented below. + * + * @return builder + * + */ + public Builder extensionChains(@Nullable Output> extensionChains) { + $.extensionChains = extensionChains; + return this; + } + + /** + * @param extensionChains A set of ordered extension chains that contain the match conditions and extensions to execute. + * Match conditions for each extension chain are evaluated in sequence for a given request. + * The first extension chain that has a condition that matches the request is executed. + * Any subsequent extension chains do not execute. Limited to 5 extension chains per resource. + * Structure is documented below. + * + * @return builder + * + */ + public Builder extensionChains(List extensionChains) { + return extensionChains(Output.of(extensionChains)); + } + + /** + * @param extensionChains A set of ordered extension chains that contain the match conditions and extensions to execute. + * Match conditions for each extension chain are evaluated in sequence for a given request. + * The first extension chain that has a condition that matches the request is executed. + * Any subsequent extension chains do not execute. Limited to 5 extension chains per resource. + * Structure is documented below. + * + * @return builder + * + */ + public Builder extensionChains(LbRouteExtensionExtensionChainArgs... extensionChains) { + return extensionChains(List.of(extensionChains)); + } + + /** + * @param forwardingRules A list of references to the forwarding rules to which this service extension is attached to. + * At least one forwarding rule is required. There can be only one LbRouteExtension resource per forwarding rule. + * + * @return builder + * + */ + public Builder forwardingRules(@Nullable Output> forwardingRules) { + $.forwardingRules = forwardingRules; + return this; + } + + /** + * @param forwardingRules A list of references to the forwarding rules to which this service extension is attached to. + * At least one forwarding rule is required. There can be only one LbRouteExtension resource per forwarding rule. + * + * @return builder + * + */ + public Builder forwardingRules(List forwardingRules) { + return forwardingRules(Output.of(forwardingRules)); + } + + /** + * @param forwardingRules A list of references to the forwarding rules to which this service extension is attached to. + * At least one forwarding rule is required. There can be only one LbRouteExtension resource per forwarding rule. + * + * @return builder + * + */ + public Builder forwardingRules(String... forwardingRules) { + return forwardingRules(List.of(forwardingRules)); + } + + /** + * @param labels Set of labels associated with the LbRouteExtension resource. **Note**: This field is non-authoritative, and will only + * manage the labels present in your configuration. Please refer to the field 'effective_labels' for all of the labels + * present on the resource. + * + * @return builder + * + */ + public Builder labels(@Nullable Output> labels) { + $.labels = labels; + return this; + } + + /** + * @param labels Set of labels associated with the LbRouteExtension resource. **Note**: This field is non-authoritative, and will only + * manage the labels present in your configuration. Please refer to the field 'effective_labels' for all of the labels + * present on the resource. + * + * @return builder + * + */ + public Builder labels(Map labels) { + return labels(Output.of(labels)); + } + + /** + * @param loadBalancingScheme All backend services and forwarding rules referenced by this extension must share the same load balancing scheme. + * For more information, refer to [Choosing a load balancer](https://cloud.google.com/load-balancing/docs/backend-service) and + * [Supported application load balancers](https://cloud.google.com/service-extensions/docs/callouts-overview#supported-lbs). + * Possible values are: `INTERNAL_MANAGED`, `EXTERNAL_MANAGED`. + * + * @return builder + * + */ + public Builder loadBalancingScheme(@Nullable Output loadBalancingScheme) { + $.loadBalancingScheme = loadBalancingScheme; + return this; + } + + /** + * @param loadBalancingScheme All backend services and forwarding rules referenced by this extension must share the same load balancing scheme. + * For more information, refer to [Choosing a load balancer](https://cloud.google.com/load-balancing/docs/backend-service) and + * [Supported application load balancers](https://cloud.google.com/service-extensions/docs/callouts-overview#supported-lbs). + * Possible values are: `INTERNAL_MANAGED`, `EXTERNAL_MANAGED`. + * + * @return builder + * + */ + public Builder loadBalancingScheme(String loadBalancingScheme) { + return loadBalancingScheme(Output.of(loadBalancingScheme)); + } + + /** + * @param location The location of the route extension + * + * @return builder + * + */ + public Builder location(@Nullable Output location) { + $.location = location; + return this; + } + + /** + * @param location The location of the route extension + * + * @return builder + * + */ + public Builder location(String location) { + return location(Output.of(location)); + } + + /** + * @param name Name of the LbRouteExtension resource in the following format: projects/{project}/locations/{location}/lbRouteExtensions/{lbRouteExtension} + * + * @return builder + * + */ + public Builder name(@Nullable Output name) { + $.name = name; + return this; + } + + /** + * @param name Name of the LbRouteExtension resource in the following format: projects/{project}/locations/{location}/lbRouteExtensions/{lbRouteExtension} + * + * @return builder + * + */ + public Builder name(String name) { + return name(Output.of(name)); + } + + public Builder project(@Nullable Output project) { + $.project = project; + return this; + } + + public Builder project(String project) { + return project(Output.of(project)); + } + + /** + * @param pulumiLabels The combination of labels configured directly on the resource + * and default labels configured on the provider. + * + * @return builder + * + */ + public Builder pulumiLabels(@Nullable Output> pulumiLabels) { + $.pulumiLabels = pulumiLabels; + return this; + } + + /** + * @param pulumiLabels The combination of labels configured directly on the resource + * and default labels configured on the provider. + * + * @return builder + * + */ + public Builder pulumiLabels(Map pulumiLabels) { + return pulumiLabels(Output.of(pulumiLabels)); + } + + public LbRouteExtensionState build() { + return $; + } + } + +} diff --git a/sdk/java/src/main/java/com/pulumi/gcp/networkservices/inputs/LbTrafficExtensionExtensionChainExtensionArgs.java b/sdk/java/src/main/java/com/pulumi/gcp/networkservices/inputs/LbTrafficExtensionExtensionChainExtensionArgs.java index 7449c7614c..7b8842ac3b 100644 --- a/sdk/java/src/main/java/com/pulumi/gcp/networkservices/inputs/LbTrafficExtensionExtensionChainExtensionArgs.java +++ b/sdk/java/src/main/java/com/pulumi/gcp/networkservices/inputs/LbTrafficExtensionExtensionChainExtensionArgs.java @@ -22,15 +22,15 @@ public final class LbTrafficExtensionExtensionChainExtensionArgs extends com.pul * The :authority header in the gRPC request sent from Envoy to the extension service. * */ - @Import(name="authority", required=true) - private Output authority; + @Import(name="authority") + private @Nullable Output authority; /** * @return The :authority header in the gRPC request sent from Envoy to the extension service. * */ - public Output authority() { - return this.authority; + public Optional> authority() { + return Optional.ofNullable(this.authority); } /** @@ -141,16 +141,16 @@ public Optional>> supportedEvents() { * A duration in seconds with up to nine fractional digits, ending with 's'. Example: "3.5s". * */ - @Import(name="timeout", required=true) - private Output timeout; + @Import(name="timeout") + private @Nullable Output timeout; /** * @return Specifies the timeout for each individual message on the stream. The timeout must be between 10-1000 milliseconds. * A duration in seconds with up to nine fractional digits, ending with 's'. Example: "3.5s". * */ - public Output timeout() { - return this.timeout; + public Optional> timeout() { + return Optional.ofNullable(this.timeout); } private LbTrafficExtensionExtensionChainExtensionArgs() {} @@ -189,7 +189,7 @@ public Builder(LbTrafficExtensionExtensionChainExtensionArgs defaults) { * @return builder * */ - public Builder authority(Output authority) { + public Builder authority(@Nullable Output authority) { $.authority = authority; return this; } @@ -370,7 +370,7 @@ public Builder supportedEvents(String... supportedEvents) { * @return builder * */ - public Builder timeout(Output timeout) { + public Builder timeout(@Nullable Output timeout) { $.timeout = timeout; return this; } @@ -387,18 +387,12 @@ public Builder timeout(String timeout) { } public LbTrafficExtensionExtensionChainExtensionArgs build() { - if ($.authority == null) { - throw new MissingRequiredPropertyException("LbTrafficExtensionExtensionChainExtensionArgs", "authority"); - } if ($.name == null) { throw new MissingRequiredPropertyException("LbTrafficExtensionExtensionChainExtensionArgs", "name"); } if ($.service == null) { throw new MissingRequiredPropertyException("LbTrafficExtensionExtensionChainExtensionArgs", "service"); } - if ($.timeout == null) { - throw new MissingRequiredPropertyException("LbTrafficExtensionExtensionChainExtensionArgs", "timeout"); - } return $; } } diff --git a/sdk/java/src/main/java/com/pulumi/gcp/networkservices/inputs/LbTrafficExtensionState.java b/sdk/java/src/main/java/com/pulumi/gcp/networkservices/inputs/LbTrafficExtensionState.java index 9fc80cdb40..10962b9cfe 100644 --- a/sdk/java/src/main/java/com/pulumi/gcp/networkservices/inputs/LbTrafficExtensionState.java +++ b/sdk/java/src/main/java/com/pulumi/gcp/networkservices/inputs/LbTrafficExtensionState.java @@ -109,8 +109,10 @@ public Optional>> labels() { /** * All backend services and forwarding rules referenced by this extension must share the same load balancing scheme. For - * more information, refer to Choosing a load balancer. Possible values: ["LOAD_BALANCING_SCHEME_UNSPECIFIED", - * "INTERNAL_MANAGED", "EXTERNAL_MANAGED"] + * more information, refer to [Choosing a load balancer](https://cloud.google.com/load-balancing/docs/backend-service) and + * [Supported application load + * balancers](https://cloud.google.com/service-extensions/docs/callouts-overview#supported-lbs). Possible values: + * ["INTERNAL_MANAGED", "EXTERNAL_MANAGED"] * */ @Import(name="loadBalancingScheme") @@ -118,8 +120,10 @@ public Optional>> labels() { /** * @return All backend services and forwarding rules referenced by this extension must share the same load balancing scheme. For - * more information, refer to Choosing a load balancer. Possible values: ["LOAD_BALANCING_SCHEME_UNSPECIFIED", - * "INTERNAL_MANAGED", "EXTERNAL_MANAGED"] + * more information, refer to [Choosing a load balancer](https://cloud.google.com/load-balancing/docs/backend-service) and + * [Supported application load + * balancers](https://cloud.google.com/service-extensions/docs/callouts-overview#supported-lbs). Possible values: + * ["INTERNAL_MANAGED", "EXTERNAL_MANAGED"] * */ public Optional> loadBalancingScheme() { @@ -359,8 +363,10 @@ public Builder labels(Map labels) { /** * @param loadBalancingScheme All backend services and forwarding rules referenced by this extension must share the same load balancing scheme. For - * more information, refer to Choosing a load balancer. Possible values: ["LOAD_BALANCING_SCHEME_UNSPECIFIED", - * "INTERNAL_MANAGED", "EXTERNAL_MANAGED"] + * more information, refer to [Choosing a load balancer](https://cloud.google.com/load-balancing/docs/backend-service) and + * [Supported application load + * balancers](https://cloud.google.com/service-extensions/docs/callouts-overview#supported-lbs). Possible values: + * ["INTERNAL_MANAGED", "EXTERNAL_MANAGED"] * * @return builder * @@ -372,8 +378,10 @@ public Builder loadBalancingScheme(@Nullable Output loadBalancingScheme) /** * @param loadBalancingScheme All backend services and forwarding rules referenced by this extension must share the same load balancing scheme. For - * more information, refer to Choosing a load balancer. Possible values: ["LOAD_BALANCING_SCHEME_UNSPECIFIED", - * "INTERNAL_MANAGED", "EXTERNAL_MANAGED"] + * more information, refer to [Choosing a load balancer](https://cloud.google.com/load-balancing/docs/backend-service) and + * [Supported application load + * balancers](https://cloud.google.com/service-extensions/docs/callouts-overview#supported-lbs). Possible values: + * ["INTERNAL_MANAGED", "EXTERNAL_MANAGED"] * * @return builder * diff --git a/sdk/java/src/main/java/com/pulumi/gcp/networkservices/outputs/LbRouteExtensionExtensionChain.java b/sdk/java/src/main/java/com/pulumi/gcp/networkservices/outputs/LbRouteExtensionExtensionChain.java new file mode 100644 index 0000000000..052619d260 --- /dev/null +++ b/sdk/java/src/main/java/com/pulumi/gcp/networkservices/outputs/LbRouteExtensionExtensionChain.java @@ -0,0 +1,124 @@ +// *** WARNING: this file was generated by pulumi-java-gen. *** +// *** Do not edit by hand unless you're certain you know what you are doing! *** + +package com.pulumi.gcp.networkservices.outputs; + +import com.pulumi.core.annotations.CustomType; +import com.pulumi.exceptions.MissingRequiredPropertyException; +import com.pulumi.gcp.networkservices.outputs.LbRouteExtensionExtensionChainExtension; +import com.pulumi.gcp.networkservices.outputs.LbRouteExtensionExtensionChainMatchCondition; +import java.lang.String; +import java.util.List; +import java.util.Objects; + +@CustomType +public final class LbRouteExtensionExtensionChain { + /** + * @return A set of extensions to execute for the matching request. + * At least one extension is required. Up to 3 extensions can be defined for each extension chain for + * LbTrafficExtension resource. LbRouteExtension chains are limited to 1 extension per extension chain. + * Structure is documented below. + * + */ + private List extensions; + /** + * @return Conditions under which this chain is invoked for a request. + * Structure is documented below. + * + */ + private LbRouteExtensionExtensionChainMatchCondition matchCondition; + /** + * @return The name for this extension chain. The name is logged as part of the HTTP request logs. + * The name must conform with RFC-1034, is restricted to lower-cased letters, numbers and hyphens, + * and can have a maximum length of 63 characters. Additionally, the first character must be a letter + * and the last character must be a letter or a number. + * + */ + private String name; + + private LbRouteExtensionExtensionChain() {} + /** + * @return A set of extensions to execute for the matching request. + * At least one extension is required. Up to 3 extensions can be defined for each extension chain for + * LbTrafficExtension resource. LbRouteExtension chains are limited to 1 extension per extension chain. + * Structure is documented below. + * + */ + public List extensions() { + return this.extensions; + } + /** + * @return Conditions under which this chain is invoked for a request. + * Structure is documented below. + * + */ + public LbRouteExtensionExtensionChainMatchCondition matchCondition() { + return this.matchCondition; + } + /** + * @return The name for this extension chain. The name is logged as part of the HTTP request logs. + * The name must conform with RFC-1034, is restricted to lower-cased letters, numbers and hyphens, + * and can have a maximum length of 63 characters. Additionally, the first character must be a letter + * and the last character must be a letter or a number. + * + */ + public String name() { + return this.name; + } + + public static Builder builder() { + return new Builder(); + } + + public static Builder builder(LbRouteExtensionExtensionChain defaults) { + return new Builder(defaults); + } + @CustomType.Builder + public static final class Builder { + private List extensions; + private LbRouteExtensionExtensionChainMatchCondition matchCondition; + private String name; + public Builder() {} + public Builder(LbRouteExtensionExtensionChain defaults) { + Objects.requireNonNull(defaults); + this.extensions = defaults.extensions; + this.matchCondition = defaults.matchCondition; + this.name = defaults.name; + } + + @CustomType.Setter + public Builder extensions(List extensions) { + if (extensions == null) { + throw new MissingRequiredPropertyException("LbRouteExtensionExtensionChain", "extensions"); + } + this.extensions = extensions; + return this; + } + public Builder extensions(LbRouteExtensionExtensionChainExtension... extensions) { + return extensions(List.of(extensions)); + } + @CustomType.Setter + public Builder matchCondition(LbRouteExtensionExtensionChainMatchCondition matchCondition) { + if (matchCondition == null) { + throw new MissingRequiredPropertyException("LbRouteExtensionExtensionChain", "matchCondition"); + } + this.matchCondition = matchCondition; + return this; + } + @CustomType.Setter + public Builder name(String name) { + if (name == null) { + throw new MissingRequiredPropertyException("LbRouteExtensionExtensionChain", "name"); + } + this.name = name; + return this; + } + public LbRouteExtensionExtensionChain build() { + final var _resultValue = new LbRouteExtensionExtensionChain(); + _resultValue.extensions = extensions; + _resultValue.matchCondition = matchCondition; + _resultValue.name = name; + return _resultValue; + } + } +} diff --git a/sdk/java/src/main/java/com/pulumi/gcp/networkservices/outputs/LbRouteExtensionExtensionChainExtension.java b/sdk/java/src/main/java/com/pulumi/gcp/networkservices/outputs/LbRouteExtensionExtensionChainExtension.java new file mode 100644 index 0000000000..4e088cee7f --- /dev/null +++ b/sdk/java/src/main/java/com/pulumi/gcp/networkservices/outputs/LbRouteExtensionExtensionChainExtension.java @@ -0,0 +1,196 @@ +// *** WARNING: this file was generated by pulumi-java-gen. *** +// *** Do not edit by hand unless you're certain you know what you are doing! *** + +package com.pulumi.gcp.networkservices.outputs; + +import com.pulumi.core.annotations.CustomType; +import com.pulumi.exceptions.MissingRequiredPropertyException; +import java.lang.Boolean; +import java.lang.String; +import java.util.List; +import java.util.Objects; +import java.util.Optional; +import javax.annotation.Nullable; + +@CustomType +public final class LbRouteExtensionExtensionChainExtension { + /** + * @return The :authority header in the gRPC request sent from Envoy to the extension service. + * + */ + private @Nullable String authority; + /** + * @return Determines how the proxy behaves if the call to the extension fails or times out. + * When set to TRUE, request or response processing continues without error. + * Any subsequent extensions in the extension chain are also executed. + * When set to FALSE: * If response headers have not been delivered to the downstream client, + * a generic 500 error is returned to the client. The error response can be tailored by + * configuring a custom error response in the load balancer. + * + */ + private @Nullable Boolean failOpen; + /** + * @return List of the HTTP headers to forward to the extension (from the client or backend). + * If omitted, all headers are sent. Each element is a string indicating the header name. + * + * *** + * + */ + private @Nullable List forwardHeaders; + /** + * @return The name for this extension. The name is logged as part of the HTTP request logs. + * The name must conform with RFC-1034, is restricted to lower-cased letters, numbers and hyphens, + * and can have a maximum length of 63 characters. Additionally, the first character must be a letter + * and the last a letter or a number. + * + */ + private String name; + /** + * @return The reference to the service that runs the extension. Must be a reference to a backend service + * + */ + private String service; + /** + * @return Specifies the timeout for each individual message on the stream. The timeout must be between 10-1000 milliseconds. + * A duration in seconds with up to nine fractional digits, ending with 's'. Example: "3.5s". + * + */ + private @Nullable String timeout; + + private LbRouteExtensionExtensionChainExtension() {} + /** + * @return The :authority header in the gRPC request sent from Envoy to the extension service. + * + */ + public Optional authority() { + return Optional.ofNullable(this.authority); + } + /** + * @return Determines how the proxy behaves if the call to the extension fails or times out. + * When set to TRUE, request or response processing continues without error. + * Any subsequent extensions in the extension chain are also executed. + * When set to FALSE: * If response headers have not been delivered to the downstream client, + * a generic 500 error is returned to the client. The error response can be tailored by + * configuring a custom error response in the load balancer. + * + */ + public Optional failOpen() { + return Optional.ofNullable(this.failOpen); + } + /** + * @return List of the HTTP headers to forward to the extension (from the client or backend). + * If omitted, all headers are sent. Each element is a string indicating the header name. + * + * *** + * + */ + public List forwardHeaders() { + return this.forwardHeaders == null ? List.of() : this.forwardHeaders; + } + /** + * @return The name for this extension. The name is logged as part of the HTTP request logs. + * The name must conform with RFC-1034, is restricted to lower-cased letters, numbers and hyphens, + * and can have a maximum length of 63 characters. Additionally, the first character must be a letter + * and the last a letter or a number. + * + */ + public String name() { + return this.name; + } + /** + * @return The reference to the service that runs the extension. Must be a reference to a backend service + * + */ + public String service() { + return this.service; + } + /** + * @return Specifies the timeout for each individual message on the stream. The timeout must be between 10-1000 milliseconds. + * A duration in seconds with up to nine fractional digits, ending with 's'. Example: "3.5s". + * + */ + public Optional timeout() { + return Optional.ofNullable(this.timeout); + } + + public static Builder builder() { + return new Builder(); + } + + public static Builder builder(LbRouteExtensionExtensionChainExtension defaults) { + return new Builder(defaults); + } + @CustomType.Builder + public static final class Builder { + private @Nullable String authority; + private @Nullable Boolean failOpen; + private @Nullable List forwardHeaders; + private String name; + private String service; + private @Nullable String timeout; + public Builder() {} + public Builder(LbRouteExtensionExtensionChainExtension defaults) { + Objects.requireNonNull(defaults); + this.authority = defaults.authority; + this.failOpen = defaults.failOpen; + this.forwardHeaders = defaults.forwardHeaders; + this.name = defaults.name; + this.service = defaults.service; + this.timeout = defaults.timeout; + } + + @CustomType.Setter + public Builder authority(@Nullable String authority) { + + this.authority = authority; + return this; + } + @CustomType.Setter + public Builder failOpen(@Nullable Boolean failOpen) { + + this.failOpen = failOpen; + return this; + } + @CustomType.Setter + public Builder forwardHeaders(@Nullable List forwardHeaders) { + + this.forwardHeaders = forwardHeaders; + return this; + } + public Builder forwardHeaders(String... forwardHeaders) { + return forwardHeaders(List.of(forwardHeaders)); + } + @CustomType.Setter + public Builder name(String name) { + if (name == null) { + throw new MissingRequiredPropertyException("LbRouteExtensionExtensionChainExtension", "name"); + } + this.name = name; + return this; + } + @CustomType.Setter + public Builder service(String service) { + if (service == null) { + throw new MissingRequiredPropertyException("LbRouteExtensionExtensionChainExtension", "service"); + } + this.service = service; + return this; + } + @CustomType.Setter + public Builder timeout(@Nullable String timeout) { + + this.timeout = timeout; + return this; + } + public LbRouteExtensionExtensionChainExtension build() { + final var _resultValue = new LbRouteExtensionExtensionChainExtension(); + _resultValue.authority = authority; + _resultValue.failOpen = failOpen; + _resultValue.forwardHeaders = forwardHeaders; + _resultValue.name = name; + _resultValue.service = service; + _resultValue.timeout = timeout; + return _resultValue; + } + } +} diff --git a/sdk/java/src/main/java/com/pulumi/gcp/networkservices/outputs/LbRouteExtensionExtensionChainMatchCondition.java b/sdk/java/src/main/java/com/pulumi/gcp/networkservices/outputs/LbRouteExtensionExtensionChainMatchCondition.java new file mode 100644 index 0000000000..1964657096 --- /dev/null +++ b/sdk/java/src/main/java/com/pulumi/gcp/networkservices/outputs/LbRouteExtensionExtensionChainMatchCondition.java @@ -0,0 +1,58 @@ +// *** WARNING: this file was generated by pulumi-java-gen. *** +// *** Do not edit by hand unless you're certain you know what you are doing! *** + +package com.pulumi.gcp.networkservices.outputs; + +import com.pulumi.core.annotations.CustomType; +import com.pulumi.exceptions.MissingRequiredPropertyException; +import java.lang.String; +import java.util.Objects; + +@CustomType +public final class LbRouteExtensionExtensionChainMatchCondition { + /** + * @return A Common Expression Language (CEL) expression that is used to match requests for which the extension chain is executed. + * + */ + private String celExpression; + + private LbRouteExtensionExtensionChainMatchCondition() {} + /** + * @return A Common Expression Language (CEL) expression that is used to match requests for which the extension chain is executed. + * + */ + public String celExpression() { + return this.celExpression; + } + + public static Builder builder() { + return new Builder(); + } + + public static Builder builder(LbRouteExtensionExtensionChainMatchCondition defaults) { + return new Builder(defaults); + } + @CustomType.Builder + public static final class Builder { + private String celExpression; + public Builder() {} + public Builder(LbRouteExtensionExtensionChainMatchCondition defaults) { + Objects.requireNonNull(defaults); + this.celExpression = defaults.celExpression; + } + + @CustomType.Setter + public Builder celExpression(String celExpression) { + if (celExpression == null) { + throw new MissingRequiredPropertyException("LbRouteExtensionExtensionChainMatchCondition", "celExpression"); + } + this.celExpression = celExpression; + return this; + } + public LbRouteExtensionExtensionChainMatchCondition build() { + final var _resultValue = new LbRouteExtensionExtensionChainMatchCondition(); + _resultValue.celExpression = celExpression; + return _resultValue; + } + } +} diff --git a/sdk/java/src/main/java/com/pulumi/gcp/networkservices/outputs/LbTrafficExtensionExtensionChainExtension.java b/sdk/java/src/main/java/com/pulumi/gcp/networkservices/outputs/LbTrafficExtensionExtensionChainExtension.java index 5daee10435..de19d28d6c 100644 --- a/sdk/java/src/main/java/com/pulumi/gcp/networkservices/outputs/LbTrafficExtensionExtensionChainExtension.java +++ b/sdk/java/src/main/java/com/pulumi/gcp/networkservices/outputs/LbTrafficExtensionExtensionChainExtension.java @@ -18,7 +18,7 @@ public final class LbTrafficExtensionExtensionChainExtension { * @return The :authority header in the gRPC request sent from Envoy to the extension service. * */ - private String authority; + private @Nullable String authority; /** * @return Determines how the proxy behaves if the call to the extension fails or times out. * When set to TRUE, request or response processing continues without error. @@ -63,15 +63,15 @@ public final class LbTrafficExtensionExtensionChainExtension { * A duration in seconds with up to nine fractional digits, ending with 's'. Example: "3.5s". * */ - private String timeout; + private @Nullable String timeout; private LbTrafficExtensionExtensionChainExtension() {} /** * @return The :authority header in the gRPC request sent from Envoy to the extension service. * */ - public String authority() { - return this.authority; + public Optional authority() { + return Optional.ofNullable(this.authority); } /** * @return Determines how the proxy behaves if the call to the extension fails or times out. @@ -127,8 +127,8 @@ public List supportedEvents() { * A duration in seconds with up to nine fractional digits, ending with 's'. Example: "3.5s". * */ - public String timeout() { - return this.timeout; + public Optional timeout() { + return Optional.ofNullable(this.timeout); } public static Builder builder() { @@ -140,13 +140,13 @@ public static Builder builder(LbTrafficExtensionExtensionChainExtension defaults } @CustomType.Builder public static final class Builder { - private String authority; + private @Nullable String authority; private @Nullable Boolean failOpen; private @Nullable List forwardHeaders; private String name; private String service; private @Nullable List supportedEvents; - private String timeout; + private @Nullable String timeout; public Builder() {} public Builder(LbTrafficExtensionExtensionChainExtension defaults) { Objects.requireNonNull(defaults); @@ -160,10 +160,8 @@ public Builder(LbTrafficExtensionExtensionChainExtension defaults) { } @CustomType.Setter - public Builder authority(String authority) { - if (authority == null) { - throw new MissingRequiredPropertyException("LbTrafficExtensionExtensionChainExtension", "authority"); - } + public Builder authority(@Nullable String authority) { + this.authority = authority; return this; } @@ -208,10 +206,8 @@ public Builder supportedEvents(String... supportedEvents) { return supportedEvents(List.of(supportedEvents)); } @CustomType.Setter - public Builder timeout(String timeout) { - if (timeout == null) { - throw new MissingRequiredPropertyException("LbTrafficExtensionExtensionChainExtension", "timeout"); - } + public Builder timeout(@Nullable String timeout) { + this.timeout = timeout; return this; } diff --git a/sdk/java/src/main/java/com/pulumi/gcp/orgpolicy/Policy.java b/sdk/java/src/main/java/com/pulumi/gcp/orgpolicy/Policy.java index 75943809c5..74e74f479d 100644 --- a/sdk/java/src/main/java/com/pulumi/gcp/orgpolicy/Policy.java +++ b/sdk/java/src/main/java/com/pulumi/gcp/orgpolicy/Policy.java @@ -253,7 +253,7 @@ * * public static void stack(Context ctx) { * var constraint = new CustomConstraint("constraint", CustomConstraintArgs.builder() - * .name("custom.disableGkeAutoUpgrade_87786") + * .name("custom.disableGkeAutoUpgrade_2067") * .parent("organizations/123456789") * .displayName("Disable GKE auto upgrade") * .description("Only allow GKE NodePool resource to be created or updated if AutoUpgrade is not enabled where this custom constraint is enforced.") diff --git a/sdk/java/src/main/java/com/pulumi/gcp/pubsub/Subscription.java b/sdk/java/src/main/java/com/pulumi/gcp/pubsub/Subscription.java index b487b1433c..21eee8d3cb 100644 --- a/sdk/java/src/main/java/com/pulumi/gcp/pubsub/Subscription.java +++ b/sdk/java/src/main/java/com/pulumi/gcp/pubsub/Subscription.java @@ -445,7 +445,8 @@ * .cloudStorageConfig(SubscriptionCloudStorageConfigArgs.builder() * .bucket(example.name()) * .filenamePrefix("pre-") - * .filenameSuffix("-_2067") + * .filenameSuffix("-_40785") + * .filenameDatetimeFormat("YYYY-MM-DD/hh_mm_ssZ") * .maxBytes(1000) * .maxDuration("300s") * .build()) @@ -520,7 +521,8 @@ * .cloudStorageConfig(SubscriptionCloudStorageConfigArgs.builder() * .bucket(example.name()) * .filenamePrefix("pre-") - * .filenameSuffix("-_40785") + * .filenameSuffix("-_79169") + * .filenameDatetimeFormat("YYYY-MM-DD/hh_mm_ssZ") * .maxBytes(1000) * .maxDuration("300s") * .avroConfig(SubscriptionCloudStorageConfigAvroConfigArgs.builder() diff --git a/sdk/java/src/main/java/com/pulumi/gcp/pubsub/inputs/SubscriptionCloudStorageConfigArgs.java b/sdk/java/src/main/java/com/pulumi/gcp/pubsub/inputs/SubscriptionCloudStorageConfigArgs.java index c68581962c..448a857689 100644 --- a/sdk/java/src/main/java/com/pulumi/gcp/pubsub/inputs/SubscriptionCloudStorageConfigArgs.java +++ b/sdk/java/src/main/java/com/pulumi/gcp/pubsub/inputs/SubscriptionCloudStorageConfigArgs.java @@ -50,6 +50,21 @@ public Output bucket() { return this.bucket; } + /** + * User-provided format string specifying how to represent datetimes in Cloud Storage filenames. + * + */ + @Import(name="filenameDatetimeFormat") + private @Nullable Output filenameDatetimeFormat; + + /** + * @return User-provided format string specifying how to represent datetimes in Cloud Storage filenames. + * + */ + public Optional> filenameDatetimeFormat() { + return Optional.ofNullable(this.filenameDatetimeFormat); + } + /** * User-provided prefix for Cloud Storage filename. * @@ -138,6 +153,7 @@ private SubscriptionCloudStorageConfigArgs() {} private SubscriptionCloudStorageConfigArgs(SubscriptionCloudStorageConfigArgs $) { this.avroConfig = $.avroConfig; this.bucket = $.bucket; + this.filenameDatetimeFormat = $.filenameDatetimeFormat; this.filenamePrefix = $.filenamePrefix; this.filenameSuffix = $.filenameSuffix; this.maxBytes = $.maxBytes; @@ -207,6 +223,27 @@ public Builder bucket(String bucket) { return bucket(Output.of(bucket)); } + /** + * @param filenameDatetimeFormat User-provided format string specifying how to represent datetimes in Cloud Storage filenames. + * + * @return builder + * + */ + public Builder filenameDatetimeFormat(@Nullable Output filenameDatetimeFormat) { + $.filenameDatetimeFormat = filenameDatetimeFormat; + return this; + } + + /** + * @param filenameDatetimeFormat User-provided format string specifying how to represent datetimes in Cloud Storage filenames. + * + * @return builder + * + */ + public Builder filenameDatetimeFormat(String filenameDatetimeFormat) { + return filenameDatetimeFormat(Output.of(filenameDatetimeFormat)); + } + /** * @param filenamePrefix User-provided prefix for Cloud Storage filename. * diff --git a/sdk/java/src/main/java/com/pulumi/gcp/pubsub/outputs/GetSubscriptionCloudStorageConfig.java b/sdk/java/src/main/java/com/pulumi/gcp/pubsub/outputs/GetSubscriptionCloudStorageConfig.java index 8cb992701e..74a500d417 100644 --- a/sdk/java/src/main/java/com/pulumi/gcp/pubsub/outputs/GetSubscriptionCloudStorageConfig.java +++ b/sdk/java/src/main/java/com/pulumi/gcp/pubsub/outputs/GetSubscriptionCloudStorageConfig.java @@ -23,6 +23,11 @@ public final class GetSubscriptionCloudStorageConfig { * */ private String bucket; + /** + * @return User-provided format string specifying how to represent datetimes in Cloud Storage filenames. + * + */ + private String filenameDatetimeFormat; /** * @return User-provided prefix for Cloud Storage filename. * @@ -67,6 +72,13 @@ public List avroConfigs() { public String bucket() { return this.bucket; } + /** + * @return User-provided format string specifying how to represent datetimes in Cloud Storage filenames. + * + */ + public String filenameDatetimeFormat() { + return this.filenameDatetimeFormat; + } /** * @return User-provided prefix for Cloud Storage filename. * @@ -117,6 +129,7 @@ public static Builder builder(GetSubscriptionCloudStorageConfig defaults) { public static final class Builder { private List avroConfigs; private String bucket; + private String filenameDatetimeFormat; private String filenamePrefix; private String filenameSuffix; private Integer maxBytes; @@ -127,6 +140,7 @@ public Builder(GetSubscriptionCloudStorageConfig defaults) { Objects.requireNonNull(defaults); this.avroConfigs = defaults.avroConfigs; this.bucket = defaults.bucket; + this.filenameDatetimeFormat = defaults.filenameDatetimeFormat; this.filenamePrefix = defaults.filenamePrefix; this.filenameSuffix = defaults.filenameSuffix; this.maxBytes = defaults.maxBytes; @@ -154,6 +168,14 @@ public Builder bucket(String bucket) { return this; } @CustomType.Setter + public Builder filenameDatetimeFormat(String filenameDatetimeFormat) { + if (filenameDatetimeFormat == null) { + throw new MissingRequiredPropertyException("GetSubscriptionCloudStorageConfig", "filenameDatetimeFormat"); + } + this.filenameDatetimeFormat = filenameDatetimeFormat; + return this; + } + @CustomType.Setter public Builder filenamePrefix(String filenamePrefix) { if (filenamePrefix == null) { throw new MissingRequiredPropertyException("GetSubscriptionCloudStorageConfig", "filenamePrefix"); @@ -197,6 +219,7 @@ public GetSubscriptionCloudStorageConfig build() { final var _resultValue = new GetSubscriptionCloudStorageConfig(); _resultValue.avroConfigs = avroConfigs; _resultValue.bucket = bucket; + _resultValue.filenameDatetimeFormat = filenameDatetimeFormat; _resultValue.filenamePrefix = filenamePrefix; _resultValue.filenameSuffix = filenameSuffix; _resultValue.maxBytes = maxBytes; diff --git a/sdk/java/src/main/java/com/pulumi/gcp/pubsub/outputs/SubscriptionCloudStorageConfig.java b/sdk/java/src/main/java/com/pulumi/gcp/pubsub/outputs/SubscriptionCloudStorageConfig.java index c80b242b4e..93a39180f0 100644 --- a/sdk/java/src/main/java/com/pulumi/gcp/pubsub/outputs/SubscriptionCloudStorageConfig.java +++ b/sdk/java/src/main/java/com/pulumi/gcp/pubsub/outputs/SubscriptionCloudStorageConfig.java @@ -25,6 +25,11 @@ public final class SubscriptionCloudStorageConfig { * */ private String bucket; + /** + * @return User-provided format string specifying how to represent datetimes in Cloud Storage filenames. + * + */ + private @Nullable String filenameDatetimeFormat; /** * @return User-provided prefix for Cloud Storage filename. * @@ -71,6 +76,13 @@ public Optional avroConfig() { public String bucket() { return this.bucket; } + /** + * @return User-provided format string specifying how to represent datetimes in Cloud Storage filenames. + * + */ + public Optional filenameDatetimeFormat() { + return Optional.ofNullable(this.filenameDatetimeFormat); + } /** * @return User-provided prefix for Cloud Storage filename. * @@ -122,6 +134,7 @@ public static Builder builder(SubscriptionCloudStorageConfig defaults) { public static final class Builder { private @Nullable SubscriptionCloudStorageConfigAvroConfig avroConfig; private String bucket; + private @Nullable String filenameDatetimeFormat; private @Nullable String filenamePrefix; private @Nullable String filenameSuffix; private @Nullable Integer maxBytes; @@ -132,6 +145,7 @@ public Builder(SubscriptionCloudStorageConfig defaults) { Objects.requireNonNull(defaults); this.avroConfig = defaults.avroConfig; this.bucket = defaults.bucket; + this.filenameDatetimeFormat = defaults.filenameDatetimeFormat; this.filenamePrefix = defaults.filenamePrefix; this.filenameSuffix = defaults.filenameSuffix; this.maxBytes = defaults.maxBytes; @@ -154,6 +168,12 @@ public Builder bucket(String bucket) { return this; } @CustomType.Setter + public Builder filenameDatetimeFormat(@Nullable String filenameDatetimeFormat) { + + this.filenameDatetimeFormat = filenameDatetimeFormat; + return this; + } + @CustomType.Setter public Builder filenamePrefix(@Nullable String filenamePrefix) { this.filenamePrefix = filenamePrefix; @@ -187,6 +207,7 @@ public SubscriptionCloudStorageConfig build() { final var _resultValue = new SubscriptionCloudStorageConfig(); _resultValue.avroConfig = avroConfig; _resultValue.bucket = bucket; + _resultValue.filenameDatetimeFormat = filenameDatetimeFormat; _resultValue.filenamePrefix = filenamePrefix; _resultValue.filenameSuffix = filenameSuffix; _resultValue.maxBytes = maxBytes; diff --git a/sdk/java/src/main/java/com/pulumi/gcp/sql/User.java b/sdk/java/src/main/java/com/pulumi/gcp/sql/User.java index d98996a2f2..6bea79cae9 100644 --- a/sdk/java/src/main/java/com/pulumi/gcp/sql/User.java +++ b/sdk/java/src/main/java/com/pulumi/gcp/sql/User.java @@ -117,7 +117,7 @@ * .settings(DatabaseInstanceSettingsArgs.builder() * .tier("db-f1-micro") * .databaseFlags(DatabaseInstanceSettingsDatabaseFlagArgs.builder() - * .name("cloudsql.iam_authentication") + * .name("cloudsql_iam_authentication") * .value("on") * .build()) * .build()) @@ -184,7 +184,7 @@ * .settings(DatabaseInstanceSettingsArgs.builder() * .tier("db-f1-micro") * .databaseFlags(DatabaseInstanceSettingsDatabaseFlagArgs.builder() - * .name("cloudsql.iam_authentication") + * .name("cloudsql_iam_authentication") * .value("on") * .build()) * .build()) diff --git a/sdk/java/src/main/java/com/pulumi/gcp/tpu/inputs/V2VmAcceleratorConfigArgs.java b/sdk/java/src/main/java/com/pulumi/gcp/tpu/inputs/V2VmAcceleratorConfigArgs.java index 0e15e9c5c6..d99a960444 100644 --- a/sdk/java/src/main/java/com/pulumi/gcp/tpu/inputs/V2VmAcceleratorConfigArgs.java +++ b/sdk/java/src/main/java/com/pulumi/gcp/tpu/inputs/V2VmAcceleratorConfigArgs.java @@ -31,7 +31,7 @@ public Output topology() { /** * Type of TPU. - * Possible values are: `V2`, `V3`, `V4`. + * Possible values are: `V2`, `V3`, `V4`, `V5P`. * */ @Import(name="type", required=true) @@ -39,7 +39,7 @@ public Output topology() { /** * @return Type of TPU. - * Possible values are: `V2`, `V3`, `V4`. + * Possible values are: `V2`, `V3`, `V4`, `V5P`. * */ public Output type() { @@ -94,7 +94,7 @@ public Builder topology(String topology) { /** * @param type Type of TPU. - * Possible values are: `V2`, `V3`, `V4`. + * Possible values are: `V2`, `V3`, `V4`, `V5P`. * * @return builder * @@ -106,7 +106,7 @@ public Builder type(Output type) { /** * @param type Type of TPU. - * Possible values are: `V2`, `V3`, `V4`. + * Possible values are: `V2`, `V3`, `V4`, `V5P`. * * @return builder * diff --git a/sdk/java/src/main/java/com/pulumi/gcp/tpu/outputs/V2VmAcceleratorConfig.java b/sdk/java/src/main/java/com/pulumi/gcp/tpu/outputs/V2VmAcceleratorConfig.java index 3b887a3c02..0660f57224 100644 --- a/sdk/java/src/main/java/com/pulumi/gcp/tpu/outputs/V2VmAcceleratorConfig.java +++ b/sdk/java/src/main/java/com/pulumi/gcp/tpu/outputs/V2VmAcceleratorConfig.java @@ -17,7 +17,7 @@ public final class V2VmAcceleratorConfig { private String topology; /** * @return Type of TPU. - * Possible values are: `V2`, `V3`, `V4`. + * Possible values are: `V2`, `V3`, `V4`, `V5P`. * */ private String type; @@ -32,7 +32,7 @@ public String topology() { } /** * @return Type of TPU. - * Possible values are: `V2`, `V3`, `V4`. + * Possible values are: `V2`, `V3`, `V4`, `V5P`. * */ public String type() { diff --git a/sdk/nodejs/appengine/domainMapping.ts b/sdk/nodejs/appengine/domainMapping.ts index 47a8a0779e..cf7fbd8cf8 100644 --- a/sdk/nodejs/appengine/domainMapping.ts +++ b/sdk/nodejs/appengine/domainMapping.ts @@ -116,7 +116,7 @@ export class DomainMapping extends pulumi.CustomResource { * SSL configuration for this domain. If unconfigured, this domain will not serve with SSL. * Structure is documented below. */ - public readonly sslSettings!: pulumi.Output; + public readonly sslSettings!: pulumi.Output; /** * Create a DomainMapping resource with the given unique name, arguments, and options. diff --git a/sdk/nodejs/bigquery/table.ts b/sdk/nodejs/bigquery/table.ts index 151d3cb270..f72605ebee 100644 --- a/sdk/nodejs/bigquery/table.ts +++ b/sdk/nodejs/bigquery/table.ts @@ -123,7 +123,8 @@ export class Table extends pulumi.CustomResource { } /** - * Whether or not to allow table deletion when there are still resource tags attached. + * This field is in beta. If set to true, it allows table deletion when there + * are still resource tags attached. The default value is false. */ public readonly allowResourceTagsOnDeletion!: pulumi.Output; /** @@ -257,9 +258,11 @@ export class Table extends pulumi.CustomResource { */ public readonly requirePartitionFilter!: pulumi.Output; /** - * The tags attached to this table. Tag keys are globally unique. Tag key is expected to be in the namespaced format, for - * example "123456789012/environment" where 123456789012 is the ID of the parent organization or project resource for this - * tag key. Tag value is expected to be the short name, for example "Production". + * This field is in beta. The tags attached to this table. Tag keys are + * globally unique. Tag key is expected to be in the namespaced format, for + * example "123456789012/environment" where 123456789012 is the ID of the + * parent organization or project resource for this tag key. Tag value is + * expected to be the short name, for example "Production". */ public readonly resourceTags!: pulumi.Output<{[key: string]: string} | undefined>; /** @@ -281,7 +284,10 @@ export class Table extends pulumi.CustomResource { */ public readonly tableId!: pulumi.Output; /** - * Replication info of a table created using "AS REPLICA" DDL like: "CREATE MATERIALIZED VIEW mv1 AS REPLICA OF srcMv". + * Replication info of a table created + * using "AS REPLICA" DDL like: + * `CREATE MATERIALIZED VIEW mv1 AS REPLICA OF srcMv`. + * Structure is documented below. */ public readonly tableReplicationInfo!: pulumi.Output; /** @@ -399,7 +405,8 @@ export class Table extends pulumi.CustomResource { */ export interface TableState { /** - * Whether or not to allow table deletion when there are still resource tags attached. + * This field is in beta. If set to true, it allows table deletion when there + * are still resource tags attached. The default value is false. */ allowResourceTagsOnDeletion?: pulumi.Input; /** @@ -533,9 +540,11 @@ export interface TableState { */ requirePartitionFilter?: pulumi.Input; /** - * The tags attached to this table. Tag keys are globally unique. Tag key is expected to be in the namespaced format, for - * example "123456789012/environment" where 123456789012 is the ID of the parent organization or project resource for this - * tag key. Tag value is expected to be the short name, for example "Production". + * This field is in beta. The tags attached to this table. Tag keys are + * globally unique. Tag key is expected to be in the namespaced format, for + * example "123456789012/environment" where 123456789012 is the ID of the + * parent organization or project resource for this tag key. Tag value is + * expected to be the short name, for example "Production". */ resourceTags?: pulumi.Input<{[key: string]: pulumi.Input}>; /** @@ -557,7 +566,10 @@ export interface TableState { */ tableId?: pulumi.Input; /** - * Replication info of a table created using "AS REPLICA" DDL like: "CREATE MATERIALIZED VIEW mv1 AS REPLICA OF srcMv". + * Replication info of a table created + * using "AS REPLICA" DDL like: + * `CREATE MATERIALIZED VIEW mv1 AS REPLICA OF srcMv`. + * Structure is documented below. */ tableReplicationInfo?: pulumi.Input; /** @@ -581,7 +593,8 @@ export interface TableState { */ export interface TableArgs { /** - * Whether or not to allow table deletion when there are still resource tags attached. + * This field is in beta. If set to true, it allows table deletion when there + * are still resource tags attached. The default value is false. */ allowResourceTagsOnDeletion?: pulumi.Input; /** @@ -664,9 +677,11 @@ export interface TableArgs { */ requirePartitionFilter?: pulumi.Input; /** - * The tags attached to this table. Tag keys are globally unique. Tag key is expected to be in the namespaced format, for - * example "123456789012/environment" where 123456789012 is the ID of the parent organization or project resource for this - * tag key. Tag value is expected to be the short name, for example "Production". + * This field is in beta. The tags attached to this table. Tag keys are + * globally unique. Tag key is expected to be in the namespaced format, for + * example "123456789012/environment" where 123456789012 is the ID of the + * parent organization or project resource for this tag key. Tag value is + * expected to be the short name, for example "Production". */ resourceTags?: pulumi.Input<{[key: string]: pulumi.Input}>; /** @@ -684,7 +699,10 @@ export interface TableArgs { */ tableId: pulumi.Input; /** - * Replication info of a table created using "AS REPLICA" DDL like: "CREATE MATERIALIZED VIEW mv1 AS REPLICA OF srcMv". + * Replication info of a table created + * using "AS REPLICA" DDL like: + * `CREATE MATERIALIZED VIEW mv1 AS REPLICA OF srcMv`. + * Structure is documented below. */ tableReplicationInfo?: pulumi.Input; /** diff --git a/sdk/nodejs/cloudfunctionsv2/function.ts b/sdk/nodejs/cloudfunctionsv2/function.ts index ea4f475b5d..7efc34e546 100644 --- a/sdk/nodejs/cloudfunctionsv2/function.ts +++ b/sdk/nodejs/cloudfunctionsv2/function.ts @@ -52,7 +52,6 @@ import * as utilities from "../utilities"; * timeoutSeconds: 60, * }, * }); - * export const functionUri = _function.serviceConfig.apply(serviceConfig => serviceConfig?.uri); * ``` * ### Cloudfunctions2 Full * @@ -464,7 +463,6 @@ import * as utilities from "../utilities"; * }, { * dependsOn: [wait60s], * }); - * export const functionUri = _function.serviceConfig.apply(serviceConfig => serviceConfig?.uri); * ``` * ### Cloudfunctions2 Secret Env * diff --git a/sdk/nodejs/composer/userWorkloadsSecret.ts b/sdk/nodejs/composer/userWorkloadsSecret.ts index 5b6f1865db..19782f31b7 100644 --- a/sdk/nodejs/composer/userWorkloadsSecret.ts +++ b/sdk/nodejs/composer/userWorkloadsSecret.ts @@ -46,7 +46,7 @@ import * as utilities from "../utilities"; * * * `{{project}}/{{region}}/{{environment}}/{{name}}` * - * * `{{name}}` + * * `{{environment}}/{{name}}` * * When using the `pulumi import` command, Environment can be imported using one of the formats above. For example: * @@ -59,7 +59,7 @@ import * as utilities from "../utilities"; * ``` * * ```sh - * $ pulumi import gcp:composer/userWorkloadsSecret:UserWorkloadsSecret example {{name}} + * $ pulumi import gcp:composer/userWorkloadsSecret:UserWorkloadsSecret example {{environment}}/{{name}} * ``` */ export class UserWorkloadsSecret extends pulumi.CustomResource { diff --git a/sdk/nodejs/compute/getSubnetworks.ts b/sdk/nodejs/compute/getSubnetworks.ts new file mode 100644 index 0000000000..ac0a091a3c --- /dev/null +++ b/sdk/nodejs/compute/getSubnetworks.ts @@ -0,0 +1,114 @@ +// *** WARNING: this file was generated by the Pulumi Terraform Bridge (tfgen) Tool. *** +// *** Do not edit by hand unless you're certain you know what you are doing! *** + +import * as pulumi from "@pulumi/pulumi"; +import * as inputs from "../types/input"; +import * as outputs from "../types/output"; +import * as utilities from "../utilities"; + +/** + * Get subnetworks within GCE. + * See [the official documentation](https://cloud.google.com/vpc/docs/subnets) + * and [API](https://cloud.google.com/compute/docs/reference/rest/v1/subnetworks/list). + * + * ## Example Usage + * + * ```typescript + * import * as pulumi from "@pulumi/pulumi"; + * import * as gcp from "@pulumi/gcp"; + * + * const my-subnetworks = gcp.compute.getSubnetworks({ + * filter: "ipCidrRange eq 192.168.178.0/24", + * project: "my-project", + * region: "us-east1", + * }); + * ``` + */ +export function getSubnetworks(args?: GetSubnetworksArgs, opts?: pulumi.InvokeOptions): Promise { + args = args || {}; + + opts = pulumi.mergeOptions(utilities.resourceOptsDefaults(), opts || {}); + return pulumi.runtime.invoke("gcp:compute/getSubnetworks:getSubnetworks", { + "filter": args.filter, + "project": args.project, + "region": args.region, + }, opts); +} + +/** + * A collection of arguments for invoking getSubnetworks. + */ +export interface GetSubnetworksArgs { + /** + * A string filter as defined in the [REST API](https://cloud.google.com/compute/docs/reference/rest/v1/subnetworks/list#query-parameters). + */ + filter?: string; + /** + * The ID of the project in which the resource belongs. If it + * is not provided, the provider project is used. + */ + project?: string; + /** + * The region this subnetwork has been created in. If + * unspecified, this defaults to the region configured in the provider. + */ + region?: string; +} + +/** + * A collection of values returned by getSubnetworks. + */ +export interface GetSubnetworksResult { + readonly filter?: string; + /** + * The provider-assigned unique ID for this managed resource. + */ + readonly id: string; + readonly project?: string; + readonly region?: string; + /** + * A list of all retrieved GCE subnetworks. Structure is defined below. + */ + readonly subnetworks: outputs.compute.GetSubnetworksSubnetwork[]; +} +/** + * Get subnetworks within GCE. + * See [the official documentation](https://cloud.google.com/vpc/docs/subnets) + * and [API](https://cloud.google.com/compute/docs/reference/rest/v1/subnetworks/list). + * + * ## Example Usage + * + * ```typescript + * import * as pulumi from "@pulumi/pulumi"; + * import * as gcp from "@pulumi/gcp"; + * + * const my-subnetworks = gcp.compute.getSubnetworks({ + * filter: "ipCidrRange eq 192.168.178.0/24", + * project: "my-project", + * region: "us-east1", + * }); + * ``` + */ +export function getSubnetworksOutput(args?: GetSubnetworksOutputArgs, opts?: pulumi.InvokeOptions): pulumi.Output { + return pulumi.output(args).apply((a: any) => getSubnetworks(a, opts)) +} + +/** + * A collection of arguments for invoking getSubnetworks. + */ +export interface GetSubnetworksOutputArgs { + /** + * A string filter as defined in the [REST API](https://cloud.google.com/compute/docs/reference/rest/v1/subnetworks/list#query-parameters). + */ + filter?: pulumi.Input; + /** + * The ID of the project in which the resource belongs. If it + * is not provided, the provider project is used. + */ + project?: pulumi.Input; + /** + * The region this subnetwork has been created in. If + * unspecified, this defaults to the region configured in the provider. + */ + region?: pulumi.Input; +} diff --git a/sdk/nodejs/compute/index.ts b/sdk/nodejs/compute/index.ts index 289e3045f4..e197b090a0 100644 --- a/sdk/nodejs/compute/index.ts +++ b/sdk/nodejs/compute/index.ts @@ -390,6 +390,11 @@ export const getSubnetworkIamPolicy: typeof import("./getSubnetworkIamPolicy").g export const getSubnetworkIamPolicyOutput: typeof import("./getSubnetworkIamPolicy").getSubnetworkIamPolicyOutput = null as any; utilities.lazyLoad(exports, ["getSubnetworkIamPolicy","getSubnetworkIamPolicyOutput"], () => require("./getSubnetworkIamPolicy")); +export { GetSubnetworksArgs, GetSubnetworksResult, GetSubnetworksOutputArgs } from "./getSubnetworks"; +export const getSubnetworks: typeof import("./getSubnetworks").getSubnetworks = null as any; +export const getSubnetworksOutput: typeof import("./getSubnetworks").getSubnetworksOutput = null as any; +utilities.lazyLoad(exports, ["getSubnetworks","getSubnetworksOutput"], () => require("./getSubnetworks")); + export { GetVPNGatewayArgs, GetVPNGatewayResult, GetVPNGatewayOutputArgs } from "./getVPNGateway"; export const getVPNGateway: typeof import("./getVPNGateway").getVPNGateway = null as any; export const getVPNGatewayOutput: typeof import("./getVPNGateway").getVPNGatewayOutput = null as any; diff --git a/sdk/nodejs/compute/instanceGroupMembership.ts b/sdk/nodejs/compute/instanceGroupMembership.ts index 8e35b0c251..4f42587764 100644 --- a/sdk/nodejs/compute/instanceGroupMembership.ts +++ b/sdk/nodejs/compute/instanceGroupMembership.ts @@ -14,7 +14,7 @@ import * as utilities from "../utilities"; * > **NOTE** This resource has been added to avoid a situation, where after * Instance is recreated, it's removed from Instance Group and it's needed to * perform `apply` twice. To avoid situations like this, please use this resource - * with the lifecycle `updateTriggeredBy` method, with the passed Instance's ID. + * with the lifecycle `replaceTriggeredBy` method, with the passed Instance's ID. * * To get more information about InstanceGroupMembership, see: * diff --git a/sdk/nodejs/compute/interconnectAttachment.ts b/sdk/nodejs/compute/interconnectAttachment.ts index dab620523a..ec2563a5ca 100644 --- a/sdk/nodejs/compute/interconnectAttachment.ts +++ b/sdk/nodejs/compute/interconnectAttachment.ts @@ -304,6 +304,15 @@ export class InterconnectAttachment extends pulumi.CustomResource { * [Output Only] The current state of this attachment's functionality. */ public /*out*/ readonly state!: pulumi.Output; + /** + * Length of the IPv4 subnet mask. Allowed values: 29 (default), 30. The default value is 29, + * except for Cross-Cloud Interconnect connections that use an InterconnectRemoteLocation with a + * constraints.subnetLengthRange.min equal to 30. For example, connections that use an Azure + * remote location fall into this category. In these cases, the default value is 30, and + * requesting 29 returns an error. Where both 29 and 30 are allowed, 29 is preferred, because it + * gives Google Cloud Support more debugging visibility. + */ + public readonly subnetLength!: pulumi.Output; /** * The type of InterconnectAttachment you wish to create. Defaults to * DEDICATED. @@ -354,6 +363,7 @@ export class InterconnectAttachment extends pulumi.CustomResource { resourceInputs["selfLink"] = state ? state.selfLink : undefined; resourceInputs["stackType"] = state ? state.stackType : undefined; resourceInputs["state"] = state ? state.state : undefined; + resourceInputs["subnetLength"] = state ? state.subnetLength : undefined; resourceInputs["type"] = state ? state.type : undefined; resourceInputs["vlanTag8021q"] = state ? state.vlanTag8021q : undefined; } else { @@ -375,6 +385,7 @@ export class InterconnectAttachment extends pulumi.CustomResource { resourceInputs["region"] = args ? args.region : undefined; resourceInputs["router"] = args ? args.router : undefined; resourceInputs["stackType"] = args ? args.stackType : undefined; + resourceInputs["subnetLength"] = args ? args.subnetLength : undefined; resourceInputs["type"] = args ? args.type : undefined; resourceInputs["vlanTag8021q"] = args ? args.vlanTag8021q : undefined; resourceInputs["cloudRouterIpAddress"] = undefined /*out*/; @@ -571,6 +582,15 @@ export interface InterconnectAttachmentState { * [Output Only] The current state of this attachment's functionality. */ state?: pulumi.Input; + /** + * Length of the IPv4 subnet mask. Allowed values: 29 (default), 30. The default value is 29, + * except for Cross-Cloud Interconnect connections that use an InterconnectRemoteLocation with a + * constraints.subnetLengthRange.min equal to 30. For example, connections that use an Azure + * remote location fall into this category. In these cases, the default value is 30, and + * requesting 29 returns an error. Where both 29 and 30 are allowed, 29 is preferred, because it + * gives Google Cloud Support more debugging visibility. + */ + subnetLength?: pulumi.Input; /** * The type of InterconnectAttachment you wish to create. Defaults to * DEDICATED. @@ -706,6 +726,15 @@ export interface InterconnectAttachmentArgs { * Possible values are: `IPV4_IPV6`, `IPV4_ONLY`. */ stackType?: pulumi.Input; + /** + * Length of the IPv4 subnet mask. Allowed values: 29 (default), 30. The default value is 29, + * except for Cross-Cloud Interconnect connections that use an InterconnectRemoteLocation with a + * constraints.subnetLengthRange.min equal to 30. For example, connections that use an Azure + * remote location fall into this category. In these cases, the default value is 30, and + * requesting 29 returns an error. Where both 29 and 30 are allowed, 29 is preferred, because it + * gives Google Cloud Support more debugging visibility. + */ + subnetLength?: pulumi.Input; /** * The type of InterconnectAttachment you wish to create. Defaults to * DEDICATED. diff --git a/sdk/nodejs/compute/networkEndpoint.ts b/sdk/nodejs/compute/networkEndpoint.ts index 91ae7ca91b..d507b5d611 100644 --- a/sdk/nodejs/compute/networkEndpoint.ts +++ b/sdk/nodejs/compute/networkEndpoint.ts @@ -13,7 +13,7 @@ import * as utilities from "../utilities"; * * > **NOTE** In case the Endpoint's Instance is recreated, it's needed to * perform `apply` twice. To avoid situations like this, please use this resource - * with the lifecycle `updateTriggeredBy` method, with the passed Instance's ID. + * with the lifecycle `replaceTriggeredBy` method, with the passed Instance's ID. * * To get more information about NetworkEndpoint, see: * diff --git a/sdk/nodejs/compute/networkEndpointList.ts b/sdk/nodejs/compute/networkEndpointList.ts index e10ff04ec6..d0621a4b80 100644 --- a/sdk/nodejs/compute/networkEndpointList.ts +++ b/sdk/nodejs/compute/networkEndpointList.ts @@ -18,7 +18,7 @@ import * as utilities from "../utilities"; * * > **NOTE** In case the Endpoint's Instance is recreated, it's needed to * perform `apply` twice. To avoid situations like this, please use this resource - * with the lifecycle `updateTriggeredBy` method, with the passed Instance's ID. + * with the lifecycle `replaceTriggeredBy` method, with the passed Instance's ID. * * To get more information about NetworkEndpoints, see: * diff --git a/sdk/nodejs/compute/regionSslPolicy.ts b/sdk/nodejs/compute/regionSslPolicy.ts index 5711c48940..33709ddf90 100644 --- a/sdk/nodejs/compute/regionSslPolicy.ts +++ b/sdk/nodejs/compute/regionSslPolicy.ts @@ -114,6 +114,9 @@ export class RegionSslPolicy extends pulumi.CustomResource { * first character must be a lowercase letter, and all following * characters must be a dash, lowercase letter, or digit, except the last * character, which cannot be a dash. + * + * + * - - - */ public readonly name!: pulumi.Output; /** @@ -135,9 +138,6 @@ export class RegionSslPolicy extends pulumi.CustomResource { public readonly project!: pulumi.Output; /** * The region where the regional SSL policy resides. - * - * - * - - - */ public readonly region!: pulumi.Output; /** @@ -152,7 +152,7 @@ export class RegionSslPolicy extends pulumi.CustomResource { * @param args The arguments to use to populate this resource's properties. * @param opts A bag of options that control this resource's behavior. */ - constructor(name: string, args: RegionSslPolicyArgs, opts?: pulumi.CustomResourceOptions) + constructor(name: string, args?: RegionSslPolicyArgs, opts?: pulumi.CustomResourceOptions) constructor(name: string, argsOrState?: RegionSslPolicyArgs | RegionSslPolicyState, opts?: pulumi.CustomResourceOptions) { let resourceInputs: pulumi.Inputs = {}; opts = opts || {}; @@ -171,9 +171,6 @@ export class RegionSslPolicy extends pulumi.CustomResource { resourceInputs["selfLink"] = state ? state.selfLink : undefined; } else { const args = argsOrState as RegionSslPolicyArgs | undefined; - if ((!args || args.region === undefined) && !opts.urn) { - throw new Error("Missing required property 'region'"); - } resourceInputs["customFeatures"] = args ? args.customFeatures : undefined; resourceInputs["description"] = args ? args.description : undefined; resourceInputs["minTlsVersion"] = args ? args.minTlsVersion : undefined; @@ -237,6 +234,9 @@ export interface RegionSslPolicyState { * first character must be a lowercase letter, and all following * characters must be a dash, lowercase letter, or digit, except the last * character, which cannot be a dash. + * + * + * - - - */ name?: pulumi.Input; /** @@ -258,9 +258,6 @@ export interface RegionSslPolicyState { project?: pulumi.Input; /** * The region where the regional SSL policy resides. - * - * - * - - - */ region?: pulumi.Input; /** @@ -302,6 +299,9 @@ export interface RegionSslPolicyArgs { * first character must be a lowercase letter, and all following * characters must be a dash, lowercase letter, or digit, except the last * character, which cannot be a dash. + * + * + * - - - */ name?: pulumi.Input; /** @@ -323,9 +323,6 @@ export interface RegionSslPolicyArgs { project?: pulumi.Input; /** * The region where the regional SSL policy resides. - * - * - * - - - */ - region: pulumi.Input; + region?: pulumi.Input; } diff --git a/sdk/nodejs/compute/securityPolicyRule.ts b/sdk/nodejs/compute/securityPolicyRule.ts index 12f60bbfad..1dedd85b5e 100644 --- a/sdk/nodejs/compute/securityPolicyRule.ts +++ b/sdk/nodejs/compute/securityPolicyRule.ts @@ -218,6 +218,11 @@ export class SecurityPolicyRule extends pulumi.CustomResource { * If it is not provided, the provider project is used. */ public readonly project!: pulumi.Output; + /** + * Must be specified if the action is "rateBasedBan" or "throttle". Cannot be specified for any other actions. + * Structure is documented below. + */ + public readonly rateLimitOptions!: pulumi.Output; /** * The name of the security policy this rule belongs to. * @@ -246,6 +251,7 @@ export class SecurityPolicyRule extends pulumi.CustomResource { resourceInputs["preview"] = state ? state.preview : undefined; resourceInputs["priority"] = state ? state.priority : undefined; resourceInputs["project"] = state ? state.project : undefined; + resourceInputs["rateLimitOptions"] = state ? state.rateLimitOptions : undefined; resourceInputs["securityPolicy"] = state ? state.securityPolicy : undefined; } else { const args = argsOrState as SecurityPolicyRuleArgs | undefined; @@ -265,6 +271,7 @@ export class SecurityPolicyRule extends pulumi.CustomResource { resourceInputs["preview"] = args ? args.preview : undefined; resourceInputs["priority"] = args ? args.priority : undefined; resourceInputs["project"] = args ? args.project : undefined; + resourceInputs["rateLimitOptions"] = args ? args.rateLimitOptions : undefined; resourceInputs["securityPolicy"] = args ? args.securityPolicy : undefined; } opts = pulumi.mergeOptions(utilities.resourceOptsDefaults(), opts); @@ -316,6 +323,11 @@ export interface SecurityPolicyRuleState { * If it is not provided, the provider project is used. */ project?: pulumi.Input; + /** + * Must be specified if the action is "rateBasedBan" or "throttle". Cannot be specified for any other actions. + * Structure is documented below. + */ + rateLimitOptions?: pulumi.Input; /** * The name of the security policy this rule belongs to. * @@ -369,6 +381,11 @@ export interface SecurityPolicyRuleArgs { * If it is not provided, the provider project is used. */ project?: pulumi.Input; + /** + * Must be specified if the action is "rateBasedBan" or "throttle". Cannot be specified for any other actions. + * Structure is documented below. + */ + rateLimitOptions?: pulumi.Input; /** * The name of the security policy this rule belongs to. * diff --git a/sdk/nodejs/dataplex/aspectType.ts b/sdk/nodejs/dataplex/aspectType.ts new file mode 100644 index 0000000000..59b4e48bd4 --- /dev/null +++ b/sdk/nodejs/dataplex/aspectType.ts @@ -0,0 +1,466 @@ +// *** WARNING: this file was generated by the Pulumi Terraform Bridge (tfgen) Tool. *** +// *** Do not edit by hand unless you're certain you know what you are doing! *** + +import * as pulumi from "@pulumi/pulumi"; +import * as utilities from "../utilities"; + +/** + * An Aspect Type is a template for creating Aspects. + * + * ## Example Usage + * + * ### Dataplex Aspect Type Basic + * + * ```typescript + * import * as pulumi from "@pulumi/pulumi"; + * import * as gcp from "@pulumi/gcp"; + * + * const testAspectTypeBasic = new gcp.dataplex.AspectType("test_aspect_type_basic", { + * aspectTypeId: "aspect-type-basic", + * project: "my-project-name", + * location: "us-central1", + * metadataTemplate: `{ + * "name": "tf-test-template", + * "type": "record", + * "recordFields": [ + * { + * "name": "type", + * "type": "enum", + * "annotations": { + * "displayName": "Type", + * "description": "Specifies the type of view represented by the entry." + * }, + * "index": 1, + * "constraints": { + * "required": true + * }, + * "enumValues": [ + * { + * "name": "VIEW", + * "index": 1 + * } + * ] + * } + * ] + * } + * `, + * }); + * ``` + * ### Dataplex Aspect Type Full + * + * ```typescript + * import * as pulumi from "@pulumi/pulumi"; + * import * as gcp from "@pulumi/gcp"; + * + * const testAspectTypeFull = new gcp.dataplex.AspectType("test_aspect_type_full", { + * aspectTypeId: "aspect-type-full", + * project: "my-project-name", + * location: "us-central1", + * labels: { + * tag: "test-tf", + * }, + * displayName: "terraform aspect type", + * description: "aspect type created by Terraform", + * metadataTemplate: `{ + * "type": "record", + * "name": "Schema", + * "recordFields": [ + * { + * "name": "fields", + * "type": "array", + * "index": 1, + * "arrayItems": { + * "name": "field", + * "type": "record", + * "typeId": "field", + * "recordFields": [ + * { + * "name": "name", + * "type": "string", + * "index": 1, + * "constraints": { + * "required": true + * } + * }, + * { + * "name": "description", + * "type": "string", + * "index": 2 + * }, + * { + * "name": "dataType", + * "type": "string", + * "index": 3, + * "constraints": { + * "required": true + * } + * }, + * { + * "name": "metadataType", + * "type": "enum", + * "index": 4, + * "constraints": { + * "required": true + * }, + * "enumValues": [ + * { + * "name": "BOOLEAN", + * "index": 1 + * }, + * { + * "name": "NUMBER", + * "index": 2 + * }, + * { + * "name": "STRING", + * "index": 3 + * }, + * { + * "name": "BYTES", + * "index": 4 + * }, + * { + * "name": "DATETIME", + * "index": 5 + * }, + * { + * "name": "TIMESTAMP", + * "index": 6 + * }, + * { + * "name": "GEOSPATIAL", + * "index": 7 + * }, + * { + * "name": "STRUCT", + * "index": 8 + * }, + * { + * "name": "OTHER", + * "index": 100 + * } + * ] + * }, + * { + * "name": "mode", + * "type": "enum", + * "index": 5, + * "enumValues": [ + * { + * "name": "NULLABLE", + * "index": 1 + * }, + * { + * "name": "REPEATED", + * "index": 2 + * }, + * { + * "name": "REQUIRED", + * "index": 3 + * } + * ] + * }, + * { + * "name": "defaultValue", + * "type": "string", + * "index": 6 + * }, + * { + * "name": "annotations", + * "type": "map", + * "index": 7, + * "mapItems": { + * "name": "label", + * "type": "string" + * } + * }, + * { + * "name": "fields", + * "type": "array", + * "index": 20, + * "arrayItems": { + * "name": "field", + * "type": "record", + * "typeRef": "field" + * } + * } + * ] + * } + * } + * ] + * } + * `, + * }); + * ``` + * + * ## Import + * + * AspectType can be imported using any of these accepted formats: + * + * * `projects/{{project}}/locations/{{location}}/aspectTypes/{{aspect_type_id}}` + * + * * `{{project}}/{{location}}/{{aspect_type_id}}` + * + * * `{{location}}/{{aspect_type_id}}` + * + * When using the `pulumi import` command, AspectType can be imported using one of the formats above. For example: + * + * ```sh + * $ pulumi import gcp:dataplex/aspectType:AspectType default projects/{{project}}/locations/{{location}}/aspectTypes/{{aspect_type_id}} + * ``` + * + * ```sh + * $ pulumi import gcp:dataplex/aspectType:AspectType default {{project}}/{{location}}/{{aspect_type_id}} + * ``` + * + * ```sh + * $ pulumi import gcp:dataplex/aspectType:AspectType default {{location}}/{{aspect_type_id}} + * ``` + */ +export class AspectType extends pulumi.CustomResource { + /** + * Get an existing AspectType resource's state with the given name, ID, and optional extra + * properties used to qualify the lookup. + * + * @param name The _unique_ name of the resulting resource. + * @param id The _unique_ provider ID of the resource to lookup. + * @param state Any extra arguments used during the lookup. + * @param opts Optional settings to control the behavior of the CustomResource. + */ + public static get(name: string, id: pulumi.Input, state?: AspectTypeState, opts?: pulumi.CustomResourceOptions): AspectType { + return new AspectType(name, state, { ...opts, id: id }); + } + + /** @internal */ + public static readonly __pulumiType = 'gcp:dataplex/aspectType:AspectType'; + + /** + * Returns true if the given object is an instance of AspectType. This is designed to work even + * when multiple copies of the Pulumi SDK have been loaded into the same process. + */ + public static isInstance(obj: any): obj is AspectType { + if (obj === undefined || obj === null) { + return false; + } + return obj['__pulumiType'] === AspectType.__pulumiType; + } + + /** + * The aspect type id of the aspect type. + */ + public readonly aspectTypeId!: pulumi.Output; + /** + * The time when the AspectType was created. + */ + public /*out*/ readonly createTime!: pulumi.Output; + /** + * Description of the AspectType. + */ + public readonly description!: pulumi.Output; + /** + * User friendly display name. + */ + public readonly displayName!: pulumi.Output; + /** + * All of labels (key/value pairs) present on the resource in GCP, including the labels configured through Pulumi, other clients and services. + */ + public /*out*/ readonly effectiveLabels!: pulumi.Output<{[key: string]: string}>; + /** + * User-defined labels for the AspectType. + * + * **Note**: This field is non-authoritative, and will only manage the labels present in your configuration. + * Please refer to the field `effectiveLabels` for all of the labels present on the resource. + */ + public readonly labels!: pulumi.Output<{[key: string]: string} | undefined>; + /** + * The location where aspect type will be created in. + */ + public readonly location!: pulumi.Output; + /** + * MetadataTemplate of the Aspect. + */ + public readonly metadataTemplate!: pulumi.Output; + /** + * The relative resource name of the AspectType, of the form: projects/{project_number}/locations/{location_id}/aspectTypes/{aspect_type_id} + */ + public /*out*/ readonly name!: pulumi.Output; + /** + * The ID of the project in which the resource belongs. + * If it is not provided, the provider project is used. + */ + public readonly project!: pulumi.Output; + /** + * The combination of labels configured directly on the resource + * and default labels configured on the provider. + */ + public /*out*/ readonly pulumiLabels!: pulumi.Output<{[key: string]: string}>; + /** + * Denotes the transfer status of the Aspect Type. It is unspecified + * for Aspect Type created from Dataplex API. + */ + public /*out*/ readonly transferStatus!: pulumi.Output; + /** + * System generated globally unique ID for the AspectType. This ID will be different if the AspectType is deleted and re-created with the same name. + */ + public /*out*/ readonly uid!: pulumi.Output; + /** + * The time when the AspectType was last updated. + */ + public /*out*/ readonly updateTime!: pulumi.Output; + + /** + * Create a AspectType resource with the given unique name, arguments, and options. + * + * @param name The _unique_ name of the resource. + * @param args The arguments to use to populate this resource's properties. + * @param opts A bag of options that control this resource's behavior. + */ + constructor(name: string, args?: AspectTypeArgs, opts?: pulumi.CustomResourceOptions) + constructor(name: string, argsOrState?: AspectTypeArgs | AspectTypeState, opts?: pulumi.CustomResourceOptions) { + let resourceInputs: pulumi.Inputs = {}; + opts = opts || {}; + if (opts.id) { + const state = argsOrState as AspectTypeState | undefined; + resourceInputs["aspectTypeId"] = state ? state.aspectTypeId : undefined; + resourceInputs["createTime"] = state ? state.createTime : undefined; + resourceInputs["description"] = state ? state.description : undefined; + resourceInputs["displayName"] = state ? state.displayName : undefined; + resourceInputs["effectiveLabels"] = state ? state.effectiveLabels : undefined; + resourceInputs["labels"] = state ? state.labels : undefined; + resourceInputs["location"] = state ? state.location : undefined; + resourceInputs["metadataTemplate"] = state ? state.metadataTemplate : undefined; + resourceInputs["name"] = state ? state.name : undefined; + resourceInputs["project"] = state ? state.project : undefined; + resourceInputs["pulumiLabels"] = state ? state.pulumiLabels : undefined; + resourceInputs["transferStatus"] = state ? state.transferStatus : undefined; + resourceInputs["uid"] = state ? state.uid : undefined; + resourceInputs["updateTime"] = state ? state.updateTime : undefined; + } else { + const args = argsOrState as AspectTypeArgs | undefined; + resourceInputs["aspectTypeId"] = args ? args.aspectTypeId : undefined; + resourceInputs["description"] = args ? args.description : undefined; + resourceInputs["displayName"] = args ? args.displayName : undefined; + resourceInputs["labels"] = args ? args.labels : undefined; + resourceInputs["location"] = args ? args.location : undefined; + resourceInputs["metadataTemplate"] = args ? args.metadataTemplate : undefined; + resourceInputs["project"] = args ? args.project : undefined; + resourceInputs["createTime"] = undefined /*out*/; + resourceInputs["effectiveLabels"] = undefined /*out*/; + resourceInputs["name"] = undefined /*out*/; + resourceInputs["pulumiLabels"] = undefined /*out*/; + resourceInputs["transferStatus"] = undefined /*out*/; + resourceInputs["uid"] = undefined /*out*/; + resourceInputs["updateTime"] = undefined /*out*/; + } + opts = pulumi.mergeOptions(utilities.resourceOptsDefaults(), opts); + const secretOpts = { additionalSecretOutputs: ["effectiveLabels", "pulumiLabels"] }; + opts = pulumi.mergeOptions(opts, secretOpts); + super(AspectType.__pulumiType, name, resourceInputs, opts); + } +} + +/** + * Input properties used for looking up and filtering AspectType resources. + */ +export interface AspectTypeState { + /** + * The aspect type id of the aspect type. + */ + aspectTypeId?: pulumi.Input; + /** + * The time when the AspectType was created. + */ + createTime?: pulumi.Input; + /** + * Description of the AspectType. + */ + description?: pulumi.Input; + /** + * User friendly display name. + */ + displayName?: pulumi.Input; + /** + * All of labels (key/value pairs) present on the resource in GCP, including the labels configured through Pulumi, other clients and services. + */ + effectiveLabels?: pulumi.Input<{[key: string]: pulumi.Input}>; + /** + * User-defined labels for the AspectType. + * + * **Note**: This field is non-authoritative, and will only manage the labels present in your configuration. + * Please refer to the field `effectiveLabels` for all of the labels present on the resource. + */ + labels?: pulumi.Input<{[key: string]: pulumi.Input}>; + /** + * The location where aspect type will be created in. + */ + location?: pulumi.Input; + /** + * MetadataTemplate of the Aspect. + */ + metadataTemplate?: pulumi.Input; + /** + * The relative resource name of the AspectType, of the form: projects/{project_number}/locations/{location_id}/aspectTypes/{aspect_type_id} + */ + name?: pulumi.Input; + /** + * The ID of the project in which the resource belongs. + * If it is not provided, the provider project is used. + */ + project?: pulumi.Input; + /** + * The combination of labels configured directly on the resource + * and default labels configured on the provider. + */ + pulumiLabels?: pulumi.Input<{[key: string]: pulumi.Input}>; + /** + * Denotes the transfer status of the Aspect Type. It is unspecified + * for Aspect Type created from Dataplex API. + */ + transferStatus?: pulumi.Input; + /** + * System generated globally unique ID for the AspectType. This ID will be different if the AspectType is deleted and re-created with the same name. + */ + uid?: pulumi.Input; + /** + * The time when the AspectType was last updated. + */ + updateTime?: pulumi.Input; +} + +/** + * The set of arguments for constructing a AspectType resource. + */ +export interface AspectTypeArgs { + /** + * The aspect type id of the aspect type. + */ + aspectTypeId?: pulumi.Input; + /** + * Description of the AspectType. + */ + description?: pulumi.Input; + /** + * User friendly display name. + */ + displayName?: pulumi.Input; + /** + * User-defined labels for the AspectType. + * + * **Note**: This field is non-authoritative, and will only manage the labels present in your configuration. + * Please refer to the field `effectiveLabels` for all of the labels present on the resource. + */ + labels?: pulumi.Input<{[key: string]: pulumi.Input}>; + /** + * The location where aspect type will be created in. + */ + location?: pulumi.Input; + /** + * MetadataTemplate of the Aspect. + */ + metadataTemplate?: pulumi.Input; + /** + * The ID of the project in which the resource belongs. + * If it is not provided, the provider project is used. + */ + project?: pulumi.Input; +} diff --git a/sdk/nodejs/dataplex/aspectTypeIamBinding.ts b/sdk/nodejs/dataplex/aspectTypeIamBinding.ts new file mode 100644 index 0000000000..854bbbba4f --- /dev/null +++ b/sdk/nodejs/dataplex/aspectTypeIamBinding.ts @@ -0,0 +1,349 @@ +// *** WARNING: this file was generated by the Pulumi Terraform Bridge (tfgen) Tool. *** +// *** Do not edit by hand unless you're certain you know what you are doing! *** + +import * as pulumi from "@pulumi/pulumi"; +import * as inputs from "../types/input"; +import * as outputs from "../types/output"; +import * as utilities from "../utilities"; + +/** + * Three different resources help you manage your IAM policy for Dataplex AspectType. Each of these resources serves a different use case: + * + * * `gcp.dataplex.AspectTypeIamPolicy`: Authoritative. Sets the IAM policy for the aspecttype and replaces any existing policy already attached. + * * `gcp.dataplex.AspectTypeIamBinding`: Authoritative for a given role. Updates the IAM policy to grant a role to a list of members. Other roles within the IAM policy for the aspecttype are preserved. + * * `gcp.dataplex.AspectTypeIamMember`: Non-authoritative. Updates the IAM policy to grant a role to a new member. Other members for the role for the aspecttype are preserved. + * + * A data source can be used to retrieve policy data in advent you do not need creation + * + * * `gcp.dataplex.AspectTypeIamPolicy`: Retrieves the IAM policy for the aspecttype + * + * > **Note:** `gcp.dataplex.AspectTypeIamPolicy` **cannot** be used in conjunction with `gcp.dataplex.AspectTypeIamBinding` and `gcp.dataplex.AspectTypeIamMember` or they will fight over what your policy should be. + * + * > **Note:** `gcp.dataplex.AspectTypeIamBinding` resources **can be** used in conjunction with `gcp.dataplex.AspectTypeIamMember` resources **only if** they do not grant privilege to the same role. + * + * ## gcp.dataplex.AspectTypeIamPolicy + * + * ```typescript + * import * as pulumi from "@pulumi/pulumi"; + * import * as gcp from "@pulumi/gcp"; + * + * const admin = gcp.organizations.getIAMPolicy({ + * bindings: [{ + * role: "roles/viewer", + * members: ["user:jane@example.com"], + * }], + * }); + * const policy = new gcp.dataplex.AspectTypeIamPolicy("policy", { + * project: testAspectTypeBasic.project, + * location: testAspectTypeBasic.location, + * aspectTypeId: testAspectTypeBasic.aspectTypeId, + * policyData: admin.then(admin => admin.policyData), + * }); + * ``` + * + * ## gcp.dataplex.AspectTypeIamBinding + * + * ```typescript + * import * as pulumi from "@pulumi/pulumi"; + * import * as gcp from "@pulumi/gcp"; + * + * const binding = new gcp.dataplex.AspectTypeIamBinding("binding", { + * project: testAspectTypeBasic.project, + * location: testAspectTypeBasic.location, + * aspectTypeId: testAspectTypeBasic.aspectTypeId, + * role: "roles/viewer", + * members: ["user:jane@example.com"], + * }); + * ``` + * + * ## gcp.dataplex.AspectTypeIamMember + * + * ```typescript + * import * as pulumi from "@pulumi/pulumi"; + * import * as gcp from "@pulumi/gcp"; + * + * const member = new gcp.dataplex.AspectTypeIamMember("member", { + * project: testAspectTypeBasic.project, + * location: testAspectTypeBasic.location, + * aspectTypeId: testAspectTypeBasic.aspectTypeId, + * role: "roles/viewer", + * member: "user:jane@example.com", + * }); + * ``` + * + * ## gcp.dataplex.AspectTypeIamPolicy + * + * ```typescript + * import * as pulumi from "@pulumi/pulumi"; + * import * as gcp from "@pulumi/gcp"; + * + * const admin = gcp.organizations.getIAMPolicy({ + * bindings: [{ + * role: "roles/viewer", + * members: ["user:jane@example.com"], + * }], + * }); + * const policy = new gcp.dataplex.AspectTypeIamPolicy("policy", { + * project: testAspectTypeBasic.project, + * location: testAspectTypeBasic.location, + * aspectTypeId: testAspectTypeBasic.aspectTypeId, + * policyData: admin.then(admin => admin.policyData), + * }); + * ``` + * + * ## gcp.dataplex.AspectTypeIamBinding + * + * ```typescript + * import * as pulumi from "@pulumi/pulumi"; + * import * as gcp from "@pulumi/gcp"; + * + * const binding = new gcp.dataplex.AspectTypeIamBinding("binding", { + * project: testAspectTypeBasic.project, + * location: testAspectTypeBasic.location, + * aspectTypeId: testAspectTypeBasic.aspectTypeId, + * role: "roles/viewer", + * members: ["user:jane@example.com"], + * }); + * ``` + * + * ## gcp.dataplex.AspectTypeIamMember + * + * ```typescript + * import * as pulumi from "@pulumi/pulumi"; + * import * as gcp from "@pulumi/gcp"; + * + * const member = new gcp.dataplex.AspectTypeIamMember("member", { + * project: testAspectTypeBasic.project, + * location: testAspectTypeBasic.location, + * aspectTypeId: testAspectTypeBasic.aspectTypeId, + * role: "roles/viewer", + * member: "user:jane@example.com", + * }); + * ``` + * + * ## Import + * + * For all import syntaxes, the "resource in question" can take any of the following forms: + * + * * projects/{{project}}/locations/{{location}}/aspectTypes/{{aspect_type_id}} + * + * * {{project}}/{{location}}/{{aspect_type_id}} + * + * * {{location}}/{{aspect_type_id}} + * + * * {{aspect_type_id}} + * + * Any variables not passed in the import command will be taken from the provider configuration. + * + * Dataplex aspecttype IAM resources can be imported using the resource identifiers, role, and member. + * + * IAM member imports use space-delimited identifiers: the resource in question, the role, and the member identity, e.g. + * + * ```sh + * $ pulumi import gcp:dataplex/aspectTypeIamBinding:AspectTypeIamBinding editor "projects/{{project}}/locations/{{location}}/aspectTypes/{{aspect_type_id}} roles/viewer user:jane@example.com" + * ``` + * + * IAM binding imports use space-delimited identifiers: the resource in question and the role, e.g. + * + * ```sh + * $ pulumi import gcp:dataplex/aspectTypeIamBinding:AspectTypeIamBinding editor "projects/{{project}}/locations/{{location}}/aspectTypes/{{aspect_type_id}} roles/viewer" + * ``` + * + * IAM policy imports use the identifier of the resource in question, e.g. + * + * ```sh + * $ pulumi import gcp:dataplex/aspectTypeIamBinding:AspectTypeIamBinding editor projects/{{project}}/locations/{{location}}/aspectTypes/{{aspect_type_id}} + * ``` + * + * -> **Custom Roles**: If you're importing a IAM resource with a custom role, make sure to use the + * + * full name of the custom role, e.g. `[projects/my-project|organizations/my-org]/roles/my-custom-role`. + */ +export class AspectTypeIamBinding extends pulumi.CustomResource { + /** + * Get an existing AspectTypeIamBinding resource's state with the given name, ID, and optional extra + * properties used to qualify the lookup. + * + * @param name The _unique_ name of the resulting resource. + * @param id The _unique_ provider ID of the resource to lookup. + * @param state Any extra arguments used during the lookup. + * @param opts Optional settings to control the behavior of the CustomResource. + */ + public static get(name: string, id: pulumi.Input, state?: AspectTypeIamBindingState, opts?: pulumi.CustomResourceOptions): AspectTypeIamBinding { + return new AspectTypeIamBinding(name, state, { ...opts, id: id }); + } + + /** @internal */ + public static readonly __pulumiType = 'gcp:dataplex/aspectTypeIamBinding:AspectTypeIamBinding'; + + /** + * Returns true if the given object is an instance of AspectTypeIamBinding. This is designed to work even + * when multiple copies of the Pulumi SDK have been loaded into the same process. + */ + public static isInstance(obj: any): obj is AspectTypeIamBinding { + if (obj === undefined || obj === null) { + return false; + } + return obj['__pulumiType'] === AspectTypeIamBinding.__pulumiType; + } + + public readonly aspectTypeId!: pulumi.Output; + public readonly condition!: pulumi.Output; + /** + * (Computed) The etag of the IAM policy. + */ + public /*out*/ readonly etag!: pulumi.Output; + /** + * The location where aspect type will be created in. + * Used to find the parent resource to bind the IAM policy to + */ + public readonly location!: pulumi.Output; + /** + * Identities that will be granted the privilege in `role`. + * Each entry can have one of the following values: + * * **allUsers**: A special identifier that represents anyone who is on the internet; with or without a Google account. + * * **allAuthenticatedUsers**: A special identifier that represents anyone who is authenticated with a Google account or a service account. + * * **user:{emailid}**: An email address that represents a specific Google account. For example, alice@gmail.com or joe@example.com. + * * **serviceAccount:{emailid}**: An email address that represents a service account. For example, my-other-app@appspot.gserviceaccount.com. + * * **group:{emailid}**: An email address that represents a Google group. For example, admins@example.com. + * * **domain:{domain}**: A G Suite domain (primary, instead of alias) name that represents all the users of that domain. For example, google.com or example.com. + * * **projectOwner:projectid**: Owners of the given project. For example, "projectOwner:my-example-project" + * * **projectEditor:projectid**: Editors of the given project. For example, "projectEditor:my-example-project" + * * **projectViewer:projectid**: Viewers of the given project. For example, "projectViewer:my-example-project" + */ + public readonly members!: pulumi.Output; + /** + * The ID of the project in which the resource belongs. + * If it is not provided, the project will be parsed from the identifier of the parent resource. If no project is provided in the parent identifier and no project is specified, the provider project is used. + */ + public readonly project!: pulumi.Output; + /** + * The role that should be applied. Only one + * `gcp.dataplex.AspectTypeIamBinding` can be used per role. Note that custom roles must be of the format + * `[projects|organizations]/{parent-name}/roles/{role-name}`. + */ + public readonly role!: pulumi.Output; + + /** + * Create a AspectTypeIamBinding resource with the given unique name, arguments, and options. + * + * @param name The _unique_ name of the resource. + * @param args The arguments to use to populate this resource's properties. + * @param opts A bag of options that control this resource's behavior. + */ + constructor(name: string, args: AspectTypeIamBindingArgs, opts?: pulumi.CustomResourceOptions) + constructor(name: string, argsOrState?: AspectTypeIamBindingArgs | AspectTypeIamBindingState, opts?: pulumi.CustomResourceOptions) { + let resourceInputs: pulumi.Inputs = {}; + opts = opts || {}; + if (opts.id) { + const state = argsOrState as AspectTypeIamBindingState | undefined; + resourceInputs["aspectTypeId"] = state ? state.aspectTypeId : undefined; + resourceInputs["condition"] = state ? state.condition : undefined; + resourceInputs["etag"] = state ? state.etag : undefined; + resourceInputs["location"] = state ? state.location : undefined; + resourceInputs["members"] = state ? state.members : undefined; + resourceInputs["project"] = state ? state.project : undefined; + resourceInputs["role"] = state ? state.role : undefined; + } else { + const args = argsOrState as AspectTypeIamBindingArgs | undefined; + if ((!args || args.aspectTypeId === undefined) && !opts.urn) { + throw new Error("Missing required property 'aspectTypeId'"); + } + if ((!args || args.members === undefined) && !opts.urn) { + throw new Error("Missing required property 'members'"); + } + if ((!args || args.role === undefined) && !opts.urn) { + throw new Error("Missing required property 'role'"); + } + resourceInputs["aspectTypeId"] = args ? args.aspectTypeId : undefined; + resourceInputs["condition"] = args ? args.condition : undefined; + resourceInputs["location"] = args ? args.location : undefined; + resourceInputs["members"] = args ? args.members : undefined; + resourceInputs["project"] = args ? args.project : undefined; + resourceInputs["role"] = args ? args.role : undefined; + resourceInputs["etag"] = undefined /*out*/; + } + opts = pulumi.mergeOptions(utilities.resourceOptsDefaults(), opts); + super(AspectTypeIamBinding.__pulumiType, name, resourceInputs, opts); + } +} + +/** + * Input properties used for looking up and filtering AspectTypeIamBinding resources. + */ +export interface AspectTypeIamBindingState { + aspectTypeId?: pulumi.Input; + condition?: pulumi.Input; + /** + * (Computed) The etag of the IAM policy. + */ + etag?: pulumi.Input; + /** + * The location where aspect type will be created in. + * Used to find the parent resource to bind the IAM policy to + */ + location?: pulumi.Input; + /** + * Identities that will be granted the privilege in `role`. + * Each entry can have one of the following values: + * * **allUsers**: A special identifier that represents anyone who is on the internet; with or without a Google account. + * * **allAuthenticatedUsers**: A special identifier that represents anyone who is authenticated with a Google account or a service account. + * * **user:{emailid}**: An email address that represents a specific Google account. For example, alice@gmail.com or joe@example.com. + * * **serviceAccount:{emailid}**: An email address that represents a service account. For example, my-other-app@appspot.gserviceaccount.com. + * * **group:{emailid}**: An email address that represents a Google group. For example, admins@example.com. + * * **domain:{domain}**: A G Suite domain (primary, instead of alias) name that represents all the users of that domain. For example, google.com or example.com. + * * **projectOwner:projectid**: Owners of the given project. For example, "projectOwner:my-example-project" + * * **projectEditor:projectid**: Editors of the given project. For example, "projectEditor:my-example-project" + * * **projectViewer:projectid**: Viewers of the given project. For example, "projectViewer:my-example-project" + */ + members?: pulumi.Input[]>; + /** + * The ID of the project in which the resource belongs. + * If it is not provided, the project will be parsed from the identifier of the parent resource. If no project is provided in the parent identifier and no project is specified, the provider project is used. + */ + project?: pulumi.Input; + /** + * The role that should be applied. Only one + * `gcp.dataplex.AspectTypeIamBinding` can be used per role. Note that custom roles must be of the format + * `[projects|organizations]/{parent-name}/roles/{role-name}`. + */ + role?: pulumi.Input; +} + +/** + * The set of arguments for constructing a AspectTypeIamBinding resource. + */ +export interface AspectTypeIamBindingArgs { + aspectTypeId: pulumi.Input; + condition?: pulumi.Input; + /** + * The location where aspect type will be created in. + * Used to find the parent resource to bind the IAM policy to + */ + location?: pulumi.Input; + /** + * Identities that will be granted the privilege in `role`. + * Each entry can have one of the following values: + * * **allUsers**: A special identifier that represents anyone who is on the internet; with or without a Google account. + * * **allAuthenticatedUsers**: A special identifier that represents anyone who is authenticated with a Google account or a service account. + * * **user:{emailid}**: An email address that represents a specific Google account. For example, alice@gmail.com or joe@example.com. + * * **serviceAccount:{emailid}**: An email address that represents a service account. For example, my-other-app@appspot.gserviceaccount.com. + * * **group:{emailid}**: An email address that represents a Google group. For example, admins@example.com. + * * **domain:{domain}**: A G Suite domain (primary, instead of alias) name that represents all the users of that domain. For example, google.com or example.com. + * * **projectOwner:projectid**: Owners of the given project. For example, "projectOwner:my-example-project" + * * **projectEditor:projectid**: Editors of the given project. For example, "projectEditor:my-example-project" + * * **projectViewer:projectid**: Viewers of the given project. For example, "projectViewer:my-example-project" + */ + members: pulumi.Input[]>; + /** + * The ID of the project in which the resource belongs. + * If it is not provided, the project will be parsed from the identifier of the parent resource. If no project is provided in the parent identifier and no project is specified, the provider project is used. + */ + project?: pulumi.Input; + /** + * The role that should be applied. Only one + * `gcp.dataplex.AspectTypeIamBinding` can be used per role. Note that custom roles must be of the format + * `[projects|organizations]/{parent-name}/roles/{role-name}`. + */ + role: pulumi.Input; +} diff --git a/sdk/nodejs/dataplex/aspectTypeIamMember.ts b/sdk/nodejs/dataplex/aspectTypeIamMember.ts new file mode 100644 index 0000000000..f17ba0d1df --- /dev/null +++ b/sdk/nodejs/dataplex/aspectTypeIamMember.ts @@ -0,0 +1,349 @@ +// *** WARNING: this file was generated by the Pulumi Terraform Bridge (tfgen) Tool. *** +// *** Do not edit by hand unless you're certain you know what you are doing! *** + +import * as pulumi from "@pulumi/pulumi"; +import * as inputs from "../types/input"; +import * as outputs from "../types/output"; +import * as utilities from "../utilities"; + +/** + * Three different resources help you manage your IAM policy for Dataplex AspectType. Each of these resources serves a different use case: + * + * * `gcp.dataplex.AspectTypeIamPolicy`: Authoritative. Sets the IAM policy for the aspecttype and replaces any existing policy already attached. + * * `gcp.dataplex.AspectTypeIamBinding`: Authoritative for a given role. Updates the IAM policy to grant a role to a list of members. Other roles within the IAM policy for the aspecttype are preserved. + * * `gcp.dataplex.AspectTypeIamMember`: Non-authoritative. Updates the IAM policy to grant a role to a new member. Other members for the role for the aspecttype are preserved. + * + * A data source can be used to retrieve policy data in advent you do not need creation + * + * * `gcp.dataplex.AspectTypeIamPolicy`: Retrieves the IAM policy for the aspecttype + * + * > **Note:** `gcp.dataplex.AspectTypeIamPolicy` **cannot** be used in conjunction with `gcp.dataplex.AspectTypeIamBinding` and `gcp.dataplex.AspectTypeIamMember` or they will fight over what your policy should be. + * + * > **Note:** `gcp.dataplex.AspectTypeIamBinding` resources **can be** used in conjunction with `gcp.dataplex.AspectTypeIamMember` resources **only if** they do not grant privilege to the same role. + * + * ## gcp.dataplex.AspectTypeIamPolicy + * + * ```typescript + * import * as pulumi from "@pulumi/pulumi"; + * import * as gcp from "@pulumi/gcp"; + * + * const admin = gcp.organizations.getIAMPolicy({ + * bindings: [{ + * role: "roles/viewer", + * members: ["user:jane@example.com"], + * }], + * }); + * const policy = new gcp.dataplex.AspectTypeIamPolicy("policy", { + * project: testAspectTypeBasic.project, + * location: testAspectTypeBasic.location, + * aspectTypeId: testAspectTypeBasic.aspectTypeId, + * policyData: admin.then(admin => admin.policyData), + * }); + * ``` + * + * ## gcp.dataplex.AspectTypeIamBinding + * + * ```typescript + * import * as pulumi from "@pulumi/pulumi"; + * import * as gcp from "@pulumi/gcp"; + * + * const binding = new gcp.dataplex.AspectTypeIamBinding("binding", { + * project: testAspectTypeBasic.project, + * location: testAspectTypeBasic.location, + * aspectTypeId: testAspectTypeBasic.aspectTypeId, + * role: "roles/viewer", + * members: ["user:jane@example.com"], + * }); + * ``` + * + * ## gcp.dataplex.AspectTypeIamMember + * + * ```typescript + * import * as pulumi from "@pulumi/pulumi"; + * import * as gcp from "@pulumi/gcp"; + * + * const member = new gcp.dataplex.AspectTypeIamMember("member", { + * project: testAspectTypeBasic.project, + * location: testAspectTypeBasic.location, + * aspectTypeId: testAspectTypeBasic.aspectTypeId, + * role: "roles/viewer", + * member: "user:jane@example.com", + * }); + * ``` + * + * ## gcp.dataplex.AspectTypeIamPolicy + * + * ```typescript + * import * as pulumi from "@pulumi/pulumi"; + * import * as gcp from "@pulumi/gcp"; + * + * const admin = gcp.organizations.getIAMPolicy({ + * bindings: [{ + * role: "roles/viewer", + * members: ["user:jane@example.com"], + * }], + * }); + * const policy = new gcp.dataplex.AspectTypeIamPolicy("policy", { + * project: testAspectTypeBasic.project, + * location: testAspectTypeBasic.location, + * aspectTypeId: testAspectTypeBasic.aspectTypeId, + * policyData: admin.then(admin => admin.policyData), + * }); + * ``` + * + * ## gcp.dataplex.AspectTypeIamBinding + * + * ```typescript + * import * as pulumi from "@pulumi/pulumi"; + * import * as gcp from "@pulumi/gcp"; + * + * const binding = new gcp.dataplex.AspectTypeIamBinding("binding", { + * project: testAspectTypeBasic.project, + * location: testAspectTypeBasic.location, + * aspectTypeId: testAspectTypeBasic.aspectTypeId, + * role: "roles/viewer", + * members: ["user:jane@example.com"], + * }); + * ``` + * + * ## gcp.dataplex.AspectTypeIamMember + * + * ```typescript + * import * as pulumi from "@pulumi/pulumi"; + * import * as gcp from "@pulumi/gcp"; + * + * const member = new gcp.dataplex.AspectTypeIamMember("member", { + * project: testAspectTypeBasic.project, + * location: testAspectTypeBasic.location, + * aspectTypeId: testAspectTypeBasic.aspectTypeId, + * role: "roles/viewer", + * member: "user:jane@example.com", + * }); + * ``` + * + * ## Import + * + * For all import syntaxes, the "resource in question" can take any of the following forms: + * + * * projects/{{project}}/locations/{{location}}/aspectTypes/{{aspect_type_id}} + * + * * {{project}}/{{location}}/{{aspect_type_id}} + * + * * {{location}}/{{aspect_type_id}} + * + * * {{aspect_type_id}} + * + * Any variables not passed in the import command will be taken from the provider configuration. + * + * Dataplex aspecttype IAM resources can be imported using the resource identifiers, role, and member. + * + * IAM member imports use space-delimited identifiers: the resource in question, the role, and the member identity, e.g. + * + * ```sh + * $ pulumi import gcp:dataplex/aspectTypeIamMember:AspectTypeIamMember editor "projects/{{project}}/locations/{{location}}/aspectTypes/{{aspect_type_id}} roles/viewer user:jane@example.com" + * ``` + * + * IAM binding imports use space-delimited identifiers: the resource in question and the role, e.g. + * + * ```sh + * $ pulumi import gcp:dataplex/aspectTypeIamMember:AspectTypeIamMember editor "projects/{{project}}/locations/{{location}}/aspectTypes/{{aspect_type_id}} roles/viewer" + * ``` + * + * IAM policy imports use the identifier of the resource in question, e.g. + * + * ```sh + * $ pulumi import gcp:dataplex/aspectTypeIamMember:AspectTypeIamMember editor projects/{{project}}/locations/{{location}}/aspectTypes/{{aspect_type_id}} + * ``` + * + * -> **Custom Roles**: If you're importing a IAM resource with a custom role, make sure to use the + * + * full name of the custom role, e.g. `[projects/my-project|organizations/my-org]/roles/my-custom-role`. + */ +export class AspectTypeIamMember extends pulumi.CustomResource { + /** + * Get an existing AspectTypeIamMember resource's state with the given name, ID, and optional extra + * properties used to qualify the lookup. + * + * @param name The _unique_ name of the resulting resource. + * @param id The _unique_ provider ID of the resource to lookup. + * @param state Any extra arguments used during the lookup. + * @param opts Optional settings to control the behavior of the CustomResource. + */ + public static get(name: string, id: pulumi.Input, state?: AspectTypeIamMemberState, opts?: pulumi.CustomResourceOptions): AspectTypeIamMember { + return new AspectTypeIamMember(name, state, { ...opts, id: id }); + } + + /** @internal */ + public static readonly __pulumiType = 'gcp:dataplex/aspectTypeIamMember:AspectTypeIamMember'; + + /** + * Returns true if the given object is an instance of AspectTypeIamMember. This is designed to work even + * when multiple copies of the Pulumi SDK have been loaded into the same process. + */ + public static isInstance(obj: any): obj is AspectTypeIamMember { + if (obj === undefined || obj === null) { + return false; + } + return obj['__pulumiType'] === AspectTypeIamMember.__pulumiType; + } + + public readonly aspectTypeId!: pulumi.Output; + public readonly condition!: pulumi.Output; + /** + * (Computed) The etag of the IAM policy. + */ + public /*out*/ readonly etag!: pulumi.Output; + /** + * The location where aspect type will be created in. + * Used to find the parent resource to bind the IAM policy to + */ + public readonly location!: pulumi.Output; + /** + * Identities that will be granted the privilege in `role`. + * Each entry can have one of the following values: + * * **allUsers**: A special identifier that represents anyone who is on the internet; with or without a Google account. + * * **allAuthenticatedUsers**: A special identifier that represents anyone who is authenticated with a Google account or a service account. + * * **user:{emailid}**: An email address that represents a specific Google account. For example, alice@gmail.com or joe@example.com. + * * **serviceAccount:{emailid}**: An email address that represents a service account. For example, my-other-app@appspot.gserviceaccount.com. + * * **group:{emailid}**: An email address that represents a Google group. For example, admins@example.com. + * * **domain:{domain}**: A G Suite domain (primary, instead of alias) name that represents all the users of that domain. For example, google.com or example.com. + * * **projectOwner:projectid**: Owners of the given project. For example, "projectOwner:my-example-project" + * * **projectEditor:projectid**: Editors of the given project. For example, "projectEditor:my-example-project" + * * **projectViewer:projectid**: Viewers of the given project. For example, "projectViewer:my-example-project" + */ + public readonly member!: pulumi.Output; + /** + * The ID of the project in which the resource belongs. + * If it is not provided, the project will be parsed from the identifier of the parent resource. If no project is provided in the parent identifier and no project is specified, the provider project is used. + */ + public readonly project!: pulumi.Output; + /** + * The role that should be applied. Only one + * `gcp.dataplex.AspectTypeIamBinding` can be used per role. Note that custom roles must be of the format + * `[projects|organizations]/{parent-name}/roles/{role-name}`. + */ + public readonly role!: pulumi.Output; + + /** + * Create a AspectTypeIamMember resource with the given unique name, arguments, and options. + * + * @param name The _unique_ name of the resource. + * @param args The arguments to use to populate this resource's properties. + * @param opts A bag of options that control this resource's behavior. + */ + constructor(name: string, args: AspectTypeIamMemberArgs, opts?: pulumi.CustomResourceOptions) + constructor(name: string, argsOrState?: AspectTypeIamMemberArgs | AspectTypeIamMemberState, opts?: pulumi.CustomResourceOptions) { + let resourceInputs: pulumi.Inputs = {}; + opts = opts || {}; + if (opts.id) { + const state = argsOrState as AspectTypeIamMemberState | undefined; + resourceInputs["aspectTypeId"] = state ? state.aspectTypeId : undefined; + resourceInputs["condition"] = state ? state.condition : undefined; + resourceInputs["etag"] = state ? state.etag : undefined; + resourceInputs["location"] = state ? state.location : undefined; + resourceInputs["member"] = state ? state.member : undefined; + resourceInputs["project"] = state ? state.project : undefined; + resourceInputs["role"] = state ? state.role : undefined; + } else { + const args = argsOrState as AspectTypeIamMemberArgs | undefined; + if ((!args || args.aspectTypeId === undefined) && !opts.urn) { + throw new Error("Missing required property 'aspectTypeId'"); + } + if ((!args || args.member === undefined) && !opts.urn) { + throw new Error("Missing required property 'member'"); + } + if ((!args || args.role === undefined) && !opts.urn) { + throw new Error("Missing required property 'role'"); + } + resourceInputs["aspectTypeId"] = args ? args.aspectTypeId : undefined; + resourceInputs["condition"] = args ? args.condition : undefined; + resourceInputs["location"] = args ? args.location : undefined; + resourceInputs["member"] = args ? args.member : undefined; + resourceInputs["project"] = args ? args.project : undefined; + resourceInputs["role"] = args ? args.role : undefined; + resourceInputs["etag"] = undefined /*out*/; + } + opts = pulumi.mergeOptions(utilities.resourceOptsDefaults(), opts); + super(AspectTypeIamMember.__pulumiType, name, resourceInputs, opts); + } +} + +/** + * Input properties used for looking up and filtering AspectTypeIamMember resources. + */ +export interface AspectTypeIamMemberState { + aspectTypeId?: pulumi.Input; + condition?: pulumi.Input; + /** + * (Computed) The etag of the IAM policy. + */ + etag?: pulumi.Input; + /** + * The location where aspect type will be created in. + * Used to find the parent resource to bind the IAM policy to + */ + location?: pulumi.Input; + /** + * Identities that will be granted the privilege in `role`. + * Each entry can have one of the following values: + * * **allUsers**: A special identifier that represents anyone who is on the internet; with or without a Google account. + * * **allAuthenticatedUsers**: A special identifier that represents anyone who is authenticated with a Google account or a service account. + * * **user:{emailid}**: An email address that represents a specific Google account. For example, alice@gmail.com or joe@example.com. + * * **serviceAccount:{emailid}**: An email address that represents a service account. For example, my-other-app@appspot.gserviceaccount.com. + * * **group:{emailid}**: An email address that represents a Google group. For example, admins@example.com. + * * **domain:{domain}**: A G Suite domain (primary, instead of alias) name that represents all the users of that domain. For example, google.com or example.com. + * * **projectOwner:projectid**: Owners of the given project. For example, "projectOwner:my-example-project" + * * **projectEditor:projectid**: Editors of the given project. For example, "projectEditor:my-example-project" + * * **projectViewer:projectid**: Viewers of the given project. For example, "projectViewer:my-example-project" + */ + member?: pulumi.Input; + /** + * The ID of the project in which the resource belongs. + * If it is not provided, the project will be parsed from the identifier of the parent resource. If no project is provided in the parent identifier and no project is specified, the provider project is used. + */ + project?: pulumi.Input; + /** + * The role that should be applied. Only one + * `gcp.dataplex.AspectTypeIamBinding` can be used per role. Note that custom roles must be of the format + * `[projects|organizations]/{parent-name}/roles/{role-name}`. + */ + role?: pulumi.Input; +} + +/** + * The set of arguments for constructing a AspectTypeIamMember resource. + */ +export interface AspectTypeIamMemberArgs { + aspectTypeId: pulumi.Input; + condition?: pulumi.Input; + /** + * The location where aspect type will be created in. + * Used to find the parent resource to bind the IAM policy to + */ + location?: pulumi.Input; + /** + * Identities that will be granted the privilege in `role`. + * Each entry can have one of the following values: + * * **allUsers**: A special identifier that represents anyone who is on the internet; with or without a Google account. + * * **allAuthenticatedUsers**: A special identifier that represents anyone who is authenticated with a Google account or a service account. + * * **user:{emailid}**: An email address that represents a specific Google account. For example, alice@gmail.com or joe@example.com. + * * **serviceAccount:{emailid}**: An email address that represents a service account. For example, my-other-app@appspot.gserviceaccount.com. + * * **group:{emailid}**: An email address that represents a Google group. For example, admins@example.com. + * * **domain:{domain}**: A G Suite domain (primary, instead of alias) name that represents all the users of that domain. For example, google.com or example.com. + * * **projectOwner:projectid**: Owners of the given project. For example, "projectOwner:my-example-project" + * * **projectEditor:projectid**: Editors of the given project. For example, "projectEditor:my-example-project" + * * **projectViewer:projectid**: Viewers of the given project. For example, "projectViewer:my-example-project" + */ + member: pulumi.Input; + /** + * The ID of the project in which the resource belongs. + * If it is not provided, the project will be parsed from the identifier of the parent resource. If no project is provided in the parent identifier and no project is specified, the provider project is used. + */ + project?: pulumi.Input; + /** + * The role that should be applied. Only one + * `gcp.dataplex.AspectTypeIamBinding` can be used per role. Note that custom roles must be of the format + * `[projects|organizations]/{parent-name}/roles/{role-name}`. + */ + role: pulumi.Input; +} diff --git a/sdk/nodejs/dataplex/aspectTypeIamPolicy.ts b/sdk/nodejs/dataplex/aspectTypeIamPolicy.ts new file mode 100644 index 0000000000..a46fc5a72c --- /dev/null +++ b/sdk/nodejs/dataplex/aspectTypeIamPolicy.ts @@ -0,0 +1,292 @@ +// *** WARNING: this file was generated by the Pulumi Terraform Bridge (tfgen) Tool. *** +// *** Do not edit by hand unless you're certain you know what you are doing! *** + +import * as pulumi from "@pulumi/pulumi"; +import * as utilities from "../utilities"; + +/** + * Three different resources help you manage your IAM policy for Dataplex AspectType. Each of these resources serves a different use case: + * + * * `gcp.dataplex.AspectTypeIamPolicy`: Authoritative. Sets the IAM policy for the aspecttype and replaces any existing policy already attached. + * * `gcp.dataplex.AspectTypeIamBinding`: Authoritative for a given role. Updates the IAM policy to grant a role to a list of members. Other roles within the IAM policy for the aspecttype are preserved. + * * `gcp.dataplex.AspectTypeIamMember`: Non-authoritative. Updates the IAM policy to grant a role to a new member. Other members for the role for the aspecttype are preserved. + * + * A data source can be used to retrieve policy data in advent you do not need creation + * + * * `gcp.dataplex.AspectTypeIamPolicy`: Retrieves the IAM policy for the aspecttype + * + * > **Note:** `gcp.dataplex.AspectTypeIamPolicy` **cannot** be used in conjunction with `gcp.dataplex.AspectTypeIamBinding` and `gcp.dataplex.AspectTypeIamMember` or they will fight over what your policy should be. + * + * > **Note:** `gcp.dataplex.AspectTypeIamBinding` resources **can be** used in conjunction with `gcp.dataplex.AspectTypeIamMember` resources **only if** they do not grant privilege to the same role. + * + * ## gcp.dataplex.AspectTypeIamPolicy + * + * ```typescript + * import * as pulumi from "@pulumi/pulumi"; + * import * as gcp from "@pulumi/gcp"; + * + * const admin = gcp.organizations.getIAMPolicy({ + * bindings: [{ + * role: "roles/viewer", + * members: ["user:jane@example.com"], + * }], + * }); + * const policy = new gcp.dataplex.AspectTypeIamPolicy("policy", { + * project: testAspectTypeBasic.project, + * location: testAspectTypeBasic.location, + * aspectTypeId: testAspectTypeBasic.aspectTypeId, + * policyData: admin.then(admin => admin.policyData), + * }); + * ``` + * + * ## gcp.dataplex.AspectTypeIamBinding + * + * ```typescript + * import * as pulumi from "@pulumi/pulumi"; + * import * as gcp from "@pulumi/gcp"; + * + * const binding = new gcp.dataplex.AspectTypeIamBinding("binding", { + * project: testAspectTypeBasic.project, + * location: testAspectTypeBasic.location, + * aspectTypeId: testAspectTypeBasic.aspectTypeId, + * role: "roles/viewer", + * members: ["user:jane@example.com"], + * }); + * ``` + * + * ## gcp.dataplex.AspectTypeIamMember + * + * ```typescript + * import * as pulumi from "@pulumi/pulumi"; + * import * as gcp from "@pulumi/gcp"; + * + * const member = new gcp.dataplex.AspectTypeIamMember("member", { + * project: testAspectTypeBasic.project, + * location: testAspectTypeBasic.location, + * aspectTypeId: testAspectTypeBasic.aspectTypeId, + * role: "roles/viewer", + * member: "user:jane@example.com", + * }); + * ``` + * + * ## gcp.dataplex.AspectTypeIamPolicy + * + * ```typescript + * import * as pulumi from "@pulumi/pulumi"; + * import * as gcp from "@pulumi/gcp"; + * + * const admin = gcp.organizations.getIAMPolicy({ + * bindings: [{ + * role: "roles/viewer", + * members: ["user:jane@example.com"], + * }], + * }); + * const policy = new gcp.dataplex.AspectTypeIamPolicy("policy", { + * project: testAspectTypeBasic.project, + * location: testAspectTypeBasic.location, + * aspectTypeId: testAspectTypeBasic.aspectTypeId, + * policyData: admin.then(admin => admin.policyData), + * }); + * ``` + * + * ## gcp.dataplex.AspectTypeIamBinding + * + * ```typescript + * import * as pulumi from "@pulumi/pulumi"; + * import * as gcp from "@pulumi/gcp"; + * + * const binding = new gcp.dataplex.AspectTypeIamBinding("binding", { + * project: testAspectTypeBasic.project, + * location: testAspectTypeBasic.location, + * aspectTypeId: testAspectTypeBasic.aspectTypeId, + * role: "roles/viewer", + * members: ["user:jane@example.com"], + * }); + * ``` + * + * ## gcp.dataplex.AspectTypeIamMember + * + * ```typescript + * import * as pulumi from "@pulumi/pulumi"; + * import * as gcp from "@pulumi/gcp"; + * + * const member = new gcp.dataplex.AspectTypeIamMember("member", { + * project: testAspectTypeBasic.project, + * location: testAspectTypeBasic.location, + * aspectTypeId: testAspectTypeBasic.aspectTypeId, + * role: "roles/viewer", + * member: "user:jane@example.com", + * }); + * ``` + * + * ## Import + * + * For all import syntaxes, the "resource in question" can take any of the following forms: + * + * * projects/{{project}}/locations/{{location}}/aspectTypes/{{aspect_type_id}} + * + * * {{project}}/{{location}}/{{aspect_type_id}} + * + * * {{location}}/{{aspect_type_id}} + * + * * {{aspect_type_id}} + * + * Any variables not passed in the import command will be taken from the provider configuration. + * + * Dataplex aspecttype IAM resources can be imported using the resource identifiers, role, and member. + * + * IAM member imports use space-delimited identifiers: the resource in question, the role, and the member identity, e.g. + * + * ```sh + * $ pulumi import gcp:dataplex/aspectTypeIamPolicy:AspectTypeIamPolicy editor "projects/{{project}}/locations/{{location}}/aspectTypes/{{aspect_type_id}} roles/viewer user:jane@example.com" + * ``` + * + * IAM binding imports use space-delimited identifiers: the resource in question and the role, e.g. + * + * ```sh + * $ pulumi import gcp:dataplex/aspectTypeIamPolicy:AspectTypeIamPolicy editor "projects/{{project}}/locations/{{location}}/aspectTypes/{{aspect_type_id}} roles/viewer" + * ``` + * + * IAM policy imports use the identifier of the resource in question, e.g. + * + * ```sh + * $ pulumi import gcp:dataplex/aspectTypeIamPolicy:AspectTypeIamPolicy editor projects/{{project}}/locations/{{location}}/aspectTypes/{{aspect_type_id}} + * ``` + * + * -> **Custom Roles**: If you're importing a IAM resource with a custom role, make sure to use the + * + * full name of the custom role, e.g. `[projects/my-project|organizations/my-org]/roles/my-custom-role`. + */ +export class AspectTypeIamPolicy extends pulumi.CustomResource { + /** + * Get an existing AspectTypeIamPolicy resource's state with the given name, ID, and optional extra + * properties used to qualify the lookup. + * + * @param name The _unique_ name of the resulting resource. + * @param id The _unique_ provider ID of the resource to lookup. + * @param state Any extra arguments used during the lookup. + * @param opts Optional settings to control the behavior of the CustomResource. + */ + public static get(name: string, id: pulumi.Input, state?: AspectTypeIamPolicyState, opts?: pulumi.CustomResourceOptions): AspectTypeIamPolicy { + return new AspectTypeIamPolicy(name, state, { ...opts, id: id }); + } + + /** @internal */ + public static readonly __pulumiType = 'gcp:dataplex/aspectTypeIamPolicy:AspectTypeIamPolicy'; + + /** + * Returns true if the given object is an instance of AspectTypeIamPolicy. This is designed to work even + * when multiple copies of the Pulumi SDK have been loaded into the same process. + */ + public static isInstance(obj: any): obj is AspectTypeIamPolicy { + if (obj === undefined || obj === null) { + return false; + } + return obj['__pulumiType'] === AspectTypeIamPolicy.__pulumiType; + } + + public readonly aspectTypeId!: pulumi.Output; + /** + * (Computed) The etag of the IAM policy. + */ + public /*out*/ readonly etag!: pulumi.Output; + /** + * The location where aspect type will be created in. + * Used to find the parent resource to bind the IAM policy to + */ + public readonly location!: pulumi.Output; + /** + * The policy data generated by + * a `gcp.organizations.getIAMPolicy` data source. + */ + public readonly policyData!: pulumi.Output; + /** + * The ID of the project in which the resource belongs. + * If it is not provided, the project will be parsed from the identifier of the parent resource. If no project is provided in the parent identifier and no project is specified, the provider project is used. + */ + public readonly project!: pulumi.Output; + + /** + * Create a AspectTypeIamPolicy resource with the given unique name, arguments, and options. + * + * @param name The _unique_ name of the resource. + * @param args The arguments to use to populate this resource's properties. + * @param opts A bag of options that control this resource's behavior. + */ + constructor(name: string, args: AspectTypeIamPolicyArgs, opts?: pulumi.CustomResourceOptions) + constructor(name: string, argsOrState?: AspectTypeIamPolicyArgs | AspectTypeIamPolicyState, opts?: pulumi.CustomResourceOptions) { + let resourceInputs: pulumi.Inputs = {}; + opts = opts || {}; + if (opts.id) { + const state = argsOrState as AspectTypeIamPolicyState | undefined; + resourceInputs["aspectTypeId"] = state ? state.aspectTypeId : undefined; + resourceInputs["etag"] = state ? state.etag : undefined; + resourceInputs["location"] = state ? state.location : undefined; + resourceInputs["policyData"] = state ? state.policyData : undefined; + resourceInputs["project"] = state ? state.project : undefined; + } else { + const args = argsOrState as AspectTypeIamPolicyArgs | undefined; + if ((!args || args.aspectTypeId === undefined) && !opts.urn) { + throw new Error("Missing required property 'aspectTypeId'"); + } + if ((!args || args.policyData === undefined) && !opts.urn) { + throw new Error("Missing required property 'policyData'"); + } + resourceInputs["aspectTypeId"] = args ? args.aspectTypeId : undefined; + resourceInputs["location"] = args ? args.location : undefined; + resourceInputs["policyData"] = args ? args.policyData : undefined; + resourceInputs["project"] = args ? args.project : undefined; + resourceInputs["etag"] = undefined /*out*/; + } + opts = pulumi.mergeOptions(utilities.resourceOptsDefaults(), opts); + super(AspectTypeIamPolicy.__pulumiType, name, resourceInputs, opts); + } +} + +/** + * Input properties used for looking up and filtering AspectTypeIamPolicy resources. + */ +export interface AspectTypeIamPolicyState { + aspectTypeId?: pulumi.Input; + /** + * (Computed) The etag of the IAM policy. + */ + etag?: pulumi.Input; + /** + * The location where aspect type will be created in. + * Used to find the parent resource to bind the IAM policy to + */ + location?: pulumi.Input; + /** + * The policy data generated by + * a `gcp.organizations.getIAMPolicy` data source. + */ + policyData?: pulumi.Input; + /** + * The ID of the project in which the resource belongs. + * If it is not provided, the project will be parsed from the identifier of the parent resource. If no project is provided in the parent identifier and no project is specified, the provider project is used. + */ + project?: pulumi.Input; +} + +/** + * The set of arguments for constructing a AspectTypeIamPolicy resource. + */ +export interface AspectTypeIamPolicyArgs { + aspectTypeId: pulumi.Input; + /** + * The location where aspect type will be created in. + * Used to find the parent resource to bind the IAM policy to + */ + location?: pulumi.Input; + /** + * The policy data generated by + * a `gcp.organizations.getIAMPolicy` data source. + */ + policyData: pulumi.Input; + /** + * The ID of the project in which the resource belongs. + * If it is not provided, the project will be parsed from the identifier of the parent resource. If no project is provided in the parent identifier and no project is specified, the provider project is used. + */ + project?: pulumi.Input; +} diff --git a/sdk/nodejs/dataplex/entryGroup.ts b/sdk/nodejs/dataplex/entryGroup.ts new file mode 100644 index 0000000000..31a824d0f3 --- /dev/null +++ b/sdk/nodejs/dataplex/entryGroup.ts @@ -0,0 +1,298 @@ +// *** WARNING: this file was generated by the Pulumi Terraform Bridge (tfgen) Tool. *** +// *** Do not edit by hand unless you're certain you know what you are doing! *** + +import * as pulumi from "@pulumi/pulumi"; +import * as utilities from "../utilities"; + +/** + * An Entry Group represents a logical grouping of one or more Entries. + * + * ## Example Usage + * + * ### Dataplex Entry Group Basic + * + * ```typescript + * import * as pulumi from "@pulumi/pulumi"; + * import * as gcp from "@pulumi/gcp"; + * + * const testEntryGroupBasic = new gcp.dataplex.EntryGroup("test_entry_group_basic", { + * entryGroupId: "entry-group-basic", + * project: "my-project-name", + * location: "us-central1", + * }); + * ``` + * ### Dataplex Entry Group Full + * + * ```typescript + * import * as pulumi from "@pulumi/pulumi"; + * import * as gcp from "@pulumi/gcp"; + * + * const testEntryGroupFull = new gcp.dataplex.EntryGroup("test_entry_group_full", { + * entryGroupId: "entry-group-full", + * project: "my-project-name", + * location: "us-central1", + * labels: { + * tag: "test-tf", + * }, + * displayName: "terraform entry group", + * description: "entry group created by Terraform", + * }); + * ``` + * + * ## Import + * + * EntryGroup can be imported using any of these accepted formats: + * + * * `projects/{{project}}/locations/{{location}}/entryGroups/{{entry_group_id}}` + * + * * `{{project}}/{{location}}/{{entry_group_id}}` + * + * * `{{location}}/{{entry_group_id}}` + * + * When using the `pulumi import` command, EntryGroup can be imported using one of the formats above. For example: + * + * ```sh + * $ pulumi import gcp:dataplex/entryGroup:EntryGroup default projects/{{project}}/locations/{{location}}/entryGroups/{{entry_group_id}} + * ``` + * + * ```sh + * $ pulumi import gcp:dataplex/entryGroup:EntryGroup default {{project}}/{{location}}/{{entry_group_id}} + * ``` + * + * ```sh + * $ pulumi import gcp:dataplex/entryGroup:EntryGroup default {{location}}/{{entry_group_id}} + * ``` + */ +export class EntryGroup extends pulumi.CustomResource { + /** + * Get an existing EntryGroup resource's state with the given name, ID, and optional extra + * properties used to qualify the lookup. + * + * @param name The _unique_ name of the resulting resource. + * @param id The _unique_ provider ID of the resource to lookup. + * @param state Any extra arguments used during the lookup. + * @param opts Optional settings to control the behavior of the CustomResource. + */ + public static get(name: string, id: pulumi.Input, state?: EntryGroupState, opts?: pulumi.CustomResourceOptions): EntryGroup { + return new EntryGroup(name, state, { ...opts, id: id }); + } + + /** @internal */ + public static readonly __pulumiType = 'gcp:dataplex/entryGroup:EntryGroup'; + + /** + * Returns true if the given object is an instance of EntryGroup. This is designed to work even + * when multiple copies of the Pulumi SDK have been loaded into the same process. + */ + public static isInstance(obj: any): obj is EntryGroup { + if (obj === undefined || obj === null) { + return false; + } + return obj['__pulumiType'] === EntryGroup.__pulumiType; + } + + /** + * The time when the EntryGroup was created. + */ + public /*out*/ readonly createTime!: pulumi.Output; + /** + * Description of the EntryGroup. + */ + public readonly description!: pulumi.Output; + /** + * User friendly display name. + */ + public readonly displayName!: pulumi.Output; + /** + * All of labels (key/value pairs) present on the resource in GCP, including the labels configured through Pulumi, other clients and services. + */ + public /*out*/ readonly effectiveLabels!: pulumi.Output<{[key: string]: string}>; + /** + * The entry group id of the entry group. + */ + public readonly entryGroupId!: pulumi.Output; + /** + * User-defined labels for the EntryGroup. + * + * **Note**: This field is non-authoritative, and will only manage the labels present in your configuration. + * Please refer to the field `effectiveLabels` for all of the labels present on the resource. + */ + public readonly labels!: pulumi.Output<{[key: string]: string} | undefined>; + /** + * The location where entry group will be created in. + */ + public readonly location!: pulumi.Output; + /** + * The relative resource name of the EntryGroup, of the form: projects/{project_number}/locations/{location_id}/entryGroups/{entry_group_id} + */ + public /*out*/ readonly name!: pulumi.Output; + /** + * The ID of the project in which the resource belongs. + * If it is not provided, the provider project is used. + */ + public readonly project!: pulumi.Output; + /** + * The combination of labels configured directly on the resource + * and default labels configured on the provider. + */ + public /*out*/ readonly pulumiLabels!: pulumi.Output<{[key: string]: string}>; + /** + * Denotes the transfer status of the Entry Group. It is unspecified + * for Entry Group created from Dataplex API. + */ + public /*out*/ readonly transferStatus!: pulumi.Output; + /** + * System generated globally unique ID for the EntryGroup. This ID will be different if the EntryGroup is deleted and re-created with the same name. + */ + public /*out*/ readonly uid!: pulumi.Output; + /** + * The time when the EntryGroup was last updated. + */ + public /*out*/ readonly updateTime!: pulumi.Output; + + /** + * Create a EntryGroup resource with the given unique name, arguments, and options. + * + * @param name The _unique_ name of the resource. + * @param args The arguments to use to populate this resource's properties. + * @param opts A bag of options that control this resource's behavior. + */ + constructor(name: string, args?: EntryGroupArgs, opts?: pulumi.CustomResourceOptions) + constructor(name: string, argsOrState?: EntryGroupArgs | EntryGroupState, opts?: pulumi.CustomResourceOptions) { + let resourceInputs: pulumi.Inputs = {}; + opts = opts || {}; + if (opts.id) { + const state = argsOrState as EntryGroupState | undefined; + resourceInputs["createTime"] = state ? state.createTime : undefined; + resourceInputs["description"] = state ? state.description : undefined; + resourceInputs["displayName"] = state ? state.displayName : undefined; + resourceInputs["effectiveLabels"] = state ? state.effectiveLabels : undefined; + resourceInputs["entryGroupId"] = state ? state.entryGroupId : undefined; + resourceInputs["labels"] = state ? state.labels : undefined; + resourceInputs["location"] = state ? state.location : undefined; + resourceInputs["name"] = state ? state.name : undefined; + resourceInputs["project"] = state ? state.project : undefined; + resourceInputs["pulumiLabels"] = state ? state.pulumiLabels : undefined; + resourceInputs["transferStatus"] = state ? state.transferStatus : undefined; + resourceInputs["uid"] = state ? state.uid : undefined; + resourceInputs["updateTime"] = state ? state.updateTime : undefined; + } else { + const args = argsOrState as EntryGroupArgs | undefined; + resourceInputs["description"] = args ? args.description : undefined; + resourceInputs["displayName"] = args ? args.displayName : undefined; + resourceInputs["entryGroupId"] = args ? args.entryGroupId : undefined; + resourceInputs["labels"] = args ? args.labels : undefined; + resourceInputs["location"] = args ? args.location : undefined; + resourceInputs["project"] = args ? args.project : undefined; + resourceInputs["createTime"] = undefined /*out*/; + resourceInputs["effectiveLabels"] = undefined /*out*/; + resourceInputs["name"] = undefined /*out*/; + resourceInputs["pulumiLabels"] = undefined /*out*/; + resourceInputs["transferStatus"] = undefined /*out*/; + resourceInputs["uid"] = undefined /*out*/; + resourceInputs["updateTime"] = undefined /*out*/; + } + opts = pulumi.mergeOptions(utilities.resourceOptsDefaults(), opts); + const secretOpts = { additionalSecretOutputs: ["effectiveLabels", "pulumiLabels"] }; + opts = pulumi.mergeOptions(opts, secretOpts); + super(EntryGroup.__pulumiType, name, resourceInputs, opts); + } +} + +/** + * Input properties used for looking up and filtering EntryGroup resources. + */ +export interface EntryGroupState { + /** + * The time when the EntryGroup was created. + */ + createTime?: pulumi.Input; + /** + * Description of the EntryGroup. + */ + description?: pulumi.Input; + /** + * User friendly display name. + */ + displayName?: pulumi.Input; + /** + * All of labels (key/value pairs) present on the resource in GCP, including the labels configured through Pulumi, other clients and services. + */ + effectiveLabels?: pulumi.Input<{[key: string]: pulumi.Input}>; + /** + * The entry group id of the entry group. + */ + entryGroupId?: pulumi.Input; + /** + * User-defined labels for the EntryGroup. + * + * **Note**: This field is non-authoritative, and will only manage the labels present in your configuration. + * Please refer to the field `effectiveLabels` for all of the labels present on the resource. + */ + labels?: pulumi.Input<{[key: string]: pulumi.Input}>; + /** + * The location where entry group will be created in. + */ + location?: pulumi.Input; + /** + * The relative resource name of the EntryGroup, of the form: projects/{project_number}/locations/{location_id}/entryGroups/{entry_group_id} + */ + name?: pulumi.Input; + /** + * The ID of the project in which the resource belongs. + * If it is not provided, the provider project is used. + */ + project?: pulumi.Input; + /** + * The combination of labels configured directly on the resource + * and default labels configured on the provider. + */ + pulumiLabels?: pulumi.Input<{[key: string]: pulumi.Input}>; + /** + * Denotes the transfer status of the Entry Group. It is unspecified + * for Entry Group created from Dataplex API. + */ + transferStatus?: pulumi.Input; + /** + * System generated globally unique ID for the EntryGroup. This ID will be different if the EntryGroup is deleted and re-created with the same name. + */ + uid?: pulumi.Input; + /** + * The time when the EntryGroup was last updated. + */ + updateTime?: pulumi.Input; +} + +/** + * The set of arguments for constructing a EntryGroup resource. + */ +export interface EntryGroupArgs { + /** + * Description of the EntryGroup. + */ + description?: pulumi.Input; + /** + * User friendly display name. + */ + displayName?: pulumi.Input; + /** + * The entry group id of the entry group. + */ + entryGroupId?: pulumi.Input; + /** + * User-defined labels for the EntryGroup. + * + * **Note**: This field is non-authoritative, and will only manage the labels present in your configuration. + * Please refer to the field `effectiveLabels` for all of the labels present on the resource. + */ + labels?: pulumi.Input<{[key: string]: pulumi.Input}>; + /** + * The location where entry group will be created in. + */ + location?: pulumi.Input; + /** + * The ID of the project in which the resource belongs. + * If it is not provided, the provider project is used. + */ + project?: pulumi.Input; +} diff --git a/sdk/nodejs/dataplex/entryGroupIamBinding.ts b/sdk/nodejs/dataplex/entryGroupIamBinding.ts new file mode 100644 index 0000000000..c4733d6d01 --- /dev/null +++ b/sdk/nodejs/dataplex/entryGroupIamBinding.ts @@ -0,0 +1,349 @@ +// *** WARNING: this file was generated by the Pulumi Terraform Bridge (tfgen) Tool. *** +// *** Do not edit by hand unless you're certain you know what you are doing! *** + +import * as pulumi from "@pulumi/pulumi"; +import * as inputs from "../types/input"; +import * as outputs from "../types/output"; +import * as utilities from "../utilities"; + +/** + * Three different resources help you manage your IAM policy for Dataplex EntryGroup. Each of these resources serves a different use case: + * + * * `gcp.dataplex.EntryGroupIamPolicy`: Authoritative. Sets the IAM policy for the entrygroup and replaces any existing policy already attached. + * * `gcp.dataplex.EntryGroupIamBinding`: Authoritative for a given role. Updates the IAM policy to grant a role to a list of members. Other roles within the IAM policy for the entrygroup are preserved. + * * `gcp.dataplex.EntryGroupIamMember`: Non-authoritative. Updates the IAM policy to grant a role to a new member. Other members for the role for the entrygroup are preserved. + * + * A data source can be used to retrieve policy data in advent you do not need creation + * + * * `gcp.dataplex.EntryGroupIamPolicy`: Retrieves the IAM policy for the entrygroup + * + * > **Note:** `gcp.dataplex.EntryGroupIamPolicy` **cannot** be used in conjunction with `gcp.dataplex.EntryGroupIamBinding` and `gcp.dataplex.EntryGroupIamMember` or they will fight over what your policy should be. + * + * > **Note:** `gcp.dataplex.EntryGroupIamBinding` resources **can be** used in conjunction with `gcp.dataplex.EntryGroupIamMember` resources **only if** they do not grant privilege to the same role. + * + * ## gcp.dataplex.EntryGroupIamPolicy + * + * ```typescript + * import * as pulumi from "@pulumi/pulumi"; + * import * as gcp from "@pulumi/gcp"; + * + * const admin = gcp.organizations.getIAMPolicy({ + * bindings: [{ + * role: "roles/viewer", + * members: ["user:jane@example.com"], + * }], + * }); + * const policy = new gcp.dataplex.EntryGroupIamPolicy("policy", { + * project: testEntryGroupBasic.project, + * location: testEntryGroupBasic.location, + * entryGroupId: testEntryGroupBasic.entryGroupId, + * policyData: admin.then(admin => admin.policyData), + * }); + * ``` + * + * ## gcp.dataplex.EntryGroupIamBinding + * + * ```typescript + * import * as pulumi from "@pulumi/pulumi"; + * import * as gcp from "@pulumi/gcp"; + * + * const binding = new gcp.dataplex.EntryGroupIamBinding("binding", { + * project: testEntryGroupBasic.project, + * location: testEntryGroupBasic.location, + * entryGroupId: testEntryGroupBasic.entryGroupId, + * role: "roles/viewer", + * members: ["user:jane@example.com"], + * }); + * ``` + * + * ## gcp.dataplex.EntryGroupIamMember + * + * ```typescript + * import * as pulumi from "@pulumi/pulumi"; + * import * as gcp from "@pulumi/gcp"; + * + * const member = new gcp.dataplex.EntryGroupIamMember("member", { + * project: testEntryGroupBasic.project, + * location: testEntryGroupBasic.location, + * entryGroupId: testEntryGroupBasic.entryGroupId, + * role: "roles/viewer", + * member: "user:jane@example.com", + * }); + * ``` + * + * ## gcp.dataplex.EntryGroupIamPolicy + * + * ```typescript + * import * as pulumi from "@pulumi/pulumi"; + * import * as gcp from "@pulumi/gcp"; + * + * const admin = gcp.organizations.getIAMPolicy({ + * bindings: [{ + * role: "roles/viewer", + * members: ["user:jane@example.com"], + * }], + * }); + * const policy = new gcp.dataplex.EntryGroupIamPolicy("policy", { + * project: testEntryGroupBasic.project, + * location: testEntryGroupBasic.location, + * entryGroupId: testEntryGroupBasic.entryGroupId, + * policyData: admin.then(admin => admin.policyData), + * }); + * ``` + * + * ## gcp.dataplex.EntryGroupIamBinding + * + * ```typescript + * import * as pulumi from "@pulumi/pulumi"; + * import * as gcp from "@pulumi/gcp"; + * + * const binding = new gcp.dataplex.EntryGroupIamBinding("binding", { + * project: testEntryGroupBasic.project, + * location: testEntryGroupBasic.location, + * entryGroupId: testEntryGroupBasic.entryGroupId, + * role: "roles/viewer", + * members: ["user:jane@example.com"], + * }); + * ``` + * + * ## gcp.dataplex.EntryGroupIamMember + * + * ```typescript + * import * as pulumi from "@pulumi/pulumi"; + * import * as gcp from "@pulumi/gcp"; + * + * const member = new gcp.dataplex.EntryGroupIamMember("member", { + * project: testEntryGroupBasic.project, + * location: testEntryGroupBasic.location, + * entryGroupId: testEntryGroupBasic.entryGroupId, + * role: "roles/viewer", + * member: "user:jane@example.com", + * }); + * ``` + * + * ## Import + * + * For all import syntaxes, the "resource in question" can take any of the following forms: + * + * * projects/{{project}}/locations/{{location}}/entryGroups/{{entry_group_id}} + * + * * {{project}}/{{location}}/{{entry_group_id}} + * + * * {{location}}/{{entry_group_id}} + * + * * {{entry_group_id}} + * + * Any variables not passed in the import command will be taken from the provider configuration. + * + * Dataplex entrygroup IAM resources can be imported using the resource identifiers, role, and member. + * + * IAM member imports use space-delimited identifiers: the resource in question, the role, and the member identity, e.g. + * + * ```sh + * $ pulumi import gcp:dataplex/entryGroupIamBinding:EntryGroupIamBinding editor "projects/{{project}}/locations/{{location}}/entryGroups/{{entry_group_id}} roles/viewer user:jane@example.com" + * ``` + * + * IAM binding imports use space-delimited identifiers: the resource in question and the role, e.g. + * + * ```sh + * $ pulumi import gcp:dataplex/entryGroupIamBinding:EntryGroupIamBinding editor "projects/{{project}}/locations/{{location}}/entryGroups/{{entry_group_id}} roles/viewer" + * ``` + * + * IAM policy imports use the identifier of the resource in question, e.g. + * + * ```sh + * $ pulumi import gcp:dataplex/entryGroupIamBinding:EntryGroupIamBinding editor projects/{{project}}/locations/{{location}}/entryGroups/{{entry_group_id}} + * ``` + * + * -> **Custom Roles**: If you're importing a IAM resource with a custom role, make sure to use the + * + * full name of the custom role, e.g. `[projects/my-project|organizations/my-org]/roles/my-custom-role`. + */ +export class EntryGroupIamBinding extends pulumi.CustomResource { + /** + * Get an existing EntryGroupIamBinding resource's state with the given name, ID, and optional extra + * properties used to qualify the lookup. + * + * @param name The _unique_ name of the resulting resource. + * @param id The _unique_ provider ID of the resource to lookup. + * @param state Any extra arguments used during the lookup. + * @param opts Optional settings to control the behavior of the CustomResource. + */ + public static get(name: string, id: pulumi.Input, state?: EntryGroupIamBindingState, opts?: pulumi.CustomResourceOptions): EntryGroupIamBinding { + return new EntryGroupIamBinding(name, state, { ...opts, id: id }); + } + + /** @internal */ + public static readonly __pulumiType = 'gcp:dataplex/entryGroupIamBinding:EntryGroupIamBinding'; + + /** + * Returns true if the given object is an instance of EntryGroupIamBinding. This is designed to work even + * when multiple copies of the Pulumi SDK have been loaded into the same process. + */ + public static isInstance(obj: any): obj is EntryGroupIamBinding { + if (obj === undefined || obj === null) { + return false; + } + return obj['__pulumiType'] === EntryGroupIamBinding.__pulumiType; + } + + public readonly condition!: pulumi.Output; + public readonly entryGroupId!: pulumi.Output; + /** + * (Computed) The etag of the IAM policy. + */ + public /*out*/ readonly etag!: pulumi.Output; + /** + * The location where entry group will be created in. + * Used to find the parent resource to bind the IAM policy to + */ + public readonly location!: pulumi.Output; + /** + * Identities that will be granted the privilege in `role`. + * Each entry can have one of the following values: + * * **allUsers**: A special identifier that represents anyone who is on the internet; with or without a Google account. + * * **allAuthenticatedUsers**: A special identifier that represents anyone who is authenticated with a Google account or a service account. + * * **user:{emailid}**: An email address that represents a specific Google account. For example, alice@gmail.com or joe@example.com. + * * **serviceAccount:{emailid}**: An email address that represents a service account. For example, my-other-app@appspot.gserviceaccount.com. + * * **group:{emailid}**: An email address that represents a Google group. For example, admins@example.com. + * * **domain:{domain}**: A G Suite domain (primary, instead of alias) name that represents all the users of that domain. For example, google.com or example.com. + * * **projectOwner:projectid**: Owners of the given project. For example, "projectOwner:my-example-project" + * * **projectEditor:projectid**: Editors of the given project. For example, "projectEditor:my-example-project" + * * **projectViewer:projectid**: Viewers of the given project. For example, "projectViewer:my-example-project" + */ + public readonly members!: pulumi.Output; + /** + * The ID of the project in which the resource belongs. + * If it is not provided, the project will be parsed from the identifier of the parent resource. If no project is provided in the parent identifier and no project is specified, the provider project is used. + */ + public readonly project!: pulumi.Output; + /** + * The role that should be applied. Only one + * `gcp.dataplex.EntryGroupIamBinding` can be used per role. Note that custom roles must be of the format + * `[projects|organizations]/{parent-name}/roles/{role-name}`. + */ + public readonly role!: pulumi.Output; + + /** + * Create a EntryGroupIamBinding resource with the given unique name, arguments, and options. + * + * @param name The _unique_ name of the resource. + * @param args The arguments to use to populate this resource's properties. + * @param opts A bag of options that control this resource's behavior. + */ + constructor(name: string, args: EntryGroupIamBindingArgs, opts?: pulumi.CustomResourceOptions) + constructor(name: string, argsOrState?: EntryGroupIamBindingArgs | EntryGroupIamBindingState, opts?: pulumi.CustomResourceOptions) { + let resourceInputs: pulumi.Inputs = {}; + opts = opts || {}; + if (opts.id) { + const state = argsOrState as EntryGroupIamBindingState | undefined; + resourceInputs["condition"] = state ? state.condition : undefined; + resourceInputs["entryGroupId"] = state ? state.entryGroupId : undefined; + resourceInputs["etag"] = state ? state.etag : undefined; + resourceInputs["location"] = state ? state.location : undefined; + resourceInputs["members"] = state ? state.members : undefined; + resourceInputs["project"] = state ? state.project : undefined; + resourceInputs["role"] = state ? state.role : undefined; + } else { + const args = argsOrState as EntryGroupIamBindingArgs | undefined; + if ((!args || args.entryGroupId === undefined) && !opts.urn) { + throw new Error("Missing required property 'entryGroupId'"); + } + if ((!args || args.members === undefined) && !opts.urn) { + throw new Error("Missing required property 'members'"); + } + if ((!args || args.role === undefined) && !opts.urn) { + throw new Error("Missing required property 'role'"); + } + resourceInputs["condition"] = args ? args.condition : undefined; + resourceInputs["entryGroupId"] = args ? args.entryGroupId : undefined; + resourceInputs["location"] = args ? args.location : undefined; + resourceInputs["members"] = args ? args.members : undefined; + resourceInputs["project"] = args ? args.project : undefined; + resourceInputs["role"] = args ? args.role : undefined; + resourceInputs["etag"] = undefined /*out*/; + } + opts = pulumi.mergeOptions(utilities.resourceOptsDefaults(), opts); + super(EntryGroupIamBinding.__pulumiType, name, resourceInputs, opts); + } +} + +/** + * Input properties used for looking up and filtering EntryGroupIamBinding resources. + */ +export interface EntryGroupIamBindingState { + condition?: pulumi.Input; + entryGroupId?: pulumi.Input; + /** + * (Computed) The etag of the IAM policy. + */ + etag?: pulumi.Input; + /** + * The location where entry group will be created in. + * Used to find the parent resource to bind the IAM policy to + */ + location?: pulumi.Input; + /** + * Identities that will be granted the privilege in `role`. + * Each entry can have one of the following values: + * * **allUsers**: A special identifier that represents anyone who is on the internet; with or without a Google account. + * * **allAuthenticatedUsers**: A special identifier that represents anyone who is authenticated with a Google account or a service account. + * * **user:{emailid}**: An email address that represents a specific Google account. For example, alice@gmail.com or joe@example.com. + * * **serviceAccount:{emailid}**: An email address that represents a service account. For example, my-other-app@appspot.gserviceaccount.com. + * * **group:{emailid}**: An email address that represents a Google group. For example, admins@example.com. + * * **domain:{domain}**: A G Suite domain (primary, instead of alias) name that represents all the users of that domain. For example, google.com or example.com. + * * **projectOwner:projectid**: Owners of the given project. For example, "projectOwner:my-example-project" + * * **projectEditor:projectid**: Editors of the given project. For example, "projectEditor:my-example-project" + * * **projectViewer:projectid**: Viewers of the given project. For example, "projectViewer:my-example-project" + */ + members?: pulumi.Input[]>; + /** + * The ID of the project in which the resource belongs. + * If it is not provided, the project will be parsed from the identifier of the parent resource. If no project is provided in the parent identifier and no project is specified, the provider project is used. + */ + project?: pulumi.Input; + /** + * The role that should be applied. Only one + * `gcp.dataplex.EntryGroupIamBinding` can be used per role. Note that custom roles must be of the format + * `[projects|organizations]/{parent-name}/roles/{role-name}`. + */ + role?: pulumi.Input; +} + +/** + * The set of arguments for constructing a EntryGroupIamBinding resource. + */ +export interface EntryGroupIamBindingArgs { + condition?: pulumi.Input; + entryGroupId: pulumi.Input; + /** + * The location where entry group will be created in. + * Used to find the parent resource to bind the IAM policy to + */ + location?: pulumi.Input; + /** + * Identities that will be granted the privilege in `role`. + * Each entry can have one of the following values: + * * **allUsers**: A special identifier that represents anyone who is on the internet; with or without a Google account. + * * **allAuthenticatedUsers**: A special identifier that represents anyone who is authenticated with a Google account or a service account. + * * **user:{emailid}**: An email address that represents a specific Google account. For example, alice@gmail.com or joe@example.com. + * * **serviceAccount:{emailid}**: An email address that represents a service account. For example, my-other-app@appspot.gserviceaccount.com. + * * **group:{emailid}**: An email address that represents a Google group. For example, admins@example.com. + * * **domain:{domain}**: A G Suite domain (primary, instead of alias) name that represents all the users of that domain. For example, google.com or example.com. + * * **projectOwner:projectid**: Owners of the given project. For example, "projectOwner:my-example-project" + * * **projectEditor:projectid**: Editors of the given project. For example, "projectEditor:my-example-project" + * * **projectViewer:projectid**: Viewers of the given project. For example, "projectViewer:my-example-project" + */ + members: pulumi.Input[]>; + /** + * The ID of the project in which the resource belongs. + * If it is not provided, the project will be parsed from the identifier of the parent resource. If no project is provided in the parent identifier and no project is specified, the provider project is used. + */ + project?: pulumi.Input; + /** + * The role that should be applied. Only one + * `gcp.dataplex.EntryGroupIamBinding` can be used per role. Note that custom roles must be of the format + * `[projects|organizations]/{parent-name}/roles/{role-name}`. + */ + role: pulumi.Input; +} diff --git a/sdk/nodejs/dataplex/entryGroupIamMember.ts b/sdk/nodejs/dataplex/entryGroupIamMember.ts new file mode 100644 index 0000000000..4f777bf13c --- /dev/null +++ b/sdk/nodejs/dataplex/entryGroupIamMember.ts @@ -0,0 +1,349 @@ +// *** WARNING: this file was generated by the Pulumi Terraform Bridge (tfgen) Tool. *** +// *** Do not edit by hand unless you're certain you know what you are doing! *** + +import * as pulumi from "@pulumi/pulumi"; +import * as inputs from "../types/input"; +import * as outputs from "../types/output"; +import * as utilities from "../utilities"; + +/** + * Three different resources help you manage your IAM policy for Dataplex EntryGroup. Each of these resources serves a different use case: + * + * * `gcp.dataplex.EntryGroupIamPolicy`: Authoritative. Sets the IAM policy for the entrygroup and replaces any existing policy already attached. + * * `gcp.dataplex.EntryGroupIamBinding`: Authoritative for a given role. Updates the IAM policy to grant a role to a list of members. Other roles within the IAM policy for the entrygroup are preserved. + * * `gcp.dataplex.EntryGroupIamMember`: Non-authoritative. Updates the IAM policy to grant a role to a new member. Other members for the role for the entrygroup are preserved. + * + * A data source can be used to retrieve policy data in advent you do not need creation + * + * * `gcp.dataplex.EntryGroupIamPolicy`: Retrieves the IAM policy for the entrygroup + * + * > **Note:** `gcp.dataplex.EntryGroupIamPolicy` **cannot** be used in conjunction with `gcp.dataplex.EntryGroupIamBinding` and `gcp.dataplex.EntryGroupIamMember` or they will fight over what your policy should be. + * + * > **Note:** `gcp.dataplex.EntryGroupIamBinding` resources **can be** used in conjunction with `gcp.dataplex.EntryGroupIamMember` resources **only if** they do not grant privilege to the same role. + * + * ## gcp.dataplex.EntryGroupIamPolicy + * + * ```typescript + * import * as pulumi from "@pulumi/pulumi"; + * import * as gcp from "@pulumi/gcp"; + * + * const admin = gcp.organizations.getIAMPolicy({ + * bindings: [{ + * role: "roles/viewer", + * members: ["user:jane@example.com"], + * }], + * }); + * const policy = new gcp.dataplex.EntryGroupIamPolicy("policy", { + * project: testEntryGroupBasic.project, + * location: testEntryGroupBasic.location, + * entryGroupId: testEntryGroupBasic.entryGroupId, + * policyData: admin.then(admin => admin.policyData), + * }); + * ``` + * + * ## gcp.dataplex.EntryGroupIamBinding + * + * ```typescript + * import * as pulumi from "@pulumi/pulumi"; + * import * as gcp from "@pulumi/gcp"; + * + * const binding = new gcp.dataplex.EntryGroupIamBinding("binding", { + * project: testEntryGroupBasic.project, + * location: testEntryGroupBasic.location, + * entryGroupId: testEntryGroupBasic.entryGroupId, + * role: "roles/viewer", + * members: ["user:jane@example.com"], + * }); + * ``` + * + * ## gcp.dataplex.EntryGroupIamMember + * + * ```typescript + * import * as pulumi from "@pulumi/pulumi"; + * import * as gcp from "@pulumi/gcp"; + * + * const member = new gcp.dataplex.EntryGroupIamMember("member", { + * project: testEntryGroupBasic.project, + * location: testEntryGroupBasic.location, + * entryGroupId: testEntryGroupBasic.entryGroupId, + * role: "roles/viewer", + * member: "user:jane@example.com", + * }); + * ``` + * + * ## gcp.dataplex.EntryGroupIamPolicy + * + * ```typescript + * import * as pulumi from "@pulumi/pulumi"; + * import * as gcp from "@pulumi/gcp"; + * + * const admin = gcp.organizations.getIAMPolicy({ + * bindings: [{ + * role: "roles/viewer", + * members: ["user:jane@example.com"], + * }], + * }); + * const policy = new gcp.dataplex.EntryGroupIamPolicy("policy", { + * project: testEntryGroupBasic.project, + * location: testEntryGroupBasic.location, + * entryGroupId: testEntryGroupBasic.entryGroupId, + * policyData: admin.then(admin => admin.policyData), + * }); + * ``` + * + * ## gcp.dataplex.EntryGroupIamBinding + * + * ```typescript + * import * as pulumi from "@pulumi/pulumi"; + * import * as gcp from "@pulumi/gcp"; + * + * const binding = new gcp.dataplex.EntryGroupIamBinding("binding", { + * project: testEntryGroupBasic.project, + * location: testEntryGroupBasic.location, + * entryGroupId: testEntryGroupBasic.entryGroupId, + * role: "roles/viewer", + * members: ["user:jane@example.com"], + * }); + * ``` + * + * ## gcp.dataplex.EntryGroupIamMember + * + * ```typescript + * import * as pulumi from "@pulumi/pulumi"; + * import * as gcp from "@pulumi/gcp"; + * + * const member = new gcp.dataplex.EntryGroupIamMember("member", { + * project: testEntryGroupBasic.project, + * location: testEntryGroupBasic.location, + * entryGroupId: testEntryGroupBasic.entryGroupId, + * role: "roles/viewer", + * member: "user:jane@example.com", + * }); + * ``` + * + * ## Import + * + * For all import syntaxes, the "resource in question" can take any of the following forms: + * + * * projects/{{project}}/locations/{{location}}/entryGroups/{{entry_group_id}} + * + * * {{project}}/{{location}}/{{entry_group_id}} + * + * * {{location}}/{{entry_group_id}} + * + * * {{entry_group_id}} + * + * Any variables not passed in the import command will be taken from the provider configuration. + * + * Dataplex entrygroup IAM resources can be imported using the resource identifiers, role, and member. + * + * IAM member imports use space-delimited identifiers: the resource in question, the role, and the member identity, e.g. + * + * ```sh + * $ pulumi import gcp:dataplex/entryGroupIamMember:EntryGroupIamMember editor "projects/{{project}}/locations/{{location}}/entryGroups/{{entry_group_id}} roles/viewer user:jane@example.com" + * ``` + * + * IAM binding imports use space-delimited identifiers: the resource in question and the role, e.g. + * + * ```sh + * $ pulumi import gcp:dataplex/entryGroupIamMember:EntryGroupIamMember editor "projects/{{project}}/locations/{{location}}/entryGroups/{{entry_group_id}} roles/viewer" + * ``` + * + * IAM policy imports use the identifier of the resource in question, e.g. + * + * ```sh + * $ pulumi import gcp:dataplex/entryGroupIamMember:EntryGroupIamMember editor projects/{{project}}/locations/{{location}}/entryGroups/{{entry_group_id}} + * ``` + * + * -> **Custom Roles**: If you're importing a IAM resource with a custom role, make sure to use the + * + * full name of the custom role, e.g. `[projects/my-project|organizations/my-org]/roles/my-custom-role`. + */ +export class EntryGroupIamMember extends pulumi.CustomResource { + /** + * Get an existing EntryGroupIamMember resource's state with the given name, ID, and optional extra + * properties used to qualify the lookup. + * + * @param name The _unique_ name of the resulting resource. + * @param id The _unique_ provider ID of the resource to lookup. + * @param state Any extra arguments used during the lookup. + * @param opts Optional settings to control the behavior of the CustomResource. + */ + public static get(name: string, id: pulumi.Input, state?: EntryGroupIamMemberState, opts?: pulumi.CustomResourceOptions): EntryGroupIamMember { + return new EntryGroupIamMember(name, state, { ...opts, id: id }); + } + + /** @internal */ + public static readonly __pulumiType = 'gcp:dataplex/entryGroupIamMember:EntryGroupIamMember'; + + /** + * Returns true if the given object is an instance of EntryGroupIamMember. This is designed to work even + * when multiple copies of the Pulumi SDK have been loaded into the same process. + */ + public static isInstance(obj: any): obj is EntryGroupIamMember { + if (obj === undefined || obj === null) { + return false; + } + return obj['__pulumiType'] === EntryGroupIamMember.__pulumiType; + } + + public readonly condition!: pulumi.Output; + public readonly entryGroupId!: pulumi.Output; + /** + * (Computed) The etag of the IAM policy. + */ + public /*out*/ readonly etag!: pulumi.Output; + /** + * The location where entry group will be created in. + * Used to find the parent resource to bind the IAM policy to + */ + public readonly location!: pulumi.Output; + /** + * Identities that will be granted the privilege in `role`. + * Each entry can have one of the following values: + * * **allUsers**: A special identifier that represents anyone who is on the internet; with or without a Google account. + * * **allAuthenticatedUsers**: A special identifier that represents anyone who is authenticated with a Google account or a service account. + * * **user:{emailid}**: An email address that represents a specific Google account. For example, alice@gmail.com or joe@example.com. + * * **serviceAccount:{emailid}**: An email address that represents a service account. For example, my-other-app@appspot.gserviceaccount.com. + * * **group:{emailid}**: An email address that represents a Google group. For example, admins@example.com. + * * **domain:{domain}**: A G Suite domain (primary, instead of alias) name that represents all the users of that domain. For example, google.com or example.com. + * * **projectOwner:projectid**: Owners of the given project. For example, "projectOwner:my-example-project" + * * **projectEditor:projectid**: Editors of the given project. For example, "projectEditor:my-example-project" + * * **projectViewer:projectid**: Viewers of the given project. For example, "projectViewer:my-example-project" + */ + public readonly member!: pulumi.Output; + /** + * The ID of the project in which the resource belongs. + * If it is not provided, the project will be parsed from the identifier of the parent resource. If no project is provided in the parent identifier and no project is specified, the provider project is used. + */ + public readonly project!: pulumi.Output; + /** + * The role that should be applied. Only one + * `gcp.dataplex.EntryGroupIamBinding` can be used per role. Note that custom roles must be of the format + * `[projects|organizations]/{parent-name}/roles/{role-name}`. + */ + public readonly role!: pulumi.Output; + + /** + * Create a EntryGroupIamMember resource with the given unique name, arguments, and options. + * + * @param name The _unique_ name of the resource. + * @param args The arguments to use to populate this resource's properties. + * @param opts A bag of options that control this resource's behavior. + */ + constructor(name: string, args: EntryGroupIamMemberArgs, opts?: pulumi.CustomResourceOptions) + constructor(name: string, argsOrState?: EntryGroupIamMemberArgs | EntryGroupIamMemberState, opts?: pulumi.CustomResourceOptions) { + let resourceInputs: pulumi.Inputs = {}; + opts = opts || {}; + if (opts.id) { + const state = argsOrState as EntryGroupIamMemberState | undefined; + resourceInputs["condition"] = state ? state.condition : undefined; + resourceInputs["entryGroupId"] = state ? state.entryGroupId : undefined; + resourceInputs["etag"] = state ? state.etag : undefined; + resourceInputs["location"] = state ? state.location : undefined; + resourceInputs["member"] = state ? state.member : undefined; + resourceInputs["project"] = state ? state.project : undefined; + resourceInputs["role"] = state ? state.role : undefined; + } else { + const args = argsOrState as EntryGroupIamMemberArgs | undefined; + if ((!args || args.entryGroupId === undefined) && !opts.urn) { + throw new Error("Missing required property 'entryGroupId'"); + } + if ((!args || args.member === undefined) && !opts.urn) { + throw new Error("Missing required property 'member'"); + } + if ((!args || args.role === undefined) && !opts.urn) { + throw new Error("Missing required property 'role'"); + } + resourceInputs["condition"] = args ? args.condition : undefined; + resourceInputs["entryGroupId"] = args ? args.entryGroupId : undefined; + resourceInputs["location"] = args ? args.location : undefined; + resourceInputs["member"] = args ? args.member : undefined; + resourceInputs["project"] = args ? args.project : undefined; + resourceInputs["role"] = args ? args.role : undefined; + resourceInputs["etag"] = undefined /*out*/; + } + opts = pulumi.mergeOptions(utilities.resourceOptsDefaults(), opts); + super(EntryGroupIamMember.__pulumiType, name, resourceInputs, opts); + } +} + +/** + * Input properties used for looking up and filtering EntryGroupIamMember resources. + */ +export interface EntryGroupIamMemberState { + condition?: pulumi.Input; + entryGroupId?: pulumi.Input; + /** + * (Computed) The etag of the IAM policy. + */ + etag?: pulumi.Input; + /** + * The location where entry group will be created in. + * Used to find the parent resource to bind the IAM policy to + */ + location?: pulumi.Input; + /** + * Identities that will be granted the privilege in `role`. + * Each entry can have one of the following values: + * * **allUsers**: A special identifier that represents anyone who is on the internet; with or without a Google account. + * * **allAuthenticatedUsers**: A special identifier that represents anyone who is authenticated with a Google account or a service account. + * * **user:{emailid}**: An email address that represents a specific Google account. For example, alice@gmail.com or joe@example.com. + * * **serviceAccount:{emailid}**: An email address that represents a service account. For example, my-other-app@appspot.gserviceaccount.com. + * * **group:{emailid}**: An email address that represents a Google group. For example, admins@example.com. + * * **domain:{domain}**: A G Suite domain (primary, instead of alias) name that represents all the users of that domain. For example, google.com or example.com. + * * **projectOwner:projectid**: Owners of the given project. For example, "projectOwner:my-example-project" + * * **projectEditor:projectid**: Editors of the given project. For example, "projectEditor:my-example-project" + * * **projectViewer:projectid**: Viewers of the given project. For example, "projectViewer:my-example-project" + */ + member?: pulumi.Input; + /** + * The ID of the project in which the resource belongs. + * If it is not provided, the project will be parsed from the identifier of the parent resource. If no project is provided in the parent identifier and no project is specified, the provider project is used. + */ + project?: pulumi.Input; + /** + * The role that should be applied. Only one + * `gcp.dataplex.EntryGroupIamBinding` can be used per role. Note that custom roles must be of the format + * `[projects|organizations]/{parent-name}/roles/{role-name}`. + */ + role?: pulumi.Input; +} + +/** + * The set of arguments for constructing a EntryGroupIamMember resource. + */ +export interface EntryGroupIamMemberArgs { + condition?: pulumi.Input; + entryGroupId: pulumi.Input; + /** + * The location where entry group will be created in. + * Used to find the parent resource to bind the IAM policy to + */ + location?: pulumi.Input; + /** + * Identities that will be granted the privilege in `role`. + * Each entry can have one of the following values: + * * **allUsers**: A special identifier that represents anyone who is on the internet; with or without a Google account. + * * **allAuthenticatedUsers**: A special identifier that represents anyone who is authenticated with a Google account or a service account. + * * **user:{emailid}**: An email address that represents a specific Google account. For example, alice@gmail.com or joe@example.com. + * * **serviceAccount:{emailid}**: An email address that represents a service account. For example, my-other-app@appspot.gserviceaccount.com. + * * **group:{emailid}**: An email address that represents a Google group. For example, admins@example.com. + * * **domain:{domain}**: A G Suite domain (primary, instead of alias) name that represents all the users of that domain. For example, google.com or example.com. + * * **projectOwner:projectid**: Owners of the given project. For example, "projectOwner:my-example-project" + * * **projectEditor:projectid**: Editors of the given project. For example, "projectEditor:my-example-project" + * * **projectViewer:projectid**: Viewers of the given project. For example, "projectViewer:my-example-project" + */ + member: pulumi.Input; + /** + * The ID of the project in which the resource belongs. + * If it is not provided, the project will be parsed from the identifier of the parent resource. If no project is provided in the parent identifier and no project is specified, the provider project is used. + */ + project?: pulumi.Input; + /** + * The role that should be applied. Only one + * `gcp.dataplex.EntryGroupIamBinding` can be used per role. Note that custom roles must be of the format + * `[projects|organizations]/{parent-name}/roles/{role-name}`. + */ + role: pulumi.Input; +} diff --git a/sdk/nodejs/dataplex/entryGroupIamPolicy.ts b/sdk/nodejs/dataplex/entryGroupIamPolicy.ts new file mode 100644 index 0000000000..8bdfc44eed --- /dev/null +++ b/sdk/nodejs/dataplex/entryGroupIamPolicy.ts @@ -0,0 +1,292 @@ +// *** WARNING: this file was generated by the Pulumi Terraform Bridge (tfgen) Tool. *** +// *** Do not edit by hand unless you're certain you know what you are doing! *** + +import * as pulumi from "@pulumi/pulumi"; +import * as utilities from "../utilities"; + +/** + * Three different resources help you manage your IAM policy for Dataplex EntryGroup. Each of these resources serves a different use case: + * + * * `gcp.dataplex.EntryGroupIamPolicy`: Authoritative. Sets the IAM policy for the entrygroup and replaces any existing policy already attached. + * * `gcp.dataplex.EntryGroupIamBinding`: Authoritative for a given role. Updates the IAM policy to grant a role to a list of members. Other roles within the IAM policy for the entrygroup are preserved. + * * `gcp.dataplex.EntryGroupIamMember`: Non-authoritative. Updates the IAM policy to grant a role to a new member. Other members for the role for the entrygroup are preserved. + * + * A data source can be used to retrieve policy data in advent you do not need creation + * + * * `gcp.dataplex.EntryGroupIamPolicy`: Retrieves the IAM policy for the entrygroup + * + * > **Note:** `gcp.dataplex.EntryGroupIamPolicy` **cannot** be used in conjunction with `gcp.dataplex.EntryGroupIamBinding` and `gcp.dataplex.EntryGroupIamMember` or they will fight over what your policy should be. + * + * > **Note:** `gcp.dataplex.EntryGroupIamBinding` resources **can be** used in conjunction with `gcp.dataplex.EntryGroupIamMember` resources **only if** they do not grant privilege to the same role. + * + * ## gcp.dataplex.EntryGroupIamPolicy + * + * ```typescript + * import * as pulumi from "@pulumi/pulumi"; + * import * as gcp from "@pulumi/gcp"; + * + * const admin = gcp.organizations.getIAMPolicy({ + * bindings: [{ + * role: "roles/viewer", + * members: ["user:jane@example.com"], + * }], + * }); + * const policy = new gcp.dataplex.EntryGroupIamPolicy("policy", { + * project: testEntryGroupBasic.project, + * location: testEntryGroupBasic.location, + * entryGroupId: testEntryGroupBasic.entryGroupId, + * policyData: admin.then(admin => admin.policyData), + * }); + * ``` + * + * ## gcp.dataplex.EntryGroupIamBinding + * + * ```typescript + * import * as pulumi from "@pulumi/pulumi"; + * import * as gcp from "@pulumi/gcp"; + * + * const binding = new gcp.dataplex.EntryGroupIamBinding("binding", { + * project: testEntryGroupBasic.project, + * location: testEntryGroupBasic.location, + * entryGroupId: testEntryGroupBasic.entryGroupId, + * role: "roles/viewer", + * members: ["user:jane@example.com"], + * }); + * ``` + * + * ## gcp.dataplex.EntryGroupIamMember + * + * ```typescript + * import * as pulumi from "@pulumi/pulumi"; + * import * as gcp from "@pulumi/gcp"; + * + * const member = new gcp.dataplex.EntryGroupIamMember("member", { + * project: testEntryGroupBasic.project, + * location: testEntryGroupBasic.location, + * entryGroupId: testEntryGroupBasic.entryGroupId, + * role: "roles/viewer", + * member: "user:jane@example.com", + * }); + * ``` + * + * ## gcp.dataplex.EntryGroupIamPolicy + * + * ```typescript + * import * as pulumi from "@pulumi/pulumi"; + * import * as gcp from "@pulumi/gcp"; + * + * const admin = gcp.organizations.getIAMPolicy({ + * bindings: [{ + * role: "roles/viewer", + * members: ["user:jane@example.com"], + * }], + * }); + * const policy = new gcp.dataplex.EntryGroupIamPolicy("policy", { + * project: testEntryGroupBasic.project, + * location: testEntryGroupBasic.location, + * entryGroupId: testEntryGroupBasic.entryGroupId, + * policyData: admin.then(admin => admin.policyData), + * }); + * ``` + * + * ## gcp.dataplex.EntryGroupIamBinding + * + * ```typescript + * import * as pulumi from "@pulumi/pulumi"; + * import * as gcp from "@pulumi/gcp"; + * + * const binding = new gcp.dataplex.EntryGroupIamBinding("binding", { + * project: testEntryGroupBasic.project, + * location: testEntryGroupBasic.location, + * entryGroupId: testEntryGroupBasic.entryGroupId, + * role: "roles/viewer", + * members: ["user:jane@example.com"], + * }); + * ``` + * + * ## gcp.dataplex.EntryGroupIamMember + * + * ```typescript + * import * as pulumi from "@pulumi/pulumi"; + * import * as gcp from "@pulumi/gcp"; + * + * const member = new gcp.dataplex.EntryGroupIamMember("member", { + * project: testEntryGroupBasic.project, + * location: testEntryGroupBasic.location, + * entryGroupId: testEntryGroupBasic.entryGroupId, + * role: "roles/viewer", + * member: "user:jane@example.com", + * }); + * ``` + * + * ## Import + * + * For all import syntaxes, the "resource in question" can take any of the following forms: + * + * * projects/{{project}}/locations/{{location}}/entryGroups/{{entry_group_id}} + * + * * {{project}}/{{location}}/{{entry_group_id}} + * + * * {{location}}/{{entry_group_id}} + * + * * {{entry_group_id}} + * + * Any variables not passed in the import command will be taken from the provider configuration. + * + * Dataplex entrygroup IAM resources can be imported using the resource identifiers, role, and member. + * + * IAM member imports use space-delimited identifiers: the resource in question, the role, and the member identity, e.g. + * + * ```sh + * $ pulumi import gcp:dataplex/entryGroupIamPolicy:EntryGroupIamPolicy editor "projects/{{project}}/locations/{{location}}/entryGroups/{{entry_group_id}} roles/viewer user:jane@example.com" + * ``` + * + * IAM binding imports use space-delimited identifiers: the resource in question and the role, e.g. + * + * ```sh + * $ pulumi import gcp:dataplex/entryGroupIamPolicy:EntryGroupIamPolicy editor "projects/{{project}}/locations/{{location}}/entryGroups/{{entry_group_id}} roles/viewer" + * ``` + * + * IAM policy imports use the identifier of the resource in question, e.g. + * + * ```sh + * $ pulumi import gcp:dataplex/entryGroupIamPolicy:EntryGroupIamPolicy editor projects/{{project}}/locations/{{location}}/entryGroups/{{entry_group_id}} + * ``` + * + * -> **Custom Roles**: If you're importing a IAM resource with a custom role, make sure to use the + * + * full name of the custom role, e.g. `[projects/my-project|organizations/my-org]/roles/my-custom-role`. + */ +export class EntryGroupIamPolicy extends pulumi.CustomResource { + /** + * Get an existing EntryGroupIamPolicy resource's state with the given name, ID, and optional extra + * properties used to qualify the lookup. + * + * @param name The _unique_ name of the resulting resource. + * @param id The _unique_ provider ID of the resource to lookup. + * @param state Any extra arguments used during the lookup. + * @param opts Optional settings to control the behavior of the CustomResource. + */ + public static get(name: string, id: pulumi.Input, state?: EntryGroupIamPolicyState, opts?: pulumi.CustomResourceOptions): EntryGroupIamPolicy { + return new EntryGroupIamPolicy(name, state, { ...opts, id: id }); + } + + /** @internal */ + public static readonly __pulumiType = 'gcp:dataplex/entryGroupIamPolicy:EntryGroupIamPolicy'; + + /** + * Returns true if the given object is an instance of EntryGroupIamPolicy. This is designed to work even + * when multiple copies of the Pulumi SDK have been loaded into the same process. + */ + public static isInstance(obj: any): obj is EntryGroupIamPolicy { + if (obj === undefined || obj === null) { + return false; + } + return obj['__pulumiType'] === EntryGroupIamPolicy.__pulumiType; + } + + public readonly entryGroupId!: pulumi.Output; + /** + * (Computed) The etag of the IAM policy. + */ + public /*out*/ readonly etag!: pulumi.Output; + /** + * The location where entry group will be created in. + * Used to find the parent resource to bind the IAM policy to + */ + public readonly location!: pulumi.Output; + /** + * The policy data generated by + * a `gcp.organizations.getIAMPolicy` data source. + */ + public readonly policyData!: pulumi.Output; + /** + * The ID of the project in which the resource belongs. + * If it is not provided, the project will be parsed from the identifier of the parent resource. If no project is provided in the parent identifier and no project is specified, the provider project is used. + */ + public readonly project!: pulumi.Output; + + /** + * Create a EntryGroupIamPolicy resource with the given unique name, arguments, and options. + * + * @param name The _unique_ name of the resource. + * @param args The arguments to use to populate this resource's properties. + * @param opts A bag of options that control this resource's behavior. + */ + constructor(name: string, args: EntryGroupIamPolicyArgs, opts?: pulumi.CustomResourceOptions) + constructor(name: string, argsOrState?: EntryGroupIamPolicyArgs | EntryGroupIamPolicyState, opts?: pulumi.CustomResourceOptions) { + let resourceInputs: pulumi.Inputs = {}; + opts = opts || {}; + if (opts.id) { + const state = argsOrState as EntryGroupIamPolicyState | undefined; + resourceInputs["entryGroupId"] = state ? state.entryGroupId : undefined; + resourceInputs["etag"] = state ? state.etag : undefined; + resourceInputs["location"] = state ? state.location : undefined; + resourceInputs["policyData"] = state ? state.policyData : undefined; + resourceInputs["project"] = state ? state.project : undefined; + } else { + const args = argsOrState as EntryGroupIamPolicyArgs | undefined; + if ((!args || args.entryGroupId === undefined) && !opts.urn) { + throw new Error("Missing required property 'entryGroupId'"); + } + if ((!args || args.policyData === undefined) && !opts.urn) { + throw new Error("Missing required property 'policyData'"); + } + resourceInputs["entryGroupId"] = args ? args.entryGroupId : undefined; + resourceInputs["location"] = args ? args.location : undefined; + resourceInputs["policyData"] = args ? args.policyData : undefined; + resourceInputs["project"] = args ? args.project : undefined; + resourceInputs["etag"] = undefined /*out*/; + } + opts = pulumi.mergeOptions(utilities.resourceOptsDefaults(), opts); + super(EntryGroupIamPolicy.__pulumiType, name, resourceInputs, opts); + } +} + +/** + * Input properties used for looking up and filtering EntryGroupIamPolicy resources. + */ +export interface EntryGroupIamPolicyState { + entryGroupId?: pulumi.Input; + /** + * (Computed) The etag of the IAM policy. + */ + etag?: pulumi.Input; + /** + * The location where entry group will be created in. + * Used to find the parent resource to bind the IAM policy to + */ + location?: pulumi.Input; + /** + * The policy data generated by + * a `gcp.organizations.getIAMPolicy` data source. + */ + policyData?: pulumi.Input; + /** + * The ID of the project in which the resource belongs. + * If it is not provided, the project will be parsed from the identifier of the parent resource. If no project is provided in the parent identifier and no project is specified, the provider project is used. + */ + project?: pulumi.Input; +} + +/** + * The set of arguments for constructing a EntryGroupIamPolicy resource. + */ +export interface EntryGroupIamPolicyArgs { + entryGroupId: pulumi.Input; + /** + * The location where entry group will be created in. + * Used to find the parent resource to bind the IAM policy to + */ + location?: pulumi.Input; + /** + * The policy data generated by + * a `gcp.organizations.getIAMPolicy` data source. + */ + policyData: pulumi.Input; + /** + * The ID of the project in which the resource belongs. + * If it is not provided, the project will be parsed from the identifier of the parent resource. If no project is provided in the parent identifier and no project is specified, the provider project is used. + */ + project?: pulumi.Input; +} diff --git a/sdk/nodejs/dataplex/getAspectTypeIamPolicy.ts b/sdk/nodejs/dataplex/getAspectTypeIamPolicy.ts new file mode 100644 index 0000000000..7461fb3a7a --- /dev/null +++ b/sdk/nodejs/dataplex/getAspectTypeIamPolicy.ts @@ -0,0 +1,106 @@ +// *** WARNING: this file was generated by the Pulumi Terraform Bridge (tfgen) Tool. *** +// *** Do not edit by hand unless you're certain you know what you are doing! *** + +import * as pulumi from "@pulumi/pulumi"; +import * as utilities from "../utilities"; + +/** + * Retrieves the current IAM policy data for aspecttype + * + * ## example + * + * ```typescript + * import * as pulumi from "@pulumi/pulumi"; + * import * as gcp from "@pulumi/gcp"; + * + * const policy = gcp.dataplex.getAspectTypeIamPolicy({ + * project: testAspectTypeBasic.project, + * location: testAspectTypeBasic.location, + * aspectTypeId: testAspectTypeBasic.aspectTypeId, + * }); + * ``` + */ +export function getAspectTypeIamPolicy(args: GetAspectTypeIamPolicyArgs, opts?: pulumi.InvokeOptions): Promise { + + opts = pulumi.mergeOptions(utilities.resourceOptsDefaults(), opts || {}); + return pulumi.runtime.invoke("gcp:dataplex/getAspectTypeIamPolicy:getAspectTypeIamPolicy", { + "aspectTypeId": args.aspectTypeId, + "location": args.location, + "project": args.project, + }, opts); +} + +/** + * A collection of arguments for invoking getAspectTypeIamPolicy. + */ +export interface GetAspectTypeIamPolicyArgs { + aspectTypeId: string; + /** + * The location where aspect type will be created in. + * Used to find the parent resource to bind the IAM policy to + */ + location?: string; + /** + * The ID of the project in which the resource belongs. + * If it is not provided, the project will be parsed from the identifier of the parent resource. If no project is provided in the parent identifier and no project is specified, the provider project is used. + */ + project?: string; +} + +/** + * A collection of values returned by getAspectTypeIamPolicy. + */ +export interface GetAspectTypeIamPolicyResult { + readonly aspectTypeId: string; + /** + * (Computed) The etag of the IAM policy. + */ + readonly etag: string; + /** + * The provider-assigned unique ID for this managed resource. + */ + readonly id: string; + readonly location: string; + /** + * (Required only by `gcp.dataplex.AspectTypeIamPolicy`) The policy data generated by + * a `gcp.organizations.getIAMPolicy` data source. + */ + readonly policyData: string; + readonly project: string; +} +/** + * Retrieves the current IAM policy data for aspecttype + * + * ## example + * + * ```typescript + * import * as pulumi from "@pulumi/pulumi"; + * import * as gcp from "@pulumi/gcp"; + * + * const policy = gcp.dataplex.getAspectTypeIamPolicy({ + * project: testAspectTypeBasic.project, + * location: testAspectTypeBasic.location, + * aspectTypeId: testAspectTypeBasic.aspectTypeId, + * }); + * ``` + */ +export function getAspectTypeIamPolicyOutput(args: GetAspectTypeIamPolicyOutputArgs, opts?: pulumi.InvokeOptions): pulumi.Output { + return pulumi.output(args).apply((a: any) => getAspectTypeIamPolicy(a, opts)) +} + +/** + * A collection of arguments for invoking getAspectTypeIamPolicy. + */ +export interface GetAspectTypeIamPolicyOutputArgs { + aspectTypeId: pulumi.Input; + /** + * The location where aspect type will be created in. + * Used to find the parent resource to bind the IAM policy to + */ + location?: pulumi.Input; + /** + * The ID of the project in which the resource belongs. + * If it is not provided, the project will be parsed from the identifier of the parent resource. If no project is provided in the parent identifier and no project is specified, the provider project is used. + */ + project?: pulumi.Input; +} diff --git a/sdk/nodejs/dataplex/getEntryGroupIamPolicy.ts b/sdk/nodejs/dataplex/getEntryGroupIamPolicy.ts new file mode 100644 index 0000000000..85e7f3ab3c --- /dev/null +++ b/sdk/nodejs/dataplex/getEntryGroupIamPolicy.ts @@ -0,0 +1,106 @@ +// *** WARNING: this file was generated by the Pulumi Terraform Bridge (tfgen) Tool. *** +// *** Do not edit by hand unless you're certain you know what you are doing! *** + +import * as pulumi from "@pulumi/pulumi"; +import * as utilities from "../utilities"; + +/** + * Retrieves the current IAM policy data for entrygroup + * + * ## example + * + * ```typescript + * import * as pulumi from "@pulumi/pulumi"; + * import * as gcp from "@pulumi/gcp"; + * + * const policy = gcp.dataplex.getEntryGroupIamPolicy({ + * project: testEntryGroupBasic.project, + * location: testEntryGroupBasic.location, + * entryGroupId: testEntryGroupBasic.entryGroupId, + * }); + * ``` + */ +export function getEntryGroupIamPolicy(args: GetEntryGroupIamPolicyArgs, opts?: pulumi.InvokeOptions): Promise { + + opts = pulumi.mergeOptions(utilities.resourceOptsDefaults(), opts || {}); + return pulumi.runtime.invoke("gcp:dataplex/getEntryGroupIamPolicy:getEntryGroupIamPolicy", { + "entryGroupId": args.entryGroupId, + "location": args.location, + "project": args.project, + }, opts); +} + +/** + * A collection of arguments for invoking getEntryGroupIamPolicy. + */ +export interface GetEntryGroupIamPolicyArgs { + entryGroupId: string; + /** + * The location where entry group will be created in. + * Used to find the parent resource to bind the IAM policy to + */ + location?: string; + /** + * The ID of the project in which the resource belongs. + * If it is not provided, the project will be parsed from the identifier of the parent resource. If no project is provided in the parent identifier and no project is specified, the provider project is used. + */ + project?: string; +} + +/** + * A collection of values returned by getEntryGroupIamPolicy. + */ +export interface GetEntryGroupIamPolicyResult { + readonly entryGroupId: string; + /** + * (Computed) The etag of the IAM policy. + */ + readonly etag: string; + /** + * The provider-assigned unique ID for this managed resource. + */ + readonly id: string; + readonly location: string; + /** + * (Required only by `gcp.dataplex.EntryGroupIamPolicy`) The policy data generated by + * a `gcp.organizations.getIAMPolicy` data source. + */ + readonly policyData: string; + readonly project: string; +} +/** + * Retrieves the current IAM policy data for entrygroup + * + * ## example + * + * ```typescript + * import * as pulumi from "@pulumi/pulumi"; + * import * as gcp from "@pulumi/gcp"; + * + * const policy = gcp.dataplex.getEntryGroupIamPolicy({ + * project: testEntryGroupBasic.project, + * location: testEntryGroupBasic.location, + * entryGroupId: testEntryGroupBasic.entryGroupId, + * }); + * ``` + */ +export function getEntryGroupIamPolicyOutput(args: GetEntryGroupIamPolicyOutputArgs, opts?: pulumi.InvokeOptions): pulumi.Output { + return pulumi.output(args).apply((a: any) => getEntryGroupIamPolicy(a, opts)) +} + +/** + * A collection of arguments for invoking getEntryGroupIamPolicy. + */ +export interface GetEntryGroupIamPolicyOutputArgs { + entryGroupId: pulumi.Input; + /** + * The location where entry group will be created in. + * Used to find the parent resource to bind the IAM policy to + */ + location?: pulumi.Input; + /** + * The ID of the project in which the resource belongs. + * If it is not provided, the project will be parsed from the identifier of the parent resource. If no project is provided in the parent identifier and no project is specified, the provider project is used. + */ + project?: pulumi.Input; +} diff --git a/sdk/nodejs/dataplex/index.ts b/sdk/nodejs/dataplex/index.ts index 1c02f8640e..8bdecaf1e0 100644 --- a/sdk/nodejs/dataplex/index.ts +++ b/sdk/nodejs/dataplex/index.ts @@ -5,6 +5,26 @@ import * as pulumi from "@pulumi/pulumi"; import * as utilities from "../utilities"; // Export members: +export { AspectTypeArgs, AspectTypeState } from "./aspectType"; +export type AspectType = import("./aspectType").AspectType; +export const AspectType: typeof import("./aspectType").AspectType = null as any; +utilities.lazyLoad(exports, ["AspectType"], () => require("./aspectType")); + +export { AspectTypeIamBindingArgs, AspectTypeIamBindingState } from "./aspectTypeIamBinding"; +export type AspectTypeIamBinding = import("./aspectTypeIamBinding").AspectTypeIamBinding; +export const AspectTypeIamBinding: typeof import("./aspectTypeIamBinding").AspectTypeIamBinding = null as any; +utilities.lazyLoad(exports, ["AspectTypeIamBinding"], () => require("./aspectTypeIamBinding")); + +export { AspectTypeIamMemberArgs, AspectTypeIamMemberState } from "./aspectTypeIamMember"; +export type AspectTypeIamMember = import("./aspectTypeIamMember").AspectTypeIamMember; +export const AspectTypeIamMember: typeof import("./aspectTypeIamMember").AspectTypeIamMember = null as any; +utilities.lazyLoad(exports, ["AspectTypeIamMember"], () => require("./aspectTypeIamMember")); + +export { AspectTypeIamPolicyArgs, AspectTypeIamPolicyState } from "./aspectTypeIamPolicy"; +export type AspectTypeIamPolicy = import("./aspectTypeIamPolicy").AspectTypeIamPolicy; +export const AspectTypeIamPolicy: typeof import("./aspectTypeIamPolicy").AspectTypeIamPolicy = null as any; +utilities.lazyLoad(exports, ["AspectTypeIamPolicy"], () => require("./aspectTypeIamPolicy")); + export { AssetArgs, AssetState } from "./asset"; export type Asset = import("./asset").Asset; export const Asset: typeof import("./asset").Asset = null as any; @@ -45,6 +65,31 @@ export type DatascanIamPolicy = import("./datascanIamPolicy").DatascanIamPolicy; export const DatascanIamPolicy: typeof import("./datascanIamPolicy").DatascanIamPolicy = null as any; utilities.lazyLoad(exports, ["DatascanIamPolicy"], () => require("./datascanIamPolicy")); +export { EntryGroupArgs, EntryGroupState } from "./entryGroup"; +export type EntryGroup = import("./entryGroup").EntryGroup; +export const EntryGroup: typeof import("./entryGroup").EntryGroup = null as any; +utilities.lazyLoad(exports, ["EntryGroup"], () => require("./entryGroup")); + +export { EntryGroupIamBindingArgs, EntryGroupIamBindingState } from "./entryGroupIamBinding"; +export type EntryGroupIamBinding = import("./entryGroupIamBinding").EntryGroupIamBinding; +export const EntryGroupIamBinding: typeof import("./entryGroupIamBinding").EntryGroupIamBinding = null as any; +utilities.lazyLoad(exports, ["EntryGroupIamBinding"], () => require("./entryGroupIamBinding")); + +export { EntryGroupIamMemberArgs, EntryGroupIamMemberState } from "./entryGroupIamMember"; +export type EntryGroupIamMember = import("./entryGroupIamMember").EntryGroupIamMember; +export const EntryGroupIamMember: typeof import("./entryGroupIamMember").EntryGroupIamMember = null as any; +utilities.lazyLoad(exports, ["EntryGroupIamMember"], () => require("./entryGroupIamMember")); + +export { EntryGroupIamPolicyArgs, EntryGroupIamPolicyState } from "./entryGroupIamPolicy"; +export type EntryGroupIamPolicy = import("./entryGroupIamPolicy").EntryGroupIamPolicy; +export const EntryGroupIamPolicy: typeof import("./entryGroupIamPolicy").EntryGroupIamPolicy = null as any; +utilities.lazyLoad(exports, ["EntryGroupIamPolicy"], () => require("./entryGroupIamPolicy")); + +export { GetAspectTypeIamPolicyArgs, GetAspectTypeIamPolicyResult, GetAspectTypeIamPolicyOutputArgs } from "./getAspectTypeIamPolicy"; +export const getAspectTypeIamPolicy: typeof import("./getAspectTypeIamPolicy").getAspectTypeIamPolicy = null as any; +export const getAspectTypeIamPolicyOutput: typeof import("./getAspectTypeIamPolicy").getAspectTypeIamPolicyOutput = null as any; +utilities.lazyLoad(exports, ["getAspectTypeIamPolicy","getAspectTypeIamPolicyOutput"], () => require("./getAspectTypeIamPolicy")); + export { GetAssetIamPolicyArgs, GetAssetIamPolicyResult, GetAssetIamPolicyOutputArgs } from "./getAssetIamPolicy"; export const getAssetIamPolicy: typeof import("./getAssetIamPolicy").getAssetIamPolicy = null as any; export const getAssetIamPolicyOutput: typeof import("./getAssetIamPolicy").getAssetIamPolicyOutput = null as any; @@ -55,6 +100,11 @@ export const getDatascanIamPolicy: typeof import("./getDatascanIamPolicy").getDa export const getDatascanIamPolicyOutput: typeof import("./getDatascanIamPolicy").getDatascanIamPolicyOutput = null as any; utilities.lazyLoad(exports, ["getDatascanIamPolicy","getDatascanIamPolicyOutput"], () => require("./getDatascanIamPolicy")); +export { GetEntryGroupIamPolicyArgs, GetEntryGroupIamPolicyResult, GetEntryGroupIamPolicyOutputArgs } from "./getEntryGroupIamPolicy"; +export const getEntryGroupIamPolicy: typeof import("./getEntryGroupIamPolicy").getEntryGroupIamPolicy = null as any; +export const getEntryGroupIamPolicyOutput: typeof import("./getEntryGroupIamPolicy").getEntryGroupIamPolicyOutput = null as any; +utilities.lazyLoad(exports, ["getEntryGroupIamPolicy","getEntryGroupIamPolicyOutput"], () => require("./getEntryGroupIamPolicy")); + export { GetLakeIamPolicyArgs, GetLakeIamPolicyResult, GetLakeIamPolicyOutputArgs } from "./getLakeIamPolicy"; export const getLakeIamPolicy: typeof import("./getLakeIamPolicy").getLakeIamPolicy = null as any; export const getLakeIamPolicyOutput: typeof import("./getLakeIamPolicy").getLakeIamPolicyOutput = null as any; @@ -135,6 +185,14 @@ const _module = { version: utilities.getVersion(), construct: (name: string, type: string, urn: string): pulumi.Resource => { switch (type) { + case "gcp:dataplex/aspectType:AspectType": + return new AspectType(name, undefined, { urn }) + case "gcp:dataplex/aspectTypeIamBinding:AspectTypeIamBinding": + return new AspectTypeIamBinding(name, undefined, { urn }) + case "gcp:dataplex/aspectTypeIamMember:AspectTypeIamMember": + return new AspectTypeIamMember(name, undefined, { urn }) + case "gcp:dataplex/aspectTypeIamPolicy:AspectTypeIamPolicy": + return new AspectTypeIamPolicy(name, undefined, { urn }) case "gcp:dataplex/asset:Asset": return new Asset(name, undefined, { urn }) case "gcp:dataplex/assetIamBinding:AssetIamBinding": @@ -151,6 +209,14 @@ const _module = { return new DatascanIamMember(name, undefined, { urn }) case "gcp:dataplex/datascanIamPolicy:DatascanIamPolicy": return new DatascanIamPolicy(name, undefined, { urn }) + case "gcp:dataplex/entryGroup:EntryGroup": + return new EntryGroup(name, undefined, { urn }) + case "gcp:dataplex/entryGroupIamBinding:EntryGroupIamBinding": + return new EntryGroupIamBinding(name, undefined, { urn }) + case "gcp:dataplex/entryGroupIamMember:EntryGroupIamMember": + return new EntryGroupIamMember(name, undefined, { urn }) + case "gcp:dataplex/entryGroupIamPolicy:EntryGroupIamPolicy": + return new EntryGroupIamPolicy(name, undefined, { urn }) case "gcp:dataplex/lake:Lake": return new Lake(name, undefined, { urn }) case "gcp:dataplex/lakeIamBinding:LakeIamBinding": @@ -180,6 +246,10 @@ const _module = { } }, }; +pulumi.runtime.registerResourceModule("gcp", "dataplex/aspectType", _module) +pulumi.runtime.registerResourceModule("gcp", "dataplex/aspectTypeIamBinding", _module) +pulumi.runtime.registerResourceModule("gcp", "dataplex/aspectTypeIamMember", _module) +pulumi.runtime.registerResourceModule("gcp", "dataplex/aspectTypeIamPolicy", _module) pulumi.runtime.registerResourceModule("gcp", "dataplex/asset", _module) pulumi.runtime.registerResourceModule("gcp", "dataplex/assetIamBinding", _module) pulumi.runtime.registerResourceModule("gcp", "dataplex/assetIamMember", _module) @@ -188,6 +258,10 @@ pulumi.runtime.registerResourceModule("gcp", "dataplex/datascan", _module) pulumi.runtime.registerResourceModule("gcp", "dataplex/datascanIamBinding", _module) pulumi.runtime.registerResourceModule("gcp", "dataplex/datascanIamMember", _module) pulumi.runtime.registerResourceModule("gcp", "dataplex/datascanIamPolicy", _module) +pulumi.runtime.registerResourceModule("gcp", "dataplex/entryGroup", _module) +pulumi.runtime.registerResourceModule("gcp", "dataplex/entryGroupIamBinding", _module) +pulumi.runtime.registerResourceModule("gcp", "dataplex/entryGroupIamMember", _module) +pulumi.runtime.registerResourceModule("gcp", "dataplex/entryGroupIamPolicy", _module) pulumi.runtime.registerResourceModule("gcp", "dataplex/lake", _module) pulumi.runtime.registerResourceModule("gcp", "dataplex/lakeIamBinding", _module) pulumi.runtime.registerResourceModule("gcp", "dataplex/lakeIamMember", _module) diff --git a/sdk/nodejs/datastream/connectionProfile.ts b/sdk/nodejs/datastream/connectionProfile.ts index 992a76ea5c..c29357955e 100644 --- a/sdk/nodejs/datastream/connectionProfile.ts +++ b/sdk/nodejs/datastream/connectionProfile.ts @@ -312,6 +312,10 @@ export class ConnectionProfile extends pulumi.CustomResource { * The connection profile identifier. */ public readonly connectionProfileId!: pulumi.Output; + /** + * Create the connection profile without validating it. + */ + public readonly createWithoutValidation!: pulumi.Output; /** * Display name. */ @@ -398,6 +402,7 @@ export class ConnectionProfile extends pulumi.CustomResource { const state = argsOrState as ConnectionProfileState | undefined; resourceInputs["bigqueryProfile"] = state ? state.bigqueryProfile : undefined; resourceInputs["connectionProfileId"] = state ? state.connectionProfileId : undefined; + resourceInputs["createWithoutValidation"] = state ? state.createWithoutValidation : undefined; resourceInputs["displayName"] = state ? state.displayName : undefined; resourceInputs["effectiveLabels"] = state ? state.effectiveLabels : undefined; resourceInputs["forwardSshConnectivity"] = state ? state.forwardSshConnectivity : undefined; @@ -425,6 +430,7 @@ export class ConnectionProfile extends pulumi.CustomResource { } resourceInputs["bigqueryProfile"] = args ? args.bigqueryProfile : undefined; resourceInputs["connectionProfileId"] = args ? args.connectionProfileId : undefined; + resourceInputs["createWithoutValidation"] = args ? args.createWithoutValidation : undefined; resourceInputs["displayName"] = args ? args.displayName : undefined; resourceInputs["forwardSshConnectivity"] = args ? args.forwardSshConnectivity : undefined; resourceInputs["gcsProfile"] = args ? args.gcsProfile : undefined; @@ -459,6 +465,10 @@ export interface ConnectionProfileState { * The connection profile identifier. */ connectionProfileId?: pulumi.Input; + /** + * Create the connection profile without validating it. + */ + createWithoutValidation?: pulumi.Input; /** * Display name. */ @@ -543,6 +553,10 @@ export interface ConnectionProfileArgs { * The connection profile identifier. */ connectionProfileId: pulumi.Input; + /** + * Create the connection profile without validating it. + */ + createWithoutValidation?: pulumi.Input; /** * Display name. */ diff --git a/sdk/nodejs/datastream/privateConnection.ts b/sdk/nodejs/datastream/privateConnection.ts index 068d3973e9..df22159a27 100644 --- a/sdk/nodejs/datastream/privateConnection.ts +++ b/sdk/nodejs/datastream/privateConnection.ts @@ -90,6 +90,10 @@ export class PrivateConnection extends pulumi.CustomResource { return obj['__pulumiType'] === PrivateConnection.__pulumiType; } + /** + * If set to true, will skip validations. + */ + public readonly createWithoutValidation!: pulumi.Output; /** * Display name. */ @@ -150,6 +154,7 @@ export class PrivateConnection extends pulumi.CustomResource { opts = opts || {}; if (opts.id) { const state = argsOrState as PrivateConnectionState | undefined; + resourceInputs["createWithoutValidation"] = state ? state.createWithoutValidation : undefined; resourceInputs["displayName"] = state ? state.displayName : undefined; resourceInputs["effectiveLabels"] = state ? state.effectiveLabels : undefined; resourceInputs["errors"] = state ? state.errors : undefined; @@ -175,6 +180,7 @@ export class PrivateConnection extends pulumi.CustomResource { if ((!args || args.vpcPeeringConfig === undefined) && !opts.urn) { throw new Error("Missing required property 'vpcPeeringConfig'"); } + resourceInputs["createWithoutValidation"] = args ? args.createWithoutValidation : undefined; resourceInputs["displayName"] = args ? args.displayName : undefined; resourceInputs["labels"] = args ? args.labels : undefined; resourceInputs["location"] = args ? args.location : undefined; @@ -198,6 +204,10 @@ export class PrivateConnection extends pulumi.CustomResource { * Input properties used for looking up and filtering PrivateConnection resources. */ export interface PrivateConnectionState { + /** + * If set to true, will skip validations. + */ + createWithoutValidation?: pulumi.Input; /** * Display name. */ @@ -250,6 +260,10 @@ export interface PrivateConnectionState { * The set of arguments for constructing a PrivateConnection resource. */ export interface PrivateConnectionArgs { + /** + * If set to true, will skip validations. + */ + createWithoutValidation?: pulumi.Input; /** * Display name. */ diff --git a/sdk/nodejs/datastream/stream.ts b/sdk/nodejs/datastream/stream.ts index 64c64592fc..7b4ea02435 100644 --- a/sdk/nodejs/datastream/stream.ts +++ b/sdk/nodejs/datastream/stream.ts @@ -722,6 +722,10 @@ export class Stream extends pulumi.CustomResource { * Backfill strategy to disable automatic backfill for the Stream's objects. */ public readonly backfillNone!: pulumi.Output; + /** + * Create the stream without validating it. + */ + public readonly createWithoutValidation!: pulumi.Output; /** * A reference to a KMS encryption key. If provided, it will be used to encrypt the data. If left blank, data will be * encrypted using an internal Stream-specific encryption key provisioned through KMS. @@ -792,6 +796,7 @@ export class Stream extends pulumi.CustomResource { const state = argsOrState as StreamState | undefined; resourceInputs["backfillAll"] = state ? state.backfillAll : undefined; resourceInputs["backfillNone"] = state ? state.backfillNone : undefined; + resourceInputs["createWithoutValidation"] = state ? state.createWithoutValidation : undefined; resourceInputs["customerManagedEncryptionKey"] = state ? state.customerManagedEncryptionKey : undefined; resourceInputs["desiredState"] = state ? state.desiredState : undefined; resourceInputs["destinationConfig"] = state ? state.destinationConfig : undefined; @@ -824,6 +829,7 @@ export class Stream extends pulumi.CustomResource { } resourceInputs["backfillAll"] = args ? args.backfillAll : undefined; resourceInputs["backfillNone"] = args ? args.backfillNone : undefined; + resourceInputs["createWithoutValidation"] = args ? args.createWithoutValidation : undefined; resourceInputs["customerManagedEncryptionKey"] = args ? args.customerManagedEncryptionKey : undefined; resourceInputs["desiredState"] = args ? args.desiredState : undefined; resourceInputs["destinationConfig"] = args ? args.destinationConfig : undefined; @@ -857,6 +863,10 @@ export interface StreamState { * Backfill strategy to disable automatic backfill for the Stream's objects. */ backfillNone?: pulumi.Input; + /** + * Create the stream without validating it. + */ + createWithoutValidation?: pulumi.Input; /** * A reference to a KMS encryption key. If provided, it will be used to encrypt the data. If left blank, data will be * encrypted using an internal Stream-specific encryption key provisioned through KMS. @@ -925,6 +935,10 @@ export interface StreamArgs { * Backfill strategy to disable automatic backfill for the Stream's objects. */ backfillNone?: pulumi.Input; + /** + * Create the stream without validating it. + */ + createWithoutValidation?: pulumi.Input; /** * A reference to a KMS encryption key. If provided, it will be used to encrypt the data. If left blank, data will be * encrypted using an internal Stream-specific encryption key provisioned through KMS. diff --git a/sdk/nodejs/kms/autokeyConfig.ts b/sdk/nodejs/kms/autokeyConfig.ts new file mode 100644 index 0000000000..2edd2ed849 --- /dev/null +++ b/sdk/nodejs/kms/autokeyConfig.ts @@ -0,0 +1,199 @@ +// *** WARNING: this file was generated by the Pulumi Terraform Bridge (tfgen) Tool. *** +// *** Do not edit by hand unless you're certain you know what you are doing! *** + +import * as pulumi from "@pulumi/pulumi"; +import * as utilities from "../utilities"; + +/** + * ## Example Usage + * + * ### Kms Autokey Config All + * + * ```typescript + * import * as pulumi from "@pulumi/pulumi"; + * import * as gcp from "@pulumi/gcp"; + * import * as time from "@pulumi/time"; + * + * // Create Folder in GCP Organization + * const autokmsFolder = new gcp.organizations.Folder("autokms_folder", { + * displayName: "my-folder", + * parent: "organizations/123456789", + * }); + * // Create the key project + * const keyProject = new gcp.organizations.Project("key_project", { + * projectId: "key-proj", + * name: "key-proj", + * folderId: autokmsFolder.folderId, + * billingAccount: "000000-0000000-0000000-000000", + * }, { + * dependsOn: [autokmsFolder], + * }); + * // Enable the Cloud KMS API + * const kmsApiService = new gcp.projects.Service("kms_api_service", { + * service: "cloudkms.googleapis.com", + * project: keyProject.projectId, + * disableOnDestroy: false, + * disableDependentServices: true, + * }, { + * dependsOn: [keyProject], + * }); + * // Wait delay after enabling APIs + * const waitEnableServiceApi = new time.index.Sleep("wait_enable_service_api", {createDuration: "30s"}, { + * dependsOn: [kmsApiService], + * }); + * //Create KMS Service Agent + * const kmsServiceAgent = new gcp.projects.ServiceIdentity("kms_service_agent", { + * service: "cloudkms.googleapis.com", + * project: keyProject.number, + * }, { + * dependsOn: [waitEnableServiceApi], + * }); + * // Wait delay after creating service agent. + * const waitServiceAgent = new time.index.Sleep("wait_service_agent", {createDuration: "10s"}, { + * dependsOn: [kmsServiceAgent], + * }); + * //Grant the KMS Service Agent the Cloud KMS Admin role + * const autokeyProjectAdmin = new gcp.projects.IAMMember("autokey_project_admin", { + * project: keyProject.projectId, + * role: "roles/cloudkms.admin", + * member: pulumi.interpolate`serviceAccount:service-${keyProject.number}@gcp-sa-cloudkms.iam.gserviceaccount.com`, + * }, { + * dependsOn: [waitServiceAgent], + * }); + * // Wait delay after granting IAM permissions + * const waitSrvAccPermissions = new time.index.Sleep("wait_srv_acc_permissions", {createDuration: "10s"}, { + * dependsOn: [autokeyProjectAdmin], + * }); + * const example_autokeyconfig = new gcp.kms.AutokeyConfig("example-autokeyconfig", { + * folder: autokmsFolder.folderId, + * keyProject: pulumi.interpolate`projects/${keyProject.projectId}`, + * }, { + * dependsOn: [waitSrvAccPermissions], + * }); + * ``` + * + * ## Import + * + * AutokeyConfig can be imported using any of these accepted formats: + * + * * `folders/{{folder}}/autokeyConfig` + * + * * `{{folder}}` + * + * When using the `pulumi import` command, AutokeyConfig can be imported using one of the formats above. For example: + * + * ```sh + * $ pulumi import gcp:kms/autokeyConfig:AutokeyConfig default folders/{{folder}}/autokeyConfig + * ``` + * + * ```sh + * $ pulumi import gcp:kms/autokeyConfig:AutokeyConfig default {{folder}} + * ``` + */ +export class AutokeyConfig extends pulumi.CustomResource { + /** + * Get an existing AutokeyConfig resource's state with the given name, ID, and optional extra + * properties used to qualify the lookup. + * + * @param name The _unique_ name of the resulting resource. + * @param id The _unique_ provider ID of the resource to lookup. + * @param state Any extra arguments used during the lookup. + * @param opts Optional settings to control the behavior of the CustomResource. + */ + public static get(name: string, id: pulumi.Input, state?: AutokeyConfigState, opts?: pulumi.CustomResourceOptions): AutokeyConfig { + return new AutokeyConfig(name, state, { ...opts, id: id }); + } + + /** @internal */ + public static readonly __pulumiType = 'gcp:kms/autokeyConfig:AutokeyConfig'; + + /** + * Returns true if the given object is an instance of AutokeyConfig. This is designed to work even + * when multiple copies of the Pulumi SDK have been loaded into the same process. + */ + public static isInstance(obj: any): obj is AutokeyConfig { + if (obj === undefined || obj === null) { + return false; + } + return obj['__pulumiType'] === AutokeyConfig.__pulumiType; + } + + /** + * The folder for which to retrieve config. + * + * + * - - - + */ + public readonly folder!: pulumi.Output; + /** + * The target key project for a given folder where KMS Autokey will provision a + * CryptoKey for any new KeyHandle the Developer creates. Should have the form + * `projects/`. + */ + public readonly keyProject!: pulumi.Output; + + /** + * Create a AutokeyConfig resource with the given unique name, arguments, and options. + * + * @param name The _unique_ name of the resource. + * @param args The arguments to use to populate this resource's properties. + * @param opts A bag of options that control this resource's behavior. + */ + constructor(name: string, args: AutokeyConfigArgs, opts?: pulumi.CustomResourceOptions) + constructor(name: string, argsOrState?: AutokeyConfigArgs | AutokeyConfigState, opts?: pulumi.CustomResourceOptions) { + let resourceInputs: pulumi.Inputs = {}; + opts = opts || {}; + if (opts.id) { + const state = argsOrState as AutokeyConfigState | undefined; + resourceInputs["folder"] = state ? state.folder : undefined; + resourceInputs["keyProject"] = state ? state.keyProject : undefined; + } else { + const args = argsOrState as AutokeyConfigArgs | undefined; + if ((!args || args.folder === undefined) && !opts.urn) { + throw new Error("Missing required property 'folder'"); + } + resourceInputs["folder"] = args ? args.folder : undefined; + resourceInputs["keyProject"] = args ? args.keyProject : undefined; + } + opts = pulumi.mergeOptions(utilities.resourceOptsDefaults(), opts); + super(AutokeyConfig.__pulumiType, name, resourceInputs, opts); + } +} + +/** + * Input properties used for looking up and filtering AutokeyConfig resources. + */ +export interface AutokeyConfigState { + /** + * The folder for which to retrieve config. + * + * + * - - - + */ + folder?: pulumi.Input; + /** + * The target key project for a given folder where KMS Autokey will provision a + * CryptoKey for any new KeyHandle the Developer creates. Should have the form + * `projects/`. + */ + keyProject?: pulumi.Input; +} + +/** + * The set of arguments for constructing a AutokeyConfig resource. + */ +export interface AutokeyConfigArgs { + /** + * The folder for which to retrieve config. + * + * + * - - - + */ + folder: pulumi.Input; + /** + * The target key project for a given folder where KMS Autokey will provision a + * CryptoKey for any new KeyHandle the Developer creates. Should have the form + * `projects/`. + */ + keyProject?: pulumi.Input; +} diff --git a/sdk/nodejs/kms/index.ts b/sdk/nodejs/kms/index.ts index ddffa372f4..522cbd94c4 100644 --- a/sdk/nodejs/kms/index.ts +++ b/sdk/nodejs/kms/index.ts @@ -5,6 +5,11 @@ import * as pulumi from "@pulumi/pulumi"; import * as utilities from "../utilities"; // Export members: +export { AutokeyConfigArgs, AutokeyConfigState } from "./autokeyConfig"; +export type AutokeyConfig = import("./autokeyConfig").AutokeyConfig; +export const AutokeyConfig: typeof import("./autokeyConfig").AutokeyConfig = null as any; +utilities.lazyLoad(exports, ["AutokeyConfig"], () => require("./autokeyConfig")); + export { CryptoKeyArgs, CryptoKeyState } from "./cryptoKey"; export type CryptoKey = import("./cryptoKey").CryptoKey; export const CryptoKey: typeof import("./cryptoKey").CryptoKey = null as any; @@ -75,6 +80,11 @@ export const getKeyRingIamPolicy: typeof import("./getKeyRingIamPolicy").getKeyR export const getKeyRingIamPolicyOutput: typeof import("./getKeyRingIamPolicy").getKeyRingIamPolicyOutput = null as any; utilities.lazyLoad(exports, ["getKeyRingIamPolicy","getKeyRingIamPolicyOutput"], () => require("./getKeyRingIamPolicy")); +export { KeyHandleArgs, KeyHandleState } from "./keyHandle"; +export type KeyHandle = import("./keyHandle").KeyHandle; +export const KeyHandle: typeof import("./keyHandle").KeyHandle = null as any; +utilities.lazyLoad(exports, ["KeyHandle"], () => require("./keyHandle")); + export { KeyRingArgs, KeyRingState } from "./keyRing"; export type KeyRing = import("./keyRing").KeyRing; export const KeyRing: typeof import("./keyRing").KeyRing = null as any; @@ -110,6 +120,8 @@ const _module = { version: utilities.getVersion(), construct: (name: string, type: string, urn: string): pulumi.Resource => { switch (type) { + case "gcp:kms/autokeyConfig:AutokeyConfig": + return new AutokeyConfig(name, undefined, { urn }) case "gcp:kms/cryptoKey:CryptoKey": return new CryptoKey(name, undefined, { urn }) case "gcp:kms/cryptoKeyIAMBinding:CryptoKeyIAMBinding": @@ -122,6 +134,8 @@ const _module = { return new CryptoKeyVersion(name, undefined, { urn }) case "gcp:kms/ekmConnection:EkmConnection": return new EkmConnection(name, undefined, { urn }) + case "gcp:kms/keyHandle:KeyHandle": + return new KeyHandle(name, undefined, { urn }) case "gcp:kms/keyRing:KeyRing": return new KeyRing(name, undefined, { urn }) case "gcp:kms/keyRingIAMBinding:KeyRingIAMBinding": @@ -139,12 +153,14 @@ const _module = { } }, }; +pulumi.runtime.registerResourceModule("gcp", "kms/autokeyConfig", _module) pulumi.runtime.registerResourceModule("gcp", "kms/cryptoKey", _module) pulumi.runtime.registerResourceModule("gcp", "kms/cryptoKeyIAMBinding", _module) pulumi.runtime.registerResourceModule("gcp", "kms/cryptoKeyIAMMember", _module) pulumi.runtime.registerResourceModule("gcp", "kms/cryptoKeyIAMPolicy", _module) pulumi.runtime.registerResourceModule("gcp", "kms/cryptoKeyVersion", _module) pulumi.runtime.registerResourceModule("gcp", "kms/ekmConnection", _module) +pulumi.runtime.registerResourceModule("gcp", "kms/keyHandle", _module) pulumi.runtime.registerResourceModule("gcp", "kms/keyRing", _module) pulumi.runtime.registerResourceModule("gcp", "kms/keyRingIAMBinding", _module) pulumi.runtime.registerResourceModule("gcp", "kms/keyRingIAMMember", _module) diff --git a/sdk/nodejs/kms/keyHandle.ts b/sdk/nodejs/kms/keyHandle.ts new file mode 100644 index 0000000000..3dfb30b19f --- /dev/null +++ b/sdk/nodejs/kms/keyHandle.ts @@ -0,0 +1,274 @@ +// *** WARNING: this file was generated by the Pulumi Terraform Bridge (tfgen) Tool. *** +// *** Do not edit by hand unless you're certain you know what you are doing! *** + +import * as pulumi from "@pulumi/pulumi"; +import * as utilities from "../utilities"; + +/** + * ## Example Usage + * + * ### Kms Key Handle Basic + * + * ```typescript + * import * as pulumi from "@pulumi/pulumi"; + * import * as gcp from "@pulumi/gcp"; + * import * as time from "@pulumi/time"; + * + * // Create Folder in GCP Organization + * const autokmsFolder = new gcp.organizations.Folder("autokms_folder", { + * displayName: "folder-example", + * parent: "organizations/123456789", + * }); + * // Create the key project + * const keyProject = new gcp.organizations.Project("key_project", { + * projectId: "key-proj", + * name: "key-proj", + * folderId: autokmsFolder.folderId, + * billingAccount: "000000-0000000-0000000-000000", + * }, { + * dependsOn: [autokmsFolder], + * }); + * // Create the resource project + * const resourceProject = new gcp.organizations.Project("resource_project", { + * projectId: "resources", + * name: "resources", + * folderId: autokmsFolder.folderId, + * billingAccount: "000000-0000000-0000000-000000", + * }, { + * dependsOn: [autokmsFolder], + * }); + * // Enable the Cloud KMS API + * const kmsApiService = new gcp.projects.Service("kms_api_service", { + * service: "cloudkms.googleapis.com", + * project: keyProject.projectId, + * disableOnDestroy: false, + * disableDependentServices: true, + * }, { + * dependsOn: [keyProject], + * }); + * // Wait delay after enabling APIs + * const waitEnableServiceApi = new time.index.Sleep("wait_enable_service_api", {createDuration: "30s"}, { + * dependsOn: [kmsApiService], + * }); + * //Create KMS Service Agent + * const kmsServiceAgent = new gcp.projects.ServiceIdentity("kms_service_agent", { + * service: "cloudkms.googleapis.com", + * project: keyProject.number, + * }, { + * dependsOn: [waitEnableServiceApi], + * }); + * // Wait delay after creating service agent. + * const waitServiceAgent = new time.index.Sleep("wait_service_agent", {createDuration: "10s"}, { + * dependsOn: [kmsServiceAgent], + * }); + * //Grant the KMS Service Agent the Cloud KMS Admin role + * const autokeyProjectAdmin = new gcp.projects.IAMMember("autokey_project_admin", { + * project: keyProject.projectId, + * role: "roles/cloudkms.admin", + * member: pulumi.interpolate`serviceAccount:service-${keyProject.number}@gcp-sa-cloudkms.iam.gserviceaccount.com`, + * }, { + * dependsOn: [waitServiceAgent], + * }); + * // Wait delay after granting IAM permissions + * const waitSrvAccPermissions = new time.index.Sleep("wait_srv_acc_permissions", {createDuration: "10s"}, { + * dependsOn: [autokeyProjectAdmin], + * }); + * const autokeyConfig = new gcp.kms.AutokeyConfig("autokey_config", { + * folder: autokmsFolder.folderId, + * keyProject: pulumi.interpolate`projects/${keyProject.projectId}`, + * }, { + * dependsOn: [waitSrvAccPermissions], + * }); + * // Wait delay for autokey config to take effect + * const waitAutokeyConfig = new time.index.Sleep("wait_autokey_config", {createDuration: "10s"}, { + * dependsOn: [autokeyConfig], + * }); + * const example_keyhandle = new gcp.kms.KeyHandle("example-keyhandle", { + * project: resourceProject.projectId, + * name: "example-key-handle", + * location: "global", + * resourceTypeSelector: "storage.googleapis.com/Bucket", + * }, { + * dependsOn: [waitAutokeyConfig], + * }); + * ``` + * + * ## Import + * + * KeyHandle can be imported using any of these accepted formats: + * + * * `projects/{{project}}/locations/{{location}}/keyHandles/{{name}}` + * + * * `{{project}}/{{location}}/{{name}}` + * + * * `{{location}}/{{name}}` + * + * When using the `pulumi import` command, KeyHandle can be imported using one of the formats above. For example: + * + * ```sh + * $ pulumi import gcp:kms/keyHandle:KeyHandle default projects/{{project}}/locations/{{location}}/keyHandles/{{name}} + * ``` + * + * ```sh + * $ pulumi import gcp:kms/keyHandle:KeyHandle default {{project}}/{{location}}/{{name}} + * ``` + * + * ```sh + * $ pulumi import gcp:kms/keyHandle:KeyHandle default {{location}}/{{name}} + * ``` + */ +export class KeyHandle extends pulumi.CustomResource { + /** + * Get an existing KeyHandle resource's state with the given name, ID, and optional extra + * properties used to qualify the lookup. + * + * @param name The _unique_ name of the resulting resource. + * @param id The _unique_ provider ID of the resource to lookup. + * @param state Any extra arguments used during the lookup. + * @param opts Optional settings to control the behavior of the CustomResource. + */ + public static get(name: string, id: pulumi.Input, state?: KeyHandleState, opts?: pulumi.CustomResourceOptions): KeyHandle { + return new KeyHandle(name, state, { ...opts, id: id }); + } + + /** @internal */ + public static readonly __pulumiType = 'gcp:kms/keyHandle:KeyHandle'; + + /** + * Returns true if the given object is an instance of KeyHandle. This is designed to work even + * when multiple copies of the Pulumi SDK have been loaded into the same process. + */ + public static isInstance(obj: any): obj is KeyHandle { + if (obj === undefined || obj === null) { + return false; + } + return obj['__pulumiType'] === KeyHandle.__pulumiType; + } + + /** + * A reference to a Cloud KMS CryptoKey that can be used for CMEK in the requested + * product/project/location, for example + * `projects/1/locations/us-east1/keyRings/foo/cryptoKeys/bar-ffffff` + */ + public /*out*/ readonly kmsKey!: pulumi.Output; + /** + * The location for the KeyHandle. + * A full list of valid locations can be found by running `gcloud kms locations list`. + * + * + * - - - + */ + public readonly location!: pulumi.Output; + /** + * The resource name for the KeyHandle. + */ + public readonly name!: pulumi.Output; + /** + * The ID of the project in which the resource belongs. + * If it is not provided, the provider project is used. + */ + public readonly project!: pulumi.Output; + /** + * Selector of the resource type where we want to protect resources. + * For example, `storage.googleapis.com/Bucket OR compute.googleapis.com/*` + */ + public readonly resourceTypeSelector!: pulumi.Output; + + /** + * Create a KeyHandle resource with the given unique name, arguments, and options. + * + * @param name The _unique_ name of the resource. + * @param args The arguments to use to populate this resource's properties. + * @param opts A bag of options that control this resource's behavior. + */ + constructor(name: string, args: KeyHandleArgs, opts?: pulumi.CustomResourceOptions) + constructor(name: string, argsOrState?: KeyHandleArgs | KeyHandleState, opts?: pulumi.CustomResourceOptions) { + let resourceInputs: pulumi.Inputs = {}; + opts = opts || {}; + if (opts.id) { + const state = argsOrState as KeyHandleState | undefined; + resourceInputs["kmsKey"] = state ? state.kmsKey : undefined; + resourceInputs["location"] = state ? state.location : undefined; + resourceInputs["name"] = state ? state.name : undefined; + resourceInputs["project"] = state ? state.project : undefined; + resourceInputs["resourceTypeSelector"] = state ? state.resourceTypeSelector : undefined; + } else { + const args = argsOrState as KeyHandleArgs | undefined; + if ((!args || args.location === undefined) && !opts.urn) { + throw new Error("Missing required property 'location'"); + } + if ((!args || args.resourceTypeSelector === undefined) && !opts.urn) { + throw new Error("Missing required property 'resourceTypeSelector'"); + } + resourceInputs["location"] = args ? args.location : undefined; + resourceInputs["name"] = args ? args.name : undefined; + resourceInputs["project"] = args ? args.project : undefined; + resourceInputs["resourceTypeSelector"] = args ? args.resourceTypeSelector : undefined; + resourceInputs["kmsKey"] = undefined /*out*/; + } + opts = pulumi.mergeOptions(utilities.resourceOptsDefaults(), opts); + super(KeyHandle.__pulumiType, name, resourceInputs, opts); + } +} + +/** + * Input properties used for looking up and filtering KeyHandle resources. + */ +export interface KeyHandleState { + /** + * A reference to a Cloud KMS CryptoKey that can be used for CMEK in the requested + * product/project/location, for example + * `projects/1/locations/us-east1/keyRings/foo/cryptoKeys/bar-ffffff` + */ + kmsKey?: pulumi.Input; + /** + * The location for the KeyHandle. + * A full list of valid locations can be found by running `gcloud kms locations list`. + * + * + * - - - + */ + location?: pulumi.Input; + /** + * The resource name for the KeyHandle. + */ + name?: pulumi.Input; + /** + * The ID of the project in which the resource belongs. + * If it is not provided, the provider project is used. + */ + project?: pulumi.Input; + /** + * Selector of the resource type where we want to protect resources. + * For example, `storage.googleapis.com/Bucket OR compute.googleapis.com/*` + */ + resourceTypeSelector?: pulumi.Input; +} + +/** + * The set of arguments for constructing a KeyHandle resource. + */ +export interface KeyHandleArgs { + /** + * The location for the KeyHandle. + * A full list of valid locations can be found by running `gcloud kms locations list`. + * + * + * - - - + */ + location: pulumi.Input; + /** + * The resource name for the KeyHandle. + */ + name?: pulumi.Input; + /** + * The ID of the project in which the resource belongs. + * If it is not provided, the provider project is used. + */ + project?: pulumi.Input; + /** + * Selector of the resource type where we want to protect resources. + * For example, `storage.googleapis.com/Bucket OR compute.googleapis.com/*` + */ + resourceTypeSelector: pulumi.Input; +} diff --git a/sdk/nodejs/networkservices/index.ts b/sdk/nodejs/networkservices/index.ts index fe3a8ebe2f..9c7d673708 100644 --- a/sdk/nodejs/networkservices/index.ts +++ b/sdk/nodejs/networkservices/index.ts @@ -40,6 +40,11 @@ export type HttpRoute = import("./httpRoute").HttpRoute; export const HttpRoute: typeof import("./httpRoute").HttpRoute = null as any; utilities.lazyLoad(exports, ["HttpRoute"], () => require("./httpRoute")); +export { LbRouteExtensionArgs, LbRouteExtensionState } from "./lbRouteExtension"; +export type LbRouteExtension = import("./lbRouteExtension").LbRouteExtension; +export const LbRouteExtension: typeof import("./lbRouteExtension").LbRouteExtension = null as any; +utilities.lazyLoad(exports, ["LbRouteExtension"], () => require("./lbRouteExtension")); + export { LbTrafficExtensionArgs, LbTrafficExtensionState } from "./lbTrafficExtension"; export type LbTrafficExtension = import("./lbTrafficExtension").LbTrafficExtension; export const LbTrafficExtension: typeof import("./lbTrafficExtension").LbTrafficExtension = null as any; @@ -84,6 +89,8 @@ const _module = { return new GrpcRoute(name, undefined, { urn }) case "gcp:networkservices/httpRoute:HttpRoute": return new HttpRoute(name, undefined, { urn }) + case "gcp:networkservices/lbRouteExtension:LbRouteExtension": + return new LbRouteExtension(name, undefined, { urn }) case "gcp:networkservices/lbTrafficExtension:LbTrafficExtension": return new LbTrafficExtension(name, undefined, { urn }) case "gcp:networkservices/mesh:Mesh": @@ -106,6 +113,7 @@ pulumi.runtime.registerResourceModule("gcp", "networkservices/endpointPolicy", _ pulumi.runtime.registerResourceModule("gcp", "networkservices/gateway", _module) pulumi.runtime.registerResourceModule("gcp", "networkservices/grpcRoute", _module) pulumi.runtime.registerResourceModule("gcp", "networkservices/httpRoute", _module) +pulumi.runtime.registerResourceModule("gcp", "networkservices/lbRouteExtension", _module) pulumi.runtime.registerResourceModule("gcp", "networkservices/lbTrafficExtension", _module) pulumi.runtime.registerResourceModule("gcp", "networkservices/mesh", _module) pulumi.runtime.registerResourceModule("gcp", "networkservices/serviceBinding", _module) diff --git a/sdk/nodejs/networkservices/lbRouteExtension.ts b/sdk/nodejs/networkservices/lbRouteExtension.ts new file mode 100644 index 0000000000..af6763a455 --- /dev/null +++ b/sdk/nodejs/networkservices/lbRouteExtension.ts @@ -0,0 +1,273 @@ +// *** WARNING: this file was generated by the Pulumi Terraform Bridge (tfgen) Tool. *** +// *** Do not edit by hand unless you're certain you know what you are doing! *** + +import * as pulumi from "@pulumi/pulumi"; +import * as inputs from "../types/input"; +import * as outputs from "../types/output"; +import * as utilities from "../utilities"; + +/** + * LbRouteExtension is a resource that lets you control where traffic is routed to for a given request. + * + * To get more information about LbRouteExtension, see: + * + * * [API documentation](https://cloud.google.com/service-extensions/docs/reference/rest/v1beta1/projects.locations.lbRouteExtensions) + * * How-to Guides + * * [Configure a route extension](https://cloud.google.com/service-extensions/docs/configure-callout#configure_a_route_extension) + * + * ## Example Usage + * + * ## Import + * + * LbRouteExtension can be imported using any of these accepted formats: + * + * * `projects/{{project}}/locations/{{location}}/lbRouteExtensions/{{name}}` + * + * * `{{project}}/{{location}}/{{name}}` + * + * * `{{location}}/{{name}}` + * + * When using the `pulumi import` command, LbRouteExtension can be imported using one of the formats above. For example: + * + * ```sh + * $ pulumi import gcp:networkservices/lbRouteExtension:LbRouteExtension default projects/{{project}}/locations/{{location}}/lbRouteExtensions/{{name}} + * ``` + * + * ```sh + * $ pulumi import gcp:networkservices/lbRouteExtension:LbRouteExtension default {{project}}/{{location}}/{{name}} + * ``` + * + * ```sh + * $ pulumi import gcp:networkservices/lbRouteExtension:LbRouteExtension default {{location}}/{{name}} + * ``` + */ +export class LbRouteExtension extends pulumi.CustomResource { + /** + * Get an existing LbRouteExtension resource's state with the given name, ID, and optional extra + * properties used to qualify the lookup. + * + * @param name The _unique_ name of the resulting resource. + * @param id The _unique_ provider ID of the resource to lookup. + * @param state Any extra arguments used during the lookup. + * @param opts Optional settings to control the behavior of the CustomResource. + */ + public static get(name: string, id: pulumi.Input, state?: LbRouteExtensionState, opts?: pulumi.CustomResourceOptions): LbRouteExtension { + return new LbRouteExtension(name, state, { ...opts, id: id }); + } + + /** @internal */ + public static readonly __pulumiType = 'gcp:networkservices/lbRouteExtension:LbRouteExtension'; + + /** + * Returns true if the given object is an instance of LbRouteExtension. This is designed to work even + * when multiple copies of the Pulumi SDK have been loaded into the same process. + */ + public static isInstance(obj: any): obj is LbRouteExtension { + if (obj === undefined || obj === null) { + return false; + } + return obj['__pulumiType'] === LbRouteExtension.__pulumiType; + } + + /** + * A human-readable description of the resource. + */ + public readonly description!: pulumi.Output; + /** + * All of labels (key/value pairs) present on the resource in GCP, including the labels configured through Pulumi, other clients and services. + */ + public /*out*/ readonly effectiveLabels!: pulumi.Output<{[key: string]: string}>; + /** + * A set of ordered extension chains that contain the match conditions and extensions to execute. + * Match conditions for each extension chain are evaluated in sequence for a given request. + * The first extension chain that has a condition that matches the request is executed. + * Any subsequent extension chains do not execute. Limited to 5 extension chains per resource. + * Structure is documented below. + */ + public readonly extensionChains!: pulumi.Output; + /** + * A list of references to the forwarding rules to which this service extension is attached to. + * At least one forwarding rule is required. There can be only one LbRouteExtension resource per forwarding rule. + */ + public readonly forwardingRules!: pulumi.Output; + /** + * Set of labels associated with the LbRouteExtension resource. **Note**: This field is non-authoritative, and will only + * manage the labels present in your configuration. Please refer to the field 'effective_labels' for all of the labels + * present on the resource. + */ + public readonly labels!: pulumi.Output<{[key: string]: string} | undefined>; + /** + * All backend services and forwarding rules referenced by this extension must share the same load balancing scheme. + * For more information, refer to [Choosing a load balancer](https://cloud.google.com/load-balancing/docs/backend-service) and + * [Supported application load balancers](https://cloud.google.com/service-extensions/docs/callouts-overview#supported-lbs). + * Possible values are: `INTERNAL_MANAGED`, `EXTERNAL_MANAGED`. + */ + public readonly loadBalancingScheme!: pulumi.Output; + /** + * The location of the route extension + */ + public readonly location!: pulumi.Output; + /** + * Name of the LbRouteExtension resource in the following format: projects/{project}/locations/{location}/lbRouteExtensions/{lbRouteExtension} + */ + public readonly name!: pulumi.Output; + public readonly project!: pulumi.Output; + /** + * The combination of labels configured directly on the resource + * and default labels configured on the provider. + */ + public /*out*/ readonly pulumiLabels!: pulumi.Output<{[key: string]: string}>; + + /** + * Create a LbRouteExtension resource with the given unique name, arguments, and options. + * + * @param name The _unique_ name of the resource. + * @param args The arguments to use to populate this resource's properties. + * @param opts A bag of options that control this resource's behavior. + */ + constructor(name: string, args: LbRouteExtensionArgs, opts?: pulumi.CustomResourceOptions) + constructor(name: string, argsOrState?: LbRouteExtensionArgs | LbRouteExtensionState, opts?: pulumi.CustomResourceOptions) { + let resourceInputs: pulumi.Inputs = {}; + opts = opts || {}; + if (opts.id) { + const state = argsOrState as LbRouteExtensionState | undefined; + resourceInputs["description"] = state ? state.description : undefined; + resourceInputs["effectiveLabels"] = state ? state.effectiveLabels : undefined; + resourceInputs["extensionChains"] = state ? state.extensionChains : undefined; + resourceInputs["forwardingRules"] = state ? state.forwardingRules : undefined; + resourceInputs["labels"] = state ? state.labels : undefined; + resourceInputs["loadBalancingScheme"] = state ? state.loadBalancingScheme : undefined; + resourceInputs["location"] = state ? state.location : undefined; + resourceInputs["name"] = state ? state.name : undefined; + resourceInputs["project"] = state ? state.project : undefined; + resourceInputs["pulumiLabels"] = state ? state.pulumiLabels : undefined; + } else { + const args = argsOrState as LbRouteExtensionArgs | undefined; + if ((!args || args.extensionChains === undefined) && !opts.urn) { + throw new Error("Missing required property 'extensionChains'"); + } + if ((!args || args.forwardingRules === undefined) && !opts.urn) { + throw new Error("Missing required property 'forwardingRules'"); + } + if ((!args || args.loadBalancingScheme === undefined) && !opts.urn) { + throw new Error("Missing required property 'loadBalancingScheme'"); + } + if ((!args || args.location === undefined) && !opts.urn) { + throw new Error("Missing required property 'location'"); + } + resourceInputs["description"] = args ? args.description : undefined; + resourceInputs["extensionChains"] = args ? args.extensionChains : undefined; + resourceInputs["forwardingRules"] = args ? args.forwardingRules : undefined; + resourceInputs["labels"] = args ? args.labels : undefined; + resourceInputs["loadBalancingScheme"] = args ? args.loadBalancingScheme : undefined; + resourceInputs["location"] = args ? args.location : undefined; + resourceInputs["name"] = args ? args.name : undefined; + resourceInputs["project"] = args ? args.project : undefined; + resourceInputs["effectiveLabels"] = undefined /*out*/; + resourceInputs["pulumiLabels"] = undefined /*out*/; + } + opts = pulumi.mergeOptions(utilities.resourceOptsDefaults(), opts); + const secretOpts = { additionalSecretOutputs: ["effectiveLabels", "pulumiLabels"] }; + opts = pulumi.mergeOptions(opts, secretOpts); + super(LbRouteExtension.__pulumiType, name, resourceInputs, opts); + } +} + +/** + * Input properties used for looking up and filtering LbRouteExtension resources. + */ +export interface LbRouteExtensionState { + /** + * A human-readable description of the resource. + */ + description?: pulumi.Input; + /** + * All of labels (key/value pairs) present on the resource in GCP, including the labels configured through Pulumi, other clients and services. + */ + effectiveLabels?: pulumi.Input<{[key: string]: pulumi.Input}>; + /** + * A set of ordered extension chains that contain the match conditions and extensions to execute. + * Match conditions for each extension chain are evaluated in sequence for a given request. + * The first extension chain that has a condition that matches the request is executed. + * Any subsequent extension chains do not execute. Limited to 5 extension chains per resource. + * Structure is documented below. + */ + extensionChains?: pulumi.Input[]>; + /** + * A list of references to the forwarding rules to which this service extension is attached to. + * At least one forwarding rule is required. There can be only one LbRouteExtension resource per forwarding rule. + */ + forwardingRules?: pulumi.Input[]>; + /** + * Set of labels associated with the LbRouteExtension resource. **Note**: This field is non-authoritative, and will only + * manage the labels present in your configuration. Please refer to the field 'effective_labels' for all of the labels + * present on the resource. + */ + labels?: pulumi.Input<{[key: string]: pulumi.Input}>; + /** + * All backend services and forwarding rules referenced by this extension must share the same load balancing scheme. + * For more information, refer to [Choosing a load balancer](https://cloud.google.com/load-balancing/docs/backend-service) and + * [Supported application load balancers](https://cloud.google.com/service-extensions/docs/callouts-overview#supported-lbs). + * Possible values are: `INTERNAL_MANAGED`, `EXTERNAL_MANAGED`. + */ + loadBalancingScheme?: pulumi.Input; + /** + * The location of the route extension + */ + location?: pulumi.Input; + /** + * Name of the LbRouteExtension resource in the following format: projects/{project}/locations/{location}/lbRouteExtensions/{lbRouteExtension} + */ + name?: pulumi.Input; + project?: pulumi.Input; + /** + * The combination of labels configured directly on the resource + * and default labels configured on the provider. + */ + pulumiLabels?: pulumi.Input<{[key: string]: pulumi.Input}>; +} + +/** + * The set of arguments for constructing a LbRouteExtension resource. + */ +export interface LbRouteExtensionArgs { + /** + * A human-readable description of the resource. + */ + description?: pulumi.Input; + /** + * A set of ordered extension chains that contain the match conditions and extensions to execute. + * Match conditions for each extension chain are evaluated in sequence for a given request. + * The first extension chain that has a condition that matches the request is executed. + * Any subsequent extension chains do not execute. Limited to 5 extension chains per resource. + * Structure is documented below. + */ + extensionChains: pulumi.Input[]>; + /** + * A list of references to the forwarding rules to which this service extension is attached to. + * At least one forwarding rule is required. There can be only one LbRouteExtension resource per forwarding rule. + */ + forwardingRules: pulumi.Input[]>; + /** + * Set of labels associated with the LbRouteExtension resource. **Note**: This field is non-authoritative, and will only + * manage the labels present in your configuration. Please refer to the field 'effective_labels' for all of the labels + * present on the resource. + */ + labels?: pulumi.Input<{[key: string]: pulumi.Input}>; + /** + * All backend services and forwarding rules referenced by this extension must share the same load balancing scheme. + * For more information, refer to [Choosing a load balancer](https://cloud.google.com/load-balancing/docs/backend-service) and + * [Supported application load balancers](https://cloud.google.com/service-extensions/docs/callouts-overview#supported-lbs). + * Possible values are: `INTERNAL_MANAGED`, `EXTERNAL_MANAGED`. + */ + loadBalancingScheme: pulumi.Input; + /** + * The location of the route extension + */ + location: pulumi.Input; + /** + * Name of the LbRouteExtension resource in the following format: projects/{project}/locations/{location}/lbRouteExtensions/{lbRouteExtension} + */ + name?: pulumi.Input; + project?: pulumi.Input; +} diff --git a/sdk/nodejs/networkservices/lbTrafficExtension.ts b/sdk/nodejs/networkservices/lbTrafficExtension.ts index fd76cee5b9..7570b25dc5 100644 --- a/sdk/nodejs/networkservices/lbTrafficExtension.ts +++ b/sdk/nodejs/networkservices/lbTrafficExtension.ts @@ -98,8 +98,10 @@ export class LbTrafficExtension extends pulumi.CustomResource { public readonly labels!: pulumi.Output<{[key: string]: string} | undefined>; /** * All backend services and forwarding rules referenced by this extension must share the same load balancing scheme. For - * more information, refer to Choosing a load balancer. Possible values: ["LOAD_BALANCING_SCHEME_UNSPECIFIED", - * "INTERNAL_MANAGED", "EXTERNAL_MANAGED"] + * more information, refer to [Choosing a load balancer](https://cloud.google.com/load-balancing/docs/backend-service) and + * [Supported application load + * balancers](https://cloud.google.com/service-extensions/docs/callouts-overview#supported-lbs). Possible values: + * ["INTERNAL_MANAGED", "EXTERNAL_MANAGED"] */ public readonly loadBalancingScheme!: pulumi.Output; /** @@ -202,8 +204,10 @@ export interface LbTrafficExtensionState { labels?: pulumi.Input<{[key: string]: pulumi.Input}>; /** * All backend services and forwarding rules referenced by this extension must share the same load balancing scheme. For - * more information, refer to Choosing a load balancer. Possible values: ["LOAD_BALANCING_SCHEME_UNSPECIFIED", - * "INTERNAL_MANAGED", "EXTERNAL_MANAGED"] + * more information, refer to [Choosing a load balancer](https://cloud.google.com/load-balancing/docs/backend-service) and + * [Supported application load + * balancers](https://cloud.google.com/service-extensions/docs/callouts-overview#supported-lbs). Possible values: + * ["INTERNAL_MANAGED", "EXTERNAL_MANAGED"] */ loadBalancingScheme?: pulumi.Input; /** @@ -251,8 +255,10 @@ export interface LbTrafficExtensionArgs { labels?: pulumi.Input<{[key: string]: pulumi.Input}>; /** * All backend services and forwarding rules referenced by this extension must share the same load balancing scheme. For - * more information, refer to Choosing a load balancer. Possible values: ["LOAD_BALANCING_SCHEME_UNSPECIFIED", - * "INTERNAL_MANAGED", "EXTERNAL_MANAGED"] + * more information, refer to [Choosing a load balancer](https://cloud.google.com/load-balancing/docs/backend-service) and + * [Supported application load + * balancers](https://cloud.google.com/service-extensions/docs/callouts-overview#supported-lbs). Possible values: + * ["INTERNAL_MANAGED", "EXTERNAL_MANAGED"] */ loadBalancingScheme?: pulumi.Input; /** diff --git a/sdk/nodejs/orgpolicy/policy.ts b/sdk/nodejs/orgpolicy/policy.ts index efe10ae518..9ad6b3f3b0 100644 --- a/sdk/nodejs/orgpolicy/policy.ts +++ b/sdk/nodejs/orgpolicy/policy.ts @@ -112,7 +112,7 @@ import * as utilities from "../utilities"; * import * as gcp from "@pulumi/gcp"; * * const constraint = new gcp.orgpolicy.CustomConstraint("constraint", { - * name: "custom.disableGkeAutoUpgrade_87786", + * name: "custom.disableGkeAutoUpgrade_2067", * parent: "organizations/123456789", * displayName: "Disable GKE auto upgrade", * description: "Only allow GKE NodePool resource to be created or updated if AutoUpgrade is not enabled where this custom constraint is enforced.", diff --git a/sdk/nodejs/pubsub/subscription.ts b/sdk/nodejs/pubsub/subscription.ts index 1ab6a4f631..dfba071d1c 100644 --- a/sdk/nodejs/pubsub/subscription.ts +++ b/sdk/nodejs/pubsub/subscription.ts @@ -202,7 +202,8 @@ import * as utilities from "../utilities"; * cloudStorageConfig: { * bucket: example.name, * filenamePrefix: "pre-", - * filenameSuffix: "-_2067", + * filenameSuffix: "-_40785", + * filenameDatetimeFormat: "YYYY-MM-DD/hh_mm_ssZ", * maxBytes: 1000, * maxDuration: "300s", * }, @@ -237,7 +238,8 @@ import * as utilities from "../utilities"; * cloudStorageConfig: { * bucket: example.name, * filenamePrefix: "pre-", - * filenameSuffix: "-_40785", + * filenameSuffix: "-_79169", + * filenameDatetimeFormat: "YYYY-MM-DD/hh_mm_ssZ", * maxBytes: 1000, * maxDuration: "300s", * avroConfig: { diff --git a/sdk/nodejs/sql/user.ts b/sdk/nodejs/sql/user.ts index 80fcf02b0f..21bd47c691 100644 --- a/sdk/nodejs/sql/user.ts +++ b/sdk/nodejs/sql/user.ts @@ -49,7 +49,7 @@ import * as utilities from "../utilities"; * settings: { * tier: "db-f1-micro", * databaseFlags: [{ - * name: "cloudsql.iam_authentication", + * name: "cloudsql_iam_authentication", * value: "on", * }], * }, @@ -83,7 +83,7 @@ import * as utilities from "../utilities"; * settings: { * tier: "db-f1-micro", * databaseFlags: [{ - * name: "cloudsql.iam_authentication", + * name: "cloudsql_iam_authentication", * value: "on", * }], * }, diff --git a/sdk/nodejs/tsconfig.json b/sdk/nodejs/tsconfig.json index c9bfee020c..e2e4ca8be4 100644 --- a/sdk/nodejs/tsconfig.json +++ b/sdk/nodejs/tsconfig.json @@ -404,6 +404,7 @@ "compute/getSnapshotIamPolicy.ts", "compute/getSubnetwork.ts", "compute/getSubnetworkIamPolicy.ts", + "compute/getSubnetworks.ts", "compute/getVPNGateway.ts", "compute/getZones.ts", "compute/globalAddress.ts", @@ -598,6 +599,10 @@ "dataloss/preventionInspectTemplate.ts", "dataloss/preventionJobTrigger.ts", "dataloss/preventionStoredInfoType.ts", + "dataplex/aspectType.ts", + "dataplex/aspectTypeIamBinding.ts", + "dataplex/aspectTypeIamMember.ts", + "dataplex/aspectTypeIamPolicy.ts", "dataplex/asset.ts", "dataplex/assetIamBinding.ts", "dataplex/assetIamMember.ts", @@ -606,8 +611,14 @@ "dataplex/datascanIamBinding.ts", "dataplex/datascanIamMember.ts", "dataplex/datascanIamPolicy.ts", + "dataplex/entryGroup.ts", + "dataplex/entryGroupIamBinding.ts", + "dataplex/entryGroupIamMember.ts", + "dataplex/entryGroupIamPolicy.ts", + "dataplex/getAspectTypeIamPolicy.ts", "dataplex/getAssetIamPolicy.ts", "dataplex/getDatascanIamPolicy.ts", + "dataplex/getEntryGroupIamPolicy.ts", "dataplex/getLakeIamPolicy.ts", "dataplex/getTaskIamPolicy.ts", "dataplex/getZoneIamPolicy.ts", @@ -907,6 +918,7 @@ "integrationconnectors/endpointAttachment.ts", "integrationconnectors/index.ts", "integrationconnectors/managedZone.ts", + "kms/autokeyConfig.ts", "kms/cryptoKey.ts", "kms/cryptoKeyIAMBinding.ts", "kms/cryptoKeyIAMMember.ts", @@ -922,6 +934,7 @@ "kms/getKMSSecretCiphertext.ts", "kms/getKeyRingIamPolicy.ts", "kms/index.ts", + "kms/keyHandle.ts", "kms/keyRing.ts", "kms/keyRingIAMBinding.ts", "kms/keyRingIAMMember.ts", @@ -1021,6 +1034,7 @@ "networkservices/grpcRoute.ts", "networkservices/httpRoute.ts", "networkservices/index.ts", + "networkservices/lbRouteExtension.ts", "networkservices/lbTrafficExtension.ts", "networkservices/mesh.ts", "networkservices/serviceBinding.ts", diff --git a/sdk/nodejs/types/input.ts b/sdk/nodejs/types/input.ts index 5f587e7e1f..7eaa11a389 100644 --- a/sdk/nodejs/types/input.ts +++ b/sdk/nodejs/types/input.ts @@ -3255,6 +3255,11 @@ export namespace appengine { * List of ports, or port pairs, to forward from the virtual machine to the application container. */ forwardedPorts?: pulumi.Input[]>; + /** + * Prevent instances from receiving an ephemeral external IP address. + * Possible values are: `EXTERNAL`, `INTERNAL`. + */ + instanceIpMode?: pulumi.Input; /** * Tag to apply to the instance during creation. */ @@ -5915,6 +5920,11 @@ export namespace bigquery { * "AVRO". Structure is documented below. */ avroOptions?: pulumi.Input; + /** + * Additional properties to set if + * `sourceFormat` is set to "BIGTABLE". Structure is documented below. + */ + bigtableOptions?: pulumi.Input; /** * The compression type of the data source. * Valid values are "NONE" or "GZIP". @@ -6036,6 +6046,75 @@ export namespace bigquery { useAvroLogicalTypes: pulumi.Input; } + export interface TableExternalDataConfigurationBigtableOptions { + /** + * A list of column families to expose in the table schema along with their types. This list restricts the column families that can be referenced in queries and specifies their value types. You can use this list to do type conversions - see the 'type' field for more details. If you leave this list empty, all column families are present in the table schema and their values are read as BYTES. During a query only the column families referenced in that query are read from Bigtable. Structure is documented below. + */ + columnFamilies?: pulumi.Input[]>; + /** + * If field is true, then the column families that are not specified in columnFamilies list are not exposed in the table schema. Otherwise, they are read with BYTES type values. The default value is false. + */ + ignoreUnspecifiedColumnFamilies?: pulumi.Input; + /** + * If field is true, then each column family will be read as a single JSON column. Otherwise they are read as a repeated cell structure containing timestamp/value tuples. The default value is false. + */ + outputColumnFamiliesAsJson?: pulumi.Input; + /** + * If field is true, then the rowkey column families will be read and converted to string. Otherwise they are read with BYTES type values and users need to manually cast them with CAST if necessary. The default value is false. + */ + readRowkeyAsString?: pulumi.Input; + } + + export interface TableExternalDataConfigurationBigtableOptionsColumnFamily { + /** + * A List of columns that should be exposed as individual fields as opposed to a list of (column name, value) pairs. All columns whose qualifier matches a qualifier in this list can be accessed as Other columns can be accessed as a list through column field. Structure is documented below. + */ + columns?: pulumi.Input[]>; + /** + * The encoding of the values when the type is not STRING. Acceptable encoding values are: TEXT - indicates values are alphanumeric text strings. BINARY - indicates values are encoded using HBase Bytes.toBytes family of functions. This can be overridden for a specific column by listing that column in 'columns' and specifying an encoding for it. + */ + encoding?: pulumi.Input; + /** + * Identifier of the column family. + */ + familyId?: pulumi.Input; + /** + * If this is set only the latest version of value are exposed for all columns in this column family. This can be overridden for a specific column by listing that column in 'columns' and specifying a different setting for that column. + */ + onlyReadLatest?: pulumi.Input; + /** + * The type to convert the value in cells of this column family. The values are expected to be encoded using HBase Bytes.toBytes function when using the BINARY encoding value. Following BigQuery types are allowed (case-sensitive): "BYTES", "STRING", "INTEGER", "FLOAT", "BOOLEAN", "JSON". Default type is BYTES. This can be overridden for a specific column by listing that column in 'columns' and specifying a type for it. + */ + type?: pulumi.Input; + } + + export interface TableExternalDataConfigurationBigtableOptionsColumnFamilyColumn { + /** + * The encoding of the values when the type is not STRING. Acceptable encoding values are: TEXT - indicates values are alphanumeric text strings. BINARY - indicates values are encoded using HBase Bytes.toBytes family of functions. 'encoding' can also be set at the column family level. However, the setting at this level takes precedence if 'encoding' is set at both levels. + */ + encoding?: pulumi.Input; + /** + * If the qualifier is not a valid BigQuery field identifier i.e. does not match [a-zA-Z][a-zA-Z0-9_]*, a valid identifier must be provided as the column field name and is used as field name in queries. + */ + fieldName?: pulumi.Input; + /** + * If this is set, only the latest version of value in this column are exposed. 'onlyReadLatest' can also be set at the column family level. However, the setting at this level takes precedence if 'onlyReadLatest' is set at both levels. + */ + onlyReadLatest?: pulumi.Input; + /** + * Qualifier of the column. Columns in the parent column family that has this exact qualifier are exposed as . field. If the qualifier is valid UTF-8 string, it can be specified in the qualifierString field. Otherwise, a base-64 encoded value must be set to qualifierEncoded. The column field name is the same as the column qualifier. However, if the qualifier is not a valid BigQuery field identifier i.e. does not match [a-zA-Z][a-zA-Z0-9_]*, a valid identifier must be provided as fieldName. + */ + qualifierEncoded?: pulumi.Input; + /** + * Qualifier string. + */ + qualifierString?: pulumi.Input; + /** + * The type to convert the value in cells of this column. The values are expected to be encoded using HBase Bytes.toBytes function when using the BINARY encoding value. Following BigQuery types are allowed (case-sensitive): "BYTES", "STRING", "INTEGER", "FLOAT", "BOOLEAN", "JSON", Default type is "BYTES". 'type' can also be set at the column family level. However, the setting at this level takes precedence if 'type' is set at both levels. + */ + type?: pulumi.Input; + } + export interface TableExternalDataConfigurationCsvOptions { /** * Indicates if BigQuery should accept rows @@ -6263,7 +6342,8 @@ export namespace bigquery { export interface TableTableReplicationInfo { /** - * The interval at which the source materialized view is polled for updates. The default is 300000. + * The interval at which the source + * materialized view is polled for updates. The default is 300000. */ replicationIntervalMs?: pulumi.Input; /** @@ -12665,6 +12745,13 @@ export namespace cloudrun { * Volume's name. */ name: pulumi.Input; + /** + * A filesystem backed by a Network File System share. This filesystem requires the + * run.googleapis.com/execution-environment annotation to be set to "gen2" and + * run.googleapis.com/launch-stage set to "BETA" or "ALPHA". + * Structure is documented below. + */ + nfs?: pulumi.Input; /** * The secret's value will be presented as the content of a file whose * name is defined in the item path. If no items are defined, the name of @@ -12690,8 +12777,6 @@ export namespace cloudrun { * Driver-specific attributes. The following options are supported for available drivers: * * gcsfuse.run.googleapis.com * * bucketName: The name of the Cloud Storage Bucket that backs this volume. The Cloud Run Service identity must have access to this bucket. - * - * - - - */ volumeAttributes?: pulumi.Input<{[key: string]: pulumi.Input}>; } @@ -12707,6 +12792,23 @@ export namespace cloudrun { sizeLimit?: pulumi.Input; } + export interface ServiceTemplateSpecVolumeNfs { + /** + * Path exported by the NFS server + */ + path: pulumi.Input; + /** + * If true, mount the NFS volume as read only in all mounts. Defaults to false. + * + * - - - + */ + readOnly?: pulumi.Input; + /** + * IP address or hostname of the NFS server + */ + server: pulumi.Input; + } + export interface ServiceTemplateSpecVolumeSecret { /** * Mode bits to use on created files by default. Must be a value between 0000 @@ -16843,6 +16945,10 @@ export namespace compute { * Describes maintenance behavior for the instance. One of MIGRATE or TERMINATE, */ onHostMaintenance?: pulumi.Input; + /** + * Defines the behaviour for instances with the instance_termination_action. + */ + onInstanceStopAction?: pulumi.Input; /** * Whether the instance is preemptible. */ @@ -16889,6 +16995,13 @@ export namespace compute { values: pulumi.Input[]>; } + export interface InstanceFromMachineImageSchedulingOnInstanceStopAction { + /** + * If true, the contents of any attached Local SSD disks will be discarded. + */ + discardLocalSsd?: pulumi.Input; + } + export interface InstanceFromMachineImageScratchDisk { /** * Name with which the attached disk is accessible under /dev/disk/by-id/ @@ -17261,6 +17374,10 @@ export namespace compute { * Describes maintenance behavior for the instance. One of MIGRATE or TERMINATE, */ onHostMaintenance?: pulumi.Input; + /** + * Defines the behaviour for instances with the instance_termination_action. + */ + onInstanceStopAction?: pulumi.Input; /** * Whether the instance is preemptible. */ @@ -17307,6 +17424,13 @@ export namespace compute { values: pulumi.Input[]>; } + export interface InstanceFromTemplateSchedulingOnInstanceStopAction { + /** + * If true, the contents of any attached Local SSD disks will be discarded. + */ + discardLocalSsd?: pulumi.Input; + } + export interface InstanceFromTemplateScratchDisk { /** * Name with which the attached disk is accessible under /dev/disk/by-id/ @@ -17837,8 +17961,7 @@ export namespace compute { */ maintenanceInterval?: pulumi.Input; /** - * The duration of the instance. Instance will run and be terminated after then, the termination action could be defined in `instanceTerminationAction`. Only support `DELETE` `instanceTerminationAction` at this point. Structure is documented below. - * The `maxRunDuration` block supports: + * The duration of the instance. Instance will run and be terminated after then, the termination action could be defined in `instanceTerminationAction`. Structure is documented below. */ maxRunDuration?: pulumi.Input; /** @@ -17859,6 +17982,10 @@ export namespace compute { * [here](https://cloud.google.com/compute/docs/instances/setting-instance-scheduling-options). */ onHostMaintenance?: pulumi.Input; + /** + * Specifies the action to be performed when the instance is terminated using `maxRunDuration` and `STOP` `instanceTerminationAction`. Only support `true` `discardLocalSsd` at this point. Structure is documented below. + */ + onInstanceStopAction?: pulumi.Input; /** * Specifies if the instance is preemptible. * If this field is set to true, then `automaticRestart` must be @@ -17892,14 +18019,15 @@ export namespace compute { export interface InstanceSchedulingMaxRunDuration { /** * Span of time that's a fraction of a second at nanosecond - * resolution. Durations less than one second are represented - * with a 0 seconds field and a positive nanos field. Must - * be from 0 to 999,999,999 inclusive. + * resolution. Durations less than one second are represented with a 0 + * `seconds` field and a positive `nanos` field. Must be from 0 to + * 999,999,999 inclusive. */ nanos?: pulumi.Input; /** - * Span of time at a resolution of a second. - * Must be from 0 to 315,576,000,000 inclusive. + * Span of time at a resolution of a second. Must be from 0 to + * 315,576,000,000 inclusive. Note: these bounds are computed from: 60 + * sec/min * 60 min/hr * 24 hr/day * 365.25 days/year * 10000 years. */ seconds: pulumi.Input; } @@ -17920,6 +18048,13 @@ export namespace compute { values: pulumi.Input[]>; } + export interface InstanceSchedulingOnInstanceStopAction { + /** + * Whether to discard local SSDs attached to the VM while terminating using `maxRunDuration`. Only supports `true` at this point. + */ + discardLocalSsd?: pulumi.Input; + } + export interface InstanceScratchDisk { /** * Name with which the attached disk is accessible under /dev/disk/by-id/ @@ -18359,8 +18494,7 @@ export namespace compute { */ maintenanceInterval?: pulumi.Input; /** - * The duration of the instance. Instance will run and be terminated after then, the termination action could be defined in `instanceTerminationAction`. Only support `DELETE` `instanceTerminationAction` at this point. Structure is documented below. - * The `maxRunDuration` block supports: + * The duration of the instance. Instance will run and be terminated after then, the termination action could be defined in `instanceTerminationAction`. Structure is documented below. */ maxRunDuration?: pulumi.Input; /** @@ -18380,6 +18514,10 @@ export namespace compute { * instance. */ onHostMaintenance?: pulumi.Input; + /** + * Specifies the action to be performed when the instance is terminated using `maxRunDuration` and `STOP` `instanceTerminationAction`. Only support `true` `discardLocalSsd` at this point. Structure is documented below. + */ + onInstanceStopAction?: pulumi.Input; /** * Allows instance to be preempted. This defaults to * false. Read more on this @@ -18413,14 +18551,15 @@ export namespace compute { export interface InstanceTemplateSchedulingMaxRunDuration { /** * Span of time that's a fraction of a second at nanosecond - * resolution. Durations less than one second are represented - * with a 0 seconds field and a positive nanos field. Must - * be from 0 to 999,999,999 inclusive. + * resolution. Durations less than one second are represented with a 0 + * `seconds` field and a positive `nanos` field. Must be from 0 to + * 999,999,999 inclusive. */ nanos?: pulumi.Input; /** - * Span of time at a resolution of a second. - * Must be from 0 to 315,576,000,000 inclusive. + * Span of time at a resolution of a second. Must be from 0 to + * 315,576,000,000 inclusive. Note: these bounds are computed from: 60 + * sec/min * 60 min/hr * 24 hr/day * 365.25 days/year * 10000 years. */ seconds: pulumi.Input; } @@ -18438,6 +18577,13 @@ export namespace compute { values: pulumi.Input[]>; } + export interface InstanceTemplateSchedulingOnInstanceStopAction { + /** + * Whether to discard local SSDs attached to the VM while terminating using `maxRunDuration`. Only supports `true` at this point. + */ + discardLocalSsd?: pulumi.Input; + } + export interface InstanceTemplateServiceAccount { /** * The service account e-mail address. If not given, the @@ -20939,6 +21085,10 @@ export namespace compute { * instance. */ onHostMaintenance?: pulumi.Input; + /** + * Defines the behaviour for instances with the instance_termination_action. + */ + onInstanceStopAction?: pulumi.Input; /** * Allows instance to be preempted. This defaults to * false. Read more on this @@ -20998,6 +21148,13 @@ export namespace compute { values: pulumi.Input[]>; } + export interface RegionInstanceTemplateSchedulingOnInstanceStopAction { + /** + * If true, the contents of any attached Local SSD disks will be discarded. + */ + discardLocalSsd?: pulumi.Input; + } + export interface RegionInstanceTemplateServiceAccount { /** * The service account e-mail address. If not given, the @@ -23758,6 +23915,7 @@ export namespace compute { * Whether or not to JSON parse the payload body. Defaults to `DISABLED`. * * `DISABLED` - Don't parse JSON payloads in POST bodies. * * `STANDARD` - Parse JSON payloads in POST bodies. + * * `STANDARD_WITH_GRAPHQL` - Parse JSON and GraphQL payloads in POST bodies. */ jsonParsing?: pulumi.Input; /** @@ -23999,115 +24157,121 @@ export namespace compute { export interface SecurityPolicyRuleRateLimitOptions { /** - * Can only be specified if the `action` for the rule is `rateBasedBan`. + * Can only be specified if the action for the rule is "rateBasedBan". * If specified, determines the time (in seconds) the traffic will continue to be banned by the rate limit after the rate falls below the threshold. */ banDurationSec?: pulumi.Input; /** - * Can only be specified if the `action` for the rule is `rateBasedBan`. - * If specified, the key will be banned for the configured `banDurationSec` when the number of requests that exceed the `rateLimitThreshold` also - * exceed this `banThreshold`. Structure is documented below. + * Can only be specified if the action for the rule is "rateBasedBan". + * If specified, the key will be banned for the configured 'banDurationSec' when the number of requests that exceed the 'rateLimitThreshold' also exceed this 'banThreshold'. + * Structure is documented below. */ banThreshold?: pulumi.Input; /** - * Action to take for requests that are under the configured rate limit threshold. Valid option is `allow` only. + * Action to take for requests that are under the configured rate limit threshold. + * Valid option is "allow" only. */ - conformAction: pulumi.Input; + conformAction?: pulumi.Input; /** - * Determines the key to enforce the rateLimitThreshold on. If not specified, defaults to `ALL`. - * - * * `ALL`: A single rate limit threshold is applied to all the requests matching this rule. - * * `IP`: The source IP address of the request is the key. Each IP has this limit enforced separately. - * * `HTTP_HEADER`: The value of the HTTP header whose name is configured under `enforceOnKeyName`. The key value is truncated to the first 128 bytes of the header value. If no such header is present in the request, the key type defaults to `ALL`. - * * `XFF_IP`: The first IP address (i.e. the originating client IP address) specified in the list of IPs under `X-Forwarded-For` HTTP header. If no such header is present or the value is not a valid IP, the key type defaults to `ALL`. - * * `HTTP_COOKIE`: The value of the HTTP cookie whose name is configured under `enforceOnKeyName`. The key value is truncated to the first 128 bytes of the cookie value. If no such cookie is present in the request, the key type defaults to `ALL`. - * * `HTTP_PATH`: The URL path of the HTTP request. The key value is truncated to the first 128 bytes - * * `SNI`: Server name indication in the TLS session of the HTTPS request. The key value is truncated to the first 128 bytes. The key type defaults to `ALL` on a HTTP session. - * * `REGION_CODE`: The country/region from which the request originates. + * Determines the key to enforce the rateLimitThreshold on. Possible values are: + * * ALL: A single rate limit threshold is applied to all the requests matching this rule. This is the default value if "enforceOnKey" is not configured. + * * IP: The source IP address of the request is the key. Each IP has this limit enforced separately. + * * HTTP_HEADER: The value of the HTTP header whose name is configured under "enforceOnKeyName". The key value is truncated to the first 128 bytes of the header value. If no such header is present in the request, the key type defaults to ALL. + * * XFF_IP: The first IP address (i.e. the originating client IP address) specified in the list of IPs under X-Forwarded-For HTTP header. If no such header is present or the value is not a valid IP, the key defaults to the source IP address of the request i.e. key type IP. + * * HTTP_COOKIE: The value of the HTTP cookie whose name is configured under "enforceOnKeyName". The key value is truncated to the first 128 bytes of the cookie value. If no such cookie is present in the request, the key type defaults to ALL. + * * HTTP_PATH: The URL path of the HTTP request. The key value is truncated to the first 128 bytes. + * * SNI: Server name indication in the TLS session of the HTTPS request. The key value is truncated to the first 128 bytes. The key type defaults to ALL on a HTTP session. + * * REGION_CODE: The country/region from which the request originates. + * * TLS_JA3_FINGERPRINT: JA3 TLS/SSL fingerprint if the client connects using HTTPS, HTTP/2 or HTTP/3. If not available, the key type defaults to ALL. + * * USER_IP: The IP address of the originating client, which is resolved based on "userIpRequestHeaders" configured with the security policy. If there is no "userIpRequestHeaders" configuration or an IP address cannot be resolved from it, the key type defaults to IP. + * Possible values are: `ALL`, `IP`, `HTTP_HEADER`, `XFF_IP`, `HTTP_COOKIE`, `HTTP_PATH`, `SNI`, `REGION_CODE`, `TLS_JA3_FINGERPRINT`, `USER_IP`. */ enforceOnKey?: pulumi.Input; /** - * If specified, any combination of values of enforce_on_key_type/enforce_on_key_name is treated as the key on which rate limit threshold/action is enforced. You can specify up to 3 enforce_on_key_configs. If `enforceOnKeyConfigs` is specified, `enforceOnKey` must be set to an empty string. Structure is documented below. - * - * **Note:** To avoid the conflict between `enforceOnKey` and `enforceOnKeyConfigs`, the field `enforceOnKey` needs to be set to an empty string. + * If specified, any combination of values of enforceOnKeyType/enforceOnKeyName is treated as the key on which ratelimit threshold/action is enforced. + * You can specify up to 3 enforceOnKeyConfigs. + * If enforceOnKeyConfigs is specified, enforceOnKey must not be specified. + * Structure is documented below. */ enforceOnKeyConfigs?: pulumi.Input[]>; /** * Rate limit key name applicable only for the following key types: - * - * * `HTTP_HEADER` -- Name of the HTTP header whose value is taken as the key value. - * * `HTTP_COOKIE` -- Name of the HTTP cookie whose value is taken as the key value. + * HTTP_HEADER -- Name of the HTTP header whose value is taken as the key value. + * HTTP_COOKIE -- Name of the HTTP cookie whose value is taken as the key value. */ enforceOnKeyName?: pulumi.Input; /** - * When a request is denied, returns the HTTP response code specified. - * Valid options are `deny()` where valid values for status are 403, 404, 429, and 502. + * Action to take for requests that are above the configured rate limit threshold, to either deny with a specified HTTP response code, or redirect to a different endpoint. + * Valid options are deny(STATUS), where valid values for STATUS are 403, 404, 429, and 502. */ - exceedAction: pulumi.Input; + exceedAction?: pulumi.Input; /** - * Parameters defining the redirect action that is used as the exceed action. Cannot be specified if the exceed action is not redirect. + * Parameters defining the redirect action that is used as the exceed action. Cannot be specified if the exceed action is not redirect. This field is only supported in Global Security Policies of type CLOUD_ARMOR. + * Structure is documented below. */ exceedRedirectOptions?: pulumi.Input; /** - * Threshold at which to begin ratelimiting. Structure is documented below. + * Threshold at which to begin ratelimiting. + * Structure is documented below. */ - rateLimitThreshold: pulumi.Input; + rateLimitThreshold?: pulumi.Input; } export interface SecurityPolicyRuleRateLimitOptionsBanThreshold { /** * Number of HTTP(S) requests for calculating the threshold. */ - count: pulumi.Input; + count?: pulumi.Input; /** * Interval over which the threshold is computed. */ - intervalSec: pulumi.Input; + intervalSec?: pulumi.Input; } export interface SecurityPolicyRuleRateLimitOptionsEnforceOnKeyConfig { /** * Rate limit key name applicable only for the following key types: - * - * * `HTTP_HEADER` -- Name of the HTTP header whose value is taken as the key value. - * * `HTTP_COOKIE` -- Name of the HTTP cookie whose value is taken as the key value. + * HTTP_HEADER -- Name of the HTTP header whose value is taken as the key value. + * HTTP_COOKIE -- Name of the HTTP cookie whose value is taken as the key value. */ enforceOnKeyName?: pulumi.Input; /** - * Determines the key to enforce the `rateLimitThreshold` on. If not specified, defaults to `ALL`. - * - * * `ALL`: A single rate limit threshold is applied to all the requests matching this rule. - * * `IP`: The source IP address of the request is the key. Each IP has this limit enforced separately. - * * `HTTP_HEADER`: The value of the HTTP header whose name is configured on `enforceOnKeyName`. The key value is truncated to the first 128 bytes of the header value. If no such header is present in the request, the key type defaults to `ALL`. - * * `XFF_IP`: The first IP address (i.e. the originating client IP address) specified in the list of IPs under X-Forwarded-For HTTP header. If no such header is present or the value is not a valid IP, the key type defaults to `ALL`. - * * `HTTP_COOKIE`: The value of the HTTP cookie whose name is configured under `enforceOnKeyName`. The key value is truncated to the first 128 bytes of the cookie value. If no such cookie is present in the request, the key type defaults to `ALL`. - * * `HTTP_PATH`: The URL path of the HTTP request. The key value is truncated to the first 128 bytes - * * `SNI`: Server name indication in the TLS session of the HTTPS request. The key value is truncated to the first 128 bytes. The key type defaults to `ALL` on a HTTP session. - * * `REGION_CODE`: The country/region from which the request originates. + * Determines the key to enforce the rateLimitThreshold on. Possible values are: + * * ALL: A single rate limit threshold is applied to all the requests matching this rule. This is the default value if "enforceOnKeyConfigs" is not configured. + * * IP: The source IP address of the request is the key. Each IP has this limit enforced separately. + * * HTTP_HEADER: The value of the HTTP header whose name is configured under "enforceOnKeyName". The key value is truncated to the first 128 bytes of the header value. If no such header is present in the request, the key type defaults to ALL. + * * XFF_IP: The first IP address (i.e. the originating client IP address) specified in the list of IPs under X-Forwarded-For HTTP header. If no such header is present or the value is not a valid IP, the key defaults to the source IP address of the request i.e. key type IP. + * * HTTP_COOKIE: The value of the HTTP cookie whose name is configured under "enforceOnKeyName". The key value is truncated to the first 128 bytes of the cookie value. If no such cookie is present in the request, the key type defaults to ALL. + * * HTTP_PATH: The URL path of the HTTP request. The key value is truncated to the first 128 bytes. + * * SNI: Server name indication in the TLS session of the HTTPS request. The key value is truncated to the first 128 bytes. The key type defaults to ALL on a HTTP session. + * * REGION_CODE: The country/region from which the request originates. + * * TLS_JA3_FINGERPRINT: JA3 TLS/SSL fingerprint if the client connects using HTTPS, HTTP/2 or HTTP/3. If not available, the key type defaults to ALL. + * * USER_IP: The IP address of the originating client, which is resolved based on "userIpRequestHeaders" configured with the security policy. If there is no "userIpRequestHeaders" configuration or an IP address cannot be resolved from it, the key type defaults to IP. + * Possible values are: `ALL`, `IP`, `HTTP_HEADER`, `XFF_IP`, `HTTP_COOKIE`, `HTTP_PATH`, `SNI`, `REGION_CODE`, `TLS_JA3_FINGERPRINT`, `USER_IP`. */ enforceOnKeyType?: pulumi.Input; } export interface SecurityPolicyRuleRateLimitOptionsExceedRedirectOptions { /** - * Target for the redirect action. This is required if the type is `EXTERNAL_302` and cannot be specified for `GOOGLE_RECAPTCHA`. + * Target for the redirect action. This is required if the type is EXTERNAL_302 and cannot be specified for GOOGLE_RECAPTCHA. */ target?: pulumi.Input; /** * Type of the redirect action. */ - type: pulumi.Input; + type?: pulumi.Input; } export interface SecurityPolicyRuleRateLimitOptionsRateLimitThreshold { /** * Number of HTTP(S) requests for calculating the threshold. */ - count: pulumi.Input; + count?: pulumi.Input; /** * Interval over which the threshold is computed. */ - intervalSec: pulumi.Input; + intervalSec?: pulumi.Input; } export interface SecurityPolicyRuleRedirectOptions { @@ -27963,6 +28127,10 @@ export namespace container { * Configuration for [Confidential Nodes](https://cloud.google.com/kubernetes-engine/docs/how-to/confidential-gke-nodes) feature. Structure is documented below documented below. */ confidentialNodes?: pulumi.Input; + /** + * Parameters to customize containerd runtime. Structure is documented below. + */ + containerdConfig?: pulumi.Input; /** * Size of the disk attached to each node, specified * in GB. The smallest allowed disk size is 10GB. Defaults to 100GB. @@ -28185,6 +28353,42 @@ export namespace container { enabled: pulumi.Input; } + export interface ClusterNodeConfigContainerdConfig { + /** + * Configuration for private container registries. There are two fields in this config: + */ + privateRegistryAccessConfig?: pulumi.Input; + } + + export interface ClusterNodeConfigContainerdConfigPrivateRegistryAccessConfig { + /** + * List of configuration objects for CA and domains. Each object identifies a certificate and its assigned domains. See [how to configure for private container registries](https://cloud.google.com/kubernetes-engine/docs/how-to/access-private-registries-private-certificates) for more detail. Example: + */ + certificateAuthorityDomainConfigs?: pulumi.Input[]>; + /** + * Enables private registry config. If set to false, all other fields in this object must not be set. + */ + enabled: pulumi.Input; + } + + export interface ClusterNodeConfigContainerdConfigPrivateRegistryAccessConfigCertificateAuthorityDomainConfig { + /** + * List of fully-qualified-domain-names. IPv4s and port specification are supported. + */ + fqdns: pulumi.Input[]>; + /** + * Parameters for configuring a certificate hosted in GCP SecretManager. + */ + gcpSecretManagerCertificateConfig: pulumi.Input; + } + + export interface ClusterNodeConfigContainerdConfigPrivateRegistryAccessConfigCertificateAuthorityDomainConfigGcpSecretManagerCertificateConfig { + /** + * URI for the secret that hosts a certificate. Must be in the format 'projects/PROJECT_NUM/secrets/SECRET_NAME/versions/VERSION_OR_LATEST'. + */ + secretUri: pulumi.Input; + } + export interface ClusterNodeConfigEffectiveTaint { /** * Effect for taint. @@ -28588,6 +28792,10 @@ export namespace container { } export interface ClusterNodePoolDefaultsNodeConfigDefaults { + /** + * Parameters for containerd configuration. + */ + containerdConfig?: pulumi.Input; /** * The default Google Container Filesystem (GCFS) configuration at the cluster level. e.g. enable [image streaming](https://cloud.google.com/kubernetes-engine/docs/how-to/image-streaming) across all the node pools within the cluster. Structure is documented below. */ @@ -28598,6 +28806,42 @@ export namespace container { loggingVariant?: pulumi.Input; } + export interface ClusterNodePoolDefaultsNodeConfigDefaultsContainerdConfig { + /** + * Configuration for private container registries. There are two fields in this config: + */ + privateRegistryAccessConfig?: pulumi.Input; + } + + export interface ClusterNodePoolDefaultsNodeConfigDefaultsContainerdConfigPrivateRegistryAccessConfig { + /** + * List of configuration objects for CA and domains. Each object identifies a certificate and its assigned domains. See [how to configure for private container registries](https://cloud.google.com/kubernetes-engine/docs/how-to/access-private-registries-private-certificates) for more detail. Example: + */ + certificateAuthorityDomainConfigs?: pulumi.Input[]>; + /** + * Enables private registry config. If set to false, all other fields in this object must not be set. + */ + enabled: pulumi.Input; + } + + export interface ClusterNodePoolDefaultsNodeConfigDefaultsContainerdConfigPrivateRegistryAccessConfigCertificateAuthorityDomainConfig { + /** + * List of fully-qualified-domain-names. IPv4s and port specification are supported. + */ + fqdns: pulumi.Input[]>; + /** + * Parameters for configuring a certificate hosted in GCP SecretManager. + */ + gcpSecretManagerCertificateConfig: pulumi.Input; + } + + export interface ClusterNodePoolDefaultsNodeConfigDefaultsContainerdConfigPrivateRegistryAccessConfigCertificateAuthorityDomainConfigGcpSecretManagerCertificateConfig { + /** + * URI for the secret that hosts a certificate. Must be in the format 'projects/PROJECT_NUM/secrets/SECRET_NAME/versions/VERSION_OR_LATEST'. + */ + secretUri: pulumi.Input; + } + export interface ClusterNodePoolDefaultsNodeConfigDefaultsGcfsConfig { /** * Whether or not the Google Container Filesystem (GCFS) is enabled @@ -28713,6 +28957,10 @@ export namespace container { * Configuration for [Confidential Nodes](https://cloud.google.com/kubernetes-engine/docs/how-to/confidential-gke-nodes) feature. Structure is documented below documented below. */ confidentialNodes?: pulumi.Input; + /** + * Parameters to customize containerd runtime. Structure is documented below. + */ + containerdConfig?: pulumi.Input; /** * Size of the disk attached to each node, specified * in GB. The smallest allowed disk size is 10GB. Defaults to 100GB. @@ -28935,6 +29183,42 @@ export namespace container { enabled: pulumi.Input; } + export interface ClusterNodePoolNodeConfigContainerdConfig { + /** + * Configuration for private container registries. There are two fields in this config: + */ + privateRegistryAccessConfig?: pulumi.Input; + } + + export interface ClusterNodePoolNodeConfigContainerdConfigPrivateRegistryAccessConfig { + /** + * List of configuration objects for CA and domains. Each object identifies a certificate and its assigned domains. See [how to configure for private container registries](https://cloud.google.com/kubernetes-engine/docs/how-to/access-private-registries-private-certificates) for more detail. Example: + */ + certificateAuthorityDomainConfigs?: pulumi.Input[]>; + /** + * Enables private registry config. If set to false, all other fields in this object must not be set. + */ + enabled: pulumi.Input; + } + + export interface ClusterNodePoolNodeConfigContainerdConfigPrivateRegistryAccessConfigCertificateAuthorityDomainConfig { + /** + * List of fully-qualified-domain-names. IPv4s and port specification are supported. + */ + fqdns: pulumi.Input[]>; + /** + * Parameters for configuring a certificate hosted in GCP SecretManager. + */ + gcpSecretManagerCertificateConfig: pulumi.Input; + } + + export interface ClusterNodePoolNodeConfigContainerdConfigPrivateRegistryAccessConfigCertificateAuthorityDomainConfigGcpSecretManagerCertificateConfig { + /** + * URI for the secret that hosts a certificate. Must be in the format 'projects/PROJECT_NUM/secrets/SECRET_NAME/versions/VERSION_OR_LATEST'. + */ + secretUri: pulumi.Input; + } + export interface ClusterNodePoolNodeConfigEffectiveTaint { /** * Effect for taint. @@ -29612,6 +29896,10 @@ export namespace container { * Configuration for Confidential Nodes feature. Structure is documented below. */ confidentialNodes?: pulumi.Input; + /** + * Parameters for containerd configuration. + */ + containerdConfig?: pulumi.Input; /** * Size of the disk attached to each node, specified in GB. The smallest allowed disk size is 10GB. */ @@ -29777,6 +30065,42 @@ export namespace container { enabled: pulumi.Input; } + export interface NodePoolNodeConfigContainerdConfig { + /** + * Parameters for private container registries configuration. + */ + privateRegistryAccessConfig?: pulumi.Input; + } + + export interface NodePoolNodeConfigContainerdConfigPrivateRegistryAccessConfig { + /** + * Parameters for configuring CA certificate and domains. + */ + certificateAuthorityDomainConfigs?: pulumi.Input[]>; + /** + * Whether or not private registries are configured. + */ + enabled: pulumi.Input; + } + + export interface NodePoolNodeConfigContainerdConfigPrivateRegistryAccessConfigCertificateAuthorityDomainConfig { + /** + * List of fully-qualified-domain-names. IPv4s and port specification are supported. + */ + fqdns: pulumi.Input[]>; + /** + * Parameters for configuring a certificate hosted in GCP SecretManager. + */ + gcpSecretManagerCertificateConfig: pulumi.Input; + } + + export interface NodePoolNodeConfigContainerdConfigPrivateRegistryAccessConfigCertificateAuthorityDomainConfigGcpSecretManagerCertificateConfig { + /** + * URI for the secret that hosts a certificate. Must be in the format 'projects/PROJECT_NUM/secrets/SECRET_NAME/versions/VERSION_OR_LATEST'. + */ + secretUri: pulumi.Input; + } + export interface NodePoolNodeConfigEffectiveTaint { /** * Effect for taint. @@ -36811,6 +37135,18 @@ export namespace dataloss { } export namespace dataplex { + export interface AspectTypeIamBindingCondition { + description?: pulumi.Input; + expression: pulumi.Input; + title: pulumi.Input; + } + + export interface AspectTypeIamMemberCondition { + description?: pulumi.Input; + expression: pulumi.Input; + title: pulumi.Input; + } + export interface AssetDiscoverySpec { /** * Optional. Configuration for CSV data. @@ -37302,6 +37638,18 @@ export namespace dataplex { title: pulumi.Input; } + export interface EntryGroupIamBindingCondition { + description?: pulumi.Input; + expression: pulumi.Input; + title: pulumi.Input; + } + + export interface EntryGroupIamMemberCondition { + description?: pulumi.Input; + expression: pulumi.Input; + title: pulumi.Input; + } + export interface LakeAssetStatus { /** * Number of active assets. @@ -56406,6 +56754,74 @@ export namespace networkservices { regexMatch?: pulumi.Input; } + export interface LbRouteExtensionExtensionChain { + /** + * A set of extensions to execute for the matching request. + * At least one extension is required. Up to 3 extensions can be defined for each extension chain for + * LbTrafficExtension resource. LbRouteExtension chains are limited to 1 extension per extension chain. + * Structure is documented below. + */ + extensions: pulumi.Input[]>; + /** + * Conditions under which this chain is invoked for a request. + * Structure is documented below. + */ + matchCondition: pulumi.Input; + /** + * The name for this extension chain. The name is logged as part of the HTTP request logs. + * The name must conform with RFC-1034, is restricted to lower-cased letters, numbers and hyphens, + * and can have a maximum length of 63 characters. Additionally, the first character must be a letter + * and the last character must be a letter or a number. + */ + name: pulumi.Input; + } + + export interface LbRouteExtensionExtensionChainExtension { + /** + * The :authority header in the gRPC request sent from Envoy to the extension service. + */ + authority?: pulumi.Input; + /** + * Determines how the proxy behaves if the call to the extension fails or times out. + * When set to TRUE, request or response processing continues without error. + * Any subsequent extensions in the extension chain are also executed. + * When set to FALSE: * If response headers have not been delivered to the downstream client, + * a generic 500 error is returned to the client. The error response can be tailored by + * configuring a custom error response in the load balancer. + */ + failOpen?: pulumi.Input; + /** + * List of the HTTP headers to forward to the extension (from the client or backend). + * If omitted, all headers are sent. Each element is a string indicating the header name. + * + * - - - + */ + forwardHeaders?: pulumi.Input[]>; + /** + * The name for this extension. The name is logged as part of the HTTP request logs. + * The name must conform with RFC-1034, is restricted to lower-cased letters, numbers and hyphens, + * and can have a maximum length of 63 characters. Additionally, the first character must be a letter + * and the last a letter or a number. + */ + name: pulumi.Input; + /** + * The reference to the service that runs the extension. Must be a reference to a backend service + */ + service: pulumi.Input; + /** + * Specifies the timeout for each individual message on the stream. The timeout must be between 10-1000 milliseconds. + * A duration in seconds with up to nine fractional digits, ending with 's'. Example: "3.5s". + */ + timeout?: pulumi.Input; + } + + export interface LbRouteExtensionExtensionChainMatchCondition { + /** + * A Common Expression Language (CEL) expression that is used to match requests for which the extension chain is executed. + */ + celExpression: pulumi.Input; + } + export interface LbTrafficExtensionExtensionChain { /** * A set of extensions to execute for the matching request. @@ -56432,7 +56848,7 @@ export namespace networkservices { /** * The :authority header in the gRPC request sent from Envoy to the extension service. */ - authority: pulumi.Input; + authority?: pulumi.Input; /** * Determines how the proxy behaves if the call to the extension fails or times out. * When set to TRUE, request or response processing continues without error. @@ -56471,7 +56887,7 @@ export namespace networkservices { * Specifies the timeout for each individual message on the stream. The timeout must be between 10-1000 milliseconds. * A duration in seconds with up to nine fractional digits, ending with 's'. Example: "3.5s". */ - timeout: pulumi.Input; + timeout?: pulumi.Input; } export interface LbTrafficExtensionExtensionChainMatchCondition { @@ -59863,6 +60279,10 @@ export namespace pubsub { * User-provided name for the Cloud Storage bucket. The bucket must be created by the user. The bucket name must be without any prefix like "gs://". */ bucket: pulumi.Input; + /** + * User-provided format string specifying how to represent datetimes in Cloud Storage filenames. + */ + filenameDatetimeFormat?: pulumi.Input; /** * User-provided prefix for Cloud Storage filename. */ @@ -62866,7 +63286,7 @@ export namespace tpu { topology: pulumi.Input; /** * Type of TPU. - * Possible values are: `V2`, `V3`, `V4`. + * Possible values are: `V2`, `V3`, `V4`, `V5P`. */ type: pulumi.Input; } diff --git a/sdk/nodejs/types/output.ts b/sdk/nodejs/types/output.ts index cf7ea38fcc..cc6f3ab8f5 100644 --- a/sdk/nodejs/types/output.ts +++ b/sdk/nodejs/types/output.ts @@ -3331,6 +3331,11 @@ export namespace appengine { * List of ports, or port pairs, to forward from the virtual machine to the application container. */ forwardedPorts?: string[]; + /** + * Prevent instances from receiving an ephemeral external IP address. + * Possible values are: `EXTERNAL`, `INTERNAL`. + */ + instanceIpMode?: string; /** * Tag to apply to the instance during creation. */ @@ -6614,6 +6619,11 @@ export namespace bigquery { * "AVRO". Structure is documented below. */ avroOptions?: outputs.bigquery.TableExternalDataConfigurationAvroOptions; + /** + * Additional properties to set if + * `sourceFormat` is set to "BIGTABLE". Structure is documented below. + */ + bigtableOptions?: outputs.bigquery.TableExternalDataConfigurationBigtableOptions; /** * The compression type of the data source. * Valid values are "NONE" or "GZIP". @@ -6735,6 +6745,75 @@ export namespace bigquery { useAvroLogicalTypes: boolean; } + export interface TableExternalDataConfigurationBigtableOptions { + /** + * A list of column families to expose in the table schema along with their types. This list restricts the column families that can be referenced in queries and specifies their value types. You can use this list to do type conversions - see the 'type' field for more details. If you leave this list empty, all column families are present in the table schema and their values are read as BYTES. During a query only the column families referenced in that query are read from Bigtable. Structure is documented below. + */ + columnFamilies?: outputs.bigquery.TableExternalDataConfigurationBigtableOptionsColumnFamily[]; + /** + * If field is true, then the column families that are not specified in columnFamilies list are not exposed in the table schema. Otherwise, they are read with BYTES type values. The default value is false. + */ + ignoreUnspecifiedColumnFamilies?: boolean; + /** + * If field is true, then each column family will be read as a single JSON column. Otherwise they are read as a repeated cell structure containing timestamp/value tuples. The default value is false. + */ + outputColumnFamiliesAsJson?: boolean; + /** + * If field is true, then the rowkey column families will be read and converted to string. Otherwise they are read with BYTES type values and users need to manually cast them with CAST if necessary. The default value is false. + */ + readRowkeyAsString?: boolean; + } + + export interface TableExternalDataConfigurationBigtableOptionsColumnFamily { + /** + * A List of columns that should be exposed as individual fields as opposed to a list of (column name, value) pairs. All columns whose qualifier matches a qualifier in this list can be accessed as Other columns can be accessed as a list through column field. Structure is documented below. + */ + columns?: outputs.bigquery.TableExternalDataConfigurationBigtableOptionsColumnFamilyColumn[]; + /** + * The encoding of the values when the type is not STRING. Acceptable encoding values are: TEXT - indicates values are alphanumeric text strings. BINARY - indicates values are encoded using HBase Bytes.toBytes family of functions. This can be overridden for a specific column by listing that column in 'columns' and specifying an encoding for it. + */ + encoding?: string; + /** + * Identifier of the column family. + */ + familyId?: string; + /** + * If this is set only the latest version of value are exposed for all columns in this column family. This can be overridden for a specific column by listing that column in 'columns' and specifying a different setting for that column. + */ + onlyReadLatest?: boolean; + /** + * The type to convert the value in cells of this column family. The values are expected to be encoded using HBase Bytes.toBytes function when using the BINARY encoding value. Following BigQuery types are allowed (case-sensitive): "BYTES", "STRING", "INTEGER", "FLOAT", "BOOLEAN", "JSON". Default type is BYTES. This can be overridden for a specific column by listing that column in 'columns' and specifying a type for it. + */ + type?: string; + } + + export interface TableExternalDataConfigurationBigtableOptionsColumnFamilyColumn { + /** + * The encoding of the values when the type is not STRING. Acceptable encoding values are: TEXT - indicates values are alphanumeric text strings. BINARY - indicates values are encoded using HBase Bytes.toBytes family of functions. 'encoding' can also be set at the column family level. However, the setting at this level takes precedence if 'encoding' is set at both levels. + */ + encoding?: string; + /** + * If the qualifier is not a valid BigQuery field identifier i.e. does not match [a-zA-Z][a-zA-Z0-9_]*, a valid identifier must be provided as the column field name and is used as field name in queries. + */ + fieldName?: string; + /** + * If this is set, only the latest version of value in this column are exposed. 'onlyReadLatest' can also be set at the column family level. However, the setting at this level takes precedence if 'onlyReadLatest' is set at both levels. + */ + onlyReadLatest?: boolean; + /** + * Qualifier of the column. Columns in the parent column family that has this exact qualifier are exposed as . field. If the qualifier is valid UTF-8 string, it can be specified in the qualifierString field. Otherwise, a base-64 encoded value must be set to qualifierEncoded. The column field name is the same as the column qualifier. However, if the qualifier is not a valid BigQuery field identifier i.e. does not match [a-zA-Z][a-zA-Z0-9_]*, a valid identifier must be provided as fieldName. + */ + qualifierEncoded?: string; + /** + * Qualifier string. + */ + qualifierString?: string; + /** + * The type to convert the value in cells of this column. The values are expected to be encoded using HBase Bytes.toBytes function when using the BINARY encoding value. Following BigQuery types are allowed (case-sensitive): "BYTES", "STRING", "INTEGER", "FLOAT", "BOOLEAN", "JSON", Default type is "BYTES". 'type' can also be set at the column family level. However, the setting at this level takes precedence if 'type' is set at both levels. + */ + type?: string; + } + export interface TableExternalDataConfigurationCsvOptions { /** * Indicates if BigQuery should accept rows @@ -6962,7 +7041,8 @@ export namespace bigquery { export interface TableTableReplicationInfo { /** - * The interval at which the source materialized view is polled for updates. The default is 300000. + * The interval at which the source + * materialized view is polled for updates. The default is 300000. */ replicationIntervalMs?: number; /** @@ -15262,6 +15342,12 @@ export namespace cloudrun { * The name of the Cloud Run Service. */ name: string; + /** + * A filesystem backed by a Network File System share. This filesystem requires the + * run.googleapis.com/execution-environment annotation to be set to "gen2" and + * run.googleapis.com/launch-stage set to "BETA" or "ALPHA". + */ + nfs: outputs.cloudrun.GetServiceTemplateSpecVolumeNf[]; /** * The secret's value will be presented as the content of a file whose * name is defined in the item path. If no items are defined, the name of @@ -15301,6 +15387,21 @@ export namespace cloudrun { sizeLimit: string; } + export interface GetServiceTemplateSpecVolumeNf { + /** + * Path exported by the NFS server + */ + path: string; + /** + * If true, mount the NFS volume as read only in all mounts. Defaults to false. + */ + readOnly: boolean; + /** + * IP address or hostname of the NFS server + */ + server: string; + } + export interface GetServiceTemplateSpecVolumeSecret { /** * Mode bits to use on created files by default. Must be a value between 0000 @@ -16098,6 +16199,13 @@ export namespace cloudrun { * Volume's name. */ name: string; + /** + * A filesystem backed by a Network File System share. This filesystem requires the + * run.googleapis.com/execution-environment annotation to be set to "gen2" and + * run.googleapis.com/launch-stage set to "BETA" or "ALPHA". + * Structure is documented below. + */ + nfs?: outputs.cloudrun.ServiceTemplateSpecVolumeNfs; /** * The secret's value will be presented as the content of a file whose * name is defined in the item path. If no items are defined, the name of @@ -16123,8 +16231,6 @@ export namespace cloudrun { * Driver-specific attributes. The following options are supported for available drivers: * * gcsfuse.run.googleapis.com * * bucketName: The name of the Cloud Storage Bucket that backs this volume. The Cloud Run Service identity must have access to this bucket. - * - * - - - */ volumeAttributes?: {[key: string]: string}; } @@ -16140,6 +16246,23 @@ export namespace cloudrun { sizeLimit?: string; } + export interface ServiceTemplateSpecVolumeNfs { + /** + * Path exported by the NFS server + */ + path: string; + /** + * If true, mount the NFS volume as read only in all mounts. Defaults to false. + * + * - - - + */ + readOnly?: boolean; + /** + * IP address or hostname of the NFS server + */ + server: string; + } + export interface ServiceTemplateSpecVolumeSecret { /** * Mode bits to use on created files by default. Must be a value between 0000 @@ -22889,6 +23012,10 @@ export namespace compute { * [here](https://cloud.google.com/compute/docs/instances/setting-instance-scheduling-options) */ onHostMaintenance: string; + /** + * Defines the behaviour for instances with the instance_termination_action. + */ + onInstanceStopActions: outputs.compute.GetInstanceSchedulingOnInstanceStopAction[]; /** * Whether the instance is preemptible. */ @@ -22935,6 +23062,13 @@ export namespace compute { values: string[]; } + export interface GetInstanceSchedulingOnInstanceStopAction { + /** + * If true, the contents of any attached Local SSD disks will be discarded. + */ + discardLocalSsd: boolean; + } + export interface GetInstanceScratchDisk { /** * Name with which the attached disk is accessible @@ -23370,6 +23504,10 @@ export namespace compute { * instance. */ onHostMaintenance: string; + /** + * Defines the behaviour for instances with the instance_termination_action. + */ + onInstanceStopActions: outputs.compute.GetInstanceTemplateSchedulingOnInstanceStopAction[]; /** * Allows instance to be preempted. This defaults to * false. Read more on this @@ -23425,6 +23563,13 @@ export namespace compute { values: string[]; } + export interface GetInstanceTemplateSchedulingOnInstanceStopAction { + /** + * If true, the contents of any attached Local SSD disks will be discarded. + */ + discardLocalSsd: boolean; + } + export interface GetInstanceTemplateServiceAccount { /** * The service account e-mail address. If not given, the @@ -23989,6 +24134,10 @@ export namespace compute { * instance. */ onHostMaintenance: string; + /** + * Defines the behaviour for instances with the instance_termination_action. + */ + onInstanceStopActions: outputs.compute.GetRegionInstanceTemplateSchedulingOnInstanceStopAction[]; /** * Allows instance to be preempted. This defaults to * false. Read more on this @@ -24044,6 +24193,13 @@ export namespace compute { values: string[]; } + export interface GetRegionInstanceTemplateSchedulingOnInstanceStopAction { + /** + * If true, the contents of any attached Local SSD disks will be discarded. + */ + discardLocalSsd: boolean; + } + export interface GetRegionInstanceTemplateServiceAccount { /** * The service account e-mail address. If not given, the @@ -24832,6 +24988,34 @@ export namespace compute { rangeName: string; } + export interface GetSubnetworksSubnetwork { + /** + * Description of the subnetwork. + */ + description: string; + /** + * The IP address range represented as a CIDR block. + */ + ipCidrRange: string; + /** + * The name of the subnetwork. + */ + name: string; + /** + * The self link of the parent network. + */ + network: string; + networkSelfLink: string; + /** + * Whether the VMs in the subnet can access Google services without assigned external IP addresses. + */ + privateIpGoogleAccess: boolean; + /** + * The self link of the subnetwork. + */ + selfLink: string; + } + export interface GlobalForwardingRuleMetadataFilter { /** * The list of label value pairs that must match labels in the @@ -25778,6 +25962,10 @@ export namespace compute { * Describes maintenance behavior for the instance. One of MIGRATE or TERMINATE, */ onHostMaintenance: string; + /** + * Defines the behaviour for instances with the instance_termination_action. + */ + onInstanceStopAction: outputs.compute.InstanceFromMachineImageSchedulingOnInstanceStopAction; /** * Whether the instance is preemptible. */ @@ -25824,6 +26012,13 @@ export namespace compute { values: string[]; } + export interface InstanceFromMachineImageSchedulingOnInstanceStopAction { + /** + * If true, the contents of any attached Local SSD disks will be discarded. + */ + discardLocalSsd: boolean; + } + export interface InstanceFromMachineImageScratchDisk { /** * Name with which the attached disk is accessible under /dev/disk/by-id/ @@ -26196,6 +26391,10 @@ export namespace compute { * Describes maintenance behavior for the instance. One of MIGRATE or TERMINATE, */ onHostMaintenance: string; + /** + * Defines the behaviour for instances with the instance_termination_action. + */ + onInstanceStopAction: outputs.compute.InstanceFromTemplateSchedulingOnInstanceStopAction; /** * Whether the instance is preemptible. */ @@ -26242,6 +26441,13 @@ export namespace compute { values: string[]; } + export interface InstanceFromTemplateSchedulingOnInstanceStopAction { + /** + * If true, the contents of any attached Local SSD disks will be discarded. + */ + discardLocalSsd: boolean; + } + export interface InstanceFromTemplateScratchDisk { /** * Name with which the attached disk is accessible under /dev/disk/by-id/ @@ -26772,8 +26978,7 @@ export namespace compute { */ maintenanceInterval?: string; /** - * The duration of the instance. Instance will run and be terminated after then, the termination action could be defined in `instanceTerminationAction`. Only support `DELETE` `instanceTerminationAction` at this point. Structure is documented below. - * The `maxRunDuration` block supports: + * The duration of the instance. Instance will run and be terminated after then, the termination action could be defined in `instanceTerminationAction`. Structure is documented below. */ maxRunDuration?: outputs.compute.InstanceSchedulingMaxRunDuration; /** @@ -26794,6 +26999,10 @@ export namespace compute { * [here](https://cloud.google.com/compute/docs/instances/setting-instance-scheduling-options). */ onHostMaintenance: string; + /** + * Specifies the action to be performed when the instance is terminated using `maxRunDuration` and `STOP` `instanceTerminationAction`. Only support `true` `discardLocalSsd` at this point. Structure is documented below. + */ + onInstanceStopAction?: outputs.compute.InstanceSchedulingOnInstanceStopAction; /** * Specifies if the instance is preemptible. * If this field is set to true, then `automaticRestart` must be @@ -26827,14 +27036,15 @@ export namespace compute { export interface InstanceSchedulingMaxRunDuration { /** * Span of time that's a fraction of a second at nanosecond - * resolution. Durations less than one second are represented - * with a 0 seconds field and a positive nanos field. Must - * be from 0 to 999,999,999 inclusive. + * resolution. Durations less than one second are represented with a 0 + * `seconds` field and a positive `nanos` field. Must be from 0 to + * 999,999,999 inclusive. */ nanos?: number; /** - * Span of time at a resolution of a second. - * Must be from 0 to 315,576,000,000 inclusive. + * Span of time at a resolution of a second. Must be from 0 to + * 315,576,000,000 inclusive. Note: these bounds are computed from: 60 + * sec/min * 60 min/hr * 24 hr/day * 365.25 days/year * 10000 years. */ seconds: number; } @@ -26855,6 +27065,13 @@ export namespace compute { values: string[]; } + export interface InstanceSchedulingOnInstanceStopAction { + /** + * Whether to discard local SSDs attached to the VM while terminating using `maxRunDuration`. Only supports `true` at this point. + */ + discardLocalSsd?: boolean; + } + export interface InstanceScratchDisk { /** * Name with which the attached disk is accessible under /dev/disk/by-id/ @@ -27294,8 +27511,7 @@ export namespace compute { */ maintenanceInterval?: string; /** - * The duration of the instance. Instance will run and be terminated after then, the termination action could be defined in `instanceTerminationAction`. Only support `DELETE` `instanceTerminationAction` at this point. Structure is documented below. - * The `maxRunDuration` block supports: + * The duration of the instance. Instance will run and be terminated after then, the termination action could be defined in `instanceTerminationAction`. Structure is documented below. */ maxRunDuration?: outputs.compute.InstanceTemplateSchedulingMaxRunDuration; /** @@ -27315,6 +27531,10 @@ export namespace compute { * instance. */ onHostMaintenance: string; + /** + * Specifies the action to be performed when the instance is terminated using `maxRunDuration` and `STOP` `instanceTerminationAction`. Only support `true` `discardLocalSsd` at this point. Structure is documented below. + */ + onInstanceStopAction?: outputs.compute.InstanceTemplateSchedulingOnInstanceStopAction; /** * Allows instance to be preempted. This defaults to * false. Read more on this @@ -27348,14 +27568,15 @@ export namespace compute { export interface InstanceTemplateSchedulingMaxRunDuration { /** * Span of time that's a fraction of a second at nanosecond - * resolution. Durations less than one second are represented - * with a 0 seconds field and a positive nanos field. Must - * be from 0 to 999,999,999 inclusive. + * resolution. Durations less than one second are represented with a 0 + * `seconds` field and a positive `nanos` field. Must be from 0 to + * 999,999,999 inclusive. */ nanos?: number; /** - * Span of time at a resolution of a second. - * Must be from 0 to 315,576,000,000 inclusive. + * Span of time at a resolution of a second. Must be from 0 to + * 315,576,000,000 inclusive. Note: these bounds are computed from: 60 + * sec/min * 60 min/hr * 24 hr/day * 365.25 days/year * 10000 years. */ seconds: number; } @@ -27373,6 +27594,13 @@ export namespace compute { values: string[]; } + export interface InstanceTemplateSchedulingOnInstanceStopAction { + /** + * Whether to discard local SSDs attached to the VM while terminating using `maxRunDuration`. Only supports `true` at this point. + */ + discardLocalSsd?: boolean; + } + export interface InstanceTemplateServiceAccount { /** * The service account e-mail address. If not given, the @@ -29874,6 +30102,10 @@ export namespace compute { * instance. */ onHostMaintenance: string; + /** + * Defines the behaviour for instances with the instance_termination_action. + */ + onInstanceStopAction?: outputs.compute.RegionInstanceTemplateSchedulingOnInstanceStopAction; /** * Allows instance to be preempted. This defaults to * false. Read more on this @@ -29933,6 +30165,13 @@ export namespace compute { values: string[]; } + export interface RegionInstanceTemplateSchedulingOnInstanceStopAction { + /** + * If true, the contents of any attached Local SSD disks will be discarded. + */ + discardLocalSsd?: boolean; + } + export interface RegionInstanceTemplateServiceAccount { /** * The service account e-mail address. If not given, the @@ -32885,6 +33124,7 @@ export namespace compute { * Whether or not to JSON parse the payload body. Defaults to `DISABLED`. * * `DISABLED` - Don't parse JSON payloads in POST bodies. * * `STANDARD` - Parse JSON payloads in POST bodies. + * * `STANDARD_WITH_GRAPHQL` - Parse JSON and GraphQL payloads in POST bodies. */ jsonParsing: string; /** @@ -33126,115 +33366,121 @@ export namespace compute { export interface SecurityPolicyRuleRateLimitOptions { /** - * Can only be specified if the `action` for the rule is `rateBasedBan`. + * Can only be specified if the action for the rule is "rateBasedBan". * If specified, determines the time (in seconds) the traffic will continue to be banned by the rate limit after the rate falls below the threshold. */ banDurationSec?: number; /** - * Can only be specified if the `action` for the rule is `rateBasedBan`. - * If specified, the key will be banned for the configured `banDurationSec` when the number of requests that exceed the `rateLimitThreshold` also - * exceed this `banThreshold`. Structure is documented below. + * Can only be specified if the action for the rule is "rateBasedBan". + * If specified, the key will be banned for the configured 'banDurationSec' when the number of requests that exceed the 'rateLimitThreshold' also exceed this 'banThreshold'. + * Structure is documented below. */ banThreshold?: outputs.compute.SecurityPolicyRuleRateLimitOptionsBanThreshold; /** - * Action to take for requests that are under the configured rate limit threshold. Valid option is `allow` only. + * Action to take for requests that are under the configured rate limit threshold. + * Valid option is "allow" only. */ - conformAction: string; + conformAction?: string; /** - * Determines the key to enforce the rateLimitThreshold on. If not specified, defaults to `ALL`. - * - * * `ALL`: A single rate limit threshold is applied to all the requests matching this rule. - * * `IP`: The source IP address of the request is the key. Each IP has this limit enforced separately. - * * `HTTP_HEADER`: The value of the HTTP header whose name is configured under `enforceOnKeyName`. The key value is truncated to the first 128 bytes of the header value. If no such header is present in the request, the key type defaults to `ALL`. - * * `XFF_IP`: The first IP address (i.e. the originating client IP address) specified in the list of IPs under `X-Forwarded-For` HTTP header. If no such header is present or the value is not a valid IP, the key type defaults to `ALL`. - * * `HTTP_COOKIE`: The value of the HTTP cookie whose name is configured under `enforceOnKeyName`. The key value is truncated to the first 128 bytes of the cookie value. If no such cookie is present in the request, the key type defaults to `ALL`. - * * `HTTP_PATH`: The URL path of the HTTP request. The key value is truncated to the first 128 bytes - * * `SNI`: Server name indication in the TLS session of the HTTPS request. The key value is truncated to the first 128 bytes. The key type defaults to `ALL` on a HTTP session. - * * `REGION_CODE`: The country/region from which the request originates. + * Determines the key to enforce the rateLimitThreshold on. Possible values are: + * * ALL: A single rate limit threshold is applied to all the requests matching this rule. This is the default value if "enforceOnKey" is not configured. + * * IP: The source IP address of the request is the key. Each IP has this limit enforced separately. + * * HTTP_HEADER: The value of the HTTP header whose name is configured under "enforceOnKeyName". The key value is truncated to the first 128 bytes of the header value. If no such header is present in the request, the key type defaults to ALL. + * * XFF_IP: The first IP address (i.e. the originating client IP address) specified in the list of IPs under X-Forwarded-For HTTP header. If no such header is present or the value is not a valid IP, the key defaults to the source IP address of the request i.e. key type IP. + * * HTTP_COOKIE: The value of the HTTP cookie whose name is configured under "enforceOnKeyName". The key value is truncated to the first 128 bytes of the cookie value. If no such cookie is present in the request, the key type defaults to ALL. + * * HTTP_PATH: The URL path of the HTTP request. The key value is truncated to the first 128 bytes. + * * SNI: Server name indication in the TLS session of the HTTPS request. The key value is truncated to the first 128 bytes. The key type defaults to ALL on a HTTP session. + * * REGION_CODE: The country/region from which the request originates. + * * TLS_JA3_FINGERPRINT: JA3 TLS/SSL fingerprint if the client connects using HTTPS, HTTP/2 or HTTP/3. If not available, the key type defaults to ALL. + * * USER_IP: The IP address of the originating client, which is resolved based on "userIpRequestHeaders" configured with the security policy. If there is no "userIpRequestHeaders" configuration or an IP address cannot be resolved from it, the key type defaults to IP. + * Possible values are: `ALL`, `IP`, `HTTP_HEADER`, `XFF_IP`, `HTTP_COOKIE`, `HTTP_PATH`, `SNI`, `REGION_CODE`, `TLS_JA3_FINGERPRINT`, `USER_IP`. */ enforceOnKey?: string; /** - * If specified, any combination of values of enforce_on_key_type/enforce_on_key_name is treated as the key on which rate limit threshold/action is enforced. You can specify up to 3 enforce_on_key_configs. If `enforceOnKeyConfigs` is specified, `enforceOnKey` must be set to an empty string. Structure is documented below. - * - * **Note:** To avoid the conflict between `enforceOnKey` and `enforceOnKeyConfigs`, the field `enforceOnKey` needs to be set to an empty string. + * If specified, any combination of values of enforceOnKeyType/enforceOnKeyName is treated as the key on which ratelimit threshold/action is enforced. + * You can specify up to 3 enforceOnKeyConfigs. + * If enforceOnKeyConfigs is specified, enforceOnKey must not be specified. + * Structure is documented below. */ enforceOnKeyConfigs?: outputs.compute.SecurityPolicyRuleRateLimitOptionsEnforceOnKeyConfig[]; /** * Rate limit key name applicable only for the following key types: - * - * * `HTTP_HEADER` -- Name of the HTTP header whose value is taken as the key value. - * * `HTTP_COOKIE` -- Name of the HTTP cookie whose value is taken as the key value. + * HTTP_HEADER -- Name of the HTTP header whose value is taken as the key value. + * HTTP_COOKIE -- Name of the HTTP cookie whose value is taken as the key value. */ enforceOnKeyName?: string; /** - * When a request is denied, returns the HTTP response code specified. - * Valid options are `deny()` where valid values for status are 403, 404, 429, and 502. + * Action to take for requests that are above the configured rate limit threshold, to either deny with a specified HTTP response code, or redirect to a different endpoint. + * Valid options are deny(STATUS), where valid values for STATUS are 403, 404, 429, and 502. */ - exceedAction: string; + exceedAction?: string; /** - * Parameters defining the redirect action that is used as the exceed action. Cannot be specified if the exceed action is not redirect. + * Parameters defining the redirect action that is used as the exceed action. Cannot be specified if the exceed action is not redirect. This field is only supported in Global Security Policies of type CLOUD_ARMOR. + * Structure is documented below. */ exceedRedirectOptions?: outputs.compute.SecurityPolicyRuleRateLimitOptionsExceedRedirectOptions; /** - * Threshold at which to begin ratelimiting. Structure is documented below. + * Threshold at which to begin ratelimiting. + * Structure is documented below. */ - rateLimitThreshold: outputs.compute.SecurityPolicyRuleRateLimitOptionsRateLimitThreshold; + rateLimitThreshold?: outputs.compute.SecurityPolicyRuleRateLimitOptionsRateLimitThreshold; } export interface SecurityPolicyRuleRateLimitOptionsBanThreshold { /** * Number of HTTP(S) requests for calculating the threshold. */ - count: number; + count?: number; /** * Interval over which the threshold is computed. */ - intervalSec: number; + intervalSec?: number; } export interface SecurityPolicyRuleRateLimitOptionsEnforceOnKeyConfig { /** * Rate limit key name applicable only for the following key types: - * - * * `HTTP_HEADER` -- Name of the HTTP header whose value is taken as the key value. - * * `HTTP_COOKIE` -- Name of the HTTP cookie whose value is taken as the key value. + * HTTP_HEADER -- Name of the HTTP header whose value is taken as the key value. + * HTTP_COOKIE -- Name of the HTTP cookie whose value is taken as the key value. */ enforceOnKeyName?: string; /** - * Determines the key to enforce the `rateLimitThreshold` on. If not specified, defaults to `ALL`. - * - * * `ALL`: A single rate limit threshold is applied to all the requests matching this rule. - * * `IP`: The source IP address of the request is the key. Each IP has this limit enforced separately. - * * `HTTP_HEADER`: The value of the HTTP header whose name is configured on `enforceOnKeyName`. The key value is truncated to the first 128 bytes of the header value. If no such header is present in the request, the key type defaults to `ALL`. - * * `XFF_IP`: The first IP address (i.e. the originating client IP address) specified in the list of IPs under X-Forwarded-For HTTP header. If no such header is present or the value is not a valid IP, the key type defaults to `ALL`. - * * `HTTP_COOKIE`: The value of the HTTP cookie whose name is configured under `enforceOnKeyName`. The key value is truncated to the first 128 bytes of the cookie value. If no such cookie is present in the request, the key type defaults to `ALL`. - * * `HTTP_PATH`: The URL path of the HTTP request. The key value is truncated to the first 128 bytes - * * `SNI`: Server name indication in the TLS session of the HTTPS request. The key value is truncated to the first 128 bytes. The key type defaults to `ALL` on a HTTP session. - * * `REGION_CODE`: The country/region from which the request originates. + * Determines the key to enforce the rateLimitThreshold on. Possible values are: + * * ALL: A single rate limit threshold is applied to all the requests matching this rule. This is the default value if "enforceOnKeyConfigs" is not configured. + * * IP: The source IP address of the request is the key. Each IP has this limit enforced separately. + * * HTTP_HEADER: The value of the HTTP header whose name is configured under "enforceOnKeyName". The key value is truncated to the first 128 bytes of the header value. If no such header is present in the request, the key type defaults to ALL. + * * XFF_IP: The first IP address (i.e. the originating client IP address) specified in the list of IPs under X-Forwarded-For HTTP header. If no such header is present or the value is not a valid IP, the key defaults to the source IP address of the request i.e. key type IP. + * * HTTP_COOKIE: The value of the HTTP cookie whose name is configured under "enforceOnKeyName". The key value is truncated to the first 128 bytes of the cookie value. If no such cookie is present in the request, the key type defaults to ALL. + * * HTTP_PATH: The URL path of the HTTP request. The key value is truncated to the first 128 bytes. + * * SNI: Server name indication in the TLS session of the HTTPS request. The key value is truncated to the first 128 bytes. The key type defaults to ALL on a HTTP session. + * * REGION_CODE: The country/region from which the request originates. + * * TLS_JA3_FINGERPRINT: JA3 TLS/SSL fingerprint if the client connects using HTTPS, HTTP/2 or HTTP/3. If not available, the key type defaults to ALL. + * * USER_IP: The IP address of the originating client, which is resolved based on "userIpRequestHeaders" configured with the security policy. If there is no "userIpRequestHeaders" configuration or an IP address cannot be resolved from it, the key type defaults to IP. + * Possible values are: `ALL`, `IP`, `HTTP_HEADER`, `XFF_IP`, `HTTP_COOKIE`, `HTTP_PATH`, `SNI`, `REGION_CODE`, `TLS_JA3_FINGERPRINT`, `USER_IP`. */ enforceOnKeyType?: string; } export interface SecurityPolicyRuleRateLimitOptionsExceedRedirectOptions { /** - * Target for the redirect action. This is required if the type is `EXTERNAL_302` and cannot be specified for `GOOGLE_RECAPTCHA`. + * Target for the redirect action. This is required if the type is EXTERNAL_302 and cannot be specified for GOOGLE_RECAPTCHA. */ target?: string; /** * Type of the redirect action. */ - type: string; + type?: string; } export interface SecurityPolicyRuleRateLimitOptionsRateLimitThreshold { /** * Number of HTTP(S) requests for calculating the threshold. */ - count: number; + count?: number; /** * Interval over which the threshold is computed. */ - intervalSec: number; + intervalSec?: number; } export interface SecurityPolicyRuleRedirectOptions { @@ -37096,6 +37342,10 @@ export namespace container { * Configuration for [Confidential Nodes](https://cloud.google.com/kubernetes-engine/docs/how-to/confidential-gke-nodes) feature. Structure is documented below documented below. */ confidentialNodes: outputs.container.ClusterNodeConfigConfidentialNodes; + /** + * Parameters to customize containerd runtime. Structure is documented below. + */ + containerdConfig?: outputs.container.ClusterNodeConfigContainerdConfig; /** * Size of the disk attached to each node, specified * in GB. The smallest allowed disk size is 10GB. Defaults to 100GB. @@ -37318,6 +37568,42 @@ export namespace container { enabled: boolean; } + export interface ClusterNodeConfigContainerdConfig { + /** + * Configuration for private container registries. There are two fields in this config: + */ + privateRegistryAccessConfig?: outputs.container.ClusterNodeConfigContainerdConfigPrivateRegistryAccessConfig; + } + + export interface ClusterNodeConfigContainerdConfigPrivateRegistryAccessConfig { + /** + * List of configuration objects for CA and domains. Each object identifies a certificate and its assigned domains. See [how to configure for private container registries](https://cloud.google.com/kubernetes-engine/docs/how-to/access-private-registries-private-certificates) for more detail. Example: + */ + certificateAuthorityDomainConfigs?: outputs.container.ClusterNodeConfigContainerdConfigPrivateRegistryAccessConfigCertificateAuthorityDomainConfig[]; + /** + * Enables private registry config. If set to false, all other fields in this object must not be set. + */ + enabled: boolean; + } + + export interface ClusterNodeConfigContainerdConfigPrivateRegistryAccessConfigCertificateAuthorityDomainConfig { + /** + * List of fully-qualified-domain-names. IPv4s and port specification are supported. + */ + fqdns: string[]; + /** + * Parameters for configuring a certificate hosted in GCP SecretManager. + */ + gcpSecretManagerCertificateConfig: outputs.container.ClusterNodeConfigContainerdConfigPrivateRegistryAccessConfigCertificateAuthorityDomainConfigGcpSecretManagerCertificateConfig; + } + + export interface ClusterNodeConfigContainerdConfigPrivateRegistryAccessConfigCertificateAuthorityDomainConfigGcpSecretManagerCertificateConfig { + /** + * URI for the secret that hosts a certificate. Must be in the format 'projects/PROJECT_NUM/secrets/SECRET_NAME/versions/VERSION_OR_LATEST'. + */ + secretUri: string; + } + export interface ClusterNodeConfigEffectiveTaint { /** * Effect for taint. @@ -37721,6 +38007,10 @@ export namespace container { } export interface ClusterNodePoolDefaultsNodeConfigDefaults { + /** + * Parameters for containerd configuration. + */ + containerdConfig?: outputs.container.ClusterNodePoolDefaultsNodeConfigDefaultsContainerdConfig; /** * The default Google Container Filesystem (GCFS) configuration at the cluster level. e.g. enable [image streaming](https://cloud.google.com/kubernetes-engine/docs/how-to/image-streaming) across all the node pools within the cluster. Structure is documented below. */ @@ -37731,6 +38021,42 @@ export namespace container { loggingVariant: string; } + export interface ClusterNodePoolDefaultsNodeConfigDefaultsContainerdConfig { + /** + * Configuration for private container registries. There are two fields in this config: + */ + privateRegistryAccessConfig?: outputs.container.ClusterNodePoolDefaultsNodeConfigDefaultsContainerdConfigPrivateRegistryAccessConfig; + } + + export interface ClusterNodePoolDefaultsNodeConfigDefaultsContainerdConfigPrivateRegistryAccessConfig { + /** + * List of configuration objects for CA and domains. Each object identifies a certificate and its assigned domains. See [how to configure for private container registries](https://cloud.google.com/kubernetes-engine/docs/how-to/access-private-registries-private-certificates) for more detail. Example: + */ + certificateAuthorityDomainConfigs?: outputs.container.ClusterNodePoolDefaultsNodeConfigDefaultsContainerdConfigPrivateRegistryAccessConfigCertificateAuthorityDomainConfig[]; + /** + * Enables private registry config. If set to false, all other fields in this object must not be set. + */ + enabled: boolean; + } + + export interface ClusterNodePoolDefaultsNodeConfigDefaultsContainerdConfigPrivateRegistryAccessConfigCertificateAuthorityDomainConfig { + /** + * List of fully-qualified-domain-names. IPv4s and port specification are supported. + */ + fqdns: string[]; + /** + * Parameters for configuring a certificate hosted in GCP SecretManager. + */ + gcpSecretManagerCertificateConfig: outputs.container.ClusterNodePoolDefaultsNodeConfigDefaultsContainerdConfigPrivateRegistryAccessConfigCertificateAuthorityDomainConfigGcpSecretManagerCertificateConfig; + } + + export interface ClusterNodePoolDefaultsNodeConfigDefaultsContainerdConfigPrivateRegistryAccessConfigCertificateAuthorityDomainConfigGcpSecretManagerCertificateConfig { + /** + * URI for the secret that hosts a certificate. Must be in the format 'projects/PROJECT_NUM/secrets/SECRET_NAME/versions/VERSION_OR_LATEST'. + */ + secretUri: string; + } + export interface ClusterNodePoolDefaultsNodeConfigDefaultsGcfsConfig { /** * Whether or not the Google Container Filesystem (GCFS) is enabled @@ -37846,6 +38172,10 @@ export namespace container { * Configuration for [Confidential Nodes](https://cloud.google.com/kubernetes-engine/docs/how-to/confidential-gke-nodes) feature. Structure is documented below documented below. */ confidentialNodes: outputs.container.ClusterNodePoolNodeConfigConfidentialNodes; + /** + * Parameters to customize containerd runtime. Structure is documented below. + */ + containerdConfig?: outputs.container.ClusterNodePoolNodeConfigContainerdConfig; /** * Size of the disk attached to each node, specified * in GB. The smallest allowed disk size is 10GB. Defaults to 100GB. @@ -38068,6 +38398,42 @@ export namespace container { enabled: boolean; } + export interface ClusterNodePoolNodeConfigContainerdConfig { + /** + * Configuration for private container registries. There are two fields in this config: + */ + privateRegistryAccessConfig?: outputs.container.ClusterNodePoolNodeConfigContainerdConfigPrivateRegistryAccessConfig; + } + + export interface ClusterNodePoolNodeConfigContainerdConfigPrivateRegistryAccessConfig { + /** + * List of configuration objects for CA and domains. Each object identifies a certificate and its assigned domains. See [how to configure for private container registries](https://cloud.google.com/kubernetes-engine/docs/how-to/access-private-registries-private-certificates) for more detail. Example: + */ + certificateAuthorityDomainConfigs?: outputs.container.ClusterNodePoolNodeConfigContainerdConfigPrivateRegistryAccessConfigCertificateAuthorityDomainConfig[]; + /** + * Enables private registry config. If set to false, all other fields in this object must not be set. + */ + enabled: boolean; + } + + export interface ClusterNodePoolNodeConfigContainerdConfigPrivateRegistryAccessConfigCertificateAuthorityDomainConfig { + /** + * List of fully-qualified-domain-names. IPv4s and port specification are supported. + */ + fqdns: string[]; + /** + * Parameters for configuring a certificate hosted in GCP SecretManager. + */ + gcpSecretManagerCertificateConfig: outputs.container.ClusterNodePoolNodeConfigContainerdConfigPrivateRegistryAccessConfigCertificateAuthorityDomainConfigGcpSecretManagerCertificateConfig; + } + + export interface ClusterNodePoolNodeConfigContainerdConfigPrivateRegistryAccessConfigCertificateAuthorityDomainConfigGcpSecretManagerCertificateConfig { + /** + * URI for the secret that hosts a certificate. Must be in the format 'projects/PROJECT_NUM/secrets/SECRET_NAME/versions/VERSION_OR_LATEST'. + */ + secretUri: string; + } + export interface ClusterNodePoolNodeConfigEffectiveTaint { /** * Effect for taint. @@ -39221,6 +39587,10 @@ export namespace container { * Configuration for the confidential nodes feature, which makes nodes run on confidential VMs. Warning: This configuration can't be changed (or added/removed) after pool creation without deleting and recreating the entire pool. */ confidentialNodes: outputs.container.GetClusterNodeConfigConfidentialNode[]; + /** + * Parameters for containerd configuration. + */ + containerdConfigs: outputs.container.GetClusterNodeConfigContainerdConfig[]; /** * Size of the disk attached to each node, specified in GB. The smallest allowed disk size is 10GB. */ @@ -39385,6 +39755,42 @@ export namespace container { enabled: boolean; } + export interface GetClusterNodeConfigContainerdConfig { + /** + * Parameters for private container registries configuration. + */ + privateRegistryAccessConfigs: outputs.container.GetClusterNodeConfigContainerdConfigPrivateRegistryAccessConfig[]; + } + + export interface GetClusterNodeConfigContainerdConfigPrivateRegistryAccessConfig { + /** + * Parameters for configuring CA certificate and domains. + */ + certificateAuthorityDomainConfigs: outputs.container.GetClusterNodeConfigContainerdConfigPrivateRegistryAccessConfigCertificateAuthorityDomainConfig[]; + /** + * Whether or not private registries are configured. + */ + enabled: boolean; + } + + export interface GetClusterNodeConfigContainerdConfigPrivateRegistryAccessConfigCertificateAuthorityDomainConfig { + /** + * List of fully-qualified-domain-names. IPv4s and port specification are supported. + */ + fqdns: string[]; + /** + * Parameters for configuring a certificate hosted in GCP SecretManager. + */ + gcpSecretManagerCertificateConfigs: outputs.container.GetClusterNodeConfigContainerdConfigPrivateRegistryAccessConfigCertificateAuthorityDomainConfigGcpSecretManagerCertificateConfig[]; + } + + export interface GetClusterNodeConfigContainerdConfigPrivateRegistryAccessConfigCertificateAuthorityDomainConfigGcpSecretManagerCertificateConfig { + /** + * URI for the secret that hosts a certificate. Must be in the format 'projects/PROJECT_NUM/secrets/SECRET_NAME/versions/VERSION_OR_LATEST'. + */ + secretUri: string; + } + export interface GetClusterNodeConfigEffectiveTaint { /** * Effect for taint. @@ -39721,6 +40127,10 @@ export namespace container { } export interface GetClusterNodePoolDefaultNodeConfigDefault { + /** + * Parameters for containerd configuration. + */ + containerdConfigs: outputs.container.GetClusterNodePoolDefaultNodeConfigDefaultContainerdConfig[]; /** * GCFS configuration for this node. */ @@ -39731,6 +40141,42 @@ export namespace container { loggingVariant: string; } + export interface GetClusterNodePoolDefaultNodeConfigDefaultContainerdConfig { + /** + * Parameters for private container registries configuration. + */ + privateRegistryAccessConfigs: outputs.container.GetClusterNodePoolDefaultNodeConfigDefaultContainerdConfigPrivateRegistryAccessConfig[]; + } + + export interface GetClusterNodePoolDefaultNodeConfigDefaultContainerdConfigPrivateRegistryAccessConfig { + /** + * Parameters for configuring CA certificate and domains. + */ + certificateAuthorityDomainConfigs: outputs.container.GetClusterNodePoolDefaultNodeConfigDefaultContainerdConfigPrivateRegistryAccessConfigCertificateAuthorityDomainConfig[]; + /** + * Whether or not private registries are configured. + */ + enabled: boolean; + } + + export interface GetClusterNodePoolDefaultNodeConfigDefaultContainerdConfigPrivateRegistryAccessConfigCertificateAuthorityDomainConfig { + /** + * List of fully-qualified-domain-names. IPv4s and port specification are supported. + */ + fqdns: string[]; + /** + * Parameters for configuring a certificate hosted in GCP SecretManager. + */ + gcpSecretManagerCertificateConfigs: outputs.container.GetClusterNodePoolDefaultNodeConfigDefaultContainerdConfigPrivateRegistryAccessConfigCertificateAuthorityDomainConfigGcpSecretManagerCertificateConfig[]; + } + + export interface GetClusterNodePoolDefaultNodeConfigDefaultContainerdConfigPrivateRegistryAccessConfigCertificateAuthorityDomainConfigGcpSecretManagerCertificateConfig { + /** + * URI for the secret that hosts a certificate. Must be in the format 'projects/PROJECT_NUM/secrets/SECRET_NAME/versions/VERSION_OR_LATEST'. + */ + secretUri: string; + } + export interface GetClusterNodePoolDefaultNodeConfigDefaultGcfsConfig { /** * Whether or not GCFS is enabled @@ -39834,6 +40280,10 @@ export namespace container { * Configuration for the confidential nodes feature, which makes nodes run on confidential VMs. Warning: This configuration can't be changed (or added/removed) after pool creation without deleting and recreating the entire pool. */ confidentialNodes: outputs.container.GetClusterNodePoolNodeConfigConfidentialNode[]; + /** + * Parameters for containerd configuration. + */ + containerdConfigs: outputs.container.GetClusterNodePoolNodeConfigContainerdConfig[]; /** * Size of the disk attached to each node, specified in GB. The smallest allowed disk size is 10GB. */ @@ -39998,6 +40448,42 @@ export namespace container { enabled: boolean; } + export interface GetClusterNodePoolNodeConfigContainerdConfig { + /** + * Parameters for private container registries configuration. + */ + privateRegistryAccessConfigs: outputs.container.GetClusterNodePoolNodeConfigContainerdConfigPrivateRegistryAccessConfig[]; + } + + export interface GetClusterNodePoolNodeConfigContainerdConfigPrivateRegistryAccessConfig { + /** + * Parameters for configuring CA certificate and domains. + */ + certificateAuthorityDomainConfigs: outputs.container.GetClusterNodePoolNodeConfigContainerdConfigPrivateRegistryAccessConfigCertificateAuthorityDomainConfig[]; + /** + * Whether or not private registries are configured. + */ + enabled: boolean; + } + + export interface GetClusterNodePoolNodeConfigContainerdConfigPrivateRegistryAccessConfigCertificateAuthorityDomainConfig { + /** + * List of fully-qualified-domain-names. IPv4s and port specification are supported. + */ + fqdns: string[]; + /** + * Parameters for configuring a certificate hosted in GCP SecretManager. + */ + gcpSecretManagerCertificateConfigs: outputs.container.GetClusterNodePoolNodeConfigContainerdConfigPrivateRegistryAccessConfigCertificateAuthorityDomainConfigGcpSecretManagerCertificateConfig[]; + } + + export interface GetClusterNodePoolNodeConfigContainerdConfigPrivateRegistryAccessConfigCertificateAuthorityDomainConfigGcpSecretManagerCertificateConfig { + /** + * URI for the secret that hosts a certificate. Must be in the format 'projects/PROJECT_NUM/secrets/SECRET_NAME/versions/VERSION_OR_LATEST'. + */ + secretUri: string; + } + export interface GetClusterNodePoolNodeConfigEffectiveTaint { /** * Effect for taint. @@ -40602,6 +41088,10 @@ export namespace container { * Configuration for Confidential Nodes feature. Structure is documented below. */ confidentialNodes: outputs.container.NodePoolNodeConfigConfidentialNodes; + /** + * Parameters for containerd configuration. + */ + containerdConfig?: outputs.container.NodePoolNodeConfigContainerdConfig; /** * Size of the disk attached to each node, specified in GB. The smallest allowed disk size is 10GB. */ @@ -40767,6 +41257,42 @@ export namespace container { enabled: boolean; } + export interface NodePoolNodeConfigContainerdConfig { + /** + * Parameters for private container registries configuration. + */ + privateRegistryAccessConfig?: outputs.container.NodePoolNodeConfigContainerdConfigPrivateRegistryAccessConfig; + } + + export interface NodePoolNodeConfigContainerdConfigPrivateRegistryAccessConfig { + /** + * Parameters for configuring CA certificate and domains. + */ + certificateAuthorityDomainConfigs?: outputs.container.NodePoolNodeConfigContainerdConfigPrivateRegistryAccessConfigCertificateAuthorityDomainConfig[]; + /** + * Whether or not private registries are configured. + */ + enabled: boolean; + } + + export interface NodePoolNodeConfigContainerdConfigPrivateRegistryAccessConfigCertificateAuthorityDomainConfig { + /** + * List of fully-qualified-domain-names. IPv4s and port specification are supported. + */ + fqdns: string[]; + /** + * Parameters for configuring a certificate hosted in GCP SecretManager. + */ + gcpSecretManagerCertificateConfig: outputs.container.NodePoolNodeConfigContainerdConfigPrivateRegistryAccessConfigCertificateAuthorityDomainConfigGcpSecretManagerCertificateConfig; + } + + export interface NodePoolNodeConfigContainerdConfigPrivateRegistryAccessConfigCertificateAuthorityDomainConfigGcpSecretManagerCertificateConfig { + /** + * URI for the secret that hosts a certificate. Must be in the format 'projects/PROJECT_NUM/secrets/SECRET_NAME/versions/VERSION_OR_LATEST'. + */ + secretUri: string; + } + export interface NodePoolNodeConfigEffectiveTaint { /** * Effect for taint. @@ -47809,6 +48335,18 @@ export namespace dataloss { } export namespace dataplex { + export interface AspectTypeIamBindingCondition { + description?: string; + expression: string; + title: string; + } + + export interface AspectTypeIamMemberCondition { + description?: string; + expression: string; + title: string; + } + export interface AssetDiscoverySpec { /** * Optional. Configuration for CSV data. @@ -48300,6 +48838,18 @@ export namespace dataplex { title: string; } + export interface EntryGroupIamBindingCondition { + description?: string; + expression: string; + title: string; + } + + export interface EntryGroupIamMemberCondition { + description?: string; + expression: string; + title: string; + } + export interface LakeAssetStatus { /** * Number of active assets. @@ -68072,6 +68622,74 @@ export namespace networkservices { regexMatch?: string; } + export interface LbRouteExtensionExtensionChain { + /** + * A set of extensions to execute for the matching request. + * At least one extension is required. Up to 3 extensions can be defined for each extension chain for + * LbTrafficExtension resource. LbRouteExtension chains are limited to 1 extension per extension chain. + * Structure is documented below. + */ + extensions: outputs.networkservices.LbRouteExtensionExtensionChainExtension[]; + /** + * Conditions under which this chain is invoked for a request. + * Structure is documented below. + */ + matchCondition: outputs.networkservices.LbRouteExtensionExtensionChainMatchCondition; + /** + * The name for this extension chain. The name is logged as part of the HTTP request logs. + * The name must conform with RFC-1034, is restricted to lower-cased letters, numbers and hyphens, + * and can have a maximum length of 63 characters. Additionally, the first character must be a letter + * and the last character must be a letter or a number. + */ + name: string; + } + + export interface LbRouteExtensionExtensionChainExtension { + /** + * The :authority header in the gRPC request sent from Envoy to the extension service. + */ + authority?: string; + /** + * Determines how the proxy behaves if the call to the extension fails or times out. + * When set to TRUE, request or response processing continues without error. + * Any subsequent extensions in the extension chain are also executed. + * When set to FALSE: * If response headers have not been delivered to the downstream client, + * a generic 500 error is returned to the client. The error response can be tailored by + * configuring a custom error response in the load balancer. + */ + failOpen?: boolean; + /** + * List of the HTTP headers to forward to the extension (from the client or backend). + * If omitted, all headers are sent. Each element is a string indicating the header name. + * + * - - - + */ + forwardHeaders?: string[]; + /** + * The name for this extension. The name is logged as part of the HTTP request logs. + * The name must conform with RFC-1034, is restricted to lower-cased letters, numbers and hyphens, + * and can have a maximum length of 63 characters. Additionally, the first character must be a letter + * and the last a letter or a number. + */ + name: string; + /** + * The reference to the service that runs the extension. Must be a reference to a backend service + */ + service: string; + /** + * Specifies the timeout for each individual message on the stream. The timeout must be between 10-1000 milliseconds. + * A duration in seconds with up to nine fractional digits, ending with 's'. Example: "3.5s". + */ + timeout?: string; + } + + export interface LbRouteExtensionExtensionChainMatchCondition { + /** + * A Common Expression Language (CEL) expression that is used to match requests for which the extension chain is executed. + */ + celExpression: string; + } + export interface LbTrafficExtensionExtensionChain { /** * A set of extensions to execute for the matching request. @@ -68098,7 +68716,7 @@ export namespace networkservices { /** * The :authority header in the gRPC request sent from Envoy to the extension service. */ - authority: string; + authority?: string; /** * Determines how the proxy behaves if the call to the extension fails or times out. * When set to TRUE, request or response processing continues without error. @@ -68137,7 +68755,7 @@ export namespace networkservices { * Specifies the timeout for each individual message on the stream. The timeout must be between 10-1000 milliseconds. * A duration in seconds with up to nine fractional digits, ending with 's'. Example: "3.5s". */ - timeout: string; + timeout?: string; } export interface LbTrafficExtensionExtensionChainMatchCondition { @@ -71529,6 +72147,10 @@ export namespace pubsub { * User-provided name for the Cloud Storage bucket. The bucket must be created by the user. The bucket name must be without any prefix like "gs://". */ bucket: string; + /** + * User-provided format string specifying how to represent datetimes in Cloud Storage filenames. + */ + filenameDatetimeFormat: string; /** * User-provided prefix for Cloud Storage filename. */ @@ -71853,6 +72475,10 @@ export namespace pubsub { * User-provided name for the Cloud Storage bucket. The bucket must be created by the user. The bucket name must be without any prefix like "gs://". */ bucket: string; + /** + * User-provided format string specifying how to represent datetimes in Cloud Storage filenames. + */ + filenameDatetimeFormat?: string; /** * User-provided prefix for Cloud Storage filename. */ @@ -76697,7 +77323,7 @@ export namespace tpu { topology: string; /** * Type of TPU. - * Possible values are: `V2`, `V3`, `V4`. + * Possible values are: `V2`, `V3`, `V4`, `V5P`. */ type: string; } diff --git a/sdk/python/pulumi_gcp/__init__.py b/sdk/python/pulumi_gcp/__init__.py index fbe934f210..533b4143d8 100644 --- a/sdk/python/pulumi_gcp/__init__.py +++ b/sdk/python/pulumi_gcp/__init__.py @@ -3604,6 +3604,38 @@ "gcp:dataloss/preventionStoredInfoType:PreventionStoredInfoType": "PreventionStoredInfoType" } }, + { + "pkg": "gcp", + "mod": "dataplex/aspectType", + "fqn": "pulumi_gcp.dataplex", + "classes": { + "gcp:dataplex/aspectType:AspectType": "AspectType" + } + }, + { + "pkg": "gcp", + "mod": "dataplex/aspectTypeIamBinding", + "fqn": "pulumi_gcp.dataplex", + "classes": { + "gcp:dataplex/aspectTypeIamBinding:AspectTypeIamBinding": "AspectTypeIamBinding" + } + }, + { + "pkg": "gcp", + "mod": "dataplex/aspectTypeIamMember", + "fqn": "pulumi_gcp.dataplex", + "classes": { + "gcp:dataplex/aspectTypeIamMember:AspectTypeIamMember": "AspectTypeIamMember" + } + }, + { + "pkg": "gcp", + "mod": "dataplex/aspectTypeIamPolicy", + "fqn": "pulumi_gcp.dataplex", + "classes": { + "gcp:dataplex/aspectTypeIamPolicy:AspectTypeIamPolicy": "AspectTypeIamPolicy" + } + }, { "pkg": "gcp", "mod": "dataplex/asset", @@ -3668,6 +3700,38 @@ "gcp:dataplex/datascanIamPolicy:DatascanIamPolicy": "DatascanIamPolicy" } }, + { + "pkg": "gcp", + "mod": "dataplex/entryGroup", + "fqn": "pulumi_gcp.dataplex", + "classes": { + "gcp:dataplex/entryGroup:EntryGroup": "EntryGroup" + } + }, + { + "pkg": "gcp", + "mod": "dataplex/entryGroupIamBinding", + "fqn": "pulumi_gcp.dataplex", + "classes": { + "gcp:dataplex/entryGroupIamBinding:EntryGroupIamBinding": "EntryGroupIamBinding" + } + }, + { + "pkg": "gcp", + "mod": "dataplex/entryGroupIamMember", + "fqn": "pulumi_gcp.dataplex", + "classes": { + "gcp:dataplex/entryGroupIamMember:EntryGroupIamMember": "EntryGroupIamMember" + } + }, + { + "pkg": "gcp", + "mod": "dataplex/entryGroupIamPolicy", + "fqn": "pulumi_gcp.dataplex", + "classes": { + "gcp:dataplex/entryGroupIamPolicy:EntryGroupIamPolicy": "EntryGroupIamPolicy" + } + }, { "pkg": "gcp", "mod": "dataplex/lake", @@ -5428,6 +5492,14 @@ "gcp:integrationconnectors/managedZone:ManagedZone": "ManagedZone" } }, + { + "pkg": "gcp", + "mod": "kms/autokeyConfig", + "fqn": "pulumi_gcp.kms", + "classes": { + "gcp:kms/autokeyConfig:AutokeyConfig": "AutokeyConfig" + } + }, { "pkg": "gcp", "mod": "kms/cryptoKey", @@ -5476,6 +5548,14 @@ "gcp:kms/ekmConnection:EkmConnection": "EkmConnection" } }, + { + "pkg": "gcp", + "mod": "kms/keyHandle", + "fqn": "pulumi_gcp.kms", + "classes": { + "gcp:kms/keyHandle:KeyHandle": "KeyHandle" + } + }, { "pkg": "gcp", "mod": "kms/keyRing", @@ -6076,6 +6156,14 @@ "gcp:networkservices/httpRoute:HttpRoute": "HttpRoute" } }, + { + "pkg": "gcp", + "mod": "networkservices/lbRouteExtension", + "fqn": "pulumi_gcp.networkservices", + "classes": { + "gcp:networkservices/lbRouteExtension:LbRouteExtension": "LbRouteExtension" + } + }, { "pkg": "gcp", "mod": "networkservices/lbTrafficExtension", diff --git a/sdk/python/pulumi_gcp/appengine/_inputs.py b/sdk/python/pulumi_gcp/appengine/_inputs.py index 37757e4258..134eb6b0a7 100644 --- a/sdk/python/pulumi_gcp/appengine/_inputs.py +++ b/sdk/python/pulumi_gcp/appengine/_inputs.py @@ -1752,12 +1752,15 @@ class FlexibleAppVersionNetworkArgs: def __init__(__self__, *, name: pulumi.Input[str], forwarded_ports: Optional[pulumi.Input[Sequence[pulumi.Input[str]]]] = None, + instance_ip_mode: Optional[pulumi.Input[str]] = None, instance_tag: Optional[pulumi.Input[str]] = None, session_affinity: Optional[pulumi.Input[bool]] = None, subnetwork: Optional[pulumi.Input[str]] = None): """ :param pulumi.Input[str] name: Google Compute Engine network where the virtual machines are created. Specify the short name, not the resource path. :param pulumi.Input[Sequence[pulumi.Input[str]]] forwarded_ports: List of ports, or port pairs, to forward from the virtual machine to the application container. + :param pulumi.Input[str] instance_ip_mode: Prevent instances from receiving an ephemeral external IP address. + Possible values are: `EXTERNAL`, `INTERNAL`. :param pulumi.Input[str] instance_tag: Tag to apply to the instance during creation. :param pulumi.Input[bool] session_affinity: Enable session affinity. :param pulumi.Input[str] subnetwork: Google Cloud Platform sub-network where the virtual machines are created. Specify the short name, not the resource path. @@ -1769,6 +1772,8 @@ def __init__(__self__, *, pulumi.set(__self__, "name", name) if forwarded_ports is not None: pulumi.set(__self__, "forwarded_ports", forwarded_ports) + if instance_ip_mode is not None: + pulumi.set(__self__, "instance_ip_mode", instance_ip_mode) if instance_tag is not None: pulumi.set(__self__, "instance_tag", instance_tag) if session_affinity is not None: @@ -1800,6 +1805,19 @@ def forwarded_ports(self) -> Optional[pulumi.Input[Sequence[pulumi.Input[str]]]] def forwarded_ports(self, value: Optional[pulumi.Input[Sequence[pulumi.Input[str]]]]): pulumi.set(self, "forwarded_ports", value) + @property + @pulumi.getter(name="instanceIpMode") + def instance_ip_mode(self) -> Optional[pulumi.Input[str]]: + """ + Prevent instances from receiving an ephemeral external IP address. + Possible values are: `EXTERNAL`, `INTERNAL`. + """ + return pulumi.get(self, "instance_ip_mode") + + @instance_ip_mode.setter + def instance_ip_mode(self, value: Optional[pulumi.Input[str]]): + pulumi.set(self, "instance_ip_mode", value) + @property @pulumi.getter(name="instanceTag") def instance_tag(self) -> Optional[pulumi.Input[str]]: diff --git a/sdk/python/pulumi_gcp/appengine/domain_mapping.py b/sdk/python/pulumi_gcp/appengine/domain_mapping.py index 0274e34a94..5763e7f55c 100644 --- a/sdk/python/pulumi_gcp/appengine/domain_mapping.py +++ b/sdk/python/pulumi_gcp/appengine/domain_mapping.py @@ -490,7 +490,7 @@ def resource_records(self) -> pulumi.Output[Sequence['outputs.DomainMappingResou @property @pulumi.getter(name="sslSettings") - def ssl_settings(self) -> pulumi.Output[Optional['outputs.DomainMappingSslSettings']]: + def ssl_settings(self) -> pulumi.Output['outputs.DomainMappingSslSettings']: """ SSL configuration for this domain. If unconfigured, this domain will not serve with SSL. Structure is documented below. diff --git a/sdk/python/pulumi_gcp/appengine/outputs.py b/sdk/python/pulumi_gcp/appengine/outputs.py index dbe838767e..e6c2ef6a7c 100644 --- a/sdk/python/pulumi_gcp/appengine/outputs.py +++ b/sdk/python/pulumi_gcp/appengine/outputs.py @@ -1806,6 +1806,8 @@ def __key_warning(key: str): suggest = None if key == "forwardedPorts": suggest = "forwarded_ports" + elif key == "instanceIpMode": + suggest = "instance_ip_mode" elif key == "instanceTag": suggest = "instance_tag" elif key == "sessionAffinity": @@ -1825,12 +1827,15 @@ def get(self, key: str, default = None) -> Any: def __init__(__self__, *, name: str, forwarded_ports: Optional[Sequence[str]] = None, + instance_ip_mode: Optional[str] = None, instance_tag: Optional[str] = None, session_affinity: Optional[bool] = None, subnetwork: Optional[str] = None): """ :param str name: Google Compute Engine network where the virtual machines are created. Specify the short name, not the resource path. :param Sequence[str] forwarded_ports: List of ports, or port pairs, to forward from the virtual machine to the application container. + :param str instance_ip_mode: Prevent instances from receiving an ephemeral external IP address. + Possible values are: `EXTERNAL`, `INTERNAL`. :param str instance_tag: Tag to apply to the instance during creation. :param bool session_affinity: Enable session affinity. :param str subnetwork: Google Cloud Platform sub-network where the virtual machines are created. Specify the short name, not the resource path. @@ -1842,6 +1847,8 @@ def __init__(__self__, *, pulumi.set(__self__, "name", name) if forwarded_ports is not None: pulumi.set(__self__, "forwarded_ports", forwarded_ports) + if instance_ip_mode is not None: + pulumi.set(__self__, "instance_ip_mode", instance_ip_mode) if instance_tag is not None: pulumi.set(__self__, "instance_tag", instance_tag) if session_affinity is not None: @@ -1865,6 +1872,15 @@ def forwarded_ports(self) -> Optional[Sequence[str]]: """ return pulumi.get(self, "forwarded_ports") + @property + @pulumi.getter(name="instanceIpMode") + def instance_ip_mode(self) -> Optional[str]: + """ + Prevent instances from receiving an ephemeral external IP address. + Possible values are: `EXTERNAL`, `INTERNAL`. + """ + return pulumi.get(self, "instance_ip_mode") + @property @pulumi.getter(name="instanceTag") def instance_tag(self) -> Optional[str]: diff --git a/sdk/python/pulumi_gcp/bigquery/_inputs.py b/sdk/python/pulumi_gcp/bigquery/_inputs.py index 095444191e..bd8331d88f 100644 --- a/sdk/python/pulumi_gcp/bigquery/_inputs.py +++ b/sdk/python/pulumi_gcp/bigquery/_inputs.py @@ -69,6 +69,9 @@ 'TableEncryptionConfigurationArgs', 'TableExternalDataConfigurationArgs', 'TableExternalDataConfigurationAvroOptionsArgs', + 'TableExternalDataConfigurationBigtableOptionsArgs', + 'TableExternalDataConfigurationBigtableOptionsColumnFamilyArgs', + 'TableExternalDataConfigurationBigtableOptionsColumnFamilyColumnArgs', 'TableExternalDataConfigurationCsvOptionsArgs', 'TableExternalDataConfigurationGoogleSheetsOptionsArgs', 'TableExternalDataConfigurationHivePartitioningOptionsArgs', @@ -4114,6 +4117,7 @@ def __init__(__self__, *, autodetect: pulumi.Input[bool], source_uris: pulumi.Input[Sequence[pulumi.Input[str]]], avro_options: Optional[pulumi.Input['TableExternalDataConfigurationAvroOptionsArgs']] = None, + bigtable_options: Optional[pulumi.Input['TableExternalDataConfigurationBigtableOptionsArgs']] = None, compression: Optional[pulumi.Input[str]] = None, connection_id: Optional[pulumi.Input[str]] = None, csv_options: Optional[pulumi.Input['TableExternalDataConfigurationCsvOptionsArgs']] = None, @@ -4137,6 +4141,8 @@ def __init__(__self__, *, your data in Google Cloud. :param pulumi.Input['TableExternalDataConfigurationAvroOptionsArgs'] avro_options: Additional options if `source_format` is set to "AVRO". Structure is documented below. + :param pulumi.Input['TableExternalDataConfigurationBigtableOptionsArgs'] bigtable_options: Additional properties to set if + `source_format` is set to "BIGTABLE". Structure is documented below. :param pulumi.Input[str] compression: The compression type of the data source. Valid values are "NONE" or "GZIP". :param pulumi.Input[str] connection_id: The connection specifying the credentials to be used to read @@ -4199,6 +4205,8 @@ def __init__(__self__, *, pulumi.set(__self__, "source_uris", source_uris) if avro_options is not None: pulumi.set(__self__, "avro_options", avro_options) + if bigtable_options is not None: + pulumi.set(__self__, "bigtable_options", bigtable_options) if compression is not None: pulumi.set(__self__, "compression", compression) if connection_id is not None: @@ -4271,6 +4279,19 @@ def avro_options(self) -> Optional[pulumi.Input['TableExternalDataConfigurationA def avro_options(self, value: Optional[pulumi.Input['TableExternalDataConfigurationAvroOptionsArgs']]): pulumi.set(self, "avro_options", value) + @property + @pulumi.getter(name="bigtableOptions") + def bigtable_options(self) -> Optional[pulumi.Input['TableExternalDataConfigurationBigtableOptionsArgs']]: + """ + Additional properties to set if + `source_format` is set to "BIGTABLE". Structure is documented below. + """ + return pulumi.get(self, "bigtable_options") + + @bigtable_options.setter + def bigtable_options(self, value: Optional[pulumi.Input['TableExternalDataConfigurationBigtableOptionsArgs']]): + pulumi.set(self, "bigtable_options", value) + @property @pulumi.getter def compression(self) -> Optional[pulumi.Input[str]]: @@ -4531,6 +4552,267 @@ def use_avro_logical_types(self, value: pulumi.Input[bool]): pulumi.set(self, "use_avro_logical_types", value) +@pulumi.input_type +class TableExternalDataConfigurationBigtableOptionsArgs: + def __init__(__self__, *, + column_families: Optional[pulumi.Input[Sequence[pulumi.Input['TableExternalDataConfigurationBigtableOptionsColumnFamilyArgs']]]] = None, + ignore_unspecified_column_families: Optional[pulumi.Input[bool]] = None, + output_column_families_as_json: Optional[pulumi.Input[bool]] = None, + read_rowkey_as_string: Optional[pulumi.Input[bool]] = None): + """ + :param pulumi.Input[Sequence[pulumi.Input['TableExternalDataConfigurationBigtableOptionsColumnFamilyArgs']]] column_families: A list of column families to expose in the table schema along with their types. This list restricts the column families that can be referenced in queries and specifies their value types. You can use this list to do type conversions - see the 'type' field for more details. If you leave this list empty, all column families are present in the table schema and their values are read as BYTES. During a query only the column families referenced in that query are read from Bigtable. Structure is documented below. + :param pulumi.Input[bool] ignore_unspecified_column_families: If field is true, then the column families that are not specified in columnFamilies list are not exposed in the table schema. Otherwise, they are read with BYTES type values. The default value is false. + :param pulumi.Input[bool] output_column_families_as_json: If field is true, then each column family will be read as a single JSON column. Otherwise they are read as a repeated cell structure containing timestamp/value tuples. The default value is false. + :param pulumi.Input[bool] read_rowkey_as_string: If field is true, then the rowkey column families will be read and converted to string. Otherwise they are read with BYTES type values and users need to manually cast them with CAST if necessary. The default value is false. + """ + if column_families is not None: + pulumi.set(__self__, "column_families", column_families) + if ignore_unspecified_column_families is not None: + pulumi.set(__self__, "ignore_unspecified_column_families", ignore_unspecified_column_families) + if output_column_families_as_json is not None: + pulumi.set(__self__, "output_column_families_as_json", output_column_families_as_json) + if read_rowkey_as_string is not None: + pulumi.set(__self__, "read_rowkey_as_string", read_rowkey_as_string) + + @property + @pulumi.getter(name="columnFamilies") + def column_families(self) -> Optional[pulumi.Input[Sequence[pulumi.Input['TableExternalDataConfigurationBigtableOptionsColumnFamilyArgs']]]]: + """ + A list of column families to expose in the table schema along with their types. This list restricts the column families that can be referenced in queries and specifies their value types. You can use this list to do type conversions - see the 'type' field for more details. If you leave this list empty, all column families are present in the table schema and their values are read as BYTES. During a query only the column families referenced in that query are read from Bigtable. Structure is documented below. + """ + return pulumi.get(self, "column_families") + + @column_families.setter + def column_families(self, value: Optional[pulumi.Input[Sequence[pulumi.Input['TableExternalDataConfigurationBigtableOptionsColumnFamilyArgs']]]]): + pulumi.set(self, "column_families", value) + + @property + @pulumi.getter(name="ignoreUnspecifiedColumnFamilies") + def ignore_unspecified_column_families(self) -> Optional[pulumi.Input[bool]]: + """ + If field is true, then the column families that are not specified in columnFamilies list are not exposed in the table schema. Otherwise, they are read with BYTES type values. The default value is false. + """ + return pulumi.get(self, "ignore_unspecified_column_families") + + @ignore_unspecified_column_families.setter + def ignore_unspecified_column_families(self, value: Optional[pulumi.Input[bool]]): + pulumi.set(self, "ignore_unspecified_column_families", value) + + @property + @pulumi.getter(name="outputColumnFamiliesAsJson") + def output_column_families_as_json(self) -> Optional[pulumi.Input[bool]]: + """ + If field is true, then each column family will be read as a single JSON column. Otherwise they are read as a repeated cell structure containing timestamp/value tuples. The default value is false. + """ + return pulumi.get(self, "output_column_families_as_json") + + @output_column_families_as_json.setter + def output_column_families_as_json(self, value: Optional[pulumi.Input[bool]]): + pulumi.set(self, "output_column_families_as_json", value) + + @property + @pulumi.getter(name="readRowkeyAsString") + def read_rowkey_as_string(self) -> Optional[pulumi.Input[bool]]: + """ + If field is true, then the rowkey column families will be read and converted to string. Otherwise they are read with BYTES type values and users need to manually cast them with CAST if necessary. The default value is false. + """ + return pulumi.get(self, "read_rowkey_as_string") + + @read_rowkey_as_string.setter + def read_rowkey_as_string(self, value: Optional[pulumi.Input[bool]]): + pulumi.set(self, "read_rowkey_as_string", value) + + +@pulumi.input_type +class TableExternalDataConfigurationBigtableOptionsColumnFamilyArgs: + def __init__(__self__, *, + columns: Optional[pulumi.Input[Sequence[pulumi.Input['TableExternalDataConfigurationBigtableOptionsColumnFamilyColumnArgs']]]] = None, + encoding: Optional[pulumi.Input[str]] = None, + family_id: Optional[pulumi.Input[str]] = None, + only_read_latest: Optional[pulumi.Input[bool]] = None, + type: Optional[pulumi.Input[str]] = None): + """ + :param pulumi.Input[Sequence[pulumi.Input['TableExternalDataConfigurationBigtableOptionsColumnFamilyColumnArgs']]] columns: A List of columns that should be exposed as individual fields as opposed to a list of (column name, value) pairs. All columns whose qualifier matches a qualifier in this list can be accessed as Other columns can be accessed as a list through column field. Structure is documented below. + :param pulumi.Input[str] encoding: The encoding of the values when the type is not STRING. Acceptable encoding values are: TEXT - indicates values are alphanumeric text strings. BINARY - indicates values are encoded using HBase Bytes.toBytes family of functions. This can be overridden for a specific column by listing that column in 'columns' and specifying an encoding for it. + :param pulumi.Input[str] family_id: Identifier of the column family. + :param pulumi.Input[bool] only_read_latest: If this is set only the latest version of value are exposed for all columns in this column family. This can be overridden for a specific column by listing that column in 'columns' and specifying a different setting for that column. + :param pulumi.Input[str] type: The type to convert the value in cells of this column family. The values are expected to be encoded using HBase Bytes.toBytes function when using the BINARY encoding value. Following BigQuery types are allowed (case-sensitive): "BYTES", "STRING", "INTEGER", "FLOAT", "BOOLEAN", "JSON". Default type is BYTES. This can be overridden for a specific column by listing that column in 'columns' and specifying a type for it. + """ + if columns is not None: + pulumi.set(__self__, "columns", columns) + if encoding is not None: + pulumi.set(__self__, "encoding", encoding) + if family_id is not None: + pulumi.set(__self__, "family_id", family_id) + if only_read_latest is not None: + pulumi.set(__self__, "only_read_latest", only_read_latest) + if type is not None: + pulumi.set(__self__, "type", type) + + @property + @pulumi.getter + def columns(self) -> Optional[pulumi.Input[Sequence[pulumi.Input['TableExternalDataConfigurationBigtableOptionsColumnFamilyColumnArgs']]]]: + """ + A List of columns that should be exposed as individual fields as opposed to a list of (column name, value) pairs. All columns whose qualifier matches a qualifier in this list can be accessed as Other columns can be accessed as a list through column field. Structure is documented below. + """ + return pulumi.get(self, "columns") + + @columns.setter + def columns(self, value: Optional[pulumi.Input[Sequence[pulumi.Input['TableExternalDataConfigurationBigtableOptionsColumnFamilyColumnArgs']]]]): + pulumi.set(self, "columns", value) + + @property + @pulumi.getter + def encoding(self) -> Optional[pulumi.Input[str]]: + """ + The encoding of the values when the type is not STRING. Acceptable encoding values are: TEXT - indicates values are alphanumeric text strings. BINARY - indicates values are encoded using HBase Bytes.toBytes family of functions. This can be overridden for a specific column by listing that column in 'columns' and specifying an encoding for it. + """ + return pulumi.get(self, "encoding") + + @encoding.setter + def encoding(self, value: Optional[pulumi.Input[str]]): + pulumi.set(self, "encoding", value) + + @property + @pulumi.getter(name="familyId") + def family_id(self) -> Optional[pulumi.Input[str]]: + """ + Identifier of the column family. + """ + return pulumi.get(self, "family_id") + + @family_id.setter + def family_id(self, value: Optional[pulumi.Input[str]]): + pulumi.set(self, "family_id", value) + + @property + @pulumi.getter(name="onlyReadLatest") + def only_read_latest(self) -> Optional[pulumi.Input[bool]]: + """ + If this is set only the latest version of value are exposed for all columns in this column family. This can be overridden for a specific column by listing that column in 'columns' and specifying a different setting for that column. + """ + return pulumi.get(self, "only_read_latest") + + @only_read_latest.setter + def only_read_latest(self, value: Optional[pulumi.Input[bool]]): + pulumi.set(self, "only_read_latest", value) + + @property + @pulumi.getter + def type(self) -> Optional[pulumi.Input[str]]: + """ + The type to convert the value in cells of this column family. The values are expected to be encoded using HBase Bytes.toBytes function when using the BINARY encoding value. Following BigQuery types are allowed (case-sensitive): "BYTES", "STRING", "INTEGER", "FLOAT", "BOOLEAN", "JSON". Default type is BYTES. This can be overridden for a specific column by listing that column in 'columns' and specifying a type for it. + """ + return pulumi.get(self, "type") + + @type.setter + def type(self, value: Optional[pulumi.Input[str]]): + pulumi.set(self, "type", value) + + +@pulumi.input_type +class TableExternalDataConfigurationBigtableOptionsColumnFamilyColumnArgs: + def __init__(__self__, *, + encoding: Optional[pulumi.Input[str]] = None, + field_name: Optional[pulumi.Input[str]] = None, + only_read_latest: Optional[pulumi.Input[bool]] = None, + qualifier_encoded: Optional[pulumi.Input[str]] = None, + qualifier_string: Optional[pulumi.Input[str]] = None, + type: Optional[pulumi.Input[str]] = None): + """ + :param pulumi.Input[str] encoding: The encoding of the values when the type is not STRING. Acceptable encoding values are: TEXT - indicates values are alphanumeric text strings. BINARY - indicates values are encoded using HBase Bytes.toBytes family of functions. 'encoding' can also be set at the column family level. However, the setting at this level takes precedence if 'encoding' is set at both levels. + :param pulumi.Input[str] field_name: If the qualifier is not a valid BigQuery field identifier i.e. does not match [a-zA-Z][a-zA-Z0-9_]*, a valid identifier must be provided as the column field name and is used as field name in queries. + :param pulumi.Input[bool] only_read_latest: If this is set, only the latest version of value in this column are exposed. 'onlyReadLatest' can also be set at the column family level. However, the setting at this level takes precedence if 'onlyReadLatest' is set at both levels. + :param pulumi.Input[str] qualifier_encoded: Qualifier of the column. Columns in the parent column family that has this exact qualifier are exposed as . field. If the qualifier is valid UTF-8 string, it can be specified in the qualifierString field. Otherwise, a base-64 encoded value must be set to qualifierEncoded. The column field name is the same as the column qualifier. However, if the qualifier is not a valid BigQuery field identifier i.e. does not match [a-zA-Z][a-zA-Z0-9_]*, a valid identifier must be provided as fieldName. + :param pulumi.Input[str] qualifier_string: Qualifier string. + :param pulumi.Input[str] type: The type to convert the value in cells of this column. The values are expected to be encoded using HBase Bytes.toBytes function when using the BINARY encoding value. Following BigQuery types are allowed (case-sensitive): "BYTES", "STRING", "INTEGER", "FLOAT", "BOOLEAN", "JSON", Default type is "BYTES". 'type' can also be set at the column family level. However, the setting at this level takes precedence if 'type' is set at both levels. + """ + if encoding is not None: + pulumi.set(__self__, "encoding", encoding) + if field_name is not None: + pulumi.set(__self__, "field_name", field_name) + if only_read_latest is not None: + pulumi.set(__self__, "only_read_latest", only_read_latest) + if qualifier_encoded is not None: + pulumi.set(__self__, "qualifier_encoded", qualifier_encoded) + if qualifier_string is not None: + pulumi.set(__self__, "qualifier_string", qualifier_string) + if type is not None: + pulumi.set(__self__, "type", type) + + @property + @pulumi.getter + def encoding(self) -> Optional[pulumi.Input[str]]: + """ + The encoding of the values when the type is not STRING. Acceptable encoding values are: TEXT - indicates values are alphanumeric text strings. BINARY - indicates values are encoded using HBase Bytes.toBytes family of functions. 'encoding' can also be set at the column family level. However, the setting at this level takes precedence if 'encoding' is set at both levels. + """ + return pulumi.get(self, "encoding") + + @encoding.setter + def encoding(self, value: Optional[pulumi.Input[str]]): + pulumi.set(self, "encoding", value) + + @property + @pulumi.getter(name="fieldName") + def field_name(self) -> Optional[pulumi.Input[str]]: + """ + If the qualifier is not a valid BigQuery field identifier i.e. does not match [a-zA-Z][a-zA-Z0-9_]*, a valid identifier must be provided as the column field name and is used as field name in queries. + """ + return pulumi.get(self, "field_name") + + @field_name.setter + def field_name(self, value: Optional[pulumi.Input[str]]): + pulumi.set(self, "field_name", value) + + @property + @pulumi.getter(name="onlyReadLatest") + def only_read_latest(self) -> Optional[pulumi.Input[bool]]: + """ + If this is set, only the latest version of value in this column are exposed. 'onlyReadLatest' can also be set at the column family level. However, the setting at this level takes precedence if 'onlyReadLatest' is set at both levels. + """ + return pulumi.get(self, "only_read_latest") + + @only_read_latest.setter + def only_read_latest(self, value: Optional[pulumi.Input[bool]]): + pulumi.set(self, "only_read_latest", value) + + @property + @pulumi.getter(name="qualifierEncoded") + def qualifier_encoded(self) -> Optional[pulumi.Input[str]]: + """ + Qualifier of the column. Columns in the parent column family that has this exact qualifier are exposed as . field. If the qualifier is valid UTF-8 string, it can be specified in the qualifierString field. Otherwise, a base-64 encoded value must be set to qualifierEncoded. The column field name is the same as the column qualifier. However, if the qualifier is not a valid BigQuery field identifier i.e. does not match [a-zA-Z][a-zA-Z0-9_]*, a valid identifier must be provided as fieldName. + """ + return pulumi.get(self, "qualifier_encoded") + + @qualifier_encoded.setter + def qualifier_encoded(self, value: Optional[pulumi.Input[str]]): + pulumi.set(self, "qualifier_encoded", value) + + @property + @pulumi.getter(name="qualifierString") + def qualifier_string(self) -> Optional[pulumi.Input[str]]: + """ + Qualifier string. + """ + return pulumi.get(self, "qualifier_string") + + @qualifier_string.setter + def qualifier_string(self, value: Optional[pulumi.Input[str]]): + pulumi.set(self, "qualifier_string", value) + + @property + @pulumi.getter + def type(self) -> Optional[pulumi.Input[str]]: + """ + The type to convert the value in cells of this column. The values are expected to be encoded using HBase Bytes.toBytes function when using the BINARY encoding value. Following BigQuery types are allowed (case-sensitive): "BYTES", "STRING", "INTEGER", "FLOAT", "BOOLEAN", "JSON", Default type is "BYTES". 'type' can also be set at the column family level. However, the setting at this level takes precedence if 'type' is set at both levels. + """ + return pulumi.get(self, "type") + + @type.setter + def type(self, value: Optional[pulumi.Input[str]]): + pulumi.set(self, "type", value) + + @pulumi.input_type class TableExternalDataConfigurationCsvOptionsArgs: def __init__(__self__, *, @@ -5262,7 +5544,8 @@ def __init__(__self__, *, :param pulumi.Input[str] source_dataset_id: The ID of the source dataset. :param pulumi.Input[str] source_project_id: The ID of the source project. :param pulumi.Input[str] source_table_id: The ID of the source materialized view. - :param pulumi.Input[int] replication_interval_ms: The interval at which the source materialized view is polled for updates. The default is 300000. + :param pulumi.Input[int] replication_interval_ms: The interval at which the source + materialized view is polled for updates. The default is 300000. """ pulumi.set(__self__, "source_dataset_id", source_dataset_id) pulumi.set(__self__, "source_project_id", source_project_id) @@ -5310,7 +5593,8 @@ def source_table_id(self, value: pulumi.Input[str]): @pulumi.getter(name="replicationIntervalMs") def replication_interval_ms(self) -> Optional[pulumi.Input[int]]: """ - The interval at which the source materialized view is polled for updates. The default is 300000. + The interval at which the source + materialized view is polled for updates. The default is 300000. """ return pulumi.get(self, "replication_interval_ms") diff --git a/sdk/python/pulumi_gcp/bigquery/outputs.py b/sdk/python/pulumi_gcp/bigquery/outputs.py index 1455f72fa8..fe90618916 100644 --- a/sdk/python/pulumi_gcp/bigquery/outputs.py +++ b/sdk/python/pulumi_gcp/bigquery/outputs.py @@ -70,6 +70,9 @@ 'TableEncryptionConfiguration', 'TableExternalDataConfiguration', 'TableExternalDataConfigurationAvroOptions', + 'TableExternalDataConfigurationBigtableOptions', + 'TableExternalDataConfigurationBigtableOptionsColumnFamily', + 'TableExternalDataConfigurationBigtableOptionsColumnFamilyColumn', 'TableExternalDataConfigurationCsvOptions', 'TableExternalDataConfigurationGoogleSheetsOptions', 'TableExternalDataConfigurationHivePartitioningOptions', @@ -4307,6 +4310,8 @@ def __key_warning(key: str): suggest = "source_uris" elif key == "avroOptions": suggest = "avro_options" + elif key == "bigtableOptions": + suggest = "bigtable_options" elif key == "connectionId": suggest = "connection_id" elif key == "csvOptions": @@ -4351,6 +4356,7 @@ def __init__(__self__, *, autodetect: bool, source_uris: Sequence[str], avro_options: Optional['outputs.TableExternalDataConfigurationAvroOptions'] = None, + bigtable_options: Optional['outputs.TableExternalDataConfigurationBigtableOptions'] = None, compression: Optional[str] = None, connection_id: Optional[str] = None, csv_options: Optional['outputs.TableExternalDataConfigurationCsvOptions'] = None, @@ -4374,6 +4380,8 @@ def __init__(__self__, *, your data in Google Cloud. :param 'TableExternalDataConfigurationAvroOptionsArgs' avro_options: Additional options if `source_format` is set to "AVRO". Structure is documented below. + :param 'TableExternalDataConfigurationBigtableOptionsArgs' bigtable_options: Additional properties to set if + `source_format` is set to "BIGTABLE". Structure is documented below. :param str compression: The compression type of the data source. Valid values are "NONE" or "GZIP". :param str connection_id: The connection specifying the credentials to be used to read @@ -4436,6 +4444,8 @@ def __init__(__self__, *, pulumi.set(__self__, "source_uris", source_uris) if avro_options is not None: pulumi.set(__self__, "avro_options", avro_options) + if bigtable_options is not None: + pulumi.set(__self__, "bigtable_options", bigtable_options) if compression is not None: pulumi.set(__self__, "compression", compression) if connection_id is not None: @@ -4496,6 +4506,15 @@ def avro_options(self) -> Optional['outputs.TableExternalDataConfigurationAvroOp """ return pulumi.get(self, "avro_options") + @property + @pulumi.getter(name="bigtableOptions") + def bigtable_options(self) -> Optional['outputs.TableExternalDataConfigurationBigtableOptions']: + """ + Additional properties to set if + `source_format` is set to "BIGTABLE". Structure is documented below. + """ + return pulumi.get(self, "bigtable_options") + @property @pulumi.getter def compression(self) -> Optional[str]: @@ -4705,6 +4724,272 @@ def use_avro_logical_types(self) -> bool: return pulumi.get(self, "use_avro_logical_types") +@pulumi.output_type +class TableExternalDataConfigurationBigtableOptions(dict): + @staticmethod + def __key_warning(key: str): + suggest = None + if key == "columnFamilies": + suggest = "column_families" + elif key == "ignoreUnspecifiedColumnFamilies": + suggest = "ignore_unspecified_column_families" + elif key == "outputColumnFamiliesAsJson": + suggest = "output_column_families_as_json" + elif key == "readRowkeyAsString": + suggest = "read_rowkey_as_string" + + if suggest: + pulumi.log.warn(f"Key '{key}' not found in TableExternalDataConfigurationBigtableOptions. Access the value via the '{suggest}' property getter instead.") + + def __getitem__(self, key: str) -> Any: + TableExternalDataConfigurationBigtableOptions.__key_warning(key) + return super().__getitem__(key) + + def get(self, key: str, default = None) -> Any: + TableExternalDataConfigurationBigtableOptions.__key_warning(key) + return super().get(key, default) + + def __init__(__self__, *, + column_families: Optional[Sequence['outputs.TableExternalDataConfigurationBigtableOptionsColumnFamily']] = None, + ignore_unspecified_column_families: Optional[bool] = None, + output_column_families_as_json: Optional[bool] = None, + read_rowkey_as_string: Optional[bool] = None): + """ + :param Sequence['TableExternalDataConfigurationBigtableOptionsColumnFamilyArgs'] column_families: A list of column families to expose in the table schema along with their types. This list restricts the column families that can be referenced in queries and specifies their value types. You can use this list to do type conversions - see the 'type' field for more details. If you leave this list empty, all column families are present in the table schema and their values are read as BYTES. During a query only the column families referenced in that query are read from Bigtable. Structure is documented below. + :param bool ignore_unspecified_column_families: If field is true, then the column families that are not specified in columnFamilies list are not exposed in the table schema. Otherwise, they are read with BYTES type values. The default value is false. + :param bool output_column_families_as_json: If field is true, then each column family will be read as a single JSON column. Otherwise they are read as a repeated cell structure containing timestamp/value tuples. The default value is false. + :param bool read_rowkey_as_string: If field is true, then the rowkey column families will be read and converted to string. Otherwise they are read with BYTES type values and users need to manually cast them with CAST if necessary. The default value is false. + """ + if column_families is not None: + pulumi.set(__self__, "column_families", column_families) + if ignore_unspecified_column_families is not None: + pulumi.set(__self__, "ignore_unspecified_column_families", ignore_unspecified_column_families) + if output_column_families_as_json is not None: + pulumi.set(__self__, "output_column_families_as_json", output_column_families_as_json) + if read_rowkey_as_string is not None: + pulumi.set(__self__, "read_rowkey_as_string", read_rowkey_as_string) + + @property + @pulumi.getter(name="columnFamilies") + def column_families(self) -> Optional[Sequence['outputs.TableExternalDataConfigurationBigtableOptionsColumnFamily']]: + """ + A list of column families to expose in the table schema along with their types. This list restricts the column families that can be referenced in queries and specifies their value types. You can use this list to do type conversions - see the 'type' field for more details. If you leave this list empty, all column families are present in the table schema and their values are read as BYTES. During a query only the column families referenced in that query are read from Bigtable. Structure is documented below. + """ + return pulumi.get(self, "column_families") + + @property + @pulumi.getter(name="ignoreUnspecifiedColumnFamilies") + def ignore_unspecified_column_families(self) -> Optional[bool]: + """ + If field is true, then the column families that are not specified in columnFamilies list are not exposed in the table schema. Otherwise, they are read with BYTES type values. The default value is false. + """ + return pulumi.get(self, "ignore_unspecified_column_families") + + @property + @pulumi.getter(name="outputColumnFamiliesAsJson") + def output_column_families_as_json(self) -> Optional[bool]: + """ + If field is true, then each column family will be read as a single JSON column. Otherwise they are read as a repeated cell structure containing timestamp/value tuples. The default value is false. + """ + return pulumi.get(self, "output_column_families_as_json") + + @property + @pulumi.getter(name="readRowkeyAsString") + def read_rowkey_as_string(self) -> Optional[bool]: + """ + If field is true, then the rowkey column families will be read and converted to string. Otherwise they are read with BYTES type values and users need to manually cast them with CAST if necessary. The default value is false. + """ + return pulumi.get(self, "read_rowkey_as_string") + + +@pulumi.output_type +class TableExternalDataConfigurationBigtableOptionsColumnFamily(dict): + @staticmethod + def __key_warning(key: str): + suggest = None + if key == "familyId": + suggest = "family_id" + elif key == "onlyReadLatest": + suggest = "only_read_latest" + + if suggest: + pulumi.log.warn(f"Key '{key}' not found in TableExternalDataConfigurationBigtableOptionsColumnFamily. Access the value via the '{suggest}' property getter instead.") + + def __getitem__(self, key: str) -> Any: + TableExternalDataConfigurationBigtableOptionsColumnFamily.__key_warning(key) + return super().__getitem__(key) + + def get(self, key: str, default = None) -> Any: + TableExternalDataConfigurationBigtableOptionsColumnFamily.__key_warning(key) + return super().get(key, default) + + def __init__(__self__, *, + columns: Optional[Sequence['outputs.TableExternalDataConfigurationBigtableOptionsColumnFamilyColumn']] = None, + encoding: Optional[str] = None, + family_id: Optional[str] = None, + only_read_latest: Optional[bool] = None, + type: Optional[str] = None): + """ + :param Sequence['TableExternalDataConfigurationBigtableOptionsColumnFamilyColumnArgs'] columns: A List of columns that should be exposed as individual fields as opposed to a list of (column name, value) pairs. All columns whose qualifier matches a qualifier in this list can be accessed as Other columns can be accessed as a list through column field. Structure is documented below. + :param str encoding: The encoding of the values when the type is not STRING. Acceptable encoding values are: TEXT - indicates values are alphanumeric text strings. BINARY - indicates values are encoded using HBase Bytes.toBytes family of functions. This can be overridden for a specific column by listing that column in 'columns' and specifying an encoding for it. + :param str family_id: Identifier of the column family. + :param bool only_read_latest: If this is set only the latest version of value are exposed for all columns in this column family. This can be overridden for a specific column by listing that column in 'columns' and specifying a different setting for that column. + :param str type: The type to convert the value in cells of this column family. The values are expected to be encoded using HBase Bytes.toBytes function when using the BINARY encoding value. Following BigQuery types are allowed (case-sensitive): "BYTES", "STRING", "INTEGER", "FLOAT", "BOOLEAN", "JSON". Default type is BYTES. This can be overridden for a specific column by listing that column in 'columns' and specifying a type for it. + """ + if columns is not None: + pulumi.set(__self__, "columns", columns) + if encoding is not None: + pulumi.set(__self__, "encoding", encoding) + if family_id is not None: + pulumi.set(__self__, "family_id", family_id) + if only_read_latest is not None: + pulumi.set(__self__, "only_read_latest", only_read_latest) + if type is not None: + pulumi.set(__self__, "type", type) + + @property + @pulumi.getter + def columns(self) -> Optional[Sequence['outputs.TableExternalDataConfigurationBigtableOptionsColumnFamilyColumn']]: + """ + A List of columns that should be exposed as individual fields as opposed to a list of (column name, value) pairs. All columns whose qualifier matches a qualifier in this list can be accessed as Other columns can be accessed as a list through column field. Structure is documented below. + """ + return pulumi.get(self, "columns") + + @property + @pulumi.getter + def encoding(self) -> Optional[str]: + """ + The encoding of the values when the type is not STRING. Acceptable encoding values are: TEXT - indicates values are alphanumeric text strings. BINARY - indicates values are encoded using HBase Bytes.toBytes family of functions. This can be overridden for a specific column by listing that column in 'columns' and specifying an encoding for it. + """ + return pulumi.get(self, "encoding") + + @property + @pulumi.getter(name="familyId") + def family_id(self) -> Optional[str]: + """ + Identifier of the column family. + """ + return pulumi.get(self, "family_id") + + @property + @pulumi.getter(name="onlyReadLatest") + def only_read_latest(self) -> Optional[bool]: + """ + If this is set only the latest version of value are exposed for all columns in this column family. This can be overridden for a specific column by listing that column in 'columns' and specifying a different setting for that column. + """ + return pulumi.get(self, "only_read_latest") + + @property + @pulumi.getter + def type(self) -> Optional[str]: + """ + The type to convert the value in cells of this column family. The values are expected to be encoded using HBase Bytes.toBytes function when using the BINARY encoding value. Following BigQuery types are allowed (case-sensitive): "BYTES", "STRING", "INTEGER", "FLOAT", "BOOLEAN", "JSON". Default type is BYTES. This can be overridden for a specific column by listing that column in 'columns' and specifying a type for it. + """ + return pulumi.get(self, "type") + + +@pulumi.output_type +class TableExternalDataConfigurationBigtableOptionsColumnFamilyColumn(dict): + @staticmethod + def __key_warning(key: str): + suggest = None + if key == "fieldName": + suggest = "field_name" + elif key == "onlyReadLatest": + suggest = "only_read_latest" + elif key == "qualifierEncoded": + suggest = "qualifier_encoded" + elif key == "qualifierString": + suggest = "qualifier_string" + + if suggest: + pulumi.log.warn(f"Key '{key}' not found in TableExternalDataConfigurationBigtableOptionsColumnFamilyColumn. Access the value via the '{suggest}' property getter instead.") + + def __getitem__(self, key: str) -> Any: + TableExternalDataConfigurationBigtableOptionsColumnFamilyColumn.__key_warning(key) + return super().__getitem__(key) + + def get(self, key: str, default = None) -> Any: + TableExternalDataConfigurationBigtableOptionsColumnFamilyColumn.__key_warning(key) + return super().get(key, default) + + def __init__(__self__, *, + encoding: Optional[str] = None, + field_name: Optional[str] = None, + only_read_latest: Optional[bool] = None, + qualifier_encoded: Optional[str] = None, + qualifier_string: Optional[str] = None, + type: Optional[str] = None): + """ + :param str encoding: The encoding of the values when the type is not STRING. Acceptable encoding values are: TEXT - indicates values are alphanumeric text strings. BINARY - indicates values are encoded using HBase Bytes.toBytes family of functions. 'encoding' can also be set at the column family level. However, the setting at this level takes precedence if 'encoding' is set at both levels. + :param str field_name: If the qualifier is not a valid BigQuery field identifier i.e. does not match [a-zA-Z][a-zA-Z0-9_]*, a valid identifier must be provided as the column field name and is used as field name in queries. + :param bool only_read_latest: If this is set, only the latest version of value in this column are exposed. 'onlyReadLatest' can also be set at the column family level. However, the setting at this level takes precedence if 'onlyReadLatest' is set at both levels. + :param str qualifier_encoded: Qualifier of the column. Columns in the parent column family that has this exact qualifier are exposed as . field. If the qualifier is valid UTF-8 string, it can be specified in the qualifierString field. Otherwise, a base-64 encoded value must be set to qualifierEncoded. The column field name is the same as the column qualifier. However, if the qualifier is not a valid BigQuery field identifier i.e. does not match [a-zA-Z][a-zA-Z0-9_]*, a valid identifier must be provided as fieldName. + :param str qualifier_string: Qualifier string. + :param str type: The type to convert the value in cells of this column. The values are expected to be encoded using HBase Bytes.toBytes function when using the BINARY encoding value. Following BigQuery types are allowed (case-sensitive): "BYTES", "STRING", "INTEGER", "FLOAT", "BOOLEAN", "JSON", Default type is "BYTES". 'type' can also be set at the column family level. However, the setting at this level takes precedence if 'type' is set at both levels. + """ + if encoding is not None: + pulumi.set(__self__, "encoding", encoding) + if field_name is not None: + pulumi.set(__self__, "field_name", field_name) + if only_read_latest is not None: + pulumi.set(__self__, "only_read_latest", only_read_latest) + if qualifier_encoded is not None: + pulumi.set(__self__, "qualifier_encoded", qualifier_encoded) + if qualifier_string is not None: + pulumi.set(__self__, "qualifier_string", qualifier_string) + if type is not None: + pulumi.set(__self__, "type", type) + + @property + @pulumi.getter + def encoding(self) -> Optional[str]: + """ + The encoding of the values when the type is not STRING. Acceptable encoding values are: TEXT - indicates values are alphanumeric text strings. BINARY - indicates values are encoded using HBase Bytes.toBytes family of functions. 'encoding' can also be set at the column family level. However, the setting at this level takes precedence if 'encoding' is set at both levels. + """ + return pulumi.get(self, "encoding") + + @property + @pulumi.getter(name="fieldName") + def field_name(self) -> Optional[str]: + """ + If the qualifier is not a valid BigQuery field identifier i.e. does not match [a-zA-Z][a-zA-Z0-9_]*, a valid identifier must be provided as the column field name and is used as field name in queries. + """ + return pulumi.get(self, "field_name") + + @property + @pulumi.getter(name="onlyReadLatest") + def only_read_latest(self) -> Optional[bool]: + """ + If this is set, only the latest version of value in this column are exposed. 'onlyReadLatest' can also be set at the column family level. However, the setting at this level takes precedence if 'onlyReadLatest' is set at both levels. + """ + return pulumi.get(self, "only_read_latest") + + @property + @pulumi.getter(name="qualifierEncoded") + def qualifier_encoded(self) -> Optional[str]: + """ + Qualifier of the column. Columns in the parent column family that has this exact qualifier are exposed as . field. If the qualifier is valid UTF-8 string, it can be specified in the qualifierString field. Otherwise, a base-64 encoded value must be set to qualifierEncoded. The column field name is the same as the column qualifier. However, if the qualifier is not a valid BigQuery field identifier i.e. does not match [a-zA-Z][a-zA-Z0-9_]*, a valid identifier must be provided as fieldName. + """ + return pulumi.get(self, "qualifier_encoded") + + @property + @pulumi.getter(name="qualifierString") + def qualifier_string(self) -> Optional[str]: + """ + Qualifier string. + """ + return pulumi.get(self, "qualifier_string") + + @property + @pulumi.getter + def type(self) -> Optional[str]: + """ + The type to convert the value in cells of this column. The values are expected to be encoded using HBase Bytes.toBytes function when using the BINARY encoding value. Following BigQuery types are allowed (case-sensitive): "BYTES", "STRING", "INTEGER", "FLOAT", "BOOLEAN", "JSON", Default type is "BYTES". 'type' can also be set at the column family level. However, the setting at this level takes precedence if 'type' is set at both levels. + """ + return pulumi.get(self, "type") + + @pulumi.output_type class TableExternalDataConfigurationCsvOptions(dict): @staticmethod @@ -5500,7 +5785,8 @@ def __init__(__self__, *, :param str source_dataset_id: The ID of the source dataset. :param str source_project_id: The ID of the source project. :param str source_table_id: The ID of the source materialized view. - :param int replication_interval_ms: The interval at which the source materialized view is polled for updates. The default is 300000. + :param int replication_interval_ms: The interval at which the source + materialized view is polled for updates. The default is 300000. """ pulumi.set(__self__, "source_dataset_id", source_dataset_id) pulumi.set(__self__, "source_project_id", source_project_id) @@ -5536,7 +5822,8 @@ def source_table_id(self) -> str: @pulumi.getter(name="replicationIntervalMs") def replication_interval_ms(self) -> Optional[int]: """ - The interval at which the source materialized view is polled for updates. The default is 300000. + The interval at which the source + materialized view is polled for updates. The default is 300000. """ return pulumi.get(self, "replication_interval_ms") diff --git a/sdk/python/pulumi_gcp/bigquery/table.py b/sdk/python/pulumi_gcp/bigquery/table.py index 8613bf6e38..7befcffba5 100644 --- a/sdk/python/pulumi_gcp/bigquery/table.py +++ b/sdk/python/pulumi_gcp/bigquery/table.py @@ -44,7 +44,8 @@ def __init__(__self__, *, Changing this forces a new resource to be created. :param pulumi.Input[str] table_id: A unique ID for the resource. Changing this forces a new resource to be created. - :param pulumi.Input[bool] allow_resource_tags_on_deletion: Whether or not to allow table deletion when there are still resource tags attached. + :param pulumi.Input[bool] allow_resource_tags_on_deletion: This field is in beta. If set to true, it allows table deletion when there + are still resource tags attached. The default value is false. :param pulumi.Input[Sequence[pulumi.Input[str]]] clusterings: Specifies column names to use for data clustering. Up to four top-level columns are allowed, and should be specified in descending priority order. @@ -80,13 +81,18 @@ def __init__(__self__, *, :param pulumi.Input[bool] require_partition_filter: If set to true, queries over this table require a partition filter that can be used for partition elimination to be specified. - :param pulumi.Input[Mapping[str, pulumi.Input[str]]] resource_tags: The tags attached to this table. Tag keys are globally unique. Tag key is expected to be in the namespaced format, for - example "123456789012/environment" where 123456789012 is the ID of the parent organization or project resource for this - tag key. Tag value is expected to be the short name, for example "Production". + :param pulumi.Input[Mapping[str, pulumi.Input[str]]] resource_tags: This field is in beta. The tags attached to this table. Tag keys are + globally unique. Tag key is expected to be in the namespaced format, for + example "123456789012/environment" where 123456789012 is the ID of the + parent organization or project resource for this tag key. Tag value is + expected to be the short name, for example "Production". :param pulumi.Input[str] schema: A JSON schema for the table. :param pulumi.Input['TableTableConstraintsArgs'] table_constraints: Defines the primary key and foreign keys. Structure is documented below. - :param pulumi.Input['TableTableReplicationInfoArgs'] table_replication_info: Replication info of a table created using "AS REPLICA" DDL like: "CREATE MATERIALIZED VIEW mv1 AS REPLICA OF src_mv". + :param pulumi.Input['TableTableReplicationInfoArgs'] table_replication_info: Replication info of a table created + using "AS REPLICA" DDL like: + `CREATE MATERIALIZED VIEW mv1 AS REPLICA OF src_mv`. + Structure is documented below. :param pulumi.Input['TableTimePartitioningArgs'] time_partitioning: If specified, configures time-based partitioning for this table. Structure is documented below. :param pulumi.Input['TableViewArgs'] view: If specified, configures this table as a view. @@ -165,7 +171,8 @@ def table_id(self, value: pulumi.Input[str]): @pulumi.getter(name="allowResourceTagsOnDeletion") def allow_resource_tags_on_deletion(self) -> Optional[pulumi.Input[bool]]: """ - Whether or not to allow table deletion when there are still resource tags attached. + This field is in beta. If set to true, it allows table deletion when there + are still resource tags attached. The default value is false. """ return pulumi.get(self, "allow_resource_tags_on_deletion") @@ -355,9 +362,11 @@ def require_partition_filter(self, value: Optional[pulumi.Input[bool]]): @pulumi.getter(name="resourceTags") def resource_tags(self) -> Optional[pulumi.Input[Mapping[str, pulumi.Input[str]]]]: """ - The tags attached to this table. Tag keys are globally unique. Tag key is expected to be in the namespaced format, for - example "123456789012/environment" where 123456789012 is the ID of the parent organization or project resource for this - tag key. Tag value is expected to be the short name, for example "Production". + This field is in beta. The tags attached to this table. Tag keys are + globally unique. Tag key is expected to be in the namespaced format, for + example "123456789012/environment" where 123456789012 is the ID of the + parent organization or project resource for this tag key. Tag value is + expected to be the short name, for example "Production". """ return pulumi.get(self, "resource_tags") @@ -394,7 +403,10 @@ def table_constraints(self, value: Optional[pulumi.Input['TableTableConstraintsA @pulumi.getter(name="tableReplicationInfo") def table_replication_info(self) -> Optional[pulumi.Input['TableTableReplicationInfoArgs']]: """ - Replication info of a table created using "AS REPLICA" DDL like: "CREATE MATERIALIZED VIEW mv1 AS REPLICA OF src_mv". + Replication info of a table created + using "AS REPLICA" DDL like: + `CREATE MATERIALIZED VIEW mv1 AS REPLICA OF src_mv`. + Structure is documented below. """ return pulumi.get(self, "table_replication_info") @@ -467,7 +479,8 @@ def __init__(__self__, *, view: Optional[pulumi.Input['TableViewArgs']] = None): """ Input properties used for looking up and filtering Table resources. - :param pulumi.Input[bool] allow_resource_tags_on_deletion: Whether or not to allow table deletion when there are still resource tags attached. + :param pulumi.Input[bool] allow_resource_tags_on_deletion: This field is in beta. If set to true, it allows table deletion when there + are still resource tags attached. The default value is false. :param pulumi.Input[Sequence[pulumi.Input[str]]] clusterings: Specifies column names to use for data clustering. Up to four top-level columns are allowed, and should be specified in descending priority order. @@ -529,16 +542,21 @@ def __init__(__self__, *, :param pulumi.Input[bool] require_partition_filter: If set to true, queries over this table require a partition filter that can be used for partition elimination to be specified. - :param pulumi.Input[Mapping[str, pulumi.Input[str]]] resource_tags: The tags attached to this table. Tag keys are globally unique. Tag key is expected to be in the namespaced format, for - example "123456789012/environment" where 123456789012 is the ID of the parent organization or project resource for this - tag key. Tag value is expected to be the short name, for example "Production". + :param pulumi.Input[Mapping[str, pulumi.Input[str]]] resource_tags: This field is in beta. The tags attached to this table. Tag keys are + globally unique. Tag key is expected to be in the namespaced format, for + example "123456789012/environment" where 123456789012 is the ID of the + parent organization or project resource for this tag key. Tag value is + expected to be the short name, for example "Production". :param pulumi.Input[str] schema: A JSON schema for the table. :param pulumi.Input[str] self_link: The URI of the created resource. :param pulumi.Input['TableTableConstraintsArgs'] table_constraints: Defines the primary key and foreign keys. Structure is documented below. :param pulumi.Input[str] table_id: A unique ID for the resource. Changing this forces a new resource to be created. - :param pulumi.Input['TableTableReplicationInfoArgs'] table_replication_info: Replication info of a table created using "AS REPLICA" DDL like: "CREATE MATERIALIZED VIEW mv1 AS REPLICA OF src_mv". + :param pulumi.Input['TableTableReplicationInfoArgs'] table_replication_info: Replication info of a table created + using "AS REPLICA" DDL like: + `CREATE MATERIALIZED VIEW mv1 AS REPLICA OF src_mv`. + Structure is documented below. :param pulumi.Input['TableTimePartitioningArgs'] time_partitioning: If specified, configures time-based partitioning for this table. Structure is documented below. :param pulumi.Input[str] type: Describes the table type. @@ -616,7 +634,8 @@ def __init__(__self__, *, @pulumi.getter(name="allowResourceTagsOnDeletion") def allow_resource_tags_on_deletion(self) -> Optional[pulumi.Input[bool]]: """ - Whether or not to allow table deletion when there are still resource tags attached. + This field is in beta. If set to true, it allows table deletion when there + are still resource tags attached. The default value is false. """ return pulumi.get(self, "allow_resource_tags_on_deletion") @@ -942,9 +961,11 @@ def require_partition_filter(self, value: Optional[pulumi.Input[bool]]): @pulumi.getter(name="resourceTags") def resource_tags(self) -> Optional[pulumi.Input[Mapping[str, pulumi.Input[str]]]]: """ - The tags attached to this table. Tag keys are globally unique. Tag key is expected to be in the namespaced format, for - example "123456789012/environment" where 123456789012 is the ID of the parent organization or project resource for this - tag key. Tag value is expected to be the short name, for example "Production". + This field is in beta. The tags attached to this table. Tag keys are + globally unique. Tag key is expected to be in the namespaced format, for + example "123456789012/environment" where 123456789012 is the ID of the + parent organization or project resource for this tag key. Tag value is + expected to be the short name, for example "Production". """ return pulumi.get(self, "resource_tags") @@ -1006,7 +1027,10 @@ def table_id(self, value: Optional[pulumi.Input[str]]): @pulumi.getter(name="tableReplicationInfo") def table_replication_info(self) -> Optional[pulumi.Input['TableTableReplicationInfoArgs']]: """ - Replication info of a table created using "AS REPLICA" DDL like: "CREATE MATERIALIZED VIEW mv1 AS REPLICA OF src_mv". + Replication info of a table created + using "AS REPLICA" DDL like: + `CREATE MATERIALIZED VIEW mv1 AS REPLICA OF src_mv`. + Structure is documented below. """ return pulumi.get(self, "table_replication_info") @@ -1168,7 +1192,8 @@ def __init__(__self__, :param str resource_name: The name of the resource. :param pulumi.ResourceOptions opts: Options for the resource. - :param pulumi.Input[bool] allow_resource_tags_on_deletion: Whether or not to allow table deletion when there are still resource tags attached. + :param pulumi.Input[bool] allow_resource_tags_on_deletion: This field is in beta. If set to true, it allows table deletion when there + are still resource tags attached. The default value is false. :param pulumi.Input[Sequence[pulumi.Input[str]]] clusterings: Specifies column names to use for data clustering. Up to four top-level columns are allowed, and should be specified in descending priority order. @@ -1206,15 +1231,20 @@ def __init__(__self__, :param pulumi.Input[bool] require_partition_filter: If set to true, queries over this table require a partition filter that can be used for partition elimination to be specified. - :param pulumi.Input[Mapping[str, pulumi.Input[str]]] resource_tags: The tags attached to this table. Tag keys are globally unique. Tag key is expected to be in the namespaced format, for - example "123456789012/environment" where 123456789012 is the ID of the parent organization or project resource for this - tag key. Tag value is expected to be the short name, for example "Production". + :param pulumi.Input[Mapping[str, pulumi.Input[str]]] resource_tags: This field is in beta. The tags attached to this table. Tag keys are + globally unique. Tag key is expected to be in the namespaced format, for + example "123456789012/environment" where 123456789012 is the ID of the + parent organization or project resource for this tag key. Tag value is + expected to be the short name, for example "Production". :param pulumi.Input[str] schema: A JSON schema for the table. :param pulumi.Input[pulumi.InputType['TableTableConstraintsArgs']] table_constraints: Defines the primary key and foreign keys. Structure is documented below. :param pulumi.Input[str] table_id: A unique ID for the resource. Changing this forces a new resource to be created. - :param pulumi.Input[pulumi.InputType['TableTableReplicationInfoArgs']] table_replication_info: Replication info of a table created using "AS REPLICA" DDL like: "CREATE MATERIALIZED VIEW mv1 AS REPLICA OF src_mv". + :param pulumi.Input[pulumi.InputType['TableTableReplicationInfoArgs']] table_replication_info: Replication info of a table created + using "AS REPLICA" DDL like: + `CREATE MATERIALIZED VIEW mv1 AS REPLICA OF src_mv`. + Structure is documented below. :param pulumi.Input[pulumi.InputType['TableTimePartitioningArgs']] time_partitioning: If specified, configures time-based partitioning for this table. Structure is documented below. :param pulumi.Input[pulumi.InputType['TableViewArgs']] view: If specified, configures this table as a view. @@ -1446,7 +1476,8 @@ def get(resource_name: str, :param str resource_name: The unique name of the resulting resource. :param pulumi.Input[str] id: The unique provider ID of the resource to lookup. :param pulumi.ResourceOptions opts: Options for the resource. - :param pulumi.Input[bool] allow_resource_tags_on_deletion: Whether or not to allow table deletion when there are still resource tags attached. + :param pulumi.Input[bool] allow_resource_tags_on_deletion: This field is in beta. If set to true, it allows table deletion when there + are still resource tags attached. The default value is false. :param pulumi.Input[Sequence[pulumi.Input[str]]] clusterings: Specifies column names to use for data clustering. Up to four top-level columns are allowed, and should be specified in descending priority order. @@ -1508,16 +1539,21 @@ def get(resource_name: str, :param pulumi.Input[bool] require_partition_filter: If set to true, queries over this table require a partition filter that can be used for partition elimination to be specified. - :param pulumi.Input[Mapping[str, pulumi.Input[str]]] resource_tags: The tags attached to this table. Tag keys are globally unique. Tag key is expected to be in the namespaced format, for - example "123456789012/environment" where 123456789012 is the ID of the parent organization or project resource for this - tag key. Tag value is expected to be the short name, for example "Production". + :param pulumi.Input[Mapping[str, pulumi.Input[str]]] resource_tags: This field is in beta. The tags attached to this table. Tag keys are + globally unique. Tag key is expected to be in the namespaced format, for + example "123456789012/environment" where 123456789012 is the ID of the + parent organization or project resource for this tag key. Tag value is + expected to be the short name, for example "Production". :param pulumi.Input[str] schema: A JSON schema for the table. :param pulumi.Input[str] self_link: The URI of the created resource. :param pulumi.Input[pulumi.InputType['TableTableConstraintsArgs']] table_constraints: Defines the primary key and foreign keys. Structure is documented below. :param pulumi.Input[str] table_id: A unique ID for the resource. Changing this forces a new resource to be created. - :param pulumi.Input[pulumi.InputType['TableTableReplicationInfoArgs']] table_replication_info: Replication info of a table created using "AS REPLICA" DDL like: "CREATE MATERIALIZED VIEW mv1 AS REPLICA OF src_mv". + :param pulumi.Input[pulumi.InputType['TableTableReplicationInfoArgs']] table_replication_info: Replication info of a table created + using "AS REPLICA" DDL like: + `CREATE MATERIALIZED VIEW mv1 AS REPLICA OF src_mv`. + Structure is documented below. :param pulumi.Input[pulumi.InputType['TableTimePartitioningArgs']] time_partitioning: If specified, configures time-based partitioning for this table. Structure is documented below. :param pulumi.Input[str] type: Describes the table type. @@ -1567,7 +1603,8 @@ def get(resource_name: str, @pulumi.getter(name="allowResourceTagsOnDeletion") def allow_resource_tags_on_deletion(self) -> pulumi.Output[Optional[bool]]: """ - Whether or not to allow table deletion when there are still resource tags attached. + This field is in beta. If set to true, it allows table deletion when there + are still resource tags attached. The default value is false. """ return pulumi.get(self, "allow_resource_tags_on_deletion") @@ -1797,9 +1834,11 @@ def require_partition_filter(self) -> pulumi.Output[Optional[bool]]: @pulumi.getter(name="resourceTags") def resource_tags(self) -> pulumi.Output[Optional[Mapping[str, str]]]: """ - The tags attached to this table. Tag keys are globally unique. Tag key is expected to be in the namespaced format, for - example "123456789012/environment" where 123456789012 is the ID of the parent organization or project resource for this - tag key. Tag value is expected to be the short name, for example "Production". + This field is in beta. The tags attached to this table. Tag keys are + globally unique. Tag key is expected to be in the namespaced format, for + example "123456789012/environment" where 123456789012 is the ID of the + parent organization or project resource for this tag key. Tag value is + expected to be the short name, for example "Production". """ return pulumi.get(self, "resource_tags") @@ -1841,7 +1880,10 @@ def table_id(self) -> pulumi.Output[str]: @pulumi.getter(name="tableReplicationInfo") def table_replication_info(self) -> pulumi.Output[Optional['outputs.TableTableReplicationInfo']]: """ - Replication info of a table created using "AS REPLICA" DDL like: "CREATE MATERIALIZED VIEW mv1 AS REPLICA OF src_mv". + Replication info of a table created + using "AS REPLICA" DDL like: + `CREATE MATERIALIZED VIEW mv1 AS REPLICA OF src_mv`. + Structure is documented below. """ return pulumi.get(self, "table_replication_info") diff --git a/sdk/python/pulumi_gcp/cloudfunctionsv2/function.py b/sdk/python/pulumi_gcp/cloudfunctionsv2/function.py index a231ee312d..ec2a8bf13d 100644 --- a/sdk/python/pulumi_gcp/cloudfunctionsv2/function.py +++ b/sdk/python/pulumi_gcp/cloudfunctionsv2/function.py @@ -528,7 +528,6 @@ def __init__(__self__, available_memory="256M", timeout_seconds=60, )) - pulumi.export("functionUri", function.service_config.uri) ``` ### Cloudfunctions2 Full @@ -896,7 +895,6 @@ def __init__(__self__, timeout_seconds=60, ), opts=pulumi.ResourceOptions(depends_on=[wait60s])) - pulumi.export("functionUri", function.service_config.uri) ``` ### Cloudfunctions2 Secret Env @@ -1219,7 +1217,6 @@ def __init__(__self__, available_memory="256M", timeout_seconds=60, )) - pulumi.export("functionUri", function.service_config.uri) ``` ### Cloudfunctions2 Full @@ -1587,7 +1584,6 @@ def __init__(__self__, timeout_seconds=60, ), opts=pulumi.ResourceOptions(depends_on=[wait60s])) - pulumi.export("functionUri", function.service_config.uri) ``` ### Cloudfunctions2 Secret Env diff --git a/sdk/python/pulumi_gcp/cloudrun/_inputs.py b/sdk/python/pulumi_gcp/cloudrun/_inputs.py index 5fb7cae210..48512daf05 100644 --- a/sdk/python/pulumi_gcp/cloudrun/_inputs.py +++ b/sdk/python/pulumi_gcp/cloudrun/_inputs.py @@ -48,6 +48,7 @@ 'ServiceTemplateSpecVolumeArgs', 'ServiceTemplateSpecVolumeCsiArgs', 'ServiceTemplateSpecVolumeEmptyDirArgs', + 'ServiceTemplateSpecVolumeNfsArgs', 'ServiceTemplateSpecVolumeSecretArgs', 'ServiceTemplateSpecVolumeSecretItemArgs', 'ServiceTrafficArgs', @@ -2884,6 +2885,7 @@ def __init__(__self__, *, name: pulumi.Input[str], csi: Optional[pulumi.Input['ServiceTemplateSpecVolumeCsiArgs']] = None, empty_dir: Optional[pulumi.Input['ServiceTemplateSpecVolumeEmptyDirArgs']] = None, + nfs: Optional[pulumi.Input['ServiceTemplateSpecVolumeNfsArgs']] = None, secret: Optional[pulumi.Input['ServiceTemplateSpecVolumeSecretArgs']] = None): """ :param pulumi.Input[str] name: Volume's name. @@ -2891,6 +2893,10 @@ def __init__(__self__, *, Structure is documented below. :param pulumi.Input['ServiceTemplateSpecVolumeEmptyDirArgs'] empty_dir: Ephemeral storage which can be backed by real disks (HD, SSD), network storage or memory (i.e. tmpfs). For now only in memory (tmpfs) is supported. It is ephemeral in the sense that when the sandbox is taken down, the data is destroyed with it (it does not persist across sandbox runs). Structure is documented below. + :param pulumi.Input['ServiceTemplateSpecVolumeNfsArgs'] nfs: A filesystem backed by a Network File System share. This filesystem requires the + run.googleapis.com/execution-environment annotation to be set to "gen2" and + run.googleapis.com/launch-stage set to "BETA" or "ALPHA". + Structure is documented below. :param pulumi.Input['ServiceTemplateSpecVolumeSecretArgs'] secret: The secret's value will be presented as the content of a file whose name is defined in the item path. If no items are defined, the name of the file is the secret_name. @@ -2901,6 +2907,8 @@ def __init__(__self__, *, pulumi.set(__self__, "csi", csi) if empty_dir is not None: pulumi.set(__self__, "empty_dir", empty_dir) + if nfs is not None: + pulumi.set(__self__, "nfs", nfs) if secret is not None: pulumi.set(__self__, "secret", secret) @@ -2942,6 +2950,21 @@ def empty_dir(self) -> Optional[pulumi.Input['ServiceTemplateSpecVolumeEmptyDirA def empty_dir(self, value: Optional[pulumi.Input['ServiceTemplateSpecVolumeEmptyDirArgs']]): pulumi.set(self, "empty_dir", value) + @property + @pulumi.getter + def nfs(self) -> Optional[pulumi.Input['ServiceTemplateSpecVolumeNfsArgs']]: + """ + A filesystem backed by a Network File System share. This filesystem requires the + run.googleapis.com/execution-environment annotation to be set to "gen2" and + run.googleapis.com/launch-stage set to "BETA" or "ALPHA". + Structure is documented below. + """ + return pulumi.get(self, "nfs") + + @nfs.setter + def nfs(self, value: Optional[pulumi.Input['ServiceTemplateSpecVolumeNfsArgs']]): + pulumi.set(self, "nfs", value) + @property @pulumi.getter def secret(self) -> Optional[pulumi.Input['ServiceTemplateSpecVolumeSecretArgs']]: @@ -2973,8 +2996,6 @@ def __init__(__self__, *, :param pulumi.Input[Mapping[str, pulumi.Input[str]]] volume_attributes: Driver-specific attributes. The following options are supported for available drivers: * gcsfuse.run.googleapis.com * bucketName: The name of the Cloud Storage Bucket that backs this volume. The Cloud Run Service identity must have access to this bucket. - - - - - """ pulumi.set(__self__, "driver", driver) if read_only is not None: @@ -3016,8 +3037,6 @@ def volume_attributes(self) -> Optional[pulumi.Input[Mapping[str, pulumi.Input[s Driver-specific attributes. The following options are supported for available drivers: * gcsfuse.run.googleapis.com * bucketName: The name of the Cloud Storage Bucket that backs this volume. The Cloud Run Service identity must have access to this bucket. - - - - - """ return pulumi.get(self, "volume_attributes") @@ -3065,6 +3084,63 @@ def size_limit(self, value: Optional[pulumi.Input[str]]): pulumi.set(self, "size_limit", value) +@pulumi.input_type +class ServiceTemplateSpecVolumeNfsArgs: + def __init__(__self__, *, + path: pulumi.Input[str], + server: pulumi.Input[str], + read_only: Optional[pulumi.Input[bool]] = None): + """ + :param pulumi.Input[str] path: Path exported by the NFS server + :param pulumi.Input[str] server: IP address or hostname of the NFS server + :param pulumi.Input[bool] read_only: If true, mount the NFS volume as read only in all mounts. Defaults to false. + + - - - + """ + pulumi.set(__self__, "path", path) + pulumi.set(__self__, "server", server) + if read_only is not None: + pulumi.set(__self__, "read_only", read_only) + + @property + @pulumi.getter + def path(self) -> pulumi.Input[str]: + """ + Path exported by the NFS server + """ + return pulumi.get(self, "path") + + @path.setter + def path(self, value: pulumi.Input[str]): + pulumi.set(self, "path", value) + + @property + @pulumi.getter + def server(self) -> pulumi.Input[str]: + """ + IP address or hostname of the NFS server + """ + return pulumi.get(self, "server") + + @server.setter + def server(self, value: pulumi.Input[str]): + pulumi.set(self, "server", value) + + @property + @pulumi.getter(name="readOnly") + def read_only(self) -> Optional[pulumi.Input[bool]]: + """ + If true, mount the NFS volume as read only in all mounts. Defaults to false. + + - - - + """ + return pulumi.get(self, "read_only") + + @read_only.setter + def read_only(self, value: Optional[pulumi.Input[bool]]): + pulumi.set(self, "read_only", value) + + @pulumi.input_type class ServiceTemplateSpecVolumeSecretArgs: def __init__(__self__, *, diff --git a/sdk/python/pulumi_gcp/cloudrun/outputs.py b/sdk/python/pulumi_gcp/cloudrun/outputs.py index 20b26a707c..af5f983612 100644 --- a/sdk/python/pulumi_gcp/cloudrun/outputs.py +++ b/sdk/python/pulumi_gcp/cloudrun/outputs.py @@ -49,6 +49,7 @@ 'ServiceTemplateSpecVolume', 'ServiceTemplateSpecVolumeCsi', 'ServiceTemplateSpecVolumeEmptyDir', + 'ServiceTemplateSpecVolumeNfs', 'ServiceTemplateSpecVolumeSecret', 'ServiceTemplateSpecVolumeSecretItem', 'ServiceTraffic', @@ -83,6 +84,7 @@ 'GetServiceTemplateSpecVolumeResult', 'GetServiceTemplateSpecVolumeCsiResult', 'GetServiceTemplateSpecVolumeEmptyDirResult', + 'GetServiceTemplateSpecVolumeNfResult', 'GetServiceTemplateSpecVolumeSecretResult', 'GetServiceTemplateSpecVolumeSecretItemResult', 'GetServiceTrafficResult', @@ -2801,6 +2803,7 @@ def __init__(__self__, *, name: str, csi: Optional['outputs.ServiceTemplateSpecVolumeCsi'] = None, empty_dir: Optional['outputs.ServiceTemplateSpecVolumeEmptyDir'] = None, + nfs: Optional['outputs.ServiceTemplateSpecVolumeNfs'] = None, secret: Optional['outputs.ServiceTemplateSpecVolumeSecret'] = None): """ :param str name: Volume's name. @@ -2808,6 +2811,10 @@ def __init__(__self__, *, Structure is documented below. :param 'ServiceTemplateSpecVolumeEmptyDirArgs' empty_dir: Ephemeral storage which can be backed by real disks (HD, SSD), network storage or memory (i.e. tmpfs). For now only in memory (tmpfs) is supported. It is ephemeral in the sense that when the sandbox is taken down, the data is destroyed with it (it does not persist across sandbox runs). Structure is documented below. + :param 'ServiceTemplateSpecVolumeNfsArgs' nfs: A filesystem backed by a Network File System share. This filesystem requires the + run.googleapis.com/execution-environment annotation to be set to "gen2" and + run.googleapis.com/launch-stage set to "BETA" or "ALPHA". + Structure is documented below. :param 'ServiceTemplateSpecVolumeSecretArgs' secret: The secret's value will be presented as the content of a file whose name is defined in the item path. If no items are defined, the name of the file is the secret_name. @@ -2818,6 +2825,8 @@ def __init__(__self__, *, pulumi.set(__self__, "csi", csi) if empty_dir is not None: pulumi.set(__self__, "empty_dir", empty_dir) + if nfs is not None: + pulumi.set(__self__, "nfs", nfs) if secret is not None: pulumi.set(__self__, "secret", secret) @@ -2847,6 +2856,17 @@ def empty_dir(self) -> Optional['outputs.ServiceTemplateSpecVolumeEmptyDir']: """ return pulumi.get(self, "empty_dir") + @property + @pulumi.getter + def nfs(self) -> Optional['outputs.ServiceTemplateSpecVolumeNfs']: + """ + A filesystem backed by a Network File System share. This filesystem requires the + run.googleapis.com/execution-environment annotation to be set to "gen2" and + run.googleapis.com/launch-stage set to "BETA" or "ALPHA". + Structure is documented below. + """ + return pulumi.get(self, "nfs") + @property @pulumi.getter def secret(self) -> Optional['outputs.ServiceTemplateSpecVolumeSecret']: @@ -2893,8 +2913,6 @@ def __init__(__self__, *, :param Mapping[str, str] volume_attributes: Driver-specific attributes. The following options are supported for available drivers: * gcsfuse.run.googleapis.com * bucketName: The name of the Cloud Storage Bucket that backs this volume. The Cloud Run Service identity must have access to this bucket. - - - - - """ pulumi.set(__self__, "driver", driver) if read_only is not None: @@ -2928,8 +2946,6 @@ def volume_attributes(self) -> Optional[Mapping[str, str]]: Driver-specific attributes. The following options are supported for available drivers: * gcsfuse.run.googleapis.com * bucketName: The name of the Cloud Storage Bucket that backs this volume. The Cloud Run Service identity must have access to this bucket. - - - - - """ return pulumi.get(self, "volume_attributes") @@ -2982,6 +2998,68 @@ def size_limit(self) -> Optional[str]: return pulumi.get(self, "size_limit") +@pulumi.output_type +class ServiceTemplateSpecVolumeNfs(dict): + @staticmethod + def __key_warning(key: str): + suggest = None + if key == "readOnly": + suggest = "read_only" + + if suggest: + pulumi.log.warn(f"Key '{key}' not found in ServiceTemplateSpecVolumeNfs. Access the value via the '{suggest}' property getter instead.") + + def __getitem__(self, key: str) -> Any: + ServiceTemplateSpecVolumeNfs.__key_warning(key) + return super().__getitem__(key) + + def get(self, key: str, default = None) -> Any: + ServiceTemplateSpecVolumeNfs.__key_warning(key) + return super().get(key, default) + + def __init__(__self__, *, + path: str, + server: str, + read_only: Optional[bool] = None): + """ + :param str path: Path exported by the NFS server + :param str server: IP address or hostname of the NFS server + :param bool read_only: If true, mount the NFS volume as read only in all mounts. Defaults to false. + + - - - + """ + pulumi.set(__self__, "path", path) + pulumi.set(__self__, "server", server) + if read_only is not None: + pulumi.set(__self__, "read_only", read_only) + + @property + @pulumi.getter + def path(self) -> str: + """ + Path exported by the NFS server + """ + return pulumi.get(self, "path") + + @property + @pulumi.getter + def server(self) -> str: + """ + IP address or hostname of the NFS server + """ + return pulumi.get(self, "server") + + @property + @pulumi.getter(name="readOnly") + def read_only(self) -> Optional[bool]: + """ + If true, mount the NFS volume as read only in all mounts. Defaults to false. + + - - - + """ + return pulumi.get(self, "read_only") + + @pulumi.output_type class ServiceTemplateSpecVolumeSecret(dict): @staticmethod @@ -4732,11 +4810,15 @@ def __init__(__self__, *, csis: Sequence['outputs.GetServiceTemplateSpecVolumeCsiResult'], empty_dirs: Sequence['outputs.GetServiceTemplateSpecVolumeEmptyDirResult'], name: str, + nfs: Sequence['outputs.GetServiceTemplateSpecVolumeNfResult'], secrets: Sequence['outputs.GetServiceTemplateSpecVolumeSecretResult']): """ :param Sequence['GetServiceTemplateSpecVolumeCsiArgs'] csis: A filesystem specified by the Container Storage Interface (CSI). :param Sequence['GetServiceTemplateSpecVolumeEmptyDirArgs'] empty_dirs: Ephemeral storage which can be backed by real disks (HD, SSD), network storage or memory (i.e. tmpfs). For now only in memory (tmpfs) is supported. It is ephemeral in the sense that when the sandbox is taken down, the data is destroyed with it (it does not persist across sandbox runs). :param str name: The name of the Cloud Run Service. + :param Sequence['GetServiceTemplateSpecVolumeNfArgs'] nfs: A filesystem backed by a Network File System share. This filesystem requires the + run.googleapis.com/execution-environment annotation to be set to "gen2" and + run.googleapis.com/launch-stage set to "BETA" or "ALPHA". :param Sequence['GetServiceTemplateSpecVolumeSecretArgs'] secrets: The secret's value will be presented as the content of a file whose name is defined in the item path. If no items are defined, the name of the file is the secret_name. @@ -4744,6 +4826,7 @@ def __init__(__self__, *, pulumi.set(__self__, "csis", csis) pulumi.set(__self__, "empty_dirs", empty_dirs) pulumi.set(__self__, "name", name) + pulumi.set(__self__, "nfs", nfs) pulumi.set(__self__, "secrets", secrets) @property @@ -4770,6 +4853,16 @@ def name(self) -> str: """ return pulumi.get(self, "name") + @property + @pulumi.getter + def nfs(self) -> Sequence['outputs.GetServiceTemplateSpecVolumeNfResult']: + """ + A filesystem backed by a Network File System share. This filesystem requires the + run.googleapis.com/execution-environment annotation to be set to "gen2" and + run.googleapis.com/launch-stage set to "BETA" or "ALPHA". + """ + return pulumi.get(self, "nfs") + @property @pulumi.getter def secrets(self) -> Sequence['outputs.GetServiceTemplateSpecVolumeSecretResult']: @@ -4860,6 +4953,46 @@ def size_limit(self) -> str: return pulumi.get(self, "size_limit") +@pulumi.output_type +class GetServiceTemplateSpecVolumeNfResult(dict): + def __init__(__self__, *, + path: str, + read_only: bool, + server: str): + """ + :param str path: Path exported by the NFS server + :param bool read_only: If true, mount the NFS volume as read only in all mounts. Defaults to false. + :param str server: IP address or hostname of the NFS server + """ + pulumi.set(__self__, "path", path) + pulumi.set(__self__, "read_only", read_only) + pulumi.set(__self__, "server", server) + + @property + @pulumi.getter + def path(self) -> str: + """ + Path exported by the NFS server + """ + return pulumi.get(self, "path") + + @property + @pulumi.getter(name="readOnly") + def read_only(self) -> bool: + """ + If true, mount the NFS volume as read only in all mounts. Defaults to false. + """ + return pulumi.get(self, "read_only") + + @property + @pulumi.getter + def server(self) -> str: + """ + IP address or hostname of the NFS server + """ + return pulumi.get(self, "server") + + @pulumi.output_type class GetServiceTemplateSpecVolumeSecretResult(dict): def __init__(__self__, *, diff --git a/sdk/python/pulumi_gcp/composer/user_workloads_secret.py b/sdk/python/pulumi_gcp/composer/user_workloads_secret.py index e40266bd44..20f38954fc 100644 --- a/sdk/python/pulumi_gcp/composer/user_workloads_secret.py +++ b/sdk/python/pulumi_gcp/composer/user_workloads_secret.py @@ -237,7 +237,7 @@ def __init__(__self__, * `{{project}}/{{region}}/{{environment}}/{{name}}` - * `{{name}}` + * `{{environment}}/{{name}}` When using the `pulumi import` command, Environment can be imported using one of the formats above. For example: @@ -250,7 +250,7 @@ def __init__(__self__, ``` ```sh - $ pulumi import gcp:composer/userWorkloadsSecret:UserWorkloadsSecret example {{name}} + $ pulumi import gcp:composer/userWorkloadsSecret:UserWorkloadsSecret example {{environment}}/{{name}} ``` :param str resource_name: The name of the resource. @@ -304,7 +304,7 @@ def __init__(__self__, * `{{project}}/{{region}}/{{environment}}/{{name}}` - * `{{name}}` + * `{{environment}}/{{name}}` When using the `pulumi import` command, Environment can be imported using one of the formats above. For example: @@ -317,7 +317,7 @@ def __init__(__self__, ``` ```sh - $ pulumi import gcp:composer/userWorkloadsSecret:UserWorkloadsSecret example {{name}} + $ pulumi import gcp:composer/userWorkloadsSecret:UserWorkloadsSecret example {{environment}}/{{name}} ``` :param str resource_name: The name of the resource. diff --git a/sdk/python/pulumi_gcp/compute/__init__.py b/sdk/python/pulumi_gcp/compute/__init__.py index 2c19953d01..1a317e1703 100644 --- a/sdk/python/pulumi_gcp/compute/__init__.py +++ b/sdk/python/pulumi_gcp/compute/__init__.py @@ -82,6 +82,7 @@ from .get_ssl_policy import * from .get_subnetwork import * from .get_subnetwork_iam_policy import * +from .get_subnetworks import * from .get_vpn_gateway import * from .get_zones import * from .global_address import * diff --git a/sdk/python/pulumi_gcp/compute/_inputs.py b/sdk/python/pulumi_gcp/compute/_inputs.py index 2ae702e21d..a62c4ea522 100644 --- a/sdk/python/pulumi_gcp/compute/_inputs.py +++ b/sdk/python/pulumi_gcp/compute/_inputs.py @@ -100,6 +100,7 @@ 'InstanceFromMachineImageSchedulingLocalSsdRecoveryTimeoutArgs', 'InstanceFromMachineImageSchedulingMaxRunDurationArgs', 'InstanceFromMachineImageSchedulingNodeAffinityArgs', + 'InstanceFromMachineImageSchedulingOnInstanceStopActionArgs', 'InstanceFromMachineImageScratchDiskArgs', 'InstanceFromMachineImageServiceAccountArgs', 'InstanceFromMachineImageShieldedInstanceConfigArgs', @@ -121,6 +122,7 @@ 'InstanceFromTemplateSchedulingLocalSsdRecoveryTimeoutArgs', 'InstanceFromTemplateSchedulingMaxRunDurationArgs', 'InstanceFromTemplateSchedulingNodeAffinityArgs', + 'InstanceFromTemplateSchedulingOnInstanceStopActionArgs', 'InstanceFromTemplateScratchDiskArgs', 'InstanceFromTemplateServiceAccountArgs', 'InstanceFromTemplateShieldedInstanceConfigArgs', @@ -156,6 +158,7 @@ 'InstanceSchedulingLocalSsdRecoveryTimeoutArgs', 'InstanceSchedulingMaxRunDurationArgs', 'InstanceSchedulingNodeAffinityArgs', + 'InstanceSchedulingOnInstanceStopActionArgs', 'InstanceScratchDiskArgs', 'InstanceServiceAccountArgs', 'InstanceSettingsMetadataArgs', @@ -178,6 +181,7 @@ 'InstanceTemplateSchedulingLocalSsdRecoveryTimeoutArgs', 'InstanceTemplateSchedulingMaxRunDurationArgs', 'InstanceTemplateSchedulingNodeAffinityArgs', + 'InstanceTemplateSchedulingOnInstanceStopActionArgs', 'InstanceTemplateServiceAccountArgs', 'InstanceTemplateShieldedInstanceConfigArgs', 'InterconnectAttachmentPrivateInterconnectInfoArgs', @@ -294,6 +298,7 @@ 'RegionInstanceTemplateSchedulingLocalSsdRecoveryTimeoutArgs', 'RegionInstanceTemplateSchedulingMaxRunDurationArgs', 'RegionInstanceTemplateSchedulingNodeAffinityArgs', + 'RegionInstanceTemplateSchedulingOnInstanceStopActionArgs', 'RegionInstanceTemplateServiceAccountArgs', 'RegionInstanceTemplateShieldedInstanceConfigArgs', 'RegionNetworkEndpointGroupAppEngineArgs', @@ -7442,6 +7447,7 @@ def __init__(__self__, *, min_node_cpus: Optional[pulumi.Input[int]] = None, node_affinities: Optional[pulumi.Input[Sequence[pulumi.Input['InstanceFromMachineImageSchedulingNodeAffinityArgs']]]] = None, on_host_maintenance: Optional[pulumi.Input[str]] = None, + on_instance_stop_action: Optional[pulumi.Input['InstanceFromMachineImageSchedulingOnInstanceStopActionArgs']] = None, preemptible: Optional[pulumi.Input[bool]] = None, provisioning_model: Optional[pulumi.Input[str]] = None): """ @@ -7455,6 +7461,7 @@ def __init__(__self__, *, :param pulumi.Input['InstanceFromMachineImageSchedulingMaxRunDurationArgs'] max_run_duration: The timeout for new network connections to hosts. :param pulumi.Input[Sequence[pulumi.Input['InstanceFromMachineImageSchedulingNodeAffinityArgs']]] node_affinities: Specifies node affinities or anti-affinities to determine which sole-tenant nodes your instances and managed instance groups will use as host systems. :param pulumi.Input[str] on_host_maintenance: Describes maintenance behavior for the instance. One of MIGRATE or TERMINATE, + :param pulumi.Input['InstanceFromMachineImageSchedulingOnInstanceStopActionArgs'] on_instance_stop_action: Defines the behaviour for instances with the instance_termination_action. :param pulumi.Input[bool] preemptible: Whether the instance is preemptible. :param pulumi.Input[str] provisioning_model: Whether the instance is spot. If this is set as SPOT. """ @@ -7474,6 +7481,8 @@ def __init__(__self__, *, pulumi.set(__self__, "node_affinities", node_affinities) if on_host_maintenance is not None: pulumi.set(__self__, "on_host_maintenance", on_host_maintenance) + if on_instance_stop_action is not None: + pulumi.set(__self__, "on_instance_stop_action", on_instance_stop_action) if preemptible is not None: pulumi.set(__self__, "preemptible", preemptible) if provisioning_model is not None: @@ -7575,6 +7584,18 @@ def on_host_maintenance(self) -> Optional[pulumi.Input[str]]: def on_host_maintenance(self, value: Optional[pulumi.Input[str]]): pulumi.set(self, "on_host_maintenance", value) + @property + @pulumi.getter(name="onInstanceStopAction") + def on_instance_stop_action(self) -> Optional[pulumi.Input['InstanceFromMachineImageSchedulingOnInstanceStopActionArgs']]: + """ + Defines the behaviour for instances with the instance_termination_action. + """ + return pulumi.get(self, "on_instance_stop_action") + + @on_instance_stop_action.setter + def on_instance_stop_action(self, value: Optional[pulumi.Input['InstanceFromMachineImageSchedulingOnInstanceStopActionArgs']]): + pulumi.set(self, "on_instance_stop_action", value) + @property @pulumi.getter def preemptible(self) -> Optional[pulumi.Input[bool]]: @@ -7730,6 +7751,29 @@ def values(self, value: pulumi.Input[Sequence[pulumi.Input[str]]]): pulumi.set(self, "values", value) +@pulumi.input_type +class InstanceFromMachineImageSchedulingOnInstanceStopActionArgs: + def __init__(__self__, *, + discard_local_ssd: Optional[pulumi.Input[bool]] = None): + """ + :param pulumi.Input[bool] discard_local_ssd: If true, the contents of any attached Local SSD disks will be discarded. + """ + if discard_local_ssd is not None: + pulumi.set(__self__, "discard_local_ssd", discard_local_ssd) + + @property + @pulumi.getter(name="discardLocalSsd") + def discard_local_ssd(self) -> Optional[pulumi.Input[bool]]: + """ + If true, the contents of any attached Local SSD disks will be discarded. + """ + return pulumi.get(self, "discard_local_ssd") + + @discard_local_ssd.setter + def discard_local_ssd(self, value: Optional[pulumi.Input[bool]]): + pulumi.set(self, "discard_local_ssd", value) + + @pulumi.input_type class InstanceFromMachineImageScratchDiskArgs: def __init__(__self__, *, @@ -8993,6 +9037,7 @@ def __init__(__self__, *, min_node_cpus: Optional[pulumi.Input[int]] = None, node_affinities: Optional[pulumi.Input[Sequence[pulumi.Input['InstanceFromTemplateSchedulingNodeAffinityArgs']]]] = None, on_host_maintenance: Optional[pulumi.Input[str]] = None, + on_instance_stop_action: Optional[pulumi.Input['InstanceFromTemplateSchedulingOnInstanceStopActionArgs']] = None, preemptible: Optional[pulumi.Input[bool]] = None, provisioning_model: Optional[pulumi.Input[str]] = None): """ @@ -9006,6 +9051,7 @@ def __init__(__self__, *, :param pulumi.Input['InstanceFromTemplateSchedulingMaxRunDurationArgs'] max_run_duration: The timeout for new network connections to hosts. :param pulumi.Input[Sequence[pulumi.Input['InstanceFromTemplateSchedulingNodeAffinityArgs']]] node_affinities: Specifies node affinities or anti-affinities to determine which sole-tenant nodes your instances and managed instance groups will use as host systems. :param pulumi.Input[str] on_host_maintenance: Describes maintenance behavior for the instance. One of MIGRATE or TERMINATE, + :param pulumi.Input['InstanceFromTemplateSchedulingOnInstanceStopActionArgs'] on_instance_stop_action: Defines the behaviour for instances with the instance_termination_action. :param pulumi.Input[bool] preemptible: Whether the instance is preemptible. :param pulumi.Input[str] provisioning_model: Whether the instance is spot. If this is set as SPOT. """ @@ -9025,6 +9071,8 @@ def __init__(__self__, *, pulumi.set(__self__, "node_affinities", node_affinities) if on_host_maintenance is not None: pulumi.set(__self__, "on_host_maintenance", on_host_maintenance) + if on_instance_stop_action is not None: + pulumi.set(__self__, "on_instance_stop_action", on_instance_stop_action) if preemptible is not None: pulumi.set(__self__, "preemptible", preemptible) if provisioning_model is not None: @@ -9126,6 +9174,18 @@ def on_host_maintenance(self) -> Optional[pulumi.Input[str]]: def on_host_maintenance(self, value: Optional[pulumi.Input[str]]): pulumi.set(self, "on_host_maintenance", value) + @property + @pulumi.getter(name="onInstanceStopAction") + def on_instance_stop_action(self) -> Optional[pulumi.Input['InstanceFromTemplateSchedulingOnInstanceStopActionArgs']]: + """ + Defines the behaviour for instances with the instance_termination_action. + """ + return pulumi.get(self, "on_instance_stop_action") + + @on_instance_stop_action.setter + def on_instance_stop_action(self, value: Optional[pulumi.Input['InstanceFromTemplateSchedulingOnInstanceStopActionArgs']]): + pulumi.set(self, "on_instance_stop_action", value) + @property @pulumi.getter def preemptible(self) -> Optional[pulumi.Input[bool]]: @@ -9281,6 +9341,29 @@ def values(self, value: pulumi.Input[Sequence[pulumi.Input[str]]]): pulumi.set(self, "values", value) +@pulumi.input_type +class InstanceFromTemplateSchedulingOnInstanceStopActionArgs: + def __init__(__self__, *, + discard_local_ssd: Optional[pulumi.Input[bool]] = None): + """ + :param pulumi.Input[bool] discard_local_ssd: If true, the contents of any attached Local SSD disks will be discarded. + """ + if discard_local_ssd is not None: + pulumi.set(__self__, "discard_local_ssd", discard_local_ssd) + + @property + @pulumi.getter(name="discardLocalSsd") + def discard_local_ssd(self) -> Optional[pulumi.Input[bool]]: + """ + If true, the contents of any attached Local SSD disks will be discarded. + """ + return pulumi.get(self, "discard_local_ssd") + + @discard_local_ssd.setter + def discard_local_ssd(self, value: Optional[pulumi.Input[bool]]): + pulumi.set(self, "discard_local_ssd", value) + + @pulumi.input_type class InstanceFromTemplateScratchDiskArgs: def __init__(__self__, *, @@ -11041,6 +11124,7 @@ def __init__(__self__, *, min_node_cpus: Optional[pulumi.Input[int]] = None, node_affinities: Optional[pulumi.Input[Sequence[pulumi.Input['InstanceSchedulingNodeAffinityArgs']]]] = None, on_host_maintenance: Optional[pulumi.Input[str]] = None, + on_instance_stop_action: Optional[pulumi.Input['InstanceSchedulingOnInstanceStopActionArgs']] = None, preemptible: Optional[pulumi.Input[bool]] = None, provisioning_model: Optional[pulumi.Input[str]] = None): """ @@ -11053,8 +11137,7 @@ def __init__(__self__, *, between 0 and 168 hours with hour granularity and the default value being 1 hour. :param pulumi.Input[str] maintenance_interval: Specifies the frequency of planned maintenance events. The accepted values are: `PERIODIC`. - :param pulumi.Input['InstanceSchedulingMaxRunDurationArgs'] max_run_duration: The duration of the instance. Instance will run and be terminated after then, the termination action could be defined in `instance_termination_action`. Only support `DELETE` `instance_termination_action` at this point. Structure is documented below. - The `max_run_duration` block supports: + :param pulumi.Input['InstanceSchedulingMaxRunDurationArgs'] max_run_duration: The duration of the instance. Instance will run and be terminated after then, the termination action could be defined in `instance_termination_action`. Structure is documented below. :param pulumi.Input[int] min_node_cpus: The minimum number of virtual CPUs this instance will consume when running on a sole-tenant node. :param pulumi.Input[Sequence[pulumi.Input['InstanceSchedulingNodeAffinityArgs']]] node_affinities: Specifies node affinities or anti-affinities to determine which sole-tenant nodes your instances and managed instance @@ -11064,6 +11147,7 @@ def __init__(__self__, *, :param pulumi.Input[str] on_host_maintenance: Describes maintenance behavior for the instance. Can be MIGRATE or TERMINATE, for more info, read [here](https://cloud.google.com/compute/docs/instances/setting-instance-scheduling-options). + :param pulumi.Input['InstanceSchedulingOnInstanceStopActionArgs'] on_instance_stop_action: Specifies the action to be performed when the instance is terminated using `max_run_duration` and `STOP` `instance_termination_action`. Only support `true` `discard_local_ssd` at this point. Structure is documented below. :param pulumi.Input[bool] preemptible: Specifies if the instance is preemptible. If this field is set to true, then `automatic_restart` must be set to false. Defaults to false. @@ -11088,6 +11172,8 @@ def __init__(__self__, *, pulumi.set(__self__, "node_affinities", node_affinities) if on_host_maintenance is not None: pulumi.set(__self__, "on_host_maintenance", on_host_maintenance) + if on_instance_stop_action is not None: + pulumi.set(__self__, "on_instance_stop_action", on_instance_stop_action) if preemptible is not None: pulumi.set(__self__, "preemptible", preemptible) if provisioning_model is not None: @@ -11150,8 +11236,7 @@ def maintenance_interval(self, value: Optional[pulumi.Input[str]]): @pulumi.getter(name="maxRunDuration") def max_run_duration(self) -> Optional[pulumi.Input['InstanceSchedulingMaxRunDurationArgs']]: """ - The duration of the instance. Instance will run and be terminated after then, the termination action could be defined in `instance_termination_action`. Only support `DELETE` `instance_termination_action` at this point. Structure is documented below. - The `max_run_duration` block supports: + The duration of the instance. Instance will run and be terminated after then, the termination action could be defined in `instance_termination_action`. Structure is documented below. """ return pulumi.get(self, "max_run_duration") @@ -11201,6 +11286,18 @@ def on_host_maintenance(self) -> Optional[pulumi.Input[str]]: def on_host_maintenance(self, value: Optional[pulumi.Input[str]]): pulumi.set(self, "on_host_maintenance", value) + @property + @pulumi.getter(name="onInstanceStopAction") + def on_instance_stop_action(self) -> Optional[pulumi.Input['InstanceSchedulingOnInstanceStopActionArgs']]: + """ + Specifies the action to be performed when the instance is terminated using `max_run_duration` and `STOP` `instance_termination_action`. Only support `true` `discard_local_ssd` at this point. Structure is documented below. + """ + return pulumi.get(self, "on_instance_stop_action") + + @on_instance_stop_action.setter + def on_instance_stop_action(self, value: Optional[pulumi.Input['InstanceSchedulingOnInstanceStopActionArgs']]): + pulumi.set(self, "on_instance_stop_action", value) + @property @pulumi.getter def preemptible(self) -> Optional[pulumi.Input[bool]]: @@ -11283,12 +11380,13 @@ def __init__(__self__, *, seconds: pulumi.Input[int], nanos: Optional[pulumi.Input[int]] = None): """ - :param pulumi.Input[int] seconds: Span of time at a resolution of a second. - Must be from 0 to 315,576,000,000 inclusive. + :param pulumi.Input[int] seconds: Span of time at a resolution of a second. Must be from 0 to + 315,576,000,000 inclusive. Note: these bounds are computed from: 60 + sec/min * 60 min/hr * 24 hr/day * 365.25 days/year * 10000 years. :param pulumi.Input[int] nanos: Span of time that's a fraction of a second at nanosecond - resolution. Durations less than one second are represented - with a 0 seconds field and a positive nanos field. Must - be from 0 to 999,999,999 inclusive. + resolution. Durations less than one second are represented with a 0 + `seconds` field and a positive `nanos` field. Must be from 0 to + 999,999,999 inclusive. """ pulumi.set(__self__, "seconds", seconds) if nanos is not None: @@ -11298,8 +11396,9 @@ def __init__(__self__, *, @pulumi.getter def seconds(self) -> pulumi.Input[int]: """ - Span of time at a resolution of a second. - Must be from 0 to 315,576,000,000 inclusive. + Span of time at a resolution of a second. Must be from 0 to + 315,576,000,000 inclusive. Note: these bounds are computed from: 60 + sec/min * 60 min/hr * 24 hr/day * 365.25 days/year * 10000 years. """ return pulumi.get(self, "seconds") @@ -11312,9 +11411,9 @@ def seconds(self, value: pulumi.Input[int]): def nanos(self) -> Optional[pulumi.Input[int]]: """ Span of time that's a fraction of a second at nanosecond - resolution. Durations less than one second are represented - with a 0 seconds field and a positive nanos field. Must - be from 0 to 999,999,999 inclusive. + resolution. Durations less than one second are represented with a 0 + `seconds` field and a positive `nanos` field. Must be from 0 to + 999,999,999 inclusive. """ return pulumi.get(self, "nanos") @@ -11377,6 +11476,29 @@ def values(self, value: pulumi.Input[Sequence[pulumi.Input[str]]]): pulumi.set(self, "values", value) +@pulumi.input_type +class InstanceSchedulingOnInstanceStopActionArgs: + def __init__(__self__, *, + discard_local_ssd: Optional[pulumi.Input[bool]] = None): + """ + :param pulumi.Input[bool] discard_local_ssd: Whether to discard local SSDs attached to the VM while terminating using `max_run_duration`. Only supports `true` at this point. + """ + if discard_local_ssd is not None: + pulumi.set(__self__, "discard_local_ssd", discard_local_ssd) + + @property + @pulumi.getter(name="discardLocalSsd") + def discard_local_ssd(self) -> Optional[pulumi.Input[bool]]: + """ + Whether to discard local SSDs attached to the VM while terminating using `max_run_duration`. Only supports `true` at this point. + """ + return pulumi.get(self, "discard_local_ssd") + + @discard_local_ssd.setter + def discard_local_ssd(self, value: Optional[pulumi.Input[bool]]): + pulumi.set(self, "discard_local_ssd", value) + + @pulumi.input_type class InstanceScratchDiskArgs: def __init__(__self__, *, @@ -12785,6 +12907,7 @@ def __init__(__self__, *, min_node_cpus: Optional[pulumi.Input[int]] = None, node_affinities: Optional[pulumi.Input[Sequence[pulumi.Input['InstanceTemplateSchedulingNodeAffinityArgs']]]] = None, on_host_maintenance: Optional[pulumi.Input[str]] = None, + on_instance_stop_action: Optional[pulumi.Input['InstanceTemplateSchedulingOnInstanceStopActionArgs']] = None, preemptible: Optional[pulumi.Input[bool]] = None, provisioning_model: Optional[pulumi.Input[str]] = None): """ @@ -12797,8 +12920,7 @@ def __init__(__self__, *, between 0 and 168 hours with hour granularity and the default value being 1 hour. :param pulumi.Input[str] maintenance_interval: Specifies the frequency of planned maintenance events. The accepted values are: `PERIODIC`. - :param pulumi.Input['InstanceTemplateSchedulingMaxRunDurationArgs'] max_run_duration: The duration of the instance. Instance will run and be terminated after then, the termination action could be defined in `instance_termination_action`. Only support `DELETE` `instance_termination_action` at this point. Structure is documented below. - The `max_run_duration` block supports: + :param pulumi.Input['InstanceTemplateSchedulingMaxRunDurationArgs'] max_run_duration: The duration of the instance. Instance will run and be terminated after then, the termination action could be defined in `instance_termination_action`. Structure is documented below. :param pulumi.Input[int] min_node_cpus: Minimum number of cpus for the instance. :param pulumi.Input[Sequence[pulumi.Input['InstanceTemplateSchedulingNodeAffinityArgs']]] node_affinities: Specifies node affinities or anti-affinities to determine which sole-tenant nodes your instances and managed instance @@ -12807,6 +12929,7 @@ def __init__(__self__, *, Structure documented below. :param pulumi.Input[str] on_host_maintenance: Defines the maintenance behavior for this instance. + :param pulumi.Input['InstanceTemplateSchedulingOnInstanceStopActionArgs'] on_instance_stop_action: Specifies the action to be performed when the instance is terminated using `max_run_duration` and `STOP` `instance_termination_action`. Only support `true` `discard_local_ssd` at this point. Structure is documented below. :param pulumi.Input[bool] preemptible: Allows instance to be preempted. This defaults to false. Read more on this [here](https://cloud.google.com/compute/docs/instances/preemptible). @@ -12831,6 +12954,8 @@ def __init__(__self__, *, pulumi.set(__self__, "node_affinities", node_affinities) if on_host_maintenance is not None: pulumi.set(__self__, "on_host_maintenance", on_host_maintenance) + if on_instance_stop_action is not None: + pulumi.set(__self__, "on_instance_stop_action", on_instance_stop_action) if preemptible is not None: pulumi.set(__self__, "preemptible", preemptible) if provisioning_model is not None: @@ -12893,8 +13018,7 @@ def maintenance_interval(self, value: Optional[pulumi.Input[str]]): @pulumi.getter(name="maxRunDuration") def max_run_duration(self) -> Optional[pulumi.Input['InstanceTemplateSchedulingMaxRunDurationArgs']]: """ - The duration of the instance. Instance will run and be terminated after then, the termination action could be defined in `instance_termination_action`. Only support `DELETE` `instance_termination_action` at this point. Structure is documented below. - The `max_run_duration` block supports: + The duration of the instance. Instance will run and be terminated after then, the termination action could be defined in `instance_termination_action`. Structure is documented below. """ return pulumi.get(self, "max_run_duration") @@ -12943,6 +13067,18 @@ def on_host_maintenance(self) -> Optional[pulumi.Input[str]]: def on_host_maintenance(self, value: Optional[pulumi.Input[str]]): pulumi.set(self, "on_host_maintenance", value) + @property + @pulumi.getter(name="onInstanceStopAction") + def on_instance_stop_action(self) -> Optional[pulumi.Input['InstanceTemplateSchedulingOnInstanceStopActionArgs']]: + """ + Specifies the action to be performed when the instance is terminated using `max_run_duration` and `STOP` `instance_termination_action`. Only support `true` `discard_local_ssd` at this point. Structure is documented below. + """ + return pulumi.get(self, "on_instance_stop_action") + + @on_instance_stop_action.setter + def on_instance_stop_action(self, value: Optional[pulumi.Input['InstanceTemplateSchedulingOnInstanceStopActionArgs']]): + pulumi.set(self, "on_instance_stop_action", value) + @property @pulumi.getter def preemptible(self) -> Optional[pulumi.Input[bool]]: @@ -13025,12 +13161,13 @@ def __init__(__self__, *, seconds: pulumi.Input[int], nanos: Optional[pulumi.Input[int]] = None): """ - :param pulumi.Input[int] seconds: Span of time at a resolution of a second. - Must be from 0 to 315,576,000,000 inclusive. + :param pulumi.Input[int] seconds: Span of time at a resolution of a second. Must be from 0 to + 315,576,000,000 inclusive. Note: these bounds are computed from: 60 + sec/min * 60 min/hr * 24 hr/day * 365.25 days/year * 10000 years. :param pulumi.Input[int] nanos: Span of time that's a fraction of a second at nanosecond - resolution. Durations less than one second are represented - with a 0 seconds field and a positive nanos field. Must - be from 0 to 999,999,999 inclusive. + resolution. Durations less than one second are represented with a 0 + `seconds` field and a positive `nanos` field. Must be from 0 to + 999,999,999 inclusive. """ pulumi.set(__self__, "seconds", seconds) if nanos is not None: @@ -13040,8 +13177,9 @@ def __init__(__self__, *, @pulumi.getter def seconds(self) -> pulumi.Input[int]: """ - Span of time at a resolution of a second. - Must be from 0 to 315,576,000,000 inclusive. + Span of time at a resolution of a second. Must be from 0 to + 315,576,000,000 inclusive. Note: these bounds are computed from: 60 + sec/min * 60 min/hr * 24 hr/day * 365.25 days/year * 10000 years. """ return pulumi.get(self, "seconds") @@ -13054,9 +13192,9 @@ def seconds(self, value: pulumi.Input[int]): def nanos(self) -> Optional[pulumi.Input[int]]: """ Span of time that's a fraction of a second at nanosecond - resolution. Durations less than one second are represented - with a 0 seconds field and a positive nanos field. Must - be from 0 to 999,999,999 inclusive. + resolution. Durations less than one second are represented with a 0 + `seconds` field and a positive `nanos` field. Must be from 0 to + 999,999,999 inclusive. """ return pulumi.get(self, "nanos") @@ -13115,6 +13253,29 @@ def values(self, value: pulumi.Input[Sequence[pulumi.Input[str]]]): pulumi.set(self, "values", value) +@pulumi.input_type +class InstanceTemplateSchedulingOnInstanceStopActionArgs: + def __init__(__self__, *, + discard_local_ssd: Optional[pulumi.Input[bool]] = None): + """ + :param pulumi.Input[bool] discard_local_ssd: Whether to discard local SSDs attached to the VM while terminating using `max_run_duration`. Only supports `true` at this point. + """ + if discard_local_ssd is not None: + pulumi.set(__self__, "discard_local_ssd", discard_local_ssd) + + @property + @pulumi.getter(name="discardLocalSsd") + def discard_local_ssd(self) -> Optional[pulumi.Input[bool]]: + """ + Whether to discard local SSDs attached to the VM while terminating using `max_run_duration`. Only supports `true` at this point. + """ + return pulumi.get(self, "discard_local_ssd") + + @discard_local_ssd.setter + def discard_local_ssd(self, value: Optional[pulumi.Input[bool]]): + pulumi.set(self, "discard_local_ssd", value) + + @pulumi.input_type class InstanceTemplateServiceAccountArgs: def __init__(__self__, *, @@ -21091,6 +21252,7 @@ def __init__(__self__, *, min_node_cpus: Optional[pulumi.Input[int]] = None, node_affinities: Optional[pulumi.Input[Sequence[pulumi.Input['RegionInstanceTemplateSchedulingNodeAffinityArgs']]]] = None, on_host_maintenance: Optional[pulumi.Input[str]] = None, + on_instance_stop_action: Optional[pulumi.Input['RegionInstanceTemplateSchedulingOnInstanceStopActionArgs']] = None, preemptible: Optional[pulumi.Input[bool]] = None, provisioning_model: Optional[pulumi.Input[str]] = None): """ @@ -21112,6 +21274,7 @@ def __init__(__self__, *, Structure documented below. :param pulumi.Input[str] on_host_maintenance: Defines the maintenance behavior for this instance. + :param pulumi.Input['RegionInstanceTemplateSchedulingOnInstanceStopActionArgs'] on_instance_stop_action: Defines the behaviour for instances with the instance_termination_action. :param pulumi.Input[bool] preemptible: Allows instance to be preempted. This defaults to false. Read more on this [here](https://cloud.google.com/compute/docs/instances/preemptible). @@ -21136,6 +21299,8 @@ def __init__(__self__, *, pulumi.set(__self__, "node_affinities", node_affinities) if on_host_maintenance is not None: pulumi.set(__self__, "on_host_maintenance", on_host_maintenance) + if on_instance_stop_action is not None: + pulumi.set(__self__, "on_instance_stop_action", on_instance_stop_action) if preemptible is not None: pulumi.set(__self__, "preemptible", preemptible) if provisioning_model is not None: @@ -21247,6 +21412,18 @@ def on_host_maintenance(self) -> Optional[pulumi.Input[str]]: def on_host_maintenance(self, value: Optional[pulumi.Input[str]]): pulumi.set(self, "on_host_maintenance", value) + @property + @pulumi.getter(name="onInstanceStopAction") + def on_instance_stop_action(self) -> Optional[pulumi.Input['RegionInstanceTemplateSchedulingOnInstanceStopActionArgs']]: + """ + Defines the behaviour for instances with the instance_termination_action. + """ + return pulumi.get(self, "on_instance_stop_action") + + @on_instance_stop_action.setter + def on_instance_stop_action(self, value: Optional[pulumi.Input['RegionInstanceTemplateSchedulingOnInstanceStopActionArgs']]): + pulumi.set(self, "on_instance_stop_action", value) + @property @pulumi.getter def preemptible(self) -> Optional[pulumi.Input[bool]]: @@ -21421,6 +21598,29 @@ def values(self, value: pulumi.Input[Sequence[pulumi.Input[str]]]): pulumi.set(self, "values", value) +@pulumi.input_type +class RegionInstanceTemplateSchedulingOnInstanceStopActionArgs: + def __init__(__self__, *, + discard_local_ssd: Optional[pulumi.Input[bool]] = None): + """ + :param pulumi.Input[bool] discard_local_ssd: If true, the contents of any attached Local SSD disks will be discarded. + """ + if discard_local_ssd is not None: + pulumi.set(__self__, "discard_local_ssd", discard_local_ssd) + + @property + @pulumi.getter(name="discardLocalSsd") + def discard_local_ssd(self) -> Optional[pulumi.Input[bool]]: + """ + If true, the contents of any attached Local SSD disks will be discarded. + """ + return pulumi.get(self, "discard_local_ssd") + + @discard_local_ssd.setter + def discard_local_ssd(self, value: Optional[pulumi.Input[bool]]): + pulumi.set(self, "discard_local_ssd", value) + + @pulumi.input_type class RegionInstanceTemplateServiceAccountArgs: def __init__(__self__, *, @@ -30204,6 +30404,7 @@ def __init__(__self__, *, :param pulumi.Input[str] json_parsing: Whether or not to JSON parse the payload body. Defaults to `DISABLED`. * `DISABLED` - Don't parse JSON payloads in POST bodies. * `STANDARD` - Parse JSON payloads in POST bodies. + * `STANDARD_WITH_GRAPHQL` - Parse JSON and GraphQL payloads in POST bodies. :param pulumi.Input[str] log_level: Log level to use. Defaults to `NORMAL`. * `NORMAL` - Normal log level. * `VERBOSE` - Verbose log level. @@ -30238,6 +30439,7 @@ def json_parsing(self) -> Optional[pulumi.Input[str]]: Whether or not to JSON parse the payload body. Defaults to `DISABLED`. * `DISABLED` - Don't parse JSON payloads in POST bodies. * `STANDARD` - Parse JSON payloads in POST bodies. + * `STANDARD_WITH_GRAPHQL` - Parse JSON and GraphQL payloads in POST bodies. """ return pulumi.get(self, "json_parsing") @@ -30998,102 +31200,73 @@ def value(self, value: Optional[pulumi.Input[str]]): @pulumi.input_type class SecurityPolicyRuleRateLimitOptionsArgs: def __init__(__self__, *, - conform_action: pulumi.Input[str], - exceed_action: pulumi.Input[str], - rate_limit_threshold: pulumi.Input['SecurityPolicyRuleRateLimitOptionsRateLimitThresholdArgs'], ban_duration_sec: Optional[pulumi.Input[int]] = None, ban_threshold: Optional[pulumi.Input['SecurityPolicyRuleRateLimitOptionsBanThresholdArgs']] = None, + conform_action: Optional[pulumi.Input[str]] = None, enforce_on_key: Optional[pulumi.Input[str]] = None, enforce_on_key_configs: Optional[pulumi.Input[Sequence[pulumi.Input['SecurityPolicyRuleRateLimitOptionsEnforceOnKeyConfigArgs']]]] = None, enforce_on_key_name: Optional[pulumi.Input[str]] = None, - exceed_redirect_options: Optional[pulumi.Input['SecurityPolicyRuleRateLimitOptionsExceedRedirectOptionsArgs']] = None): + exceed_action: Optional[pulumi.Input[str]] = None, + exceed_redirect_options: Optional[pulumi.Input['SecurityPolicyRuleRateLimitOptionsExceedRedirectOptionsArgs']] = None, + rate_limit_threshold: Optional[pulumi.Input['SecurityPolicyRuleRateLimitOptionsRateLimitThresholdArgs']] = None): """ - :param pulumi.Input[str] conform_action: Action to take for requests that are under the configured rate limit threshold. Valid option is `allow` only. - :param pulumi.Input[str] exceed_action: When a request is denied, returns the HTTP response code specified. - Valid options are `deny()` where valid values for status are 403, 404, 429, and 502. - :param pulumi.Input['SecurityPolicyRuleRateLimitOptionsRateLimitThresholdArgs'] rate_limit_threshold: Threshold at which to begin ratelimiting. Structure is documented below. - :param pulumi.Input[int] ban_duration_sec: Can only be specified if the `action` for the rule is `rate_based_ban`. + :param pulumi.Input[int] ban_duration_sec: Can only be specified if the action for the rule is "rate_based_ban". If specified, determines the time (in seconds) the traffic will continue to be banned by the rate limit after the rate falls below the threshold. - :param pulumi.Input['SecurityPolicyRuleRateLimitOptionsBanThresholdArgs'] ban_threshold: Can only be specified if the `action` for the rule is `rate_based_ban`. - If specified, the key will be banned for the configured `ban_duration_sec` when the number of requests that exceed the `rate_limit_threshold` also - exceed this `ban_threshold`. Structure is documented below. - :param pulumi.Input[str] enforce_on_key: Determines the key to enforce the rate_limit_threshold on. If not specified, defaults to `ALL`. - - * `ALL`: A single rate limit threshold is applied to all the requests matching this rule. - * `IP`: The source IP address of the request is the key. Each IP has this limit enforced separately. - * `HTTP_HEADER`: The value of the HTTP header whose name is configured under `enforce_on_key_name`. The key value is truncated to the first 128 bytes of the header value. If no such header is present in the request, the key type defaults to `ALL`. - * `XFF_IP`: The first IP address (i.e. the originating client IP address) specified in the list of IPs under `X-Forwarded-For` HTTP header. If no such header is present or the value is not a valid IP, the key type defaults to `ALL`. - * `HTTP_COOKIE`: The value of the HTTP cookie whose name is configured under `enforce_on_key_name`. The key value is truncated to the first 128 bytes of the cookie value. If no such cookie is present in the request, the key type defaults to `ALL`. - * `HTTP_PATH`: The URL path of the HTTP request. The key value is truncated to the first 128 bytes - * `SNI`: Server name indication in the TLS session of the HTTPS request. The key value is truncated to the first 128 bytes. The key type defaults to `ALL` on a HTTP session. - * `REGION_CODE`: The country/region from which the request originates. - :param pulumi.Input[Sequence[pulumi.Input['SecurityPolicyRuleRateLimitOptionsEnforceOnKeyConfigArgs']]] enforce_on_key_configs: If specified, any combination of values of enforce_on_key_type/enforce_on_key_name is treated as the key on which rate limit threshold/action is enforced. You can specify up to 3 enforce_on_key_configs. If `enforce_on_key_configs` is specified, `enforce_on_key` must be set to an empty string. Structure is documented below. - - **Note:** To avoid the conflict between `enforce_on_key` and `enforce_on_key_configs`, the field `enforce_on_key` needs to be set to an empty string. + :param pulumi.Input['SecurityPolicyRuleRateLimitOptionsBanThresholdArgs'] ban_threshold: Can only be specified if the action for the rule is "rate_based_ban". + If specified, the key will be banned for the configured 'banDurationSec' when the number of requests that exceed the 'rateLimitThreshold' also exceed this 'banThreshold'. + Structure is documented below. + :param pulumi.Input[str] conform_action: Action to take for requests that are under the configured rate limit threshold. + Valid option is "allow" only. + :param pulumi.Input[str] enforce_on_key: Determines the key to enforce the rateLimitThreshold on. Possible values are: + * ALL: A single rate limit threshold is applied to all the requests matching this rule. This is the default value if "enforceOnKey" is not configured. + * IP: The source IP address of the request is the key. Each IP has this limit enforced separately. + * HTTP_HEADER: The value of the HTTP header whose name is configured under "enforceOnKeyName". The key value is truncated to the first 128 bytes of the header value. If no such header is present in the request, the key type defaults to ALL. + * XFF_IP: The first IP address (i.e. the originating client IP address) specified in the list of IPs under X-Forwarded-For HTTP header. If no such header is present or the value is not a valid IP, the key defaults to the source IP address of the request i.e. key type IP. + * HTTP_COOKIE: The value of the HTTP cookie whose name is configured under "enforceOnKeyName". The key value is truncated to the first 128 bytes of the cookie value. If no such cookie is present in the request, the key type defaults to ALL. + * HTTP_PATH: The URL path of the HTTP request. The key value is truncated to the first 128 bytes. + * SNI: Server name indication in the TLS session of the HTTPS request. The key value is truncated to the first 128 bytes. The key type defaults to ALL on a HTTP session. + * REGION_CODE: The country/region from which the request originates. + * TLS_JA3_FINGERPRINT: JA3 TLS/SSL fingerprint if the client connects using HTTPS, HTTP/2 or HTTP/3. If not available, the key type defaults to ALL. + * USER_IP: The IP address of the originating client, which is resolved based on "userIpRequestHeaders" configured with the security policy. If there is no "userIpRequestHeaders" configuration or an IP address cannot be resolved from it, the key type defaults to IP. + Possible values are: `ALL`, `IP`, `HTTP_HEADER`, `XFF_IP`, `HTTP_COOKIE`, `HTTP_PATH`, `SNI`, `REGION_CODE`, `TLS_JA3_FINGERPRINT`, `USER_IP`. + :param pulumi.Input[Sequence[pulumi.Input['SecurityPolicyRuleRateLimitOptionsEnforceOnKeyConfigArgs']]] enforce_on_key_configs: If specified, any combination of values of enforceOnKeyType/enforceOnKeyName is treated as the key on which ratelimit threshold/action is enforced. + You can specify up to 3 enforceOnKeyConfigs. + If enforceOnKeyConfigs is specified, enforceOnKey must not be specified. + Structure is documented below. :param pulumi.Input[str] enforce_on_key_name: Rate limit key name applicable only for the following key types: - - * `HTTP_HEADER` -- Name of the HTTP header whose value is taken as the key value. - * `HTTP_COOKIE` -- Name of the HTTP cookie whose value is taken as the key value. - :param pulumi.Input['SecurityPolicyRuleRateLimitOptionsExceedRedirectOptionsArgs'] exceed_redirect_options: Parameters defining the redirect action that is used as the exceed action. Cannot be specified if the exceed action is not redirect. + HTTP_HEADER -- Name of the HTTP header whose value is taken as the key value. + HTTP_COOKIE -- Name of the HTTP cookie whose value is taken as the key value. + :param pulumi.Input[str] exceed_action: Action to take for requests that are above the configured rate limit threshold, to either deny with a specified HTTP response code, or redirect to a different endpoint. + Valid options are deny(STATUS), where valid values for STATUS are 403, 404, 429, and 502. + :param pulumi.Input['SecurityPolicyRuleRateLimitOptionsExceedRedirectOptionsArgs'] exceed_redirect_options: Parameters defining the redirect action that is used as the exceed action. Cannot be specified if the exceed action is not redirect. This field is only supported in Global Security Policies of type CLOUD_ARMOR. + Structure is documented below. + :param pulumi.Input['SecurityPolicyRuleRateLimitOptionsRateLimitThresholdArgs'] rate_limit_threshold: Threshold at which to begin ratelimiting. + Structure is documented below. """ - pulumi.set(__self__, "conform_action", conform_action) - pulumi.set(__self__, "exceed_action", exceed_action) - pulumi.set(__self__, "rate_limit_threshold", rate_limit_threshold) if ban_duration_sec is not None: pulumi.set(__self__, "ban_duration_sec", ban_duration_sec) if ban_threshold is not None: pulumi.set(__self__, "ban_threshold", ban_threshold) + if conform_action is not None: + pulumi.set(__self__, "conform_action", conform_action) if enforce_on_key is not None: pulumi.set(__self__, "enforce_on_key", enforce_on_key) if enforce_on_key_configs is not None: pulumi.set(__self__, "enforce_on_key_configs", enforce_on_key_configs) if enforce_on_key_name is not None: pulumi.set(__self__, "enforce_on_key_name", enforce_on_key_name) + if exceed_action is not None: + pulumi.set(__self__, "exceed_action", exceed_action) if exceed_redirect_options is not None: pulumi.set(__self__, "exceed_redirect_options", exceed_redirect_options) - - @property - @pulumi.getter(name="conformAction") - def conform_action(self) -> pulumi.Input[str]: - """ - Action to take for requests that are under the configured rate limit threshold. Valid option is `allow` only. - """ - return pulumi.get(self, "conform_action") - - @conform_action.setter - def conform_action(self, value: pulumi.Input[str]): - pulumi.set(self, "conform_action", value) - - @property - @pulumi.getter(name="exceedAction") - def exceed_action(self) -> pulumi.Input[str]: - """ - When a request is denied, returns the HTTP response code specified. - Valid options are `deny()` where valid values for status are 403, 404, 429, and 502. - """ - return pulumi.get(self, "exceed_action") - - @exceed_action.setter - def exceed_action(self, value: pulumi.Input[str]): - pulumi.set(self, "exceed_action", value) - - @property - @pulumi.getter(name="rateLimitThreshold") - def rate_limit_threshold(self) -> pulumi.Input['SecurityPolicyRuleRateLimitOptionsRateLimitThresholdArgs']: - """ - Threshold at which to begin ratelimiting. Structure is documented below. - """ - return pulumi.get(self, "rate_limit_threshold") - - @rate_limit_threshold.setter - def rate_limit_threshold(self, value: pulumi.Input['SecurityPolicyRuleRateLimitOptionsRateLimitThresholdArgs']): - pulumi.set(self, "rate_limit_threshold", value) + if rate_limit_threshold is not None: + pulumi.set(__self__, "rate_limit_threshold", rate_limit_threshold) @property @pulumi.getter(name="banDurationSec") def ban_duration_sec(self) -> Optional[pulumi.Input[int]]: """ - Can only be specified if the `action` for the rule is `rate_based_ban`. + Can only be specified if the action for the rule is "rate_based_ban". If specified, determines the time (in seconds) the traffic will continue to be banned by the rate limit after the rate falls below the threshold. """ return pulumi.get(self, "ban_duration_sec") @@ -31106,9 +31279,9 @@ def ban_duration_sec(self, value: Optional[pulumi.Input[int]]): @pulumi.getter(name="banThreshold") def ban_threshold(self) -> Optional[pulumi.Input['SecurityPolicyRuleRateLimitOptionsBanThresholdArgs']]: """ - Can only be specified if the `action` for the rule is `rate_based_ban`. - If specified, the key will be banned for the configured `ban_duration_sec` when the number of requests that exceed the `rate_limit_threshold` also - exceed this `ban_threshold`. Structure is documented below. + Can only be specified if the action for the rule is "rate_based_ban". + If specified, the key will be banned for the configured 'banDurationSec' when the number of requests that exceed the 'rateLimitThreshold' also exceed this 'banThreshold'. + Structure is documented below. """ return pulumi.get(self, "ban_threshold") @@ -31116,20 +31289,35 @@ def ban_threshold(self) -> Optional[pulumi.Input['SecurityPolicyRuleRateLimitOpt def ban_threshold(self, value: Optional[pulumi.Input['SecurityPolicyRuleRateLimitOptionsBanThresholdArgs']]): pulumi.set(self, "ban_threshold", value) + @property + @pulumi.getter(name="conformAction") + def conform_action(self) -> Optional[pulumi.Input[str]]: + """ + Action to take for requests that are under the configured rate limit threshold. + Valid option is "allow" only. + """ + return pulumi.get(self, "conform_action") + + @conform_action.setter + def conform_action(self, value: Optional[pulumi.Input[str]]): + pulumi.set(self, "conform_action", value) + @property @pulumi.getter(name="enforceOnKey") def enforce_on_key(self) -> Optional[pulumi.Input[str]]: """ - Determines the key to enforce the rate_limit_threshold on. If not specified, defaults to `ALL`. - - * `ALL`: A single rate limit threshold is applied to all the requests matching this rule. - * `IP`: The source IP address of the request is the key. Each IP has this limit enforced separately. - * `HTTP_HEADER`: The value of the HTTP header whose name is configured under `enforce_on_key_name`. The key value is truncated to the first 128 bytes of the header value. If no such header is present in the request, the key type defaults to `ALL`. - * `XFF_IP`: The first IP address (i.e. the originating client IP address) specified in the list of IPs under `X-Forwarded-For` HTTP header. If no such header is present or the value is not a valid IP, the key type defaults to `ALL`. - * `HTTP_COOKIE`: The value of the HTTP cookie whose name is configured under `enforce_on_key_name`. The key value is truncated to the first 128 bytes of the cookie value. If no such cookie is present in the request, the key type defaults to `ALL`. - * `HTTP_PATH`: The URL path of the HTTP request. The key value is truncated to the first 128 bytes - * `SNI`: Server name indication in the TLS session of the HTTPS request. The key value is truncated to the first 128 bytes. The key type defaults to `ALL` on a HTTP session. - * `REGION_CODE`: The country/region from which the request originates. + Determines the key to enforce the rateLimitThreshold on. Possible values are: + * ALL: A single rate limit threshold is applied to all the requests matching this rule. This is the default value if "enforceOnKey" is not configured. + * IP: The source IP address of the request is the key. Each IP has this limit enforced separately. + * HTTP_HEADER: The value of the HTTP header whose name is configured under "enforceOnKeyName". The key value is truncated to the first 128 bytes of the header value. If no such header is present in the request, the key type defaults to ALL. + * XFF_IP: The first IP address (i.e. the originating client IP address) specified in the list of IPs under X-Forwarded-For HTTP header. If no such header is present or the value is not a valid IP, the key defaults to the source IP address of the request i.e. key type IP. + * HTTP_COOKIE: The value of the HTTP cookie whose name is configured under "enforceOnKeyName". The key value is truncated to the first 128 bytes of the cookie value. If no such cookie is present in the request, the key type defaults to ALL. + * HTTP_PATH: The URL path of the HTTP request. The key value is truncated to the first 128 bytes. + * SNI: Server name indication in the TLS session of the HTTPS request. The key value is truncated to the first 128 bytes. The key type defaults to ALL on a HTTP session. + * REGION_CODE: The country/region from which the request originates. + * TLS_JA3_FINGERPRINT: JA3 TLS/SSL fingerprint if the client connects using HTTPS, HTTP/2 or HTTP/3. If not available, the key type defaults to ALL. + * USER_IP: The IP address of the originating client, which is resolved based on "userIpRequestHeaders" configured with the security policy. If there is no "userIpRequestHeaders" configuration or an IP address cannot be resolved from it, the key type defaults to IP. + Possible values are: `ALL`, `IP`, `HTTP_HEADER`, `XFF_IP`, `HTTP_COOKIE`, `HTTP_PATH`, `SNI`, `REGION_CODE`, `TLS_JA3_FINGERPRINT`, `USER_IP`. """ return pulumi.get(self, "enforce_on_key") @@ -31141,9 +31329,10 @@ def enforce_on_key(self, value: Optional[pulumi.Input[str]]): @pulumi.getter(name="enforceOnKeyConfigs") def enforce_on_key_configs(self) -> Optional[pulumi.Input[Sequence[pulumi.Input['SecurityPolicyRuleRateLimitOptionsEnforceOnKeyConfigArgs']]]]: """ - If specified, any combination of values of enforce_on_key_type/enforce_on_key_name is treated as the key on which rate limit threshold/action is enforced. You can specify up to 3 enforce_on_key_configs. If `enforce_on_key_configs` is specified, `enforce_on_key` must be set to an empty string. Structure is documented below. - - **Note:** To avoid the conflict between `enforce_on_key` and `enforce_on_key_configs`, the field `enforce_on_key` needs to be set to an empty string. + If specified, any combination of values of enforceOnKeyType/enforceOnKeyName is treated as the key on which ratelimit threshold/action is enforced. + You can specify up to 3 enforceOnKeyConfigs. + If enforceOnKeyConfigs is specified, enforceOnKey must not be specified. + Structure is documented below. """ return pulumi.get(self, "enforce_on_key_configs") @@ -31156,9 +31345,8 @@ def enforce_on_key_configs(self, value: Optional[pulumi.Input[Sequence[pulumi.In def enforce_on_key_name(self) -> Optional[pulumi.Input[str]]: """ Rate limit key name applicable only for the following key types: - - * `HTTP_HEADER` -- Name of the HTTP header whose value is taken as the key value. - * `HTTP_COOKIE` -- Name of the HTTP cookie whose value is taken as the key value. + HTTP_HEADER -- Name of the HTTP header whose value is taken as the key value. + HTTP_COOKIE -- Name of the HTTP cookie whose value is taken as the key value. """ return pulumi.get(self, "enforce_on_key_name") @@ -31166,11 +31354,25 @@ def enforce_on_key_name(self) -> Optional[pulumi.Input[str]]: def enforce_on_key_name(self, value: Optional[pulumi.Input[str]]): pulumi.set(self, "enforce_on_key_name", value) + @property + @pulumi.getter(name="exceedAction") + def exceed_action(self) -> Optional[pulumi.Input[str]]: + """ + Action to take for requests that are above the configured rate limit threshold, to either deny with a specified HTTP response code, or redirect to a different endpoint. + Valid options are deny(STATUS), where valid values for STATUS are 403, 404, 429, and 502. + """ + return pulumi.get(self, "exceed_action") + + @exceed_action.setter + def exceed_action(self, value: Optional[pulumi.Input[str]]): + pulumi.set(self, "exceed_action", value) + @property @pulumi.getter(name="exceedRedirectOptions") def exceed_redirect_options(self) -> Optional[pulumi.Input['SecurityPolicyRuleRateLimitOptionsExceedRedirectOptionsArgs']]: """ - Parameters defining the redirect action that is used as the exceed action. Cannot be specified if the exceed action is not redirect. + Parameters defining the redirect action that is used as the exceed action. Cannot be specified if the exceed action is not redirect. This field is only supported in Global Security Policies of type CLOUD_ARMOR. + Structure is documented below. """ return pulumi.get(self, "exceed_redirect_options") @@ -31178,41 +31380,56 @@ def exceed_redirect_options(self) -> Optional[pulumi.Input['SecurityPolicyRuleRa def exceed_redirect_options(self, value: Optional[pulumi.Input['SecurityPolicyRuleRateLimitOptionsExceedRedirectOptionsArgs']]): pulumi.set(self, "exceed_redirect_options", value) + @property + @pulumi.getter(name="rateLimitThreshold") + def rate_limit_threshold(self) -> Optional[pulumi.Input['SecurityPolicyRuleRateLimitOptionsRateLimitThresholdArgs']]: + """ + Threshold at which to begin ratelimiting. + Structure is documented below. + """ + return pulumi.get(self, "rate_limit_threshold") + + @rate_limit_threshold.setter + def rate_limit_threshold(self, value: Optional[pulumi.Input['SecurityPolicyRuleRateLimitOptionsRateLimitThresholdArgs']]): + pulumi.set(self, "rate_limit_threshold", value) + @pulumi.input_type class SecurityPolicyRuleRateLimitOptionsBanThresholdArgs: def __init__(__self__, *, - count: pulumi.Input[int], - interval_sec: pulumi.Input[int]): + count: Optional[pulumi.Input[int]] = None, + interval_sec: Optional[pulumi.Input[int]] = None): """ :param pulumi.Input[int] count: Number of HTTP(S) requests for calculating the threshold. :param pulumi.Input[int] interval_sec: Interval over which the threshold is computed. """ - pulumi.set(__self__, "count", count) - pulumi.set(__self__, "interval_sec", interval_sec) + if count is not None: + pulumi.set(__self__, "count", count) + if interval_sec is not None: + pulumi.set(__self__, "interval_sec", interval_sec) @property @pulumi.getter - def count(self) -> pulumi.Input[int]: + def count(self) -> Optional[pulumi.Input[int]]: """ Number of HTTP(S) requests for calculating the threshold. """ return pulumi.get(self, "count") @count.setter - def count(self, value: pulumi.Input[int]): + def count(self, value: Optional[pulumi.Input[int]]): pulumi.set(self, "count", value) @property @pulumi.getter(name="intervalSec") - def interval_sec(self) -> pulumi.Input[int]: + def interval_sec(self) -> Optional[pulumi.Input[int]]: """ Interval over which the threshold is computed. """ return pulumi.get(self, "interval_sec") @interval_sec.setter - def interval_sec(self, value: pulumi.Input[int]): + def interval_sec(self, value: Optional[pulumi.Input[int]]): pulumi.set(self, "interval_sec", value) @@ -31223,19 +31440,20 @@ def __init__(__self__, *, enforce_on_key_type: Optional[pulumi.Input[str]] = None): """ :param pulumi.Input[str] enforce_on_key_name: Rate limit key name applicable only for the following key types: - - * `HTTP_HEADER` -- Name of the HTTP header whose value is taken as the key value. - * `HTTP_COOKIE` -- Name of the HTTP cookie whose value is taken as the key value. - :param pulumi.Input[str] enforce_on_key_type: Determines the key to enforce the `rate_limit_threshold` on. If not specified, defaults to `ALL`. - - * `ALL`: A single rate limit threshold is applied to all the requests matching this rule. - * `IP`: The source IP address of the request is the key. Each IP has this limit enforced separately. - * `HTTP_HEADER`: The value of the HTTP header whose name is configured on `enforce_on_key_name`. The key value is truncated to the first 128 bytes of the header value. If no such header is present in the request, the key type defaults to `ALL`. - * `XFF_IP`: The first IP address (i.e. the originating client IP address) specified in the list of IPs under X-Forwarded-For HTTP header. If no such header is present or the value is not a valid IP, the key type defaults to `ALL`. - * `HTTP_COOKIE`: The value of the HTTP cookie whose name is configured under `enforce_on_key_name`. The key value is truncated to the first 128 bytes of the cookie value. If no such cookie is present in the request, the key type defaults to `ALL`. - * `HTTP_PATH`: The URL path of the HTTP request. The key value is truncated to the first 128 bytes - * `SNI`: Server name indication in the TLS session of the HTTPS request. The key value is truncated to the first 128 bytes. The key type defaults to `ALL` on a HTTP session. - * `REGION_CODE`: The country/region from which the request originates. + HTTP_HEADER -- Name of the HTTP header whose value is taken as the key value. + HTTP_COOKIE -- Name of the HTTP cookie whose value is taken as the key value. + :param pulumi.Input[str] enforce_on_key_type: Determines the key to enforce the rateLimitThreshold on. Possible values are: + * ALL: A single rate limit threshold is applied to all the requests matching this rule. This is the default value if "enforceOnKeyConfigs" is not configured. + * IP: The source IP address of the request is the key. Each IP has this limit enforced separately. + * HTTP_HEADER: The value of the HTTP header whose name is configured under "enforceOnKeyName". The key value is truncated to the first 128 bytes of the header value. If no such header is present in the request, the key type defaults to ALL. + * XFF_IP: The first IP address (i.e. the originating client IP address) specified in the list of IPs under X-Forwarded-For HTTP header. If no such header is present or the value is not a valid IP, the key defaults to the source IP address of the request i.e. key type IP. + * HTTP_COOKIE: The value of the HTTP cookie whose name is configured under "enforceOnKeyName". The key value is truncated to the first 128 bytes of the cookie value. If no such cookie is present in the request, the key type defaults to ALL. + * HTTP_PATH: The URL path of the HTTP request. The key value is truncated to the first 128 bytes. + * SNI: Server name indication in the TLS session of the HTTPS request. The key value is truncated to the first 128 bytes. The key type defaults to ALL on a HTTP session. + * REGION_CODE: The country/region from which the request originates. + * TLS_JA3_FINGERPRINT: JA3 TLS/SSL fingerprint if the client connects using HTTPS, HTTP/2 or HTTP/3. If not available, the key type defaults to ALL. + * USER_IP: The IP address of the originating client, which is resolved based on "userIpRequestHeaders" configured with the security policy. If there is no "userIpRequestHeaders" configuration or an IP address cannot be resolved from it, the key type defaults to IP. + Possible values are: `ALL`, `IP`, `HTTP_HEADER`, `XFF_IP`, `HTTP_COOKIE`, `HTTP_PATH`, `SNI`, `REGION_CODE`, `TLS_JA3_FINGERPRINT`, `USER_IP`. """ if enforce_on_key_name is not None: pulumi.set(__self__, "enforce_on_key_name", enforce_on_key_name) @@ -31247,9 +31465,8 @@ def __init__(__self__, *, def enforce_on_key_name(self) -> Optional[pulumi.Input[str]]: """ Rate limit key name applicable only for the following key types: - - * `HTTP_HEADER` -- Name of the HTTP header whose value is taken as the key value. - * `HTTP_COOKIE` -- Name of the HTTP cookie whose value is taken as the key value. + HTTP_HEADER -- Name of the HTTP header whose value is taken as the key value. + HTTP_COOKIE -- Name of the HTTP cookie whose value is taken as the key value. """ return pulumi.get(self, "enforce_on_key_name") @@ -31261,16 +31478,18 @@ def enforce_on_key_name(self, value: Optional[pulumi.Input[str]]): @pulumi.getter(name="enforceOnKeyType") def enforce_on_key_type(self) -> Optional[pulumi.Input[str]]: """ - Determines the key to enforce the `rate_limit_threshold` on. If not specified, defaults to `ALL`. - - * `ALL`: A single rate limit threshold is applied to all the requests matching this rule. - * `IP`: The source IP address of the request is the key. Each IP has this limit enforced separately. - * `HTTP_HEADER`: The value of the HTTP header whose name is configured on `enforce_on_key_name`. The key value is truncated to the first 128 bytes of the header value. If no such header is present in the request, the key type defaults to `ALL`. - * `XFF_IP`: The first IP address (i.e. the originating client IP address) specified in the list of IPs under X-Forwarded-For HTTP header. If no such header is present or the value is not a valid IP, the key type defaults to `ALL`. - * `HTTP_COOKIE`: The value of the HTTP cookie whose name is configured under `enforce_on_key_name`. The key value is truncated to the first 128 bytes of the cookie value. If no such cookie is present in the request, the key type defaults to `ALL`. - * `HTTP_PATH`: The URL path of the HTTP request. The key value is truncated to the first 128 bytes - * `SNI`: Server name indication in the TLS session of the HTTPS request. The key value is truncated to the first 128 bytes. The key type defaults to `ALL` on a HTTP session. - * `REGION_CODE`: The country/region from which the request originates. + Determines the key to enforce the rateLimitThreshold on. Possible values are: + * ALL: A single rate limit threshold is applied to all the requests matching this rule. This is the default value if "enforceOnKeyConfigs" is not configured. + * IP: The source IP address of the request is the key. Each IP has this limit enforced separately. + * HTTP_HEADER: The value of the HTTP header whose name is configured under "enforceOnKeyName". The key value is truncated to the first 128 bytes of the header value. If no such header is present in the request, the key type defaults to ALL. + * XFF_IP: The first IP address (i.e. the originating client IP address) specified in the list of IPs under X-Forwarded-For HTTP header. If no such header is present or the value is not a valid IP, the key defaults to the source IP address of the request i.e. key type IP. + * HTTP_COOKIE: The value of the HTTP cookie whose name is configured under "enforceOnKeyName". The key value is truncated to the first 128 bytes of the cookie value. If no such cookie is present in the request, the key type defaults to ALL. + * HTTP_PATH: The URL path of the HTTP request. The key value is truncated to the first 128 bytes. + * SNI: Server name indication in the TLS session of the HTTPS request. The key value is truncated to the first 128 bytes. The key type defaults to ALL on a HTTP session. + * REGION_CODE: The country/region from which the request originates. + * TLS_JA3_FINGERPRINT: JA3 TLS/SSL fingerprint if the client connects using HTTPS, HTTP/2 or HTTP/3. If not available, the key type defaults to ALL. + * USER_IP: The IP address of the originating client, which is resolved based on "userIpRequestHeaders" configured with the security policy. If there is no "userIpRequestHeaders" configuration or an IP address cannot be resolved from it, the key type defaults to IP. + Possible values are: `ALL`, `IP`, `HTTP_HEADER`, `XFF_IP`, `HTTP_COOKIE`, `HTTP_PATH`, `SNI`, `REGION_CODE`, `TLS_JA3_FINGERPRINT`, `USER_IP`. """ return pulumi.get(self, "enforce_on_key_type") @@ -31282,75 +31501,78 @@ def enforce_on_key_type(self, value: Optional[pulumi.Input[str]]): @pulumi.input_type class SecurityPolicyRuleRateLimitOptionsExceedRedirectOptionsArgs: def __init__(__self__, *, - type: pulumi.Input[str], - target: Optional[pulumi.Input[str]] = None): + target: Optional[pulumi.Input[str]] = None, + type: Optional[pulumi.Input[str]] = None): """ + :param pulumi.Input[str] target: Target for the redirect action. This is required if the type is EXTERNAL_302 and cannot be specified for GOOGLE_RECAPTCHA. :param pulumi.Input[str] type: Type of the redirect action. - :param pulumi.Input[str] target: Target for the redirect action. This is required if the type is `EXTERNAL_302` and cannot be specified for `GOOGLE_RECAPTCHA`. """ - pulumi.set(__self__, "type", type) if target is not None: pulumi.set(__self__, "target", target) + if type is not None: + pulumi.set(__self__, "type", type) @property @pulumi.getter - def type(self) -> pulumi.Input[str]: + def target(self) -> Optional[pulumi.Input[str]]: """ - Type of the redirect action. + Target for the redirect action. This is required if the type is EXTERNAL_302 and cannot be specified for GOOGLE_RECAPTCHA. """ - return pulumi.get(self, "type") + return pulumi.get(self, "target") - @type.setter - def type(self, value: pulumi.Input[str]): - pulumi.set(self, "type", value) + @target.setter + def target(self, value: Optional[pulumi.Input[str]]): + pulumi.set(self, "target", value) @property @pulumi.getter - def target(self) -> Optional[pulumi.Input[str]]: + def type(self) -> Optional[pulumi.Input[str]]: """ - Target for the redirect action. This is required if the type is `EXTERNAL_302` and cannot be specified for `GOOGLE_RECAPTCHA`. + Type of the redirect action. """ - return pulumi.get(self, "target") + return pulumi.get(self, "type") - @target.setter - def target(self, value: Optional[pulumi.Input[str]]): - pulumi.set(self, "target", value) + @type.setter + def type(self, value: Optional[pulumi.Input[str]]): + pulumi.set(self, "type", value) @pulumi.input_type class SecurityPolicyRuleRateLimitOptionsRateLimitThresholdArgs: def __init__(__self__, *, - count: pulumi.Input[int], - interval_sec: pulumi.Input[int]): + count: Optional[pulumi.Input[int]] = None, + interval_sec: Optional[pulumi.Input[int]] = None): """ :param pulumi.Input[int] count: Number of HTTP(S) requests for calculating the threshold. :param pulumi.Input[int] interval_sec: Interval over which the threshold is computed. """ - pulumi.set(__self__, "count", count) - pulumi.set(__self__, "interval_sec", interval_sec) + if count is not None: + pulumi.set(__self__, "count", count) + if interval_sec is not None: + pulumi.set(__self__, "interval_sec", interval_sec) @property @pulumi.getter - def count(self) -> pulumi.Input[int]: + def count(self) -> Optional[pulumi.Input[int]]: """ Number of HTTP(S) requests for calculating the threshold. """ return pulumi.get(self, "count") @count.setter - def count(self, value: pulumi.Input[int]): + def count(self, value: Optional[pulumi.Input[int]]): pulumi.set(self, "count", value) @property @pulumi.getter(name="intervalSec") - def interval_sec(self) -> pulumi.Input[int]: + def interval_sec(self) -> Optional[pulumi.Input[int]]: """ Interval over which the threshold is computed. """ return pulumi.get(self, "interval_sec") @interval_sec.setter - def interval_sec(self, value: pulumi.Input[int]): + def interval_sec(self, value: Optional[pulumi.Input[int]]): pulumi.set(self, "interval_sec", value) diff --git a/sdk/python/pulumi_gcp/compute/get_subnetworks.py b/sdk/python/pulumi_gcp/compute/get_subnetworks.py new file mode 100644 index 0000000000..431f01be36 --- /dev/null +++ b/sdk/python/pulumi_gcp/compute/get_subnetworks.py @@ -0,0 +1,157 @@ +# coding=utf-8 +# *** WARNING: this file was generated by the Pulumi Terraform Bridge (tfgen) Tool. *** +# *** Do not edit by hand unless you're certain you know what you are doing! *** + +import copy +import warnings +import pulumi +import pulumi.runtime +from typing import Any, Mapping, Optional, Sequence, Union, overload +from .. import _utilities +from . import outputs + +__all__ = [ + 'GetSubnetworksResult', + 'AwaitableGetSubnetworksResult', + 'get_subnetworks', + 'get_subnetworks_output', +] + +@pulumi.output_type +class GetSubnetworksResult: + """ + A collection of values returned by getSubnetworks. + """ + def __init__(__self__, filter=None, id=None, project=None, region=None, subnetworks=None): + if filter and not isinstance(filter, str): + raise TypeError("Expected argument 'filter' to be a str") + pulumi.set(__self__, "filter", filter) + if id and not isinstance(id, str): + raise TypeError("Expected argument 'id' to be a str") + pulumi.set(__self__, "id", id) + if project and not isinstance(project, str): + raise TypeError("Expected argument 'project' to be a str") + pulumi.set(__self__, "project", project) + if region and not isinstance(region, str): + raise TypeError("Expected argument 'region' to be a str") + pulumi.set(__self__, "region", region) + if subnetworks and not isinstance(subnetworks, list): + raise TypeError("Expected argument 'subnetworks' to be a list") + pulumi.set(__self__, "subnetworks", subnetworks) + + @property + @pulumi.getter + def filter(self) -> Optional[str]: + return pulumi.get(self, "filter") + + @property + @pulumi.getter + def id(self) -> str: + """ + The provider-assigned unique ID for this managed resource. + """ + return pulumi.get(self, "id") + + @property + @pulumi.getter + def project(self) -> Optional[str]: + return pulumi.get(self, "project") + + @property + @pulumi.getter + def region(self) -> Optional[str]: + return pulumi.get(self, "region") + + @property + @pulumi.getter + def subnetworks(self) -> Sequence['outputs.GetSubnetworksSubnetworkResult']: + """ + A list of all retrieved GCE subnetworks. Structure is defined below. + """ + return pulumi.get(self, "subnetworks") + + +class AwaitableGetSubnetworksResult(GetSubnetworksResult): + # pylint: disable=using-constant-test + def __await__(self): + if False: + yield self + return GetSubnetworksResult( + filter=self.filter, + id=self.id, + project=self.project, + region=self.region, + subnetworks=self.subnetworks) + + +def get_subnetworks(filter: Optional[str] = None, + project: Optional[str] = None, + region: Optional[str] = None, + opts: Optional[pulumi.InvokeOptions] = None) -> AwaitableGetSubnetworksResult: + """ + Get subnetworks within GCE. + See [the official documentation](https://cloud.google.com/vpc/docs/subnets) + and [API](https://cloud.google.com/compute/docs/reference/rest/v1/subnetworks/list). + + ## Example Usage + + ```python + import pulumi + import pulumi_gcp as gcp + + my_subnetworks = gcp.compute.get_subnetworks(filter="ipCidrRange eq 192.168.178.0/24", + project="my-project", + region="us-east1") + ``` + + + :param str filter: A string filter as defined in the [REST API](https://cloud.google.com/compute/docs/reference/rest/v1/subnetworks/list#query-parameters). + :param str project: The ID of the project in which the resource belongs. If it + is not provided, the provider project is used. + :param str region: The region this subnetwork has been created in. If + unspecified, this defaults to the region configured in the provider. + """ + __args__ = dict() + __args__['filter'] = filter + __args__['project'] = project + __args__['region'] = region + opts = pulumi.InvokeOptions.merge(_utilities.get_invoke_opts_defaults(), opts) + __ret__ = pulumi.runtime.invoke('gcp:compute/getSubnetworks:getSubnetworks', __args__, opts=opts, typ=GetSubnetworksResult).value + + return AwaitableGetSubnetworksResult( + filter=pulumi.get(__ret__, 'filter'), + id=pulumi.get(__ret__, 'id'), + project=pulumi.get(__ret__, 'project'), + region=pulumi.get(__ret__, 'region'), + subnetworks=pulumi.get(__ret__, 'subnetworks')) + + +@_utilities.lift_output_func(get_subnetworks) +def get_subnetworks_output(filter: Optional[pulumi.Input[Optional[str]]] = None, + project: Optional[pulumi.Input[Optional[str]]] = None, + region: Optional[pulumi.Input[Optional[str]]] = None, + opts: Optional[pulumi.InvokeOptions] = None) -> pulumi.Output[GetSubnetworksResult]: + """ + Get subnetworks within GCE. + See [the official documentation](https://cloud.google.com/vpc/docs/subnets) + and [API](https://cloud.google.com/compute/docs/reference/rest/v1/subnetworks/list). + + ## Example Usage + + ```python + import pulumi + import pulumi_gcp as gcp + + my_subnetworks = gcp.compute.get_subnetworks(filter="ipCidrRange eq 192.168.178.0/24", + project="my-project", + region="us-east1") + ``` + + + :param str filter: A string filter as defined in the [REST API](https://cloud.google.com/compute/docs/reference/rest/v1/subnetworks/list#query-parameters). + :param str project: The ID of the project in which the resource belongs. If it + is not provided, the provider project is used. + :param str region: The region this subnetwork has been created in. If + unspecified, this defaults to the region configured in the provider. + """ + ... diff --git a/sdk/python/pulumi_gcp/compute/instance_group_membership.py b/sdk/python/pulumi_gcp/compute/instance_group_membership.py index 2520c8b935..64ace979fc 100644 --- a/sdk/python/pulumi_gcp/compute/instance_group_membership.py +++ b/sdk/python/pulumi_gcp/compute/instance_group_membership.py @@ -189,7 +189,7 @@ def __init__(__self__, > **NOTE** This resource has been added to avoid a situation, where after Instance is recreated, it's removed from Instance Group and it's needed to perform `apply` twice. To avoid situations like this, please use this resource - with the lifecycle `update_triggered_by` method, with the passed Instance's ID. + with the lifecycle `replace_triggered_by` method, with the passed Instance's ID. To get more information about InstanceGroupMembership, see: @@ -282,7 +282,7 @@ def __init__(__self__, > **NOTE** This resource has been added to avoid a situation, where after Instance is recreated, it's removed from Instance Group and it's needed to perform `apply` twice. To avoid situations like this, please use this resource - with the lifecycle `update_triggered_by` method, with the passed Instance's ID. + with the lifecycle `replace_triggered_by` method, with the passed Instance's ID. To get more information about InstanceGroupMembership, see: diff --git a/sdk/python/pulumi_gcp/compute/interconnect_attachment.py b/sdk/python/pulumi_gcp/compute/interconnect_attachment.py index b5e107aea4..2c3000cf97 100644 --- a/sdk/python/pulumi_gcp/compute/interconnect_attachment.py +++ b/sdk/python/pulumi_gcp/compute/interconnect_attachment.py @@ -30,6 +30,7 @@ def __init__(__self__, *, project: Optional[pulumi.Input[str]] = None, region: Optional[pulumi.Input[str]] = None, stack_type: Optional[pulumi.Input[str]] = None, + subnet_length: Optional[pulumi.Input[int]] = None, type: Optional[pulumi.Input[str]] = None, vlan_tag8021q: Optional[pulumi.Input[int]] = None): """ @@ -110,6 +111,12 @@ def __init__(__self__, *, This field can be both set at interconnect attachments creation and update interconnect attachment operations. Possible values are: `IPV4_IPV6`, `IPV4_ONLY`. + :param pulumi.Input[int] subnet_length: Length of the IPv4 subnet mask. Allowed values: 29 (default), 30. The default value is 29, + except for Cross-Cloud Interconnect connections that use an InterconnectRemoteLocation with a + constraints.subnetLengthRange.min equal to 30. For example, connections that use an Azure + remote location fall into this category. In these cases, the default value is 30, and + requesting 29 returns an error. Where both 29 and 30 are allowed, 29 is preferred, because it + gives Google Cloud Support more debugging visibility. :param pulumi.Input[str] type: The type of InterconnectAttachment you wish to create. Defaults to DEDICATED. Possible values are: `DEDICATED`, `PARTNER`, `PARTNER_PROVIDER`. @@ -143,6 +150,8 @@ def __init__(__self__, *, pulumi.set(__self__, "region", region) if stack_type is not None: pulumi.set(__self__, "stack_type", stack_type) + if subnet_length is not None: + pulumi.set(__self__, "subnet_length", subnet_length) if type is not None: pulumi.set(__self__, "type", type) if vlan_tag8021q is not None: @@ -378,6 +387,23 @@ def stack_type(self) -> Optional[pulumi.Input[str]]: def stack_type(self, value: Optional[pulumi.Input[str]]): pulumi.set(self, "stack_type", value) + @property + @pulumi.getter(name="subnetLength") + def subnet_length(self) -> Optional[pulumi.Input[int]]: + """ + Length of the IPv4 subnet mask. Allowed values: 29 (default), 30. The default value is 29, + except for Cross-Cloud Interconnect connections that use an InterconnectRemoteLocation with a + constraints.subnetLengthRange.min equal to 30. For example, connections that use an Azure + remote location fall into this category. In these cases, the default value is 30, and + requesting 29 returns an error. Where both 29 and 30 are allowed, 29 is preferred, because it + gives Google Cloud Support more debugging visibility. + """ + return pulumi.get(self, "subnet_length") + + @subnet_length.setter + def subnet_length(self, value: Optional[pulumi.Input[int]]): + pulumi.set(self, "subnet_length", value) + @property @pulumi.getter def type(self) -> Optional[pulumi.Input[str]]: @@ -434,6 +460,7 @@ def __init__(__self__, *, self_link: Optional[pulumi.Input[str]] = None, stack_type: Optional[pulumi.Input[str]] = None, state: Optional[pulumi.Input[str]] = None, + subnet_length: Optional[pulumi.Input[int]] = None, type: Optional[pulumi.Input[str]] = None, vlan_tag8021q: Optional[pulumi.Input[int]] = None): """ @@ -536,6 +563,12 @@ def __init__(__self__, *, interconnect attachment operations. Possible values are: `IPV4_IPV6`, `IPV4_ONLY`. :param pulumi.Input[str] state: [Output Only] The current state of this attachment's functionality. + :param pulumi.Input[int] subnet_length: Length of the IPv4 subnet mask. Allowed values: 29 (default), 30. The default value is 29, + except for Cross-Cloud Interconnect connections that use an InterconnectRemoteLocation with a + constraints.subnetLengthRange.min equal to 30. For example, connections that use an Azure + remote location fall into this category. In these cases, the default value is 30, and + requesting 29 returns an error. Where both 29 and 30 are allowed, 29 is preferred, because it + gives Google Cloud Support more debugging visibility. :param pulumi.Input[str] type: The type of InterconnectAttachment you wish to create. Defaults to DEDICATED. Possible values are: `DEDICATED`, `PARTNER`, `PARTNER_PROVIDER`. @@ -592,6 +625,8 @@ def __init__(__self__, *, pulumi.set(__self__, "stack_type", stack_type) if state is not None: pulumi.set(__self__, "state", state) + if subnet_length is not None: + pulumi.set(__self__, "subnet_length", subnet_length) if type is not None: pulumi.set(__self__, "type", type) if vlan_tag8021q is not None: @@ -970,6 +1005,23 @@ def state(self) -> Optional[pulumi.Input[str]]: def state(self, value: Optional[pulumi.Input[str]]): pulumi.set(self, "state", value) + @property + @pulumi.getter(name="subnetLength") + def subnet_length(self) -> Optional[pulumi.Input[int]]: + """ + Length of the IPv4 subnet mask. Allowed values: 29 (default), 30. The default value is 29, + except for Cross-Cloud Interconnect connections that use an InterconnectRemoteLocation with a + constraints.subnetLengthRange.min equal to 30. For example, connections that use an Azure + remote location fall into this category. In these cases, the default value is 30, and + requesting 29 returns an error. Where both 29 and 30 are allowed, 29 is preferred, because it + gives Google Cloud Support more debugging visibility. + """ + return pulumi.get(self, "subnet_length") + + @subnet_length.setter + def subnet_length(self, value: Optional[pulumi.Input[int]]): + pulumi.set(self, "subnet_length", value) + @property @pulumi.getter def type(self) -> Optional[pulumi.Input[str]]: @@ -1017,6 +1069,7 @@ def __init__(__self__, region: Optional[pulumi.Input[str]] = None, router: Optional[pulumi.Input[str]] = None, stack_type: Optional[pulumi.Input[str]] = None, + subnet_length: Optional[pulumi.Input[int]] = None, type: Optional[pulumi.Input[str]] = None, vlan_tag8021q: Optional[pulumi.Input[int]] = None, __props__=None): @@ -1188,6 +1241,12 @@ def __init__(__self__, This field can be both set at interconnect attachments creation and update interconnect attachment operations. Possible values are: `IPV4_IPV6`, `IPV4_ONLY`. + :param pulumi.Input[int] subnet_length: Length of the IPv4 subnet mask. Allowed values: 29 (default), 30. The default value is 29, + except for Cross-Cloud Interconnect connections that use an InterconnectRemoteLocation with a + constraints.subnetLengthRange.min equal to 30. For example, connections that use an Azure + remote location fall into this category. In these cases, the default value is 30, and + requesting 29 returns an error. Where both 29 and 30 are allowed, 29 is preferred, because it + gives Google Cloud Support more debugging visibility. :param pulumi.Input[str] type: The type of InterconnectAttachment you wish to create. Defaults to DEDICATED. Possible values are: `DEDICATED`, `PARTNER`, `PARTNER_PROVIDER`. @@ -1319,6 +1378,7 @@ def _internal_init(__self__, region: Optional[pulumi.Input[str]] = None, router: Optional[pulumi.Input[str]] = None, stack_type: Optional[pulumi.Input[str]] = None, + subnet_length: Optional[pulumi.Input[int]] = None, type: Optional[pulumi.Input[str]] = None, vlan_tag8021q: Optional[pulumi.Input[int]] = None, __props__=None): @@ -1346,6 +1406,7 @@ def _internal_init(__self__, raise TypeError("Missing required property 'router'") __props__.__dict__["router"] = router __props__.__dict__["stack_type"] = stack_type + __props__.__dict__["subnet_length"] = subnet_length __props__.__dict__["type"] = type __props__.__dict__["vlan_tag8021q"] = vlan_tag8021q __props__.__dict__["cloud_router_ip_address"] = None @@ -1394,6 +1455,7 @@ def get(resource_name: str, self_link: Optional[pulumi.Input[str]] = None, stack_type: Optional[pulumi.Input[str]] = None, state: Optional[pulumi.Input[str]] = None, + subnet_length: Optional[pulumi.Input[int]] = None, type: Optional[pulumi.Input[str]] = None, vlan_tag8021q: Optional[pulumi.Input[int]] = None) -> 'InterconnectAttachment': """ @@ -1501,6 +1563,12 @@ def get(resource_name: str, interconnect attachment operations. Possible values are: `IPV4_IPV6`, `IPV4_ONLY`. :param pulumi.Input[str] state: [Output Only] The current state of this attachment's functionality. + :param pulumi.Input[int] subnet_length: Length of the IPv4 subnet mask. Allowed values: 29 (default), 30. The default value is 29, + except for Cross-Cloud Interconnect connections that use an InterconnectRemoteLocation with a + constraints.subnetLengthRange.min equal to 30. For example, connections that use an Azure + remote location fall into this category. In these cases, the default value is 30, and + requesting 29 returns an error. Where both 29 and 30 are allowed, 29 is preferred, because it + gives Google Cloud Support more debugging visibility. :param pulumi.Input[str] type: The type of InterconnectAttachment you wish to create. Defaults to DEDICATED. Possible values are: `DEDICATED`, `PARTNER`, `PARTNER_PROVIDER`. @@ -1536,6 +1604,7 @@ def get(resource_name: str, __props__.__dict__["self_link"] = self_link __props__.__dict__["stack_type"] = stack_type __props__.__dict__["state"] = state + __props__.__dict__["subnet_length"] = subnet_length __props__.__dict__["type"] = type __props__.__dict__["vlan_tag8021q"] = vlan_tag8021q return InterconnectAttachment(resource_name, opts=opts, __props__=__props__) @@ -1813,6 +1882,19 @@ def state(self) -> pulumi.Output[str]: """ return pulumi.get(self, "state") + @property + @pulumi.getter(name="subnetLength") + def subnet_length(self) -> pulumi.Output[Optional[int]]: + """ + Length of the IPv4 subnet mask. Allowed values: 29 (default), 30. The default value is 29, + except for Cross-Cloud Interconnect connections that use an InterconnectRemoteLocation with a + constraints.subnetLengthRange.min equal to 30. For example, connections that use an Azure + remote location fall into this category. In these cases, the default value is 30, and + requesting 29 returns an error. Where both 29 and 30 are allowed, 29 is preferred, because it + gives Google Cloud Support more debugging visibility. + """ + return pulumi.get(self, "subnet_length") + @property @pulumi.getter def type(self) -> pulumi.Output[str]: diff --git a/sdk/python/pulumi_gcp/compute/network_endpoint.py b/sdk/python/pulumi_gcp/compute/network_endpoint.py index 5a320dce7a..8cb990a249 100644 --- a/sdk/python/pulumi_gcp/compute/network_endpoint.py +++ b/sdk/python/pulumi_gcp/compute/network_endpoint.py @@ -278,7 +278,7 @@ def __init__(__self__, > **NOTE** In case the Endpoint's Instance is recreated, it's needed to perform `apply` twice. To avoid situations like this, please use this resource - with the lifecycle `update_triggered_by` method, with the passed Instance's ID. + with the lifecycle `replace_triggered_by` method, with the passed Instance's ID. To get more information about NetworkEndpoint, see: @@ -393,7 +393,7 @@ def __init__(__self__, > **NOTE** In case the Endpoint's Instance is recreated, it's needed to perform `apply` twice. To avoid situations like this, please use this resource - with the lifecycle `update_triggered_by` method, with the passed Instance's ID. + with the lifecycle `replace_triggered_by` method, with the passed Instance's ID. To get more information about NetworkEndpoint, see: diff --git a/sdk/python/pulumi_gcp/compute/network_endpoint_list.py b/sdk/python/pulumi_gcp/compute/network_endpoint_list.py index 9b7991bebf..5ca9c2e269 100644 --- a/sdk/python/pulumi_gcp/compute/network_endpoint_list.py +++ b/sdk/python/pulumi_gcp/compute/network_endpoint_list.py @@ -206,7 +206,7 @@ def __init__(__self__, > **NOTE** In case the Endpoint's Instance is recreated, it's needed to perform `apply` twice. To avoid situations like this, please use this resource - with the lifecycle `update_triggered_by` method, with the passed Instance's ID. + with the lifecycle `replace_triggered_by` method, with the passed Instance's ID. To get more information about NetworkEndpoints, see: @@ -340,7 +340,7 @@ def __init__(__self__, > **NOTE** In case the Endpoint's Instance is recreated, it's needed to perform `apply` twice. To avoid situations like this, please use this resource - with the lifecycle `update_triggered_by` method, with the passed Instance's ID. + with the lifecycle `replace_triggered_by` method, with the passed Instance's ID. To get more information about NetworkEndpoints, see: diff --git a/sdk/python/pulumi_gcp/compute/outputs.py b/sdk/python/pulumi_gcp/compute/outputs.py index f5061da0a2..39a4025e5b 100644 --- a/sdk/python/pulumi_gcp/compute/outputs.py +++ b/sdk/python/pulumi_gcp/compute/outputs.py @@ -101,6 +101,7 @@ 'InstanceFromMachineImageSchedulingLocalSsdRecoveryTimeout', 'InstanceFromMachineImageSchedulingMaxRunDuration', 'InstanceFromMachineImageSchedulingNodeAffinity', + 'InstanceFromMachineImageSchedulingOnInstanceStopAction', 'InstanceFromMachineImageScratchDisk', 'InstanceFromMachineImageServiceAccount', 'InstanceFromMachineImageShieldedInstanceConfig', @@ -122,6 +123,7 @@ 'InstanceFromTemplateSchedulingLocalSsdRecoveryTimeout', 'InstanceFromTemplateSchedulingMaxRunDuration', 'InstanceFromTemplateSchedulingNodeAffinity', + 'InstanceFromTemplateSchedulingOnInstanceStopAction', 'InstanceFromTemplateScratchDisk', 'InstanceFromTemplateServiceAccount', 'InstanceFromTemplateShieldedInstanceConfig', @@ -157,6 +159,7 @@ 'InstanceSchedulingLocalSsdRecoveryTimeout', 'InstanceSchedulingMaxRunDuration', 'InstanceSchedulingNodeAffinity', + 'InstanceSchedulingOnInstanceStopAction', 'InstanceScratchDisk', 'InstanceServiceAccount', 'InstanceSettingsMetadata', @@ -179,6 +182,7 @@ 'InstanceTemplateSchedulingLocalSsdRecoveryTimeout', 'InstanceTemplateSchedulingMaxRunDuration', 'InstanceTemplateSchedulingNodeAffinity', + 'InstanceTemplateSchedulingOnInstanceStopAction', 'InstanceTemplateServiceAccount', 'InstanceTemplateShieldedInstanceConfig', 'InterconnectAttachmentPrivateInterconnectInfo', @@ -295,6 +299,7 @@ 'RegionInstanceTemplateSchedulingLocalSsdRecoveryTimeout', 'RegionInstanceTemplateSchedulingMaxRunDuration', 'RegionInstanceTemplateSchedulingNodeAffinity', + 'RegionInstanceTemplateSchedulingOnInstanceStopAction', 'RegionInstanceTemplateServiceAccount', 'RegionInstanceTemplateShieldedInstanceConfig', 'RegionNetworkEndpointGroupAppEngine', @@ -621,6 +626,7 @@ 'GetInstanceSchedulingLocalSsdRecoveryTimeoutResult', 'GetInstanceSchedulingMaxRunDurationResult', 'GetInstanceSchedulingNodeAffinityResult', + 'GetInstanceSchedulingOnInstanceStopActionResult', 'GetInstanceScratchDiskResult', 'GetInstanceServiceAccountResult', 'GetInstanceShieldedInstanceConfigResult', @@ -642,6 +648,7 @@ 'GetInstanceTemplateSchedulingLocalSsdRecoveryTimeoutResult', 'GetInstanceTemplateSchedulingMaxRunDurationResult', 'GetInstanceTemplateSchedulingNodeAffinityResult', + 'GetInstanceTemplateSchedulingOnInstanceStopActionResult', 'GetInstanceTemplateServiceAccountResult', 'GetInstanceTemplateShieldedInstanceConfigResult', 'GetMachineTypesMachineTypeResult', @@ -672,6 +679,7 @@ 'GetRegionInstanceTemplateSchedulingLocalSsdRecoveryTimeoutResult', 'GetRegionInstanceTemplateSchedulingMaxRunDurationResult', 'GetRegionInstanceTemplateSchedulingNodeAffinityResult', + 'GetRegionInstanceTemplateSchedulingOnInstanceStopActionResult', 'GetRegionInstanceTemplateServiceAccountResult', 'GetRegionInstanceTemplateShieldedInstanceConfigResult', 'GetRegionNetworkEndpointGroupAppEngineResult', @@ -708,6 +716,7 @@ 'GetSnapshotSnapshotEncryptionKeyResult', 'GetSnapshotSourceDiskEncryptionKeyResult', 'GetSubnetworkSecondaryIpRangeResult', + 'GetSubnetworksSubnetworkResult', ] @pulumi.output_type @@ -7516,6 +7525,8 @@ def __key_warning(key: str): suggest = "node_affinities" elif key == "onHostMaintenance": suggest = "on_host_maintenance" + elif key == "onInstanceStopAction": + suggest = "on_instance_stop_action" elif key == "provisioningModel": suggest = "provisioning_model" @@ -7539,6 +7550,7 @@ def __init__(__self__, *, min_node_cpus: Optional[int] = None, node_affinities: Optional[Sequence['outputs.InstanceFromMachineImageSchedulingNodeAffinity']] = None, on_host_maintenance: Optional[str] = None, + on_instance_stop_action: Optional['outputs.InstanceFromMachineImageSchedulingOnInstanceStopAction'] = None, preemptible: Optional[bool] = None, provisioning_model: Optional[str] = None): """ @@ -7552,6 +7564,7 @@ def __init__(__self__, *, :param 'InstanceFromMachineImageSchedulingMaxRunDurationArgs' max_run_duration: The timeout for new network connections to hosts. :param Sequence['InstanceFromMachineImageSchedulingNodeAffinityArgs'] node_affinities: Specifies node affinities or anti-affinities to determine which sole-tenant nodes your instances and managed instance groups will use as host systems. :param str on_host_maintenance: Describes maintenance behavior for the instance. One of MIGRATE or TERMINATE, + :param 'InstanceFromMachineImageSchedulingOnInstanceStopActionArgs' on_instance_stop_action: Defines the behaviour for instances with the instance_termination_action. :param bool preemptible: Whether the instance is preemptible. :param str provisioning_model: Whether the instance is spot. If this is set as SPOT. """ @@ -7571,6 +7584,8 @@ def __init__(__self__, *, pulumi.set(__self__, "node_affinities", node_affinities) if on_host_maintenance is not None: pulumi.set(__self__, "on_host_maintenance", on_host_maintenance) + if on_instance_stop_action is not None: + pulumi.set(__self__, "on_instance_stop_action", on_instance_stop_action) if preemptible is not None: pulumi.set(__self__, "preemptible", preemptible) if provisioning_model is not None: @@ -7640,6 +7655,14 @@ def on_host_maintenance(self) -> Optional[str]: """ return pulumi.get(self, "on_host_maintenance") + @property + @pulumi.getter(name="onInstanceStopAction") + def on_instance_stop_action(self) -> Optional['outputs.InstanceFromMachineImageSchedulingOnInstanceStopAction']: + """ + Defines the behaviour for instances with the instance_termination_action. + """ + return pulumi.get(self, "on_instance_stop_action") + @property @pulumi.getter def preemptible(self) -> Optional[bool]: @@ -7759,6 +7782,42 @@ def values(self) -> Sequence[str]: return pulumi.get(self, "values") +@pulumi.output_type +class InstanceFromMachineImageSchedulingOnInstanceStopAction(dict): + @staticmethod + def __key_warning(key: str): + suggest = None + if key == "discardLocalSsd": + suggest = "discard_local_ssd" + + if suggest: + pulumi.log.warn(f"Key '{key}' not found in InstanceFromMachineImageSchedulingOnInstanceStopAction. Access the value via the '{suggest}' property getter instead.") + + def __getitem__(self, key: str) -> Any: + InstanceFromMachineImageSchedulingOnInstanceStopAction.__key_warning(key) + return super().__getitem__(key) + + def get(self, key: str, default = None) -> Any: + InstanceFromMachineImageSchedulingOnInstanceStopAction.__key_warning(key) + return super().get(key, default) + + def __init__(__self__, *, + discard_local_ssd: Optional[bool] = None): + """ + :param bool discard_local_ssd: If true, the contents of any attached Local SSD disks will be discarded. + """ + if discard_local_ssd is not None: + pulumi.set(__self__, "discard_local_ssd", discard_local_ssd) + + @property + @pulumi.getter(name="discardLocalSsd") + def discard_local_ssd(self) -> Optional[bool]: + """ + If true, the contents of any attached Local SSD disks will be discarded. + """ + return pulumi.get(self, "discard_local_ssd") + + @pulumi.output_type class InstanceFromMachineImageScratchDisk(dict): @staticmethod @@ -9058,6 +9117,8 @@ def __key_warning(key: str): suggest = "node_affinities" elif key == "onHostMaintenance": suggest = "on_host_maintenance" + elif key == "onInstanceStopAction": + suggest = "on_instance_stop_action" elif key == "provisioningModel": suggest = "provisioning_model" @@ -9081,6 +9142,7 @@ def __init__(__self__, *, min_node_cpus: Optional[int] = None, node_affinities: Optional[Sequence['outputs.InstanceFromTemplateSchedulingNodeAffinity']] = None, on_host_maintenance: Optional[str] = None, + on_instance_stop_action: Optional['outputs.InstanceFromTemplateSchedulingOnInstanceStopAction'] = None, preemptible: Optional[bool] = None, provisioning_model: Optional[str] = None): """ @@ -9094,6 +9156,7 @@ def __init__(__self__, *, :param 'InstanceFromTemplateSchedulingMaxRunDurationArgs' max_run_duration: The timeout for new network connections to hosts. :param Sequence['InstanceFromTemplateSchedulingNodeAffinityArgs'] node_affinities: Specifies node affinities or anti-affinities to determine which sole-tenant nodes your instances and managed instance groups will use as host systems. :param str on_host_maintenance: Describes maintenance behavior for the instance. One of MIGRATE or TERMINATE, + :param 'InstanceFromTemplateSchedulingOnInstanceStopActionArgs' on_instance_stop_action: Defines the behaviour for instances with the instance_termination_action. :param bool preemptible: Whether the instance is preemptible. :param str provisioning_model: Whether the instance is spot. If this is set as SPOT. """ @@ -9113,6 +9176,8 @@ def __init__(__self__, *, pulumi.set(__self__, "node_affinities", node_affinities) if on_host_maintenance is not None: pulumi.set(__self__, "on_host_maintenance", on_host_maintenance) + if on_instance_stop_action is not None: + pulumi.set(__self__, "on_instance_stop_action", on_instance_stop_action) if preemptible is not None: pulumi.set(__self__, "preemptible", preemptible) if provisioning_model is not None: @@ -9182,6 +9247,14 @@ def on_host_maintenance(self) -> Optional[str]: """ return pulumi.get(self, "on_host_maintenance") + @property + @pulumi.getter(name="onInstanceStopAction") + def on_instance_stop_action(self) -> Optional['outputs.InstanceFromTemplateSchedulingOnInstanceStopAction']: + """ + Defines the behaviour for instances with the instance_termination_action. + """ + return pulumi.get(self, "on_instance_stop_action") + @property @pulumi.getter def preemptible(self) -> Optional[bool]: @@ -9301,6 +9374,42 @@ def values(self) -> Sequence[str]: return pulumi.get(self, "values") +@pulumi.output_type +class InstanceFromTemplateSchedulingOnInstanceStopAction(dict): + @staticmethod + def __key_warning(key: str): + suggest = None + if key == "discardLocalSsd": + suggest = "discard_local_ssd" + + if suggest: + pulumi.log.warn(f"Key '{key}' not found in InstanceFromTemplateSchedulingOnInstanceStopAction. Access the value via the '{suggest}' property getter instead.") + + def __getitem__(self, key: str) -> Any: + InstanceFromTemplateSchedulingOnInstanceStopAction.__key_warning(key) + return super().__getitem__(key) + + def get(self, key: str, default = None) -> Any: + InstanceFromTemplateSchedulingOnInstanceStopAction.__key_warning(key) + return super().get(key, default) + + def __init__(__self__, *, + discard_local_ssd: Optional[bool] = None): + """ + :param bool discard_local_ssd: If true, the contents of any attached Local SSD disks will be discarded. + """ + if discard_local_ssd is not None: + pulumi.set(__self__, "discard_local_ssd", discard_local_ssd) + + @property + @pulumi.getter(name="discardLocalSsd") + def discard_local_ssd(self) -> Optional[bool]: + """ + If true, the contents of any attached Local SSD disks will be discarded. + """ + return pulumi.get(self, "discard_local_ssd") + + @pulumi.output_type class InstanceFromTemplateScratchDisk(dict): @staticmethod @@ -11157,6 +11266,8 @@ def __key_warning(key: str): suggest = "node_affinities" elif key == "onHostMaintenance": suggest = "on_host_maintenance" + elif key == "onInstanceStopAction": + suggest = "on_instance_stop_action" elif key == "provisioningModel": suggest = "provisioning_model" @@ -11180,6 +11291,7 @@ def __init__(__self__, *, min_node_cpus: Optional[int] = None, node_affinities: Optional[Sequence['outputs.InstanceSchedulingNodeAffinity']] = None, on_host_maintenance: Optional[str] = None, + on_instance_stop_action: Optional['outputs.InstanceSchedulingOnInstanceStopAction'] = None, preemptible: Optional[bool] = None, provisioning_model: Optional[str] = None): """ @@ -11192,8 +11304,7 @@ def __init__(__self__, *, between 0 and 168 hours with hour granularity and the default value being 1 hour. :param str maintenance_interval: Specifies the frequency of planned maintenance events. The accepted values are: `PERIODIC`. - :param 'InstanceSchedulingMaxRunDurationArgs' max_run_duration: The duration of the instance. Instance will run and be terminated after then, the termination action could be defined in `instance_termination_action`. Only support `DELETE` `instance_termination_action` at this point. Structure is documented below. - The `max_run_duration` block supports: + :param 'InstanceSchedulingMaxRunDurationArgs' max_run_duration: The duration of the instance. Instance will run and be terminated after then, the termination action could be defined in `instance_termination_action`. Structure is documented below. :param int min_node_cpus: The minimum number of virtual CPUs this instance will consume when running on a sole-tenant node. :param Sequence['InstanceSchedulingNodeAffinityArgs'] node_affinities: Specifies node affinities or anti-affinities to determine which sole-tenant nodes your instances and managed instance @@ -11203,6 +11314,7 @@ def __init__(__self__, *, :param str on_host_maintenance: Describes maintenance behavior for the instance. Can be MIGRATE or TERMINATE, for more info, read [here](https://cloud.google.com/compute/docs/instances/setting-instance-scheduling-options). + :param 'InstanceSchedulingOnInstanceStopActionArgs' on_instance_stop_action: Specifies the action to be performed when the instance is terminated using `max_run_duration` and `STOP` `instance_termination_action`. Only support `true` `discard_local_ssd` at this point. Structure is documented below. :param bool preemptible: Specifies if the instance is preemptible. If this field is set to true, then `automatic_restart` must be set to false. Defaults to false. @@ -11227,6 +11339,8 @@ def __init__(__self__, *, pulumi.set(__self__, "node_affinities", node_affinities) if on_host_maintenance is not None: pulumi.set(__self__, "on_host_maintenance", on_host_maintenance) + if on_instance_stop_action is not None: + pulumi.set(__self__, "on_instance_stop_action", on_instance_stop_action) if preemptible is not None: pulumi.set(__self__, "preemptible", preemptible) if provisioning_model is not None: @@ -11273,8 +11387,7 @@ def maintenance_interval(self) -> Optional[str]: @pulumi.getter(name="maxRunDuration") def max_run_duration(self) -> Optional['outputs.InstanceSchedulingMaxRunDuration']: """ - The duration of the instance. Instance will run and be terminated after then, the termination action could be defined in `instance_termination_action`. Only support `DELETE` `instance_termination_action` at this point. Structure is documented below. - The `max_run_duration` block supports: + The duration of the instance. Instance will run and be terminated after then, the termination action could be defined in `instance_termination_action`. Structure is documented below. """ return pulumi.get(self, "max_run_duration") @@ -11308,6 +11421,14 @@ def on_host_maintenance(self) -> Optional[str]: """ return pulumi.get(self, "on_host_maintenance") + @property + @pulumi.getter(name="onInstanceStopAction") + def on_instance_stop_action(self) -> Optional['outputs.InstanceSchedulingOnInstanceStopAction']: + """ + Specifies the action to be performed when the instance is terminated using `max_run_duration` and `STOP` `instance_termination_action`. Only support `true` `discard_local_ssd` at this point. Structure is documented below. + """ + return pulumi.get(self, "on_instance_stop_action") + @property @pulumi.getter def preemptible(self) -> Optional[bool]: @@ -11374,12 +11495,13 @@ def __init__(__self__, *, seconds: int, nanos: Optional[int] = None): """ - :param int seconds: Span of time at a resolution of a second. - Must be from 0 to 315,576,000,000 inclusive. + :param int seconds: Span of time at a resolution of a second. Must be from 0 to + 315,576,000,000 inclusive. Note: these bounds are computed from: 60 + sec/min * 60 min/hr * 24 hr/day * 365.25 days/year * 10000 years. :param int nanos: Span of time that's a fraction of a second at nanosecond - resolution. Durations less than one second are represented - with a 0 seconds field and a positive nanos field. Must - be from 0 to 999,999,999 inclusive. + resolution. Durations less than one second are represented with a 0 + `seconds` field and a positive `nanos` field. Must be from 0 to + 999,999,999 inclusive. """ pulumi.set(__self__, "seconds", seconds) if nanos is not None: @@ -11389,8 +11511,9 @@ def __init__(__self__, *, @pulumi.getter def seconds(self) -> int: """ - Span of time at a resolution of a second. - Must be from 0 to 315,576,000,000 inclusive. + Span of time at a resolution of a second. Must be from 0 to + 315,576,000,000 inclusive. Note: these bounds are computed from: 60 + sec/min * 60 min/hr * 24 hr/day * 365.25 days/year * 10000 years. """ return pulumi.get(self, "seconds") @@ -11399,9 +11522,9 @@ def seconds(self) -> int: def nanos(self) -> Optional[int]: """ Span of time that's a fraction of a second at nanosecond - resolution. Durations less than one second are represented - with a 0 seconds field and a positive nanos field. Must - be from 0 to 999,999,999 inclusive. + resolution. Durations less than one second are represented with a 0 + `seconds` field and a positive `nanos` field. Must be from 0 to + 999,999,999 inclusive. """ return pulumi.get(self, "nanos") @@ -11448,6 +11571,42 @@ def values(self) -> Sequence[str]: return pulumi.get(self, "values") +@pulumi.output_type +class InstanceSchedulingOnInstanceStopAction(dict): + @staticmethod + def __key_warning(key: str): + suggest = None + if key == "discardLocalSsd": + suggest = "discard_local_ssd" + + if suggest: + pulumi.log.warn(f"Key '{key}' not found in InstanceSchedulingOnInstanceStopAction. Access the value via the '{suggest}' property getter instead.") + + def __getitem__(self, key: str) -> Any: + InstanceSchedulingOnInstanceStopAction.__key_warning(key) + return super().__getitem__(key) + + def get(self, key: str, default = None) -> Any: + InstanceSchedulingOnInstanceStopAction.__key_warning(key) + return super().get(key, default) + + def __init__(__self__, *, + discard_local_ssd: Optional[bool] = None): + """ + :param bool discard_local_ssd: Whether to discard local SSDs attached to the VM while terminating using `max_run_duration`. Only supports `true` at this point. + """ + if discard_local_ssd is not None: + pulumi.set(__self__, "discard_local_ssd", discard_local_ssd) + + @property + @pulumi.getter(name="discardLocalSsd") + def discard_local_ssd(self) -> Optional[bool]: + """ + Whether to discard local SSDs attached to the VM while terminating using `max_run_duration`. Only supports `true` at this point. + """ + return pulumi.get(self, "discard_local_ssd") + + @pulumi.output_type class InstanceScratchDisk(dict): @staticmethod @@ -12896,6 +13055,8 @@ def __key_warning(key: str): suggest = "node_affinities" elif key == "onHostMaintenance": suggest = "on_host_maintenance" + elif key == "onInstanceStopAction": + suggest = "on_instance_stop_action" elif key == "provisioningModel": suggest = "provisioning_model" @@ -12919,6 +13080,7 @@ def __init__(__self__, *, min_node_cpus: Optional[int] = None, node_affinities: Optional[Sequence['outputs.InstanceTemplateSchedulingNodeAffinity']] = None, on_host_maintenance: Optional[str] = None, + on_instance_stop_action: Optional['outputs.InstanceTemplateSchedulingOnInstanceStopAction'] = None, preemptible: Optional[bool] = None, provisioning_model: Optional[str] = None): """ @@ -12931,8 +13093,7 @@ def __init__(__self__, *, between 0 and 168 hours with hour granularity and the default value being 1 hour. :param str maintenance_interval: Specifies the frequency of planned maintenance events. The accepted values are: `PERIODIC`. - :param 'InstanceTemplateSchedulingMaxRunDurationArgs' max_run_duration: The duration of the instance. Instance will run and be terminated after then, the termination action could be defined in `instance_termination_action`. Only support `DELETE` `instance_termination_action` at this point. Structure is documented below. - The `max_run_duration` block supports: + :param 'InstanceTemplateSchedulingMaxRunDurationArgs' max_run_duration: The duration of the instance. Instance will run and be terminated after then, the termination action could be defined in `instance_termination_action`. Structure is documented below. :param int min_node_cpus: Minimum number of cpus for the instance. :param Sequence['InstanceTemplateSchedulingNodeAffinityArgs'] node_affinities: Specifies node affinities or anti-affinities to determine which sole-tenant nodes your instances and managed instance @@ -12941,6 +13102,7 @@ def __init__(__self__, *, Structure documented below. :param str on_host_maintenance: Defines the maintenance behavior for this instance. + :param 'InstanceTemplateSchedulingOnInstanceStopActionArgs' on_instance_stop_action: Specifies the action to be performed when the instance is terminated using `max_run_duration` and `STOP` `instance_termination_action`. Only support `true` `discard_local_ssd` at this point. Structure is documented below. :param bool preemptible: Allows instance to be preempted. This defaults to false. Read more on this [here](https://cloud.google.com/compute/docs/instances/preemptible). @@ -12965,6 +13127,8 @@ def __init__(__self__, *, pulumi.set(__self__, "node_affinities", node_affinities) if on_host_maintenance is not None: pulumi.set(__self__, "on_host_maintenance", on_host_maintenance) + if on_instance_stop_action is not None: + pulumi.set(__self__, "on_instance_stop_action", on_instance_stop_action) if preemptible is not None: pulumi.set(__self__, "preemptible", preemptible) if provisioning_model is not None: @@ -13011,8 +13175,7 @@ def maintenance_interval(self) -> Optional[str]: @pulumi.getter(name="maxRunDuration") def max_run_duration(self) -> Optional['outputs.InstanceTemplateSchedulingMaxRunDuration']: """ - The duration of the instance. Instance will run and be terminated after then, the termination action could be defined in `instance_termination_action`. Only support `DELETE` `instance_termination_action` at this point. Structure is documented below. - The `max_run_duration` block supports: + The duration of the instance. Instance will run and be terminated after then, the termination action could be defined in `instance_termination_action`. Structure is documented below. """ return pulumi.get(self, "max_run_duration") @@ -13045,6 +13208,14 @@ def on_host_maintenance(self) -> Optional[str]: """ return pulumi.get(self, "on_host_maintenance") + @property + @pulumi.getter(name="onInstanceStopAction") + def on_instance_stop_action(self) -> Optional['outputs.InstanceTemplateSchedulingOnInstanceStopAction']: + """ + Specifies the action to be performed when the instance is terminated using `max_run_duration` and `STOP` `instance_termination_action`. Only support `true` `discard_local_ssd` at this point. Structure is documented below. + """ + return pulumi.get(self, "on_instance_stop_action") + @property @pulumi.getter def preemptible(self) -> Optional[bool]: @@ -13111,12 +13282,13 @@ def __init__(__self__, *, seconds: int, nanos: Optional[int] = None): """ - :param int seconds: Span of time at a resolution of a second. - Must be from 0 to 315,576,000,000 inclusive. + :param int seconds: Span of time at a resolution of a second. Must be from 0 to + 315,576,000,000 inclusive. Note: these bounds are computed from: 60 + sec/min * 60 min/hr * 24 hr/day * 365.25 days/year * 10000 years. :param int nanos: Span of time that's a fraction of a second at nanosecond - resolution. Durations less than one second are represented - with a 0 seconds field and a positive nanos field. Must - be from 0 to 999,999,999 inclusive. + resolution. Durations less than one second are represented with a 0 + `seconds` field and a positive `nanos` field. Must be from 0 to + 999,999,999 inclusive. """ pulumi.set(__self__, "seconds", seconds) if nanos is not None: @@ -13126,8 +13298,9 @@ def __init__(__self__, *, @pulumi.getter def seconds(self) -> int: """ - Span of time at a resolution of a second. - Must be from 0 to 315,576,000,000 inclusive. + Span of time at a resolution of a second. Must be from 0 to + 315,576,000,000 inclusive. Note: these bounds are computed from: 60 + sec/min * 60 min/hr * 24 hr/day * 365.25 days/year * 10000 years. """ return pulumi.get(self, "seconds") @@ -13136,9 +13309,9 @@ def seconds(self) -> int: def nanos(self) -> Optional[int]: """ Span of time that's a fraction of a second at nanosecond - resolution. Durations less than one second are represented - with a 0 seconds field and a positive nanos field. Must - be from 0 to 999,999,999 inclusive. + resolution. Durations less than one second are represented with a 0 + `seconds` field and a positive `nanos` field. Must be from 0 to + 999,999,999 inclusive. """ return pulumi.get(self, "nanos") @@ -13181,6 +13354,42 @@ def values(self) -> Sequence[str]: return pulumi.get(self, "values") +@pulumi.output_type +class InstanceTemplateSchedulingOnInstanceStopAction(dict): + @staticmethod + def __key_warning(key: str): + suggest = None + if key == "discardLocalSsd": + suggest = "discard_local_ssd" + + if suggest: + pulumi.log.warn(f"Key '{key}' not found in InstanceTemplateSchedulingOnInstanceStopAction. Access the value via the '{suggest}' property getter instead.") + + def __getitem__(self, key: str) -> Any: + InstanceTemplateSchedulingOnInstanceStopAction.__key_warning(key) + return super().__getitem__(key) + + def get(self, key: str, default = None) -> Any: + InstanceTemplateSchedulingOnInstanceStopAction.__key_warning(key) + return super().get(key, default) + + def __init__(__self__, *, + discard_local_ssd: Optional[bool] = None): + """ + :param bool discard_local_ssd: Whether to discard local SSDs attached to the VM while terminating using `max_run_duration`. Only supports `true` at this point. + """ + if discard_local_ssd is not None: + pulumi.set(__self__, "discard_local_ssd", discard_local_ssd) + + @property + @pulumi.getter(name="discardLocalSsd") + def discard_local_ssd(self) -> Optional[bool]: + """ + Whether to discard local SSDs attached to the VM while terminating using `max_run_duration`. Only supports `true` at this point. + """ + return pulumi.get(self, "discard_local_ssd") + + @pulumi.output_type class InstanceTemplateServiceAccount(dict): def __init__(__self__, *, @@ -21237,6 +21446,8 @@ def __key_warning(key: str): suggest = "node_affinities" elif key == "onHostMaintenance": suggest = "on_host_maintenance" + elif key == "onInstanceStopAction": + suggest = "on_instance_stop_action" elif key == "provisioningModel": suggest = "provisioning_model" @@ -21260,6 +21471,7 @@ def __init__(__self__, *, min_node_cpus: Optional[int] = None, node_affinities: Optional[Sequence['outputs.RegionInstanceTemplateSchedulingNodeAffinity']] = None, on_host_maintenance: Optional[str] = None, + on_instance_stop_action: Optional['outputs.RegionInstanceTemplateSchedulingOnInstanceStopAction'] = None, preemptible: Optional[bool] = None, provisioning_model: Optional[str] = None): """ @@ -21281,6 +21493,7 @@ def __init__(__self__, *, Structure documented below. :param str on_host_maintenance: Defines the maintenance behavior for this instance. + :param 'RegionInstanceTemplateSchedulingOnInstanceStopActionArgs' on_instance_stop_action: Defines the behaviour for instances with the instance_termination_action. :param bool preemptible: Allows instance to be preempted. This defaults to false. Read more on this [here](https://cloud.google.com/compute/docs/instances/preemptible). @@ -21305,6 +21518,8 @@ def __init__(__self__, *, pulumi.set(__self__, "node_affinities", node_affinities) if on_host_maintenance is not None: pulumi.set(__self__, "on_host_maintenance", on_host_maintenance) + if on_instance_stop_action is not None: + pulumi.set(__self__, "on_instance_stop_action", on_instance_stop_action) if preemptible is not None: pulumi.set(__self__, "preemptible", preemptible) if provisioning_model is not None: @@ -21384,6 +21599,14 @@ def on_host_maintenance(self) -> Optional[str]: """ return pulumi.get(self, "on_host_maintenance") + @property + @pulumi.getter(name="onInstanceStopAction") + def on_instance_stop_action(self) -> Optional['outputs.RegionInstanceTemplateSchedulingOnInstanceStopAction']: + """ + Defines the behaviour for instances with the instance_termination_action. + """ + return pulumi.get(self, "on_instance_stop_action") + @property @pulumi.getter def preemptible(self) -> Optional[bool]: @@ -21522,6 +21745,42 @@ def values(self) -> Sequence[str]: return pulumi.get(self, "values") +@pulumi.output_type +class RegionInstanceTemplateSchedulingOnInstanceStopAction(dict): + @staticmethod + def __key_warning(key: str): + suggest = None + if key == "discardLocalSsd": + suggest = "discard_local_ssd" + + if suggest: + pulumi.log.warn(f"Key '{key}' not found in RegionInstanceTemplateSchedulingOnInstanceStopAction. Access the value via the '{suggest}' property getter instead.") + + def __getitem__(self, key: str) -> Any: + RegionInstanceTemplateSchedulingOnInstanceStopAction.__key_warning(key) + return super().__getitem__(key) + + def get(self, key: str, default = None) -> Any: + RegionInstanceTemplateSchedulingOnInstanceStopAction.__key_warning(key) + return super().get(key, default) + + def __init__(__self__, *, + discard_local_ssd: Optional[bool] = None): + """ + :param bool discard_local_ssd: If true, the contents of any attached Local SSD disks will be discarded. + """ + if discard_local_ssd is not None: + pulumi.set(__self__, "discard_local_ssd", discard_local_ssd) + + @property + @pulumi.getter(name="discardLocalSsd") + def discard_local_ssd(self) -> Optional[bool]: + """ + If true, the contents of any attached Local SSD disks will be discarded. + """ + return pulumi.get(self, "discard_local_ssd") + + @pulumi.output_type class RegionInstanceTemplateServiceAccount(dict): def __init__(__self__, *, @@ -31133,6 +31392,7 @@ def __init__(__self__, *, :param str json_parsing: Whether or not to JSON parse the payload body. Defaults to `DISABLED`. * `DISABLED` - Don't parse JSON payloads in POST bodies. * `STANDARD` - Parse JSON payloads in POST bodies. + * `STANDARD_WITH_GRAPHQL` - Parse JSON and GraphQL payloads in POST bodies. :param str log_level: Log level to use. Defaults to `NORMAL`. * `NORMAL` - Normal log level. * `VERBOSE` - Verbose log level. @@ -31163,6 +31423,7 @@ def json_parsing(self) -> Optional[str]: Whether or not to JSON parse the payload body. Defaults to `DISABLED`. * `DISABLED` - Don't parse JSON payloads in POST bodies. * `STANDARD` - Parse JSON payloads in POST bodies. + * `STANDARD_WITH_GRAPHQL` - Parse JSON and GraphQL payloads in POST bodies. """ return pulumi.get(self, "json_parsing") @@ -31931,24 +32192,24 @@ class SecurityPolicyRuleRateLimitOptions(dict): @staticmethod def __key_warning(key: str): suggest = None - if key == "conformAction": - suggest = "conform_action" - elif key == "exceedAction": - suggest = "exceed_action" - elif key == "rateLimitThreshold": - suggest = "rate_limit_threshold" - elif key == "banDurationSec": + if key == "banDurationSec": suggest = "ban_duration_sec" elif key == "banThreshold": suggest = "ban_threshold" + elif key == "conformAction": + suggest = "conform_action" elif key == "enforceOnKey": suggest = "enforce_on_key" elif key == "enforceOnKeyConfigs": suggest = "enforce_on_key_configs" elif key == "enforceOnKeyName": suggest = "enforce_on_key_name" + elif key == "exceedAction": + suggest = "exceed_action" elif key == "exceedRedirectOptions": suggest = "exceed_redirect_options" + elif key == "rateLimitThreshold": + suggest = "rate_limit_threshold" if suggest: pulumi.log.warn(f"Key '{key}' not found in SecurityPolicyRuleRateLimitOptions. Access the value via the '{suggest}' property getter instead.") @@ -31962,90 +32223,73 @@ def get(self, key: str, default = None) -> Any: return super().get(key, default) def __init__(__self__, *, - conform_action: str, - exceed_action: str, - rate_limit_threshold: 'outputs.SecurityPolicyRuleRateLimitOptionsRateLimitThreshold', ban_duration_sec: Optional[int] = None, ban_threshold: Optional['outputs.SecurityPolicyRuleRateLimitOptionsBanThreshold'] = None, + conform_action: Optional[str] = None, enforce_on_key: Optional[str] = None, enforce_on_key_configs: Optional[Sequence['outputs.SecurityPolicyRuleRateLimitOptionsEnforceOnKeyConfig']] = None, enforce_on_key_name: Optional[str] = None, - exceed_redirect_options: Optional['outputs.SecurityPolicyRuleRateLimitOptionsExceedRedirectOptions'] = None): + exceed_action: Optional[str] = None, + exceed_redirect_options: Optional['outputs.SecurityPolicyRuleRateLimitOptionsExceedRedirectOptions'] = None, + rate_limit_threshold: Optional['outputs.SecurityPolicyRuleRateLimitOptionsRateLimitThreshold'] = None): """ - :param str conform_action: Action to take for requests that are under the configured rate limit threshold. Valid option is `allow` only. - :param str exceed_action: When a request is denied, returns the HTTP response code specified. - Valid options are `deny()` where valid values for status are 403, 404, 429, and 502. - :param 'SecurityPolicyRuleRateLimitOptionsRateLimitThresholdArgs' rate_limit_threshold: Threshold at which to begin ratelimiting. Structure is documented below. - :param int ban_duration_sec: Can only be specified if the `action` for the rule is `rate_based_ban`. + :param int ban_duration_sec: Can only be specified if the action for the rule is "rate_based_ban". If specified, determines the time (in seconds) the traffic will continue to be banned by the rate limit after the rate falls below the threshold. - :param 'SecurityPolicyRuleRateLimitOptionsBanThresholdArgs' ban_threshold: Can only be specified if the `action` for the rule is `rate_based_ban`. - If specified, the key will be banned for the configured `ban_duration_sec` when the number of requests that exceed the `rate_limit_threshold` also - exceed this `ban_threshold`. Structure is documented below. - :param str enforce_on_key: Determines the key to enforce the rate_limit_threshold on. If not specified, defaults to `ALL`. - - * `ALL`: A single rate limit threshold is applied to all the requests matching this rule. - * `IP`: The source IP address of the request is the key. Each IP has this limit enforced separately. - * `HTTP_HEADER`: The value of the HTTP header whose name is configured under `enforce_on_key_name`. The key value is truncated to the first 128 bytes of the header value. If no such header is present in the request, the key type defaults to `ALL`. - * `XFF_IP`: The first IP address (i.e. the originating client IP address) specified in the list of IPs under `X-Forwarded-For` HTTP header. If no such header is present or the value is not a valid IP, the key type defaults to `ALL`. - * `HTTP_COOKIE`: The value of the HTTP cookie whose name is configured under `enforce_on_key_name`. The key value is truncated to the first 128 bytes of the cookie value. If no such cookie is present in the request, the key type defaults to `ALL`. - * `HTTP_PATH`: The URL path of the HTTP request. The key value is truncated to the first 128 bytes - * `SNI`: Server name indication in the TLS session of the HTTPS request. The key value is truncated to the first 128 bytes. The key type defaults to `ALL` on a HTTP session. - * `REGION_CODE`: The country/region from which the request originates. - :param Sequence['SecurityPolicyRuleRateLimitOptionsEnforceOnKeyConfigArgs'] enforce_on_key_configs: If specified, any combination of values of enforce_on_key_type/enforce_on_key_name is treated as the key on which rate limit threshold/action is enforced. You can specify up to 3 enforce_on_key_configs. If `enforce_on_key_configs` is specified, `enforce_on_key` must be set to an empty string. Structure is documented below. - - **Note:** To avoid the conflict between `enforce_on_key` and `enforce_on_key_configs`, the field `enforce_on_key` needs to be set to an empty string. + :param 'SecurityPolicyRuleRateLimitOptionsBanThresholdArgs' ban_threshold: Can only be specified if the action for the rule is "rate_based_ban". + If specified, the key will be banned for the configured 'banDurationSec' when the number of requests that exceed the 'rateLimitThreshold' also exceed this 'banThreshold'. + Structure is documented below. + :param str conform_action: Action to take for requests that are under the configured rate limit threshold. + Valid option is "allow" only. + :param str enforce_on_key: Determines the key to enforce the rateLimitThreshold on. Possible values are: + * ALL: A single rate limit threshold is applied to all the requests matching this rule. This is the default value if "enforceOnKey" is not configured. + * IP: The source IP address of the request is the key. Each IP has this limit enforced separately. + * HTTP_HEADER: The value of the HTTP header whose name is configured under "enforceOnKeyName". The key value is truncated to the first 128 bytes of the header value. If no such header is present in the request, the key type defaults to ALL. + * XFF_IP: The first IP address (i.e. the originating client IP address) specified in the list of IPs under X-Forwarded-For HTTP header. If no such header is present or the value is not a valid IP, the key defaults to the source IP address of the request i.e. key type IP. + * HTTP_COOKIE: The value of the HTTP cookie whose name is configured under "enforceOnKeyName". The key value is truncated to the first 128 bytes of the cookie value. If no such cookie is present in the request, the key type defaults to ALL. + * HTTP_PATH: The URL path of the HTTP request. The key value is truncated to the first 128 bytes. + * SNI: Server name indication in the TLS session of the HTTPS request. The key value is truncated to the first 128 bytes. The key type defaults to ALL on a HTTP session. + * REGION_CODE: The country/region from which the request originates. + * TLS_JA3_FINGERPRINT: JA3 TLS/SSL fingerprint if the client connects using HTTPS, HTTP/2 or HTTP/3. If not available, the key type defaults to ALL. + * USER_IP: The IP address of the originating client, which is resolved based on "userIpRequestHeaders" configured with the security policy. If there is no "userIpRequestHeaders" configuration or an IP address cannot be resolved from it, the key type defaults to IP. + Possible values are: `ALL`, `IP`, `HTTP_HEADER`, `XFF_IP`, `HTTP_COOKIE`, `HTTP_PATH`, `SNI`, `REGION_CODE`, `TLS_JA3_FINGERPRINT`, `USER_IP`. + :param Sequence['SecurityPolicyRuleRateLimitOptionsEnforceOnKeyConfigArgs'] enforce_on_key_configs: If specified, any combination of values of enforceOnKeyType/enforceOnKeyName is treated as the key on which ratelimit threshold/action is enforced. + You can specify up to 3 enforceOnKeyConfigs. + If enforceOnKeyConfigs is specified, enforceOnKey must not be specified. + Structure is documented below. :param str enforce_on_key_name: Rate limit key name applicable only for the following key types: - - * `HTTP_HEADER` -- Name of the HTTP header whose value is taken as the key value. - * `HTTP_COOKIE` -- Name of the HTTP cookie whose value is taken as the key value. - :param 'SecurityPolicyRuleRateLimitOptionsExceedRedirectOptionsArgs' exceed_redirect_options: Parameters defining the redirect action that is used as the exceed action. Cannot be specified if the exceed action is not redirect. + HTTP_HEADER -- Name of the HTTP header whose value is taken as the key value. + HTTP_COOKIE -- Name of the HTTP cookie whose value is taken as the key value. + :param str exceed_action: Action to take for requests that are above the configured rate limit threshold, to either deny with a specified HTTP response code, or redirect to a different endpoint. + Valid options are deny(STATUS), where valid values for STATUS are 403, 404, 429, and 502. + :param 'SecurityPolicyRuleRateLimitOptionsExceedRedirectOptionsArgs' exceed_redirect_options: Parameters defining the redirect action that is used as the exceed action. Cannot be specified if the exceed action is not redirect. This field is only supported in Global Security Policies of type CLOUD_ARMOR. + Structure is documented below. + :param 'SecurityPolicyRuleRateLimitOptionsRateLimitThresholdArgs' rate_limit_threshold: Threshold at which to begin ratelimiting. + Structure is documented below. """ - pulumi.set(__self__, "conform_action", conform_action) - pulumi.set(__self__, "exceed_action", exceed_action) - pulumi.set(__self__, "rate_limit_threshold", rate_limit_threshold) if ban_duration_sec is not None: pulumi.set(__self__, "ban_duration_sec", ban_duration_sec) if ban_threshold is not None: pulumi.set(__self__, "ban_threshold", ban_threshold) + if conform_action is not None: + pulumi.set(__self__, "conform_action", conform_action) if enforce_on_key is not None: pulumi.set(__self__, "enforce_on_key", enforce_on_key) if enforce_on_key_configs is not None: pulumi.set(__self__, "enforce_on_key_configs", enforce_on_key_configs) if enforce_on_key_name is not None: pulumi.set(__self__, "enforce_on_key_name", enforce_on_key_name) + if exceed_action is not None: + pulumi.set(__self__, "exceed_action", exceed_action) if exceed_redirect_options is not None: pulumi.set(__self__, "exceed_redirect_options", exceed_redirect_options) - - @property - @pulumi.getter(name="conformAction") - def conform_action(self) -> str: - """ - Action to take for requests that are under the configured rate limit threshold. Valid option is `allow` only. - """ - return pulumi.get(self, "conform_action") - - @property - @pulumi.getter(name="exceedAction") - def exceed_action(self) -> str: - """ - When a request is denied, returns the HTTP response code specified. - Valid options are `deny()` where valid values for status are 403, 404, 429, and 502. - """ - return pulumi.get(self, "exceed_action") - - @property - @pulumi.getter(name="rateLimitThreshold") - def rate_limit_threshold(self) -> 'outputs.SecurityPolicyRuleRateLimitOptionsRateLimitThreshold': - """ - Threshold at which to begin ratelimiting. Structure is documented below. - """ - return pulumi.get(self, "rate_limit_threshold") + if rate_limit_threshold is not None: + pulumi.set(__self__, "rate_limit_threshold", rate_limit_threshold) @property @pulumi.getter(name="banDurationSec") def ban_duration_sec(self) -> Optional[int]: """ - Can only be specified if the `action` for the rule is `rate_based_ban`. + Can only be specified if the action for the rule is "rate_based_ban". If specified, determines the time (in seconds) the traffic will continue to be banned by the rate limit after the rate falls below the threshold. """ return pulumi.get(self, "ban_duration_sec") @@ -32054,26 +32298,37 @@ def ban_duration_sec(self) -> Optional[int]: @pulumi.getter(name="banThreshold") def ban_threshold(self) -> Optional['outputs.SecurityPolicyRuleRateLimitOptionsBanThreshold']: """ - Can only be specified if the `action` for the rule is `rate_based_ban`. - If specified, the key will be banned for the configured `ban_duration_sec` when the number of requests that exceed the `rate_limit_threshold` also - exceed this `ban_threshold`. Structure is documented below. + Can only be specified if the action for the rule is "rate_based_ban". + If specified, the key will be banned for the configured 'banDurationSec' when the number of requests that exceed the 'rateLimitThreshold' also exceed this 'banThreshold'. + Structure is documented below. """ return pulumi.get(self, "ban_threshold") + @property + @pulumi.getter(name="conformAction") + def conform_action(self) -> Optional[str]: + """ + Action to take for requests that are under the configured rate limit threshold. + Valid option is "allow" only. + """ + return pulumi.get(self, "conform_action") + @property @pulumi.getter(name="enforceOnKey") def enforce_on_key(self) -> Optional[str]: """ - Determines the key to enforce the rate_limit_threshold on. If not specified, defaults to `ALL`. - - * `ALL`: A single rate limit threshold is applied to all the requests matching this rule. - * `IP`: The source IP address of the request is the key. Each IP has this limit enforced separately. - * `HTTP_HEADER`: The value of the HTTP header whose name is configured under `enforce_on_key_name`. The key value is truncated to the first 128 bytes of the header value. If no such header is present in the request, the key type defaults to `ALL`. - * `XFF_IP`: The first IP address (i.e. the originating client IP address) specified in the list of IPs under `X-Forwarded-For` HTTP header. If no such header is present or the value is not a valid IP, the key type defaults to `ALL`. - * `HTTP_COOKIE`: The value of the HTTP cookie whose name is configured under `enforce_on_key_name`. The key value is truncated to the first 128 bytes of the cookie value. If no such cookie is present in the request, the key type defaults to `ALL`. - * `HTTP_PATH`: The URL path of the HTTP request. The key value is truncated to the first 128 bytes - * `SNI`: Server name indication in the TLS session of the HTTPS request. The key value is truncated to the first 128 bytes. The key type defaults to `ALL` on a HTTP session. - * `REGION_CODE`: The country/region from which the request originates. + Determines the key to enforce the rateLimitThreshold on. Possible values are: + * ALL: A single rate limit threshold is applied to all the requests matching this rule. This is the default value if "enforceOnKey" is not configured. + * IP: The source IP address of the request is the key. Each IP has this limit enforced separately. + * HTTP_HEADER: The value of the HTTP header whose name is configured under "enforceOnKeyName". The key value is truncated to the first 128 bytes of the header value. If no such header is present in the request, the key type defaults to ALL. + * XFF_IP: The first IP address (i.e. the originating client IP address) specified in the list of IPs under X-Forwarded-For HTTP header. If no such header is present or the value is not a valid IP, the key defaults to the source IP address of the request i.e. key type IP. + * HTTP_COOKIE: The value of the HTTP cookie whose name is configured under "enforceOnKeyName". The key value is truncated to the first 128 bytes of the cookie value. If no such cookie is present in the request, the key type defaults to ALL. + * HTTP_PATH: The URL path of the HTTP request. The key value is truncated to the first 128 bytes. + * SNI: Server name indication in the TLS session of the HTTPS request. The key value is truncated to the first 128 bytes. The key type defaults to ALL on a HTTP session. + * REGION_CODE: The country/region from which the request originates. + * TLS_JA3_FINGERPRINT: JA3 TLS/SSL fingerprint if the client connects using HTTPS, HTTP/2 or HTTP/3. If not available, the key type defaults to ALL. + * USER_IP: The IP address of the originating client, which is resolved based on "userIpRequestHeaders" configured with the security policy. If there is no "userIpRequestHeaders" configuration or an IP address cannot be resolved from it, the key type defaults to IP. + Possible values are: `ALL`, `IP`, `HTTP_HEADER`, `XFF_IP`, `HTTP_COOKIE`, `HTTP_PATH`, `SNI`, `REGION_CODE`, `TLS_JA3_FINGERPRINT`, `USER_IP`. """ return pulumi.get(self, "enforce_on_key") @@ -32081,9 +32336,10 @@ def enforce_on_key(self) -> Optional[str]: @pulumi.getter(name="enforceOnKeyConfigs") def enforce_on_key_configs(self) -> Optional[Sequence['outputs.SecurityPolicyRuleRateLimitOptionsEnforceOnKeyConfig']]: """ - If specified, any combination of values of enforce_on_key_type/enforce_on_key_name is treated as the key on which rate limit threshold/action is enforced. You can specify up to 3 enforce_on_key_configs. If `enforce_on_key_configs` is specified, `enforce_on_key` must be set to an empty string. Structure is documented below. - - **Note:** To avoid the conflict between `enforce_on_key` and `enforce_on_key_configs`, the field `enforce_on_key` needs to be set to an empty string. + If specified, any combination of values of enforceOnKeyType/enforceOnKeyName is treated as the key on which ratelimit threshold/action is enforced. + You can specify up to 3 enforceOnKeyConfigs. + If enforceOnKeyConfigs is specified, enforceOnKey must not be specified. + Structure is documented below. """ return pulumi.get(self, "enforce_on_key_configs") @@ -32092,20 +32348,38 @@ def enforce_on_key_configs(self) -> Optional[Sequence['outputs.SecurityPolicyRul def enforce_on_key_name(self) -> Optional[str]: """ Rate limit key name applicable only for the following key types: - - * `HTTP_HEADER` -- Name of the HTTP header whose value is taken as the key value. - * `HTTP_COOKIE` -- Name of the HTTP cookie whose value is taken as the key value. + HTTP_HEADER -- Name of the HTTP header whose value is taken as the key value. + HTTP_COOKIE -- Name of the HTTP cookie whose value is taken as the key value. """ return pulumi.get(self, "enforce_on_key_name") + @property + @pulumi.getter(name="exceedAction") + def exceed_action(self) -> Optional[str]: + """ + Action to take for requests that are above the configured rate limit threshold, to either deny with a specified HTTP response code, or redirect to a different endpoint. + Valid options are deny(STATUS), where valid values for STATUS are 403, 404, 429, and 502. + """ + return pulumi.get(self, "exceed_action") + @property @pulumi.getter(name="exceedRedirectOptions") def exceed_redirect_options(self) -> Optional['outputs.SecurityPolicyRuleRateLimitOptionsExceedRedirectOptions']: """ - Parameters defining the redirect action that is used as the exceed action. Cannot be specified if the exceed action is not redirect. + Parameters defining the redirect action that is used as the exceed action. Cannot be specified if the exceed action is not redirect. This field is only supported in Global Security Policies of type CLOUD_ARMOR. + Structure is documented below. """ return pulumi.get(self, "exceed_redirect_options") + @property + @pulumi.getter(name="rateLimitThreshold") + def rate_limit_threshold(self) -> Optional['outputs.SecurityPolicyRuleRateLimitOptionsRateLimitThreshold']: + """ + Threshold at which to begin ratelimiting. + Structure is documented below. + """ + return pulumi.get(self, "rate_limit_threshold") + @pulumi.output_type class SecurityPolicyRuleRateLimitOptionsBanThreshold(dict): @@ -32127,18 +32401,20 @@ def get(self, key: str, default = None) -> Any: return super().get(key, default) def __init__(__self__, *, - count: int, - interval_sec: int): + count: Optional[int] = None, + interval_sec: Optional[int] = None): """ :param int count: Number of HTTP(S) requests for calculating the threshold. :param int interval_sec: Interval over which the threshold is computed. """ - pulumi.set(__self__, "count", count) - pulumi.set(__self__, "interval_sec", interval_sec) + if count is not None: + pulumi.set(__self__, "count", count) + if interval_sec is not None: + pulumi.set(__self__, "interval_sec", interval_sec) @property @pulumi.getter - def count(self) -> int: + def count(self) -> Optional[int]: """ Number of HTTP(S) requests for calculating the threshold. """ @@ -32146,7 +32422,7 @@ def count(self) -> int: @property @pulumi.getter(name="intervalSec") - def interval_sec(self) -> int: + def interval_sec(self) -> Optional[int]: """ Interval over which the threshold is computed. """ @@ -32179,19 +32455,20 @@ def __init__(__self__, *, enforce_on_key_type: Optional[str] = None): """ :param str enforce_on_key_name: Rate limit key name applicable only for the following key types: - - * `HTTP_HEADER` -- Name of the HTTP header whose value is taken as the key value. - * `HTTP_COOKIE` -- Name of the HTTP cookie whose value is taken as the key value. - :param str enforce_on_key_type: Determines the key to enforce the `rate_limit_threshold` on. If not specified, defaults to `ALL`. - - * `ALL`: A single rate limit threshold is applied to all the requests matching this rule. - * `IP`: The source IP address of the request is the key. Each IP has this limit enforced separately. - * `HTTP_HEADER`: The value of the HTTP header whose name is configured on `enforce_on_key_name`. The key value is truncated to the first 128 bytes of the header value. If no such header is present in the request, the key type defaults to `ALL`. - * `XFF_IP`: The first IP address (i.e. the originating client IP address) specified in the list of IPs under X-Forwarded-For HTTP header. If no such header is present or the value is not a valid IP, the key type defaults to `ALL`. - * `HTTP_COOKIE`: The value of the HTTP cookie whose name is configured under `enforce_on_key_name`. The key value is truncated to the first 128 bytes of the cookie value. If no such cookie is present in the request, the key type defaults to `ALL`. - * `HTTP_PATH`: The URL path of the HTTP request. The key value is truncated to the first 128 bytes - * `SNI`: Server name indication in the TLS session of the HTTPS request. The key value is truncated to the first 128 bytes. The key type defaults to `ALL` on a HTTP session. - * `REGION_CODE`: The country/region from which the request originates. + HTTP_HEADER -- Name of the HTTP header whose value is taken as the key value. + HTTP_COOKIE -- Name of the HTTP cookie whose value is taken as the key value. + :param str enforce_on_key_type: Determines the key to enforce the rateLimitThreshold on. Possible values are: + * ALL: A single rate limit threshold is applied to all the requests matching this rule. This is the default value if "enforceOnKeyConfigs" is not configured. + * IP: The source IP address of the request is the key. Each IP has this limit enforced separately. + * HTTP_HEADER: The value of the HTTP header whose name is configured under "enforceOnKeyName". The key value is truncated to the first 128 bytes of the header value. If no such header is present in the request, the key type defaults to ALL. + * XFF_IP: The first IP address (i.e. the originating client IP address) specified in the list of IPs under X-Forwarded-For HTTP header. If no such header is present or the value is not a valid IP, the key defaults to the source IP address of the request i.e. key type IP. + * HTTP_COOKIE: The value of the HTTP cookie whose name is configured under "enforceOnKeyName". The key value is truncated to the first 128 bytes of the cookie value. If no such cookie is present in the request, the key type defaults to ALL. + * HTTP_PATH: The URL path of the HTTP request. The key value is truncated to the first 128 bytes. + * SNI: Server name indication in the TLS session of the HTTPS request. The key value is truncated to the first 128 bytes. The key type defaults to ALL on a HTTP session. + * REGION_CODE: The country/region from which the request originates. + * TLS_JA3_FINGERPRINT: JA3 TLS/SSL fingerprint if the client connects using HTTPS, HTTP/2 or HTTP/3. If not available, the key type defaults to ALL. + * USER_IP: The IP address of the originating client, which is resolved based on "userIpRequestHeaders" configured with the security policy. If there is no "userIpRequestHeaders" configuration or an IP address cannot be resolved from it, the key type defaults to IP. + Possible values are: `ALL`, `IP`, `HTTP_HEADER`, `XFF_IP`, `HTTP_COOKIE`, `HTTP_PATH`, `SNI`, `REGION_CODE`, `TLS_JA3_FINGERPRINT`, `USER_IP`. """ if enforce_on_key_name is not None: pulumi.set(__self__, "enforce_on_key_name", enforce_on_key_name) @@ -32203,9 +32480,8 @@ def __init__(__self__, *, def enforce_on_key_name(self) -> Optional[str]: """ Rate limit key name applicable only for the following key types: - - * `HTTP_HEADER` -- Name of the HTTP header whose value is taken as the key value. - * `HTTP_COOKIE` -- Name of the HTTP cookie whose value is taken as the key value. + HTTP_HEADER -- Name of the HTTP header whose value is taken as the key value. + HTTP_COOKIE -- Name of the HTTP cookie whose value is taken as the key value. """ return pulumi.get(self, "enforce_on_key_name") @@ -32213,16 +32489,18 @@ def enforce_on_key_name(self) -> Optional[str]: @pulumi.getter(name="enforceOnKeyType") def enforce_on_key_type(self) -> Optional[str]: """ - Determines the key to enforce the `rate_limit_threshold` on. If not specified, defaults to `ALL`. - - * `ALL`: A single rate limit threshold is applied to all the requests matching this rule. - * `IP`: The source IP address of the request is the key. Each IP has this limit enforced separately. - * `HTTP_HEADER`: The value of the HTTP header whose name is configured on `enforce_on_key_name`. The key value is truncated to the first 128 bytes of the header value. If no such header is present in the request, the key type defaults to `ALL`. - * `XFF_IP`: The first IP address (i.e. the originating client IP address) specified in the list of IPs under X-Forwarded-For HTTP header. If no such header is present or the value is not a valid IP, the key type defaults to `ALL`. - * `HTTP_COOKIE`: The value of the HTTP cookie whose name is configured under `enforce_on_key_name`. The key value is truncated to the first 128 bytes of the cookie value. If no such cookie is present in the request, the key type defaults to `ALL`. - * `HTTP_PATH`: The URL path of the HTTP request. The key value is truncated to the first 128 bytes - * `SNI`: Server name indication in the TLS session of the HTTPS request. The key value is truncated to the first 128 bytes. The key type defaults to `ALL` on a HTTP session. - * `REGION_CODE`: The country/region from which the request originates. + Determines the key to enforce the rateLimitThreshold on. Possible values are: + * ALL: A single rate limit threshold is applied to all the requests matching this rule. This is the default value if "enforceOnKeyConfigs" is not configured. + * IP: The source IP address of the request is the key. Each IP has this limit enforced separately. + * HTTP_HEADER: The value of the HTTP header whose name is configured under "enforceOnKeyName". The key value is truncated to the first 128 bytes of the header value. If no such header is present in the request, the key type defaults to ALL. + * XFF_IP: The first IP address (i.e. the originating client IP address) specified in the list of IPs under X-Forwarded-For HTTP header. If no such header is present or the value is not a valid IP, the key defaults to the source IP address of the request i.e. key type IP. + * HTTP_COOKIE: The value of the HTTP cookie whose name is configured under "enforceOnKeyName". The key value is truncated to the first 128 bytes of the cookie value. If no such cookie is present in the request, the key type defaults to ALL. + * HTTP_PATH: The URL path of the HTTP request. The key value is truncated to the first 128 bytes. + * SNI: Server name indication in the TLS session of the HTTPS request. The key value is truncated to the first 128 bytes. The key type defaults to ALL on a HTTP session. + * REGION_CODE: The country/region from which the request originates. + * TLS_JA3_FINGERPRINT: JA3 TLS/SSL fingerprint if the client connects using HTTPS, HTTP/2 or HTTP/3. If not available, the key type defaults to ALL. + * USER_IP: The IP address of the originating client, which is resolved based on "userIpRequestHeaders" configured with the security policy. If there is no "userIpRequestHeaders" configuration or an IP address cannot be resolved from it, the key type defaults to IP. + Possible values are: `ALL`, `IP`, `HTTP_HEADER`, `XFF_IP`, `HTTP_COOKIE`, `HTTP_PATH`, `SNI`, `REGION_CODE`, `TLS_JA3_FINGERPRINT`, `USER_IP`. """ return pulumi.get(self, "enforce_on_key_type") @@ -32230,31 +32508,32 @@ def enforce_on_key_type(self) -> Optional[str]: @pulumi.output_type class SecurityPolicyRuleRateLimitOptionsExceedRedirectOptions(dict): def __init__(__self__, *, - type: str, - target: Optional[str] = None): + target: Optional[str] = None, + type: Optional[str] = None): """ + :param str target: Target for the redirect action. This is required if the type is EXTERNAL_302 and cannot be specified for GOOGLE_RECAPTCHA. :param str type: Type of the redirect action. - :param str target: Target for the redirect action. This is required if the type is `EXTERNAL_302` and cannot be specified for `GOOGLE_RECAPTCHA`. """ - pulumi.set(__self__, "type", type) if target is not None: pulumi.set(__self__, "target", target) + if type is not None: + pulumi.set(__self__, "type", type) @property @pulumi.getter - def type(self) -> str: + def target(self) -> Optional[str]: """ - Type of the redirect action. + Target for the redirect action. This is required if the type is EXTERNAL_302 and cannot be specified for GOOGLE_RECAPTCHA. """ - return pulumi.get(self, "type") + return pulumi.get(self, "target") @property @pulumi.getter - def target(self) -> Optional[str]: + def type(self) -> Optional[str]: """ - Target for the redirect action. This is required if the type is `EXTERNAL_302` and cannot be specified for `GOOGLE_RECAPTCHA`. + Type of the redirect action. """ - return pulumi.get(self, "target") + return pulumi.get(self, "type") @pulumi.output_type @@ -32277,18 +32556,20 @@ def get(self, key: str, default = None) -> Any: return super().get(key, default) def __init__(__self__, *, - count: int, - interval_sec: int): + count: Optional[int] = None, + interval_sec: Optional[int] = None): """ :param int count: Number of HTTP(S) requests for calculating the threshold. :param int interval_sec: Interval over which the threshold is computed. """ - pulumi.set(__self__, "count", count) - pulumi.set(__self__, "interval_sec", interval_sec) + if count is not None: + pulumi.set(__self__, "count", count) + if interval_sec is not None: + pulumi.set(__self__, "interval_sec", interval_sec) @property @pulumi.getter - def count(self) -> int: + def count(self) -> Optional[int]: """ Number of HTTP(S) requests for calculating the threshold. """ @@ -32296,7 +32577,7 @@ def count(self) -> int: @property @pulumi.getter(name="intervalSec") - def interval_sec(self) -> int: + def interval_sec(self) -> Optional[int]: """ Interval over which the threshold is computed. """ @@ -44636,6 +44917,7 @@ def __init__(__self__, *, min_node_cpus: int, node_affinities: Sequence['outputs.GetInstanceSchedulingNodeAffinityResult'], on_host_maintenance: str, + on_instance_stop_actions: Sequence['outputs.GetInstanceSchedulingOnInstanceStopActionResult'], preemptible: bool, provisioning_model: str): """ @@ -44652,6 +44934,7 @@ def __init__(__self__, *, :param str on_host_maintenance: Describes maintenance behavior for the instance. One of `MIGRATE` or `TERMINATE`, for more info, read [here](https://cloud.google.com/compute/docs/instances/setting-instance-scheduling-options) + :param Sequence['GetInstanceSchedulingOnInstanceStopActionArgs'] on_instance_stop_actions: Defines the behaviour for instances with the instance_termination_action. :param bool preemptible: Whether the instance is preemptible. :param str provisioning_model: Describe the type of preemptible VM. """ @@ -44663,6 +44946,7 @@ def __init__(__self__, *, pulumi.set(__self__, "min_node_cpus", min_node_cpus) pulumi.set(__self__, "node_affinities", node_affinities) pulumi.set(__self__, "on_host_maintenance", on_host_maintenance) + pulumi.set(__self__, "on_instance_stop_actions", on_instance_stop_actions) pulumi.set(__self__, "preemptible", preemptible) pulumi.set(__self__, "provisioning_model", provisioning_model) @@ -44733,6 +45017,14 @@ def on_host_maintenance(self) -> str: """ return pulumi.get(self, "on_host_maintenance") + @property + @pulumi.getter(name="onInstanceStopActions") + def on_instance_stop_actions(self) -> Sequence['outputs.GetInstanceSchedulingOnInstanceStopActionResult']: + """ + Defines the behaviour for instances with the instance_termination_action. + """ + return pulumi.get(self, "on_instance_stop_actions") + @property @pulumi.getter def preemptible(self) -> bool: @@ -44850,6 +45142,24 @@ def values(self) -> Sequence[str]: return pulumi.get(self, "values") +@pulumi.output_type +class GetInstanceSchedulingOnInstanceStopActionResult(dict): + def __init__(__self__, *, + discard_local_ssd: bool): + """ + :param bool discard_local_ssd: If true, the contents of any attached Local SSD disks will be discarded. + """ + pulumi.set(__self__, "discard_local_ssd", discard_local_ssd) + + @property + @pulumi.getter(name="discardLocalSsd") + def discard_local_ssd(self) -> bool: + """ + If true, the contents of any attached Local SSD disks will be discarded. + """ + return pulumi.get(self, "discard_local_ssd") + + @pulumi.output_type class GetInstanceScratchDiskResult(dict): def __init__(__self__, *, @@ -45869,6 +46179,7 @@ def __init__(__self__, *, min_node_cpus: int, node_affinities: Sequence['outputs.GetInstanceTemplateSchedulingNodeAffinityResult'], on_host_maintenance: str, + on_instance_stop_actions: Sequence['outputs.GetInstanceTemplateSchedulingOnInstanceStopActionResult'], preemptible: bool, provisioning_model: str): """ @@ -45890,6 +46201,7 @@ def __init__(__self__, *, Structure documented below. :param str on_host_maintenance: Defines the maintenance behavior for this instance. + :param Sequence['GetInstanceTemplateSchedulingOnInstanceStopActionArgs'] on_instance_stop_actions: Defines the behaviour for instances with the instance_termination_action. :param bool preemptible: Allows instance to be preempted. This defaults to false. Read more on this [here](https://cloud.google.com/compute/docs/instances/preemptible). @@ -45903,6 +46215,7 @@ def __init__(__self__, *, pulumi.set(__self__, "min_node_cpus", min_node_cpus) pulumi.set(__self__, "node_affinities", node_affinities) pulumi.set(__self__, "on_host_maintenance", on_host_maintenance) + pulumi.set(__self__, "on_instance_stop_actions", on_instance_stop_actions) pulumi.set(__self__, "preemptible", preemptible) pulumi.set(__self__, "provisioning_model", provisioning_model) @@ -45980,6 +46293,14 @@ def on_host_maintenance(self) -> str: """ return pulumi.get(self, "on_host_maintenance") + @property + @pulumi.getter(name="onInstanceStopActions") + def on_instance_stop_actions(self) -> Sequence['outputs.GetInstanceTemplateSchedulingOnInstanceStopActionResult']: + """ + Defines the behaviour for instances with the instance_termination_action. + """ + return pulumi.get(self, "on_instance_stop_actions") + @property @pulumi.getter def preemptible(self) -> bool: @@ -46111,6 +46432,24 @@ def values(self) -> Sequence[str]: return pulumi.get(self, "values") +@pulumi.output_type +class GetInstanceTemplateSchedulingOnInstanceStopActionResult(dict): + def __init__(__self__, *, + discard_local_ssd: bool): + """ + :param bool discard_local_ssd: If true, the contents of any attached Local SSD disks will be discarded. + """ + pulumi.set(__self__, "discard_local_ssd", discard_local_ssd) + + @property + @pulumi.getter(name="discardLocalSsd") + def discard_local_ssd(self) -> bool: + """ + If true, the contents of any attached Local SSD disks will be discarded. + """ + return pulumi.get(self, "discard_local_ssd") + + @pulumi.output_type class GetInstanceTemplateServiceAccountResult(dict): def __init__(__self__, *, @@ -47477,6 +47816,7 @@ def __init__(__self__, *, min_node_cpus: int, node_affinities: Sequence['outputs.GetRegionInstanceTemplateSchedulingNodeAffinityResult'], on_host_maintenance: str, + on_instance_stop_actions: Sequence['outputs.GetRegionInstanceTemplateSchedulingOnInstanceStopActionResult'], preemptible: bool, provisioning_model: str): """ @@ -47498,6 +47838,7 @@ def __init__(__self__, *, Structure documented below. :param str on_host_maintenance: Defines the maintenance behavior for this instance. + :param Sequence['GetRegionInstanceTemplateSchedulingOnInstanceStopActionArgs'] on_instance_stop_actions: Defines the behaviour for instances with the instance_termination_action. :param bool preemptible: Allows instance to be preempted. This defaults to false. Read more on this [here](https://cloud.google.com/compute/docs/instances/preemptible). @@ -47511,6 +47852,7 @@ def __init__(__self__, *, pulumi.set(__self__, "min_node_cpus", min_node_cpus) pulumi.set(__self__, "node_affinities", node_affinities) pulumi.set(__self__, "on_host_maintenance", on_host_maintenance) + pulumi.set(__self__, "on_instance_stop_actions", on_instance_stop_actions) pulumi.set(__self__, "preemptible", preemptible) pulumi.set(__self__, "provisioning_model", provisioning_model) @@ -47588,6 +47930,14 @@ def on_host_maintenance(self) -> str: """ return pulumi.get(self, "on_host_maintenance") + @property + @pulumi.getter(name="onInstanceStopActions") + def on_instance_stop_actions(self) -> Sequence['outputs.GetRegionInstanceTemplateSchedulingOnInstanceStopActionResult']: + """ + Defines the behaviour for instances with the instance_termination_action. + """ + return pulumi.get(self, "on_instance_stop_actions") + @property @pulumi.getter def preemptible(self) -> bool: @@ -47719,6 +48069,24 @@ def values(self) -> Sequence[str]: return pulumi.get(self, "values") +@pulumi.output_type +class GetRegionInstanceTemplateSchedulingOnInstanceStopActionResult(dict): + def __init__(__self__, *, + discard_local_ssd: bool): + """ + :param bool discard_local_ssd: If true, the contents of any attached Local SSD disks will be discarded. + """ + pulumi.set(__self__, "discard_local_ssd", discard_local_ssd) + + @property + @pulumi.getter(name="discardLocalSsd") + def discard_local_ssd(self) -> bool: + """ + If true, the contents of any attached Local SSD disks will be discarded. + """ + return pulumi.get(self, "discard_local_ssd") + + @pulumi.output_type class GetRegionInstanceTemplateServiceAccountResult(dict): def __init__(__self__, *, @@ -49703,3 +50071,83 @@ def range_name(self) -> str: return pulumi.get(self, "range_name") +@pulumi.output_type +class GetSubnetworksSubnetworkResult(dict): + def __init__(__self__, *, + description: str, + ip_cidr_range: str, + name: str, + network: str, + network_self_link: str, + private_ip_google_access: bool, + self_link: str): + """ + :param str description: Description of the subnetwork. + :param str ip_cidr_range: The IP address range represented as a CIDR block. + :param str name: The name of the subnetwork. + :param str network: The self link of the parent network. + :param bool private_ip_google_access: Whether the VMs in the subnet can access Google services without assigned external IP addresses. + :param str self_link: The self link of the subnetwork. + """ + pulumi.set(__self__, "description", description) + pulumi.set(__self__, "ip_cidr_range", ip_cidr_range) + pulumi.set(__self__, "name", name) + pulumi.set(__self__, "network", network) + pulumi.set(__self__, "network_self_link", network_self_link) + pulumi.set(__self__, "private_ip_google_access", private_ip_google_access) + pulumi.set(__self__, "self_link", self_link) + + @property + @pulumi.getter + def description(self) -> str: + """ + Description of the subnetwork. + """ + return pulumi.get(self, "description") + + @property + @pulumi.getter(name="ipCidrRange") + def ip_cidr_range(self) -> str: + """ + The IP address range represented as a CIDR block. + """ + return pulumi.get(self, "ip_cidr_range") + + @property + @pulumi.getter + def name(self) -> str: + """ + The name of the subnetwork. + """ + return pulumi.get(self, "name") + + @property + @pulumi.getter + def network(self) -> str: + """ + The self link of the parent network. + """ + return pulumi.get(self, "network") + + @property + @pulumi.getter(name="networkSelfLink") + def network_self_link(self) -> str: + return pulumi.get(self, "network_self_link") + + @property + @pulumi.getter(name="privateIpGoogleAccess") + def private_ip_google_access(self) -> bool: + """ + Whether the VMs in the subnet can access Google services without assigned external IP addresses. + """ + return pulumi.get(self, "private_ip_google_access") + + @property + @pulumi.getter(name="selfLink") + def self_link(self) -> str: + """ + The self link of the subnetwork. + """ + return pulumi.get(self, "self_link") + + diff --git a/sdk/python/pulumi_gcp/compute/region_ssl_policy.py b/sdk/python/pulumi_gcp/compute/region_ssl_policy.py index f33f417b70..2f16995b82 100644 --- a/sdk/python/pulumi_gcp/compute/region_ssl_policy.py +++ b/sdk/python/pulumi_gcp/compute/region_ssl_policy.py @@ -14,19 +14,15 @@ @pulumi.input_type class RegionSslPolicyArgs: def __init__(__self__, *, - region: pulumi.Input[str], custom_features: Optional[pulumi.Input[Sequence[pulumi.Input[str]]]] = None, description: Optional[pulumi.Input[str]] = None, min_tls_version: Optional[pulumi.Input[str]] = None, name: Optional[pulumi.Input[str]] = None, profile: Optional[pulumi.Input[str]] = None, - project: Optional[pulumi.Input[str]] = None): + project: Optional[pulumi.Input[str]] = None, + region: Optional[pulumi.Input[str]] = None): """ The set of arguments for constructing a RegionSslPolicy resource. - :param pulumi.Input[str] region: The region where the regional SSL policy resides. - - - - - - :param pulumi.Input[Sequence[pulumi.Input[str]]] custom_features: A list of features enabled when the selected profile is CUSTOM. The method returns the set of features that can be specified in this list. This field must be empty if the profile is not CUSTOM. @@ -46,6 +42,9 @@ def __init__(__self__, *, first character must be a lowercase letter, and all following characters must be a dash, lowercase letter, or digit, except the last character, which cannot be a dash. + + + - - - :param pulumi.Input[str] profile: Profile specifies the set of SSL features that can be used by the load balancer when negotiating SSL with clients. If using `CUSTOM`, the set of SSL features to enable must be specified in the @@ -57,8 +56,8 @@ def __init__(__self__, *, Possible values are: `COMPATIBLE`, `MODERN`, `RESTRICTED`, `CUSTOM`. :param pulumi.Input[str] project: The ID of the project in which the resource belongs. If it is not provided, the provider project is used. + :param pulumi.Input[str] region: The region where the regional SSL policy resides. """ - pulumi.set(__self__, "region", region) if custom_features is not None: pulumi.set(__self__, "custom_features", custom_features) if description is not None: @@ -71,21 +70,8 @@ def __init__(__self__, *, pulumi.set(__self__, "profile", profile) if project is not None: pulumi.set(__self__, "project", project) - - @property - @pulumi.getter - def region(self) -> pulumi.Input[str]: - """ - The region where the regional SSL policy resides. - - - - - - - """ - return pulumi.get(self, "region") - - @region.setter - def region(self, value: pulumi.Input[str]): - pulumi.set(self, "region", value) + if region is not None: + pulumi.set(__self__, "region", region) @property @pulumi.getter(name="customFeatures") @@ -143,6 +129,9 @@ def name(self) -> Optional[pulumi.Input[str]]: first character must be a lowercase letter, and all following characters must be a dash, lowercase letter, or digit, except the last character, which cannot be a dash. + + + - - - """ return pulumi.get(self, "name") @@ -183,6 +172,18 @@ def project(self) -> Optional[pulumi.Input[str]]: def project(self, value: Optional[pulumi.Input[str]]): pulumi.set(self, "project", value) + @property + @pulumi.getter + def region(self) -> Optional[pulumi.Input[str]]: + """ + The region where the regional SSL policy resides. + """ + return pulumi.get(self, "region") + + @region.setter + def region(self, value: Optional[pulumi.Input[str]]): + pulumi.set(self, "region", value) + @pulumi.input_type class _RegionSslPolicyState: @@ -223,6 +224,9 @@ def __init__(__self__, *, first character must be a lowercase letter, and all following characters must be a dash, lowercase letter, or digit, except the last character, which cannot be a dash. + + + - - - :param pulumi.Input[str] profile: Profile specifies the set of SSL features that can be used by the load balancer when negotiating SSL with clients. If using `CUSTOM`, the set of SSL features to enable must be specified in the @@ -235,9 +239,6 @@ def __init__(__self__, *, :param pulumi.Input[str] project: The ID of the project in which the resource belongs. If it is not provided, the provider project is used. :param pulumi.Input[str] region: The region where the regional SSL policy resides. - - - - - - :param pulumi.Input[str] self_link: The URI of the created resource. """ if creation_timestamp is not None: @@ -356,6 +357,9 @@ def name(self) -> Optional[pulumi.Input[str]]: first character must be a lowercase letter, and all following characters must be a dash, lowercase letter, or digit, except the last character, which cannot be a dash. + + + - - - """ return pulumi.get(self, "name") @@ -401,9 +405,6 @@ def project(self, value: Optional[pulumi.Input[str]]): def region(self) -> Optional[pulumi.Input[str]]: """ The region where the regional SSL policy resides. - - - - - - """ return pulumi.get(self, "region") @@ -498,6 +499,9 @@ def __init__(__self__, first character must be a lowercase letter, and all following characters must be a dash, lowercase letter, or digit, except the last character, which cannot be a dash. + + + - - - :param pulumi.Input[str] profile: Profile specifies the set of SSL features that can be used by the load balancer when negotiating SSL with clients. If using `CUSTOM`, the set of SSL features to enable must be specified in the @@ -510,15 +514,12 @@ def __init__(__self__, :param pulumi.Input[str] project: The ID of the project in which the resource belongs. If it is not provided, the provider project is used. :param pulumi.Input[str] region: The region where the regional SSL policy resides. - - - - - - """ ... @overload def __init__(__self__, resource_name: str, - args: RegionSslPolicyArgs, + args: Optional[RegionSslPolicyArgs] = None, opts: Optional[pulumi.ResourceOptions] = None): """ Represents a Regional SSL policy. SSL policies give you the ability to control the @@ -597,8 +598,6 @@ def _internal_init(__self__, __props__.__dict__["name"] = name __props__.__dict__["profile"] = profile __props__.__dict__["project"] = project - if region is None and not opts.urn: - raise TypeError("Missing required property 'region'") __props__.__dict__["region"] = region __props__.__dict__["creation_timestamp"] = None __props__.__dict__["enabled_features"] = None @@ -655,6 +654,9 @@ def get(resource_name: str, first character must be a lowercase letter, and all following characters must be a dash, lowercase letter, or digit, except the last character, which cannot be a dash. + + + - - - :param pulumi.Input[str] profile: Profile specifies the set of SSL features that can be used by the load balancer when negotiating SSL with clients. If using `CUSTOM`, the set of SSL features to enable must be specified in the @@ -667,9 +669,6 @@ def get(resource_name: str, :param pulumi.Input[str] project: The ID of the project in which the resource belongs. If it is not provided, the provider project is used. :param pulumi.Input[str] region: The region where the regional SSL policy resides. - - - - - - :param pulumi.Input[str] self_link: The URI of the created resource. """ opts = pulumi.ResourceOptions.merge(opts, pulumi.ResourceOptions(id=id)) @@ -758,6 +757,9 @@ def name(self) -> pulumi.Output[str]: first character must be a lowercase letter, and all following characters must be a dash, lowercase letter, or digit, except the last character, which cannot be a dash. + + + - - - """ return pulumi.get(self, "name") @@ -791,9 +793,6 @@ def project(self) -> pulumi.Output[str]: def region(self) -> pulumi.Output[str]: """ The region where the regional SSL policy resides. - - - - - - """ return pulumi.get(self, "region") diff --git a/sdk/python/pulumi_gcp/compute/security_policy_rule.py b/sdk/python/pulumi_gcp/compute/security_policy_rule.py index c3301db921..4436bc402f 100644 --- a/sdk/python/pulumi_gcp/compute/security_policy_rule.py +++ b/sdk/python/pulumi_gcp/compute/security_policy_rule.py @@ -23,7 +23,8 @@ def __init__(__self__, *, match: Optional[pulumi.Input['SecurityPolicyRuleMatchArgs']] = None, preconfigured_waf_config: Optional[pulumi.Input['SecurityPolicyRulePreconfiguredWafConfigArgs']] = None, preview: Optional[pulumi.Input[bool]] = None, - project: Optional[pulumi.Input[str]] = None): + project: Optional[pulumi.Input[str]] = None, + rate_limit_options: Optional[pulumi.Input['SecurityPolicyRuleRateLimitOptionsArgs']] = None): """ The set of arguments for constructing a SecurityPolicyRule resource. :param pulumi.Input[str] action: The Action to perform when the rule is matched. The following are the valid actions: @@ -49,6 +50,8 @@ def __init__(__self__, *, :param pulumi.Input[bool] preview: If set to true, the specified action is not enforced. :param pulumi.Input[str] project: The ID of the project in which the resource belongs. If it is not provided, the provider project is used. + :param pulumi.Input['SecurityPolicyRuleRateLimitOptionsArgs'] rate_limit_options: Must be specified if the action is "rate_based_ban" or "throttle". Cannot be specified for any other actions. + Structure is documented below. """ pulumi.set(__self__, "action", action) pulumi.set(__self__, "priority", priority) @@ -63,6 +66,8 @@ def __init__(__self__, *, pulumi.set(__self__, "preview", preview) if project is not None: pulumi.set(__self__, "project", project) + if rate_limit_options is not None: + pulumi.set(__self__, "rate_limit_options", rate_limit_options) @property @pulumi.getter @@ -175,6 +180,19 @@ def project(self) -> Optional[pulumi.Input[str]]: def project(self, value: Optional[pulumi.Input[str]]): pulumi.set(self, "project", value) + @property + @pulumi.getter(name="rateLimitOptions") + def rate_limit_options(self) -> Optional[pulumi.Input['SecurityPolicyRuleRateLimitOptionsArgs']]: + """ + Must be specified if the action is "rate_based_ban" or "throttle". Cannot be specified for any other actions. + Structure is documented below. + """ + return pulumi.get(self, "rate_limit_options") + + @rate_limit_options.setter + def rate_limit_options(self, value: Optional[pulumi.Input['SecurityPolicyRuleRateLimitOptionsArgs']]): + pulumi.set(self, "rate_limit_options", value) + @pulumi.input_type class _SecurityPolicyRuleState: @@ -186,6 +204,7 @@ def __init__(__self__, *, preview: Optional[pulumi.Input[bool]] = None, priority: Optional[pulumi.Input[int]] = None, project: Optional[pulumi.Input[str]] = None, + rate_limit_options: Optional[pulumi.Input['SecurityPolicyRuleRateLimitOptionsArgs']] = None, security_policy: Optional[pulumi.Input[str]] = None): """ Input properties used for looking up and filtering SecurityPolicyRule resources. @@ -208,6 +227,8 @@ def __init__(__self__, *, Rules are evaluated from highest to lowest priority where 0 is the highest priority and 2147483647 is the lowest priority. :param pulumi.Input[str] project: The ID of the project in which the resource belongs. If it is not provided, the provider project is used. + :param pulumi.Input['SecurityPolicyRuleRateLimitOptionsArgs'] rate_limit_options: Must be specified if the action is "rate_based_ban" or "throttle". Cannot be specified for any other actions. + Structure is documented below. :param pulumi.Input[str] security_policy: The name of the security policy this rule belongs to. @@ -227,6 +248,8 @@ def __init__(__self__, *, pulumi.set(__self__, "priority", priority) if project is not None: pulumi.set(__self__, "project", project) + if rate_limit_options is not None: + pulumi.set(__self__, "rate_limit_options", rate_limit_options) if security_policy is not None: pulumi.set(__self__, "security_policy", security_policy) @@ -326,6 +349,19 @@ def project(self) -> Optional[pulumi.Input[str]]: def project(self, value: Optional[pulumi.Input[str]]): pulumi.set(self, "project", value) + @property + @pulumi.getter(name="rateLimitOptions") + def rate_limit_options(self) -> Optional[pulumi.Input['SecurityPolicyRuleRateLimitOptionsArgs']]: + """ + Must be specified if the action is "rate_based_ban" or "throttle". Cannot be specified for any other actions. + Structure is documented below. + """ + return pulumi.get(self, "rate_limit_options") + + @rate_limit_options.setter + def rate_limit_options(self, value: Optional[pulumi.Input['SecurityPolicyRuleRateLimitOptionsArgs']]): + pulumi.set(self, "rate_limit_options", value) + @property @pulumi.getter(name="securityPolicy") def security_policy(self) -> Optional[pulumi.Input[str]]: @@ -354,6 +390,7 @@ def __init__(__self__, preview: Optional[pulumi.Input[bool]] = None, priority: Optional[pulumi.Input[int]] = None, project: Optional[pulumi.Input[str]] = None, + rate_limit_options: Optional[pulumi.Input[pulumi.InputType['SecurityPolicyRuleRateLimitOptionsArgs']]] = None, security_policy: Optional[pulumi.Input[str]] = None, __props__=None): """ @@ -513,6 +550,8 @@ def __init__(__self__, Rules are evaluated from highest to lowest priority where 0 is the highest priority and 2147483647 is the lowest priority. :param pulumi.Input[str] project: The ID of the project in which the resource belongs. If it is not provided, the provider project is used. + :param pulumi.Input[pulumi.InputType['SecurityPolicyRuleRateLimitOptionsArgs']] rate_limit_options: Must be specified if the action is "rate_based_ban" or "throttle". Cannot be specified for any other actions. + Structure is documented below. :param pulumi.Input[str] security_policy: The name of the security policy this rule belongs to. @@ -682,6 +721,7 @@ def _internal_init(__self__, preview: Optional[pulumi.Input[bool]] = None, priority: Optional[pulumi.Input[int]] = None, project: Optional[pulumi.Input[str]] = None, + rate_limit_options: Optional[pulumi.Input[pulumi.InputType['SecurityPolicyRuleRateLimitOptionsArgs']]] = None, security_policy: Optional[pulumi.Input[str]] = None, __props__=None): opts = pulumi.ResourceOptions.merge(_utilities.get_resource_opts_defaults(), opts) @@ -703,6 +743,7 @@ def _internal_init(__self__, raise TypeError("Missing required property 'priority'") __props__.__dict__["priority"] = priority __props__.__dict__["project"] = project + __props__.__dict__["rate_limit_options"] = rate_limit_options if security_policy is None and not opts.urn: raise TypeError("Missing required property 'security_policy'") __props__.__dict__["security_policy"] = security_policy @@ -723,6 +764,7 @@ def get(resource_name: str, preview: Optional[pulumi.Input[bool]] = None, priority: Optional[pulumi.Input[int]] = None, project: Optional[pulumi.Input[str]] = None, + rate_limit_options: Optional[pulumi.Input[pulumi.InputType['SecurityPolicyRuleRateLimitOptionsArgs']]] = None, security_policy: Optional[pulumi.Input[str]] = None) -> 'SecurityPolicyRule': """ Get an existing SecurityPolicyRule resource's state with the given name, id, and optional extra @@ -750,6 +792,8 @@ def get(resource_name: str, Rules are evaluated from highest to lowest priority where 0 is the highest priority and 2147483647 is the lowest priority. :param pulumi.Input[str] project: The ID of the project in which the resource belongs. If it is not provided, the provider project is used. + :param pulumi.Input[pulumi.InputType['SecurityPolicyRuleRateLimitOptionsArgs']] rate_limit_options: Must be specified if the action is "rate_based_ban" or "throttle". Cannot be specified for any other actions. + Structure is documented below. :param pulumi.Input[str] security_policy: The name of the security policy this rule belongs to. @@ -766,6 +810,7 @@ def get(resource_name: str, __props__.__dict__["preview"] = preview __props__.__dict__["priority"] = priority __props__.__dict__["project"] = project + __props__.__dict__["rate_limit_options"] = rate_limit_options __props__.__dict__["security_policy"] = security_policy return SecurityPolicyRule(resource_name, opts=opts, __props__=__props__) @@ -837,6 +882,15 @@ def project(self) -> pulumi.Output[str]: """ return pulumi.get(self, "project") + @property + @pulumi.getter(name="rateLimitOptions") + def rate_limit_options(self) -> pulumi.Output[Optional['outputs.SecurityPolicyRuleRateLimitOptions']]: + """ + Must be specified if the action is "rate_based_ban" or "throttle". Cannot be specified for any other actions. + Structure is documented below. + """ + return pulumi.get(self, "rate_limit_options") + @property @pulumi.getter(name="securityPolicy") def security_policy(self) -> pulumi.Output[str]: diff --git a/sdk/python/pulumi_gcp/container/_inputs.py b/sdk/python/pulumi_gcp/container/_inputs.py index 3a3ffe84b5..d06be0cfca 100644 --- a/sdk/python/pulumi_gcp/container/_inputs.py +++ b/sdk/python/pulumi_gcp/container/_inputs.py @@ -133,6 +133,10 @@ 'ClusterNodeConfigArgs', 'ClusterNodeConfigAdvancedMachineFeaturesArgs', 'ClusterNodeConfigConfidentialNodesArgs', + 'ClusterNodeConfigContainerdConfigArgs', + 'ClusterNodeConfigContainerdConfigPrivateRegistryAccessConfigArgs', + 'ClusterNodeConfigContainerdConfigPrivateRegistryAccessConfigCertificateAuthorityDomainConfigArgs', + 'ClusterNodeConfigContainerdConfigPrivateRegistryAccessConfigCertificateAuthorityDomainConfigGcpSecretManagerCertificateConfigArgs', 'ClusterNodeConfigEffectiveTaintArgs', 'ClusterNodeConfigEphemeralStorageConfigArgs', 'ClusterNodeConfigEphemeralStorageLocalSsdConfigArgs', @@ -160,6 +164,10 @@ 'ClusterNodePoolAutoscalingArgs', 'ClusterNodePoolDefaultsArgs', 'ClusterNodePoolDefaultsNodeConfigDefaultsArgs', + 'ClusterNodePoolDefaultsNodeConfigDefaultsContainerdConfigArgs', + 'ClusterNodePoolDefaultsNodeConfigDefaultsContainerdConfigPrivateRegistryAccessConfigArgs', + 'ClusterNodePoolDefaultsNodeConfigDefaultsContainerdConfigPrivateRegistryAccessConfigCertificateAuthorityDomainConfigArgs', + 'ClusterNodePoolDefaultsNodeConfigDefaultsContainerdConfigPrivateRegistryAccessConfigCertificateAuthorityDomainConfigGcpSecretManagerCertificateConfigArgs', 'ClusterNodePoolDefaultsNodeConfigDefaultsGcfsConfigArgs', 'ClusterNodePoolManagementArgs', 'ClusterNodePoolNetworkConfigArgs', @@ -170,6 +178,10 @@ 'ClusterNodePoolNodeConfigArgs', 'ClusterNodePoolNodeConfigAdvancedMachineFeaturesArgs', 'ClusterNodePoolNodeConfigConfidentialNodesArgs', + 'ClusterNodePoolNodeConfigContainerdConfigArgs', + 'ClusterNodePoolNodeConfigContainerdConfigPrivateRegistryAccessConfigArgs', + 'ClusterNodePoolNodeConfigContainerdConfigPrivateRegistryAccessConfigCertificateAuthorityDomainConfigArgs', + 'ClusterNodePoolNodeConfigContainerdConfigPrivateRegistryAccessConfigCertificateAuthorityDomainConfigGcpSecretManagerCertificateConfigArgs', 'ClusterNodePoolNodeConfigEffectiveTaintArgs', 'ClusterNodePoolNodeConfigEphemeralStorageConfigArgs', 'ClusterNodePoolNodeConfigEphemeralStorageLocalSsdConfigArgs', @@ -223,6 +235,10 @@ 'NodePoolNodeConfigArgs', 'NodePoolNodeConfigAdvancedMachineFeaturesArgs', 'NodePoolNodeConfigConfidentialNodesArgs', + 'NodePoolNodeConfigContainerdConfigArgs', + 'NodePoolNodeConfigContainerdConfigPrivateRegistryAccessConfigArgs', + 'NodePoolNodeConfigContainerdConfigPrivateRegistryAccessConfigCertificateAuthorityDomainConfigArgs', + 'NodePoolNodeConfigContainerdConfigPrivateRegistryAccessConfigCertificateAuthorityDomainConfigGcpSecretManagerCertificateConfigArgs', 'NodePoolNodeConfigEffectiveTaintArgs', 'NodePoolNodeConfigEphemeralStorageConfigArgs', 'NodePoolNodeConfigEphemeralStorageLocalSsdConfigArgs', @@ -5717,6 +5733,7 @@ def __init__(__self__, *, advanced_machine_features: Optional[pulumi.Input['ClusterNodeConfigAdvancedMachineFeaturesArgs']] = None, boot_disk_kms_key: Optional[pulumi.Input[str]] = None, confidential_nodes: Optional[pulumi.Input['ClusterNodeConfigConfidentialNodesArgs']] = None, + containerd_config: Optional[pulumi.Input['ClusterNodeConfigContainerdConfigArgs']] = None, disk_size_gb: Optional[pulumi.Input[int]] = None, disk_type: Optional[pulumi.Input[str]] = None, effective_taints: Optional[pulumi.Input[Sequence[pulumi.Input['ClusterNodeConfigEffectiveTaintArgs']]]] = None, @@ -5758,6 +5775,7 @@ def __init__(__self__, *, advanced machine features. Structure is documented below. :param pulumi.Input[str] boot_disk_kms_key: The Customer Managed Encryption Key used to encrypt the boot disk attached to each node in the node pool. This should be of the form projects/[KEY_PROJECT_ID]/locations/[LOCATION]/keyRings/[RING_NAME]/cryptoKeys/[KEY_NAME]. For more information about protecting resources with Cloud KMS Keys please see: :param pulumi.Input['ClusterNodeConfigConfidentialNodesArgs'] confidential_nodes: Configuration for [Confidential Nodes](https://cloud.google.com/kubernetes-engine/docs/how-to/confidential-gke-nodes) feature. Structure is documented below documented below. + :param pulumi.Input['ClusterNodeConfigContainerdConfigArgs'] containerd_config: Parameters to customize containerd runtime. Structure is documented below. :param pulumi.Input[int] disk_size_gb: Size of the disk attached to each node, specified in GB. The smallest allowed disk size is 10GB. Defaults to 100GB. :param pulumi.Input[str] disk_type: Type of the disk attached to each node @@ -5858,6 +5876,8 @@ def __init__(__self__, *, pulumi.set(__self__, "boot_disk_kms_key", boot_disk_kms_key) if confidential_nodes is not None: pulumi.set(__self__, "confidential_nodes", confidential_nodes) + if containerd_config is not None: + pulumi.set(__self__, "containerd_config", containerd_config) if disk_size_gb is not None: pulumi.set(__self__, "disk_size_gb", disk_size_gb) if disk_type is not None: @@ -5968,6 +5988,18 @@ def confidential_nodes(self) -> Optional[pulumi.Input['ClusterNodeConfigConfiden def confidential_nodes(self, value: Optional[pulumi.Input['ClusterNodeConfigConfidentialNodesArgs']]): pulumi.set(self, "confidential_nodes", value) + @property + @pulumi.getter(name="containerdConfig") + def containerd_config(self) -> Optional[pulumi.Input['ClusterNodeConfigContainerdConfigArgs']]: + """ + Parameters to customize containerd runtime. Structure is documented below. + """ + return pulumi.get(self, "containerd_config") + + @containerd_config.setter + def containerd_config(self, value: Optional[pulumi.Input['ClusterNodeConfigContainerdConfigArgs']]): + pulumi.set(self, "containerd_config", value) + @property @pulumi.getter(name="diskSizeGb") def disk_size_gb(self) -> Optional[pulumi.Input[int]]: @@ -6520,6 +6552,126 @@ def enabled(self, value: pulumi.Input[bool]): pulumi.set(self, "enabled", value) +@pulumi.input_type +class ClusterNodeConfigContainerdConfigArgs: + def __init__(__self__, *, + private_registry_access_config: Optional[pulumi.Input['ClusterNodeConfigContainerdConfigPrivateRegistryAccessConfigArgs']] = None): + """ + :param pulumi.Input['ClusterNodeConfigContainerdConfigPrivateRegistryAccessConfigArgs'] private_registry_access_config: Configuration for private container registries. There are two fields in this config: + """ + if private_registry_access_config is not None: + pulumi.set(__self__, "private_registry_access_config", private_registry_access_config) + + @property + @pulumi.getter(name="privateRegistryAccessConfig") + def private_registry_access_config(self) -> Optional[pulumi.Input['ClusterNodeConfigContainerdConfigPrivateRegistryAccessConfigArgs']]: + """ + Configuration for private container registries. There are two fields in this config: + """ + return pulumi.get(self, "private_registry_access_config") + + @private_registry_access_config.setter + def private_registry_access_config(self, value: Optional[pulumi.Input['ClusterNodeConfigContainerdConfigPrivateRegistryAccessConfigArgs']]): + pulumi.set(self, "private_registry_access_config", value) + + +@pulumi.input_type +class ClusterNodeConfigContainerdConfigPrivateRegistryAccessConfigArgs: + def __init__(__self__, *, + enabled: pulumi.Input[bool], + certificate_authority_domain_configs: Optional[pulumi.Input[Sequence[pulumi.Input['ClusterNodeConfigContainerdConfigPrivateRegistryAccessConfigCertificateAuthorityDomainConfigArgs']]]] = None): + """ + :param pulumi.Input[bool] enabled: Enables private registry config. If set to false, all other fields in this object must not be set. + :param pulumi.Input[Sequence[pulumi.Input['ClusterNodeConfigContainerdConfigPrivateRegistryAccessConfigCertificateAuthorityDomainConfigArgs']]] certificate_authority_domain_configs: List of configuration objects for CA and domains. Each object identifies a certificate and its assigned domains. See [how to configure for private container registries](https://cloud.google.com/kubernetes-engine/docs/how-to/access-private-registries-private-certificates) for more detail. Example: + """ + pulumi.set(__self__, "enabled", enabled) + if certificate_authority_domain_configs is not None: + pulumi.set(__self__, "certificate_authority_domain_configs", certificate_authority_domain_configs) + + @property + @pulumi.getter + def enabled(self) -> pulumi.Input[bool]: + """ + Enables private registry config. If set to false, all other fields in this object must not be set. + """ + return pulumi.get(self, "enabled") + + @enabled.setter + def enabled(self, value: pulumi.Input[bool]): + pulumi.set(self, "enabled", value) + + @property + @pulumi.getter(name="certificateAuthorityDomainConfigs") + def certificate_authority_domain_configs(self) -> Optional[pulumi.Input[Sequence[pulumi.Input['ClusterNodeConfigContainerdConfigPrivateRegistryAccessConfigCertificateAuthorityDomainConfigArgs']]]]: + """ + List of configuration objects for CA and domains. Each object identifies a certificate and its assigned domains. See [how to configure for private container registries](https://cloud.google.com/kubernetes-engine/docs/how-to/access-private-registries-private-certificates) for more detail. Example: + """ + return pulumi.get(self, "certificate_authority_domain_configs") + + @certificate_authority_domain_configs.setter + def certificate_authority_domain_configs(self, value: Optional[pulumi.Input[Sequence[pulumi.Input['ClusterNodeConfigContainerdConfigPrivateRegistryAccessConfigCertificateAuthorityDomainConfigArgs']]]]): + pulumi.set(self, "certificate_authority_domain_configs", value) + + +@pulumi.input_type +class ClusterNodeConfigContainerdConfigPrivateRegistryAccessConfigCertificateAuthorityDomainConfigArgs: + def __init__(__self__, *, + fqdns: pulumi.Input[Sequence[pulumi.Input[str]]], + gcp_secret_manager_certificate_config: pulumi.Input['ClusterNodeConfigContainerdConfigPrivateRegistryAccessConfigCertificateAuthorityDomainConfigGcpSecretManagerCertificateConfigArgs']): + """ + :param pulumi.Input[Sequence[pulumi.Input[str]]] fqdns: List of fully-qualified-domain-names. IPv4s and port specification are supported. + :param pulumi.Input['ClusterNodeConfigContainerdConfigPrivateRegistryAccessConfigCertificateAuthorityDomainConfigGcpSecretManagerCertificateConfigArgs'] gcp_secret_manager_certificate_config: Parameters for configuring a certificate hosted in GCP SecretManager. + """ + pulumi.set(__self__, "fqdns", fqdns) + pulumi.set(__self__, "gcp_secret_manager_certificate_config", gcp_secret_manager_certificate_config) + + @property + @pulumi.getter + def fqdns(self) -> pulumi.Input[Sequence[pulumi.Input[str]]]: + """ + List of fully-qualified-domain-names. IPv4s and port specification are supported. + """ + return pulumi.get(self, "fqdns") + + @fqdns.setter + def fqdns(self, value: pulumi.Input[Sequence[pulumi.Input[str]]]): + pulumi.set(self, "fqdns", value) + + @property + @pulumi.getter(name="gcpSecretManagerCertificateConfig") + def gcp_secret_manager_certificate_config(self) -> pulumi.Input['ClusterNodeConfigContainerdConfigPrivateRegistryAccessConfigCertificateAuthorityDomainConfigGcpSecretManagerCertificateConfigArgs']: + """ + Parameters for configuring a certificate hosted in GCP SecretManager. + """ + return pulumi.get(self, "gcp_secret_manager_certificate_config") + + @gcp_secret_manager_certificate_config.setter + def gcp_secret_manager_certificate_config(self, value: pulumi.Input['ClusterNodeConfigContainerdConfigPrivateRegistryAccessConfigCertificateAuthorityDomainConfigGcpSecretManagerCertificateConfigArgs']): + pulumi.set(self, "gcp_secret_manager_certificate_config", value) + + +@pulumi.input_type +class ClusterNodeConfigContainerdConfigPrivateRegistryAccessConfigCertificateAuthorityDomainConfigGcpSecretManagerCertificateConfigArgs: + def __init__(__self__, *, + secret_uri: pulumi.Input[str]): + """ + :param pulumi.Input[str] secret_uri: URI for the secret that hosts a certificate. Must be in the format 'projects/PROJECT_NUM/secrets/SECRET_NAME/versions/VERSION_OR_LATEST'. + """ + pulumi.set(__self__, "secret_uri", secret_uri) + + @property + @pulumi.getter(name="secretUri") + def secret_uri(self) -> pulumi.Input[str]: + """ + URI for the secret that hosts a certificate. Must be in the format 'projects/PROJECT_NUM/secrets/SECRET_NAME/versions/VERSION_OR_LATEST'. + """ + return pulumi.get(self, "secret_uri") + + @secret_uri.setter + def secret_uri(self, value: pulumi.Input[str]): + pulumi.set(self, "secret_uri", value) + + @pulumi.input_type class ClusterNodeConfigEffectiveTaintArgs: def __init__(__self__, *, @@ -7851,17 +8003,33 @@ def node_config_defaults(self, value: Optional[pulumi.Input['ClusterNodePoolDefa @pulumi.input_type class ClusterNodePoolDefaultsNodeConfigDefaultsArgs: def __init__(__self__, *, + containerd_config: Optional[pulumi.Input['ClusterNodePoolDefaultsNodeConfigDefaultsContainerdConfigArgs']] = None, gcfs_config: Optional[pulumi.Input['ClusterNodePoolDefaultsNodeConfigDefaultsGcfsConfigArgs']] = None, logging_variant: Optional[pulumi.Input[str]] = None): """ + :param pulumi.Input['ClusterNodePoolDefaultsNodeConfigDefaultsContainerdConfigArgs'] containerd_config: Parameters for containerd configuration. :param pulumi.Input['ClusterNodePoolDefaultsNodeConfigDefaultsGcfsConfigArgs'] gcfs_config: The default Google Container Filesystem (GCFS) configuration at the cluster level. e.g. enable [image streaming](https://cloud.google.com/kubernetes-engine/docs/how-to/image-streaming) across all the node pools within the cluster. Structure is documented below. :param pulumi.Input[str] logging_variant: The type of logging agent that is deployed by default for newly created node pools in the cluster. Valid values include DEFAULT and MAX_THROUGHPUT. See [Increasing logging agent throughput](https://cloud.google.com/stackdriver/docs/solutions/gke/managing-logs#throughput) for more information. """ + if containerd_config is not None: + pulumi.set(__self__, "containerd_config", containerd_config) if gcfs_config is not None: pulumi.set(__self__, "gcfs_config", gcfs_config) if logging_variant is not None: pulumi.set(__self__, "logging_variant", logging_variant) + @property + @pulumi.getter(name="containerdConfig") + def containerd_config(self) -> Optional[pulumi.Input['ClusterNodePoolDefaultsNodeConfigDefaultsContainerdConfigArgs']]: + """ + Parameters for containerd configuration. + """ + return pulumi.get(self, "containerd_config") + + @containerd_config.setter + def containerd_config(self, value: Optional[pulumi.Input['ClusterNodePoolDefaultsNodeConfigDefaultsContainerdConfigArgs']]): + pulumi.set(self, "containerd_config", value) + @property @pulumi.getter(name="gcfsConfig") def gcfs_config(self) -> Optional[pulumi.Input['ClusterNodePoolDefaultsNodeConfigDefaultsGcfsConfigArgs']]: @@ -7887,6 +8055,126 @@ def logging_variant(self, value: Optional[pulumi.Input[str]]): pulumi.set(self, "logging_variant", value) +@pulumi.input_type +class ClusterNodePoolDefaultsNodeConfigDefaultsContainerdConfigArgs: + def __init__(__self__, *, + private_registry_access_config: Optional[pulumi.Input['ClusterNodePoolDefaultsNodeConfigDefaultsContainerdConfigPrivateRegistryAccessConfigArgs']] = None): + """ + :param pulumi.Input['ClusterNodePoolDefaultsNodeConfigDefaultsContainerdConfigPrivateRegistryAccessConfigArgs'] private_registry_access_config: Configuration for private container registries. There are two fields in this config: + """ + if private_registry_access_config is not None: + pulumi.set(__self__, "private_registry_access_config", private_registry_access_config) + + @property + @pulumi.getter(name="privateRegistryAccessConfig") + def private_registry_access_config(self) -> Optional[pulumi.Input['ClusterNodePoolDefaultsNodeConfigDefaultsContainerdConfigPrivateRegistryAccessConfigArgs']]: + """ + Configuration for private container registries. There are two fields in this config: + """ + return pulumi.get(self, "private_registry_access_config") + + @private_registry_access_config.setter + def private_registry_access_config(self, value: Optional[pulumi.Input['ClusterNodePoolDefaultsNodeConfigDefaultsContainerdConfigPrivateRegistryAccessConfigArgs']]): + pulumi.set(self, "private_registry_access_config", value) + + +@pulumi.input_type +class ClusterNodePoolDefaultsNodeConfigDefaultsContainerdConfigPrivateRegistryAccessConfigArgs: + def __init__(__self__, *, + enabled: pulumi.Input[bool], + certificate_authority_domain_configs: Optional[pulumi.Input[Sequence[pulumi.Input['ClusterNodePoolDefaultsNodeConfigDefaultsContainerdConfigPrivateRegistryAccessConfigCertificateAuthorityDomainConfigArgs']]]] = None): + """ + :param pulumi.Input[bool] enabled: Enables private registry config. If set to false, all other fields in this object must not be set. + :param pulumi.Input[Sequence[pulumi.Input['ClusterNodePoolDefaultsNodeConfigDefaultsContainerdConfigPrivateRegistryAccessConfigCertificateAuthorityDomainConfigArgs']]] certificate_authority_domain_configs: List of configuration objects for CA and domains. Each object identifies a certificate and its assigned domains. See [how to configure for private container registries](https://cloud.google.com/kubernetes-engine/docs/how-to/access-private-registries-private-certificates) for more detail. Example: + """ + pulumi.set(__self__, "enabled", enabled) + if certificate_authority_domain_configs is not None: + pulumi.set(__self__, "certificate_authority_domain_configs", certificate_authority_domain_configs) + + @property + @pulumi.getter + def enabled(self) -> pulumi.Input[bool]: + """ + Enables private registry config. If set to false, all other fields in this object must not be set. + """ + return pulumi.get(self, "enabled") + + @enabled.setter + def enabled(self, value: pulumi.Input[bool]): + pulumi.set(self, "enabled", value) + + @property + @pulumi.getter(name="certificateAuthorityDomainConfigs") + def certificate_authority_domain_configs(self) -> Optional[pulumi.Input[Sequence[pulumi.Input['ClusterNodePoolDefaultsNodeConfigDefaultsContainerdConfigPrivateRegistryAccessConfigCertificateAuthorityDomainConfigArgs']]]]: + """ + List of configuration objects for CA and domains. Each object identifies a certificate and its assigned domains. See [how to configure for private container registries](https://cloud.google.com/kubernetes-engine/docs/how-to/access-private-registries-private-certificates) for more detail. Example: + """ + return pulumi.get(self, "certificate_authority_domain_configs") + + @certificate_authority_domain_configs.setter + def certificate_authority_domain_configs(self, value: Optional[pulumi.Input[Sequence[pulumi.Input['ClusterNodePoolDefaultsNodeConfigDefaultsContainerdConfigPrivateRegistryAccessConfigCertificateAuthorityDomainConfigArgs']]]]): + pulumi.set(self, "certificate_authority_domain_configs", value) + + +@pulumi.input_type +class ClusterNodePoolDefaultsNodeConfigDefaultsContainerdConfigPrivateRegistryAccessConfigCertificateAuthorityDomainConfigArgs: + def __init__(__self__, *, + fqdns: pulumi.Input[Sequence[pulumi.Input[str]]], + gcp_secret_manager_certificate_config: pulumi.Input['ClusterNodePoolDefaultsNodeConfigDefaultsContainerdConfigPrivateRegistryAccessConfigCertificateAuthorityDomainConfigGcpSecretManagerCertificateConfigArgs']): + """ + :param pulumi.Input[Sequence[pulumi.Input[str]]] fqdns: List of fully-qualified-domain-names. IPv4s and port specification are supported. + :param pulumi.Input['ClusterNodePoolDefaultsNodeConfigDefaultsContainerdConfigPrivateRegistryAccessConfigCertificateAuthorityDomainConfigGcpSecretManagerCertificateConfigArgs'] gcp_secret_manager_certificate_config: Parameters for configuring a certificate hosted in GCP SecretManager. + """ + pulumi.set(__self__, "fqdns", fqdns) + pulumi.set(__self__, "gcp_secret_manager_certificate_config", gcp_secret_manager_certificate_config) + + @property + @pulumi.getter + def fqdns(self) -> pulumi.Input[Sequence[pulumi.Input[str]]]: + """ + List of fully-qualified-domain-names. IPv4s and port specification are supported. + """ + return pulumi.get(self, "fqdns") + + @fqdns.setter + def fqdns(self, value: pulumi.Input[Sequence[pulumi.Input[str]]]): + pulumi.set(self, "fqdns", value) + + @property + @pulumi.getter(name="gcpSecretManagerCertificateConfig") + def gcp_secret_manager_certificate_config(self) -> pulumi.Input['ClusterNodePoolDefaultsNodeConfigDefaultsContainerdConfigPrivateRegistryAccessConfigCertificateAuthorityDomainConfigGcpSecretManagerCertificateConfigArgs']: + """ + Parameters for configuring a certificate hosted in GCP SecretManager. + """ + return pulumi.get(self, "gcp_secret_manager_certificate_config") + + @gcp_secret_manager_certificate_config.setter + def gcp_secret_manager_certificate_config(self, value: pulumi.Input['ClusterNodePoolDefaultsNodeConfigDefaultsContainerdConfigPrivateRegistryAccessConfigCertificateAuthorityDomainConfigGcpSecretManagerCertificateConfigArgs']): + pulumi.set(self, "gcp_secret_manager_certificate_config", value) + + +@pulumi.input_type +class ClusterNodePoolDefaultsNodeConfigDefaultsContainerdConfigPrivateRegistryAccessConfigCertificateAuthorityDomainConfigGcpSecretManagerCertificateConfigArgs: + def __init__(__self__, *, + secret_uri: pulumi.Input[str]): + """ + :param pulumi.Input[str] secret_uri: URI for the secret that hosts a certificate. Must be in the format 'projects/PROJECT_NUM/secrets/SECRET_NAME/versions/VERSION_OR_LATEST'. + """ + pulumi.set(__self__, "secret_uri", secret_uri) + + @property + @pulumi.getter(name="secretUri") + def secret_uri(self) -> pulumi.Input[str]: + """ + URI for the secret that hosts a certificate. Must be in the format 'projects/PROJECT_NUM/secrets/SECRET_NAME/versions/VERSION_OR_LATEST'. + """ + return pulumi.get(self, "secret_uri") + + @secret_uri.setter + def secret_uri(self, value: pulumi.Input[str]): + pulumi.set(self, "secret_uri", value) + + @pulumi.input_type class ClusterNodePoolDefaultsNodeConfigDefaultsGcfsConfigArgs: def __init__(__self__, *, @@ -8243,6 +8531,7 @@ def __init__(__self__, *, advanced_machine_features: Optional[pulumi.Input['ClusterNodePoolNodeConfigAdvancedMachineFeaturesArgs']] = None, boot_disk_kms_key: Optional[pulumi.Input[str]] = None, confidential_nodes: Optional[pulumi.Input['ClusterNodePoolNodeConfigConfidentialNodesArgs']] = None, + containerd_config: Optional[pulumi.Input['ClusterNodePoolNodeConfigContainerdConfigArgs']] = None, disk_size_gb: Optional[pulumi.Input[int]] = None, disk_type: Optional[pulumi.Input[str]] = None, effective_taints: Optional[pulumi.Input[Sequence[pulumi.Input['ClusterNodePoolNodeConfigEffectiveTaintArgs']]]] = None, @@ -8284,6 +8573,7 @@ def __init__(__self__, *, advanced machine features. Structure is documented below. :param pulumi.Input[str] boot_disk_kms_key: The Customer Managed Encryption Key used to encrypt the boot disk attached to each node in the node pool. This should be of the form projects/[KEY_PROJECT_ID]/locations/[LOCATION]/keyRings/[RING_NAME]/cryptoKeys/[KEY_NAME]. For more information about protecting resources with Cloud KMS Keys please see: :param pulumi.Input['ClusterNodePoolNodeConfigConfidentialNodesArgs'] confidential_nodes: Configuration for [Confidential Nodes](https://cloud.google.com/kubernetes-engine/docs/how-to/confidential-gke-nodes) feature. Structure is documented below documented below. + :param pulumi.Input['ClusterNodePoolNodeConfigContainerdConfigArgs'] containerd_config: Parameters to customize containerd runtime. Structure is documented below. :param pulumi.Input[int] disk_size_gb: Size of the disk attached to each node, specified in GB. The smallest allowed disk size is 10GB. Defaults to 100GB. :param pulumi.Input[str] disk_type: Type of the disk attached to each node @@ -8384,6 +8674,8 @@ def __init__(__self__, *, pulumi.set(__self__, "boot_disk_kms_key", boot_disk_kms_key) if confidential_nodes is not None: pulumi.set(__self__, "confidential_nodes", confidential_nodes) + if containerd_config is not None: + pulumi.set(__self__, "containerd_config", containerd_config) if disk_size_gb is not None: pulumi.set(__self__, "disk_size_gb", disk_size_gb) if disk_type is not None: @@ -8494,6 +8786,18 @@ def confidential_nodes(self) -> Optional[pulumi.Input['ClusterNodePoolNodeConfig def confidential_nodes(self, value: Optional[pulumi.Input['ClusterNodePoolNodeConfigConfidentialNodesArgs']]): pulumi.set(self, "confidential_nodes", value) + @property + @pulumi.getter(name="containerdConfig") + def containerd_config(self) -> Optional[pulumi.Input['ClusterNodePoolNodeConfigContainerdConfigArgs']]: + """ + Parameters to customize containerd runtime. Structure is documented below. + """ + return pulumi.get(self, "containerd_config") + + @containerd_config.setter + def containerd_config(self, value: Optional[pulumi.Input['ClusterNodePoolNodeConfigContainerdConfigArgs']]): + pulumi.set(self, "containerd_config", value) + @property @pulumi.getter(name="diskSizeGb") def disk_size_gb(self) -> Optional[pulumi.Input[int]]: @@ -9046,6 +9350,126 @@ def enabled(self, value: pulumi.Input[bool]): pulumi.set(self, "enabled", value) +@pulumi.input_type +class ClusterNodePoolNodeConfigContainerdConfigArgs: + def __init__(__self__, *, + private_registry_access_config: Optional[pulumi.Input['ClusterNodePoolNodeConfigContainerdConfigPrivateRegistryAccessConfigArgs']] = None): + """ + :param pulumi.Input['ClusterNodePoolNodeConfigContainerdConfigPrivateRegistryAccessConfigArgs'] private_registry_access_config: Configuration for private container registries. There are two fields in this config: + """ + if private_registry_access_config is not None: + pulumi.set(__self__, "private_registry_access_config", private_registry_access_config) + + @property + @pulumi.getter(name="privateRegistryAccessConfig") + def private_registry_access_config(self) -> Optional[pulumi.Input['ClusterNodePoolNodeConfigContainerdConfigPrivateRegistryAccessConfigArgs']]: + """ + Configuration for private container registries. There are two fields in this config: + """ + return pulumi.get(self, "private_registry_access_config") + + @private_registry_access_config.setter + def private_registry_access_config(self, value: Optional[pulumi.Input['ClusterNodePoolNodeConfigContainerdConfigPrivateRegistryAccessConfigArgs']]): + pulumi.set(self, "private_registry_access_config", value) + + +@pulumi.input_type +class ClusterNodePoolNodeConfigContainerdConfigPrivateRegistryAccessConfigArgs: + def __init__(__self__, *, + enabled: pulumi.Input[bool], + certificate_authority_domain_configs: Optional[pulumi.Input[Sequence[pulumi.Input['ClusterNodePoolNodeConfigContainerdConfigPrivateRegistryAccessConfigCertificateAuthorityDomainConfigArgs']]]] = None): + """ + :param pulumi.Input[bool] enabled: Enables private registry config. If set to false, all other fields in this object must not be set. + :param pulumi.Input[Sequence[pulumi.Input['ClusterNodePoolNodeConfigContainerdConfigPrivateRegistryAccessConfigCertificateAuthorityDomainConfigArgs']]] certificate_authority_domain_configs: List of configuration objects for CA and domains. Each object identifies a certificate and its assigned domains. See [how to configure for private container registries](https://cloud.google.com/kubernetes-engine/docs/how-to/access-private-registries-private-certificates) for more detail. Example: + """ + pulumi.set(__self__, "enabled", enabled) + if certificate_authority_domain_configs is not None: + pulumi.set(__self__, "certificate_authority_domain_configs", certificate_authority_domain_configs) + + @property + @pulumi.getter + def enabled(self) -> pulumi.Input[bool]: + """ + Enables private registry config. If set to false, all other fields in this object must not be set. + """ + return pulumi.get(self, "enabled") + + @enabled.setter + def enabled(self, value: pulumi.Input[bool]): + pulumi.set(self, "enabled", value) + + @property + @pulumi.getter(name="certificateAuthorityDomainConfigs") + def certificate_authority_domain_configs(self) -> Optional[pulumi.Input[Sequence[pulumi.Input['ClusterNodePoolNodeConfigContainerdConfigPrivateRegistryAccessConfigCertificateAuthorityDomainConfigArgs']]]]: + """ + List of configuration objects for CA and domains. Each object identifies a certificate and its assigned domains. See [how to configure for private container registries](https://cloud.google.com/kubernetes-engine/docs/how-to/access-private-registries-private-certificates) for more detail. Example: + """ + return pulumi.get(self, "certificate_authority_domain_configs") + + @certificate_authority_domain_configs.setter + def certificate_authority_domain_configs(self, value: Optional[pulumi.Input[Sequence[pulumi.Input['ClusterNodePoolNodeConfigContainerdConfigPrivateRegistryAccessConfigCertificateAuthorityDomainConfigArgs']]]]): + pulumi.set(self, "certificate_authority_domain_configs", value) + + +@pulumi.input_type +class ClusterNodePoolNodeConfigContainerdConfigPrivateRegistryAccessConfigCertificateAuthorityDomainConfigArgs: + def __init__(__self__, *, + fqdns: pulumi.Input[Sequence[pulumi.Input[str]]], + gcp_secret_manager_certificate_config: pulumi.Input['ClusterNodePoolNodeConfigContainerdConfigPrivateRegistryAccessConfigCertificateAuthorityDomainConfigGcpSecretManagerCertificateConfigArgs']): + """ + :param pulumi.Input[Sequence[pulumi.Input[str]]] fqdns: List of fully-qualified-domain-names. IPv4s and port specification are supported. + :param pulumi.Input['ClusterNodePoolNodeConfigContainerdConfigPrivateRegistryAccessConfigCertificateAuthorityDomainConfigGcpSecretManagerCertificateConfigArgs'] gcp_secret_manager_certificate_config: Parameters for configuring a certificate hosted in GCP SecretManager. + """ + pulumi.set(__self__, "fqdns", fqdns) + pulumi.set(__self__, "gcp_secret_manager_certificate_config", gcp_secret_manager_certificate_config) + + @property + @pulumi.getter + def fqdns(self) -> pulumi.Input[Sequence[pulumi.Input[str]]]: + """ + List of fully-qualified-domain-names. IPv4s and port specification are supported. + """ + return pulumi.get(self, "fqdns") + + @fqdns.setter + def fqdns(self, value: pulumi.Input[Sequence[pulumi.Input[str]]]): + pulumi.set(self, "fqdns", value) + + @property + @pulumi.getter(name="gcpSecretManagerCertificateConfig") + def gcp_secret_manager_certificate_config(self) -> pulumi.Input['ClusterNodePoolNodeConfigContainerdConfigPrivateRegistryAccessConfigCertificateAuthorityDomainConfigGcpSecretManagerCertificateConfigArgs']: + """ + Parameters for configuring a certificate hosted in GCP SecretManager. + """ + return pulumi.get(self, "gcp_secret_manager_certificate_config") + + @gcp_secret_manager_certificate_config.setter + def gcp_secret_manager_certificate_config(self, value: pulumi.Input['ClusterNodePoolNodeConfigContainerdConfigPrivateRegistryAccessConfigCertificateAuthorityDomainConfigGcpSecretManagerCertificateConfigArgs']): + pulumi.set(self, "gcp_secret_manager_certificate_config", value) + + +@pulumi.input_type +class ClusterNodePoolNodeConfigContainerdConfigPrivateRegistryAccessConfigCertificateAuthorityDomainConfigGcpSecretManagerCertificateConfigArgs: + def __init__(__self__, *, + secret_uri: pulumi.Input[str]): + """ + :param pulumi.Input[str] secret_uri: URI for the secret that hosts a certificate. Must be in the format 'projects/PROJECT_NUM/secrets/SECRET_NAME/versions/VERSION_OR_LATEST'. + """ + pulumi.set(__self__, "secret_uri", secret_uri) + + @property + @pulumi.getter(name="secretUri") + def secret_uri(self) -> pulumi.Input[str]: + """ + URI for the secret that hosts a certificate. Must be in the format 'projects/PROJECT_NUM/secrets/SECRET_NAME/versions/VERSION_OR_LATEST'. + """ + return pulumi.get(self, "secret_uri") + + @secret_uri.setter + def secret_uri(self, value: pulumi.Input[str]): + pulumi.set(self, "secret_uri", value) + + @pulumi.input_type class ClusterNodePoolNodeConfigEffectiveTaintArgs: def __init__(__self__, *, @@ -11244,6 +11668,7 @@ def __init__(__self__, *, advanced_machine_features: Optional[pulumi.Input['NodePoolNodeConfigAdvancedMachineFeaturesArgs']] = None, boot_disk_kms_key: Optional[pulumi.Input[str]] = None, confidential_nodes: Optional[pulumi.Input['NodePoolNodeConfigConfidentialNodesArgs']] = None, + containerd_config: Optional[pulumi.Input['NodePoolNodeConfigContainerdConfigArgs']] = None, disk_size_gb: Optional[pulumi.Input[int]] = None, disk_type: Optional[pulumi.Input[str]] = None, effective_taints: Optional[pulumi.Input[Sequence[pulumi.Input['NodePoolNodeConfigEffectiveTaintArgs']]]] = None, @@ -11284,6 +11709,7 @@ def __init__(__self__, *, :param pulumi.Input['NodePoolNodeConfigAdvancedMachineFeaturesArgs'] advanced_machine_features: Specifies options for controlling advanced machine features. :param pulumi.Input[str] boot_disk_kms_key: The Customer Managed Encryption Key used to encrypt the boot disk attached to each node in the node pool. :param pulumi.Input['NodePoolNodeConfigConfidentialNodesArgs'] confidential_nodes: Configuration for Confidential Nodes feature. Structure is documented below. + :param pulumi.Input['NodePoolNodeConfigContainerdConfigArgs'] containerd_config: Parameters for containerd configuration. :param pulumi.Input[int] disk_size_gb: Size of the disk attached to each node, specified in GB. The smallest allowed disk size is 10GB. :param pulumi.Input[str] disk_type: Type of the disk attached to each node. Such as pd-standard, pd-balanced or pd-ssd :param pulumi.Input[Sequence[pulumi.Input['NodePoolNodeConfigEffectiveTaintArgs']]] effective_taints: List of kubernetes taints applied to each node. @@ -11327,6 +11753,8 @@ def __init__(__self__, *, pulumi.set(__self__, "boot_disk_kms_key", boot_disk_kms_key) if confidential_nodes is not None: pulumi.set(__self__, "confidential_nodes", confidential_nodes) + if containerd_config is not None: + pulumi.set(__self__, "containerd_config", containerd_config) if disk_size_gb is not None: pulumi.set(__self__, "disk_size_gb", disk_size_gb) if disk_type is not None: @@ -11436,6 +11864,18 @@ def confidential_nodes(self) -> Optional[pulumi.Input['NodePoolNodeConfigConfide def confidential_nodes(self, value: Optional[pulumi.Input['NodePoolNodeConfigConfidentialNodesArgs']]): pulumi.set(self, "confidential_nodes", value) + @property + @pulumi.getter(name="containerdConfig") + def containerd_config(self) -> Optional[pulumi.Input['NodePoolNodeConfigContainerdConfigArgs']]: + """ + Parameters for containerd configuration. + """ + return pulumi.get(self, "containerd_config") + + @containerd_config.setter + def containerd_config(self, value: Optional[pulumi.Input['NodePoolNodeConfigContainerdConfigArgs']]): + pulumi.set(self, "containerd_config", value) + @property @pulumi.getter(name="diskSizeGb") def disk_size_gb(self) -> Optional[pulumi.Input[int]]: @@ -11931,6 +12371,126 @@ def enabled(self, value: pulumi.Input[bool]): pulumi.set(self, "enabled", value) +@pulumi.input_type +class NodePoolNodeConfigContainerdConfigArgs: + def __init__(__self__, *, + private_registry_access_config: Optional[pulumi.Input['NodePoolNodeConfigContainerdConfigPrivateRegistryAccessConfigArgs']] = None): + """ + :param pulumi.Input['NodePoolNodeConfigContainerdConfigPrivateRegistryAccessConfigArgs'] private_registry_access_config: Parameters for private container registries configuration. + """ + if private_registry_access_config is not None: + pulumi.set(__self__, "private_registry_access_config", private_registry_access_config) + + @property + @pulumi.getter(name="privateRegistryAccessConfig") + def private_registry_access_config(self) -> Optional[pulumi.Input['NodePoolNodeConfigContainerdConfigPrivateRegistryAccessConfigArgs']]: + """ + Parameters for private container registries configuration. + """ + return pulumi.get(self, "private_registry_access_config") + + @private_registry_access_config.setter + def private_registry_access_config(self, value: Optional[pulumi.Input['NodePoolNodeConfigContainerdConfigPrivateRegistryAccessConfigArgs']]): + pulumi.set(self, "private_registry_access_config", value) + + +@pulumi.input_type +class NodePoolNodeConfigContainerdConfigPrivateRegistryAccessConfigArgs: + def __init__(__self__, *, + enabled: pulumi.Input[bool], + certificate_authority_domain_configs: Optional[pulumi.Input[Sequence[pulumi.Input['NodePoolNodeConfigContainerdConfigPrivateRegistryAccessConfigCertificateAuthorityDomainConfigArgs']]]] = None): + """ + :param pulumi.Input[bool] enabled: Whether or not private registries are configured. + :param pulumi.Input[Sequence[pulumi.Input['NodePoolNodeConfigContainerdConfigPrivateRegistryAccessConfigCertificateAuthorityDomainConfigArgs']]] certificate_authority_domain_configs: Parameters for configuring CA certificate and domains. + """ + pulumi.set(__self__, "enabled", enabled) + if certificate_authority_domain_configs is not None: + pulumi.set(__self__, "certificate_authority_domain_configs", certificate_authority_domain_configs) + + @property + @pulumi.getter + def enabled(self) -> pulumi.Input[bool]: + """ + Whether or not private registries are configured. + """ + return pulumi.get(self, "enabled") + + @enabled.setter + def enabled(self, value: pulumi.Input[bool]): + pulumi.set(self, "enabled", value) + + @property + @pulumi.getter(name="certificateAuthorityDomainConfigs") + def certificate_authority_domain_configs(self) -> Optional[pulumi.Input[Sequence[pulumi.Input['NodePoolNodeConfigContainerdConfigPrivateRegistryAccessConfigCertificateAuthorityDomainConfigArgs']]]]: + """ + Parameters for configuring CA certificate and domains. + """ + return pulumi.get(self, "certificate_authority_domain_configs") + + @certificate_authority_domain_configs.setter + def certificate_authority_domain_configs(self, value: Optional[pulumi.Input[Sequence[pulumi.Input['NodePoolNodeConfigContainerdConfigPrivateRegistryAccessConfigCertificateAuthorityDomainConfigArgs']]]]): + pulumi.set(self, "certificate_authority_domain_configs", value) + + +@pulumi.input_type +class NodePoolNodeConfigContainerdConfigPrivateRegistryAccessConfigCertificateAuthorityDomainConfigArgs: + def __init__(__self__, *, + fqdns: pulumi.Input[Sequence[pulumi.Input[str]]], + gcp_secret_manager_certificate_config: pulumi.Input['NodePoolNodeConfigContainerdConfigPrivateRegistryAccessConfigCertificateAuthorityDomainConfigGcpSecretManagerCertificateConfigArgs']): + """ + :param pulumi.Input[Sequence[pulumi.Input[str]]] fqdns: List of fully-qualified-domain-names. IPv4s and port specification are supported. + :param pulumi.Input['NodePoolNodeConfigContainerdConfigPrivateRegistryAccessConfigCertificateAuthorityDomainConfigGcpSecretManagerCertificateConfigArgs'] gcp_secret_manager_certificate_config: Parameters for configuring a certificate hosted in GCP SecretManager. + """ + pulumi.set(__self__, "fqdns", fqdns) + pulumi.set(__self__, "gcp_secret_manager_certificate_config", gcp_secret_manager_certificate_config) + + @property + @pulumi.getter + def fqdns(self) -> pulumi.Input[Sequence[pulumi.Input[str]]]: + """ + List of fully-qualified-domain-names. IPv4s and port specification are supported. + """ + return pulumi.get(self, "fqdns") + + @fqdns.setter + def fqdns(self, value: pulumi.Input[Sequence[pulumi.Input[str]]]): + pulumi.set(self, "fqdns", value) + + @property + @pulumi.getter(name="gcpSecretManagerCertificateConfig") + def gcp_secret_manager_certificate_config(self) -> pulumi.Input['NodePoolNodeConfigContainerdConfigPrivateRegistryAccessConfigCertificateAuthorityDomainConfigGcpSecretManagerCertificateConfigArgs']: + """ + Parameters for configuring a certificate hosted in GCP SecretManager. + """ + return pulumi.get(self, "gcp_secret_manager_certificate_config") + + @gcp_secret_manager_certificate_config.setter + def gcp_secret_manager_certificate_config(self, value: pulumi.Input['NodePoolNodeConfigContainerdConfigPrivateRegistryAccessConfigCertificateAuthorityDomainConfigGcpSecretManagerCertificateConfigArgs']): + pulumi.set(self, "gcp_secret_manager_certificate_config", value) + + +@pulumi.input_type +class NodePoolNodeConfigContainerdConfigPrivateRegistryAccessConfigCertificateAuthorityDomainConfigGcpSecretManagerCertificateConfigArgs: + def __init__(__self__, *, + secret_uri: pulumi.Input[str]): + """ + :param pulumi.Input[str] secret_uri: URI for the secret that hosts a certificate. Must be in the format 'projects/PROJECT_NUM/secrets/SECRET_NAME/versions/VERSION_OR_LATEST'. + """ + pulumi.set(__self__, "secret_uri", secret_uri) + + @property + @pulumi.getter(name="secretUri") + def secret_uri(self) -> pulumi.Input[str]: + """ + URI for the secret that hosts a certificate. Must be in the format 'projects/PROJECT_NUM/secrets/SECRET_NAME/versions/VERSION_OR_LATEST'. + """ + return pulumi.get(self, "secret_uri") + + @secret_uri.setter + def secret_uri(self, value: pulumi.Input[str]): + pulumi.set(self, "secret_uri", value) + + @pulumi.input_type class NodePoolNodeConfigEffectiveTaintArgs: def __init__(__self__, *, diff --git a/sdk/python/pulumi_gcp/container/outputs.py b/sdk/python/pulumi_gcp/container/outputs.py index dca7af4d81..8c3f62a4eb 100644 --- a/sdk/python/pulumi_gcp/container/outputs.py +++ b/sdk/python/pulumi_gcp/container/outputs.py @@ -134,6 +134,10 @@ 'ClusterNodeConfig', 'ClusterNodeConfigAdvancedMachineFeatures', 'ClusterNodeConfigConfidentialNodes', + 'ClusterNodeConfigContainerdConfig', + 'ClusterNodeConfigContainerdConfigPrivateRegistryAccessConfig', + 'ClusterNodeConfigContainerdConfigPrivateRegistryAccessConfigCertificateAuthorityDomainConfig', + 'ClusterNodeConfigContainerdConfigPrivateRegistryAccessConfigCertificateAuthorityDomainConfigGcpSecretManagerCertificateConfig', 'ClusterNodeConfigEffectiveTaint', 'ClusterNodeConfigEphemeralStorageConfig', 'ClusterNodeConfigEphemeralStorageLocalSsdConfig', @@ -161,6 +165,10 @@ 'ClusterNodePoolAutoscaling', 'ClusterNodePoolDefaults', 'ClusterNodePoolDefaultsNodeConfigDefaults', + 'ClusterNodePoolDefaultsNodeConfigDefaultsContainerdConfig', + 'ClusterNodePoolDefaultsNodeConfigDefaultsContainerdConfigPrivateRegistryAccessConfig', + 'ClusterNodePoolDefaultsNodeConfigDefaultsContainerdConfigPrivateRegistryAccessConfigCertificateAuthorityDomainConfig', + 'ClusterNodePoolDefaultsNodeConfigDefaultsContainerdConfigPrivateRegistryAccessConfigCertificateAuthorityDomainConfigGcpSecretManagerCertificateConfig', 'ClusterNodePoolDefaultsNodeConfigDefaultsGcfsConfig', 'ClusterNodePoolManagement', 'ClusterNodePoolNetworkConfig', @@ -171,6 +179,10 @@ 'ClusterNodePoolNodeConfig', 'ClusterNodePoolNodeConfigAdvancedMachineFeatures', 'ClusterNodePoolNodeConfigConfidentialNodes', + 'ClusterNodePoolNodeConfigContainerdConfig', + 'ClusterNodePoolNodeConfigContainerdConfigPrivateRegistryAccessConfig', + 'ClusterNodePoolNodeConfigContainerdConfigPrivateRegistryAccessConfigCertificateAuthorityDomainConfig', + 'ClusterNodePoolNodeConfigContainerdConfigPrivateRegistryAccessConfigCertificateAuthorityDomainConfigGcpSecretManagerCertificateConfig', 'ClusterNodePoolNodeConfigEffectiveTaint', 'ClusterNodePoolNodeConfigEphemeralStorageConfig', 'ClusterNodePoolNodeConfigEphemeralStorageLocalSsdConfig', @@ -224,6 +236,10 @@ 'NodePoolNodeConfig', 'NodePoolNodeConfigAdvancedMachineFeatures', 'NodePoolNodeConfigConfidentialNodes', + 'NodePoolNodeConfigContainerdConfig', + 'NodePoolNodeConfigContainerdConfigPrivateRegistryAccessConfig', + 'NodePoolNodeConfigContainerdConfigPrivateRegistryAccessConfigCertificateAuthorityDomainConfig', + 'NodePoolNodeConfigContainerdConfigPrivateRegistryAccessConfigCertificateAuthorityDomainConfigGcpSecretManagerCertificateConfig', 'NodePoolNodeConfigEffectiveTaint', 'NodePoolNodeConfigEphemeralStorageConfig', 'NodePoolNodeConfigEphemeralStorageLocalSsdConfig', @@ -306,6 +322,10 @@ 'GetClusterNodeConfigResult', 'GetClusterNodeConfigAdvancedMachineFeatureResult', 'GetClusterNodeConfigConfidentialNodeResult', + 'GetClusterNodeConfigContainerdConfigResult', + 'GetClusterNodeConfigContainerdConfigPrivateRegistryAccessConfigResult', + 'GetClusterNodeConfigContainerdConfigPrivateRegistryAccessConfigCertificateAuthorityDomainConfigResult', + 'GetClusterNodeConfigContainerdConfigPrivateRegistryAccessConfigCertificateAuthorityDomainConfigGcpSecretManagerCertificateConfigResult', 'GetClusterNodeConfigEffectiveTaintResult', 'GetClusterNodeConfigEphemeralStorageConfigResult', 'GetClusterNodeConfigEphemeralStorageLocalSsdConfigResult', @@ -333,6 +353,10 @@ 'GetClusterNodePoolAutoscalingResult', 'GetClusterNodePoolDefaultResult', 'GetClusterNodePoolDefaultNodeConfigDefaultResult', + 'GetClusterNodePoolDefaultNodeConfigDefaultContainerdConfigResult', + 'GetClusterNodePoolDefaultNodeConfigDefaultContainerdConfigPrivateRegistryAccessConfigResult', + 'GetClusterNodePoolDefaultNodeConfigDefaultContainerdConfigPrivateRegistryAccessConfigCertificateAuthorityDomainConfigResult', + 'GetClusterNodePoolDefaultNodeConfigDefaultContainerdConfigPrivateRegistryAccessConfigCertificateAuthorityDomainConfigGcpSecretManagerCertificateConfigResult', 'GetClusterNodePoolDefaultNodeConfigDefaultGcfsConfigResult', 'GetClusterNodePoolManagementResult', 'GetClusterNodePoolNetworkConfigResult', @@ -343,6 +367,10 @@ 'GetClusterNodePoolNodeConfigResult', 'GetClusterNodePoolNodeConfigAdvancedMachineFeatureResult', 'GetClusterNodePoolNodeConfigConfidentialNodeResult', + 'GetClusterNodePoolNodeConfigContainerdConfigResult', + 'GetClusterNodePoolNodeConfigContainerdConfigPrivateRegistryAccessConfigResult', + 'GetClusterNodePoolNodeConfigContainerdConfigPrivateRegistryAccessConfigCertificateAuthorityDomainConfigResult', + 'GetClusterNodePoolNodeConfigContainerdConfigPrivateRegistryAccessConfigCertificateAuthorityDomainConfigGcpSecretManagerCertificateConfigResult', 'GetClusterNodePoolNodeConfigEffectiveTaintResult', 'GetClusterNodePoolNodeConfigEphemeralStorageConfigResult', 'GetClusterNodePoolNodeConfigEphemeralStorageLocalSsdConfigResult', @@ -6413,6 +6441,8 @@ def __key_warning(key: str): suggest = "boot_disk_kms_key" elif key == "confidentialNodes": suggest = "confidential_nodes" + elif key == "containerdConfig": + suggest = "containerd_config" elif key == "diskSizeGb": suggest = "disk_size_gb" elif key == "diskType": @@ -6487,6 +6517,7 @@ def __init__(__self__, *, advanced_machine_features: Optional['outputs.ClusterNodeConfigAdvancedMachineFeatures'] = None, boot_disk_kms_key: Optional[str] = None, confidential_nodes: Optional['outputs.ClusterNodeConfigConfidentialNodes'] = None, + containerd_config: Optional['outputs.ClusterNodeConfigContainerdConfig'] = None, disk_size_gb: Optional[int] = None, disk_type: Optional[str] = None, effective_taints: Optional[Sequence['outputs.ClusterNodeConfigEffectiveTaint']] = None, @@ -6528,6 +6559,7 @@ def __init__(__self__, *, advanced machine features. Structure is documented below. :param str boot_disk_kms_key: The Customer Managed Encryption Key used to encrypt the boot disk attached to each node in the node pool. This should be of the form projects/[KEY_PROJECT_ID]/locations/[LOCATION]/keyRings/[RING_NAME]/cryptoKeys/[KEY_NAME]. For more information about protecting resources with Cloud KMS Keys please see: :param 'ClusterNodeConfigConfidentialNodesArgs' confidential_nodes: Configuration for [Confidential Nodes](https://cloud.google.com/kubernetes-engine/docs/how-to/confidential-gke-nodes) feature. Structure is documented below documented below. + :param 'ClusterNodeConfigContainerdConfigArgs' containerd_config: Parameters to customize containerd runtime. Structure is documented below. :param int disk_size_gb: Size of the disk attached to each node, specified in GB. The smallest allowed disk size is 10GB. Defaults to 100GB. :param str disk_type: Type of the disk attached to each node @@ -6628,6 +6660,8 @@ def __init__(__self__, *, pulumi.set(__self__, "boot_disk_kms_key", boot_disk_kms_key) if confidential_nodes is not None: pulumi.set(__self__, "confidential_nodes", confidential_nodes) + if containerd_config is not None: + pulumi.set(__self__, "containerd_config", containerd_config) if disk_size_gb is not None: pulumi.set(__self__, "disk_size_gb", disk_size_gb) if disk_type is not None: @@ -6726,6 +6760,14 @@ def confidential_nodes(self) -> Optional['outputs.ClusterNodeConfigConfidentialN """ return pulumi.get(self, "confidential_nodes") + @property + @pulumi.getter(name="containerdConfig") + def containerd_config(self) -> Optional['outputs.ClusterNodeConfigContainerdConfig']: + """ + Parameters to customize containerd runtime. Structure is documented below. + """ + return pulumi.get(self, "containerd_config") + @property @pulumi.getter(name="diskSizeGb") def disk_size_gb(self) -> Optional[int]: @@ -7141,6 +7183,170 @@ def enabled(self) -> bool: return pulumi.get(self, "enabled") +@pulumi.output_type +class ClusterNodeConfigContainerdConfig(dict): + @staticmethod + def __key_warning(key: str): + suggest = None + if key == "privateRegistryAccessConfig": + suggest = "private_registry_access_config" + + if suggest: + pulumi.log.warn(f"Key '{key}' not found in ClusterNodeConfigContainerdConfig. Access the value via the '{suggest}' property getter instead.") + + def __getitem__(self, key: str) -> Any: + ClusterNodeConfigContainerdConfig.__key_warning(key) + return super().__getitem__(key) + + def get(self, key: str, default = None) -> Any: + ClusterNodeConfigContainerdConfig.__key_warning(key) + return super().get(key, default) + + def __init__(__self__, *, + private_registry_access_config: Optional['outputs.ClusterNodeConfigContainerdConfigPrivateRegistryAccessConfig'] = None): + """ + :param 'ClusterNodeConfigContainerdConfigPrivateRegistryAccessConfigArgs' private_registry_access_config: Configuration for private container registries. There are two fields in this config: + """ + if private_registry_access_config is not None: + pulumi.set(__self__, "private_registry_access_config", private_registry_access_config) + + @property + @pulumi.getter(name="privateRegistryAccessConfig") + def private_registry_access_config(self) -> Optional['outputs.ClusterNodeConfigContainerdConfigPrivateRegistryAccessConfig']: + """ + Configuration for private container registries. There are two fields in this config: + """ + return pulumi.get(self, "private_registry_access_config") + + +@pulumi.output_type +class ClusterNodeConfigContainerdConfigPrivateRegistryAccessConfig(dict): + @staticmethod + def __key_warning(key: str): + suggest = None + if key == "certificateAuthorityDomainConfigs": + suggest = "certificate_authority_domain_configs" + + if suggest: + pulumi.log.warn(f"Key '{key}' not found in ClusterNodeConfigContainerdConfigPrivateRegistryAccessConfig. Access the value via the '{suggest}' property getter instead.") + + def __getitem__(self, key: str) -> Any: + ClusterNodeConfigContainerdConfigPrivateRegistryAccessConfig.__key_warning(key) + return super().__getitem__(key) + + def get(self, key: str, default = None) -> Any: + ClusterNodeConfigContainerdConfigPrivateRegistryAccessConfig.__key_warning(key) + return super().get(key, default) + + def __init__(__self__, *, + enabled: bool, + certificate_authority_domain_configs: Optional[Sequence['outputs.ClusterNodeConfigContainerdConfigPrivateRegistryAccessConfigCertificateAuthorityDomainConfig']] = None): + """ + :param bool enabled: Enables private registry config. If set to false, all other fields in this object must not be set. + :param Sequence['ClusterNodeConfigContainerdConfigPrivateRegistryAccessConfigCertificateAuthorityDomainConfigArgs'] certificate_authority_domain_configs: List of configuration objects for CA and domains. Each object identifies a certificate and its assigned domains. See [how to configure for private container registries](https://cloud.google.com/kubernetes-engine/docs/how-to/access-private-registries-private-certificates) for more detail. Example: + """ + pulumi.set(__self__, "enabled", enabled) + if certificate_authority_domain_configs is not None: + pulumi.set(__self__, "certificate_authority_domain_configs", certificate_authority_domain_configs) + + @property + @pulumi.getter + def enabled(self) -> bool: + """ + Enables private registry config. If set to false, all other fields in this object must not be set. + """ + return pulumi.get(self, "enabled") + + @property + @pulumi.getter(name="certificateAuthorityDomainConfigs") + def certificate_authority_domain_configs(self) -> Optional[Sequence['outputs.ClusterNodeConfigContainerdConfigPrivateRegistryAccessConfigCertificateAuthorityDomainConfig']]: + """ + List of configuration objects for CA and domains. Each object identifies a certificate and its assigned domains. See [how to configure for private container registries](https://cloud.google.com/kubernetes-engine/docs/how-to/access-private-registries-private-certificates) for more detail. Example: + """ + return pulumi.get(self, "certificate_authority_domain_configs") + + +@pulumi.output_type +class ClusterNodeConfigContainerdConfigPrivateRegistryAccessConfigCertificateAuthorityDomainConfig(dict): + @staticmethod + def __key_warning(key: str): + suggest = None + if key == "gcpSecretManagerCertificateConfig": + suggest = "gcp_secret_manager_certificate_config" + + if suggest: + pulumi.log.warn(f"Key '{key}' not found in ClusterNodeConfigContainerdConfigPrivateRegistryAccessConfigCertificateAuthorityDomainConfig. Access the value via the '{suggest}' property getter instead.") + + def __getitem__(self, key: str) -> Any: + ClusterNodeConfigContainerdConfigPrivateRegistryAccessConfigCertificateAuthorityDomainConfig.__key_warning(key) + return super().__getitem__(key) + + def get(self, key: str, default = None) -> Any: + ClusterNodeConfigContainerdConfigPrivateRegistryAccessConfigCertificateAuthorityDomainConfig.__key_warning(key) + return super().get(key, default) + + def __init__(__self__, *, + fqdns: Sequence[str], + gcp_secret_manager_certificate_config: 'outputs.ClusterNodeConfigContainerdConfigPrivateRegistryAccessConfigCertificateAuthorityDomainConfigGcpSecretManagerCertificateConfig'): + """ + :param Sequence[str] fqdns: List of fully-qualified-domain-names. IPv4s and port specification are supported. + :param 'ClusterNodeConfigContainerdConfigPrivateRegistryAccessConfigCertificateAuthorityDomainConfigGcpSecretManagerCertificateConfigArgs' gcp_secret_manager_certificate_config: Parameters for configuring a certificate hosted in GCP SecretManager. + """ + pulumi.set(__self__, "fqdns", fqdns) + pulumi.set(__self__, "gcp_secret_manager_certificate_config", gcp_secret_manager_certificate_config) + + @property + @pulumi.getter + def fqdns(self) -> Sequence[str]: + """ + List of fully-qualified-domain-names. IPv4s and port specification are supported. + """ + return pulumi.get(self, "fqdns") + + @property + @pulumi.getter(name="gcpSecretManagerCertificateConfig") + def gcp_secret_manager_certificate_config(self) -> 'outputs.ClusterNodeConfigContainerdConfigPrivateRegistryAccessConfigCertificateAuthorityDomainConfigGcpSecretManagerCertificateConfig': + """ + Parameters for configuring a certificate hosted in GCP SecretManager. + """ + return pulumi.get(self, "gcp_secret_manager_certificate_config") + + +@pulumi.output_type +class ClusterNodeConfigContainerdConfigPrivateRegistryAccessConfigCertificateAuthorityDomainConfigGcpSecretManagerCertificateConfig(dict): + @staticmethod + def __key_warning(key: str): + suggest = None + if key == "secretUri": + suggest = "secret_uri" + + if suggest: + pulumi.log.warn(f"Key '{key}' not found in ClusterNodeConfigContainerdConfigPrivateRegistryAccessConfigCertificateAuthorityDomainConfigGcpSecretManagerCertificateConfig. Access the value via the '{suggest}' property getter instead.") + + def __getitem__(self, key: str) -> Any: + ClusterNodeConfigContainerdConfigPrivateRegistryAccessConfigCertificateAuthorityDomainConfigGcpSecretManagerCertificateConfig.__key_warning(key) + return super().__getitem__(key) + + def get(self, key: str, default = None) -> Any: + ClusterNodeConfigContainerdConfigPrivateRegistryAccessConfigCertificateAuthorityDomainConfigGcpSecretManagerCertificateConfig.__key_warning(key) + return super().get(key, default) + + def __init__(__self__, *, + secret_uri: str): + """ + :param str secret_uri: URI for the secret that hosts a certificate. Must be in the format 'projects/PROJECT_NUM/secrets/SECRET_NAME/versions/VERSION_OR_LATEST'. + """ + pulumi.set(__self__, "secret_uri", secret_uri) + + @property + @pulumi.getter(name="secretUri") + def secret_uri(self) -> str: + """ + URI for the secret that hosts a certificate. Must be in the format 'projects/PROJECT_NUM/secrets/SECRET_NAME/versions/VERSION_OR_LATEST'. + """ + return pulumi.get(self, "secret_uri") + + @pulumi.output_type class ClusterNodeConfigEffectiveTaint(dict): def __init__(__self__, *, @@ -8566,7 +8772,9 @@ class ClusterNodePoolDefaultsNodeConfigDefaults(dict): @staticmethod def __key_warning(key: str): suggest = None - if key == "gcfsConfig": + if key == "containerdConfig": + suggest = "containerd_config" + elif key == "gcfsConfig": suggest = "gcfs_config" elif key == "loggingVariant": suggest = "logging_variant" @@ -8583,17 +8791,29 @@ def get(self, key: str, default = None) -> Any: return super().get(key, default) def __init__(__self__, *, + containerd_config: Optional['outputs.ClusterNodePoolDefaultsNodeConfigDefaultsContainerdConfig'] = None, gcfs_config: Optional['outputs.ClusterNodePoolDefaultsNodeConfigDefaultsGcfsConfig'] = None, logging_variant: Optional[str] = None): """ + :param 'ClusterNodePoolDefaultsNodeConfigDefaultsContainerdConfigArgs' containerd_config: Parameters for containerd configuration. :param 'ClusterNodePoolDefaultsNodeConfigDefaultsGcfsConfigArgs' gcfs_config: The default Google Container Filesystem (GCFS) configuration at the cluster level. e.g. enable [image streaming](https://cloud.google.com/kubernetes-engine/docs/how-to/image-streaming) across all the node pools within the cluster. Structure is documented below. :param str logging_variant: The type of logging agent that is deployed by default for newly created node pools in the cluster. Valid values include DEFAULT and MAX_THROUGHPUT. See [Increasing logging agent throughput](https://cloud.google.com/stackdriver/docs/solutions/gke/managing-logs#throughput) for more information. """ + if containerd_config is not None: + pulumi.set(__self__, "containerd_config", containerd_config) if gcfs_config is not None: pulumi.set(__self__, "gcfs_config", gcfs_config) if logging_variant is not None: pulumi.set(__self__, "logging_variant", logging_variant) + @property + @pulumi.getter(name="containerdConfig") + def containerd_config(self) -> Optional['outputs.ClusterNodePoolDefaultsNodeConfigDefaultsContainerdConfig']: + """ + Parameters for containerd configuration. + """ + return pulumi.get(self, "containerd_config") + @property @pulumi.getter(name="gcfsConfig") def gcfs_config(self) -> Optional['outputs.ClusterNodePoolDefaultsNodeConfigDefaultsGcfsConfig']: @@ -8611,6 +8831,170 @@ def logging_variant(self) -> Optional[str]: return pulumi.get(self, "logging_variant") +@pulumi.output_type +class ClusterNodePoolDefaultsNodeConfigDefaultsContainerdConfig(dict): + @staticmethod + def __key_warning(key: str): + suggest = None + if key == "privateRegistryAccessConfig": + suggest = "private_registry_access_config" + + if suggest: + pulumi.log.warn(f"Key '{key}' not found in ClusterNodePoolDefaultsNodeConfigDefaultsContainerdConfig. Access the value via the '{suggest}' property getter instead.") + + def __getitem__(self, key: str) -> Any: + ClusterNodePoolDefaultsNodeConfigDefaultsContainerdConfig.__key_warning(key) + return super().__getitem__(key) + + def get(self, key: str, default = None) -> Any: + ClusterNodePoolDefaultsNodeConfigDefaultsContainerdConfig.__key_warning(key) + return super().get(key, default) + + def __init__(__self__, *, + private_registry_access_config: Optional['outputs.ClusterNodePoolDefaultsNodeConfigDefaultsContainerdConfigPrivateRegistryAccessConfig'] = None): + """ + :param 'ClusterNodePoolDefaultsNodeConfigDefaultsContainerdConfigPrivateRegistryAccessConfigArgs' private_registry_access_config: Configuration for private container registries. There are two fields in this config: + """ + if private_registry_access_config is not None: + pulumi.set(__self__, "private_registry_access_config", private_registry_access_config) + + @property + @pulumi.getter(name="privateRegistryAccessConfig") + def private_registry_access_config(self) -> Optional['outputs.ClusterNodePoolDefaultsNodeConfigDefaultsContainerdConfigPrivateRegistryAccessConfig']: + """ + Configuration for private container registries. There are two fields in this config: + """ + return pulumi.get(self, "private_registry_access_config") + + +@pulumi.output_type +class ClusterNodePoolDefaultsNodeConfigDefaultsContainerdConfigPrivateRegistryAccessConfig(dict): + @staticmethod + def __key_warning(key: str): + suggest = None + if key == "certificateAuthorityDomainConfigs": + suggest = "certificate_authority_domain_configs" + + if suggest: + pulumi.log.warn(f"Key '{key}' not found in ClusterNodePoolDefaultsNodeConfigDefaultsContainerdConfigPrivateRegistryAccessConfig. Access the value via the '{suggest}' property getter instead.") + + def __getitem__(self, key: str) -> Any: + ClusterNodePoolDefaultsNodeConfigDefaultsContainerdConfigPrivateRegistryAccessConfig.__key_warning(key) + return super().__getitem__(key) + + def get(self, key: str, default = None) -> Any: + ClusterNodePoolDefaultsNodeConfigDefaultsContainerdConfigPrivateRegistryAccessConfig.__key_warning(key) + return super().get(key, default) + + def __init__(__self__, *, + enabled: bool, + certificate_authority_domain_configs: Optional[Sequence['outputs.ClusterNodePoolDefaultsNodeConfigDefaultsContainerdConfigPrivateRegistryAccessConfigCertificateAuthorityDomainConfig']] = None): + """ + :param bool enabled: Enables private registry config. If set to false, all other fields in this object must not be set. + :param Sequence['ClusterNodePoolDefaultsNodeConfigDefaultsContainerdConfigPrivateRegistryAccessConfigCertificateAuthorityDomainConfigArgs'] certificate_authority_domain_configs: List of configuration objects for CA and domains. Each object identifies a certificate and its assigned domains. See [how to configure for private container registries](https://cloud.google.com/kubernetes-engine/docs/how-to/access-private-registries-private-certificates) for more detail. Example: + """ + pulumi.set(__self__, "enabled", enabled) + if certificate_authority_domain_configs is not None: + pulumi.set(__self__, "certificate_authority_domain_configs", certificate_authority_domain_configs) + + @property + @pulumi.getter + def enabled(self) -> bool: + """ + Enables private registry config. If set to false, all other fields in this object must not be set. + """ + return pulumi.get(self, "enabled") + + @property + @pulumi.getter(name="certificateAuthorityDomainConfigs") + def certificate_authority_domain_configs(self) -> Optional[Sequence['outputs.ClusterNodePoolDefaultsNodeConfigDefaultsContainerdConfigPrivateRegistryAccessConfigCertificateAuthorityDomainConfig']]: + """ + List of configuration objects for CA and domains. Each object identifies a certificate and its assigned domains. See [how to configure for private container registries](https://cloud.google.com/kubernetes-engine/docs/how-to/access-private-registries-private-certificates) for more detail. Example: + """ + return pulumi.get(self, "certificate_authority_domain_configs") + + +@pulumi.output_type +class ClusterNodePoolDefaultsNodeConfigDefaultsContainerdConfigPrivateRegistryAccessConfigCertificateAuthorityDomainConfig(dict): + @staticmethod + def __key_warning(key: str): + suggest = None + if key == "gcpSecretManagerCertificateConfig": + suggest = "gcp_secret_manager_certificate_config" + + if suggest: + pulumi.log.warn(f"Key '{key}' not found in ClusterNodePoolDefaultsNodeConfigDefaultsContainerdConfigPrivateRegistryAccessConfigCertificateAuthorityDomainConfig. Access the value via the '{suggest}' property getter instead.") + + def __getitem__(self, key: str) -> Any: + ClusterNodePoolDefaultsNodeConfigDefaultsContainerdConfigPrivateRegistryAccessConfigCertificateAuthorityDomainConfig.__key_warning(key) + return super().__getitem__(key) + + def get(self, key: str, default = None) -> Any: + ClusterNodePoolDefaultsNodeConfigDefaultsContainerdConfigPrivateRegistryAccessConfigCertificateAuthorityDomainConfig.__key_warning(key) + return super().get(key, default) + + def __init__(__self__, *, + fqdns: Sequence[str], + gcp_secret_manager_certificate_config: 'outputs.ClusterNodePoolDefaultsNodeConfigDefaultsContainerdConfigPrivateRegistryAccessConfigCertificateAuthorityDomainConfigGcpSecretManagerCertificateConfig'): + """ + :param Sequence[str] fqdns: List of fully-qualified-domain-names. IPv4s and port specification are supported. + :param 'ClusterNodePoolDefaultsNodeConfigDefaultsContainerdConfigPrivateRegistryAccessConfigCertificateAuthorityDomainConfigGcpSecretManagerCertificateConfigArgs' gcp_secret_manager_certificate_config: Parameters for configuring a certificate hosted in GCP SecretManager. + """ + pulumi.set(__self__, "fqdns", fqdns) + pulumi.set(__self__, "gcp_secret_manager_certificate_config", gcp_secret_manager_certificate_config) + + @property + @pulumi.getter + def fqdns(self) -> Sequence[str]: + """ + List of fully-qualified-domain-names. IPv4s and port specification are supported. + """ + return pulumi.get(self, "fqdns") + + @property + @pulumi.getter(name="gcpSecretManagerCertificateConfig") + def gcp_secret_manager_certificate_config(self) -> 'outputs.ClusterNodePoolDefaultsNodeConfigDefaultsContainerdConfigPrivateRegistryAccessConfigCertificateAuthorityDomainConfigGcpSecretManagerCertificateConfig': + """ + Parameters for configuring a certificate hosted in GCP SecretManager. + """ + return pulumi.get(self, "gcp_secret_manager_certificate_config") + + +@pulumi.output_type +class ClusterNodePoolDefaultsNodeConfigDefaultsContainerdConfigPrivateRegistryAccessConfigCertificateAuthorityDomainConfigGcpSecretManagerCertificateConfig(dict): + @staticmethod + def __key_warning(key: str): + suggest = None + if key == "secretUri": + suggest = "secret_uri" + + if suggest: + pulumi.log.warn(f"Key '{key}' not found in ClusterNodePoolDefaultsNodeConfigDefaultsContainerdConfigPrivateRegistryAccessConfigCertificateAuthorityDomainConfigGcpSecretManagerCertificateConfig. Access the value via the '{suggest}' property getter instead.") + + def __getitem__(self, key: str) -> Any: + ClusterNodePoolDefaultsNodeConfigDefaultsContainerdConfigPrivateRegistryAccessConfigCertificateAuthorityDomainConfigGcpSecretManagerCertificateConfig.__key_warning(key) + return super().__getitem__(key) + + def get(self, key: str, default = None) -> Any: + ClusterNodePoolDefaultsNodeConfigDefaultsContainerdConfigPrivateRegistryAccessConfigCertificateAuthorityDomainConfigGcpSecretManagerCertificateConfig.__key_warning(key) + return super().get(key, default) + + def __init__(__self__, *, + secret_uri: str): + """ + :param str secret_uri: URI for the secret that hosts a certificate. Must be in the format 'projects/PROJECT_NUM/secrets/SECRET_NAME/versions/VERSION_OR_LATEST'. + """ + pulumi.set(__self__, "secret_uri", secret_uri) + + @property + @pulumi.getter(name="secretUri") + def secret_uri(self) -> str: + """ + URI for the secret that hosts a certificate. Must be in the format 'projects/PROJECT_NUM/secrets/SECRET_NAME/versions/VERSION_OR_LATEST'. + """ + return pulumi.get(self, "secret_uri") + + @pulumi.output_type class ClusterNodePoolDefaultsNodeConfigDefaultsGcfsConfig(dict): def __init__(__self__, *, @@ -8986,6 +9370,8 @@ def __key_warning(key: str): suggest = "boot_disk_kms_key" elif key == "confidentialNodes": suggest = "confidential_nodes" + elif key == "containerdConfig": + suggest = "containerd_config" elif key == "diskSizeGb": suggest = "disk_size_gb" elif key == "diskType": @@ -9060,6 +9446,7 @@ def __init__(__self__, *, advanced_machine_features: Optional['outputs.ClusterNodePoolNodeConfigAdvancedMachineFeatures'] = None, boot_disk_kms_key: Optional[str] = None, confidential_nodes: Optional['outputs.ClusterNodePoolNodeConfigConfidentialNodes'] = None, + containerd_config: Optional['outputs.ClusterNodePoolNodeConfigContainerdConfig'] = None, disk_size_gb: Optional[int] = None, disk_type: Optional[str] = None, effective_taints: Optional[Sequence['outputs.ClusterNodePoolNodeConfigEffectiveTaint']] = None, @@ -9101,6 +9488,7 @@ def __init__(__self__, *, advanced machine features. Structure is documented below. :param str boot_disk_kms_key: The Customer Managed Encryption Key used to encrypt the boot disk attached to each node in the node pool. This should be of the form projects/[KEY_PROJECT_ID]/locations/[LOCATION]/keyRings/[RING_NAME]/cryptoKeys/[KEY_NAME]. For more information about protecting resources with Cloud KMS Keys please see: :param 'ClusterNodePoolNodeConfigConfidentialNodesArgs' confidential_nodes: Configuration for [Confidential Nodes](https://cloud.google.com/kubernetes-engine/docs/how-to/confidential-gke-nodes) feature. Structure is documented below documented below. + :param 'ClusterNodePoolNodeConfigContainerdConfigArgs' containerd_config: Parameters to customize containerd runtime. Structure is documented below. :param int disk_size_gb: Size of the disk attached to each node, specified in GB. The smallest allowed disk size is 10GB. Defaults to 100GB. :param str disk_type: Type of the disk attached to each node @@ -9201,6 +9589,8 @@ def __init__(__self__, *, pulumi.set(__self__, "boot_disk_kms_key", boot_disk_kms_key) if confidential_nodes is not None: pulumi.set(__self__, "confidential_nodes", confidential_nodes) + if containerd_config is not None: + pulumi.set(__self__, "containerd_config", containerd_config) if disk_size_gb is not None: pulumi.set(__self__, "disk_size_gb", disk_size_gb) if disk_type is not None: @@ -9299,6 +9689,14 @@ def confidential_nodes(self) -> Optional['outputs.ClusterNodePoolNodeConfigConfi """ return pulumi.get(self, "confidential_nodes") + @property + @pulumi.getter(name="containerdConfig") + def containerd_config(self) -> Optional['outputs.ClusterNodePoolNodeConfigContainerdConfig']: + """ + Parameters to customize containerd runtime. Structure is documented below. + """ + return pulumi.get(self, "containerd_config") + @property @pulumi.getter(name="diskSizeGb") def disk_size_gb(self) -> Optional[int]: @@ -9714,6 +10112,170 @@ def enabled(self) -> bool: return pulumi.get(self, "enabled") +@pulumi.output_type +class ClusterNodePoolNodeConfigContainerdConfig(dict): + @staticmethod + def __key_warning(key: str): + suggest = None + if key == "privateRegistryAccessConfig": + suggest = "private_registry_access_config" + + if suggest: + pulumi.log.warn(f"Key '{key}' not found in ClusterNodePoolNodeConfigContainerdConfig. Access the value via the '{suggest}' property getter instead.") + + def __getitem__(self, key: str) -> Any: + ClusterNodePoolNodeConfigContainerdConfig.__key_warning(key) + return super().__getitem__(key) + + def get(self, key: str, default = None) -> Any: + ClusterNodePoolNodeConfigContainerdConfig.__key_warning(key) + return super().get(key, default) + + def __init__(__self__, *, + private_registry_access_config: Optional['outputs.ClusterNodePoolNodeConfigContainerdConfigPrivateRegistryAccessConfig'] = None): + """ + :param 'ClusterNodePoolNodeConfigContainerdConfigPrivateRegistryAccessConfigArgs' private_registry_access_config: Configuration for private container registries. There are two fields in this config: + """ + if private_registry_access_config is not None: + pulumi.set(__self__, "private_registry_access_config", private_registry_access_config) + + @property + @pulumi.getter(name="privateRegistryAccessConfig") + def private_registry_access_config(self) -> Optional['outputs.ClusterNodePoolNodeConfigContainerdConfigPrivateRegistryAccessConfig']: + """ + Configuration for private container registries. There are two fields in this config: + """ + return pulumi.get(self, "private_registry_access_config") + + +@pulumi.output_type +class ClusterNodePoolNodeConfigContainerdConfigPrivateRegistryAccessConfig(dict): + @staticmethod + def __key_warning(key: str): + suggest = None + if key == "certificateAuthorityDomainConfigs": + suggest = "certificate_authority_domain_configs" + + if suggest: + pulumi.log.warn(f"Key '{key}' not found in ClusterNodePoolNodeConfigContainerdConfigPrivateRegistryAccessConfig. Access the value via the '{suggest}' property getter instead.") + + def __getitem__(self, key: str) -> Any: + ClusterNodePoolNodeConfigContainerdConfigPrivateRegistryAccessConfig.__key_warning(key) + return super().__getitem__(key) + + def get(self, key: str, default = None) -> Any: + ClusterNodePoolNodeConfigContainerdConfigPrivateRegistryAccessConfig.__key_warning(key) + return super().get(key, default) + + def __init__(__self__, *, + enabled: bool, + certificate_authority_domain_configs: Optional[Sequence['outputs.ClusterNodePoolNodeConfigContainerdConfigPrivateRegistryAccessConfigCertificateAuthorityDomainConfig']] = None): + """ + :param bool enabled: Enables private registry config. If set to false, all other fields in this object must not be set. + :param Sequence['ClusterNodePoolNodeConfigContainerdConfigPrivateRegistryAccessConfigCertificateAuthorityDomainConfigArgs'] certificate_authority_domain_configs: List of configuration objects for CA and domains. Each object identifies a certificate and its assigned domains. See [how to configure for private container registries](https://cloud.google.com/kubernetes-engine/docs/how-to/access-private-registries-private-certificates) for more detail. Example: + """ + pulumi.set(__self__, "enabled", enabled) + if certificate_authority_domain_configs is not None: + pulumi.set(__self__, "certificate_authority_domain_configs", certificate_authority_domain_configs) + + @property + @pulumi.getter + def enabled(self) -> bool: + """ + Enables private registry config. If set to false, all other fields in this object must not be set. + """ + return pulumi.get(self, "enabled") + + @property + @pulumi.getter(name="certificateAuthorityDomainConfigs") + def certificate_authority_domain_configs(self) -> Optional[Sequence['outputs.ClusterNodePoolNodeConfigContainerdConfigPrivateRegistryAccessConfigCertificateAuthorityDomainConfig']]: + """ + List of configuration objects for CA and domains. Each object identifies a certificate and its assigned domains. See [how to configure for private container registries](https://cloud.google.com/kubernetes-engine/docs/how-to/access-private-registries-private-certificates) for more detail. Example: + """ + return pulumi.get(self, "certificate_authority_domain_configs") + + +@pulumi.output_type +class ClusterNodePoolNodeConfigContainerdConfigPrivateRegistryAccessConfigCertificateAuthorityDomainConfig(dict): + @staticmethod + def __key_warning(key: str): + suggest = None + if key == "gcpSecretManagerCertificateConfig": + suggest = "gcp_secret_manager_certificate_config" + + if suggest: + pulumi.log.warn(f"Key '{key}' not found in ClusterNodePoolNodeConfigContainerdConfigPrivateRegistryAccessConfigCertificateAuthorityDomainConfig. Access the value via the '{suggest}' property getter instead.") + + def __getitem__(self, key: str) -> Any: + ClusterNodePoolNodeConfigContainerdConfigPrivateRegistryAccessConfigCertificateAuthorityDomainConfig.__key_warning(key) + return super().__getitem__(key) + + def get(self, key: str, default = None) -> Any: + ClusterNodePoolNodeConfigContainerdConfigPrivateRegistryAccessConfigCertificateAuthorityDomainConfig.__key_warning(key) + return super().get(key, default) + + def __init__(__self__, *, + fqdns: Sequence[str], + gcp_secret_manager_certificate_config: 'outputs.ClusterNodePoolNodeConfigContainerdConfigPrivateRegistryAccessConfigCertificateAuthorityDomainConfigGcpSecretManagerCertificateConfig'): + """ + :param Sequence[str] fqdns: List of fully-qualified-domain-names. IPv4s and port specification are supported. + :param 'ClusterNodePoolNodeConfigContainerdConfigPrivateRegistryAccessConfigCertificateAuthorityDomainConfigGcpSecretManagerCertificateConfigArgs' gcp_secret_manager_certificate_config: Parameters for configuring a certificate hosted in GCP SecretManager. + """ + pulumi.set(__self__, "fqdns", fqdns) + pulumi.set(__self__, "gcp_secret_manager_certificate_config", gcp_secret_manager_certificate_config) + + @property + @pulumi.getter + def fqdns(self) -> Sequence[str]: + """ + List of fully-qualified-domain-names. IPv4s and port specification are supported. + """ + return pulumi.get(self, "fqdns") + + @property + @pulumi.getter(name="gcpSecretManagerCertificateConfig") + def gcp_secret_manager_certificate_config(self) -> 'outputs.ClusterNodePoolNodeConfigContainerdConfigPrivateRegistryAccessConfigCertificateAuthorityDomainConfigGcpSecretManagerCertificateConfig': + """ + Parameters for configuring a certificate hosted in GCP SecretManager. + """ + return pulumi.get(self, "gcp_secret_manager_certificate_config") + + +@pulumi.output_type +class ClusterNodePoolNodeConfigContainerdConfigPrivateRegistryAccessConfigCertificateAuthorityDomainConfigGcpSecretManagerCertificateConfig(dict): + @staticmethod + def __key_warning(key: str): + suggest = None + if key == "secretUri": + suggest = "secret_uri" + + if suggest: + pulumi.log.warn(f"Key '{key}' not found in ClusterNodePoolNodeConfigContainerdConfigPrivateRegistryAccessConfigCertificateAuthorityDomainConfigGcpSecretManagerCertificateConfig. Access the value via the '{suggest}' property getter instead.") + + def __getitem__(self, key: str) -> Any: + ClusterNodePoolNodeConfigContainerdConfigPrivateRegistryAccessConfigCertificateAuthorityDomainConfigGcpSecretManagerCertificateConfig.__key_warning(key) + return super().__getitem__(key) + + def get(self, key: str, default = None) -> Any: + ClusterNodePoolNodeConfigContainerdConfigPrivateRegistryAccessConfigCertificateAuthorityDomainConfigGcpSecretManagerCertificateConfig.__key_warning(key) + return super().get(key, default) + + def __init__(__self__, *, + secret_uri: str): + """ + :param str secret_uri: URI for the secret that hosts a certificate. Must be in the format 'projects/PROJECT_NUM/secrets/SECRET_NAME/versions/VERSION_OR_LATEST'. + """ + pulumi.set(__self__, "secret_uri", secret_uri) + + @property + @pulumi.getter(name="secretUri") + def secret_uri(self) -> str: + """ + URI for the secret that hosts a certificate. Must be in the format 'projects/PROJECT_NUM/secrets/SECRET_NAME/versions/VERSION_OR_LATEST'. + """ + return pulumi.get(self, "secret_uri") + + @pulumi.output_type class ClusterNodePoolNodeConfigEffectiveTaint(dict): def __init__(__self__, *, @@ -12124,6 +12686,8 @@ def __key_warning(key: str): suggest = "boot_disk_kms_key" elif key == "confidentialNodes": suggest = "confidential_nodes" + elif key == "containerdConfig": + suggest = "containerd_config" elif key == "diskSizeGb": suggest = "disk_size_gb" elif key == "diskType": @@ -12198,6 +12762,7 @@ def __init__(__self__, *, advanced_machine_features: Optional['outputs.NodePoolNodeConfigAdvancedMachineFeatures'] = None, boot_disk_kms_key: Optional[str] = None, confidential_nodes: Optional['outputs.NodePoolNodeConfigConfidentialNodes'] = None, + containerd_config: Optional['outputs.NodePoolNodeConfigContainerdConfig'] = None, disk_size_gb: Optional[int] = None, disk_type: Optional[str] = None, effective_taints: Optional[Sequence['outputs.NodePoolNodeConfigEffectiveTaint']] = None, @@ -12238,6 +12803,7 @@ def __init__(__self__, *, :param 'NodePoolNodeConfigAdvancedMachineFeaturesArgs' advanced_machine_features: Specifies options for controlling advanced machine features. :param str boot_disk_kms_key: The Customer Managed Encryption Key used to encrypt the boot disk attached to each node in the node pool. :param 'NodePoolNodeConfigConfidentialNodesArgs' confidential_nodes: Configuration for Confidential Nodes feature. Structure is documented below. + :param 'NodePoolNodeConfigContainerdConfigArgs' containerd_config: Parameters for containerd configuration. :param int disk_size_gb: Size of the disk attached to each node, specified in GB. The smallest allowed disk size is 10GB. :param str disk_type: Type of the disk attached to each node. Such as pd-standard, pd-balanced or pd-ssd :param Sequence['NodePoolNodeConfigEffectiveTaintArgs'] effective_taints: List of kubernetes taints applied to each node. @@ -12281,6 +12847,8 @@ def __init__(__self__, *, pulumi.set(__self__, "boot_disk_kms_key", boot_disk_kms_key) if confidential_nodes is not None: pulumi.set(__self__, "confidential_nodes", confidential_nodes) + if containerd_config is not None: + pulumi.set(__self__, "containerd_config", containerd_config) if disk_size_gb is not None: pulumi.set(__self__, "disk_size_gb", disk_size_gb) if disk_type is not None: @@ -12378,6 +12946,14 @@ def confidential_nodes(self) -> Optional['outputs.NodePoolNodeConfigConfidential """ return pulumi.get(self, "confidential_nodes") + @property + @pulumi.getter(name="containerdConfig") + def containerd_config(self) -> Optional['outputs.NodePoolNodeConfigContainerdConfig']: + """ + Parameters for containerd configuration. + """ + return pulumi.get(self, "containerd_config") + @property @pulumi.getter(name="diskSizeGb") def disk_size_gb(self) -> Optional[int]: @@ -12632,108 +13208,272 @@ def sole_tenant_config(self) -> Optional['outputs.NodePoolNodeConfigSoleTenantCo """ Node affinity options for sole tenant node pools. """ - return pulumi.get(self, "sole_tenant_config") + return pulumi.get(self, "sole_tenant_config") + + @property + @pulumi.getter + def spot(self) -> Optional[bool]: + """ + Whether the nodes are created as spot VM instances. + """ + return pulumi.get(self, "spot") + + @property + @pulumi.getter + def tags(self) -> Optional[Sequence[str]]: + """ + The list of instance tags applied to all nodes. + """ + return pulumi.get(self, "tags") + + @property + @pulumi.getter + def taints(self) -> Optional[Sequence['outputs.NodePoolNodeConfigTaint']]: + """ + List of Kubernetes taints to be applied to each node. + """ + return pulumi.get(self, "taints") + + @property + @pulumi.getter(name="workloadMetadataConfig") + def workload_metadata_config(self) -> Optional['outputs.NodePoolNodeConfigWorkloadMetadataConfig']: + """ + The workload metadata configuration for this node. + """ + return pulumi.get(self, "workload_metadata_config") + + +@pulumi.output_type +class NodePoolNodeConfigAdvancedMachineFeatures(dict): + @staticmethod + def __key_warning(key: str): + suggest = None + if key == "threadsPerCore": + suggest = "threads_per_core" + elif key == "enableNestedVirtualization": + suggest = "enable_nested_virtualization" + + if suggest: + pulumi.log.warn(f"Key '{key}' not found in NodePoolNodeConfigAdvancedMachineFeatures. Access the value via the '{suggest}' property getter instead.") + + def __getitem__(self, key: str) -> Any: + NodePoolNodeConfigAdvancedMachineFeatures.__key_warning(key) + return super().__getitem__(key) + + def get(self, key: str, default = None) -> Any: + NodePoolNodeConfigAdvancedMachineFeatures.__key_warning(key) + return super().get(key, default) + + def __init__(__self__, *, + threads_per_core: int, + enable_nested_virtualization: Optional[bool] = None): + """ + :param int threads_per_core: The number of threads per physical core. To disable simultaneous multithreading (SMT) set this to 1. If unset, the maximum number of threads supported per core by the underlying processor is assumed. + :param bool enable_nested_virtualization: Whether the node should have nested virtualization enabled. + """ + pulumi.set(__self__, "threads_per_core", threads_per_core) + if enable_nested_virtualization is not None: + pulumi.set(__self__, "enable_nested_virtualization", enable_nested_virtualization) + + @property + @pulumi.getter(name="threadsPerCore") + def threads_per_core(self) -> int: + """ + The number of threads per physical core. To disable simultaneous multithreading (SMT) set this to 1. If unset, the maximum number of threads supported per core by the underlying processor is assumed. + """ + return pulumi.get(self, "threads_per_core") + + @property + @pulumi.getter(name="enableNestedVirtualization") + def enable_nested_virtualization(self) -> Optional[bool]: + """ + Whether the node should have nested virtualization enabled. + """ + return pulumi.get(self, "enable_nested_virtualization") + + +@pulumi.output_type +class NodePoolNodeConfigConfidentialNodes(dict): + def __init__(__self__, *, + enabled: bool): + """ + :param bool enabled: Enable Confidential GKE Nodes for this cluster, to + enforce encryption of data in-use. + """ + pulumi.set(__self__, "enabled", enabled) + + @property + @pulumi.getter + def enabled(self) -> bool: + """ + Enable Confidential GKE Nodes for this cluster, to + enforce encryption of data in-use. + """ + return pulumi.get(self, "enabled") + + +@pulumi.output_type +class NodePoolNodeConfigContainerdConfig(dict): + @staticmethod + def __key_warning(key: str): + suggest = None + if key == "privateRegistryAccessConfig": + suggest = "private_registry_access_config" + + if suggest: + pulumi.log.warn(f"Key '{key}' not found in NodePoolNodeConfigContainerdConfig. Access the value via the '{suggest}' property getter instead.") + + def __getitem__(self, key: str) -> Any: + NodePoolNodeConfigContainerdConfig.__key_warning(key) + return super().__getitem__(key) + + def get(self, key: str, default = None) -> Any: + NodePoolNodeConfigContainerdConfig.__key_warning(key) + return super().get(key, default) + + def __init__(__self__, *, + private_registry_access_config: Optional['outputs.NodePoolNodeConfigContainerdConfigPrivateRegistryAccessConfig'] = None): + """ + :param 'NodePoolNodeConfigContainerdConfigPrivateRegistryAccessConfigArgs' private_registry_access_config: Parameters for private container registries configuration. + """ + if private_registry_access_config is not None: + pulumi.set(__self__, "private_registry_access_config", private_registry_access_config) @property - @pulumi.getter - def spot(self) -> Optional[bool]: + @pulumi.getter(name="privateRegistryAccessConfig") + def private_registry_access_config(self) -> Optional['outputs.NodePoolNodeConfigContainerdConfigPrivateRegistryAccessConfig']: """ - Whether the nodes are created as spot VM instances. + Parameters for private container registries configuration. """ - return pulumi.get(self, "spot") + return pulumi.get(self, "private_registry_access_config") - @property - @pulumi.getter - def tags(self) -> Optional[Sequence[str]]: + +@pulumi.output_type +class NodePoolNodeConfigContainerdConfigPrivateRegistryAccessConfig(dict): + @staticmethod + def __key_warning(key: str): + suggest = None + if key == "certificateAuthorityDomainConfigs": + suggest = "certificate_authority_domain_configs" + + if suggest: + pulumi.log.warn(f"Key '{key}' not found in NodePoolNodeConfigContainerdConfigPrivateRegistryAccessConfig. Access the value via the '{suggest}' property getter instead.") + + def __getitem__(self, key: str) -> Any: + NodePoolNodeConfigContainerdConfigPrivateRegistryAccessConfig.__key_warning(key) + return super().__getitem__(key) + + def get(self, key: str, default = None) -> Any: + NodePoolNodeConfigContainerdConfigPrivateRegistryAccessConfig.__key_warning(key) + return super().get(key, default) + + def __init__(__self__, *, + enabled: bool, + certificate_authority_domain_configs: Optional[Sequence['outputs.NodePoolNodeConfigContainerdConfigPrivateRegistryAccessConfigCertificateAuthorityDomainConfig']] = None): """ - The list of instance tags applied to all nodes. + :param bool enabled: Whether or not private registries are configured. + :param Sequence['NodePoolNodeConfigContainerdConfigPrivateRegistryAccessConfigCertificateAuthorityDomainConfigArgs'] certificate_authority_domain_configs: Parameters for configuring CA certificate and domains. """ - return pulumi.get(self, "tags") + pulumi.set(__self__, "enabled", enabled) + if certificate_authority_domain_configs is not None: + pulumi.set(__self__, "certificate_authority_domain_configs", certificate_authority_domain_configs) @property @pulumi.getter - def taints(self) -> Optional[Sequence['outputs.NodePoolNodeConfigTaint']]: + def enabled(self) -> bool: """ - List of Kubernetes taints to be applied to each node. + Whether or not private registries are configured. """ - return pulumi.get(self, "taints") + return pulumi.get(self, "enabled") @property - @pulumi.getter(name="workloadMetadataConfig") - def workload_metadata_config(self) -> Optional['outputs.NodePoolNodeConfigWorkloadMetadataConfig']: + @pulumi.getter(name="certificateAuthorityDomainConfigs") + def certificate_authority_domain_configs(self) -> Optional[Sequence['outputs.NodePoolNodeConfigContainerdConfigPrivateRegistryAccessConfigCertificateAuthorityDomainConfig']]: """ - The workload metadata configuration for this node. + Parameters for configuring CA certificate and domains. """ - return pulumi.get(self, "workload_metadata_config") + return pulumi.get(self, "certificate_authority_domain_configs") @pulumi.output_type -class NodePoolNodeConfigAdvancedMachineFeatures(dict): +class NodePoolNodeConfigContainerdConfigPrivateRegistryAccessConfigCertificateAuthorityDomainConfig(dict): @staticmethod def __key_warning(key: str): suggest = None - if key == "threadsPerCore": - suggest = "threads_per_core" - elif key == "enableNestedVirtualization": - suggest = "enable_nested_virtualization" + if key == "gcpSecretManagerCertificateConfig": + suggest = "gcp_secret_manager_certificate_config" if suggest: - pulumi.log.warn(f"Key '{key}' not found in NodePoolNodeConfigAdvancedMachineFeatures. Access the value via the '{suggest}' property getter instead.") + pulumi.log.warn(f"Key '{key}' not found in NodePoolNodeConfigContainerdConfigPrivateRegistryAccessConfigCertificateAuthorityDomainConfig. Access the value via the '{suggest}' property getter instead.") def __getitem__(self, key: str) -> Any: - NodePoolNodeConfigAdvancedMachineFeatures.__key_warning(key) + NodePoolNodeConfigContainerdConfigPrivateRegistryAccessConfigCertificateAuthorityDomainConfig.__key_warning(key) return super().__getitem__(key) def get(self, key: str, default = None) -> Any: - NodePoolNodeConfigAdvancedMachineFeatures.__key_warning(key) + NodePoolNodeConfigContainerdConfigPrivateRegistryAccessConfigCertificateAuthorityDomainConfig.__key_warning(key) return super().get(key, default) def __init__(__self__, *, - threads_per_core: int, - enable_nested_virtualization: Optional[bool] = None): + fqdns: Sequence[str], + gcp_secret_manager_certificate_config: 'outputs.NodePoolNodeConfigContainerdConfigPrivateRegistryAccessConfigCertificateAuthorityDomainConfigGcpSecretManagerCertificateConfig'): """ - :param int threads_per_core: The number of threads per physical core. To disable simultaneous multithreading (SMT) set this to 1. If unset, the maximum number of threads supported per core by the underlying processor is assumed. - :param bool enable_nested_virtualization: Whether the node should have nested virtualization enabled. + :param Sequence[str] fqdns: List of fully-qualified-domain-names. IPv4s and port specification are supported. + :param 'NodePoolNodeConfigContainerdConfigPrivateRegistryAccessConfigCertificateAuthorityDomainConfigGcpSecretManagerCertificateConfigArgs' gcp_secret_manager_certificate_config: Parameters for configuring a certificate hosted in GCP SecretManager. """ - pulumi.set(__self__, "threads_per_core", threads_per_core) - if enable_nested_virtualization is not None: - pulumi.set(__self__, "enable_nested_virtualization", enable_nested_virtualization) + pulumi.set(__self__, "fqdns", fqdns) + pulumi.set(__self__, "gcp_secret_manager_certificate_config", gcp_secret_manager_certificate_config) @property - @pulumi.getter(name="threadsPerCore") - def threads_per_core(self) -> int: + @pulumi.getter + def fqdns(self) -> Sequence[str]: """ - The number of threads per physical core. To disable simultaneous multithreading (SMT) set this to 1. If unset, the maximum number of threads supported per core by the underlying processor is assumed. + List of fully-qualified-domain-names. IPv4s and port specification are supported. """ - return pulumi.get(self, "threads_per_core") + return pulumi.get(self, "fqdns") @property - @pulumi.getter(name="enableNestedVirtualization") - def enable_nested_virtualization(self) -> Optional[bool]: + @pulumi.getter(name="gcpSecretManagerCertificateConfig") + def gcp_secret_manager_certificate_config(self) -> 'outputs.NodePoolNodeConfigContainerdConfigPrivateRegistryAccessConfigCertificateAuthorityDomainConfigGcpSecretManagerCertificateConfig': """ - Whether the node should have nested virtualization enabled. + Parameters for configuring a certificate hosted in GCP SecretManager. """ - return pulumi.get(self, "enable_nested_virtualization") + return pulumi.get(self, "gcp_secret_manager_certificate_config") @pulumi.output_type -class NodePoolNodeConfigConfidentialNodes(dict): +class NodePoolNodeConfigContainerdConfigPrivateRegistryAccessConfigCertificateAuthorityDomainConfigGcpSecretManagerCertificateConfig(dict): + @staticmethod + def __key_warning(key: str): + suggest = None + if key == "secretUri": + suggest = "secret_uri" + + if suggest: + pulumi.log.warn(f"Key '{key}' not found in NodePoolNodeConfigContainerdConfigPrivateRegistryAccessConfigCertificateAuthorityDomainConfigGcpSecretManagerCertificateConfig. Access the value via the '{suggest}' property getter instead.") + + def __getitem__(self, key: str) -> Any: + NodePoolNodeConfigContainerdConfigPrivateRegistryAccessConfigCertificateAuthorityDomainConfigGcpSecretManagerCertificateConfig.__key_warning(key) + return super().__getitem__(key) + + def get(self, key: str, default = None) -> Any: + NodePoolNodeConfigContainerdConfigPrivateRegistryAccessConfigCertificateAuthorityDomainConfigGcpSecretManagerCertificateConfig.__key_warning(key) + return super().get(key, default) + def __init__(__self__, *, - enabled: bool): + secret_uri: str): """ - :param bool enabled: Enable Confidential GKE Nodes for this cluster, to - enforce encryption of data in-use. + :param str secret_uri: URI for the secret that hosts a certificate. Must be in the format 'projects/PROJECT_NUM/secrets/SECRET_NAME/versions/VERSION_OR_LATEST'. """ - pulumi.set(__self__, "enabled", enabled) + pulumi.set(__self__, "secret_uri", secret_uri) @property - @pulumi.getter - def enabled(self) -> bool: + @pulumi.getter(name="secretUri") + def secret_uri(self) -> str: """ - Enable Confidential GKE Nodes for this cluster, to - enforce encryption of data in-use. + URI for the secret that hosts a certificate. Must be in the format 'projects/PROJECT_NUM/secrets/SECRET_NAME/versions/VERSION_OR_LATEST'. """ - return pulumi.get(self, "enabled") + return pulumi.get(self, "secret_uri") @pulumi.output_type @@ -15516,6 +16256,7 @@ def __init__(__self__, *, advanced_machine_features: Sequence['outputs.GetClusterNodeConfigAdvancedMachineFeatureResult'], boot_disk_kms_key: str, confidential_nodes: Sequence['outputs.GetClusterNodeConfigConfidentialNodeResult'], + containerd_configs: Sequence['outputs.GetClusterNodeConfigContainerdConfigResult'], disk_size_gb: int, disk_type: str, effective_taints: Sequence['outputs.GetClusterNodeConfigEffectiveTaintResult'], @@ -15556,6 +16297,7 @@ def __init__(__self__, *, :param Sequence['GetClusterNodeConfigAdvancedMachineFeatureArgs'] advanced_machine_features: Specifies options for controlling advanced machine features. :param str boot_disk_kms_key: The Customer Managed Encryption Key used to encrypt the boot disk attached to each node in the node pool. :param Sequence['GetClusterNodeConfigConfidentialNodeArgs'] confidential_nodes: Configuration for the confidential nodes feature, which makes nodes run on confidential VMs. Warning: This configuration can't be changed (or added/removed) after pool creation without deleting and recreating the entire pool. + :param Sequence['GetClusterNodeConfigContainerdConfigArgs'] containerd_configs: Parameters for containerd configuration. :param int disk_size_gb: Size of the disk attached to each node, specified in GB. The smallest allowed disk size is 10GB. :param str disk_type: Type of the disk attached to each node. Such as pd-standard, pd-balanced or pd-ssd :param Sequence['GetClusterNodeConfigEffectiveTaintArgs'] effective_taints: List of kubernetes taints applied to each node. @@ -15596,6 +16338,7 @@ def __init__(__self__, *, pulumi.set(__self__, "advanced_machine_features", advanced_machine_features) pulumi.set(__self__, "boot_disk_kms_key", boot_disk_kms_key) pulumi.set(__self__, "confidential_nodes", confidential_nodes) + pulumi.set(__self__, "containerd_configs", containerd_configs) pulumi.set(__self__, "disk_size_gb", disk_size_gb) pulumi.set(__self__, "disk_type", disk_type) pulumi.set(__self__, "effective_taints", effective_taints) @@ -15657,6 +16400,14 @@ def confidential_nodes(self) -> Sequence['outputs.GetClusterNodeConfigConfidenti """ return pulumi.get(self, "confidential_nodes") + @property + @pulumi.getter(name="containerdConfigs") + def containerd_configs(self) -> Sequence['outputs.GetClusterNodeConfigContainerdConfigResult']: + """ + Parameters for containerd configuration. + """ + return pulumi.get(self, "containerd_configs") + @property @pulumi.getter(name="diskSizeGb") def disk_size_gb(self) -> int: @@ -15993,6 +16744,100 @@ def enabled(self) -> bool: return pulumi.get(self, "enabled") +@pulumi.output_type +class GetClusterNodeConfigContainerdConfigResult(dict): + def __init__(__self__, *, + private_registry_access_configs: Sequence['outputs.GetClusterNodeConfigContainerdConfigPrivateRegistryAccessConfigResult']): + """ + :param Sequence['GetClusterNodeConfigContainerdConfigPrivateRegistryAccessConfigArgs'] private_registry_access_configs: Parameters for private container registries configuration. + """ + pulumi.set(__self__, "private_registry_access_configs", private_registry_access_configs) + + @property + @pulumi.getter(name="privateRegistryAccessConfigs") + def private_registry_access_configs(self) -> Sequence['outputs.GetClusterNodeConfigContainerdConfigPrivateRegistryAccessConfigResult']: + """ + Parameters for private container registries configuration. + """ + return pulumi.get(self, "private_registry_access_configs") + + +@pulumi.output_type +class GetClusterNodeConfigContainerdConfigPrivateRegistryAccessConfigResult(dict): + def __init__(__self__, *, + certificate_authority_domain_configs: Sequence['outputs.GetClusterNodeConfigContainerdConfigPrivateRegistryAccessConfigCertificateAuthorityDomainConfigResult'], + enabled: bool): + """ + :param Sequence['GetClusterNodeConfigContainerdConfigPrivateRegistryAccessConfigCertificateAuthorityDomainConfigArgs'] certificate_authority_domain_configs: Parameters for configuring CA certificate and domains. + :param bool enabled: Whether or not private registries are configured. + """ + pulumi.set(__self__, "certificate_authority_domain_configs", certificate_authority_domain_configs) + pulumi.set(__self__, "enabled", enabled) + + @property + @pulumi.getter(name="certificateAuthorityDomainConfigs") + def certificate_authority_domain_configs(self) -> Sequence['outputs.GetClusterNodeConfigContainerdConfigPrivateRegistryAccessConfigCertificateAuthorityDomainConfigResult']: + """ + Parameters for configuring CA certificate and domains. + """ + return pulumi.get(self, "certificate_authority_domain_configs") + + @property + @pulumi.getter + def enabled(self) -> bool: + """ + Whether or not private registries are configured. + """ + return pulumi.get(self, "enabled") + + +@pulumi.output_type +class GetClusterNodeConfigContainerdConfigPrivateRegistryAccessConfigCertificateAuthorityDomainConfigResult(dict): + def __init__(__self__, *, + fqdns: Sequence[str], + gcp_secret_manager_certificate_configs: Sequence['outputs.GetClusterNodeConfigContainerdConfigPrivateRegistryAccessConfigCertificateAuthorityDomainConfigGcpSecretManagerCertificateConfigResult']): + """ + :param Sequence[str] fqdns: List of fully-qualified-domain-names. IPv4s and port specification are supported. + :param Sequence['GetClusterNodeConfigContainerdConfigPrivateRegistryAccessConfigCertificateAuthorityDomainConfigGcpSecretManagerCertificateConfigArgs'] gcp_secret_manager_certificate_configs: Parameters for configuring a certificate hosted in GCP SecretManager. + """ + pulumi.set(__self__, "fqdns", fqdns) + pulumi.set(__self__, "gcp_secret_manager_certificate_configs", gcp_secret_manager_certificate_configs) + + @property + @pulumi.getter + def fqdns(self) -> Sequence[str]: + """ + List of fully-qualified-domain-names. IPv4s and port specification are supported. + """ + return pulumi.get(self, "fqdns") + + @property + @pulumi.getter(name="gcpSecretManagerCertificateConfigs") + def gcp_secret_manager_certificate_configs(self) -> Sequence['outputs.GetClusterNodeConfigContainerdConfigPrivateRegistryAccessConfigCertificateAuthorityDomainConfigGcpSecretManagerCertificateConfigResult']: + """ + Parameters for configuring a certificate hosted in GCP SecretManager. + """ + return pulumi.get(self, "gcp_secret_manager_certificate_configs") + + +@pulumi.output_type +class GetClusterNodeConfigContainerdConfigPrivateRegistryAccessConfigCertificateAuthorityDomainConfigGcpSecretManagerCertificateConfigResult(dict): + def __init__(__self__, *, + secret_uri: str): + """ + :param str secret_uri: URI for the secret that hosts a certificate. Must be in the format 'projects/PROJECT_NUM/secrets/SECRET_NAME/versions/VERSION_OR_LATEST'. + """ + pulumi.set(__self__, "secret_uri", secret_uri) + + @property + @pulumi.getter(name="secretUri") + def secret_uri(self) -> str: + """ + URI for the secret that hosts a certificate. Must be in the format 'projects/PROJECT_NUM/secrets/SECRET_NAME/versions/VERSION_OR_LATEST'. + """ + return pulumi.get(self, "secret_uri") + + @pulumi.output_type class GetClusterNodeConfigEffectiveTaintResult(dict): def __init__(__self__, *, @@ -16889,15 +17734,26 @@ def node_config_defaults(self) -> Sequence['outputs.GetClusterNodePoolDefaultNod @pulumi.output_type class GetClusterNodePoolDefaultNodeConfigDefaultResult(dict): def __init__(__self__, *, + containerd_configs: Sequence['outputs.GetClusterNodePoolDefaultNodeConfigDefaultContainerdConfigResult'], gcfs_configs: Sequence['outputs.GetClusterNodePoolDefaultNodeConfigDefaultGcfsConfigResult'], logging_variant: str): """ + :param Sequence['GetClusterNodePoolDefaultNodeConfigDefaultContainerdConfigArgs'] containerd_configs: Parameters for containerd configuration. :param Sequence['GetClusterNodePoolDefaultNodeConfigDefaultGcfsConfigArgs'] gcfs_configs: GCFS configuration for this node. :param str logging_variant: Type of logging agent that is used as the default value for node pools in the cluster. Valid values include DEFAULT and MAX_THROUGHPUT. """ + pulumi.set(__self__, "containerd_configs", containerd_configs) pulumi.set(__self__, "gcfs_configs", gcfs_configs) pulumi.set(__self__, "logging_variant", logging_variant) + @property + @pulumi.getter(name="containerdConfigs") + def containerd_configs(self) -> Sequence['outputs.GetClusterNodePoolDefaultNodeConfigDefaultContainerdConfigResult']: + """ + Parameters for containerd configuration. + """ + return pulumi.get(self, "containerd_configs") + @property @pulumi.getter(name="gcfsConfigs") def gcfs_configs(self) -> Sequence['outputs.GetClusterNodePoolDefaultNodeConfigDefaultGcfsConfigResult']: @@ -16915,6 +17771,100 @@ def logging_variant(self) -> str: return pulumi.get(self, "logging_variant") +@pulumi.output_type +class GetClusterNodePoolDefaultNodeConfigDefaultContainerdConfigResult(dict): + def __init__(__self__, *, + private_registry_access_configs: Sequence['outputs.GetClusterNodePoolDefaultNodeConfigDefaultContainerdConfigPrivateRegistryAccessConfigResult']): + """ + :param Sequence['GetClusterNodePoolDefaultNodeConfigDefaultContainerdConfigPrivateRegistryAccessConfigArgs'] private_registry_access_configs: Parameters for private container registries configuration. + """ + pulumi.set(__self__, "private_registry_access_configs", private_registry_access_configs) + + @property + @pulumi.getter(name="privateRegistryAccessConfigs") + def private_registry_access_configs(self) -> Sequence['outputs.GetClusterNodePoolDefaultNodeConfigDefaultContainerdConfigPrivateRegistryAccessConfigResult']: + """ + Parameters for private container registries configuration. + """ + return pulumi.get(self, "private_registry_access_configs") + + +@pulumi.output_type +class GetClusterNodePoolDefaultNodeConfigDefaultContainerdConfigPrivateRegistryAccessConfigResult(dict): + def __init__(__self__, *, + certificate_authority_domain_configs: Sequence['outputs.GetClusterNodePoolDefaultNodeConfigDefaultContainerdConfigPrivateRegistryAccessConfigCertificateAuthorityDomainConfigResult'], + enabled: bool): + """ + :param Sequence['GetClusterNodePoolDefaultNodeConfigDefaultContainerdConfigPrivateRegistryAccessConfigCertificateAuthorityDomainConfigArgs'] certificate_authority_domain_configs: Parameters for configuring CA certificate and domains. + :param bool enabled: Whether or not private registries are configured. + """ + pulumi.set(__self__, "certificate_authority_domain_configs", certificate_authority_domain_configs) + pulumi.set(__self__, "enabled", enabled) + + @property + @pulumi.getter(name="certificateAuthorityDomainConfigs") + def certificate_authority_domain_configs(self) -> Sequence['outputs.GetClusterNodePoolDefaultNodeConfigDefaultContainerdConfigPrivateRegistryAccessConfigCertificateAuthorityDomainConfigResult']: + """ + Parameters for configuring CA certificate and domains. + """ + return pulumi.get(self, "certificate_authority_domain_configs") + + @property + @pulumi.getter + def enabled(self) -> bool: + """ + Whether or not private registries are configured. + """ + return pulumi.get(self, "enabled") + + +@pulumi.output_type +class GetClusterNodePoolDefaultNodeConfigDefaultContainerdConfigPrivateRegistryAccessConfigCertificateAuthorityDomainConfigResult(dict): + def __init__(__self__, *, + fqdns: Sequence[str], + gcp_secret_manager_certificate_configs: Sequence['outputs.GetClusterNodePoolDefaultNodeConfigDefaultContainerdConfigPrivateRegistryAccessConfigCertificateAuthorityDomainConfigGcpSecretManagerCertificateConfigResult']): + """ + :param Sequence[str] fqdns: List of fully-qualified-domain-names. IPv4s and port specification are supported. + :param Sequence['GetClusterNodePoolDefaultNodeConfigDefaultContainerdConfigPrivateRegistryAccessConfigCertificateAuthorityDomainConfigGcpSecretManagerCertificateConfigArgs'] gcp_secret_manager_certificate_configs: Parameters for configuring a certificate hosted in GCP SecretManager. + """ + pulumi.set(__self__, "fqdns", fqdns) + pulumi.set(__self__, "gcp_secret_manager_certificate_configs", gcp_secret_manager_certificate_configs) + + @property + @pulumi.getter + def fqdns(self) -> Sequence[str]: + """ + List of fully-qualified-domain-names. IPv4s and port specification are supported. + """ + return pulumi.get(self, "fqdns") + + @property + @pulumi.getter(name="gcpSecretManagerCertificateConfigs") + def gcp_secret_manager_certificate_configs(self) -> Sequence['outputs.GetClusterNodePoolDefaultNodeConfigDefaultContainerdConfigPrivateRegistryAccessConfigCertificateAuthorityDomainConfigGcpSecretManagerCertificateConfigResult']: + """ + Parameters for configuring a certificate hosted in GCP SecretManager. + """ + return pulumi.get(self, "gcp_secret_manager_certificate_configs") + + +@pulumi.output_type +class GetClusterNodePoolDefaultNodeConfigDefaultContainerdConfigPrivateRegistryAccessConfigCertificateAuthorityDomainConfigGcpSecretManagerCertificateConfigResult(dict): + def __init__(__self__, *, + secret_uri: str): + """ + :param str secret_uri: URI for the secret that hosts a certificate. Must be in the format 'projects/PROJECT_NUM/secrets/SECRET_NAME/versions/VERSION_OR_LATEST'. + """ + pulumi.set(__self__, "secret_uri", secret_uri) + + @property + @pulumi.getter(name="secretUri") + def secret_uri(self) -> str: + """ + URI for the secret that hosts a certificate. Must be in the format 'projects/PROJECT_NUM/secrets/SECRET_NAME/versions/VERSION_OR_LATEST'. + """ + return pulumi.get(self, "secret_uri") + + @pulumi.output_type class GetClusterNodePoolDefaultNodeConfigDefaultGcfsConfigResult(dict): def __init__(__self__, *, @@ -17162,6 +18112,7 @@ def __init__(__self__, *, advanced_machine_features: Sequence['outputs.GetClusterNodePoolNodeConfigAdvancedMachineFeatureResult'], boot_disk_kms_key: str, confidential_nodes: Sequence['outputs.GetClusterNodePoolNodeConfigConfidentialNodeResult'], + containerd_configs: Sequence['outputs.GetClusterNodePoolNodeConfigContainerdConfigResult'], disk_size_gb: int, disk_type: str, effective_taints: Sequence['outputs.GetClusterNodePoolNodeConfigEffectiveTaintResult'], @@ -17202,6 +18153,7 @@ def __init__(__self__, *, :param Sequence['GetClusterNodePoolNodeConfigAdvancedMachineFeatureArgs'] advanced_machine_features: Specifies options for controlling advanced machine features. :param str boot_disk_kms_key: The Customer Managed Encryption Key used to encrypt the boot disk attached to each node in the node pool. :param Sequence['GetClusterNodePoolNodeConfigConfidentialNodeArgs'] confidential_nodes: Configuration for the confidential nodes feature, which makes nodes run on confidential VMs. Warning: This configuration can't be changed (or added/removed) after pool creation without deleting and recreating the entire pool. + :param Sequence['GetClusterNodePoolNodeConfigContainerdConfigArgs'] containerd_configs: Parameters for containerd configuration. :param int disk_size_gb: Size of the disk attached to each node, specified in GB. The smallest allowed disk size is 10GB. :param str disk_type: Type of the disk attached to each node. Such as pd-standard, pd-balanced or pd-ssd :param Sequence['GetClusterNodePoolNodeConfigEffectiveTaintArgs'] effective_taints: List of kubernetes taints applied to each node. @@ -17242,6 +18194,7 @@ def __init__(__self__, *, pulumi.set(__self__, "advanced_machine_features", advanced_machine_features) pulumi.set(__self__, "boot_disk_kms_key", boot_disk_kms_key) pulumi.set(__self__, "confidential_nodes", confidential_nodes) + pulumi.set(__self__, "containerd_configs", containerd_configs) pulumi.set(__self__, "disk_size_gb", disk_size_gb) pulumi.set(__self__, "disk_type", disk_type) pulumi.set(__self__, "effective_taints", effective_taints) @@ -17303,6 +18256,14 @@ def confidential_nodes(self) -> Sequence['outputs.GetClusterNodePoolNodeConfigCo """ return pulumi.get(self, "confidential_nodes") + @property + @pulumi.getter(name="containerdConfigs") + def containerd_configs(self) -> Sequence['outputs.GetClusterNodePoolNodeConfigContainerdConfigResult']: + """ + Parameters for containerd configuration. + """ + return pulumi.get(self, "containerd_configs") + @property @pulumi.getter(name="diskSizeGb") def disk_size_gb(self) -> int: @@ -17639,6 +18600,100 @@ def enabled(self) -> bool: return pulumi.get(self, "enabled") +@pulumi.output_type +class GetClusterNodePoolNodeConfigContainerdConfigResult(dict): + def __init__(__self__, *, + private_registry_access_configs: Sequence['outputs.GetClusterNodePoolNodeConfigContainerdConfigPrivateRegistryAccessConfigResult']): + """ + :param Sequence['GetClusterNodePoolNodeConfigContainerdConfigPrivateRegistryAccessConfigArgs'] private_registry_access_configs: Parameters for private container registries configuration. + """ + pulumi.set(__self__, "private_registry_access_configs", private_registry_access_configs) + + @property + @pulumi.getter(name="privateRegistryAccessConfigs") + def private_registry_access_configs(self) -> Sequence['outputs.GetClusterNodePoolNodeConfigContainerdConfigPrivateRegistryAccessConfigResult']: + """ + Parameters for private container registries configuration. + """ + return pulumi.get(self, "private_registry_access_configs") + + +@pulumi.output_type +class GetClusterNodePoolNodeConfigContainerdConfigPrivateRegistryAccessConfigResult(dict): + def __init__(__self__, *, + certificate_authority_domain_configs: Sequence['outputs.GetClusterNodePoolNodeConfigContainerdConfigPrivateRegistryAccessConfigCertificateAuthorityDomainConfigResult'], + enabled: bool): + """ + :param Sequence['GetClusterNodePoolNodeConfigContainerdConfigPrivateRegistryAccessConfigCertificateAuthorityDomainConfigArgs'] certificate_authority_domain_configs: Parameters for configuring CA certificate and domains. + :param bool enabled: Whether or not private registries are configured. + """ + pulumi.set(__self__, "certificate_authority_domain_configs", certificate_authority_domain_configs) + pulumi.set(__self__, "enabled", enabled) + + @property + @pulumi.getter(name="certificateAuthorityDomainConfigs") + def certificate_authority_domain_configs(self) -> Sequence['outputs.GetClusterNodePoolNodeConfigContainerdConfigPrivateRegistryAccessConfigCertificateAuthorityDomainConfigResult']: + """ + Parameters for configuring CA certificate and domains. + """ + return pulumi.get(self, "certificate_authority_domain_configs") + + @property + @pulumi.getter + def enabled(self) -> bool: + """ + Whether or not private registries are configured. + """ + return pulumi.get(self, "enabled") + + +@pulumi.output_type +class GetClusterNodePoolNodeConfigContainerdConfigPrivateRegistryAccessConfigCertificateAuthorityDomainConfigResult(dict): + def __init__(__self__, *, + fqdns: Sequence[str], + gcp_secret_manager_certificate_configs: Sequence['outputs.GetClusterNodePoolNodeConfigContainerdConfigPrivateRegistryAccessConfigCertificateAuthorityDomainConfigGcpSecretManagerCertificateConfigResult']): + """ + :param Sequence[str] fqdns: List of fully-qualified-domain-names. IPv4s and port specification are supported. + :param Sequence['GetClusterNodePoolNodeConfigContainerdConfigPrivateRegistryAccessConfigCertificateAuthorityDomainConfigGcpSecretManagerCertificateConfigArgs'] gcp_secret_manager_certificate_configs: Parameters for configuring a certificate hosted in GCP SecretManager. + """ + pulumi.set(__self__, "fqdns", fqdns) + pulumi.set(__self__, "gcp_secret_manager_certificate_configs", gcp_secret_manager_certificate_configs) + + @property + @pulumi.getter + def fqdns(self) -> Sequence[str]: + """ + List of fully-qualified-domain-names. IPv4s and port specification are supported. + """ + return pulumi.get(self, "fqdns") + + @property + @pulumi.getter(name="gcpSecretManagerCertificateConfigs") + def gcp_secret_manager_certificate_configs(self) -> Sequence['outputs.GetClusterNodePoolNodeConfigContainerdConfigPrivateRegistryAccessConfigCertificateAuthorityDomainConfigGcpSecretManagerCertificateConfigResult']: + """ + Parameters for configuring a certificate hosted in GCP SecretManager. + """ + return pulumi.get(self, "gcp_secret_manager_certificate_configs") + + +@pulumi.output_type +class GetClusterNodePoolNodeConfigContainerdConfigPrivateRegistryAccessConfigCertificateAuthorityDomainConfigGcpSecretManagerCertificateConfigResult(dict): + def __init__(__self__, *, + secret_uri: str): + """ + :param str secret_uri: URI for the secret that hosts a certificate. Must be in the format 'projects/PROJECT_NUM/secrets/SECRET_NAME/versions/VERSION_OR_LATEST'. + """ + pulumi.set(__self__, "secret_uri", secret_uri) + + @property + @pulumi.getter(name="secretUri") + def secret_uri(self) -> str: + """ + URI for the secret that hosts a certificate. Must be in the format 'projects/PROJECT_NUM/secrets/SECRET_NAME/versions/VERSION_OR_LATEST'. + """ + return pulumi.get(self, "secret_uri") + + @pulumi.output_type class GetClusterNodePoolNodeConfigEffectiveTaintResult(dict): def __init__(__self__, *, diff --git a/sdk/python/pulumi_gcp/dataplex/__init__.py b/sdk/python/pulumi_gcp/dataplex/__init__.py index 2efa7b14c3..be87f7ae2c 100644 --- a/sdk/python/pulumi_gcp/dataplex/__init__.py +++ b/sdk/python/pulumi_gcp/dataplex/__init__.py @@ -5,6 +5,10 @@ from .. import _utilities import typing # Export this package's modules as members: +from .aspect_type import * +from .aspect_type_iam_binding import * +from .aspect_type_iam_member import * +from .aspect_type_iam_policy import * from .asset import * from .asset_iam_binding import * from .asset_iam_member import * @@ -13,8 +17,14 @@ from .datascan_iam_binding import * from .datascan_iam_member import * from .datascan_iam_policy import * +from .entry_group import * +from .entry_group_iam_binding import * +from .entry_group_iam_member import * +from .entry_group_iam_policy import * +from .get_aspect_type_iam_policy import * from .get_asset_iam_policy import * from .get_datascan_iam_policy import * +from .get_entry_group_iam_policy import * from .get_lake_iam_policy import * from .get_task_iam_policy import * from .get_zone_iam_policy import * diff --git a/sdk/python/pulumi_gcp/dataplex/_inputs.py b/sdk/python/pulumi_gcp/dataplex/_inputs.py index 6119877abb..f8c00585fc 100644 --- a/sdk/python/pulumi_gcp/dataplex/_inputs.py +++ b/sdk/python/pulumi_gcp/dataplex/_inputs.py @@ -10,6 +10,8 @@ from .. import _utilities __all__ = [ + 'AspectTypeIamBindingConditionArgs', + 'AspectTypeIamMemberConditionArgs', 'AssetDiscoverySpecArgs', 'AssetDiscoverySpecCsvOptionsArgs', 'AssetDiscoverySpecJsonOptionsArgs', @@ -45,6 +47,8 @@ 'DatascanExecutionStatusArgs', 'DatascanIamBindingConditionArgs', 'DatascanIamMemberConditionArgs', + 'EntryGroupIamBindingConditionArgs', + 'EntryGroupIamMemberConditionArgs', 'LakeAssetStatusArgs', 'LakeIamBindingConditionArgs', 'LakeIamMemberConditionArgs', @@ -75,6 +79,84 @@ 'ZoneResourceSpecArgs', ] +@pulumi.input_type +class AspectTypeIamBindingConditionArgs: + def __init__(__self__, *, + expression: pulumi.Input[str], + title: pulumi.Input[str], + description: Optional[pulumi.Input[str]] = None): + pulumi.set(__self__, "expression", expression) + pulumi.set(__self__, "title", title) + if description is not None: + pulumi.set(__self__, "description", description) + + @property + @pulumi.getter + def expression(self) -> pulumi.Input[str]: + return pulumi.get(self, "expression") + + @expression.setter + def expression(self, value: pulumi.Input[str]): + pulumi.set(self, "expression", value) + + @property + @pulumi.getter + def title(self) -> pulumi.Input[str]: + return pulumi.get(self, "title") + + @title.setter + def title(self, value: pulumi.Input[str]): + pulumi.set(self, "title", value) + + @property + @pulumi.getter + def description(self) -> Optional[pulumi.Input[str]]: + return pulumi.get(self, "description") + + @description.setter + def description(self, value: Optional[pulumi.Input[str]]): + pulumi.set(self, "description", value) + + +@pulumi.input_type +class AspectTypeIamMemberConditionArgs: + def __init__(__self__, *, + expression: pulumi.Input[str], + title: pulumi.Input[str], + description: Optional[pulumi.Input[str]] = None): + pulumi.set(__self__, "expression", expression) + pulumi.set(__self__, "title", title) + if description is not None: + pulumi.set(__self__, "description", description) + + @property + @pulumi.getter + def expression(self) -> pulumi.Input[str]: + return pulumi.get(self, "expression") + + @expression.setter + def expression(self, value: pulumi.Input[str]): + pulumi.set(self, "expression", value) + + @property + @pulumi.getter + def title(self) -> pulumi.Input[str]: + return pulumi.get(self, "title") + + @title.setter + def title(self, value: pulumi.Input[str]): + pulumi.set(self, "title", value) + + @property + @pulumi.getter + def description(self) -> Optional[pulumi.Input[str]]: + return pulumi.get(self, "description") + + @description.setter + def description(self, value: Optional[pulumi.Input[str]]): + pulumi.set(self, "description", value) + + @pulumi.input_type class AssetDiscoverySpecArgs: def __init__(__self__, *, @@ -1839,6 +1921,84 @@ def description(self, value: Optional[pulumi.Input[str]]): pulumi.set(self, "description", value) +@pulumi.input_type +class EntryGroupIamBindingConditionArgs: + def __init__(__self__, *, + expression: pulumi.Input[str], + title: pulumi.Input[str], + description: Optional[pulumi.Input[str]] = None): + pulumi.set(__self__, "expression", expression) + pulumi.set(__self__, "title", title) + if description is not None: + pulumi.set(__self__, "description", description) + + @property + @pulumi.getter + def expression(self) -> pulumi.Input[str]: + return pulumi.get(self, "expression") + + @expression.setter + def expression(self, value: pulumi.Input[str]): + pulumi.set(self, "expression", value) + + @property + @pulumi.getter + def title(self) -> pulumi.Input[str]: + return pulumi.get(self, "title") + + @title.setter + def title(self, value: pulumi.Input[str]): + pulumi.set(self, "title", value) + + @property + @pulumi.getter + def description(self) -> Optional[pulumi.Input[str]]: + return pulumi.get(self, "description") + + @description.setter + def description(self, value: Optional[pulumi.Input[str]]): + pulumi.set(self, "description", value) + + +@pulumi.input_type +class EntryGroupIamMemberConditionArgs: + def __init__(__self__, *, + expression: pulumi.Input[str], + title: pulumi.Input[str], + description: Optional[pulumi.Input[str]] = None): + pulumi.set(__self__, "expression", expression) + pulumi.set(__self__, "title", title) + if description is not None: + pulumi.set(__self__, "description", description) + + @property + @pulumi.getter + def expression(self) -> pulumi.Input[str]: + return pulumi.get(self, "expression") + + @expression.setter + def expression(self, value: pulumi.Input[str]): + pulumi.set(self, "expression", value) + + @property + @pulumi.getter + def title(self) -> pulumi.Input[str]: + return pulumi.get(self, "title") + + @title.setter + def title(self, value: pulumi.Input[str]): + pulumi.set(self, "title", value) + + @property + @pulumi.getter + def description(self) -> Optional[pulumi.Input[str]]: + return pulumi.get(self, "description") + + @description.setter + def description(self, value: Optional[pulumi.Input[str]]): + pulumi.set(self, "description", value) + + @pulumi.input_type class LakeAssetStatusArgs: def __init__(__self__, *, diff --git a/sdk/python/pulumi_gcp/dataplex/aspect_type.py b/sdk/python/pulumi_gcp/dataplex/aspect_type.py new file mode 100644 index 0000000000..061a94715b --- /dev/null +++ b/sdk/python/pulumi_gcp/dataplex/aspect_type.py @@ -0,0 +1,1077 @@ +# coding=utf-8 +# *** WARNING: this file was generated by the Pulumi Terraform Bridge (tfgen) Tool. *** +# *** Do not edit by hand unless you're certain you know what you are doing! *** + +import copy +import warnings +import pulumi +import pulumi.runtime +from typing import Any, Mapping, Optional, Sequence, Union, overload +from .. import _utilities + +__all__ = ['AspectTypeArgs', 'AspectType'] + +@pulumi.input_type +class AspectTypeArgs: + def __init__(__self__, *, + aspect_type_id: Optional[pulumi.Input[str]] = None, + description: Optional[pulumi.Input[str]] = None, + display_name: Optional[pulumi.Input[str]] = None, + labels: Optional[pulumi.Input[Mapping[str, pulumi.Input[str]]]] = None, + location: Optional[pulumi.Input[str]] = None, + metadata_template: Optional[pulumi.Input[str]] = None, + project: Optional[pulumi.Input[str]] = None): + """ + The set of arguments for constructing a AspectType resource. + :param pulumi.Input[str] aspect_type_id: The aspect type id of the aspect type. + :param pulumi.Input[str] description: Description of the AspectType. + :param pulumi.Input[str] display_name: User friendly display name. + :param pulumi.Input[Mapping[str, pulumi.Input[str]]] labels: User-defined labels for the AspectType. + + **Note**: This field is non-authoritative, and will only manage the labels present in your configuration. + Please refer to the field `effective_labels` for all of the labels present on the resource. + :param pulumi.Input[str] location: The location where aspect type will be created in. + :param pulumi.Input[str] metadata_template: MetadataTemplate of the Aspect. + :param pulumi.Input[str] project: The ID of the project in which the resource belongs. + If it is not provided, the provider project is used. + """ + if aspect_type_id is not None: + pulumi.set(__self__, "aspect_type_id", aspect_type_id) + if description is not None: + pulumi.set(__self__, "description", description) + if display_name is not None: + pulumi.set(__self__, "display_name", display_name) + if labels is not None: + pulumi.set(__self__, "labels", labels) + if location is not None: + pulumi.set(__self__, "location", location) + if metadata_template is not None: + pulumi.set(__self__, "metadata_template", metadata_template) + if project is not None: + pulumi.set(__self__, "project", project) + + @property + @pulumi.getter(name="aspectTypeId") + def aspect_type_id(self) -> Optional[pulumi.Input[str]]: + """ + The aspect type id of the aspect type. + """ + return pulumi.get(self, "aspect_type_id") + + @aspect_type_id.setter + def aspect_type_id(self, value: Optional[pulumi.Input[str]]): + pulumi.set(self, "aspect_type_id", value) + + @property + @pulumi.getter + def description(self) -> Optional[pulumi.Input[str]]: + """ + Description of the AspectType. + """ + return pulumi.get(self, "description") + + @description.setter + def description(self, value: Optional[pulumi.Input[str]]): + pulumi.set(self, "description", value) + + @property + @pulumi.getter(name="displayName") + def display_name(self) -> Optional[pulumi.Input[str]]: + """ + User friendly display name. + """ + return pulumi.get(self, "display_name") + + @display_name.setter + def display_name(self, value: Optional[pulumi.Input[str]]): + pulumi.set(self, "display_name", value) + + @property + @pulumi.getter + def labels(self) -> Optional[pulumi.Input[Mapping[str, pulumi.Input[str]]]]: + """ + User-defined labels for the AspectType. + + **Note**: This field is non-authoritative, and will only manage the labels present in your configuration. + Please refer to the field `effective_labels` for all of the labels present on the resource. + """ + return pulumi.get(self, "labels") + + @labels.setter + def labels(self, value: Optional[pulumi.Input[Mapping[str, pulumi.Input[str]]]]): + pulumi.set(self, "labels", value) + + @property + @pulumi.getter + def location(self) -> Optional[pulumi.Input[str]]: + """ + The location where aspect type will be created in. + """ + return pulumi.get(self, "location") + + @location.setter + def location(self, value: Optional[pulumi.Input[str]]): + pulumi.set(self, "location", value) + + @property + @pulumi.getter(name="metadataTemplate") + def metadata_template(self) -> Optional[pulumi.Input[str]]: + """ + MetadataTemplate of the Aspect. + """ + return pulumi.get(self, "metadata_template") + + @metadata_template.setter + def metadata_template(self, value: Optional[pulumi.Input[str]]): + pulumi.set(self, "metadata_template", value) + + @property + @pulumi.getter + def project(self) -> Optional[pulumi.Input[str]]: + """ + The ID of the project in which the resource belongs. + If it is not provided, the provider project is used. + """ + return pulumi.get(self, "project") + + @project.setter + def project(self, value: Optional[pulumi.Input[str]]): + pulumi.set(self, "project", value) + + +@pulumi.input_type +class _AspectTypeState: + def __init__(__self__, *, + aspect_type_id: Optional[pulumi.Input[str]] = None, + create_time: Optional[pulumi.Input[str]] = None, + description: Optional[pulumi.Input[str]] = None, + display_name: Optional[pulumi.Input[str]] = None, + effective_labels: Optional[pulumi.Input[Mapping[str, pulumi.Input[str]]]] = None, + labels: Optional[pulumi.Input[Mapping[str, pulumi.Input[str]]]] = None, + location: Optional[pulumi.Input[str]] = None, + metadata_template: Optional[pulumi.Input[str]] = None, + name: Optional[pulumi.Input[str]] = None, + project: Optional[pulumi.Input[str]] = None, + pulumi_labels: Optional[pulumi.Input[Mapping[str, pulumi.Input[str]]]] = None, + transfer_status: Optional[pulumi.Input[str]] = None, + uid: Optional[pulumi.Input[str]] = None, + update_time: Optional[pulumi.Input[str]] = None): + """ + Input properties used for looking up and filtering AspectType resources. + :param pulumi.Input[str] aspect_type_id: The aspect type id of the aspect type. + :param pulumi.Input[str] create_time: The time when the AspectType was created. + :param pulumi.Input[str] description: Description of the AspectType. + :param pulumi.Input[str] display_name: User friendly display name. + :param pulumi.Input[Mapping[str, pulumi.Input[str]]] effective_labels: All of labels (key/value pairs) present on the resource in GCP, including the labels configured through Pulumi, other clients and services. + :param pulumi.Input[Mapping[str, pulumi.Input[str]]] labels: User-defined labels for the AspectType. + + **Note**: This field is non-authoritative, and will only manage the labels present in your configuration. + Please refer to the field `effective_labels` for all of the labels present on the resource. + :param pulumi.Input[str] location: The location where aspect type will be created in. + :param pulumi.Input[str] metadata_template: MetadataTemplate of the Aspect. + :param pulumi.Input[str] name: The relative resource name of the AspectType, of the form: projects/{project_number}/locations/{location_id}/aspectTypes/{aspect_type_id} + :param pulumi.Input[str] project: The ID of the project in which the resource belongs. + If it is not provided, the provider project is used. + :param pulumi.Input[Mapping[str, pulumi.Input[str]]] pulumi_labels: The combination of labels configured directly on the resource + and default labels configured on the provider. + :param pulumi.Input[str] transfer_status: Denotes the transfer status of the Aspect Type. It is unspecified + for Aspect Type created from Dataplex API. + :param pulumi.Input[str] uid: System generated globally unique ID for the AspectType. This ID will be different if the AspectType is deleted and re-created with the same name. + :param pulumi.Input[str] update_time: The time when the AspectType was last updated. + """ + if aspect_type_id is not None: + pulumi.set(__self__, "aspect_type_id", aspect_type_id) + if create_time is not None: + pulumi.set(__self__, "create_time", create_time) + if description is not None: + pulumi.set(__self__, "description", description) + if display_name is not None: + pulumi.set(__self__, "display_name", display_name) + if effective_labels is not None: + pulumi.set(__self__, "effective_labels", effective_labels) + if labels is not None: + pulumi.set(__self__, "labels", labels) + if location is not None: + pulumi.set(__self__, "location", location) + if metadata_template is not None: + pulumi.set(__self__, "metadata_template", metadata_template) + if name is not None: + pulumi.set(__self__, "name", name) + if project is not None: + pulumi.set(__self__, "project", project) + if pulumi_labels is not None: + pulumi.set(__self__, "pulumi_labels", pulumi_labels) + if transfer_status is not None: + pulumi.set(__self__, "transfer_status", transfer_status) + if uid is not None: + pulumi.set(__self__, "uid", uid) + if update_time is not None: + pulumi.set(__self__, "update_time", update_time) + + @property + @pulumi.getter(name="aspectTypeId") + def aspect_type_id(self) -> Optional[pulumi.Input[str]]: + """ + The aspect type id of the aspect type. + """ + return pulumi.get(self, "aspect_type_id") + + @aspect_type_id.setter + def aspect_type_id(self, value: Optional[pulumi.Input[str]]): + pulumi.set(self, "aspect_type_id", value) + + @property + @pulumi.getter(name="createTime") + def create_time(self) -> Optional[pulumi.Input[str]]: + """ + The time when the AspectType was created. + """ + return pulumi.get(self, "create_time") + + @create_time.setter + def create_time(self, value: Optional[pulumi.Input[str]]): + pulumi.set(self, "create_time", value) + + @property + @pulumi.getter + def description(self) -> Optional[pulumi.Input[str]]: + """ + Description of the AspectType. + """ + return pulumi.get(self, "description") + + @description.setter + def description(self, value: Optional[pulumi.Input[str]]): + pulumi.set(self, "description", value) + + @property + @pulumi.getter(name="displayName") + def display_name(self) -> Optional[pulumi.Input[str]]: + """ + User friendly display name. + """ + return pulumi.get(self, "display_name") + + @display_name.setter + def display_name(self, value: Optional[pulumi.Input[str]]): + pulumi.set(self, "display_name", value) + + @property + @pulumi.getter(name="effectiveLabels") + def effective_labels(self) -> Optional[pulumi.Input[Mapping[str, pulumi.Input[str]]]]: + """ + All of labels (key/value pairs) present on the resource in GCP, including the labels configured through Pulumi, other clients and services. + """ + return pulumi.get(self, "effective_labels") + + @effective_labels.setter + def effective_labels(self, value: Optional[pulumi.Input[Mapping[str, pulumi.Input[str]]]]): + pulumi.set(self, "effective_labels", value) + + @property + @pulumi.getter + def labels(self) -> Optional[pulumi.Input[Mapping[str, pulumi.Input[str]]]]: + """ + User-defined labels for the AspectType. + + **Note**: This field is non-authoritative, and will only manage the labels present in your configuration. + Please refer to the field `effective_labels` for all of the labels present on the resource. + """ + return pulumi.get(self, "labels") + + @labels.setter + def labels(self, value: Optional[pulumi.Input[Mapping[str, pulumi.Input[str]]]]): + pulumi.set(self, "labels", value) + + @property + @pulumi.getter + def location(self) -> Optional[pulumi.Input[str]]: + """ + The location where aspect type will be created in. + """ + return pulumi.get(self, "location") + + @location.setter + def location(self, value: Optional[pulumi.Input[str]]): + pulumi.set(self, "location", value) + + @property + @pulumi.getter(name="metadataTemplate") + def metadata_template(self) -> Optional[pulumi.Input[str]]: + """ + MetadataTemplate of the Aspect. + """ + return pulumi.get(self, "metadata_template") + + @metadata_template.setter + def metadata_template(self, value: Optional[pulumi.Input[str]]): + pulumi.set(self, "metadata_template", value) + + @property + @pulumi.getter + def name(self) -> Optional[pulumi.Input[str]]: + """ + The relative resource name of the AspectType, of the form: projects/{project_number}/locations/{location_id}/aspectTypes/{aspect_type_id} + """ + return pulumi.get(self, "name") + + @name.setter + def name(self, value: Optional[pulumi.Input[str]]): + pulumi.set(self, "name", value) + + @property + @pulumi.getter + def project(self) -> Optional[pulumi.Input[str]]: + """ + The ID of the project in which the resource belongs. + If it is not provided, the provider project is used. + """ + return pulumi.get(self, "project") + + @project.setter + def project(self, value: Optional[pulumi.Input[str]]): + pulumi.set(self, "project", value) + + @property + @pulumi.getter(name="pulumiLabels") + def pulumi_labels(self) -> Optional[pulumi.Input[Mapping[str, pulumi.Input[str]]]]: + """ + The combination of labels configured directly on the resource + and default labels configured on the provider. + """ + return pulumi.get(self, "pulumi_labels") + + @pulumi_labels.setter + def pulumi_labels(self, value: Optional[pulumi.Input[Mapping[str, pulumi.Input[str]]]]): + pulumi.set(self, "pulumi_labels", value) + + @property + @pulumi.getter(name="transferStatus") + def transfer_status(self) -> Optional[pulumi.Input[str]]: + """ + Denotes the transfer status of the Aspect Type. It is unspecified + for Aspect Type created from Dataplex API. + """ + return pulumi.get(self, "transfer_status") + + @transfer_status.setter + def transfer_status(self, value: Optional[pulumi.Input[str]]): + pulumi.set(self, "transfer_status", value) + + @property + @pulumi.getter + def uid(self) -> Optional[pulumi.Input[str]]: + """ + System generated globally unique ID for the AspectType. This ID will be different if the AspectType is deleted and re-created with the same name. + """ + return pulumi.get(self, "uid") + + @uid.setter + def uid(self, value: Optional[pulumi.Input[str]]): + pulumi.set(self, "uid", value) + + @property + @pulumi.getter(name="updateTime") + def update_time(self) -> Optional[pulumi.Input[str]]: + """ + The time when the AspectType was last updated. + """ + return pulumi.get(self, "update_time") + + @update_time.setter + def update_time(self, value: Optional[pulumi.Input[str]]): + pulumi.set(self, "update_time", value) + + +class AspectType(pulumi.CustomResource): + @overload + def __init__(__self__, + resource_name: str, + opts: Optional[pulumi.ResourceOptions] = None, + aspect_type_id: Optional[pulumi.Input[str]] = None, + description: Optional[pulumi.Input[str]] = None, + display_name: Optional[pulumi.Input[str]] = None, + labels: Optional[pulumi.Input[Mapping[str, pulumi.Input[str]]]] = None, + location: Optional[pulumi.Input[str]] = None, + metadata_template: Optional[pulumi.Input[str]] = None, + project: Optional[pulumi.Input[str]] = None, + __props__=None): + """ + An Aspect Type is a template for creating Aspects. + + ## Example Usage + + ### Dataplex Aspect Type Basic + + ```python + import pulumi + import pulumi_gcp as gcp + + test_aspect_type_basic = gcp.dataplex.AspectType("test_aspect_type_basic", + aspect_type_id="aspect-type-basic", + project="my-project-name", + location="us-central1", + metadata_template=\"\"\"{ + "name": "tf-test-template", + "type": "record", + "recordFields": [ + { + "name": "type", + "type": "enum", + "annotations": { + "displayName": "Type", + "description": "Specifies the type of view represented by the entry." + }, + "index": 1, + "constraints": { + "required": true + }, + "enumValues": [ + { + "name": "VIEW", + "index": 1 + } + ] + } + ] + } + \"\"\") + ``` + ### Dataplex Aspect Type Full + + ```python + import pulumi + import pulumi_gcp as gcp + + test_aspect_type_full = gcp.dataplex.AspectType("test_aspect_type_full", + aspect_type_id="aspect-type-full", + project="my-project-name", + location="us-central1", + labels={ + "tag": "test-tf", + }, + display_name="terraform aspect type", + description="aspect type created by Terraform", + metadata_template=\"\"\"{ + "type": "record", + "name": "Schema", + "recordFields": [ + { + "name": "fields", + "type": "array", + "index": 1, + "arrayItems": { + "name": "field", + "type": "record", + "typeId": "field", + "recordFields": [ + { + "name": "name", + "type": "string", + "index": 1, + "constraints": { + "required": true + } + }, + { + "name": "description", + "type": "string", + "index": 2 + }, + { + "name": "dataType", + "type": "string", + "index": 3, + "constraints": { + "required": true + } + }, + { + "name": "metadataType", + "type": "enum", + "index": 4, + "constraints": { + "required": true + }, + "enumValues": [ + { + "name": "BOOLEAN", + "index": 1 + }, + { + "name": "NUMBER", + "index": 2 + }, + { + "name": "STRING", + "index": 3 + }, + { + "name": "BYTES", + "index": 4 + }, + { + "name": "DATETIME", + "index": 5 + }, + { + "name": "TIMESTAMP", + "index": 6 + }, + { + "name": "GEOSPATIAL", + "index": 7 + }, + { + "name": "STRUCT", + "index": 8 + }, + { + "name": "OTHER", + "index": 100 + } + ] + }, + { + "name": "mode", + "type": "enum", + "index": 5, + "enumValues": [ + { + "name": "NULLABLE", + "index": 1 + }, + { + "name": "REPEATED", + "index": 2 + }, + { + "name": "REQUIRED", + "index": 3 + } + ] + }, + { + "name": "defaultValue", + "type": "string", + "index": 6 + }, + { + "name": "annotations", + "type": "map", + "index": 7, + "mapItems": { + "name": "label", + "type": "string" + } + }, + { + "name": "fields", + "type": "array", + "index": 20, + "arrayItems": { + "name": "field", + "type": "record", + "typeRef": "field" + } + } + ] + } + } + ] + } + \"\"\") + ``` + + ## Import + + AspectType can be imported using any of these accepted formats: + + * `projects/{{project}}/locations/{{location}}/aspectTypes/{{aspect_type_id}}` + + * `{{project}}/{{location}}/{{aspect_type_id}}` + + * `{{location}}/{{aspect_type_id}}` + + When using the `pulumi import` command, AspectType can be imported using one of the formats above. For example: + + ```sh + $ pulumi import gcp:dataplex/aspectType:AspectType default projects/{{project}}/locations/{{location}}/aspectTypes/{{aspect_type_id}} + ``` + + ```sh + $ pulumi import gcp:dataplex/aspectType:AspectType default {{project}}/{{location}}/{{aspect_type_id}} + ``` + + ```sh + $ pulumi import gcp:dataplex/aspectType:AspectType default {{location}}/{{aspect_type_id}} + ``` + + :param str resource_name: The name of the resource. + :param pulumi.ResourceOptions opts: Options for the resource. + :param pulumi.Input[str] aspect_type_id: The aspect type id of the aspect type. + :param pulumi.Input[str] description: Description of the AspectType. + :param pulumi.Input[str] display_name: User friendly display name. + :param pulumi.Input[Mapping[str, pulumi.Input[str]]] labels: User-defined labels for the AspectType. + + **Note**: This field is non-authoritative, and will only manage the labels present in your configuration. + Please refer to the field `effective_labels` for all of the labels present on the resource. + :param pulumi.Input[str] location: The location where aspect type will be created in. + :param pulumi.Input[str] metadata_template: MetadataTemplate of the Aspect. + :param pulumi.Input[str] project: The ID of the project in which the resource belongs. + If it is not provided, the provider project is used. + """ + ... + @overload + def __init__(__self__, + resource_name: str, + args: Optional[AspectTypeArgs] = None, + opts: Optional[pulumi.ResourceOptions] = None): + """ + An Aspect Type is a template for creating Aspects. + + ## Example Usage + + ### Dataplex Aspect Type Basic + + ```python + import pulumi + import pulumi_gcp as gcp + + test_aspect_type_basic = gcp.dataplex.AspectType("test_aspect_type_basic", + aspect_type_id="aspect-type-basic", + project="my-project-name", + location="us-central1", + metadata_template=\"\"\"{ + "name": "tf-test-template", + "type": "record", + "recordFields": [ + { + "name": "type", + "type": "enum", + "annotations": { + "displayName": "Type", + "description": "Specifies the type of view represented by the entry." + }, + "index": 1, + "constraints": { + "required": true + }, + "enumValues": [ + { + "name": "VIEW", + "index": 1 + } + ] + } + ] + } + \"\"\") + ``` + ### Dataplex Aspect Type Full + + ```python + import pulumi + import pulumi_gcp as gcp + + test_aspect_type_full = gcp.dataplex.AspectType("test_aspect_type_full", + aspect_type_id="aspect-type-full", + project="my-project-name", + location="us-central1", + labels={ + "tag": "test-tf", + }, + display_name="terraform aspect type", + description="aspect type created by Terraform", + metadata_template=\"\"\"{ + "type": "record", + "name": "Schema", + "recordFields": [ + { + "name": "fields", + "type": "array", + "index": 1, + "arrayItems": { + "name": "field", + "type": "record", + "typeId": "field", + "recordFields": [ + { + "name": "name", + "type": "string", + "index": 1, + "constraints": { + "required": true + } + }, + { + "name": "description", + "type": "string", + "index": 2 + }, + { + "name": "dataType", + "type": "string", + "index": 3, + "constraints": { + "required": true + } + }, + { + "name": "metadataType", + "type": "enum", + "index": 4, + "constraints": { + "required": true + }, + "enumValues": [ + { + "name": "BOOLEAN", + "index": 1 + }, + { + "name": "NUMBER", + "index": 2 + }, + { + "name": "STRING", + "index": 3 + }, + { + "name": "BYTES", + "index": 4 + }, + { + "name": "DATETIME", + "index": 5 + }, + { + "name": "TIMESTAMP", + "index": 6 + }, + { + "name": "GEOSPATIAL", + "index": 7 + }, + { + "name": "STRUCT", + "index": 8 + }, + { + "name": "OTHER", + "index": 100 + } + ] + }, + { + "name": "mode", + "type": "enum", + "index": 5, + "enumValues": [ + { + "name": "NULLABLE", + "index": 1 + }, + { + "name": "REPEATED", + "index": 2 + }, + { + "name": "REQUIRED", + "index": 3 + } + ] + }, + { + "name": "defaultValue", + "type": "string", + "index": 6 + }, + { + "name": "annotations", + "type": "map", + "index": 7, + "mapItems": { + "name": "label", + "type": "string" + } + }, + { + "name": "fields", + "type": "array", + "index": 20, + "arrayItems": { + "name": "field", + "type": "record", + "typeRef": "field" + } + } + ] + } + } + ] + } + \"\"\") + ``` + + ## Import + + AspectType can be imported using any of these accepted formats: + + * `projects/{{project}}/locations/{{location}}/aspectTypes/{{aspect_type_id}}` + + * `{{project}}/{{location}}/{{aspect_type_id}}` + + * `{{location}}/{{aspect_type_id}}` + + When using the `pulumi import` command, AspectType can be imported using one of the formats above. For example: + + ```sh + $ pulumi import gcp:dataplex/aspectType:AspectType default projects/{{project}}/locations/{{location}}/aspectTypes/{{aspect_type_id}} + ``` + + ```sh + $ pulumi import gcp:dataplex/aspectType:AspectType default {{project}}/{{location}}/{{aspect_type_id}} + ``` + + ```sh + $ pulumi import gcp:dataplex/aspectType:AspectType default {{location}}/{{aspect_type_id}} + ``` + + :param str resource_name: The name of the resource. + :param AspectTypeArgs args: The arguments to use to populate this resource's properties. + :param pulumi.ResourceOptions opts: Options for the resource. + """ + ... + def __init__(__self__, resource_name: str, *args, **kwargs): + resource_args, opts = _utilities.get_resource_args_opts(AspectTypeArgs, pulumi.ResourceOptions, *args, **kwargs) + if resource_args is not None: + __self__._internal_init(resource_name, opts, **resource_args.__dict__) + else: + __self__._internal_init(resource_name, *args, **kwargs) + + def _internal_init(__self__, + resource_name: str, + opts: Optional[pulumi.ResourceOptions] = None, + aspect_type_id: Optional[pulumi.Input[str]] = None, + description: Optional[pulumi.Input[str]] = None, + display_name: Optional[pulumi.Input[str]] = None, + labels: Optional[pulumi.Input[Mapping[str, pulumi.Input[str]]]] = None, + location: Optional[pulumi.Input[str]] = None, + metadata_template: Optional[pulumi.Input[str]] = None, + project: Optional[pulumi.Input[str]] = None, + __props__=None): + opts = pulumi.ResourceOptions.merge(_utilities.get_resource_opts_defaults(), opts) + if not isinstance(opts, pulumi.ResourceOptions): + raise TypeError('Expected resource options to be a ResourceOptions instance') + if opts.id is None: + if __props__ is not None: + raise TypeError('__props__ is only valid when passed in combination with a valid opts.id to get an existing resource') + __props__ = AspectTypeArgs.__new__(AspectTypeArgs) + + __props__.__dict__["aspect_type_id"] = aspect_type_id + __props__.__dict__["description"] = description + __props__.__dict__["display_name"] = display_name + __props__.__dict__["labels"] = labels + __props__.__dict__["location"] = location + __props__.__dict__["metadata_template"] = metadata_template + __props__.__dict__["project"] = project + __props__.__dict__["create_time"] = None + __props__.__dict__["effective_labels"] = None + __props__.__dict__["name"] = None + __props__.__dict__["pulumi_labels"] = None + __props__.__dict__["transfer_status"] = None + __props__.__dict__["uid"] = None + __props__.__dict__["update_time"] = None + secret_opts = pulumi.ResourceOptions(additional_secret_outputs=["effectiveLabels", "pulumiLabels"]) + opts = pulumi.ResourceOptions.merge(opts, secret_opts) + super(AspectType, __self__).__init__( + 'gcp:dataplex/aspectType:AspectType', + resource_name, + __props__, + opts) + + @staticmethod + def get(resource_name: str, + id: pulumi.Input[str], + opts: Optional[pulumi.ResourceOptions] = None, + aspect_type_id: Optional[pulumi.Input[str]] = None, + create_time: Optional[pulumi.Input[str]] = None, + description: Optional[pulumi.Input[str]] = None, + display_name: Optional[pulumi.Input[str]] = None, + effective_labels: Optional[pulumi.Input[Mapping[str, pulumi.Input[str]]]] = None, + labels: Optional[pulumi.Input[Mapping[str, pulumi.Input[str]]]] = None, + location: Optional[pulumi.Input[str]] = None, + metadata_template: Optional[pulumi.Input[str]] = None, + name: Optional[pulumi.Input[str]] = None, + project: Optional[pulumi.Input[str]] = None, + pulumi_labels: Optional[pulumi.Input[Mapping[str, pulumi.Input[str]]]] = None, + transfer_status: Optional[pulumi.Input[str]] = None, + uid: Optional[pulumi.Input[str]] = None, + update_time: Optional[pulumi.Input[str]] = None) -> 'AspectType': + """ + Get an existing AspectType resource's state with the given name, id, and optional extra + properties used to qualify the lookup. + + :param str resource_name: The unique name of the resulting resource. + :param pulumi.Input[str] id: The unique provider ID of the resource to lookup. + :param pulumi.ResourceOptions opts: Options for the resource. + :param pulumi.Input[str] aspect_type_id: The aspect type id of the aspect type. + :param pulumi.Input[str] create_time: The time when the AspectType was created. + :param pulumi.Input[str] description: Description of the AspectType. + :param pulumi.Input[str] display_name: User friendly display name. + :param pulumi.Input[Mapping[str, pulumi.Input[str]]] effective_labels: All of labels (key/value pairs) present on the resource in GCP, including the labels configured through Pulumi, other clients and services. + :param pulumi.Input[Mapping[str, pulumi.Input[str]]] labels: User-defined labels for the AspectType. + + **Note**: This field is non-authoritative, and will only manage the labels present in your configuration. + Please refer to the field `effective_labels` for all of the labels present on the resource. + :param pulumi.Input[str] location: The location where aspect type will be created in. + :param pulumi.Input[str] metadata_template: MetadataTemplate of the Aspect. + :param pulumi.Input[str] name: The relative resource name of the AspectType, of the form: projects/{project_number}/locations/{location_id}/aspectTypes/{aspect_type_id} + :param pulumi.Input[str] project: The ID of the project in which the resource belongs. + If it is not provided, the provider project is used. + :param pulumi.Input[Mapping[str, pulumi.Input[str]]] pulumi_labels: The combination of labels configured directly on the resource + and default labels configured on the provider. + :param pulumi.Input[str] transfer_status: Denotes the transfer status of the Aspect Type. It is unspecified + for Aspect Type created from Dataplex API. + :param pulumi.Input[str] uid: System generated globally unique ID for the AspectType. This ID will be different if the AspectType is deleted and re-created with the same name. + :param pulumi.Input[str] update_time: The time when the AspectType was last updated. + """ + opts = pulumi.ResourceOptions.merge(opts, pulumi.ResourceOptions(id=id)) + + __props__ = _AspectTypeState.__new__(_AspectTypeState) + + __props__.__dict__["aspect_type_id"] = aspect_type_id + __props__.__dict__["create_time"] = create_time + __props__.__dict__["description"] = description + __props__.__dict__["display_name"] = display_name + __props__.__dict__["effective_labels"] = effective_labels + __props__.__dict__["labels"] = labels + __props__.__dict__["location"] = location + __props__.__dict__["metadata_template"] = metadata_template + __props__.__dict__["name"] = name + __props__.__dict__["project"] = project + __props__.__dict__["pulumi_labels"] = pulumi_labels + __props__.__dict__["transfer_status"] = transfer_status + __props__.__dict__["uid"] = uid + __props__.__dict__["update_time"] = update_time + return AspectType(resource_name, opts=opts, __props__=__props__) + + @property + @pulumi.getter(name="aspectTypeId") + def aspect_type_id(self) -> pulumi.Output[Optional[str]]: + """ + The aspect type id of the aspect type. + """ + return pulumi.get(self, "aspect_type_id") + + @property + @pulumi.getter(name="createTime") + def create_time(self) -> pulumi.Output[str]: + """ + The time when the AspectType was created. + """ + return pulumi.get(self, "create_time") + + @property + @pulumi.getter + def description(self) -> pulumi.Output[Optional[str]]: + """ + Description of the AspectType. + """ + return pulumi.get(self, "description") + + @property + @pulumi.getter(name="displayName") + def display_name(self) -> pulumi.Output[Optional[str]]: + """ + User friendly display name. + """ + return pulumi.get(self, "display_name") + + @property + @pulumi.getter(name="effectiveLabels") + def effective_labels(self) -> pulumi.Output[Mapping[str, str]]: + """ + All of labels (key/value pairs) present on the resource in GCP, including the labels configured through Pulumi, other clients and services. + """ + return pulumi.get(self, "effective_labels") + + @property + @pulumi.getter + def labels(self) -> pulumi.Output[Optional[Mapping[str, str]]]: + """ + User-defined labels for the AspectType. + + **Note**: This field is non-authoritative, and will only manage the labels present in your configuration. + Please refer to the field `effective_labels` for all of the labels present on the resource. + """ + return pulumi.get(self, "labels") + + @property + @pulumi.getter + def location(self) -> pulumi.Output[Optional[str]]: + """ + The location where aspect type will be created in. + """ + return pulumi.get(self, "location") + + @property + @pulumi.getter(name="metadataTemplate") + def metadata_template(self) -> pulumi.Output[Optional[str]]: + """ + MetadataTemplate of the Aspect. + """ + return pulumi.get(self, "metadata_template") + + @property + @pulumi.getter + def name(self) -> pulumi.Output[str]: + """ + The relative resource name of the AspectType, of the form: projects/{project_number}/locations/{location_id}/aspectTypes/{aspect_type_id} + """ + return pulumi.get(self, "name") + + @property + @pulumi.getter + def project(self) -> pulumi.Output[str]: + """ + The ID of the project in which the resource belongs. + If it is not provided, the provider project is used. + """ + return pulumi.get(self, "project") + + @property + @pulumi.getter(name="pulumiLabels") + def pulumi_labels(self) -> pulumi.Output[Mapping[str, str]]: + """ + The combination of labels configured directly on the resource + and default labels configured on the provider. + """ + return pulumi.get(self, "pulumi_labels") + + @property + @pulumi.getter(name="transferStatus") + def transfer_status(self) -> pulumi.Output[str]: + """ + Denotes the transfer status of the Aspect Type. It is unspecified + for Aspect Type created from Dataplex API. + """ + return pulumi.get(self, "transfer_status") + + @property + @pulumi.getter + def uid(self) -> pulumi.Output[str]: + """ + System generated globally unique ID for the AspectType. This ID will be different if the AspectType is deleted and re-created with the same name. + """ + return pulumi.get(self, "uid") + + @property + @pulumi.getter(name="updateTime") + def update_time(self) -> pulumi.Output[str]: + """ + The time when the AspectType was last updated. + """ + return pulumi.get(self, "update_time") + diff --git a/sdk/python/pulumi_gcp/dataplex/aspect_type_iam_binding.py b/sdk/python/pulumi_gcp/dataplex/aspect_type_iam_binding.py new file mode 100644 index 0000000000..f7c41a10c5 --- /dev/null +++ b/sdk/python/pulumi_gcp/dataplex/aspect_type_iam_binding.py @@ -0,0 +1,765 @@ +# coding=utf-8 +# *** WARNING: this file was generated by the Pulumi Terraform Bridge (tfgen) Tool. *** +# *** Do not edit by hand unless you're certain you know what you are doing! *** + +import copy +import warnings +import pulumi +import pulumi.runtime +from typing import Any, Mapping, Optional, Sequence, Union, overload +from .. import _utilities +from . import outputs +from ._inputs import * + +__all__ = ['AspectTypeIamBindingArgs', 'AspectTypeIamBinding'] + +@pulumi.input_type +class AspectTypeIamBindingArgs: + def __init__(__self__, *, + aspect_type_id: pulumi.Input[str], + members: pulumi.Input[Sequence[pulumi.Input[str]]], + role: pulumi.Input[str], + condition: Optional[pulumi.Input['AspectTypeIamBindingConditionArgs']] = None, + location: Optional[pulumi.Input[str]] = None, + project: Optional[pulumi.Input[str]] = None): + """ + The set of arguments for constructing a AspectTypeIamBinding resource. + :param pulumi.Input[Sequence[pulumi.Input[str]]] members: Identities that will be granted the privilege in `role`. + Each entry can have one of the following values: + * **allUsers**: A special identifier that represents anyone who is on the internet; with or without a Google account. + * **allAuthenticatedUsers**: A special identifier that represents anyone who is authenticated with a Google account or a service account. + * **user:{emailid}**: An email address that represents a specific Google account. For example, alice@gmail.com or joe@example.com. + * **serviceAccount:{emailid}**: An email address that represents a service account. For example, my-other-app@appspot.gserviceaccount.com. + * **group:{emailid}**: An email address that represents a Google group. For example, admins@example.com. + * **domain:{domain}**: A G Suite domain (primary, instead of alias) name that represents all the users of that domain. For example, google.com or example.com. + * **projectOwner:projectid**: Owners of the given project. For example, "projectOwner:my-example-project" + * **projectEditor:projectid**: Editors of the given project. For example, "projectEditor:my-example-project" + * **projectViewer:projectid**: Viewers of the given project. For example, "projectViewer:my-example-project" + :param pulumi.Input[str] role: The role that should be applied. Only one + `dataplex.AspectTypeIamBinding` can be used per role. Note that custom roles must be of the format + `[projects|organizations]/{parent-name}/roles/{role-name}`. + :param pulumi.Input[str] location: The location where aspect type will be created in. + Used to find the parent resource to bind the IAM policy to + :param pulumi.Input[str] project: The ID of the project in which the resource belongs. + If it is not provided, the project will be parsed from the identifier of the parent resource. If no project is provided in the parent identifier and no project is specified, the provider project is used. + """ + pulumi.set(__self__, "aspect_type_id", aspect_type_id) + pulumi.set(__self__, "members", members) + pulumi.set(__self__, "role", role) + if condition is not None: + pulumi.set(__self__, "condition", condition) + if location is not None: + pulumi.set(__self__, "location", location) + if project is not None: + pulumi.set(__self__, "project", project) + + @property + @pulumi.getter(name="aspectTypeId") + def aspect_type_id(self) -> pulumi.Input[str]: + return pulumi.get(self, "aspect_type_id") + + @aspect_type_id.setter + def aspect_type_id(self, value: pulumi.Input[str]): + pulumi.set(self, "aspect_type_id", value) + + @property + @pulumi.getter + def members(self) -> pulumi.Input[Sequence[pulumi.Input[str]]]: + """ + Identities that will be granted the privilege in `role`. + Each entry can have one of the following values: + * **allUsers**: A special identifier that represents anyone who is on the internet; with or without a Google account. + * **allAuthenticatedUsers**: A special identifier that represents anyone who is authenticated with a Google account or a service account. + * **user:{emailid}**: An email address that represents a specific Google account. For example, alice@gmail.com or joe@example.com. + * **serviceAccount:{emailid}**: An email address that represents a service account. For example, my-other-app@appspot.gserviceaccount.com. + * **group:{emailid}**: An email address that represents a Google group. For example, admins@example.com. + * **domain:{domain}**: A G Suite domain (primary, instead of alias) name that represents all the users of that domain. For example, google.com or example.com. + * **projectOwner:projectid**: Owners of the given project. For example, "projectOwner:my-example-project" + * **projectEditor:projectid**: Editors of the given project. For example, "projectEditor:my-example-project" + * **projectViewer:projectid**: Viewers of the given project. For example, "projectViewer:my-example-project" + """ + return pulumi.get(self, "members") + + @members.setter + def members(self, value: pulumi.Input[Sequence[pulumi.Input[str]]]): + pulumi.set(self, "members", value) + + @property + @pulumi.getter + def role(self) -> pulumi.Input[str]: + """ + The role that should be applied. Only one + `dataplex.AspectTypeIamBinding` can be used per role. Note that custom roles must be of the format + `[projects|organizations]/{parent-name}/roles/{role-name}`. + """ + return pulumi.get(self, "role") + + @role.setter + def role(self, value: pulumi.Input[str]): + pulumi.set(self, "role", value) + + @property + @pulumi.getter + def condition(self) -> Optional[pulumi.Input['AspectTypeIamBindingConditionArgs']]: + return pulumi.get(self, "condition") + + @condition.setter + def condition(self, value: Optional[pulumi.Input['AspectTypeIamBindingConditionArgs']]): + pulumi.set(self, "condition", value) + + @property + @pulumi.getter + def location(self) -> Optional[pulumi.Input[str]]: + """ + The location where aspect type will be created in. + Used to find the parent resource to bind the IAM policy to + """ + return pulumi.get(self, "location") + + @location.setter + def location(self, value: Optional[pulumi.Input[str]]): + pulumi.set(self, "location", value) + + @property + @pulumi.getter + def project(self) -> Optional[pulumi.Input[str]]: + """ + The ID of the project in which the resource belongs. + If it is not provided, the project will be parsed from the identifier of the parent resource. If no project is provided in the parent identifier and no project is specified, the provider project is used. + """ + return pulumi.get(self, "project") + + @project.setter + def project(self, value: Optional[pulumi.Input[str]]): + pulumi.set(self, "project", value) + + +@pulumi.input_type +class _AspectTypeIamBindingState: + def __init__(__self__, *, + aspect_type_id: Optional[pulumi.Input[str]] = None, + condition: Optional[pulumi.Input['AspectTypeIamBindingConditionArgs']] = None, + etag: Optional[pulumi.Input[str]] = None, + location: Optional[pulumi.Input[str]] = None, + members: Optional[pulumi.Input[Sequence[pulumi.Input[str]]]] = None, + project: Optional[pulumi.Input[str]] = None, + role: Optional[pulumi.Input[str]] = None): + """ + Input properties used for looking up and filtering AspectTypeIamBinding resources. + :param pulumi.Input[str] etag: (Computed) The etag of the IAM policy. + :param pulumi.Input[str] location: The location where aspect type will be created in. + Used to find the parent resource to bind the IAM policy to + :param pulumi.Input[Sequence[pulumi.Input[str]]] members: Identities that will be granted the privilege in `role`. + Each entry can have one of the following values: + * **allUsers**: A special identifier that represents anyone who is on the internet; with or without a Google account. + * **allAuthenticatedUsers**: A special identifier that represents anyone who is authenticated with a Google account or a service account. + * **user:{emailid}**: An email address that represents a specific Google account. For example, alice@gmail.com or joe@example.com. + * **serviceAccount:{emailid}**: An email address that represents a service account. For example, my-other-app@appspot.gserviceaccount.com. + * **group:{emailid}**: An email address that represents a Google group. For example, admins@example.com. + * **domain:{domain}**: A G Suite domain (primary, instead of alias) name that represents all the users of that domain. For example, google.com or example.com. + * **projectOwner:projectid**: Owners of the given project. For example, "projectOwner:my-example-project" + * **projectEditor:projectid**: Editors of the given project. For example, "projectEditor:my-example-project" + * **projectViewer:projectid**: Viewers of the given project. For example, "projectViewer:my-example-project" + :param pulumi.Input[str] project: The ID of the project in which the resource belongs. + If it is not provided, the project will be parsed from the identifier of the parent resource. If no project is provided in the parent identifier and no project is specified, the provider project is used. + :param pulumi.Input[str] role: The role that should be applied. Only one + `dataplex.AspectTypeIamBinding` can be used per role. Note that custom roles must be of the format + `[projects|organizations]/{parent-name}/roles/{role-name}`. + """ + if aspect_type_id is not None: + pulumi.set(__self__, "aspect_type_id", aspect_type_id) + if condition is not None: + pulumi.set(__self__, "condition", condition) + if etag is not None: + pulumi.set(__self__, "etag", etag) + if location is not None: + pulumi.set(__self__, "location", location) + if members is not None: + pulumi.set(__self__, "members", members) + if project is not None: + pulumi.set(__self__, "project", project) + if role is not None: + pulumi.set(__self__, "role", role) + + @property + @pulumi.getter(name="aspectTypeId") + def aspect_type_id(self) -> Optional[pulumi.Input[str]]: + return pulumi.get(self, "aspect_type_id") + + @aspect_type_id.setter + def aspect_type_id(self, value: Optional[pulumi.Input[str]]): + pulumi.set(self, "aspect_type_id", value) + + @property + @pulumi.getter + def condition(self) -> Optional[pulumi.Input['AspectTypeIamBindingConditionArgs']]: + return pulumi.get(self, "condition") + + @condition.setter + def condition(self, value: Optional[pulumi.Input['AspectTypeIamBindingConditionArgs']]): + pulumi.set(self, "condition", value) + + @property + @pulumi.getter + def etag(self) -> Optional[pulumi.Input[str]]: + """ + (Computed) The etag of the IAM policy. + """ + return pulumi.get(self, "etag") + + @etag.setter + def etag(self, value: Optional[pulumi.Input[str]]): + pulumi.set(self, "etag", value) + + @property + @pulumi.getter + def location(self) -> Optional[pulumi.Input[str]]: + """ + The location where aspect type will be created in. + Used to find the parent resource to bind the IAM policy to + """ + return pulumi.get(self, "location") + + @location.setter + def location(self, value: Optional[pulumi.Input[str]]): + pulumi.set(self, "location", value) + + @property + @pulumi.getter + def members(self) -> Optional[pulumi.Input[Sequence[pulumi.Input[str]]]]: + """ + Identities that will be granted the privilege in `role`. + Each entry can have one of the following values: + * **allUsers**: A special identifier that represents anyone who is on the internet; with or without a Google account. + * **allAuthenticatedUsers**: A special identifier that represents anyone who is authenticated with a Google account or a service account. + * **user:{emailid}**: An email address that represents a specific Google account. For example, alice@gmail.com or joe@example.com. + * **serviceAccount:{emailid}**: An email address that represents a service account. For example, my-other-app@appspot.gserviceaccount.com. + * **group:{emailid}**: An email address that represents a Google group. For example, admins@example.com. + * **domain:{domain}**: A G Suite domain (primary, instead of alias) name that represents all the users of that domain. For example, google.com or example.com. + * **projectOwner:projectid**: Owners of the given project. For example, "projectOwner:my-example-project" + * **projectEditor:projectid**: Editors of the given project. For example, "projectEditor:my-example-project" + * **projectViewer:projectid**: Viewers of the given project. For example, "projectViewer:my-example-project" + """ + return pulumi.get(self, "members") + + @members.setter + def members(self, value: Optional[pulumi.Input[Sequence[pulumi.Input[str]]]]): + pulumi.set(self, "members", value) + + @property + @pulumi.getter + def project(self) -> Optional[pulumi.Input[str]]: + """ + The ID of the project in which the resource belongs. + If it is not provided, the project will be parsed from the identifier of the parent resource. If no project is provided in the parent identifier and no project is specified, the provider project is used. + """ + return pulumi.get(self, "project") + + @project.setter + def project(self, value: Optional[pulumi.Input[str]]): + pulumi.set(self, "project", value) + + @property + @pulumi.getter + def role(self) -> Optional[pulumi.Input[str]]: + """ + The role that should be applied. Only one + `dataplex.AspectTypeIamBinding` can be used per role. Note that custom roles must be of the format + `[projects|organizations]/{parent-name}/roles/{role-name}`. + """ + return pulumi.get(self, "role") + + @role.setter + def role(self, value: Optional[pulumi.Input[str]]): + pulumi.set(self, "role", value) + + +class AspectTypeIamBinding(pulumi.CustomResource): + @overload + def __init__(__self__, + resource_name: str, + opts: Optional[pulumi.ResourceOptions] = None, + aspect_type_id: Optional[pulumi.Input[str]] = None, + condition: Optional[pulumi.Input[pulumi.InputType['AspectTypeIamBindingConditionArgs']]] = None, + location: Optional[pulumi.Input[str]] = None, + members: Optional[pulumi.Input[Sequence[pulumi.Input[str]]]] = None, + project: Optional[pulumi.Input[str]] = None, + role: Optional[pulumi.Input[str]] = None, + __props__=None): + """ + Three different resources help you manage your IAM policy for Dataplex AspectType. Each of these resources serves a different use case: + + * `dataplex.AspectTypeIamPolicy`: Authoritative. Sets the IAM policy for the aspecttype and replaces any existing policy already attached. + * `dataplex.AspectTypeIamBinding`: Authoritative for a given role. Updates the IAM policy to grant a role to a list of members. Other roles within the IAM policy for the aspecttype are preserved. + * `dataplex.AspectTypeIamMember`: Non-authoritative. Updates the IAM policy to grant a role to a new member. Other members for the role for the aspecttype are preserved. + + A data source can be used to retrieve policy data in advent you do not need creation + + * `dataplex.AspectTypeIamPolicy`: Retrieves the IAM policy for the aspecttype + + > **Note:** `dataplex.AspectTypeIamPolicy` **cannot** be used in conjunction with `dataplex.AspectTypeIamBinding` and `dataplex.AspectTypeIamMember` or they will fight over what your policy should be. + + > **Note:** `dataplex.AspectTypeIamBinding` resources **can be** used in conjunction with `dataplex.AspectTypeIamMember` resources **only if** they do not grant privilege to the same role. + + ## dataplex.AspectTypeIamPolicy + + ```python + import pulumi + import pulumi_gcp as gcp + + admin = gcp.organizations.get_iam_policy(bindings=[gcp.organizations.GetIAMPolicyBindingArgs( + role="roles/viewer", + members=["user:jane@example.com"], + )]) + policy = gcp.dataplex.AspectTypeIamPolicy("policy", + project=test_aspect_type_basic["project"], + location=test_aspect_type_basic["location"], + aspect_type_id=test_aspect_type_basic["aspectTypeId"], + policy_data=admin.policy_data) + ``` + + ## dataplex.AspectTypeIamBinding + + ```python + import pulumi + import pulumi_gcp as gcp + + binding = gcp.dataplex.AspectTypeIamBinding("binding", + project=test_aspect_type_basic["project"], + location=test_aspect_type_basic["location"], + aspect_type_id=test_aspect_type_basic["aspectTypeId"], + role="roles/viewer", + members=["user:jane@example.com"]) + ``` + + ## dataplex.AspectTypeIamMember + + ```python + import pulumi + import pulumi_gcp as gcp + + member = gcp.dataplex.AspectTypeIamMember("member", + project=test_aspect_type_basic["project"], + location=test_aspect_type_basic["location"], + aspect_type_id=test_aspect_type_basic["aspectTypeId"], + role="roles/viewer", + member="user:jane@example.com") + ``` + + ## dataplex.AspectTypeIamPolicy + + ```python + import pulumi + import pulumi_gcp as gcp + + admin = gcp.organizations.get_iam_policy(bindings=[gcp.organizations.GetIAMPolicyBindingArgs( + role="roles/viewer", + members=["user:jane@example.com"], + )]) + policy = gcp.dataplex.AspectTypeIamPolicy("policy", + project=test_aspect_type_basic["project"], + location=test_aspect_type_basic["location"], + aspect_type_id=test_aspect_type_basic["aspectTypeId"], + policy_data=admin.policy_data) + ``` + + ## dataplex.AspectTypeIamBinding + + ```python + import pulumi + import pulumi_gcp as gcp + + binding = gcp.dataplex.AspectTypeIamBinding("binding", + project=test_aspect_type_basic["project"], + location=test_aspect_type_basic["location"], + aspect_type_id=test_aspect_type_basic["aspectTypeId"], + role="roles/viewer", + members=["user:jane@example.com"]) + ``` + + ## dataplex.AspectTypeIamMember + + ```python + import pulumi + import pulumi_gcp as gcp + + member = gcp.dataplex.AspectTypeIamMember("member", + project=test_aspect_type_basic["project"], + location=test_aspect_type_basic["location"], + aspect_type_id=test_aspect_type_basic["aspectTypeId"], + role="roles/viewer", + member="user:jane@example.com") + ``` + + ## Import + + For all import syntaxes, the "resource in question" can take any of the following forms: + + * projects/{{project}}/locations/{{location}}/aspectTypes/{{aspect_type_id}} + + * {{project}}/{{location}}/{{aspect_type_id}} + + * {{location}}/{{aspect_type_id}} + + * {{aspect_type_id}} + + Any variables not passed in the import command will be taken from the provider configuration. + + Dataplex aspecttype IAM resources can be imported using the resource identifiers, role, and member. + + IAM member imports use space-delimited identifiers: the resource in question, the role, and the member identity, e.g. + + ```sh + $ pulumi import gcp:dataplex/aspectTypeIamBinding:AspectTypeIamBinding editor "projects/{{project}}/locations/{{location}}/aspectTypes/{{aspect_type_id}} roles/viewer user:jane@example.com" + ``` + + IAM binding imports use space-delimited identifiers: the resource in question and the role, e.g. + + ```sh + $ pulumi import gcp:dataplex/aspectTypeIamBinding:AspectTypeIamBinding editor "projects/{{project}}/locations/{{location}}/aspectTypes/{{aspect_type_id}} roles/viewer" + ``` + + IAM policy imports use the identifier of the resource in question, e.g. + + ```sh + $ pulumi import gcp:dataplex/aspectTypeIamBinding:AspectTypeIamBinding editor projects/{{project}}/locations/{{location}}/aspectTypes/{{aspect_type_id}} + ``` + + -> **Custom Roles**: If you're importing a IAM resource with a custom role, make sure to use the + + full name of the custom role, e.g. `[projects/my-project|organizations/my-org]/roles/my-custom-role`. + + :param str resource_name: The name of the resource. + :param pulumi.ResourceOptions opts: Options for the resource. + :param pulumi.Input[str] location: The location where aspect type will be created in. + Used to find the parent resource to bind the IAM policy to + :param pulumi.Input[Sequence[pulumi.Input[str]]] members: Identities that will be granted the privilege in `role`. + Each entry can have one of the following values: + * **allUsers**: A special identifier that represents anyone who is on the internet; with or without a Google account. + * **allAuthenticatedUsers**: A special identifier that represents anyone who is authenticated with a Google account or a service account. + * **user:{emailid}**: An email address that represents a specific Google account. For example, alice@gmail.com or joe@example.com. + * **serviceAccount:{emailid}**: An email address that represents a service account. For example, my-other-app@appspot.gserviceaccount.com. + * **group:{emailid}**: An email address that represents a Google group. For example, admins@example.com. + * **domain:{domain}**: A G Suite domain (primary, instead of alias) name that represents all the users of that domain. For example, google.com or example.com. + * **projectOwner:projectid**: Owners of the given project. For example, "projectOwner:my-example-project" + * **projectEditor:projectid**: Editors of the given project. For example, "projectEditor:my-example-project" + * **projectViewer:projectid**: Viewers of the given project. For example, "projectViewer:my-example-project" + :param pulumi.Input[str] project: The ID of the project in which the resource belongs. + If it is not provided, the project will be parsed from the identifier of the parent resource. If no project is provided in the parent identifier and no project is specified, the provider project is used. + :param pulumi.Input[str] role: The role that should be applied. Only one + `dataplex.AspectTypeIamBinding` can be used per role. Note that custom roles must be of the format + `[projects|organizations]/{parent-name}/roles/{role-name}`. + """ + ... + @overload + def __init__(__self__, + resource_name: str, + args: AspectTypeIamBindingArgs, + opts: Optional[pulumi.ResourceOptions] = None): + """ + Three different resources help you manage your IAM policy for Dataplex AspectType. Each of these resources serves a different use case: + + * `dataplex.AspectTypeIamPolicy`: Authoritative. Sets the IAM policy for the aspecttype and replaces any existing policy already attached. + * `dataplex.AspectTypeIamBinding`: Authoritative for a given role. Updates the IAM policy to grant a role to a list of members. Other roles within the IAM policy for the aspecttype are preserved. + * `dataplex.AspectTypeIamMember`: Non-authoritative. Updates the IAM policy to grant a role to a new member. Other members for the role for the aspecttype are preserved. + + A data source can be used to retrieve policy data in advent you do not need creation + + * `dataplex.AspectTypeIamPolicy`: Retrieves the IAM policy for the aspecttype + + > **Note:** `dataplex.AspectTypeIamPolicy` **cannot** be used in conjunction with `dataplex.AspectTypeIamBinding` and `dataplex.AspectTypeIamMember` or they will fight over what your policy should be. + + > **Note:** `dataplex.AspectTypeIamBinding` resources **can be** used in conjunction with `dataplex.AspectTypeIamMember` resources **only if** they do not grant privilege to the same role. + + ## dataplex.AspectTypeIamPolicy + + ```python + import pulumi + import pulumi_gcp as gcp + + admin = gcp.organizations.get_iam_policy(bindings=[gcp.organizations.GetIAMPolicyBindingArgs( + role="roles/viewer", + members=["user:jane@example.com"], + )]) + policy = gcp.dataplex.AspectTypeIamPolicy("policy", + project=test_aspect_type_basic["project"], + location=test_aspect_type_basic["location"], + aspect_type_id=test_aspect_type_basic["aspectTypeId"], + policy_data=admin.policy_data) + ``` + + ## dataplex.AspectTypeIamBinding + + ```python + import pulumi + import pulumi_gcp as gcp + + binding = gcp.dataplex.AspectTypeIamBinding("binding", + project=test_aspect_type_basic["project"], + location=test_aspect_type_basic["location"], + aspect_type_id=test_aspect_type_basic["aspectTypeId"], + role="roles/viewer", + members=["user:jane@example.com"]) + ``` + + ## dataplex.AspectTypeIamMember + + ```python + import pulumi + import pulumi_gcp as gcp + + member = gcp.dataplex.AspectTypeIamMember("member", + project=test_aspect_type_basic["project"], + location=test_aspect_type_basic["location"], + aspect_type_id=test_aspect_type_basic["aspectTypeId"], + role="roles/viewer", + member="user:jane@example.com") + ``` + + ## dataplex.AspectTypeIamPolicy + + ```python + import pulumi + import pulumi_gcp as gcp + + admin = gcp.organizations.get_iam_policy(bindings=[gcp.organizations.GetIAMPolicyBindingArgs( + role="roles/viewer", + members=["user:jane@example.com"], + )]) + policy = gcp.dataplex.AspectTypeIamPolicy("policy", + project=test_aspect_type_basic["project"], + location=test_aspect_type_basic["location"], + aspect_type_id=test_aspect_type_basic["aspectTypeId"], + policy_data=admin.policy_data) + ``` + + ## dataplex.AspectTypeIamBinding + + ```python + import pulumi + import pulumi_gcp as gcp + + binding = gcp.dataplex.AspectTypeIamBinding("binding", + project=test_aspect_type_basic["project"], + location=test_aspect_type_basic["location"], + aspect_type_id=test_aspect_type_basic["aspectTypeId"], + role="roles/viewer", + members=["user:jane@example.com"]) + ``` + + ## dataplex.AspectTypeIamMember + + ```python + import pulumi + import pulumi_gcp as gcp + + member = gcp.dataplex.AspectTypeIamMember("member", + project=test_aspect_type_basic["project"], + location=test_aspect_type_basic["location"], + aspect_type_id=test_aspect_type_basic["aspectTypeId"], + role="roles/viewer", + member="user:jane@example.com") + ``` + + ## Import + + For all import syntaxes, the "resource in question" can take any of the following forms: + + * projects/{{project}}/locations/{{location}}/aspectTypes/{{aspect_type_id}} + + * {{project}}/{{location}}/{{aspect_type_id}} + + * {{location}}/{{aspect_type_id}} + + * {{aspect_type_id}} + + Any variables not passed in the import command will be taken from the provider configuration. + + Dataplex aspecttype IAM resources can be imported using the resource identifiers, role, and member. + + IAM member imports use space-delimited identifiers: the resource in question, the role, and the member identity, e.g. + + ```sh + $ pulumi import gcp:dataplex/aspectTypeIamBinding:AspectTypeIamBinding editor "projects/{{project}}/locations/{{location}}/aspectTypes/{{aspect_type_id}} roles/viewer user:jane@example.com" + ``` + + IAM binding imports use space-delimited identifiers: the resource in question and the role, e.g. + + ```sh + $ pulumi import gcp:dataplex/aspectTypeIamBinding:AspectTypeIamBinding editor "projects/{{project}}/locations/{{location}}/aspectTypes/{{aspect_type_id}} roles/viewer" + ``` + + IAM policy imports use the identifier of the resource in question, e.g. + + ```sh + $ pulumi import gcp:dataplex/aspectTypeIamBinding:AspectTypeIamBinding editor projects/{{project}}/locations/{{location}}/aspectTypes/{{aspect_type_id}} + ``` + + -> **Custom Roles**: If you're importing a IAM resource with a custom role, make sure to use the + + full name of the custom role, e.g. `[projects/my-project|organizations/my-org]/roles/my-custom-role`. + + :param str resource_name: The name of the resource. + :param AspectTypeIamBindingArgs args: The arguments to use to populate this resource's properties. + :param pulumi.ResourceOptions opts: Options for the resource. + """ + ... + def __init__(__self__, resource_name: str, *args, **kwargs): + resource_args, opts = _utilities.get_resource_args_opts(AspectTypeIamBindingArgs, pulumi.ResourceOptions, *args, **kwargs) + if resource_args is not None: + __self__._internal_init(resource_name, opts, **resource_args.__dict__) + else: + __self__._internal_init(resource_name, *args, **kwargs) + + def _internal_init(__self__, + resource_name: str, + opts: Optional[pulumi.ResourceOptions] = None, + aspect_type_id: Optional[pulumi.Input[str]] = None, + condition: Optional[pulumi.Input[pulumi.InputType['AspectTypeIamBindingConditionArgs']]] = None, + location: Optional[pulumi.Input[str]] = None, + members: Optional[pulumi.Input[Sequence[pulumi.Input[str]]]] = None, + project: Optional[pulumi.Input[str]] = None, + role: Optional[pulumi.Input[str]] = None, + __props__=None): + opts = pulumi.ResourceOptions.merge(_utilities.get_resource_opts_defaults(), opts) + if not isinstance(opts, pulumi.ResourceOptions): + raise TypeError('Expected resource options to be a ResourceOptions instance') + if opts.id is None: + if __props__ is not None: + raise TypeError('__props__ is only valid when passed in combination with a valid opts.id to get an existing resource') + __props__ = AspectTypeIamBindingArgs.__new__(AspectTypeIamBindingArgs) + + if aspect_type_id is None and not opts.urn: + raise TypeError("Missing required property 'aspect_type_id'") + __props__.__dict__["aspect_type_id"] = aspect_type_id + __props__.__dict__["condition"] = condition + __props__.__dict__["location"] = location + if members is None and not opts.urn: + raise TypeError("Missing required property 'members'") + __props__.__dict__["members"] = members + __props__.__dict__["project"] = project + if role is None and not opts.urn: + raise TypeError("Missing required property 'role'") + __props__.__dict__["role"] = role + __props__.__dict__["etag"] = None + super(AspectTypeIamBinding, __self__).__init__( + 'gcp:dataplex/aspectTypeIamBinding:AspectTypeIamBinding', + resource_name, + __props__, + opts) + + @staticmethod + def get(resource_name: str, + id: pulumi.Input[str], + opts: Optional[pulumi.ResourceOptions] = None, + aspect_type_id: Optional[pulumi.Input[str]] = None, + condition: Optional[pulumi.Input[pulumi.InputType['AspectTypeIamBindingConditionArgs']]] = None, + etag: Optional[pulumi.Input[str]] = None, + location: Optional[pulumi.Input[str]] = None, + members: Optional[pulumi.Input[Sequence[pulumi.Input[str]]]] = None, + project: Optional[pulumi.Input[str]] = None, + role: Optional[pulumi.Input[str]] = None) -> 'AspectTypeIamBinding': + """ + Get an existing AspectTypeIamBinding resource's state with the given name, id, and optional extra + properties used to qualify the lookup. + + :param str resource_name: The unique name of the resulting resource. + :param pulumi.Input[str] id: The unique provider ID of the resource to lookup. + :param pulumi.ResourceOptions opts: Options for the resource. + :param pulumi.Input[str] etag: (Computed) The etag of the IAM policy. + :param pulumi.Input[str] location: The location where aspect type will be created in. + Used to find the parent resource to bind the IAM policy to + :param pulumi.Input[Sequence[pulumi.Input[str]]] members: Identities that will be granted the privilege in `role`. + Each entry can have one of the following values: + * **allUsers**: A special identifier that represents anyone who is on the internet; with or without a Google account. + * **allAuthenticatedUsers**: A special identifier that represents anyone who is authenticated with a Google account or a service account. + * **user:{emailid}**: An email address that represents a specific Google account. For example, alice@gmail.com or joe@example.com. + * **serviceAccount:{emailid}**: An email address that represents a service account. For example, my-other-app@appspot.gserviceaccount.com. + * **group:{emailid}**: An email address that represents a Google group. For example, admins@example.com. + * **domain:{domain}**: A G Suite domain (primary, instead of alias) name that represents all the users of that domain. For example, google.com or example.com. + * **projectOwner:projectid**: Owners of the given project. For example, "projectOwner:my-example-project" + * **projectEditor:projectid**: Editors of the given project. For example, "projectEditor:my-example-project" + * **projectViewer:projectid**: Viewers of the given project. For example, "projectViewer:my-example-project" + :param pulumi.Input[str] project: The ID of the project in which the resource belongs. + If it is not provided, the project will be parsed from the identifier of the parent resource. If no project is provided in the parent identifier and no project is specified, the provider project is used. + :param pulumi.Input[str] role: The role that should be applied. Only one + `dataplex.AspectTypeIamBinding` can be used per role. Note that custom roles must be of the format + `[projects|organizations]/{parent-name}/roles/{role-name}`. + """ + opts = pulumi.ResourceOptions.merge(opts, pulumi.ResourceOptions(id=id)) + + __props__ = _AspectTypeIamBindingState.__new__(_AspectTypeIamBindingState) + + __props__.__dict__["aspect_type_id"] = aspect_type_id + __props__.__dict__["condition"] = condition + __props__.__dict__["etag"] = etag + __props__.__dict__["location"] = location + __props__.__dict__["members"] = members + __props__.__dict__["project"] = project + __props__.__dict__["role"] = role + return AspectTypeIamBinding(resource_name, opts=opts, __props__=__props__) + + @property + @pulumi.getter(name="aspectTypeId") + def aspect_type_id(self) -> pulumi.Output[str]: + return pulumi.get(self, "aspect_type_id") + + @property + @pulumi.getter + def condition(self) -> pulumi.Output[Optional['outputs.AspectTypeIamBindingCondition']]: + return pulumi.get(self, "condition") + + @property + @pulumi.getter + def etag(self) -> pulumi.Output[str]: + """ + (Computed) The etag of the IAM policy. + """ + return pulumi.get(self, "etag") + + @property + @pulumi.getter + def location(self) -> pulumi.Output[str]: + """ + The location where aspect type will be created in. + Used to find the parent resource to bind the IAM policy to + """ + return pulumi.get(self, "location") + + @property + @pulumi.getter + def members(self) -> pulumi.Output[Sequence[str]]: + """ + Identities that will be granted the privilege in `role`. + Each entry can have one of the following values: + * **allUsers**: A special identifier that represents anyone who is on the internet; with or without a Google account. + * **allAuthenticatedUsers**: A special identifier that represents anyone who is authenticated with a Google account or a service account. + * **user:{emailid}**: An email address that represents a specific Google account. For example, alice@gmail.com or joe@example.com. + * **serviceAccount:{emailid}**: An email address that represents a service account. For example, my-other-app@appspot.gserviceaccount.com. + * **group:{emailid}**: An email address that represents a Google group. For example, admins@example.com. + * **domain:{domain}**: A G Suite domain (primary, instead of alias) name that represents all the users of that domain. For example, google.com or example.com. + * **projectOwner:projectid**: Owners of the given project. For example, "projectOwner:my-example-project" + * **projectEditor:projectid**: Editors of the given project. For example, "projectEditor:my-example-project" + * **projectViewer:projectid**: Viewers of the given project. For example, "projectViewer:my-example-project" + """ + return pulumi.get(self, "members") + + @property + @pulumi.getter + def project(self) -> pulumi.Output[str]: + """ + The ID of the project in which the resource belongs. + If it is not provided, the project will be parsed from the identifier of the parent resource. If no project is provided in the parent identifier and no project is specified, the provider project is used. + """ + return pulumi.get(self, "project") + + @property + @pulumi.getter + def role(self) -> pulumi.Output[str]: + """ + The role that should be applied. Only one + `dataplex.AspectTypeIamBinding` can be used per role. Note that custom roles must be of the format + `[projects|organizations]/{parent-name}/roles/{role-name}`. + """ + return pulumi.get(self, "role") + diff --git a/sdk/python/pulumi_gcp/dataplex/aspect_type_iam_member.py b/sdk/python/pulumi_gcp/dataplex/aspect_type_iam_member.py new file mode 100644 index 0000000000..bd00cc1b1e --- /dev/null +++ b/sdk/python/pulumi_gcp/dataplex/aspect_type_iam_member.py @@ -0,0 +1,765 @@ +# coding=utf-8 +# *** WARNING: this file was generated by the Pulumi Terraform Bridge (tfgen) Tool. *** +# *** Do not edit by hand unless you're certain you know what you are doing! *** + +import copy +import warnings +import pulumi +import pulumi.runtime +from typing import Any, Mapping, Optional, Sequence, Union, overload +from .. import _utilities +from . import outputs +from ._inputs import * + +__all__ = ['AspectTypeIamMemberArgs', 'AspectTypeIamMember'] + +@pulumi.input_type +class AspectTypeIamMemberArgs: + def __init__(__self__, *, + aspect_type_id: pulumi.Input[str], + member: pulumi.Input[str], + role: pulumi.Input[str], + condition: Optional[pulumi.Input['AspectTypeIamMemberConditionArgs']] = None, + location: Optional[pulumi.Input[str]] = None, + project: Optional[pulumi.Input[str]] = None): + """ + The set of arguments for constructing a AspectTypeIamMember resource. + :param pulumi.Input[str] member: Identities that will be granted the privilege in `role`. + Each entry can have one of the following values: + * **allUsers**: A special identifier that represents anyone who is on the internet; with or without a Google account. + * **allAuthenticatedUsers**: A special identifier that represents anyone who is authenticated with a Google account or a service account. + * **user:{emailid}**: An email address that represents a specific Google account. For example, alice@gmail.com or joe@example.com. + * **serviceAccount:{emailid}**: An email address that represents a service account. For example, my-other-app@appspot.gserviceaccount.com. + * **group:{emailid}**: An email address that represents a Google group. For example, admins@example.com. + * **domain:{domain}**: A G Suite domain (primary, instead of alias) name that represents all the users of that domain. For example, google.com or example.com. + * **projectOwner:projectid**: Owners of the given project. For example, "projectOwner:my-example-project" + * **projectEditor:projectid**: Editors of the given project. For example, "projectEditor:my-example-project" + * **projectViewer:projectid**: Viewers of the given project. For example, "projectViewer:my-example-project" + :param pulumi.Input[str] role: The role that should be applied. Only one + `dataplex.AspectTypeIamBinding` can be used per role. Note that custom roles must be of the format + `[projects|organizations]/{parent-name}/roles/{role-name}`. + :param pulumi.Input[str] location: The location where aspect type will be created in. + Used to find the parent resource to bind the IAM policy to + :param pulumi.Input[str] project: The ID of the project in which the resource belongs. + If it is not provided, the project will be parsed from the identifier of the parent resource. If no project is provided in the parent identifier and no project is specified, the provider project is used. + """ + pulumi.set(__self__, "aspect_type_id", aspect_type_id) + pulumi.set(__self__, "member", member) + pulumi.set(__self__, "role", role) + if condition is not None: + pulumi.set(__self__, "condition", condition) + if location is not None: + pulumi.set(__self__, "location", location) + if project is not None: + pulumi.set(__self__, "project", project) + + @property + @pulumi.getter(name="aspectTypeId") + def aspect_type_id(self) -> pulumi.Input[str]: + return pulumi.get(self, "aspect_type_id") + + @aspect_type_id.setter + def aspect_type_id(self, value: pulumi.Input[str]): + pulumi.set(self, "aspect_type_id", value) + + @property + @pulumi.getter + def member(self) -> pulumi.Input[str]: + """ + Identities that will be granted the privilege in `role`. + Each entry can have one of the following values: + * **allUsers**: A special identifier that represents anyone who is on the internet; with or without a Google account. + * **allAuthenticatedUsers**: A special identifier that represents anyone who is authenticated with a Google account or a service account. + * **user:{emailid}**: An email address that represents a specific Google account. For example, alice@gmail.com or joe@example.com. + * **serviceAccount:{emailid}**: An email address that represents a service account. For example, my-other-app@appspot.gserviceaccount.com. + * **group:{emailid}**: An email address that represents a Google group. For example, admins@example.com. + * **domain:{domain}**: A G Suite domain (primary, instead of alias) name that represents all the users of that domain. For example, google.com or example.com. + * **projectOwner:projectid**: Owners of the given project. For example, "projectOwner:my-example-project" + * **projectEditor:projectid**: Editors of the given project. For example, "projectEditor:my-example-project" + * **projectViewer:projectid**: Viewers of the given project. For example, "projectViewer:my-example-project" + """ + return pulumi.get(self, "member") + + @member.setter + def member(self, value: pulumi.Input[str]): + pulumi.set(self, "member", value) + + @property + @pulumi.getter + def role(self) -> pulumi.Input[str]: + """ + The role that should be applied. Only one + `dataplex.AspectTypeIamBinding` can be used per role. Note that custom roles must be of the format + `[projects|organizations]/{parent-name}/roles/{role-name}`. + """ + return pulumi.get(self, "role") + + @role.setter + def role(self, value: pulumi.Input[str]): + pulumi.set(self, "role", value) + + @property + @pulumi.getter + def condition(self) -> Optional[pulumi.Input['AspectTypeIamMemberConditionArgs']]: + return pulumi.get(self, "condition") + + @condition.setter + def condition(self, value: Optional[pulumi.Input['AspectTypeIamMemberConditionArgs']]): + pulumi.set(self, "condition", value) + + @property + @pulumi.getter + def location(self) -> Optional[pulumi.Input[str]]: + """ + The location where aspect type will be created in. + Used to find the parent resource to bind the IAM policy to + """ + return pulumi.get(self, "location") + + @location.setter + def location(self, value: Optional[pulumi.Input[str]]): + pulumi.set(self, "location", value) + + @property + @pulumi.getter + def project(self) -> Optional[pulumi.Input[str]]: + """ + The ID of the project in which the resource belongs. + If it is not provided, the project will be parsed from the identifier of the parent resource. If no project is provided in the parent identifier and no project is specified, the provider project is used. + """ + return pulumi.get(self, "project") + + @project.setter + def project(self, value: Optional[pulumi.Input[str]]): + pulumi.set(self, "project", value) + + +@pulumi.input_type +class _AspectTypeIamMemberState: + def __init__(__self__, *, + aspect_type_id: Optional[pulumi.Input[str]] = None, + condition: Optional[pulumi.Input['AspectTypeIamMemberConditionArgs']] = None, + etag: Optional[pulumi.Input[str]] = None, + location: Optional[pulumi.Input[str]] = None, + member: Optional[pulumi.Input[str]] = None, + project: Optional[pulumi.Input[str]] = None, + role: Optional[pulumi.Input[str]] = None): + """ + Input properties used for looking up and filtering AspectTypeIamMember resources. + :param pulumi.Input[str] etag: (Computed) The etag of the IAM policy. + :param pulumi.Input[str] location: The location where aspect type will be created in. + Used to find the parent resource to bind the IAM policy to + :param pulumi.Input[str] member: Identities that will be granted the privilege in `role`. + Each entry can have one of the following values: + * **allUsers**: A special identifier that represents anyone who is on the internet; with or without a Google account. + * **allAuthenticatedUsers**: A special identifier that represents anyone who is authenticated with a Google account or a service account. + * **user:{emailid}**: An email address that represents a specific Google account. For example, alice@gmail.com or joe@example.com. + * **serviceAccount:{emailid}**: An email address that represents a service account. For example, my-other-app@appspot.gserviceaccount.com. + * **group:{emailid}**: An email address that represents a Google group. For example, admins@example.com. + * **domain:{domain}**: A G Suite domain (primary, instead of alias) name that represents all the users of that domain. For example, google.com or example.com. + * **projectOwner:projectid**: Owners of the given project. For example, "projectOwner:my-example-project" + * **projectEditor:projectid**: Editors of the given project. For example, "projectEditor:my-example-project" + * **projectViewer:projectid**: Viewers of the given project. For example, "projectViewer:my-example-project" + :param pulumi.Input[str] project: The ID of the project in which the resource belongs. + If it is not provided, the project will be parsed from the identifier of the parent resource. If no project is provided in the parent identifier and no project is specified, the provider project is used. + :param pulumi.Input[str] role: The role that should be applied. Only one + `dataplex.AspectTypeIamBinding` can be used per role. Note that custom roles must be of the format + `[projects|organizations]/{parent-name}/roles/{role-name}`. + """ + if aspect_type_id is not None: + pulumi.set(__self__, "aspect_type_id", aspect_type_id) + if condition is not None: + pulumi.set(__self__, "condition", condition) + if etag is not None: + pulumi.set(__self__, "etag", etag) + if location is not None: + pulumi.set(__self__, "location", location) + if member is not None: + pulumi.set(__self__, "member", member) + if project is not None: + pulumi.set(__self__, "project", project) + if role is not None: + pulumi.set(__self__, "role", role) + + @property + @pulumi.getter(name="aspectTypeId") + def aspect_type_id(self) -> Optional[pulumi.Input[str]]: + return pulumi.get(self, "aspect_type_id") + + @aspect_type_id.setter + def aspect_type_id(self, value: Optional[pulumi.Input[str]]): + pulumi.set(self, "aspect_type_id", value) + + @property + @pulumi.getter + def condition(self) -> Optional[pulumi.Input['AspectTypeIamMemberConditionArgs']]: + return pulumi.get(self, "condition") + + @condition.setter + def condition(self, value: Optional[pulumi.Input['AspectTypeIamMemberConditionArgs']]): + pulumi.set(self, "condition", value) + + @property + @pulumi.getter + def etag(self) -> Optional[pulumi.Input[str]]: + """ + (Computed) The etag of the IAM policy. + """ + return pulumi.get(self, "etag") + + @etag.setter + def etag(self, value: Optional[pulumi.Input[str]]): + pulumi.set(self, "etag", value) + + @property + @pulumi.getter + def location(self) -> Optional[pulumi.Input[str]]: + """ + The location where aspect type will be created in. + Used to find the parent resource to bind the IAM policy to + """ + return pulumi.get(self, "location") + + @location.setter + def location(self, value: Optional[pulumi.Input[str]]): + pulumi.set(self, "location", value) + + @property + @pulumi.getter + def member(self) -> Optional[pulumi.Input[str]]: + """ + Identities that will be granted the privilege in `role`. + Each entry can have one of the following values: + * **allUsers**: A special identifier that represents anyone who is on the internet; with or without a Google account. + * **allAuthenticatedUsers**: A special identifier that represents anyone who is authenticated with a Google account or a service account. + * **user:{emailid}**: An email address that represents a specific Google account. For example, alice@gmail.com or joe@example.com. + * **serviceAccount:{emailid}**: An email address that represents a service account. For example, my-other-app@appspot.gserviceaccount.com. + * **group:{emailid}**: An email address that represents a Google group. For example, admins@example.com. + * **domain:{domain}**: A G Suite domain (primary, instead of alias) name that represents all the users of that domain. For example, google.com or example.com. + * **projectOwner:projectid**: Owners of the given project. For example, "projectOwner:my-example-project" + * **projectEditor:projectid**: Editors of the given project. For example, "projectEditor:my-example-project" + * **projectViewer:projectid**: Viewers of the given project. For example, "projectViewer:my-example-project" + """ + return pulumi.get(self, "member") + + @member.setter + def member(self, value: Optional[pulumi.Input[str]]): + pulumi.set(self, "member", value) + + @property + @pulumi.getter + def project(self) -> Optional[pulumi.Input[str]]: + """ + The ID of the project in which the resource belongs. + If it is not provided, the project will be parsed from the identifier of the parent resource. If no project is provided in the parent identifier and no project is specified, the provider project is used. + """ + return pulumi.get(self, "project") + + @project.setter + def project(self, value: Optional[pulumi.Input[str]]): + pulumi.set(self, "project", value) + + @property + @pulumi.getter + def role(self) -> Optional[pulumi.Input[str]]: + """ + The role that should be applied. Only one + `dataplex.AspectTypeIamBinding` can be used per role. Note that custom roles must be of the format + `[projects|organizations]/{parent-name}/roles/{role-name}`. + """ + return pulumi.get(self, "role") + + @role.setter + def role(self, value: Optional[pulumi.Input[str]]): + pulumi.set(self, "role", value) + + +class AspectTypeIamMember(pulumi.CustomResource): + @overload + def __init__(__self__, + resource_name: str, + opts: Optional[pulumi.ResourceOptions] = None, + aspect_type_id: Optional[pulumi.Input[str]] = None, + condition: Optional[pulumi.Input[pulumi.InputType['AspectTypeIamMemberConditionArgs']]] = None, + location: Optional[pulumi.Input[str]] = None, + member: Optional[pulumi.Input[str]] = None, + project: Optional[pulumi.Input[str]] = None, + role: Optional[pulumi.Input[str]] = None, + __props__=None): + """ + Three different resources help you manage your IAM policy for Dataplex AspectType. Each of these resources serves a different use case: + + * `dataplex.AspectTypeIamPolicy`: Authoritative. Sets the IAM policy for the aspecttype and replaces any existing policy already attached. + * `dataplex.AspectTypeIamBinding`: Authoritative for a given role. Updates the IAM policy to grant a role to a list of members. Other roles within the IAM policy for the aspecttype are preserved. + * `dataplex.AspectTypeIamMember`: Non-authoritative. Updates the IAM policy to grant a role to a new member. Other members for the role for the aspecttype are preserved. + + A data source can be used to retrieve policy data in advent you do not need creation + + * `dataplex.AspectTypeIamPolicy`: Retrieves the IAM policy for the aspecttype + + > **Note:** `dataplex.AspectTypeIamPolicy` **cannot** be used in conjunction with `dataplex.AspectTypeIamBinding` and `dataplex.AspectTypeIamMember` or they will fight over what your policy should be. + + > **Note:** `dataplex.AspectTypeIamBinding` resources **can be** used in conjunction with `dataplex.AspectTypeIamMember` resources **only if** they do not grant privilege to the same role. + + ## dataplex.AspectTypeIamPolicy + + ```python + import pulumi + import pulumi_gcp as gcp + + admin = gcp.organizations.get_iam_policy(bindings=[gcp.organizations.GetIAMPolicyBindingArgs( + role="roles/viewer", + members=["user:jane@example.com"], + )]) + policy = gcp.dataplex.AspectTypeIamPolicy("policy", + project=test_aspect_type_basic["project"], + location=test_aspect_type_basic["location"], + aspect_type_id=test_aspect_type_basic["aspectTypeId"], + policy_data=admin.policy_data) + ``` + + ## dataplex.AspectTypeIamBinding + + ```python + import pulumi + import pulumi_gcp as gcp + + binding = gcp.dataplex.AspectTypeIamBinding("binding", + project=test_aspect_type_basic["project"], + location=test_aspect_type_basic["location"], + aspect_type_id=test_aspect_type_basic["aspectTypeId"], + role="roles/viewer", + members=["user:jane@example.com"]) + ``` + + ## dataplex.AspectTypeIamMember + + ```python + import pulumi + import pulumi_gcp as gcp + + member = gcp.dataplex.AspectTypeIamMember("member", + project=test_aspect_type_basic["project"], + location=test_aspect_type_basic["location"], + aspect_type_id=test_aspect_type_basic["aspectTypeId"], + role="roles/viewer", + member="user:jane@example.com") + ``` + + ## dataplex.AspectTypeIamPolicy + + ```python + import pulumi + import pulumi_gcp as gcp + + admin = gcp.organizations.get_iam_policy(bindings=[gcp.organizations.GetIAMPolicyBindingArgs( + role="roles/viewer", + members=["user:jane@example.com"], + )]) + policy = gcp.dataplex.AspectTypeIamPolicy("policy", + project=test_aspect_type_basic["project"], + location=test_aspect_type_basic["location"], + aspect_type_id=test_aspect_type_basic["aspectTypeId"], + policy_data=admin.policy_data) + ``` + + ## dataplex.AspectTypeIamBinding + + ```python + import pulumi + import pulumi_gcp as gcp + + binding = gcp.dataplex.AspectTypeIamBinding("binding", + project=test_aspect_type_basic["project"], + location=test_aspect_type_basic["location"], + aspect_type_id=test_aspect_type_basic["aspectTypeId"], + role="roles/viewer", + members=["user:jane@example.com"]) + ``` + + ## dataplex.AspectTypeIamMember + + ```python + import pulumi + import pulumi_gcp as gcp + + member = gcp.dataplex.AspectTypeIamMember("member", + project=test_aspect_type_basic["project"], + location=test_aspect_type_basic["location"], + aspect_type_id=test_aspect_type_basic["aspectTypeId"], + role="roles/viewer", + member="user:jane@example.com") + ``` + + ## Import + + For all import syntaxes, the "resource in question" can take any of the following forms: + + * projects/{{project}}/locations/{{location}}/aspectTypes/{{aspect_type_id}} + + * {{project}}/{{location}}/{{aspect_type_id}} + + * {{location}}/{{aspect_type_id}} + + * {{aspect_type_id}} + + Any variables not passed in the import command will be taken from the provider configuration. + + Dataplex aspecttype IAM resources can be imported using the resource identifiers, role, and member. + + IAM member imports use space-delimited identifiers: the resource in question, the role, and the member identity, e.g. + + ```sh + $ pulumi import gcp:dataplex/aspectTypeIamMember:AspectTypeIamMember editor "projects/{{project}}/locations/{{location}}/aspectTypes/{{aspect_type_id}} roles/viewer user:jane@example.com" + ``` + + IAM binding imports use space-delimited identifiers: the resource in question and the role, e.g. + + ```sh + $ pulumi import gcp:dataplex/aspectTypeIamMember:AspectTypeIamMember editor "projects/{{project}}/locations/{{location}}/aspectTypes/{{aspect_type_id}} roles/viewer" + ``` + + IAM policy imports use the identifier of the resource in question, e.g. + + ```sh + $ pulumi import gcp:dataplex/aspectTypeIamMember:AspectTypeIamMember editor projects/{{project}}/locations/{{location}}/aspectTypes/{{aspect_type_id}} + ``` + + -> **Custom Roles**: If you're importing a IAM resource with a custom role, make sure to use the + + full name of the custom role, e.g. `[projects/my-project|organizations/my-org]/roles/my-custom-role`. + + :param str resource_name: The name of the resource. + :param pulumi.ResourceOptions opts: Options for the resource. + :param pulumi.Input[str] location: The location where aspect type will be created in. + Used to find the parent resource to bind the IAM policy to + :param pulumi.Input[str] member: Identities that will be granted the privilege in `role`. + Each entry can have one of the following values: + * **allUsers**: A special identifier that represents anyone who is on the internet; with or without a Google account. + * **allAuthenticatedUsers**: A special identifier that represents anyone who is authenticated with a Google account or a service account. + * **user:{emailid}**: An email address that represents a specific Google account. For example, alice@gmail.com or joe@example.com. + * **serviceAccount:{emailid}**: An email address that represents a service account. For example, my-other-app@appspot.gserviceaccount.com. + * **group:{emailid}**: An email address that represents a Google group. For example, admins@example.com. + * **domain:{domain}**: A G Suite domain (primary, instead of alias) name that represents all the users of that domain. For example, google.com or example.com. + * **projectOwner:projectid**: Owners of the given project. For example, "projectOwner:my-example-project" + * **projectEditor:projectid**: Editors of the given project. For example, "projectEditor:my-example-project" + * **projectViewer:projectid**: Viewers of the given project. For example, "projectViewer:my-example-project" + :param pulumi.Input[str] project: The ID of the project in which the resource belongs. + If it is not provided, the project will be parsed from the identifier of the parent resource. If no project is provided in the parent identifier and no project is specified, the provider project is used. + :param pulumi.Input[str] role: The role that should be applied. Only one + `dataplex.AspectTypeIamBinding` can be used per role. Note that custom roles must be of the format + `[projects|organizations]/{parent-name}/roles/{role-name}`. + """ + ... + @overload + def __init__(__self__, + resource_name: str, + args: AspectTypeIamMemberArgs, + opts: Optional[pulumi.ResourceOptions] = None): + """ + Three different resources help you manage your IAM policy for Dataplex AspectType. Each of these resources serves a different use case: + + * `dataplex.AspectTypeIamPolicy`: Authoritative. Sets the IAM policy for the aspecttype and replaces any existing policy already attached. + * `dataplex.AspectTypeIamBinding`: Authoritative for a given role. Updates the IAM policy to grant a role to a list of members. Other roles within the IAM policy for the aspecttype are preserved. + * `dataplex.AspectTypeIamMember`: Non-authoritative. Updates the IAM policy to grant a role to a new member. Other members for the role for the aspecttype are preserved. + + A data source can be used to retrieve policy data in advent you do not need creation + + * `dataplex.AspectTypeIamPolicy`: Retrieves the IAM policy for the aspecttype + + > **Note:** `dataplex.AspectTypeIamPolicy` **cannot** be used in conjunction with `dataplex.AspectTypeIamBinding` and `dataplex.AspectTypeIamMember` or they will fight over what your policy should be. + + > **Note:** `dataplex.AspectTypeIamBinding` resources **can be** used in conjunction with `dataplex.AspectTypeIamMember` resources **only if** they do not grant privilege to the same role. + + ## dataplex.AspectTypeIamPolicy + + ```python + import pulumi + import pulumi_gcp as gcp + + admin = gcp.organizations.get_iam_policy(bindings=[gcp.organizations.GetIAMPolicyBindingArgs( + role="roles/viewer", + members=["user:jane@example.com"], + )]) + policy = gcp.dataplex.AspectTypeIamPolicy("policy", + project=test_aspect_type_basic["project"], + location=test_aspect_type_basic["location"], + aspect_type_id=test_aspect_type_basic["aspectTypeId"], + policy_data=admin.policy_data) + ``` + + ## dataplex.AspectTypeIamBinding + + ```python + import pulumi + import pulumi_gcp as gcp + + binding = gcp.dataplex.AspectTypeIamBinding("binding", + project=test_aspect_type_basic["project"], + location=test_aspect_type_basic["location"], + aspect_type_id=test_aspect_type_basic["aspectTypeId"], + role="roles/viewer", + members=["user:jane@example.com"]) + ``` + + ## dataplex.AspectTypeIamMember + + ```python + import pulumi + import pulumi_gcp as gcp + + member = gcp.dataplex.AspectTypeIamMember("member", + project=test_aspect_type_basic["project"], + location=test_aspect_type_basic["location"], + aspect_type_id=test_aspect_type_basic["aspectTypeId"], + role="roles/viewer", + member="user:jane@example.com") + ``` + + ## dataplex.AspectTypeIamPolicy + + ```python + import pulumi + import pulumi_gcp as gcp + + admin = gcp.organizations.get_iam_policy(bindings=[gcp.organizations.GetIAMPolicyBindingArgs( + role="roles/viewer", + members=["user:jane@example.com"], + )]) + policy = gcp.dataplex.AspectTypeIamPolicy("policy", + project=test_aspect_type_basic["project"], + location=test_aspect_type_basic["location"], + aspect_type_id=test_aspect_type_basic["aspectTypeId"], + policy_data=admin.policy_data) + ``` + + ## dataplex.AspectTypeIamBinding + + ```python + import pulumi + import pulumi_gcp as gcp + + binding = gcp.dataplex.AspectTypeIamBinding("binding", + project=test_aspect_type_basic["project"], + location=test_aspect_type_basic["location"], + aspect_type_id=test_aspect_type_basic["aspectTypeId"], + role="roles/viewer", + members=["user:jane@example.com"]) + ``` + + ## dataplex.AspectTypeIamMember + + ```python + import pulumi + import pulumi_gcp as gcp + + member = gcp.dataplex.AspectTypeIamMember("member", + project=test_aspect_type_basic["project"], + location=test_aspect_type_basic["location"], + aspect_type_id=test_aspect_type_basic["aspectTypeId"], + role="roles/viewer", + member="user:jane@example.com") + ``` + + ## Import + + For all import syntaxes, the "resource in question" can take any of the following forms: + + * projects/{{project}}/locations/{{location}}/aspectTypes/{{aspect_type_id}} + + * {{project}}/{{location}}/{{aspect_type_id}} + + * {{location}}/{{aspect_type_id}} + + * {{aspect_type_id}} + + Any variables not passed in the import command will be taken from the provider configuration. + + Dataplex aspecttype IAM resources can be imported using the resource identifiers, role, and member. + + IAM member imports use space-delimited identifiers: the resource in question, the role, and the member identity, e.g. + + ```sh + $ pulumi import gcp:dataplex/aspectTypeIamMember:AspectTypeIamMember editor "projects/{{project}}/locations/{{location}}/aspectTypes/{{aspect_type_id}} roles/viewer user:jane@example.com" + ``` + + IAM binding imports use space-delimited identifiers: the resource in question and the role, e.g. + + ```sh + $ pulumi import gcp:dataplex/aspectTypeIamMember:AspectTypeIamMember editor "projects/{{project}}/locations/{{location}}/aspectTypes/{{aspect_type_id}} roles/viewer" + ``` + + IAM policy imports use the identifier of the resource in question, e.g. + + ```sh + $ pulumi import gcp:dataplex/aspectTypeIamMember:AspectTypeIamMember editor projects/{{project}}/locations/{{location}}/aspectTypes/{{aspect_type_id}} + ``` + + -> **Custom Roles**: If you're importing a IAM resource with a custom role, make sure to use the + + full name of the custom role, e.g. `[projects/my-project|organizations/my-org]/roles/my-custom-role`. + + :param str resource_name: The name of the resource. + :param AspectTypeIamMemberArgs args: The arguments to use to populate this resource's properties. + :param pulumi.ResourceOptions opts: Options for the resource. + """ + ... + def __init__(__self__, resource_name: str, *args, **kwargs): + resource_args, opts = _utilities.get_resource_args_opts(AspectTypeIamMemberArgs, pulumi.ResourceOptions, *args, **kwargs) + if resource_args is not None: + __self__._internal_init(resource_name, opts, **resource_args.__dict__) + else: + __self__._internal_init(resource_name, *args, **kwargs) + + def _internal_init(__self__, + resource_name: str, + opts: Optional[pulumi.ResourceOptions] = None, + aspect_type_id: Optional[pulumi.Input[str]] = None, + condition: Optional[pulumi.Input[pulumi.InputType['AspectTypeIamMemberConditionArgs']]] = None, + location: Optional[pulumi.Input[str]] = None, + member: Optional[pulumi.Input[str]] = None, + project: Optional[pulumi.Input[str]] = None, + role: Optional[pulumi.Input[str]] = None, + __props__=None): + opts = pulumi.ResourceOptions.merge(_utilities.get_resource_opts_defaults(), opts) + if not isinstance(opts, pulumi.ResourceOptions): + raise TypeError('Expected resource options to be a ResourceOptions instance') + if opts.id is None: + if __props__ is not None: + raise TypeError('__props__ is only valid when passed in combination with a valid opts.id to get an existing resource') + __props__ = AspectTypeIamMemberArgs.__new__(AspectTypeIamMemberArgs) + + if aspect_type_id is None and not opts.urn: + raise TypeError("Missing required property 'aspect_type_id'") + __props__.__dict__["aspect_type_id"] = aspect_type_id + __props__.__dict__["condition"] = condition + __props__.__dict__["location"] = location + if member is None and not opts.urn: + raise TypeError("Missing required property 'member'") + __props__.__dict__["member"] = member + __props__.__dict__["project"] = project + if role is None and not opts.urn: + raise TypeError("Missing required property 'role'") + __props__.__dict__["role"] = role + __props__.__dict__["etag"] = None + super(AspectTypeIamMember, __self__).__init__( + 'gcp:dataplex/aspectTypeIamMember:AspectTypeIamMember', + resource_name, + __props__, + opts) + + @staticmethod + def get(resource_name: str, + id: pulumi.Input[str], + opts: Optional[pulumi.ResourceOptions] = None, + aspect_type_id: Optional[pulumi.Input[str]] = None, + condition: Optional[pulumi.Input[pulumi.InputType['AspectTypeIamMemberConditionArgs']]] = None, + etag: Optional[pulumi.Input[str]] = None, + location: Optional[pulumi.Input[str]] = None, + member: Optional[pulumi.Input[str]] = None, + project: Optional[pulumi.Input[str]] = None, + role: Optional[pulumi.Input[str]] = None) -> 'AspectTypeIamMember': + """ + Get an existing AspectTypeIamMember resource's state with the given name, id, and optional extra + properties used to qualify the lookup. + + :param str resource_name: The unique name of the resulting resource. + :param pulumi.Input[str] id: The unique provider ID of the resource to lookup. + :param pulumi.ResourceOptions opts: Options for the resource. + :param pulumi.Input[str] etag: (Computed) The etag of the IAM policy. + :param pulumi.Input[str] location: The location where aspect type will be created in. + Used to find the parent resource to bind the IAM policy to + :param pulumi.Input[str] member: Identities that will be granted the privilege in `role`. + Each entry can have one of the following values: + * **allUsers**: A special identifier that represents anyone who is on the internet; with or without a Google account. + * **allAuthenticatedUsers**: A special identifier that represents anyone who is authenticated with a Google account or a service account. + * **user:{emailid}**: An email address that represents a specific Google account. For example, alice@gmail.com or joe@example.com. + * **serviceAccount:{emailid}**: An email address that represents a service account. For example, my-other-app@appspot.gserviceaccount.com. + * **group:{emailid}**: An email address that represents a Google group. For example, admins@example.com. + * **domain:{domain}**: A G Suite domain (primary, instead of alias) name that represents all the users of that domain. For example, google.com or example.com. + * **projectOwner:projectid**: Owners of the given project. For example, "projectOwner:my-example-project" + * **projectEditor:projectid**: Editors of the given project. For example, "projectEditor:my-example-project" + * **projectViewer:projectid**: Viewers of the given project. For example, "projectViewer:my-example-project" + :param pulumi.Input[str] project: The ID of the project in which the resource belongs. + If it is not provided, the project will be parsed from the identifier of the parent resource. If no project is provided in the parent identifier and no project is specified, the provider project is used. + :param pulumi.Input[str] role: The role that should be applied. Only one + `dataplex.AspectTypeIamBinding` can be used per role. Note that custom roles must be of the format + `[projects|organizations]/{parent-name}/roles/{role-name}`. + """ + opts = pulumi.ResourceOptions.merge(opts, pulumi.ResourceOptions(id=id)) + + __props__ = _AspectTypeIamMemberState.__new__(_AspectTypeIamMemberState) + + __props__.__dict__["aspect_type_id"] = aspect_type_id + __props__.__dict__["condition"] = condition + __props__.__dict__["etag"] = etag + __props__.__dict__["location"] = location + __props__.__dict__["member"] = member + __props__.__dict__["project"] = project + __props__.__dict__["role"] = role + return AspectTypeIamMember(resource_name, opts=opts, __props__=__props__) + + @property + @pulumi.getter(name="aspectTypeId") + def aspect_type_id(self) -> pulumi.Output[str]: + return pulumi.get(self, "aspect_type_id") + + @property + @pulumi.getter + def condition(self) -> pulumi.Output[Optional['outputs.AspectTypeIamMemberCondition']]: + return pulumi.get(self, "condition") + + @property + @pulumi.getter + def etag(self) -> pulumi.Output[str]: + """ + (Computed) The etag of the IAM policy. + """ + return pulumi.get(self, "etag") + + @property + @pulumi.getter + def location(self) -> pulumi.Output[str]: + """ + The location where aspect type will be created in. + Used to find the parent resource to bind the IAM policy to + """ + return pulumi.get(self, "location") + + @property + @pulumi.getter + def member(self) -> pulumi.Output[str]: + """ + Identities that will be granted the privilege in `role`. + Each entry can have one of the following values: + * **allUsers**: A special identifier that represents anyone who is on the internet; with or without a Google account. + * **allAuthenticatedUsers**: A special identifier that represents anyone who is authenticated with a Google account or a service account. + * **user:{emailid}**: An email address that represents a specific Google account. For example, alice@gmail.com or joe@example.com. + * **serviceAccount:{emailid}**: An email address that represents a service account. For example, my-other-app@appspot.gserviceaccount.com. + * **group:{emailid}**: An email address that represents a Google group. For example, admins@example.com. + * **domain:{domain}**: A G Suite domain (primary, instead of alias) name that represents all the users of that domain. For example, google.com or example.com. + * **projectOwner:projectid**: Owners of the given project. For example, "projectOwner:my-example-project" + * **projectEditor:projectid**: Editors of the given project. For example, "projectEditor:my-example-project" + * **projectViewer:projectid**: Viewers of the given project. For example, "projectViewer:my-example-project" + """ + return pulumi.get(self, "member") + + @property + @pulumi.getter + def project(self) -> pulumi.Output[str]: + """ + The ID of the project in which the resource belongs. + If it is not provided, the project will be parsed from the identifier of the parent resource. If no project is provided in the parent identifier and no project is specified, the provider project is used. + """ + return pulumi.get(self, "project") + + @property + @pulumi.getter + def role(self) -> pulumi.Output[str]: + """ + The role that should be applied. Only one + `dataplex.AspectTypeIamBinding` can be used per role. Note that custom roles must be of the format + `[projects|organizations]/{parent-name}/roles/{role-name}`. + """ + return pulumi.get(self, "role") + diff --git a/sdk/python/pulumi_gcp/dataplex/aspect_type_iam_policy.py b/sdk/python/pulumi_gcp/dataplex/aspect_type_iam_policy.py new file mode 100644 index 0000000000..4529bf3f91 --- /dev/null +++ b/sdk/python/pulumi_gcp/dataplex/aspect_type_iam_policy.py @@ -0,0 +1,604 @@ +# coding=utf-8 +# *** WARNING: this file was generated by the Pulumi Terraform Bridge (tfgen) Tool. *** +# *** Do not edit by hand unless you're certain you know what you are doing! *** + +import copy +import warnings +import pulumi +import pulumi.runtime +from typing import Any, Mapping, Optional, Sequence, Union, overload +from .. import _utilities + +__all__ = ['AspectTypeIamPolicyArgs', 'AspectTypeIamPolicy'] + +@pulumi.input_type +class AspectTypeIamPolicyArgs: + def __init__(__self__, *, + aspect_type_id: pulumi.Input[str], + policy_data: pulumi.Input[str], + location: Optional[pulumi.Input[str]] = None, + project: Optional[pulumi.Input[str]] = None): + """ + The set of arguments for constructing a AspectTypeIamPolicy resource. + :param pulumi.Input[str] policy_data: The policy data generated by + a `organizations_get_iam_policy` data source. + :param pulumi.Input[str] location: The location where aspect type will be created in. + Used to find the parent resource to bind the IAM policy to + :param pulumi.Input[str] project: The ID of the project in which the resource belongs. + If it is not provided, the project will be parsed from the identifier of the parent resource. If no project is provided in the parent identifier and no project is specified, the provider project is used. + """ + pulumi.set(__self__, "aspect_type_id", aspect_type_id) + pulumi.set(__self__, "policy_data", policy_data) + if location is not None: + pulumi.set(__self__, "location", location) + if project is not None: + pulumi.set(__self__, "project", project) + + @property + @pulumi.getter(name="aspectTypeId") + def aspect_type_id(self) -> pulumi.Input[str]: + return pulumi.get(self, "aspect_type_id") + + @aspect_type_id.setter + def aspect_type_id(self, value: pulumi.Input[str]): + pulumi.set(self, "aspect_type_id", value) + + @property + @pulumi.getter(name="policyData") + def policy_data(self) -> pulumi.Input[str]: + """ + The policy data generated by + a `organizations_get_iam_policy` data source. + """ + return pulumi.get(self, "policy_data") + + @policy_data.setter + def policy_data(self, value: pulumi.Input[str]): + pulumi.set(self, "policy_data", value) + + @property + @pulumi.getter + def location(self) -> Optional[pulumi.Input[str]]: + """ + The location where aspect type will be created in. + Used to find the parent resource to bind the IAM policy to + """ + return pulumi.get(self, "location") + + @location.setter + def location(self, value: Optional[pulumi.Input[str]]): + pulumi.set(self, "location", value) + + @property + @pulumi.getter + def project(self) -> Optional[pulumi.Input[str]]: + """ + The ID of the project in which the resource belongs. + If it is not provided, the project will be parsed from the identifier of the parent resource. If no project is provided in the parent identifier and no project is specified, the provider project is used. + """ + return pulumi.get(self, "project") + + @project.setter + def project(self, value: Optional[pulumi.Input[str]]): + pulumi.set(self, "project", value) + + +@pulumi.input_type +class _AspectTypeIamPolicyState: + def __init__(__self__, *, + aspect_type_id: Optional[pulumi.Input[str]] = None, + etag: Optional[pulumi.Input[str]] = None, + location: Optional[pulumi.Input[str]] = None, + policy_data: Optional[pulumi.Input[str]] = None, + project: Optional[pulumi.Input[str]] = None): + """ + Input properties used for looking up and filtering AspectTypeIamPolicy resources. + :param pulumi.Input[str] etag: (Computed) The etag of the IAM policy. + :param pulumi.Input[str] location: The location where aspect type will be created in. + Used to find the parent resource to bind the IAM policy to + :param pulumi.Input[str] policy_data: The policy data generated by + a `organizations_get_iam_policy` data source. + :param pulumi.Input[str] project: The ID of the project in which the resource belongs. + If it is not provided, the project will be parsed from the identifier of the parent resource. If no project is provided in the parent identifier and no project is specified, the provider project is used. + """ + if aspect_type_id is not None: + pulumi.set(__self__, "aspect_type_id", aspect_type_id) + if etag is not None: + pulumi.set(__self__, "etag", etag) + if location is not None: + pulumi.set(__self__, "location", location) + if policy_data is not None: + pulumi.set(__self__, "policy_data", policy_data) + if project is not None: + pulumi.set(__self__, "project", project) + + @property + @pulumi.getter(name="aspectTypeId") + def aspect_type_id(self) -> Optional[pulumi.Input[str]]: + return pulumi.get(self, "aspect_type_id") + + @aspect_type_id.setter + def aspect_type_id(self, value: Optional[pulumi.Input[str]]): + pulumi.set(self, "aspect_type_id", value) + + @property + @pulumi.getter + def etag(self) -> Optional[pulumi.Input[str]]: + """ + (Computed) The etag of the IAM policy. + """ + return pulumi.get(self, "etag") + + @etag.setter + def etag(self, value: Optional[pulumi.Input[str]]): + pulumi.set(self, "etag", value) + + @property + @pulumi.getter + def location(self) -> Optional[pulumi.Input[str]]: + """ + The location where aspect type will be created in. + Used to find the parent resource to bind the IAM policy to + """ + return pulumi.get(self, "location") + + @location.setter + def location(self, value: Optional[pulumi.Input[str]]): + pulumi.set(self, "location", value) + + @property + @pulumi.getter(name="policyData") + def policy_data(self) -> Optional[pulumi.Input[str]]: + """ + The policy data generated by + a `organizations_get_iam_policy` data source. + """ + return pulumi.get(self, "policy_data") + + @policy_data.setter + def policy_data(self, value: Optional[pulumi.Input[str]]): + pulumi.set(self, "policy_data", value) + + @property + @pulumi.getter + def project(self) -> Optional[pulumi.Input[str]]: + """ + The ID of the project in which the resource belongs. + If it is not provided, the project will be parsed from the identifier of the parent resource. If no project is provided in the parent identifier and no project is specified, the provider project is used. + """ + return pulumi.get(self, "project") + + @project.setter + def project(self, value: Optional[pulumi.Input[str]]): + pulumi.set(self, "project", value) + + +class AspectTypeIamPolicy(pulumi.CustomResource): + @overload + def __init__(__self__, + resource_name: str, + opts: Optional[pulumi.ResourceOptions] = None, + aspect_type_id: Optional[pulumi.Input[str]] = None, + location: Optional[pulumi.Input[str]] = None, + policy_data: Optional[pulumi.Input[str]] = None, + project: Optional[pulumi.Input[str]] = None, + __props__=None): + """ + Three different resources help you manage your IAM policy for Dataplex AspectType. Each of these resources serves a different use case: + + * `dataplex.AspectTypeIamPolicy`: Authoritative. Sets the IAM policy for the aspecttype and replaces any existing policy already attached. + * `dataplex.AspectTypeIamBinding`: Authoritative for a given role. Updates the IAM policy to grant a role to a list of members. Other roles within the IAM policy for the aspecttype are preserved. + * `dataplex.AspectTypeIamMember`: Non-authoritative. Updates the IAM policy to grant a role to a new member. Other members for the role for the aspecttype are preserved. + + A data source can be used to retrieve policy data in advent you do not need creation + + * `dataplex.AspectTypeIamPolicy`: Retrieves the IAM policy for the aspecttype + + > **Note:** `dataplex.AspectTypeIamPolicy` **cannot** be used in conjunction with `dataplex.AspectTypeIamBinding` and `dataplex.AspectTypeIamMember` or they will fight over what your policy should be. + + > **Note:** `dataplex.AspectTypeIamBinding` resources **can be** used in conjunction with `dataplex.AspectTypeIamMember` resources **only if** they do not grant privilege to the same role. + + ## dataplex.AspectTypeIamPolicy + + ```python + import pulumi + import pulumi_gcp as gcp + + admin = gcp.organizations.get_iam_policy(bindings=[gcp.organizations.GetIAMPolicyBindingArgs( + role="roles/viewer", + members=["user:jane@example.com"], + )]) + policy = gcp.dataplex.AspectTypeIamPolicy("policy", + project=test_aspect_type_basic["project"], + location=test_aspect_type_basic["location"], + aspect_type_id=test_aspect_type_basic["aspectTypeId"], + policy_data=admin.policy_data) + ``` + + ## dataplex.AspectTypeIamBinding + + ```python + import pulumi + import pulumi_gcp as gcp + + binding = gcp.dataplex.AspectTypeIamBinding("binding", + project=test_aspect_type_basic["project"], + location=test_aspect_type_basic["location"], + aspect_type_id=test_aspect_type_basic["aspectTypeId"], + role="roles/viewer", + members=["user:jane@example.com"]) + ``` + + ## dataplex.AspectTypeIamMember + + ```python + import pulumi + import pulumi_gcp as gcp + + member = gcp.dataplex.AspectTypeIamMember("member", + project=test_aspect_type_basic["project"], + location=test_aspect_type_basic["location"], + aspect_type_id=test_aspect_type_basic["aspectTypeId"], + role="roles/viewer", + member="user:jane@example.com") + ``` + + ## dataplex.AspectTypeIamPolicy + + ```python + import pulumi + import pulumi_gcp as gcp + + admin = gcp.organizations.get_iam_policy(bindings=[gcp.organizations.GetIAMPolicyBindingArgs( + role="roles/viewer", + members=["user:jane@example.com"], + )]) + policy = gcp.dataplex.AspectTypeIamPolicy("policy", + project=test_aspect_type_basic["project"], + location=test_aspect_type_basic["location"], + aspect_type_id=test_aspect_type_basic["aspectTypeId"], + policy_data=admin.policy_data) + ``` + + ## dataplex.AspectTypeIamBinding + + ```python + import pulumi + import pulumi_gcp as gcp + + binding = gcp.dataplex.AspectTypeIamBinding("binding", + project=test_aspect_type_basic["project"], + location=test_aspect_type_basic["location"], + aspect_type_id=test_aspect_type_basic["aspectTypeId"], + role="roles/viewer", + members=["user:jane@example.com"]) + ``` + + ## dataplex.AspectTypeIamMember + + ```python + import pulumi + import pulumi_gcp as gcp + + member = gcp.dataplex.AspectTypeIamMember("member", + project=test_aspect_type_basic["project"], + location=test_aspect_type_basic["location"], + aspect_type_id=test_aspect_type_basic["aspectTypeId"], + role="roles/viewer", + member="user:jane@example.com") + ``` + + ## Import + + For all import syntaxes, the "resource in question" can take any of the following forms: + + * projects/{{project}}/locations/{{location}}/aspectTypes/{{aspect_type_id}} + + * {{project}}/{{location}}/{{aspect_type_id}} + + * {{location}}/{{aspect_type_id}} + + * {{aspect_type_id}} + + Any variables not passed in the import command will be taken from the provider configuration. + + Dataplex aspecttype IAM resources can be imported using the resource identifiers, role, and member. + + IAM member imports use space-delimited identifiers: the resource in question, the role, and the member identity, e.g. + + ```sh + $ pulumi import gcp:dataplex/aspectTypeIamPolicy:AspectTypeIamPolicy editor "projects/{{project}}/locations/{{location}}/aspectTypes/{{aspect_type_id}} roles/viewer user:jane@example.com" + ``` + + IAM binding imports use space-delimited identifiers: the resource in question and the role, e.g. + + ```sh + $ pulumi import gcp:dataplex/aspectTypeIamPolicy:AspectTypeIamPolicy editor "projects/{{project}}/locations/{{location}}/aspectTypes/{{aspect_type_id}} roles/viewer" + ``` + + IAM policy imports use the identifier of the resource in question, e.g. + + ```sh + $ pulumi import gcp:dataplex/aspectTypeIamPolicy:AspectTypeIamPolicy editor projects/{{project}}/locations/{{location}}/aspectTypes/{{aspect_type_id}} + ``` + + -> **Custom Roles**: If you're importing a IAM resource with a custom role, make sure to use the + + full name of the custom role, e.g. `[projects/my-project|organizations/my-org]/roles/my-custom-role`. + + :param str resource_name: The name of the resource. + :param pulumi.ResourceOptions opts: Options for the resource. + :param pulumi.Input[str] location: The location where aspect type will be created in. + Used to find the parent resource to bind the IAM policy to + :param pulumi.Input[str] policy_data: The policy data generated by + a `organizations_get_iam_policy` data source. + :param pulumi.Input[str] project: The ID of the project in which the resource belongs. + If it is not provided, the project will be parsed from the identifier of the parent resource. If no project is provided in the parent identifier and no project is specified, the provider project is used. + """ + ... + @overload + def __init__(__self__, + resource_name: str, + args: AspectTypeIamPolicyArgs, + opts: Optional[pulumi.ResourceOptions] = None): + """ + Three different resources help you manage your IAM policy for Dataplex AspectType. Each of these resources serves a different use case: + + * `dataplex.AspectTypeIamPolicy`: Authoritative. Sets the IAM policy for the aspecttype and replaces any existing policy already attached. + * `dataplex.AspectTypeIamBinding`: Authoritative for a given role. Updates the IAM policy to grant a role to a list of members. Other roles within the IAM policy for the aspecttype are preserved. + * `dataplex.AspectTypeIamMember`: Non-authoritative. Updates the IAM policy to grant a role to a new member. Other members for the role for the aspecttype are preserved. + + A data source can be used to retrieve policy data in advent you do not need creation + + * `dataplex.AspectTypeIamPolicy`: Retrieves the IAM policy for the aspecttype + + > **Note:** `dataplex.AspectTypeIamPolicy` **cannot** be used in conjunction with `dataplex.AspectTypeIamBinding` and `dataplex.AspectTypeIamMember` or they will fight over what your policy should be. + + > **Note:** `dataplex.AspectTypeIamBinding` resources **can be** used in conjunction with `dataplex.AspectTypeIamMember` resources **only if** they do not grant privilege to the same role. + + ## dataplex.AspectTypeIamPolicy + + ```python + import pulumi + import pulumi_gcp as gcp + + admin = gcp.organizations.get_iam_policy(bindings=[gcp.organizations.GetIAMPolicyBindingArgs( + role="roles/viewer", + members=["user:jane@example.com"], + )]) + policy = gcp.dataplex.AspectTypeIamPolicy("policy", + project=test_aspect_type_basic["project"], + location=test_aspect_type_basic["location"], + aspect_type_id=test_aspect_type_basic["aspectTypeId"], + policy_data=admin.policy_data) + ``` + + ## dataplex.AspectTypeIamBinding + + ```python + import pulumi + import pulumi_gcp as gcp + + binding = gcp.dataplex.AspectTypeIamBinding("binding", + project=test_aspect_type_basic["project"], + location=test_aspect_type_basic["location"], + aspect_type_id=test_aspect_type_basic["aspectTypeId"], + role="roles/viewer", + members=["user:jane@example.com"]) + ``` + + ## dataplex.AspectTypeIamMember + + ```python + import pulumi + import pulumi_gcp as gcp + + member = gcp.dataplex.AspectTypeIamMember("member", + project=test_aspect_type_basic["project"], + location=test_aspect_type_basic["location"], + aspect_type_id=test_aspect_type_basic["aspectTypeId"], + role="roles/viewer", + member="user:jane@example.com") + ``` + + ## dataplex.AspectTypeIamPolicy + + ```python + import pulumi + import pulumi_gcp as gcp + + admin = gcp.organizations.get_iam_policy(bindings=[gcp.organizations.GetIAMPolicyBindingArgs( + role="roles/viewer", + members=["user:jane@example.com"], + )]) + policy = gcp.dataplex.AspectTypeIamPolicy("policy", + project=test_aspect_type_basic["project"], + location=test_aspect_type_basic["location"], + aspect_type_id=test_aspect_type_basic["aspectTypeId"], + policy_data=admin.policy_data) + ``` + + ## dataplex.AspectTypeIamBinding + + ```python + import pulumi + import pulumi_gcp as gcp + + binding = gcp.dataplex.AspectTypeIamBinding("binding", + project=test_aspect_type_basic["project"], + location=test_aspect_type_basic["location"], + aspect_type_id=test_aspect_type_basic["aspectTypeId"], + role="roles/viewer", + members=["user:jane@example.com"]) + ``` + + ## dataplex.AspectTypeIamMember + + ```python + import pulumi + import pulumi_gcp as gcp + + member = gcp.dataplex.AspectTypeIamMember("member", + project=test_aspect_type_basic["project"], + location=test_aspect_type_basic["location"], + aspect_type_id=test_aspect_type_basic["aspectTypeId"], + role="roles/viewer", + member="user:jane@example.com") + ``` + + ## Import + + For all import syntaxes, the "resource in question" can take any of the following forms: + + * projects/{{project}}/locations/{{location}}/aspectTypes/{{aspect_type_id}} + + * {{project}}/{{location}}/{{aspect_type_id}} + + * {{location}}/{{aspect_type_id}} + + * {{aspect_type_id}} + + Any variables not passed in the import command will be taken from the provider configuration. + + Dataplex aspecttype IAM resources can be imported using the resource identifiers, role, and member. + + IAM member imports use space-delimited identifiers: the resource in question, the role, and the member identity, e.g. + + ```sh + $ pulumi import gcp:dataplex/aspectTypeIamPolicy:AspectTypeIamPolicy editor "projects/{{project}}/locations/{{location}}/aspectTypes/{{aspect_type_id}} roles/viewer user:jane@example.com" + ``` + + IAM binding imports use space-delimited identifiers: the resource in question and the role, e.g. + + ```sh + $ pulumi import gcp:dataplex/aspectTypeIamPolicy:AspectTypeIamPolicy editor "projects/{{project}}/locations/{{location}}/aspectTypes/{{aspect_type_id}} roles/viewer" + ``` + + IAM policy imports use the identifier of the resource in question, e.g. + + ```sh + $ pulumi import gcp:dataplex/aspectTypeIamPolicy:AspectTypeIamPolicy editor projects/{{project}}/locations/{{location}}/aspectTypes/{{aspect_type_id}} + ``` + + -> **Custom Roles**: If you're importing a IAM resource with a custom role, make sure to use the + + full name of the custom role, e.g. `[projects/my-project|organizations/my-org]/roles/my-custom-role`. + + :param str resource_name: The name of the resource. + :param AspectTypeIamPolicyArgs args: The arguments to use to populate this resource's properties. + :param pulumi.ResourceOptions opts: Options for the resource. + """ + ... + def __init__(__self__, resource_name: str, *args, **kwargs): + resource_args, opts = _utilities.get_resource_args_opts(AspectTypeIamPolicyArgs, pulumi.ResourceOptions, *args, **kwargs) + if resource_args is not None: + __self__._internal_init(resource_name, opts, **resource_args.__dict__) + else: + __self__._internal_init(resource_name, *args, **kwargs) + + def _internal_init(__self__, + resource_name: str, + opts: Optional[pulumi.ResourceOptions] = None, + aspect_type_id: Optional[pulumi.Input[str]] = None, + location: Optional[pulumi.Input[str]] = None, + policy_data: Optional[pulumi.Input[str]] = None, + project: Optional[pulumi.Input[str]] = None, + __props__=None): + opts = pulumi.ResourceOptions.merge(_utilities.get_resource_opts_defaults(), opts) + if not isinstance(opts, pulumi.ResourceOptions): + raise TypeError('Expected resource options to be a ResourceOptions instance') + if opts.id is None: + if __props__ is not None: + raise TypeError('__props__ is only valid when passed in combination with a valid opts.id to get an existing resource') + __props__ = AspectTypeIamPolicyArgs.__new__(AspectTypeIamPolicyArgs) + + if aspect_type_id is None and not opts.urn: + raise TypeError("Missing required property 'aspect_type_id'") + __props__.__dict__["aspect_type_id"] = aspect_type_id + __props__.__dict__["location"] = location + if policy_data is None and not opts.urn: + raise TypeError("Missing required property 'policy_data'") + __props__.__dict__["policy_data"] = policy_data + __props__.__dict__["project"] = project + __props__.__dict__["etag"] = None + super(AspectTypeIamPolicy, __self__).__init__( + 'gcp:dataplex/aspectTypeIamPolicy:AspectTypeIamPolicy', + resource_name, + __props__, + opts) + + @staticmethod + def get(resource_name: str, + id: pulumi.Input[str], + opts: Optional[pulumi.ResourceOptions] = None, + aspect_type_id: Optional[pulumi.Input[str]] = None, + etag: Optional[pulumi.Input[str]] = None, + location: Optional[pulumi.Input[str]] = None, + policy_data: Optional[pulumi.Input[str]] = None, + project: Optional[pulumi.Input[str]] = None) -> 'AspectTypeIamPolicy': + """ + Get an existing AspectTypeIamPolicy resource's state with the given name, id, and optional extra + properties used to qualify the lookup. + + :param str resource_name: The unique name of the resulting resource. + :param pulumi.Input[str] id: The unique provider ID of the resource to lookup. + :param pulumi.ResourceOptions opts: Options for the resource. + :param pulumi.Input[str] etag: (Computed) The etag of the IAM policy. + :param pulumi.Input[str] location: The location where aspect type will be created in. + Used to find the parent resource to bind the IAM policy to + :param pulumi.Input[str] policy_data: The policy data generated by + a `organizations_get_iam_policy` data source. + :param pulumi.Input[str] project: The ID of the project in which the resource belongs. + If it is not provided, the project will be parsed from the identifier of the parent resource. If no project is provided in the parent identifier and no project is specified, the provider project is used. + """ + opts = pulumi.ResourceOptions.merge(opts, pulumi.ResourceOptions(id=id)) + + __props__ = _AspectTypeIamPolicyState.__new__(_AspectTypeIamPolicyState) + + __props__.__dict__["aspect_type_id"] = aspect_type_id + __props__.__dict__["etag"] = etag + __props__.__dict__["location"] = location + __props__.__dict__["policy_data"] = policy_data + __props__.__dict__["project"] = project + return AspectTypeIamPolicy(resource_name, opts=opts, __props__=__props__) + + @property + @pulumi.getter(name="aspectTypeId") + def aspect_type_id(self) -> pulumi.Output[str]: + return pulumi.get(self, "aspect_type_id") + + @property + @pulumi.getter + def etag(self) -> pulumi.Output[str]: + """ + (Computed) The etag of the IAM policy. + """ + return pulumi.get(self, "etag") + + @property + @pulumi.getter + def location(self) -> pulumi.Output[str]: + """ + The location where aspect type will be created in. + Used to find the parent resource to bind the IAM policy to + """ + return pulumi.get(self, "location") + + @property + @pulumi.getter(name="policyData") + def policy_data(self) -> pulumi.Output[str]: + """ + The policy data generated by + a `organizations_get_iam_policy` data source. + """ + return pulumi.get(self, "policy_data") + + @property + @pulumi.getter + def project(self) -> pulumi.Output[str]: + """ + The ID of the project in which the resource belongs. + If it is not provided, the project will be parsed from the identifier of the parent resource. If no project is provided in the parent identifier and no project is specified, the provider project is used. + """ + return pulumi.get(self, "project") + diff --git a/sdk/python/pulumi_gcp/dataplex/entry_group.py b/sdk/python/pulumi_gcp/dataplex/entry_group.py new file mode 100644 index 0000000000..40bfbbdea3 --- /dev/null +++ b/sdk/python/pulumi_gcp/dataplex/entry_group.py @@ -0,0 +1,722 @@ +# coding=utf-8 +# *** WARNING: this file was generated by the Pulumi Terraform Bridge (tfgen) Tool. *** +# *** Do not edit by hand unless you're certain you know what you are doing! *** + +import copy +import warnings +import pulumi +import pulumi.runtime +from typing import Any, Mapping, Optional, Sequence, Union, overload +from .. import _utilities + +__all__ = ['EntryGroupArgs', 'EntryGroup'] + +@pulumi.input_type +class EntryGroupArgs: + def __init__(__self__, *, + description: Optional[pulumi.Input[str]] = None, + display_name: Optional[pulumi.Input[str]] = None, + entry_group_id: Optional[pulumi.Input[str]] = None, + labels: Optional[pulumi.Input[Mapping[str, pulumi.Input[str]]]] = None, + location: Optional[pulumi.Input[str]] = None, + project: Optional[pulumi.Input[str]] = None): + """ + The set of arguments for constructing a EntryGroup resource. + :param pulumi.Input[str] description: Description of the EntryGroup. + :param pulumi.Input[str] display_name: User friendly display name. + :param pulumi.Input[str] entry_group_id: The entry group id of the entry group. + :param pulumi.Input[Mapping[str, pulumi.Input[str]]] labels: User-defined labels for the EntryGroup. + + **Note**: This field is non-authoritative, and will only manage the labels present in your configuration. + Please refer to the field `effective_labels` for all of the labels present on the resource. + :param pulumi.Input[str] location: The location where entry group will be created in. + :param pulumi.Input[str] project: The ID of the project in which the resource belongs. + If it is not provided, the provider project is used. + """ + if description is not None: + pulumi.set(__self__, "description", description) + if display_name is not None: + pulumi.set(__self__, "display_name", display_name) + if entry_group_id is not None: + pulumi.set(__self__, "entry_group_id", entry_group_id) + if labels is not None: + pulumi.set(__self__, "labels", labels) + if location is not None: + pulumi.set(__self__, "location", location) + if project is not None: + pulumi.set(__self__, "project", project) + + @property + @pulumi.getter + def description(self) -> Optional[pulumi.Input[str]]: + """ + Description of the EntryGroup. + """ + return pulumi.get(self, "description") + + @description.setter + def description(self, value: Optional[pulumi.Input[str]]): + pulumi.set(self, "description", value) + + @property + @pulumi.getter(name="displayName") + def display_name(self) -> Optional[pulumi.Input[str]]: + """ + User friendly display name. + """ + return pulumi.get(self, "display_name") + + @display_name.setter + def display_name(self, value: Optional[pulumi.Input[str]]): + pulumi.set(self, "display_name", value) + + @property + @pulumi.getter(name="entryGroupId") + def entry_group_id(self) -> Optional[pulumi.Input[str]]: + """ + The entry group id of the entry group. + """ + return pulumi.get(self, "entry_group_id") + + @entry_group_id.setter + def entry_group_id(self, value: Optional[pulumi.Input[str]]): + pulumi.set(self, "entry_group_id", value) + + @property + @pulumi.getter + def labels(self) -> Optional[pulumi.Input[Mapping[str, pulumi.Input[str]]]]: + """ + User-defined labels for the EntryGroup. + + **Note**: This field is non-authoritative, and will only manage the labels present in your configuration. + Please refer to the field `effective_labels` for all of the labels present on the resource. + """ + return pulumi.get(self, "labels") + + @labels.setter + def labels(self, value: Optional[pulumi.Input[Mapping[str, pulumi.Input[str]]]]): + pulumi.set(self, "labels", value) + + @property + @pulumi.getter + def location(self) -> Optional[pulumi.Input[str]]: + """ + The location where entry group will be created in. + """ + return pulumi.get(self, "location") + + @location.setter + def location(self, value: Optional[pulumi.Input[str]]): + pulumi.set(self, "location", value) + + @property + @pulumi.getter + def project(self) -> Optional[pulumi.Input[str]]: + """ + The ID of the project in which the resource belongs. + If it is not provided, the provider project is used. + """ + return pulumi.get(self, "project") + + @project.setter + def project(self, value: Optional[pulumi.Input[str]]): + pulumi.set(self, "project", value) + + +@pulumi.input_type +class _EntryGroupState: + def __init__(__self__, *, + create_time: Optional[pulumi.Input[str]] = None, + description: Optional[pulumi.Input[str]] = None, + display_name: Optional[pulumi.Input[str]] = None, + effective_labels: Optional[pulumi.Input[Mapping[str, pulumi.Input[str]]]] = None, + entry_group_id: Optional[pulumi.Input[str]] = None, + labels: Optional[pulumi.Input[Mapping[str, pulumi.Input[str]]]] = None, + location: Optional[pulumi.Input[str]] = None, + name: Optional[pulumi.Input[str]] = None, + project: Optional[pulumi.Input[str]] = None, + pulumi_labels: Optional[pulumi.Input[Mapping[str, pulumi.Input[str]]]] = None, + transfer_status: Optional[pulumi.Input[str]] = None, + uid: Optional[pulumi.Input[str]] = None, + update_time: Optional[pulumi.Input[str]] = None): + """ + Input properties used for looking up and filtering EntryGroup resources. + :param pulumi.Input[str] create_time: The time when the EntryGroup was created. + :param pulumi.Input[str] description: Description of the EntryGroup. + :param pulumi.Input[str] display_name: User friendly display name. + :param pulumi.Input[Mapping[str, pulumi.Input[str]]] effective_labels: All of labels (key/value pairs) present on the resource in GCP, including the labels configured through Pulumi, other clients and services. + :param pulumi.Input[str] entry_group_id: The entry group id of the entry group. + :param pulumi.Input[Mapping[str, pulumi.Input[str]]] labels: User-defined labels for the EntryGroup. + + **Note**: This field is non-authoritative, and will only manage the labels present in your configuration. + Please refer to the field `effective_labels` for all of the labels present on the resource. + :param pulumi.Input[str] location: The location where entry group will be created in. + :param pulumi.Input[str] name: The relative resource name of the EntryGroup, of the form: projects/{project_number}/locations/{location_id}/entryGroups/{entry_group_id} + :param pulumi.Input[str] project: The ID of the project in which the resource belongs. + If it is not provided, the provider project is used. + :param pulumi.Input[Mapping[str, pulumi.Input[str]]] pulumi_labels: The combination of labels configured directly on the resource + and default labels configured on the provider. + :param pulumi.Input[str] transfer_status: Denotes the transfer status of the Entry Group. It is unspecified + for Entry Group created from Dataplex API. + :param pulumi.Input[str] uid: System generated globally unique ID for the EntryGroup. This ID will be different if the EntryGroup is deleted and re-created with the same name. + :param pulumi.Input[str] update_time: The time when the EntryGroup was last updated. + """ + if create_time is not None: + pulumi.set(__self__, "create_time", create_time) + if description is not None: + pulumi.set(__self__, "description", description) + if display_name is not None: + pulumi.set(__self__, "display_name", display_name) + if effective_labels is not None: + pulumi.set(__self__, "effective_labels", effective_labels) + if entry_group_id is not None: + pulumi.set(__self__, "entry_group_id", entry_group_id) + if labels is not None: + pulumi.set(__self__, "labels", labels) + if location is not None: + pulumi.set(__self__, "location", location) + if name is not None: + pulumi.set(__self__, "name", name) + if project is not None: + pulumi.set(__self__, "project", project) + if pulumi_labels is not None: + pulumi.set(__self__, "pulumi_labels", pulumi_labels) + if transfer_status is not None: + pulumi.set(__self__, "transfer_status", transfer_status) + if uid is not None: + pulumi.set(__self__, "uid", uid) + if update_time is not None: + pulumi.set(__self__, "update_time", update_time) + + @property + @pulumi.getter(name="createTime") + def create_time(self) -> Optional[pulumi.Input[str]]: + """ + The time when the EntryGroup was created. + """ + return pulumi.get(self, "create_time") + + @create_time.setter + def create_time(self, value: Optional[pulumi.Input[str]]): + pulumi.set(self, "create_time", value) + + @property + @pulumi.getter + def description(self) -> Optional[pulumi.Input[str]]: + """ + Description of the EntryGroup. + """ + return pulumi.get(self, "description") + + @description.setter + def description(self, value: Optional[pulumi.Input[str]]): + pulumi.set(self, "description", value) + + @property + @pulumi.getter(name="displayName") + def display_name(self) -> Optional[pulumi.Input[str]]: + """ + User friendly display name. + """ + return pulumi.get(self, "display_name") + + @display_name.setter + def display_name(self, value: Optional[pulumi.Input[str]]): + pulumi.set(self, "display_name", value) + + @property + @pulumi.getter(name="effectiveLabels") + def effective_labels(self) -> Optional[pulumi.Input[Mapping[str, pulumi.Input[str]]]]: + """ + All of labels (key/value pairs) present on the resource in GCP, including the labels configured through Pulumi, other clients and services. + """ + return pulumi.get(self, "effective_labels") + + @effective_labels.setter + def effective_labels(self, value: Optional[pulumi.Input[Mapping[str, pulumi.Input[str]]]]): + pulumi.set(self, "effective_labels", value) + + @property + @pulumi.getter(name="entryGroupId") + def entry_group_id(self) -> Optional[pulumi.Input[str]]: + """ + The entry group id of the entry group. + """ + return pulumi.get(self, "entry_group_id") + + @entry_group_id.setter + def entry_group_id(self, value: Optional[pulumi.Input[str]]): + pulumi.set(self, "entry_group_id", value) + + @property + @pulumi.getter + def labels(self) -> Optional[pulumi.Input[Mapping[str, pulumi.Input[str]]]]: + """ + User-defined labels for the EntryGroup. + + **Note**: This field is non-authoritative, and will only manage the labels present in your configuration. + Please refer to the field `effective_labels` for all of the labels present on the resource. + """ + return pulumi.get(self, "labels") + + @labels.setter + def labels(self, value: Optional[pulumi.Input[Mapping[str, pulumi.Input[str]]]]): + pulumi.set(self, "labels", value) + + @property + @pulumi.getter + def location(self) -> Optional[pulumi.Input[str]]: + """ + The location where entry group will be created in. + """ + return pulumi.get(self, "location") + + @location.setter + def location(self, value: Optional[pulumi.Input[str]]): + pulumi.set(self, "location", value) + + @property + @pulumi.getter + def name(self) -> Optional[pulumi.Input[str]]: + """ + The relative resource name of the EntryGroup, of the form: projects/{project_number}/locations/{location_id}/entryGroups/{entry_group_id} + """ + return pulumi.get(self, "name") + + @name.setter + def name(self, value: Optional[pulumi.Input[str]]): + pulumi.set(self, "name", value) + + @property + @pulumi.getter + def project(self) -> Optional[pulumi.Input[str]]: + """ + The ID of the project in which the resource belongs. + If it is not provided, the provider project is used. + """ + return pulumi.get(self, "project") + + @project.setter + def project(self, value: Optional[pulumi.Input[str]]): + pulumi.set(self, "project", value) + + @property + @pulumi.getter(name="pulumiLabels") + def pulumi_labels(self) -> Optional[pulumi.Input[Mapping[str, pulumi.Input[str]]]]: + """ + The combination of labels configured directly on the resource + and default labels configured on the provider. + """ + return pulumi.get(self, "pulumi_labels") + + @pulumi_labels.setter + def pulumi_labels(self, value: Optional[pulumi.Input[Mapping[str, pulumi.Input[str]]]]): + pulumi.set(self, "pulumi_labels", value) + + @property + @pulumi.getter(name="transferStatus") + def transfer_status(self) -> Optional[pulumi.Input[str]]: + """ + Denotes the transfer status of the Entry Group. It is unspecified + for Entry Group created from Dataplex API. + """ + return pulumi.get(self, "transfer_status") + + @transfer_status.setter + def transfer_status(self, value: Optional[pulumi.Input[str]]): + pulumi.set(self, "transfer_status", value) + + @property + @pulumi.getter + def uid(self) -> Optional[pulumi.Input[str]]: + """ + System generated globally unique ID for the EntryGroup. This ID will be different if the EntryGroup is deleted and re-created with the same name. + """ + return pulumi.get(self, "uid") + + @uid.setter + def uid(self, value: Optional[pulumi.Input[str]]): + pulumi.set(self, "uid", value) + + @property + @pulumi.getter(name="updateTime") + def update_time(self) -> Optional[pulumi.Input[str]]: + """ + The time when the EntryGroup was last updated. + """ + return pulumi.get(self, "update_time") + + @update_time.setter + def update_time(self, value: Optional[pulumi.Input[str]]): + pulumi.set(self, "update_time", value) + + +class EntryGroup(pulumi.CustomResource): + @overload + def __init__(__self__, + resource_name: str, + opts: Optional[pulumi.ResourceOptions] = None, + description: Optional[pulumi.Input[str]] = None, + display_name: Optional[pulumi.Input[str]] = None, + entry_group_id: Optional[pulumi.Input[str]] = None, + labels: Optional[pulumi.Input[Mapping[str, pulumi.Input[str]]]] = None, + location: Optional[pulumi.Input[str]] = None, + project: Optional[pulumi.Input[str]] = None, + __props__=None): + """ + An Entry Group represents a logical grouping of one or more Entries. + + ## Example Usage + + ### Dataplex Entry Group Basic + + ```python + import pulumi + import pulumi_gcp as gcp + + test_entry_group_basic = gcp.dataplex.EntryGroup("test_entry_group_basic", + entry_group_id="entry-group-basic", + project="my-project-name", + location="us-central1") + ``` + ### Dataplex Entry Group Full + + ```python + import pulumi + import pulumi_gcp as gcp + + test_entry_group_full = gcp.dataplex.EntryGroup("test_entry_group_full", + entry_group_id="entry-group-full", + project="my-project-name", + location="us-central1", + labels={ + "tag": "test-tf", + }, + display_name="terraform entry group", + description="entry group created by Terraform") + ``` + + ## Import + + EntryGroup can be imported using any of these accepted formats: + + * `projects/{{project}}/locations/{{location}}/entryGroups/{{entry_group_id}}` + + * `{{project}}/{{location}}/{{entry_group_id}}` + + * `{{location}}/{{entry_group_id}}` + + When using the `pulumi import` command, EntryGroup can be imported using one of the formats above. For example: + + ```sh + $ pulumi import gcp:dataplex/entryGroup:EntryGroup default projects/{{project}}/locations/{{location}}/entryGroups/{{entry_group_id}} + ``` + + ```sh + $ pulumi import gcp:dataplex/entryGroup:EntryGroup default {{project}}/{{location}}/{{entry_group_id}} + ``` + + ```sh + $ pulumi import gcp:dataplex/entryGroup:EntryGroup default {{location}}/{{entry_group_id}} + ``` + + :param str resource_name: The name of the resource. + :param pulumi.ResourceOptions opts: Options for the resource. + :param pulumi.Input[str] description: Description of the EntryGroup. + :param pulumi.Input[str] display_name: User friendly display name. + :param pulumi.Input[str] entry_group_id: The entry group id of the entry group. + :param pulumi.Input[Mapping[str, pulumi.Input[str]]] labels: User-defined labels for the EntryGroup. + + **Note**: This field is non-authoritative, and will only manage the labels present in your configuration. + Please refer to the field `effective_labels` for all of the labels present on the resource. + :param pulumi.Input[str] location: The location where entry group will be created in. + :param pulumi.Input[str] project: The ID of the project in which the resource belongs. + If it is not provided, the provider project is used. + """ + ... + @overload + def __init__(__self__, + resource_name: str, + args: Optional[EntryGroupArgs] = None, + opts: Optional[pulumi.ResourceOptions] = None): + """ + An Entry Group represents a logical grouping of one or more Entries. + + ## Example Usage + + ### Dataplex Entry Group Basic + + ```python + import pulumi + import pulumi_gcp as gcp + + test_entry_group_basic = gcp.dataplex.EntryGroup("test_entry_group_basic", + entry_group_id="entry-group-basic", + project="my-project-name", + location="us-central1") + ``` + ### Dataplex Entry Group Full + + ```python + import pulumi + import pulumi_gcp as gcp + + test_entry_group_full = gcp.dataplex.EntryGroup("test_entry_group_full", + entry_group_id="entry-group-full", + project="my-project-name", + location="us-central1", + labels={ + "tag": "test-tf", + }, + display_name="terraform entry group", + description="entry group created by Terraform") + ``` + + ## Import + + EntryGroup can be imported using any of these accepted formats: + + * `projects/{{project}}/locations/{{location}}/entryGroups/{{entry_group_id}}` + + * `{{project}}/{{location}}/{{entry_group_id}}` + + * `{{location}}/{{entry_group_id}}` + + When using the `pulumi import` command, EntryGroup can be imported using one of the formats above. For example: + + ```sh + $ pulumi import gcp:dataplex/entryGroup:EntryGroup default projects/{{project}}/locations/{{location}}/entryGroups/{{entry_group_id}} + ``` + + ```sh + $ pulumi import gcp:dataplex/entryGroup:EntryGroup default {{project}}/{{location}}/{{entry_group_id}} + ``` + + ```sh + $ pulumi import gcp:dataplex/entryGroup:EntryGroup default {{location}}/{{entry_group_id}} + ``` + + :param str resource_name: The name of the resource. + :param EntryGroupArgs args: The arguments to use to populate this resource's properties. + :param pulumi.ResourceOptions opts: Options for the resource. + """ + ... + def __init__(__self__, resource_name: str, *args, **kwargs): + resource_args, opts = _utilities.get_resource_args_opts(EntryGroupArgs, pulumi.ResourceOptions, *args, **kwargs) + if resource_args is not None: + __self__._internal_init(resource_name, opts, **resource_args.__dict__) + else: + __self__._internal_init(resource_name, *args, **kwargs) + + def _internal_init(__self__, + resource_name: str, + opts: Optional[pulumi.ResourceOptions] = None, + description: Optional[pulumi.Input[str]] = None, + display_name: Optional[pulumi.Input[str]] = None, + entry_group_id: Optional[pulumi.Input[str]] = None, + labels: Optional[pulumi.Input[Mapping[str, pulumi.Input[str]]]] = None, + location: Optional[pulumi.Input[str]] = None, + project: Optional[pulumi.Input[str]] = None, + __props__=None): + opts = pulumi.ResourceOptions.merge(_utilities.get_resource_opts_defaults(), opts) + if not isinstance(opts, pulumi.ResourceOptions): + raise TypeError('Expected resource options to be a ResourceOptions instance') + if opts.id is None: + if __props__ is not None: + raise TypeError('__props__ is only valid when passed in combination with a valid opts.id to get an existing resource') + __props__ = EntryGroupArgs.__new__(EntryGroupArgs) + + __props__.__dict__["description"] = description + __props__.__dict__["display_name"] = display_name + __props__.__dict__["entry_group_id"] = entry_group_id + __props__.__dict__["labels"] = labels + __props__.__dict__["location"] = location + __props__.__dict__["project"] = project + __props__.__dict__["create_time"] = None + __props__.__dict__["effective_labels"] = None + __props__.__dict__["name"] = None + __props__.__dict__["pulumi_labels"] = None + __props__.__dict__["transfer_status"] = None + __props__.__dict__["uid"] = None + __props__.__dict__["update_time"] = None + secret_opts = pulumi.ResourceOptions(additional_secret_outputs=["effectiveLabels", "pulumiLabels"]) + opts = pulumi.ResourceOptions.merge(opts, secret_opts) + super(EntryGroup, __self__).__init__( + 'gcp:dataplex/entryGroup:EntryGroup', + resource_name, + __props__, + opts) + + @staticmethod + def get(resource_name: str, + id: pulumi.Input[str], + opts: Optional[pulumi.ResourceOptions] = None, + create_time: Optional[pulumi.Input[str]] = None, + description: Optional[pulumi.Input[str]] = None, + display_name: Optional[pulumi.Input[str]] = None, + effective_labels: Optional[pulumi.Input[Mapping[str, pulumi.Input[str]]]] = None, + entry_group_id: Optional[pulumi.Input[str]] = None, + labels: Optional[pulumi.Input[Mapping[str, pulumi.Input[str]]]] = None, + location: Optional[pulumi.Input[str]] = None, + name: Optional[pulumi.Input[str]] = None, + project: Optional[pulumi.Input[str]] = None, + pulumi_labels: Optional[pulumi.Input[Mapping[str, pulumi.Input[str]]]] = None, + transfer_status: Optional[pulumi.Input[str]] = None, + uid: Optional[pulumi.Input[str]] = None, + update_time: Optional[pulumi.Input[str]] = None) -> 'EntryGroup': + """ + Get an existing EntryGroup resource's state with the given name, id, and optional extra + properties used to qualify the lookup. + + :param str resource_name: The unique name of the resulting resource. + :param pulumi.Input[str] id: The unique provider ID of the resource to lookup. + :param pulumi.ResourceOptions opts: Options for the resource. + :param pulumi.Input[str] create_time: The time when the EntryGroup was created. + :param pulumi.Input[str] description: Description of the EntryGroup. + :param pulumi.Input[str] display_name: User friendly display name. + :param pulumi.Input[Mapping[str, pulumi.Input[str]]] effective_labels: All of labels (key/value pairs) present on the resource in GCP, including the labels configured through Pulumi, other clients and services. + :param pulumi.Input[str] entry_group_id: The entry group id of the entry group. + :param pulumi.Input[Mapping[str, pulumi.Input[str]]] labels: User-defined labels for the EntryGroup. + + **Note**: This field is non-authoritative, and will only manage the labels present in your configuration. + Please refer to the field `effective_labels` for all of the labels present on the resource. + :param pulumi.Input[str] location: The location where entry group will be created in. + :param pulumi.Input[str] name: The relative resource name of the EntryGroup, of the form: projects/{project_number}/locations/{location_id}/entryGroups/{entry_group_id} + :param pulumi.Input[str] project: The ID of the project in which the resource belongs. + If it is not provided, the provider project is used. + :param pulumi.Input[Mapping[str, pulumi.Input[str]]] pulumi_labels: The combination of labels configured directly on the resource + and default labels configured on the provider. + :param pulumi.Input[str] transfer_status: Denotes the transfer status of the Entry Group. It is unspecified + for Entry Group created from Dataplex API. + :param pulumi.Input[str] uid: System generated globally unique ID for the EntryGroup. This ID will be different if the EntryGroup is deleted and re-created with the same name. + :param pulumi.Input[str] update_time: The time when the EntryGroup was last updated. + """ + opts = pulumi.ResourceOptions.merge(opts, pulumi.ResourceOptions(id=id)) + + __props__ = _EntryGroupState.__new__(_EntryGroupState) + + __props__.__dict__["create_time"] = create_time + __props__.__dict__["description"] = description + __props__.__dict__["display_name"] = display_name + __props__.__dict__["effective_labels"] = effective_labels + __props__.__dict__["entry_group_id"] = entry_group_id + __props__.__dict__["labels"] = labels + __props__.__dict__["location"] = location + __props__.__dict__["name"] = name + __props__.__dict__["project"] = project + __props__.__dict__["pulumi_labels"] = pulumi_labels + __props__.__dict__["transfer_status"] = transfer_status + __props__.__dict__["uid"] = uid + __props__.__dict__["update_time"] = update_time + return EntryGroup(resource_name, opts=opts, __props__=__props__) + + @property + @pulumi.getter(name="createTime") + def create_time(self) -> pulumi.Output[str]: + """ + The time when the EntryGroup was created. + """ + return pulumi.get(self, "create_time") + + @property + @pulumi.getter + def description(self) -> pulumi.Output[Optional[str]]: + """ + Description of the EntryGroup. + """ + return pulumi.get(self, "description") + + @property + @pulumi.getter(name="displayName") + def display_name(self) -> pulumi.Output[Optional[str]]: + """ + User friendly display name. + """ + return pulumi.get(self, "display_name") + + @property + @pulumi.getter(name="effectiveLabels") + def effective_labels(self) -> pulumi.Output[Mapping[str, str]]: + """ + All of labels (key/value pairs) present on the resource in GCP, including the labels configured through Pulumi, other clients and services. + """ + return pulumi.get(self, "effective_labels") + + @property + @pulumi.getter(name="entryGroupId") + def entry_group_id(self) -> pulumi.Output[Optional[str]]: + """ + The entry group id of the entry group. + """ + return pulumi.get(self, "entry_group_id") + + @property + @pulumi.getter + def labels(self) -> pulumi.Output[Optional[Mapping[str, str]]]: + """ + User-defined labels for the EntryGroup. + + **Note**: This field is non-authoritative, and will only manage the labels present in your configuration. + Please refer to the field `effective_labels` for all of the labels present on the resource. + """ + return pulumi.get(self, "labels") + + @property + @pulumi.getter + def location(self) -> pulumi.Output[Optional[str]]: + """ + The location where entry group will be created in. + """ + return pulumi.get(self, "location") + + @property + @pulumi.getter + def name(self) -> pulumi.Output[str]: + """ + The relative resource name of the EntryGroup, of the form: projects/{project_number}/locations/{location_id}/entryGroups/{entry_group_id} + """ + return pulumi.get(self, "name") + + @property + @pulumi.getter + def project(self) -> pulumi.Output[str]: + """ + The ID of the project in which the resource belongs. + If it is not provided, the provider project is used. + """ + return pulumi.get(self, "project") + + @property + @pulumi.getter(name="pulumiLabels") + def pulumi_labels(self) -> pulumi.Output[Mapping[str, str]]: + """ + The combination of labels configured directly on the resource + and default labels configured on the provider. + """ + return pulumi.get(self, "pulumi_labels") + + @property + @pulumi.getter(name="transferStatus") + def transfer_status(self) -> pulumi.Output[str]: + """ + Denotes the transfer status of the Entry Group. It is unspecified + for Entry Group created from Dataplex API. + """ + return pulumi.get(self, "transfer_status") + + @property + @pulumi.getter + def uid(self) -> pulumi.Output[str]: + """ + System generated globally unique ID for the EntryGroup. This ID will be different if the EntryGroup is deleted and re-created with the same name. + """ + return pulumi.get(self, "uid") + + @property + @pulumi.getter(name="updateTime") + def update_time(self) -> pulumi.Output[str]: + """ + The time when the EntryGroup was last updated. + """ + return pulumi.get(self, "update_time") + diff --git a/sdk/python/pulumi_gcp/dataplex/entry_group_iam_binding.py b/sdk/python/pulumi_gcp/dataplex/entry_group_iam_binding.py new file mode 100644 index 0000000000..4794164c47 --- /dev/null +++ b/sdk/python/pulumi_gcp/dataplex/entry_group_iam_binding.py @@ -0,0 +1,765 @@ +# coding=utf-8 +# *** WARNING: this file was generated by the Pulumi Terraform Bridge (tfgen) Tool. *** +# *** Do not edit by hand unless you're certain you know what you are doing! *** + +import copy +import warnings +import pulumi +import pulumi.runtime +from typing import Any, Mapping, Optional, Sequence, Union, overload +from .. import _utilities +from . import outputs +from ._inputs import * + +__all__ = ['EntryGroupIamBindingArgs', 'EntryGroupIamBinding'] + +@pulumi.input_type +class EntryGroupIamBindingArgs: + def __init__(__self__, *, + entry_group_id: pulumi.Input[str], + members: pulumi.Input[Sequence[pulumi.Input[str]]], + role: pulumi.Input[str], + condition: Optional[pulumi.Input['EntryGroupIamBindingConditionArgs']] = None, + location: Optional[pulumi.Input[str]] = None, + project: Optional[pulumi.Input[str]] = None): + """ + The set of arguments for constructing a EntryGroupIamBinding resource. + :param pulumi.Input[Sequence[pulumi.Input[str]]] members: Identities that will be granted the privilege in `role`. + Each entry can have one of the following values: + * **allUsers**: A special identifier that represents anyone who is on the internet; with or without a Google account. + * **allAuthenticatedUsers**: A special identifier that represents anyone who is authenticated with a Google account or a service account. + * **user:{emailid}**: An email address that represents a specific Google account. For example, alice@gmail.com or joe@example.com. + * **serviceAccount:{emailid}**: An email address that represents a service account. For example, my-other-app@appspot.gserviceaccount.com. + * **group:{emailid}**: An email address that represents a Google group. For example, admins@example.com. + * **domain:{domain}**: A G Suite domain (primary, instead of alias) name that represents all the users of that domain. For example, google.com or example.com. + * **projectOwner:projectid**: Owners of the given project. For example, "projectOwner:my-example-project" + * **projectEditor:projectid**: Editors of the given project. For example, "projectEditor:my-example-project" + * **projectViewer:projectid**: Viewers of the given project. For example, "projectViewer:my-example-project" + :param pulumi.Input[str] role: The role that should be applied. Only one + `dataplex.EntryGroupIamBinding` can be used per role. Note that custom roles must be of the format + `[projects|organizations]/{parent-name}/roles/{role-name}`. + :param pulumi.Input[str] location: The location where entry group will be created in. + Used to find the parent resource to bind the IAM policy to + :param pulumi.Input[str] project: The ID of the project in which the resource belongs. + If it is not provided, the project will be parsed from the identifier of the parent resource. If no project is provided in the parent identifier and no project is specified, the provider project is used. + """ + pulumi.set(__self__, "entry_group_id", entry_group_id) + pulumi.set(__self__, "members", members) + pulumi.set(__self__, "role", role) + if condition is not None: + pulumi.set(__self__, "condition", condition) + if location is not None: + pulumi.set(__self__, "location", location) + if project is not None: + pulumi.set(__self__, "project", project) + + @property + @pulumi.getter(name="entryGroupId") + def entry_group_id(self) -> pulumi.Input[str]: + return pulumi.get(self, "entry_group_id") + + @entry_group_id.setter + def entry_group_id(self, value: pulumi.Input[str]): + pulumi.set(self, "entry_group_id", value) + + @property + @pulumi.getter + def members(self) -> pulumi.Input[Sequence[pulumi.Input[str]]]: + """ + Identities that will be granted the privilege in `role`. + Each entry can have one of the following values: + * **allUsers**: A special identifier that represents anyone who is on the internet; with or without a Google account. + * **allAuthenticatedUsers**: A special identifier that represents anyone who is authenticated with a Google account or a service account. + * **user:{emailid}**: An email address that represents a specific Google account. For example, alice@gmail.com or joe@example.com. + * **serviceAccount:{emailid}**: An email address that represents a service account. For example, my-other-app@appspot.gserviceaccount.com. + * **group:{emailid}**: An email address that represents a Google group. For example, admins@example.com. + * **domain:{domain}**: A G Suite domain (primary, instead of alias) name that represents all the users of that domain. For example, google.com or example.com. + * **projectOwner:projectid**: Owners of the given project. For example, "projectOwner:my-example-project" + * **projectEditor:projectid**: Editors of the given project. For example, "projectEditor:my-example-project" + * **projectViewer:projectid**: Viewers of the given project. For example, "projectViewer:my-example-project" + """ + return pulumi.get(self, "members") + + @members.setter + def members(self, value: pulumi.Input[Sequence[pulumi.Input[str]]]): + pulumi.set(self, "members", value) + + @property + @pulumi.getter + def role(self) -> pulumi.Input[str]: + """ + The role that should be applied. Only one + `dataplex.EntryGroupIamBinding` can be used per role. Note that custom roles must be of the format + `[projects|organizations]/{parent-name}/roles/{role-name}`. + """ + return pulumi.get(self, "role") + + @role.setter + def role(self, value: pulumi.Input[str]): + pulumi.set(self, "role", value) + + @property + @pulumi.getter + def condition(self) -> Optional[pulumi.Input['EntryGroupIamBindingConditionArgs']]: + return pulumi.get(self, "condition") + + @condition.setter + def condition(self, value: Optional[pulumi.Input['EntryGroupIamBindingConditionArgs']]): + pulumi.set(self, "condition", value) + + @property + @pulumi.getter + def location(self) -> Optional[pulumi.Input[str]]: + """ + The location where entry group will be created in. + Used to find the parent resource to bind the IAM policy to + """ + return pulumi.get(self, "location") + + @location.setter + def location(self, value: Optional[pulumi.Input[str]]): + pulumi.set(self, "location", value) + + @property + @pulumi.getter + def project(self) -> Optional[pulumi.Input[str]]: + """ + The ID of the project in which the resource belongs. + If it is not provided, the project will be parsed from the identifier of the parent resource. If no project is provided in the parent identifier and no project is specified, the provider project is used. + """ + return pulumi.get(self, "project") + + @project.setter + def project(self, value: Optional[pulumi.Input[str]]): + pulumi.set(self, "project", value) + + +@pulumi.input_type +class _EntryGroupIamBindingState: + def __init__(__self__, *, + condition: Optional[pulumi.Input['EntryGroupIamBindingConditionArgs']] = None, + entry_group_id: Optional[pulumi.Input[str]] = None, + etag: Optional[pulumi.Input[str]] = None, + location: Optional[pulumi.Input[str]] = None, + members: Optional[pulumi.Input[Sequence[pulumi.Input[str]]]] = None, + project: Optional[pulumi.Input[str]] = None, + role: Optional[pulumi.Input[str]] = None): + """ + Input properties used for looking up and filtering EntryGroupIamBinding resources. + :param pulumi.Input[str] etag: (Computed) The etag of the IAM policy. + :param pulumi.Input[str] location: The location where entry group will be created in. + Used to find the parent resource to bind the IAM policy to + :param pulumi.Input[Sequence[pulumi.Input[str]]] members: Identities that will be granted the privilege in `role`. + Each entry can have one of the following values: + * **allUsers**: A special identifier that represents anyone who is on the internet; with or without a Google account. + * **allAuthenticatedUsers**: A special identifier that represents anyone who is authenticated with a Google account or a service account. + * **user:{emailid}**: An email address that represents a specific Google account. For example, alice@gmail.com or joe@example.com. + * **serviceAccount:{emailid}**: An email address that represents a service account. For example, my-other-app@appspot.gserviceaccount.com. + * **group:{emailid}**: An email address that represents a Google group. For example, admins@example.com. + * **domain:{domain}**: A G Suite domain (primary, instead of alias) name that represents all the users of that domain. For example, google.com or example.com. + * **projectOwner:projectid**: Owners of the given project. For example, "projectOwner:my-example-project" + * **projectEditor:projectid**: Editors of the given project. For example, "projectEditor:my-example-project" + * **projectViewer:projectid**: Viewers of the given project. For example, "projectViewer:my-example-project" + :param pulumi.Input[str] project: The ID of the project in which the resource belongs. + If it is not provided, the project will be parsed from the identifier of the parent resource. If no project is provided in the parent identifier and no project is specified, the provider project is used. + :param pulumi.Input[str] role: The role that should be applied. Only one + `dataplex.EntryGroupIamBinding` can be used per role. Note that custom roles must be of the format + `[projects|organizations]/{parent-name}/roles/{role-name}`. + """ + if condition is not None: + pulumi.set(__self__, "condition", condition) + if entry_group_id is not None: + pulumi.set(__self__, "entry_group_id", entry_group_id) + if etag is not None: + pulumi.set(__self__, "etag", etag) + if location is not None: + pulumi.set(__self__, "location", location) + if members is not None: + pulumi.set(__self__, "members", members) + if project is not None: + pulumi.set(__self__, "project", project) + if role is not None: + pulumi.set(__self__, "role", role) + + @property + @pulumi.getter + def condition(self) -> Optional[pulumi.Input['EntryGroupIamBindingConditionArgs']]: + return pulumi.get(self, "condition") + + @condition.setter + def condition(self, value: Optional[pulumi.Input['EntryGroupIamBindingConditionArgs']]): + pulumi.set(self, "condition", value) + + @property + @pulumi.getter(name="entryGroupId") + def entry_group_id(self) -> Optional[pulumi.Input[str]]: + return pulumi.get(self, "entry_group_id") + + @entry_group_id.setter + def entry_group_id(self, value: Optional[pulumi.Input[str]]): + pulumi.set(self, "entry_group_id", value) + + @property + @pulumi.getter + def etag(self) -> Optional[pulumi.Input[str]]: + """ + (Computed) The etag of the IAM policy. + """ + return pulumi.get(self, "etag") + + @etag.setter + def etag(self, value: Optional[pulumi.Input[str]]): + pulumi.set(self, "etag", value) + + @property + @pulumi.getter + def location(self) -> Optional[pulumi.Input[str]]: + """ + The location where entry group will be created in. + Used to find the parent resource to bind the IAM policy to + """ + return pulumi.get(self, "location") + + @location.setter + def location(self, value: Optional[pulumi.Input[str]]): + pulumi.set(self, "location", value) + + @property + @pulumi.getter + def members(self) -> Optional[pulumi.Input[Sequence[pulumi.Input[str]]]]: + """ + Identities that will be granted the privilege in `role`. + Each entry can have one of the following values: + * **allUsers**: A special identifier that represents anyone who is on the internet; with or without a Google account. + * **allAuthenticatedUsers**: A special identifier that represents anyone who is authenticated with a Google account or a service account. + * **user:{emailid}**: An email address that represents a specific Google account. For example, alice@gmail.com or joe@example.com. + * **serviceAccount:{emailid}**: An email address that represents a service account. For example, my-other-app@appspot.gserviceaccount.com. + * **group:{emailid}**: An email address that represents a Google group. For example, admins@example.com. + * **domain:{domain}**: A G Suite domain (primary, instead of alias) name that represents all the users of that domain. For example, google.com or example.com. + * **projectOwner:projectid**: Owners of the given project. For example, "projectOwner:my-example-project" + * **projectEditor:projectid**: Editors of the given project. For example, "projectEditor:my-example-project" + * **projectViewer:projectid**: Viewers of the given project. For example, "projectViewer:my-example-project" + """ + return pulumi.get(self, "members") + + @members.setter + def members(self, value: Optional[pulumi.Input[Sequence[pulumi.Input[str]]]]): + pulumi.set(self, "members", value) + + @property + @pulumi.getter + def project(self) -> Optional[pulumi.Input[str]]: + """ + The ID of the project in which the resource belongs. + If it is not provided, the project will be parsed from the identifier of the parent resource. If no project is provided in the parent identifier and no project is specified, the provider project is used. + """ + return pulumi.get(self, "project") + + @project.setter + def project(self, value: Optional[pulumi.Input[str]]): + pulumi.set(self, "project", value) + + @property + @pulumi.getter + def role(self) -> Optional[pulumi.Input[str]]: + """ + The role that should be applied. Only one + `dataplex.EntryGroupIamBinding` can be used per role. Note that custom roles must be of the format + `[projects|organizations]/{parent-name}/roles/{role-name}`. + """ + return pulumi.get(self, "role") + + @role.setter + def role(self, value: Optional[pulumi.Input[str]]): + pulumi.set(self, "role", value) + + +class EntryGroupIamBinding(pulumi.CustomResource): + @overload + def __init__(__self__, + resource_name: str, + opts: Optional[pulumi.ResourceOptions] = None, + condition: Optional[pulumi.Input[pulumi.InputType['EntryGroupIamBindingConditionArgs']]] = None, + entry_group_id: Optional[pulumi.Input[str]] = None, + location: Optional[pulumi.Input[str]] = None, + members: Optional[pulumi.Input[Sequence[pulumi.Input[str]]]] = None, + project: Optional[pulumi.Input[str]] = None, + role: Optional[pulumi.Input[str]] = None, + __props__=None): + """ + Three different resources help you manage your IAM policy for Dataplex EntryGroup. Each of these resources serves a different use case: + + * `dataplex.EntryGroupIamPolicy`: Authoritative. Sets the IAM policy for the entrygroup and replaces any existing policy already attached. + * `dataplex.EntryGroupIamBinding`: Authoritative for a given role. Updates the IAM policy to grant a role to a list of members. Other roles within the IAM policy for the entrygroup are preserved. + * `dataplex.EntryGroupIamMember`: Non-authoritative. Updates the IAM policy to grant a role to a new member. Other members for the role for the entrygroup are preserved. + + A data source can be used to retrieve policy data in advent you do not need creation + + * `dataplex.EntryGroupIamPolicy`: Retrieves the IAM policy for the entrygroup + + > **Note:** `dataplex.EntryGroupIamPolicy` **cannot** be used in conjunction with `dataplex.EntryGroupIamBinding` and `dataplex.EntryGroupIamMember` or they will fight over what your policy should be. + + > **Note:** `dataplex.EntryGroupIamBinding` resources **can be** used in conjunction with `dataplex.EntryGroupIamMember` resources **only if** they do not grant privilege to the same role. + + ## dataplex.EntryGroupIamPolicy + + ```python + import pulumi + import pulumi_gcp as gcp + + admin = gcp.organizations.get_iam_policy(bindings=[gcp.organizations.GetIAMPolicyBindingArgs( + role="roles/viewer", + members=["user:jane@example.com"], + )]) + policy = gcp.dataplex.EntryGroupIamPolicy("policy", + project=test_entry_group_basic["project"], + location=test_entry_group_basic["location"], + entry_group_id=test_entry_group_basic["entryGroupId"], + policy_data=admin.policy_data) + ``` + + ## dataplex.EntryGroupIamBinding + + ```python + import pulumi + import pulumi_gcp as gcp + + binding = gcp.dataplex.EntryGroupIamBinding("binding", + project=test_entry_group_basic["project"], + location=test_entry_group_basic["location"], + entry_group_id=test_entry_group_basic["entryGroupId"], + role="roles/viewer", + members=["user:jane@example.com"]) + ``` + + ## dataplex.EntryGroupIamMember + + ```python + import pulumi + import pulumi_gcp as gcp + + member = gcp.dataplex.EntryGroupIamMember("member", + project=test_entry_group_basic["project"], + location=test_entry_group_basic["location"], + entry_group_id=test_entry_group_basic["entryGroupId"], + role="roles/viewer", + member="user:jane@example.com") + ``` + + ## dataplex.EntryGroupIamPolicy + + ```python + import pulumi + import pulumi_gcp as gcp + + admin = gcp.organizations.get_iam_policy(bindings=[gcp.organizations.GetIAMPolicyBindingArgs( + role="roles/viewer", + members=["user:jane@example.com"], + )]) + policy = gcp.dataplex.EntryGroupIamPolicy("policy", + project=test_entry_group_basic["project"], + location=test_entry_group_basic["location"], + entry_group_id=test_entry_group_basic["entryGroupId"], + policy_data=admin.policy_data) + ``` + + ## dataplex.EntryGroupIamBinding + + ```python + import pulumi + import pulumi_gcp as gcp + + binding = gcp.dataplex.EntryGroupIamBinding("binding", + project=test_entry_group_basic["project"], + location=test_entry_group_basic["location"], + entry_group_id=test_entry_group_basic["entryGroupId"], + role="roles/viewer", + members=["user:jane@example.com"]) + ``` + + ## dataplex.EntryGroupIamMember + + ```python + import pulumi + import pulumi_gcp as gcp + + member = gcp.dataplex.EntryGroupIamMember("member", + project=test_entry_group_basic["project"], + location=test_entry_group_basic["location"], + entry_group_id=test_entry_group_basic["entryGroupId"], + role="roles/viewer", + member="user:jane@example.com") + ``` + + ## Import + + For all import syntaxes, the "resource in question" can take any of the following forms: + + * projects/{{project}}/locations/{{location}}/entryGroups/{{entry_group_id}} + + * {{project}}/{{location}}/{{entry_group_id}} + + * {{location}}/{{entry_group_id}} + + * {{entry_group_id}} + + Any variables not passed in the import command will be taken from the provider configuration. + + Dataplex entrygroup IAM resources can be imported using the resource identifiers, role, and member. + + IAM member imports use space-delimited identifiers: the resource in question, the role, and the member identity, e.g. + + ```sh + $ pulumi import gcp:dataplex/entryGroupIamBinding:EntryGroupIamBinding editor "projects/{{project}}/locations/{{location}}/entryGroups/{{entry_group_id}} roles/viewer user:jane@example.com" + ``` + + IAM binding imports use space-delimited identifiers: the resource in question and the role, e.g. + + ```sh + $ pulumi import gcp:dataplex/entryGroupIamBinding:EntryGroupIamBinding editor "projects/{{project}}/locations/{{location}}/entryGroups/{{entry_group_id}} roles/viewer" + ``` + + IAM policy imports use the identifier of the resource in question, e.g. + + ```sh + $ pulumi import gcp:dataplex/entryGroupIamBinding:EntryGroupIamBinding editor projects/{{project}}/locations/{{location}}/entryGroups/{{entry_group_id}} + ``` + + -> **Custom Roles**: If you're importing a IAM resource with a custom role, make sure to use the + + full name of the custom role, e.g. `[projects/my-project|organizations/my-org]/roles/my-custom-role`. + + :param str resource_name: The name of the resource. + :param pulumi.ResourceOptions opts: Options for the resource. + :param pulumi.Input[str] location: The location where entry group will be created in. + Used to find the parent resource to bind the IAM policy to + :param pulumi.Input[Sequence[pulumi.Input[str]]] members: Identities that will be granted the privilege in `role`. + Each entry can have one of the following values: + * **allUsers**: A special identifier that represents anyone who is on the internet; with or without a Google account. + * **allAuthenticatedUsers**: A special identifier that represents anyone who is authenticated with a Google account or a service account. + * **user:{emailid}**: An email address that represents a specific Google account. For example, alice@gmail.com or joe@example.com. + * **serviceAccount:{emailid}**: An email address that represents a service account. For example, my-other-app@appspot.gserviceaccount.com. + * **group:{emailid}**: An email address that represents a Google group. For example, admins@example.com. + * **domain:{domain}**: A G Suite domain (primary, instead of alias) name that represents all the users of that domain. For example, google.com or example.com. + * **projectOwner:projectid**: Owners of the given project. For example, "projectOwner:my-example-project" + * **projectEditor:projectid**: Editors of the given project. For example, "projectEditor:my-example-project" + * **projectViewer:projectid**: Viewers of the given project. For example, "projectViewer:my-example-project" + :param pulumi.Input[str] project: The ID of the project in which the resource belongs. + If it is not provided, the project will be parsed from the identifier of the parent resource. If no project is provided in the parent identifier and no project is specified, the provider project is used. + :param pulumi.Input[str] role: The role that should be applied. Only one + `dataplex.EntryGroupIamBinding` can be used per role. Note that custom roles must be of the format + `[projects|organizations]/{parent-name}/roles/{role-name}`. + """ + ... + @overload + def __init__(__self__, + resource_name: str, + args: EntryGroupIamBindingArgs, + opts: Optional[pulumi.ResourceOptions] = None): + """ + Three different resources help you manage your IAM policy for Dataplex EntryGroup. Each of these resources serves a different use case: + + * `dataplex.EntryGroupIamPolicy`: Authoritative. Sets the IAM policy for the entrygroup and replaces any existing policy already attached. + * `dataplex.EntryGroupIamBinding`: Authoritative for a given role. Updates the IAM policy to grant a role to a list of members. Other roles within the IAM policy for the entrygroup are preserved. + * `dataplex.EntryGroupIamMember`: Non-authoritative. Updates the IAM policy to grant a role to a new member. Other members for the role for the entrygroup are preserved. + + A data source can be used to retrieve policy data in advent you do not need creation + + * `dataplex.EntryGroupIamPolicy`: Retrieves the IAM policy for the entrygroup + + > **Note:** `dataplex.EntryGroupIamPolicy` **cannot** be used in conjunction with `dataplex.EntryGroupIamBinding` and `dataplex.EntryGroupIamMember` or they will fight over what your policy should be. + + > **Note:** `dataplex.EntryGroupIamBinding` resources **can be** used in conjunction with `dataplex.EntryGroupIamMember` resources **only if** they do not grant privilege to the same role. + + ## dataplex.EntryGroupIamPolicy + + ```python + import pulumi + import pulumi_gcp as gcp + + admin = gcp.organizations.get_iam_policy(bindings=[gcp.organizations.GetIAMPolicyBindingArgs( + role="roles/viewer", + members=["user:jane@example.com"], + )]) + policy = gcp.dataplex.EntryGroupIamPolicy("policy", + project=test_entry_group_basic["project"], + location=test_entry_group_basic["location"], + entry_group_id=test_entry_group_basic["entryGroupId"], + policy_data=admin.policy_data) + ``` + + ## dataplex.EntryGroupIamBinding + + ```python + import pulumi + import pulumi_gcp as gcp + + binding = gcp.dataplex.EntryGroupIamBinding("binding", + project=test_entry_group_basic["project"], + location=test_entry_group_basic["location"], + entry_group_id=test_entry_group_basic["entryGroupId"], + role="roles/viewer", + members=["user:jane@example.com"]) + ``` + + ## dataplex.EntryGroupIamMember + + ```python + import pulumi + import pulumi_gcp as gcp + + member = gcp.dataplex.EntryGroupIamMember("member", + project=test_entry_group_basic["project"], + location=test_entry_group_basic["location"], + entry_group_id=test_entry_group_basic["entryGroupId"], + role="roles/viewer", + member="user:jane@example.com") + ``` + + ## dataplex.EntryGroupIamPolicy + + ```python + import pulumi + import pulumi_gcp as gcp + + admin = gcp.organizations.get_iam_policy(bindings=[gcp.organizations.GetIAMPolicyBindingArgs( + role="roles/viewer", + members=["user:jane@example.com"], + )]) + policy = gcp.dataplex.EntryGroupIamPolicy("policy", + project=test_entry_group_basic["project"], + location=test_entry_group_basic["location"], + entry_group_id=test_entry_group_basic["entryGroupId"], + policy_data=admin.policy_data) + ``` + + ## dataplex.EntryGroupIamBinding + + ```python + import pulumi + import pulumi_gcp as gcp + + binding = gcp.dataplex.EntryGroupIamBinding("binding", + project=test_entry_group_basic["project"], + location=test_entry_group_basic["location"], + entry_group_id=test_entry_group_basic["entryGroupId"], + role="roles/viewer", + members=["user:jane@example.com"]) + ``` + + ## dataplex.EntryGroupIamMember + + ```python + import pulumi + import pulumi_gcp as gcp + + member = gcp.dataplex.EntryGroupIamMember("member", + project=test_entry_group_basic["project"], + location=test_entry_group_basic["location"], + entry_group_id=test_entry_group_basic["entryGroupId"], + role="roles/viewer", + member="user:jane@example.com") + ``` + + ## Import + + For all import syntaxes, the "resource in question" can take any of the following forms: + + * projects/{{project}}/locations/{{location}}/entryGroups/{{entry_group_id}} + + * {{project}}/{{location}}/{{entry_group_id}} + + * {{location}}/{{entry_group_id}} + + * {{entry_group_id}} + + Any variables not passed in the import command will be taken from the provider configuration. + + Dataplex entrygroup IAM resources can be imported using the resource identifiers, role, and member. + + IAM member imports use space-delimited identifiers: the resource in question, the role, and the member identity, e.g. + + ```sh + $ pulumi import gcp:dataplex/entryGroupIamBinding:EntryGroupIamBinding editor "projects/{{project}}/locations/{{location}}/entryGroups/{{entry_group_id}} roles/viewer user:jane@example.com" + ``` + + IAM binding imports use space-delimited identifiers: the resource in question and the role, e.g. + + ```sh + $ pulumi import gcp:dataplex/entryGroupIamBinding:EntryGroupIamBinding editor "projects/{{project}}/locations/{{location}}/entryGroups/{{entry_group_id}} roles/viewer" + ``` + + IAM policy imports use the identifier of the resource in question, e.g. + + ```sh + $ pulumi import gcp:dataplex/entryGroupIamBinding:EntryGroupIamBinding editor projects/{{project}}/locations/{{location}}/entryGroups/{{entry_group_id}} + ``` + + -> **Custom Roles**: If you're importing a IAM resource with a custom role, make sure to use the + + full name of the custom role, e.g. `[projects/my-project|organizations/my-org]/roles/my-custom-role`. + + :param str resource_name: The name of the resource. + :param EntryGroupIamBindingArgs args: The arguments to use to populate this resource's properties. + :param pulumi.ResourceOptions opts: Options for the resource. + """ + ... + def __init__(__self__, resource_name: str, *args, **kwargs): + resource_args, opts = _utilities.get_resource_args_opts(EntryGroupIamBindingArgs, pulumi.ResourceOptions, *args, **kwargs) + if resource_args is not None: + __self__._internal_init(resource_name, opts, **resource_args.__dict__) + else: + __self__._internal_init(resource_name, *args, **kwargs) + + def _internal_init(__self__, + resource_name: str, + opts: Optional[pulumi.ResourceOptions] = None, + condition: Optional[pulumi.Input[pulumi.InputType['EntryGroupIamBindingConditionArgs']]] = None, + entry_group_id: Optional[pulumi.Input[str]] = None, + location: Optional[pulumi.Input[str]] = None, + members: Optional[pulumi.Input[Sequence[pulumi.Input[str]]]] = None, + project: Optional[pulumi.Input[str]] = None, + role: Optional[pulumi.Input[str]] = None, + __props__=None): + opts = pulumi.ResourceOptions.merge(_utilities.get_resource_opts_defaults(), opts) + if not isinstance(opts, pulumi.ResourceOptions): + raise TypeError('Expected resource options to be a ResourceOptions instance') + if opts.id is None: + if __props__ is not None: + raise TypeError('__props__ is only valid when passed in combination with a valid opts.id to get an existing resource') + __props__ = EntryGroupIamBindingArgs.__new__(EntryGroupIamBindingArgs) + + __props__.__dict__["condition"] = condition + if entry_group_id is None and not opts.urn: + raise TypeError("Missing required property 'entry_group_id'") + __props__.__dict__["entry_group_id"] = entry_group_id + __props__.__dict__["location"] = location + if members is None and not opts.urn: + raise TypeError("Missing required property 'members'") + __props__.__dict__["members"] = members + __props__.__dict__["project"] = project + if role is None and not opts.urn: + raise TypeError("Missing required property 'role'") + __props__.__dict__["role"] = role + __props__.__dict__["etag"] = None + super(EntryGroupIamBinding, __self__).__init__( + 'gcp:dataplex/entryGroupIamBinding:EntryGroupIamBinding', + resource_name, + __props__, + opts) + + @staticmethod + def get(resource_name: str, + id: pulumi.Input[str], + opts: Optional[pulumi.ResourceOptions] = None, + condition: Optional[pulumi.Input[pulumi.InputType['EntryGroupIamBindingConditionArgs']]] = None, + entry_group_id: Optional[pulumi.Input[str]] = None, + etag: Optional[pulumi.Input[str]] = None, + location: Optional[pulumi.Input[str]] = None, + members: Optional[pulumi.Input[Sequence[pulumi.Input[str]]]] = None, + project: Optional[pulumi.Input[str]] = None, + role: Optional[pulumi.Input[str]] = None) -> 'EntryGroupIamBinding': + """ + Get an existing EntryGroupIamBinding resource's state with the given name, id, and optional extra + properties used to qualify the lookup. + + :param str resource_name: The unique name of the resulting resource. + :param pulumi.Input[str] id: The unique provider ID of the resource to lookup. + :param pulumi.ResourceOptions opts: Options for the resource. + :param pulumi.Input[str] etag: (Computed) The etag of the IAM policy. + :param pulumi.Input[str] location: The location where entry group will be created in. + Used to find the parent resource to bind the IAM policy to + :param pulumi.Input[Sequence[pulumi.Input[str]]] members: Identities that will be granted the privilege in `role`. + Each entry can have one of the following values: + * **allUsers**: A special identifier that represents anyone who is on the internet; with or without a Google account. + * **allAuthenticatedUsers**: A special identifier that represents anyone who is authenticated with a Google account or a service account. + * **user:{emailid}**: An email address that represents a specific Google account. For example, alice@gmail.com or joe@example.com. + * **serviceAccount:{emailid}**: An email address that represents a service account. For example, my-other-app@appspot.gserviceaccount.com. + * **group:{emailid}**: An email address that represents a Google group. For example, admins@example.com. + * **domain:{domain}**: A G Suite domain (primary, instead of alias) name that represents all the users of that domain. For example, google.com or example.com. + * **projectOwner:projectid**: Owners of the given project. For example, "projectOwner:my-example-project" + * **projectEditor:projectid**: Editors of the given project. For example, "projectEditor:my-example-project" + * **projectViewer:projectid**: Viewers of the given project. For example, "projectViewer:my-example-project" + :param pulumi.Input[str] project: The ID of the project in which the resource belongs. + If it is not provided, the project will be parsed from the identifier of the parent resource. If no project is provided in the parent identifier and no project is specified, the provider project is used. + :param pulumi.Input[str] role: The role that should be applied. Only one + `dataplex.EntryGroupIamBinding` can be used per role. Note that custom roles must be of the format + `[projects|organizations]/{parent-name}/roles/{role-name}`. + """ + opts = pulumi.ResourceOptions.merge(opts, pulumi.ResourceOptions(id=id)) + + __props__ = _EntryGroupIamBindingState.__new__(_EntryGroupIamBindingState) + + __props__.__dict__["condition"] = condition + __props__.__dict__["entry_group_id"] = entry_group_id + __props__.__dict__["etag"] = etag + __props__.__dict__["location"] = location + __props__.__dict__["members"] = members + __props__.__dict__["project"] = project + __props__.__dict__["role"] = role + return EntryGroupIamBinding(resource_name, opts=opts, __props__=__props__) + + @property + @pulumi.getter + def condition(self) -> pulumi.Output[Optional['outputs.EntryGroupIamBindingCondition']]: + return pulumi.get(self, "condition") + + @property + @pulumi.getter(name="entryGroupId") + def entry_group_id(self) -> pulumi.Output[str]: + return pulumi.get(self, "entry_group_id") + + @property + @pulumi.getter + def etag(self) -> pulumi.Output[str]: + """ + (Computed) The etag of the IAM policy. + """ + return pulumi.get(self, "etag") + + @property + @pulumi.getter + def location(self) -> pulumi.Output[str]: + """ + The location where entry group will be created in. + Used to find the parent resource to bind the IAM policy to + """ + return pulumi.get(self, "location") + + @property + @pulumi.getter + def members(self) -> pulumi.Output[Sequence[str]]: + """ + Identities that will be granted the privilege in `role`. + Each entry can have one of the following values: + * **allUsers**: A special identifier that represents anyone who is on the internet; with or without a Google account. + * **allAuthenticatedUsers**: A special identifier that represents anyone who is authenticated with a Google account or a service account. + * **user:{emailid}**: An email address that represents a specific Google account. For example, alice@gmail.com or joe@example.com. + * **serviceAccount:{emailid}**: An email address that represents a service account. For example, my-other-app@appspot.gserviceaccount.com. + * **group:{emailid}**: An email address that represents a Google group. For example, admins@example.com. + * **domain:{domain}**: A G Suite domain (primary, instead of alias) name that represents all the users of that domain. For example, google.com or example.com. + * **projectOwner:projectid**: Owners of the given project. For example, "projectOwner:my-example-project" + * **projectEditor:projectid**: Editors of the given project. For example, "projectEditor:my-example-project" + * **projectViewer:projectid**: Viewers of the given project. For example, "projectViewer:my-example-project" + """ + return pulumi.get(self, "members") + + @property + @pulumi.getter + def project(self) -> pulumi.Output[str]: + """ + The ID of the project in which the resource belongs. + If it is not provided, the project will be parsed from the identifier of the parent resource. If no project is provided in the parent identifier and no project is specified, the provider project is used. + """ + return pulumi.get(self, "project") + + @property + @pulumi.getter + def role(self) -> pulumi.Output[str]: + """ + The role that should be applied. Only one + `dataplex.EntryGroupIamBinding` can be used per role. Note that custom roles must be of the format + `[projects|organizations]/{parent-name}/roles/{role-name}`. + """ + return pulumi.get(self, "role") + diff --git a/sdk/python/pulumi_gcp/dataplex/entry_group_iam_member.py b/sdk/python/pulumi_gcp/dataplex/entry_group_iam_member.py new file mode 100644 index 0000000000..eedd3a05e3 --- /dev/null +++ b/sdk/python/pulumi_gcp/dataplex/entry_group_iam_member.py @@ -0,0 +1,765 @@ +# coding=utf-8 +# *** WARNING: this file was generated by the Pulumi Terraform Bridge (tfgen) Tool. *** +# *** Do not edit by hand unless you're certain you know what you are doing! *** + +import copy +import warnings +import pulumi +import pulumi.runtime +from typing import Any, Mapping, Optional, Sequence, Union, overload +from .. import _utilities +from . import outputs +from ._inputs import * + +__all__ = ['EntryGroupIamMemberArgs', 'EntryGroupIamMember'] + +@pulumi.input_type +class EntryGroupIamMemberArgs: + def __init__(__self__, *, + entry_group_id: pulumi.Input[str], + member: pulumi.Input[str], + role: pulumi.Input[str], + condition: Optional[pulumi.Input['EntryGroupIamMemberConditionArgs']] = None, + location: Optional[pulumi.Input[str]] = None, + project: Optional[pulumi.Input[str]] = None): + """ + The set of arguments for constructing a EntryGroupIamMember resource. + :param pulumi.Input[str] member: Identities that will be granted the privilege in `role`. + Each entry can have one of the following values: + * **allUsers**: A special identifier that represents anyone who is on the internet; with or without a Google account. + * **allAuthenticatedUsers**: A special identifier that represents anyone who is authenticated with a Google account or a service account. + * **user:{emailid}**: An email address that represents a specific Google account. For example, alice@gmail.com or joe@example.com. + * **serviceAccount:{emailid}**: An email address that represents a service account. For example, my-other-app@appspot.gserviceaccount.com. + * **group:{emailid}**: An email address that represents a Google group. For example, admins@example.com. + * **domain:{domain}**: A G Suite domain (primary, instead of alias) name that represents all the users of that domain. For example, google.com or example.com. + * **projectOwner:projectid**: Owners of the given project. For example, "projectOwner:my-example-project" + * **projectEditor:projectid**: Editors of the given project. For example, "projectEditor:my-example-project" + * **projectViewer:projectid**: Viewers of the given project. For example, "projectViewer:my-example-project" + :param pulumi.Input[str] role: The role that should be applied. Only one + `dataplex.EntryGroupIamBinding` can be used per role. Note that custom roles must be of the format + `[projects|organizations]/{parent-name}/roles/{role-name}`. + :param pulumi.Input[str] location: The location where entry group will be created in. + Used to find the parent resource to bind the IAM policy to + :param pulumi.Input[str] project: The ID of the project in which the resource belongs. + If it is not provided, the project will be parsed from the identifier of the parent resource. If no project is provided in the parent identifier and no project is specified, the provider project is used. + """ + pulumi.set(__self__, "entry_group_id", entry_group_id) + pulumi.set(__self__, "member", member) + pulumi.set(__self__, "role", role) + if condition is not None: + pulumi.set(__self__, "condition", condition) + if location is not None: + pulumi.set(__self__, "location", location) + if project is not None: + pulumi.set(__self__, "project", project) + + @property + @pulumi.getter(name="entryGroupId") + def entry_group_id(self) -> pulumi.Input[str]: + return pulumi.get(self, "entry_group_id") + + @entry_group_id.setter + def entry_group_id(self, value: pulumi.Input[str]): + pulumi.set(self, "entry_group_id", value) + + @property + @pulumi.getter + def member(self) -> pulumi.Input[str]: + """ + Identities that will be granted the privilege in `role`. + Each entry can have one of the following values: + * **allUsers**: A special identifier that represents anyone who is on the internet; with or without a Google account. + * **allAuthenticatedUsers**: A special identifier that represents anyone who is authenticated with a Google account or a service account. + * **user:{emailid}**: An email address that represents a specific Google account. For example, alice@gmail.com or joe@example.com. + * **serviceAccount:{emailid}**: An email address that represents a service account. For example, my-other-app@appspot.gserviceaccount.com. + * **group:{emailid}**: An email address that represents a Google group. For example, admins@example.com. + * **domain:{domain}**: A G Suite domain (primary, instead of alias) name that represents all the users of that domain. For example, google.com or example.com. + * **projectOwner:projectid**: Owners of the given project. For example, "projectOwner:my-example-project" + * **projectEditor:projectid**: Editors of the given project. For example, "projectEditor:my-example-project" + * **projectViewer:projectid**: Viewers of the given project. For example, "projectViewer:my-example-project" + """ + return pulumi.get(self, "member") + + @member.setter + def member(self, value: pulumi.Input[str]): + pulumi.set(self, "member", value) + + @property + @pulumi.getter + def role(self) -> pulumi.Input[str]: + """ + The role that should be applied. Only one + `dataplex.EntryGroupIamBinding` can be used per role. Note that custom roles must be of the format + `[projects|organizations]/{parent-name}/roles/{role-name}`. + """ + return pulumi.get(self, "role") + + @role.setter + def role(self, value: pulumi.Input[str]): + pulumi.set(self, "role", value) + + @property + @pulumi.getter + def condition(self) -> Optional[pulumi.Input['EntryGroupIamMemberConditionArgs']]: + return pulumi.get(self, "condition") + + @condition.setter + def condition(self, value: Optional[pulumi.Input['EntryGroupIamMemberConditionArgs']]): + pulumi.set(self, "condition", value) + + @property + @pulumi.getter + def location(self) -> Optional[pulumi.Input[str]]: + """ + The location where entry group will be created in. + Used to find the parent resource to bind the IAM policy to + """ + return pulumi.get(self, "location") + + @location.setter + def location(self, value: Optional[pulumi.Input[str]]): + pulumi.set(self, "location", value) + + @property + @pulumi.getter + def project(self) -> Optional[pulumi.Input[str]]: + """ + The ID of the project in which the resource belongs. + If it is not provided, the project will be parsed from the identifier of the parent resource. If no project is provided in the parent identifier and no project is specified, the provider project is used. + """ + return pulumi.get(self, "project") + + @project.setter + def project(self, value: Optional[pulumi.Input[str]]): + pulumi.set(self, "project", value) + + +@pulumi.input_type +class _EntryGroupIamMemberState: + def __init__(__self__, *, + condition: Optional[pulumi.Input['EntryGroupIamMemberConditionArgs']] = None, + entry_group_id: Optional[pulumi.Input[str]] = None, + etag: Optional[pulumi.Input[str]] = None, + location: Optional[pulumi.Input[str]] = None, + member: Optional[pulumi.Input[str]] = None, + project: Optional[pulumi.Input[str]] = None, + role: Optional[pulumi.Input[str]] = None): + """ + Input properties used for looking up and filtering EntryGroupIamMember resources. + :param pulumi.Input[str] etag: (Computed) The etag of the IAM policy. + :param pulumi.Input[str] location: The location where entry group will be created in. + Used to find the parent resource to bind the IAM policy to + :param pulumi.Input[str] member: Identities that will be granted the privilege in `role`. + Each entry can have one of the following values: + * **allUsers**: A special identifier that represents anyone who is on the internet; with or without a Google account. + * **allAuthenticatedUsers**: A special identifier that represents anyone who is authenticated with a Google account or a service account. + * **user:{emailid}**: An email address that represents a specific Google account. For example, alice@gmail.com or joe@example.com. + * **serviceAccount:{emailid}**: An email address that represents a service account. For example, my-other-app@appspot.gserviceaccount.com. + * **group:{emailid}**: An email address that represents a Google group. For example, admins@example.com. + * **domain:{domain}**: A G Suite domain (primary, instead of alias) name that represents all the users of that domain. For example, google.com or example.com. + * **projectOwner:projectid**: Owners of the given project. For example, "projectOwner:my-example-project" + * **projectEditor:projectid**: Editors of the given project. For example, "projectEditor:my-example-project" + * **projectViewer:projectid**: Viewers of the given project. For example, "projectViewer:my-example-project" + :param pulumi.Input[str] project: The ID of the project in which the resource belongs. + If it is not provided, the project will be parsed from the identifier of the parent resource. If no project is provided in the parent identifier and no project is specified, the provider project is used. + :param pulumi.Input[str] role: The role that should be applied. Only one + `dataplex.EntryGroupIamBinding` can be used per role. Note that custom roles must be of the format + `[projects|organizations]/{parent-name}/roles/{role-name}`. + """ + if condition is not None: + pulumi.set(__self__, "condition", condition) + if entry_group_id is not None: + pulumi.set(__self__, "entry_group_id", entry_group_id) + if etag is not None: + pulumi.set(__self__, "etag", etag) + if location is not None: + pulumi.set(__self__, "location", location) + if member is not None: + pulumi.set(__self__, "member", member) + if project is not None: + pulumi.set(__self__, "project", project) + if role is not None: + pulumi.set(__self__, "role", role) + + @property + @pulumi.getter + def condition(self) -> Optional[pulumi.Input['EntryGroupIamMemberConditionArgs']]: + return pulumi.get(self, "condition") + + @condition.setter + def condition(self, value: Optional[pulumi.Input['EntryGroupIamMemberConditionArgs']]): + pulumi.set(self, "condition", value) + + @property + @pulumi.getter(name="entryGroupId") + def entry_group_id(self) -> Optional[pulumi.Input[str]]: + return pulumi.get(self, "entry_group_id") + + @entry_group_id.setter + def entry_group_id(self, value: Optional[pulumi.Input[str]]): + pulumi.set(self, "entry_group_id", value) + + @property + @pulumi.getter + def etag(self) -> Optional[pulumi.Input[str]]: + """ + (Computed) The etag of the IAM policy. + """ + return pulumi.get(self, "etag") + + @etag.setter + def etag(self, value: Optional[pulumi.Input[str]]): + pulumi.set(self, "etag", value) + + @property + @pulumi.getter + def location(self) -> Optional[pulumi.Input[str]]: + """ + The location where entry group will be created in. + Used to find the parent resource to bind the IAM policy to + """ + return pulumi.get(self, "location") + + @location.setter + def location(self, value: Optional[pulumi.Input[str]]): + pulumi.set(self, "location", value) + + @property + @pulumi.getter + def member(self) -> Optional[pulumi.Input[str]]: + """ + Identities that will be granted the privilege in `role`. + Each entry can have one of the following values: + * **allUsers**: A special identifier that represents anyone who is on the internet; with or without a Google account. + * **allAuthenticatedUsers**: A special identifier that represents anyone who is authenticated with a Google account or a service account. + * **user:{emailid}**: An email address that represents a specific Google account. For example, alice@gmail.com or joe@example.com. + * **serviceAccount:{emailid}**: An email address that represents a service account. For example, my-other-app@appspot.gserviceaccount.com. + * **group:{emailid}**: An email address that represents a Google group. For example, admins@example.com. + * **domain:{domain}**: A G Suite domain (primary, instead of alias) name that represents all the users of that domain. For example, google.com or example.com. + * **projectOwner:projectid**: Owners of the given project. For example, "projectOwner:my-example-project" + * **projectEditor:projectid**: Editors of the given project. For example, "projectEditor:my-example-project" + * **projectViewer:projectid**: Viewers of the given project. For example, "projectViewer:my-example-project" + """ + return pulumi.get(self, "member") + + @member.setter + def member(self, value: Optional[pulumi.Input[str]]): + pulumi.set(self, "member", value) + + @property + @pulumi.getter + def project(self) -> Optional[pulumi.Input[str]]: + """ + The ID of the project in which the resource belongs. + If it is not provided, the project will be parsed from the identifier of the parent resource. If no project is provided in the parent identifier and no project is specified, the provider project is used. + """ + return pulumi.get(self, "project") + + @project.setter + def project(self, value: Optional[pulumi.Input[str]]): + pulumi.set(self, "project", value) + + @property + @pulumi.getter + def role(self) -> Optional[pulumi.Input[str]]: + """ + The role that should be applied. Only one + `dataplex.EntryGroupIamBinding` can be used per role. Note that custom roles must be of the format + `[projects|organizations]/{parent-name}/roles/{role-name}`. + """ + return pulumi.get(self, "role") + + @role.setter + def role(self, value: Optional[pulumi.Input[str]]): + pulumi.set(self, "role", value) + + +class EntryGroupIamMember(pulumi.CustomResource): + @overload + def __init__(__self__, + resource_name: str, + opts: Optional[pulumi.ResourceOptions] = None, + condition: Optional[pulumi.Input[pulumi.InputType['EntryGroupIamMemberConditionArgs']]] = None, + entry_group_id: Optional[pulumi.Input[str]] = None, + location: Optional[pulumi.Input[str]] = None, + member: Optional[pulumi.Input[str]] = None, + project: Optional[pulumi.Input[str]] = None, + role: Optional[pulumi.Input[str]] = None, + __props__=None): + """ + Three different resources help you manage your IAM policy for Dataplex EntryGroup. Each of these resources serves a different use case: + + * `dataplex.EntryGroupIamPolicy`: Authoritative. Sets the IAM policy for the entrygroup and replaces any existing policy already attached. + * `dataplex.EntryGroupIamBinding`: Authoritative for a given role. Updates the IAM policy to grant a role to a list of members. Other roles within the IAM policy for the entrygroup are preserved. + * `dataplex.EntryGroupIamMember`: Non-authoritative. Updates the IAM policy to grant a role to a new member. Other members for the role for the entrygroup are preserved. + + A data source can be used to retrieve policy data in advent you do not need creation + + * `dataplex.EntryGroupIamPolicy`: Retrieves the IAM policy for the entrygroup + + > **Note:** `dataplex.EntryGroupIamPolicy` **cannot** be used in conjunction with `dataplex.EntryGroupIamBinding` and `dataplex.EntryGroupIamMember` or they will fight over what your policy should be. + + > **Note:** `dataplex.EntryGroupIamBinding` resources **can be** used in conjunction with `dataplex.EntryGroupIamMember` resources **only if** they do not grant privilege to the same role. + + ## dataplex.EntryGroupIamPolicy + + ```python + import pulumi + import pulumi_gcp as gcp + + admin = gcp.organizations.get_iam_policy(bindings=[gcp.organizations.GetIAMPolicyBindingArgs( + role="roles/viewer", + members=["user:jane@example.com"], + )]) + policy = gcp.dataplex.EntryGroupIamPolicy("policy", + project=test_entry_group_basic["project"], + location=test_entry_group_basic["location"], + entry_group_id=test_entry_group_basic["entryGroupId"], + policy_data=admin.policy_data) + ``` + + ## dataplex.EntryGroupIamBinding + + ```python + import pulumi + import pulumi_gcp as gcp + + binding = gcp.dataplex.EntryGroupIamBinding("binding", + project=test_entry_group_basic["project"], + location=test_entry_group_basic["location"], + entry_group_id=test_entry_group_basic["entryGroupId"], + role="roles/viewer", + members=["user:jane@example.com"]) + ``` + + ## dataplex.EntryGroupIamMember + + ```python + import pulumi + import pulumi_gcp as gcp + + member = gcp.dataplex.EntryGroupIamMember("member", + project=test_entry_group_basic["project"], + location=test_entry_group_basic["location"], + entry_group_id=test_entry_group_basic["entryGroupId"], + role="roles/viewer", + member="user:jane@example.com") + ``` + + ## dataplex.EntryGroupIamPolicy + + ```python + import pulumi + import pulumi_gcp as gcp + + admin = gcp.organizations.get_iam_policy(bindings=[gcp.organizations.GetIAMPolicyBindingArgs( + role="roles/viewer", + members=["user:jane@example.com"], + )]) + policy = gcp.dataplex.EntryGroupIamPolicy("policy", + project=test_entry_group_basic["project"], + location=test_entry_group_basic["location"], + entry_group_id=test_entry_group_basic["entryGroupId"], + policy_data=admin.policy_data) + ``` + + ## dataplex.EntryGroupIamBinding + + ```python + import pulumi + import pulumi_gcp as gcp + + binding = gcp.dataplex.EntryGroupIamBinding("binding", + project=test_entry_group_basic["project"], + location=test_entry_group_basic["location"], + entry_group_id=test_entry_group_basic["entryGroupId"], + role="roles/viewer", + members=["user:jane@example.com"]) + ``` + + ## dataplex.EntryGroupIamMember + + ```python + import pulumi + import pulumi_gcp as gcp + + member = gcp.dataplex.EntryGroupIamMember("member", + project=test_entry_group_basic["project"], + location=test_entry_group_basic["location"], + entry_group_id=test_entry_group_basic["entryGroupId"], + role="roles/viewer", + member="user:jane@example.com") + ``` + + ## Import + + For all import syntaxes, the "resource in question" can take any of the following forms: + + * projects/{{project}}/locations/{{location}}/entryGroups/{{entry_group_id}} + + * {{project}}/{{location}}/{{entry_group_id}} + + * {{location}}/{{entry_group_id}} + + * {{entry_group_id}} + + Any variables not passed in the import command will be taken from the provider configuration. + + Dataplex entrygroup IAM resources can be imported using the resource identifiers, role, and member. + + IAM member imports use space-delimited identifiers: the resource in question, the role, and the member identity, e.g. + + ```sh + $ pulumi import gcp:dataplex/entryGroupIamMember:EntryGroupIamMember editor "projects/{{project}}/locations/{{location}}/entryGroups/{{entry_group_id}} roles/viewer user:jane@example.com" + ``` + + IAM binding imports use space-delimited identifiers: the resource in question and the role, e.g. + + ```sh + $ pulumi import gcp:dataplex/entryGroupIamMember:EntryGroupIamMember editor "projects/{{project}}/locations/{{location}}/entryGroups/{{entry_group_id}} roles/viewer" + ``` + + IAM policy imports use the identifier of the resource in question, e.g. + + ```sh + $ pulumi import gcp:dataplex/entryGroupIamMember:EntryGroupIamMember editor projects/{{project}}/locations/{{location}}/entryGroups/{{entry_group_id}} + ``` + + -> **Custom Roles**: If you're importing a IAM resource with a custom role, make sure to use the + + full name of the custom role, e.g. `[projects/my-project|organizations/my-org]/roles/my-custom-role`. + + :param str resource_name: The name of the resource. + :param pulumi.ResourceOptions opts: Options for the resource. + :param pulumi.Input[str] location: The location where entry group will be created in. + Used to find the parent resource to bind the IAM policy to + :param pulumi.Input[str] member: Identities that will be granted the privilege in `role`. + Each entry can have one of the following values: + * **allUsers**: A special identifier that represents anyone who is on the internet; with or without a Google account. + * **allAuthenticatedUsers**: A special identifier that represents anyone who is authenticated with a Google account or a service account. + * **user:{emailid}**: An email address that represents a specific Google account. For example, alice@gmail.com or joe@example.com. + * **serviceAccount:{emailid}**: An email address that represents a service account. For example, my-other-app@appspot.gserviceaccount.com. + * **group:{emailid}**: An email address that represents a Google group. For example, admins@example.com. + * **domain:{domain}**: A G Suite domain (primary, instead of alias) name that represents all the users of that domain. For example, google.com or example.com. + * **projectOwner:projectid**: Owners of the given project. For example, "projectOwner:my-example-project" + * **projectEditor:projectid**: Editors of the given project. For example, "projectEditor:my-example-project" + * **projectViewer:projectid**: Viewers of the given project. For example, "projectViewer:my-example-project" + :param pulumi.Input[str] project: The ID of the project in which the resource belongs. + If it is not provided, the project will be parsed from the identifier of the parent resource. If no project is provided in the parent identifier and no project is specified, the provider project is used. + :param pulumi.Input[str] role: The role that should be applied. Only one + `dataplex.EntryGroupIamBinding` can be used per role. Note that custom roles must be of the format + `[projects|organizations]/{parent-name}/roles/{role-name}`. + """ + ... + @overload + def __init__(__self__, + resource_name: str, + args: EntryGroupIamMemberArgs, + opts: Optional[pulumi.ResourceOptions] = None): + """ + Three different resources help you manage your IAM policy for Dataplex EntryGroup. Each of these resources serves a different use case: + + * `dataplex.EntryGroupIamPolicy`: Authoritative. Sets the IAM policy for the entrygroup and replaces any existing policy already attached. + * `dataplex.EntryGroupIamBinding`: Authoritative for a given role. Updates the IAM policy to grant a role to a list of members. Other roles within the IAM policy for the entrygroup are preserved. + * `dataplex.EntryGroupIamMember`: Non-authoritative. Updates the IAM policy to grant a role to a new member. Other members for the role for the entrygroup are preserved. + + A data source can be used to retrieve policy data in advent you do not need creation + + * `dataplex.EntryGroupIamPolicy`: Retrieves the IAM policy for the entrygroup + + > **Note:** `dataplex.EntryGroupIamPolicy` **cannot** be used in conjunction with `dataplex.EntryGroupIamBinding` and `dataplex.EntryGroupIamMember` or they will fight over what your policy should be. + + > **Note:** `dataplex.EntryGroupIamBinding` resources **can be** used in conjunction with `dataplex.EntryGroupIamMember` resources **only if** they do not grant privilege to the same role. + + ## dataplex.EntryGroupIamPolicy + + ```python + import pulumi + import pulumi_gcp as gcp + + admin = gcp.organizations.get_iam_policy(bindings=[gcp.organizations.GetIAMPolicyBindingArgs( + role="roles/viewer", + members=["user:jane@example.com"], + )]) + policy = gcp.dataplex.EntryGroupIamPolicy("policy", + project=test_entry_group_basic["project"], + location=test_entry_group_basic["location"], + entry_group_id=test_entry_group_basic["entryGroupId"], + policy_data=admin.policy_data) + ``` + + ## dataplex.EntryGroupIamBinding + + ```python + import pulumi + import pulumi_gcp as gcp + + binding = gcp.dataplex.EntryGroupIamBinding("binding", + project=test_entry_group_basic["project"], + location=test_entry_group_basic["location"], + entry_group_id=test_entry_group_basic["entryGroupId"], + role="roles/viewer", + members=["user:jane@example.com"]) + ``` + + ## dataplex.EntryGroupIamMember + + ```python + import pulumi + import pulumi_gcp as gcp + + member = gcp.dataplex.EntryGroupIamMember("member", + project=test_entry_group_basic["project"], + location=test_entry_group_basic["location"], + entry_group_id=test_entry_group_basic["entryGroupId"], + role="roles/viewer", + member="user:jane@example.com") + ``` + + ## dataplex.EntryGroupIamPolicy + + ```python + import pulumi + import pulumi_gcp as gcp + + admin = gcp.organizations.get_iam_policy(bindings=[gcp.organizations.GetIAMPolicyBindingArgs( + role="roles/viewer", + members=["user:jane@example.com"], + )]) + policy = gcp.dataplex.EntryGroupIamPolicy("policy", + project=test_entry_group_basic["project"], + location=test_entry_group_basic["location"], + entry_group_id=test_entry_group_basic["entryGroupId"], + policy_data=admin.policy_data) + ``` + + ## dataplex.EntryGroupIamBinding + + ```python + import pulumi + import pulumi_gcp as gcp + + binding = gcp.dataplex.EntryGroupIamBinding("binding", + project=test_entry_group_basic["project"], + location=test_entry_group_basic["location"], + entry_group_id=test_entry_group_basic["entryGroupId"], + role="roles/viewer", + members=["user:jane@example.com"]) + ``` + + ## dataplex.EntryGroupIamMember + + ```python + import pulumi + import pulumi_gcp as gcp + + member = gcp.dataplex.EntryGroupIamMember("member", + project=test_entry_group_basic["project"], + location=test_entry_group_basic["location"], + entry_group_id=test_entry_group_basic["entryGroupId"], + role="roles/viewer", + member="user:jane@example.com") + ``` + + ## Import + + For all import syntaxes, the "resource in question" can take any of the following forms: + + * projects/{{project}}/locations/{{location}}/entryGroups/{{entry_group_id}} + + * {{project}}/{{location}}/{{entry_group_id}} + + * {{location}}/{{entry_group_id}} + + * {{entry_group_id}} + + Any variables not passed in the import command will be taken from the provider configuration. + + Dataplex entrygroup IAM resources can be imported using the resource identifiers, role, and member. + + IAM member imports use space-delimited identifiers: the resource in question, the role, and the member identity, e.g. + + ```sh + $ pulumi import gcp:dataplex/entryGroupIamMember:EntryGroupIamMember editor "projects/{{project}}/locations/{{location}}/entryGroups/{{entry_group_id}} roles/viewer user:jane@example.com" + ``` + + IAM binding imports use space-delimited identifiers: the resource in question and the role, e.g. + + ```sh + $ pulumi import gcp:dataplex/entryGroupIamMember:EntryGroupIamMember editor "projects/{{project}}/locations/{{location}}/entryGroups/{{entry_group_id}} roles/viewer" + ``` + + IAM policy imports use the identifier of the resource in question, e.g. + + ```sh + $ pulumi import gcp:dataplex/entryGroupIamMember:EntryGroupIamMember editor projects/{{project}}/locations/{{location}}/entryGroups/{{entry_group_id}} + ``` + + -> **Custom Roles**: If you're importing a IAM resource with a custom role, make sure to use the + + full name of the custom role, e.g. `[projects/my-project|organizations/my-org]/roles/my-custom-role`. + + :param str resource_name: The name of the resource. + :param EntryGroupIamMemberArgs args: The arguments to use to populate this resource's properties. + :param pulumi.ResourceOptions opts: Options for the resource. + """ + ... + def __init__(__self__, resource_name: str, *args, **kwargs): + resource_args, opts = _utilities.get_resource_args_opts(EntryGroupIamMemberArgs, pulumi.ResourceOptions, *args, **kwargs) + if resource_args is not None: + __self__._internal_init(resource_name, opts, **resource_args.__dict__) + else: + __self__._internal_init(resource_name, *args, **kwargs) + + def _internal_init(__self__, + resource_name: str, + opts: Optional[pulumi.ResourceOptions] = None, + condition: Optional[pulumi.Input[pulumi.InputType['EntryGroupIamMemberConditionArgs']]] = None, + entry_group_id: Optional[pulumi.Input[str]] = None, + location: Optional[pulumi.Input[str]] = None, + member: Optional[pulumi.Input[str]] = None, + project: Optional[pulumi.Input[str]] = None, + role: Optional[pulumi.Input[str]] = None, + __props__=None): + opts = pulumi.ResourceOptions.merge(_utilities.get_resource_opts_defaults(), opts) + if not isinstance(opts, pulumi.ResourceOptions): + raise TypeError('Expected resource options to be a ResourceOptions instance') + if opts.id is None: + if __props__ is not None: + raise TypeError('__props__ is only valid when passed in combination with a valid opts.id to get an existing resource') + __props__ = EntryGroupIamMemberArgs.__new__(EntryGroupIamMemberArgs) + + __props__.__dict__["condition"] = condition + if entry_group_id is None and not opts.urn: + raise TypeError("Missing required property 'entry_group_id'") + __props__.__dict__["entry_group_id"] = entry_group_id + __props__.__dict__["location"] = location + if member is None and not opts.urn: + raise TypeError("Missing required property 'member'") + __props__.__dict__["member"] = member + __props__.__dict__["project"] = project + if role is None and not opts.urn: + raise TypeError("Missing required property 'role'") + __props__.__dict__["role"] = role + __props__.__dict__["etag"] = None + super(EntryGroupIamMember, __self__).__init__( + 'gcp:dataplex/entryGroupIamMember:EntryGroupIamMember', + resource_name, + __props__, + opts) + + @staticmethod + def get(resource_name: str, + id: pulumi.Input[str], + opts: Optional[pulumi.ResourceOptions] = None, + condition: Optional[pulumi.Input[pulumi.InputType['EntryGroupIamMemberConditionArgs']]] = None, + entry_group_id: Optional[pulumi.Input[str]] = None, + etag: Optional[pulumi.Input[str]] = None, + location: Optional[pulumi.Input[str]] = None, + member: Optional[pulumi.Input[str]] = None, + project: Optional[pulumi.Input[str]] = None, + role: Optional[pulumi.Input[str]] = None) -> 'EntryGroupIamMember': + """ + Get an existing EntryGroupIamMember resource's state with the given name, id, and optional extra + properties used to qualify the lookup. + + :param str resource_name: The unique name of the resulting resource. + :param pulumi.Input[str] id: The unique provider ID of the resource to lookup. + :param pulumi.ResourceOptions opts: Options for the resource. + :param pulumi.Input[str] etag: (Computed) The etag of the IAM policy. + :param pulumi.Input[str] location: The location where entry group will be created in. + Used to find the parent resource to bind the IAM policy to + :param pulumi.Input[str] member: Identities that will be granted the privilege in `role`. + Each entry can have one of the following values: + * **allUsers**: A special identifier that represents anyone who is on the internet; with or without a Google account. + * **allAuthenticatedUsers**: A special identifier that represents anyone who is authenticated with a Google account or a service account. + * **user:{emailid}**: An email address that represents a specific Google account. For example, alice@gmail.com or joe@example.com. + * **serviceAccount:{emailid}**: An email address that represents a service account. For example, my-other-app@appspot.gserviceaccount.com. + * **group:{emailid}**: An email address that represents a Google group. For example, admins@example.com. + * **domain:{domain}**: A G Suite domain (primary, instead of alias) name that represents all the users of that domain. For example, google.com or example.com. + * **projectOwner:projectid**: Owners of the given project. For example, "projectOwner:my-example-project" + * **projectEditor:projectid**: Editors of the given project. For example, "projectEditor:my-example-project" + * **projectViewer:projectid**: Viewers of the given project. For example, "projectViewer:my-example-project" + :param pulumi.Input[str] project: The ID of the project in which the resource belongs. + If it is not provided, the project will be parsed from the identifier of the parent resource. If no project is provided in the parent identifier and no project is specified, the provider project is used. + :param pulumi.Input[str] role: The role that should be applied. Only one + `dataplex.EntryGroupIamBinding` can be used per role. Note that custom roles must be of the format + `[projects|organizations]/{parent-name}/roles/{role-name}`. + """ + opts = pulumi.ResourceOptions.merge(opts, pulumi.ResourceOptions(id=id)) + + __props__ = _EntryGroupIamMemberState.__new__(_EntryGroupIamMemberState) + + __props__.__dict__["condition"] = condition + __props__.__dict__["entry_group_id"] = entry_group_id + __props__.__dict__["etag"] = etag + __props__.__dict__["location"] = location + __props__.__dict__["member"] = member + __props__.__dict__["project"] = project + __props__.__dict__["role"] = role + return EntryGroupIamMember(resource_name, opts=opts, __props__=__props__) + + @property + @pulumi.getter + def condition(self) -> pulumi.Output[Optional['outputs.EntryGroupIamMemberCondition']]: + return pulumi.get(self, "condition") + + @property + @pulumi.getter(name="entryGroupId") + def entry_group_id(self) -> pulumi.Output[str]: + return pulumi.get(self, "entry_group_id") + + @property + @pulumi.getter + def etag(self) -> pulumi.Output[str]: + """ + (Computed) The etag of the IAM policy. + """ + return pulumi.get(self, "etag") + + @property + @pulumi.getter + def location(self) -> pulumi.Output[str]: + """ + The location where entry group will be created in. + Used to find the parent resource to bind the IAM policy to + """ + return pulumi.get(self, "location") + + @property + @pulumi.getter + def member(self) -> pulumi.Output[str]: + """ + Identities that will be granted the privilege in `role`. + Each entry can have one of the following values: + * **allUsers**: A special identifier that represents anyone who is on the internet; with or without a Google account. + * **allAuthenticatedUsers**: A special identifier that represents anyone who is authenticated with a Google account or a service account. + * **user:{emailid}**: An email address that represents a specific Google account. For example, alice@gmail.com or joe@example.com. + * **serviceAccount:{emailid}**: An email address that represents a service account. For example, my-other-app@appspot.gserviceaccount.com. + * **group:{emailid}**: An email address that represents a Google group. For example, admins@example.com. + * **domain:{domain}**: A G Suite domain (primary, instead of alias) name that represents all the users of that domain. For example, google.com or example.com. + * **projectOwner:projectid**: Owners of the given project. For example, "projectOwner:my-example-project" + * **projectEditor:projectid**: Editors of the given project. For example, "projectEditor:my-example-project" + * **projectViewer:projectid**: Viewers of the given project. For example, "projectViewer:my-example-project" + """ + return pulumi.get(self, "member") + + @property + @pulumi.getter + def project(self) -> pulumi.Output[str]: + """ + The ID of the project in which the resource belongs. + If it is not provided, the project will be parsed from the identifier of the parent resource. If no project is provided in the parent identifier and no project is specified, the provider project is used. + """ + return pulumi.get(self, "project") + + @property + @pulumi.getter + def role(self) -> pulumi.Output[str]: + """ + The role that should be applied. Only one + `dataplex.EntryGroupIamBinding` can be used per role. Note that custom roles must be of the format + `[projects|organizations]/{parent-name}/roles/{role-name}`. + """ + return pulumi.get(self, "role") + diff --git a/sdk/python/pulumi_gcp/dataplex/entry_group_iam_policy.py b/sdk/python/pulumi_gcp/dataplex/entry_group_iam_policy.py new file mode 100644 index 0000000000..2c4b48f526 --- /dev/null +++ b/sdk/python/pulumi_gcp/dataplex/entry_group_iam_policy.py @@ -0,0 +1,604 @@ +# coding=utf-8 +# *** WARNING: this file was generated by the Pulumi Terraform Bridge (tfgen) Tool. *** +# *** Do not edit by hand unless you're certain you know what you are doing! *** + +import copy +import warnings +import pulumi +import pulumi.runtime +from typing import Any, Mapping, Optional, Sequence, Union, overload +from .. import _utilities + +__all__ = ['EntryGroupIamPolicyArgs', 'EntryGroupIamPolicy'] + +@pulumi.input_type +class EntryGroupIamPolicyArgs: + def __init__(__self__, *, + entry_group_id: pulumi.Input[str], + policy_data: pulumi.Input[str], + location: Optional[pulumi.Input[str]] = None, + project: Optional[pulumi.Input[str]] = None): + """ + The set of arguments for constructing a EntryGroupIamPolicy resource. + :param pulumi.Input[str] policy_data: The policy data generated by + a `organizations_get_iam_policy` data source. + :param pulumi.Input[str] location: The location where entry group will be created in. + Used to find the parent resource to bind the IAM policy to + :param pulumi.Input[str] project: The ID of the project in which the resource belongs. + If it is not provided, the project will be parsed from the identifier of the parent resource. If no project is provided in the parent identifier and no project is specified, the provider project is used. + """ + pulumi.set(__self__, "entry_group_id", entry_group_id) + pulumi.set(__self__, "policy_data", policy_data) + if location is not None: + pulumi.set(__self__, "location", location) + if project is not None: + pulumi.set(__self__, "project", project) + + @property + @pulumi.getter(name="entryGroupId") + def entry_group_id(self) -> pulumi.Input[str]: + return pulumi.get(self, "entry_group_id") + + @entry_group_id.setter + def entry_group_id(self, value: pulumi.Input[str]): + pulumi.set(self, "entry_group_id", value) + + @property + @pulumi.getter(name="policyData") + def policy_data(self) -> pulumi.Input[str]: + """ + The policy data generated by + a `organizations_get_iam_policy` data source. + """ + return pulumi.get(self, "policy_data") + + @policy_data.setter + def policy_data(self, value: pulumi.Input[str]): + pulumi.set(self, "policy_data", value) + + @property + @pulumi.getter + def location(self) -> Optional[pulumi.Input[str]]: + """ + The location where entry group will be created in. + Used to find the parent resource to bind the IAM policy to + """ + return pulumi.get(self, "location") + + @location.setter + def location(self, value: Optional[pulumi.Input[str]]): + pulumi.set(self, "location", value) + + @property + @pulumi.getter + def project(self) -> Optional[pulumi.Input[str]]: + """ + The ID of the project in which the resource belongs. + If it is not provided, the project will be parsed from the identifier of the parent resource. If no project is provided in the parent identifier and no project is specified, the provider project is used. + """ + return pulumi.get(self, "project") + + @project.setter + def project(self, value: Optional[pulumi.Input[str]]): + pulumi.set(self, "project", value) + + +@pulumi.input_type +class _EntryGroupIamPolicyState: + def __init__(__self__, *, + entry_group_id: Optional[pulumi.Input[str]] = None, + etag: Optional[pulumi.Input[str]] = None, + location: Optional[pulumi.Input[str]] = None, + policy_data: Optional[pulumi.Input[str]] = None, + project: Optional[pulumi.Input[str]] = None): + """ + Input properties used for looking up and filtering EntryGroupIamPolicy resources. + :param pulumi.Input[str] etag: (Computed) The etag of the IAM policy. + :param pulumi.Input[str] location: The location where entry group will be created in. + Used to find the parent resource to bind the IAM policy to + :param pulumi.Input[str] policy_data: The policy data generated by + a `organizations_get_iam_policy` data source. + :param pulumi.Input[str] project: The ID of the project in which the resource belongs. + If it is not provided, the project will be parsed from the identifier of the parent resource. If no project is provided in the parent identifier and no project is specified, the provider project is used. + """ + if entry_group_id is not None: + pulumi.set(__self__, "entry_group_id", entry_group_id) + if etag is not None: + pulumi.set(__self__, "etag", etag) + if location is not None: + pulumi.set(__self__, "location", location) + if policy_data is not None: + pulumi.set(__self__, "policy_data", policy_data) + if project is not None: + pulumi.set(__self__, "project", project) + + @property + @pulumi.getter(name="entryGroupId") + def entry_group_id(self) -> Optional[pulumi.Input[str]]: + return pulumi.get(self, "entry_group_id") + + @entry_group_id.setter + def entry_group_id(self, value: Optional[pulumi.Input[str]]): + pulumi.set(self, "entry_group_id", value) + + @property + @pulumi.getter + def etag(self) -> Optional[pulumi.Input[str]]: + """ + (Computed) The etag of the IAM policy. + """ + return pulumi.get(self, "etag") + + @etag.setter + def etag(self, value: Optional[pulumi.Input[str]]): + pulumi.set(self, "etag", value) + + @property + @pulumi.getter + def location(self) -> Optional[pulumi.Input[str]]: + """ + The location where entry group will be created in. + Used to find the parent resource to bind the IAM policy to + """ + return pulumi.get(self, "location") + + @location.setter + def location(self, value: Optional[pulumi.Input[str]]): + pulumi.set(self, "location", value) + + @property + @pulumi.getter(name="policyData") + def policy_data(self) -> Optional[pulumi.Input[str]]: + """ + The policy data generated by + a `organizations_get_iam_policy` data source. + """ + return pulumi.get(self, "policy_data") + + @policy_data.setter + def policy_data(self, value: Optional[pulumi.Input[str]]): + pulumi.set(self, "policy_data", value) + + @property + @pulumi.getter + def project(self) -> Optional[pulumi.Input[str]]: + """ + The ID of the project in which the resource belongs. + If it is not provided, the project will be parsed from the identifier of the parent resource. If no project is provided in the parent identifier and no project is specified, the provider project is used. + """ + return pulumi.get(self, "project") + + @project.setter + def project(self, value: Optional[pulumi.Input[str]]): + pulumi.set(self, "project", value) + + +class EntryGroupIamPolicy(pulumi.CustomResource): + @overload + def __init__(__self__, + resource_name: str, + opts: Optional[pulumi.ResourceOptions] = None, + entry_group_id: Optional[pulumi.Input[str]] = None, + location: Optional[pulumi.Input[str]] = None, + policy_data: Optional[pulumi.Input[str]] = None, + project: Optional[pulumi.Input[str]] = None, + __props__=None): + """ + Three different resources help you manage your IAM policy for Dataplex EntryGroup. Each of these resources serves a different use case: + + * `dataplex.EntryGroupIamPolicy`: Authoritative. Sets the IAM policy for the entrygroup and replaces any existing policy already attached. + * `dataplex.EntryGroupIamBinding`: Authoritative for a given role. Updates the IAM policy to grant a role to a list of members. Other roles within the IAM policy for the entrygroup are preserved. + * `dataplex.EntryGroupIamMember`: Non-authoritative. Updates the IAM policy to grant a role to a new member. Other members for the role for the entrygroup are preserved. + + A data source can be used to retrieve policy data in advent you do not need creation + + * `dataplex.EntryGroupIamPolicy`: Retrieves the IAM policy for the entrygroup + + > **Note:** `dataplex.EntryGroupIamPolicy` **cannot** be used in conjunction with `dataplex.EntryGroupIamBinding` and `dataplex.EntryGroupIamMember` or they will fight over what your policy should be. + + > **Note:** `dataplex.EntryGroupIamBinding` resources **can be** used in conjunction with `dataplex.EntryGroupIamMember` resources **only if** they do not grant privilege to the same role. + + ## dataplex.EntryGroupIamPolicy + + ```python + import pulumi + import pulumi_gcp as gcp + + admin = gcp.organizations.get_iam_policy(bindings=[gcp.organizations.GetIAMPolicyBindingArgs( + role="roles/viewer", + members=["user:jane@example.com"], + )]) + policy = gcp.dataplex.EntryGroupIamPolicy("policy", + project=test_entry_group_basic["project"], + location=test_entry_group_basic["location"], + entry_group_id=test_entry_group_basic["entryGroupId"], + policy_data=admin.policy_data) + ``` + + ## dataplex.EntryGroupIamBinding + + ```python + import pulumi + import pulumi_gcp as gcp + + binding = gcp.dataplex.EntryGroupIamBinding("binding", + project=test_entry_group_basic["project"], + location=test_entry_group_basic["location"], + entry_group_id=test_entry_group_basic["entryGroupId"], + role="roles/viewer", + members=["user:jane@example.com"]) + ``` + + ## dataplex.EntryGroupIamMember + + ```python + import pulumi + import pulumi_gcp as gcp + + member = gcp.dataplex.EntryGroupIamMember("member", + project=test_entry_group_basic["project"], + location=test_entry_group_basic["location"], + entry_group_id=test_entry_group_basic["entryGroupId"], + role="roles/viewer", + member="user:jane@example.com") + ``` + + ## dataplex.EntryGroupIamPolicy + + ```python + import pulumi + import pulumi_gcp as gcp + + admin = gcp.organizations.get_iam_policy(bindings=[gcp.organizations.GetIAMPolicyBindingArgs( + role="roles/viewer", + members=["user:jane@example.com"], + )]) + policy = gcp.dataplex.EntryGroupIamPolicy("policy", + project=test_entry_group_basic["project"], + location=test_entry_group_basic["location"], + entry_group_id=test_entry_group_basic["entryGroupId"], + policy_data=admin.policy_data) + ``` + + ## dataplex.EntryGroupIamBinding + + ```python + import pulumi + import pulumi_gcp as gcp + + binding = gcp.dataplex.EntryGroupIamBinding("binding", + project=test_entry_group_basic["project"], + location=test_entry_group_basic["location"], + entry_group_id=test_entry_group_basic["entryGroupId"], + role="roles/viewer", + members=["user:jane@example.com"]) + ``` + + ## dataplex.EntryGroupIamMember + + ```python + import pulumi + import pulumi_gcp as gcp + + member = gcp.dataplex.EntryGroupIamMember("member", + project=test_entry_group_basic["project"], + location=test_entry_group_basic["location"], + entry_group_id=test_entry_group_basic["entryGroupId"], + role="roles/viewer", + member="user:jane@example.com") + ``` + + ## Import + + For all import syntaxes, the "resource in question" can take any of the following forms: + + * projects/{{project}}/locations/{{location}}/entryGroups/{{entry_group_id}} + + * {{project}}/{{location}}/{{entry_group_id}} + + * {{location}}/{{entry_group_id}} + + * {{entry_group_id}} + + Any variables not passed in the import command will be taken from the provider configuration. + + Dataplex entrygroup IAM resources can be imported using the resource identifiers, role, and member. + + IAM member imports use space-delimited identifiers: the resource in question, the role, and the member identity, e.g. + + ```sh + $ pulumi import gcp:dataplex/entryGroupIamPolicy:EntryGroupIamPolicy editor "projects/{{project}}/locations/{{location}}/entryGroups/{{entry_group_id}} roles/viewer user:jane@example.com" + ``` + + IAM binding imports use space-delimited identifiers: the resource in question and the role, e.g. + + ```sh + $ pulumi import gcp:dataplex/entryGroupIamPolicy:EntryGroupIamPolicy editor "projects/{{project}}/locations/{{location}}/entryGroups/{{entry_group_id}} roles/viewer" + ``` + + IAM policy imports use the identifier of the resource in question, e.g. + + ```sh + $ pulumi import gcp:dataplex/entryGroupIamPolicy:EntryGroupIamPolicy editor projects/{{project}}/locations/{{location}}/entryGroups/{{entry_group_id}} + ``` + + -> **Custom Roles**: If you're importing a IAM resource with a custom role, make sure to use the + + full name of the custom role, e.g. `[projects/my-project|organizations/my-org]/roles/my-custom-role`. + + :param str resource_name: The name of the resource. + :param pulumi.ResourceOptions opts: Options for the resource. + :param pulumi.Input[str] location: The location where entry group will be created in. + Used to find the parent resource to bind the IAM policy to + :param pulumi.Input[str] policy_data: The policy data generated by + a `organizations_get_iam_policy` data source. + :param pulumi.Input[str] project: The ID of the project in which the resource belongs. + If it is not provided, the project will be parsed from the identifier of the parent resource. If no project is provided in the parent identifier and no project is specified, the provider project is used. + """ + ... + @overload + def __init__(__self__, + resource_name: str, + args: EntryGroupIamPolicyArgs, + opts: Optional[pulumi.ResourceOptions] = None): + """ + Three different resources help you manage your IAM policy for Dataplex EntryGroup. Each of these resources serves a different use case: + + * `dataplex.EntryGroupIamPolicy`: Authoritative. Sets the IAM policy for the entrygroup and replaces any existing policy already attached. + * `dataplex.EntryGroupIamBinding`: Authoritative for a given role. Updates the IAM policy to grant a role to a list of members. Other roles within the IAM policy for the entrygroup are preserved. + * `dataplex.EntryGroupIamMember`: Non-authoritative. Updates the IAM policy to grant a role to a new member. Other members for the role for the entrygroup are preserved. + + A data source can be used to retrieve policy data in advent you do not need creation + + * `dataplex.EntryGroupIamPolicy`: Retrieves the IAM policy for the entrygroup + + > **Note:** `dataplex.EntryGroupIamPolicy` **cannot** be used in conjunction with `dataplex.EntryGroupIamBinding` and `dataplex.EntryGroupIamMember` or they will fight over what your policy should be. + + > **Note:** `dataplex.EntryGroupIamBinding` resources **can be** used in conjunction with `dataplex.EntryGroupIamMember` resources **only if** they do not grant privilege to the same role. + + ## dataplex.EntryGroupIamPolicy + + ```python + import pulumi + import pulumi_gcp as gcp + + admin = gcp.organizations.get_iam_policy(bindings=[gcp.organizations.GetIAMPolicyBindingArgs( + role="roles/viewer", + members=["user:jane@example.com"], + )]) + policy = gcp.dataplex.EntryGroupIamPolicy("policy", + project=test_entry_group_basic["project"], + location=test_entry_group_basic["location"], + entry_group_id=test_entry_group_basic["entryGroupId"], + policy_data=admin.policy_data) + ``` + + ## dataplex.EntryGroupIamBinding + + ```python + import pulumi + import pulumi_gcp as gcp + + binding = gcp.dataplex.EntryGroupIamBinding("binding", + project=test_entry_group_basic["project"], + location=test_entry_group_basic["location"], + entry_group_id=test_entry_group_basic["entryGroupId"], + role="roles/viewer", + members=["user:jane@example.com"]) + ``` + + ## dataplex.EntryGroupIamMember + + ```python + import pulumi + import pulumi_gcp as gcp + + member = gcp.dataplex.EntryGroupIamMember("member", + project=test_entry_group_basic["project"], + location=test_entry_group_basic["location"], + entry_group_id=test_entry_group_basic["entryGroupId"], + role="roles/viewer", + member="user:jane@example.com") + ``` + + ## dataplex.EntryGroupIamPolicy + + ```python + import pulumi + import pulumi_gcp as gcp + + admin = gcp.organizations.get_iam_policy(bindings=[gcp.organizations.GetIAMPolicyBindingArgs( + role="roles/viewer", + members=["user:jane@example.com"], + )]) + policy = gcp.dataplex.EntryGroupIamPolicy("policy", + project=test_entry_group_basic["project"], + location=test_entry_group_basic["location"], + entry_group_id=test_entry_group_basic["entryGroupId"], + policy_data=admin.policy_data) + ``` + + ## dataplex.EntryGroupIamBinding + + ```python + import pulumi + import pulumi_gcp as gcp + + binding = gcp.dataplex.EntryGroupIamBinding("binding", + project=test_entry_group_basic["project"], + location=test_entry_group_basic["location"], + entry_group_id=test_entry_group_basic["entryGroupId"], + role="roles/viewer", + members=["user:jane@example.com"]) + ``` + + ## dataplex.EntryGroupIamMember + + ```python + import pulumi + import pulumi_gcp as gcp + + member = gcp.dataplex.EntryGroupIamMember("member", + project=test_entry_group_basic["project"], + location=test_entry_group_basic["location"], + entry_group_id=test_entry_group_basic["entryGroupId"], + role="roles/viewer", + member="user:jane@example.com") + ``` + + ## Import + + For all import syntaxes, the "resource in question" can take any of the following forms: + + * projects/{{project}}/locations/{{location}}/entryGroups/{{entry_group_id}} + + * {{project}}/{{location}}/{{entry_group_id}} + + * {{location}}/{{entry_group_id}} + + * {{entry_group_id}} + + Any variables not passed in the import command will be taken from the provider configuration. + + Dataplex entrygroup IAM resources can be imported using the resource identifiers, role, and member. + + IAM member imports use space-delimited identifiers: the resource in question, the role, and the member identity, e.g. + + ```sh + $ pulumi import gcp:dataplex/entryGroupIamPolicy:EntryGroupIamPolicy editor "projects/{{project}}/locations/{{location}}/entryGroups/{{entry_group_id}} roles/viewer user:jane@example.com" + ``` + + IAM binding imports use space-delimited identifiers: the resource in question and the role, e.g. + + ```sh + $ pulumi import gcp:dataplex/entryGroupIamPolicy:EntryGroupIamPolicy editor "projects/{{project}}/locations/{{location}}/entryGroups/{{entry_group_id}} roles/viewer" + ``` + + IAM policy imports use the identifier of the resource in question, e.g. + + ```sh + $ pulumi import gcp:dataplex/entryGroupIamPolicy:EntryGroupIamPolicy editor projects/{{project}}/locations/{{location}}/entryGroups/{{entry_group_id}} + ``` + + -> **Custom Roles**: If you're importing a IAM resource with a custom role, make sure to use the + + full name of the custom role, e.g. `[projects/my-project|organizations/my-org]/roles/my-custom-role`. + + :param str resource_name: The name of the resource. + :param EntryGroupIamPolicyArgs args: The arguments to use to populate this resource's properties. + :param pulumi.ResourceOptions opts: Options for the resource. + """ + ... + def __init__(__self__, resource_name: str, *args, **kwargs): + resource_args, opts = _utilities.get_resource_args_opts(EntryGroupIamPolicyArgs, pulumi.ResourceOptions, *args, **kwargs) + if resource_args is not None: + __self__._internal_init(resource_name, opts, **resource_args.__dict__) + else: + __self__._internal_init(resource_name, *args, **kwargs) + + def _internal_init(__self__, + resource_name: str, + opts: Optional[pulumi.ResourceOptions] = None, + entry_group_id: Optional[pulumi.Input[str]] = None, + location: Optional[pulumi.Input[str]] = None, + policy_data: Optional[pulumi.Input[str]] = None, + project: Optional[pulumi.Input[str]] = None, + __props__=None): + opts = pulumi.ResourceOptions.merge(_utilities.get_resource_opts_defaults(), opts) + if not isinstance(opts, pulumi.ResourceOptions): + raise TypeError('Expected resource options to be a ResourceOptions instance') + if opts.id is None: + if __props__ is not None: + raise TypeError('__props__ is only valid when passed in combination with a valid opts.id to get an existing resource') + __props__ = EntryGroupIamPolicyArgs.__new__(EntryGroupIamPolicyArgs) + + if entry_group_id is None and not opts.urn: + raise TypeError("Missing required property 'entry_group_id'") + __props__.__dict__["entry_group_id"] = entry_group_id + __props__.__dict__["location"] = location + if policy_data is None and not opts.urn: + raise TypeError("Missing required property 'policy_data'") + __props__.__dict__["policy_data"] = policy_data + __props__.__dict__["project"] = project + __props__.__dict__["etag"] = None + super(EntryGroupIamPolicy, __self__).__init__( + 'gcp:dataplex/entryGroupIamPolicy:EntryGroupIamPolicy', + resource_name, + __props__, + opts) + + @staticmethod + def get(resource_name: str, + id: pulumi.Input[str], + opts: Optional[pulumi.ResourceOptions] = None, + entry_group_id: Optional[pulumi.Input[str]] = None, + etag: Optional[pulumi.Input[str]] = None, + location: Optional[pulumi.Input[str]] = None, + policy_data: Optional[pulumi.Input[str]] = None, + project: Optional[pulumi.Input[str]] = None) -> 'EntryGroupIamPolicy': + """ + Get an existing EntryGroupIamPolicy resource's state with the given name, id, and optional extra + properties used to qualify the lookup. + + :param str resource_name: The unique name of the resulting resource. + :param pulumi.Input[str] id: The unique provider ID of the resource to lookup. + :param pulumi.ResourceOptions opts: Options for the resource. + :param pulumi.Input[str] etag: (Computed) The etag of the IAM policy. + :param pulumi.Input[str] location: The location where entry group will be created in. + Used to find the parent resource to bind the IAM policy to + :param pulumi.Input[str] policy_data: The policy data generated by + a `organizations_get_iam_policy` data source. + :param pulumi.Input[str] project: The ID of the project in which the resource belongs. + If it is not provided, the project will be parsed from the identifier of the parent resource. If no project is provided in the parent identifier and no project is specified, the provider project is used. + """ + opts = pulumi.ResourceOptions.merge(opts, pulumi.ResourceOptions(id=id)) + + __props__ = _EntryGroupIamPolicyState.__new__(_EntryGroupIamPolicyState) + + __props__.__dict__["entry_group_id"] = entry_group_id + __props__.__dict__["etag"] = etag + __props__.__dict__["location"] = location + __props__.__dict__["policy_data"] = policy_data + __props__.__dict__["project"] = project + return EntryGroupIamPolicy(resource_name, opts=opts, __props__=__props__) + + @property + @pulumi.getter(name="entryGroupId") + def entry_group_id(self) -> pulumi.Output[str]: + return pulumi.get(self, "entry_group_id") + + @property + @pulumi.getter + def etag(self) -> pulumi.Output[str]: + """ + (Computed) The etag of the IAM policy. + """ + return pulumi.get(self, "etag") + + @property + @pulumi.getter + def location(self) -> pulumi.Output[str]: + """ + The location where entry group will be created in. + Used to find the parent resource to bind the IAM policy to + """ + return pulumi.get(self, "location") + + @property + @pulumi.getter(name="policyData") + def policy_data(self) -> pulumi.Output[str]: + """ + The policy data generated by + a `organizations_get_iam_policy` data source. + """ + return pulumi.get(self, "policy_data") + + @property + @pulumi.getter + def project(self) -> pulumi.Output[str]: + """ + The ID of the project in which the resource belongs. + If it is not provided, the project will be parsed from the identifier of the parent resource. If no project is provided in the parent identifier and no project is specified, the provider project is used. + """ + return pulumi.get(self, "project") + diff --git a/sdk/python/pulumi_gcp/dataplex/get_aspect_type_iam_policy.py b/sdk/python/pulumi_gcp/dataplex/get_aspect_type_iam_policy.py new file mode 100644 index 0000000000..c68a17eb95 --- /dev/null +++ b/sdk/python/pulumi_gcp/dataplex/get_aspect_type_iam_policy.py @@ -0,0 +1,164 @@ +# coding=utf-8 +# *** WARNING: this file was generated by the Pulumi Terraform Bridge (tfgen) Tool. *** +# *** Do not edit by hand unless you're certain you know what you are doing! *** + +import copy +import warnings +import pulumi +import pulumi.runtime +from typing import Any, Mapping, Optional, Sequence, Union, overload +from .. import _utilities + +__all__ = [ + 'GetAspectTypeIamPolicyResult', + 'AwaitableGetAspectTypeIamPolicyResult', + 'get_aspect_type_iam_policy', + 'get_aspect_type_iam_policy_output', +] + +@pulumi.output_type +class GetAspectTypeIamPolicyResult: + """ + A collection of values returned by getAspectTypeIamPolicy. + """ + def __init__(__self__, aspect_type_id=None, etag=None, id=None, location=None, policy_data=None, project=None): + if aspect_type_id and not isinstance(aspect_type_id, str): + raise TypeError("Expected argument 'aspect_type_id' to be a str") + pulumi.set(__self__, "aspect_type_id", aspect_type_id) + if etag and not isinstance(etag, str): + raise TypeError("Expected argument 'etag' to be a str") + pulumi.set(__self__, "etag", etag) + if id and not isinstance(id, str): + raise TypeError("Expected argument 'id' to be a str") + pulumi.set(__self__, "id", id) + if location and not isinstance(location, str): + raise TypeError("Expected argument 'location' to be a str") + pulumi.set(__self__, "location", location) + if policy_data and not isinstance(policy_data, str): + raise TypeError("Expected argument 'policy_data' to be a str") + pulumi.set(__self__, "policy_data", policy_data) + if project and not isinstance(project, str): + raise TypeError("Expected argument 'project' to be a str") + pulumi.set(__self__, "project", project) + + @property + @pulumi.getter(name="aspectTypeId") + def aspect_type_id(self) -> str: + return pulumi.get(self, "aspect_type_id") + + @property + @pulumi.getter + def etag(self) -> str: + """ + (Computed) The etag of the IAM policy. + """ + return pulumi.get(self, "etag") + + @property + @pulumi.getter + def id(self) -> str: + """ + The provider-assigned unique ID for this managed resource. + """ + return pulumi.get(self, "id") + + @property + @pulumi.getter + def location(self) -> str: + return pulumi.get(self, "location") + + @property + @pulumi.getter(name="policyData") + def policy_data(self) -> str: + """ + (Required only by `dataplex.AspectTypeIamPolicy`) The policy data generated by + a `organizations_get_iam_policy` data source. + """ + return pulumi.get(self, "policy_data") + + @property + @pulumi.getter + def project(self) -> str: + return pulumi.get(self, "project") + + +class AwaitableGetAspectTypeIamPolicyResult(GetAspectTypeIamPolicyResult): + # pylint: disable=using-constant-test + def __await__(self): + if False: + yield self + return GetAspectTypeIamPolicyResult( + aspect_type_id=self.aspect_type_id, + etag=self.etag, + id=self.id, + location=self.location, + policy_data=self.policy_data, + project=self.project) + + +def get_aspect_type_iam_policy(aspect_type_id: Optional[str] = None, + location: Optional[str] = None, + project: Optional[str] = None, + opts: Optional[pulumi.InvokeOptions] = None) -> AwaitableGetAspectTypeIamPolicyResult: + """ + Retrieves the current IAM policy data for aspecttype + + ## example + + ```python + import pulumi + import pulumi_gcp as gcp + + policy = gcp.dataplex.get_aspect_type_iam_policy(project=test_aspect_type_basic["project"], + location=test_aspect_type_basic["location"], + aspect_type_id=test_aspect_type_basic["aspectTypeId"]) + ``` + + + :param str location: The location where aspect type will be created in. + Used to find the parent resource to bind the IAM policy to + :param str project: The ID of the project in which the resource belongs. + If it is not provided, the project will be parsed from the identifier of the parent resource. If no project is provided in the parent identifier and no project is specified, the provider project is used. + """ + __args__ = dict() + __args__['aspectTypeId'] = aspect_type_id + __args__['location'] = location + __args__['project'] = project + opts = pulumi.InvokeOptions.merge(_utilities.get_invoke_opts_defaults(), opts) + __ret__ = pulumi.runtime.invoke('gcp:dataplex/getAspectTypeIamPolicy:getAspectTypeIamPolicy', __args__, opts=opts, typ=GetAspectTypeIamPolicyResult).value + + return AwaitableGetAspectTypeIamPolicyResult( + aspect_type_id=pulumi.get(__ret__, 'aspect_type_id'), + etag=pulumi.get(__ret__, 'etag'), + id=pulumi.get(__ret__, 'id'), + location=pulumi.get(__ret__, 'location'), + policy_data=pulumi.get(__ret__, 'policy_data'), + project=pulumi.get(__ret__, 'project')) + + +@_utilities.lift_output_func(get_aspect_type_iam_policy) +def get_aspect_type_iam_policy_output(aspect_type_id: Optional[pulumi.Input[str]] = None, + location: Optional[pulumi.Input[Optional[str]]] = None, + project: Optional[pulumi.Input[Optional[str]]] = None, + opts: Optional[pulumi.InvokeOptions] = None) -> pulumi.Output[GetAspectTypeIamPolicyResult]: + """ + Retrieves the current IAM policy data for aspecttype + + ## example + + ```python + import pulumi + import pulumi_gcp as gcp + + policy = gcp.dataplex.get_aspect_type_iam_policy(project=test_aspect_type_basic["project"], + location=test_aspect_type_basic["location"], + aspect_type_id=test_aspect_type_basic["aspectTypeId"]) + ``` + + + :param str location: The location where aspect type will be created in. + Used to find the parent resource to bind the IAM policy to + :param str project: The ID of the project in which the resource belongs. + If it is not provided, the project will be parsed from the identifier of the parent resource. If no project is provided in the parent identifier and no project is specified, the provider project is used. + """ + ... diff --git a/sdk/python/pulumi_gcp/dataplex/get_entry_group_iam_policy.py b/sdk/python/pulumi_gcp/dataplex/get_entry_group_iam_policy.py new file mode 100644 index 0000000000..67174b4c74 --- /dev/null +++ b/sdk/python/pulumi_gcp/dataplex/get_entry_group_iam_policy.py @@ -0,0 +1,164 @@ +# coding=utf-8 +# *** WARNING: this file was generated by the Pulumi Terraform Bridge (tfgen) Tool. *** +# *** Do not edit by hand unless you're certain you know what you are doing! *** + +import copy +import warnings +import pulumi +import pulumi.runtime +from typing import Any, Mapping, Optional, Sequence, Union, overload +from .. import _utilities + +__all__ = [ + 'GetEntryGroupIamPolicyResult', + 'AwaitableGetEntryGroupIamPolicyResult', + 'get_entry_group_iam_policy', + 'get_entry_group_iam_policy_output', +] + +@pulumi.output_type +class GetEntryGroupIamPolicyResult: + """ + A collection of values returned by getEntryGroupIamPolicy. + """ + def __init__(__self__, entry_group_id=None, etag=None, id=None, location=None, policy_data=None, project=None): + if entry_group_id and not isinstance(entry_group_id, str): + raise TypeError("Expected argument 'entry_group_id' to be a str") + pulumi.set(__self__, "entry_group_id", entry_group_id) + if etag and not isinstance(etag, str): + raise TypeError("Expected argument 'etag' to be a str") + pulumi.set(__self__, "etag", etag) + if id and not isinstance(id, str): + raise TypeError("Expected argument 'id' to be a str") + pulumi.set(__self__, "id", id) + if location and not isinstance(location, str): + raise TypeError("Expected argument 'location' to be a str") + pulumi.set(__self__, "location", location) + if policy_data and not isinstance(policy_data, str): + raise TypeError("Expected argument 'policy_data' to be a str") + pulumi.set(__self__, "policy_data", policy_data) + if project and not isinstance(project, str): + raise TypeError("Expected argument 'project' to be a str") + pulumi.set(__self__, "project", project) + + @property + @pulumi.getter(name="entryGroupId") + def entry_group_id(self) -> str: + return pulumi.get(self, "entry_group_id") + + @property + @pulumi.getter + def etag(self) -> str: + """ + (Computed) The etag of the IAM policy. + """ + return pulumi.get(self, "etag") + + @property + @pulumi.getter + def id(self) -> str: + """ + The provider-assigned unique ID for this managed resource. + """ + return pulumi.get(self, "id") + + @property + @pulumi.getter + def location(self) -> str: + return pulumi.get(self, "location") + + @property + @pulumi.getter(name="policyData") + def policy_data(self) -> str: + """ + (Required only by `dataplex.EntryGroupIamPolicy`) The policy data generated by + a `organizations_get_iam_policy` data source. + """ + return pulumi.get(self, "policy_data") + + @property + @pulumi.getter + def project(self) -> str: + return pulumi.get(self, "project") + + +class AwaitableGetEntryGroupIamPolicyResult(GetEntryGroupIamPolicyResult): + # pylint: disable=using-constant-test + def __await__(self): + if False: + yield self + return GetEntryGroupIamPolicyResult( + entry_group_id=self.entry_group_id, + etag=self.etag, + id=self.id, + location=self.location, + policy_data=self.policy_data, + project=self.project) + + +def get_entry_group_iam_policy(entry_group_id: Optional[str] = None, + location: Optional[str] = None, + project: Optional[str] = None, + opts: Optional[pulumi.InvokeOptions] = None) -> AwaitableGetEntryGroupIamPolicyResult: + """ + Retrieves the current IAM policy data for entrygroup + + ## example + + ```python + import pulumi + import pulumi_gcp as gcp + + policy = gcp.dataplex.get_entry_group_iam_policy(project=test_entry_group_basic["project"], + location=test_entry_group_basic["location"], + entry_group_id=test_entry_group_basic["entryGroupId"]) + ``` + + + :param str location: The location where entry group will be created in. + Used to find the parent resource to bind the IAM policy to + :param str project: The ID of the project in which the resource belongs. + If it is not provided, the project will be parsed from the identifier of the parent resource. If no project is provided in the parent identifier and no project is specified, the provider project is used. + """ + __args__ = dict() + __args__['entryGroupId'] = entry_group_id + __args__['location'] = location + __args__['project'] = project + opts = pulumi.InvokeOptions.merge(_utilities.get_invoke_opts_defaults(), opts) + __ret__ = pulumi.runtime.invoke('gcp:dataplex/getEntryGroupIamPolicy:getEntryGroupIamPolicy', __args__, opts=opts, typ=GetEntryGroupIamPolicyResult).value + + return AwaitableGetEntryGroupIamPolicyResult( + entry_group_id=pulumi.get(__ret__, 'entry_group_id'), + etag=pulumi.get(__ret__, 'etag'), + id=pulumi.get(__ret__, 'id'), + location=pulumi.get(__ret__, 'location'), + policy_data=pulumi.get(__ret__, 'policy_data'), + project=pulumi.get(__ret__, 'project')) + + +@_utilities.lift_output_func(get_entry_group_iam_policy) +def get_entry_group_iam_policy_output(entry_group_id: Optional[pulumi.Input[str]] = None, + location: Optional[pulumi.Input[Optional[str]]] = None, + project: Optional[pulumi.Input[Optional[str]]] = None, + opts: Optional[pulumi.InvokeOptions] = None) -> pulumi.Output[GetEntryGroupIamPolicyResult]: + """ + Retrieves the current IAM policy data for entrygroup + + ## example + + ```python + import pulumi + import pulumi_gcp as gcp + + policy = gcp.dataplex.get_entry_group_iam_policy(project=test_entry_group_basic["project"], + location=test_entry_group_basic["location"], + entry_group_id=test_entry_group_basic["entryGroupId"]) + ``` + + + :param str location: The location where entry group will be created in. + Used to find the parent resource to bind the IAM policy to + :param str project: The ID of the project in which the resource belongs. + If it is not provided, the project will be parsed from the identifier of the parent resource. If no project is provided in the parent identifier and no project is specified, the provider project is used. + """ + ... diff --git a/sdk/python/pulumi_gcp/dataplex/outputs.py b/sdk/python/pulumi_gcp/dataplex/outputs.py index b1110a3f6f..f2f4e14bc4 100644 --- a/sdk/python/pulumi_gcp/dataplex/outputs.py +++ b/sdk/python/pulumi_gcp/dataplex/outputs.py @@ -11,6 +11,8 @@ from . import outputs __all__ = [ + 'AspectTypeIamBindingCondition', + 'AspectTypeIamMemberCondition', 'AssetDiscoverySpec', 'AssetDiscoverySpecCsvOptions', 'AssetDiscoverySpecJsonOptions', @@ -46,6 +48,8 @@ 'DatascanExecutionStatus', 'DatascanIamBindingCondition', 'DatascanIamMemberCondition', + 'EntryGroupIamBindingCondition', + 'EntryGroupIamMemberCondition', 'LakeAssetStatus', 'LakeIamBindingCondition', 'LakeIamMemberCondition', @@ -76,6 +80,60 @@ 'ZoneResourceSpec', ] +@pulumi.output_type +class AspectTypeIamBindingCondition(dict): + def __init__(__self__, *, + expression: str, + title: str, + description: Optional[str] = None): + pulumi.set(__self__, "expression", expression) + pulumi.set(__self__, "title", title) + if description is not None: + pulumi.set(__self__, "description", description) + + @property + @pulumi.getter + def expression(self) -> str: + return pulumi.get(self, "expression") + + @property + @pulumi.getter + def title(self) -> str: + return pulumi.get(self, "title") + + @property + @pulumi.getter + def description(self) -> Optional[str]: + return pulumi.get(self, "description") + + +@pulumi.output_type +class AspectTypeIamMemberCondition(dict): + def __init__(__self__, *, + expression: str, + title: str, + description: Optional[str] = None): + pulumi.set(__self__, "expression", expression) + pulumi.set(__self__, "title", title) + if description is not None: + pulumi.set(__self__, "description", description) + + @property + @pulumi.getter + def expression(self) -> str: + return pulumi.get(self, "expression") + + @property + @pulumi.getter + def title(self) -> str: + return pulumi.get(self, "title") + + @property + @pulumi.getter + def description(self) -> Optional[str]: + return pulumi.get(self, "description") + + @pulumi.output_type class AssetDiscoverySpec(dict): @staticmethod @@ -1911,6 +1969,60 @@ def description(self) -> Optional[str]: return pulumi.get(self, "description") +@pulumi.output_type +class EntryGroupIamBindingCondition(dict): + def __init__(__self__, *, + expression: str, + title: str, + description: Optional[str] = None): + pulumi.set(__self__, "expression", expression) + pulumi.set(__self__, "title", title) + if description is not None: + pulumi.set(__self__, "description", description) + + @property + @pulumi.getter + def expression(self) -> str: + return pulumi.get(self, "expression") + + @property + @pulumi.getter + def title(self) -> str: + return pulumi.get(self, "title") + + @property + @pulumi.getter + def description(self) -> Optional[str]: + return pulumi.get(self, "description") + + +@pulumi.output_type +class EntryGroupIamMemberCondition(dict): + def __init__(__self__, *, + expression: str, + title: str, + description: Optional[str] = None): + pulumi.set(__self__, "expression", expression) + pulumi.set(__self__, "title", title) + if description is not None: + pulumi.set(__self__, "description", description) + + @property + @pulumi.getter + def expression(self) -> str: + return pulumi.get(self, "expression") + + @property + @pulumi.getter + def title(self) -> str: + return pulumi.get(self, "title") + + @property + @pulumi.getter + def description(self) -> Optional[str]: + return pulumi.get(self, "description") + + @pulumi.output_type class LakeAssetStatus(dict): @staticmethod diff --git a/sdk/python/pulumi_gcp/datastream/connection_profile.py b/sdk/python/pulumi_gcp/datastream/connection_profile.py index 4cf66e935e..ad71650e09 100644 --- a/sdk/python/pulumi_gcp/datastream/connection_profile.py +++ b/sdk/python/pulumi_gcp/datastream/connection_profile.py @@ -20,6 +20,7 @@ def __init__(__self__, *, display_name: pulumi.Input[str], location: pulumi.Input[str], bigquery_profile: Optional[pulumi.Input['ConnectionProfileBigqueryProfileArgs']] = None, + create_without_validation: Optional[pulumi.Input[bool]] = None, forward_ssh_connectivity: Optional[pulumi.Input['ConnectionProfileForwardSshConnectivityArgs']] = None, gcs_profile: Optional[pulumi.Input['ConnectionProfileGcsProfileArgs']] = None, labels: Optional[pulumi.Input[Mapping[str, pulumi.Input[str]]]] = None, @@ -38,6 +39,7 @@ def __init__(__self__, *, - - - :param pulumi.Input['ConnectionProfileBigqueryProfileArgs'] bigquery_profile: BigQuery warehouse profile. + :param pulumi.Input[bool] create_without_validation: Create the connection profile without validating it. :param pulumi.Input['ConnectionProfileForwardSshConnectivityArgs'] forward_ssh_connectivity: Forward SSH tunnel connectivity. Structure is documented below. :param pulumi.Input['ConnectionProfileGcsProfileArgs'] gcs_profile: Cloud Storage bucket profile. @@ -63,6 +65,8 @@ def __init__(__self__, *, pulumi.set(__self__, "location", location) if bigquery_profile is not None: pulumi.set(__self__, "bigquery_profile", bigquery_profile) + if create_without_validation is not None: + pulumi.set(__self__, "create_without_validation", create_without_validation) if forward_ssh_connectivity is not None: pulumi.set(__self__, "forward_ssh_connectivity", forward_ssh_connectivity) if gcs_profile is not None: @@ -133,6 +137,18 @@ def bigquery_profile(self) -> Optional[pulumi.Input['ConnectionProfileBigqueryPr def bigquery_profile(self, value: Optional[pulumi.Input['ConnectionProfileBigqueryProfileArgs']]): pulumi.set(self, "bigquery_profile", value) + @property + @pulumi.getter(name="createWithoutValidation") + def create_without_validation(self) -> Optional[pulumi.Input[bool]]: + """ + Create the connection profile without validating it. + """ + return pulumi.get(self, "create_without_validation") + + @create_without_validation.setter + def create_without_validation(self, value: Optional[pulumi.Input[bool]]): + pulumi.set(self, "create_without_validation", value) + @property @pulumi.getter(name="forwardSshConnectivity") def forward_ssh_connectivity(self) -> Optional[pulumi.Input['ConnectionProfileForwardSshConnectivityArgs']]: @@ -257,6 +273,7 @@ class _ConnectionProfileState: def __init__(__self__, *, bigquery_profile: Optional[pulumi.Input['ConnectionProfileBigqueryProfileArgs']] = None, connection_profile_id: Optional[pulumi.Input[str]] = None, + create_without_validation: Optional[pulumi.Input[bool]] = None, display_name: Optional[pulumi.Input[str]] = None, effective_labels: Optional[pulumi.Input[Mapping[str, pulumi.Input[str]]]] = None, forward_ssh_connectivity: Optional[pulumi.Input['ConnectionProfileForwardSshConnectivityArgs']] = None, @@ -275,6 +292,7 @@ def __init__(__self__, *, Input properties used for looking up and filtering ConnectionProfile resources. :param pulumi.Input['ConnectionProfileBigqueryProfileArgs'] bigquery_profile: BigQuery warehouse profile. :param pulumi.Input[str] connection_profile_id: The connection profile identifier. + :param pulumi.Input[bool] create_without_validation: Create the connection profile without validating it. :param pulumi.Input[str] display_name: Display name. :param pulumi.Input[Mapping[str, pulumi.Input[str]]] effective_labels: All of labels (key/value pairs) present on the resource in GCP, including the labels configured through Pulumi, other clients and services. :param pulumi.Input['ConnectionProfileForwardSshConnectivityArgs'] forward_ssh_connectivity: Forward SSH tunnel connectivity. @@ -308,6 +326,8 @@ def __init__(__self__, *, pulumi.set(__self__, "bigquery_profile", bigquery_profile) if connection_profile_id is not None: pulumi.set(__self__, "connection_profile_id", connection_profile_id) + if create_without_validation is not None: + pulumi.set(__self__, "create_without_validation", create_without_validation) if display_name is not None: pulumi.set(__self__, "display_name", display_name) if effective_labels is not None: @@ -361,6 +381,18 @@ def connection_profile_id(self) -> Optional[pulumi.Input[str]]: def connection_profile_id(self, value: Optional[pulumi.Input[str]]): pulumi.set(self, "connection_profile_id", value) + @property + @pulumi.getter(name="createWithoutValidation") + def create_without_validation(self) -> Optional[pulumi.Input[bool]]: + """ + Create the connection profile without validating it. + """ + return pulumi.get(self, "create_without_validation") + + @create_without_validation.setter + def create_without_validation(self, value: Optional[pulumi.Input[bool]]): + pulumi.set(self, "create_without_validation", value) + @property @pulumi.getter(name="displayName") def display_name(self) -> Optional[pulumi.Input[str]]: @@ -551,6 +583,7 @@ def __init__(__self__, opts: Optional[pulumi.ResourceOptions] = None, bigquery_profile: Optional[pulumi.Input[pulumi.InputType['ConnectionProfileBigqueryProfileArgs']]] = None, connection_profile_id: Optional[pulumi.Input[str]] = None, + create_without_validation: Optional[pulumi.Input[bool]] = None, display_name: Optional[pulumi.Input[str]] = None, forward_ssh_connectivity: Optional[pulumi.Input[pulumi.InputType['ConnectionProfileForwardSshConnectivityArgs']]] = None, gcs_profile: Optional[pulumi.Input[pulumi.InputType['ConnectionProfileGcsProfileArgs']]] = None, @@ -820,6 +853,7 @@ def __init__(__self__, :param pulumi.ResourceOptions opts: Options for the resource. :param pulumi.Input[pulumi.InputType['ConnectionProfileBigqueryProfileArgs']] bigquery_profile: BigQuery warehouse profile. :param pulumi.Input[str] connection_profile_id: The connection profile identifier. + :param pulumi.Input[bool] create_without_validation: Create the connection profile without validating it. :param pulumi.Input[str] display_name: Display name. :param pulumi.Input[pulumi.InputType['ConnectionProfileForwardSshConnectivityArgs']] forward_ssh_connectivity: Forward SSH tunnel connectivity. Structure is documented below. @@ -1121,6 +1155,7 @@ def _internal_init(__self__, opts: Optional[pulumi.ResourceOptions] = None, bigquery_profile: Optional[pulumi.Input[pulumi.InputType['ConnectionProfileBigqueryProfileArgs']]] = None, connection_profile_id: Optional[pulumi.Input[str]] = None, + create_without_validation: Optional[pulumi.Input[bool]] = None, display_name: Optional[pulumi.Input[str]] = None, forward_ssh_connectivity: Optional[pulumi.Input[pulumi.InputType['ConnectionProfileForwardSshConnectivityArgs']]] = None, gcs_profile: Optional[pulumi.Input[pulumi.InputType['ConnectionProfileGcsProfileArgs']]] = None, @@ -1145,6 +1180,7 @@ def _internal_init(__self__, if connection_profile_id is None and not opts.urn: raise TypeError("Missing required property 'connection_profile_id'") __props__.__dict__["connection_profile_id"] = connection_profile_id + __props__.__dict__["create_without_validation"] = create_without_validation if display_name is None and not opts.urn: raise TypeError("Missing required property 'display_name'") __props__.__dict__["display_name"] = display_name @@ -1177,6 +1213,7 @@ def get(resource_name: str, opts: Optional[pulumi.ResourceOptions] = None, bigquery_profile: Optional[pulumi.Input[pulumi.InputType['ConnectionProfileBigqueryProfileArgs']]] = None, connection_profile_id: Optional[pulumi.Input[str]] = None, + create_without_validation: Optional[pulumi.Input[bool]] = None, display_name: Optional[pulumi.Input[str]] = None, effective_labels: Optional[pulumi.Input[Mapping[str, pulumi.Input[str]]]] = None, forward_ssh_connectivity: Optional[pulumi.Input[pulumi.InputType['ConnectionProfileForwardSshConnectivityArgs']]] = None, @@ -1200,6 +1237,7 @@ def get(resource_name: str, :param pulumi.ResourceOptions opts: Options for the resource. :param pulumi.Input[pulumi.InputType['ConnectionProfileBigqueryProfileArgs']] bigquery_profile: BigQuery warehouse profile. :param pulumi.Input[str] connection_profile_id: The connection profile identifier. + :param pulumi.Input[bool] create_without_validation: Create the connection profile without validating it. :param pulumi.Input[str] display_name: Display name. :param pulumi.Input[Mapping[str, pulumi.Input[str]]] effective_labels: All of labels (key/value pairs) present on the resource in GCP, including the labels configured through Pulumi, other clients and services. :param pulumi.Input[pulumi.InputType['ConnectionProfileForwardSshConnectivityArgs']] forward_ssh_connectivity: Forward SSH tunnel connectivity. @@ -1235,6 +1273,7 @@ def get(resource_name: str, __props__.__dict__["bigquery_profile"] = bigquery_profile __props__.__dict__["connection_profile_id"] = connection_profile_id + __props__.__dict__["create_without_validation"] = create_without_validation __props__.__dict__["display_name"] = display_name __props__.__dict__["effective_labels"] = effective_labels __props__.__dict__["forward_ssh_connectivity"] = forward_ssh_connectivity @@ -1267,6 +1306,14 @@ def connection_profile_id(self) -> pulumi.Output[str]: """ return pulumi.get(self, "connection_profile_id") + @property + @pulumi.getter(name="createWithoutValidation") + def create_without_validation(self) -> pulumi.Output[Optional[bool]]: + """ + Create the connection profile without validating it. + """ + return pulumi.get(self, "create_without_validation") + @property @pulumi.getter(name="displayName") def display_name(self) -> pulumi.Output[str]: diff --git a/sdk/python/pulumi_gcp/datastream/private_connection.py b/sdk/python/pulumi_gcp/datastream/private_connection.py index 8016a74ad8..8aaad06538 100644 --- a/sdk/python/pulumi_gcp/datastream/private_connection.py +++ b/sdk/python/pulumi_gcp/datastream/private_connection.py @@ -20,6 +20,7 @@ def __init__(__self__, *, location: pulumi.Input[str], private_connection_id: pulumi.Input[str], vpc_peering_config: pulumi.Input['PrivateConnectionVpcPeeringConfigArgs'], + create_without_validation: Optional[pulumi.Input[bool]] = None, labels: Optional[pulumi.Input[Mapping[str, pulumi.Input[str]]]] = None, project: Optional[pulumi.Input[str]] = None): """ @@ -30,6 +31,7 @@ def __init__(__self__, *, :param pulumi.Input['PrivateConnectionVpcPeeringConfigArgs'] vpc_peering_config: The VPC Peering configuration is used to create VPC peering between Datastream and the consumer's VPC. Structure is documented below. + :param pulumi.Input[bool] create_without_validation: If set to true, will skip validations. :param pulumi.Input[Mapping[str, pulumi.Input[str]]] labels: Labels. **Note**: This field is non-authoritative, and will only manage the labels present in your configuration. Please refer to the field 'effective_labels' for all of the labels present on the resource. """ @@ -37,6 +39,8 @@ def __init__(__self__, *, pulumi.set(__self__, "location", location) pulumi.set(__self__, "private_connection_id", private_connection_id) pulumi.set(__self__, "vpc_peering_config", vpc_peering_config) + if create_without_validation is not None: + pulumi.set(__self__, "create_without_validation", create_without_validation) if labels is not None: pulumi.set(__self__, "labels", labels) if project is not None: @@ -92,6 +96,18 @@ def vpc_peering_config(self) -> pulumi.Input['PrivateConnectionVpcPeeringConfigA def vpc_peering_config(self, value: pulumi.Input['PrivateConnectionVpcPeeringConfigArgs']): pulumi.set(self, "vpc_peering_config", value) + @property + @pulumi.getter(name="createWithoutValidation") + def create_without_validation(self) -> Optional[pulumi.Input[bool]]: + """ + If set to true, will skip validations. + """ + return pulumi.get(self, "create_without_validation") + + @create_without_validation.setter + def create_without_validation(self, value: Optional[pulumi.Input[bool]]): + pulumi.set(self, "create_without_validation", value) + @property @pulumi.getter def labels(self) -> Optional[pulumi.Input[Mapping[str, pulumi.Input[str]]]]: @@ -118,6 +134,7 @@ def project(self, value: Optional[pulumi.Input[str]]): @pulumi.input_type class _PrivateConnectionState: def __init__(__self__, *, + create_without_validation: Optional[pulumi.Input[bool]] = None, display_name: Optional[pulumi.Input[str]] = None, effective_labels: Optional[pulumi.Input[Mapping[str, pulumi.Input[str]]]] = None, errors: Optional[pulumi.Input[Sequence[pulumi.Input['PrivateConnectionErrorArgs']]]] = None, @@ -131,6 +148,7 @@ def __init__(__self__, *, vpc_peering_config: Optional[pulumi.Input['PrivateConnectionVpcPeeringConfigArgs']] = None): """ Input properties used for looking up and filtering PrivateConnection resources. + :param pulumi.Input[bool] create_without_validation: If set to true, will skip validations. :param pulumi.Input[str] display_name: Display name. :param pulumi.Input[Mapping[str, pulumi.Input[str]]] effective_labels: All of labels (key/value pairs) present on the resource in GCP, including the labels configured through Pulumi, other clients and services. :param pulumi.Input[Sequence[pulumi.Input['PrivateConnectionErrorArgs']]] errors: The PrivateConnection error in case of failure. @@ -147,6 +165,8 @@ def __init__(__self__, *, between Datastream and the consumer's VPC. Structure is documented below. """ + if create_without_validation is not None: + pulumi.set(__self__, "create_without_validation", create_without_validation) if display_name is not None: pulumi.set(__self__, "display_name", display_name) if effective_labels is not None: @@ -170,6 +190,18 @@ def __init__(__self__, *, if vpc_peering_config is not None: pulumi.set(__self__, "vpc_peering_config", vpc_peering_config) + @property + @pulumi.getter(name="createWithoutValidation") + def create_without_validation(self) -> Optional[pulumi.Input[bool]]: + """ + If set to true, will skip validations. + """ + return pulumi.get(self, "create_without_validation") + + @create_without_validation.setter + def create_without_validation(self, value: Optional[pulumi.Input[bool]]): + pulumi.set(self, "create_without_validation", value) + @property @pulumi.getter(name="displayName") def display_name(self) -> Optional[pulumi.Input[str]]: @@ -310,6 +342,7 @@ class PrivateConnection(pulumi.CustomResource): def __init__(__self__, resource_name: str, opts: Optional[pulumi.ResourceOptions] = None, + create_without_validation: Optional[pulumi.Input[bool]] = None, display_name: Optional[pulumi.Input[str]] = None, labels: Optional[pulumi.Input[Mapping[str, pulumi.Input[str]]]] = None, location: Optional[pulumi.Input[str]] = None, @@ -374,6 +407,7 @@ def __init__(__self__, :param str resource_name: The name of the resource. :param pulumi.ResourceOptions opts: Options for the resource. + :param pulumi.Input[bool] create_without_validation: If set to true, will skip validations. :param pulumi.Input[str] display_name: Display name. :param pulumi.Input[Mapping[str, pulumi.Input[str]]] labels: Labels. **Note**: This field is non-authoritative, and will only manage the labels present in your configuration. Please refer to the field 'effective_labels' for all of the labels present on the resource. @@ -459,6 +493,7 @@ def __init__(__self__, resource_name: str, *args, **kwargs): def _internal_init(__self__, resource_name: str, opts: Optional[pulumi.ResourceOptions] = None, + create_without_validation: Optional[pulumi.Input[bool]] = None, display_name: Optional[pulumi.Input[str]] = None, labels: Optional[pulumi.Input[Mapping[str, pulumi.Input[str]]]] = None, location: Optional[pulumi.Input[str]] = None, @@ -474,6 +509,7 @@ def _internal_init(__self__, raise TypeError('__props__ is only valid when passed in combination with a valid opts.id to get an existing resource') __props__ = PrivateConnectionArgs.__new__(PrivateConnectionArgs) + __props__.__dict__["create_without_validation"] = create_without_validation if display_name is None and not opts.urn: raise TypeError("Missing required property 'display_name'") __props__.__dict__["display_name"] = display_name @@ -505,6 +541,7 @@ def _internal_init(__self__, def get(resource_name: str, id: pulumi.Input[str], opts: Optional[pulumi.ResourceOptions] = None, + create_without_validation: Optional[pulumi.Input[bool]] = None, display_name: Optional[pulumi.Input[str]] = None, effective_labels: Optional[pulumi.Input[Mapping[str, pulumi.Input[str]]]] = None, errors: Optional[pulumi.Input[Sequence[pulumi.Input[pulumi.InputType['PrivateConnectionErrorArgs']]]]] = None, @@ -523,6 +560,7 @@ def get(resource_name: str, :param str resource_name: The unique name of the resulting resource. :param pulumi.Input[str] id: The unique provider ID of the resource to lookup. :param pulumi.ResourceOptions opts: Options for the resource. + :param pulumi.Input[bool] create_without_validation: If set to true, will skip validations. :param pulumi.Input[str] display_name: Display name. :param pulumi.Input[Mapping[str, pulumi.Input[str]]] effective_labels: All of labels (key/value pairs) present on the resource in GCP, including the labels configured through Pulumi, other clients and services. :param pulumi.Input[Sequence[pulumi.Input[pulumi.InputType['PrivateConnectionErrorArgs']]]] errors: The PrivateConnection error in case of failure. @@ -543,6 +581,7 @@ def get(resource_name: str, __props__ = _PrivateConnectionState.__new__(_PrivateConnectionState) + __props__.__dict__["create_without_validation"] = create_without_validation __props__.__dict__["display_name"] = display_name __props__.__dict__["effective_labels"] = effective_labels __props__.__dict__["errors"] = errors @@ -556,6 +595,14 @@ def get(resource_name: str, __props__.__dict__["vpc_peering_config"] = vpc_peering_config return PrivateConnection(resource_name, opts=opts, __props__=__props__) + @property + @pulumi.getter(name="createWithoutValidation") + def create_without_validation(self) -> pulumi.Output[Optional[bool]]: + """ + If set to true, will skip validations. + """ + return pulumi.get(self, "create_without_validation") + @property @pulumi.getter(name="displayName") def display_name(self) -> pulumi.Output[str]: diff --git a/sdk/python/pulumi_gcp/datastream/stream.py b/sdk/python/pulumi_gcp/datastream/stream.py index 8f2dde22f2..51949c5bac 100644 --- a/sdk/python/pulumi_gcp/datastream/stream.py +++ b/sdk/python/pulumi_gcp/datastream/stream.py @@ -23,6 +23,7 @@ def __init__(__self__, *, stream_id: pulumi.Input[str], backfill_all: Optional[pulumi.Input['StreamBackfillAllArgs']] = None, backfill_none: Optional[pulumi.Input['StreamBackfillNoneArgs']] = None, + create_without_validation: Optional[pulumi.Input[bool]] = None, customer_managed_encryption_key: Optional[pulumi.Input[str]] = None, desired_state: Optional[pulumi.Input[str]] = None, labels: Optional[pulumi.Input[Mapping[str, pulumi.Input[str]]]] = None, @@ -38,6 +39,7 @@ def __init__(__self__, *, :param pulumi.Input[str] stream_id: The stream identifier. :param pulumi.Input['StreamBackfillAllArgs'] backfill_all: Backfill strategy to automatically backfill the Stream's objects. Specific objects can be excluded. :param pulumi.Input['StreamBackfillNoneArgs'] backfill_none: Backfill strategy to disable automatic backfill for the Stream's objects. + :param pulumi.Input[bool] create_without_validation: Create the stream without validating it. :param pulumi.Input[str] customer_managed_encryption_key: A reference to a KMS encryption key. If provided, it will be used to encrypt the data. If left blank, data will be encrypted using an internal Stream-specific encryption key provisioned through KMS. :param pulumi.Input[str] desired_state: Desired state of the Stream. Set this field to 'RUNNING' to start the stream, and 'PAUSED' to pause the stream. @@ -53,6 +55,8 @@ def __init__(__self__, *, pulumi.set(__self__, "backfill_all", backfill_all) if backfill_none is not None: pulumi.set(__self__, "backfill_none", backfill_none) + if create_without_validation is not None: + pulumi.set(__self__, "create_without_validation", create_without_validation) if customer_managed_encryption_key is not None: pulumi.set(__self__, "customer_managed_encryption_key", customer_managed_encryption_key) if desired_state is not None: @@ -148,6 +152,18 @@ def backfill_none(self) -> Optional[pulumi.Input['StreamBackfillNoneArgs']]: def backfill_none(self, value: Optional[pulumi.Input['StreamBackfillNoneArgs']]): pulumi.set(self, "backfill_none", value) + @property + @pulumi.getter(name="createWithoutValidation") + def create_without_validation(self) -> Optional[pulumi.Input[bool]]: + """ + Create the stream without validating it. + """ + return pulumi.get(self, "create_without_validation") + + @create_without_validation.setter + def create_without_validation(self, value: Optional[pulumi.Input[bool]]): + pulumi.set(self, "create_without_validation", value) + @property @pulumi.getter(name="customerManagedEncryptionKey") def customer_managed_encryption_key(self) -> Optional[pulumi.Input[str]]: @@ -201,6 +217,7 @@ class _StreamState: def __init__(__self__, *, backfill_all: Optional[pulumi.Input['StreamBackfillAllArgs']] = None, backfill_none: Optional[pulumi.Input['StreamBackfillNoneArgs']] = None, + create_without_validation: Optional[pulumi.Input[bool]] = None, customer_managed_encryption_key: Optional[pulumi.Input[str]] = None, desired_state: Optional[pulumi.Input[str]] = None, destination_config: Optional[pulumi.Input['StreamDestinationConfigArgs']] = None, @@ -218,6 +235,7 @@ def __init__(__self__, *, Input properties used for looking up and filtering Stream resources. :param pulumi.Input['StreamBackfillAllArgs'] backfill_all: Backfill strategy to automatically backfill the Stream's objects. Specific objects can be excluded. :param pulumi.Input['StreamBackfillNoneArgs'] backfill_none: Backfill strategy to disable automatic backfill for the Stream's objects. + :param pulumi.Input[bool] create_without_validation: Create the stream without validating it. :param pulumi.Input[str] customer_managed_encryption_key: A reference to a KMS encryption key. If provided, it will be used to encrypt the data. If left blank, data will be encrypted using an internal Stream-specific encryption key provisioned through KMS. :param pulumi.Input[str] desired_state: Desired state of the Stream. Set this field to 'RUNNING' to start the stream, and 'PAUSED' to pause the stream. @@ -240,6 +258,8 @@ def __init__(__self__, *, pulumi.set(__self__, "backfill_all", backfill_all) if backfill_none is not None: pulumi.set(__self__, "backfill_none", backfill_none) + if create_without_validation is not None: + pulumi.set(__self__, "create_without_validation", create_without_validation) if customer_managed_encryption_key is not None: pulumi.set(__self__, "customer_managed_encryption_key", customer_managed_encryption_key) if desired_state is not None: @@ -291,6 +311,18 @@ def backfill_none(self) -> Optional[pulumi.Input['StreamBackfillNoneArgs']]: def backfill_none(self, value: Optional[pulumi.Input['StreamBackfillNoneArgs']]): pulumi.set(self, "backfill_none", value) + @property + @pulumi.getter(name="createWithoutValidation") + def create_without_validation(self) -> Optional[pulumi.Input[bool]]: + """ + Create the stream without validating it. + """ + return pulumi.get(self, "create_without_validation") + + @create_without_validation.setter + def create_without_validation(self, value: Optional[pulumi.Input[bool]]): + pulumi.set(self, "create_without_validation", value) + @property @pulumi.getter(name="customerManagedEncryptionKey") def customer_managed_encryption_key(self) -> Optional[pulumi.Input[str]]: @@ -457,6 +489,7 @@ def __init__(__self__, opts: Optional[pulumi.ResourceOptions] = None, backfill_all: Optional[pulumi.Input[pulumi.InputType['StreamBackfillAllArgs']]] = None, backfill_none: Optional[pulumi.Input[pulumi.InputType['StreamBackfillNoneArgs']]] = None, + create_without_validation: Optional[pulumi.Input[bool]] = None, customer_managed_encryption_key: Optional[pulumi.Input[str]] = None, desired_state: Optional[pulumi.Input[str]] = None, destination_config: Optional[pulumi.Input[pulumi.InputType['StreamDestinationConfigArgs']]] = None, @@ -1108,6 +1141,7 @@ def __init__(__self__, :param pulumi.ResourceOptions opts: Options for the resource. :param pulumi.Input[pulumi.InputType['StreamBackfillAllArgs']] backfill_all: Backfill strategy to automatically backfill the Stream's objects. Specific objects can be excluded. :param pulumi.Input[pulumi.InputType['StreamBackfillNoneArgs']] backfill_none: Backfill strategy to disable automatic backfill for the Stream's objects. + :param pulumi.Input[bool] create_without_validation: Create the stream without validating it. :param pulumi.Input[str] customer_managed_encryption_key: A reference to a KMS encryption key. If provided, it will be used to encrypt the data. If left blank, data will be encrypted using an internal Stream-specific encryption key provisioned through KMS. :param pulumi.Input[str] desired_state: Desired state of the Stream. Set this field to 'RUNNING' to start the stream, and 'PAUSED' to pause the stream. @@ -1781,6 +1815,7 @@ def _internal_init(__self__, opts: Optional[pulumi.ResourceOptions] = None, backfill_all: Optional[pulumi.Input[pulumi.InputType['StreamBackfillAllArgs']]] = None, backfill_none: Optional[pulumi.Input[pulumi.InputType['StreamBackfillNoneArgs']]] = None, + create_without_validation: Optional[pulumi.Input[bool]] = None, customer_managed_encryption_key: Optional[pulumi.Input[str]] = None, desired_state: Optional[pulumi.Input[str]] = None, destination_config: Optional[pulumi.Input[pulumi.InputType['StreamDestinationConfigArgs']]] = None, @@ -1801,6 +1836,7 @@ def _internal_init(__self__, __props__.__dict__["backfill_all"] = backfill_all __props__.__dict__["backfill_none"] = backfill_none + __props__.__dict__["create_without_validation"] = create_without_validation __props__.__dict__["customer_managed_encryption_key"] = customer_managed_encryption_key __props__.__dict__["desired_state"] = desired_state if destination_config is None and not opts.urn: @@ -1838,6 +1874,7 @@ def get(resource_name: str, opts: Optional[pulumi.ResourceOptions] = None, backfill_all: Optional[pulumi.Input[pulumi.InputType['StreamBackfillAllArgs']]] = None, backfill_none: Optional[pulumi.Input[pulumi.InputType['StreamBackfillNoneArgs']]] = None, + create_without_validation: Optional[pulumi.Input[bool]] = None, customer_managed_encryption_key: Optional[pulumi.Input[str]] = None, desired_state: Optional[pulumi.Input[str]] = None, destination_config: Optional[pulumi.Input[pulumi.InputType['StreamDestinationConfigArgs']]] = None, @@ -1860,6 +1897,7 @@ def get(resource_name: str, :param pulumi.ResourceOptions opts: Options for the resource. :param pulumi.Input[pulumi.InputType['StreamBackfillAllArgs']] backfill_all: Backfill strategy to automatically backfill the Stream's objects. Specific objects can be excluded. :param pulumi.Input[pulumi.InputType['StreamBackfillNoneArgs']] backfill_none: Backfill strategy to disable automatic backfill for the Stream's objects. + :param pulumi.Input[bool] create_without_validation: Create the stream without validating it. :param pulumi.Input[str] customer_managed_encryption_key: A reference to a KMS encryption key. If provided, it will be used to encrypt the data. If left blank, data will be encrypted using an internal Stream-specific encryption key provisioned through KMS. :param pulumi.Input[str] desired_state: Desired state of the Stream. Set this field to 'RUNNING' to start the stream, and 'PAUSED' to pause the stream. @@ -1884,6 +1922,7 @@ def get(resource_name: str, __props__.__dict__["backfill_all"] = backfill_all __props__.__dict__["backfill_none"] = backfill_none + __props__.__dict__["create_without_validation"] = create_without_validation __props__.__dict__["customer_managed_encryption_key"] = customer_managed_encryption_key __props__.__dict__["desired_state"] = desired_state __props__.__dict__["destination_config"] = destination_config @@ -1915,6 +1954,14 @@ def backfill_none(self) -> pulumi.Output[Optional['outputs.StreamBackfillNone']] """ return pulumi.get(self, "backfill_none") + @property + @pulumi.getter(name="createWithoutValidation") + def create_without_validation(self) -> pulumi.Output[Optional[bool]]: + """ + Create the stream without validating it. + """ + return pulumi.get(self, "create_without_validation") + @property @pulumi.getter(name="customerManagedEncryptionKey") def customer_managed_encryption_key(self) -> pulumi.Output[Optional[str]]: diff --git a/sdk/python/pulumi_gcp/kms/__init__.py b/sdk/python/pulumi_gcp/kms/__init__.py index e31270448f..f24d71bc92 100644 --- a/sdk/python/pulumi_gcp/kms/__init__.py +++ b/sdk/python/pulumi_gcp/kms/__init__.py @@ -5,6 +5,7 @@ from .. import _utilities import typing # Export this package's modules as members: +from .autokey_config import * from .crypto_key import * from .crypto_key_iam_binding import * from .crypto_key_iam_member import * @@ -19,6 +20,7 @@ from .get_kms_secret import * from .get_kms_secret_asymmetric import * from .get_kms_secret_ciphertext import * +from .key_handle import * from .key_ring import * from .key_ring_iam_binding import * from .key_ring_iam_member import * diff --git a/sdk/python/pulumi_gcp/kms/autokey_config.py b/sdk/python/pulumi_gcp/kms/autokey_config.py new file mode 100644 index 0000000000..9cb5d9a64d --- /dev/null +++ b/sdk/python/pulumi_gcp/kms/autokey_config.py @@ -0,0 +1,366 @@ +# coding=utf-8 +# *** WARNING: this file was generated by the Pulumi Terraform Bridge (tfgen) Tool. *** +# *** Do not edit by hand unless you're certain you know what you are doing! *** + +import copy +import warnings +import pulumi +import pulumi.runtime +from typing import Any, Mapping, Optional, Sequence, Union, overload +from .. import _utilities + +__all__ = ['AutokeyConfigArgs', 'AutokeyConfig'] + +@pulumi.input_type +class AutokeyConfigArgs: + def __init__(__self__, *, + folder: pulumi.Input[str], + key_project: Optional[pulumi.Input[str]] = None): + """ + The set of arguments for constructing a AutokeyConfig resource. + :param pulumi.Input[str] folder: The folder for which to retrieve config. + + + - - - + :param pulumi.Input[str] key_project: The target key project for a given folder where KMS Autokey will provision a + CryptoKey for any new KeyHandle the Developer creates. Should have the form + `projects/`. + """ + pulumi.set(__self__, "folder", folder) + if key_project is not None: + pulumi.set(__self__, "key_project", key_project) + + @property + @pulumi.getter + def folder(self) -> pulumi.Input[str]: + """ + The folder for which to retrieve config. + + + - - - + """ + return pulumi.get(self, "folder") + + @folder.setter + def folder(self, value: pulumi.Input[str]): + pulumi.set(self, "folder", value) + + @property + @pulumi.getter(name="keyProject") + def key_project(self) -> Optional[pulumi.Input[str]]: + """ + The target key project for a given folder where KMS Autokey will provision a + CryptoKey for any new KeyHandle the Developer creates. Should have the form + `projects/`. + """ + return pulumi.get(self, "key_project") + + @key_project.setter + def key_project(self, value: Optional[pulumi.Input[str]]): + pulumi.set(self, "key_project", value) + + +@pulumi.input_type +class _AutokeyConfigState: + def __init__(__self__, *, + folder: Optional[pulumi.Input[str]] = None, + key_project: Optional[pulumi.Input[str]] = None): + """ + Input properties used for looking up and filtering AutokeyConfig resources. + :param pulumi.Input[str] folder: The folder for which to retrieve config. + + + - - - + :param pulumi.Input[str] key_project: The target key project for a given folder where KMS Autokey will provision a + CryptoKey for any new KeyHandle the Developer creates. Should have the form + `projects/`. + """ + if folder is not None: + pulumi.set(__self__, "folder", folder) + if key_project is not None: + pulumi.set(__self__, "key_project", key_project) + + @property + @pulumi.getter + def folder(self) -> Optional[pulumi.Input[str]]: + """ + The folder for which to retrieve config. + + + - - - + """ + return pulumi.get(self, "folder") + + @folder.setter + def folder(self, value: Optional[pulumi.Input[str]]): + pulumi.set(self, "folder", value) + + @property + @pulumi.getter(name="keyProject") + def key_project(self) -> Optional[pulumi.Input[str]]: + """ + The target key project for a given folder where KMS Autokey will provision a + CryptoKey for any new KeyHandle the Developer creates. Should have the form + `projects/`. + """ + return pulumi.get(self, "key_project") + + @key_project.setter + def key_project(self, value: Optional[pulumi.Input[str]]): + pulumi.set(self, "key_project", value) + + +class AutokeyConfig(pulumi.CustomResource): + @overload + def __init__(__self__, + resource_name: str, + opts: Optional[pulumi.ResourceOptions] = None, + folder: Optional[pulumi.Input[str]] = None, + key_project: Optional[pulumi.Input[str]] = None, + __props__=None): + """ + ## Example Usage + + ### Kms Autokey Config All + + ```python + import pulumi + import pulumi_gcp as gcp + import pulumi_time as time + + # Create Folder in GCP Organization + autokms_folder = gcp.organizations.Folder("autokms_folder", + display_name="my-folder", + parent="organizations/123456789") + # Create the key project + key_project = gcp.organizations.Project("key_project", + project_id="key-proj", + name="key-proj", + folder_id=autokms_folder.folder_id, + billing_account="000000-0000000-0000000-000000", + opts=pulumi.ResourceOptions(depends_on=[autokms_folder])) + # Enable the Cloud KMS API + kms_api_service = gcp.projects.Service("kms_api_service", + service="cloudkms.googleapis.com", + project=key_project.project_id, + disable_on_destroy=False, + disable_dependent_services=True, + opts=pulumi.ResourceOptions(depends_on=[key_project])) + # Wait delay after enabling APIs + wait_enable_service_api = time.index.Sleep("wait_enable_service_api", create_duration=30s, + opts=pulumi.ResourceOptions(depends_on=[kms_api_service])) + #Create KMS Service Agent + kms_service_agent = gcp.projects.ServiceIdentity("kms_service_agent", + service="cloudkms.googleapis.com", + project=key_project.number, + opts=pulumi.ResourceOptions(depends_on=[wait_enable_service_api])) + # Wait delay after creating service agent. + wait_service_agent = time.index.Sleep("wait_service_agent", create_duration=10s, + opts=pulumi.ResourceOptions(depends_on=[kms_service_agent])) + #Grant the KMS Service Agent the Cloud KMS Admin role + autokey_project_admin = gcp.projects.IAMMember("autokey_project_admin", + project=key_project.project_id, + role="roles/cloudkms.admin", + member=key_project.number.apply(lambda number: f"serviceAccount:service-{number}@gcp-sa-cloudkms.iam.gserviceaccount.com"), + opts=pulumi.ResourceOptions(depends_on=[wait_service_agent])) + # Wait delay after granting IAM permissions + wait_srv_acc_permissions = time.index.Sleep("wait_srv_acc_permissions", create_duration=10s, + opts=pulumi.ResourceOptions(depends_on=[autokey_project_admin])) + example_autokeyconfig = gcp.kms.AutokeyConfig("example-autokeyconfig", + folder=autokms_folder.folder_id, + key_project=key_project.project_id.apply(lambda project_id: f"projects/{project_id}"), + opts=pulumi.ResourceOptions(depends_on=[wait_srv_acc_permissions])) + ``` + + ## Import + + AutokeyConfig can be imported using any of these accepted formats: + + * `folders/{{folder}}/autokeyConfig` + + * `{{folder}}` + + When using the `pulumi import` command, AutokeyConfig can be imported using one of the formats above. For example: + + ```sh + $ pulumi import gcp:kms/autokeyConfig:AutokeyConfig default folders/{{folder}}/autokeyConfig + ``` + + ```sh + $ pulumi import gcp:kms/autokeyConfig:AutokeyConfig default {{folder}} + ``` + + :param str resource_name: The name of the resource. + :param pulumi.ResourceOptions opts: Options for the resource. + :param pulumi.Input[str] folder: The folder for which to retrieve config. + + + - - - + :param pulumi.Input[str] key_project: The target key project for a given folder where KMS Autokey will provision a + CryptoKey for any new KeyHandle the Developer creates. Should have the form + `projects/`. + """ + ... + @overload + def __init__(__self__, + resource_name: str, + args: AutokeyConfigArgs, + opts: Optional[pulumi.ResourceOptions] = None): + """ + ## Example Usage + + ### Kms Autokey Config All + + ```python + import pulumi + import pulumi_gcp as gcp + import pulumi_time as time + + # Create Folder in GCP Organization + autokms_folder = gcp.organizations.Folder("autokms_folder", + display_name="my-folder", + parent="organizations/123456789") + # Create the key project + key_project = gcp.organizations.Project("key_project", + project_id="key-proj", + name="key-proj", + folder_id=autokms_folder.folder_id, + billing_account="000000-0000000-0000000-000000", + opts=pulumi.ResourceOptions(depends_on=[autokms_folder])) + # Enable the Cloud KMS API + kms_api_service = gcp.projects.Service("kms_api_service", + service="cloudkms.googleapis.com", + project=key_project.project_id, + disable_on_destroy=False, + disable_dependent_services=True, + opts=pulumi.ResourceOptions(depends_on=[key_project])) + # Wait delay after enabling APIs + wait_enable_service_api = time.index.Sleep("wait_enable_service_api", create_duration=30s, + opts=pulumi.ResourceOptions(depends_on=[kms_api_service])) + #Create KMS Service Agent + kms_service_agent = gcp.projects.ServiceIdentity("kms_service_agent", + service="cloudkms.googleapis.com", + project=key_project.number, + opts=pulumi.ResourceOptions(depends_on=[wait_enable_service_api])) + # Wait delay after creating service agent. + wait_service_agent = time.index.Sleep("wait_service_agent", create_duration=10s, + opts=pulumi.ResourceOptions(depends_on=[kms_service_agent])) + #Grant the KMS Service Agent the Cloud KMS Admin role + autokey_project_admin = gcp.projects.IAMMember("autokey_project_admin", + project=key_project.project_id, + role="roles/cloudkms.admin", + member=key_project.number.apply(lambda number: f"serviceAccount:service-{number}@gcp-sa-cloudkms.iam.gserviceaccount.com"), + opts=pulumi.ResourceOptions(depends_on=[wait_service_agent])) + # Wait delay after granting IAM permissions + wait_srv_acc_permissions = time.index.Sleep("wait_srv_acc_permissions", create_duration=10s, + opts=pulumi.ResourceOptions(depends_on=[autokey_project_admin])) + example_autokeyconfig = gcp.kms.AutokeyConfig("example-autokeyconfig", + folder=autokms_folder.folder_id, + key_project=key_project.project_id.apply(lambda project_id: f"projects/{project_id}"), + opts=pulumi.ResourceOptions(depends_on=[wait_srv_acc_permissions])) + ``` + + ## Import + + AutokeyConfig can be imported using any of these accepted formats: + + * `folders/{{folder}}/autokeyConfig` + + * `{{folder}}` + + When using the `pulumi import` command, AutokeyConfig can be imported using one of the formats above. For example: + + ```sh + $ pulumi import gcp:kms/autokeyConfig:AutokeyConfig default folders/{{folder}}/autokeyConfig + ``` + + ```sh + $ pulumi import gcp:kms/autokeyConfig:AutokeyConfig default {{folder}} + ``` + + :param str resource_name: The name of the resource. + :param AutokeyConfigArgs args: The arguments to use to populate this resource's properties. + :param pulumi.ResourceOptions opts: Options for the resource. + """ + ... + def __init__(__self__, resource_name: str, *args, **kwargs): + resource_args, opts = _utilities.get_resource_args_opts(AutokeyConfigArgs, pulumi.ResourceOptions, *args, **kwargs) + if resource_args is not None: + __self__._internal_init(resource_name, opts, **resource_args.__dict__) + else: + __self__._internal_init(resource_name, *args, **kwargs) + + def _internal_init(__self__, + resource_name: str, + opts: Optional[pulumi.ResourceOptions] = None, + folder: Optional[pulumi.Input[str]] = None, + key_project: Optional[pulumi.Input[str]] = None, + __props__=None): + opts = pulumi.ResourceOptions.merge(_utilities.get_resource_opts_defaults(), opts) + if not isinstance(opts, pulumi.ResourceOptions): + raise TypeError('Expected resource options to be a ResourceOptions instance') + if opts.id is None: + if __props__ is not None: + raise TypeError('__props__ is only valid when passed in combination with a valid opts.id to get an existing resource') + __props__ = AutokeyConfigArgs.__new__(AutokeyConfigArgs) + + if folder is None and not opts.urn: + raise TypeError("Missing required property 'folder'") + __props__.__dict__["folder"] = folder + __props__.__dict__["key_project"] = key_project + super(AutokeyConfig, __self__).__init__( + 'gcp:kms/autokeyConfig:AutokeyConfig', + resource_name, + __props__, + opts) + + @staticmethod + def get(resource_name: str, + id: pulumi.Input[str], + opts: Optional[pulumi.ResourceOptions] = None, + folder: Optional[pulumi.Input[str]] = None, + key_project: Optional[pulumi.Input[str]] = None) -> 'AutokeyConfig': + """ + Get an existing AutokeyConfig resource's state with the given name, id, and optional extra + properties used to qualify the lookup. + + :param str resource_name: The unique name of the resulting resource. + :param pulumi.Input[str] id: The unique provider ID of the resource to lookup. + :param pulumi.ResourceOptions opts: Options for the resource. + :param pulumi.Input[str] folder: The folder for which to retrieve config. + + + - - - + :param pulumi.Input[str] key_project: The target key project for a given folder where KMS Autokey will provision a + CryptoKey for any new KeyHandle the Developer creates. Should have the form + `projects/`. + """ + opts = pulumi.ResourceOptions.merge(opts, pulumi.ResourceOptions(id=id)) + + __props__ = _AutokeyConfigState.__new__(_AutokeyConfigState) + + __props__.__dict__["folder"] = folder + __props__.__dict__["key_project"] = key_project + return AutokeyConfig(resource_name, opts=opts, __props__=__props__) + + @property + @pulumi.getter + def folder(self) -> pulumi.Output[str]: + """ + The folder for which to retrieve config. + + + - - - + """ + return pulumi.get(self, "folder") + + @property + @pulumi.getter(name="keyProject") + def key_project(self) -> pulumi.Output[Optional[str]]: + """ + The target key project for a given folder where KMS Autokey will provision a + CryptoKey for any new KeyHandle the Developer creates. Should have the form + `projects/`. + """ + return pulumi.get(self, "key_project") + diff --git a/sdk/python/pulumi_gcp/kms/key_handle.py b/sdk/python/pulumi_gcp/kms/key_handle.py new file mode 100644 index 0000000000..1a50ec69c6 --- /dev/null +++ b/sdk/python/pulumi_gcp/kms/key_handle.py @@ -0,0 +1,548 @@ +# coding=utf-8 +# *** WARNING: this file was generated by the Pulumi Terraform Bridge (tfgen) Tool. *** +# *** Do not edit by hand unless you're certain you know what you are doing! *** + +import copy +import warnings +import pulumi +import pulumi.runtime +from typing import Any, Mapping, Optional, Sequence, Union, overload +from .. import _utilities + +__all__ = ['KeyHandleArgs', 'KeyHandle'] + +@pulumi.input_type +class KeyHandleArgs: + def __init__(__self__, *, + location: pulumi.Input[str], + resource_type_selector: pulumi.Input[str], + name: Optional[pulumi.Input[str]] = None, + project: Optional[pulumi.Input[str]] = None): + """ + The set of arguments for constructing a KeyHandle resource. + :param pulumi.Input[str] location: The location for the KeyHandle. + A full list of valid locations can be found by running `gcloud kms locations list`. + + + - - - + :param pulumi.Input[str] resource_type_selector: Selector of the resource type where we want to protect resources. + For example, `storage.googleapis.com/Bucket OR compute.googleapis.com/*` + :param pulumi.Input[str] name: The resource name for the KeyHandle. + :param pulumi.Input[str] project: The ID of the project in which the resource belongs. + If it is not provided, the provider project is used. + """ + pulumi.set(__self__, "location", location) + pulumi.set(__self__, "resource_type_selector", resource_type_selector) + if name is not None: + pulumi.set(__self__, "name", name) + if project is not None: + pulumi.set(__self__, "project", project) + + @property + @pulumi.getter + def location(self) -> pulumi.Input[str]: + """ + The location for the KeyHandle. + A full list of valid locations can be found by running `gcloud kms locations list`. + + + - - - + """ + return pulumi.get(self, "location") + + @location.setter + def location(self, value: pulumi.Input[str]): + pulumi.set(self, "location", value) + + @property + @pulumi.getter(name="resourceTypeSelector") + def resource_type_selector(self) -> pulumi.Input[str]: + """ + Selector of the resource type where we want to protect resources. + For example, `storage.googleapis.com/Bucket OR compute.googleapis.com/*` + """ + return pulumi.get(self, "resource_type_selector") + + @resource_type_selector.setter + def resource_type_selector(self, value: pulumi.Input[str]): + pulumi.set(self, "resource_type_selector", value) + + @property + @pulumi.getter + def name(self) -> Optional[pulumi.Input[str]]: + """ + The resource name for the KeyHandle. + """ + return pulumi.get(self, "name") + + @name.setter + def name(self, value: Optional[pulumi.Input[str]]): + pulumi.set(self, "name", value) + + @property + @pulumi.getter + def project(self) -> Optional[pulumi.Input[str]]: + """ + The ID of the project in which the resource belongs. + If it is not provided, the provider project is used. + """ + return pulumi.get(self, "project") + + @project.setter + def project(self, value: Optional[pulumi.Input[str]]): + pulumi.set(self, "project", value) + + +@pulumi.input_type +class _KeyHandleState: + def __init__(__self__, *, + kms_key: Optional[pulumi.Input[str]] = None, + location: Optional[pulumi.Input[str]] = None, + name: Optional[pulumi.Input[str]] = None, + project: Optional[pulumi.Input[str]] = None, + resource_type_selector: Optional[pulumi.Input[str]] = None): + """ + Input properties used for looking up and filtering KeyHandle resources. + :param pulumi.Input[str] kms_key: A reference to a Cloud KMS CryptoKey that can be used for CMEK in the requested + product/project/location, for example + `projects/1/locations/us-east1/keyRings/foo/cryptoKeys/bar-ffffff` + :param pulumi.Input[str] location: The location for the KeyHandle. + A full list of valid locations can be found by running `gcloud kms locations list`. + + + - - - + :param pulumi.Input[str] name: The resource name for the KeyHandle. + :param pulumi.Input[str] project: The ID of the project in which the resource belongs. + If it is not provided, the provider project is used. + :param pulumi.Input[str] resource_type_selector: Selector of the resource type where we want to protect resources. + For example, `storage.googleapis.com/Bucket OR compute.googleapis.com/*` + """ + if kms_key is not None: + pulumi.set(__self__, "kms_key", kms_key) + if location is not None: + pulumi.set(__self__, "location", location) + if name is not None: + pulumi.set(__self__, "name", name) + if project is not None: + pulumi.set(__self__, "project", project) + if resource_type_selector is not None: + pulumi.set(__self__, "resource_type_selector", resource_type_selector) + + @property + @pulumi.getter(name="kmsKey") + def kms_key(self) -> Optional[pulumi.Input[str]]: + """ + A reference to a Cloud KMS CryptoKey that can be used for CMEK in the requested + product/project/location, for example + `projects/1/locations/us-east1/keyRings/foo/cryptoKeys/bar-ffffff` + """ + return pulumi.get(self, "kms_key") + + @kms_key.setter + def kms_key(self, value: Optional[pulumi.Input[str]]): + pulumi.set(self, "kms_key", value) + + @property + @pulumi.getter + def location(self) -> Optional[pulumi.Input[str]]: + """ + The location for the KeyHandle. + A full list of valid locations can be found by running `gcloud kms locations list`. + + + - - - + """ + return pulumi.get(self, "location") + + @location.setter + def location(self, value: Optional[pulumi.Input[str]]): + pulumi.set(self, "location", value) + + @property + @pulumi.getter + def name(self) -> Optional[pulumi.Input[str]]: + """ + The resource name for the KeyHandle. + """ + return pulumi.get(self, "name") + + @name.setter + def name(self, value: Optional[pulumi.Input[str]]): + pulumi.set(self, "name", value) + + @property + @pulumi.getter + def project(self) -> Optional[pulumi.Input[str]]: + """ + The ID of the project in which the resource belongs. + If it is not provided, the provider project is used. + """ + return pulumi.get(self, "project") + + @project.setter + def project(self, value: Optional[pulumi.Input[str]]): + pulumi.set(self, "project", value) + + @property + @pulumi.getter(name="resourceTypeSelector") + def resource_type_selector(self) -> Optional[pulumi.Input[str]]: + """ + Selector of the resource type where we want to protect resources. + For example, `storage.googleapis.com/Bucket OR compute.googleapis.com/*` + """ + return pulumi.get(self, "resource_type_selector") + + @resource_type_selector.setter + def resource_type_selector(self, value: Optional[pulumi.Input[str]]): + pulumi.set(self, "resource_type_selector", value) + + +class KeyHandle(pulumi.CustomResource): + @overload + def __init__(__self__, + resource_name: str, + opts: Optional[pulumi.ResourceOptions] = None, + location: Optional[pulumi.Input[str]] = None, + name: Optional[pulumi.Input[str]] = None, + project: Optional[pulumi.Input[str]] = None, + resource_type_selector: Optional[pulumi.Input[str]] = None, + __props__=None): + """ + ## Example Usage + + ### Kms Key Handle Basic + + ```python + import pulumi + import pulumi_gcp as gcp + import pulumi_time as time + + # Create Folder in GCP Organization + autokms_folder = gcp.organizations.Folder("autokms_folder", + display_name="folder-example", + parent="organizations/123456789") + # Create the key project + key_project = gcp.organizations.Project("key_project", + project_id="key-proj", + name="key-proj", + folder_id=autokms_folder.folder_id, + billing_account="000000-0000000-0000000-000000", + opts=pulumi.ResourceOptions(depends_on=[autokms_folder])) + # Create the resource project + resource_project = gcp.organizations.Project("resource_project", + project_id="resources", + name="resources", + folder_id=autokms_folder.folder_id, + billing_account="000000-0000000-0000000-000000", + opts=pulumi.ResourceOptions(depends_on=[autokms_folder])) + # Enable the Cloud KMS API + kms_api_service = gcp.projects.Service("kms_api_service", + service="cloudkms.googleapis.com", + project=key_project.project_id, + disable_on_destroy=False, + disable_dependent_services=True, + opts=pulumi.ResourceOptions(depends_on=[key_project])) + # Wait delay after enabling APIs + wait_enable_service_api = time.index.Sleep("wait_enable_service_api", create_duration=30s, + opts=pulumi.ResourceOptions(depends_on=[kms_api_service])) + #Create KMS Service Agent + kms_service_agent = gcp.projects.ServiceIdentity("kms_service_agent", + service="cloudkms.googleapis.com", + project=key_project.number, + opts=pulumi.ResourceOptions(depends_on=[wait_enable_service_api])) + # Wait delay after creating service agent. + wait_service_agent = time.index.Sleep("wait_service_agent", create_duration=10s, + opts=pulumi.ResourceOptions(depends_on=[kms_service_agent])) + #Grant the KMS Service Agent the Cloud KMS Admin role + autokey_project_admin = gcp.projects.IAMMember("autokey_project_admin", + project=key_project.project_id, + role="roles/cloudkms.admin", + member=key_project.number.apply(lambda number: f"serviceAccount:service-{number}@gcp-sa-cloudkms.iam.gserviceaccount.com"), + opts=pulumi.ResourceOptions(depends_on=[wait_service_agent])) + # Wait delay after granting IAM permissions + wait_srv_acc_permissions = time.index.Sleep("wait_srv_acc_permissions", create_duration=10s, + opts=pulumi.ResourceOptions(depends_on=[autokey_project_admin])) + autokey_config = gcp.kms.AutokeyConfig("autokey_config", + folder=autokms_folder.folder_id, + key_project=key_project.project_id.apply(lambda project_id: f"projects/{project_id}"), + opts=pulumi.ResourceOptions(depends_on=[wait_srv_acc_permissions])) + # Wait delay for autokey config to take effect + wait_autokey_config = time.index.Sleep("wait_autokey_config", create_duration=10s, + opts=pulumi.ResourceOptions(depends_on=[autokey_config])) + example_keyhandle = gcp.kms.KeyHandle("example-keyhandle", + project=resource_project.project_id, + name="example-key-handle", + location="global", + resource_type_selector="storage.googleapis.com/Bucket", + opts=pulumi.ResourceOptions(depends_on=[wait_autokey_config])) + ``` + + ## Import + + KeyHandle can be imported using any of these accepted formats: + + * `projects/{{project}}/locations/{{location}}/keyHandles/{{name}}` + + * `{{project}}/{{location}}/{{name}}` + + * `{{location}}/{{name}}` + + When using the `pulumi import` command, KeyHandle can be imported using one of the formats above. For example: + + ```sh + $ pulumi import gcp:kms/keyHandle:KeyHandle default projects/{{project}}/locations/{{location}}/keyHandles/{{name}} + ``` + + ```sh + $ pulumi import gcp:kms/keyHandle:KeyHandle default {{project}}/{{location}}/{{name}} + ``` + + ```sh + $ pulumi import gcp:kms/keyHandle:KeyHandle default {{location}}/{{name}} + ``` + + :param str resource_name: The name of the resource. + :param pulumi.ResourceOptions opts: Options for the resource. + :param pulumi.Input[str] location: The location for the KeyHandle. + A full list of valid locations can be found by running `gcloud kms locations list`. + + + - - - + :param pulumi.Input[str] name: The resource name for the KeyHandle. + :param pulumi.Input[str] project: The ID of the project in which the resource belongs. + If it is not provided, the provider project is used. + :param pulumi.Input[str] resource_type_selector: Selector of the resource type where we want to protect resources. + For example, `storage.googleapis.com/Bucket OR compute.googleapis.com/*` + """ + ... + @overload + def __init__(__self__, + resource_name: str, + args: KeyHandleArgs, + opts: Optional[pulumi.ResourceOptions] = None): + """ + ## Example Usage + + ### Kms Key Handle Basic + + ```python + import pulumi + import pulumi_gcp as gcp + import pulumi_time as time + + # Create Folder in GCP Organization + autokms_folder = gcp.organizations.Folder("autokms_folder", + display_name="folder-example", + parent="organizations/123456789") + # Create the key project + key_project = gcp.organizations.Project("key_project", + project_id="key-proj", + name="key-proj", + folder_id=autokms_folder.folder_id, + billing_account="000000-0000000-0000000-000000", + opts=pulumi.ResourceOptions(depends_on=[autokms_folder])) + # Create the resource project + resource_project = gcp.organizations.Project("resource_project", + project_id="resources", + name="resources", + folder_id=autokms_folder.folder_id, + billing_account="000000-0000000-0000000-000000", + opts=pulumi.ResourceOptions(depends_on=[autokms_folder])) + # Enable the Cloud KMS API + kms_api_service = gcp.projects.Service("kms_api_service", + service="cloudkms.googleapis.com", + project=key_project.project_id, + disable_on_destroy=False, + disable_dependent_services=True, + opts=pulumi.ResourceOptions(depends_on=[key_project])) + # Wait delay after enabling APIs + wait_enable_service_api = time.index.Sleep("wait_enable_service_api", create_duration=30s, + opts=pulumi.ResourceOptions(depends_on=[kms_api_service])) + #Create KMS Service Agent + kms_service_agent = gcp.projects.ServiceIdentity("kms_service_agent", + service="cloudkms.googleapis.com", + project=key_project.number, + opts=pulumi.ResourceOptions(depends_on=[wait_enable_service_api])) + # Wait delay after creating service agent. + wait_service_agent = time.index.Sleep("wait_service_agent", create_duration=10s, + opts=pulumi.ResourceOptions(depends_on=[kms_service_agent])) + #Grant the KMS Service Agent the Cloud KMS Admin role + autokey_project_admin = gcp.projects.IAMMember("autokey_project_admin", + project=key_project.project_id, + role="roles/cloudkms.admin", + member=key_project.number.apply(lambda number: f"serviceAccount:service-{number}@gcp-sa-cloudkms.iam.gserviceaccount.com"), + opts=pulumi.ResourceOptions(depends_on=[wait_service_agent])) + # Wait delay after granting IAM permissions + wait_srv_acc_permissions = time.index.Sleep("wait_srv_acc_permissions", create_duration=10s, + opts=pulumi.ResourceOptions(depends_on=[autokey_project_admin])) + autokey_config = gcp.kms.AutokeyConfig("autokey_config", + folder=autokms_folder.folder_id, + key_project=key_project.project_id.apply(lambda project_id: f"projects/{project_id}"), + opts=pulumi.ResourceOptions(depends_on=[wait_srv_acc_permissions])) + # Wait delay for autokey config to take effect + wait_autokey_config = time.index.Sleep("wait_autokey_config", create_duration=10s, + opts=pulumi.ResourceOptions(depends_on=[autokey_config])) + example_keyhandle = gcp.kms.KeyHandle("example-keyhandle", + project=resource_project.project_id, + name="example-key-handle", + location="global", + resource_type_selector="storage.googleapis.com/Bucket", + opts=pulumi.ResourceOptions(depends_on=[wait_autokey_config])) + ``` + + ## Import + + KeyHandle can be imported using any of these accepted formats: + + * `projects/{{project}}/locations/{{location}}/keyHandles/{{name}}` + + * `{{project}}/{{location}}/{{name}}` + + * `{{location}}/{{name}}` + + When using the `pulumi import` command, KeyHandle can be imported using one of the formats above. For example: + + ```sh + $ pulumi import gcp:kms/keyHandle:KeyHandle default projects/{{project}}/locations/{{location}}/keyHandles/{{name}} + ``` + + ```sh + $ pulumi import gcp:kms/keyHandle:KeyHandle default {{project}}/{{location}}/{{name}} + ``` + + ```sh + $ pulumi import gcp:kms/keyHandle:KeyHandle default {{location}}/{{name}} + ``` + + :param str resource_name: The name of the resource. + :param KeyHandleArgs args: The arguments to use to populate this resource's properties. + :param pulumi.ResourceOptions opts: Options for the resource. + """ + ... + def __init__(__self__, resource_name: str, *args, **kwargs): + resource_args, opts = _utilities.get_resource_args_opts(KeyHandleArgs, pulumi.ResourceOptions, *args, **kwargs) + if resource_args is not None: + __self__._internal_init(resource_name, opts, **resource_args.__dict__) + else: + __self__._internal_init(resource_name, *args, **kwargs) + + def _internal_init(__self__, + resource_name: str, + opts: Optional[pulumi.ResourceOptions] = None, + location: Optional[pulumi.Input[str]] = None, + name: Optional[pulumi.Input[str]] = None, + project: Optional[pulumi.Input[str]] = None, + resource_type_selector: Optional[pulumi.Input[str]] = None, + __props__=None): + opts = pulumi.ResourceOptions.merge(_utilities.get_resource_opts_defaults(), opts) + if not isinstance(opts, pulumi.ResourceOptions): + raise TypeError('Expected resource options to be a ResourceOptions instance') + if opts.id is None: + if __props__ is not None: + raise TypeError('__props__ is only valid when passed in combination with a valid opts.id to get an existing resource') + __props__ = KeyHandleArgs.__new__(KeyHandleArgs) + + if location is None and not opts.urn: + raise TypeError("Missing required property 'location'") + __props__.__dict__["location"] = location + __props__.__dict__["name"] = name + __props__.__dict__["project"] = project + if resource_type_selector is None and not opts.urn: + raise TypeError("Missing required property 'resource_type_selector'") + __props__.__dict__["resource_type_selector"] = resource_type_selector + __props__.__dict__["kms_key"] = None + super(KeyHandle, __self__).__init__( + 'gcp:kms/keyHandle:KeyHandle', + resource_name, + __props__, + opts) + + @staticmethod + def get(resource_name: str, + id: pulumi.Input[str], + opts: Optional[pulumi.ResourceOptions] = None, + kms_key: Optional[pulumi.Input[str]] = None, + location: Optional[pulumi.Input[str]] = None, + name: Optional[pulumi.Input[str]] = None, + project: Optional[pulumi.Input[str]] = None, + resource_type_selector: Optional[pulumi.Input[str]] = None) -> 'KeyHandle': + """ + Get an existing KeyHandle resource's state with the given name, id, and optional extra + properties used to qualify the lookup. + + :param str resource_name: The unique name of the resulting resource. + :param pulumi.Input[str] id: The unique provider ID of the resource to lookup. + :param pulumi.ResourceOptions opts: Options for the resource. + :param pulumi.Input[str] kms_key: A reference to a Cloud KMS CryptoKey that can be used for CMEK in the requested + product/project/location, for example + `projects/1/locations/us-east1/keyRings/foo/cryptoKeys/bar-ffffff` + :param pulumi.Input[str] location: The location for the KeyHandle. + A full list of valid locations can be found by running `gcloud kms locations list`. + + + - - - + :param pulumi.Input[str] name: The resource name for the KeyHandle. + :param pulumi.Input[str] project: The ID of the project in which the resource belongs. + If it is not provided, the provider project is used. + :param pulumi.Input[str] resource_type_selector: Selector of the resource type where we want to protect resources. + For example, `storage.googleapis.com/Bucket OR compute.googleapis.com/*` + """ + opts = pulumi.ResourceOptions.merge(opts, pulumi.ResourceOptions(id=id)) + + __props__ = _KeyHandleState.__new__(_KeyHandleState) + + __props__.__dict__["kms_key"] = kms_key + __props__.__dict__["location"] = location + __props__.__dict__["name"] = name + __props__.__dict__["project"] = project + __props__.__dict__["resource_type_selector"] = resource_type_selector + return KeyHandle(resource_name, opts=opts, __props__=__props__) + + @property + @pulumi.getter(name="kmsKey") + def kms_key(self) -> pulumi.Output[str]: + """ + A reference to a Cloud KMS CryptoKey that can be used for CMEK in the requested + product/project/location, for example + `projects/1/locations/us-east1/keyRings/foo/cryptoKeys/bar-ffffff` + """ + return pulumi.get(self, "kms_key") + + @property + @pulumi.getter + def location(self) -> pulumi.Output[str]: + """ + The location for the KeyHandle. + A full list of valid locations can be found by running `gcloud kms locations list`. + + + - - - + """ + return pulumi.get(self, "location") + + @property + @pulumi.getter + def name(self) -> pulumi.Output[str]: + """ + The resource name for the KeyHandle. + """ + return pulumi.get(self, "name") + + @property + @pulumi.getter + def project(self) -> pulumi.Output[str]: + """ + The ID of the project in which the resource belongs. + If it is not provided, the provider project is used. + """ + return pulumi.get(self, "project") + + @property + @pulumi.getter(name="resourceTypeSelector") + def resource_type_selector(self) -> pulumi.Output[str]: + """ + Selector of the resource type where we want to protect resources. + For example, `storage.googleapis.com/Bucket OR compute.googleapis.com/*` + """ + return pulumi.get(self, "resource_type_selector") + diff --git a/sdk/python/pulumi_gcp/networkservices/__init__.py b/sdk/python/pulumi_gcp/networkservices/__init__.py index 74a6ea9ee9..3c625352bd 100644 --- a/sdk/python/pulumi_gcp/networkservices/__init__.py +++ b/sdk/python/pulumi_gcp/networkservices/__init__.py @@ -12,6 +12,7 @@ from .gateway import * from .grpc_route import * from .http_route import * +from .lb_route_extension import * from .lb_traffic_extension import * from .mesh import * from .service_binding import * diff --git a/sdk/python/pulumi_gcp/networkservices/_inputs.py b/sdk/python/pulumi_gcp/networkservices/_inputs.py index bae3243d2a..b7ccae88c5 100644 --- a/sdk/python/pulumi_gcp/networkservices/_inputs.py +++ b/sdk/python/pulumi_gcp/networkservices/_inputs.py @@ -72,6 +72,9 @@ 'HttpRouteRuleMatchHeaderArgs', 'HttpRouteRuleMatchHeaderRangeMatchArgs', 'HttpRouteRuleMatchQueryParameterArgs', + 'LbRouteExtensionExtensionChainArgs', + 'LbRouteExtensionExtensionChainExtensionArgs', + 'LbRouteExtensionExtensionChainMatchConditionArgs', 'LbTrafficExtensionExtensionChainArgs', 'LbTrafficExtensionExtensionChainExtensionArgs', 'LbTrafficExtensionExtensionChainMatchConditionArgs', @@ -4275,6 +4278,219 @@ def regex_match(self, value: Optional[pulumi.Input[str]]): pulumi.set(self, "regex_match", value) +@pulumi.input_type +class LbRouteExtensionExtensionChainArgs: + def __init__(__self__, *, + extensions: pulumi.Input[Sequence[pulumi.Input['LbRouteExtensionExtensionChainExtensionArgs']]], + match_condition: pulumi.Input['LbRouteExtensionExtensionChainMatchConditionArgs'], + name: pulumi.Input[str]): + """ + :param pulumi.Input[Sequence[pulumi.Input['LbRouteExtensionExtensionChainExtensionArgs']]] extensions: A set of extensions to execute for the matching request. + At least one extension is required. Up to 3 extensions can be defined for each extension chain for + LbTrafficExtension resource. LbRouteExtension chains are limited to 1 extension per extension chain. + Structure is documented below. + :param pulumi.Input['LbRouteExtensionExtensionChainMatchConditionArgs'] match_condition: Conditions under which this chain is invoked for a request. + Structure is documented below. + :param pulumi.Input[str] name: The name for this extension chain. The name is logged as part of the HTTP request logs. + The name must conform with RFC-1034, is restricted to lower-cased letters, numbers and hyphens, + and can have a maximum length of 63 characters. Additionally, the first character must be a letter + and the last character must be a letter or a number. + """ + pulumi.set(__self__, "extensions", extensions) + pulumi.set(__self__, "match_condition", match_condition) + pulumi.set(__self__, "name", name) + + @property + @pulumi.getter + def extensions(self) -> pulumi.Input[Sequence[pulumi.Input['LbRouteExtensionExtensionChainExtensionArgs']]]: + """ + A set of extensions to execute for the matching request. + At least one extension is required. Up to 3 extensions can be defined for each extension chain for + LbTrafficExtension resource. LbRouteExtension chains are limited to 1 extension per extension chain. + Structure is documented below. + """ + return pulumi.get(self, "extensions") + + @extensions.setter + def extensions(self, value: pulumi.Input[Sequence[pulumi.Input['LbRouteExtensionExtensionChainExtensionArgs']]]): + pulumi.set(self, "extensions", value) + + @property + @pulumi.getter(name="matchCondition") + def match_condition(self) -> pulumi.Input['LbRouteExtensionExtensionChainMatchConditionArgs']: + """ + Conditions under which this chain is invoked for a request. + Structure is documented below. + """ + return pulumi.get(self, "match_condition") + + @match_condition.setter + def match_condition(self, value: pulumi.Input['LbRouteExtensionExtensionChainMatchConditionArgs']): + pulumi.set(self, "match_condition", value) + + @property + @pulumi.getter + def name(self) -> pulumi.Input[str]: + """ + The name for this extension chain. The name is logged as part of the HTTP request logs. + The name must conform with RFC-1034, is restricted to lower-cased letters, numbers and hyphens, + and can have a maximum length of 63 characters. Additionally, the first character must be a letter + and the last character must be a letter or a number. + """ + return pulumi.get(self, "name") + + @name.setter + def name(self, value: pulumi.Input[str]): + pulumi.set(self, "name", value) + + +@pulumi.input_type +class LbRouteExtensionExtensionChainExtensionArgs: + def __init__(__self__, *, + name: pulumi.Input[str], + service: pulumi.Input[str], + authority: Optional[pulumi.Input[str]] = None, + fail_open: Optional[pulumi.Input[bool]] = None, + forward_headers: Optional[pulumi.Input[Sequence[pulumi.Input[str]]]] = None, + timeout: Optional[pulumi.Input[str]] = None): + """ + :param pulumi.Input[str] name: The name for this extension. The name is logged as part of the HTTP request logs. + The name must conform with RFC-1034, is restricted to lower-cased letters, numbers and hyphens, + and can have a maximum length of 63 characters. Additionally, the first character must be a letter + and the last a letter or a number. + :param pulumi.Input[str] service: The reference to the service that runs the extension. Must be a reference to a backend service + :param pulumi.Input[str] authority: The :authority header in the gRPC request sent from Envoy to the extension service. + :param pulumi.Input[bool] fail_open: Determines how the proxy behaves if the call to the extension fails or times out. + When set to TRUE, request or response processing continues without error. + Any subsequent extensions in the extension chain are also executed. + When set to FALSE: * If response headers have not been delivered to the downstream client, + a generic 500 error is returned to the client. The error response can be tailored by + configuring a custom error response in the load balancer. + :param pulumi.Input[Sequence[pulumi.Input[str]]] forward_headers: List of the HTTP headers to forward to the extension (from the client or backend). + If omitted, all headers are sent. Each element is a string indicating the header name. + + - - - + :param pulumi.Input[str] timeout: Specifies the timeout for each individual message on the stream. The timeout must be between 10-1000 milliseconds. + A duration in seconds with up to nine fractional digits, ending with 's'. Example: "3.5s". + """ + pulumi.set(__self__, "name", name) + pulumi.set(__self__, "service", service) + if authority is not None: + pulumi.set(__self__, "authority", authority) + if fail_open is not None: + pulumi.set(__self__, "fail_open", fail_open) + if forward_headers is not None: + pulumi.set(__self__, "forward_headers", forward_headers) + if timeout is not None: + pulumi.set(__self__, "timeout", timeout) + + @property + @pulumi.getter + def name(self) -> pulumi.Input[str]: + """ + The name for this extension. The name is logged as part of the HTTP request logs. + The name must conform with RFC-1034, is restricted to lower-cased letters, numbers and hyphens, + and can have a maximum length of 63 characters. Additionally, the first character must be a letter + and the last a letter or a number. + """ + return pulumi.get(self, "name") + + @name.setter + def name(self, value: pulumi.Input[str]): + pulumi.set(self, "name", value) + + @property + @pulumi.getter + def service(self) -> pulumi.Input[str]: + """ + The reference to the service that runs the extension. Must be a reference to a backend service + """ + return pulumi.get(self, "service") + + @service.setter + def service(self, value: pulumi.Input[str]): + pulumi.set(self, "service", value) + + @property + @pulumi.getter + def authority(self) -> Optional[pulumi.Input[str]]: + """ + The :authority header in the gRPC request sent from Envoy to the extension service. + """ + return pulumi.get(self, "authority") + + @authority.setter + def authority(self, value: Optional[pulumi.Input[str]]): + pulumi.set(self, "authority", value) + + @property + @pulumi.getter(name="failOpen") + def fail_open(self) -> Optional[pulumi.Input[bool]]: + """ + Determines how the proxy behaves if the call to the extension fails or times out. + When set to TRUE, request or response processing continues without error. + Any subsequent extensions in the extension chain are also executed. + When set to FALSE: * If response headers have not been delivered to the downstream client, + a generic 500 error is returned to the client. The error response can be tailored by + configuring a custom error response in the load balancer. + """ + return pulumi.get(self, "fail_open") + + @fail_open.setter + def fail_open(self, value: Optional[pulumi.Input[bool]]): + pulumi.set(self, "fail_open", value) + + @property + @pulumi.getter(name="forwardHeaders") + def forward_headers(self) -> Optional[pulumi.Input[Sequence[pulumi.Input[str]]]]: + """ + List of the HTTP headers to forward to the extension (from the client or backend). + If omitted, all headers are sent. Each element is a string indicating the header name. + + - - - + """ + return pulumi.get(self, "forward_headers") + + @forward_headers.setter + def forward_headers(self, value: Optional[pulumi.Input[Sequence[pulumi.Input[str]]]]): + pulumi.set(self, "forward_headers", value) + + @property + @pulumi.getter + def timeout(self) -> Optional[pulumi.Input[str]]: + """ + Specifies the timeout for each individual message on the stream. The timeout must be between 10-1000 milliseconds. + A duration in seconds with up to nine fractional digits, ending with 's'. Example: "3.5s". + """ + return pulumi.get(self, "timeout") + + @timeout.setter + def timeout(self, value: Optional[pulumi.Input[str]]): + pulumi.set(self, "timeout", value) + + +@pulumi.input_type +class LbRouteExtensionExtensionChainMatchConditionArgs: + def __init__(__self__, *, + cel_expression: pulumi.Input[str]): + """ + :param pulumi.Input[str] cel_expression: A Common Expression Language (CEL) expression that is used to match requests for which the extension chain is executed. + """ + pulumi.set(__self__, "cel_expression", cel_expression) + + @property + @pulumi.getter(name="celExpression") + def cel_expression(self) -> pulumi.Input[str]: + """ + A Common Expression Language (CEL) expression that is used to match requests for which the extension chain is executed. + """ + return pulumi.get(self, "cel_expression") + + @cel_expression.setter + def cel_expression(self, value: pulumi.Input[str]): + pulumi.set(self, "cel_expression", value) + + @pulumi.input_type class LbTrafficExtensionExtensionChainArgs: def __init__(__self__, *, @@ -4344,22 +4560,20 @@ def name(self, value: pulumi.Input[str]): @pulumi.input_type class LbTrafficExtensionExtensionChainExtensionArgs: def __init__(__self__, *, - authority: pulumi.Input[str], name: pulumi.Input[str], service: pulumi.Input[str], - timeout: pulumi.Input[str], + authority: Optional[pulumi.Input[str]] = None, fail_open: Optional[pulumi.Input[bool]] = None, forward_headers: Optional[pulumi.Input[Sequence[pulumi.Input[str]]]] = None, - supported_events: Optional[pulumi.Input[Sequence[pulumi.Input[str]]]] = None): + supported_events: Optional[pulumi.Input[Sequence[pulumi.Input[str]]]] = None, + timeout: Optional[pulumi.Input[str]] = None): """ - :param pulumi.Input[str] authority: The :authority header in the gRPC request sent from Envoy to the extension service. :param pulumi.Input[str] name: The name for this extension. The name is logged as part of the HTTP request logs. The name must conform with RFC-1034, is restricted to lower-cased letters, numbers and hyphens, and can have a maximum length of 63 characters. Additionally, the first character must be a letter and the last a letter or a number. :param pulumi.Input[str] service: The reference to the service that runs the extension. Must be a reference to a backend service - :param pulumi.Input[str] timeout: Specifies the timeout for each individual message on the stream. The timeout must be between 10-1000 milliseconds. - A duration in seconds with up to nine fractional digits, ending with 's'. Example: "3.5s". + :param pulumi.Input[str] authority: The :authority header in the gRPC request sent from Envoy to the extension service. :param pulumi.Input[bool] fail_open: Determines how the proxy behaves if the call to the extension fails or times out. When set to TRUE, request or response processing continues without error. Any subsequent extensions in the extension chain are also executed. @@ -4374,29 +4588,21 @@ def __init__(__self__, *, `RESPONSE_BODY`, `RESPONSE_BODY` and `RESPONSE_BODY`. - - - + :param pulumi.Input[str] timeout: Specifies the timeout for each individual message on the stream. The timeout must be between 10-1000 milliseconds. + A duration in seconds with up to nine fractional digits, ending with 's'. Example: "3.5s". """ - pulumi.set(__self__, "authority", authority) pulumi.set(__self__, "name", name) pulumi.set(__self__, "service", service) - pulumi.set(__self__, "timeout", timeout) + if authority is not None: + pulumi.set(__self__, "authority", authority) if fail_open is not None: pulumi.set(__self__, "fail_open", fail_open) if forward_headers is not None: pulumi.set(__self__, "forward_headers", forward_headers) if supported_events is not None: pulumi.set(__self__, "supported_events", supported_events) - - @property - @pulumi.getter - def authority(self) -> pulumi.Input[str]: - """ - The :authority header in the gRPC request sent from Envoy to the extension service. - """ - return pulumi.get(self, "authority") - - @authority.setter - def authority(self, value: pulumi.Input[str]): - pulumi.set(self, "authority", value) + if timeout is not None: + pulumi.set(__self__, "timeout", timeout) @property @pulumi.getter @@ -4427,16 +4633,15 @@ def service(self, value: pulumi.Input[str]): @property @pulumi.getter - def timeout(self) -> pulumi.Input[str]: + def authority(self) -> Optional[pulumi.Input[str]]: """ - Specifies the timeout for each individual message on the stream. The timeout must be between 10-1000 milliseconds. - A duration in seconds with up to nine fractional digits, ending with 's'. Example: "3.5s". + The :authority header in the gRPC request sent from Envoy to the extension service. """ - return pulumi.get(self, "timeout") + return pulumi.get(self, "authority") - @timeout.setter - def timeout(self, value: pulumi.Input[str]): - pulumi.set(self, "timeout", value) + @authority.setter + def authority(self, value: Optional[pulumi.Input[str]]): + pulumi.set(self, "authority", value) @property @pulumi.getter(name="failOpen") @@ -4485,6 +4690,19 @@ def supported_events(self) -> Optional[pulumi.Input[Sequence[pulumi.Input[str]]] def supported_events(self, value: Optional[pulumi.Input[Sequence[pulumi.Input[str]]]]): pulumi.set(self, "supported_events", value) + @property + @pulumi.getter + def timeout(self) -> Optional[pulumi.Input[str]]: + """ + Specifies the timeout for each individual message on the stream. The timeout must be between 10-1000 milliseconds. + A duration in seconds with up to nine fractional digits, ending with 's'. Example: "3.5s". + """ + return pulumi.get(self, "timeout") + + @timeout.setter + def timeout(self, value: Optional[pulumi.Input[str]]): + pulumi.set(self, "timeout", value) + @pulumi.input_type class LbTrafficExtensionExtensionChainMatchConditionArgs: diff --git a/sdk/python/pulumi_gcp/networkservices/lb_route_extension.py b/sdk/python/pulumi_gcp/networkservices/lb_route_extension.py new file mode 100644 index 0000000000..4df959fd30 --- /dev/null +++ b/sdk/python/pulumi_gcp/networkservices/lb_route_extension.py @@ -0,0 +1,663 @@ +# coding=utf-8 +# *** WARNING: this file was generated by the Pulumi Terraform Bridge (tfgen) Tool. *** +# *** Do not edit by hand unless you're certain you know what you are doing! *** + +import copy +import warnings +import pulumi +import pulumi.runtime +from typing import Any, Mapping, Optional, Sequence, Union, overload +from .. import _utilities +from . import outputs +from ._inputs import * + +__all__ = ['LbRouteExtensionArgs', 'LbRouteExtension'] + +@pulumi.input_type +class LbRouteExtensionArgs: + def __init__(__self__, *, + extension_chains: pulumi.Input[Sequence[pulumi.Input['LbRouteExtensionExtensionChainArgs']]], + forwarding_rules: pulumi.Input[Sequence[pulumi.Input[str]]], + load_balancing_scheme: pulumi.Input[str], + location: pulumi.Input[str], + description: Optional[pulumi.Input[str]] = None, + labels: Optional[pulumi.Input[Mapping[str, pulumi.Input[str]]]] = None, + name: Optional[pulumi.Input[str]] = None, + project: Optional[pulumi.Input[str]] = None): + """ + The set of arguments for constructing a LbRouteExtension resource. + :param pulumi.Input[Sequence[pulumi.Input['LbRouteExtensionExtensionChainArgs']]] extension_chains: A set of ordered extension chains that contain the match conditions and extensions to execute. + Match conditions for each extension chain are evaluated in sequence for a given request. + The first extension chain that has a condition that matches the request is executed. + Any subsequent extension chains do not execute. Limited to 5 extension chains per resource. + Structure is documented below. + :param pulumi.Input[Sequence[pulumi.Input[str]]] forwarding_rules: A list of references to the forwarding rules to which this service extension is attached to. + At least one forwarding rule is required. There can be only one LbRouteExtension resource per forwarding rule. + :param pulumi.Input[str] load_balancing_scheme: All backend services and forwarding rules referenced by this extension must share the same load balancing scheme. + For more information, refer to [Choosing a load balancer](https://cloud.google.com/load-balancing/docs/backend-service) and + [Supported application load balancers](https://cloud.google.com/service-extensions/docs/callouts-overview#supported-lbs). + Possible values are: `INTERNAL_MANAGED`, `EXTERNAL_MANAGED`. + :param pulumi.Input[str] location: The location of the route extension + :param pulumi.Input[str] description: A human-readable description of the resource. + :param pulumi.Input[Mapping[str, pulumi.Input[str]]] labels: Set of labels associated with the LbRouteExtension resource. **Note**: This field is non-authoritative, and will only + manage the labels present in your configuration. Please refer to the field 'effective_labels' for all of the labels + present on the resource. + :param pulumi.Input[str] name: Name of the LbRouteExtension resource in the following format: projects/{project}/locations/{location}/lbRouteExtensions/{lbRouteExtension} + """ + pulumi.set(__self__, "extension_chains", extension_chains) + pulumi.set(__self__, "forwarding_rules", forwarding_rules) + pulumi.set(__self__, "load_balancing_scheme", load_balancing_scheme) + pulumi.set(__self__, "location", location) + if description is not None: + pulumi.set(__self__, "description", description) + if labels is not None: + pulumi.set(__self__, "labels", labels) + if name is not None: + pulumi.set(__self__, "name", name) + if project is not None: + pulumi.set(__self__, "project", project) + + @property + @pulumi.getter(name="extensionChains") + def extension_chains(self) -> pulumi.Input[Sequence[pulumi.Input['LbRouteExtensionExtensionChainArgs']]]: + """ + A set of ordered extension chains that contain the match conditions and extensions to execute. + Match conditions for each extension chain are evaluated in sequence for a given request. + The first extension chain that has a condition that matches the request is executed. + Any subsequent extension chains do not execute. Limited to 5 extension chains per resource. + Structure is documented below. + """ + return pulumi.get(self, "extension_chains") + + @extension_chains.setter + def extension_chains(self, value: pulumi.Input[Sequence[pulumi.Input['LbRouteExtensionExtensionChainArgs']]]): + pulumi.set(self, "extension_chains", value) + + @property + @pulumi.getter(name="forwardingRules") + def forwarding_rules(self) -> pulumi.Input[Sequence[pulumi.Input[str]]]: + """ + A list of references to the forwarding rules to which this service extension is attached to. + At least one forwarding rule is required. There can be only one LbRouteExtension resource per forwarding rule. + """ + return pulumi.get(self, "forwarding_rules") + + @forwarding_rules.setter + def forwarding_rules(self, value: pulumi.Input[Sequence[pulumi.Input[str]]]): + pulumi.set(self, "forwarding_rules", value) + + @property + @pulumi.getter(name="loadBalancingScheme") + def load_balancing_scheme(self) -> pulumi.Input[str]: + """ + All backend services and forwarding rules referenced by this extension must share the same load balancing scheme. + For more information, refer to [Choosing a load balancer](https://cloud.google.com/load-balancing/docs/backend-service) and + [Supported application load balancers](https://cloud.google.com/service-extensions/docs/callouts-overview#supported-lbs). + Possible values are: `INTERNAL_MANAGED`, `EXTERNAL_MANAGED`. + """ + return pulumi.get(self, "load_balancing_scheme") + + @load_balancing_scheme.setter + def load_balancing_scheme(self, value: pulumi.Input[str]): + pulumi.set(self, "load_balancing_scheme", value) + + @property + @pulumi.getter + def location(self) -> pulumi.Input[str]: + """ + The location of the route extension + """ + return pulumi.get(self, "location") + + @location.setter + def location(self, value: pulumi.Input[str]): + pulumi.set(self, "location", value) + + @property + @pulumi.getter + def description(self) -> Optional[pulumi.Input[str]]: + """ + A human-readable description of the resource. + """ + return pulumi.get(self, "description") + + @description.setter + def description(self, value: Optional[pulumi.Input[str]]): + pulumi.set(self, "description", value) + + @property + @pulumi.getter + def labels(self) -> Optional[pulumi.Input[Mapping[str, pulumi.Input[str]]]]: + """ + Set of labels associated with the LbRouteExtension resource. **Note**: This field is non-authoritative, and will only + manage the labels present in your configuration. Please refer to the field 'effective_labels' for all of the labels + present on the resource. + """ + return pulumi.get(self, "labels") + + @labels.setter + def labels(self, value: Optional[pulumi.Input[Mapping[str, pulumi.Input[str]]]]): + pulumi.set(self, "labels", value) + + @property + @pulumi.getter + def name(self) -> Optional[pulumi.Input[str]]: + """ + Name of the LbRouteExtension resource in the following format: projects/{project}/locations/{location}/lbRouteExtensions/{lbRouteExtension} + """ + return pulumi.get(self, "name") + + @name.setter + def name(self, value: Optional[pulumi.Input[str]]): + pulumi.set(self, "name", value) + + @property + @pulumi.getter + def project(self) -> Optional[pulumi.Input[str]]: + return pulumi.get(self, "project") + + @project.setter + def project(self, value: Optional[pulumi.Input[str]]): + pulumi.set(self, "project", value) + + +@pulumi.input_type +class _LbRouteExtensionState: + def __init__(__self__, *, + description: Optional[pulumi.Input[str]] = None, + effective_labels: Optional[pulumi.Input[Mapping[str, pulumi.Input[str]]]] = None, + extension_chains: Optional[pulumi.Input[Sequence[pulumi.Input['LbRouteExtensionExtensionChainArgs']]]] = None, + forwarding_rules: Optional[pulumi.Input[Sequence[pulumi.Input[str]]]] = None, + labels: Optional[pulumi.Input[Mapping[str, pulumi.Input[str]]]] = None, + load_balancing_scheme: Optional[pulumi.Input[str]] = None, + location: Optional[pulumi.Input[str]] = None, + name: Optional[pulumi.Input[str]] = None, + project: Optional[pulumi.Input[str]] = None, + pulumi_labels: Optional[pulumi.Input[Mapping[str, pulumi.Input[str]]]] = None): + """ + Input properties used for looking up and filtering LbRouteExtension resources. + :param pulumi.Input[str] description: A human-readable description of the resource. + :param pulumi.Input[Mapping[str, pulumi.Input[str]]] effective_labels: All of labels (key/value pairs) present on the resource in GCP, including the labels configured through Pulumi, other clients and services. + :param pulumi.Input[Sequence[pulumi.Input['LbRouteExtensionExtensionChainArgs']]] extension_chains: A set of ordered extension chains that contain the match conditions and extensions to execute. + Match conditions for each extension chain are evaluated in sequence for a given request. + The first extension chain that has a condition that matches the request is executed. + Any subsequent extension chains do not execute. Limited to 5 extension chains per resource. + Structure is documented below. + :param pulumi.Input[Sequence[pulumi.Input[str]]] forwarding_rules: A list of references to the forwarding rules to which this service extension is attached to. + At least one forwarding rule is required. There can be only one LbRouteExtension resource per forwarding rule. + :param pulumi.Input[Mapping[str, pulumi.Input[str]]] labels: Set of labels associated with the LbRouteExtension resource. **Note**: This field is non-authoritative, and will only + manage the labels present in your configuration. Please refer to the field 'effective_labels' for all of the labels + present on the resource. + :param pulumi.Input[str] load_balancing_scheme: All backend services and forwarding rules referenced by this extension must share the same load balancing scheme. + For more information, refer to [Choosing a load balancer](https://cloud.google.com/load-balancing/docs/backend-service) and + [Supported application load balancers](https://cloud.google.com/service-extensions/docs/callouts-overview#supported-lbs). + Possible values are: `INTERNAL_MANAGED`, `EXTERNAL_MANAGED`. + :param pulumi.Input[str] location: The location of the route extension + :param pulumi.Input[str] name: Name of the LbRouteExtension resource in the following format: projects/{project}/locations/{location}/lbRouteExtensions/{lbRouteExtension} + :param pulumi.Input[Mapping[str, pulumi.Input[str]]] pulumi_labels: The combination of labels configured directly on the resource + and default labels configured on the provider. + """ + if description is not None: + pulumi.set(__self__, "description", description) + if effective_labels is not None: + pulumi.set(__self__, "effective_labels", effective_labels) + if extension_chains is not None: + pulumi.set(__self__, "extension_chains", extension_chains) + if forwarding_rules is not None: + pulumi.set(__self__, "forwarding_rules", forwarding_rules) + if labels is not None: + pulumi.set(__self__, "labels", labels) + if load_balancing_scheme is not None: + pulumi.set(__self__, "load_balancing_scheme", load_balancing_scheme) + if location is not None: + pulumi.set(__self__, "location", location) + if name is not None: + pulumi.set(__self__, "name", name) + if project is not None: + pulumi.set(__self__, "project", project) + if pulumi_labels is not None: + pulumi.set(__self__, "pulumi_labels", pulumi_labels) + + @property + @pulumi.getter + def description(self) -> Optional[pulumi.Input[str]]: + """ + A human-readable description of the resource. + """ + return pulumi.get(self, "description") + + @description.setter + def description(self, value: Optional[pulumi.Input[str]]): + pulumi.set(self, "description", value) + + @property + @pulumi.getter(name="effectiveLabels") + def effective_labels(self) -> Optional[pulumi.Input[Mapping[str, pulumi.Input[str]]]]: + """ + All of labels (key/value pairs) present on the resource in GCP, including the labels configured through Pulumi, other clients and services. + """ + return pulumi.get(self, "effective_labels") + + @effective_labels.setter + def effective_labels(self, value: Optional[pulumi.Input[Mapping[str, pulumi.Input[str]]]]): + pulumi.set(self, "effective_labels", value) + + @property + @pulumi.getter(name="extensionChains") + def extension_chains(self) -> Optional[pulumi.Input[Sequence[pulumi.Input['LbRouteExtensionExtensionChainArgs']]]]: + """ + A set of ordered extension chains that contain the match conditions and extensions to execute. + Match conditions for each extension chain are evaluated in sequence for a given request. + The first extension chain that has a condition that matches the request is executed. + Any subsequent extension chains do not execute. Limited to 5 extension chains per resource. + Structure is documented below. + """ + return pulumi.get(self, "extension_chains") + + @extension_chains.setter + def extension_chains(self, value: Optional[pulumi.Input[Sequence[pulumi.Input['LbRouteExtensionExtensionChainArgs']]]]): + pulumi.set(self, "extension_chains", value) + + @property + @pulumi.getter(name="forwardingRules") + def forwarding_rules(self) -> Optional[pulumi.Input[Sequence[pulumi.Input[str]]]]: + """ + A list of references to the forwarding rules to which this service extension is attached to. + At least one forwarding rule is required. There can be only one LbRouteExtension resource per forwarding rule. + """ + return pulumi.get(self, "forwarding_rules") + + @forwarding_rules.setter + def forwarding_rules(self, value: Optional[pulumi.Input[Sequence[pulumi.Input[str]]]]): + pulumi.set(self, "forwarding_rules", value) + + @property + @pulumi.getter + def labels(self) -> Optional[pulumi.Input[Mapping[str, pulumi.Input[str]]]]: + """ + Set of labels associated with the LbRouteExtension resource. **Note**: This field is non-authoritative, and will only + manage the labels present in your configuration. Please refer to the field 'effective_labels' for all of the labels + present on the resource. + """ + return pulumi.get(self, "labels") + + @labels.setter + def labels(self, value: Optional[pulumi.Input[Mapping[str, pulumi.Input[str]]]]): + pulumi.set(self, "labels", value) + + @property + @pulumi.getter(name="loadBalancingScheme") + def load_balancing_scheme(self) -> Optional[pulumi.Input[str]]: + """ + All backend services and forwarding rules referenced by this extension must share the same load balancing scheme. + For more information, refer to [Choosing a load balancer](https://cloud.google.com/load-balancing/docs/backend-service) and + [Supported application load balancers](https://cloud.google.com/service-extensions/docs/callouts-overview#supported-lbs). + Possible values are: `INTERNAL_MANAGED`, `EXTERNAL_MANAGED`. + """ + return pulumi.get(self, "load_balancing_scheme") + + @load_balancing_scheme.setter + def load_balancing_scheme(self, value: Optional[pulumi.Input[str]]): + pulumi.set(self, "load_balancing_scheme", value) + + @property + @pulumi.getter + def location(self) -> Optional[pulumi.Input[str]]: + """ + The location of the route extension + """ + return pulumi.get(self, "location") + + @location.setter + def location(self, value: Optional[pulumi.Input[str]]): + pulumi.set(self, "location", value) + + @property + @pulumi.getter + def name(self) -> Optional[pulumi.Input[str]]: + """ + Name of the LbRouteExtension resource in the following format: projects/{project}/locations/{location}/lbRouteExtensions/{lbRouteExtension} + """ + return pulumi.get(self, "name") + + @name.setter + def name(self, value: Optional[pulumi.Input[str]]): + pulumi.set(self, "name", value) + + @property + @pulumi.getter + def project(self) -> Optional[pulumi.Input[str]]: + return pulumi.get(self, "project") + + @project.setter + def project(self, value: Optional[pulumi.Input[str]]): + pulumi.set(self, "project", value) + + @property + @pulumi.getter(name="pulumiLabels") + def pulumi_labels(self) -> Optional[pulumi.Input[Mapping[str, pulumi.Input[str]]]]: + """ + The combination of labels configured directly on the resource + and default labels configured on the provider. + """ + return pulumi.get(self, "pulumi_labels") + + @pulumi_labels.setter + def pulumi_labels(self, value: Optional[pulumi.Input[Mapping[str, pulumi.Input[str]]]]): + pulumi.set(self, "pulumi_labels", value) + + +class LbRouteExtension(pulumi.CustomResource): + @overload + def __init__(__self__, + resource_name: str, + opts: Optional[pulumi.ResourceOptions] = None, + description: Optional[pulumi.Input[str]] = None, + extension_chains: Optional[pulumi.Input[Sequence[pulumi.Input[pulumi.InputType['LbRouteExtensionExtensionChainArgs']]]]] = None, + forwarding_rules: Optional[pulumi.Input[Sequence[pulumi.Input[str]]]] = None, + labels: Optional[pulumi.Input[Mapping[str, pulumi.Input[str]]]] = None, + load_balancing_scheme: Optional[pulumi.Input[str]] = None, + location: Optional[pulumi.Input[str]] = None, + name: Optional[pulumi.Input[str]] = None, + project: Optional[pulumi.Input[str]] = None, + __props__=None): + """ + LbRouteExtension is a resource that lets you control where traffic is routed to for a given request. + + To get more information about LbRouteExtension, see: + + * [API documentation](https://cloud.google.com/service-extensions/docs/reference/rest/v1beta1/projects.locations.lbRouteExtensions) + * How-to Guides + * [Configure a route extension](https://cloud.google.com/service-extensions/docs/configure-callout#configure_a_route_extension) + + ## Example Usage + + ## Import + + LbRouteExtension can be imported using any of these accepted formats: + + * `projects/{{project}}/locations/{{location}}/lbRouteExtensions/{{name}}` + + * `{{project}}/{{location}}/{{name}}` + + * `{{location}}/{{name}}` + + When using the `pulumi import` command, LbRouteExtension can be imported using one of the formats above. For example: + + ```sh + $ pulumi import gcp:networkservices/lbRouteExtension:LbRouteExtension default projects/{{project}}/locations/{{location}}/lbRouteExtensions/{{name}} + ``` + + ```sh + $ pulumi import gcp:networkservices/lbRouteExtension:LbRouteExtension default {{project}}/{{location}}/{{name}} + ``` + + ```sh + $ pulumi import gcp:networkservices/lbRouteExtension:LbRouteExtension default {{location}}/{{name}} + ``` + + :param str resource_name: The name of the resource. + :param pulumi.ResourceOptions opts: Options for the resource. + :param pulumi.Input[str] description: A human-readable description of the resource. + :param pulumi.Input[Sequence[pulumi.Input[pulumi.InputType['LbRouteExtensionExtensionChainArgs']]]] extension_chains: A set of ordered extension chains that contain the match conditions and extensions to execute. + Match conditions for each extension chain are evaluated in sequence for a given request. + The first extension chain that has a condition that matches the request is executed. + Any subsequent extension chains do not execute. Limited to 5 extension chains per resource. + Structure is documented below. + :param pulumi.Input[Sequence[pulumi.Input[str]]] forwarding_rules: A list of references to the forwarding rules to which this service extension is attached to. + At least one forwarding rule is required. There can be only one LbRouteExtension resource per forwarding rule. + :param pulumi.Input[Mapping[str, pulumi.Input[str]]] labels: Set of labels associated with the LbRouteExtension resource. **Note**: This field is non-authoritative, and will only + manage the labels present in your configuration. Please refer to the field 'effective_labels' for all of the labels + present on the resource. + :param pulumi.Input[str] load_balancing_scheme: All backend services and forwarding rules referenced by this extension must share the same load balancing scheme. + For more information, refer to [Choosing a load balancer](https://cloud.google.com/load-balancing/docs/backend-service) and + [Supported application load balancers](https://cloud.google.com/service-extensions/docs/callouts-overview#supported-lbs). + Possible values are: `INTERNAL_MANAGED`, `EXTERNAL_MANAGED`. + :param pulumi.Input[str] location: The location of the route extension + :param pulumi.Input[str] name: Name of the LbRouteExtension resource in the following format: projects/{project}/locations/{location}/lbRouteExtensions/{lbRouteExtension} + """ + ... + @overload + def __init__(__self__, + resource_name: str, + args: LbRouteExtensionArgs, + opts: Optional[pulumi.ResourceOptions] = None): + """ + LbRouteExtension is a resource that lets you control where traffic is routed to for a given request. + + To get more information about LbRouteExtension, see: + + * [API documentation](https://cloud.google.com/service-extensions/docs/reference/rest/v1beta1/projects.locations.lbRouteExtensions) + * How-to Guides + * [Configure a route extension](https://cloud.google.com/service-extensions/docs/configure-callout#configure_a_route_extension) + + ## Example Usage + + ## Import + + LbRouteExtension can be imported using any of these accepted formats: + + * `projects/{{project}}/locations/{{location}}/lbRouteExtensions/{{name}}` + + * `{{project}}/{{location}}/{{name}}` + + * `{{location}}/{{name}}` + + When using the `pulumi import` command, LbRouteExtension can be imported using one of the formats above. For example: + + ```sh + $ pulumi import gcp:networkservices/lbRouteExtension:LbRouteExtension default projects/{{project}}/locations/{{location}}/lbRouteExtensions/{{name}} + ``` + + ```sh + $ pulumi import gcp:networkservices/lbRouteExtension:LbRouteExtension default {{project}}/{{location}}/{{name}} + ``` + + ```sh + $ pulumi import gcp:networkservices/lbRouteExtension:LbRouteExtension default {{location}}/{{name}} + ``` + + :param str resource_name: The name of the resource. + :param LbRouteExtensionArgs args: The arguments to use to populate this resource's properties. + :param pulumi.ResourceOptions opts: Options for the resource. + """ + ... + def __init__(__self__, resource_name: str, *args, **kwargs): + resource_args, opts = _utilities.get_resource_args_opts(LbRouteExtensionArgs, pulumi.ResourceOptions, *args, **kwargs) + if resource_args is not None: + __self__._internal_init(resource_name, opts, **resource_args.__dict__) + else: + __self__._internal_init(resource_name, *args, **kwargs) + + def _internal_init(__self__, + resource_name: str, + opts: Optional[pulumi.ResourceOptions] = None, + description: Optional[pulumi.Input[str]] = None, + extension_chains: Optional[pulumi.Input[Sequence[pulumi.Input[pulumi.InputType['LbRouteExtensionExtensionChainArgs']]]]] = None, + forwarding_rules: Optional[pulumi.Input[Sequence[pulumi.Input[str]]]] = None, + labels: Optional[pulumi.Input[Mapping[str, pulumi.Input[str]]]] = None, + load_balancing_scheme: Optional[pulumi.Input[str]] = None, + location: Optional[pulumi.Input[str]] = None, + name: Optional[pulumi.Input[str]] = None, + project: Optional[pulumi.Input[str]] = None, + __props__=None): + opts = pulumi.ResourceOptions.merge(_utilities.get_resource_opts_defaults(), opts) + if not isinstance(opts, pulumi.ResourceOptions): + raise TypeError('Expected resource options to be a ResourceOptions instance') + if opts.id is None: + if __props__ is not None: + raise TypeError('__props__ is only valid when passed in combination with a valid opts.id to get an existing resource') + __props__ = LbRouteExtensionArgs.__new__(LbRouteExtensionArgs) + + __props__.__dict__["description"] = description + if extension_chains is None and not opts.urn: + raise TypeError("Missing required property 'extension_chains'") + __props__.__dict__["extension_chains"] = extension_chains + if forwarding_rules is None and not opts.urn: + raise TypeError("Missing required property 'forwarding_rules'") + __props__.__dict__["forwarding_rules"] = forwarding_rules + __props__.__dict__["labels"] = labels + if load_balancing_scheme is None and not opts.urn: + raise TypeError("Missing required property 'load_balancing_scheme'") + __props__.__dict__["load_balancing_scheme"] = load_balancing_scheme + if location is None and not opts.urn: + raise TypeError("Missing required property 'location'") + __props__.__dict__["location"] = location + __props__.__dict__["name"] = name + __props__.__dict__["project"] = project + __props__.__dict__["effective_labels"] = None + __props__.__dict__["pulumi_labels"] = None + secret_opts = pulumi.ResourceOptions(additional_secret_outputs=["effectiveLabels", "pulumiLabels"]) + opts = pulumi.ResourceOptions.merge(opts, secret_opts) + super(LbRouteExtension, __self__).__init__( + 'gcp:networkservices/lbRouteExtension:LbRouteExtension', + resource_name, + __props__, + opts) + + @staticmethod + def get(resource_name: str, + id: pulumi.Input[str], + opts: Optional[pulumi.ResourceOptions] = None, + description: Optional[pulumi.Input[str]] = None, + effective_labels: Optional[pulumi.Input[Mapping[str, pulumi.Input[str]]]] = None, + extension_chains: Optional[pulumi.Input[Sequence[pulumi.Input[pulumi.InputType['LbRouteExtensionExtensionChainArgs']]]]] = None, + forwarding_rules: Optional[pulumi.Input[Sequence[pulumi.Input[str]]]] = None, + labels: Optional[pulumi.Input[Mapping[str, pulumi.Input[str]]]] = None, + load_balancing_scheme: Optional[pulumi.Input[str]] = None, + location: Optional[pulumi.Input[str]] = None, + name: Optional[pulumi.Input[str]] = None, + project: Optional[pulumi.Input[str]] = None, + pulumi_labels: Optional[pulumi.Input[Mapping[str, pulumi.Input[str]]]] = None) -> 'LbRouteExtension': + """ + Get an existing LbRouteExtension resource's state with the given name, id, and optional extra + properties used to qualify the lookup. + + :param str resource_name: The unique name of the resulting resource. + :param pulumi.Input[str] id: The unique provider ID of the resource to lookup. + :param pulumi.ResourceOptions opts: Options for the resource. + :param pulumi.Input[str] description: A human-readable description of the resource. + :param pulumi.Input[Mapping[str, pulumi.Input[str]]] effective_labels: All of labels (key/value pairs) present on the resource in GCP, including the labels configured through Pulumi, other clients and services. + :param pulumi.Input[Sequence[pulumi.Input[pulumi.InputType['LbRouteExtensionExtensionChainArgs']]]] extension_chains: A set of ordered extension chains that contain the match conditions and extensions to execute. + Match conditions for each extension chain are evaluated in sequence for a given request. + The first extension chain that has a condition that matches the request is executed. + Any subsequent extension chains do not execute. Limited to 5 extension chains per resource. + Structure is documented below. + :param pulumi.Input[Sequence[pulumi.Input[str]]] forwarding_rules: A list of references to the forwarding rules to which this service extension is attached to. + At least one forwarding rule is required. There can be only one LbRouteExtension resource per forwarding rule. + :param pulumi.Input[Mapping[str, pulumi.Input[str]]] labels: Set of labels associated with the LbRouteExtension resource. **Note**: This field is non-authoritative, and will only + manage the labels present in your configuration. Please refer to the field 'effective_labels' for all of the labels + present on the resource. + :param pulumi.Input[str] load_balancing_scheme: All backend services and forwarding rules referenced by this extension must share the same load balancing scheme. + For more information, refer to [Choosing a load balancer](https://cloud.google.com/load-balancing/docs/backend-service) and + [Supported application load balancers](https://cloud.google.com/service-extensions/docs/callouts-overview#supported-lbs). + Possible values are: `INTERNAL_MANAGED`, `EXTERNAL_MANAGED`. + :param pulumi.Input[str] location: The location of the route extension + :param pulumi.Input[str] name: Name of the LbRouteExtension resource in the following format: projects/{project}/locations/{location}/lbRouteExtensions/{lbRouteExtension} + :param pulumi.Input[Mapping[str, pulumi.Input[str]]] pulumi_labels: The combination of labels configured directly on the resource + and default labels configured on the provider. + """ + opts = pulumi.ResourceOptions.merge(opts, pulumi.ResourceOptions(id=id)) + + __props__ = _LbRouteExtensionState.__new__(_LbRouteExtensionState) + + __props__.__dict__["description"] = description + __props__.__dict__["effective_labels"] = effective_labels + __props__.__dict__["extension_chains"] = extension_chains + __props__.__dict__["forwarding_rules"] = forwarding_rules + __props__.__dict__["labels"] = labels + __props__.__dict__["load_balancing_scheme"] = load_balancing_scheme + __props__.__dict__["location"] = location + __props__.__dict__["name"] = name + __props__.__dict__["project"] = project + __props__.__dict__["pulumi_labels"] = pulumi_labels + return LbRouteExtension(resource_name, opts=opts, __props__=__props__) + + @property + @pulumi.getter + def description(self) -> pulumi.Output[Optional[str]]: + """ + A human-readable description of the resource. + """ + return pulumi.get(self, "description") + + @property + @pulumi.getter(name="effectiveLabels") + def effective_labels(self) -> pulumi.Output[Mapping[str, str]]: + """ + All of labels (key/value pairs) present on the resource in GCP, including the labels configured through Pulumi, other clients and services. + """ + return pulumi.get(self, "effective_labels") + + @property + @pulumi.getter(name="extensionChains") + def extension_chains(self) -> pulumi.Output[Sequence['outputs.LbRouteExtensionExtensionChain']]: + """ + A set of ordered extension chains that contain the match conditions and extensions to execute. + Match conditions for each extension chain are evaluated in sequence for a given request. + The first extension chain that has a condition that matches the request is executed. + Any subsequent extension chains do not execute. Limited to 5 extension chains per resource. + Structure is documented below. + """ + return pulumi.get(self, "extension_chains") + + @property + @pulumi.getter(name="forwardingRules") + def forwarding_rules(self) -> pulumi.Output[Sequence[str]]: + """ + A list of references to the forwarding rules to which this service extension is attached to. + At least one forwarding rule is required. There can be only one LbRouteExtension resource per forwarding rule. + """ + return pulumi.get(self, "forwarding_rules") + + @property + @pulumi.getter + def labels(self) -> pulumi.Output[Optional[Mapping[str, str]]]: + """ + Set of labels associated with the LbRouteExtension resource. **Note**: This field is non-authoritative, and will only + manage the labels present in your configuration. Please refer to the field 'effective_labels' for all of the labels + present on the resource. + """ + return pulumi.get(self, "labels") + + @property + @pulumi.getter(name="loadBalancingScheme") + def load_balancing_scheme(self) -> pulumi.Output[str]: + """ + All backend services and forwarding rules referenced by this extension must share the same load balancing scheme. + For more information, refer to [Choosing a load balancer](https://cloud.google.com/load-balancing/docs/backend-service) and + [Supported application load balancers](https://cloud.google.com/service-extensions/docs/callouts-overview#supported-lbs). + Possible values are: `INTERNAL_MANAGED`, `EXTERNAL_MANAGED`. + """ + return pulumi.get(self, "load_balancing_scheme") + + @property + @pulumi.getter + def location(self) -> pulumi.Output[str]: + """ + The location of the route extension + """ + return pulumi.get(self, "location") + + @property + @pulumi.getter + def name(self) -> pulumi.Output[str]: + """ + Name of the LbRouteExtension resource in the following format: projects/{project}/locations/{location}/lbRouteExtensions/{lbRouteExtension} + """ + return pulumi.get(self, "name") + + @property + @pulumi.getter + def project(self) -> pulumi.Output[str]: + return pulumi.get(self, "project") + + @property + @pulumi.getter(name="pulumiLabels") + def pulumi_labels(self) -> pulumi.Output[Mapping[str, str]]: + """ + The combination of labels configured directly on the resource + and default labels configured on the provider. + """ + return pulumi.get(self, "pulumi_labels") + diff --git a/sdk/python/pulumi_gcp/networkservices/lb_traffic_extension.py b/sdk/python/pulumi_gcp/networkservices/lb_traffic_extension.py index 0ac2f1f27d..26bc409943 100644 --- a/sdk/python/pulumi_gcp/networkservices/lb_traffic_extension.py +++ b/sdk/python/pulumi_gcp/networkservices/lb_traffic_extension.py @@ -39,8 +39,10 @@ def __init__(__self__, *, manage the labels present in your configuration. Please refer to the field 'effective_labels' for all of the labels present on the resource. :param pulumi.Input[str] load_balancing_scheme: All backend services and forwarding rules referenced by this extension must share the same load balancing scheme. For - more information, refer to Choosing a load balancer. Possible values: ["LOAD_BALANCING_SCHEME_UNSPECIFIED", - "INTERNAL_MANAGED", "EXTERNAL_MANAGED"] + more information, refer to [Choosing a load balancer](https://cloud.google.com/load-balancing/docs/backend-service) and + [Supported application load + balancers](https://cloud.google.com/service-extensions/docs/callouts-overview#supported-lbs). Possible values: + ["INTERNAL_MANAGED", "EXTERNAL_MANAGED"] :param pulumi.Input[str] name: Name of the LbTrafficExtension resource in the following format: projects/{project}/locations/{location}/lbTrafficExtensions/{lbTrafficExtension}. """ pulumi.set(__self__, "extension_chains", extension_chains) @@ -129,8 +131,10 @@ def labels(self, value: Optional[pulumi.Input[Mapping[str, pulumi.Input[str]]]]) def load_balancing_scheme(self) -> Optional[pulumi.Input[str]]: """ All backend services and forwarding rules referenced by this extension must share the same load balancing scheme. For - more information, refer to Choosing a load balancer. Possible values: ["LOAD_BALANCING_SCHEME_UNSPECIFIED", - "INTERNAL_MANAGED", "EXTERNAL_MANAGED"] + more information, refer to [Choosing a load balancer](https://cloud.google.com/load-balancing/docs/backend-service) and + [Supported application load + balancers](https://cloud.google.com/service-extensions/docs/callouts-overview#supported-lbs). Possible values: + ["INTERNAL_MANAGED", "EXTERNAL_MANAGED"] """ return pulumi.get(self, "load_balancing_scheme") @@ -188,8 +192,10 @@ def __init__(__self__, *, manage the labels present in your configuration. Please refer to the field 'effective_labels' for all of the labels present on the resource. :param pulumi.Input[str] load_balancing_scheme: All backend services and forwarding rules referenced by this extension must share the same load balancing scheme. For - more information, refer to Choosing a load balancer. Possible values: ["LOAD_BALANCING_SCHEME_UNSPECIFIED", - "INTERNAL_MANAGED", "EXTERNAL_MANAGED"] + more information, refer to [Choosing a load balancer](https://cloud.google.com/load-balancing/docs/backend-service) and + [Supported application load + balancers](https://cloud.google.com/service-extensions/docs/callouts-overview#supported-lbs). Possible values: + ["INTERNAL_MANAGED", "EXTERNAL_MANAGED"] :param pulumi.Input[str] location: The location of the traffic extension :param pulumi.Input[str] name: Name of the LbTrafficExtension resource in the following format: projects/{project}/locations/{location}/lbTrafficExtensions/{lbTrafficExtension}. :param pulumi.Input[Mapping[str, pulumi.Input[str]]] pulumi_labels: The combination of labels configured directly on the resource @@ -288,8 +294,10 @@ def labels(self, value: Optional[pulumi.Input[Mapping[str, pulumi.Input[str]]]]) def load_balancing_scheme(self) -> Optional[pulumi.Input[str]]: """ All backend services and forwarding rules referenced by this extension must share the same load balancing scheme. For - more information, refer to Choosing a load balancer. Possible values: ["LOAD_BALANCING_SCHEME_UNSPECIFIED", - "INTERNAL_MANAGED", "EXTERNAL_MANAGED"] + more information, refer to [Choosing a load balancer](https://cloud.google.com/load-balancing/docs/backend-service) and + [Supported application load + balancers](https://cloud.google.com/service-extensions/docs/callouts-overview#supported-lbs). Possible values: + ["INTERNAL_MANAGED", "EXTERNAL_MANAGED"] """ return pulumi.get(self, "load_balancing_scheme") @@ -407,8 +415,10 @@ def __init__(__self__, manage the labels present in your configuration. Please refer to the field 'effective_labels' for all of the labels present on the resource. :param pulumi.Input[str] load_balancing_scheme: All backend services and forwarding rules referenced by this extension must share the same load balancing scheme. For - more information, refer to Choosing a load balancer. Possible values: ["LOAD_BALANCING_SCHEME_UNSPECIFIED", - "INTERNAL_MANAGED", "EXTERNAL_MANAGED"] + more information, refer to [Choosing a load balancer](https://cloud.google.com/load-balancing/docs/backend-service) and + [Supported application load + balancers](https://cloud.google.com/service-extensions/docs/callouts-overview#supported-lbs). Possible values: + ["INTERNAL_MANAGED", "EXTERNAL_MANAGED"] :param pulumi.Input[str] location: The location of the traffic extension :param pulumi.Input[str] name: Name of the LbTrafficExtension resource in the following format: projects/{project}/locations/{location}/lbTrafficExtensions/{lbTrafficExtension}. """ @@ -543,8 +553,10 @@ def get(resource_name: str, manage the labels present in your configuration. Please refer to the field 'effective_labels' for all of the labels present on the resource. :param pulumi.Input[str] load_balancing_scheme: All backend services and forwarding rules referenced by this extension must share the same load balancing scheme. For - more information, refer to Choosing a load balancer. Possible values: ["LOAD_BALANCING_SCHEME_UNSPECIFIED", - "INTERNAL_MANAGED", "EXTERNAL_MANAGED"] + more information, refer to [Choosing a load balancer](https://cloud.google.com/load-balancing/docs/backend-service) and + [Supported application load + balancers](https://cloud.google.com/service-extensions/docs/callouts-overview#supported-lbs). Possible values: + ["INTERNAL_MANAGED", "EXTERNAL_MANAGED"] :param pulumi.Input[str] location: The location of the traffic extension :param pulumi.Input[str] name: Name of the LbTrafficExtension resource in the following format: projects/{project}/locations/{location}/lbTrafficExtensions/{lbTrafficExtension}. :param pulumi.Input[Mapping[str, pulumi.Input[str]]] pulumi_labels: The combination of labels configured directly on the resource @@ -618,8 +630,10 @@ def labels(self) -> pulumi.Output[Optional[Mapping[str, str]]]: def load_balancing_scheme(self) -> pulumi.Output[Optional[str]]: """ All backend services and forwarding rules referenced by this extension must share the same load balancing scheme. For - more information, refer to Choosing a load balancer. Possible values: ["LOAD_BALANCING_SCHEME_UNSPECIFIED", - "INTERNAL_MANAGED", "EXTERNAL_MANAGED"] + more information, refer to [Choosing a load balancer](https://cloud.google.com/load-balancing/docs/backend-service) and + [Supported application load + balancers](https://cloud.google.com/service-extensions/docs/callouts-overview#supported-lbs). Possible values: + ["INTERNAL_MANAGED", "EXTERNAL_MANAGED"] """ return pulumi.get(self, "load_balancing_scheme") diff --git a/sdk/python/pulumi_gcp/networkservices/outputs.py b/sdk/python/pulumi_gcp/networkservices/outputs.py index 6f70d2240c..02c96fe04c 100644 --- a/sdk/python/pulumi_gcp/networkservices/outputs.py +++ b/sdk/python/pulumi_gcp/networkservices/outputs.py @@ -73,6 +73,9 @@ 'HttpRouteRuleMatchHeader', 'HttpRouteRuleMatchHeaderRangeMatch', 'HttpRouteRuleMatchQueryParameter', + 'LbRouteExtensionExtensionChain', + 'LbRouteExtensionExtensionChainExtension', + 'LbRouteExtensionExtensionChainMatchCondition', 'LbTrafficExtensionExtensionChain', 'LbTrafficExtensionExtensionChainExtension', 'LbTrafficExtensionExtensionChainMatchCondition', @@ -4500,6 +4503,232 @@ def regex_match(self) -> Optional[str]: return pulumi.get(self, "regex_match") +@pulumi.output_type +class LbRouteExtensionExtensionChain(dict): + @staticmethod + def __key_warning(key: str): + suggest = None + if key == "matchCondition": + suggest = "match_condition" + + if suggest: + pulumi.log.warn(f"Key '{key}' not found in LbRouteExtensionExtensionChain. Access the value via the '{suggest}' property getter instead.") + + def __getitem__(self, key: str) -> Any: + LbRouteExtensionExtensionChain.__key_warning(key) + return super().__getitem__(key) + + def get(self, key: str, default = None) -> Any: + LbRouteExtensionExtensionChain.__key_warning(key) + return super().get(key, default) + + def __init__(__self__, *, + extensions: Sequence['outputs.LbRouteExtensionExtensionChainExtension'], + match_condition: 'outputs.LbRouteExtensionExtensionChainMatchCondition', + name: str): + """ + :param Sequence['LbRouteExtensionExtensionChainExtensionArgs'] extensions: A set of extensions to execute for the matching request. + At least one extension is required. Up to 3 extensions can be defined for each extension chain for + LbTrafficExtension resource. LbRouteExtension chains are limited to 1 extension per extension chain. + Structure is documented below. + :param 'LbRouteExtensionExtensionChainMatchConditionArgs' match_condition: Conditions under which this chain is invoked for a request. + Structure is documented below. + :param str name: The name for this extension chain. The name is logged as part of the HTTP request logs. + The name must conform with RFC-1034, is restricted to lower-cased letters, numbers and hyphens, + and can have a maximum length of 63 characters. Additionally, the first character must be a letter + and the last character must be a letter or a number. + """ + pulumi.set(__self__, "extensions", extensions) + pulumi.set(__self__, "match_condition", match_condition) + pulumi.set(__self__, "name", name) + + @property + @pulumi.getter + def extensions(self) -> Sequence['outputs.LbRouteExtensionExtensionChainExtension']: + """ + A set of extensions to execute for the matching request. + At least one extension is required. Up to 3 extensions can be defined for each extension chain for + LbTrafficExtension resource. LbRouteExtension chains are limited to 1 extension per extension chain. + Structure is documented below. + """ + return pulumi.get(self, "extensions") + + @property + @pulumi.getter(name="matchCondition") + def match_condition(self) -> 'outputs.LbRouteExtensionExtensionChainMatchCondition': + """ + Conditions under which this chain is invoked for a request. + Structure is documented below. + """ + return pulumi.get(self, "match_condition") + + @property + @pulumi.getter + def name(self) -> str: + """ + The name for this extension chain. The name is logged as part of the HTTP request logs. + The name must conform with RFC-1034, is restricted to lower-cased letters, numbers and hyphens, + and can have a maximum length of 63 characters. Additionally, the first character must be a letter + and the last character must be a letter or a number. + """ + return pulumi.get(self, "name") + + +@pulumi.output_type +class LbRouteExtensionExtensionChainExtension(dict): + @staticmethod + def __key_warning(key: str): + suggest = None + if key == "failOpen": + suggest = "fail_open" + elif key == "forwardHeaders": + suggest = "forward_headers" + + if suggest: + pulumi.log.warn(f"Key '{key}' not found in LbRouteExtensionExtensionChainExtension. Access the value via the '{suggest}' property getter instead.") + + def __getitem__(self, key: str) -> Any: + LbRouteExtensionExtensionChainExtension.__key_warning(key) + return super().__getitem__(key) + + def get(self, key: str, default = None) -> Any: + LbRouteExtensionExtensionChainExtension.__key_warning(key) + return super().get(key, default) + + def __init__(__self__, *, + name: str, + service: str, + authority: Optional[str] = None, + fail_open: Optional[bool] = None, + forward_headers: Optional[Sequence[str]] = None, + timeout: Optional[str] = None): + """ + :param str name: The name for this extension. The name is logged as part of the HTTP request logs. + The name must conform with RFC-1034, is restricted to lower-cased letters, numbers and hyphens, + and can have a maximum length of 63 characters. Additionally, the first character must be a letter + and the last a letter or a number. + :param str service: The reference to the service that runs the extension. Must be a reference to a backend service + :param str authority: The :authority header in the gRPC request sent from Envoy to the extension service. + :param bool fail_open: Determines how the proxy behaves if the call to the extension fails or times out. + When set to TRUE, request or response processing continues without error. + Any subsequent extensions in the extension chain are also executed. + When set to FALSE: * If response headers have not been delivered to the downstream client, + a generic 500 error is returned to the client. The error response can be tailored by + configuring a custom error response in the load balancer. + :param Sequence[str] forward_headers: List of the HTTP headers to forward to the extension (from the client or backend). + If omitted, all headers are sent. Each element is a string indicating the header name. + + - - - + :param str timeout: Specifies the timeout for each individual message on the stream. The timeout must be between 10-1000 milliseconds. + A duration in seconds with up to nine fractional digits, ending with 's'. Example: "3.5s". + """ + pulumi.set(__self__, "name", name) + pulumi.set(__self__, "service", service) + if authority is not None: + pulumi.set(__self__, "authority", authority) + if fail_open is not None: + pulumi.set(__self__, "fail_open", fail_open) + if forward_headers is not None: + pulumi.set(__self__, "forward_headers", forward_headers) + if timeout is not None: + pulumi.set(__self__, "timeout", timeout) + + @property + @pulumi.getter + def name(self) -> str: + """ + The name for this extension. The name is logged as part of the HTTP request logs. + The name must conform with RFC-1034, is restricted to lower-cased letters, numbers and hyphens, + and can have a maximum length of 63 characters. Additionally, the first character must be a letter + and the last a letter or a number. + """ + return pulumi.get(self, "name") + + @property + @pulumi.getter + def service(self) -> str: + """ + The reference to the service that runs the extension. Must be a reference to a backend service + """ + return pulumi.get(self, "service") + + @property + @pulumi.getter + def authority(self) -> Optional[str]: + """ + The :authority header in the gRPC request sent from Envoy to the extension service. + """ + return pulumi.get(self, "authority") + + @property + @pulumi.getter(name="failOpen") + def fail_open(self) -> Optional[bool]: + """ + Determines how the proxy behaves if the call to the extension fails or times out. + When set to TRUE, request or response processing continues without error. + Any subsequent extensions in the extension chain are also executed. + When set to FALSE: * If response headers have not been delivered to the downstream client, + a generic 500 error is returned to the client. The error response can be tailored by + configuring a custom error response in the load balancer. + """ + return pulumi.get(self, "fail_open") + + @property + @pulumi.getter(name="forwardHeaders") + def forward_headers(self) -> Optional[Sequence[str]]: + """ + List of the HTTP headers to forward to the extension (from the client or backend). + If omitted, all headers are sent. Each element is a string indicating the header name. + + - - - + """ + return pulumi.get(self, "forward_headers") + + @property + @pulumi.getter + def timeout(self) -> Optional[str]: + """ + Specifies the timeout for each individual message on the stream. The timeout must be between 10-1000 milliseconds. + A duration in seconds with up to nine fractional digits, ending with 's'. Example: "3.5s". + """ + return pulumi.get(self, "timeout") + + +@pulumi.output_type +class LbRouteExtensionExtensionChainMatchCondition(dict): + @staticmethod + def __key_warning(key: str): + suggest = None + if key == "celExpression": + suggest = "cel_expression" + + if suggest: + pulumi.log.warn(f"Key '{key}' not found in LbRouteExtensionExtensionChainMatchCondition. Access the value via the '{suggest}' property getter instead.") + + def __getitem__(self, key: str) -> Any: + LbRouteExtensionExtensionChainMatchCondition.__key_warning(key) + return super().__getitem__(key) + + def get(self, key: str, default = None) -> Any: + LbRouteExtensionExtensionChainMatchCondition.__key_warning(key) + return super().get(key, default) + + def __init__(__self__, *, + cel_expression: str): + """ + :param str cel_expression: A Common Expression Language (CEL) expression that is used to match requests for which the extension chain is executed. + """ + pulumi.set(__self__, "cel_expression", cel_expression) + + @property + @pulumi.getter(name="celExpression") + def cel_expression(self) -> str: + """ + A Common Expression Language (CEL) expression that is used to match requests for which the extension chain is executed. + """ + return pulumi.get(self, "cel_expression") + + @pulumi.output_type class LbTrafficExtensionExtensionChain(dict): @staticmethod @@ -4595,22 +4824,20 @@ def get(self, key: str, default = None) -> Any: return super().get(key, default) def __init__(__self__, *, - authority: str, name: str, service: str, - timeout: str, + authority: Optional[str] = None, fail_open: Optional[bool] = None, forward_headers: Optional[Sequence[str]] = None, - supported_events: Optional[Sequence[str]] = None): + supported_events: Optional[Sequence[str]] = None, + timeout: Optional[str] = None): """ - :param str authority: The :authority header in the gRPC request sent from Envoy to the extension service. :param str name: The name for this extension. The name is logged as part of the HTTP request logs. The name must conform with RFC-1034, is restricted to lower-cased letters, numbers and hyphens, and can have a maximum length of 63 characters. Additionally, the first character must be a letter and the last a letter or a number. :param str service: The reference to the service that runs the extension. Must be a reference to a backend service - :param str timeout: Specifies the timeout for each individual message on the stream. The timeout must be between 10-1000 milliseconds. - A duration in seconds with up to nine fractional digits, ending with 's'. Example: "3.5s". + :param str authority: The :authority header in the gRPC request sent from Envoy to the extension service. :param bool fail_open: Determines how the proxy behaves if the call to the extension fails or times out. When set to TRUE, request or response processing continues without error. Any subsequent extensions in the extension chain are also executed. @@ -4625,25 +4852,21 @@ def __init__(__self__, *, `RESPONSE_BODY`, `RESPONSE_BODY` and `RESPONSE_BODY`. - - - + :param str timeout: Specifies the timeout for each individual message on the stream. The timeout must be between 10-1000 milliseconds. + A duration in seconds with up to nine fractional digits, ending with 's'. Example: "3.5s". """ - pulumi.set(__self__, "authority", authority) pulumi.set(__self__, "name", name) pulumi.set(__self__, "service", service) - pulumi.set(__self__, "timeout", timeout) + if authority is not None: + pulumi.set(__self__, "authority", authority) if fail_open is not None: pulumi.set(__self__, "fail_open", fail_open) if forward_headers is not None: pulumi.set(__self__, "forward_headers", forward_headers) if supported_events is not None: pulumi.set(__self__, "supported_events", supported_events) - - @property - @pulumi.getter - def authority(self) -> str: - """ - The :authority header in the gRPC request sent from Envoy to the extension service. - """ - return pulumi.get(self, "authority") + if timeout is not None: + pulumi.set(__self__, "timeout", timeout) @property @pulumi.getter @@ -4666,12 +4889,11 @@ def service(self) -> str: @property @pulumi.getter - def timeout(self) -> str: + def authority(self) -> Optional[str]: """ - Specifies the timeout for each individual message on the stream. The timeout must be between 10-1000 milliseconds. - A duration in seconds with up to nine fractional digits, ending with 's'. Example: "3.5s". + The :authority header in the gRPC request sent from Envoy to the extension service. """ - return pulumi.get(self, "timeout") + return pulumi.get(self, "authority") @property @pulumi.getter(name="failOpen") @@ -4708,6 +4930,15 @@ def supported_events(self) -> Optional[Sequence[str]]: """ return pulumi.get(self, "supported_events") + @property + @pulumi.getter + def timeout(self) -> Optional[str]: + """ + Specifies the timeout for each individual message on the stream. The timeout must be between 10-1000 milliseconds. + A duration in seconds with up to nine fractional digits, ending with 's'. Example: "3.5s". + """ + return pulumi.get(self, "timeout") + @pulumi.output_type class LbTrafficExtensionExtensionChainMatchCondition(dict): diff --git a/sdk/python/pulumi_gcp/orgpolicy/policy.py b/sdk/python/pulumi_gcp/orgpolicy/policy.py index efa0c5a5ee..710a8e0ed5 100644 --- a/sdk/python/pulumi_gcp/orgpolicy/policy.py +++ b/sdk/python/pulumi_gcp/orgpolicy/policy.py @@ -297,7 +297,7 @@ def __init__(__self__, import pulumi_gcp as gcp constraint = gcp.orgpolicy.CustomConstraint("constraint", - name="custom.disableGkeAutoUpgrade_87786", + name="custom.disableGkeAutoUpgrade_2067", parent="organizations/123456789", display_name="Disable GKE auto upgrade", description="Only allow GKE NodePool resource to be created or updated if AutoUpgrade is not enabled where this custom constraint is enforced.", @@ -449,7 +449,7 @@ def __init__(__self__, import pulumi_gcp as gcp constraint = gcp.orgpolicy.CustomConstraint("constraint", - name="custom.disableGkeAutoUpgrade_87786", + name="custom.disableGkeAutoUpgrade_2067", parent="organizations/123456789", display_name="Disable GKE auto upgrade", description="Only allow GKE NodePool resource to be created or updated if AutoUpgrade is not enabled where this custom constraint is enforced.", diff --git a/sdk/python/pulumi_gcp/pubsub/_inputs.py b/sdk/python/pulumi_gcp/pubsub/_inputs.py index c4c38be620..49e434d4e8 100644 --- a/sdk/python/pulumi_gcp/pubsub/_inputs.py +++ b/sdk/python/pulumi_gcp/pubsub/_inputs.py @@ -387,6 +387,7 @@ class SubscriptionCloudStorageConfigArgs: def __init__(__self__, *, bucket: pulumi.Input[str], avro_config: Optional[pulumi.Input['SubscriptionCloudStorageConfigAvroConfigArgs']] = None, + filename_datetime_format: Optional[pulumi.Input[str]] = None, filename_prefix: Optional[pulumi.Input[str]] = None, filename_suffix: Optional[pulumi.Input[str]] = None, max_bytes: Optional[pulumi.Input[int]] = None, @@ -396,6 +397,7 @@ def __init__(__self__, *, :param pulumi.Input[str] bucket: User-provided name for the Cloud Storage bucket. The bucket must be created by the user. The bucket name must be without any prefix like "gs://". :param pulumi.Input['SubscriptionCloudStorageConfigAvroConfigArgs'] avro_config: If set, message data will be written to Cloud Storage in Avro format. Structure is documented below. + :param pulumi.Input[str] filename_datetime_format: User-provided format string specifying how to represent datetimes in Cloud Storage filenames. :param pulumi.Input[str] filename_prefix: User-provided prefix for Cloud Storage filename. :param pulumi.Input[str] filename_suffix: User-provided suffix for Cloud Storage filename. Must not end in "/". :param pulumi.Input[int] max_bytes: The maximum bytes that can be written to a Cloud Storage file before a new file is created. Min 1 KB, max 10 GiB. @@ -409,6 +411,8 @@ def __init__(__self__, *, pulumi.set(__self__, "bucket", bucket) if avro_config is not None: pulumi.set(__self__, "avro_config", avro_config) + if filename_datetime_format is not None: + pulumi.set(__self__, "filename_datetime_format", filename_datetime_format) if filename_prefix is not None: pulumi.set(__self__, "filename_prefix", filename_prefix) if filename_suffix is not None: @@ -445,6 +449,18 @@ def avro_config(self) -> Optional[pulumi.Input['SubscriptionCloudStorageConfigAv def avro_config(self, value: Optional[pulumi.Input['SubscriptionCloudStorageConfigAvroConfigArgs']]): pulumi.set(self, "avro_config", value) + @property + @pulumi.getter(name="filenameDatetimeFormat") + def filename_datetime_format(self) -> Optional[pulumi.Input[str]]: + """ + User-provided format string specifying how to represent datetimes in Cloud Storage filenames. + """ + return pulumi.get(self, "filename_datetime_format") + + @filename_datetime_format.setter + def filename_datetime_format(self, value: Optional[pulumi.Input[str]]): + pulumi.set(self, "filename_datetime_format", value) + @property @pulumi.getter(name="filenamePrefix") def filename_prefix(self) -> Optional[pulumi.Input[str]]: diff --git a/sdk/python/pulumi_gcp/pubsub/outputs.py b/sdk/python/pulumi_gcp/pubsub/outputs.py index 41ad38a6fd..42776f2155 100644 --- a/sdk/python/pulumi_gcp/pubsub/outputs.py +++ b/sdk/python/pulumi_gcp/pubsub/outputs.py @@ -420,6 +420,8 @@ def __key_warning(key: str): suggest = None if key == "avroConfig": suggest = "avro_config" + elif key == "filenameDatetimeFormat": + suggest = "filename_datetime_format" elif key == "filenamePrefix": suggest = "filename_prefix" elif key == "filenameSuffix": @@ -443,6 +445,7 @@ def get(self, key: str, default = None) -> Any: def __init__(__self__, *, bucket: str, avro_config: Optional['outputs.SubscriptionCloudStorageConfigAvroConfig'] = None, + filename_datetime_format: Optional[str] = None, filename_prefix: Optional[str] = None, filename_suffix: Optional[str] = None, max_bytes: Optional[int] = None, @@ -452,6 +455,7 @@ def __init__(__self__, *, :param str bucket: User-provided name for the Cloud Storage bucket. The bucket must be created by the user. The bucket name must be without any prefix like "gs://". :param 'SubscriptionCloudStorageConfigAvroConfigArgs' avro_config: If set, message data will be written to Cloud Storage in Avro format. Structure is documented below. + :param str filename_datetime_format: User-provided format string specifying how to represent datetimes in Cloud Storage filenames. :param str filename_prefix: User-provided prefix for Cloud Storage filename. :param str filename_suffix: User-provided suffix for Cloud Storage filename. Must not end in "/". :param int max_bytes: The maximum bytes that can be written to a Cloud Storage file before a new file is created. Min 1 KB, max 10 GiB. @@ -465,6 +469,8 @@ def __init__(__self__, *, pulumi.set(__self__, "bucket", bucket) if avro_config is not None: pulumi.set(__self__, "avro_config", avro_config) + if filename_datetime_format is not None: + pulumi.set(__self__, "filename_datetime_format", filename_datetime_format) if filename_prefix is not None: pulumi.set(__self__, "filename_prefix", filename_prefix) if filename_suffix is not None: @@ -493,6 +499,14 @@ def avro_config(self) -> Optional['outputs.SubscriptionCloudStorageConfigAvroCon """ return pulumi.get(self, "avro_config") + @property + @pulumi.getter(name="filenameDatetimeFormat") + def filename_datetime_format(self) -> Optional[str]: + """ + User-provided format string specifying how to represent datetimes in Cloud Storage filenames. + """ + return pulumi.get(self, "filename_datetime_format") + @property @pulumi.getter(name="filenamePrefix") def filename_prefix(self) -> Optional[str]: @@ -1353,6 +1367,7 @@ class GetSubscriptionCloudStorageConfigResult(dict): def __init__(__self__, *, avro_configs: Sequence['outputs.GetSubscriptionCloudStorageConfigAvroConfigResult'], bucket: str, + filename_datetime_format: str, filename_prefix: str, filename_suffix: str, max_bytes: int, @@ -1361,6 +1376,7 @@ def __init__(__self__, *, """ :param Sequence['GetSubscriptionCloudStorageConfigAvroConfigArgs'] avro_configs: If set, message data will be written to Cloud Storage in Avro format. :param str bucket: User-provided name for the Cloud Storage bucket. The bucket must be created by the user. The bucket name must be without any prefix like "gs://". + :param str filename_datetime_format: User-provided format string specifying how to represent datetimes in Cloud Storage filenames. :param str filename_prefix: User-provided prefix for Cloud Storage filename. :param str filename_suffix: User-provided suffix for Cloud Storage filename. Must not end in "/". :param int max_bytes: The maximum bytes that can be written to a Cloud Storage file before a new file is created. Min 1 KB, max 10 GiB. @@ -1372,6 +1388,7 @@ def __init__(__self__, *, """ pulumi.set(__self__, "avro_configs", avro_configs) pulumi.set(__self__, "bucket", bucket) + pulumi.set(__self__, "filename_datetime_format", filename_datetime_format) pulumi.set(__self__, "filename_prefix", filename_prefix) pulumi.set(__self__, "filename_suffix", filename_suffix) pulumi.set(__self__, "max_bytes", max_bytes) @@ -1394,6 +1411,14 @@ def bucket(self) -> str: """ return pulumi.get(self, "bucket") + @property + @pulumi.getter(name="filenameDatetimeFormat") + def filename_datetime_format(self) -> str: + """ + User-provided format string specifying how to represent datetimes in Cloud Storage filenames. + """ + return pulumi.get(self, "filename_datetime_format") + @property @pulumi.getter(name="filenamePrefix") def filename_prefix(self) -> str: diff --git a/sdk/python/pulumi_gcp/pubsub/subscription.py b/sdk/python/pulumi_gcp/pubsub/subscription.py index 4f4420f96d..5bdb93c5c2 100644 --- a/sdk/python/pulumi_gcp/pubsub/subscription.py +++ b/sdk/python/pulumi_gcp/pubsub/subscription.py @@ -1053,7 +1053,8 @@ def __init__(__self__, cloud_storage_config=gcp.pubsub.SubscriptionCloudStorageConfigArgs( bucket=example.name, filename_prefix="pre-", - filename_suffix="-_2067", + filename_suffix="-_40785", + filename_datetime_format="YYYY-MM-DD/hh_mm_ssZ", max_bytes=1000, max_duration="300s", ), @@ -1084,7 +1085,8 @@ def __init__(__self__, cloud_storage_config=gcp.pubsub.SubscriptionCloudStorageConfigArgs( bucket=example.name, filename_prefix="pre-", - filename_suffix="-_40785", + filename_suffix="-_79169", + filename_datetime_format="YYYY-MM-DD/hh_mm_ssZ", max_bytes=1000, max_duration="300s", avro_config=gcp.pubsub.SubscriptionCloudStorageConfigAvroConfigArgs( @@ -1396,7 +1398,8 @@ def __init__(__self__, cloud_storage_config=gcp.pubsub.SubscriptionCloudStorageConfigArgs( bucket=example.name, filename_prefix="pre-", - filename_suffix="-_2067", + filename_suffix="-_40785", + filename_datetime_format="YYYY-MM-DD/hh_mm_ssZ", max_bytes=1000, max_duration="300s", ), @@ -1427,7 +1430,8 @@ def __init__(__self__, cloud_storage_config=gcp.pubsub.SubscriptionCloudStorageConfigArgs( bucket=example.name, filename_prefix="pre-", - filename_suffix="-_40785", + filename_suffix="-_79169", + filename_datetime_format="YYYY-MM-DD/hh_mm_ssZ", max_bytes=1000, max_duration="300s", avro_config=gcp.pubsub.SubscriptionCloudStorageConfigAvroConfigArgs( diff --git a/sdk/python/pulumi_gcp/sql/user.py b/sdk/python/pulumi_gcp/sql/user.py index 6fa292c183..a5e8138f30 100644 --- a/sdk/python/pulumi_gcp/sql/user.py +++ b/sdk/python/pulumi_gcp/sql/user.py @@ -407,7 +407,7 @@ def __init__(__self__, settings=gcp.sql.DatabaseInstanceSettingsArgs( tier="db-f1-micro", database_flags=[gcp.sql.DatabaseInstanceSettingsDatabaseFlagArgs( - name="cloudsql.iam_authentication", + name="cloudsql_iam_authentication", value="on", )], )) @@ -436,7 +436,7 @@ def __init__(__self__, settings=gcp.sql.DatabaseInstanceSettingsArgs( tier="db-f1-micro", database_flags=[gcp.sql.DatabaseInstanceSettingsDatabaseFlagArgs( - name="cloudsql.iam_authentication", + name="cloudsql_iam_authentication", value="on", )], )) @@ -543,7 +543,7 @@ def __init__(__self__, settings=gcp.sql.DatabaseInstanceSettingsArgs( tier="db-f1-micro", database_flags=[gcp.sql.DatabaseInstanceSettingsDatabaseFlagArgs( - name="cloudsql.iam_authentication", + name="cloudsql_iam_authentication", value="on", )], )) @@ -572,7 +572,7 @@ def __init__(__self__, settings=gcp.sql.DatabaseInstanceSettingsArgs( tier="db-f1-micro", database_flags=[gcp.sql.DatabaseInstanceSettingsDatabaseFlagArgs( - name="cloudsql.iam_authentication", + name="cloudsql_iam_authentication", value="on", )], )) diff --git a/sdk/python/pulumi_gcp/tpu/_inputs.py b/sdk/python/pulumi_gcp/tpu/_inputs.py index a21f89972b..436aa17561 100644 --- a/sdk/python/pulumi_gcp/tpu/_inputs.py +++ b/sdk/python/pulumi_gcp/tpu/_inputs.py @@ -96,7 +96,7 @@ def __init__(__self__, *, """ :param pulumi.Input[str] topology: Topology of TPU in chips. :param pulumi.Input[str] type: Type of TPU. - Possible values are: `V2`, `V3`, `V4`. + Possible values are: `V2`, `V3`, `V4`, `V5P`. """ pulumi.set(__self__, "topology", topology) pulumi.set(__self__, "type", type) @@ -118,7 +118,7 @@ def topology(self, value: pulumi.Input[str]): def type(self) -> pulumi.Input[str]: """ Type of TPU. - Possible values are: `V2`, `V3`, `V4`. + Possible values are: `V2`, `V3`, `V4`, `V5P`. """ return pulumi.get(self, "type") diff --git a/sdk/python/pulumi_gcp/tpu/outputs.py b/sdk/python/pulumi_gcp/tpu/outputs.py index ce78c14622..8ae637d72f 100644 --- a/sdk/python/pulumi_gcp/tpu/outputs.py +++ b/sdk/python/pulumi_gcp/tpu/outputs.py @@ -102,7 +102,7 @@ def __init__(__self__, *, """ :param str topology: Topology of TPU in chips. :param str type: Type of TPU. - Possible values are: `V2`, `V3`, `V4`. + Possible values are: `V2`, `V3`, `V4`, `V5P`. """ pulumi.set(__self__, "topology", topology) pulumi.set(__self__, "type", type) @@ -120,7 +120,7 @@ def topology(self) -> str: def type(self) -> str: """ Type of TPU. - Possible values are: `V2`, `V3`, `V4`. + Possible values are: `V2`, `V3`, `V4`, `V5P`. """ return pulumi.get(self, "type") diff --git a/upstream b/upstream index 66899fcd08..b1f2b4556e 160000 --- a/upstream +++ b/upstream @@ -1 +1 @@ -Subproject commit 66899fcd088f0aac6b07640ede2da949eda8ab47 +Subproject commit b1f2b4556eb2dfa29ceb70590acb348c229538c1